kovagoadi/hunfabric
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,681 Commits 1 Branch 1 Tag
a55497156341c8d9d1f67aff99f9350db1ecff56
Commit Graph

29 Commits

Author SHA1 Message Date
Wiktor Niesiobędzki
2687dd2b97 make a test self-link look like a self-link and fix tests 2025-12-19 11:05:25 +01:00
Luca Prete
c193fb37ee Upgrade Terraform provider to 7.13 (#3600) 2025-12-18 11:29:48 +01:00
Wiktor Niesiobędzki
d5bc59a238 Fix E2E tests. 
* Disable tests for VPC connector and Cloud Functions, CFs are not
  supporrted in the default region
* fix permissions to secrets for Cloud Run
* add permissions admin permissions to any SA within project to
  `var.bucket`
* add permissions to access the secret to any SA within project to
  secrets created by fixture
* disable custom roles in E2E tests, as `var.organization_id` is not the
  same org, within which projects are created in E2E
 2025-11-04 10:23:55 +01:00
Wiktor Niesiobędzki
2e42c1b548 service_account_config for Cloud Run v2 
Additional changes:
* align vpc-connector interface to Cloud Functions
* split managed and unmanaged resources into separate files, this makes
  easier to introduce further changes
* add support for contexts
* move `vpc_connector` variable to variables.tf for Cloud Functions
* remove `create` from `vpc_connector` in Cloud Functions as it was
  sharing the meaning with `vpc_connector_create`
 2025-10-27 08:03:53 +01:00
Wiktor Niesiobędzki
f7c9a341b0 yamlint tests/ 2025-10-24 13:11:17 +02:00
Wiktor Niesiobędzki
d9029e47a0 VPC Connector alignment to Cloud Run v2 + contexts 2025-10-23 15:50:17 +02:00
Julio Castillo
772d064e1c Skip IAM grants for service agents that are not created on API activation (#3448) 
* Skip IAM grants for service agents that are not created on API activation

* Fix tests
 2025-10-21 14:31:32 +00:00
Julio Castillo
1566711c3a Add service agent outputs to folder and organization (#3436) 
* Add service agent outputs to folder and organization

* Fix tests
 2025-10-17 17:23:08 +02:00
Wiktor Niesiobędzki
ad9d52a7da Use context prefixes for auto service grants 2025-10-13 18:58:52 +02:00
Ludovico Magnocavallo
63a22cd9a2 Refactor secret manager module (#3315) 
* wip

* wip

* wip

* wip

* tested, missing versions

* working

* fix secops stage

* readme

* tests

* tflint
 2025-09-10 11:47:35 +00:00
Ludovico Magnocavallo
36648b6b63 FAST light implementation (#3255) 
* data wip

* wip data

* update org schema, add note on expansion

* all schemas, workload notes

* Update WORKLOG.md

* Update WORKLOG.md

* Update WORKLOG.md

* Update WORKLOG.md

* wip

* data wip

* wip

* wip

* wip

* wip

* org module IAM context (using lookup)

