kovagoadi/hunfabric
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
5,682 Commits 1 Branch 1 Tag
707867f5f8ef0877f52829d0d09fd53869b9b3c2
Commit Graph

1028 Commits

Author SHA1 Message Date
Ludo
1ea2b61df3 Merge remote-tracking branch 'origin/master' into fast-dev 2024-11-12 10:15:59 +01:00
Wiktor Niesiobędzki
b85711e81b Additional examples 
- Cloud Run - mounting Cloud SQL
- Cloud SQL - creating users for IAM service account
 2024-11-10 07:02:29 +01:00
Luca Prete
02d14da4db Update SWP (#2666) 2024-11-09 13:54:13 +01:00
Ludovico Magnocavallo
d0c8ffaddb fix permadiff in bootstrap stage (#2656) 2024-11-01 15:56:07 +01:00
Ludo
78f4e5c98d boilerplate for v36.0.0-rc1 2024-10-31 17:52:09 +01:00
Ludovico Magnocavallo
50ac3a5013 Refactor of FAST resource management and subsequent stages (#2648) 
* untested

* pllan testing

* fix stage 2s

* move providers to their own file

* single-environment stage 3

* fixes and moved blocks

* stage3 factory

* doc

* review comments

* review comments

* tfdoc

* fasts tage 1 tests

* netsec as stage 2

* fix backported roles

* fix backported roles

* tfdoc

* fixes

* fix tag value roles in stage 1

* remove checklist, fix stage 1 tests

* inventory

* Small bugfix

* refactor context tag values

* fix previous merge

* fix previous merge

* fix previous merge

* support short names for top level automation resources, change top level context variable

* fix new top level context

* roll back merge changes to stage 0 outputs

* roll back more merge changes

* linting errors

* tfdoc

* fix tests, roll back merge in tenants stage

* tfdoc

* fix inventory

* optional stage 2 env folders and tag bindings

* tflint

* damn tflint

* damn tflint

* tfdoc

* fix networking tests

* tflint

* fix test inventories

* tfdoc

* use coalesce for project parents

* fix billing role conditions

* fix billing role conditions

* security stage tested (ngw resources need fixing/porting)

* boilerplate

* fix inventory

* stage envs and stage linking script

* initial work on resman docs, update diagram, improve teams folder

* resman README

* fix stage 2 IAM delegation

* remove checklist from bootstrap

* stage 1 tests

* stage 0 1 and 2 tests

* tflint

* tflint

* tfdoc

* GCVE stage refactor (untested)

* GCVE stage refactor (untested)

* GCVE stage 3

* gcve tests

* tflint

* tfdoc

* fix links

* module tests

* stages README

* move network security to stage 2

* network security tests

* replace stage links in README files

* minimal netsec stage refactor

* use factory for iac org policies, add configurable drs org policy for iac

* test mt stage

* tfdoc

* fix cicd workflows

* fix cicd workflows

* gke-dev stage

* tflint

* remove data platform stage

* exclude provider files via tfdoc opts

* remove data platform tests and links

* fix merge

* fix resman inventory

* boilerplate

* inventory

---------

Co-authored-by: Simone Ruffilli <sruffilli@google.com>
 2024-10-31 16:55:54 +01:00
Aurélien Legrand
d4b594f83a Adding DNS for GKE control plane to private google access APIs (#2641) 
* Adding DNS for GKE control plane to private google access APIs

* updating tests

* updating tests
 2024-10-29 14:09:26 +01:00
Liam Nesteroff
f14cd9f948 Add TFE integration for backend and CICD (#2611) 
* added option for tfe_cicd

* formatting and readme

* formatting

* added terraform option for cicd_repos

* update readme

* modified provider templating for tf

* added missing resman gsa

* updated readmes

* added options for tf style write/branch structure

* added cicf_backends to tests

* added cicd_backends to tests

* Updated readme
 2024-10-16 17:01:39 +11:00
Elia
81a6ff30d2 GCVE network mode for 2-networking-b-nva stage (#2544) 
* GCVE network mode

* optional landing routes

* net option renamed

* minor fix

* added stage tests

* test fix

* regional-vpc mode

* fixed api

* fix readme

* drawing updated

* stage test fix

* stage test fix

* stage test fix

* stage test fix

* fix

---------

Co-authored-by: Simone Ruffilli <sruffilli@google.com>
 2024-10-15 08:28:15 +02:00
Ludovico Magnocavallo
74427386b9 Add support for bundling net monitoring tool in a Docker image, and deploying via CR Job (#2609) 
* dockerfile and reqs update

