kovagoadi/hunfabric
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,473 Commits 1 Branch 1 Tag
6fe142608da6b4489d20c6b7186cbcdc90798630
Commit Graph

113 Commits

Author SHA1 Message Date
Ludovico Magnocavallo
6fe142608d fix merge 2025-10-20 13:59:18 +00:00
Ludovico Magnocavallo
ec09414823 Merge remote-tracking branch 'origin/master' into fast-dev 2025-10-20 13:58:44 +00:00
Julio Castillo
48f6b4cd49 Add PAM support (#3438) 
* PAM first pass

* Add factory and extend to organization

* Extend to project, add examples

* Add additionalProperties to all objects

* Fix boilerplate

* Expose pam_entitlements to project-factory

* Fix readme

* Move entitlements to second folder/project pass

* extend tests

* Fix readme

* Remove timeouts from inventories
 2025-10-20 12:50:37 +00:00
Ludovico Magnocavallo
a4f9924680 Merge remote-tracking branch 'origin/master' into fast-dev 2025-10-20 06:33:53 +00:00
Vannick Trinquier
30f46f09d6 Apply alerts and log based metrics after log buckets creation (#3442) 2025-10-20 06:13:42 +00:00
Ludovico Magnocavallo
ff71c9f1a3 fix pf merge 2025-10-18 14:30:57 +00:00
Ludovico Magnocavallo
2f9234547c fix pf merge 2025-10-18 14:30:46 +00:00
Ludovico Magnocavallo
f5a05b3097 fix pf merge 2025-10-18 14:27:24 +00:00
Ludovico Magnocavallo
5e05044306 Merge remote-tracking branch 'origin/master' into fast-dev 2025-10-18 14:22:57 +00:00
Ludovico Magnocavallo
4113da128b Support resource-level factories config in project factory module and FAST stages (#3440) 
* support resource-level factories in project factory module

* align folder and project schemas across modules and fast

* schema docs
 2025-10-18 10:41:19 +00:00
kovagoadam
84a258e247 Add retention support for project-factory buckets (#3417) 
* Added retention support for project-factory buckets

* Cleanup

* Added retention_policy to project.schema.md in PF stage

---------

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2025-10-17 10:30:20 +00:00
Ludovico Magnocavallo
c996285b26 Support context and add configurations factory to workstation cluster module, add FAST project template (#3401) 
* add context to workstation-cluster module

* context test

* workstations project template
 2025-10-10 18:59:37 +02:00
Ludovico Magnocavallo
2ab471d236 pf changes (#3398) 2025-10-09 13:37:47 +02:00
Ludovico Magnocavallo
d3c80ce18b Rationalize location defaults across project factory module and FAST stages (#3392) 
* group default/overrides locations in a single object in pf module

* org setup

* project factory stage

* fix defaults

* pf defaults

* security stage defaults
 2025-10-08 07:12:15 +00:00
Ludovico Magnocavallo
5d7fadf21a Merge remote-tracking branch 'origin/master' into fast-dev 2025-10-07 08:05:03 +00:00
Ludovico Magnocavallo
7b70177459 add context to bigquery module (#3388) 2025-10-07 07:57:42 +00:00
Julio Castillo
3498338c87 Support iam_by_principals_additive in 0-org-setup (#3387) 
* Support iam_by_principals_additive in 0-org-setup

* Fix typo
 2025-10-07 06:56:35 +00:00
Julio Castillo
6b5226f16e Document log_buckets namespace (#3386) 2025-10-07 07:38:17 +02:00
Ludovico Magnocavallo
4db29a48eb allow forcing jit service agents generation for universe (#3378) 2025-10-05 10:17:57 +02:00
kovagoadam
505ee02fef Add support for billing export in 0-org-setup (#3347) 
* Add support for billing export in 0-org-setup

* Merge branch 'master' into add-billing-export-support

* Refactored billing export with adding support for bigquery_datasets in project_factory

* Renamed bigquery_dataset to datasets

* Fixed defaults.schema.md

* Fixed default.schema.md again

* Cleanup md's

* Fixed boilerplate

* Fixed JSON schema

* reword README, rename project file

* Moved dataset_id to the key of the map

---------

Co-authored-by: Julio Castillo <jccb@google.com>
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2025-10-01 10:12:45 +00:00
kovagoadam
c334e3c60f Fixed small typo in project-factory module with log-buckets (#3357) 
* Fixed small typo in project-factory module

* Add log_analytics and retention to log_buckets
 2025-09-27 07:21:48 +00:00
Ludovico Magnocavallo
90ee0ccf12 Expose project factory stage defaults via a YAML file (#3354) 
* initial implementation

* README

* tfdoc
 2025-09-24 09:59:11 +00:00
Ludovico Magnocavallo
d0e2a54948 rationalize prefix handling for project factory automation resources (#3345) 2025-09-21 21:07:28 +02:00
Ludovico Magnocavallo
78966f66c3 Add support for project templates to project factory module (#3317) 
* add support for project templates to project factory module

