kovagoadi/hunfabric
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
5,768 Commits 1 Branch 1 Tag
1ee21fae5a28119d0e0c2bb382b78a23e5544aae
Commit Graph

826 Commits

Author SHA1 Message Date
Ludovico Magnocavallo
d86b8d565c Refactor GKE cluster modules access configurations, add support for DNS endpoint (#2761) 
* stub

* gke standard module and tests

* blueprints

* tfdoc

* autopilot

* blueprints

* tfdoc

* gke hub module examples

* dataproc and gke fixture
 2024-12-12 11:02:24 +01:00
Ludovico Magnocavallo
1a1886c551 fix parent id lookup for networking and security stages (#2744) 2024-12-04 21:08:31 +01:00
mtndrew404
7c858f4753 Fixing yaml naming in prod subnet folder to match other lifecycles (#2733) 2024-11-26 06:40:21 +00:00
Ludovico Magnocavallo
008202129b add missing role to org-level delegated IAM grants (#2731) 2024-11-23 07:58:13 +01:00
Ludo
a3bffbbcbf Merge remote-tracking branch 'origin/master' into fast-dev 2024-11-22 07:39:09 +01:00
Ludovico Magnocavallo
5af0f90929 Allow setting GCS location default/override in project factory (#2715) 
* allow setting GCS location default/override in project factory

* tflint
 2024-11-18 17:45:52 +01:00
Julio Castillo
81166b3601 Remove stale validation (#2714) 2024-11-18 16:00:06 +00:00
Julio Castillo
4a739fcb87 Expose factories_config for resman top level folders (#2707) 
* Expose factories_config for top_level_folders

* Complete top level folder schema

* Update README

* Fix escapes

* Update tests
 2024-11-17 22:54:56 +00:00
Julio Castillo
bb65920b4b Merge branch 'master' into fast-dev 2024-11-17 22:01:21 +01:00
Joshua Wright
2676010629 Add Automation Service Accounts Output (#2640) 
* Add Automation Service Accounts Output

* Add Automation Service Accounts Output

* Add Projects Output, Along with Docs

* Fix output

---------

Co-authored-by: Julio Castillo <jccb@google.com>
 2024-11-17 17:29:06 +00:00
Julio Castillo
1fc5e90bdd Allow disabling network security stage (#2701) 
* Allow disabling security stage

* Remove deprecated network_firewall_policies_viewer

* Enable nsec in resman tests
 2024-11-17 10:04:18 +01:00
Julio Castillo
f140adfab8 Remove REGIONAL/MULTI_REGIONAL buckets from FAST (#2697) 2024-11-16 10:14:47 +00:00
Julio Castillo
7b2a3424a8 Unify usage of top level folders short_name (#2693) 
* Unify usage of top level folders short_name

* Fix docs

* Update schema

* Fix tests

* Fix tests

* More fixes
 2024-11-15 13:56:45 +01:00
Julio Castillo
9814756074 Make project iam viewer name consistent with GCP naming (#2694) 
* Make project iam viewer name consistent with GCP naming

* Fix tests
 2024-11-15 11:48:37 +01:00
Ludovico Magnocavallo
31cb391be7 Streamline environments variable across stages (#2688) 
* streamline environments variable across stages

* linting

* linting
 2024-11-15 10:22:18 +01:00
Ludovico Magnocavallo
721e7689b4 Add missing billing roles to project factory ro SA in stage 1 (#2685) 
* add missing billing role for pf ro sa

* fix tests
 2024-11-14 11:41:30 +01:00
Ludovico Magnocavallo
aa30e33618 add missing role for pf ro account (#2683) 2024-11-14 10:25:51 +01:00
Ludo
8c02ff0780 Merge remote-tracking branch 'origin/master' into fast-dev 2024-11-14 08:54:45 +01:00
Roberto Jung Drebes
f1b074b594 Fix typo 2024-11-13 21:28:44 +01:00
Rob Rankin
47057b62ff Swap groups_iam/iam_group for iam_by_principals in bootstrap README (#2680) 2024-11-13 15:33:41 +00:00
Ludovico Magnocavallo
d0c8ffaddb fix permadiff in bootstrap stage (#2656) 2024-11-01 15:56:07 +01:00
Ludovico Magnocavallo
3cc44ad646 fix moved blocks, support environment name in top-level folder automation (#2652) 2024-10-31 17:47:11 +01:00
Ludovico Magnocavallo
50ac3a5013 Refactor of FAST resource management and subsequent stages (#2648) 
* untested

