kovagoadi/hunfabric
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,461 Commits 1 Branch 1 Tag
dc8a67b83adc1dfaa96111e5d31d771f007c9d83
Commit Graph

101 Commits

Author SHA1 Message Date
Wiktor Niesiobędzki
dc8a67b83a yamllint modules 2025-10-24 13:11:17 +02:00
Julio Castillo
367184561b Few more typos 2025-10-21 15:13:51 +02:00
Julio Castillo
48f6b4cd49 Add PAM support (#3438) 
* PAM first pass

* Add factory and extend to organization

* Extend to project, add examples

* Add additionalProperties to all objects

* Fix boilerplate

* Expose pam_entitlements to project-factory

* Fix readme

* Move entitlements to second folder/project pass

* extend tests

* Fix readme

* Remove timeouts from inventories
 2025-10-20 12:50:37 +00:00
Vannick Trinquier
30f46f09d6 Apply alerts and log based metrics after log buckets creation (#3442) 2025-10-20 06:13:42 +00:00
Ludovico Magnocavallo
4113da128b Support resource-level factories config in project factory module and FAST stages (#3440) 
* support resource-level factories in project factory module

* align folder and project schemas across modules and fast

* schema docs
 2025-10-18 10:41:19 +00:00
Ludovico Magnocavallo
7b70177459 add context to bigquery module (#3388) 2025-10-07 07:57:42 +00:00
Ludovico Magnocavallo
4db29a48eb allow forcing jit service agents generation for universe (#3378) 2025-10-05 10:17:57 +02:00
kovagoadam
505ee02fef Add support for billing export in 0-org-setup (#3347) 
* Add support for billing export in 0-org-setup

* Merge branch 'master' into add-billing-export-support

* Refactored billing export with adding support for bigquery_datasets in project_factory

* Renamed bigquery_dataset to datasets

* Fixed defaults.schema.md

* Fixed default.schema.md again

* Cleanup md's

* Fixed boilerplate

* Fixed JSON schema

* reword README, rename project file

* Moved dataset_id to the key of the map

---------

Co-authored-by: Julio Castillo <jccb@google.com>
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2025-10-01 10:12:45 +00:00
kovagoadam
c334e3c60f Fixed small typo in project-factory module with log-buckets (#3357) 
* Fixed small typo in project-factory module

* Add log_analytics and retention to log_buckets
 2025-09-27 07:21:48 +00:00
Ludovico Magnocavallo
90ee0ccf12 Expose project factory stage defaults via a YAML file (#3354) 
* initial implementation

* README

* tfdoc
 2025-09-24 09:59:11 +00:00
Ludovico Magnocavallo
d0e2a54948 rationalize prefix handling for project factory automation resources (#3345) 2025-09-21 21:07:28 +02:00
Ludovico Magnocavallo
78966f66c3 Add support for project templates to project factory module (#3317) 
* add support for project templates to project factory module

* align project factory features in FAST org setup stage
 2025-09-11 09:56:01 +02:00
Ludovico Magnocavallo
d1ec0868f0 Delete modules/project-factory/ludo.tfvars 2025-09-08 08:06:20 +02:00
Ludovico Magnocavallo
86d50ffb62 New project factory improvements (#3303) 
* Add separate prefix for automation resources in pf

* fix example

* add automation to pf outputs
 2025-09-06 10:01:36 +02:00
Ludovico Magnocavallo
d6f0a168f6 pf outputs (#3301) 2025-09-05 22:21:27 +02:00
Ludovico Magnocavallo
bc6950e205 Rename FAST stages preparing for eventual deprecation (#3298) 
* renames

* links

* readme

* docs

* update pf modules tests for renames

* condition_vars context in modules

* data platform dataset

* fix links in stage 3 docs

* schema changes

* schema docs

* tfdoc

* update duplicates check

* fast legacy tests

* legacy schema

* fix tests
 2025-09-04 08:24:11 +02:00
Ludovico Magnocavallo
36648b6b63 FAST light implementation (#3255) 
* data wip