* deployment via cloud run jobs

* README

* boilerplate
 2024-10-07 12:56:09 +00:00
Benoît Sauvère
cb234fd35b feat: implement the new iam interface in artifact-registry (#2606) 
Co-authored-by: Julio Castillo <juliocc@users.noreply.github.com>
 2024-10-04 13:49:48 +00:00
Liam Nesteroff
163a0eab2b Allow manage existing SSM instance (#2595) 
* added option to manage an existing SSM instance

* switched depends on to try for instance iam

* added resource instance keys

* add instance keys to tests

* changed label default to null

* updated readme

* replaced try functions with conditional expressions for IAM
 2024-09-27 12:13:30 +02:00
apichick
3fad96436c Added biglake-catalog module (#2572) 2024-09-24 17:39:29 +02:00
Elia
dca6e383b7 Fix permadiff on iap attribute in net-lb-app-int module (#2590) 
* fixed attribute default

* fix blueprint inventory

* fix outputs

---------

Co-authored-by: Ludo <ludomagno@google.com>
 2024-09-20 11:35:18 +00:00
simonebruzzechesse
1f2bdd0033 New looker core module (#2565) 
* new looker core module
---------
Co-authored-by: Wiktor Niesiobędzki <wiktorn@google.com>
 2024-09-20 12:12:09 +02:00
apichick
0f28d266dd Secure source manager (#2569) 
* Added secure-source-manager-instance module

* Fixes after review
 2024-09-19 10:29:01 +00:00
apichick
8e0dac84f9 Bigquery dataset routines (#2570) 
* Added routines to bigquery-dataset module

* Fixes after review
 2024-09-19 09:13:32 +00:00
Simone Ruffilli
9905e1dc69 Enables compute.setNewProjectDefaultToZonalDNSOnly and essentialcontacts.allowedContactDomains (#2564) 
* Enables setNewProjectDefaultToZonalDNSOnly policy
* Add support for essentialcontacts.allowedContactDomains
 2024-09-13 11:09:55 +02:00
Wiktor Niesiobędzki
679218cde3 Fix e2e testsss for cloud run 2024-09-10 12:04:39 +02:00
Simone Ruffilli
7f8a02a405 Add support for google provider 6.x (#2536) 
* Add support for google provider 6.x

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
Co-authored-by: Wiktor Niesiobędzki <wiktorn@google.com>
Co-authored-by: Julio Castillo <jccb@google.com>
 2024-09-05 10:35:58 +00:00
Julio Castillo
ba3e1be416 Bump provider to 5.43.1 ahead of next release (#2557) 2024-09-04 19:58:07 +02:00
Wiktor Niesiobędzki
44a4268afc Fix E2E tests 2024-09-04 12:16:50 +02:00
Ludovico Magnocavallo
eb89c62b5f prepare v34.0.0 release (#2543) 2024-08-30 10:06:33 +02:00
Ludovico Magnocavallo
579c7296db moved blocks and fixes for FAST v33-v34 transition (#2541) 2024-08-30 07:44:27 +00:00
Luca Prete
3ca0525039 [FAST] TLS inspection support for NGFW Enterprise (#2484) 2024-08-30 09:15:17 +02:00
jamesdalf
8ca3bc390f Module net-vpc fix for reserved ranges (#2538) 
* fix the reserved ranges

* updated readme

* formatting

* fix example test

---------

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2024-08-30 05:10:28 +00:00
Ludovico Magnocavallo
cecce6b3a0 Allow customizable prefix in net-vpc module PSA configs (#2535) 
* allow customizable prefix in net-vpc module PSA configs

* fix peered domain key
 2024-08-28 09:24:13 +00:00
Julio Castillo
f57635d044 Add managed folders suports to gcs module (#2530) 
* Add RPO, make versioning dynamic

* Add manaed folders

* Change autoclass and cors defaults to null

* Update README

* Add iam_by_principals

* Add managed folders var description

* Remove need for managed folders to end in /

* Add inventory to example

* Update readme

* Fix FAST tests
 2024-08-28 07:30:52 +00:00
Julio Castillo
d4e727a482 Update stable provider too (#2531) 2024-08-28 08:49:46 +02:00
Julio Castillo
bab85c88ba Bump provider to last release of version 5 (#2525) 
* Bump provider to last release of version 5