* align project factory features in FAST org setup stage
 2025-09-11 09:56:01 +02:00
Ludovico Magnocavallo
d1ec0868f0 Delete modules/project-factory/ludo.tfvars 2025-09-08 08:06:20 +02:00
Ludovico Magnocavallo
86d50ffb62 New project factory improvements (#3303) 
* Add separate prefix for automation resources in pf

* fix example

* add automation to pf outputs
 2025-09-06 10:01:36 +02:00
Ludovico Magnocavallo
d6f0a168f6 pf outputs (#3301) 2025-09-05 22:21:27 +02:00
Ludovico Magnocavallo
bc6950e205 Rename FAST stages preparing for eventual deprecation (#3298) 
* renames

* links

* readme

* docs

* update pf modules tests for renames

* condition_vars context in modules

* data platform dataset

* fix links in stage 3 docs

* schema changes

* schema docs

* tfdoc

* update duplicates check

* fast legacy tests

* legacy schema

* fix tests
 2025-09-04 08:24:11 +02:00
Ludovico Magnocavallo
36648b6b63 FAST light implementation (#3255) 
* data wip

* wip data

* update org schema, add note on expansion

* all schemas, workload notes

* Update WORKLOG.md

* Update WORKLOG.md

* Update WORKLOG.md

* Update WORKLOG.md

* wip

* data wip

* wip

* wip

* wip

* wip

* org module IAM context (using lookup)

* new-style context expansion in project IAM

* remove spurious file

* project module contexts

* finalize context replacement format for project module

* revert org module changes

* fix tag id interpolation in project

* fix tag id interpolation in project

* organization module context

* organization context test

* context expansion for folder tag bindings

* test context expansion for tag bindings

* service account module context

* simplify context local

* context for iam service account

* nuke blueprints

* remove links to blueprints

* vpc sc context in project module

* Add context to GCS module

* Add inline deps to plan_summary script

* Make context a top-level variable for folder, organization, sa

* Add add context top-level to VPC-SC

* move context out of factories_config variable

* tfdoc

* fix merge

* fix merge

* fix examples

* net-vpc module context

* add parent ids to folder context

* rename folder parent context

* fix folder parent check

* new project factory stub

* wip

* wip

* refactor defaults

* project iam

* bueckts and service accounts

* start adding context replacements

* better test data

* automation resources for folders and projects

* automation

* add support for project id interpolation

* first tested apply

* improve IAM description in gcs module

* add context to billing account module

* add notification channels to billing account module context

* add billing budgets to new pf

* schemas and defaults

* bootstrap wip

* bootstrap wip

* bootstrap wip

* pf outputs

* pf fixes

* fix pf sample data

* bootstrap lite fixes

* add locations to organization module contexts

* bootstrap lite fixes

* org fixes, billing accounts

* fix default project parent

* bootstrap lite wip

* add locations to gcs module context

* add context support to logging bucket module

* add context to pubsub module

* split out iam variables in gcs module

* fix logging bucket context test

* bootstrap log sink destinations

* streamline logging-bucket module variables

* fix logging bucket context test

* align logging bucket module interface in fast bootstrap

* add support for project-level log buckets to project factory

* support full context expansion in organization module log sinks

* log buckets in fast-lite bootstrap

* make og sink type optional in organization module

* log sinks in fast-lite bootstrap

* set tag values in factory context

* bootstrap lite data

* output files schema

* billing account schema

* output files

* output providers

* gcs output files

* boilerplate

* tflint

* check documentation

* check docs

* fix project module parent variable validation

* fix log bucket examples

* allow null parent in project module

* silence folder test errors

* fix billing account sink example

* fix project example

* fix billing account module

* fix folder tests

* fix FAST

* fix fast

* tfvars outputs

* wif

* cicd service accounts

* cicd

* allow defaults in context, minimal org policies

* support gcs managed folders in project factory and bootstrap lite

* support prefix in provider output files

* rename bootstrap stage

* gitignore

* gitignore

* security folder, billing IAM

* wip tfvars

* fix typo

* security IAM

* control tag iam/context via variables in organization module

* split tag creation from tag IAM to avoid circular refs

* port organization module tag changes to project module

* implement new-style context expansion in vpc-sc module

* fix fast vpc-sc tests

* boilerplate

* vpc sc stage

* schemas

* fast-lite compatibility for vpc sc stage

* make log project number optional in vpc-sc stage

* networking

* networking

* networking

* networking

* rename and move new stage under fast

* clone pf tests

* use context replacement for internal notification channels in billing account module

