This commit fixes#1064 by allowing to add more than one column family. Split
keys are also now optional, and there is no possibility to set defaults for all
tables (since keys and column families are related to the data and schema for
each table, it is difficult that several tables share the same values).
Also, declaring a table with no split keys nor column families requires
initializing the table to an empty map, instead of using null.
* Fix non-empty plan when spot instances are used
* Add cluster_id and recommend its use, as this prevents inconsitencies
when only cluster is recreated (with no changes on node pool)
* net-ilb-l7 use both neg types in backends
* run example tests on cloud-config-container modules
* streamline nginx-tls cos module
* add tests for cos modules
* tfdoc
* onprem needs fixing, links
* disable test
* test
* added reverse lookup feature to module dns
* corrected readme example passed tfdoc and tests
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
Fixed the Node Configuration for Apigee PAYG
specific Environments.
Removed current_aggregate_node_count as it
is a read-only field and cannot be taken
as an input for the Apigee Environment Terraform
resource.
Changes committed:
modified: blueprints/cloud-operations/apigee/README.md
modified: blueprints/cloud-operations/apigee/variables.tf
modified: modules/apigee/README.md
modified: modules/apigee/main.tf
modified: modules/apigee/variables.tf
modified: tests/blueprints/cloud_operations/apigee/fixture/variables.tf
modified: tests/modules/apigee/fixture/variables.tf
Pubsub topics can now have
schemas (https://cloud.google.com/pubsub/docs/admin#schemas). This PR adds an
option to set the schema settings and create a new optional resource of type
`google_pubsub_schema` attached to the `google_pubsub_topic`.
* add `trigger_config_v2` for v2 functions
* add optional for objects in variables.tf
* make examples in README runnable
* add example for Cloud Function v2
* add exapmle for trigger for Cloud Function v2
* remove optional variables from examples with `null` value
* module and module tests/examples
* align blueprints and fast
* fix null ranges
* make ports optional
* tfdoc
* make rules optional defaulting to all protocols
* review comments
* last round of comments
* invert precedence of template variables
* add option to disable all default rules
* add option to disable all default rules
* split egress/ingress
* tests
* fix tests
* aling documentation, move glb blueprint
* modules README, sort modules
* reorder modules
* fix bp links
* fix moved blueprint test
* use a single cloud shell image in the repo
The cloud-init runcmd had a race condition where the script could run before the network interfaces were ready.
Changed the script to a systemd unit and added a dependency on network ready.
* added support 2nd generation cloud function
* changed function_version to a simple boolean v2
removed memory_2ndGen
* will use the var.v2 to add the invoker role
* removed the list uisng compact and formated the code
* formated the code and added conditional feature
* formated the code
* added formating
* resolved the merge conflict
* Update readme
* Create local function object
* added secret_volumes
and secret_environment_variables for CF V2
Co-authored-by: Julio Castillo <jccb@google.com>
* first shot, untested
* example tests working
* module tests
* work on gke blueprints
* multitenant fleet doc examples
* fix gke hub doc examples
* blueprint tests
* move master range to vpc config
* fast stage 3 gke test
* tfdoc
* bump provider versions
* and bump provider again to latest
* Instance.ip_range cannot take Support CIDR
Current docs are incorrect. It is not possible to specify the Support range.
See https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.instances#Instance
> ipRange
> string
> Optional. IP range represents the customer-provided CIDR block of length 22 that will be used for the Apigee instance creation. This optional range, if provided, should be freely available as part of larger named range the customer has allocated to the Service Networking peering. If this is not provided, Apigee will automatically request for any available /22 CIDR block from Service Networking. The customer should use this CIDR block for configuring their firewall needs to allow traffic from Apigee. Input format: "a.b.c.d/22", Output format: a.b.c.d/22, e.f.g.h/28"
* tfdoc
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* feat: add support to a public access to cloudsql-instance
* doc: update cloudsql-instance doc changing the ipv4_enabled parameter description
* test: fix assertion test to ipv4_enabled
* add id to outputs
* initial cloud build implementation for stage 0
* comments
* stage 0
* stage 1, untested
* add support for IAM and CB triggers to source repository module
* refactor stage 0 to use sourcerepo module
* refactor stage 1 to use sourcerepo module
* file descriptions
* fix gitlab pipeline
* fix IAM in examples
* WIP
* fix service identities IAM example
* design principles
* toc anchors
* fix ordering
* style guide
* checks
* example tests
* tests and tools
* fix project example test
* address typos
* address comments
* address last comments
* Update variables.tf
When backup is not enabled, if location is set to a null value (i.e."EU"), each time you do `terraform apply` it will detect a configuration change (+ location = "EU"). Setting this variable to null fixes the issue.
