From dc641847395a2b3b2b47195a88133981c14e30fa Mon Sep 17 00:00:00 2001 From: Ludovico Magnocavallo Date: Sat, 25 Oct 2025 08:09:36 +0000 Subject: [PATCH 1/4] changelog --- CHANGELOG.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0f57791cb..42cd74adc 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -24,6 +24,7 @@ All notable changes to this project will be documented in this file. ### FAST +- [[#3459](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/3459)] Add yamlint step to linting workflow ([wiktorn](https://github.com/wiktorn)) - [[#3443](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/3443)] Cloud Function v1, v2 - contexts and service_account_config ([wiktorn](https://github.com/wiktorn)) - [[#3429](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/3429)] Add Agent Engine module. ([LucaPrete](https://github.com/LucaPrete)) - [[#3440](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/3440)] Support resource-level factories config in project factory module and FAST stages ([ludoo](https://github.com/ludoo)) @@ -49,6 +50,8 @@ All notable changes to this project will be documented in this file. ### MODULES +- [[#3459](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/3459)] Add yamlint step to linting workflow ([wiktorn](https://github.com/wiktorn)) +- [[#3461](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/3461)] fix(vpc-sc): correctly handle null `from.identities` in ingress/egress policies (regression since v39.0.0) ([viliampucik](https://github.com/viliampucik)) - [[#3443](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/3443)] Cloud Function v1, v2 - contexts and service_account_config ([wiktorn](https://github.com/wiktorn)) - [[#3448](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/3448)] Skip IAM grants for service agents that are not created on API activation ([juliocc](https://github.com/juliocc)) - [[#3445](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/3445)] Remove Netsec Authz Service Agent ([juliocc](https://github.com/juliocc)) @@ -90,6 +93,7 @@ All notable changes to this project will be documented in this file. ### TOOLS +- [[#3459](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/3459)] Add yamlint step to linting workflow ([wiktorn](https://github.com/wiktorn)) - [[#3443](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/3443)] Cloud Function v1, v2 - contexts and service_account_config ([wiktorn](https://github.com/wiktorn)) - [[#3448](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/3448)] Skip IAM grants for service agents that are not created on API activation ([juliocc](https://github.com/juliocc)) - [[#3445](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/3445)] Remove Netsec Authz Service Agent ([juliocc](https://github.com/juliocc)) From 269e47a5656caf64536b63e5ddbbce32dc60d604 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Wiktor=20Niesiob=C4=99dzki?= Date: Sun, 26 Oct 2025 09:51:37 +0000 Subject: [PATCH 2/4] Improve linting and fix agent-engine module name --- .github/workflows/linting.yml | 49 ++++++++++++------------------ .pre-commit-config.yaml | 18 +++++------ modules/agent-engine/versions.tf | 4 +-- modules/agent-engine/versions.tofu | 4 +-- tools/versions.py | 12 +++++--- 5 files changed, 39 insertions(+), 48 deletions(-) diff --git a/.github/workflows/linting.yml b/.github/workflows/linting.yml index f329e33af..c5c26c6bc 100644 --- a/.github/workflows/linting.yml +++ b/.github/workflows/linting.yml @@ -23,7 +23,6 @@ on: branches: - master - fast-dev - jobs: linting: runs-on: ubuntu-latest @@ -93,38 +92,30 @@ jobs: - name: Check python formatting id: yapf - run: | - yapf -p -d -r \ - tools/*.py \ - fast + uses: pre-commit/action@1b06ec171f2f6faa71ed760c4042bd969e4f8b43 + with: + extra_args: yapf --all-files - name: Check modules versions id: versions - run: | - OUTPUT_TF=$( - find . -type f -name 'versions.tf' -exec diff -I '[[:space:]]*module_name' -ub default-versions.tf {} \; - ) - if [[ -n "${OUTPUT_TF}" ]] ; then - echo "Terraform versions.tf:" - echo "${OUTPUT_TF}" - fi - OUTPUT_TOFU=$( - find . -type f -name 'versions.tofu' -exec diff -I '[[:space:]]*module_name' -ub default-versions.tofu {} \; - ) - if [[ -n "${OUTPUT_TOFU}" ]] ; then - echo "Terraform versions.tofu:" - echo "${OUTPUT_TOFU}" - fi - egrep -v "(required_version|module_name)" default-versions.tf > /tmp/versions.tf - egrep -v "(required_version|module_name)" default-versions.tofu > /tmp/versions.tofu - diff -rub /tmp/versions.tf /tmp/versions.tofu - DIFF_EC=$? - [[ "${DIFF_EC}" -eq "0" && -z "${OUTPUT_TF}" && -z "${OUTPUT_TOFU}" ]] + uses: pre-commit/action@1b06ec171f2f6faa71ed760c4042bd969e4f8b43 + with: + extra_args: versions --all-files - name: Check for diverging files id: duplicates - run: | - python3 tools/duplicate-diff.py + uses: pre-commit/action@1b06ec171f2f6faa71ed760c4042bd969e4f8b43 + with: + extra_args: duplicate-diff --all-files - - name: yaml-lint - uses: ibiqlik/action-yamllint@b74a2626a991d676b6ec243a6458ff86cccf2d2d + - name: Check YAML files + id: yaml-lint + uses: pre-commit/action@1b06ec171f2f6faa71ed760c4042bd969e4f8b43 + with: + extra_args: yamllint --all-files + + - name: Check for spelling mistakes + id: codespell + uses: pre-commit/action@1b06ec171f2f6faa71ed760c4042bd969e4f8b43 + with: + extra_args: codespell --all-files diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 96f226cb3..990923cfe 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -81,17 +81,13 @@ repos: require_serial: true files: ^fast/.*tf - id: versions - name: Align Terraform provider versions - language: script - files: (versions.tf|^default-versions.tf)$ + name: Align Terraform/OpenTofu provider versions + language: python + additional_dependencies: + - click + files: (versions.tf|^default-versions.tf|versions.tofu|default-versions.tofu)$ pass_filenames: false - entry: /usr/bin/find . -type f -name 'versions.tf' -exec cp default-versions.tf {} \; - - id: versions_tofu - name: Align OpenTofu provider versions - language: script - files: (versions.tofu|^default-versions.tofu)$ - pass_filenames: false - entry: /usr/bin/find . -type f -name 'versions.tofu' -exec cp default-versions.tofu {} \; + entry: tools/versions.py --quiet - id: check-names name: Check name lengths for FAST language: python @@ -149,7 +145,7 @@ repos: exclude: ".*tpl" - repo: https://github.com/pre-commit/pre-commit-hooks - rev: v4.5.0 + rev: v6.0.0 hooks: - id: end-of-file-fixer - id: trailing-whitespace diff --git a/modules/agent-engine/versions.tf b/modules/agent-engine/versions.tf index 23c02ad27..e5725bd38 100644 --- a/modules/agent-engine/versions.tf +++ b/modules/agent-engine/versions.tf @@ -27,9 +27,9 @@ terraform { } } provider_meta "google" { - module_name = "google-pso-tool/cloud-foundation-fabric/modules/ai-applications:v45.0.0-tf" + module_name = "google-pso-tool/cloud-foundation-fabric/modules/agent-engine:v45.0.0-tf" } provider_meta "google-beta" { - module_name = "google-pso-tool/cloud-foundation-fabric/modules/ai-applications:v45.0.0-tf" + module_name = "google-pso-tool/cloud-foundation-fabric/modules/agent-engine:v45.0.0-tf" } } diff --git a/modules/agent-engine/versions.tofu b/modules/agent-engine/versions.tofu index e868b8c81..aa02aca95 100644 --- a/modules/agent-engine/versions.tofu +++ b/modules/agent-engine/versions.tofu @@ -27,9 +27,9 @@ terraform { } } provider_meta "google" { - module_name = "google-pso-tool/cloud-foundation-fabric/modules/ai-applications:v45.0.0-tofu" + module_name = "google-pso-tool/cloud-foundation-fabric/modules/agent-engine:v45.0.0-tofu" } provider_meta "google-beta" { - module_name = "google-pso-tool/cloud-foundation-fabric/modules/ai-applications:v45.0.0-tofu" + module_name = "google-pso-tool/cloud-foundation-fabric/modules/agent-engine:v45.0.0-tofu" } } diff --git a/tools/versions.py b/tools/versions.py index 7fe189f10..57e62a7f8 100755 --- a/tools/versions.py +++ b/tools/versions.py @@ -85,7 +85,8 @@ def process_file(template, file_path, context): @click.option("--tofu-version", help="Override OpenTofu version") @click.option("--write-defaults/--no-write-defaults", default=False, help="Also rewrite default-versions.t*f*") -def main(write_defaults, **kwargs): +@click.option("-q", "--quiet", is_flag=True) +def main(write_defaults, quiet, **kwargs): root_path = Path(__file__).parents[1] overrides = {k: v for k, v in kwargs.items() if v is not None} # process versions.tf and versions.tofu @@ -98,19 +99,22 @@ def main(write_defaults, **kwargs): context['engine_version'] = kwargs[f'{engine}_version'] for file_path in root_path.rglob(f"versions.