kovagoadi/hunfabric
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
5,883 Commits 1 Branch 1 Tag
c7262a7a87bc88c3948125e67923bcd181dd19e8
Commit Graph

856 Commits

Author SHA1 Message Date
Simon Roberts
cfe8c130f0 Add note about the use of n-stagename/moved/ files during upgrade (#2874) 2025-02-10 07:34:37 +00:00
ZoranBatman
276ef62e62 update docs: clarify 0-bootstrap.auto.tfvars creation and outputs_location use (#2862) 
Co-authored-by: Zoran Zaric <mr.zoranzaric@gmail.com>
 2025-02-03 15:44:47 +00:00
Ludovico Magnocavallo
fcb4ff54ee Revert "Allow multiple stage-2 project factories (#2834)" (#2839) 
This reverts commit f6a8190946.
 2025-01-26 10:37:43 +01:00
Julio Castillo
bee7e30b2b Interpolate SAs in tag-level iam (#2836) 2025-01-24 10:39:03 +01:00
Julio Castillo
f6a8190946 Allow multiple stage-2 project factories (#2834) 
* Allow multiple stage 2 project factories

* Fix bindings and rename default project factory

* Remove debug

* Update readme
 2025-01-24 00:38:22 +01:00
Julio Castillo
cbd66f8462 Allow networking stage to be disabled (#2831) 2025-01-22 07:45:22 +01:00
Ludovico Magnocavallo
42a3ee44d0 Small fix to net test add-on context expansion (#2828) 
* Small fix to net test add-on context expansion

* linting
 2025-01-21 11:14:43 +01:00
Julio Castillo
9c22337ed1 Fix stage-1 addons provider files (#2826) 2025-01-21 07:55:40 +01:00
Ludovico Magnocavallo
6aed84f070 FAST add-on for networking test resources (#2825) 
* needs testing

* add-on README, test, remove test resources from net stages

* tfdoc
 2025-01-20 09:41:35 +01:00
Ludovico Magnocavallo
1c2e3c5677 Update service activation in ngfw add-on (#2823) 
* align services use in ngfw add-on with swp

* update ngfw README example
 2025-01-18 14:23:23 +01:00
Ludovico Magnocavallo
f646e85301 FAST SWP networking add-on (#2821) 
* prototype implementation, untested

* halfway through refactor

* refactor cas module pool variable

* apply cas module refactor to ngfw fast addon

* untested

* test

* tflint

* tflint

* tfdoc

* fix brainfarts

* tfdoc

* update ca pool type in security stage
 2025-01-18 07:12:40 +00:00
Simone Ruffilli
8b31a006c7 Top level folder factory support for automation SA IAM (#2818) 
* Top level folder factory support for automation SA IAM

* Fixes iam_bindings and iam_bindings_additive for top-level-folder

---------

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2025-01-16 10:32:59 +01:00
Ludovico Magnocavallo
b608e3756e Fix permadiff in stage 0 vpc-sc service account, add schemas to hierarchical policy YAML files (#2817) 
* fix permadiff in stage 0

* add missing schema

* update test inventories
 2025-01-15 09:47:04 +00:00
Ludo
206fd28419 Merge remote-tracking branch 'origin/master' into fast-dev 2025-01-14 17:04:18 +01:00
Julio Castillo
c59470a4fb Update logging_data_access type (#2816) 
* Update logging_data_access variables to use types

* Fix dependencies

* fix schema

* Add missing comma

* Fix try
 2025-01-14 16:00:35 +00:00
Luca Prete
bf528ec89d [FAST] Add missing permission to ngfwEnterpriseAdmin role (#2815) 
Co-authored-by: Luca Prete <lucaprete@google.com>
 2025-01-14 08:40:57 +00:00
Liam Johnston
ec59f70a5c feat: include network tfvars in project factory (#2813) 2025-01-14 07:29:38 +01:00
Ludo
ef5e228f42 fix conflict 2025-01-13 15:01:09 +01:00
Julio Castillo
0cea946ced Simplify versions tf and update FAST workflows (#2812) 
* Simplify versions tf and update FAST workflows

* Fix typos
 2025-01-12 20:39:01 +00:00
Ludovico Magnocavallo
962fd34e76 Small fixes and improvements to FAST netsec/net (#2810) 
* remove obsolete stage-links script

* update networking stages fast envs

* add security policy groups FAST variable and context to net stages

* small networking/ngfw fixes
 2025-01-11 13:48:44 +01:00
Ludovico Magnocavallo
27f1cc2b79 Implement FAST stage add-ons, refactor netsec as add-on (#2800) 
* security fixes

* change netsec to be a virtual stage in resman

* remove netsec bits from security stage, leave CAs in place

* netsec - security profile groups

* export regions to networking tfvars

* netsec - trust stores

* netsec refactor, untested

* netsec plan working

* netsec apply

* netsec apply errors

* netsec diagram

* update diagram

* move addon stages to addons folder

* remove top-level assets folder

* deprecate and remove fast plugins

* addon tests

* dynamic addon providers and cicd, untested

* stage 1 addons in stage 0, refactor stage 0 cicd

* addons and cicd refactor in stage 0 with tests

* refactor stage 0 cicd

* readd removed block

* small bootstrap cicd fixes

* refactor stage 1 cicd

* resman tests

* remove plugins from networking tests

* fix fast tests

* ngfw addon outputs

* try to fix unrelated tflint error in bootstrap

* remove common tfvars from bootstrap tests to fix linter errors

* tfdoc

* minimal readmes and links fixes

* tfdoc

* trim down test inventories

* fix plan test

* tfdoc

* allow configuring output files names

* fix tls inspection after adding count to project module

* comment fixes

* tfdoc
 2025-01-09 18:14:11 +00:00
Ludovico Magnocavallo
d6d582e636 Add optional support for fw policies via new vpc_configs variable, refactor factories variable in net stages (#2801) 
* net a

