Add `flex_start` as an optional bool to the `node_config` variable type
and wire it through to the `google_container_node_pool` resource's
node_config block. This enables DWS (Dynamic Workload Scheduler)
flex-start mode for node pools, which allows the Cluster Autoscaler to
request capacity on-demand without requiring ProvisioningRequest objects
(unlike queued_provisioning). Typical use case is spot TPU node pools.
Co-authored-by: Julio Castillo <jccb@google.com>
linting runs prettier / yamllint / boilerplate checks.
tests runs terraform/tofu plan + unit tests with matrix providers.
Both are pure read - no commits, releases, or comments.
Signed-off-by: Arpit Jain <arpitjain099@gmail.com>
* dp rewrite stage 0, projects
* remove plan files
* generalize handling of basepath for projects in project-factory module
* central-0 ---> core-0
* add schemas, validate YAMLs, tags
* aspect types
* data catalog policy tag factory
* add support for data catalog taxonomy to project factory
* complete retrofit of old stage configuration, except networking
* shared vpc networking
* networking
* data platform as pf dataset
* docs
* test
* remove legacy dp stage, fix tests and links
* boilerplate
* tfdoc
* fix unrelated tfdoc
* schemas
* fix errors
* schema
* duplicate schemas
* yamllint
* Fix module naming convention for aspect-types
* Fix factories_config in vpcs.tf for net-vpc-factory compatibility
* Update schema documentation based on schema changes
* Fix false rename conflict in .config.yaml files
* Sync schemas and update documentation
* Fix path expansion for aspect-types and revert projects_input to master
* Restore path expansion for org_policies in projects-iam call
* Fix trailing newlines in schema duplicates to satisfy duplicate-diff
* Fix path expansion for data_catalog_taxonomy in taxonomies.tf
* Update inventory for data-platform test and clean up debug prints
* Add full values to data-platform inventory
* Align Stage 2 VPC Factory integration with Stage 0 and fix tests
TAG=agy
* Fix project factory context resolution and data platform datasets
- Update tag context keys in project factory to use file key without 'projects/' prefix.
- Fix tag reference in product-0.yaml.
- Fix shared_vpc_service_config in shared-0.yaml by moving service account to network_users.
- Set parent for domain-0 folder to data-platform.
- Mock net-dev-0 project ID in tests.
- Update inventories.
TAG=agy
CONV=4b37fa5b-bf59-4604-9e8f-b55353d967a0
* Fix project-level tag keys context resolution in project factory
* Fix commented out tag reference in domain-0 .config.yaml
* Fix merge() calls with empty arguments in project-factory and data-catalog-policy-tag
* Update Data Platform dataset README with prerequisites and customization guide
* Add Table of Contents to Data Platform dataset README
* docs: update Data Platform README with project templates tip
* Document data platform output files and linking sequence in README
* Update data platform README with VPC-SC and delegated IAM details
* Refactor data platform dataset and align stage defaults
* Update test inventory and variables for data platform with new prefix
Adds ephemeral_storage_local_ssd_count to node_config variable and the
corresponding dynamic ephemeral_storage_local_ssd_config block in the
node pool resource, enabling use of local SSDs as ephemeral storage.
* Fix categorization of PR #3949 in CHANGELOG.md
* Enhance changelog.py to error on uncategorized PRs
* Update skill to propose breaking changes to user
* Update Cloud Run v2 GPU examples in README
Remove launch_stage = "BETA" from examples as it now defaults to GA in the provider. This fixes E2E test failures where the API returns GA. Reference: https://github.com/hashicorp/terraform-provider-google/pull/17029
TAG=agy
* Fix KMS and Compute VM E2E test failures
Update README examples to avoid conflicts and unsupported modes, and update corresponding inventories.
TAG=agy
* Add instruction to run a single specific example test in GEMINI.md
TAG=agy
Adds support for enhanced query insights on cloud sql instances by adding enhanced_query_insights_enabled to the insights_config block. This allows enabling deeper visibility into query performance.
