From 92b5b1f86b47d7caf645dafc455eaabab5c52d9b Mon Sep 17 00:00:00 2001 From: eliamaldini Date: Fri, 13 Jan 2023 17:56:12 +0100 Subject: [PATCH 01/26] Added GLB example with MIG as backend --- modules/net-glb/README.md | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/modules/net-glb/README.md b/modules/net-glb/README.md index 4b6d243508..b8286fcbdf 100644 --- a/modules/net-glb/README.md +++ b/modules/net-glb/README.md @@ -214,6 +214,33 @@ module "glb-0" { } # tftest modules=1 resources=6 ``` +#### Managed Instance Groups + +This example shows how to use the module with a manage instance group as backend: + +```hcl +module "glb-0" { + source = "./fabric/modules/net-glb" + project_id = "myprj" + name = "glb-test-0" + + + backend_service_configs = { + default = { + backends = [ + { backend = "projects/myprj/regions/europe-west8/instanceGroups/mig-a" } + ] + } + } + + health_check_configs = { + default = { + tcp = { port = 80 } + } + } +} +# tftest modules=1 resources=5 +``` #### Storage Buckets From 6d8cd928ed2535cebfbb86ede16b926afd8c4f22 Mon Sep 17 00:00:00 2001 From: eliamaldini Date: Wed, 18 Jan 2023 11:07:02 +0100 Subject: [PATCH 02/26] Added an example with a MIG --- modules/net-glb/README.md | 48 +++++++++++++++++++++++++++++++++++++-- 1 file changed, 46 insertions(+), 2 deletions(-) diff --git a/modules/net-glb/README.md b/modules/net-glb/README.md index b8286fcbdf..3d2269a0a8 100644 --- a/modules/net-glb/README.md +++ b/modules/net-glb/README.md @@ -219,6 +219,50 @@ module "glb-0" { This example shows how to use the module with a manage instance group as backend: ```hcl +module "win-template" { + source = "./fabric/modules/compute-vm" + project_id = "myprj" + zone = "europe-west8-a" + name = "win-template" + + instance_type = "n2d-standard-2" + + network_interfaces = [{ + network = var.vpc.self_link + subnetwork = var.subnet.self_link + nat = false + addresses = null + }] + + boot_disk = { + image = "projects/windows-cloud/global/images/windows-server-2019-dc-v20221214" + type = "pd-balanced" + size = 70 + } + + create_template = true +} + +module "win-mig" { + source = "./fabric/modules/compute-mig" + project_id = "myprj" + location = "europe-west8-a" + name = "win-mig" + + instance_template = module.win-template.template.self_link + + autoscaler_config = { + max_replicas = 3 + min_replicas = 1 + cooldown_period = 30 + scaling_signals = { + cpu_utilization = { + target = 0.80 + } + } + } +} + module "glb-0" { source = "./fabric/modules/net-glb" project_id = "myprj" @@ -228,7 +272,7 @@ module "glb-0" { backend_service_configs = { default = { backends = [ - { backend = "projects/myprj/regions/europe-west8/instanceGroups/mig-a" } + { backend = module.win-mig.group_manager.instance_group } ] } } @@ -239,7 +283,7 @@ module "glb-0" { } } } -# tftest modules=1 resources=5 +# tftest modules=3 resources=8 ``` #### Storage Buckets From e780b7f98ccb8c1daa33b3a4f5bb61e360f93136 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 24 Jan 2023 15:07:11 +0000 Subject: [PATCH 03/26] Bump cookiejar in /blueprints/apigee/bigquery-analytics/functions/export (#1110) Bumps [cookiejar](https://github.com/bmeck/node-cookiejar) from 2.1.3 to 2.1.4. - [Release notes](https://github.com/bmeck/node-cookiejar/releases) - [Commits](https://github.com/bmeck/node-cookiejar/commits) --- updated-dependencies: - dependency-name: cookiejar dependency-type: indirect ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .../functions/export/package-lock.json | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/blueprints/apigee/bigquery-analytics/functions/export/package-lock.json b/blueprints/apigee/bigquery-analytics/functions/export/package-lock.json index 737005beea..9ccbef7793 100644 --- a/blueprints/apigee/bigquery-analytics/functions/export/package-lock.json +++ b/blueprints/apigee/bigquery-analytics/functions/export/package-lock.json @@ -826,9 +826,9 @@ "integrity": "sha512-QADzlaHc8icV8I7vbaJXJwod9HWYp8uCqf1xa4OfNu1T7JVxQIrUgOWtHdNDtPiywmFbiS12VjotIXLrKM3orQ==" }, "node_modules/cookiejar": { - "version": "2.1.3", - "resolved": "https://registry.npmjs.org/cookiejar/-/cookiejar-2.1.3.tgz", - "integrity": "sha512-JxbCBUdrfr6AQjOXrxoTvAMJO4HBTUIlBzslcJPAz+/KT8yk53fXun51u+RenNYvad/+Vc2DIz5o9UxlCDymFQ==" + "version": "2.1.4", + "resolved": "https://registry.npmjs.org/cookiejar/-/cookiejar-2.1.4.tgz", + "integrity": "sha512-LDx6oHrK+PhzLKJU9j5S7/Y3jM/mUHvD/DeI1WQmJn652iPC5Y4TBzC9l+5OMOXlyTTA+SmVUPm0HQUwpD5Jqw==" }, "node_modules/debug": { "version": "2.6.9", @@ -3783,9 +3783,9 @@ "integrity": "sha512-QADzlaHc8icV8I7vbaJXJwod9HWYp8uCqf1xa4OfNu1T7JVxQIrUgOWtHdNDtPiywmFbiS12VjotIXLrKM3orQ==" }, "cookiejar": { - "version": "2.1.3", - "resolved": "https://registry.npmjs.org/cookiejar/-/cookiejar-2.1.3.tgz", - "integrity": "sha512-JxbCBUdrfr6AQjOXrxoTvAMJO4HBTUIlBzslcJPAz+/KT8yk53fXun51u+RenNYvad/+Vc2DIz5o9UxlCDymFQ==" + "version": "2.1.4", + "resolved": "https://registry.npmjs.org/cookiejar/-/cookiejar-2.1.4.tgz", + "integrity": "sha512-LDx6oHrK+PhzLKJU9j5S7/Y3jM/mUHvD/DeI1WQmJn652iPC5Y4TBzC9l+5OMOXlyTTA+SmVUPm0HQUwpD5Jqw==" }, "debug": { "version": "2.6.9", From 7f5c177cfec1769b6fd91bbb748548862fb34d1c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Aur=C3=A9lien=20Legrand?