zecfoundation
/
cloud-foundation-fabric
mirror of https://github.com/ZcashFoundation/cloud-foundation-fabric.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
5,456 Commits 3 Branches 352 Tags 59 MiB
Commit Graph

18 Commits

Author SHA1 Message Date
Sudhir 3bb03c99f8
gitlab workflow fixes #2401 (#2402) 
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2024-07-01 09:42:54 +00:00
Peter Brumblay a04d63e991
Avoid unnecessary terraform plans for closed (unmerged) PRs (#2294) 
* Avoid unnecessary terraform plans for closed (unmerged) PRs

* fix: also update templates copied to avoid Windows symlink problems.

---------

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2024-05-21 13:03:07 +00:00
Julio Castillo cdf65300f0
Fix sourcerepo templates and concat call (#2019) 
* Fix sourcerepo templates and concat call

Fixes #2018

* Fix iam

* Fix another sourcerepo template
 2024-01-30 11:46:33 +01:00
Ludovico Magnocavallo 9d6e61428b
(WIP) Read-only service accounts for automation and CI/CD (#1899) 
* add design doc for the new CI/CD sa

* describe the actual implementation

* specify which files will need to be changed

* Update 0-cicd-plan-sa.md

* Update 0-cicd-plan-sa.md

* Update 0-cicd-plan-sa.md

* Update 0-cicd-plan-sa.md

* Update 0-cicd-plan-sa.md

* Update 0-cicd-plan-sa.md

* Update 0-cicd-plan-sa.md

* Fix typo

* stage 0 read-only service accounts

* stage 0 IAM map

* linting

* cicd read-only service accounts

* tweak workflow templates

* roles and github workflow fixes

* tfdoc

* Ad-hoc custom role factory for FAST bootstrap

* use factory variable for custom roles data path

* custom roles factory in org/project modules

* tfdoc

* rename custom roles factory variable, fix gitlab template

* gitlab workflow fixes

* fix merge

* output plan results on failed assertion

* update stage 0 expected values

* data platform branch

* gke

* networking

* security

* project factory

* outputs

* workflow templates

* resman apply fixes

* tfdoc

* fix stage 1 test fixture

* fix gh workflow

* read-only resman sa roles

* fix test

* read-only resman sa roles

* read-only resman sa roles

* read-only resman sa roles

* read-only resman sa roles

* fix test variables

* rename wif principal attribute names

* rename wif principal variables

* multitenant stages

---------

Co-authored-by: Wiktor Niesiobędzki <wiktorn@google.com>
Co-authored-by: Julio Castillo <jccb@google.com>
 2023-12-27 11:33:16 +00:00
Simone Ruffilli 6d89b88149
versions.tf maintenance + copyright notice bump (#1782) 
* Bump copyright notice to 2023

* Delete versions.tf on blueprints

* Pin provider to major version 5

* Remove comment

* Fix lint

* fix bq-ml blueprint readme

---------

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
Co-authored-by: Julio Castillo <jccb@google.com>
 2023-10-20 18:17:47 +02:00
Ludovico Magnocavallo 2423fd40c1
Fix FAST CI/CD for Gitlab (#1593) 
* fix cicd (multitenant untested)

* tfdoc

* rename allowed_audiences to audiences, align multitenant
 2023-08-15 12:59:31 +02:00
Keith Harvey a68a3b55cb
Bump TF version in all workflow templates to coincide with module requirements (#1445) 
* Resman - bump GH TF version to coincide with module requirements (#1)

Bootstrap was bumped in #1414

* Bump TF version in all workflow files

* bump TF version in missed workflow file
 2023-06-16 07:39:28 +00:00
Ludovico Magnocavallo ad483e34c8
FAST: fixes to GitHub workflow and 02/net outputs (#976) 
* fix gh workflow

* short PR message

* streamline workflow

* fix net outputs
 2022-11-15 08:48:32 +01:00
Ludovico Magnocavallo eb27635221
FAST: improve GitHub workflow, stage 01 output fixes (#966) 
* fix outputs on null output files variable

* improve GH workflow

* bring back apply status

* fix heading level

* add missing try, update IAM md files
 2022-11-11 07:55:57 +00:00
Ludovico Magnocavallo dff7b69250
FAST: bootstrap and extra stage CI/CD improvements and fixes (#956) 
* add clone commands output

