kovagoadi/hunfabric
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,003 Commits 1 Branch 1 Tag
d63a425b623de0cb7b031a0175d514b85d596ce5
Commit Graph

2144 Commits

Author SHA1 Message Date
Wiktor Niesiobędzki
70bd037629 Add IAM member prefix validation to variables.tf 2024-08-09 12:08:22 +02:00
Wiktor Niesiobędzki
c27f634314 Bind schemas to factory files, add support for groups in VPC-SC schema 
https://cloud.google.com/vpc-service-controls/docs/release-notes#July_31_2024
 2024-08-09 12:08:22 +02:00
Julio Castillo
f1607f68a9 Extend test collector to include yaml files under tests/schemas/ and fast data files (#2489) 
* Extend test collector to include yaml files in tests/schemas/

* Silence linter

* Simplify yaml schema test names

* Vaidate FAST data files schema
 2024-08-09 10:59:00 +02:00
Julio Castillo
9386764f66 Introduce YAML schema validation for YAML examples (#2488) 
* Add schema key to yaml examples

* Update testing requirements
 2024-08-08 23:09:22 +02:00
Wiktor Niesiobędzki
251339de6e Fix failing tests for CloudSQL 2024-08-08 20:16:52 +02:00
Ludovico Magnocavallo
c5fcbbfca8 Project factory module JSON schemas (#2485) 
* folder and project schemas

* budget schema
 2024-08-08 18:43:11 +02:00
Luca Prete
092053b517 Adds a new certification authority service (CAS) module (#2481) 2024-08-08 09:55:48 +02:00
Julio Castillo
9880c0b64d Add support for PSC global access to net-address (#2480) 
* Add support for PSC global access to net-address

Fixes #2479

* Fix example formatting
 2024-08-07 17:27:03 +00:00
Ludovico Magnocavallo
db7cb937d1 VPC-SC factory JSON Schemas (#2477) 2024-08-07 12:09:37 +00:00
Luca Prete
951daad210 Pass optional location variable at certificates creation (#2474) 
Co-authored-by: Luca Prete <lucaprete@google.com>
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2024-08-07 07:05:57 +00:00
apichick
110318a51d Cloud run v2 custom audiences (#2476) 
* Added forward_proxy_uri to apigee environments in apigee-x-foundations blueprint

* Added custom audiences to Cloud Run v2 module
 2024-08-07 08:54:36 +02:00
apichick
0b66f61909 Cloud run v2 output uri (#2475) 
* Added forward_proxy_uri to apigee environments in apigee-x-foundations blueprint

* Added service URI as output to Cloud Run service
 2024-08-06 20:09:19 +00:00
Julio Castillo
743d3eb1ae Fix grammar in net-vpc-peering preconditions (#2472) 2024-08-06 14:27:31 +02:00
Wiktor Niesiobędzki
1daf344fe9 Bump provider version to 5.40, to resolve perma-diff with Cloud SQL instance 2024-08-06 11:49:29 +02:00
Wiktor Niesiobędzki
d395e9490d Fix quotas E2E tests 2024-08-06 11:49:29 +02:00
Ludovico Magnocavallo
345716e576 VPC-SC as separate FAST stage 1 (#2460) 
* initial commit

* README

* boilerplate

* tflint

* tfdoc

* fix security stage tests

* vpc-sc stage tests

* tflint

* fix resman stage test inventories

* security README

* stage-level README

* Update README.md

* flexible perimeter variable

* remove diagram

* change default to dry run

* default to dry run
 2024-08-02 18:04:36 +02:00
Julio Castillo
1d508d27ef Allow user to override peerings names (#2459) 2024-07-31 17:13:21 +02:00
vivianvarela
35d61e4cda update readme with cross project backend external regional/global LB - review (#2457) 
* update readme with cross project backend external regional LB