* wip data

* update org schema, add note on expansion

* all schemas, workload notes

* Update WORKLOG.md

* Update WORKLOG.md

* Update WORKLOG.md

* Update WORKLOG.md

* wip

* data wip

* wip

* wip

* wip

* wip

* org module IAM context (using lookup)

* new-style context expansion in project IAM

* remove spurious file

* project module contexts

* finalize context replacement format for project module

* revert org module changes

* fix tag id interpolation in project

* fix tag id interpolation in project

* organization module context

* organization context test

* context expansion for folder tag bindings

* test context expansion for tag bindings

* service account module context

* simplify context local

* context for iam service account

* nuke blueprints

* remove links to blueprints

* vpc sc context in project module

* Add context to GCS module

* Add inline deps to plan_summary script

* Make context a top-level variable for folder, organization, sa

* Add add context top-level to VPC-SC

* move context out of factories_config variable

* tfdoc

* fix merge

* fix merge

* fix examples

* net-vpc module context

* add parent ids to folder context

* rename folder parent context

* fix folder parent check

* new project factory stub

* wip

* wip

* refactor defaults

* project iam

* bueckts and service accounts

* start adding context replacements

* better test data

* automation resources for folders and projects

* automation

* add support for project id interpolation

* first tested apply

* improve IAM description in gcs module

* add context to billing account module

* add notification channels to billing account module context

* add billing budgets to new pf

* schemas and defaults

* bootstrap wip

* bootstrap wip

* bootstrap wip

* pf outputs

* pf fixes

* fix pf sample data

* bootstrap lite fixes

* add locations to organization module contexts

* bootstrap lite fixes

* org fixes, billing accounts

* fix default project parent

* bootstrap lite wip

* add locations to gcs module context

* add context support to logging bucket module

* add context to pubsub module

* split out iam variables in gcs module

* fix logging bucket context test

* bootstrap log sink destinations

* streamline logging-bucket module variables

* fix logging bucket context test

* align logging bucket module interface in fast bootstrap

* add support for project-level log buckets to project factory

* support full context expansion in organization module log sinks

* log buckets in fast-lite bootstrap

* make og sink type optional in organization module

* log sinks in fast-lite bootstrap

* set tag values in factory context

* bootstrap lite data

* output files schema

* billing account schema

* output files

* output providers

* gcs output files

* boilerplate

* tflint

* check documentation

* check docs

* fix project module parent variable validation

* fix log bucket examples

* allow null parent in project module

* silence folder test errors

* fix billing account sink example

* fix project example

* fix billing account module

* fix folder tests

* fix FAST

* fix fast

* tfvars outputs

* wif

* cicd service accounts

* cicd

* allow defaults in context, minimal org policies

* support gcs managed folders in project factory and bootstrap lite

* support prefix in provider output files

* rename bootstrap stage

* gitignore

* gitignore

* security folder, billing IAM

* wip tfvars

* fix typo

* security IAM

* control tag iam/context via variables in organization module

* split tag creation from tag IAM to avoid circular refs

* port organization module tag changes to project module

* implement new-style context expansion in vpc-sc module

* fix fast vpc-sc tests

* boilerplate

* vpc sc stage

* schemas

* fast-lite compatibility for vpc sc stage

* make log project number optional in vpc-sc stage

* networking

* networking

* networking

* networking

* rename and move new stage under fast

* clone pf tests

* use context replacement for internal notification channels in billing account module

