Luca Prete
eb5754e475
[FAST] Rename stage 2-networking-d-separate-envs to 2-netwroking-c-separate-envs ( #2328 )
...
Co-authored-by: Luca Prete <lucaprete@google.com>
2024-05-31 09:09:31 +03:00
Wiktor Niesiobędzki
f8f18734f1
Add pre-commit hook configuration ( #2326 )
...
* Pre-commit config
Run following linters on commit:
Terraform:
- terraform fmt
- terraform tflint
Python specific:
- yapf
Shell scripts
- shellcheck
- shfmt
YAML files:
- yamllint (disabled as of now)
- check-yaml
Other:
- end-of-file-fixer
- trailing-whitespace fixer
Fabric specific
- tools/tfdoc.py
- tools/check_boilerplate.py
* linting fixes
* Fix boilerplate check
2024-05-30 19:35:09 +02:00
Julio Castillo
23b256ac25
Fix restrictAllowedGenerations org policy example ( #2325 )
...
Fixes #2323
2024-05-30 12:19:24 +00:00
simonebruzzechesse
941a35ab69
Fixed e2e tests for alloydb module ( #2321 )
...
* fixed e2e tests for alloydb module
2024-05-30 11:41:15 +02:00
Wiktor Niesiobędzki
d1ec3b0499
Fixes for Alloydb E2E tests ( #2312 )
...
* Fixes for Alloydb E2E tests
* too long project name in Sipmle example resulted in:
```
Error: "***-alloydb-prj" name must be 4 to 30 characters with lowercase and uppercase letters, numbers, hyphen, single-quote, double-quote, space, and exclamation point.
```
* using self_link resulted in:
```
Error: Error creating Cluster: googleapi: Error 499: malformed network path: "https://www.googleapis.com/compute/v1/projects/***/global/networks/e2e-test "
```
* Cross region replication stil fails with:
```
│ Error: Error creating cluster. Can not create secondary cluster without secondary_config field.
│
│ with module.alloydb.google_alloydb_cluster.secondary[0],
│ on /usr/local/google/home/wiktorn/git/cloud-foundation-fabric/modules/alloydb/main.tf line 199, in resource "google_alloydb_cluster" "secondary":
│ 199: resource "google_alloydb_cluster" "secondary" {
```
* Fix tests
---------
Co-authored-by: Julio Castillo <jccb@google.com>
2024-05-29 14:46:15 +00:00
Julio Diez
c205a692a3
Kong Gateway on GKE offloading to Cloud Run ( #2299 )
...
* First working version including certificates and HTTPS.
It uses a mix of self-managed certificates and the CA Service.
* One CR service only behind the ILB
* Functional deployment including auto-configuration
A k8s job configures the root certificate, service and route in the admin
api to reach the CR service via Kong proxy.
* Admin API exposed internally only, and some cleanup
* Some name changes
* README
* Remove data source for the vpc and subnet
* Remove data source for Kubernetes services
* Update README
---------
Co-authored-by: Julio Castillo <jccb@google.com>
2024-05-29 16:26:25 +02:00
fulyagonultas
0d60e39aee
resource_labels added to the node_config nodepool ( #2317 )
...
* resource_labels added to the node_config nodepool
* labels added to the gke standard module
* labels set to mandatory
* Updating variables names
* Fix nodepool label variables defaults
* Fix tests
---------
Co-authored-by: Julio Castillo <jccb@google.com>
2024-05-29 14:56:15 +02:00
Peter Brumblay
772a555b05
Pbrumblay/clarify org policy tags ( #2319 )
...
* fix: clarify org policy tag limitations
* fix: use a more generic term to describe binding possibilities
---------
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
2024-05-29 06:19:39 +00:00
Simone Ruffilli
532f1ecfc4
Merge FAST C and E network stages into a new B stage. ( #2309 )
...
Merge FAST C and E network stages into a new B stage.
2024-05-28 17:27:28 +02:00
Simone Ruffilli
9e1008dcca
FAST: Obsolete assets cleanup ( #2315 )
...
Remove obsolete assets
2024-05-28 09:35:13 +00:00
Wiktor Niesiobędzki
cf31d83b15
Explicit YAPF style
2024-05-28 10:53:13 +02:00
dibaskar-google
3d668170e5
Secret manager e2etests ( #2280 )
...
secret-manager e2e tests
2024-05-28 09:28:08 +02:00
simonebruzzechesse
f4f891d4f1
Gitlab Runner blueprint ( #2106 )
...
