* add ad for compute-vm refactor
* Exclue nic_type from validated fields, add split of main.tf and template.tf
* boot disk
* fix examples and fixtures
* attached disks
* fix further examples and module-level tests
* remove extra file
* fix mig examples
* finish refactoring variables
* align fast and other modules
* refactor(compute-vm): align examples and ADR with the newly implemented interface
This commit addresses the remaining references of the `instance_type` and `confidential_compute` parameters in the testing environment and updates the ADR.
* feat(compute-vm): add network_performance_config to instance and templates
This change implements the usage of the `network_performance_tier` variable we added earlier into the actual Terraform resources.
---------
Co-authored-by: Wiktor Niesiobędzki <wiktorn@google.com>
* Disable tests for VPC connector and Cloud Functions, CFs are not
supporrted in the default region
* fix permissions to secrets for Cloud Run
* add permissions admin permissions to any SA within project to
`var.bucket`
* add permissions to access the secret to any SA within project to
secrets created by fixture
* disable custom roles in E2E tests, as `var.organization_id` is not the
same org, within which projects are created in E2E
* create a fixture adding IAM grants to Cloud Run service agent
* add to README.md information about required grant
Decided to add ths as a fixture though it may not be reused so:
* grant is not polluting the example
* grant is fairly easy discoverable from README.md
* setup_module is not burdened with additional grant which is used only
for this example
Add support for Cloud Run v2 jobs
* create a separate file for service creation (service.tf) and job
(job.tf) - for easy comparison
* add E2E tests where possibile
* remove default value for input variable `region`
* fix subnet range VPC Access Connector example
* add creation of service account for audit logs call (trigger requires
service account)
* use provided trigger service account email in
`local.trigger_sa_email`, so explicitly provided SA is passed to
trigger
* set default value for vpc_connector_create.throughput.max, to match
what is set by GCP API, as provider uses wrong default of 300 which
results in perma-diff
* create inventory fiels for all examples
Global changes
* (tests) add input variable `project_number`, to allow assigning IAM permissions to Service Accounts in fixtures
* (tests) fix not outputting the path, when object is not found in inventory
* (tests) fix `create_e2e_sandbox.sh` - now it properly finds root of the repo
Secret Manager
* added `version_versions` output, to allow specifying versions in other modules. `versions` is sensitive and it makes it unsuitable for `for_each` values
New test fixtures
* `pubsub.tf` - creating one topic
* `secret-credential.tf` - creating Secret Manager `credential` secret
* `shared-vpc.tf` - creating two projects (host and service), and vpc in host project
* `vpc-connector.tf` - creating VPC Access Connector instance
* Fix DNS E2E test + add one to net-lb-app-int-cross-region
* Update README.md
* Fix inventory for tests
* Fix tests
* Fix number of resources
---------
Co-authored-by: Julio Castillo <jccb@google.com>
* Allow terraform fixtures for examples
* Allow defining multiple fixtures, and named fixtures under tests/fixtures/
* Enable e2e for wiktorn
* Fix prepare_files call for e2e
* Move fixture to separate file, fix test
* Revert shallow-copying symlinks, performane penalty - 20%
* Update tfdoc.py to list used fixtures
---------
Co-authored-by: Wiktor Niesiobędzki <wiktorn@google.com>
