diff --git a/CHANGELOG.md b/CHANGELOG.md index ddd8b0c982..59e4d371bf 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,15 @@ All notable changes to this project will be documented in this file. ### BLUEPRINTS +- [[#1106](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1106)] Network Dashboard: PSA support for Filestore and Memorystore ([aurelienlegrand](https://github.com/aurelienlegrand)) +- [[#1110](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1110)] Bump cookiejar from 2.1.3 to 2.1.4 in /blueprints/apigee/bigquery-analytics/functions/export ([dependabot[bot]](https://github.com/dependabot[bot])) +- [[#1097](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1097)] Use terraform resource to activate Anthos Service Mesh ([wiktorn](https://github.com/wiktorn)) +- [[#1104](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1104)] Updated apigee hybrid for gke README ([apichick](https://github.com/apichick)) +- [[#1107](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1107)] Check linting for Python dashboard files ([ludoo](https://github.com/ludoo)) +- [[#1102](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1102)] Improvements in apigee hybrid-gke: now using workload identity and GLB ([apichick](https://github.com/apichick)) +- [[#1098](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1098)] Add shared-vpc support on data-playground blueprint ([lcaggio](https://github.com/lcaggio)) +- [[#1095](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1095)] [Data Platform] Fix Table in readme ([lcaggio](https://github.com/lcaggio)) +- [[#1089](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1089)] Update Data Platform ([lcaggio](https://github.com/lcaggio)) - [[#1081](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1081)] Apigee hybrid on GKE ([apichick](https://github.com/apichick)) - [[#1082](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1082)] Fixes in Apigee Bigquery Analytics blueprint ([apichick](https://github.com/apichick)) - [[#1071](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1071)] Moved apigee bigquery analytics blueprint, added apigee network patterns ([apichick](https://github.com/apichick)) @@ -20,6 +29,8 @@ All notable changes to this project will be documented in this file. ### DOCUMENTATION +- [[#1101](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1101)] First batch of testing updates to core modules ([juliocc](https://github.com/juliocc)) +- [[#1089](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1089)] Update Data Platform ([lcaggio](https://github.com/lcaggio)) - [[#1084](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1084)] Fixes in Apigee blueprints README files ([apichick](https://github.com/apichick)) - [[#1081](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1081)] Apigee hybrid on GKE ([apichick](https://github.com/apichick)) - [[#1074](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1074)] Adding new section for Authentication issues ([agutta](https://github.com/agutta)) @@ -28,6 +39,9 @@ All notable changes to this project will be documented in this file. ### FAST +- [[#1118](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1118)] Add missing logging admin role for initial user ([ludoo](https://github.com/ludoo)) +- [[#1099](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1099)] Fix destroy in stage 1 outputs ([ludoo](https://github.com/ludoo)) +- [[#1089](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1089)] Update Data Platform ([lcaggio](https://github.com/lcaggio)) - [[#1085](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1085)] fix restricted services not being added to the perimeter configurations ([drebes](https://github.com/drebes)) - [[#1057](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1057)] Adding new file FAQ and an image ([agutta](https://github.com/agutta)) - [[#1054](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1054)] FAST: fix typo in bootstrap stage README ([agutta](https://github.com/agutta)) @@ -35,6 +49,14 @@ All notable changes to this project will be documented in this file. ### MODULES +- [[#1116](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1116)] Include cloudbuild API in project module ([aymanfarhat](https://github.com/aymanfarhat)) +- [[#1115](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1115)] add new parameters support in apigee module ([blackillzone](https://github.com/blackillzone)) +- [[#1112](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1112)] Add HTTPS frontend with SNEG example ([juliodiez](https://github.com/juliodiez)) +- [[#1097](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1097)] Use terraform resource to activate Anthos Service Mesh ([wiktorn](https://github.com/wiktorn)) +- [[#1101](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1101)] First batch of testing updates to core modules ([juliocc](https://github.com/juliocc)) +- [[#1098](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1098)] Add shared-vpc support on data-playground blueprint ([lcaggio](https://github.com/lcaggio)) +- [[#1096](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1096)] [VPC-SC] Add support for scoped Policies ([lcaggio](https://github.com/lcaggio)) +- [[#1093](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1093)] Added tags to gke-cluster module ([apichick](https://github.com/apichick)) - [[#1078](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1078)] Fixed delete_rule in compute-mig module for stateful disks ([rosmo](https://github.com/rosmo)) - [[#1080](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1080)] Added device_name field to compute-vm attached_disks parameter ([rosmo](https://github.com/rosmo)) - [[#1079](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1079)] Reorder org policy rules ([juliocc](https://github.com/juliocc)) @@ -53,6 +75,8 @@ All notable changes to this project will be documented in this file. ### TOOLS +- [[#1107](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1107)] Check linting for Python dashboard files ([ludoo](https://github.com/ludoo)) +- [[#1101](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1101)] First batch of testing updates to core modules ([juliocc](https://github.com/juliocc)) - [[#1091](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1091)] Fix check_documentation output ([juliocc](https://github.com/juliocc)) - [[#1053](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1053)] Extend inventory-based testing to examples ([juliocc](https://github.com/juliocc)) diff --git a/blueprints/apigee/bigquery-analytics/README.md b/blueprints/apigee/bigquery-analytics/README.md index 361610a7a1..027f28ead8 100644 --- a/blueprints/apigee/bigquery-analytics/README.md +++ b/blueprints/apigee/bigquery-analytics/README.md @@ -60,14 +60,14 @@ Do the following to verify that everything works as expected. |---|---|:---:|:---:|:---:| | [envgroups](variables.tf#L24) | Environment groups (NAME => [HOSTNAMES]). | map(list(string)) | ✓ | | | [environments](variables.tf#L30) | Environments. | map(object({…})) | ✓ | | -| [instances](variables.tf#L45) | Instance. | map(object({…})) | ✓ | | -| [project_id](variables.tf#L91) | Project ID. | string | ✓ | | -| [psc_config](variables.tf#L97) | PSC configuration. | map(string) | ✓ | | +| [instances](variables.tf#L45) | Instance. | map(object({…})) | ✓ | | +| [project_id](variables.tf#L92) | Project ID. | string | ✓ | | +| [psc_config](variables.tf#L98) | PSC configuration. | map(string) | ✓ | | | [datastore_name](variables.tf#L17) | Datastore. | string | | "gcs" | -| [organization](variables.tf#L59) | Apigee organization. | object({…}) | | {…} | -| [path](variables.tf#L75) | Bucket path. | string | | "/analytics" | -| [project_create](variables.tf#L82) | Parameters for the creation of the new project. | object({…}) | | null | -| [vpc_create](variables.tf#L103) | Boolean flag indicating whether the VPC should be created or not. | bool | | true | +| [organization](variables.tf#L60) | Apigee organization. | object({…}) | | {…} | +| [path](variables.tf#L76) | Bucket path. | string | | "/analytics" | +| [project_create](variables.tf#L83) | Parameters for the creation of the new project. | object({…}) | | null | +| [vpc_create](variables.tf#L104) | Boolean flag indicating whether the VPC should be created or not. | bool | | true | ## Outputs diff --git a/blueprints/apigee/bigquery-analytics/main.tf b/blueprints/apigee/bigquery-analytics/main.tf index 8ecca62a85..68e672d254 100644 --- a/blueprints/apigee/bigquery-analytics/main.tf +++ b/blueprints/apigee/bigquery-analytics/main.tf @@ -68,9 +68,12 @@ module "vpc" { region = k }] psa_config = { - ranges = { - for k, v in var.instances : "apigee-${k}" => v.psa_ip_cidr_range - } + ranges = merge({ for k, v in var.instances : + "apigee-runtime-${k}" => v.runtime_ip_cidr_range + }, { for k, v in var.instances : + "apigee-troubleshooting-${k}" => v.troubleshooting_ip_cidr_range + } + ) } } diff --git a/blueprints/apigee/bigquery-analytics/terraform.tfvars.sample b/blueprints/apigee/bigquery-analytics/terraform.tfvars.sample index db4213210f..5a25a9f378 100644 --- a/blueprints/apigee/bigquery-analytics/terraform.tfvars.sample +++ b/blueprints/apigee/bigquery-analytics/terraform.tfvars.sample @@ -15,7 +15,8 @@ instances = { instance-ew1 = { region = "europe-west1" environments = ["apis-test"] - psa_ip_cidr_range = "10.0.4.0/22" + runtime_ip_cidr_range = "10.0.4.0/22" + troubleshooting_ip_cidr_range = "10.1.1.0/28" } } psc_config = { diff --git a/blueprints/apigee/bigquery-analytics/variables.tf b/blueprints/apigee/bigquery-analytics/variables.tf index ba7f5d78ae..1bd6cb0acd 100644 --- a/blueprints/apigee/bigquery-analytics/variables.tf +++ b/blueprints/apigee/bigquery-analytics/variables.tf @@ -45,13 +45,14 @@ variable "environments" { variable "instances" { description = "Instance." type = map(object({ - display_name = optional(string) - description = optional(string) - region = string - environments = list(string) - psa_ip_cidr_range = string - disk_encryption_key = optional(string) - consumer_accept_list = optional(list(string)) + display_name = optional(string) + description = optional(string) + region = string + environments = list(string) + runtime_ip_cidr_range = string + troubleshooting_ip_cidr_range = string + disk_encryption_key = optional(string) + consumer_accept_list = optional(list(string)) })) nullable = false } diff --git a/blueprints/apigee/bigquery-analytics/versions.tf b/blueprints/apigee/bigquery-analytics/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/apigee/bigquery-analytics/versions.tf +++ b/blueprints/apigee/bigquery-analytics/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/README.md b/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/README.md index 21bd9940bc..690458f03c 100644 --- a/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/README.md +++ b/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/README.md @@ -46,18 +46,19 @@ Do the following to verify that everything works as expected. | name | description | type | required | default | |---|---|:---:|:---:|:---:| | [apigee_project_id](variables.tf#L17) | Project ID. | string | ✓ | | -| [billing_account_id](variables.tf#L47) | Parameters for the creation of the new project. | string | ✓ | | -| [hostname](variables.tf#L52) | Host name. | string | ✓ | | -| [onprem_project_id](variables.tf#L57) | Project ID. | string | ✓ | | -| [parent](variables.tf#L75) | Parent (organizations/organizationID or folders/folderID). | string | ✓ | | +| [billing_account_id](variables.tf#L53) | Parameters for the creation of the new project. | string | ✓ | | +| [hostname](variables.tf#L58) | Host name. | string | ✓ | | +| [onprem_project_id](variables.tf#L63) | Project ID. | string | ✓ | | +| [parent](variables.tf#L81) | Parent (organizations/organizationID or folders/folderID). | string | ✓ | | | [apigee_proxy_only_subnet_ip_cidr_range](variables.tf#L23) | Subnet IP CIDR range. | string | | "10.2.1.0/24" | -| [apigee_psa_ip_cidr_range](variables.tf#L29) | Apigee PSA IP CIDR range. | string | | "10.0.4.0/22" | -| [apigee_psc_subnet_ip_cidr_range](variables.tf#L35) | Subnet IP CIDR range. | string | | "10.2.2.0/24" | +| [apigee_psc_subnet_ip_cidr_range](variables.tf#L29) | Subnet IP CIDR range. | string | | "10.2.2.0/24" | +| [apigee_runtime_ip_cidr_range](variables.tf#L35) | Apigee PSA IP CIDR range. | string | | "10.0.4.0/22" | | [apigee_subnet_ip_cidr_range](variables.tf#L41) | Subnet IP CIDR range. | string | | "10.2.0.0/24" | -| [onprem_proxy_only_subnet_ip_cidr_range](variables.tf#L63) | Subnet IP CIDR range. | string | | "10.1.1.0/24" | -| [onprem_subnet_ip_cidr_range](variables.tf#L69) | Subnet IP CIDR range. | string | | "10.1.0.0/24" | -| [region](variables.tf#L80) | Region. | string | | "europe-west1" | -| [zone](variables.tf#L86) | Zone. | string | | "europe-west1-c" | +| [apigee_troubleshooting_ip_cidr_range](variables.tf#L47) | Apigee PSA IP CIDR range. | string | | "10.1.0.0/28" | +| [onprem_proxy_only_subnet_ip_cidr_range](variables.tf#L69) | Subnet IP CIDR range. | string | | "10.1.1.0/24" | +| [onprem_subnet_ip_cidr_range](variables.tf#L75) | Subnet IP CIDR range. | string | | "10.1.0.0/24" | +| [region](variables.tf#L86) | Region. | string | | "europe-west1" | +| [zone](variables.tf#L92) | Zone. | string | | "europe-west1-c" | ## Outputs diff --git a/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/apigee.tf b/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/apigee.tf index 0e4faabfb5..8860e404c6 100644 --- a/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/apigee.tf +++ b/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/apigee.tf @@ -57,7 +57,8 @@ module "apigee_vpc" { }] psa_config = { ranges = { - "apigee" = var.apigee_psa_ip_cidr_range + "apigee-runtime" = var.apigee_runtime_ip_cidr_range + "apigee-troubleshooting" = var.apigee_troubleshooting_ip_cidr_range } } } @@ -79,9 +80,10 @@ module "apigee" { } instances = { instance-1 = { - region = var.region - environments = [local.environment] - psa_ip_cidr_range = var.apigee_psa_ip_cidr_range + region = var.region + environments = [local.environment] + runtime_ip_cidr_range = var.apigee_runtime_ip_cidr_range + troubleshooting_ip_cidr_range = var.apigee_troubleshooting_ip_cidr_range } } endpoint_attachments = { diff --git a/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/variables.tf b/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/variables.tf index 5d28ab9f7a..86a720e70a 100644 --- a/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/variables.tf +++ b/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/variables.tf @@ -26,24 +26,30 @@ variable "apigee_proxy_only_subnet_ip_cidr_range" { default = "10.2.1.0/24" } -variable "apigee_psa_ip_cidr_range" { - description = "Apigee PSA IP CIDR range." - type = string - default = "10.0.4.0/22" -} - variable "apigee_psc_subnet_ip_cidr_range" { description = "Subnet IP CIDR range." type = string default = "10.2.2.0/24" } +variable "apigee_runtime_ip_cidr_range" { + description = "Apigee PSA IP CIDR range." + type = string + default = "10.0.4.0/22" +} + variable "apigee_subnet_ip_cidr_range" { description = "Subnet IP CIDR range." type = string default = "10.2.0.0/24" } +variable "apigee_troubleshooting_ip_cidr_range" { + description = "Apigee PSA IP CIDR range." + type = string + default = "10.1.0.0/28" +} + variable "billing_account_id" { description = "Parameters for the creation of the new project." type = string diff --git a/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/versions.tf b/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/versions.tf +++ b/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/cloud-operations/adfs/versions.tf b/blueprints/cloud-operations/adfs/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/cloud-operations/adfs/versions.tf +++ b/blueprints/cloud-operations/adfs/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/cloud-operations/asset-inventory-feed-remediation/versions.tf b/blueprints/cloud-operations/asset-inventory-feed-remediation/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/cloud-operations/asset-inventory-feed-remediation/versions.tf +++ b/blueprints/cloud-operations/asset-inventory-feed-remediation/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/cloud-operations/dns-fine-grained-iam/versions.tf b/blueprints/cloud-operations/dns-fine-grained-iam/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/cloud-operations/dns-fine-grained-iam/versions.tf +++ b/blueprints/cloud-operations/dns-fine-grained-iam/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/cloud-operations/dns-shared-vpc/versions.tf b/blueprints/cloud-operations/dns-shared-vpc/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/cloud-operations/dns-shared-vpc/versions.tf +++ b/blueprints/cloud-operations/dns-shared-vpc/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/cloud-operations/iam-delegated-role-grants/versions.tf b/blueprints/cloud-operations/iam-delegated-role-grants/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/cloud-operations/iam-delegated-role-grants/versions.tf +++ b/blueprints/cloud-operations/iam-delegated-role-grants/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/cloud-operations/onprem-sa-key-management/versions.tf b/blueprints/cloud-operations/onprem-sa-key-management/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/cloud-operations/onprem-sa-key-management/versions.tf +++ b/blueprints/cloud-operations/onprem-sa-key-management/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/cloud-operations/packer-image-builder/versions.tf b/blueprints/cloud-operations/packer-image-builder/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/cloud-operations/packer-image-builder/versions.tf +++ b/blueprints/cloud-operations/packer-image-builder/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/cloud-operations/quota-monitoring/versions.tf b/blueprints/cloud-operations/quota-monitoring/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/cloud-operations/quota-monitoring/versions.tf +++ b/blueprints/cloud-operations/quota-monitoring/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/cloud-operations/scheduled-asset-inventory-export-bq/versions.tf b/blueprints/cloud-operations/scheduled-asset-inventory-export-bq/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/cloud-operations/scheduled-asset-inventory-export-bq/versions.tf +++ b/blueprints/cloud-operations/scheduled-asset-inventory-export-bq/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/cloud-operations/terraform-enterprise-wif/tfc-workflow-using-wif/tfc-oidc/versions.tf b/blueprints/cloud-operations/terraform-enterprise-wif/tfc-workflow-using-wif/tfc-oidc/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/cloud-operations/terraform-enterprise-wif/tfc-workflow-using-wif/tfc-oidc/versions.tf +++ b/blueprints/cloud-operations/terraform-enterprise-wif/tfc-workflow-using-wif/tfc-oidc/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/data-solutions/cmek-via-centralized-kms/versions.tf b/blueprints/data-solutions/cmek-via-centralized-kms/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/data-solutions/cmek-via-centralized-kms/versions.tf +++ b/blueprints/data-solutions/cmek-via-centralized-kms/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/data-solutions/data-platform-foundations/README.md b/blueprints/data-solutions/data-platform-foundations/README.md index 30cdab8340..b038cfe4b6 100644 --- a/blueprints/data-solutions/data-platform-foundations/README.md +++ b/blueprints/data-solutions/data-platform-foundations/README.md @@ -219,7 +219,7 @@ module "data-platform" { prefix = "myprefix" } -# tftest modules=39 resources=286 +# tftest modules=39 resources=287 ``` ## Customizations diff --git a/blueprints/data-solutions/data-playground/versions.tf b/blueprints/data-solutions/data-playground/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/data-solutions/data-playground/versions.tf +++ b/blueprints/data-solutions/data-playground/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/data-solutions/gcs-to-bq-with-least-privileges/versions.tf b/blueprints/data-solutions/gcs-to-bq-with-least-privileges/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/data-solutions/gcs-to-bq-with-least-privileges/versions.tf +++ b/blueprints/data-solutions/gcs-to-bq-with-least-privileges/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/factories/net-vpc-firewall-yaml/versions.tf b/blueprints/factories/net-vpc-firewall-yaml/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/factories/net-vpc-firewall-yaml/versions.tf +++ b/blueprints/factories/net-vpc-firewall-yaml/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/gke/multitenant-fleet/README.md b/blueprints/gke/multitenant-fleet/README.md index ce14b5a0f2..1e09afaa29 100644 --- a/blueprints/gke/multitenant-fleet/README.md +++ b/blueprints/gke/multitenant-fleet/README.md @@ -115,7 +115,7 @@ module "gke-fleet" { vpc_self_link = "projects/prj-host/global/networks/prod-0" } } -# tftest modules=7 resources=26 +# tftest modules=7 resources=27 ``` ## GKE Fleet @@ -224,7 +224,7 @@ module "gke" { } } -# tftest modules=8 resources=37 +# tftest modules=8 resources=38 ``` diff --git a/blueprints/networking/__need_fixing/nginx-reverse-proxy-cluster/versions.tf b/blueprints/networking/__need_fixing/nginx-reverse-proxy-cluster/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/networking/__need_fixing/nginx-reverse-proxy-cluster/versions.tf +++ b/blueprints/networking/__need_fixing/nginx-reverse-proxy-cluster/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/networking/__need_fixing/onprem-google-access-dns/versions.tf b/blueprints/networking/__need_fixing/onprem-google-access-dns/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/networking/__need_fixing/onprem-google-access-dns/versions.tf +++ b/blueprints/networking/__need_fixing/onprem-google-access-dns/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/networking/decentralized-firewall/versions.tf b/blueprints/networking/decentralized-firewall/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/networking/decentralized-firewall/versions.tf +++ b/blueprints/networking/decentralized-firewall/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/networking/filtering-proxy-psc/versions.tf b/blueprints/networking/filtering-proxy-psc/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/networking/filtering-proxy-psc/versions.tf +++ b/blueprints/networking/filtering-proxy-psc/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/networking/filtering-proxy/versions.tf b/blueprints/networking/filtering-proxy/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/networking/filtering-proxy/versions.tf +++ b/blueprints/networking/filtering-proxy/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/networking/hub-and-spoke-peering/versions.tf b/blueprints/networking/hub-and-spoke-peering/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/networking/hub-and-spoke-peering/versions.tf +++ b/blueprints/networking/hub-and-spoke-peering/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/networking/hub-and-spoke-vpn/versions.tf b/blueprints/networking/hub-and-spoke-vpn/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/networking/hub-and-spoke-vpn/versions.tf +++ b/blueprints/networking/hub-and-spoke-vpn/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/networking/ilb-next-hop/versions.tf b/blueprints/networking/ilb-next-hop/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/networking/ilb-next-hop/versions.tf +++ b/blueprints/networking/ilb-next-hop/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/networking/private-cloud-function-from-onprem/versions.tf b/blueprints/networking/private-cloud-function-from-onprem/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/networking/private-cloud-function-from-onprem/versions.tf +++ b/blueprints/networking/private-cloud-function-from-onprem/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/networking/shared-vpc-gke/versions.tf b/blueprints/networking/shared-vpc-gke/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/networking/shared-vpc-gke/versions.tf +++ b/blueprints/networking/shared-vpc-gke/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/third-party-solutions/openshift/tf/versions.tf b/blueprints/third-party-solutions/openshift/tf/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/third-party-solutions/openshift/tf/versions.tf +++ b/blueprints/third-party-solutions/openshift/tf/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/default-versions.tf b/default-versions.tf index 90b632f6d4..4900174aae 100644 --- a/default-versions.tf +++ b/default-versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/fast/stages/00-bootstrap/README.md b/fast/stages/00-bootstrap/README.md index 6e0e1b5559..889b0bcea8 100644 --- a/fast/stages/00-bootstrap/README.md +++ b/fast/stages/00-bootstrap/README.md @@ -264,6 +264,7 @@ terraform init terraform apply \ -var bootstrap_user=$(gcloud config list --format 'value(core.account)') ``` + > If you see an error related to project name already exists, please make sure the project name is unique or the project was not deleted recently Once the initial `apply` completes successfully, configure a remote backend using the new GCS bucket, and impersonation on the automation service account for this stage. To do this you can use the generated `providers.tf` file if you have configured output files as described above, or extract its contents from Terraform's output, then migrate state with `terraform init`: diff --git a/fast/stages/00-bootstrap/organization.tf b/fast/stages/00-bootstrap/organization.tf index 0700d564e2..33b87820d3 100644 --- a/fast/stages/00-bootstrap/organization.tf +++ b/fast/stages/00-bootstrap/organization.tf @@ -23,9 +23,10 @@ locals { "roles/browser" = [ "domain:${var.organization.domain}" ] - "roles/logging.admin" = [ - module.automation-tf-bootstrap-sa.iam_email - ] + "roles/logging.admin" = concat( + [module.automation-tf-bootstrap-sa.iam_email], + local._iam_bootstrap_user + ) "roles/owner" = local._iam_bootstrap_user "roles/resourcemanager.folderAdmin" = [ module.automation-tf-resman-sa.iam_email diff --git a/modules/__experimental/net-neg/versions.tf b/modules/__experimental/net-neg/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/__experimental/net-neg/versions.tf +++ b/modules/__experimental/net-neg/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/api-gateway/versions.tf b/modules/api-gateway/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/api-gateway/versions.tf +++ b/modules/api-gateway/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/apigee/README.md b/modules/apigee/README.md index fb26c1e727..0f3daa5662 100644 --- a/modules/apigee/README.md +++ b/modules/apigee/README.md @@ -25,14 +25,18 @@ module "apigee" { } environments = { apis-test = { - display_name = "APIs test" - description = "APIs Test" - envgroups = ["test"] + display_name = "APIs test" + description = "APIs Test" + deployment_type = "ARCHIVE" + api_proxy_type = "PROGRAMMABLE" + envgroups = ["test"] } apis-prod = { - display_name = "APIs prod" - description = "APIs prod" - envgroups = ["prod"] + display_name = "APIs prod" + description = "APIs prod" + deployment_type = "PROXY" + api_proxy_type = "CONFIGURABLE" + envgroups = ["prod"] iam = { "roles/viewer" = ["group:devops@myorg.com"] } @@ -40,14 +44,16 @@ module "apigee" { } instances = { instance-test-ew1 = { - region = "europe-west1" - environments = ["apis-test"] - psa_ip_cidr_range = "10.0.4.0/22" + region = "europe-west1" + environments = ["apis-test"] + runtime_ip_cidr_range = "10.0.4.0/22" + troubleshooting_ip_cidr_range = "10.1.1.0.0/28" } instance-prod-ew3 = { - region = "europe-west3" - environments = ["apis-prod"] - psa_ip_cidr_range = "10.0.5.0/22" + region = "europe-west3" + environments = ["apis-prod"] + runtime_ip_cidr_range = "10.0.8.0/22" + troubleshooting_ip_cidr_range = "10.1.16.0/28" } } endpoint_attachments = { @@ -137,9 +143,10 @@ module "apigee" { project_id = "my-project" instances = { instance-test-ew1 = { - region = "europe-west1" - environments = ["apis-test"] - psa_ip_cidr_range = "10.0.4.0/22" + region = "europe-west1" + environments = ["apis-test"] + runtime_ip_cidr_range = "10.0.4.0/22" + troubleshooting_ip_cidr_range = "10.1.1.0/28" } } } @@ -169,12 +176,12 @@ module "apigee" { | name | description | type | required | default | |---|---|:---:|:---:|:---:| -| [project_id](variables.tf#L75) | Project ID. | string | ✓ | | +| [project_id](variables.tf#L78) | Project ID. | string | ✓ | | | [endpoint_attachments](variables.tf#L17) | Endpoint attachments. | map(object({…})) | | null | | [envgroups](variables.tf#L26) | Environment groups (NAME => [HOSTNAMES]). | map(list(string)) | | null | -| [environments](variables.tf#L32) | Environments. | map(object({…})) | | null | -| [instances](variables.tf#L47) | Instances. | map(object({…})) | | null | -| [organization](variables.tf#L61) | Apigee organization. If set to null the organization must already exist. | object({…}) | | null | +| [environments](variables.tf#L32) | Environments. | map(object({…})) | | null | +| [instances](variables.tf#L49) | Instances. | map(object({…})) | | null | +| [organization](variables.tf#L64) | Apigee organization. If set to null the organization must already exist. | object({…}) | | null | ## Outputs diff --git a/modules/apigee/main.tf b/modules/apigee/main.tf index fe34a73829..aa2d076a2f 100644 --- a/modules/apigee/main.tf +++ b/modules/apigee/main.tf @@ -40,10 +40,12 @@ resource "google_apigee_envgroup" "envgroups" { } resource "google_apigee_environment" "environments" { - for_each = local.environments - name = each.key - display_name = each.value.display_name - description = each.value.description + for_each = local.environments + name = each.key + display_name = each.value.display_name + description = each.value.description + deployment_type = each.value.deployment_type + api_proxy_type = each.value.api_proxy_type dynamic "node_config" { for_each = try(each.value.node_config, null) != null ? [""] : [] content { @@ -91,7 +93,7 @@ resource "google_apigee_instance" "instances" { description = each.value.description location = each.value.region org_id = local.org_id - ip_range = each.value.psa_ip_cidr_range + ip_range = "${each.value.runtime_ip_cidr_range},${each.value.troubleshooting_ip_cidr_range}" disk_encryption_key_name = each.value.disk_encryption_key consumer_accept_list = each.value.consumer_accept_list } diff --git a/modules/apigee/variables.tf b/modules/apigee/variables.tf index 266f0d34ed..00961aac2c 100644 --- a/modules/apigee/variables.tf +++ b/modules/apigee/variables.tf @@ -32,8 +32,10 @@ variable "envgroups" { variable "environments" { description = "Environments." type = map(object({ - display_name = optional(string) - description = optional(string, "Terraform-managed") + display_name = optional(string) + description = optional(string, "Terraform-managed") + deployment_type = optional(string) + api_proxy_type = optional(string) node_config = optional(object({ min_node_count = optional(number) max_node_count = optional(number) @@ -47,13 +49,14 @@ variable "environments" { variable "instances" { description = "Instances." type = map(object({ - display_name = optional(string) - description = optional(string, "Terraform-managed") - region = string - environments = list(string) - psa_ip_cidr_range = string - disk_encryption_key = optional(string) - consumer_accept_list = optional(list(string)) + display_name = optional(string) + description = optional(string, "Terraform-managed") + region = string + environments = list(string) + runtime_ip_cidr_range = string + troubleshooting_ip_cidr_range = string + disk_encryption_key = optional(string) + consumer_accept_list = optional(list(string)) })) default = null } diff --git a/modules/apigee/versions.tf b/modules/apigee/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/apigee/versions.tf +++ b/modules/apigee/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/artifact-registry/versions.tf b/modules/artifact-registry/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/artifact-registry/versions.tf +++ b/modules/artifact-registry/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/bigquery-dataset/versions.tf b/modules/bigquery-dataset/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/bigquery-dataset/versions.tf +++ b/modules/bigquery-dataset/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/bigtable-instance/versions.tf b/modules/bigtable-instance/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/bigtable-instance/versions.tf +++ b/modules/bigtable-instance/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/billing-budget/versions.tf b/modules/billing-budget/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/billing-budget/versions.tf +++ b/modules/billing-budget/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/binauthz/versions.tf b/modules/binauthz/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/binauthz/versions.tf +++ b/modules/binauthz/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/cloud-config-container/__need_fixing/onprem/versions.tf b/modules/cloud-config-container/__need_fixing/onprem/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/cloud-config-container/__need_fixing/onprem/versions.tf +++ b/modules/cloud-config-container/__need_fixing/onprem/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/cloud-config-container/coredns/versions.tf b/modules/cloud-config-container/coredns/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/cloud-config-container/coredns/versions.tf +++ b/modules/cloud-config-container/coredns/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/cloud-config-container/cos-generic-metadata/versions.tf b/modules/cloud-config-container/cos-generic-metadata/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/cloud-config-container/cos-generic-metadata/versions.tf +++ b/modules/cloud-config-container/cos-generic-metadata/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/cloud-config-container/envoy-traffic-director/versions.tf b/modules/cloud-config-container/envoy-traffic-director/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/cloud-config-container/envoy-traffic-director/versions.tf +++ b/modules/cloud-config-container/envoy-traffic-director/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/cloud-config-container/mysql/versions.tf b/modules/cloud-config-container/mysql/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/cloud-config-container/mysql/versions.tf +++ b/modules/cloud-config-container/mysql/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/cloud-config-container/nginx-tls/versions.tf b/modules/cloud-config-container/nginx-tls/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/cloud-config-container/nginx-tls/versions.tf +++ b/modules/cloud-config-container/nginx-tls/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/cloud-config-container/nginx/versions.tf b/modules/cloud-config-container/nginx/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/cloud-config-container/nginx/versions.tf +++ b/modules/cloud-config-container/nginx/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/cloud-config-container/simple-nva/versions.tf b/modules/cloud-config-container/simple-nva/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/cloud-config-container/simple-nva/versions.tf +++ b/modules/cloud-config-container/simple-nva/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/cloud-config-container/squid/versions.tf b/modules/cloud-config-container/squid/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/cloud-config-container/squid/versions.tf +++ b/modules/cloud-config-container/squid/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/cloud-function/versions.tf b/modules/cloud-function/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/cloud-function/versions.tf +++ b/modules/cloud-function/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/cloud-identity-group/versions.tf b/modules/cloud-identity-group/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/cloud-identity-group/versions.tf +++ b/modules/cloud-identity-group/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/cloud-run/versions.tf b/modules/cloud-run/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/cloud-run/versions.tf +++ b/modules/cloud-run/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/cloudsql-instance/versions.tf b/modules/cloudsql-instance/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/cloudsql-instance/versions.tf +++ b/modules/cloudsql-instance/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/compute-mig/versions.tf b/modules/compute-mig/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/compute-mig/versions.tf +++ b/modules/compute-mig/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/compute-vm/versions.tf b/modules/compute-vm/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/compute-vm/versions.tf +++ b/modules/compute-vm/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/container-registry/versions.tf b/modules/container-registry/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/container-registry/versions.tf +++ b/modules/container-registry/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/data-catalog-policy-tag/versions.tf b/modules/data-catalog-policy-tag/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/data-catalog-policy-tag/versions.tf +++ b/modules/data-catalog-policy-tag/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/datafusion/versions.tf b/modules/datafusion/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/datafusion/versions.tf +++ b/modules/datafusion/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/dns/versions.tf b/modules/dns/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/dns/versions.tf +++ b/modules/dns/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/endpoints/versions.tf b/modules/endpoints/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/endpoints/versions.tf +++ b/modules/endpoints/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/folder/versions.tf b/modules/folder/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/folder/versions.tf +++ b/modules/folder/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/gcs/versions.tf b/modules/gcs/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/gcs/versions.tf +++ b/modules/gcs/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/gke-cluster/README.md b/modules/gke-cluster/README.md index 0ba75cd617..dabead4fbf 100644 --- a/modules/gke-cluster/README.md +++ b/modules/gke-cluster/README.md @@ -91,38 +91,37 @@ module "cluster-autopilot" { master_ipv4_cidr_block = "192.168.0.0/28" } enable_features = { - autopilot = true + autopilot = true + workload_identity = false } } # tftest modules=1 resources=1 inventory=autopilot.yaml ``` - - ## Variables | name | description | type | required | default | |---|---|:---:|:---:|:---:| -| [location](variables.tf#L117) | Cluster zone or region. | string | ✓ | | -| [name](variables.tf#L174) | Cluster name. | string | ✓ | | -| [project_id](variables.tf#L200) | Cluster project id. | string | ✓ | | -| [vpc_config](variables.tf#L217) | VPC-level configuration. | object({…}) | ✓ | | +| [location](variables.tf#L118) | Cluster zone or region. | string | ✓ | | +| [name](variables.tf#L175) | Cluster name. | string | ✓ | | +| [project_id](variables.tf#L201) | Cluster project id. | string | ✓ | | +| [vpc_config](variables.tf#L218) | VPC-level configuration. | object({…}) | ✓ | | | [cluster_autoscaling](variables.tf#L17) | Enable and configure limits for Node Auto-Provisioning with Cluster Autoscaler. | object({…}) | | null | | [description](variables.tf#L38) | Cluster description. | string | | null | | [enable_addons](variables.tf#L44) | Addons enabled in the cluster (true means enabled). | object({…}) | | {…} | -| [enable_features](variables.tf#L68) | Enable cluster-level features. Certain features allow configuration. | object({…}) | | {…} | -| [issue_client_certificate](variables.tf#L105) | Enable issuing client certificate. | bool | | false | -| [labels](variables.tf#L111) | Cluster resource labels. | map(string) | | null | -| [logging_config](variables.tf#L122) | Logging configuration. | list(string) | | ["SYSTEM_COMPONENTS"] | -| [maintenance_config](variables.tf#L128) | Maintenance window configuration. | object({…}) | | {…} | -| [max_pods_per_node](variables.tf#L151) | Maximum number of pods per node in this cluster. | number | | 110 | -| [min_master_version](variables.tf#L157) | Minimum version of the master, defaults to the version of the most recent official release. | string | | null | -| [monitoring_config](variables.tf#L163) | Monitoring components. | object({…}) | | {…} | -| [node_locations](variables.tf#L179) | Zones in which the cluster's nodes are located. | list(string) | | [] | -| [private_cluster_config](variables.tf#L186) | Private cluster configuration. | object({…}) | | null | -| [release_channel](variables.tf#L205) | Release channel for GKE upgrades. | string | | null | -| [tags](variables.tf#L211) | Network tags applied to nodes. | list(string) | | null | +| [enable_features](variables.tf#L68) | Enable cluster-level features. Certain features allow configuration. | object({…}) | | {…} | +| [issue_client_certificate](variables.tf#L106) | Enable issuing client certificate. | bool | | false | +| [labels](variables.tf#L112) | Cluster resource labels. | map(string) | | null | +| [logging_config](variables.tf#L123) | Logging configuration. | list(string) | | ["SYSTEM_COMPONENTS"] | +| [maintenance_config](variables.tf#L129) | Maintenance window configuration. | object({…}) | | {…} | +| [max_pods_per_node](variables.tf#L152) | Maximum number of pods per node in this cluster. | number | | 110 | +| [min_master_version](variables.tf#L158) | Minimum version of the master, defaults to the version of the most recent official release. | string | | null | +| [monitoring_config](variables.tf#L164) | Monitoring components. | object({…}) | | {…} | +| [node_locations](variables.tf#L180) | Zones in which the cluster's nodes are located. | list(string) | | [] | +| [private_cluster_config](variables.tf#L187) | Private cluster configuration. | object({…}) | | null | +| [release_channel](variables.tf#L206) | Release channel for GKE upgrades. | string | | null | +| [tags](variables.tf#L212) | Network tags applied to nodes. | list(string) | | null | ## Outputs diff --git a/modules/gke-cluster/main.tf b/modules/gke-cluster/main.tf index d529cb4251..f55f46e8e3 100644 --- a/modules/gke-cluster/main.tf +++ b/modules/gke-cluster/main.tf @@ -197,6 +197,13 @@ resource "google_container_cluster" "cluster" { } } + dynamic "gateway_api_config" { + for_each = var.enable_features.gateway_api ? [""] : [] + content { + channel = "CHANNEL_STANDARD" + } + } + maintenance_policy { dynamic "daily_maintenance_window" { for_each = ( diff --git a/modules/gke-cluster/variables.tf b/modules/gke-cluster/variables.tf index 72f7fc14bc..f02ed50470 100644 --- a/modules/gke-cluster/variables.tf +++ b/modules/gke-cluster/variables.tf @@ -80,6 +80,7 @@ variable "enable_features" { key_name = string })) dataplane_v2 = optional(bool, false) + gateway_api = optional(bool, false) groups_for_rbac = optional(string) intranode_visibility = optional(bool, false) l4_ilb_subsetting = optional(bool, false) @@ -95,7 +96,7 @@ variable "enable_features" { topic_id = optional(string) })) vertical_pod_autoscaling = optional(bool, false) - workload_identity = optional(bool, false) + workload_identity = optional(bool, true) }) default = { workload_identity = true diff --git a/modules/gke-cluster/versions.tf b/modules/gke-cluster/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/gke-cluster/versions.tf +++ b/modules/gke-cluster/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/gke-hub/README.md b/modules/gke-hub/README.md index 17d7b427a4..6afcd1c817 100644 --- a/modules/gke-hub/README.md +++ b/modules/gke-hub/README.md @@ -119,7 +119,7 @@ module "hub" { } } -# tftest modules=4 resources=15 +# tftest modules=4 resources=16 ``` ## Multi-cluster mesh on GKE @@ -307,7 +307,7 @@ module "hub" { | [clusters](variables.tf#L17) | Clusters members of this GKE Hub in name => id format. | map(string) | | {} | | [configmanagement_clusters](variables.tf#L24) | Config management features enabled on specific sets of member clusters, in config name => [cluster name] format. | map(list(string)) | | {} | | [configmanagement_templates](variables.tf#L31) | Sets of config management configurations that can be applied to member clusters, in config name => {options} format. | map(object({…})) | | {} | -| [features](variables.tf#L66) | Enable and configue fleet features. | object({…}) | | {…} | +| [features](variables.tf#L66) | Enable and configue fleet features. | object({…}) | | {…} | | [workload_identity_clusters](variables.tf#L92) | Clusters that will use Fleet Workload Identity. | list(string) | | [] | ## Outputs diff --git a/modules/gke-hub/variables.tf b/modules/gke-hub/variables.tf index c7133c07fb..25e3d21d53 100644 --- a/modules/gke-hub/variables.tf +++ b/modules/gke-hub/variables.tf @@ -66,12 +66,12 @@ variable "configmanagement_templates" { variable "features" { description = "Enable and configue fleet features." type = object({ - appdevexperience = bool - configmanagement = bool - identityservice = bool - multiclusteringress = string - multiclusterservicediscovery = bool - servicemesh = bool + appdevexperience = optional(bool, false) + configmanagement = optional(bool, false) + identityservice = optional(bool, false) + multiclusteringress = optional(string, null) + multiclusterservicediscovery = optional(bool, false) + servicemesh = optional(bool, false) }) default = { appdevexperience = false diff --git a/modules/gke-hub/versions.tf b/modules/gke-hub/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/gke-hub/versions.tf +++ b/modules/gke-hub/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/gke-nodepool/versions.tf b/modules/gke-nodepool/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/gke-nodepool/versions.tf +++ b/modules/gke-nodepool/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/iam-service-account/versions.tf b/modules/iam-service-account/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/iam-service-account/versions.tf +++ b/modules/iam-service-account/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/kms/versions.tf b/modules/kms/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/kms/versions.tf +++ b/modules/kms/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/logging-bucket/versions.tf b/modules/logging-bucket/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/logging-bucket/versions.tf +++ b/modules/logging-bucket/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/net-address/versions.tf b/modules/net-address/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/net-address/versions.tf +++ b/modules/net-address/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/net-cloudnat/versions.tf b/modules/net-cloudnat/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/net-cloudnat/versions.tf +++ b/modules/net-cloudnat/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/net-glb/README.md b/modules/net-glb/README.md index 4b6d243508..8cd3f353f6 100644 --- a/modules/net-glb/README.md +++ b/modules/net-glb/README.md @@ -214,6 +214,66 @@ module "glb-0" { } # tftest modules=1 resources=6 ``` +#### Managed Instance Groups + +This example shows how to use the module with a manage instance group as backend: + +```hcl +module "win-template" { + source = "./fabric/modules/compute-vm" + project_id = "myprj" + zone = "europe-west8-a" + name = "win-template" + instance_type = "n2d-standard-2" + create_template = true + boot_disk = { + image = "projects/windows-cloud/global/images/windows-server-2019-dc-v20221214" + type = "pd-balanced" + size = 70 + } + network_interfaces = [{ + network = var.vpc.self_link + subnetwork = var.subnet.self_link + nat = false + addresses = null + }] +} + +module "win-mig" { + source = "./fabric/modules/compute-mig" + project_id = "myprj" + location = "europe-west8-a" + name = "win-mig" + instance_template = module.win-template.template.self_link + autoscaler_config = { + max_replicas = 3 + min_replicas = 1 + cooldown_period = 30 + scaling_signals = { + cpu_utilization = { + target = 0.80 + } + } + } + named_ports = { + http = 80 + } +} + +module "glb-0" { + source = "./fabric/modules/net-glb" + project_id = "myprj" + name = "glb-test-0" + backend_service_configs = { + default = { + backends = [ + { backend = module.win-mig.group_manager.instance_group } + ] + } + } +} +# tftest modules=3 resources=8 +``` #### Storage Buckets @@ -438,6 +498,46 @@ module "glb-0" { # tftest modules=1 resources=5 ``` +Serverless NEGs don't use the port name but it should be set to `http`. An HTTPS frontend requires the protocol to be set to `HTTPS`, and the port name field will infer this value if omitted so you need to set it explicitly: + +```hcl +module "glb-0" { + source = "./fabric/modules/net-glb" + project_id = "myprj" + name = "glb-test-0" + backend_service_configs = { + default = { + backends = [ + { backend = "neg-0" } + ] + health_checks = [] + port_name = "http" + } + } + # with a single serverless NEG the implied default health check is not needed + health_check_configs = {} + neg_configs = { + neg-0 = { + cloudrun = { + region = "europe-west8" + target_service = { + name = "hello" + } + } + } + } + protocol = "HTTPS" + ssl_certificates = { + managed_configs = { + default = { + domains = ["glb-test-0.example.org"] + } + } + } +} +# tftest modules=1 resources=6 inventory=https-sneg.yaml +``` + ### URL Map The module exposes the full URL map resource configuration, with some minor changes to the interface to decrease verbosity, and support for aliasing backend services via keys. @@ -489,7 +589,6 @@ The module also allows managing managed and self-managed SSL certificates via th THe [HTTPS example above](#minimal-https-examples) shows how to configure manage certificated, the following example shows how to use an unmanaged (or self managed) certificate. The example uses Terraform resource for the key and certificate so that the we don't depend on external files when running tests, in real use the key and certificate are generally provided via external files read by the Terraform `file()` function. ```hcl - resource "tls_private_key" "default" { algorithm = "RSA" rsa_bits = 4096 diff --git a/modules/net-glb/versions.tf b/modules/net-glb/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/net-glb/versions.tf +++ b/modules/net-glb/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/net-ilb-l7/versions.tf b/modules/net-ilb-l7/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/net-ilb-l7/versions.tf +++ b/modules/net-ilb-l7/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/net-ilb/versions.tf b/modules/net-ilb/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/net-ilb/versions.tf +++ b/modules/net-ilb/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/net-interconnect-attachment-direct/versions.tf b/modules/net-interconnect-attachment-direct/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/net-interconnect-attachment-direct/versions.tf +++ b/modules/net-interconnect-attachment-direct/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/net-vpc-firewall/versions.tf