* support service agents in project module iam context replacements

* support service agents in project module iam context replacements

* add support for kms keys to project module context

* experimental pf example test and fixes

* fix schemas

* fix tests

* tfdoc

* tfdoc

* pf config

* experimental pf

* remove redundant dot from gcs managed folder IAM keys

* bootstrap experimental test

* project factory exp stage test

* skip tflint for bootstrap experimental test

* tflint

* fix gcs test

* documentation work

* documentation work

* Update README.md

* tfdoc

* tfdoc

* readme

* tfdoc

* readme

* readme

* readme

* readme

* support universe in pf exp projects

* missing universe service agents

* org policies import, non-admin billing IAM

* todo

* fix test

* custom constraints

* fast classic dataset

* fix test data

* context replacements in billing module log sinks

* fix typo

* add support for billing log sinks

* update docs

* readme

* cicd fix and test

---------

Co-authored-by: Julio Castillo <jccb@google.com>
 2025-09-02 08:38:57 +02:00
Ludovico Magnocavallo
89d8911741 support different key names for service accounts in IAM interpolation (#3279) 
Fixes #3278
 2025-08-20 20:45:43 +02:00
Ludovico Magnocavallo
915a1288d2 Merge remote-tracking branch 'origin/master' into fast-dev 2025-08-04 07:15:42 +00:00
Liam Nesteroff
fdbe2f34bd fixed schema patter for iam_bindings_additive roles (#3258) 
* fixed schema to allow iam_bindings_additive roles with "." (roles/compute.admin)
 2025-08-01 16:48:04 +10:00
V0idC0de
97f63fcc52 feat: Add Service Agent substitution for Buckets and iam_by_principal in project-factory (#3246) 
* feat: Add Service Agent substitution for `iam_by_principals`, just like the other `iam*` attributes

* feat: Add Service Agent substitution for Buckets created via `project-factory`

* fix: Service Account lookups in IAM assignments of Buckets, created by `project-factory`

---------

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2025-07-29 08:26:49 +00:00
Ludovico Magnocavallo
332d8614ab Merge remote-tracking branch 'origin/master' into fast-dev 2025-07-18 15:47:46 +00:00
kovagoadam
c551c5b278 Add support for quotas to project-factory module (#3242) 
* Add support for quotas to project-factory module

* Updated embeded definition in net-vpc-factory
 2025-07-18 11:58:29 +00:00
Luca Prete
625a6b7c27 Add force destroy option to buckets in project factory module (#3238) 2025-07-16 16:18:20 +00:00
Luca Prete
808bf7a32a Fix force_destroy for buckets (#3237) 
Co-authored-by: Luca Prete <lucaprete@google.com>
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2025-07-16 17:57:56 +02:00
Ludovico Magnocavallo
2a1a630e9d allow setting defaults/overrides for buckets force destroy in project factory (#3233) 2025-07-11 16:47:25 +00:00
Ludo
2cb166389f Merge remote-tracking branch 'origin/master' into fast-dev 2025-07-04 08:55:38 +02:00
Liam Nesteroff
f07e4f64e9 Standardise reuse variable from project module and implement for net-vpc (#3205) 
* exposing the network_id from the net-vpc module for use with tag bindings

* convert vpc_create to vpc_reuse

* Changed the reuse vars to standardised attributes

* fixed readme tests and schemas

* modified apigee blueprint to use vpc_reuse with network_id passthrough

---------

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2025-07-03 09:12:05 +10:00
V0idC0de
3058792b65 Fix for service agent substitutions in project factory additive bindings (#3210) 
* fix: Use consistent substitution for Service Agents

Fixes broken substitution of Service Agents when calling module `project-iam`. Setting `iam_bindings` and `iam_bindings_additive` now substitutes like `iam`, where it already works.

* Fix reference

---------

Co-authored-by: Julio Castillo <jccb@google.com>
 2025-07-02 16:14:17 +00:00
Ludo
0e052abb59 Merge remote-tracking branch 'origin/master' into fast-dev 2025-06-28 09:40:24 +02:00
Liam Nesteroff
3bfa3608d0 Added option to set force_destroy on pf buckets (#3192) 
* Added option to set force_destroy on pf buckets

* added force_destroy to schema
 2025-06-26 09:20:41 +10:00
Ludovico Magnocavallo
81fe7061be add support for service account principalsets to project factory (#3181) 2025-06-20 06:10:21 +00:00
Ludo
a136cc812a update schemas 2025-06-15 18:29:05 +02:00
Ludovico Magnocavallo
fe0a8128dc Allow custom roles in context, add support for shared VPC IAM to project and project factory (#3163) 
* add support for custom roles and hos tproject iam to project modules

* align vpc factory
 2025-06-15 10:01:22 +02:00
Ludovico Magnocavallo
7d008be2cb Allow configuring project key format in project factory (#3154) 
* Configurable project key in project-factory module

* Configurable project key in project-factory module

* add tests
 2025-06-11 13:18:03 +02:00
Ludovico Magnocavallo
3c38bc643e add KMS keys interpolation to project factory (#3145) 2025-06-10 10:24:25 +02:00
Julio Castillo
df0ed1a73c Fix #3142 (#3144) 2025-06-10 08:08:44 +02:00
Ludovico Magnocavallo
6b04ce769d Allow multiple types in JSON schema docs tool (#3126) 
* allow multiple types in JSON schema docs tool

* support pattern

* support pattern
 2025-05-31 11:58:20 +02:00