kovagoadi/hunfabric
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
5,997 Commits 1 Branch 1 Tag
0facab67247cd83c08c656bfcbf9ec4d21cca53c
Commit Graph

73 Commits

Author SHA1 Message Date
Wiktor Niesiobędzki
6af479706d Fix failing E2E test 2025-02-28 18:45:14 +01:00
Ludovico Magnocavallo
1a4b298cc9 Project factory additions, project module reuse implementation (#2899) 
* add support for buckets

* add project-level interpolation for own SAs

* docs

* project reuse changes

* fix example

* tfdoc

* update check documentation tool

* fast tests

* blueprints

* typo
 2025-02-15 20:37:45 +01:00
Julio Castillo
d0c3f04c10 Make service agents work in different universes (#2894) 
* Make service agents work in different universes

* Use templatestring and two passes for service agent emails

* Fix tests
 2025-02-14 12:16:07 +00:00
Julio Castillo
121ec17ca1 Merge branch 'master' into fast-dev 2025-02-10 23:26:47 +01:00
Julio Castillo
3ffe838e06 Add context to organization policiy factories (#2876) 2025-02-10 22:24:01 +00:00
Ludo
d15f1d9f43 Merge remote-tracking branch 'origin/master' into fast-dev 2025-02-10 10:14:00 +01:00
Wiktor Niesiobędzki
58f22ce647 Add prefix to KMS ring, to allow easy recreate 2025-02-10 00:56:19 +01:00
Julio Castillo
97f194e37e Make id and project_id match when universe is set 2025-02-10 00:30:13 +01:00
Julio Castillo
e08698a410 Fix tests 2025-02-07 10:55:05 +01:00
Julio Castillo
3fc7144c4f Update examples and tests 2025-02-07 10:55:05 +01:00
Julio Castillo
c73035f4e5 Allow universe-bound projects to exclude services (#2852) 
* Allow universe-bound projects to exclude services

* Update README
 2025-01-30 08:48:58 +01:00
Julio Castillo
29e7669385 Support project creation in different universes (#2848) 
* Support project creation in different universes

* Fix typo

* Revert prefix validation

* Add test

* Call new test

* Do not override project name
 2025-01-29 12:40:41 +01:00
Julio Castillo
8a2320311d Add bucket_create to modules/gcs (#2827) 
* Add `bucket_create` to `modules/gcs`

* Create local with bucket name

* Update variable description

* Fix bucket output

* Fix tests

* Fix tests

* Bump OpenTofu to 1.9.0 (needed for multi-var validations)
 2025-01-21 23:48:36 +01:00
Julio Castillo
7eff7b19dc Add iam_by_principals_additive to project, organization and folder modules (#2814) 
* First attempt at iam_by_principals_additive

* Remove validation

* Update IAM ADR

* Apply to organization and project modules

* Update READMEs

* Add tests

* Remove "cycle errors"
 2025-01-14 12:32:19 +00:00
Julio Castillo
f1acc92864 Add support for log views and log scopes (#2776) 
* Add views and tags to logging bucket

* Add logs scopes to project

* Add missing inventory
 2024-12-18 18:29:44 +01:00
Wiktor Niesiobędzki
44a4268afc Fix E2E tests 2024-09-04 12:16:50 +02:00
Julio Castillo
f57635d044 Add managed folders suports to gcs module (#2530) 
* Add RPO, make versioning dynamic

* Add manaed folders

* Change autoclass and cors defaults to null

* Update README

* Add iam_by_principals

* Add managed folders var description

* Remove need for managed folders to end in /

* Add inventory to example

* Update readme

* Fix FAST tests
 2024-08-28 07:30:52 +00:00
Julio Castillo
0420dec32f Add deletion_policy to project module (#2502) 
* Replace skip_delete with deletion_policy

* Fix blueprints

* Update apigee blueprint readme

* Remove skip_delete from test inventories
 2024-08-16 18:33:39 +02:00
Wiktor Niesiobędzki
d395e9490d Fix quotas E2E tests 2024-08-06 11:49:29 +02:00
Julio Castillo
1bbff3cc3a Add support for dry-run org policies (#2454) 2024-07-30 13:12:57 +00:00
Julio Castillo
c0bf32e797 Refactor service agent management (#2423) 
* Service agents script