* add gitlab runner blueprint
* use secret manager to store auth token
small updates and improvements
2024-05-27 10:34:34 +02:00
Simone Ruffilli
1f15c5123f
Update README.md
2024-05-27 07:52:28 +02:00
Ludo
ab45e8c1ba
update changelog
2024-05-25 14:38:55 +02:00
Ludovico Magnocavallo
c80af8de66
Extend support for tag bindings to more modules ( #2307 )
...
* fix kms tag bindings
* bigquery dataset
* fix bigquery
* cloud run
* normalize variable type
* rename gcs heading
* kms example test
* fix bigquery
* fix cloud run
* cloud run v2
2024-05-25 10:42:45 +02:00
Ludo
735fd79cce
update changelog
2024-05-24 14:41:28 +02:00
Wiktor Niesiobędzki
a3295ae731
Add regional PSC addresses to output
2024-05-24 12:56:28 +02:00
Wiktor Niesiobędzki
439e9a1af9
Internet NEG for net-lb-proxy-int
2024-05-24 12:56:28 +02:00
Simone Ruffilli
11050c46cf
FAST MT: Readme updates and more prefix validation ( #2305 )
...
This change documents the process of deploying FAST on a tenant-factory bootstrapped tenant.
It also fixes changes the validation logic for prefix as follows:
- 0-bootstrap: 9 chars or less
- 1-resman/1-tenant-factory: 9 chars or less if ran at org-level, else 11
- else 11
It also uniforms across all stages the variables.tf and variables-fast.tf breakdown.
2024-05-24 12:01:55 +02:00
Ludovico Magnocavallo
5068cd9170
remove default location from remaining modules ( #2304 )
2024-05-24 09:20:53 +02:00
Ludovico Magnocavallo
dc686c3a84
Remove default location from gcs module ( #2303 )
...
* gcs module
* blueprints/apigee/bigquery-analytics
* tfdoc
* pubsub README md syntax
2024-05-24 07:02:33 +00:00
Wiktor Niesiobędzki
af814505be
Add AlloyDB service for e2e tests harness ( #2302 )
2024-05-23 11:44:40 +02:00
Ludo
c128f4c110
Merge branch 'master' of github.com:GoogleCloudPlatform/cloud-foundation-fabric
2024-05-23 09:46:32 +02:00
Ludo
3cfd312e32
update changelog
2024-05-23 09:46:26 +02:00
Simone Ruffilli
3fe754167e
FAST: Clarify max prefix len for tenant factory
2024-05-23 09:43:23 +02:00
Simone Ruffilli
b55e9320ca
Update README.md
2024-05-23 08:44:07 +02:00
Ludovico Magnocavallo
980011806c
fix permadiff in cloud nat module ( #2301 )
2024-05-23 08:38:03 +02:00
Ludovico Magnocavallo
ef5178c929
add support for shared vpc host to project factory ( #2300 )
2024-05-22 07:56:34 +00:00
simonebruzzechesse
1e149c18fc
New alloydb module ( #2285 )
...
* add alloydb module
---------
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
2024-05-22 09:40:25 +02:00
simonebruzzechesse
10ae9bc824
New extra stage for FAST gitlab setup ( #2232 )
...
* new extra stage for gitlab setup
* removed wrong link
* small fixes README.md
---------
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
2024-05-22 09:17:14 +02:00
Peter Brumblay
a04d63e991
Avoid unnecessary terraform plans for closed (unmerged) PRs ( #2294 )
...
* Avoid unnecessary terraform plans for closed (unmerged) PRs
* fix: also update templates copied to avoid Windows symlink problems.
---------
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
2024-05-21 13:03:07 +00:00
Wiktor Niesiobędzki
3368be51bd
Adjust list of policies to official docs
2024-05-21 11:27:57 +02:00
Ludovico Magnocavallo
be9214f99a
add support for tenant factory CI/CD ( #2297 )
2024-05-21 10:39:47 +02:00
dependabot[bot]
524390b641
--- ( #2296 )
...
updated-dependencies:
- dependency-name: requests
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-21 07:20:53 +00:00
Ricardo Godoy
79b36b614b
IPS support for Firewall Policy ( #2291 )
...