* Remove default-versions copy in test env setup

* Use file instead of symlink in tools/lookfile

* Remove default-version reference

* Removed unused code
 2024-08-27 16:50:59 +02:00
Julio Castillo
58bee2a63d Add pubusb to default jitsi sas (#2520) 2024-08-26 19:55:32 +02:00
Luca Prete
17667ce205 [FAST] Add permissions to nsec-r SA (#2511) 2024-08-21 20:26:32 +02:00
Simone Ruffilli
e82cc35f50 net-swp module cleanup (#2510) 
* net-swp: add support for PSC SA
* Doc updates
 2024-08-21 11:28:20 +02:00
Ludovico Magnocavallo
13595f1499 depend network security stage from fast features in resman (#2509) 2024-08-21 08:38:43 +02:00
Ludovico Magnocavallo
ad5de9b7ea Refactor FAST project factory and supporting documentation (#2505) 
* untested

* teams pattern

* rework doc

* README

* boierplate

* tflint

* Fix tflint for project factory

* Correct path to pf

* resman changes

* fix factory variable default

* fix links

* project factory module substitutions

* tflint

* stage test

* tfdoc

* rename schema, address review comments

* README typos and wording

* tfdoc

* review comments

* remove test from yaml

* revert output workflow changes

* fix sa reference errors

* tfdoc

* pf tag roles

* schema validation

* pf tag roles

* avoid null values in pf context

---------

Co-authored-by: Wiktor Niesiobędzki <wiktorn@google.com>
 2024-08-20 16:45:42 +00:00
Julio Castillo
0420dec32f Add deletion_policy to project module (#2502) 
* Replace skip_delete with deletion_policy

* Fix blueprints

* Update apigee blueprint readme

* Remove skip_delete from test inventories
 2024-08-16 18:33:39 +02:00
Julio Castillo
714b97598f Add schema testing to PR workflow 2024-08-09 15:43:11 +02:00
Julio Castillo
f1607f68a9 Extend test collector to include yaml files under tests/schemas/ and fast data files (#2489) 
* Extend test collector to include yaml files in tests/schemas/

* Silence linter

* Simplify yaml schema test names

* Vaidate FAST data files schema
 2024-08-09 10:59:00 +02:00
Julio Castillo
9386764f66 Introduce YAML schema validation for YAML examples (#2488) 
* Add schema key to yaml examples

* Update testing requirements
 2024-08-08 23:09:22 +02:00
Julio Castillo
d2d345d428 example testing improvements (#2487) 
* Move away from regexps to parse tftest directives

* Update tfdoc

* Use namedtuple

* Make modules and resources optional in tftest directive

* Move get_tftest_directive to a separate file

* Fix imports

* Fix e2e tests
 2024-08-08 21:22:27 +02:00
Luca Prete
092053b517 Adds a new certification authority service (CAS) module (#2481) 2024-08-08 09:55:48 +02:00
Julio Castillo
9880c0b64d Add support for PSC global access to net-address (#2480) 
* Add support for PSC global access to net-address

Fixes #2479

* Fix example formatting
 2024-08-07 17:27:03 +00:00
Julio Castillo
912cbb8281 Rename 1-vpc-sc stage to 1-vpcsc (#2471) 
* Rename 1-vpc-sc stage to 1-vpcsc

* Fix tests
 2024-08-06 11:21:55 +00:00
Wiktor Niesiobędzki
2758eee4ff Fix inventories for Cloud SQL 2024-08-06 11:49:29 +02:00
Wiktor Niesiobędzki
1daf344fe9 Bump provider version to 5.40, to resolve perma-diff with Cloud SQL instance 2024-08-06 11:49:29 +02:00
Wiktor Niesiobędzki
d395e9490d Fix quotas E2E tests 2024-08-06 11:49:29 +02:00
Julio Castillo
89333a5d43 Make policyReader binding additive in bootstrap (#2470) 2024-08-06 09:35:37 +00:00
Ludovico Magnocavallo
345716e576 VPC-SC as separate FAST stage 1 (#2460) 
* initial commit

* README

* boilerplate

* tflint

* tfdoc

* fix security stage tests

* vpc-sc stage tests

* tflint

* fix resman stage test inventories

* security README

* stage-level README

* Update README.md

* flexible perimeter variable

* remove diagram

* change default to dry run

* default to dry run
 2024-08-02 18:04:36 +02:00
Luca Prete
80f9ce6307 [FAST] Add basic NGFW enterprise stage (#2410) 2024-08-01 09:41:31 +00:00
Julio Castillo
1bbff3cc3a Add support for dry-run org policies (#2454) 2024-07-30 13:12:57 +00:00