= Date: Wed, 25 Jan 2023 16:02:30 +0100 Subject: [PATCH 04/26] Network Dashboard: PSA support for Filestore and Memorystore (#1106) * Support for Filestore and Memorystore PSA ranges Co-authored-by: Ludovico Magnocavallo --- .../dashboards/quotas-utilization.json | 143 ++++++++++-------- .../deploy-cloud-function/README.md | 2 +- .../deploy-cloud-function/variables.tf | 2 +- .../src/plugins/discover-cai.py | 50 +++++- .../src/plugins/series-psa.py | 43 +++++- 5 files changed, 167 insertions(+), 73 deletions(-) diff --git a/blueprints/cloud-operations/network-dashboard/dashboards/quotas-utilization.json b/blueprints/cloud-operations/network-dashboard/dashboards/quotas-utilization.json index 1c11bdb7af..361eb8214d 100644 --- a/blueprints/cloud-operations/network-dashboard/dashboards/quotas-utilization.json +++ b/blueprints/cloud-operations/network-dashboard/dashboards/quotas-utilization.json @@ -1,5 +1,4 @@ { - "category": "CUSTOM", "displayName": "quotas_utilization", "mosaicLayout": { "columns": 12, @@ -18,7 +17,6 @@ "plotType": "LINE", "targetAxis": "Y1", "timeSeriesQuery": { - "apiSource": "DEFAULT_CLOUD", "timeSeriesFilter": { "aggregation": { "alignmentPeriod": "3600s", @@ -40,9 +38,7 @@ } } }, - "width": 6, - "xPos": 0, - "yPos": 0 + "width": 6 }, { "height": 4, @@ -58,7 +54,6 @@ "plotType": "LINE", "targetAxis": "Y1", "timeSeriesQuery": { - "apiSource": "DEFAULT_CLOUD", "timeSeriesFilter": { "aggregation": { "alignmentPeriod": "3600s", @@ -81,7 +76,6 @@ } }, "width": 6, - "xPos": 0, "yPos": 12 }, { @@ -98,7 +92,6 @@ "plotType": "LINE", "targetAxis": "Y1", "timeSeriesQuery": { - "apiSource": "DEFAULT_CLOUD", "timeSeriesFilter": { "aggregation": { "alignmentPeriod": "3600s", @@ -121,7 +114,6 @@ } }, "width": 6, - "xPos": 0, "yPos": 8 }, { @@ -138,7 +130,6 @@ "plotType": "LINE", "targetAxis": "Y1", "timeSeriesQuery": { - "apiSource": "DEFAULT_CLOUD", "timeSeriesFilter": { "aggregation": { "alignmentPeriod": "3600s", @@ -178,7 +169,6 @@ "plotType": "LINE", "targetAxis": "Y1", "timeSeriesQuery": { - "apiSource": "DEFAULT_CLOUD", "timeSeriesFilter": { "aggregation": { "alignmentPeriod": "3600s", @@ -201,7 +191,6 @@ } }, "width": 6, - "xPos": 0, "yPos": 4 }, { @@ -218,7 +207,6 @@ "plotType": "LINE", "targetAxis": "Y1", "timeSeriesQuery": { - "apiSource": "DEFAULT_CLOUD", "timeSeriesFilter": { "aggregation": { "alignmentPeriod": "3600s", @@ -241,8 +229,7 @@ } }, "width": 6, - "xPos": 6, - "yPos": 0 + "xPos": 6 }, { "height": 4, @@ -258,7 +245,6 @@ "plotType": "LINE", "targetAxis": "Y1", "timeSeriesQuery": { - "apiSource": "DEFAULT_CLOUD", "timeSeriesFilter": { "aggregation": { "alignmentPeriod": "3600s", @@ -298,7 +284,6 @@ "plotType": "LINE", "targetAxis": "Y1", "timeSeriesQuery": { - "apiSource": "DEFAULT_CLOUD", "timeSeriesFilter": { "aggregation": { "alignmentPeriod": "3600s", @@ -330,17 +315,19 @@ }, "dataSets": [ { - "minAlignmentPeriod": "60s", + "minAlignmentPeriod": "3600s", "plotType": "LINE", "targetAxis": "Y1", "timeSeriesQuery": { - "apiSource": "DEFAULT_CLOUD", "timeSeriesFilter": { "aggregation": { - "alignmentPeriod": "60s", - "perSeriesAligner": "ALIGN_MEAN" + "alignmentPeriod": "3600s", + "perSeriesAligner": "ALIGN_NEXT_OLDER" }, - "filter": "metric.type=\"custom.googleapis.com/netmon/peering_group/routes_dynamic_used_ratio\" resource.type=\"global\"" + "filter": "metric.type=\"custom.googleapis.com/netmon/peering_group/routes_dynamic_used_ratio\" resource.type=\"global\"", + "secondaryAggregation": { + "alignmentPeriod": "60s" + } } } } @@ -353,7 +340,6 @@ } }, "width": 6, - "xPos": 0, "yPos": 20 }, { @@ -366,21 +352,23 @@ }, "dataSets": [ { - "minAlignmentPeriod": "60s", + "minAlignmentPeriod": "3600s", "plotType": "LINE", "targetAxis": "Y1", "timeSeriesQuery": { - "apiSource": "DEFAULT_CLOUD", "timeSeriesFilter": { "aggregation": { - "alignmentPeriod": "60s", + "alignmentPeriod": "3600s", "crossSeriesReducer": "REDUCE_SUM", "groupByFields": [ "metric.label.