* pllan testing

* fix stage 2s

* move providers to their own file

* single-environment stage 3

* fixes and moved blocks

* stage3 factory

* doc

* review comments

* review comments

* tfdoc

* fasts tage 1 tests

* netsec as stage 2

* fix backported roles

* fix backported roles

* tfdoc

* fixes

* fix tag value roles in stage 1

* remove checklist, fix stage 1 tests

* inventory

* Small bugfix

* refactor context tag values

* fix previous merge

* fix previous merge

* fix previous merge

* support short names for top level automation resources, change top level context variable

* fix new top level context

* roll back merge changes to stage 0 outputs

* roll back more merge changes

* linting errors

* tfdoc

* fix tests, roll back merge in tenants stage

* tfdoc

* fix inventory

* optional stage 2 env folders and tag bindings

* tflint

* damn tflint

* damn tflint

* tfdoc

* fix networking tests

* tflint

* fix test inventories

* tfdoc

* use coalesce for project parents

* fix billing role conditions

* fix billing role conditions

* security stage tested (ngw resources need fixing/porting)

* boilerplate

* fix inventory

* stage envs and stage linking script

* initial work on resman docs, update diagram, improve teams folder

* resman README

* fix stage 2 IAM delegation

* remove checklist from bootstrap

* stage 1 tests

* stage 0 1 and 2 tests

* tflint

* tflint

* tfdoc

* GCVE stage refactor (untested)

* GCVE stage refactor (untested)

* GCVE stage 3

* gcve tests

* tflint

* tfdoc

* fix links

* module tests

* stages README

* move network security to stage 2

* network security tests

* replace stage links in README files

* minimal netsec stage refactor

* use factory for iac org policies, add configurable drs org policy for iac

* test mt stage

* tfdoc

* fix cicd workflows

* fix cicd workflows

* gke-dev stage

* tflint

* remove data platform stage

* exclude provider files via tfdoc opts

* remove data platform tests and links

* fix merge

* fix resman inventory

* boilerplate

* inventory

---------

Co-authored-by: Simone Ruffilli <sruffilli@google.com>
 2024-10-31 16:55:54 +01:00
Julio Castillo
f5d05b3c3f Reorganize ADRs and new versioning ADR (#2642) 
* Reorganize ADRs and new versioning ADR

* Workflow examples

* Fix ADR links

* Changes discussed with ludoo

* Fix image reference

* Update image

* Fix typo

* Complet decision section

---------

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2024-10-30 12:39:53 +01:00
Wiktor Niesiobędzki
8b7607af63 Codespell / whitespace fixes 2024-10-30 10:30:37 +01:00
Aurélien Legrand
d4b594f83a Adding DNS for GKE control plane to private google access APIs (#2641) 
* Adding DNS for GKE control plane to private google access APIs

* updating tests

* updating tests
 2024-10-29 14:09:26 +01:00
Luca Prete
24d78de373 [FAST] Fix stage 2 simple NVA wrong location - causing test failures (#2630) 2024-10-18 14:43:03 +02:00
Liam Nesteroff
f14cd9f948 Add TFE integration for backend and CICD (#2611) 
* added option for tfe_cicd

* formatting and readme

* formatting

* added terraform option for cicd_repos

* update readme

* modified provider templating for tf

* added missing resman gsa

* updated readmes

* added options for tf style write/branch structure

* added cicf_backends to tests

* added cicd_backends to tests

* Updated readme
 2024-10-16 17:01:39 +11:00
Liam Nesteroff
f65dc88b6f added output for tfvars_globals (#2620) 2024-10-15 18:39:09 +11:00
Elia
81a6ff30d2 GCVE network mode for 2-networking-b-nva stage (#2544) 
* GCVE network mode

* optional landing routes

* net option renamed

* minor fix

* added stage tests

* test fix

* regional-vpc mode

* fixed api

* fix readme

* drawing updated

* stage test fix

* stage test fix

* stage test fix

* stage test fix

* fix

---------

Co-authored-by: Simone Ruffilli <sruffilli@google.com>
 2024-10-15 08:28:15 +02:00
Ludovico Magnocavallo
8101a26652 support log exclusions in bootstrap log sinks (#2616) 2024-10-09 09:22:28 +02:00
Liam Nesteroff
c2780fa7b0 fixed tfe wif definition variables (#2604) 
* fixed tfe wif definition variables

* Added additional attributes for tfe

* kept workspaceid for google.subject as per gcp docs
 2024-10-03 13:41:31 +00:00
Simone Ruffilli
fbf5ad5a8f FAST: Adds support for PSC transitivity to 2-a (#2600) 2024-10-02 11:39:23 +02:00
Liam Nesteroff
999c3acca3 added tf def to wif providers (#2598) 2024-10-02 09:12:49 +10:00
Natalia Strelkova
923a1e41dc Nstrelkova/small readme fixes (#2584) 
* typo (old rename of 00-bootstrap to 0-bootstrap)

