diff --git a/.gitignore b/.gitignore index 9bbc50155..21f3a2f50 100644 --- a/.gitignore +++ b/.gitignore @@ -32,4 +32,3 @@ node_modules fast/**/globals.auto.tfvars.json cloud_sql_proxy env/ - diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 70c3d2977..f27beb0cc 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -150,6 +150,7 @@ repos: (?x)^( /templates/.*| modules/cloud-config-container/.*| + .*/0-org-setup/assets/workflow-.*\.yaml )$ - repo: https://github.com/jumanjihouse/pre-commit-hooks @@ -172,6 +173,7 @@ repos: (?x)^( /templates/.*| modules/cloud-config-container/.*| + .*/0-org-setup/assets/workflow-.*\.yaml )$ - repo: https://github.com/google/yapf/ diff --git a/.vscode/settings.json b/.vscode/settings.json index 3640ee323..590c6b50a 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -38,4 +38,4 @@ "data/**/ingress-policies/**/*yaml" ], } -} \ No newline at end of file +} diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 9346fc030..940b55cdd 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -451,7 +451,7 @@ labels: #### Context-based interpolation -When designing factories, a common challenge is referencing resources that will be created at runtime or are managed externally (e.g., assigning a service account created in one project to a role in another, or referencing a folder ID by a mnemonic name). +When designing factories, a common challenge is referencing resources that will be created at runtime or are managed externally (e.g., assigning a service account created in one project to a role in another, or referencing a folder ID by a mnemonic name). To solve this, a **context-based interpolation** system is implemented. A `context` object variable is introduced containing maps of known resource IDs (like `project_ids`, `folder_ids`, `iam_principals`), and a `$` prefix convention is used in the YAML strings to instruct the module to look up the actual ID at plan time. @@ -1063,9 +1063,9 @@ tests: - test-plan-extra.tfvars inventory: - test-plan.yaml - # You can use `extra_files` to include additional tf files outside + # You can use `extra_files` to include additional tf files outside # the module's path before running the test. - # extra_files: + # extra_files: # - ../plugin-x/*.tf # You can omit the tfvars and inventory sections and they will @@ -1083,7 +1083,7 @@ A good example of tests showing different ways of leveraging our framework is in ### Debugging Terraform Context & Locals -When troubleshooting how variables, context, or locals are being evaluated during a `plan` (especially within factories or FAST stages), do not rely solely on `pytest` failure outputs or `grep`. +When troubleshooting how variables, context, or locals are being evaluated during a `plan` (especially within factories or FAST stages), do not rely solely on `pytest` failure outputs or `grep`. **ALWAYS** use a fast-failing `terraform_data` precondition to dump the exact runtime state of the data structure. Inject this snippet temporarily into the module being debugged: @@ -1092,7 +1092,7 @@ resource "terraform_data" "debug_dump" { lifecycle { precondition { # The condition is intentionally designed to fail to trigger the error_message - condition = local.target_variable == null + condition = local.target_variable == null error_message = yamlencode(local.target_variable) } } diff --git a/FABRIC-AND-CFT.md b/FABRIC-AND-CFT.md index 9d716a474..c512c2495 100644 --- a/FABRIC-AND-CFT.md +++ b/FABRIC-AND-CFT.md @@ -140,7 +140,7 @@ For production/airgapped usage, customers may also mirror modules to a private r ## Should you choose Fabric or CFT? > You/Your organization is knowledgeable in Terraform and interested in forking and owning a collection of modules. - + Fabric is a better choice as it bootstraps you with a collection of modules out of the box that can be customized exactly to fit your organization needs. > You/Your organization is getting started with Terraform and interested in GCP best practices out of the box. @@ -148,11 +148,11 @@ For production/airgapped usage, customers may also mirror modules to a private r CFT is a better choice as it allows you to directly reference specific modules from the registry and provide opinionated configuration by default. > You/Your organization is looking to rapidly prototype some functionality on GCP. - + Fabric is a better choice. Being a mono repo it allows you to get started quickly with all your source code in one place for easier debugging. > You/Your organization has existing infrastructure and processes but want to start adopting IaC gradually. - + CFT is designed to be modular and off the shelf, providing higher level abstractions to product groups which allows certain teams to adopt Terraform without maintenance burden while allowing others to follow existing practices. ## Using Fabric and CFT together diff --git a/GEMINI.md b/GEMINI.md index 142c2632c..75d0a193b 100644 --- a/GEMINI.md +++ b/GEMINI.md @@ -84,7 +84,7 @@ python3 tools/check_boilerplate.py --scan-files #### 2. Testing -Our testing philosophy is simple: test to ensure the code works and does not break due to dependency changes. **Example-based testing via `README.md` is the preferred approach.** +Our testing philosophy is simple: test to ensure the code works and does not break due to dependency changes. **Example-based testing via `README.md` is the preferred approach.** Tests are triggered from HCL Markdown fenced code blocks using a special `# tftest` directive at the end of the block. @@ -208,7 +208,7 @@ Modify one existing README example (do not add a new one) to demonstrate context ## Architecture & Conventions -* **Variables & Interfaces:** +* **Variables & Interfaces:** * Prefer object variables (e.g., `iam = { ... }`) over many individual scalar variables. * Design compact variable spaces by leveraging Terraform's `optional()` function with defaults extensively. * Use maps instead of lists for multiple items to ensure stable keys in state and avoid `for_each` dynamic value issues. @@ -226,7 +226,7 @@ Modify one existing README example (do not add a new one) to demonstrate context ## Debugging Terraform Context & Locals -When troubleshooting how variables, context, or locals are being evaluated during a `plan` (especially within factories or FAST stages), do not rely solely on `pytest` failure outputs or `grep`. +When troubleshooting how variables, context, or locals are being evaluated during a `plan` (especially within factories or FAST stages), do not rely solely on `pytest` failure outputs or `grep`. **ALWAYS** use a fast-failing `terraform_data` precondition to dump the exact runtime state of the data structure. Inject this snippet temporarily into the module being debugged: @@ -235,7 +235,7 @@ resource "terraform_data" "debug_dump" { lifecycle { precondition { # The condition is intentionally designed to fail to trigger the error_message - condition = local.target_variable == null + condition = local.target_variable == null error_message = yamlencode(local.target_variable) } } diff --git a/adrs/20241219-tag-bindings.md b/adrs/20241219-tag-bindings.md index 421289205..904f2ead1 100644 --- a/adrs/20241219-tag-bindings.md +++ b/adrs/20241219-tag-bindings.md @@ -13,7 +13,7 @@ We need to define a variable to manage tag bindings in our Terraform modules. Th ## Decision: -We will use the `map(string)` type for the `tag_bindings` variable across all modules where it's needed. +We will use the `map(string)` type for the `tag_bindings` variable across all modules where it's needed. ## Consequences diff --git a/adrs/fast/addon-stages.md b/adrs/fast/addon-stages.md index 5dc8cb87f..c55ad32a3 100644 --- a/adrs/fast/addon-stages.md +++ b/adrs/fast/addon-stages.md @@ -1,6 +1,6 @@ # Add-on stages -**authors:** [Ludo](https://github.com/ludoo), [Julio](https://github.com/juliocc) +**authors:** [Ludo](https://github.com/ludoo), [Julio](https://github.com/juliocc) **date:** Jan 5, 2025 ## Status @@ -54,7 +54,7 @@ fast ├── 0-bootstrap ├── 1-resman ├── 1-vpcsc - ├── 2-networking + ├── 2-networking ├── 2-networking-legacy-a-simple ├── 2-networking-legacy-b-nva ├── 2-networking-legacy-c-separate-envs diff --git a/adrs/modules/20231106-factories.md b/adrs/modules/20231106-factories.md index 8786d86f8..a7d789978 100644 --- a/adrs/modules/20231106-factories.md +++ b/adrs/modules/20231106-factories.md @@ -99,4 +99,3 @@ With notable exceptions (currently only the `cidrs.yaml` file consumed by firewa - Files in a directory should be parsed together and flattened into a single dictionary This allows developers to implement multiple resources in a single file or to use one file per resource, as they see fit. - diff --git a/diagram.svg b/diagram.svg index 689adf24e..da14f6c4c 100644 --- a/diagram.svg +++ b/diagram.svg @@ -290,4 +290,4 @@ - \ No newline at end of file + diff --git a/fast/addons/2-networking-ngfw/.fast-stage.env b/fast/addons/2-networking-ngfw/.fast-stage.env index c5d9254f6..69b3934bc 100644 --- a/fast/addons/2-networking-ngfw/.fast-stage.env +++ b/fast/addons/2-networking-ngfw/.fast-stage.env @@ -2,4 +2,4 @@ FAST_STAGE_DESCRIPTION="NGFW Enterprise networking add-on" FAST_STAGE_LEVEL=2 FAST_STAGE_NAME=networking-ngfw FAST_STAGE_DEPS="0-globals 0-org-setup 2-networking" -FAST_STAGE_OPTIONAL="2-security" \ No newline at end of file +FAST_STAGE_OPTIONAL="2-security" diff --git a/fast/addons/2-networking-ngfw/variables-fast.tf b/fast/addons/2-networking-ngfw/variables-fast.tf index 80767bafa..607335296 100644 --- a/fast/addons/2-networking-ngfw/variables-fast.tf +++ b/fast/addons/2-networking-ngfw/variables-fast.tf @@ -70,4 +70,3 @@ variable "vpc_self_links" { nullable = false default = {} } - diff --git a/fast/addons/2-networking-swp/variables-fast.tf b/fast/addons/2-networking-swp/variables-fast.tf index 35d79d133..6682d442f 100644 --- a/fast/addons/2-networking-swp/variables-fast.tf +++ b/fast/addons/2-networking-swp/variables-fast.tf @@ -64,4 +64,3 @@ variable "vpc_self_links" { nullable = false default = {} } - diff --git a/fast/addons/2-networking-test/schemas/instance.schema.json b/fast/addons/2-networking-test/schemas/instance.schema.json index f0a5f9fe1..121781148 100644 --- a/fast/addons/2-networking-test/schemas/instance.schema.json +++ b/fast/addons/2-networking-test/schemas/instance.schema.json @@ -61,4 +61,4 @@ ] } } -} \ No newline at end of file +} diff --git a/fast/addons/2-networking-test/schemas/instance.schema.md b/fast/addons/2-networking-test/schemas/instance.schema.md index 571d19ed8..c90cf9351 100644 --- a/fast/addons/2-networking-test/schemas/instance.schema.md +++ b/fast/addons/2-networking-test/schemas/instance.schema.md @@ -23,5 +23,3 @@ - items: *string* ## Definitions - - diff --git a/fast/addons/2-networking-test/schemas/service-account.schema.json b/fast/addons/2-networking-test/schemas/service-account.schema.json index d2eaea417..79677b1f9 100644 --- a/fast/addons/2-networking-test/schemas/service-account.schema.json +++ b/fast/addons/2-networking-test/schemas/service-account.schema.json @@ -29,4 +29,4 @@ } } } -} \ No newline at end of file +} diff --git a/fast/addons/2-networking-test/schemas/service-account.schema.md b/fast/addons/2-networking-test/schemas/service-account.schema.md index 56bc05b55..d6448905b 100644 --- a/fast/addons/2-networking-test/schemas/service-account.schema.md +++ b/fast/addons/2-networking-test/schemas/service-account.schema.md @@ -15,5 +15,3 @@ - items: *string* ## Definitions - - diff --git a/fast/extras/0-cicd-github/cicd-versions.tf b/fast/extras/0-cicd-github/cicd-versions.tf index 830f1e48a..5261ae6b2 100644 --- a/fast/extras/0-cicd-github/cicd-versions.tf +++ b/fast/extras/0-cicd-github/cicd-versions.tf @@ -25,5 +25,3 @@ terraform { } } } - - diff --git a/fast/extras/0-cicd-gitlab/terraform.tfvars.sample b/fast/extras/0-cicd-gitlab/terraform.tfvars.sample index 367aa75ea..91f4875d7 100644 --- a/fast/extras/0-cicd-gitlab/terraform.tfvars.sample +++ b/fast/extras/0-cicd-gitlab/terraform.tfvars.sample @@ -33,4 +33,4 @@ groups = { path = "gcp-org-admins" description = "GCP Organization administrators" } -} \ No newline at end of file +} diff --git a/fast/project-templates/devops-azure-wif/self-hosted-agents/cloud-config.yaml b/fast/project-templates/devops-azure-wif/self-hosted-agents/cloud-config.yaml index 49eae1720..130d7f49d 100644 --- a/fast/project-templates/devops-azure-wif/self-hosted-agents/cloud-config.yaml +++ b/fast/project-templates/devops-azure-wif/self-hosted-agents/cloud-config.yaml @@ -90,4 +90,4 @@ runcmd: # - iptables -I INPUT 1 -p tcp -m tcp --dport 8080 -m state --state NEW,ESTABLISHED -j ACCEPT - systemctl daemon-reload - systemctl start azp-token - - systemctl start azp-agent \ No newline at end of file + - systemctl start azp-agent diff --git a/fast/project-templates/managed-kafka/main.tf b/fast/project-templates/managed-kafka/main.tf index 74d6555e0..a65f7712e 100644 --- a/fast/project-templates/managed-kafka/main.tf +++ b/fast/project-templates/managed-kafka/main.tf @@ -85,4 +85,4 @@ resource "google_managed_kafka_topic" "topics" { partition_count = each.value.partition_count replication_factor = each.value.replication_factor configs = each.value.configs -} \ No newline at end of file +} diff --git a/fast/project-templates/managed-kafka/outputs.tf b/fast/project-templates/managed-kafka/outputs.tf index dfde27c46..3fe11f0f2 100644 --- a/fast/project-templates/managed-kafka/outputs.tf +++ b/fast/project-templates/managed-kafka/outputs.tf @@ -31,4 +31,4 @@ output "kafka_labels" { output "project_number" { value = data.google_project.service_project.number -} \ No newline at end of file +} diff --git a/fast/project-templates/managed-kafka/variables.tf b/fast/project-templates/managed-kafka/variables.tf index 560f8db87..1a7e5794f 100644 --- a/fast/project-templates/managed-kafka/variables.tf +++ b/fast/project-templates/managed-kafka/variables.tf @@ -57,4 +57,4 @@ variable "topics" { })) description = "The list of topics to create in the Kafka cluster." default = [] -} \ No newline at end of file +} diff --git a/fast/project-templates/secops-anonymization-pipeline/source/requirements.txt b/fast/project-templates/secops-anonymization-pipeline/source/requirements.txt index ec151de86..5c5eee4ff 100644 --- a/fast/project-templates/secops-anonymization-pipeline/source/requirements.txt +++ b/fast/project-templates/secops-anonymization-pipeline/source/requirements.txt @@ -23,4 +23,4 @@ google-cloud-storage click==8.1.3 google-cloud-dlp google-cloud-logging -secops \ No newline at end of file +secops diff --git a/fast/stages/0-org-setup/.fast-stage.env b/fast/stages/0-org-setup/.fast-stage.env index a90ccf7f6..99bbed9ab 100644 --- a/fast/stages/0-org-setup/.fast-stage.env +++ b/fast/stages/0-org-setup/.fast-stage.env @@ -2,4 +2,4 @@ FAST_STAGE_DESCRIPTION="FAST Organization Setup" FAST_STAGE_LEVEL=0 FAST_STAGE_NAME=org-setup # FAST_STAGE_DEPS="0-globals 0-org-setup" -# FAST_STAGE_OPTIONAL="" \ No newline at end of file +# FAST_STAGE_OPTIONAL="" diff --git a/fast/stages/0-org-setup/datasets/hardened/README.md b/fast/stages/0-org-setup/datasets/hardened/README.md index 15b975e28..94efa7818 100644 --- a/fast/stages/0-org-setup/datasets/hardened/README.md +++ b/fast/stages/0-org-setup/datasets/hardened/README.md @@ -338,7 +338,7 @@ As per October 2025, a bug exits providing misleading error message `Error 409: ``` │ Error: Error creating Policy: googleapi: Error 409: Requested entity already exists -│ +│ │ with module.organization-iam[0].google_org_policy_policy.default["custom.gkeRequireVPCNativeCluster"], │ on ../../../modules/organization/organization-policies.tf line 105, in resource "google_org_policy_policy" "default": │ 105: resource "google_org_policy_policy" "default" { @@ -398,7 +398,7 @@ If you get this kind of error, it means that Security Command Center Premium or ```bash Error: Error creating OrganizationSecurityHealthAnalyticsCustomModule: googleapi: Error 404: Parent resource "organizations/1234567890/locations/global" not found. -│ +│ │ with module.organization[0].google_scc_management_organization_security_health_analytics_custom_module.scc_organization_custom_module["cloudfunctionsV1RequireIngressInternalAndLoadBalancer"], │ on ../../../modules/organization/scc-sha-custom-modules.tf line 49, in resource "google_scc_management_organization_security_health_analytics_custom_module" "scc_organization_custom_module": │ 49: resource "google_scc_management_organization_security_health_analytics_custom_module" "scc_organization_custom_module" { diff --git a/fast/stages/0-org-setup/datasets/hardened/organization/custom-roles/folder_viewer.yaml b/fast/stages/0-org-setup/datasets/hardened/organization/custom-roles/folder_viewer.yaml index 42c477103..ab6bce2d4 100644 --- a/fast/stages/0-org-setup/datasets/hardened/organization/custom-roles/folder_viewer.yaml +++ b/fast/stages/0-org-setup/datasets/hardened/organization/custom-roles/folder_viewer.yaml @@ -21,4 +21,3 @@ includedPermissions: - resourcemanager.folders.getIamPolicy - resourcemanager.folders.list - resourcemanager.folders.searchPolicyBindings - diff --git a/fast/stages/0-org-setup/datasets/hardened/organization/custom-roles/service_account_viewer.yaml b/fast/stages/0-org-setup/datasets/hardened/organization/custom-roles/service_account_viewer.yaml index 442abc9de..a2ebefe09 100644 --- a/fast/stages/0-org-setup/datasets/hardened/organization/custom-roles/service_account_viewer.yaml +++ b/fast/stages/0-org-setup/datasets/hardened/organization/custom-roles/service_account_viewer.yaml @@ -20,4 +20,3 @@ includedPermissions: - iam.serviceAccounts.get - iam.serviceAccounts.getIamPolicy - iam.serviceAccounts.list - diff --git a/fast/stages/0-org-setup/datasets/hardened/organization/org-policies/gcp.yaml b/fast/stages/0-org-setup/datasets/hardened/organization/org-policies/gcp.yaml index dd4c16a99..c3e6f6626 100644 --- a/fast/stages/0-org-setup/datasets/hardened/organization/org-policies/gcp.yaml +++ b/fast/stages/0-org-setup/datasets/hardened/organization/org-policies/gcp.yaml @@ -26,4 +26,3 @@ # - "in:eu-locations" # - "in:europe-west1-locations" # - "in:europe-west4-locations" - diff --git a/fast/stages/0-org-setup/fast_version.txt b/fast/stages/0-org-setup/fast_version.txt index 96358fc78..ab89bb9eb 100644 --- a/fast/stages/0-org-setup/fast_version.txt +++ b/fast/stages/0-org-setup/fast_version.txt @@ -12,4 +12,4 @@ # See the License for the specific language governing permissions and # limitations under the License. -# FAST release: v55.0.0 \ No newline at end of file +# FAST release: v55.0.0 diff --git a/fast/stages/0-org-setup/main.tf b/fast/stages/0-org-setup/main.tf index 8c9b6cdf9..7e990832e 100644 --- a/fast/stages/0-org-setup/main.tf +++ b/fast/stages/0-org-setup/main.tf @@ -104,4 +104,3 @@ resource "terraform_data" "precondition" { } } } - diff --git a/fast/stages/0-org-setup/observability.tf b/fast/stages/0-org-setup/observability.tf index 3d2fca0ff..d98e99d7c 100644 --- a/fast/stages/0-org-setup/observability.tf +++ b/fast/stages/0-org-setup/observability.tf @@ -61,5 +61,3 @@ module "projects-observability" { observability = local.paths.observability } } - - diff --git a/fast/stages/0-org-setup/outputs.tf b/fast/stages/0-org-setup/outputs.tf index aa64ecf77..2d1d2671a 100644 --- a/fast/stages/0-org-setup/outputs.tf +++ b/fast/stages/0-org-setup/outputs.tf @@ -50,4 +50,3 @@ output "vpc_self_links" { for k, v in module.vpcs.vpcs : k => v.id } } - diff --git a/fast/stages/0-org-setup/schemas/billing-account.schema.json b/fast/stages/0-org-setup/schemas/billing-account.schema.json index 94ea15502..05ef5317e 100644 --- a/fast/stages/0-org-setup/schemas/billing-account.schema.json +++ b/fast/stages/0-org-setup/schemas/billing-account.schema.json @@ -203,4 +203,4 @@ } } } -} \ No newline at end of file +} diff --git a/fast/stages/0-org-setup/schemas/billing-account.schema.md b/fast/stages/0-org-setup/schemas/billing-account.schema.md index 2f0e6be80..90c1166ca 100644 --- a/fast/stages/0-org-setup/schemas/billing-account.schema.md +++ b/fast/stages/0-org-setup/schemas/billing-account.schema.md @@ -64,5 +64,3 @@ - **filter**: *string* ## Definitions - - diff --git a/fast/stages/0-org-setup/schemas/budget.schema.json b/fast/stages/0-org-setup/schemas/budget.schema.json index af145dcc1..87f66f405 100644 --- a/fast/stages/0-org-setup/schemas/budget.schema.json +++ b/fast/stages/0-org-setup/schemas/budget.schema.json @@ -176,4 +176,4 @@ } } } -} \ No newline at end of file +} diff --git a/fast/stages/0-org-setup/schemas/cicd-workflows.schema.json b/fast/stages/0-org-setup/schemas/cicd-workflows.schema.json index f8f4fdd4c..a8c9974a6 100644 --- a/fast/stages/0-org-setup/schemas/cicd-workflows.schema.json +++ b/fast/stages/0-org-setup/schemas/cicd-workflows.schema.json @@ -135,4 +135,4 @@ } } } -} \ No newline at end of file +} diff --git a/fast/stages/0-org-setup/schemas/cicd-workflows.schema.md b/fast/stages/0-org-setup/schemas/cicd-workflows.schema.md index 2b8d78fd2..6781d3192 100644 --- a/fast/stages/0-org-setup/schemas/cicd-workflows.schema.md +++ b/fast/stages/0-org-setup/schemas/cicd-workflows.schema.md @@ -32,5 +32,3 @@ - ⁺**iam_principalsets**: *object* ## Definitions - - diff --git a/fast/stages/0-org-setup/schemas/custom-constraint.schema.json b/fast/stages/0-org-setup/schemas/custom-constraint.schema.json index 3be08e39c..300ae4f67 100644 --- a/fast/stages/0-org-setup/schemas/custom-constraint.schema.json +++ b/fast/stages/0-org-setup/schemas/custom-constraint.schema.json @@ -39,4 +39,4 @@ } } } -} \ No newline at end of file +} diff --git a/fast/stages/0-org-setup/schemas/custom-constraint.schema.md b/fast/stages/0-org-setup/schemas/custom-constraint.schema.md index d119ed55d..12ad1f15b 100644 --- a/fast/stages/0-org-setup/schemas/custom-constraint.schema.md +++ b/fast/stages/0-org-setup/schemas/custom-constraint.schema.md @@ -18,5 +18,3 @@ - items: *string* ## Definitions - - diff --git a/fast/stages/0-org-setup/schemas/custom-role.schema.json b/fast/stages/0-org-setup/schemas/custom-role.schema.json index d7526482c..bbfedef7f 100644 --- a/fast/stages/0-org-setup/schemas/custom-role.schema.json +++ b/fast/stages/0-org-setup/schemas/custom-role.schema.json @@ -15,4 +15,4 @@ } } } -} \ No newline at end of file +} diff --git a/fast/stages/0-org-setup/schemas/custom-role.schema.md b/fast/stages/0-org-setup/schemas/custom-role.schema.md index eda065897..8453f5a12 100644 --- a/fast/stages/0-org-setup/schemas/custom-role.schema.md +++ b/fast/stages/0-org-setup/schemas/custom-role.schema.md @@ -12,5 +12,3 @@
*pattern: ^[a-zA-Z-]+\.[a-zA-Z-]+\.[a-zA-Z-]+$* ## Definitions - - diff --git a/fast/stages/0-org-setup/schemas/defaults.schema.json b/fast/stages/0-org-setup/schemas/defaults.schema.json index ba9012e2f..28aed98f1 100644 --- a/fast/stages/0-org-setup/schemas/defaults.schema.json +++ b/fast/stages/0-org-setup/schemas/defaults.schema.json @@ -924,4 +924,4 @@ } } } -} \ No newline at end of file +} diff --git a/fast/stages/0-org-setup/schemas/firewall-rules.schema.json b/fast/stages/0-org-setup/schemas/firewall-rules.schema.json index 029bf85a6..fd669a89f 100644 --- a/fast/stages/0-org-setup/schemas/firewall-rules.schema.json +++ b/fast/stages/0-org-setup/schemas/firewall-rules.schema.json @@ -101,4 +101,4 @@ } } } -} \ No newline at end of file +} diff --git a/fast/stages/0-org-setup/schemas/folder.schema.json b/fast/stages/0-org-setup/schemas/folder.schema.json index 6cb60bab0..a9832d9a6 100644 --- a/fast/stages/0-org-setup/schemas/folder.schema.json +++ b/fast/stages/0-org-setup/schemas/folder.schema.json @@ -973,4 +973,4 @@ ] } } -} \ No newline at end of file +} diff --git a/fast/stages/0-org-setup/schemas/observability.schema.json b/fast/stages/0-org-setup/schemas/observability.schema.json index b33bb72b3..1bd8ff405 100644 --- a/fast/stages/0-org-setup/schemas/observability.schema.json +++ b/fast/stages/0-org-setup/schemas/observability.schema.json @@ -514,4 +514,4 @@ } } } -} \ No newline at end of file +} diff --git a/fast/stages/0-org-setup/schemas/organization.schema.json b/fast/stages/0-org-setup/schemas/organization.schema.json index 23772c8bb..b8fb356d5 100644 --- a/fast/stages/0-org-setup/schemas/organization.schema.json +++ b/fast/stages/0-org-setup/schemas/organization.schema.json @@ -845,4 +845,4 @@ "additionalProperties": false } } -} \ No newline at end of file +} diff --git a/fast/stages/0-org-setup/schemas/project.schema.json b/fast/stages/0-org-setup/schemas/project.schema.json index b1011b25f..89b0aeaba 100644 --- a/fast/stages/0-org-setup/schemas/project.schema.json +++ b/fast/stages/0-org-setup/schemas/project.schema.json @@ -1866,4 +1866,4 @@ } } } -} \ No newline at end of file +} diff --git a/fast/stages/0-org-setup/schemas/scc-sha-custom-modules.schema.json b/fast/stages/0-org-setup/schemas/scc-sha-custom-modules.schema.json index f70f354e5..03d87aa52 100644 --- a/fast/stages/0-org-setup/schemas/scc-sha-custom-modules.schema.json +++ b/fast/stages/0-org-setup/schemas/scc-sha-custom-modules.schema.json @@ -48,4 +48,4 @@ } } } -} \ No newline at end of file +} diff --git a/fast/stages/0-org-setup/schemas/scc-sha-custom-modules.schema.md b/fast/stages/0-org-setup/schemas/scc-sha-custom-modules.schema.md index 685da6bed..110439d49 100644 --- a/fast/stages/0-org-setup/schemas/scc-sha-custom-modules.schema.md +++ b/fast/stages/0-org-setup/schemas/scc-sha-custom-modules.schema.md @@ -15,5 +15,3 @@ - ⁺**severity**: *string* ## Definitions - - diff --git a/fast/stages/0-org-setup/schemas/tags.schema.json b/fast/stages/0-org-setup/schemas/tags.schema.json index 682ea7fe8..64e2827b0 100644 --- a/fast/stages/0-org-setup/schemas/tags.schema.json +++ b/fast/stages/0-org-setup/schemas/tags.schema.json @@ -152,4 +152,4 @@ } } } -} \ No newline at end of file +} diff --git a/fast/stages/0-org-setup/schemas/vpc-factory.schema.json b/fast/stages/0-org-setup/schemas/vpc-factory.schema.json index 6ba88bff1..4972b17a7 100644 --- a/fast/stages/0-org-setup/schemas/vpc-factory.schema.json +++ b/fast/stages/0-org-setup/schemas/vpc-factory.schema.json @@ -295,4 +295,4 @@ } } } -} \ No newline at end of file +} diff --git a/fast/stages/1-vpcsc/.fast-stage.env b/fast/stages/1-vpcsc/.fast-stage.env index e781ed432..e511fb441 100644 --- a/fast/stages/1-vpcsc/.fast-stage.env +++ b/fast/stages/1-vpcsc/.fast-stage.env @@ -2,4 +2,4 @@ FAST_STAGE_DESCRIPTION="vpc service controls" FAST_STAGE_LEVEL=1 FAST_STAGE_NAME=vpcsc FAST_STAGE_DEPS="0-globals 0-org-setup" -# FAST_STAGE_OPTIONAL="" \ No newline at end of file +# FAST_STAGE_OPTIONAL="" diff --git a/fast/stages/1-vpcsc/fast_version.txt b/fast/stages/1-vpcsc/fast_version.txt index 96358fc78..ab89bb9eb 100644 --- a/fast/stages/1-vpcsc/fast_version.txt +++ b/fast/stages/1-vpcsc/fast_version.txt @@ -12,4 +12,4 @@ # See the License for the specific language governing permissions and # limitations under the License. -# FAST release: v55.0.0 \ No newline at end of file +# FAST release: v55.0.0 diff --git a/fast/stages/1-vpcsc/schemas/access-level.schema.md b/fast/stages/1-vpcsc/schemas/access-level.schema.md index 0447fe6f8..806095c3d 100644 --- a/fast/stages/1-vpcsc/schemas/access-level.schema.md +++ b/fast/stages/1-vpcsc/schemas/access-level.schema.md @@ -40,5 +40,3 @@ - items: *string* ## Definitions - - diff --git a/fast/stages/1-vpcsc/schemas/defaults.schema.json b/fast/stages/1-vpcsc/schemas/defaults.schema.json index e088c48e9..3b21f4895 100644 --- a/fast/stages/1-vpcsc/schemas/defaults.schema.json +++ b/fast/stages/1-vpcsc/schemas/defaults.schema.json @@ -182,4 +182,4 @@ } } } -} \ No newline at end of file +} diff --git a/fast/stages/1-vpcsc/schemas/egress-policy.schema.json b/fast/stages/1-vpcsc/schemas/egress-policy.schema.json index 56a6f250c..2eb7b8dd6 100644 --- a/fast/stages/1-vpcsc/schemas/egress-policy.schema.json +++ b/fast/stages/1-vpcsc/schemas/egress-policy.schema.json @@ -97,4 +97,4 @@ } } } -} \ No newline at end of file +} diff --git a/fast/stages/1-vpcsc/schemas/egress-policy.schema.md b/fast/stages/1-vpcsc/schemas/egress-policy.schema.md index e4f1d5473..8225df3f5 100644 --- a/fast/stages/1-vpcsc/schemas/egress-policy.schema.md +++ b/fast/stages/1-vpcsc/schemas/egress-policy.schema.md @@ -35,5 +35,3 @@ - items: *string* ## Definitions - - diff --git a/fast/stages/1-vpcsc/schemas/ingress-policy.schema.json b/fast/stages/1-vpcsc/schemas/ingress-policy.schema.json index 952a24f5f..ea10333ff 100644 --- a/fast/stages/1-vpcsc/schemas/ingress-policy.schema.json +++ b/fast/stages/1-vpcsc/schemas/ingress-policy.schema.json @@ -90,4 +90,4 @@ } } } -} \ No newline at end of file +} diff --git a/fast/stages/1-vpcsc/schemas/ingress-policy.schema.md b/fast/stages/1-vpcsc/schemas/ingress-policy.schema.md index e34fec911..d7505ee77 100644 --- a/fast/stages/1-vpcsc/schemas/ingress-policy.schema.md +++ b/fast/stages/1-vpcsc/schemas/ingress-policy.schema.md @@ -31,5 +31,3 @@ - items: *string* ## Definitions - - diff --git a/fast/stages/1-vpcsc/schemas/perimeter.schema.json b/fast/stages/1-vpcsc/schemas/perimeter.schema.json index f3dae8384..6b9769c90 100644 --- a/fast/stages/1-vpcsc/schemas/perimeter.schema.json +++ b/fast/stages/1-vpcsc/schemas/perimeter.schema.json @@ -117,4 +117,4 @@ ] } } -} \ No newline at end of file +} diff --git a/fast/stages/1-vpcsc/wif-login-config.json b/fast/stages/1-vpcsc/wif-login-config.json index 822e3c002..5142fa3c6 100644 --- a/fast/stages/1-vpcsc/wif-login-config.json +++ b/fast/stages/1-vpcsc/wif-login-config.json @@ -6,4 +6,4 @@ "auth_url": "https://auth.cloud.berlin-build0.goog/authorize", "token_url": "https://sts.apis-berlin-build0.goog/v1/oauthtoken", "token_info_url": "https://sts.apis-berlin-build0.goog/v1/introspect" -} \ No newline at end of file +} diff --git a/fast/stages/2-networking/.fast-stage.env b/fast/stages/2-networking/.fast-stage.env index 00e36f3fd..75f09d0f2 100644 --- a/fast/stages/2-networking/.fast-stage.env +++ b/fast/stages/2-networking/.fast-stage.env @@ -2,4 +2,4 @@ FAST_STAGE_DESCRIPTION="networking" FAST_STAGE_LEVEL=2 FAST_STAGE_NAME=networking FAST_STAGE_DEPS="0-globals 0-org-setup" -FAST_STAGE_OPTIONAL="1-vpcsc 2-networking-ngfw" \ No newline at end of file +FAST_STAGE_OPTIONAL="1-vpcsc 2-networking-ngfw" diff --git a/fast/stages/2-networking/factory-vlan-attachments.tf b/fast/stages/2-networking/factory-vlan-attachments.tf index 34b0ec828..d29198a94 100644 --- a/fast/stages/2-networking/factory-vlan-attachments.tf +++ b/fast/stages/2-networking/factory-vlan-attachments.tf @@ -46,8 +46,8 @@ locals { ]...), {} ) - # Read and decode the discovered YAML files. This step also injects VPC-level - # inferred attributes into each configuration, such as the `project_id` and + # Read and decode the discovered YAML files. This step also injects VPC-level + # inferred attributes into each configuration, such as the `project_id` and # `network`, ensuring each attachment is correctly associated with its parent VPC. _vlan_attachments_preprocess = { for k, v in local._vlan_attachments_files : k => merge( diff --git