* Update README.md
* Use uniform access on Cloud Functions buckets.
* Add ALLOW_INTERNAL_AND_GCLB as allowed ingress_settings.
* Enable versiniong if there is lifecycle rule
* Remove only non-current version of objects
* Update README
Some variables that no longer exist. Table format is broken for view/table access.
* Remove floating role
* Fix README.md
* Fix tfdoc
* Fix tfdoc
Co-authored-by: Julio Castillo <jccb@google.com>
Co-authored-by: lcaggio <lorenzo.caggioni@gmail.com>
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* Add IAM at tag level
* Fix README
* Readable variable names.
* Single tag variable.
* Fix README.
* Add Tags nullable condition.
* Update role in the example.
* GKE Hub initial PR commit
* variable management adjust
* comments, fixes and alphabetically ordered variables
* Update README.md
* Update README.md
* Update README.md
* fix test
* resources vs modules
still needs some love
* remove modules usage
* comments, readme update and output
* adjusting outputs and README
* fix README.md
* fix README
* adjusted based on comments
still need some love in the google_gke_hub_feature_membership variables management
* types and variable management
* optionally enable required api
* Update README.md
* reorder locals and use standard formatting
* Don't enable services from modules
* Use self links for member clusters
* Update readme
* members_clusters back to map
@juliocc let's talk about this cause we saw it together in our call and if I change it to a list than the other resources are not going to work, they need location there too.
* Forcing null feature to false due to a bug in provider
If a block is set to null the provider will crash with a "panic: interface conversion: interface {} is nil, not map[string]interface {}" a PR will follow
* Readme update
* Readme.md update
* Update README.md
* bring back tolist, WIP
* Update main.tf
* Readme.md update
* Update README.md
* Update main.tf
* Update main.tf
* Add id and self_links output to gke-cluster
* Use try and make all member feature blocks dynamic/optional
* Change member clusters to map
* Add gke-hub tests
* Address PR comments
* Update gke-hub readme
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
Co-authored-by: Julio Castillo <jccb@google.com>
* Networking with peering - initial commit
* README and tests
* Linter fixes
* Linter fixes
* Linter fixes
* Update README.md
* split out vpn/peering in separate files so the rest is identical
* fix dns for vpn and peering
* update tfdoc to support multiple outputs/variables files
* add peering variables
* update tfdoc for modules
* make it easier to spot errored docs
* fix doc
* yapf
* fix permadiff in firewall module source ranges
* FAST: Networking: DNS Fixes
* FAST: ability to toggle on-prem vpn creation
* FAST: fix outputs
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* added iot-core module folder
* modified iot core readme file
* added initial version of the IoT Platform terraform files
* añadido detalles en README
* Update README.md
fix markup issue
* Update README.md
modified input/output
* deleted provider from main and module services
* pub_sub topic ids used in the registry instead of creating new ones
* variable extra_telemetry_pub_sub_topic_ids modified as default
* included data platform integration use case in the doc
* devices config moved to yaml file
* included example to create device certificates
* added HCL and #tftest to README. Moved project/region to variables
* solved bug with no optional variables for extra topics or devices yaml
* solved bug with no optional variables for extra topics or devices yaml
* added example to send MQTT telemetry to IoT Platform
* modified doc on Data Platform integration
* included diagram
* added Registry / Device creation default configuration into variables. Deleted exammple devices yaml file. Corrected module source path
* solved comments in PR
* applied terraform fmt
* solved bug in boolean (bool) variable
* updated variables in doc
* updated output variable name
* updated #tftest:skip on examples as using yaml input makes resources number variable
* Update README.md
modified input/output
* pub_sub topic ids used in the registry instead of creating new ones
* variable extra_telemetry_pub_sub_topic_ids modified as default
* included data platform integration use case in the doc
* devices config moved to yaml file
* included example to create device certificates
* added HCL and #tftest to README. Moved project/region to variables
* solved bug with no optional variables for extra topics or devices yaml
* solved bug with no optional variables for extra topics or devices yaml
* added example to send MQTT telemetry to IoT Platform
* modified doc on Data Platform integration
* included diagram
* added Registry / Device creation default configuration into variables. Deleted exammple devices yaml file. Corrected module source path
* solved comments in PR
* applied terraform fmt
* solved bug in boolean (bool) variable
* updated variables in doc
* Updated diagram and documentation for decentralized firewall.
