zecfoundation
/
cloud-foundation-fabric
mirror of https://github.com/ZcashFoundation/cloud-foundation-fabric.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
5,417 Commits 3 Branches 352 Tags 59 MiB
Commit Graph

958 Commits

Author SHA1 Message Date
Wiktor Niesiobędzki 4d51d33921 Use var.vpc_config.subnetwork in NEGs when var.neg_config.*.subnetwork is not provided 2024-06-10 16:57:12 +02:00
Ludovico Magnocavallo e3809e6735
Add main project factory service account (#2353) 
* add main project factory service account

* add main project factory service account
 2024-06-10 12:23:30 +02:00
Ludovico Magnocavallo b13b6032d3
Remove support for source repositories from FAST CI/CD (#2352) 
* stage 0

* stage 1

* stage 1 mt

* remove unused locals from resman

* remove unused locals from resman

* tfdoc
 2024-06-10 09:02:55 +00:00
Ludovico Magnocavallo 41e583ffc9
add network tags outputs and examples to project module (#2350) 2024-06-09 07:52:15 +02:00
simonebruzzechesse 1969b02ed8
Alloydb add support for psc (#2341) 
* alloydb add support for psc
* add tag binding support

Co-authored-by: Wiktor Niesiobędzki <wiktorn@google.com>
 2024-06-05 13:39:03 +02:00
Julio Castillo ef7083799c
Update PGA domains (#2330) 
* Update PGA domains

* Fix tests
 2024-05-31 10:53:50 +00:00
Simone Ruffilli 4901b4aee8
FAST: Enable networkconnectivity when using NCC-RA in 2-b (#2329) 2024-05-31 08:22:24 +00:00
Luca Prete eb5754e475
[FAST] Rename stage 2-networking-d-separate-envs to 2-netwroking-c-separate-envs (#2328) 
Co-authored-by: Luca Prete <lucaprete@google.com>
 2024-05-31 09:09:31 +03:00
Wiktor Niesiobędzki f8f18734f1
Add pre-commit hook configuration (#2326) 
* Pre-commit config

Run following linters on commit:
Terraform:
- terraform fmt
- terraform tflint

Python specific:
- yapf

Shell scripts
- shellcheck
- shfmt

YAML files:
- yamllint (disabled as of now)
- check-yaml

Other:
- end-of-file-fixer
- trailing-whitespace fixer

Fabric specific
- tools/tfdoc.py
- tools/check_boilerplate.py

* linting fixes

* Fix boilerplate check
 2024-05-30 19:35:09 +02:00
simonebruzzechesse 941a35ab69
Fixed e2e tests for alloydb module (#2321) 
* fixed e2e tests for alloydb module
 2024-05-30 11:41:15 +02:00
Wiktor Niesiobędzki d1ec3b0499
Fixes for Alloydb E2E tests (#2312) 
* Fixes for Alloydb E2E tests

* too long project name in Sipmle example resulted in:
```
Error: "***-alloydb-prj" name must be 4 to 30 characters with lowercase and uppercase letters, numbers, hyphen, single-quote, double-quote, space, and exclamation point.
```

* using self_link resulted in:
```
Error: Error creating Cluster: googleapi: Error 499: malformed network path: "https://www.googleapis.com/compute/v1/projects/***/global/networks/e2e-test"
```

* Cross region replication stil fails with:
```
│ Error: Error creating cluster. Can not create secondary cluster without secondary_config field.
│
│   with module.alloydb.google_alloydb_cluster.secondary[0],
│   on /usr/local/google/home/wiktorn/git/cloud-foundation-fabric/modules/alloydb/main.tf line 199, in resource "google_alloydb_cluster" "secondary":
│  199: resource "google_alloydb_cluster" "secondary" {
```

* Fix tests

---------

Co-authored-by: Julio Castillo <jccb@google.com>
 2024-05-29 14:46:15 +00:00
Simone Ruffilli 532f1ecfc4
Merge FAST C and E network stages into a new B stage. (#2309) 
Merge FAST C and E network stages into a new B stage.
 2024-05-28 17:27:28 +02:00
dibaskar-google 3d668170e5
Secret manager e2etests (#2280) 
secret-manager e2e tests
 2024-05-28 09:28:08 +02:00
Wiktor Niesiobędzki 439e9a1af9 Internet NEG for net-lb-proxy-int 2024-05-24 12:56:28 +02:00
Ludovico Magnocavallo dc686c3a84
Remove default location from gcs module (#2303) 
* gcs module