a/fast/stages/2-networking/fast_version.txt b/fast/stages/2-networking/fast_version.txt index 96358fc78..ab89bb9eb 100644 --- a/fast/stages/2-networking/fast_version.txt +++ b/fast/stages/2-networking/fast_version.txt @@ -12,4 +12,4 @@ # See the License for the specific language governing permissions and # limitations under the License. -# FAST release: v55.0.0 \ No newline at end of file +# FAST release: v55.0.0 diff --git a/fast/stages/2-networking/schemas/defaults.schema.json b/fast/stages/2-networking/schemas/defaults.schema.json index 7d91715df..d0a094eb4 100644 --- a/fast/stages/2-networking/schemas/defaults.schema.json +++ b/fast/stages/2-networking/schemas/defaults.schema.json @@ -843,4 +843,4 @@ } } } -} \ No newline at end of file +} diff --git a/fast/stages/2-networking/schemas/dns-response-policy-rules.schema.json b/fast/stages/2-networking/schemas/dns-response-policy-rules.schema.json index eba25f3c6..a892d1a2d 100644 --- a/fast/stages/2-networking/schemas/dns-response-policy-rules.schema.json +++ b/fast/stages/2-networking/schemas/dns-response-policy-rules.schema.json @@ -53,4 +53,4 @@ } } } -} \ No newline at end of file +} diff --git a/fast/stages/2-networking/schemas/dns-response-policy-rules.schema.md b/fast/stages/2-networking/schemas/dns-response-policy-rules.schema.md index c55be3b0b..4e9b05168 100644 --- a/fast/stages/2-networking/schemas/dns-response-policy-rules.schema.md +++ b/fast/stages/2-networking/schemas/dns-response-policy-rules.schema.md @@ -24,5 +24,3 @@ - items: *string* ## Definitions - - diff --git a/fast/stages/2-networking/schemas/dns.schema.json b/fast/stages/2-networking/schemas/dns.schema.json index 05485fd0f..5692e21eb 100644 --- a/fast/stages/2-networking/schemas/dns.schema.json +++ b/fast/stages/2-networking/schemas/dns.schema.json @@ -266,4 +266,4 @@ } } } -} \ No newline at end of file +} diff --git a/fast/stages/2-networking/schemas/firewall-policy.schema.json b/fast/stages/2-networking/schemas/firewall-policy.schema.json index f9f06634a..6ee272628 100644 --- a/fast/stages/2-networking/schemas/firewall-policy.schema.json +++ b/fast/stages/2-networking/schemas/firewall-policy.schema.json @@ -160,4 +160,4 @@ } } } -} \ No newline at end of file +} diff --git a/fast/stages/2-networking/schemas/firewall-rules.schema.json b/fast/stages/2-networking/schemas/firewall-rules.schema.json index 029bf85a6..fd669a89f 100644 --- a/fast/stages/2-networking/schemas/firewall-rules.schema.json +++ b/fast/stages/2-networking/schemas/firewall-rules.schema.json @@ -101,4 +101,4 @@ } } } -} \ No newline at end of file +} diff --git a/fast/stages/2-networking/schemas/folder.schema.json b/fast/stages/2-networking/schemas/folder.schema.json index 6cb60bab0..a9832d9a6 100644 --- a/fast/stages/2-networking/schemas/folder.schema.json +++ b/fast/stages/2-networking/schemas/folder.schema.json @@ -973,4 +973,4 @@ ] } } -} \ No newline at end of file +} diff --git a/fast/stages/2-networking/schemas/ncc-hub.schema.json b/fast/stages/2-networking/schemas/ncc-hub.schema.json index d3626857b..0eb85ad86 100644 --- a/fast/stages/2-networking/schemas/ncc-hub.schema.json +++ b/fast/stages/2-networking/schemas/ncc-hub.schema.json @@ -66,4 +66,4 @@ } } } -} \ No newline at end of file +} diff --git a/fast/stages/2-networking/schemas/nva.schema.json b/fast/stages/2-networking/schemas/nva.schema.json index 354d5172e..363adf2fa 100644 --- a/fast/stages/2-networking/schemas/nva.schema.json +++ b/fast/stages/2-networking/schemas/nva.schema.json @@ -123,4 +123,4 @@ ] } } -} \ No newline at end of file +} diff --git a/fast/stages/2-networking/schemas/project.schema.json b/fast/stages/2-networking/schemas/project.schema.json index b1011b25f..89b0aeaba 100644 --- a/fast/stages/2-networking/schemas/project.schema.json +++ b/fast/stages/2-networking/schemas/project.schema.json @@ -1866,4 +1866,4 @@ } } } -} \ No newline at end of file +} diff --git a/fast/stages/2-networking/schemas/vpc.schema.json b/fast/stages/2-networking/schemas/vpc.schema.json index 8faa23604..311ededb9 100644 --- a/fast/stages/2-networking/schemas/vpc.schema.json +++ b/fast/stages/2-networking/schemas/vpc.schema.json @@ -509,4 +509,4 @@ } } } -} \ No newline at end of file +} diff --git a/fast/stages/2-networking/variables.tf b/fast/stages/2-networking/variables.tf index e79db9773..289fdd1f5 100644 --- a/fast/stages/2-networking/variables.tf +++ b/fast/stages/2-networking/variables.tf @@ -53,4 +53,3 @@ variable "factories_config" { nullable = false default = {} } - diff --git a/fast/stages/2-project-factory/.fast-stage.env b/fast/stages/2-project-factory/.fast-stage.env index 38ac20299..939f6e621 100644 --- a/fast/stages/2-project-factory/.fast-stage.env +++ b/fast/stages/2-project-factory/.fast-stage.env @@ -2,4 +2,4 @@ FAST_STAGE_DESCRIPTION="project factory (org level)" FAST_STAGE_LEVEL=2 FAST_STAGE_NAME=project-factory FAST_STAGE_DEPS="0-globals 0-org-setup" -FAST_STAGE_OPTIONAL="1-vpcsc 2-networking 2-security" \ No newline at end of file +FAST_STAGE_OPTIONAL="1-vpcsc 2-networking 2-security" diff --git a/fast/stages/2-project-factory/fast_version.txt b/fast/stages/2-project-factory/fast_version.txt index 96358fc78..ab89bb9eb 100644 --- a/fast/stages/2-project-factory/fast_version.txt +++ b/fast/stages/2-project-factory/fast_version.txt @@ -12,4 +12,4 @@ # See the License for the specific language governing permissions and # limitations under the License. -# FAST release: v55.0.0 \ No newline at end of file +# FAST release: v55.0.0 diff --git a/fast/stages/2-project-factory/output-files-storage.tf b/fast/stages/2-project-factory/output-files-storage.tf index 3c8792cee..eb5aea18b 100644 --- a/fast/stages/2-project-factory/output-files-storage.tf +++ b/fast/stages/2-project-factory/output-files-storage.tf @@ -44,4 +44,4 @@ module "output-pattern-folders" { ) } } -} \ No newline at end of file +} diff --git a/fast/stages/2-project-factory/schemas/budget.schema.json b/fast/stages/2-project-factory/schemas/budget.schema.json index af145dcc1..87f66f405 100644 --- a/fast/stages/2-project-factory/schemas/budget.schema.json +++ b/fast/stages/2-project-factory/schemas/budget.schema.json @@ -176,4 +176,4 @@ } } } -} \ No newline at end of file +} diff --git a/fast/stages/2-project-factory/schemas/defaults.schema.json b/fast/stages/2-project-factory/schemas/defaults.schema.json index ed83748f5..8f2ac19ba 100644 --- a/fast/stages/2-project-factory/schemas/defaults.schema.json +++ b/fast/stages/2-project-factory/schemas/defaults.schema.json @@ -744,4 +744,4 @@ } } } -} \ No newline at end of file +} diff --git a/fast/stages/2-project-factory/schemas/folder.schema.json b/fast/stages/2-project-factory/schemas/folder.schema.json index 6cb60bab0..a9832d9a6 100644 --- a/fast/stages/2-project-factory/schemas/folder.schema.json +++ b/fast/stages/2-project-factory/schemas/folder.schema.json @@ -973,4 +973,4 @@ ] } } -} \ No newline at end of file +} diff --git a/fast/stages/2-project-factory/schemas/project.schema.json b/fast/stages/2-project-factory/schemas/project.schema.json index b1011b25f..89b0aeaba 100644 --- a/fast/stages/2-project-factory/schemas/project.schema.json +++ b/fast/stages/2-project-factory/schemas/project.schema.json @@ -1866,4 +1866,4 @@ } } } -} \ No newline at end of file +} diff --git a/fast/stages/2-security/datasets/classic/keyrings/dev-primary-default.yaml b/fast/stages/2-security/datasets/classic/keyrings/dev-primary-default.yaml index 7ca7761d2..720f87121 100644 --- a/fast/stages/2-security/datasets/classic/keyrings/dev-primary-default.yaml +++ b/fast/stages/2-security/datasets/classic/keyrings/dev-primary-default.yaml @@ -27,4 +27,3 @@ keys: rotation_period: 7776000s gke: rotation_period: 7776000s - diff --git a/fast/stages/2-security/factory-keyrings.tf b/fast/stages/2-security/factory-keyrings.tf index 872f55064..7ab3e36a7 100644 --- a/fast/stages/2-security/factory-keyrings.tf +++ b/fast/stages/2-security/factory-keyrings.tf @@ -75,4 +75,3 @@ module "kms" { }) depends_on = [module.factory] } - diff --git a/fast/stages/2-security/fast_version.txt b/fast/stages/2-security/fast_version.txt index 96358fc78..ab89bb9eb 100644 --- a/fast/stages/2-security/fast_version.txt +++ b/fast/stages/2-security/fast_version.txt @@ -12,4 +12,4 @@ # See the License for the specific language governing permissions and # limitations under the License. -# FAST release: v55.0.0 \ No newline at end of file +# FAST release: v55.0.0 diff --git a/fast/stages/2-security/schemas/certificate-authority.schema.json b/fast/stages/2-security/schemas/certificate-authority.schema.json index 1e0958b9e..97c5c3718 100644 --- a/fast/stages/2-security/schemas/certificate-authority.schema.json +++ b/fast/stages/2-security/schemas/certificate-authority.schema.json @@ -401,4 +401,4 @@ } } } -} \ No newline at end of file +} diff --git a/fast/stages/2-security/schemas/defaults.schema.json b/fast/stages/2-security/schemas/defaults.schema.json index 385e30b8c..c5732c6d4 100644 --- a/fast/stages/2-security/schemas/defaults.schema.json +++ b/fast/stages/2-security/schemas/defaults.schema.json @@ -634,4 +634,4 @@ } } } -} \ No newline at end of file +} diff --git a/fast/stages/2-security/schemas/folder.schema.json b/fast/stages/2-security/schemas/folder.schema.json index 6cb60bab0..a9832d9a6 100644 --- a/fast/stages/2-security/schemas/folder.schema.json +++ b/fast/stages/2-security/schemas/folder.schema.json @@ -973,4 +973,4 @@ ] } } -} \ No newline at end of file +} diff --git a/fast/stages/2-security/schemas/keyring.schema.json b/fast/stages/2-security/schemas/keyring.schema.json index 450f6adc1..02cab1c45 100644 --- a/fast/stages/2-security/schemas/keyring.schema.json +++ b/fast/stages/2-security/schemas/keyring.schema.json @@ -192,4 +192,4 @@ } } } -} \ No newline at end of file +} diff --git a/fast/stages/2-security/schemas/project.schema.json b/fast/stages/2-security/schemas/project.schema.json index b1011b25f..89b0aeaba 100644 --- a/fast/stages/2-security/schemas/project.schema.json +++ b/fast/stages/2-security/schemas/project.schema.json @@ -1866,4 +1866,4 @@ } } } -} \ No newline at end of file +} diff --git a/fast/stages/3-secops-dev/data/reference_lists/private_ip_addresses.txt b/fast/stages/3-secops-dev/data/reference_lists/private_ip_addresses.txt index 8c87e6c4b..abe72f8a0 100644 --- a/fast/stages/3-secops-dev/data/reference_lists/private_ip_addresses.txt +++ b/fast/stages/3-secops-dev/data/reference_lists/private_ip_addresses.txt @@ -4,4 +4,4 @@ 127.0.0.1/32 ::1/128 fc00::/7 -fe80::/10 \ No newline at end of file +fe80::/10 diff --git a/fast/stages/3-secops-dev/fast_version.txt b/fast/stages/3-secops-dev/fast_version.txt index 96358fc78..ab89bb9eb 100644 --- a/fast/stages/3-secops-dev/fast_version.txt +++ b/fast/stages/3-secops-dev/fast_version.txt @@ -12,4 +12,4 @@ # See the License for the specific language governing permissions and # limitations under the License. -# FAST release: v55.0.0 \ No newline at end of file +# FAST release: v55.0.0 diff --git a/fast/stages/CLEANUP.md b/fast/stages/CLEANUP.md index 8e0f06604..c06cccc9b 100644 --- a/fast/stages/CLEANUP.md +++ b/fast/stages/CLEANUP.md @@ -58,7 +58,7 @@ for x in $(terraform state list | grep google_logging_project_bucket_config); do terraform state rm "$x"; done -# remove custom constraint to avoid future issue during reprovisionnning. +# remove custom constraint to avoid future issue during reprovisionnning. # comment this part if permanent removed is needed for x in $(terraform state list | grep google_org_policy_custom_constraint); do terraform state rm "$x"; diff --git a/fast/stages/UPGRADING.md b/fast/stages/UPGRADING.md index 223a4569c..ada2aa2a9 100644 --- a/fast/stages/UPGRADING.md +++ b/fast/stages/UPGRADING.md @@ -12,7 +12,7 @@ As usual, consider this a guideline with no guarantees. Migrations between FAST > v44.0.0 and v45.0.0 deprecated several legacy stages, refer to those releases or branches for legacy upgrading instructions. Upgrades from legacy to current stages are not directly supported. -> v52.0.0 moves creation of custom constraints to `module.organization-iam` (from `module.organization`) in stage `0-org-setup`. As `moved` block is not possible and supported for this change, manual state migration is required to avoid destroying existing constraints. +> v52.0.0 moves creation of custom constraints to `module.organization-iam` (from `module.organization`) in stage `0-org-setup`. As `moved` block is not possible and supported for this change, manual state migration is required to avoid destroying existing constraints. > This can be done executing this in stage `0-org-setup`: > ```bash > constraints=$(terraform state list | grep 'module.organization\[0\].google_org_policy_custom_constraint.constraint') @@ -25,4 +25,3 @@ As usual, consider this a guideline with no guarantees. Migrations between FAST - diff --git a/fast/stages/fast-links.sh b/fast/stages/fast-links.sh index 991621011..a7f284efd 100755 --- a/fast/stages/fast-links.sh +++ b/fast/stages/fast-links.sh @@ -14,12 +14,12 @@ # limitations under the License. if [ $# -eq 0 ]; then - echo "Error: no folder or GCS bucket specified. Use -h or --help for usage." - exit 1 + echo "Error: no folder or GCS bucket specified. Use -h or --help for usage." + exit 1 fi if [[ "$1" == "-h" || "$1" == "--help" ]]; then - cat < { res.send('Hello World!'); -}); \ No newline at end of file +}); diff --git a/modules/api-gateway/recipe-multi-region/variables.tf b/modules/api-gateway/recipe-multi-region/variables.tf index 9905efe3b..2ce1f0e98 100644 --- a/modules/api-gateway/recipe-multi-region/variables.tf +++ b/modules/api-gateway/recipe-multi-region/variables.tf @@ -32,4 +32,4 @@ variable "project_id" { variable "regions" { description = "List of regions to deploy the proxy in." type = list(string) -} \ No newline at end of file +} diff --git a/modules/apigee/recipe-apigee-swp/bundle/apiproxy/proxies/default.xml b/modules/apigee/recipe-apigee-swp/bundle/apiproxy/proxies/default.xml index 30859c52a..c3d16bd2a 100644 --- a/modules/apigee/recipe-apigee-swp/bundle/apiproxy/proxies/default.xml +++ b/modules/apigee/recipe-apigee-swp/bundle/apiproxy/proxies/default.xml @@ -1,5 +1,5 @@ - test - \ No newline at end of file + diff --git a/modules/apigee/recipe-apigee-swp/templates/deploy-apiproxy.sh.tpl b/modules/apigee/recipe-apigee-swp/templates/deploy-apiproxy.sh.tpl index 576bf69de..1053ecdba 100644 --- a/modules/apigee/recipe-apigee-swp/templates/deploy-apiproxy.sh.tpl +++ b/modules/apigee/recipe-apigee-swp/templates/deploy-apiproxy.sh.tpl @@ -17,4 +17,4 @@ curl -v -X POST \ curl -v \ -H "Authorization: Bearer $TOKEN" \ -"https://apigee.googleapis.com/v1/organizations/$ORGANIZATION/environments/$ENVIRONMENT/apis/test/revisions/1/deployments" \ No newline at end of file +"https://apigee.googleapis.com/v1/organizations/$ORGANIZATION/environments/$ENVIRONMENT/apis/test/revisions/1/deployments" diff --git a/modules/apigee/recipe-apigee-swp/templates/targets/default.xml.tpl b/modules/apigee/recipe-apigee-swp/templates/targets/default.xml.tpl index 44744009e..fa4c1232c 100644 --- a/modules/apigee/recipe-apigee-swp/templates/targets/default.xml.tpl +++ b/modules/apigee/recipe-apigee-swp/templates/targets/default.xml.tpl @@ -12,4 +12,4 @@ http://${ip_address} - \ No newline at end of file + diff --git a/modules/apigee/recipe-apigee-swp/variables.tf b/modules/apigee/recipe-apigee-swp/variables.tf index e8599f039..be4307a0f 100644 --- a/modules/apigee/recipe-apigee-swp/variables.tf +++ b/modules/apigee/recipe-apigee-swp/variables.tf @@ -46,4 +46,4 @@ variable "network_config" { variable "project_id" { description = "Project ID." type = string -} \ No newline at end of file +} diff --git a/modules/backup-dr/main.tf b/modules/backup-dr/main.tf index 4c81a66b5..8190ef319 100644 --- a/modules/backup-dr/main.tf +++ b/modules/backup-dr/main.tf @@ -84,4 +84,4 @@ resource "google_backup_dr_management_server" "management_server" { peering_mode = networks.value.peering_mode } } -} \ No newline at end of file +} diff --git a/modules/backup-dr/outputs.tf b/modules/backup-dr/outputs.tf index d473eca22..23317085b 100644 --- a/modules/backup-dr/outputs.tf +++ b/modules/backup-dr/outputs.tf @@ -31,4 +31,4 @@ output "management_server" { output "management_server_uri" { description = "The Management Server ID created." value = var.management_server_config != null ? one(google_backup_dr_management_server.management_server[*].management_uri) : null -} \ No newline at end of file +} diff --git a/modules/backup-dr/variables.tf b/modules/backup-dr/variables.tf index 3662eb250..df46589bb 100644 --- a/modules/backup-dr/variables.tf +++ b/modules/backup-dr/variables.tf @@ -100,4 +100,4 @@ variable "vault_reuse" { condition = var.name == null || var.vault_reuse == null error_message = "name and vault_reuse can not be used together." } -} \ No newline at end of file +} diff --git a/modules/biglake-catalog/main.tf b/modules/biglake-catalog/main.tf index 055b71056..139ea90e6 100644 --- a/modules/biglake-catalog/main.tf +++ b/modules/biglake-catalog/main.tf @@ -57,4 +57,4 @@ resource "google_biglake_table" "tables" { # Some Example Parameters. parameters = each.value.hive_options.parameters } -} \ No newline at end of file +} diff --git a/modules/biglake-catalog/outputs.tf b/modules/biglake-catalog/outputs.tf index 76d73242d..46259e051 100644 --- a/modules/biglake-catalog/outputs.tf +++ b/modules/biglake-catalog/outputs.tf @@ -43,5 +43,3 @@ output "tables" { description = "Tables." value = google_biglake_table.tables } - - diff --git a/modules/bigquery-connection/main.tf b/modules/bigquery-connection/main.tf index 74474c949..13d0a81e5 100644 --- a/modules/bigquery-connection/main.tf +++ b/modules/bigquery-connection/main.tf @@ -94,4 +94,4 @@ resource "google_bigquery_connection" "connection" { } } } -} \ No newline at end of file +} diff --git a/modules/bigtable-instance/outputs.tf b/modules/bigtable-instance/outputs.tf index 5cfabd6a7..e0cfb4112 100644 --- a/modules/bigtable-instance/outputs.tf +++ b/modules/bigtable-instance/outputs.tf @@ -41,6 +41,3 @@ output "tables" { description = "Table resources." value = google_bigtable_table.default } - - - diff --git a/modules/billing-account/schemas/budget.schema.json b/modules/billing-account/schemas/budget.schema.json index af145dcc1..87f66f405 100644 --- a/modules/billing-account/schemas/budget.schema.json +++ b/modules/billing-account/schemas/budget.schema.json @@ -176,4 +176,4 @@ } } } -} \ No newline at end of file +} diff --git a/modules/certificate-manager/variables.tf b/modules/certificate-manager/variables.tf index 60478ca93..fadc4fac8 100644 --- a/modules/certificate-manager/variables.tf +++ b/modules/certificate-manager/variables.tf @@ -114,4 +114,3 @@ variable "project_id" { description = "Project id." type = string } - diff --git a/modules/cloud-build-v2-connection/iam.tf b/modules/cloud-build-v2-connection/iam.tf index 3fe54903d..9ae9d2252 100644 --- a/modules/cloud-build-v2-connection/iam.tf +++ b/modules/cloud-build-v2-connection/iam.tf @@ -64,4 +64,4 @@ resource "google_cloudbuildv2_connection_iam_member" "bindings" { member = lookup( local.ctx.iam_principals, each.value.member, each.value.member ) -} \ No newline at end of file +} diff --git a/modules/cloud-build-v2-connection/variables-iam.tf b/modules/cloud-build-v2-connection/variables-iam.tf index 433fcf3b7..08d968a33 100644 --- a/modules/cloud-build-v2-connection/variables-iam.tf +++ b/modules/cloud-build-v2-connection/variables-iam.tf @@ -55,4 +55,4 @@ variable "iam_by_principals" { type = map(list(string)) default = {} nullable = false -} \ No newline at end of file +} diff --git a/modules/cloud-config-container/__need_fixing/onprem/cloud-config.yaml b/modules/cloud-config-container/__need_fixing/onprem/cloud-config.yaml index da5aa81e1..1fab401a1 100644 --- a/modules/cloud-config-container/__need_fixing/onprem/cloud-config.yaml +++ b/modules/cloud-config-container/__need_fixing/onprem/cloud-config.yaml @@ -218,7 +218,7 @@ write_files: %{~ if vpn_config.type == "dynamic" ~} mark=%unique %{~ endif ~} - + conn gcp2 %{~ if vpn_config.type == "dynamic" ~} leftupdown="/var/lib/strongswan/ipsec-vti.sh 1 ${vpn_dynamic_config.peer_bgp_address2}/30 ${vpn_dynamic_config.local_bgp_address2}/30" @@ -248,7 +248,7 @@ write_files: %{~ endif ~} %{~ if vpn_config.type == "dynamic" ~} - + # Charon configuration - path: /var/lib/docker-compose/onprem/ipsec/vti.conf owner: root:root diff --git a/modules/cloud-config-container/__need_fixing/onprem/docker-images/README.md b/modules/cloud-config-container/__need_fixing/onprem/docker-images/README.md index e9342f7e7..b0e3b866b 100644 --- a/modules/cloud-config-container/__need_fixing/onprem/docker-images/README.md +++ b/modules/cloud-config-container/__need_fixing/onprem/docker-images/README.md @@ -1,3 +1,3 @@ # Supporting container images -The images in this folder are used by the [`onprem` module](../). \ No newline at end of file +The images in this folder are used by the [`onprem` module](../). diff --git a/modules/cloud-config-container/__need_fixing/onprem/docker-images/strongswan/entrypoint.sh b/modules/cloud-config-container/__need_fixing/onprem/docker-images/strongswan/entrypoint.sh index 648b0cd93..7abe61443 100644 --- a/modules/cloud-config-container/__need_fixing/onprem/docker-images/strongswan/entrypoint.sh +++ b/modules/cloud-config-container/__need_fixing/onprem/docker-images/strongswan/entrypoint.sh @@ -19,14 +19,14 @@ sysctl -w net.ipv4.ip_forward=1 # Stop ipsec when terminating _stop_ipsec() { - echo "Shutting down strongSwan/ipsec..." - ipsec stop + echo "Shutting down strongSwan/ipsec..." + ipsec stop } trap _stop_ipsec TERM # Making the container to work as a default gateway for LAN_NETWORKS -iptables -t nat -A POSTROUTING -s ${LAN_NETWORKS} -o ${VPN_DEVICE} -m policy --dir out --pol ipsec -j ACCEPT -iptables -t nat -A POSTROUTING -s ${LAN_NETWORKS} -o ${VPN_DEVICE} -j MASQUERADE +iptables -t nat -A POSTROUTING -s "${LAN_NETWORKS}" -o "${VPN_DEVICE}" -m policy --dir out --pol ipsec -j ACCEPT +iptables -t nat -A POSTROUTING -s "${LAN_NETWORKS}" -o "${VPN_DEVICE}" -j MASQUERADE # Start ipsec echo "Starting up strongSwan/ipsec..." diff --git a/modules/cloud-config-container/__need_fixing/onprem/docker-images/strongswan/ipsec-vti.sh b/modules/cloud-config-container/__need_fixing/onprem/docker-images/strongswan/ipsec-vti.sh index a3779abfa..4cf13c7c8 100644 --- a/modules/cloud-config-container/__need_fixing/onprem/docker-images/strongswan/ipsec-vti.sh +++ b/modules/cloud-config-container/__need_fixing/onprem/docker-images/strongswan/ipsec-vti.sh @@ -22,8 +22,8 @@ set -o errexit IP=$(which ip) -PLUTO_MARK_OUT_ARR=(${PLUTO_MARK_OUT//// }) -PLUTO_MARK_IN_ARR=(${PLUTO_MARK_IN//// }) +read -r -a PLUTO_MARK_OUT_ARR <<<"${PLUTO_MARK_OUT//// }" +read -r -a PLUTO_MARK_IN_ARR <<<"${PLUTO_MARK_IN//// }" VTI_TUNNEL_ID=${1} VTI_REMOTE=${2} @@ -34,33 +34,33 @@ VTI_IF="vti${VTI_TUNNEL_ID}" # GCP's MTU is 1460 GCP_MTU="1460" # ipsec overhead is 73 bytes, we need to compute new mtu. -VTI_MTU=$((GCP_MTU-73)) +VTI_MTU=$((GCP_MTU - 73)) case "${PLUTO_VERB}" in - up-client) - sudo ${IP} link add ${VTI_IF} type vti local ${PLUTO_ME} remote ${PLUTO_PEER} okey ${PLUTO_MARK_OUT_ARR[0]} ikey ${PLUTO_MARK_IN_ARR[0]} - sudo ${IP} addr add ${VTI_LOCAL} remote ${VTI_REMOTE} dev "${VTI_IF}" - sudo ${IP} link set ${VTI_IF} up mtu ${VTI_MTU} +up-client) + sudo "${IP}" link add "${VTI_IF}" type vti local "${PLUTO_ME}" remote "${PLUTO_PEER}" okey "${PLUTO_MARK_OUT_ARR[0]}" ikey "${PLUTO_MARK_IN_ARR[0]}" + sudo "${IP}" addr add "${VTI_LOCAL}" remote "${VTI_REMOTE}" dev "${VTI_IF}" + sudo "${IP}" link set "${VTI_IF}" up mtu "${VTI_MTU}" - # Disable IPSEC Policy - sudo /sbin/sysctl -w net.ipv4.conf.${VTI_IF}.disable_policy=1 + # Disable IPSEC Policy + sudo /sbin/sysctl -w "net.ipv4.conf.${VTI_IF}.disable_policy=1" - # Enable loose source validation, if possible. Otherwise disable validation. - sudo /sbin/sysctl -w net.ipv4.conf.${VTI_IF}.rp_filter=2 || sysctl -w net.ipv4.conf.${VTI_IF}.rp_filter=0 + # Enable loose source validation, if possible. Otherwise disable validation. + sudo /sbin/sysctl -w "net.ipv4.conf.${VTI_IF}.rp_filter=2" || sysctl -w "net.ipv4.conf.${VTI_IF}.rp_filter=0" - # If you would like to use VTI for policy-based you should take care of routing by yourself,, e.x. - if [[ "${PLUTO_PEER_CLIENT}" != "0.0.0.0/0" ]]; then - ${IP} r add "${PLUTO_PEER_CLIENT}" dev "${VTI_IF}" - fi - ;; - down-client) - sudo ${IP} tunnel del "${VTI_IF}" - ;; + # If you would like to use VTI for policy-based you should take care of routing by yourself,, e.x. + if [[ "${PLUTO_PEER_CLIENT}" != "0.0.0.0/0" ]]; then + "${IP}" r add "${PLUTO_PEER_CLIENT}" dev "${VTI_IF}" + fi + ;; +down-client) + sudo "${IP}" tunnel del "${VTI_IF}" + ;; esac # Enable IPv4 forwarding sudo /sbin/sysctl -w net.ipv4.ip_forward=1 # Disable IPSEC Encryption on local net -sudo /sbin/sysctl -w net.ipv4.conf.${LOCAL_IF}.disable_xfrm=1 -sudo /sbin/sysctl -w net.ipv4.conf.${LOCAL_IF}.disable_policy=1 +sudo /sbin/sysctl -w "net.ipv4.conf.${LOCAL_IF}.disable_xfrm=1" +sudo /sbin/sysctl -w "net.ipv4.conf.${LOCAL_IF}.disable_policy=1" diff --git a/modules/cloud-config-container/__need_fixing/onprem/docker-images/toolbox/entrypoint.sh b/modules/cloud-config-container/__need_fixing/onprem/docker-images/toolbox/entrypoint.sh index 822c1fbf0..4c3ef4c58 100644 --- a/modules/cloud-config-container/__need_fixing/onprem/docker-images/toolbox/entrypoint.sh +++ b/modules/cloud-config-container/__need_fixing/onprem/docker-images/toolbox/entrypoint.sh @@ -15,4 +15,6 @@ # limitations under the License. echo "Entering sleep..." -trap : TERM INT; (while true; do sleep 1000; done) & wait +trap : TERM INT +(while true; do sleep 1000; done) & +wait diff --git a/modules/cloud-config-container/__need_fixing/squid/docker/entrypoint.sh b/modules/cloud-config-container/__need_fixing/squid/docker/entrypoint.sh index 0114f767a..89d0e3685 100755 --- a/modules/cloud-config-container/__need_fixing/squid/docker/entrypoint.sh +++ b/modules/cloud-config-container/__need_fixing/squid/docker/entrypoint.sh @@ -20,14 +20,14 @@ set -e create_log_dir() { - mkdir -p ${SQUID_LOG_DIR} - chmod -R 755 ${SQUID_LOG_DIR} - chown -R ${SQUID_USER}:${SQUID_USER} ${SQUID_LOG_DIR} + mkdir -p "${SQUID_LOG_DIR}" + chmod -R 755 "${SQUID_LOG_DIR}" + chown -R "${SQUID_USER}:${SQUID_USER}" "${SQUID_LOG_DIR}" } create_cache_dir() { - mkdir -p ${SQUID_CACHE_DIR} - chown -R ${SQUID_USER}:${SQUID_USER} ${SQUID_CACHE_DIR} + mkdir -p "${SQUID_CACHE_DIR}" + chown -R "${SQUID_USER}:${SQUID_USER}" "${SQUID_CACHE_DIR}" } create_log_dir @@ -35,21 +35,21 @@ create_cache_dir # allow arguments to be passed to squid if [[ ${1:0:1} = '-' ]]; then - EXTRA_ARGS="$@" - set -- + EXTRA_ARGS=("$@") + set -- elif [[ ${1} == squid || ${1} == $(which squid) ]]; then - EXTRA_ARGS="${@:2}" - set -- + EXTRA_ARGS=("${@:2}") + set -- fi # default behaviour is to launch squid if [[ -z ${1} ]]; then - if [[ ! -d ${SQUID_CACHE_DIR}/00 ]]; then - echo "Initializing cache..." - $(which squid) -N -f /etc/squid/squid.conf -z - fi - echo "Starting squid..." - exec $(which squid) -f /etc/squid/squid.conf -NYCd 1 ${EXTRA_ARGS} + if [[ ! -d ${SQUID_CACHE_DIR}/00 ]]; then + echo "Initializing cache..." + $(which squid) -N -f /etc/squid/squid.conf -z + fi + echo "Starting squid..." + exec $(which squid) -f /etc/squid/squid.conf -NYCd 1 "${EXTRA_ARGS[@]}" else - exec "$@" + exec "$@" fi diff --git a/modules/cloud-config-container/coredns/Corefile b/modules/cloud-config-container/coredns/Corefile index e5a7674fa..4d7ef0450 100644 --- a/modules/cloud-config-container/coredns/Corefile +++ b/modules/cloud-config-container/coredns/Corefile @@ -3,4 +3,4 @@ reload log errors -} \ No newline at end of file +} diff --git a/modules/cloud-config-container/nginx-tls/assets/customize.sh b/modules/cloud-config-container/nginx-tls/assets/customize.sh index 52ddbe779..f16125077 100644 --- a/modules/cloud-config-container/nginx-tls/assets/customize.sh +++ b/modules/cloud-config-container/nginx-tls/assets/customize.sh @@ -13,12 +13,13 @@ # See the License for the specific language governing permissions and # limitations under the License. -FQDN=$(\ - curl -s -H "Metadata-Flavor: Google" \ - http://metadata/computeMetadata/v1/instance/hostname) -HOSTNAME=$(echo $FQDN | cut -d"." -f1) +FQDN=$( + curl -s -H "Metadata-Flavor: Google" \ + http://metadata/computeMetadata/v1/instance/hostname +) +HOSTNAME=$(echo "$FQDN" | cut -d"." -f1) openssl req -new -newkey rsa:4096 -days 365 -nodes -x509 \ - -subj /CN=$HOSTNAME/ -addext "subjectAltName = DNS:$FQDN" \ - -keyout /etc/ssl/self-signed.key -out /etc/ssl/self-signed.crt + -subj "/CN=$HOSTNAME/" -addext "subjectAltName = DNS:$FQDN" \ + -keyout /etc/ssl/self-signed.key -out /etc/ssl/self-signed.crt chgrp nginx /etc/ssl/self-signed.key -out /etc/ssl/self-signed.crt -sed -i "s/HOSTNAME/${HOSTNAME}/" /etc/nginx/conf.d/default.conf \ No newline at end of file +sed -i "s/HOSTNAME/${HOSTNAME}/" /etc/nginx/conf.d/default.conf diff --git a/modules/cloud-config-container/nginx-tls/assets/default.conf b/modules/cloud-config-container/nginx-tls/assets/default.conf index 2be98ff27..61d8a3842 100644 --- a/modules/cloud-config-container/nginx-tls/assets/default.conf +++ b/modules/cloud-config-container/nginx-tls/assets/default.conf @@ -21,4 +21,4 @@ server { location = /50x.html { root /usr/share/nginx/html; } -} \ No newline at end of file +} diff --git a/modules/cloud-config-container/simple-nva/files/ipprefix_by_netmask.sh b/modules/cloud-config-container/simple-nva/files/ipprefix_by_netmask.sh index 169438253..c5e08556a 100644 --- a/modules/cloud-config-container/simple-nva/files/ipprefix_by_netmask.sh +++ b/modules/cloud-config-container/simple-nva/files/ipprefix_by_netmask.sh @@ -15,8 +15,8 @@ # limitations under the License. # https://stackoverflow.com/questions/50413579/bash-convert-netmask-in-cidr-notation -c=0 x=0$(printf '%o' ${1//./ }) -while [ $x -gt 0 ]; do - let c+=$((x % 2)) 'x>>=1' +c=0 x=0$(printf '%o' "${1//./ }") +while [ "$x" -gt 0 ]; do + ((c += x % 2, x >>= 1)) done -echo $c +echo "$c" diff --git a/modules/cloud-config-container/simple-nva/files/policy_based_routing.sh b/modules/cloud-config-container/simple-nva/files/policy_based_routing.sh index 008aa0b83..0bb560669 100644 --- a/modules/cloud-config-container/simple-nva/files/policy_based_routing.sh +++ b/modules/cloud-config-container/simple-nva/files/policy_based_routing.sh @@ -15,43 +15,41 @@ # limitations under the License. IF_NAME=$1 -IF_NUMBER=$(echo $IF_NAME | sed -e s/eth//) -IF_GW=$(curl http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/$IF_NUMBER/gateway -H "Metadata-Flavor: Google") -IF_IP=$(curl http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/$IF_NUMBER/ip -H "Metadata-Flavor: Google") -IF_NETMASK=$(curl http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/$IF_NUMBER/subnetmask -H "Metadata-Flavor: Google") -IF_IP_PREFIX=$(/var/run/nva/ipprefix_by_netmask.sh $IF_NETMASK) +IF_NUMBER=${IF_NAME//eth/} +IF_GW=$(curl