* Fixed error with VPC connector. Count was referring to resource attributes that weren't known until after the configuration was applied
* Added Cloud Foundation Fabric logos. (#363)
* Create README.md
* Add logo to readme file
* exclusions for audit in locals in logging_sinks.audit-logs now
* style fix (whitespaces)
* Added dynamic block for dns_cache_config
* Fixed boolean variable condition
* Adding Apigee Environments as output for apigee-organization module
* small var conditional fix
* Added GKE pubsub notifications
* Default creation false
* Updated variable default value
* removed extra lines
* defaulted to false and conditional output
* depend log sinks from IAM roles, fixes#371
* Update README.md
* [#374] Add taint when Windows node pools are created to match the one GKE implicitly adds
* Update README.md
Fixes out of date link on the module usage example
* Update README.md - fixed broken link
* Added subnet id and self_link to outputs (#377)
Adjusted module outputs so that it's easier to consume them when using the factory in a larger codebase.
* net-vpc module: added subnet mini-factory
* Update README.md
* Code cleanup
* Adds support for IAM per-subnet IAM bindings via factory
* Gracefully handle a null secondary_ip_range
* Updated README.md. Added tests.
* Added license boilerplate to subnet yaml data in tests
* Update README.md
* Update README.md
* Removed dead code
* net-vpc-firewall mini rules-factory
* Paying tributes to the linting gods
* Fixed small bug on locals
* Tests for net-vpc-firewall module
* Update CHANGELOG.md
* refactor locals (#382)
* Add support for partitioned tables on Organization sinks (#380)
* Add support for partioned tables on Organization sinks
* Update changelog
* Fix lint
* Fix lint
* Use simple bool instead of block
* fix README
* Fix Readme
* Rename variable
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* Improve PSN support in net-vpc module (#384)
* improve PSN support
* fix variable order
* fix example test
* fix cloudsql example
* Update CHANGELOG.md
* Update CHANGELOG.md
* Update CHANGELOG.md
* Remove location from local.prefix
* Organization module refactor, in-module firewall policy factory for organization and folder (#385)
* move iam and logging to separate files, minimal refactoring
* update README
* fix example
* factory
* tfdoc
* boilerplate
* remove data_folder variable
* tfdoc
* fix default factory name
* add firewall policy to folder module
* add factory example
* Update CHANGELOG.md
* Fix VPC-SC module, add example (#387)
* Update CONTRIBUTING.md
Suggest change of wording related to `terraform format`: should be done from the top, recursively, and after `pytest` step, because fixtures are also going to be checked for linting during PR.
* Add target_node and minor fixes (#389)
* Add separate BQ tables per asset type
* Add missing BQ location
* Add missing CF region
* Change Scheduler job to non-generic
* Add target_node, pass tests
* Do tfdoc.py
* Do terraform fmt
* Do terraform fmt -recursive for tests' fixtures
* Fix typo in test's variables
* Added support for Stateful Managed Instance Groups (#367)
* First iteration updates
* All tests passing
* Updated README and var descriptions
* Updated README
* Updated example README
* Consolidated stateful vars
* consolidated stateful vars
* Updated README
* Requested changes to try
* Fixed README examples and try
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* SA key uploading and credentials json generation with terraform.