* new-style context expansion in project IAM

* remove spurious file

* project module contexts

* finalize context replacement format for project module

* revert org module changes

* fix tag id interpolation in project

* fix tag id interpolation in project

* organization module context

* organization context test

* context expansion for folder tag bindings

* test context expansion for tag bindings

* service account module context

* simplify context local

* context for iam service account

* nuke blueprints

* remove links to blueprints

* vpc sc context in project module

* Add context to GCS module

* Add inline deps to plan_summary script

* Make context a top-level variable for folder, organization, sa

* Add add context top-level to VPC-SC

* move context out of factories_config variable

* tfdoc

* fix merge

* fix merge

* fix examples

* net-vpc module context

* add parent ids to folder context

* rename folder parent context

* fix folder parent check

* new project factory stub

* wip

* wip

* refactor defaults

* project iam

* bueckts and service accounts

* start adding context replacements

* better test data

* automation resources for folders and projects

* automation

* add support for project id interpolation

* first tested apply

* improve IAM description in gcs module

* add context to billing account module

* add notification channels to billing account module context

* add billing budgets to new pf

* schemas and defaults

* bootstrap wip

* bootstrap wip

* bootstrap wip

* pf outputs

* pf fixes

* fix pf sample data

* bootstrap lite fixes

* add locations to organization module contexts

* bootstrap lite fixes

* org fixes, billing accounts

* fix default project parent

* bootstrap lite wip

* add locations to gcs module context

* add context support to logging bucket module

* add context to pubsub module

* split out iam variables in gcs module

* fix logging bucket context test

* bootstrap log sink destinations

* streamline logging-bucket module variables

* fix logging bucket context test

* align logging bucket module interface in fast bootstrap

* add support for project-level log buckets to project factory

* support full context expansion in organization module log sinks

* log buckets in fast-lite bootstrap

* make og sink type optional in organization module

* log sinks in fast-lite bootstrap

* set tag values in factory context

* bootstrap lite data

* output files schema

* billing account schema

* output files

* output providers

* gcs output files

* boilerplate

* tflint

* check documentation

* check docs

* fix project module parent variable validation

* fix log bucket examples

* allow null parent in project module

* silence folder test errors

* fix billing account sink example

* fix project example

* fix billing account module

* fix folder tests

* fix FAST

* fix fast

* tfvars outputs

* wif

* cicd service accounts

* cicd

* allow defaults in context, minimal org policies

* support gcs managed folders in project factory and bootstrap lite

* support prefix in provider output files

* rename bootstrap stage

* gitignore

* gitignore

* security folder, billing IAM

* wip tfvars

* fix typo

* security IAM

* control tag iam/context via variables in organization module

* split tag creation from tag IAM to avoid circular refs

* port organization module tag changes to project module

* implement new-style context expansion in vpc-sc module

* fix fast vpc-sc tests

* boilerplate

* vpc sc stage

* schemas

* fast-lite compatibility for vpc sc stage

* make log project number optional in vpc-sc stage

* networking

* networking

* networking

* networking

* rename and move new stage under fast

* clone pf tests

* use context replacement for internal notification channels in billing account module

* support service agents in project module iam context replacements

* support service agents in project module iam context replacements

* add support for kms keys to project module context

* experimental pf example test and fixes

* fix schemas

* fix tests

* tfdoc

* tfdoc

* pf config

* experimental pf

* remove redundant dot from gcs managed folder IAM keys

* bootstrap experimental test

* project factory exp stage test

* skip tflint for bootstrap experimental test

* tflint

* fix gcs test

* documentation work

* documentation work

* Update README.md

* tfdoc

* tfdoc

* readme

* tfdoc

* readme

* readme

* readme

* readme

* support universe in pf exp projects

* missing universe service agents

* org policies import, non-admin billing IAM

* todo

* fix test

* custom constraints

* fast classic dataset

* fix test data

* context replacements in billing module log sinks

* fix typo

* add support for billing log sinks

* update docs

* readme

* cicd fix and test

---------

Co-authored-by: Julio Castillo <jccb@google.com>
 2025-09-02 08:38:57 +02:00
Julio Castillo
d3f0dc984e Upgrade provider to version 7.0.1 (#3291) 
* Upgrade provider to version 7.0.1

* Update READMEs

* Bring back depends_on for services and jobs
 2025-09-01 17:29:20 +02:00
Wiktor Niesiobędzki
a106688b0e Fix references to service_account 2025-08-13 22:11:07 +02:00
Wiktor Niesiobędzki
75fa484730 Remove support for creating SA for event arc triggers 2025-08-13 22:11:07 +02:00
Wiktor Niesiobędzki
ff85f05669 E2E: Align triggers location to the bucket 2025-08-13 22:11:07 +02:00
Wiktor Niesiobędzki
e498f3407e Add support for GPUs in Cloud Run 2025-08-13 15:21:27 +02:00
Wiktor Niesiobędzki
b5cc01c598 Add Cloud Run Worker Pools 
Refactor jobs and services parameters into separte variables
Remove prefix (not needed, namespace is local to the project)
 2025-08-12 19:59:50 +02:00
Muhammad Elsaeed
9bd4363269 feat: add GCS bucket trigger support for Cloud Run services (#3257) 
* feat: add GCS bucket trigger support for Cloud Run services 🌟

* feat: add examples for Cloud Run service with Eventarc storage triggers

* fix: update bucket name in Eventarc storage trigger example and clean up service account configuration

---------

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2025-08-01 16:41:49 +00:00
Charles Salmon
ee468514b0 [cloud-run-v2] Add ability to deploy OpenTelemetry Collector sidecar (#3071) 
* [cloud-run-v2] Add ability to deploy OpenTelemetry Collector sidecar

- Adds `depends_on` flag to container definition
- Adds `port` to HTTP liveness & startup probes