* extend change to other networking stages

* refactor factories config variable in net a

* net b and c

* complete net b

* fix errors, add mtu

* fix

* fix

* fix errors
 2025-01-09 17:14:55 +01:00
Ludo
e07adf71c1 rollback 2025-01-09 16:43:56 +01:00
Ludo
4bae08f61e fix 2025-01-09 16:43:01 +01:00
Ludovico Magnocavallo
647895a928 Leverage environments for folder and project creation in FAST resman and security (#2787) 
* resman

* resman tests

* untested sec changes

* plan fixes

* tests, tfdoc, test apply

* boilerplate

* resource naming
 2024-12-27 21:03:31 +01:00
Luca Prete
e72303a94b [FAST] Remove unused stage 1 CICD variables (#2774) 2024-12-17 17:26:02 +01:00
Ludovico Magnocavallo
91da1c6482 Support customizable resource names to fast stage 1 (#2769) 
* add support for resource names to fast stage 1

* tflint version
 2024-12-16 18:07:28 +00:00
Ludovico Magnocavallo
0fa257e6b1 Support customizable resource names in FAST stage 0 (#2768) 
* support customizable resource names in FAST stage 0

* tfdoc

* tflint

* remove comment

* use object type

* tfdoc

* bump tf version

* bump terraform version in versions files

* tf version in ci

* trigger workflow
 2024-12-16 17:46:34 +01:00
Ludovico Magnocavallo
133a9bb133 fix workspace logs sink in FAST bootstrap stage (#2767) 2024-12-13 13:22:42 +00:00
Ludovico Magnocavallo
ae9f4c6d74 allow optional creation of billing resources in FAST boostrap stage (#2766) 2024-12-13 12:32:16 +01:00
Ludovico Magnocavallo
d86b8d565c Refactor GKE cluster modules access configurations, add support for DNS endpoint (#2761) 
* stub

* gke standard module and tests

* blueprints

* tfdoc

* autopilot

* blueprints

* tfdoc

* gke hub module examples

* dataproc and gke fixture
 2024-12-12 11:02:24 +01:00
Ludovico Magnocavallo
1a1886c551 fix parent id lookup for networking and security stages (#2744) 2024-12-04 21:08:31 +01:00
mtndrew404
7c858f4753 Fixing yaml naming in prod subnet folder to match other lifecycles (#2733) 2024-11-26 06:40:21 +00:00
Ludovico Magnocavallo
008202129b add missing role to org-level delegated IAM grants (#2731) 2024-11-23 07:58:13 +01:00
Ludo
a3bffbbcbf Merge remote-tracking branch 'origin/master' into fast-dev 2024-11-22 07:39:09 +01:00
Ludovico Magnocavallo
5af0f90929 Allow setting GCS location default/override in project factory (#2715) 
* allow setting GCS location default/override in project factory

* tflint
 2024-11-18 17:45:52 +01:00
Julio Castillo
81166b3601 Remove stale validation (#2714) 2024-11-18 16:00:06 +00:00
Julio Castillo
4a739fcb87 Expose factories_config for resman top level folders (#2707) 
* Expose factories_config for top_level_folders

* Complete top level folder schema

* Update README

* Fix escapes

* Update tests
 2024-11-17 22:54:56 +00:00
Julio Castillo
bb65920b4b Merge branch 'master' into fast-dev 2024-11-17 22:01:21 +01:00
Joshua Wright
2676010629 Add Automation Service Accounts Output (#2640) 
* Add Automation Service Accounts Output

* Add Automation Service Accounts Output

* Add Projects Output, Along with Docs

* Fix output

---------

Co-authored-by: Julio Castillo <jccb@google.com>
 2024-11-17 17:29:06 +00:00
Julio Castillo
1fc5e90bdd Allow disabling network security stage (#2701) 
* Allow disabling security stage

* Remove deprecated network_firewall_policies_viewer

* Enable nsec in resman tests
 2024-11-17 10:04:18 +01:00
Julio Castillo
f140adfab8 Remove REGIONAL/MULTI_REGIONAL buckets from FAST (#2697) 2024-11-16 10:14:47 +00:00
Julio Castillo
7b2a3424a8 Unify usage of top level folders short_name (#2693) 
* Unify usage of top level folders short_name

* Fix docs

* Update schema

* Fix tests

* Fix tests

* More fixes
 2024-11-15 13:56:45 +01:00
Julio Castillo
9814756074 Make project iam viewer name consistent with GCP naming (#2694) 
* Make project iam viewer name consistent with GCP naming

* Fix tests
 2024-11-15 11:48:37 +01:00
Ludovico Magnocavallo
31cb391be7 Streamline environments variable across stages (#2688) 
* streamline environments variable across stages

* linting

* linting
 2024-11-15 10:22:18 +01:00
Ludovico Magnocavallo
721e7689b4 Add missing billing roles to project factory ro SA in stage 1 (#2685) 
* add missing billing role for pf ro sa

* fix tests
 2024-11-14 11:41:30 +01:00
Ludovico Magnocavallo
aa30e33618 add missing role for pf ro account (#2683) 2024-11-14 10:25:51 +01:00
Ludo
8c02ff0780 Merge remote-tracking branch 'origin/master' into fast-dev 2024-11-14 08:54:45 +01:00
Roberto Jung Drebes
f1b074b594 Fix typo 2024-11-13 21:28:44 +01:00
Rob Rankin
47057b62ff Swap groups_iam/iam_group for iam_by_principals in bootstrap README (#2680) 2024-11-13 15:33:41 +00:00