kovagoadi/hunfabric
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
90360c591ec1055471cd7d4f8605170a57dd9f52
hunfabric/modules/dataform-repository
History
Jason Steenblik 90360c591e Add confidential compute support to google_dataproc_cluster in the da… (#2736) 
* Add confidential compute support to google_dataproc_cluster in the dataproc module

* fix parent id lookup for networking and security stages (#2744)

* Add optional automated MD5 generation in net-vlan-attachment module (#2745)

* Bump path-to-regexp and express in /blueprints/gke/binauthz/image (#2749)

Bumps [path-to-regexp](https://github.com/pillarjs/path-to-regexp) to 0.1.12 and updates ancestor dependency [express](https://github.com/expressjs/express). These dependencies need to be updated together.


Updates `path-to-regexp` from 0.1.10 to 0.1.12
- [Release notes](https://github.com/pillarjs/path-to-regexp/releases)
- [Changelog](https://github.com/pillarjs/path-to-regexp/blob/master/History.md)
- [Commits](https://github.com/pillarjs/path-to-regexp/compare/v0.1.10...v0.1.12)

Updates `express` from 4.21.1 to 4.21.2
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/4.21.2/History.md)
- [Commits](https://github.com/expressjs/express/compare/4.21.1...4.21.2)

---
updated-dependencies:
- dependency-name: path-to-regexp
  dependency-type: indirect
- dependency-name: express
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Add ability to autogenerate md5 keys in net-vpn-ha (#2748)

* Add ability to optionally generate MD5 secrets in VPN module

* Add ability to autogenerate MD5 keys in net-vpn-ha module

* restore missing output

* fix test counts

---------

Co-authored-by: Luca Prete <lucaprete@google.com>
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>

* update changelog

* Bump path-to-regexp and express (#2752)

Bumps [path-to-regexp](https://github.com/pillarjs/path-to-regexp) and [express](https://github.com/expressjs/express). These dependencies needed to be updated together.

Updates `path-to-regexp` from 0.1.10 to 0.1.12
- [Release notes](https://github.com/pillarjs/path-to-regexp/releases)
- [Changelog](https://github.com/pillarjs/path-to-regexp/blob/master/History.md)
- [Commits](https://github.com/pillarjs/path-to-regexp/compare/v0.1.10...v0.1.12)

Updates `express` from 4.21.1 to 4.21.2
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/4.21.2/History.md)
- [Commits](https://github.com/expressjs/express/compare/4.21.1...4.21.2)

---
updated-dependencies:
- dependency-name: path-to-regexp
  dependency-type: indirect
- dependency-name: express
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* add support for routing mode to net-swp module (#2751)

Co-authored-by: Julio Castillo <jccb@google.com>

* remove default location in tag value - cloud-run-v2 tags.tf (#2755)

The Parent resource has a default to europe-west1 when it should be for the resource block from where the cloud run actually is.

Changed to use the var.region instead

* Add path_template_match and path_template_rewrite support to net-lb-app-ext (required for React apps for example).

* Add rest of load balancers.

* Add path_template_match and path_template_rewrite support to internal load balancers

* Add disk encyption key to the google_compute_instance_template - Sovereign support (#2750)

* add disk encyption key to the google_compute_instance_template

* add a condition to the kms_key_self_link

* use dynamic variable for disk_encryption_key

* remove the getpip from the repo

---------

Co-authored-by: Julio Castillo <jccb@google.com>
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>

* Add support for password validation policy to cloudsql module (#2740)

* add support for password validation policy to cloudsql module

* fix defaults

* update changelog

* bump provider version constraint

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
Co-authored-by: Luca Prete <preteluca@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Luca Prete <lucaprete@google.com>
Co-authored-by: Julio Castillo <jccb@google.com>
Co-authored-by: Matthew Callinan <47421139+Mattible@users.noreply.github.com>
Co-authored-by: Taneli Leppä <taneli@google.com>
Co-authored-by: Wiktor Niesiobędzki <wiktorn@google.com>
Co-authored-by: Kovács Dávid <david-kovacs@t-systems.com>
2024-12-10 16:39:48 +01:00
..
iam.tf
Marcwo/dataform module (#2001)
2024-01-24 17:13:21 +01:00
main.tf
Marcwo/dataform module (#2001)
2024-01-24 17:13:21 +01:00
README.md
Updating cloud-run-v2 terraform and some typos (#2201)
2024-04-07 09:49:07 +00:00
variables.tf
Marcwo/dataform module (#2001)
2024-01-24 17:13:21 +01:00
versions.tf
Add confidential compute support to google_dataproc_cluster in the da… (#2736)
2024-12-10 16:39:48 +01:00

README.md

Google Cloud Dataform Repository module

This module allows managing a dataform repository, allows adding IAM permissions. Also enables attaching a remote repository.

TODO

[] Add validation rules to variable.

Examples

Simple dataform repository with access configuration

Simple dataform repository and specifying repository access via the IAM variable.

module "dataform" {
  source     = "./fabric/modules/dataform-repository"
  project_id = "my-project"
  name       = "my-repository"
  region     = "europe-west1"
  iam = {
    "roles/dataform.editor" = ["user:user1@example.org"]
  }
}
# tftest modules=1 resources=2

Repository with an attached remote repository

This creates a dataform repository with a remote repository attached to it. In order to enable dataform to communicate with a 3P GIT provider, an access token must be generated and stored as a secret on GCP. For that, we utilize the existing secret-manager module.

module "secret" {
  source     = "./fabric/modules/secret-manager"
  project_id = "fast-bi-fabric"
  secrets = {
    my-secret = {
    }
  }
  versions = {
    my-secret = {
      v1 = { enabled = true, data = "MYTOKEN" }
    }
  }
}

module "dataform" {
  source     = "./fabric/modules/dataform-repository"
  project_id = "fast-bi-fabric"
  name       = "my-repository"
  region     = "europe-west1"
  remote_repository_settings = {
    url         = "my-url"
    secret_name = "my-secret"
    token       = module.secret.version_ids["my-secret:v1"]
  }
}
# tftest modules=2 resources=3

Variables

name description type required default
name Name of the dataform repository. string
project_id Id of the project where resources will be created. string
region The repository's region. string
iam IAM bindings in {ROLE => [MEMBERS]} format. Mutually exclusive with the access_* variables used for basic roles. map(list(string)) {}
iam_bindings Authoritative IAM bindings in {KEY => {role = ROLE, members = [], condition = {}}}. Keys are arbitrary. map(object({…})) {}
iam_bindings_additive Keyring individual additive IAM bindings. Keys are arbitrary. map(object({…})) {}
remote_repository_settings Remote settings required to attach the repository to a remote repository. object({…}) null
service_account Service account used to execute the dataform workflow. string ""