* Service agents update

* WIP

* Update script and terraform

* Fix tests

* Fix linter

* Update docs

* Bring back pf example inventory

* Fix tests

* Fix more tests

* Fix tests

* Use dataclasses for build_service_agents.py

* Remove unneeded field() from build_service_agents

* Re-enable CMEK depends_on in project outputs

* Update tools/requirements.txt

* Enable storage in GCS example projects

* Fix tests

* Add CMEK Service Agents dependencies for services

* Fix typos and data platform cmek

* More typos
 2024-07-23 22:05:38 +02:00
Ludovico Magnocavallo
41e583ffc9 add network tags outputs and examples to project module (#2350) 2024-06-09 07:52:15 +02:00
Ludovico Magnocavallo
309792c559 Refactor vpc-sc support in project module, add support for dry run (#2229) 2024-04-22 09:28:01 +02:00
Wiktor Niesiobędzki
bca5901691 Fix project outputs inventory 2024-04-11 11:51:19 +02:00
Wiktor Niesiobędzki
a236222a93 Add project quotas factory 2024-04-11 11:51:19 +02:00
Wiktor Niesiobędzki
9a95ac10ed Once again fix e2e tests 2024-02-23 19:21:39 +01:00
Wiktor Niesiobędzki
8fd8ee0541 Fix too long project names on e2e tests 2024-02-23 11:41:58 +01:00
Julio Castillo
5197d5ca8d Allow projects as destinations for log sinks (#2102) 
* Add project log sink destination to project module

* Add project log sink destination to folder module

* Add project log sink destination to organization module

* Fix typos

* Add project log sink destination to billing-account module

* Make filter field optional

* Update READMEs

---------

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2024-02-21 08:41:13 +01:00
Ludovico Magnocavallo
bf93b6fb4e fix typo in logging sinks interface (#2015) 2024-01-28 10:27:28 +01:00
Wiktor Niesiobędzki
0d486fb34e E2E tests fixes 2023-12-19 11:01:03 +01:00
simonebruzzechesse
c50b732c79 Allow granting network user role on host project from project module and factory (#1930) 
* Update shared vpc config for project factory and project module for more granular Shared VPC configuration

---------

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2023-12-15 14:39:21 +01:00
Ludovico Magnocavallo
bba814c091 Custom role factories for organization and project modules (#1912) 
* backport custom role factories

* backport from fast ci/cd branch

* indent

* tfdoc

* fix module tests
 2023-12-11 14:16:39 +00:00
Ludovico Magnocavallo
f548b65b1c Add support for subnet-level service network user grants to project module, improve docs (#1907) 
* improve project factory example

* light refactor of project modules shared vpc internals and docs

* add support for subnet-level grants on host project
 2023-12-07 09:07:48 +00:00
Wiktor Niesiobędzki
4668b90e8a Fix inventory for project 2023-12-03 10:37:23 +00:00
Wiktor Niesiobędzki
fe485414e6 Add end-to-end tests for project module (#1823) 
* Add end-to-end tests for project module
* Add inventory to data tests
* Add files to end-to-end test cases
* Review fixes - use named groups

---------

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2023-11-03 18:04:19 +01:00
Simone Ruffilli
6d89b88149 versions.tf maintenance + copyright notice bump (#1782) 
* Bump copyright notice to 2023

* Delete versions.tf on blueprints

* Pin provider to major version 5

* Remove comment

* Fix lint

* fix bq-ml blueprint readme

---------

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
Co-authored-by: Julio Castillo <jccb@google.com>
 2023-10-20 18:17:47 +02:00
Ludovico Magnocavallo
789328ff5a Bump provider versions to v5.0.0 (#1724) 
* bump provider versions to 5.0.0

* fix cloud run, logging and vpc-sc

* Fix secret manager

* fix gke nodepool

* fix gke multitenant stage and blueprint

* Moving alloydb module to experimental.

* Add project to bare resources in examples

* tfdoc

* fix svpc blueprint test

* Revert "fix svpc blueprint test"

This reverts commit 14f02659098070136e64ead600580dd52c23c339.