* update readme with cross project backend external global LB

* update readme with cross project backend external regional/global LB

* merge

* update readme with cross project backend external regional/global LB - review

* Fix README

---------

Co-authored-by: Julio Castillo <jccb@google.com>
 2024-07-30 17:28:13 +02:00
Julio Castillo
1bbff3cc3a Add support for dry-run org policies (#2454) 2024-07-30 13:12:57 +00:00
Ludovico Magnocavallo
8c0be51c34 manage lifecycle of cloud functions v2 IAM (#2456) 2024-07-30 14:08:05 +02:00
Julio Castillo
3237764e74 Add moved blocks for the service networking service agent and IAM (#2449) 2024-07-25 12:01:21 +00:00
Julio Castillo
52b56aa84a Add generic URL output to modules/artifiact-registry (#2448) 2024-07-25 10:33:01 +02:00
Boris
e6ebfbce58 Fix wrong expression (#2447) 2024-07-25 05:26:25 +00:00
Julio Castillo
cf6b6dd645 Override primary flag for the storage transfer service agent (#2445) 2024-07-24 14:12:55 +00:00
Simone Ruffilli
d66a358b6d Add context to net-vpc (subnets) factory (#2444) 2024-07-24 15:54:20 +02:00
Ludovico Magnocavallo
64b403860e Project service agents moved block and enabled services (#2443) 
* moved block for jit service agents

* allow passing in enabled services to service agent config
 2024-07-24 12:02:53 +00:00
Julio Castillo
c0bf32e797 Refactor service agent management (#2423) 
* Service agents script

* Service agents update

* WIP

* Update script and terraform

* Fix tests

* Fix linter

* Update docs

* Bring back pf example inventory

* Fix tests

* Fix more tests

* Fix tests

* Use dataclasses for build_service_agents.py

* Remove unneeded field() from build_service_agents

* Re-enable CMEK depends_on in project outputs

* Update tools/requirements.txt

* Enable storage in GCS example projects

* Fix tests

* Add CMEK Service Agents dependencies for services

* Fix typos and data platform cmek

* More typos
 2024-07-23 22:05:38 +02:00
fulyagonultas
9e3b9edf54 Remove default values to secondary range names in GKE cluster modules (#2439) 
* pods and services not appended anymore to sec range names

* tfdoc

---------

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2024-07-22 20:20:58 +00:00
Luca Prete
2c2bfdf811 Add coalesce to factory fw policies to support empty yaml files (#2437) 2024-07-22 15:40:22 +00:00
Ludovico Magnocavallo
99ab796c72 Allow disabling topic creation in GCS module notification (#2436) 
* allow disabling topic creation in GCS module notification

* use proper topic name
 2024-07-22 10:51:25 +00:00
Ludovico Magnocavallo
485442af03 reintroduce docker image path output in AR module (#2433) 2024-07-20 06:49:59 +00:00
Wiktor Niesiobędzki
fa3817be6b E2E tests for ncc-spoke-ra 2024-07-13 13:54:34 +02:00
Wiktor Niesiobędzki
c47a76a74e fix Cloud Build E2E test 2024-07-13 13:43:04 +02:00
Nathalie
454a30b037 fix cloudbuild service account email (#2421) 
The correct format for the service account is documented in
https://cloud.google.com/build/docs/cloud-build-service-account
 2024-07-11 15:31:04 +02:00
Aurélien Legrand
78069eeffb Adding support for DWS for GKE nodepools (#2418) 
* Adding TPU limits for GKE cluster node auto-provisioning (NAP)

* rework of the cluster autoscaling configuration

* updated README

* adding queued_provisioning (DWS) attribute

* Adding support for DWS for GKE nodepools

* typo

* adding test for DWS

---------

Co-authored-by: Wiktor Niesiobędzki <wiktorn@google.com>
 2024-07-10 15:18:12 +02:00
Jay Bana
2a2c4a96ce Add support for sqlAssertion AutoDQ rule type in dataplex-datascan (#2416) 
* Add sql_assertion rule type to Dataplex AutoDQ data_quality_spec

* Fix broken link to API reference public doc for DQ spec

* Update README.md after linting

* Add example tests for dataplex-datascan

* Bump provider versions

* Bump provider versions everywhere
 2024-07-09 21:29:45 +00:00
Aurélien Legrand
59657415be Adding TPU limits for GKE cluster node auto-provisioning (NAP) (#2406) 
* Adding TPU limits for GKE cluster node auto-provisioning (NAP)

