kovagoadi/hunfabric
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
494ecba5118bb9673a24eb3d49fb01ccee80ae19
hunfabric/tests/modules/net_vpc_factory/examples/example.yaml
Simone Ruffilli 494ecba511 Refactor subnets mgmt in net-vpc-factory (#3715) 
Refactor subnets mgmt in net-vpc-factory

This commit removes the ability to define subnets inline within the VPC `.config.yaml` across `net-vpc-factory` and enforces file-based subnet definitions using the `subnets/` subdirectory pattern.

Key changes include:
- **Module Updates:** Removed standard and non-standard inline subnet arguments (`subnets`, `subnets_private_nat`, `subnets_proxy_only`, `subnets_psc`) from the factory module's internal `vpcs` instantiation.
- **Schema & Docs:** Renamed `vpc.schema.json` to `vpc-factory.schema.json`, stripping inline subnet definitions from the JSON schema, and updated the module `README.md` to reflect the new file-based only approach.
- **Stage 2 Networking Configs:** Refactored datasets to migrate inline `subnets_proxy_only` definitions into standalone files like `subnets/prod-proxy.yaml`. Added a new exported output `subnet_ips` for downstream usage.

<!--
**Breaking Changes**

```upgrade-note
`fast/stages/2-networking`: Proxy-only subnets have been renamed for consistency - unfortunately this results in a nasty create-before-destroy which needs to be handled manually (i.e. delete the existing proxy-only-subnet first, either manually or with a targeted apply, then apply again)
```
-->
2026-02-09 10:51:43 +00:00

121 lines
3.7 KiB
YAML
Raw Blame History

# Copyright 2024 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
values:
module.net-vpc-factory.module.firewall["data-vpc-0"].google_compute_firewall.custom-rules["allow-iap"]:
allow:
- ports:
- "22"
protocol: tcp
deny: []
description: Allow IAP for SSH
direction: INGRESS
disabled: false
log_config: []
name: allow-iap
network: data-vpc-0
params: []
priority: 1000
project: my-host-project-id
source_ranges:
- 35.235.240.0/20
source_service_accounts: null
source_tags: null
target_service_accounts: null
target_tags:
- ssh
timeouts: null
module.net-vpc-factory.module.vpcs["data-vpc-0"].google_compute_network.network[0]:
auto_create_subnetworks: true
delete_bgp_always_compare_med: false
delete_default_routes_on_create: true
description: Terraform managed
enable_ula_internal_ipv6: null
name: data-vpc-0
network_firewall_policy_enforcement_order: AFTER_CLASSIC_FIREWALL
network_profile: null
params: []
project: my-host-project-id
routing_mode: GLOBAL
timeouts: null
module.net-vpc-factory.module.vpcs["data-vpc-0"].google_compute_route.gateway["directpath-googleapis"]:
description: Terraform-managed.
dest_range: 34.126.0.0/18
name: data-vpc-0-directpath-googleapis
network: data-vpc-0
next_hop_gateway: default-internet-gateway
next_hop_ilb: null
next_hop_instance: null
next_hop_vpn_tunnel: null
params: []
priority: 1000
project: my-host-project-id
tags: null
timeouts: null
module.net-vpc-factory.module.vpcs["data-vpc-0"].google_compute_route.gateway["private-googleapis"]:
description: Terraform-managed.
dest_range: 199.36.153.8/30
name: data-vpc-0-private-googleapis
network: data-vpc-0
next_hop_gateway: default-internet-gateway
next_hop_ilb: null
next_hop_instance: null
next_hop_vpn_tunnel: null
params: []
priority: 1000
project: my-host-project-id
tags: null
timeouts: null
module.net-vpc-factory.module.vpcs["data-vpc-0"].google_compute_route.gateway["restricted-googleapis"]:
description: Terraform-managed.
dest_range: 199.36.153.4/30
name: data-vpc-0-restricted-googleapis
network: data-vpc-0
next_hop_gateway: default-internet-gateway
next_hop_ilb: null
next_hop_instance: null
next_hop_vpn_tunnel: null
params: []
priority: 1000
project: my-host-project-id
tags: null
timeouts: null
module.net-vpc-factory.module.vpcs["data-vpc-0"].google_compute_subnetwork.subnetwork["europe-west1/primary-subnet"]:
description: Primary subnet for data-vpc-0
ip_cidr_range: 10.10.0.0/24
ip_collection: null
ipv6_access_type: null
log_config: []
name: primary-subnet
network: data-vpc-0
params: []
private_ip_google_access: true
project: my-host-project-id
region: europe-west1
reserved_internal_range: null
resolve_subnet_mask: null
role: null
send_secondary_ip_range_if_empty: true
timeouts: null
counts:
google_compute_firewall: 1
google_compute_network: 1
google_compute_route: 3
google_compute_subnetwork: 1
modules: 3
resources: 6
outputs: {}
Reference in New Issue View Git Blame Copy Permalink