* Fix GKE peering project

* Disable tests in alloydb module

* Bring back secret ids in secret manager tests

* Remove duplicate key

* last push

---------

Co-authored-by: Julio Castillo <jccb@google.com>
 2023-10-03 12:15:36 +00:00
Ludovico Magnocavallo
ec3b705f53 Change type of iam_bindings variable to allow multiple conditional bindings (#1658) 
* modules

* fast

* dns readme
 2023-09-08 08:56:31 +02:00
Ludovico Magnocavallo
819894d2ba IAM interface refactor (#1595) 
* IAM modules refactor proposal

* policy

* subheading

* Update 20230816-iam-refactor.md

* log Julio's +1

* data-catalog-policy-tag

* dataproc

* dataproc

* folder

* folder

* folder

* folder

* project

* better filtering in test examples

* project

* folder

* folder

* organization

* fix variable descriptions

* kms

* net-vpc

* dataplex-datascan

* modules/iam-service-account

* modules/source-repository/

* blueprints/cloud-operations/vm-migration/

* blueprints/third-party-solutions/wordpress

* dataplex-datascan

* blueprints/cloud-operations/workload-identity-federation

* blueprints/data-solutions/cloudsql-multiregion/

* blueprints/data-solutions/composer-2

* Update 20230816-iam-refactor.md

* Update 20230816-iam-refactor.md

* capture discussion in architectural doc

* update variable names and refactor proposal

* project

* blueprints first round

* folder

* organization

* data-catalog-policy-tag

* re-enable folder inventory

* project module style fix

* dataproc

* source-repository

* source-repository tests

* dataplex-datascan

* dataplex-datascan tests

* net-vpc

* net-vpc test examples

* iam-service-account

* iam-service-account test examples

* kms

* boilerplate

* tfdoc

* fix module tests

* more blueprint fixes

* fix typo in data blueprints

* incomplete refactor of data platform foundations

* tfdoc

* data platform foundation

* refactor data platform foundation iam locals

* remove redundant example test

* shielded folder fix

* fix typo

* project factory

* project factory outputs

* tfdoc

* test workflow: less verbose tests, fix tf version

* re-enable -vv, shorter traceback, fix action version

* ignore github extension warning, re-enable action version

* fast bootstrap IAM, untested

* bootstrap stage IAM fixes

* stage 0 tests

* fast stage 1

* tenant stage 1

* minor changes to fast stage 0 and 1

* fast security stage

* fast mt stage 0

* fast mt stage 0

* fast pf
 2023-08-20 09:44:20 +02:00
Ludovico Magnocavallo
def2f476d1 Add support for conditions to iam_members module variables (#1594) 
* project

* data-catalog-policy-tag

* dataproc

* folder

* iam-service-account

* kms

* net-vpc

* organization

* source-repository

* dataplex-datascan
 2023-08-15 16:28:23 +02:00
Ludovico Magnocavallo
adf2621727 Add new iam_members variable to IAM additive module interfaces (#1589) 
* resource management modules

* data catalog policy

* dataproc

* service account

* kms

* net-vpc

* source repository

* dataplex datascan

* service account module variable order
 2023-08-14 09:54:50 +00:00
Wiktor Niesiobędzki
4998f1d376 Grant IAM rights to service identities in host project (#1542) 
* [module/project] Grant IAM rights to service identities based on used services in host project
* [blueprints/factories/project-factory] enable granting IAM permissions in host VPC for service identities directly or by specifying services in use
 2023-07-29 20:07:21 +02:00
Ludovico Magnocavallo
551dc581e8 Implement proper support for data access logs in resource manager modules (#1497) 
* organization module

* rename iam_bindings_authoritative to iam_policy, fix tests

* add support for data access logs and iam policy to folder module

* test inventories

* add support for data access logs and iam policy to project module
 2023-07-10 08:08:02 +00:00
Julio Castillo
a5e905cb80 Update remaining org policies 2023-02-21 15:49:16 +01:00
Julio Castillo
d3bcf625f9 Update yaml org policies 2023-02-21 15:49:16 +01:00
Julio Castillo
6b767c9035 Simplify org policies data model in resman modules. 2023-02-21 15:49:16 +01:00
Wiktor Niesiobędzki
e64e8db20d Allow additive IAM grants by robots name 
Regreatablly member name will be known after apply, hence changes in the
tests
 2023-02-16 14:39:21 +01:00
Julio Castillo
065b1471a8 Reorder org policy rules 2023-01-03 16:52:31 +01:00
Julio Castillo
4b77e484b1 Migrate project module to new tests 2022-12-18 14:00:19 +01:00
Julio Castillo
b4d3aa2055 Migrate organizations tests 2022-12-06 00:06:29 +01:00