{engine}"): - click.echo(f"Processing {file_path}") + if not quiet: + click.echo(f"Processing {file_path}") process_file(FABRIC_VERSIONS_TEMPLATE, file_path, context | { "path": file_path.parent.relative_to(root_path), }) if write_defaults: - click.echo(f"Processing {defaults_fname}") + if not quiet: + click.echo(f"Processing {defaults_fname}") process_file(FABRIC_VERSIONS_TEMPLATE, defaults_fname, context) # process fast_version.txt. fast_context = {"fast_release": context["fabric_release"]} for file_path in root_path.rglob(f"fast_version.txt"): - click.echo(f"Processing {file_path}") + if not quiet: + click.echo(f"Processing {file_path}") process_file(FAST_VERSIONS_TEMPLATE, file_path, fast_context) From 7fe999562a3f9c79f429348b41befc18cb7932a0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Wiktor=20Niesiob=C4=99dzki?= Date: Sun, 26 Oct 2025 10:16:48 +0000 Subject: [PATCH 3/4] codespell fixes --- .codespellrc | 3 +++ .pre-commit-config.yaml | 2 +- adrs/20241029-versioning.md | 6 +++--- fast/addons/README.md | 2 +- fast/stages/0-org-setup/data/cicd.yaml | 2 +- fast/stages/0-org-setup/data/defaults.yaml | 3 +-- fast/stages/2-networking-b-nva/README.md | 2 +- fast/stages/2-security/README.md | 2 +- modules/binauthz/README.md | 2 +- modules/cloud-build-v2-connection/README.md | 2 +- modules/cloud-config-container/simple-nva/README.md | 2 +- modules/dataplex-aspect-types/README.md | 2 +- modules/dataplex-aspect-types/outputs.tf | 2 +- modules/net-lb-app-ext/recipe-cloud-run-iap/README.md | 6 +++--- modules/net-lb-app-ext/recipe-cloud-run-iap/main.tf | 2 +- modules/net-lb-app-ext/recipe-cloud-run-iap/variables.tf | 2 +- modules/net-lb-app-ext/variables-backend-service.tf | 2 +- modules/net-vlan-attachment/README.md | 2 +- modules/project-factory/README.md | 2 +- modules/project-factory/main.tf | 2 +- tests/fast/stages/s0_org_setup/data-simple/cicd.yaml | 2 +- 21 files changed, 27 insertions(+), 25 deletions(-) create mode 100644 .codespellrc diff --git a/.codespellrc b/.codespellrc new file mode 100644 index 000000000..c4e46b4ce --- /dev/null +++ b/.codespellrc @@ -0,0 +1,3 @@ +[codespell] +skip = *.pem +ignore-words-list = BU,lien diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 990923cfe..54d675d84 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -160,7 +160,7 @@ repos: - id: yapf - repo: https://github.com/codespell-project/codespell - rev: v2.2.6 + rev: v2.4.1 hooks: - id: codespell exclude: (requirements.txt$|excalidraw$|package-lock\.json$|go\.sum$|^CHANGELOG.md$) diff --git a/adrs/20241029-versioning.md b/adrs/20241029-versioning.md index 7dcc3a193..0a0bc9e6f 100644 --- a/adrs/20241029-versioning.md +++ b/adrs/20241029-versioning.md @@ -63,17 +63,17 @@ This case is highlighted in red in the the diagram above. The process is as foll #### Scenario 1: changes that don't break FAST for existing users - Start a new branch from `master`. -- Devolop changes. +- Develop changes. - Open and merge a PR against master. In the description, use the `breaks-modules` (if needed) label in the PR. #### Scenario 2: changes that break FAST for existing users - Start a new branch from `fast-dev`. -- Devolop changes. +- Develop changes. - Open and merge a PR against fast-dev. In the description, use the `breaks-Fast` (if needed) label in the PR. > [!TIP] -> Aas part of the development of your changes, we encourage merge `master` frequently into your own branch to simplify the