\"project\"" ], - "perSeriesAligner": "ALIGN_MEAN" + "perSeriesAligner": "ALIGN_NEXT_OLDER" }, - "filter": "metric.type=\"custom.googleapis.com/netmon/project/firewall_rules_used_ratio\" resource.type=\"global\"" + "filter": "metric.type=\"custom.googleapis.com/netmon/project/firewall_rules_used_ratio\" resource.type=\"global\"", + "secondaryAggregation": { + "alignmentPeriod": "60s" + } } } } @@ -393,8 +381,7 @@ } }, "width": 6, - "xPos": 0, - "yPos": 32 + "yPos": 28 }, { "height": 4, @@ -406,17 +393,19 @@ }, "dataSets": [ { - "minAlignmentPeriod": "60s", + "minAlignmentPeriod": "3600s", "plotType": "LINE", "targetAxis": "Y1", "timeSeriesQuery": { - "apiSource": "DEFAULT_CLOUD", "timeSeriesFilter": { "aggregation": { - "alignmentPeriod": "60s", - "perSeriesAligner": "ALIGN_MEAN" + "alignmentPeriod": "3600s", + "perSeriesAligner": "ALIGN_NEXT_OLDER" }, - "filter": "metric.type=\"custom.googleapis.com/netmon/firewall_policy/tuples_used_ratio\" resource.type=\"global\"" + "filter": "metric.type=\"custom.googleapis.com/netmon/firewall_policy/tuples_used_ratio\" resource.type=\"global\"", + "secondaryAggregation": { + "alignmentPeriod": "60s" + } } } } @@ -430,7 +419,7 @@ }, "width": 6, "xPos": 6, - "yPos": 28 + "yPos": 24 }, { "height": 4, @@ -442,17 +431,19 @@ }, "dataSets": [ { - "minAlignmentPeriod": "60s", + "minAlignmentPeriod": "3600s", "plotType": "LINE", "targetAxis": "Y1", "timeSeriesQuery": { - "apiSource": "DEFAULT_CLOUD", "timeSeriesFilter": { "aggregation": { - "alignmentPeriod": "60s", - "perSeriesAligner": "ALIGN_MEAN" + "alignmentPeriod": "3600s", + "perSeriesAligner": "ALIGN_NEXT_OLDER" }, - "filter": "metric.type=\"custom.googleapis.com/netmon/subnetwork/addresses_used_ratio\" resource.type=\"global\"" + "filter": "metric.type=\"custom.googleapis.com/netmon/subnetwork/addresses_used_ratio\" resource.type=\"global\"", + "secondaryAggregation": { + "alignmentPeriod": "60s" + } } } } @@ -465,7 +456,6 @@ } }, "width": 6, - "xPos": 6, "yPos": 16 }, { @@ -478,30 +468,27 @@ }, "dataSets": [ { - "minAlignmentPeriod": "60s", + "minAlignmentPeriod": "3600s", "plotType": "LINE", "targetAxis": "Y1", "timeSeriesQuery": { - "apiSource": "DEFAULT_CLOUD", "timeSeriesFilter": { "aggregation": { - "alignmentPeriod": "60s", + "alignmentPeriod": "3600s", "crossSeriesReducer": "REDUCE_SUM", "groupByFields": [ "metric.label.\"project\"" ], - "perSeriesAligner": "ALIGN_MEAN" + "perSeriesAligner": "ALIGN_NEXT_OLDER" }, "filter": "metric.type=\"custom.googleapis.com/netmon/project/routes_static_used_ratio\" resource.type=\"global\"", "secondaryAggregation": { - "alignmentPeriod": "60s", - "perSeriesAligner": "ALIGN_NONE" + "alignmentPeriod": "60s" } } } } ], - "thresholds": [], "timeshiftDuration": "0s", "yAxis": { "label": "y1Axis", @@ -510,8 +497,8 @@ } }, "width": 6, - "xPos": 0, - "yPos": 24 + "xPos": 6, + "yPos": 20 }, { "height": 4, @@ -523,22 +510,23 @@ }, "dataSets": [ { - "minAlignmentPeriod": "60s", + "minAlignmentPeriod": "3600s", "plotType": "LINE", "targetAxis": "Y1", "timeSeriesQuery": { - "apiSource": "DEFAULT_CLOUD", "timeSeriesFilter": { "aggregation": { - "alignmentPeriod": "60s", - "perSeriesAligner": "ALIGN_MEAN" + "alignmentPeriod": "3600s", + "perSeriesAligner": "ALIGN_NEXT_OLDER" }, - "filter": "metric.type=\"custom.googleapis.com/netmon/peering_group/routes_static_used_ratio\" resource.type=\"global\"" + "filter": "metric.type=\"custom.googleapis.com/netmon/peering_group/routes_static_used_ratio\" resource.type=\"global\"", + "secondaryAggregation": { + "alignmentPeriod": "60s" + } } } } ], - "thresholds": [], "timeshiftDuration": "0s", "yAxis": { "label": "y1Axis", @@ -547,8 +535,45 @@ } }, "width": 6, - "xPos": 0, - "yPos": 28 + "yPos": 24 + }, + { + "height": 4, + "widget": { + "title": "Addresses used ratio per psa range [NEXT OLDER]", + "xyChart": { + "chartOptions": { + "mode": "COLOR" + }, + "dataSets": [ + { + "minAlignmentPeriod": "3600s", + "plotType": "LINE", + "targetAxis": "Y1", + "timeSeriesQuery": { + "timeSeriesFilter": { + "aggregation": { + "alignmentPeriod": "3600s", + "perSeriesAligner": "ALIGN_NEXT_OLDER" + }, + "filter": "metric.type=\"custom.googleapis.com/netmon/network/psa/addresses_used_ratio\" resource.type=\"global\"", + "secondaryAggregation": { + "alignmentPeriod": "60s" + } + } + } + } + ], + "timeshiftDuration": "0s", + "yAxis": { + "label": "y1Axis", + "scale": "LINEAR" + } + } + }, + "width": 6, + "xPos": 6, + "yPos": 16 } ] } diff --git a/blueprints/cloud-operations/network-dashboard/deploy-cloud-function/README.md