http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/"$IF_NUMBER"/gateway -H "Metadata-Flavor: Google") +IF_IP=$(curl http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/"$IF_NUMBER"/ip -H "Metadata-Flavor: Google") +IF_NETMASK=$(curl http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/"$IF_NUMBER"/subnetmask -H "Metadata-Flavor: Google") +# shellcheck disable=SC2034 +IF_IP_PREFIX=$(/var/run/nva/ipprefix_by_netmask.sh "$IF_NETMASK") # Sleep while there's no load balancer IP route for this IF -while true -do - IPS_LB_STR=$(ip r show table local | grep "$IF_NAME proto 66" | cut -f 2 -d " " | tr -s '\n' ' ') - IPS_LB=($IPS_LB_STR) - for IP in "${IPS_LB[@]}" - do - # Configure hc routing table if not available for this network interface - grep -qxF "$((200 + $IF_NUMBER)) hc-$IF_NAME" /etc/iproute2/rt_tables || { - echo "$((200 + $IF_NUMBER)) hc-$IF_NAME" >>/etc/iproute2/rt_tables - ip route add $IF_GW src $IF_IP dev $IF_NAME table hc-$IF_NAME - ip route add default via $IF_GW dev $IF_NAME table hc-$IF_NAME - } +while true; do + IPS_LB_STR=$(ip r show table local | grep "$IF_NAME proto 66" | cut -f 2 -d " " | tr -s '\n' ' ') + read -r -a IPS_LB <<<"$IPS_LB_STR" + for IP in "${IPS_LB[@]}"; do + # Configure hc routing table if not available for this network interface + grep -qxF "$((200 + IF_NUMBER)) hc-$IF_NAME" /etc/iproute2/rt_tables || { + echo "$((200 + IF_NUMBER)) hc-$IF_NAME" >>/etc/iproute2/rt_tables + ip route add "$IF_GW" src "$IF_IP" dev "$IF_NAME" table hc-"$IF_NAME" + ip route add default via "$IF_GW" dev "$IF_NAME" table hc-"$IF_NAME" + } - # configure PBR route for LB - ip rule list | grep -qF "$IP" || ip rule add from $IP/32 table hc-$IF_NAME - done + # configure PBR route for LB + ip rule list | grep -qF "$IP" || ip rule add from "$IP"/32 table hc-"$IF_NAME" + done - # remove previously configure PBR for old LB removed from network interface - # first get list of PBR on this network interface and retrieve LB IP addresses - PBR_LB_IPS_STR=$(ip rule list | grep "hc-$IF_NAME" | cut -f 2 -d " " | tr -s '\n' ' ') - PBR_LB_IPS=($PBR_LB_IPS_STR) + # remove previously configure PBR for old LB removed from network interface + # first get list of PBR on this network interface and retrieve LB IP addresses + PBR_LB_IPS_STR=$(ip rule list | grep "hc-$IF_NAME" | cut -f 2 -d " " | tr -s '\n' ' ') + read -r -a PBR_LB_IPS <<<"$PBR_LB_IPS_STR" - # iterate over PBR LB IP addresses - for PBR_IP in "${PBR_LB_IPS[@]}" - do - # check if the PBR LB IP belongs to the current array of LB IPs attached to the - # network interface, if not delete the corresponding PBR rule - if [ -z "$IPS_LB" ] || ! echo ${IPS_LB[@]} | grep --quiet "$PBR_IP" ; then - ip rule del from $PBR_IP - fi - done - sleep 2 + # iterate over PBR LB IP addresses + for PBR_IP in "${PBR_LB_IPS[@]}"; do + # check if the PBR LB IP belongs to the current array of LB IPs attached to the + # network interface, if not delete the corresponding PBR rule + if [ ${#IPS_LB[@]} -eq 0 ] || ! echo "${IPS_LB[*]}" | grep --quiet "$PBR_IP"; then + ip rule del from "$PBR_IP" + fi + done + sleep 2 done diff --git a/modules/cloud-deploy/automation.tf b/modules/cloud-deploy/automation.tf index aaff9dd30..70fbe2528 100644 --- a/modules/cloud-deploy/automation.tf +++ b/modules/cloud-deploy/automation.tf @@ -131,4 +131,4 @@ resource "google_clouddeploy_automation" "default" { } } } -} \ No newline at end of file +} diff --git a/modules/cloud-deploy/delivery-pipeline.tf b/modules/cloud-deploy/delivery-pipeline.tf index 5abdef68f..b011b5cc0 100644 --- a/modules/cloud-deploy/delivery-pipeline.tf +++ b/modules/cloud-deploy/delivery-pipeline.tf @@ -155,4 +155,3 @@ resource "google_clouddeploy_delivery_pipeline" "default" { } } } - diff --git a/modules/cloud-deploy/deploy-policy.tf b/modules/cloud-deploy/deploy-policy.tf index 0cb6db85c..617f5e4df 100644 --- a/modules/cloud-deploy/deploy-policy.tf +++ b/modules/cloud-deploy/deploy-policy.tf @@ -156,4 +156,4 @@ resource "google_clouddeploy_deploy_policy" "default" { } } } -} \ No newline at end of file +} diff --git a/modules/cloud-deploy/main.tf b/modules/cloud-deploy/main.tf index 45675d594..22c3f1a29 100644 --- a/modules/cloud-deploy/main.tf +++ b/modules/cloud-deploy/main.tf @@ -26,4 +26,4 @@ locals { data "google_compute_default_service_account" "default" { count = alltrue([for k, v in var.automations : v.service_account != null]) ? 0 : 1 project = var.project_id -} \ No newline at end of file +} diff --git a/modules/cloud-deploy/outputs.tf b/modules/cloud-deploy/outputs.tf index efa0bc2a3..7877e509e 100644 --- a/modules/cloud-deploy/outputs.tf +++ b/modules/cloud-deploy/outputs.tf @@ -34,4 +34,3 @@ output "target_ids" { description = "Target ids." value = values(google_clouddeploy_target.default)[*].id } - diff --git a/modules/cloud-deploy/target.tf b/modules/cloud-deploy/target.tf index 227b49773..dd3762a3a 100644 --- a/modules/cloud-deploy/target.tf +++ b/modules/cloud-deploy/target.tf @@ -55,4 +55,3 @@ resource "google_clouddeploy_target" "default" { } } } - diff --git a/modules/cloudsql-instance/main.tf b/modules/cloudsql-instance/main.tf index e8bef40c1..e0a42a22f 100644 --- a/modules/cloudsql-instance/main.tf +++ b/modules/cloudsql-instance/main.tf @@ -392,4 +392,3 @@ resource "google_sql_ssl_cert" "client_certificates" { instance = google_sql_database_instance.primary.name common_name = each.key } - diff --git a/modules/compute-vm/README.md b/modules/compute-vm/README.md index 23317caa3..d685e915c 100644 --- a/modules/compute-vm/README.md +++ b/modules/compute-vm/README.md @@ -176,7 +176,7 @@ When attaching multiple disks to a VM, Terraform processes them using a `dynamic If you add a new disk to the `attached_disks` map with a key that comes alphabetically *before* existing disks, it will shift the attachment order of all subsequent disks. This shift can cause Terraform to recreate or modify existing attachments, potentially requiring the VM to be restarted or remounted. -To explicitly control the attachment order and prevent unintended shifts when adding new disks, you can use the optional `position` attribute within each disk's configuration. The module uses the `position` value as the sorting key. If `position` is omitted, it falls back to using the map key itself. +To explicitly control the attachment order and prevent unintended shifts when adding new disks, you can use the optional `position` attribute within each disk's configuration. The module uses the `position` value as the sorting key. If `position` is omitted, it falls back to using the map key itself. By setting a `position` value that sorts alphabetically *after* the existing disks, you can safely append a newly added disk to the end of the attachment list, regardless of its actual map key. diff --git a/modules/compute-vm/disks.tf b/modules/compute-vm/disks.tf index 286bd5de7..0488cae80 100644 --- a/modules/compute-vm/disks.tf +++ b/modules/compute-vm/disks.tf @@ -130,4 +130,3 @@ resource "google_compute_region_disk" "disks" { } } } - diff --git a/modules/data-catalog-tag-template/schemas/tag-template.schema.json b/modules/data-catalog-tag-template/schemas/tag-template.schema.json index cb4d79e20..1a20ea5d5 100644 --- a/modules/data-catalog-tag-template/schemas/tag-template.schema.json +++ b/modules/data-catalog-tag-template/schemas/tag-template.schema.json @@ -174,4 +174,4 @@ } } } -} \ No newline at end of file +} diff --git a/modules/data-catalog-tag/README.md b/modules/data-catalog-tag/README.md index a9703acd4..ed3b7cdf0 100644 --- a/modules/data-catalog-tag/README.md +++ b/modules/data-catalog-tag/README.md @@ -128,11 +128,11 @@ parent: projects/project-data-product/datasets/exposure location: europe-west1 template: projects/project-datagov/locations/europe-west1/tagTemplates/test fields: - owner_email: + owner_email: string_value: example@example.com - num: + num: double_value: 5 - pii: + pii: enum_value: NONE ``` diff --git a/modules/datafusion/main.tf b/modules/datafusion/main.tf index d42255173..1886c646b 100644 --- a/modules/datafusion/main.tf +++ b/modules/datafusion/main.tf @@ -76,4 +76,3 @@ resource "google_data_fusion_instance" "default" { ip_allocation = local.ip_allocation } } - diff --git a/modules/dataplex-aspect-types/schemas/aspect-type.schema.json b/modules/dataplex-aspect-types/schemas/aspect-type.schema.json index f2fbf31c0..bf2614f2e 100644 --- a/modules/dataplex-aspect-types/schemas/aspect-type.schema.json +++ b/modules/dataplex-aspect-types/schemas/aspect-type.schema.json @@ -122,4 +122,4 @@ } } } -} \ No newline at end of file +} diff --git a/modules/dataplex-datascan/variables-iam.tf b/modules/dataplex-datascan/variables-iam.tf index 81a93f9ff..21e3d9c7e 100644 --- a/modules/dataplex-datascan/variables-iam.tf +++ b/modules/dataplex-datascan/variables-iam.tf @@ -57,4 +57,3 @@ variable "iam_bindings_additive" { nullable = false default = {} } - diff --git a/modules/dataplex/outputs.tf b/modules/dataplex/outputs.tf index 0da4fcc24..7c0838d1c 100644 --- a/modules/dataplex/outputs.tf +++ b/modules/dataplex/outputs.tf @@ -33,4 +33,3 @@ output "zones" { description = "The zone name of Dataplex Lake." value = distinct(local.zone_assets[*]["zone_name"]) } - diff --git a/modules/dataproc/outputs.tf b/modules/dataproc/outputs.tf index 27f47236d..09b9984ea 100644 --- a/modules/dataproc/outputs.tf +++ b/modules/dataproc/outputs.tf @@ -46,4 +46,3 @@ output "name" { description = "The name of the cluster." value = google_dataproc_cluster.cluster.name } - diff --git a/modules/dns-response-policy/schemas/dns-response-policy-rules.json b/modules/dns-response-policy/schemas/dns-response-policy-rules.json index d86524cb8..e92c60e37 100644 --- a/modules/dns-response-policy/schemas/dns-response-policy-rules.json +++ b/modules/dns-response-policy/schemas/dns-response-policy-rules.json @@ -38,4 +38,4 @@ } } } -} \ No newline at end of file +} diff --git a/modules/firestore/outputs.tf b/modules/firestore/outputs.tf index f72ba2c9c..4ee902ce6 100644 --- a/modules/firestore/outputs.tf +++ b/modules/firestore/outputs.tf @@ -47,4 +47,3 @@ output "firestore_indexes" { description = "Firestore indexes." value = google_firestore_index.firestore_indexes } - diff --git a/modules/folder/iam.tf b/modules/folder/iam.tf index a5f37cef7..c815bdd05 100644 --- a/modules/folder/iam.tf +++ b/modules/folder/iam.tf @@ -50,7 +50,7 @@ locals { } ]... ) - # convert all the iam_by_principals_conditional into a flat list of bindings + # convert all the iam_by_principals_conditional into a flat list of bindings _iam_bindings_conditional = flatten([ for principal, config in var.iam_by_principals_conditional : [ for role in config.roles : { @@ -126,4 +126,3 @@ resource "google_folder_iam_member" "bindings" { } } } - diff --git a/modules/folder/schemas/pam-entitlements.schema.json b/modules/folder/schemas/pam-entitlements.schema.json index a2ea3fe62..1504a3a4c 100644 --- a/modules/folder/schemas/pam-entitlements.schema.json +++ b/modules/folder/schemas/pam-entitlements.schema.json @@ -112,4 +112,4 @@ } }, "additionalProperties": false -} \ No newline at end of file +} diff --git a/modules/folder/schemas/pam-entitlements.schema.md b/modules/folder/schemas/pam-entitlements.schema.md index f0805eb29..dc5b50de2 100644 --- a/modules/folder/schemas/pam-entitlements.schema.md +++ b/modules/folder/schemas/pam-entitlements.schema.md @@ -39,5 +39,3 @@ - items: *string* ## Definitions - - diff --git a/modules/folder/schemas/scc-mute-config.schema.json b/modules/folder/schemas/scc-mute-config.schema.json index a5ae84bdb..892df5dac 100644 --- a/modules/folder/schemas/scc-mute-config.schema.json +++ b/modules/folder/schemas/scc-mute-config.schema.json @@ -26,4 +26,4 @@ } } } -} \ No newline at end of file +} diff --git a/modules/folder/schemas/scc-mute-config.schema.md b/modules/folder/schemas/scc-mute-config.schema.md index d103af2d6..7a2ed4cef 100644 --- a/modules/folder/schemas/scc-mute-config.schema.md +++ b/modules/folder/schemas/scc-mute-config.schema.md @@ -11,5 +11,3 @@
*default: DYNAMIC*, *enum: ['DYNAMIC', 'STATIC']* ## Definitions - - diff --git a/modules/folder/schemas/scc-sha-custom-modules.schema.json b/modules/folder/schemas/scc-sha-custom-modules.schema.json index f70f354e5..03d87aa52 100644 --- a/modules/folder/schemas/scc-sha-custom-modules.schema.json +++ b/modules/folder/schemas/scc-sha-custom-modules.schema.json @@ -48,4 +48,4 @@ } } } -} \ No newline at end of file +} diff --git a/modules/folder/schemas/scc-sha-custom-modules.schema.md b/modules/folder/schemas/scc-sha-custom-modules.schema.md index 685da6bed..110439d49 100644 --- a/modules/folder/schemas/scc-sha-custom-modules.schema.md +++ b/modules/folder/schemas/scc-sha-custom-modules.schema.md @@ -15,5 +15,3 @@ - ⁺**severity**: *string* ## Definitions - - diff --git a/modules/folder/service-agents.yaml b/modules/folder/service-agents.yaml index 401972126..a8a638744 100644 --- a/modules/folder/service-agents.yaml +++ b/modules/folder/service-agents.yaml @@ -52,4 +52,3 @@ display_name: Progressive Rollout Service Agent api: progressiverollout.googleapis.com identity: service-folder-${folder_number}@gcp-sa-progrollout.iam.gserviceaccount.com - diff --git a/modules/gcs/variables-iam.tf b/modules/gcs/variables-iam.tf index 094cfbbe2..08d968a33 100644 --- a/modules/gcs/variables-iam.tf +++ b/modules/gcs/variables-iam.tf @@ -56,4 +56,3 @@ variable "iam_by_principals" { default = {} nullable = false } - diff --git a/modules/net-firewall-policy/schemas/firewall-policy-rules.schema.json b/modules/net-firewall-policy/schemas/firewall-policy-rules.schema.json index b5df323b9..df7a2d27b 100644 --- a/modules/net-firewall-policy/schemas/firewall-policy-rules.schema.json +++ b/modules/net-firewall-policy/schemas/firewall-policy-rules.schema.json @@ -127,4 +127,4 @@ } } } -} \ No newline at end of file +} diff --git a/modules/net-lb-app-int-cross-region/groups.tf b/modules/net-lb-app-int-cross-region/groups.tf index c280e7ae9..382201807 100644 --- a/modules/net-lb-app-int-cross-region/groups.tf +++ b/modules/net-lb-app-int-cross-region/groups.tf @@ -34,4 +34,3 @@ resource "google_compute_instance_group" "default" { } } } - diff --git a/modules/net-lb-app-int/groups.tf b/modules/net-lb-app-int/groups.tf index 2f03f8c56..bd883e085 100644 --- a/modules/net-lb-app-int/groups.tf +++ b/modules/net-lb-app-int/groups.tf @@ -34,4 +34,3 @@ resource "google_compute_instance_group" "default" { } } } - diff --git a/modules/net-lb-proxy-int/groups.tf b/modules/net-lb-proxy-int/groups.tf index c280e7ae9..382201807 100644 --- a/modules/net-lb-proxy-int/groups.tf +++ b/modules/net-lb-proxy-int/groups.tf @@ -34,4 +34,3 @@ resource "google_compute_instance_group" "default" { } } } - diff --git a/modules/net-swp/schemas/policy-rule.schema.json b/modules/net-swp/schemas/policy-rule.schema.json index d293bed5e..b627184fb 100644 --- a/modules/net-swp/schemas/policy-rule.schema.json +++ b/modules/net-swp/schemas/policy-rule.schema.json @@ -49,4 +49,4 @@ } } } -} \ No newline at end of file +} diff --git a/modules/net-swp/schemas/policy-rule.schema.md b/modules/net-swp/schemas/policy-rule.schema.md index 5a8a96936..b2b1f0df3 100644 --- a/modules/net-swp/schemas/policy-rule.schema.md +++ b/modules/net-swp/schemas/policy-rule.schema.md @@ -21,5 +21,3 @@ - items: *string* ## Definitions - - diff --git a/modules/net-swp/schemas/url-list.schema.json b/modules/net-swp/schemas/url-list.schema.json index 9bb9fba07..9e71487f4 100644 --- a/modules/net-swp/schemas/url-list.schema.json +++ b/modules/net-swp/schemas/url-list.schema.json @@ -14,4 +14,4 @@ } } } -} \ No newline at end of file +} diff --git a/modules/net-swp/schemas/url-list.schema.md b/modules/net-swp/schemas/url-list.schema.md index 6f8b0cbaa..007bd0cbb 100644 --- a/modules/net-swp/schemas/url-list.schema.md +++ b/modules/net-swp/schemas/url-list.schema.md @@ -11,5 +11,3 @@ - items: *string* ## Definitions - - diff --git a/modules/net-vlan-attachment/variables.tf b/modules/net-vlan-attachment/variables.tf index 4380276f9..a845581ec 100644 --- a/modules/net-vlan-attachment/variables.tf +++ b/modules/net-vlan-attachment/variables.tf @@ -60,7 +60,7 @@ variable "context" { variable "dedicated_interconnect_config" { description = "Dedicated interconnect configuration." type = object({ - # Possible values @ https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_interconnect_attachment#bandwidth + # Possible values @ https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_interconnect_attachment#bandwidth bandwidth = optional(string, "BPS_10G") bgp_range = optional(string) bgp_priority = optional(number) diff --git a/modules/net-vpc-factory/schemas/defaults.schema.md b/modules/net-vpc-factory/schemas/defaults.schema.md index 1b863b5d7..ed1152a2b 100644 --- a/modules/net-vpc-factory/schemas/defaults.schema.md +++ b/modules/net-vpc-factory/schemas/defaults.schema.md @@ -24,5 +24,3 @@