final merge back to master. +> As part of the development of your changes, we encourage merge `master` frequently into your own branch to simplify the final merge back to master. ## Decision diff --git a/fast/addons/README.md b/fast/addons/README.md index aadb6960c..79b33844f 100644 --- a/fast/addons/README.md +++ b/fast/addons/README.md @@ -13,7 +13,7 @@ Add-ons are currently only implemented for stage 1 (resource management and VPC- To configure an add-on: - its "parent stage" (the stage the add-on augments) needs to be enabled and applied, so that the IaC and IAM configurations the add-on uses are present -- the `fast_addon` variable in the stage controlling the "parent stage" (boostrap for a stage 1 add-on, resource management for a stage 2 add-on) is configured and the stage applied, so that the add-on provider and optional CI/CD resources are created +- the `fast_addon` variable in the stage controlling the "parent stage" (bootstrap for a stage 1 add-on, resource management for a stage 2 add-on) is configured and the stage applied, so that the add-on provider and optional CI/CD resources are created - the provider and relevant FAST output variable files are linked or copied in the add-on folder (e.g. via the `fast-links.sh` script) At this point the add-on can be run, and operate on the same folders, projects and resources controlled by its "parent stage". diff --git a/fast/stages/0-org-setup/data/cicd.yaml b/fast/stages/0-org-setup/data/cicd.yaml index 121d8ab71..f28312d60 100644 --- a/fast/stages/0-org-setup/data/cicd.yaml +++ b/fast/stages/0-org-setup/data/cicd.yaml @@ -19,7 +19,7 @@ workload_identity_federation: project: $project_ids:iac-0 providers: github: - # the condition is optional but recommented, use your GitHub org name + # the condition is optional but recommended, use your GitHub org name attribute_condition: attribute.repository_owner=="my_org" issuer: github # custom_settings: diff --git a/fast/stages/0-org-setup/data/defaults.yaml b/fast/stages/0-org-setup/data/defaults.yaml index 6512f758a..b312f85d6 100644 --- a/fast/stages/0-org-setup/data/defaults.yaml +++ b/fast/stages/0-org-setup/data/defaults.yaml @@ -35,7 +35,7 @@ projects: context: # you can populate context variables here for use in YAML replacements iam_principals: - # this is the default group used in boostrap, initial user must be a member + # this is the default group used in bootstrap, initial user must be a member gcp-organization-admins: group:gcp-organization-admins@example.com output_files: # local path is optional but recommended when starting @@ -88,4 +88,3 @@ output_files: bucket: $storage_buckets:iac-0/iac-stage-state prefix: 3-data-platform-dev service_account: $iam_principals:service_accounts/iac-0/iac-dp-dev-ro - diff --git a/fast/stages/2-networking-b-nva/README.md b/fast/stages/2-networking-b-nva/README.md index f3a528b33..222273d28 100644 --- a/fast/stages/2-networking-b-nva/README.md +++ b/fast/stages/2-networking-b-nva/README.md @@ -85,7 +85,7 @@ The final number of subnets, and their IP addressing will depend on the user-spe This stage support three different deployment models that can be controlled by `var.network_mode`. The stage deploys networking resources in two different regions and supports both regional and multi-regional VPCs. Depending on the selected deployment model different routing strategies and NVAs failover modes can be implemented. -- **Simple NVA**: This network mode deploys multi-regional VPCs, the network appliances are configured behind a "ILB Sandwitch" (two different network passthrough internal load balancers on each of `dmz` and `landing` VPCs), with static routes sending traffic for specific destinations to specific network appliances group through the load balancer. +- **Simple NVA**: This network mode deploys multi-regional VPCs, the network appliances are configured behind a "ILB Sandwich" (two different network passthrough internal load balancers on each of `dmz` and `landing` VPCs), with static routes