* Adding apply_security_profile_group as action option and be able to
provide a security_profile_group.
* Removing default null for optional variable.
* Updating README.
---------
Co-authored-by: Julio Castillo <jccb@google.com>
2024-05-21 04:38:43 +00:00
Wiktor Niesiobędzki
1ecd637932
Internet NEG for net-lb-app-int ( #2293 )
...
Internet NEG for net-lb-app-int
2024-05-20 21:12:39 +02:00
Luca Prete
0afaa84026
[FAST] fix: tenant-factory logging bucket project ( #2292 )
2024-05-20 16:51:12 +00:00
simonebruzzechesse
79af34b69e
Add wif permissions to bootstrap tf SA ( #2290 )
...
* add wif permissions to bootstrap tf SA
2024-05-20 18:15:23 +02:00
Ludovico Magnocavallo
98126f2ab8
Update README.md
2024-05-20 07:55:42 +02:00
Ludovico Magnocavallo
8e8ff7825c
Update README.md
2024-05-20 07:54:31 +02:00
Ludovico Magnocavallo
116c1292ab
Update README.md
2024-05-20 07:54:03 +02:00
Ludovico Magnocavallo
32907924e1
update diagrams ( #2289 )
2024-05-18 23:53:49 +02:00
Ludovico Magnocavallo
db44be9803
Ignore test resource data in new network stage, split out fast variables ( #2288 )
...
* ignore test resource data, split out fast vars
* tfdoc
2024-05-17 15:30:57 +02:00
Ludo
92f88d6cbf
update changelog
2024-05-17 12:09:37 +02:00
Ludovico Magnocavallo
8014121be1
switch stages 0-1s to excalidraw diagrams ( #2286 )
2024-05-17 09:10:13 +00:00
Simone Ruffilli
21f3b733ab
FAST: Cleanup/harmonization of Simple and NVA net stages ( #2287 )
...
Cleanup/harmonization of Simple and NVA net stages
2024-05-16 16:49:15 +03:00
Simone Ruffilli
887c7e7926
Unify VPN and Peering FAST stages ( #2284 )
...
* Unify VPN and Peering FAST stages
2024-05-16 12:18:32 +03:00
Ludovico Magnocavallo
7a5dd4e6db
FAST: add top-level folders and restructure teams/tenants in resman ( #2254 )
...
* remove teams and tenants from resman
* move fast features to stage 1, fix test inventories
* folders
* fix factory, add top level folder resources to outputs
* tfdoc
* stage 0 log sink defs
* tfdoc
* enable toc in resman readme
* simple tenants
* fast compatibility automation and logging
* testing fast-compatible tenants
* testing fast-compatible tenants
* tfdoc
* remove mt stages
* remove tests, fix links
* disable tflint
* fast tests
* make organization conditional in resman
* check names tool
* export real prefix to tfvars, prevent destroy errors
* prefix validation
* fix billing account export format
* tfdoc
* root node folder
* resman changes
* tenant resman roles
* first apply of tenant resman
* tenant log sinks in stage 1
* fix test vars
* tfdoc
* tenant vpc-sc access policy
* fix tests expected values
* tenant CI/CD
* identity providers
* wif
* tfdoc
* add comments to identity locals
* full-feature tenant resman apply
* tenant billing IAM
* stage test
* fix CI/CD comments
* tenant net stage verified
* tenant sec stage verified
* fix test
* README work
* tfdoc
* README
* README rewording
* README rewording
* tfdoc
* FAST excalidraw
* review comments
* diagram review changes
* add iam log sink for tenants
* remove redundant try from security stage
* Implement tflint-fast in Python driven by tftest.yaml files
* tflint
* test ci changes
* revert linting changes
* disable tflint for fast
* Create junit-style report for FAST tflint
* Remove junit-reporter
* YAPF tflint-fast.py
* Output tflint FAST to job summary
* Step summary
* Disable step_summary as output is not useful
* ignore tflint warning
* re-enable tflint on FAST
---------
Co-authored-by: Wiktor Niesiobędzki <wiktorn@google.com>
2024-05-15 09:17:13 +00:00
Ludo
d3137be655
update changelog
2024-05-15 11:05:22 +02:00