* blueprints/apigee/bigquery-analytics

* tfdoc

* pubsub README md syntax
 2024-05-24 07:02:33 +00:00
Wiktor Niesiobędzki af814505be
Add AlloyDB service for e2e tests harness (#2302) 2024-05-23 11:44:40 +02:00
Ludovico Magnocavallo 980011806c
fix permadiff in cloud nat module (#2301) 2024-05-23 08:38:03 +02:00
Ludovico Magnocavallo ef5178c929
add support for shared vpc host to project factory (#2300) 2024-05-22 07:56:34 +00:00
simonebruzzechesse 1e149c18fc
New alloydb module (#2285) 
* add alloydb module

---------

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2024-05-22 09:40:25 +02:00
Ludovico Magnocavallo be9214f99a
add support for tenant factory CI/CD (#2297) 2024-05-21 10:39:47 +02:00
Wiktor Niesiobędzki 1ecd637932
Internet NEG for net-lb-app-int (#2293) 
Internet NEG for net-lb-app-int
 2024-05-20 21:12:39 +02:00
simonebruzzechesse 79af34b69e
Add wif permissions to bootstrap tf SA (#2290) 
* add wif permissions to bootstrap tf SA
 2024-05-20 18:15:23 +02:00
Simone Ruffilli 21f3b733ab
FAST: Cleanup/harmonization of Simple and NVA net stages (#2287) 
Cleanup/harmonization of Simple and NVA net stages
 2024-05-16 16:49:15 +03:00
Simone Ruffilli 887c7e7926
Unify VPN and Peering FAST stages (#2284) 
* Unify VPN and Peering FAST stages
 2024-05-16 12:18:32 +03:00
Ludovico Magnocavallo 7a5dd4e6db
FAST: add top-level folders and restructure teams/tenants in resman (#2254) 
* remove teams and tenants from resman

* move fast features to stage 1, fix test inventories

* folders

* fix factory, add top level folder resources to outputs

* tfdoc

* stage 0 log sink defs

* tfdoc

* enable toc in resman readme

* simple tenants

* fast compatibility automation and logging

* testing fast-compatible tenants

* testing fast-compatible tenants

* tfdoc

* remove mt stages

* remove tests, fix links

* disable tflint

* fast tests

* make organization conditional in resman

* check names tool

* export real prefix to tfvars, prevent destroy errors

* prefix validation

* fix billing account export format

* tfdoc

* root node folder

* resman changes

* tenant resman roles

* first apply of tenant resman

* tenant log sinks in stage 1

* fix test vars

* tfdoc

* tenant vpc-sc access policy

* fix tests expected values

* tenant CI/CD

* identity providers

* wif

* tfdoc

* add comments to identity locals

* full-feature tenant resman apply

* tenant billing IAM

* stage test

* fix CI/CD comments

* tenant net stage verified

* tenant sec stage verified

* fix test

* README work

* tfdoc

* README

* README rewording

* README rewording

* tfdoc

* FAST excalidraw

* review comments

* diagram review changes

* add iam log sink for tenants

* remove redundant try from security stage

* Implement tflint-fast in Python driven by tftest.yaml files

* tflint

* test ci changes

* revert linting changes

* disable tflint for fast

* Create junit-style report for FAST tflint

* Remove junit-reporter

* YAPF tflint-fast.py

* Output tflint FAST to job summary

* Step summary

* Disable step_summary as output is not useful

* ignore tflint warning

* re-enable tflint on FAST

---------

Co-authored-by: Wiktor Niesiobędzki <wiktorn@google.com>
 2024-05-15 09:17:13 +00:00
Simone Ruffilli d3ffcc2b1c
Disable reserved_internal_range in net-vpc due to provider bug (#2282) 2024-05-15 05:46:18 +00:00
Simone Ruffilli 9a26fe8635
Add support for reserved_internal_range in net-vpc (#2275) 
Adds support for reserved_internal_range to net-vpc
 2024-05-14 22:19:45 +03:00
Ludovico Magnocavallo e4941c27f2
Implement the full IAM interface for tags (#2269) 
* IAM authoritative bindings in org module

* remove extra newline

* organization module

* project module

* tfdoc
 2024-05-13 20:18:51 +02:00
Wiktor Niesiobędzki af253c9702
Fix 0-bootstrap iam_by_principals not taking into account all principals (#2267) 
* Fix 0-bootstrap iam_by_principals not taking into account all principals
* Add test-case for iam_by_principals for 0-bootstrap stage

---------

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2024-05-12 21:02:04 +02:00
Wiktor Niesiobędzki 6a3c7fe444
CloudSQL PSC Endpoints support (#2242) 
* Add PSC endpoints consumers to net-address
* Cloud SQL E2E tests
 2024-05-12 12:00:39 +02:00
Julio Castillo d838c4ac47
Make Simple NVA route IAP traffic through NIC 0 (#2262) 2024-05-09 18:29:25 +02:00
Julio Castillo c58850c096
Add Hybrid NAT support (#2261) 
* Updates to support hybid NAT