* always create secret key for repos, fix module source

* optional modules ref

* tfdoc

* create secrets in the right repositories

* add publick key to modules repository

* bump Terraform version in CI templates

* add template to populated files

* tfdoc

* do not error out writing ci/cd workflows when output files are disabled

* update README

* fix apply file outputs when outputs_location is changed to null
 2022-11-08 09:38:15 +01:00
Catalin Muresan c54103cb9a Fix workflow-gitlab.yaml template rendering 2022-09-22 13:06:36 +01:00
Ludovico Magnocavallo 6253df72c9
working (#807) 2022-09-12 07:26:48 +02:00
Michael Gfeller df9bdc2fb0
FAST - trigger GitHub workflow also on PR synchronize event (#702) 
Add synchronize to the pull_request trigger so that the workflow is also run when the source branch is updated.
 2022-06-27 10:13:41 +02:00
Taneli Leppä c3fdc62ff2 Allow creating repositories in Gitlab via Terraform. 2022-06-21 15:12:03 +02:00
Ludovico Magnocavallo 44ae2671b0
CI/CD support for Source Repository and Cloud Build (#669) 
* add id to outputs

* initial cloud build implementation for stage 0

* comments

* stage 0

* stage 1, untested

* add support for IAM and CB triggers to source repository module

* refactor stage 0 to use sourcerepo module

* refactor stage 1 to use sourcerepo module

* file descriptions

* fix gitlab pipeline
 2022-06-08 11:34:08 +02:00
alexmeissner 6df4fc1cff Added Gitlab CI Template 
- Added Gitlab CI Template
- Changed Identify Provider settings
- Fixed incorrect outputs
- Enabled Gitlab
 2022-04-14 18:23:22 +02:00
Ludovico Magnocavallo 725f7effce
Initial MVP for CI/CD (#608) 
* preliminary support for wif in stage 0

* IAM wif role

* IAM wif role TODO

* add support for external SA IAM to SA module

* add name output to SA module

* separate cicd SA

* tfdoc

* GITLAB principal (untested)

* make GCS name output static

* outputs bucket

* fix stage 1 test

* tweak outputs

* tfdoc

* move wif_pool to automation variable

* add support for top-level and repository providers

* add missing boilerplate

* fix branchless principal

* initial workflow

* symlink provider template in stages

* remove service accounts from stage 0 cicd tfvars

* add cicd interface variable to resman stage

* fix cicd variable in resman stage

* better condition on outputs_location

* fix last change

* change outputs_location type

* revert outputs_location change

* split outputs in stage 0

* update ci/cd temporary notes

* rename additive IAM resource in SA module

* split outputs in stage 1

* remove unused locals

* fix stage 1 tests

* tfdoc

* Upload action files to outputs_bucket

* Fix tests and README

* rename template, streamline outputs

* local templates and gcs output for all stage 2

* add workflows to local output files

* Use lowercase WIF providers everywhere

* Bring back suffix for workflow files

* Remove unused files

* Update READMEs

* preliminary CI/CD implementation for stage 1

* fix stage 1

* stage 1 cicd

* tfdoc

* fix tests

* readme and links for cicd and wif

* refactor wif providers

* refactor cicd for stage 1

* fix stage 1

* wif org policies

* split identity provider configuration from cicd

* add type attribute to cicd repositories

* valid cicd repositories have a workflow template

* refactor stage 01

* fix stage 01 tests

* minimal CI/CD documentation

* better check_links error reporting

* fix links

* Added Gitlab specific configurations

Set the default issuer_uri for Gitlab. Added allowed audiences to OIDC configuration.

* Fixed TF formatting in identity providers.

* Changing identity provider audience to null

Changing identity provider audience to default to null.

* add instructions for renaming workflows

* address Julio's comments

Co-authored-by: Julio Castillo <jccb@google.com>
Co-authored-by: alexmeissner <alexmeissner@google.com>
 2022-04-12 08:17:27 +02:00
Ludovico Magnocavallo e866db2c88 Merge Fabric FAST (#435) 
Co-authored-by: Simone Ruffilli <sruffilli@google.com>
Co-authored-by: Julio Castillo <jccb@google.com>
 2022-01-19 14:19:39 +01:00