kovagoadi/hunfabric
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
5,996 Commits 1 Branch 1 Tag
e04079e3341fdcbdb12fd444b18c80231ea94b2a
Commit Graph

5996 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
frits-v
43e6daca8f fix(certificate-manager): reference dns_authz by fully qualified id (#2833) 2025-01-22 22:49:12 +01:00
Julio Castillo
cbd66f8462 Allow networking stage to be disabled (#2831) 2025-01-22 07:45:22 +01:00
Julio Castillo
8a2320311d Add bucket_create to modules/gcs (#2827) 
* Add `bucket_create` to `modules/gcs`

* Create local with bucket name

* Update variable description

* Fix bucket output

* Fix tests

* Fix tests

* Bump OpenTofu to 1.9.0 (needed for multi-var validations)
 2025-01-21 23:48:36 +01:00
frits-v
bb1325403e feat(certificate-manager): add dns_authorizations output (#2830) 2025-01-21 22:14:45 +00:00
Ludovico Magnocavallo
42a3ee44d0 Small fix to net test add-on context expansion (#2828) 
* Small fix to net test add-on context expansion

* linting
 2025-01-21 11:14:43 +01:00
Julio Castillo
9c22337ed1 Fix stage-1 addons provider files (#2826) 2025-01-21 07:55:40 +01:00
Ludovico Magnocavallo
6aed84f070 FAST add-on for networking test resources (#2825) 
* needs testing

* add-on README, test, remove test resources from net stages

* tfdoc
 2025-01-20 09:41:35 +01:00
Ludovico Magnocavallo
1c2e3c5677 Update service activation in ngfw add-on (#2823) 
* align services use in ngfw add-on with swp

* update ngfw README example
 2025-01-18 14:23:23 +01:00
Ludo
0b6bcdccf8 prepare v37.0.0-rc2 release 2025-01-18 08:36:26 +01:00
Ludo
97893f601d update changelog 2025-01-18 08:23:33 +01:00
Ludo
98c8697a08 Merge remote-tracking branch 'origin/master' into fast-dev 2025-01-18 08:18:05 +01:00
Ludo
662405c133 update changelog 2025-01-18 08:13:28 +01:00
Ludovico Magnocavallo
f646e85301 FAST SWP networking add-on (#2821) 
* prototype implementation, untested

* halfway through refactor

* refactor cas module pool variable

* apply cas module refactor to ngfw fast addon

* untested

* test

* tflint

* tflint

* tfdoc

* fix brainfarts

* tfdoc

* update ca pool type in security stage
 2025-01-18 07:12:40 +00:00
Ludovico Magnocavallo
0a72d26f49 don't create resources for aservice agents not in services (#2820) 2025-01-17 16:55:41 +01:00
Wiktor Niesiobędzki
10cc3d8079 modules/compute-vm end-to-end tests and fixes 2025-01-16 10:54:52 +01:00
Simone Ruffilli
8b31a006c7 Top level folder factory support for automation SA IAM (#2818) 
* Top level folder factory support for automation SA IAM

* Fixes iam_bindings and iam_bindings_additive for top-level-folder

---------

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2025-01-16 10:32:59 +01:00
Ludo
fcf254dddf Merge remote-tracking branch 'origin/master' into fast-dev 2025-01-16 09:43:27 +01:00
Ludovico Magnocavallo
b608e3756e Fix permadiff in stage 0 vpc-sc service account, add schemas to hierarchical policy YAML files (#2817) 
* fix permadiff in stage 0

* add missing schema

* update test inventories
 2025-01-15 09:47:04 +00:00
Ludo
04511e688c update changelog 2025-01-14 17:05:48 +01:00
Ludo
206fd28419 Merge remote-tracking branch 'origin/master' into fast-dev 2025-01-14 17:04:18 +01:00
Julio Castillo
c59470a4fb Update logging_data_access type (#2816) 
* Update logging_data_access variables to use types

* Fix dependencies

* fix schema

* Add missing comma

* Fix try
 2025-01-14 16:00:35 +00:00
Julio Castillo
7eff7b19dc Add iam_by_principals_additive to project, organization and folder modules (#2814) 
* First attempt at iam_by_principals_additive