*default: 1500* ## Definitions - - diff --git a/modules/net-vpc-factory/schemas/firewall-rules.schema.json b/modules/net-vpc-factory/schemas/firewall-rules.schema.json index 029bf85a6..fd669a89f 100644 --- a/modules/net-vpc-factory/schemas/firewall-rules.schema.json +++ b/modules/net-vpc-factory/schemas/firewall-rules.schema.json @@ -101,4 +101,4 @@ } } } -} \ No newline at end of file +} diff --git a/modules/net-vpc-factory/schemas/vpc-factory.schema.json b/modules/net-vpc-factory/schemas/vpc-factory.schema.json index 6ba88bff1..4972b17a7 100644 --- a/modules/net-vpc-factory/schemas/vpc-factory.schema.json +++ b/modules/net-vpc-factory/schemas/vpc-factory.schema.json @@ -295,4 +295,4 @@ } } } -} \ No newline at end of file +} diff --git a/modules/net-vpc-firewall/schemas/firewall-rules.schema.json b/modules/net-vpc-firewall/schemas/firewall-rules.schema.json index 029bf85a6..fd669a89f 100644 --- a/modules/net-vpc-firewall/schemas/firewall-rules.schema.json +++ b/modules/net-vpc-firewall/schemas/firewall-rules.schema.json @@ -101,4 +101,4 @@ } } } -} \ No newline at end of file +} diff --git a/modules/net-vpc/schemas/internal-range.schema.md b/modules/net-vpc/schemas/internal-range.schema.md index 91e655378..4c5fdff36 100644 --- a/modules/net-vpc/schemas/internal-range.schema.md +++ b/modules/net-vpc/schemas/internal-range.schema.md @@ -35,5 +35,3 @@ - **immutable**: *boolean* ## Definitions - - diff --git a/modules/net-vpn-ha/recipe-vpn-aws-gcp/aws.tf b/modules/net-vpn-ha/recipe-vpn-aws-gcp/aws.tf index 92db19ef9..c72f1d496 100644 --- a/modules/net-vpn-ha/recipe-vpn-aws-gcp/aws.tf +++ b/modules/net-vpn-ha/recipe-vpn-aws-gcp/aws.tf @@ -66,4 +66,3 @@ resource "aws_vpn_gateway_route_propagation" "vpn_gateway_route_propagation" { vpn_gateway_id = aws_vpn_gateway.vpn_gateway.id route_table_id = data.aws_route_table.route_table[0].id } - diff --git a/modules/net-vpn-ha/recipe-vpn-aws-gcp/variables.tf b/modules/net-vpn-ha/recipe-vpn-aws-gcp/variables.tf index bef37c6cc..da7484d9e 100644 --- a/modules/net-vpn-ha/recipe-vpn-aws-gcp/variables.tf +++ b/modules/net-vpn-ha/recipe-vpn-aws-gcp/variables.tf @@ -64,4 +64,3 @@ variable "shared_secret" { description = "Shared secret." type = string } - diff --git a/modules/organization/scc-sha-custom-modules.tf b/modules/organization/scc-sha-custom-modules.tf index 8eefe7739..11e6debee 100644 --- a/modules/organization/scc-sha-custom-modules.tf +++ b/modules/organization/scc-sha-custom-modules.tf @@ -71,4 +71,4 @@ resource "google_scc_management_organization_security_health_analytics_custom_mo google_organization_iam_binding.bindings, google_organization_iam_member.bindings, ] -} \ No newline at end of file +} diff --git a/modules/organization/schemas/custom-role.schema.json b/modules/organization/schemas/custom-role.schema.json index d7526482c..bbfedef7f 100644 --- a/modules/organization/schemas/custom-role.schema.json +++ b/modules/organization/schemas/custom-role.schema.json @@ -15,4 +15,4 @@ } } } -} \ No newline at end of file +} diff --git a/modules/organization/schemas/custom-role.schema.md b/modules/organization/schemas/custom-role.schema.md index eda065897..8453f5a12 100644 --- a/modules/organization/schemas/custom-role.schema.md +++ b/modules/organization/schemas/custom-role.schema.md @@ -12,5 +12,3 @@
*pattern: ^[a-zA-Z-]+\.[a-zA-Z-]+\.[a-zA-Z-]+$* ## Definitions - - diff --git a/modules/organization/schemas/org-policy-custom-constraint.schema.json b/modules/organization/schemas/org-policy-custom-constraint.schema.json index 3be08e39c..300ae4f67 100644 --- a/modules/organization/schemas/org-policy-custom-constraint.schema.json +++ b/modules/organization/schemas/org-policy-custom-constraint.schema.json @@ -39,4 +39,4 @@ } } } -} \ No newline at end of file +} diff --git a/modules/organization/schemas/org-policy-custom-constraint.schema.md b/modules/organization/schemas/org-policy-custom-constraint.schema.md index d119ed55d..12ad1f15b 100644 --- a/modules/organization/schemas/org-policy-custom-constraint.schema.md +++ b/modules/organization/schemas/org-policy-custom-constraint.schema.md @@ -18,5 +18,3 @@ - items: *string* ## Definitions - - diff --git a/modules/organization/schemas/pam-entitlements.schema.json b/modules/organization/schemas/pam-entitlements.schema.json index a2ea3fe62..1504a3a4c 100644 --- a/modules/organization/schemas/pam-entitlements.schema.json +++ b/modules/organization/schemas/pam-entitlements.schema.json @@ -112,4 +112,4 @@ } }, "additionalProperties": false -} \ No newline at end of file +} diff --git a/modules/organization/schemas/pam-entitlements.schema.md b/modules/organization/schemas/pam-entitlements.schema.md index f0805eb29..dc5b50de2 100644 --- a/modules/organization/schemas/pam-entitlements.schema.md +++ b/modules/organization/schemas/pam-entitlements.schema.md @@ -39,5 +39,3 @@ - items: *string* ## Definitions - - diff --git a/modules/organization/schemas/scc-mute-config.schema.json b/modules/organization/schemas/scc-mute-config.schema.json index a5ae84bdb..892df5dac 100644 --- a/modules/organization/schemas/scc-mute-config.schema.json +++ b/modules/organization/schemas/scc-mute-config.schema.json @@ -26,4 +26,4 @@ } } } -} \ No newline at end of file +} diff --git a/modules/organization/schemas/scc-mute-config.schema.md b/modules/organization/schemas/scc-mute-config.schema.md index d103af2d6..7a2ed4cef 100644 --- a/modules/organization/schemas/scc-mute-config.schema.md +++ b/modules/organization/schemas/scc-mute-config.schema.md @@ -11,5 +11,3 @@
*default: DYNAMIC*, *enum: ['DYNAMIC', 'STATIC']* ## Definitions - - diff --git a/modules/organization/schemas/scc-sha-custom-modules.schema.json b/modules/organization/schemas/scc-sha-custom-modules.schema.json index f70f354e5..03d87aa52 100644 --- a/modules/organization/schemas/scc-sha-custom-modules.schema.json +++ b/modules/organization/schemas/scc-sha-custom-modules.schema.json @@ -48,4 +48,4 @@ } } } -} \ No newline at end of file +} diff --git a/modules/organization/schemas/scc-sha-custom-modules.schema.md b/modules/organization/schemas/scc-sha-custom-modules.schema.md index 685da6bed..110439d49 100644 --- a/modules/organization/schemas/scc-sha-custom-modules.schema.md +++ b/modules/organization/schemas/scc-sha-custom-modules.schema.md @@ -15,5 +15,3 @@ - ⁺**severity**: *string* ## Definitions - - diff --git a/modules/organization/schemas/tags.schema.json b/modules/organization/schemas/tags.schema.json index 682ea7fe8..64e2827b0 100644 --- a/modules/organization/schemas/tags.schema.json +++ b/modules/organization/schemas/tags.schema.json @@ -152,4 +152,4 @@ } } } -} \ No newline at end of file +} diff --git a/modules/organization/service-agents.yaml b/modules/organization/service-agents.yaml index fe3923029..d12194eb6 100644 --- a/modules/organization/service-agents.yaml +++ b/modules/organization/service-agents.yaml @@ -116,4 +116,3 @@ display_name: SCC CMEK Spanner Service Agent (PROD) api: securitycenter.googleapis.com identity: service-org-${organization_number}@gcp-sa-sccspanner.iam.gserviceaccount.com - diff --git a/modules/project-factory/schemas/budget.schema.json b/modules/project-factory/schemas/budget.schema.json index af145dcc1..87f66f405 100644 --- a/modules/project-factory/schemas/budget.schema.json +++ b/modules/project-factory/schemas/budget.schema.json @@ -176,4 +176,4 @@ } } } -} \ No newline at end of file +} diff --git a/modules/project-factory/schemas/folder.schema.json b/modules/project-factory/schemas/folder.schema.json index 6cb60bab0..a9832d9a6 100644 --- a/modules/project-factory/schemas/folder.schema.json +++ b/modules/project-factory/schemas/folder.schema.json @@ -973,4 +973,4 @@ ] } } -} \ No newline at end of file +} diff --git a/modules/project-factory/schemas/project.schema.json b/modules/project-factory/schemas/project.schema.json index b1011b25f..89b0aeaba 100644 --- a/modules/project-factory/schemas/project.schema.json +++ b/modules/project-factory/schemas/project.schema.json @@ -1866,4 +1866,4 @@ } } } -} \ No newline at end of file +} diff --git a/modules/project/identity-providers.tf b/modules/project/identity-providers.tf index f632aa8a9..860317eec 100644 --- a/modules/project/identity-providers.tf +++ b/modules/project/identity-providers.tf @@ -81,4 +81,3 @@ resource "google_iam_workload_identity_pool_provider" "default" { } } } - diff --git a/modules/project/notification-channels.tf b/modules/project/notification-channels.tf index 1827b07f9..f652e0aec 100644 --- a/modules/project/notification-channels.tf +++ b/modules/project/notification-channels.tf @@ -64,5 +64,3 @@ resource "google_monitoring_notification_channel" "channels" { } } } - - diff --git a/modules/project/schemas/custom-role.schema.json b/modules/project/schemas/custom-role.schema.json index d7526482c..bbfedef7f 100644 --- a/modules/project/schemas/custom-role.schema.json +++ b/modules/project/schemas/custom-role.schema.json @@ -15,4 +15,4 @@ } } } -} \ No newline at end of file +} diff --git a/modules/project/schemas/custom-role.schema.md b/modules/project/schemas/custom-role.schema.md index eda065897..8453f5a12 100644 --- a/modules/project/schemas/custom-role.schema.md +++ b/modules/project/schemas/custom-role.schema.md @@ -12,5 +12,3 @@
*pattern: ^[a-zA-Z-]+\.[a-zA-Z-]+\.[a-zA-Z-]+$* ## Definitions - - diff --git a/modules/project/schemas/observability.schema.json b/modules/project/schemas/observability.schema.json index b33bb72b3..1bd8ff405 100644 --- a/modules/project/schemas/observability.schema.json +++ b/modules/project/schemas/observability.schema.json @@ -514,4 +514,4 @@ } } } -} \ No newline at end of file +} diff --git a/modules/project/schemas/pam-entitlements.schema.json b/modules/project/schemas/pam-entitlements.schema.json index a2ea3fe62..1504a3a4c 100644 --- a/modules/project/schemas/pam-entitlements.schema.json +++ b/modules/project/schemas/pam-entitlements.schema.json @@ -112,4 +112,4 @@ } }, "additionalProperties": false -} \ No newline at end of file +} diff --git a/modules/project/schemas/pam-entitlements.schema.md b/modules/project/schemas/pam-entitlements.schema.md index f0805eb29..dc5b50de2 100644 --- a/modules/project/schemas/pam-entitlements.schema.md +++ b/modules/project/schemas/pam-entitlements.schema.md @@ -39,5 +39,3 @@ - items: *string* ## Definitions - - diff --git a/modules/project/schemas/quotas.schema.json b/modules/project/schemas/quotas.schema.json index bddcedf32..944186f3f 100644 --- a/modules/project/schemas/quotas.schema.json +++ b/modules/project/schemas/quotas.schema.json @@ -51,4 +51,4 @@ } } } -} \ No newline at end of file +} diff --git a/modules/project/schemas/quotas.schema.md b/modules/project/schemas/quotas.schema.md index 09646691f..d71cdb5d0 100644 --- a/modules/project/schemas/quotas.schema.md +++ b/modules/project/schemas/quotas.schema.md @@ -21,5 +21,3 @@
*enum: ['QUOTA_DECREASE_BELOW_USAGE', 'QUOTA_DECREASE_PERCENTAGE_TOO_HIGH', 'QUOTA_SAFETY_CHECK_UNSPECIFIED']* ## Definitions - - diff --git a/modules/project/schemas/scc-mute-config.schema.json b/modules/project/schemas/scc-mute-config.schema.json index a5ae84bdb..892df5dac 100644 --- a/modules/project/schemas/scc-mute-config.schema.json +++ b/modules/project/schemas/scc-mute-config.schema.json @@ -26,4 +26,4 @@ } } } -} \ No newline at end of file +} diff --git a/modules/project/schemas/scc-mute-config.schema.md b/modules/project/schemas/scc-mute-config.schema.md index d103af2d6..7a2ed4cef 100644 --- a/modules/project/schemas/scc-mute-config.schema.md +++ b/modules/project/schemas/scc-mute-config.schema.md @@ -11,5 +11,3 @@
*default: DYNAMIC*, *enum: ['DYNAMIC', 'STATIC']* ## Definitions - - diff --git a/modules/project/schemas/scc-sha-custom-modules.schema.json b/modules/project/schemas/scc-sha-custom-modules.schema.json index f70f354e5..03d87aa52 100644 --- a/modules/project/schemas/scc-sha-custom-modules.schema.json +++ b/modules/project/schemas/scc-sha-custom-modules.schema.json @@ -48,4 +48,4 @@ } } } -} \ No newline at end of file +} diff --git a/modules/project/schemas/scc-sha-custom-modules.schema.md b/modules/project/schemas/scc-sha-custom-modules.schema.md index 685da6bed..110439d49 100644 --- a/modules/project/schemas/scc-sha-custom-modules.schema.md +++ b/modules/project/schemas/scc-sha-custom-modules.schema.md @@ -15,5 +15,3 @@ - ⁺**severity**: *string* ## Definitions - - diff --git a/modules/project/schemas/tags.schema.json b/modules/project/schemas/tags.schema.json index 682ea7fe8..64e2827b0 100644 --- a/modules/project/schemas/tags.schema.json +++ b/modules/project/schemas/tags.schema.json @@ -152,4 +152,4 @@ } } } -} \ No newline at end of file +} diff --git a/modules/project/service-agents.yaml b/modules/project/service-agents.yaml index e13398fe2..7f8fb35ca 100644 --- a/modules/project/service-agents.yaml +++ b/modules/project/service-agents.yaml @@ -2116,4 +2116,3 @@ is_primary: false aliases: [] skip_iam: false - diff --git a/modules/projects-data-source/README.md b/modules/projects-data-source/README.md index d5cc30474..a98a8e96e 100644 --- a/modules/projects-data-source/README.md +++ b/modules/projects-data-source/README.md @@ -1,6 +1,6 @@ -# Projects Data Source Module +# Projects Data Source Module -This module extends functionality of [google_projects](https://registry.terraform.io/providers/hashicorp/google/latest/docs/data-sources/projects) data source by retrieving all the projects under a specific `parent` recursively with only one API call against [Cloud Asset Inventory](https://cloud.google.com/asset-inventory/docs) service. +This module extends functionality of [google_projects](https://registry.terraform.io/providers/hashicorp/google/latest/docs/data-sources/projects) data source by retrieving all the projects under a specific `parent` recursively with only one API call against [Cloud Asset Inventory](https://cloud.google.com/asset-inventory/docs) service. A good usage pattern would be when we want all the projects under a specific folder (including nested subfolders) to be included into [VPC Service Controls](../vpc-sc/). Instead of manually maintaining the list of project numbers as an input to