b953424aec
fixing to move without output_location ( #770 )
2022-08-07 09:00:27 +02:00
bfefaf627e
refactor teams, fix #750 ( #766 )
2022-08-03 16:34:09 +02:00
7f1a523866
FIX: Missing value to format principalSet ( #759 )
2022-07-27 08:18:27 +02:00
0d9fac316a
FAST: Resman: Update billing.tf ( #721 )
...
* FAST: Resman: Update billing.tf
Add billing.costsManager to the PF SAs to allow it to create billing alerts.
* fix linting
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
2022-07-06 16:10:14 +03:00
ea7827d1ad
FAST - added missing format argument in branch-pf-dev-sa-cicd
...
In the module branch-pf-dev-sa-cicd, the calls to the "format" function were missing the argument var.automation.federated_identity_pool.
2022-07-05 11:44:33 +02:00
c66bb0e1c3
Merge branch 'master' of https://github.com/GoogleCloudPlatform/cloud-foundation-fabric into mgfeller/fast-readme-tfvars-auto
2022-06-29 15:29:43 +02:00
66c4fffd76
FAST: configuration switches for features ( #703 )
...
* example implementation of top-level switches
* data platform as a fast feature
* decouple teams and project factory
* teams disable fixes
* optional pf
* networking stage
* remove var from stage 2s, security
2022-06-28 17:33:37 +02:00
34650ae621
FAST - updated some READMEs about usage of *.auto.tfvars files
...
Updated information about using the auto generated tfvars files in the "Variable configuration" section for some stages.
Mainly about using globals.auto.tfvars.json instead of copying terraform.tfvars from bootstrap stage.
2022-06-28 11:27:21 +02:00
a09eb39a96
disable provider data source when not needed, explicitly depend on CI/CD SAs
2022-06-16 23:11:08 +02:00
a35ed1ca0f
allow using cicd service accounts in build triggers
2022-06-16 22:16:43 +02:00
da17d57863
fix tfdoc
2022-06-16 21:59:44 +02:00
2b61efb722
add project number to sgae 1 values
2022-06-16 21:57:09 +02:00
c87c645bf0
add missing try to stage 1 outputs
2022-06-16 21:56:48 +02:00
e3d91e84e4
sourcerepo and cloudbuild at 01-resman
2022-06-15 21:34:26 -05:00
2eb996d33d
sourcerepo and cloudbuild at 01-resman
2022-06-15 19:12:11 -05:00
f75c0021a1
fix #673 ( #674 )
2022-06-10 10:51:26 +02:00
44ae2671b0
CI/CD support for Source Repository and Cloud Build ( #669 )
...
* add id to outputs
* initial cloud build implementation for stage 0
* comments
* stage 0
* stage 1, untested
* add support for IAM and CB triggers to source repository module
* refactor stage 0 to use sourcerepo module
* refactor stage 1 to use sourcerepo module
* file descriptions
* fix gitlab pipeline
2022-06-08 11:34:08 +02:00
7b30aa2c12
Added "gitlab" type to 01-resman Stage
2022-04-19 11:09:33 +02:00
73a9136dc6
disable some org policies ( #631 )
2022-04-15 08:10:42 +02:00
eec0fd2fdf
FAST: allow changing tag names from variables in resman ( #628 )
2022-04-13 10:22:33 +02:00
2644627837
Remove broken link and ignore globals in fast stages
2022-04-12 21:33:03 +02:00
725f7effce
Initial MVP for CI/CD ( #608 )
...
* preliminary support for wif in stage 0
* IAM wif role
* IAM wif role TODO
* add support for external SA IAM to SA module
* add name output to SA module
* separate cicd SA
* tfdoc
* GITLAB principal (untested)
* make GCS name output static
* outputs bucket
* fix stage 1 test
* tweak outputs
* tfdoc
* move wif_pool to automation variable
* add support for top-level and repository providers
* add missing boilerplate
* fix branchless principal
* initial workflow
* symlink provider template in stages
* remove service accounts from stage 0 cicd tfvars
* add cicd interface variable to resman stage
* fix cicd variable in resman stage
* better condition on outputs_location
* fix last change
* change outputs_location type
* revert outputs_location change
* split outputs in stage 0
* update ci/cd temporary notes
* rename additive IAM resource in SA module
* split outputs in stage 1
* remove unused locals
* fix stage 1 tests
* tfdoc
* Upload action files to outputs_bucket
* Fix tests and README
* rename template, streamline outputs
* local templates and gcs output for all stage 2
* add workflows to local output files
* Use lowercase WIF providers everywhere
* Bring back suffix for workflow files
* Remove unused files
* Update READMEs
* preliminary CI/CD implementation for stage 1
* fix stage 1
* stage 1 cicd
* tfdoc
* fix tests
* readme and links for cicd and wif
* refactor wif providers
* refactor cicd for stage 1
* fix stage 1
* wif org policies
* split identity provider configuration from cicd
* add type attribute to cicd repositories
* valid cicd repositories have a workflow template
* refactor stage 01
* fix stage 01 tests
* minimal CI/CD documentation
* better check_links error reporting
* fix links
* Added Gitlab specific configurations
Set the default issuer_uri for Gitlab. Added allowed audiences to OIDC configuration.