* Remove validation

* Update IAM ADR

* Apply to organization and project modules

* Update READMEs

* Add tests

* Remove "cycle errors"
 2025-01-14 12:32:19 +00:00
Luca Prete
bf528ec89d [FAST] Add missing permission to ngfwEnterpriseAdmin role (#2815) 
Co-authored-by: Luca Prete <lucaprete@google.com>
 2025-01-14 08:40:57 +00:00
Liam Johnston
ec59f70a5c feat: include network tfvars in project factory (#2813) 2025-01-14 07:29:38 +01:00
Ludo
ef5e228f42 fix conflict 2025-01-13 15:01:09 +01:00
Julio Castillo
0cea946ced Simplify versions tf and update FAST workflows (#2812) 
* Simplify versions tf and update FAST workflows

* Fix typos
 2025-01-12 20:39:01 +00:00
Ludovico Magnocavallo
962fd34e76 Small fixes and improvements to FAST netsec/net (#2810) 
* remove obsolete stage-links script

* update networking stages fast envs

* add security policy groups FAST variable and context to net stages

* small networking/ngfw fixes
 2025-01-11 13:48:44 +01:00
Ludo
d250c4e726 prepare v37.0.0-rc1 2025-01-10 17:09:08 +01:00
Ludo
2d09d2ea74 Merge remote-tracking branch 'origin/master' into fast-dev 2025-01-10 17:04:06 +01:00
Ludo
21045cb333 prepare for v36.1.0 2025-01-10 16:56:01 +01:00
Ludo
96d881aa57 update changelog 2025-01-10 16:52:15 +01:00
dependabot[bot]
e64ba759fd Bump golang.org/x/net (#2808) 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.23.0 to 0.33.0.
- [Commits](https://github.com/golang/net/compare/v0.23.0...v0.33.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-01-10 15:48:39 +00:00
Ludo
39efcc1104 update changelog 2025-01-10 16:34:55 +01:00
rshokati2
b4abbfe9d0 Add intercepting sinks to the organization and folder modules (#2799) 
* RS-469: add support for intercept child on audit logging

* RS-469: add validation to ensure sink is set to project

* RS-469: add further validation to ensure include_children is also set to true when intercept is selected

* Update README

* RS-469: include optional flag for include and intercept

* RS-469: add intercept feature to folder module

* Fix organization README

* Fix condition

---------

Co-authored-by: Emile Hofsink <72841492+EmileHofsink@users.noreply.github.com>
Co-authored-by: Julio Castillo <jccb@google.com>
 2025-01-10 10:36:08 +00:00
Ludovico Magnocavallo
27f1cc2b79 Implement FAST stage add-ons, refactor netsec as add-on (#2800) 
* security fixes

* change netsec to be a virtual stage in resman

* remove netsec bits from security stage, leave CAs in place

* netsec - security profile groups

* export regions to networking tfvars

* netsec - trust stores

* netsec refactor, untested

* netsec plan working

* netsec apply

* netsec apply errors

* netsec diagram

* update diagram

* move addon stages to addons folder

* remove top-level assets folder

* deprecate and remove fast plugins

* addon tests

* dynamic addon providers and cicd, untested

* stage 1 addons in stage 0, refactor stage 0 cicd

* addons and cicd refactor in stage 0 with tests

* refactor stage 0 cicd

* readd removed block

* small bootstrap cicd fixes

* refactor stage 1 cicd

* resman tests

* remove plugins from networking tests

* fix fast tests

* ngfw addon outputs

* try to fix unrelated tflint error in bootstrap

* remove common tfvars from bootstrap tests to fix linter errors

* tfdoc

* minimal readmes and links fixes

* tfdoc

* trim down test inventories

* fix plan test

* tfdoc

* allow configuring output files names

* fix tls inspection after adding count to project module

* comment fixes

* tfdoc
 2025-01-09 18:14:11 +00:00
Ludovico Magnocavallo
d6d582e636 Add optional support for fw policies via new vpc_configs variable, refactor factories variable in net stages (#2801) 
* net a