* support service agents in project module iam context replacements

* support service agents in project module iam context replacements

* add support for kms keys to project module context

* experimental pf example test and fixes

* fix schemas

* fix tests

* tfdoc

* tfdoc

* pf config

* experimental pf

* remove redundant dot from gcs managed folder IAM keys

* bootstrap experimental test

* project factory exp stage test

* skip tflint for bootstrap experimental test

* tflint

* fix gcs test

* documentation work

* documentation work

* Update README.md

* tfdoc

* tfdoc

* readme

* tfdoc

* readme

* readme

* readme

* readme

* support universe in pf exp projects

* missing universe service agents

* org policies import, non-admin billing IAM

* todo

* fix test

* custom constraints

* fast classic dataset

* fix test data

* context replacements in billing module log sinks

* fix typo

* add support for billing log sinks

* update docs

* readme

* cicd fix and test

---------

Co-authored-by: Julio Castillo <jccb@google.com>
 2025-09-02 08:38:57 +02:00
Ludovico Magnocavallo
89d8911741 support different key names for service accounts in IAM interpolation (#3279) 
Fixes #3278
 2025-08-20 20:45:43 +02:00
Ludovico Magnocavallo
915a1288d2 Merge remote-tracking branch 'origin/master' into fast-dev 2025-08-04 07:15:42 +00:00
Liam Nesteroff
fdbe2f34bd fixed schema patter for iam_bindings_additive roles (#3258) 
* fixed schema to allow iam_bindings_additive roles with "." (roles/compute.admin)
 2025-08-01 16:48:04 +10:00
V0idC0de
97f63fcc52 feat: Add Service Agent substitution for Buckets and iam_by_principal in project-factory (#3246) 
* feat: Add Service Agent substitution for `iam_by_principals`, just like the other `iam*` attributes

* feat: Add Service Agent substitution for Buckets created via `project-factory`

* fix: Service Account lookups in IAM assignments of Buckets, created by `project-factory`

---------

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2025-07-29 08:26:49 +00:00
Ludovico Magnocavallo
332d8614ab Merge remote-tracking branch 'origin/master' into fast-dev 2025-07-18 15:47:46 +00:00
kovagoadam
c551c5b278 Add support for quotas to project-factory module (#3242) 
* Add support for quotas to project-factory module

* Updated embeded definition in net-vpc-factory
 2025-07-18 11:58:29 +00:00
Luca Prete
625a6b7c27 Add force destroy option to buckets in project factory module (#3238) 2025-07-16 16:18:20 +00:00
Luca Prete
808bf7a32a Fix force_destroy for buckets (#3237) 
Co-authored-by: Luca Prete <lucaprete@google.com>
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2025-07-16 17:57:56 +02:00
Ludovico Magnocavallo
2a1a630e9d allow setting defaults/overrides for buckets force destroy in project factory (#3233) 2025-07-11 16:47:25 +00:00
Ludo
2cb166389f Merge remote-tracking branch 'origin/master' into fast-dev 2025-07-04 08:55:38 +02:00
Liam Nesteroff
f07e4f64e9 Standardise reuse variable from project module and implement for net-vpc (#3205) 
* exposing the network_id from the net-vpc module for use with tag bindings

* convert vpc_create to vpc_reuse

* Changed the reuse vars to standardised attributes

* fixed readme tests and schemas

* modified apigee blueprint to use vpc_reuse with network_id passthrough

---------

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2025-07-03 09:12:05 +10:00
V0idC0de
3058792b65 Fix for service agent substitutions in project factory additive bindings (#3210) 
* fix: Use consistent substitution for Service Agents

Fixes broken substitution of Service Agents when calling module `project-iam`. Setting `iam_bindings` and `iam_bindings_additive` now substitutes like `iam`, where it already works.

* Fix reference

---------

Co-authored-by: Julio Castillo <jccb@google.com>
 2025-07-02 16:14:17 +00:00
Ludo
0e052abb59 Merge remote-tracking branch 'origin/master' into fast-dev 2025-06-28 09:40:24 +02:00
Liam Nesteroff
3bfa3608d0 Added option to set force_destroy on pf buckets (#3192) 
* Added option to set force_destroy on pf buckets

* added force_destroy to schema
 2025-06-26 09:20:41 +10:00
Ludovico Magnocavallo
81fe7061be add support for service account principalsets to project factory (#3181) 2025-06-20 06:10:21 +00:00
Ludo
a136cc812a update schemas 2025-06-15 18:29:05 +02:00
Ludovico Magnocavallo
fe0a8128dc Allow custom roles in context, add support for shared VPC IAM to project and project factory (#3163) 
* add support for custom roles and hos tproject iam to project modules