* Fix readme

* Fix variable order
 2024-05-09 13:24:41 +00:00
Ludovico Magnocavallo c9503d5ac5
Remove data source from folder module (#2260) 
* remove data source from folder module

* fix fast tfdoc

* fix locals type error

* fix folder test

* fix fast test
 2024-05-09 13:09:54 +00:00
Julio Castillo 94c32c1d71
Misc FAST fixes (#2253) 
* Misc FAST fixes

* Fix readme

* Fix FAST nva bgp tests
 2024-05-02 06:56:26 +00:00
Ludovico Magnocavallo 27a055a9cb
fix factory ingress policies (#2251) 2024-05-01 18:50:30 +02:00
apichick be966c4f32
Fixed issue with service networking DNS peering (#2246) 
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2024-04-28 20:18:02 +00:00
apichick ab174274de
Added new attributes Apigee organization and bumped up providers version (#2243) 2024-04-28 17:31:42 +02:00
Wiktor Niesiobędzki d831d32864 Use default labels on pubsub subscription when no override is provided 2024-04-27 09:22:41 +02:00
Julio Castillo 99129d54a3
Update FAST logging (#2235) 
* Update FAST logging

* Fix readme

* Fix tests
 2024-04-25 08:31:51 +02:00
Ludovico Magnocavallo 309792c559
Refactor vpc-sc support in project module, add support for dry run (#2229) 2024-04-22 09:28:01 +02:00
Wiktor Niesiobędzki 024d3255e6
Generalization of tflint call for FAST stages (#2225) 
* Generalization of tflint call for FAST

* Fix tfvars path

* Fix tfvars path - depending where the file is

* Fix regex

* Reeanble linting

* Align test directory to stage name

* Align all fast stages to use tftest
 2024-04-18 21:04:24 +02:00
Julio Castillo 3af7e257d2
Add tflint to pipelines (#2220) 
* Fix terraform_deprecated_index

https://github.com/terraform-linters/tflint-ruleset-terraform/blob/v0.5.0/docs/rules/terraform_deprecated_index.md

* Fix terraform_deprecated_interpolation

Reference: https://github.com/terraform-linters/tflint-ruleset-terraform/blob/v0.5.0/docs/rules/terraform_deprecated_interpolation.md

* Fix more indexing

* Remove unused variable

* Enable TFLint for modules

* Add tflint config file

* Fix chdir

* Lint modules

* TFLint fixes

* TFLint

* Fixes binauthz README

* Fixes DNS response policy tests. Restores MIG outputs.

* Fixes other DNS response policy tests.

* Update tests for fast 2-e

* Moar fixed tests

---------

Co-authored-by: Simone Ruffilli <sruffilli@google.com>
 2024-04-17 10:23:48 +02:00
Ludovico Magnocavallo 9414779cc2
Allow multiple PSA service providers in net-vpc module (#2218) 
* allowing multiple PSA service providers in net-vpc module

* tfdoc

* tfdoc

* Add tfvars/yaml tests

* fix module and tests

* re-enable inventory

* merge fix

* Add multiple PSA test case

* fix cloudsql example

---------

Co-authored-by: Wiktor Niesiobędzki <wiktorn@google.com>
 2024-04-16 15:02:36 +00:00
Ludovico Magnocavallo 198d90c6fc
Remove data source from net-vpc module (#2216) 
* remove data source from net-vpc module

* fix test inventories

* remove data source, fix fast inventories
 2024-04-16 14:11:12 +03:00
Julio Castillo a74a106f8b
Add new org policies to FAST (#2215) 
* Add new org policies to FAST

* Fix tests
 2024-04-15 15:29:24 +02:00
Ludovico Magnocavallo fbc7e891db
Net LB App Internal Cross-Region recipe (#2214) 
* reorder tfdoc methods

* add support for recipes to tfdoc

* fix repo url in tfdoc

* update module README

* validated untested recipe

* validated untested refactored recipe

* add optional proxy subnet creation, outputs, fixes

* tested

* tfdoc fix

* fix README

* exclude examples from test collector
 2024-04-14 19:38:05 +03:00
Ludovico Magnocavallo 3138eb9025
add support for tags to GCS module (#2213) 2024-04-11 13:19:05 +00:00
Wiktor Niesiobędzki bca5901691 Fix project outputs inventory 2024-04-11 11:51:19 +02:00
Wiktor Niesiobędzki a236222a93 Add project quotas factory 2024-04-11 11:51:19 +02:00
Simone Ruffilli 7833203d87
Add support for GCS soft-delete retention period (#2212) 
* Add support for GCS soft-delete retention period
 2024-04-11 07:31:00 +00:00