sending traffic for specific destinations to specific network appliances group through the load balancer. - **NCC-RA**: This network mode deploys multi-regional VPCs as the simple mode but provides a different routing strategy. The network appliances establish BGP sessions with a Cloud Router on both `dmz` and `landing` VPCs, which comes with the following benefits, at the cost of additional initial setup complexity: - avoid using network tags to route traffic - automatically send all traffic through the cross-regional NVAs if the ones in-region fail diff --git a/fast/stages/2-security/README.md b/fast/stages/2-security/README.md index bfbe269b2..36172fde8 100644 --- a/fast/stages/2-security/README.md +++ b/fast/stages/2-security/README.md @@ -128,7 +128,7 @@ gcloud storage cp gs://myprefix-prod-iac-org-0-iac-outputs/tfvars/0-org-setup.au gcloud storage cp gs://myprefix-prod-iac-org-0-iac-outputs/2-security.auto.tfvars ./ ``` -Once you have one of the above outputs, copy/paste it in your terminal from withing this stage's folder. +Once you have one of the above outputs, copy/paste it in your terminal from within this stage's folder. Note that the last command in both outputs is optional: this is our recommended best practice to centrally store the tfvars file you created for this stage. If this convention works for you, move the tfvars file created in the previous steps to the path shown in the output, then run the command. diff --git a/modules/binauthz/README.md b/modules/binauthz/README.md index 400ba576c..470d59440 100644 --- a/modules/binauthz/README.md +++ b/modules/binauthz/README.md @@ -1,4 +1,4 @@ -# Google Cloud Binary Authroization Module +# Google Cloud Binary Authorization Module This module simplifies the creation of a Binary Authorization policy, attestors and attestor IAM bindings. diff --git a/modules/cloud-build-v2-connection/README.md b/modules/cloud-build-v2-connection/README.md index 3007fe174..901efefa8 100644 --- a/modules/cloud-build-v2-connection/README.md +++ b/modules/cloud-build-v2-connection/README.md @@ -1,6 +1,6 @@ # Cloud Build Connection (V2) Module -This module allows to create a Cloud Build v2 connection with associated repositories and triggers linked to each of them. Additionaly it also familitates the creation of IAM bindings for the connection. +This module allows to create a Cloud Build v2 connection with associated repositories and triggers linked to each of them. Additionally, it also facilitates the creation of IAM bindings for the connection. - [Github](#github) diff --git a/modules/cloud-config-container/simple-nva/README.md b/modules/cloud-config-container/simple-nva/README.md index 0f3741fac..c3be2d561 100644 --- a/modules/cloud-config-container/simple-nva/README.md +++ b/modules/cloud-config-container/simple-nva/README.md @@ -9,7 +9,7 @@ The NVAs run [Container-Optimized OS (COS)](https://cloud.google.com/container-o To configure the firewall, you can either - use the [open_ports](variables.tf#L84) variable -- for a thiner grain control, pass a custom bash script at startup with iptables commands +- for a thinner grain control, pass a custom bash script at startup with iptables commands ## Examples diff --git a/modules/dataplex-aspect-types/README.md b/modules/dataplex-aspect-types/README.md index 488012dad..9977282d2 100644 --- a/modules/dataplex-aspect-types/README.md +++ b/modules/dataplex-aspect-types/README.md @@ -170,5 +170,5 @@ metadata_template: | | [ids](outputs.tf#L17) | Aspect type IDs. | | | [names](outputs.tf#L29) | Aspect type names. | | | [timestamps](outputs.tf#L41) | Aspect type create and update timestamps. | | -| [uids](outputs.tf#L56) | Aspect type gobally unique IDs. | | +| [uids](outputs.tf#L56) | Aspect type globally unique IDs. | | diff --git a/modules/dataplex-aspect-types/outputs.tf b/modules/dataplex-aspect-types/outputs.tf index 28ece3720..0ccf34ca6 100644 --- a/modules/dataplex-aspect-types/outputs.tf +++ b/modules/dataplex-aspect-types/outputs.tf @@ -54,7 +54,7 @@ output "timestamps" { } output "uids" { - description = "Aspect type gobally unique IDs." + description = "Aspect type globally unique IDs." value = { for k, v in google_dataplex_aspect_type.default : k => v.uid } diff --git a/modules/net-lb-app-ext/recipe-cloud-run-iap/README.md b/modules/net-lb-app-ext/recipe-cloud-run-iap/README.md index 86d7121b6..19e99f2c7 100644 --- a/modules/net-lb-app-ext/recipe-cloud-run-iap/README.md +++ b/modules/net-lb-app-ext/recipe-cloud-run-iap/README.md @@ -6,7 +6,7 @@ The architecture deployed by this recipe is the one depicted below: ![Architecture](./diagram.png) -Note: Make sure that the email that you pass as support email for the IAP brand is the email of a group in which the identity executing terraform is a member with the role MANAGER. Otherwise an error will be raised. Also bear in mind only organization internal brands can be created using Terraform. +Note: Make sure that the email that you pass as support email for the IAP brand is the email of a group in which the identity executing terraform is a member with the role MANAGER. Otherwise an error will be raised. Also bear in mind only organization internal brands can be created using Terraform. This recipe addresses common requirements of backends protected by IAP: @@ -33,7 +33,7 @@ This recipe addresses common requirements of backends protected by IAP: | [region](variables.tf#L44) | Region. | string | ✓ | | | [support_email](variables.tf#L49) | Support email for IAP brand. | string | ✓ | | | [_testing](variables.tf#L17) | Populate this variable to avoid triggering the data source. | object({…}) | | null | -| [accesors](variables.tf#L27) | List of identities able to access the service via IAP (e.g. group:mygroup@myorg.com). | list(string) | | [] | +| [accessors](variables.tf#L27) | List of identities able to access the service via IAP (e.g. group:mygroup@myorg.com). | list(string) | | [] | | [impersonators](variables.tf#L33) | List of identities able to impersonate the service account for programmatica access. | list(string) | | [] | ## Outputs @@ -57,7 +57,7 @@ module "test" { } region = "europe-west1" support_email = "mygroup1@myorg.com" - accesors = [ + accessors = [ "group:mygroup2@myorg.com" ] impersonators = [ diff --git a/modules/net-lb-app-ext/recipe-cloud-run-iap/main.tf b/modules/net-lb-app-ext/recipe-cloud-run-iap/main.tf index a224a3a3d..a6ba4e3f9 100644 --- a/modules/net-lb-app-ext/recipe-cloud-run-iap/main.tf +++ b/modules/net-lb-app-ext/recipe-cloud-run-iap/main.tf @@ -131,7 +131,7 @@ resource "google_iap_web_backend_service_iam_binding" "iam_bindings" { web_backend_service = module.glb.backend_service_names["default"] role = "roles/iap.httpsResourceAccessor" members = concat( - var.accesors, + var.accessors, [ module.application_service_account.iam_email ]) diff --git a/modules/net-lb-app-ext/recipe-cloud-run-iap/variables.tf b/modules/net-lb-app-ext/recipe-cloud-run-iap/variables.tf index 10c7a082c..2e7b40e56 100644 --- a/modules/net-lb-app-ext/recipe-cloud-run-iap/variables.tf +++ b/modules/net-lb-app-ext/recipe-cloud-run-iap/variables.tf @@ -24,7 +24,7 @@ variable "_testing" { default = null } -variable "accesors" { +variable "accessors" { description = "List of identities able to access the service via IAP (e.g. group:mygroup@myorg.com)." type = list(string) default = [] diff --git a/modules/net-lb-app-ext/variables-backend-service.tf b/modules/net-lb-app-ext/variables-backend-service.tf index 48b85ca5d..7e702a7b6 100644 --- a/modules/net-lb-app-ext/variables-backend-service.tf +++ b/modules/net-lb-app-ext/variables-backend-service.tf @@ -190,6 +190,6 @@ variable "backend_service_configs" { ) ] ])) - error_message = "When specified, all locality lb polcies must have EITHER policy or custom_policy filled, not both." + error_message = "When specified, all locality lb policies must have EITHER policy or custom_policy filled, not both." } } diff --git a/modules/net-vlan-attachment/README.md b/modules/net-vlan-attachment/README.md index