* resman purpose: not org policies, but tags

* GCVE: several typos

---------

Co-authored-by: Natalia Strelkova <nstrelkova@google.com>
 2024-09-19 13:23:40 +00:00
Ludovico Magnocavallo
c2a9cb7d09 make it explicit that stages need to be run once before CI/CD setup (#2582) 2024-09-19 09:43:35 +02:00
Ludovico Magnocavallo
9441eed410 fixed diagrams (#2581) 2024-09-19 09:39:35 +02:00
Ludovico Magnocavallo
2fc2f8fb92 FAST resman mt fixes (#2579) 
* resman mt fixes

* fix custom roles var
 2024-09-19 09:02:04 +02:00
Simon Roberts
9a51c4d196 Update a few references from 3-project-factory to 2-project-factory (#2568) 
* Move project-factory to stage 2, fix path. Remove other trailing whitespace.

* Update 3-project-factory to 2-project-factory

* ./tools/tfdoc.py fast/stages/0-bootstrap
 2024-09-19 05:11:32 +00:00
Elia
0e14cd5249 Update variables.tf (#2558) 
* Update variables.tf

Hi Team,
the default ranges for the dmz are not valid ranges that contain the default subnets.

This is the subnetting:
https://visualsubnetcalc.com/index.html?c=1N4IgbiBcIIwgNCAzlUMAMA6LOD0AOVWHbbXATiI1LwyIH0A7KEBEegYxZAF9FqAbABYauOpDRZhomHAnFM02gCYqUkbQDMaxRrIwhOpfoCsRvejEDzMgOwNm0AC4AnAK5InAUwAmAAgAHFwBLAFsAQxcATzZObj4FaRhlfH17eSYWH1CAL0CQiOjYrmheBMETGWt5CrsHbkQ40vKpSuTUyxh00EzSxpLWHiH+KQEZMwzHVn74lsUO-UMaqQXOicl5qvroHy8wfLDImJnmkcVyLcmG9gGys9sSNe3pm9m522UZbWXMD5kljZ-WjrBRA-TVHpTIIAe38QUORROg3umkukOuTUG7wsYhBvRemLuoLGtAB7CmxTeZ3wjzEqh+NK+OkZpOZtJgIOoLPBbLqV2c7k8vj8SC8HGhjB8R0ppwUjPaaWe2TyovFkulSKJXJgaLlOto3XJGNuc3wOoVnUN+JlWNNn2BzxtWqw+BxBmZbs5LrdEKNOz2IrFEqliNesq5lVovutmuGcpJpkdsbjXNWYm+G3wafdDOzXswWd1+Jh-lVwY1YeRcouUaTledmHI7LxFOTZ3I9sWdcJQxTWHICc6cnRfXrvbOFrIlH5BJNvaAA

* fixed readme file
 2024-09-16 08:28:21 +00:00
Simone Ruffilli
8090fe66aa Fix format typo for essential contacts domains in bootstrap 2024-09-13 11:32:47 +02:00
Simone Ruffilli
9905e1dc69 Enables compute.setNewProjectDefaultToZonalDNSOnly and essentialcontacts.allowedContactDomains (#2564) 
* Enables setNewProjectDefaultToZonalDNSOnly policy
* Add support for essentialcontacts.allowedContactDomains
 2024-09-13 11:09:55 +02:00
Simone Ruffilli
ca9ec30114 Update list of org policies imported by FAST bootstrap stage 2024-09-13 07:05:01 +00:00
Ludovico Magnocavallo
e4413dbbd1 add documentation instructions for corner cases in github and bootstrap (#2545) 2024-08-30 14:04:43 +02:00
Ludo
3191a041e3 tfdoc 2024-08-30 10:43:04 +02:00
Ludo
e6bd1c62b8 update changelog 2024-08-30 10:42:34 +02:00
Ludovico Magnocavallo
eb89c62b5f prepare v34.0.0 release (#2543) 2024-08-30 10:06:33 +02:00
Ludovico Magnocavallo
579c7296db moved blocks and fixes for FAST v33-v34 transition (#2541) 2024-08-30 07:44:27 +00:00
Luca Prete
3ca0525039 [FAST] TLS inspection support for NGFW Enterprise (#2484) 2024-08-30 09:15:17 +02:00
Julio Castillo
f57635d044 Add managed folders suports to gcs module (#2530) 
* Add RPO, make versioning dynamic

* Add manaed folders

* Change autoclass and cors defaults to null

* Update README

* Add iam_by_principals

* Add managed folders var description

* Remove need for managed folders to end in /

* Add inventory to example

* Update readme

* Fix FAST tests
 2024-08-28 07:30:52 +00:00