* fix: add port to unmanaged resource's startup & liveness probes

* fix: add copyright boilerplate

* Fix README

---------

Co-authored-by: Julio Castillo <jccb@google.com>
 2025-05-08 09:05:58 +00:00
Simone Ruffilli
3c91acd181 Replace all instances of stackdriver.googleapis.com with log+mon (#3022) 
Replace all instances of stackdriver.googleapis.com with logging.googleapis.com  and monitoring.googleapis.com.
Fixes #2932
 2025-04-11 12:04:50 +00:00
Tim Hiatt
762841da79 Fr/timhiatt/invoker iam disable (#2994) 
* Staging the New Variable change and the flag endablement for 'invoker_iam_disabled' in the 'google_cloud_run_v2_service' resouece associated with the 'cloud-run-v2' module.

* Updating tfdocs to include the new variables for the 'invoker_iam_disabled' flag in the 'google_cloud_run_v2_service' resource in module 'cloud-run-v2'

* Updating the testing in the readme for the cloud-run-v2 module.

* Fixing an issue with links in README.md Docs

* Fixing README.md linting.
 2025-04-01 11:41:08 +02:00
Ludovico Magnocavallo
c8e4179f2b Add custom routes for directpath to net-vpc module (#2966) 
* add custom routes for directpath to net-vpc module

* blueprint tests

* blueprint tests

* blueprint tests

* fast tests

* tfdoc

* module examples
 2025-03-19 10:22:47 +00:00
Wiktor Niesiobędzki
6b0745deed Add gcs mount_options, move direct vpc out of BETA 2024-11-16 12:52:50 +01:00
Wiktor Niesiobędzki
e0d6f0eadb Fix examples 2024-11-15 09:58:01 +01:00
Wiktor Niesiobędzki
fe52a9102b Fix gcs mounts for cloud-run-v2, closes #2684 2024-11-14 13:33:20 +01:00
Wiktor Niesiobędzki
b85711e81b Additional examples 
- Cloud Run - mounting Cloud SQL
- Cloud SQL - creating users for IAM service account
 2024-11-10 07:02:29 +01:00
Simone Ruffilli
7f8a02a405 Add support for google provider 6.x (#2536) 
* Add support for google provider 6.x

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
Co-authored-by: Wiktor Niesiobędzki <wiktorn@google.com>
Co-authored-by: Julio Castillo <jccb@google.com>
 2024-09-05 10:35:58 +00:00
Julio Castillo
c0bf32e797 Refactor service agent management (#2423) 
* Service agents script

* Service agents update

* WIP

* Update script and terraform

* Fix tests

* Fix linter

* Update docs

* Bring back pf example inventory

* Fix tests

* Fix more tests

* Fix tests

* Use dataclasses for build_service_agents.py

* Remove unneeded field() from build_service_agents

* Re-enable CMEK depends_on in project outputs

* Update tools/requirements.txt

* Enable storage in GCS example projects

* Fix tests

* Add CMEK Service Agents dependencies for services

* Fix typos and data platform cmek

* More typos
 2024-07-23 22:05:38 +02:00
Wiktor Niesiobędzki
bee3072568 Add support for Cloud Run v2 jobs (#1954) 
Add support for Cloud Run v2 jobs

* create a separate file for service creation (service.tf) and job
  (job.tf) - for easy comparison
* add E2E tests where possibile
* remove default value for input variable `region`
* fix subnet range VPC Access Connector example
* add creation of service account for audit logs call (trigger requires
  service account)
* use provided trigger service account email in
  `local.trigger_sa_email`, so explicitly provided SA is passed to
  trigger
* set default value for vpc_connector_create.throughput.max, to match
  what is set by GCP API, as provider uses wrong default of 300 which
  results in perma-diff
* create inventory fiels for all examples

Global changes
* (tests) add input variable `project_number`, to allow assigning IAM permissions to Service Accounts in fixtures
* (tests) fix not outputting the path, when object is not found in inventory
* (tests) fix `create_e2e_sandbox.sh` - now it properly finds root of the repo

Secret Manager
* added `version_versions` output, to allow specifying versions in other modules. `versions` is sensitive and it makes it unsuitable for `for_each` values

New test fixtures
* `pubsub.tf` - creating one topic
* `secret-credential.tf` - creating Secret Manager `credential` secret
* `shared-vpc.tf` - creating two projects (host and service), and vpc in host project
* `vpc-connector.tf` - creating VPC Access Connector instance
 2024-02-18 14:57:34 +01:00