c23a16eb6..ed0f580c4 100644 --- a/modules/net-vlan-attachment/README.md +++ b/modules/net-vlan-attachment/README.md @@ -102,7 +102,7 @@ module "example-va" { # tftest modules=1 resources=5 ``` -If you don't specify the MD5 key, the module will generate a random 12 charachters key for you. +If you don't specify the MD5 key, the module will generate a random 12 characters key for you. ```hcl resource "google_compute_router" "interconnect-router" { diff --git a/modules/project-factory/README.md b/modules/project-factory/README.md index b8c815622..e5ee444be 100644 --- a/modules/project-factory/README.md +++ b/modules/project-factory/README.md @@ -521,7 +521,7 @@ tag_bindings: # tftest-file id=4 path=data/hierarchy/team-b/app-0/.config.yaml schema=folder.schema.json ``` -One project defined within the folder hierarchy, using a lower level factory for org polcies: +One project defined within the folder hierarchy, using a lower level factory for org policies: ```yaml billing_account: 012345-67890A-BCDEF0 diff --git a/modules/project-factory/main.tf b/modules/project-factory/main.tf index ea74e1d63..e9fff38d0 100644 --- a/modules/project-factory/main.tf +++ b/modules/project-factory/main.tf @@ -35,7 +35,7 @@ resource "terraform_data" "defaults_preconditions" { var.data_defaults.storage_location != null || var.data_overrides.storage_location != null ) - error_message = "No default storage location defined in defaults or overides variables." + error_message = "No default storage location defined in defaults or overrides variables." } } } diff --git a/tests/fast/stages/s0_org_setup/data-simple/cicd.yaml b/tests/fast/stages/s0_org_setup/data-simple/cicd.yaml index eef12642a..e392777df 100644 --- a/tests/fast/stages/s0_org_setup/data-simple/cicd.yaml +++ b/tests/fast/stages/s0_org_setup/data-simple/cicd.yaml @@ -19,7 +19,7 @@ workload_identity_federation: project: $project_ids:iac-0 providers: github: - # the condition is optional but recommented, use your GitHub org name + # the condition is optional but recommended, use your GitHub org name attribute_condition: attribute.repository_owner=="my_org" issuer: github # custom_settings: From f41b58ec9dc0e06d7e34850ac9c9652005d251b2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Wiktor=20Niesiob=C4=99dzki?= Date: Sun, 26 Oct 2025 10:30:15 +0000 Subject: [PATCH 4/4] yapf tests --- tests/__init__.py | 8 +++++--- tests/modules/agent_engine/assets/src/agent.py | 17 +++++++++++------ 2 files changed, 16 insertions(+), 9 deletions(-) diff --git a/tests/__init__.py b/tests/__init__.py index 97bcfa4f9..147f3ec18 100644 --- a/tests/__init__.py +++ b/tests/__init__.py @@ -13,6 +13,8 @@ # limitations under the License. import sys -if sys.version_info.major < 3 or (sys.version_info.major == 3 and sys.version_info.minor < 10): - raise RuntimeError("Tests require at least version 3.10 of Python. Current version is: {}".format(sys.version)) - +if sys.version_info.major < 3 or (sys.version_info.major == 3 and + sys.version_info.minor < 10): + raise RuntimeError( + "Tests require at least version 3.10 of Python. Current version is: {}". + format(sys.version)) diff --git a/tests/modules/agent_engine/assets/src/agent.py b/tests/modules/agent_engine/assets/src/agent.py index 6922e1f7d..1cea69c4c 100644 --- a/tests/modules/agent_engine/assets/src/agent.py +++ b/tests/modules/agent_engine/assets/src/agent.py @@ -17,17 +17,22 @@ from google.adk.agents import LlmAgent from vertexai.agent_engines import AdkApp + def get_exchange_rate( currency_from: str = "USD", currency_to: str = "EUR", currency_date: str = "latest", ): - import requests - response = requests.get( - f"https://api.frankfurter.app/{currency_date}", - params={"from": currency_from, "to": currency_to}, - ) - return response.json() + import requests + response = requests.get( + f"https://api.frankfurter.app/{currency_date}", + params={ + "from": currency_from, + "to": currency_to + }, + ) + return response.json() + # Create ADK agent with tools root_agent = LlmAgent(