* Fix typo in the SA module readme
* TF fmt
* Update iam-sa docs
* Finalize onprem-sa-ket-mgmt example
* Add basic test for onprem-sa-mgmt example
* Refactoring
* Reorder variables
* Rewording, fix typos
* Bump tftest version
Bump tftest version to 1.6.1 and ensure test runners can update
providers if needed and available.
* Add bq_table_overwrite handling
* Add optional BQ table as a file export config
* Add getattr() to retrieve attribute from format
* Add roles/bigquery.jobUser for CF
* Update test_plan and README
* Change README, add diagram ( gcpdraw a6e4ec4f-7d6c-4796-b63e-ee4ce7b1792f )
* Change README to two diagrams
* Add count to toggle optional modules
* Change README
* Resolve order of variables test
* Linux sysctls configuration and Kubelet config (#388)
* Linux sysctls configuration and Kubelet config
* Fix terraform linting issues
* Updated README.md
* Updated Kubelet config object type
* Update readme
Co-authored-by: Sergio Tejón <stejon@freepik.com>
Co-authored-by: Julio Castillo <jccb@google.com>
* net-address: Added support for PSA ranges
* Update outputs.tf
* Fixes typo
* Resolved merge conflict
* Update CHANGELOG.md
* Add metric scopes support (#397)
* Add metric scopes support
* Fix typo
* new tfdoc block in README
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* fix tfdoc replacement (#398)
* Update CHANGELOG.md
* Ludo hfw fixes (#400)
* fix tfdoc replacement
* ignore changes to rule description
* add folder example, fixes#339
* Update CHANGELOG.md
* Fix ignore changes for hfw rules (#401)
* fix tfdoc replacement
* ignore changes to rule description
* add folder example, fixes#339
* fix ignore changes in org and folder module
* Update CHANGELOG.md
* update documentation check
* backport tfdoc and check doc fixes
* Re-run pydoc
* Redo pydoc + local linting checks
* update tfdoc (#404)
* Org/Folder: Allow for policy association when using rule factory (#405)
* Org/Folder: Allow for policy association when using rule factory
* Fix linting issue
* Update hierarchical firewall resource
This replaces all the `google_compute_organization_security_*`
resources with the newer `google_compute_firewall_*` resources.
* Fix typo.
* Update CHANGELOG.md
* Typo fix
* New vpc-sc module implementation (#406)
* first implementation
* minimal output
* split service perimeters in regular and bridge
* tests and fixes
* new vpc-sc implementation
* remove providers file used for testing
* remove provider used during development
* Update CHANGELOG.md
* Update CHANGELOG.md
* Update README.md
* fix cases where bridge perimeter status resources are null (#408)
* Update CHANGELOG.md
* Copyright bump (#410)
* remove lifecycle block from vpc sc perimeters (#412)
* Update CHANGELOG.md
* Update CHANGELOG.md
* Interpolate access levels by key in vpc sc module (#414)
* interpolate access levels by key
* fix access level reference
* fix num resources in last README test
* Update CHANGELOG.md
* fix ingress policies in vpc sc module
* disable device policy support in vpc-sc module
* depend bridge from regular perimeters in vpc sc module
* Update CONTRIBUTING.md
* add versions to vpc-sc module
* Update CONTRIBUTING.md
* updated output variable name
* updated #tftest:skip on examples as using yaml input makes resources number variable
* changed pub_sub to pubsub
* unified protocol input variable
* changed extra_telemetry_pubsub_topic_ids variable type to: map
* solved issue in README.md
* grouped device configuration variables
* device config is now done individually per each device in the yaml file
* changes on device config yaml processing: 1 single yaml directory, use try() while parsing, example identation corrected
* updated headers to 2022
* removed get-pip.py
* Add ip_range variable for apigee-x-instance module
* Add variable definition and validation for ip_range
* Update the validation rule for ip_range variable
* Updated modules README to include details around module versioning and how to best use the modules
* Update README.md
Co-authored-by: apichick <apichick@google.com>
Co-authored-by: Ludovico Magnocavallo <ludo@qix.it>
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>