kovagoadi/hunfabric
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,881 Commits 1 Branch 1 Tag
03288f2b35287c16a86065bcd122ed6fbbbf516b
Commit Graph

1284 Commits

Author SHA1 Message Date
kovagoadam
1cdad26eab Fix project-factory version output (#3606) 2025-12-22 06:54:34 +00:00
Ludovico Magnocavallo
a554971563 Merge remote-tracking branch 'origin/master' into fast-dev 2025-12-22 06:36:05 +00:00
kovagoadam
e07db39fd5 Add audiences for cicd_workflows local (#3602) 2025-12-18 17:36:16 +00:00
Josh Myers
1eb93db427 feat: project-factory folders support deletion_protection (#3595) 
* feat: project-factory buckets support deletion_protection

* chore: Update all folder.schema.json

---------

Co-authored-by: Julio Castillo <jccb@google.com>
 2025-12-18 14:25:05 +00:00
Luca Prete
c193fb37ee Upgrade Terraform provider to 7.13 (#3600) 2025-12-18 11:29:48 +01:00
Wiktor Niesiobędzki
85ebc4bc6f fix tests 2025-12-18 11:20:31 +01:00
Wiktor Niesiobędzki
f4b8992ea5 Add source_md5hash to avoid inconsistent plan on updates to FAST output files 2025-12-18 11:20:31 +01:00
Vannick Trinquier
cc24046be8 Add CMEK support to FAST and controls for CMEK encryption (#3556) 2025-12-14 12:14:08 +07:00
Wiktor Niesiobędzki
5af6a3ee25 Add import snippet for IAM to 0-org-setup 2025-12-12 15:05:42 +01:00
Ludovico Magnocavallo
ab0f55216a Add support for descriptive name to projects (#3591) 
* add support for descriptive name to projects

* boilerplate

* fmt
 2025-12-12 09:06:47 +01:00
Ludovico Magnocavallo
dcb781c97e Update cicd.yaml 2025-12-12 08:03:52 +01:00
Ludovico Magnocavallo
216a12eae5 Fix CI/CD dataset files and provider workflow variable in FAST stage 0 (#3587) 
* fix CI/CD dataset files and provider workflow variable

* IAM principals use pool, sts uses provider

* tfdoc

* fix variable description
 2025-12-11 15:05:39 +01:00
Ludovico Magnocavallo
d21e9c51e8 prep v50.0.0 2025-12-10 18:22:55 +00:00
Ludovico Magnocavallo
7cc12da6b3 Merge remote-tracking branch 'origin/master' into fast-dev 2025-12-10 18:19:11 +00:00
Ludovico Magnocavallo
5e606d0fff prep v49.3.0 2025-12-10 17:51:43 +00:00
Wiktor Niesiobędzki
c04c6b8093 Add more detailed version of yq (#3581) 
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2025-12-10 18:07:54 +01:00
Ludovico Magnocavallo
7c05299540 Implement additional GCS attributes in project factory (#3583) 
* implement additional bucket attributes in project factory

* update FAST schemas

* fmt/tfdoc
 2025-12-10 16:12:58 +01:00
Ludovico Magnocavallo
dd6b1ea493 Merge remote-tracking branch 'origin/master' into fast-dev 2025-12-09 17:14:59 +00:00
Wiktor Niesiobędzki
0652ce84a0 Add yq snippets for imports 2025-12-09 17:31:14 +01:00
aumohr
33bf7ab157 added role required for support ticket creation (#3578) 
* added role required for support ticket creation

* updated tests for role count

* updated tests for resource count
 2025-12-09 14:09:06 +04:00
Ludovico Magnocavallo
66b9106e6e Merge remote-tracking branch 'origin/master' into fast-dev 2025-12-08 08:09:55 +00:00
Ludovico Magnocavallo
ac68262733 prep v49.2.0 2025-12-08 07:58:58 +00:00
Wiktor Niesiobędzki
a3d112d14a ignore_changes quirks 2025-12-07 10:43:25 +01:00
Zsolt Molnar
b1969f6c60 Workforce identity: migrate to iam.managed.allowedPolicyMembers Organizational Policy (#3546) 
* Migrate to iam.managed.allowedPolicyMembers Organizational Policy to allow PrincipalSets configuration for Workforce identity use-cases

* Keep iam.managed.allowedPolicyMembers implementation as comment only

---------

Co-authored-by: Julio Castillo <jccb@google.com>
 2025-12-05 17:26:04 +01:00
Michael Woodham
bc5732357c Updates to GKE modules to support Secret Sync (#3562) 
* Updates to add secret_sync to GKE module in CFF