* Fixed TF formatting in identity providers.
* Changing identity provider audience to null
Changing identity provider audience to default to null.
* add instructions for renaming workflows
* address Julio's comments
Co-authored-by: Julio Castillo <jccb@google.com>
Co-authored-by: alexmeissner <alexmeissner@google.com>
2022-04-12 08:17:27 +02:00
9bb2f91458
Fix a few import errors in FAST ( #620 )
...
* fix import errors in stage 0
* fix import errors in stage 1
2022-04-12 07:35:31 +02:00
03c871097c
Remove moved blocks
2022-03-18 10:44:44 +01:00
31bf9b98d1
Swap xpnAdmin with custom xpnServiceAdmin for service projects
2022-02-25 12:19:10 +01:00
7ca1e6af5a
FAST: Networking README.md fixes
2022-02-24 11:48:56 +01:00
1af71244f3
FAST: Resman README.md fixes
2022-02-24 11:28:13 +01:00
7d8299b837
fix tag environment binding names in fast
2022-02-21 13:28:36 +01:00
474bcbdd0e
Use tags and tag-based IAM conditions in FAST ( #553 )
...
* organization module
* folder module
* project module
* fix project binding
* environment tags
* use id instead of name for references
* environment bindings
* conditional org policy admin binding via tags
* rename pf service accounts and buckets
* update IAM docs
* kms module
* compute-vm
* fix compute-vm
* tfdoc
2022-02-20 11:26:30 +01:00
b9804d895b
re-add org policy admin role
2022-02-18 14:39:33 +01:00
21a901c1dc
assign net delegated grants by env
2022-02-18 08:38:36 +01:00
6f3aa4920a
re-remove policy admin role from dp SAs
2022-02-18 07:29:24 +01:00
04f054478d
Fix poliscy admin role
2022-02-18 00:34:51 +01:00
73c2233b9b
Small fixes to DP
2022-02-16 18:52:17 +01:00
c63ddb96f9
resman tfdoc
2022-02-16 14:15:58 +01:00
c5fa5d62e4
fix remaining issues, align variables
2022-02-16 14:12:39 +01:00
728f6485ae
remove unneeded permissions in resman
2022-02-16 12:51:12 +01:00
9c736ea337
Merge branch 'master' into lcaggioni/fast-data-platform
2022-02-16 11:47:41 +00:00
49f36157d5
Fix typo in stage1 outputs
2022-02-16 10:57:54 +01:00
4b73cc4de6
tfdoc, stages README
2022-02-16 10:14:51 +01:00
8e8378fb28
Merge branch 'master' into lcaggioni/fast-data-platform
2022-02-16 09:56:42 +01:00
0544456462
Use local for tfvar outputs
2022-02-16 09:07:07 +01:00
9015abfc80
stage 01 docs
2022-02-16 08:57:45 +01:00
9c9312c4b8
tfdoc
2022-02-16 07:53:41 +01:00
5c46d351d5
02-networking-vpn
2022-02-16 07:52:20 +01:00
7e9843d445
tfdoc for real
2022-02-16 00:48:13 +01:00
8c684124da
Merge branch 'fast/var-contracts' of github.com:GoogleCloudPlatform/cloud-foundation-fabric into fast/var-contracts
2022-02-16 00:44:24 +01:00
b50deb68a7
tfdoc
2022-02-16 00:44:14 +01:00
d3c95e5784
Merge branch 'master' into fast/var-contracts
2022-02-15 23:42:30 +00:00
cd52f7c34c
stage 01
2022-02-16 00:35:50 +01:00
Daisuke
Ludovico Magnocavallo
Agustin Ramirez
Simone Ruffilli
Michael Gfeller
Alexander Meissner
Julio Castillo
Lorenzo Caggioni