b/blueprints/cloud-operations/network-dashboard/deploy-cloud-function/README.md index bf1d7b5cf7..aa0bdf42e1 100644 --- a/blueprints/cloud-operations/network-dashboard/deploy-cloud-function/README.md +++ b/blueprints/cloud-operations/network-dashboard/deploy-cloud-function/README.md @@ -74,7 +74,7 @@ dashboard_json_path = "../dashboards/quotas-utilization.json" | [name](variables.tf#L75) | Name used to create Cloud Function related resources. | string | | "net-dash" | | [project_create_config](variables.tf#L81) | Optional configuration if project creation is required. | object({…}) | | null | | [region](variables.tf#L95) | Compute region where the Cloud Function will be deployed. | string | | "europe-west1" | -| [schedule_config](variables.tf#L101) | Schedule timer configuration in crontab format. | string | | "0/30 * * * *" | +| [schedule_config](variables.tf#L101) | Schedule timer configuration in crontab format. | string | | "*/30 * * * *" | ## Outputs diff --git a/blueprints/cloud-operations/network-dashboard/deploy-cloud-function/variables.tf b/blueprints/cloud-operations/network-dashboard/deploy-cloud-function/variables.tf index ab59f91f52..680b689dd8 100644 --- a/blueprints/cloud-operations/network-dashboard/deploy-cloud-function/variables.tf +++ b/blueprints/cloud-operations/network-dashboard/deploy-cloud-function/variables.tf @@ -101,5 +101,5 @@ variable "region" { variable "schedule_config" { description = "Schedule timer configuration in crontab format." type = string - default = "0/30 * * * *" + default = "*/30 * * * *" } diff --git a/blueprints/cloud-operations/network-dashboard/src/plugins/discover-cai.py b/blueprints/cloud-operations/network-dashboard/src/plugins/discover-cai.py index 3041df38a0..1ac62d0664 100644 --- a/blueprints/cloud-operations/network-dashboard/src/plugins/discover-cai.py +++ b/blueprints/cloud-operations/network-dashboard/src/plugins/discover-cai.py @@ -39,7 +39,9 @@ 'subnetworks': 'compute.googleapis.com/Subnetwork', 'routers': 'compute.googleapis.com/Router', 'routes': 'compute.googleapis.com/Route', - 'sql_instances': 'sqladmin.googleapis.com/Instance' + 'sql_instances': 'sqladmin.googleapis.com/Instance', + 'filestore_instances': 'file.googleapis.com/Instance', + 'memorystore_instances': 'redis.googleapis.com/Instance', } NAMES = {v: k for k, v in TYPES.items()} @@ -82,10 +84,16 @@ def _handle_resource(resources, asset_type, data): # e.g. assetType = GlobalAddress but discoveryName = Address resource_name = NAMES[asset_type] resource = { - 'id': attrs.get('id'), - 'name': attrs['name'], - 'self_link': _self_link(attrs['selfLink']), - 'assetType': asset_type + 'id': + attrs.get('id'), + 'name': + attrs['name'], + # Some resources (ex: Filestore) don't have a self_link, using parent + name in that case + 'self_link': + f'{data["parent"]}/{attrs["name"]}' + if not 'selfLink' in attrs else _self_link(attrs['selfLink']), + 'assetType': + asset_type } # derive parent type and id and skip if parent is not within scope parent_data = _get_parent(data['parent'], resources) @@ -212,6 +220,38 @@ def _handle_sql_instances(resource, data): ], 'region': data['region'], 'availabilityType': data['settings']['availabilityType'], + 'network': data['settings']['ipConfiguration']['privateNetwork'] + } + + +def _handle_filestore_instances(resource, data): + 'Handles filestore instance type resource data.' + return { + # Getting only the instance name, removing the rest + 'name': data['name'].split('/')[-1], + # Is a list but for now, only one network is supported for Filestore + 'network': data['networks'][0]['network'], + 'reservedIpRange': data['networks'][0]['reservedIpRange'], + 'ipAddresses': data['networks'][0]['ipAddresses'] + } + + +def _handle_memorystore_instances(resource, data): + 'Handles Memorystore (Redis) instance type resource data.' + return { + # Getting only the instance name, removing the rest + 'name': + data['name'].split('/')[-1], + 'locationId': + data['locationId'], + 'replicaCount': + 0 if not 'replicaCount' in data else data['replicaCount'], + 'network': + data['authorizedNetwork'], + 'reservedIpRange': + '' if not 'reservedIpRange' in data else data['reservedIpRange'], + 'host': + '' if not 'host' in data else data['host'], } diff --git a/blueprints/cloud-operations/network-dashboard/src/plugins/series-psa.py b/blueprints/cloud-operations/network-dashboard/src/plugins/series-psa.py index e9993e0745..82e06009d8 100644 --- a/blueprints/cloud-operations/network-dashboard/src/plugins/series-psa.py +++ b/blueprints/cloud-operations/network-dashboard/src/plugins/series-psa.py @@ -34,7 +34,28 @@ def _sql_addresses(sql_instances): if not v['ipAddresses']: continue # 1 IP for the instance + 1 IP for the ILB + 1 IP if HA - yield v['ipAddresses'][0], 2 if v['availabilityType'] != 'REGIONAL' else 3 + yield v['ipAddresses'][ + 0], 2 if v['availabilityType'] != 'REGIONAL' else 3, v['network'] + + +def _filestore_addresses(filestore_instances): + 'Returns counts of Filestore instances per PSA range.' + for v in filestore_instances.values(): + if not v['ipAddresses'] or not v['reservedIpRange']: + continue + # Subnet size (reservedIpRange) can be /29, /26 or /24 + yield v['ipAddresses'][0], ipaddress.ip_network( + v['reservedIpRange']).num_addresses, v['network'] + + +def _memorystore_addresses(memorystore_instances): + 'Returns counts of Memorystore (Redis) instances per PSA range.' + for v in memorystore_instances.values(): + if not v['reservedIpRange'] or v['reservedIpRange'] == '': + continue + # Subnet size (reservedIpRange) can be minimum /28 or /29 + yield v['host'], ipaddress.ip_network( + v['reservedIpRange']).num_addresses, v['network'] @register_timeseries @@ -46,26 +67,34 @@ def timeseries(resources): ('project', 'network', 'subnetwork'), dtype.endswith('ratio')) psa_nets = { - k: ipaddress.ip_network('{}/{}'.format(v['address'], v['prefixLength'])) - for k, v in resources['global_addresses'].items() - if v['prefixLength'] + k: { + 'network_link': + v['network'], + 'network_prefix': + ipaddress.ip_network('{}/{}'.format(v['address'], + v['prefixLength'])) + } for k, v in resources['global_addresses'].items() if v['prefixLength'] } psa_counts = {} - for address, ip_count in _sql_addresses(resources.get('sql_instances', {})): + for address, ip_count, network in itertools.chain( + _sql_addresses(resources.get('sql_instances', {})), + _filestore_addresses(resources.get('filestore_instances', {})), + _memorystore_addresses(resources.get('memorystore_instances', {}))): ip_address = ipaddress.ip_address(address) for k, v in psa_nets.items(): - if ip_address in v: + if network == v['network_link'] and ip_address in v['network_prefix']: psa_counts[k] = psa_counts.get(k, 0) + ip_count break for k, v in psa_counts.items(): - max_ips = psa_nets[k].num_addresses - 4 + max_ips = psa_nets[k]['network_prefix'].num_addresses - 4 psa_range = resources['global_addresses'][k] labels = { 'network': psa_range['network'], 'project': psa_range['project_id'], 'psa_range': psa_range['name'] } + yield TimeSeries('network/psa/addresses_available', max_ips, labels) yield TimeSeries('network/psa/addresses_used', v, labels) yield TimeSeries('network/psa/addresses_used_ratio', From 793596c61dd7836a0aded6bf1797d35b911e3e0e Mon Sep 17 00:00:00 2001 From: Julio Diez Date: Thu, 26 Jan 2023 12:25:54 +0100 Subject: [PATCH 05/26] Add HTTPS frontend with SNEG example --- modules/net-glb/README.md | 40 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) diff --git a/modules/net-glb/README.md b/modules/net-glb/README.md index 4b6d243508..12584b46e7 100644 --- a/modules/net-glb/README.md +++ b/modules/net-glb/README.md @@ -438,6 +438,46 @@ module "glb-0" { # tftest modules=1 resources=5 ``` +Serverless NEGs don't use the port name but it should be set to `http`. An HTTPS frontend requires the protocol to be set to `HTTPS`, and the port name field will infer this value if omitted so you need to set it explicitly: + +```hcl +module "glb-0" { + source = "./fabric/modules/net-glb" + project_id = "myprj" + name = "glb-test-0" + backend_service_configs = { + default = { + backends = [ + { backend = "neg-0" } + ] + health_checks = [] + port_name = "http" + } + } + # with a single serverless NEG the implied default health check is not needed + health_check_configs = {} + neg_configs = { + neg-0 = { + cloudrun = { + region = "europe-west8" + target_service = { + name = "hello" + } + } + } + } + protocol = "HTTPS" + ssl_certificates = { + managed_configs = { + default = { + domains = ["glb-test-0.example.org"] + } + } + } +} +# tftest ... +``` + ### URL Map The module exposes the full URL map resource configuration, with some minor changes to the interface to decrease verbosity, and support for aliasing backend services via keys. From 4d6561712ec67f3f4e100fc30bdcd7d6a68f7e31 Mon Sep 17 00:00:00 2001 From: Julio Diez Date: Thu, 26 Jan 2023 17:56:20 +0100 Subject: [PATCH 06/26] Fix tftest and format --- modules/net-glb/README.md | 4 +-- .../modules/net_glb/examples/https-sneg.yaml | 35 +++++++++++++++++++ 2 files changed, 37 insertions(+), 2 deletions(-) create mode 100644 