* rework of the cluster autoscaling configuration

* updated README

* fixing README

* Update modules/gke-cluster-standard/README.md

Co-authored-by: Wiktor Niesiobędzki <wiktorn@google.com>

* fixing indentation

---------

Co-authored-by: Wiktor Niesiobędzki <wiktorn@google.com>
 2024-07-09 09:26:30 +00:00
apichick
c81bc84e3a Added certificate_manager_certificates to app load balancers (#2415) 
* Added forward_proxy_uri to apigee environments in apigee-x-foundations blueprint

* Added certificate_manager_certificates to app load balancers
 2024-07-09 07:36:06 +02:00
Wiktor Niesiobędzki
01904c3397 Fix CFv2 tests 2024-07-08 16:14:21 +02:00
Wiktor Niesiobędzki
1d76bfc3ff Add E2E tests for Cloud Functions and fix perma-diff 2024-07-08 16:14:21 +02:00
Luca Prete
1bd3380a3f Adds support for external SPGs to net-firewall-policy (#2409) 
- Added support to reference external SPGs in factories in net-firewall-policy
- Added missing tls_inspect argument to hierarchical and global network firewall policies
- Fixed regional firewall policy rules, removing security profile groups and ngfw actions (given they're not supported)
- Updated copyright
 2024-07-06 10:33:09 +00:00
Julio Castillo
45fd48db42 Allow project factory projects to override name (#2407) 2024-07-04 20:14:04 +02:00
Aurélien Legrand
1f07cb72f2 Adding placement_policy for GKE nodepools (ex: GPU compact placement or TPU topology) (#2405) 
* Adding placement policy to gke-nodepool module

* Adding placement policy for GKE nodepool

* updated README

* variables for placement_policy

* formatting

* Updated README

* fixing typo

* removing useless trys

---------

Co-authored-by: Aurélien Legrand <legranda@google.com>
 2024-07-03 10:21:30 +00:00
Wiktor Niesiobędzki
e58c1b8892 Add info about roles for connectors service agent 2024-06-30 20:17:50 +02:00
Julio Castillo
4e8adc9c43 Update modules/artifact-registry with newly-released features. (#2396) 
Fixes #2377
 2024-06-28 19:52:25 +02:00
Ludovico Magnocavallo
198fa01159 Add support for SSL policy to net-lb-app-int module (#2393) 2024-06-28 09:03:10 +02:00
apichick
00d4673093 Added certificate-manager module (#2387) 2024-06-27 13:05:35 +00:00
Aleksandr Averbukh
85c1b7c156 Add AssuredWorkload support to the folder module (#2390) 
* Feat: Add AssuredWorkload support to the folder module

* Formatting

* Use square brackets to access list items

* Docs gen after adding an example to the readme

* Reorder variables

* Formatting

* Reordering outputs, formatting

* Remove try where not needed. Add IAM into the AW example and tests

* Fix tests

* Enable Assured Workloads in E2E tests

* Add compliance_regime and partner enum fields validation

* Rewording validation message for compliance_regime, partner fields

* Sort the list of allowed values alphabetically

* Make the organization dependant on testing environment

* fix tests

* Disable E2E for Assured Workflow example.

This example requires Access Transparency enabled on org level, even
chosing different regime, we need to have `parent` and `organization`
within the same hierarchy, which is not currently the case and requires
more rework of the test framework.

---------

Co-authored-by: Wiktor Niesiobędzki <wiktorn@google.com>
 2024-06-27 14:28:17 +02:00
Julio Castillo
07e519a8b7 Allow Cloud NAT to only use secondary ranges (#2384) 
* Allow Cloud NAT to only use secondary ranges

* Fix secondary_ranges validation

* Fix linter
 2024-06-27 08:05:45 +00:00
apichick
73d43b00db Added missing links to firestore module is READMEs. (#2388) 
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2024-06-27 06:54:02 +00:00