* extend change to other networking stages

* refactor factories config variable in net a

* net b and c

* complete net b

* fix errors, add mtu

* fix

* fix

* fix errors
 2025-01-09 17:14:55 +01:00
Ludo
e07adf71c1 rollback 2025-01-09 16:43:56 +01:00
Ludo
4bae08f61e fix 2025-01-09 16:43:01 +01:00
Ludo
3097a54d30 Merge remote-tracking branch 'origin/master' into fast-dev 2025-01-09 16:38:01 +01:00
apichick
1ce9aff3b5 ASN should be optional in router_config variable as it is not necessary if the router is passed and not created by the net-vpn-ha module (#2806) 2025-01-09 14:46:42 +00:00
dependabot[bot]
8b9665a828 Bump golang.org/x/net (#2807) 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.23.0 to 0.33.0.
- [Commits](https://github.com/golang/net/compare/v0.23.0...v0.33.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-01-09 14:02:26 +00:00
Julio Castillo
cf173701b6 New tool versions.py to manage versions.tf/tofu (#2803) 
* Add provider_metadata to all modules

* Fix linting version check

* Another way

* Fix syntax

* Add fabric prefix to all provider meta

* Fix linting.yml
 2025-01-09 09:57:48 +01:00
apichick
9723cc2a57 Added BGP priority variable for dedicated interconnect because it was harcoded to 100 and removed default bgp range, so it can be automatically picked up if not specified (#2802) 2025-01-07 18:07:55 +01:00
Ludovico Magnocavallo
6844a19e74 Update addon-stages.md 2025-01-07 08:01:38 +01:00
Ludovico Magnocavallo
0ae0c3dad6 Update addon-stages.md 2025-01-07 08:01:16 +01:00
Ludovico Magnocavallo
3ec627682f Update addon-stages.md 2025-01-07 08:00:25 +01:00
Ludo
8ab982cd24 Merge remote-tracking branch 'origin/master' into fast-dev 2025-01-06 20:50:11 +01:00
Joshua Wright
325a997d79 Add Alerts, Logging, Channels Factories (#2758) 
* WIP: Logging Alerts Factory

* Implement Logging Alerts on Remaining Modules

* Documentation & FMT

* Convert To Multiple Factories

* Correct Project

* Update Documentation

* Update modules/project/alerts-factory.tf

Co-authored-by: Julio Castillo <jccb@google.com>

* Update fast/stages/0-bootstrap/data/logging-metrics/compliance.yaml

Co-authored-by: Julio Castillo <jccb@google.com>

* Update Tests, Resources

* tests

* Fix Tests

* Fix formatting

* Reformat metric filters

* Formatting, reordering, and small fixes

* Bring back alerts and metrics documentation

* Revert change bootstrap outputs.tf

* Fix project notification channel vars and factories

* Fix vars and factory for logging alerts

* Complete alert variable and factory

* Reorder fields

* Update readme

* Reorder variables

* Add schemas, update README, and fix some types

* Remove default alerts email from project and project-factory

* Move observability factory to a single file

* Add outputs to project module

* Add factories_config to PF data_defaults and data_overrides

* Reorder PF field processing

* Revert fast/ to master.

We'll do observability stuff in a separate PR

* Remove observability from FAST

* Remove new FAST tests

* Remove unused local

* Fix tests

---------

Co-authored-by: Julio Castillo <jccb@google.com>
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2025-01-05 19:49:20 +00:00
Ludovico Magnocavallo
2e86b09d0b ADR proposal for FAST add-on stages (#2798) 
* ADR proposal for FAST add-on stages

* Update addon-stages.md

* Update addon-stages.md

* Update addon-stages.md

* Update addon-stages.md

* Update addon-stages.md

* Update addon-stages.md

* Update addon-stages.md

* Update addon-stages.md

* Update addon-stages.md

* Update addon-stages.md
 2025-01-05 16:02:47 +01:00
simonebruzzechesse
0de38240a2 add docker image tag to bindplane config variable (#2796) 2025-01-03 16:52:51 +01:00