the `vpc-sc` module we can use that module to retrieve all the project numbers dynamically. diff --git a/modules/secure-source-manager-instance/README.md b/modules/secure-source-manager-instance/README.md index a0043270f..4b2b9dd05 100644 --- a/modules/secure-source-manager-instance/README.md +++ b/modules/secure-source-manager-instance/README.md @@ -194,7 +194,7 @@ module "ssm_instance" { } } } -# tftest modules=1 resources=3 inventory=branch-protection-rules.yaml +# tftest modules=1 resources=3 inventory=branch-protection-rules.yaml ``` ### Initial Configuration diff --git a/modules/spanner-instance/variables.tf b/modules/spanner-instance/variables.tf index 5fa865e38..95a88153a 100644 --- a/modules/spanner-instance/variables.tf +++ b/modules/spanner-instance/variables.tf @@ -135,4 +135,3 @@ variable "project_id" { description = "Project id." type = string } - diff --git a/modules/vpc-sc/schemas/access-level.schema.md b/modules/vpc-sc/schemas/access-level.schema.md index 0447fe6f8..806095c3d 100644 --- a/modules/vpc-sc/schemas/access-level.schema.md +++ b/modules/vpc-sc/schemas/access-level.schema.md @@ -40,5 +40,3 @@ - items: *string* ## Definitions - - diff --git a/modules/vpc-sc/schemas/egress-policy.schema.json b/modules/vpc-sc/schemas/egress-policy.schema.json index 56a6f250c..2eb7b8dd6 100644 --- a/modules/vpc-sc/schemas/egress-policy.schema.json +++ b/modules/vpc-sc/schemas/egress-policy.schema.json @@ -97,4 +97,4 @@ } } } -} \ No newline at end of file +} diff --git a/modules/vpc-sc/schemas/egress-policy.schema.md b/modules/vpc-sc/schemas/egress-policy.schema.md index e4f1d5473..8225df3f5 100644 --- a/modules/vpc-sc/schemas/egress-policy.schema.md +++ b/modules/vpc-sc/schemas/egress-policy.schema.md @@ -35,5 +35,3 @@ - items: *string* ## Definitions - - diff --git a/modules/vpc-sc/schemas/ingress-policy.schema.json b/modules/vpc-sc/schemas/ingress-policy.schema.json index 952a24f5f..ea10333ff 100644 --- a/modules/vpc-sc/schemas/ingress-policy.schema.json +++ b/modules/vpc-sc/schemas/ingress-policy.schema.json @@ -90,4 +90,4 @@ } } } -} \ No newline at end of file +} diff --git a/modules/vpc-sc/schemas/ingress-policy.schema.md b/modules/vpc-sc/schemas/ingress-policy.schema.md index e34fec911..d7505ee77 100644 --- a/modules/vpc-sc/schemas/ingress-policy.schema.md +++ b/modules/vpc-sc/schemas/ingress-policy.schema.md @@ -31,5 +31,3 @@ - items: *string* ## Definitions - - diff --git a/modules/vpc-sc/schemas/perimeter.schema.json b/modules/vpc-sc/schemas/perimeter.schema.json index f3dae8384..6b9769c90 100644 --- a/modules/vpc-sc/schemas/perimeter.schema.json +++ b/modules/vpc-sc/schemas/perimeter.schema.json @@ -117,4 +117,4 @@ ] } } -} \ No newline at end of file +} diff --git a/modules/workstation-cluster/iam.tf b/modules/workstation-cluster/iam.tf index 058d9899a..117a4202b 100644 --- a/modules/workstation-cluster/iam.tf +++ b/modules/workstation-cluster/iam.tf @@ -156,4 +156,3 @@ resource "google_workstations_workstation_iam_member" "bindings" { local.ctx.iam_principals, each.value.member, each.value.member ) } - diff --git a/modules/workstation-cluster/main.tf b/modules/workstation-cluster/main.tf index 8a662ea32..51836bccf 100644 --- a/modules/workstation-cluster/main.tf +++ b/modules/workstation-cluster/main.tf @@ -184,4 +184,3 @@ resource "google_workstations_workstation" "workstations" { env = each.value.env annotations = each.value.annotations } - diff --git a/modules/workstation-cluster/schemas/workstation-config.schema.json b/modules/workstation-cluster/schemas/workstation-config.schema.json index 8a93ed156..6012d8a0f 100644 --- a/modules/workstation-cluster/schemas/workstation-config.schema.json +++ b/modules/workstation-cluster/schemas/workstation-config.schema.json @@ -406,4 +406,4 @@ "default": {} } } -} \ No newline at end of file +} diff --git a/modules/workstation-cluster/schemas/workstation-config.schema.md b/modules/workstation-cluster/schemas/workstation-config.schema.md index d8329e837..039826748 100644 --- a/modules/workstation-cluster/schemas/workstation-config.schema.md +++ b/modules/workstation-cluster/schemas/workstation-config.schema.md @@ -79,5 +79,3 @@
*additional properties: object* ## Definitions - - diff --git a/tests/fast/stages/s0_org_setup/hardened.yaml b/tests/fast/stages/s0_org_setup/hardened.yaml index 284c20e41..879dbf01b 100644 --- a/tests/fast/stages/s0_org_setup/hardened.yaml +++ b/tests/fast/stages/s0_org_setup/hardened.yaml @@ -8459,4 +8459,3 @@ outputs: subnet_self_links: {} tfvars: __missing__ vpc_self_links: {} - diff --git a/tests/fast/stages/s0_org_setup/simple.yaml b/tests/fast/stages/s0_org_setup/simple.yaml index 166ee9b69..39d9e2954 100644 --- a/tests/fast/stages/s0_org_setup/simple.yaml +++ b/tests/fast/stages/s0_org_setup/simple.yaml @@ -2912,4 +2912,3 @@ outputs: subnet_self_links: {} tfvars: __missing__ vpc_self_links: {} - diff --git a/tests/fast/stages/s0_org_setup/starter-gcd.yaml b/tests/fast/stages/s0_org_setup/starter-gcd.yaml index f129919a4..a8fae262c 100644 --- a/tests/fast/stages/s0_org_setup/starter-gcd.yaml +++ b/tests/fast/stages/s0_org_setup/starter-gcd.yaml @@ -1376,4 +1376,3 @@ outputs: subnet_self_links: __missing__ tfvars: __missing__ vpc_self_links: __missing__ - diff --git a/tests/fast/stages/s1_vpcsc/tftest.yaml b/tests/fast/stages/s1_vpcsc/tftest.yaml index 57ec3aaf6..0a3a24f1c 100644 --- a/tests/fast/stages/s1_vpcsc/tftest.yaml +++ b/tests/fast/stages/s1_vpcsc/tftest.yaml @@ -26,4 +26,3 @@ tests: - simple.yaml extra_dirs: - ../../../tests/fast/stages/s1_vpcsc/data-simple - diff --git a/tests/fast/stages/s2_networking/data-testdns-delegation/defaults.yaml b/tests/fast/stages/s2_networking/data-testdns-delegation/defaults.yaml index 3e9522c07..fdb490446 100644 --- a/tests/fast/stages/s2_networking/data-testdns-delegation/defaults.yaml +++ b/tests/fast/stages/s2_networking/data-testdns-delegation/defaults.yaml @@ -39,4 +39,3 @@ vpcs: mtu: 1500 output_files: storage_bucket: $storage_buckets:iac-0/iac-outputs - diff --git a/tests/fast/stages/s2_networking/data-testdns-delegation/dns/zones/net-core-0/pub-child-dnssec.yaml b/tests/fast/stages/s2_networking/data-testdns-delegation/dns/zones/net-core-0/pub-child-dnssec.yaml index a8dbf8721..7c23c848a 100644 --- a/tests/fast/stages/s2_networking/data-testdns-delegation/dns/zones/net-core-0/pub-child-dnssec.yaml +++ b/tests/fast/stages/s2_networking/data-testdns-delegation/dns/zones/net-core-0/pub-child-dnssec.yaml @@ -9,4 +9,3 @@ domain: child-dnssec.example.com. public: dnssec_config: state: "on" - diff --git a/tests/fast/stages/s2_networking/data-testdns-delegation/dns/zones/net-core-0/pub-child.yaml b/tests/fast/stages/s2_networking/data-testdns-delegation/dns/zones/net-core-0/pub-child.yaml index 1491f31e4..c45cab687 100644 --- a/tests/fast/stages/s2_networking/data-testdns-delegation/dns/zones/net-core-0/pub-child.yaml +++ b/tests/fast/stages/s2_networking/data-testdns-delegation/dns/zones/net-core-0/pub-child.yaml @@ -9,4 +9,3 @@ domain: child.example.com. public: dnssec_config: state: "off" - diff --git a/tests/fast/stages/s2_networking/data-testdns-delegation/dns/zones/net-core-0/pub-parent.yaml b/tests/fast/stages/s2_networking/data-testdns-delegation/dns/zones/net-core-0/pub-parent.yaml index 945a35d4e..1183274ae 100644 --- a/tests/fast/stages/s2_networking/data-testdns-delegation/dns/zones/net-core-0/pub-parent.yaml +++ b/tests/fast/stages/s2_networking/data-testdns-delegation/dns/zones/net-core-0/pub-parent.yaml @@ -12,4 +12,3 @@ public: delegations: - net-core-0/pub-child - net-core-0/pub-child-dnssec - diff --git a/tests/fast/stages/s2_networking/data-testdns-delegation/projects/net-core-0.yaml b/tests/fast/stages/s2_networking/data-testdns-delegation/projects/net-core-0.yaml index 5c8d44762..3e8e97916 100644 --- a/tests/fast/stages/s2_networking/data-testdns-delegation/projects/net-core-0.yaml +++ b/tests/fast/stages/s2_networking/data-testdns-delegation/projects/net-core-0.yaml @@ -18,4 +18,3 @@ services: - vpcaccess.googleapis.com shared_vpc_host_config: enabled: true - diff --git a/tests/fast/stages/s2_networking/data-testdns-delegation/vpcs/core/.config.yaml b/tests/fast/stages/s2_networking/data-testdns-delegation/vpcs/core/.config.yaml index 4b5b7b1f4..18354b39b 100644 --- a/tests/fast/stages/s2_networking/data-testdns-delegation/vpcs/core/.config.yaml +++ b/tests/fast/stages/s2_networking/data-testdns-delegation/vpcs/core/.config.yaml @@ -7,4 +7,3 @@ project_id: $project_ids:net-core-0 name: core-0 delete_default_routes_on_create: true - diff --git a/tests/fast/stages/s2_networking/data-testdns-delegation/vpcs/core/subnets/core-default.yaml b/tests/fast/stages/s2_networking/data-testdns-delegation/vpcs/core/subnets/core-default.yaml index 03c8066be..ebe56e9ff 100644 --- a/tests/fast/stages/s2_networking/data-testdns-delegation/vpcs/core/subnets/core-default.yaml +++ b/tests/fast/stages/s2_networking/data-testdns-delegation/vpcs/core/subnets/core-default.yaml @@ -6,4 +6,3 @@ name: core-default region: $locations:primary ip_cidr_range: 10.71.0.0/24 description: Default primary-region subnet for core - diff --git a/tests/fast/stages/s2_networking/dns_delegations.tfvars b/tests/fast/stages/s2_networking/dns_delegations.tfvars index b48dcc5c2..11c1903d5 100644 --- a/tests/fast/stages/s2_networking/dns_delegations.tfvars +++ b/tests/fast/stages/s2_networking/dns_delegations.tfvars @@ -32,4 +32,3 @@ tag_values = { "environment/development" = "tagValues/12345" "environment/production" = "tagValues/12346" } - diff --git a/tests/fast/stages/s2_networking/dns_delegations.yaml b/tests/fast/stages/s2_networking/dns_delegations.yaml index c3331da0e..5876f56a4 100644 --- a/tests/fast/stages/s2_networking/dns_delegations.yaml +++ b/tests/fast/stages/s2_networking/dns_delegations.yaml @@ -49,4 +49,3 @@ values: routing_policy: [] ttl: 300 type: DS - diff --git a/tests/fast/stages/s2_networking/vlan_attachments.yaml b/tests/fast/stages/s2_networking/vlan_attachments.yaml index 0b7452c83..c4da065e3 100644 --- a/tests/fast/stages/s2_networking/vlan_attachments.yaml +++ b/tests/fast/stages/s2_networking/vlan_attachments.yaml @@ -691,4 +691,3 @@ outputs: hub: {} subnet_self_links: __missing__ vpc_self_links: __missing__ - diff --git a/tests/fast/stages/s2_project_factory/simple.tfvars b/tests/fast/stages/s2_project_factory/simple.tfvars index af498cd67..b9c4a7358 100644 --- a/tests/fast/stages/s2_project_factory/simple.tfvars +++ b/tests/fast/stages/s2_project_factory/simple.tfvars @@ -21,4 +21,4 @@ organization = { domain = "fast.example.com" id = 123456789012 customer_id = "C00000000" -} \ No newline at end of file +} diff --git a/tests/fixtures/bigquery-dataset.tf b/tests/fixtures/bigquery-dataset.tf index bd47aa928..b7af50401 100644 --- a/tests/fixtures/bigquery-dataset.tf +++ b/tests/fixtures/bigquery-dataset.tf @@ -35,4 +35,4 @@ module "bigquery-dataset" { iam = { "roles/bigquery.dataEditor" = ["serviceAccount:service-${var.project_number}@gcp-sa-pubsub.iam.gserviceaccount.com"] } -} \ No newline at end of file +} diff --git a/tests/fixtures/dns-response-policy.tf b/tests/fixtures/dns-response-policy.tf index 423ed2cee..d719f5f6f 100644 --- a/tests/fixtures/dns-response-policy.tf +++ b/tests/fixtures/dns-response-policy.tf @@ -19,4 +19,4 @@ module "dns-response-policy" { networks = { landing = var.vpc.self_link } -} \ No newline at end of file +} diff --git a/tests/fixtures/net-lb-app-int-cross-region.tf b/tests/fixtures/net-lb-app-int-cross-region.tf index 5fb42b54a..7aa9dd22e 100644 --- a/tests/fixtures/net-lb-app-int-cross-region.tf +++ b/tests/fixtures/net-lb-app-int-cross-region.tf @@ -31,4 +31,4 @@ module "net-lb-app-int-cross-region" { (var.region) = var.subnet.self_link } } -} \ No newline at end of file +} diff --git a/tests/fixtures/net-vpc-ipv6.tf b/tests/fixtures/net-vpc-ipv6.tf index 14d0dbbec..d5490e6b7 100644 --- a/tests/fixtures/net-vpc-ipv6.tf +++ b/tests/fixtures/net-vpc-ipv6.tf @@ -37,4 +37,4 @@ module "vpc" { } }, ] -} \ No newline at end of file +} diff --git a/tests/modules/apigee/all_psc_mode.tfvars b/tests/modules/apigee/all_psc_mode.tfvars index 41bafabbd..b5be02001 100644 --- a/tests/modules/apigee/all_psc_mode.tfvars +++ b/tests/modules/apigee/all_psc_mode.tfvars @@ -44,4 +44,4 @@ endpoint_attachments = { region = "europe-west1" service_attachment = "projects/my-project-2/serviceAttachments/gkebackend2" } -} \ No newline at end of file +} diff --git a/tests/modules/apigee/all_vpc_mode.tfvars b/tests/modules/apigee/all_vpc_mode.tfvars index 03626f769..f8efab70f 100644 --- a/tests/modules/apigee/all_vpc_mode.tfvars +++ b/tests/modules/apigee/all_vpc_mode.tfvars @@ -49,4 +49,4 @@ endpoint_attachments = { region = "europe-west1" service_attachment = "projects/my-project-2/serviceAttachments/gkebackend2" } -} \ No newline at end of file +} diff --git a/tests/modules/apigee/envgroup_only.tfvars b/tests/modules/apigee/envgroup_only.tfvars index 0e728a230..bb28992f0 100644 --- a/tests/modules/apigee/envgroup_only.tfvars +++ b/tests/modules/apigee/envgroup_only.tfvars @@ -1,4 +1,4 @@ project_id = "my-project" envgroups = { test = ["test.example.com"] -} \ No newline at end of file +} diff --git a/tests/modules/apigee/instance_only_psc_mode.tfvars b/tests/modules/apigee/instance_only_psc_mode.tfvars index 05fb2cd7a..7f784b48a 100644 --- a/tests/modules/apigee/instance_only_psc_mode.tfvars +++ b/tests/modules/apigee/instance_only_psc_mode.tfvars @@ -10,4 +10,4 @@ organization = { } instances = { europe-west1 = {} -} \ No newline at end of file +} diff --git a/tests/modules/apigee/instance_only_vpc_mode.tfvars b/tests/modules/apigee/instance_only_vpc_mode.tfvars index 2367a8847..554d6349b 100644 --- a/tests/modules/apigee/instance_only_vpc_mode.tfvars +++ b/tests/modules/apigee/instance_only_vpc_mode.tfvars @@ -4,4 +4,4 @@ instances = { runtime_ip_cidr_range = "10.0.4.0/22" troubleshooting_ip_cidr_range = "10.1.1.0/28" } -} \ No newline at end of file +} diff --git a/tests/modules/apigee/organization_only_psc_mode.tfvars b/tests/modules/apigee/organization_only_psc_mode.tfvars index f4808db56..9e480e33e 100644 --- a/tests/modules/apigee/organization_only_psc_mode.tfvars +++ b/tests/modules/apigee/organization_only_psc_mode.tfvars @@ -7,4 +7,4 @@ organization = { database_encryption_key = "123456789" analytics_region = "europe-west1" disable_vpc_peering = true -} \ No newline at end of file +} diff --git a/tests/modules/apigee/organization_only_vpc_mode.tfvars b/tests/modules/apigee/organization_only_vpc_mode.tfvars index db2b70979..f4bea15f3 100644 --- a/tests/modules/apigee/organization_only_vpc_mode.tfvars +++ b/tests/modules/apigee/organization_only_vpc_mode.tfvars @@ -7,4 +7,4 @@ organization = { billing_type = "PAYG" database_encryption_key = "123456789" analytics_region = "europe-west1" -} \ No newline at end of file +} diff --git a/tests/modules/apigee/organization_retention.tfvars b/tests/modules/apigee/organization_retention.tfvars index d28af03a9..dd1859365 100644 --- a/tests/modules/apigee/organization_retention.tfvars +++ b/tests/modules/apigee/organization_retention.tfvars @@ -8,4 +8,4 @@ organization = { database_encryption_key = "123456789" analytics_region = "europe-west1" retention = "MINIMUM" -} \ No newline at end of file +} diff --git a/tests/modules/apigee/test_apigee_nat_activate.tfvars b/tests/modules/apigee/test_apigee_nat_activate.tfvars index d313605c3..aa976b62b 100644 --- a/tests/modules/apigee/test_apigee_nat_activate.tfvars +++ b/tests/modules/apigee/test_apigee_nat_activate.tfvars @@ -21,4 +21,4 @@ instances = { enable_nat = true activate_nat = true } -} \ No newline at end of file +} diff --git a/tests/modules/billing_account/examples/iam.yaml b/tests/modules/billing_account/examples/iam.yaml index d396b4b9c..8f1accee7 100644 --- a/tests/modules/billing_account/examples/iam.yaml +++ b/tests/modules/billing_account/examples/iam.yaml @@ -43,4 +43,3 @@ counts: resources: 3 outputs: {} - diff --git a/tests/modules/compute_mig/examples/health-check.yaml b/tests/modules/compute_mig/examples/health-check.yaml index 4d503679e..f1d8291c0 100644 --- a/tests/modules/compute_mig/examples/health-check.yaml +++ b/tests/modules/compute_mig/examples/health-check.yaml @@ -66,4 +66,3 @@ counts: google_compute_instance_template: 1 modules: 2 resources: 3 - diff --git a/tests/modules/compute_mig/examples/multiple.yaml b/tests/modules/compute_mig/examples/multiple.yaml index 9639359af..c5f4b7747 100644 --- a/tests/modules/compute_mig/examples/multiple.yaml +++ b/tests/modules/compute_mig/examples/multiple.yaml @@ -44,4 +44,3 @@ counts: google_compute_instance_template: 1 modules: 2 resources: 2 - diff --git a/tests/modules/compute_mig/examples/policy.yaml b/tests/modules/compute_mig/examples/policy.yaml index cfce764df..bdf26907c 100644 --- a/tests/modules/compute_mig/examples/policy.yaml +++ b/tests/modules/compute_mig/examples/policy.yaml @@ -49,4 +49,3 @@ counts: google_compute_instance_template: 1 modules: 2 resources: 2 - diff --git a/tests/modules/compute_mig/examples/stateful.yaml b/tests/modules/compute_mig/examples/stateful.yaml index 1b8a56bbc..39a2895b5 100644 --- a/tests/modules/compute_mig/examples/stateful.yaml +++ b/tests/modules/compute_mig/examples/stateful.yaml @@ -61,4 +61,3 @@ counts: google_compute_per_instance_config: 1 modules: 2 resources: 4 - diff --git a/tests/modules/compute_vm/examples/group-membership.yaml b/tests/modules/compute_vm/examples/group-membership.yaml index 5e486a2c6..e9dbedb97 100644 --- a/tests/modules/compute_vm/examples/group-membership.yaml +++ b/tests/modules/compute_vm/examples/group-membership.yaml @@ -23,4 +23,3 @@ values: counts: google_compute_instance: 1 google_compute_instance_group_membership: 1 - diff --git a/tests/modules/dns/context-peering.tfvars b/tests/modules/dns/context-peering.tfvars index b60afc37d..fae87c4bf 100644 --- a/tests/modules/dns/context-peering.tfvars +++ b/tests/modules/dns/context-peering.tfvars @@ -28,4 +28,3 @@ recordsets = { iam = { "$custom_roles:myrole" = ["$iam_principals:mygroup"] } - diff --git a/tests/modules/dns/context-private.tfvars b/tests/modules/dns/context-private.tfvars index 26a3575b2..0ad761499 100644 --- a/tests/modules/dns/context-private.tfvars +++ b/tests/modules/dns/context-private.tfvars @@ -27,4 +27,3 @@ recordsets = { iam = { "$custom_roles:myrole" = ["$iam_principals:mygroup"] } - diff --git a/tests/modules/firestore/examples/new-database-with-document.yaml b/tests/modules/firestore/examples/new-database-with-document.yaml index fc042a9bb..633bb7f1e 100644 --- a/tests/modules/firestore/examples/new-database-with-document.yaml +++ b/tests/modules/firestore/examples/new-database-with-document.yaml @@ -11,4 +11,3 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - diff --git a/tests/modules/folder/examples/custom-modules-sha.yaml b/tests/modules/folder/examples/custom-modules-sha.yaml index 0df493518..ea0067148 100644 --- a/tests/modules/folder/examples/custom-modules-sha.yaml +++ b/tests/modules/folder/examples/custom-modules-sha.yaml @@ -44,4 +44,3 @@ counts: google_scc_management_folder_security_health_analytics_custom_module: 1 modules: 1 resources: 2 - diff --git a/tests/modules/folder/examples/iam.yaml b/tests/modules/folder/examples/iam.yaml index 7611be117..a5f706dba 100644 --- a/tests/modules/folder/examples/iam.yaml +++ b/tests/modules/folder/examples/iam.yaml @@ -46,4 +46,3 @@ counts: resources: 5 outputs: {} - diff --git a/tests/modules/net_lb_app_ext/examples/classic-vs-non-classic.yaml b/tests/modules/net_lb_app_ext/examples/classic-vs-non-classic.yaml index 7a5110c44..930ae62ee 100644 --- a/tests/modules/net_lb_app_ext/examples/classic-vs-non-classic.yaml +++ b/tests/modules/net_lb_app_ext/examples/classic-vs-non-classic.yaml @@ -101,4 +101,3 @@ counts: resources: 9 outputs: {} - diff --git a/tests/modules/net_lb_app_ext/examples/health-check-1.yaml b/tests/modules/net_lb_app_ext/examples/health-check-1.yaml index e8d0bb4d7..0b8864fbc 100644 --- a/tests/modules/net_lb_app_ext/examples/health-check-1.yaml +++ b/tests/modules/net_lb_app_ext/examples/health-check-1.yaml @@ -100,4 +100,3 @@ counts: resources: 9 outputs: {} - diff --git a/tests/modules/net_lb_app_ext/examples/health-check-2.yaml b/tests/modules/net_lb_app_ext/examples/health-check-2.yaml index 8133ec902..ae9aead12 100644 --- a/tests/modules/net_lb_app_ext/examples/health-check-2.yaml +++ b/tests/modules/net_lb_app_ext/examples/health-check-2.yaml @@ -80,4 +80,3 @@ counts: resources: 8 outputs: {} - diff --git a/tests/modules/net_lb_app_ext/examples/http-backends.yaml b/tests/modules/net_lb_app_ext/examples/http-backends.yaml index e55d654e7..757923504 100644 --- a/tests/modules/net_lb_app_ext/examples/http-backends.yaml +++ b/tests/modules/net_lb_app_ext/examples/http-backends.yaml @@ -116,4 +116,3 @@ counts: resources: 10 outputs: {} - diff --git a/tests/modules/net_lb_app_ext/examples/https-sneg.yaml b/tests/modules/net_lb_app_ext/examples/https-sneg.yaml index b4d296e1c..49d5e6fe0 100644 --- a/tests/modules/net_lb_app_ext/examples/https-sneg.yaml +++ b/tests/modules/net_lb_app_ext/examples/https-sneg.yaml @@ -32,4 +32,3 @@ counts: google_compute_region_network_endpoint_group: 1 google_compute_target_https_proxy: 1 google_compute_url_map: 1 - diff --git a/tests/modules/net_lb_app_ext/examples/instance-groups.yaml b/tests/modules/net_lb_app_ext/examples/instance-groups.yaml index eb31c4f25..a8a24a5fb 100644 --- a/tests/modules/net_lb_app_ext/examples/instance-groups.yaml +++ b/tests/modules/net_lb_app_ext/examples/instance-groups.yaml @@ -114,4 +114,3 @@ counts: resources: 10 outputs: {} - diff --git a/tests/modules/net_lb_app_ext/examples/internet-neg.yaml b/tests/modules/net_lb_app_ext/examples/internet-neg.yaml index d480d145d..e294209a1 100644 --- a/tests/modules/net_lb_app_ext/examples/internet-neg.yaml +++ b/tests/modules/net_lb_app_ext/examples/internet-neg.yaml @@ -97,4 +97,3 @@ counts: resources: 6 outputs: {} - diff --git a/tests/modules/net_lb_app_ext/examples/managed-instance-groups.yaml b/tests/modules/net_lb_app_ext/examples/managed-instance-groups.yaml index 029aade7e..39eec06c0 100644 --- a/tests/modules/net_lb_app_ext/examples/managed-instance-groups.yaml +++ b/tests/modules/net_lb_app_ext/examples/managed-instance-groups.yaml @@ -102,4 +102,3 @@ counts: resources: 8 outputs: {} - diff --git a/tests/modules/net_lb_app_ext/examples/minimal-http.yaml b/tests/modules/net_lb_app_ext/examples/minimal-http.yaml index 91fd7ab6b..e3115bb6e 100644 --- a/tests/modules/net_lb_app_ext/examples/minimal-http.yaml +++ b/tests/modules/net_lb_app_ext/examples/minimal-http.yaml @@ -101,4 +101,3 @@ counts: resources: 9 outputs: {} - diff --git a/tests/modules/net_lb_app_ext/examples/serverless-neg.yaml b/tests/modules/net_lb_app_ext/examples/serverless-neg.yaml index fe56e41ac..8176ee35a 100644 --- a/tests/modules/net_lb_app_ext/examples/serverless-neg.yaml +++ b/tests/modules/net_lb_app_ext/examples/serverless-neg.yaml @@ -96,4 +96,3 @@ counts: resources: 5 outputs: {} - diff --git a/tests/modules/net_lb_app_ext/examples/ssl-certificates.yaml b/tests/modules/net_lb_app_ext/examples/ssl-certificates.yaml index bf5c59213..aca345f64 100644 --- a/tests/modules/net_lb_app_ext/examples/ssl-certificates.yaml +++ b/tests/modules/net_lb_app_ext/examples/ssl-certificates.yaml @@ -142,4 +142,3 @@ counts: tls_self_signed_cert: 1 outputs: {} - diff --git a/tests/modules/net_lb_app_ext/examples/storage.yaml b/tests/modules/net_lb_app_ext/examples/storage.yaml index c660b8d8e..08c466ab6 100644 --- a/tests/modules/net_lb_app_ext/examples/storage.yaml +++ b/tests/modules/net_lb_app_ext/examples/storage.yaml @@ -64,4 +64,3 @@ counts: resources: 4 outputs: {} - diff --git a/tests/modules/net_lb_app_ext/examples/url-map.yaml b/tests/modules/net_lb_app_ext/examples/url-map.yaml index 1623de0ee..d79ddd0e7 100644 --- a/tests/modules/net_lb_app_ext/examples/url-map.yaml +++ b/tests/modules/net_lb_app_ext/examples/url-map.yaml @@ -139,4 +139,3 @@ counts: resources: 10 outputs: {} - diff --git a/tests/modules/net_lb_app_ext/test-plan-llp.tfvars b/tests/modules/net_lb_app_ext/test-plan-llp.tfvars index 82eb94c57..9ee4ef11d 100644 --- a/tests/modules/net_lb_app_ext/test-plan-llp.tfvars +++ b/tests/modules/net_lb_app_ext/test-plan-llp.tfvars @@ -12,4 +12,4 @@ backend_service_configs = { } }] } -} \ No newline at end of file +} diff --git a/tests/modules/net_lb_app_int/health-checks-custom.tfvars b/tests/modules/net_lb_app_int/health-checks-custom.tfvars index 515c25c7b..fcecfafc0 100644 --- a/tests/modules/net_lb_app_int/health-checks-custom.tfvars +++ b/tests/modules/net_lb_app_int/health-checks-custom.tfvars @@ -29,4 +29,3 @@ health_check_configs = { } } } - diff --git a/tests/modules/net_lb_app_int/health-checks-external.tfvars b/tests/modules/net_lb_app_int/health-checks-external.tfvars index 271339274..4ce6e43af 100644 --- a/tests/modules/net_lb_app_int/health-checks-external.tfvars +++ b/tests/modules/net_lb_app_int/health-checks-external.tfvars @@ -23,4 +23,3 @@ backend_service_configs = { } } health_check_configs = {} - diff --git a/tests/modules/net_lb_app_int/iap.tfvars b/tests/modules/net_lb_app_int/iap.tfvars index 414ecc436..e11a2218d 100644 --- a/tests/modules/net_lb_app_int/iap.tfvars +++ b/tests/modules/net_lb_app_int/iap.tfvars @@ -40,4 +40,4 @@ backend_service_configs = { oauth2_client_secret = " " } } -} \ No newline at end of file +} diff --git a/tests/modules/net_lb_ext/forwarding-rule.tfvars b/tests/modules/net_lb_ext/forwarding-rule.tfvars index 9222e4a97..1cd1cf3a4 100644 --- a/tests/modules/net_lb_ext/forwarding-rule.tfvars +++ b/tests/modules/net_lb_ext/forwarding-rule.tfvars @@ -10,4 +10,3 @@ forwarding_rules_config = { ports = [80] } } - diff --git a/tests/modules/net_lb_int/forwarding-rule.tfvars b/tests/modules/net_lb_int/forwarding-rule.tfvars index 04b257b25..945beb53d 100644 --- a/tests/modules/net_lb_int/forwarding-rule.tfvars +++ b/tests/modules/net_lb_int/forwarding-rule.tfvars @@ -30,4 +30,3 @@ forwarding_rules_config = { ports = [80] } } - diff --git a/tests/modules/net_vpc_peering/examples/route-config.yaml b/tests/modules/net_vpc_peering/examples/route-config.yaml index 33da78ffe..ee2e6c910 100644 --- a/tests/modules/net_vpc_peering/examples/route-config.yaml +++ b/tests/modules/net_vpc_peering/examples/route-config.yaml @@ -40,4 +40,3 @@ counts: resources: 2 outputs: {} - diff --git a/tests/modules/organization/org_policies_factory.tfvars b/tests/modules/organization/org_policies_factory.tfvars index 2c6743e9e..8188014c7 100644 --- a/tests/modules/organization/org_policies_factory.tfvars +++ b/tests/modules/organization/org_policies_factory.tfvars @@ -1,4 +1,4 @@ factories_config = { org_policies = "factory/policies" org_policy_custom_constraints = "factory/custom_constraints" -} \ No newline at end of file +} diff --git a/tests/modules/project/examples/custom-modules-sha.yaml b/tests/modules/project/examples/custom-modules-sha.yaml index afff35100..98ad12ec5 100644 --- a/tests/modules/project/examples/custom-modules-sha.yaml +++ b/tests/modules/project/examples/custom-modules-sha.yaml @@ -54,4 +54,3 @@ counts: google_scc_management_project_security_health_analytics_custom_module: 1 modules: 1 resources: 2 - diff --git a/tests/modules/project/org_policies_factory.tfvars b/tests/modules/project/org_policies_factory.tfvars index ec37c9026..44e4a4fa6 100644 --- a/tests/modules/project/org_policies_factory.tfvars +++ b/tests/modules/project/org_policies_factory.tfvars @@ -1,3 +1,3 @@ factories_config = { org_policies = "factory/policies" -} \ No newline at end of file +} diff --git a/tests/modules/source_repository/examples/simple.yaml b/tests/modules/source_repository/examples/simple.yaml index 268d143a0..62c576785 100644 --- a/tests/modules/source_repository/examples/simple.yaml +++ b/tests/modules/source_repository/examples/simple.yaml @@ -40,4 +40,3 @@ counts: resources: 3 outputs: {} - diff --git a/tests/pytest.ini b/tests/pytest.ini index b1da50fa4..e5c8d1fe5 100644 --- a/tests/pytest.ini +++ b/tests/pytest.ini @@ -1,2 +1,2 @@ [pytest] -addopts = --tb=short --dist loadgroup \ No newline at end of file +addopts = --tb=short --dist loadgroup diff --git a/tests/requirements.txt b/tests/requirements.txt index a1035175c..a82023bc0 100644 --- a/tests/requirements.txt +++ b/tests/requirements.txt @@ -6,4 +6,3 @@ marko>=1.2.2 pytest-xdist>=3.1.0 jsonschema>=4.22.0 yamllint>=1.37.1 - diff --git a/tools/check_schema_docs.py b/tools/check_schema_docs.py index a43d9687a..582485ee8 100755 --- a/tools/check_schema_docs.py +++ b/tools/check_schema_docs.py @@ -85,7 +85,7 @@ def _check_dir(dir_name): tree = schema_docs.parse_node(schema) props, defs = schema_docs.render_node(tree) doc = schema_docs.DOC.format(title=schema.get('title'), properties=props, - definitions=defs or '') + definitions=defs or '').strip() new_doc_content = f'{doc}\n' state = State.OK diff --git a/tools/lint.sh b/tools/lint.sh index bf0f86ae6..2813338e5 100755 --- a/tools/lint.sh +++ b/tools/lint.sh @@ -14,13 +14,14 @@ # See the License for the specific language governing permissions and # limitations under the License. -DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) +# shellcheck disable=SC2034 +DIR=$(cd -- "$(dirname -- "${BASH_SOURCE[0]}")" &>/dev/null && pwd) echo -- Boilerplate check -- -python3 tools/check_boilerplate.py $PWD +python3 tools/check_boilerplate.py "$PWD" echo -- Terraform format -- -terraform fmt -recursive -check -diff $PWD +terraform fmt -recursive -check -diff "$PWD" echo -- READMEs -- python3 tools/check_documentation.py --no-show-summary modules fast blueprints @@ -29,7 +30,7 @@ echo -- Schema docs -- python3 tools/check_schema_docs.py --no-show-summary modules fast blueprints echo -- Links -- -python3 tools/check_links.py --no-show-summary $PWD +python3 tools/check_links.py --no-show-summary "$PWD" echo -- FAST Names -- python3 tools/check_names.py --prefix-length=10 --failed-only fast/stages @@ -39,8 +40,8 @@ yamllint -c .yamllint . echo -- Python formatting -- yapf -p -d -r \ - tools/*.py \ - blueprints + tools/*.py \ + blueprints echo -- Version checks -- find . -type f -name 'versions.tf' -exec diff -I '[[:space:]]*module_name' -ub default-versions.tf {} \; diff --git a/tools/schema_docs.py b/tools/schema_docs.py index 90302eb84..7b4a3739f 100755 --- a/tools/schema_docs.py +++ b/tools/schema_docs.py @@ -177,7 +177,7 @@ def main(paths=None): tree = parse_node(schema) props, defs = render_node(tree) doc = DOC.format(title=schema.get('title'), properties=props, - definitions=defs or '') + definitions=defs or '').strip() f_doc = f.with_suffix('.md') f_doc.write_text(f'{doc}\n') logging.info(f'doc {f}') diff --git a/tools/versions.py b/tools/versions.py index 57e62a7f8..b45ca6b54 100755 --- a/tools/versions.py +++ b/tools/versions.py @@ -51,7 +51,7 @@ terraform {{ }} """ -FAST_VERSIONS_TEMPLATE = "\n# FAST release: {fast_release}" +FAST_VERSIONS_TEMPLATE = "\n# FAST release: {fast_release}\n" def extract_variables(template, interpolated_string):