* updated READMEs against the python tfdoc command

* updated version for secret_sync to reflect 7.12.0

* update provider versions to 7.12.0

* Updated READMEs which got clobbered by merge with main

* Fixed test errors in secret-manager module

---------

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2025-12-05 15:30:49 +00:00
Ludovico Magnocavallo
ad9b71442a Update stage 0 README (#3565) 
* Update stage 0 README

* tfdoc

* sort services and remvoe duplicates
 2025-12-04 10:28:57 +01:00
Vannick Trinquier
33df0bba4a Align locations in networking stage with other stages (#3559) 2025-12-04 14:28:05 +07:00
Ludovico Magnocavallo
26d43d8ec5 re-enable project billing association in project factory, extends to folder (#3554) 2025-11-27 20:51:20 +00:00
Ludovico Magnocavallo
6f8097d2eb Merge remote-tracking branch 'origin/master' into fast-dev 2025-11-24 09:56:12 +00:00
Ludovico Magnocavallo
3daba73d0b add default routes / delete default (#3549) 2025-11-24 09:28:57 +00:00
Ludovico Magnocavallo
bd4f2e317a prep v49.1.0 2025-11-24 08:37:06 +00:00
Ludovico Magnocavallo
10e29e1eeb Context improvements: "all service accounts" principal in folder, org, project modules; custom roles in factory condition vars for FAST stage 0 (#3548) 
* iam principalsets

* fix folder

* add custom roles to factory condition vars in stage 0

* project shared vpc IAM
 2025-11-24 08:28:41 +00:00
Vannick Trinquier
ba4ed1a7a9 Add additional hardened controls for gke, firewall, cloudrun and others (#3541) 2025-11-21 15:38:53 +07:00
Zsolt Molnar
9f51c4b555 Configure ADMIN_READ for sts.googleapis.com to enable Workforce Identity logging (#3545) 
* Configure ADMIN_READ for sts.googleapis.com to enable Workforce Identity logging

* Updated test results
 2025-11-21 07:40:45 +01:00
Ludovico Magnocavallo
3392953188 prep v49.0.0 2025-11-18 13:51:02 +00:00
Ludovico Magnocavallo
da5726324d Merge remote-tracking branch 'origin/master' into fast-dev 2025-11-18 13:49:13 +00:00
Ludovico Magnocavallo
83ebdbbd2d prep v48.1.0 2025-11-18 13:47:16 +00:00
Ludovico Magnocavallo
932fd82fe2 Drop the 2-secops stage and minimally refactor 3-secops-dev (#3537) 
* drop 2-secops and minimally refactor 3-secops

* remove stage 2 tests

* tfdoc
 2025-11-18 14:32:06 +01:00
Ludovico Magnocavallo
8c29512890 Leverage project-level workload identity in FAST CI/CD (#3535) 
* Leverage project-level WIF in FAST CI/CD

* add new context namespace, improve outputs, fix tests and inventories

* make YAML linter happy

* README
 2025-11-18 10:49:44 +00:00
Ludovico Magnocavallo
0ff2e8c56b Merge remote-tracking branch 'origin/master' into fast-dev 2025-11-17 19:00:17 +00:00
kovagoadam
2567233fb7 Fix egress-policy schema by removing pattern to match the one in ingress-policy schema. (#3533) 2025-11-17 14:56:32 +00:00
Ludovico Magnocavallo
09367404a8 remove log buckets from security stage projects (#3534) 2025-11-17 14:24:58 +00:00
Ludovico Magnocavallo
6035fe89d7 assign service usage roles on iac project to automation service accounts (#3532) 2025-11-17 14:58:57 +01:00
Ludovico Magnocavallo
897c6ef8c3 Add support for Workload Identity to project module and project factory (#3531) 
* module-level support

* fast stage 0

* fix inventory, add outputs/tfvars

* wip

* project factory

* pf outputs

* iam templates will be added where ci/cd configs are managed

* fix merge conflicts
 2025-11-17 07:31:21 +00:00
Ludovico Magnocavallo
87ed19bc47 Add support for Workforce Identity to organization module and org setup stage (#3530) 
* module-level support

* fast stage 0

* fix inventory, add outputs/tfvars
 2025-11-17 08:00:30 +01:00
Vannick Trinquier
03521a5780 Prettify yaml controls (#3525) 2025-11-13 14:21:36 +07:00
Ludovico Magnocavallo
5270586a8e fix schema doc tool, fix schema errors, regenerate schema docs (#3524) 2025-11-12 08:50:52 +01:00
Ludovico Magnocavallo
602e1731c9 Replace leftover schema links with actual files (#3522) 
* replace schema links with schemas

* vpc-sc stage
 2025-11-11 11:57:51 +01:00
Ludovico Magnocavallo
3289a6ff27 prep v48.0.0 2025-11-11 09:13:44 +00:00
Ludovico Magnocavallo
76eec666ea Merge remote-tracking branch 'origin/master' into fast-dev 2025-11-11 09:10:56 +00:00