tests/modules/net_glb/examples/https-sneg.yaml diff --git a/modules/net-glb/README.md b/modules/net-glb/README.md index 12584b46e7..cbf47588b8 100644 --- a/modules/net-glb/README.md +++ b/modules/net-glb/README.md @@ -451,7 +451,7 @@ module "glb-0" { { backend = "neg-0" } ] health_checks = [] - port_name = "http" + port_name = "http" } } # with a single serverless NEG the implied default health check is not needed @@ -475,7 +475,7 @@ module "glb-0" { } } } -# tftest ... +# tftest modules=1 resources=6 inventory=https-sneg.yaml ``` ### URL Map diff --git a/tests/modules/net_glb/examples/https-sneg.yaml b/tests/modules/net_glb/examples/https-sneg.yaml new file mode 100644 index 0000000000..0876484cba --- /dev/null +++ b/tests/modules/net_glb/examples/https-sneg.yaml @@ -0,0 +1,35 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.glb-0.google_compute_backend_service.default["default"]: + port_name: http + protocol: HTTPS + module.glb-0.google_compute_global_forwarding_rule.default: + load_balancing_scheme: EXTERNAL + port_range: '443' + module.glb-0.google_compute_region_network_endpoint_group.serverless["neg-0"]: + cloud_run: + - service: hello + tag: null + url_mask: null + +counts: + google_compute_backend_service: 1 + google_compute_global_forwarding_rule: 1 + google_compute_managed_ssl_certificate: 1 + google_compute_region_network_endpoint_group: 1 + google_compute_target_https_proxy: 1 + google_compute_url_map: 1 + From d537897cbf247388776ef5c737d2da64e45898f3 Mon Sep 17 00:00:00 2001 From: Julio Castillo Date: Thu, 26 Jan 2023 17:08:20 +0000 Subject: [PATCH 07/26] Remove trailing whitespaces --- tests/modules/net_glb/examples/https-sneg.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/modules/net_glb/examples/https-sneg.yaml b/tests/modules/net_glb/examples/https-sneg.yaml index 0876484cba..fa0823cbff 100644 --- a/tests/modules/net_glb/examples/https-sneg.yaml +++ b/tests/modules/net_glb/examples/https-sneg.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google LLC +# Copyright 2023 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -9,7 +9,7 @@ # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and +# See the License for the specific language governing permissions and # limitations under the License. values: From bed7e05d09a563d699266c832ed53fe95eaffb24 Mon Sep 17 00:00:00 2001 From: fdhaussy Date: Fri, 27 Jan 2023 15:37:57 +0100 Subject: [PATCH 08/26] add support for deployment_type and api_proxy_type in google_apigee_environment resource --- modules/apigee/README.md | 24 +++++++++++-------- modules/apigee/main.tf | 10 ++++---- modules/apigee/variables.tf | 6 +++-- .../test.env_only_with_api_proxy_type.tfvars | 13 ++++++++++ .../test.env_only_with_deployment_type.tfvars | 13 ++++++++++ tests/modules/apigee/fixture/variables.tf | 6 +++-- tests/modules/apigee/test_plan.py | 12 ++++++++++ 7 files changed, 66 insertions(+), 18 deletions(-) create mode 100644 tests/modules/apigee/fixture/test.env_only_with_api_proxy_type.tfvars create mode 100644 tests/modules/apigee/fixture/test.env_only_with_deployment_type.tfvars diff --git a/modules/apigee/README.md b/modules/apigee/README.md index fb26c1e727..02b1d13f99 100644 --- a/modules/apigee/README.md +++ b/modules/apigee/README.md @@ -25,14 +25,18 @@ module "apigee" { } environments = { apis-test = { - display_name = "APIs test" - description = "APIs Test" - envgroups = ["test"] + display_name = "APIs test" + description = "APIs Test" + deployment_type = "ARCHIVE" + api_proxy_type = "PROGRAMMABLE" + envgroups = ["test"] } apis-prod = { - display_name = "APIs prod" - description = "APIs prod" - envgroups = ["prod"] + display_name = "APIs prod" + description = "APIs prod" + deployment_type = "PROXY" + api_proxy_type = "CONFIGURABLE" + envgroups = ["prod"] iam = { "roles/viewer" = ["group:devops@myorg.com"] } @@ -169,12 +173,12 @@ module "apigee" { | name | description | type | required | default | |---|---|:---:|:---:|:---:| -| [project_id](variables.tf#L75) | Project ID. | string | ✓ | | +| [project_id](variables.tf#L77) | Project ID. | string | ✓ | | | [endpoint_attachments](variables.tf#L17) | Endpoint attachments. | map(object({…})) | | null | | [envgroups](variables.tf#L26) | Environment groups (NAME => [HOSTNAMES]). | map(list(string)) | | null | -| [environments](variables.tf#L32) | Environments. | map(object({…})) | | null | -| [instances](variables.tf#L47) | Instances. | map(object({…})) | | null | -| [organization](variables.tf#L61) | Apigee organization. If set to null the organization must already exist. | object({…}) | | null | +| [environments](variables.tf#L32) | Environments. | map(object({…})) | | null | +| [instances](variables.tf#L49) | Instances. | map(object({…})) | | null | +| [organization](variables.tf#L63) | Apigee organization. If set to null the organization must already exist. | object({…}) | | null | ## Outputs diff --git a/modules/apigee/main.tf b/modules/apigee/main.tf index fe34a73829..ec5781d1f1 100644 --- a/modules/apigee/main.tf +++ b/modules/apigee/main.tf @@ -40,10 +40,12 @@ resource "google_apigee_envgroup" "envgroups" { } resource "google_apigee_environment" "environments" { - for_each = local.environments - name = each.key - display_name = each.value.display_name - description = each.value.description + for_each = local.environments + name = each.key + display_name = each.value.display_name + description = each.value.description + deployment_type = each.value.deployment_type != null ? each.value.deployment_type : null + api_proxy_type = each.value.api_proxy_type != null ? each.value.api_proxy_type : null dynamic "node_config" { for_each = try(each.value.node_config, null) != null ? [""] : [] content { diff --git a/modules/apigee/variables.tf b/modules/apigee/variables.tf index 266f0d34ed..81cf77f6ea 100644 --- a/modules/apigee/variables.tf +++ b/modules/apigee/variables.tf @@ -32,8 +32,10 @@ variable "envgroups" { variable "environments" { description = "Environments." type = map(object({ - display_name = optional(string) - description = optional(string, "Terraform-managed") + display_name = optional(string) + description = optional(string, "Terraform-managed") + deployment_type = optional(string) + api_proxy_type = optional(string) node_config = optional(object({ min_node_count = optional(number) max_node_count = optional(number) diff --git a/tests/modules/apigee/fixture/test.env_only_with_api_proxy_type.tfvars b/tests/modules/apigee/fixture/test.env_only_with_api_proxy_type.tfvars new file mode 100644 index 0000000000..cbb4046362 --- /dev/null +++ b/tests/modules/apigee/fixture/test.env_only_with_api_proxy_type.tfvars @@ -0,0 +1,13 @@ +project_id = "my-project" +environments = { + apis-test = { + display_name = "APIs test" + description = "APIs Test" + api_proxy_type = "PROGRAMMABLE" + envgroups = ["test"] + node_config = { + min_node_count = 2 + max_node_count = 5 + } + } +} diff --git a/tests/modules/apigee/fixture/test.env_only_with_deployment_type.tfvars b/tests/modules/apigee/fixture/test.env_only_with_deployment_type.tfvars new file mode 100644 index 0000000000..48ef24e681 --- /dev/null +++ b/tests/modules/apigee/fixture/test.env_only_with_deployment_type.tfvars @@ -0,0 +1,13 @@ +project_id = "my-project" +environments = { + apis-test = { + display_name = "APIs test" + description = "APIs Test" + deployment_type = "ARCHIVE" + envgroups = ["test"] + node_config = { + min_node_count = 2 + max_node_count = 5 + } + } +} diff --git a/tests/modules/apigee/fixture/variables.tf b/tests/modules/apigee/fixture/variables.tf index 266f0d34ed..81cf77f6ea 100644 --- a/tests/modules/apigee/fixture/variables.tf +++ b/tests/modules/apigee/fixture/variables.tf @@ -32,8 +32,10 @@ variable "envgroups" { variable "environments" { description = "Environments." type = map(object({ - display_name = optional(string) - description = optional(string, "Terraform-managed") + display_name = optional(string) + description = optional(string, "Terraform-managed") + deployment_type = optional(string) + api_proxy_type = optional(string) node_config = optional(object({ min_node_count = optional(number) max_node_count = optional(number) diff --git a/tests/modules/apigee/test_plan.py b/tests/modules/apigee/test_plan.py index e693ddbb29..d16ef2963b 100644 --- a/tests/modules/apigee/test_plan.py +++ b/tests/modules/apigee/test_plan.py @@ -54,6 +54,18 @@ def test_env_only(plan_runner): 'google_apigee_envgroup_attachment.envgroup_attachments': 1, } +def test_env_only_with_deployment_type(plan_runner): + "Test that creates an environment in an existing environment group, with deployment_type set." + _, resources = plan_runner(tf_var_file='test.env_only_with_deployment_type.tfvars') + assert [r['values'].get('deployment_type') for r in resources + ] == [None, 'ARCHIVE'] + +def test_env_only_with_api_proxy_type(plan_runner): + "Test that creates an environment in an existing environment group, with api_proxy_type set." + _, resources = plan_runner(tf_var_file='test.env_only_with_api_proxy_type.tfvars') + assert [r['values'].get('api_proxy_type') for r in resources + ] == [None, 'PROGRAMMABLE'] + def test_instance_only(plan_runner): "Test