b/modules/net-vpc-firewall/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/net-vpc-firewall/versions.tf +++ b/modules/net-vpc-firewall/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/net-vpc-peering/versions.tf b/modules/net-vpc-peering/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/net-vpc-peering/versions.tf +++ b/modules/net-vpc-peering/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/net-vpc/versions.tf b/modules/net-vpc/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/net-vpc/versions.tf +++ b/modules/net-vpc/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/net-vpn-dynamic/versions.tf b/modules/net-vpn-dynamic/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/net-vpn-dynamic/versions.tf +++ b/modules/net-vpn-dynamic/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/net-vpn-ha/versions.tf b/modules/net-vpn-ha/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/net-vpn-ha/versions.tf +++ b/modules/net-vpn-ha/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/net-vpn-static/versions.tf b/modules/net-vpn-static/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/net-vpn-static/versions.tf +++ b/modules/net-vpn-static/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/organization/versions.tf b/modules/organization/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/organization/versions.tf +++ b/modules/organization/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/project/service-accounts.tf b/modules/project/service-accounts.tf index abf34cae02..1979958ba2 100644 --- a/modules/project/service-accounts.tf +++ b/modules/project/service-accounts.tf @@ -45,6 +45,8 @@ locals { # TODO: jit? gke-mcs = "service-%s@gcp-sa-mcsd" monitoring-notifications = "service-%s@gcp-sa-monitoring-notification" + multicluster-ingress = "service-%s@gcp-sa-multiclusteringress" + multicluster-discovery = "service-%s@gcp-sa-mcsd" notebooks = "service-%s@gcp-sa-notebooks" pubsub = "service-%s@gcp-sa-pubsub" secretmanager = "service-%s@gcp-sa-secretmanager" @@ -73,9 +75,11 @@ locals { "artifactregistry.googleapis.com", "cloudasset.googleapis.com", "gkehub.googleapis.com", + "multiclusteringress.googleapis.com", "pubsub.googleapis.com", "secretmanager.googleapis.com", - "sqladmin.googleapis.com" + "sqladmin.googleapis.com", + "cloudbuild.googleapis.com", ] service_accounts_cmek_service_keys = distinct(flatten([ for s in keys(var.service_encryption_key_ids) : [ diff --git a/modules/project/versions.tf b/modules/project/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/project/versions.tf +++ b/modules/project/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/projects-data-source/versions.tf b/modules/projects-data-source/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/projects-data-source/versions.tf +++ b/modules/projects-data-source/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/pubsub/versions.tf b/modules/pubsub/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/pubsub/versions.tf +++ b/modules/pubsub/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/secret-manager/versions.tf b/modules/secret-manager/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/secret-manager/versions.tf +++ b/modules/secret-manager/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/service-directory/versions.tf b/modules/service-directory/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/service-directory/versions.tf +++ b/modules/service-directory/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/source-repository/versions.tf b/modules/source-repository/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/source-repository/versions.tf +++ b/modules/source-repository/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/vpc-sc/versions.tf b/modules/vpc-sc/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/vpc-sc/versions.tf +++ b/modules/vpc-sc/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/tests/blueprints/apigee/bigquery-analytics/basic.tfvars b/tests/blueprints/apigee/bigquery-analytics/basic.tfvars index 8a650b56e2..2f9315a439 100644 --- a/tests/blueprints/apigee/bigquery-analytics/basic.tfvars +++ b/tests/blueprints/apigee/bigquery-analytics/basic.tfvars @@ -13,9 +13,10 @@ environments = { } instances = { instance-ew1 = { - region = "europe-west1" - environments = ["apis-test"] - psa_ip_cidr_range = "10.0.4.0/22" + region = "europe-west1" + environments = ["apis-test"] + runtime_ip_cidr_range = "10.0.4.0/22" + troubleshooting_ip_cidr_range = "10.1.0.0/28" } } psc_config = { diff --git a/tests/blueprints/apigee/bigquery-analytics/basic.yaml b/tests/blueprints/apigee/bigquery-analytics/basic.yaml index 2b044dcb6a..691af456b1 100644 --- a/tests/blueprints/apigee/bigquery-analytics/basic.yaml +++ b/tests/blueprints/apigee/bigquery-analytics/basic.yaml @@ -14,4 +14,4 @@ counts: modules: 9 - resources: 60 + resources: 62 diff --git a/tests/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/basic.yaml b/tests/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/basic.yaml index ef1fa1e009..de461ff2ea 100644 --- a/tests/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/basic.yaml +++ b/tests/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/basic.yaml @@ -14,4 +14,4 @@ counts: modules: 13 - resources: 72 + resources: 73 diff --git a/tests/blueprints/cloud_operations/asset_inventory_feed_remediation/test_plan.py b/tests/blueprints/cloud_operations/asset_inventory_feed_remediation/test_plan.py index df03e144f0..497af6be59 100644 --- a/tests/blueprints/cloud_operations/asset_inventory_feed_remediation/test_plan.py +++ b/tests/blueprints/cloud_operations/asset_inventory_feed_remediation/test_plan.py @@ -16,4 +16,4 @@ def test_resources(e2e_plan_runner): "Test that plan works and the numbers of resources is as expected." modules, resources = e2e_plan_runner() assert len(modules) == 6 - assert len(resources) == 18 + assert len(resources) == 19 diff --git a/tests/blueprints/cloud_operations/scheduled_asset_inventory_export_bq/test_plan.py b/tests/blueprints/cloud_operations/scheduled_asset_inventory_export_bq/test_plan.py index c5394839de..3bcc634406 100644 --- a/tests/blueprints/cloud_operations/scheduled_asset_inventory_export_bq/test_plan.py +++ b/tests/blueprints/cloud_operations/scheduled_asset_inventory_export_bq/test_plan.py @@ -16,4 +16,4 @@ def test_resources(e2e_plan_runner): "Test that plan works and the numbers of resources is as expected." modules, resources = e2e_plan_runner() assert len(modules) == 7 - assert len(resources) == 29 + assert len(resources) == 30 diff --git a/tests/blueprints/cloud_operations/unmanaged_instances_healthcheck/test_plan.py b/tests/blueprints/cloud_operations/unmanaged_instances_healthcheck/test_plan.py index c79be049e8..b1f0fba3ca 100644 --- a/tests/blueprints/cloud_operations/unmanaged_instances_healthcheck/test_plan.py +++ b/tests/blueprints/cloud_operations/unmanaged_instances_healthcheck/test_plan.py @@ -16,4 +16,4 @@ def test_resources(e2e_plan_runner): "Test that plan works and the numbers of resources is as expected." modules, resources = e2e_plan_runner() assert len(modules) == 10 - assert len(resources) == 31 + assert len(resources) == 32 diff --git a/tests/blueprints/data_solutions/data_platform_foundations/test_plan.py b/tests/blueprints/data_solutions/data_platform_foundations/test_plan.py index 17563647c1..93961b5e8b 100644 --- a/tests/blueprints/data_solutions/data_platform_foundations/test_plan.py +++ b/tests/blueprints/data_solutions/data_platform_foundations/test_plan.py @@ -22,4 +22,4 @@ def test_resources(e2e_plan_runner): "Test that plan works and the numbers of resources is as expected." modules, resources = e2e_plan_runner(FIXTURES_DIR) assert len(modules) == 38 - assert len(resources) == 285 + assert len(resources) == 286 diff --git a/tests/blueprints/gke/binauthz/test_plan.py b/tests/blueprints/gke/binauthz/test_plan.py index cf012c0615..b4437b6f3d 100644 --- a/tests/blueprints/gke/binauthz/test_plan.py +++ b/tests/blueprints/gke/binauthz/test_plan.py @@ -16,4 +16,4 @@ def test_resources(e2e_plan_runner): "Test that plan works and the numbers of resources is as expected." modules, resources = e2e_plan_runner() assert len(modules) == 13 - assert len(resources) == 43 + assert len(resources) == 44 diff --git a/tests/blueprints/gke/multitenant_fleet/test_plan.py b/tests/blueprints/gke/multitenant_fleet/test_plan.py index 2b94b766f7..c8a8369496 100644 --- a/tests/blueprints/gke/multitenant_fleet/test_plan.py +++ b/tests/blueprints/gke/multitenant_fleet/test_plan.py @@ -17,4 +17,4 @@ def test_resources(e2e_plan_runner): "Test that plan works and the numbers of resources is as expected." modules, resources = e2e_plan_runner() assert len(modules) == 4 - assert len(resources) == 22 + assert len(resources) == 23 diff --git a/tests/blueprints/networking/private_cloud_function_from_onprem/test_plan.py b/tests/blueprints/networking/private_cloud_function_from_onprem/test_plan.py index 2b3f8d7f77..81225db364 100644 --- a/tests/blueprints/networking/private_cloud_function_from_onprem/test_plan.py +++ b/tests/blueprints/networking/private_cloud_function_from_onprem/test_plan.py @@ -16,4 +16,4 @@ def test_resources(e2e_plan_runner): "Test that plan works and the numbers of resources is as expected." modules, resources = e2e_plan_runner() assert len(modules) == 10 - assert len(resources) == 38 + assert len(resources) == 39 diff --git a/tests/blueprints/serverless/api_gateway/test_plan.py b/tests/blueprints/serverless/api_gateway/test_plan.py index 6cf48a87ba..9d658398ec 100644 --- a/tests/blueprints/serverless/api_gateway/test_plan.py +++ b/tests/blueprints/serverless/api_gateway/test_plan.py @@ -16,4 +16,4 @@ def test_resources(e2e_plan_runner): "Test that plan works and the numbers of resources is as expected." modules, resources = e2e_plan_runner() assert len(modules) == 7 - assert len(resources) == 31 + assert len(resources) == 32 diff --git a/tests/fast/stages/s00_bootstrap/simple.yaml b/tests/fast/stages/s00_bootstrap/simple.yaml index 703b84b456..ed0d773808 100644 --- a/tests/fast/stages/s00_bootstrap/simple.yaml +++ b/tests/fast/stages/s00_bootstrap/simple.yaml @@ -24,7 +24,7 @@ counts: google_project_iam_binding: 9 google_project_iam_member: 1 google_project_service: 29 - google_project_service_identity: 2 + google_project_service_identity: 3 google_service_account: 3 google_service_account_iam_binding: 3 google_storage_bucket: 4 diff --git a/tests/modules/apigee/fixture/test.all.tfvars b/tests/modules/apigee/fixture/test.all.tfvars index d0c29921ca..9eb337b748 100644 --- a/tests/modules/apigee/fixture/test.all.tfvars +++ b/tests/modules/apigee/fixture/test.all.tfvars @@ -29,14 +29,16 @@ environments = { } instances = { instance-test-ew1 = { - region = "europe-west1" - environments = ["apis-test"] - psa_ip_cidr_range = "10.0.4.0/22" + region = "europe-west1" + environments = ["apis-test"] + runtime_ip_cidr_range = "10.0.4.0/22" + troubleshooting_ip_cidr_range = "10.1.0.0/28" } instance-prod-ew3 = { - region = "europe-west3" - environments = ["apis-prod"] - psa_ip_cidr_range = "10.0.5.0/22" + region = "europe-west3" + environments = ["apis-prod"] + runtime_ip_cidr_range = "10.0.6.0/22" + troubleshooting_ip_cidr_range = "10.1.0.16/28" } } endpoint_attachments = { diff --git a/tests/modules/apigee/fixture/test.env_only_with_api_proxy_type.tfvars b/tests/modules/apigee/fixture/test.env_only_with_api_proxy_type.tfvars new file mode 100644 index 0000000000..2a9164bf48 --- /dev/null +++ b/tests/modules/apigee/fixture/test.env_only_with_api_proxy_type.tfvars @@ -0,0 +1,13 @@ +project_id = "my-project" +environments = { + apis-test = { + display_name = "APIs test" + description = "APIs Test" + api_proxy_type = "PROGRAMMABLE" + envgroups = ["test"] + node_config = { + min_node_count = 2 + max_node_count = 5 + } + } +} diff --git a/tests/modules/apigee/fixture/test.env_only_with_deployment_type.tfvars b/tests/modules/apigee/fixture/test.env_only_with_deployment_type.tfvars new file mode 100644 index 0000000000..48ef24e681 --- /dev/null +++ b/tests/modules/apigee/fixture/test.env_only_with_deployment_type.tfvars @@ -0,0 +1,13 @@ +project_id = "my-project" +environments = { + apis-test = { + display_name = "APIs test" + description = "APIs Test" + deployment_type = "ARCHIVE" + envgroups = ["test"] + node_config = { + min_node_count = 2 + max_node_count = 5 + } + } +} diff --git a/tests/modules/apigee/fixture/test.instance_only.tfvars b/tests/modules/apigee/fixture/test.instance_only.tfvars index 3d3eb1be1b..d9399bfa91 100644 --- a/tests/modules/apigee/fixture/test.instance_only.tfvars +++ b/tests/modules/apigee/fixture/test.instance_only.tfvars @@ -1,8 +1,9 @@ project_id = "my-project" instances = { instance-test-ew1 = { - region = "europe-west1" - environments = ["apis-test"] - psa_ip_cidr_range = "10.0.4.0/22" + region = "europe-west1" + environments = ["apis-test"] + runtime_ip_cidr_range = "10.0.4.0/22" + troubleshooting_ip_cidr_range = "10.1.1.0.0/28" } -} \ No newline at end of file +} diff --git a/tests/modules/apigee/fixture/variables.tf b/tests/modules/apigee/fixture/variables.tf index 266f0d34ed..00961aac2c 100644 --- a/tests/modules/apigee/fixture/variables.tf +++ b/tests/modules/apigee/fixture/variables.tf @@ -32,8 +32,10 @@ variable "envgroups" { variable "environments" { description = "Environments." type = map(object({ - display_name = optional(string) - description = optional(string, "Terraform-managed") + display_name = optional(string) + description = optional(string, "Terraform-managed") + deployment_type = optional(string) + api_proxy_type = optional(string) node_config = optional(object({ min_node_count = optional(number) max_node_count = optional(number) @@ -47,13 +49,14 @@ variable "environments" { variable "instances" { description = "Instances." type = map(object({ - display_name = optional(string) - description = optional(string, "Terraform-managed") - region = string - environments = list(string) - psa_ip_cidr_range = string - disk_encryption_key = optional(string) - consumer_accept_list = optional(list(string)) + display_name = optional(string) + description = optional(string, "Terraform-managed") + region = string + environments = list(string) + runtime_ip_cidr_range = string + troubleshooting_ip_cidr_range = string + disk_encryption_key = optional(string) + consumer_accept_list = optional(list(string)) })) default = null } diff --git a/tests/modules/apigee/test_plan.py b/tests/modules/apigee/test_plan.py index e693ddbb29..d16ef2963b 100644 --- a/tests/modules/apigee/test_plan.py +++ b/tests/modules/apigee/test_plan.py @@ -54,6 +54,18 @@ def test_env_only(plan_runner): 'google_apigee_envgroup_attachment.envgroup_attachments': 1, } +def test_env_only_with_deployment_type(plan_runner): + "Test that creates an environment in an existing environment group, with deployment_type set." + _, resources = plan_runner(tf_var_file='test.env_only_with_deployment_type.tfvars') + assert [r['values'].get('deployment_type') for r in resources + ] == [None, 'ARCHIVE'] + +def test_env_only_with_api_proxy_type(plan_runner): + "Test that creates an environment in an existing environment group, with api_proxy_type set." + _, resources = plan_runner(tf_var_file='test.env_only_with_api_proxy_type.tfvars') + assert [r['values'].get('api_proxy_type') for r in resources + ] == [None, 'PROGRAMMABLE'] + def test_instance_only(plan_runner): "Test that creates only an instance." _, resources = plan_runner(tf_var_file='test.instance_only.tfvars') diff --git a/tests/modules/gke_hub/test_plan.py b/tests/modules/gke_hub/test_plan.py index 51258c8316..8a71d12b57 100644 --- a/tests/modules/gke_hub/test_plan.py +++ b/tests/modules/gke_hub/test_plan.py @@ -61,6 +61,7 @@ def test_configmanagement_setup(resources): 'sync_wait_secs': None }], + 'oci': [], 'prevent_drift': False, 'source_format': 'hierarchy' }], diff --git a/tests/modules/gke_nodepool/examples/config.yaml b/tests/modules/gke_nodepool/examples/config.yaml index fc1682a826..858e5ca58c 100644 --- a/tests/modules/gke_nodepool/examples/config.yaml +++ b/tests/modules/gke_nodepool/examples/config.yaml @@ -15,8 +15,7 @@ values: module.cluster-1-nodepool-1.google_container_node_pool.nodepool: autoscaling: - - location_policy: null - max_node_count: 10 + - max_node_count: 10 min_node_count: 1 total_max_node_count: null total_min_node_count: null diff --git a/tests/modules/net_glb/examples/https-sneg.yaml b/tests/modules/net_glb/examples/https-sneg.yaml new file mode 100644 index 0000000000..fa0823cbff --- /dev/null +++ b/tests/modules/net_glb/examples/https-sneg.yaml @@ -0,0 +1,35 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.glb-0.google_compute_backend_service.default["default"]: + port_name: http + protocol: HTTPS + module.glb-0.google_compute_global_forwarding_rule.default: + load_balancing_scheme: EXTERNAL + port_range: '443' + module.glb-0.google_compute_region_network_endpoint_group.serverless["neg-0"]: + cloud_run: + - service: hello + tag: null + url_mask: null + +counts: + google_compute_backend_service: 1 + google_compute_global_forwarding_rule: 1 + google_compute_managed_ssl_certificate: 1 + google_compute_region_network_endpoint_group: 1 + google_compute_target_https_proxy: 1 + google_compute_url_map: 1 +