Closes#3890
TAG=agy
CONV=41331d43-c782-48a4-b0e7-bc8ad14866e9
Adds support for `advanced_datapath_observability_config` to the `gke-cluster-autopilot` module, matching the standard cluster module implementation.
Closes#3936
TAG=agy
CONV=9d4485ab-0fae-4f3d-a6e1-bbb6320d7c46
Add `common_repository` support to `maven`, `npm`, and `python` remote repository configurations in the `artifact-registry` module. This replaces the deprecated `custom_repository` feature which is now discouraged by the provider.
Existing README example `registry-mirror` has been updated to use `common_repository`. A legacy test case `legacy_custom_repo` has been added to the bottom of `README.md` to ensure backward compatibility for `custom_repository` continues to work.
TAG=agy
CONV=ffe77e65-ccef-4701-95e6-4ba2d2446f1b
* fix(modules): allow disabling logging and configuring optional fields in LB backend services
Replaced 'log_sample_rate' (number) with 'log_config' (object) in all Load Balancer Backend Service modules. This allows explicitly disabling logging ('enable = false') and configuring advanced options like 'optional_mode' and 'optional_fields', resolving infinite plan drift and the inability to disable logging.
Affected modules:
- net-lb-app-ext-regional
- net-lb-app-ext
- net-lb-app-int-cross-region
- net-lb-app-int
- net-lb-ext
- net-lb-int
- net-lb-proxy-int
Added test cases and updated documentation.
Fixes#3914
* style: format variables files with terraform fmt
* docs: add critical linting rule for AI agents to GEMINI.md
Introduce support for regional health checks in the net-lb-app-int module while maintaining backward compatibility.
Added optional is_regional flag to health_check_configs (defaulting to false). When true, it creates google_compute_region_health_check instead of google_compute_health_check.
Updated backend services and outputs to merge both global and regional health check IDs. Added a new test case to verify regional health check functionality.
TAG=agy
CONV=6aff620c-e5a5-44eb-afe0-459cff820daa
* docs: add documentation for additional organization policies and IAM constraints to the hardened datasets README
* fixed typos
---------
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* feat(2-networking): add support for static IPs NAT
* fix(linting): fix linting
* fix(linting): fix linting
* fix(2-networking): factory-cloudnat don't assume that the context values are present.
* fix(2-networking): factory-cloudnat pass region in a try to forward the problem to the module
---------
Co-authored-by: Simone Ruffilli <sruffilli@google.com>
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
Co-authored-by: Julio Castillo <jccb@google.com>
* module project-factory: include project in conditional_var context for org policies
* module project-factory: include project and folders in conditional_var context for org policies
- Move project org policies (explicit and factory) to projects-iam invocation.
- Move folder org policies (explicit and factory) to folder-X-iam invocations (levels 1-4).
- Inject folder_ids into projects-iam condition_vars and pass resolved folders.
- Update and regenerate test inventories (example.yaml, simple.yaml, hardened.yaml).
TAG=agy
CONV=e0f45850-ab01-4600-a2b6-4de62465c204
---------
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* Draft terraform_naming_convention
* Two fast/stages fixes for terraform_naming_convention
* Disable terraform_naming_convention for resources for now
* module fixes for terraform_naming_convention
* tfdoc
* Remove "moved" from recipe and needs-fixing
* Fix moved for spoke_ra
* fix tests
* Use default (snake_case) for resources
* factory.terraform_data.project-preconditions
* First-pass migration of resources + tests
* Fix tests/modules/organization
* Require snake_case for variables; Add annotations for _testing
* permit _fast_debug variable
* Fix net_vpc_factory and net_vpc_firewall tests
* tfdoc addons and recipe
* Fix more tests
* Fix some net-global -> net_global tests
---------
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
* Add example "Remote Docker registry with credentials" for artifact-registry
* Add inventory
(cherry picked from commit 903c4c423c0264bf270f1da13245fa01e58163d9)
Add inventory
(cherry picked from commit fd439be6412c2ea281578ee49f61cb3399850521)
---------
Co-authored-by: Julio Castillo <jccb@google.com>