* align vpc factory
 2025-06-15 10:01:22 +02:00
Ludovico Magnocavallo
7d008be2cb Allow configuring project key format in project factory (#3154) 
* Configurable project key in project-factory module

* Configurable project key in project-factory module

* add tests
 2025-06-11 13:18:03 +02:00
Ludovico Magnocavallo
3c38bc643e add KMS keys interpolation to project factory (#3145) 2025-06-10 10:24:25 +02:00
Julio Castillo
df0ed1a73c Fix #3142 (#3144) 2025-06-10 08:08:44 +02:00
Ludovico Magnocavallo
6b04ce769d Allow multiple types in JSON schema docs tool (#3126) 
* allow multiple types in JSON schema docs tool

* support pattern

* support pattern
 2025-05-31 11:58:20 +02:00
Ludovico Magnocavallo
e391a3ff75 Allow explicit definition of automation prefix in project factory (#3124) 
* Allow explicit definition of automation prefix in project factory

* update schema doc
 2025-05-30 14:30:53 +02:00
Ludovico Magnocavallo
7ce4381ac3 add support for service agent expansion to project factory IAM (#3112) 2025-05-24 12:33:20 +02:00
Ludovico Magnocavallo
e38a82f36f Support iam_sa_roles in project factory service accounts (#3110) 
* support iam_sa_roles to project factory service accounts

* README
 2025-05-22 08:22:31 +00:00
Ludovico Magnocavallo
4195c3a5af Revert "Make automation project in project factory module optional (#3091)" (#3106) 
This reverts commit 33493b3597.
 2025-05-21 15:01:39 +02:00
Luca Prete
13a236bca2 Project Factory: fix reference to automation SAs in IAM block for service accounts (#3100) 
* PF: fix reference to automation SAs in IAM block in service accounts for PF

* add test

---------

Co-authored-by: Luca Prete <lucaprete@google.com>
Co-authored-by: Ludo <ludomagno@google.com>
 2025-05-20 14:01:50 +02:00
Luca Prete
33493b3597 Make automation project in project factory module optional (#3091) 2025-05-20 08:19:58 +02:00
Ludovico Magnocavallo
7cf936dc87 Enable context replacements for IAM principals in project factory module (#3094) 
* enable context replacements for iam principals in pf module

* test changes
 2025-05-19 11:57:26 +00:00
Ludovico Magnocavallo
30b390483e JSON schema documentation tool (#3070) 
* wip

* wip

* wip

* generate schema docs

* formatting

* typo

* fix details

* fix details

* revert dp change

* tfdoc
 2025-05-06 08:17:46 +02:00
Ludovico Magnocavallo
cb7bed50e3 New FAST data platform (#3066) 
* copy from broken dp dev branch

* remove extra excalidraw file

* fix networking yaml

* tfdoc

* tfdoc

* nuke old data platform

* fix tests

* tests

* tflint

* high level diagram

* make location optional in composer schema

* add composer outputs

* docs

* remove schema docs

* tfdoc

* update service agent encryption composer def for composer 3

* encryption keys

* typo

* typo

* fix security IAM

* inventory

* tflint

* Fix roles and diagram.

* Fix tflint

* Fix test DP.

* Fix test

* Diagrams excalidraw gz

---------

Co-authored-by: lcaggio <lorenzo.caggioni@gmail.com>
 2025-05-03 21:21:38 +00:00
Ludo
4c7ff3381e Merge branch 'master' into fast-dev 2025-05-02 14:39:28 +02:00
Tyler Sommer
e547d4d29c Add deletion_policy to project-factory module (#3060) 
* Add deletion_policy to project-factory module

* Use project deletion_policy in object normalization

* Replicate changes in net-vpc-factory

---------

Co-authored-by: Julio Castillo <jccb@google.com>
 2025-04-30 16:10:11 +00:00
Luca Prete
89d1b5aa8b Add ability to reuse existing projects in project factory (#3051) 2025-04-21 08:57:53 +00:00