that creates only an instance." _, resources = plan_runner(tf_var_file='test.instance_only.tfvars') From a291dca63b93e524cf08011930bdca292f2b9262 Mon Sep 17 00:00:00 2001 From: fdhaussy Date: Fri, 27 Jan 2023 16:20:33 +0100 Subject: [PATCH 09/26] chore: linting issue in tfvars file --- .../fixture/test.env_only_with_api_proxy_type.tfvars | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/modules/apigee/fixture/test.env_only_with_api_proxy_type.tfvars b/tests/modules/apigee/fixture/test.env_only_with_api_proxy_type.tfvars index cbb4046362..2a9164bf48 100644 --- a/tests/modules/apigee/fixture/test.env_only_with_api_proxy_type.tfvars +++ b/tests/modules/apigee/fixture/test.env_only_with_api_proxy_type.tfvars @@ -1,10 +1,10 @@ project_id = "my-project" environments = { apis-test = { - display_name = "APIs test" - description = "APIs Test" - api_proxy_type = "PROGRAMMABLE" - envgroups = ["test"] + display_name = "APIs test" + description = "APIs Test" + api_proxy_type = "PROGRAMMABLE" + envgroups = ["test"] node_config = { min_node_count = 2 max_node_count = 5 From 22c26e319fe4c72f1df219608e5ebcb5edff45c3 Mon Sep 17 00:00:00 2001 From: fdhaussy Date: Fri, 27 Jan 2023 17:08:35 +0100 Subject: [PATCH 10/26] fix: remove unuseful ternary --- modules/apigee/main.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/apigee/main.tf b/modules/apigee/main.tf index ec5781d1f1..f1c71ec1f1 100644 --- a/modules/apigee/main.tf +++ b/modules/apigee/main.tf @@ -44,8 +44,8 @@ resource "google_apigee_environment" "environments" { name = each.key display_name = each.value.display_name description = each.value.description - deployment_type = each.value.deployment_type != null ? each.value.deployment_type : null - api_proxy_type = each.value.api_proxy_type != null ? each.value.api_proxy_type : null + deployment_type = each.value.deployment_type + api_proxy_type = each.value.api_proxy_type dynamic "node_config" { for_each = try(each.value.node_config, null) != null ? [""] : [] content { From edd3a824539c2616e1d1fd531a2e517e38776123 Mon Sep 17 00:00:00 2001 From: Ayman Farhat <823713+aymanfarhat@users.noreply.github.com> Date: Fri, 27 Jan 2023 21:38:01 +0100 Subject: [PATCH 11/26] Include cloudbuild API in project module (#1116) * Include cloudbuild API in project module * Increase number of resources --- blueprints/data-solutions/data-platform-foundations/README.md | 2 +- modules/project/service-accounts.tf | 3 ++- tests/blueprints/apigee/bigquery-analytics/basic.yaml | 2 +- .../asset_inventory_feed_remediation/test_plan.py | 2 +- .../scheduled_asset_inventory_export_bq/test_plan.py | 2 +- .../unmanaged_instances_healthcheck/test_plan.py | 2 +- .../data_solutions/data_platform_foundations/test_plan.py | 2 +- tests/blueprints/gke/binauthz/test_plan.py | 2 +- .../networking/private_cloud_function_from_onprem/test_plan.py | 2 +- tests/blueprints/serverless/api_gateway/test_plan.py | 2 +- tests/fast/stages/s00_bootstrap/simple.yaml | 2 +- 11 files changed, 12 insertions(+), 11 deletions(-) diff --git a/blueprints/data-solutions/data-platform-foundations/README.md b/blueprints/data-solutions/data-platform-foundations/README.md index 30cdab8340..b038cfe4b6 100644 --- a/blueprints/data-solutions/data-platform-foundations/README.md +++ b/blueprints/data-solutions/data-platform-foundations/README.md @@ -219,7 +219,7 @@ module "data-platform" { prefix = "myprefix" } -# tftest modules=39 resources=286 +# tftest modules=39 resources=287 ``` ## Customizations diff --git a/modules/project/service-accounts.tf b/modules/project/service-accounts.tf index abf34cae02..b25c612697 100644 --- a/modules/project/service-accounts.tf +++ b/modules/project/service-accounts.tf @@ -75,7 +75,8 @@ locals { "gkehub.googleapis.com", "pubsub.googleapis.com", "secretmanager.googleapis.com", - "sqladmin.googleapis.com" + "sqladmin.googleapis.com", + "cloudbuild.googleapis.com", ] service_accounts_cmek_service_keys = distinct(flatten([ for s in keys(var.service_encryption_key_ids) : [ diff --git a/tests/blueprints/apigee/bigquery-analytics/basic.yaml b/tests/blueprints/apigee/bigquery-analytics/basic.yaml index 2b044dcb6a..d89eaef583 100644 --- a/tests/blueprints/apigee/bigquery-analytics/basic.yaml +++ b/tests/blueprints/apigee/bigquery-analytics/basic.yaml @@ -14,4 +14,4 @@ counts: modules: 9 - resources: 60 + resources: 61 diff --git a/tests/blueprints/cloud_operations/asset_inventory_feed_remediation/test_plan.py b/tests/blueprints/cloud_operations/asset_inventory_feed_remediation/test_plan.py index df03e144f0..497af6be59 100644 --- a/tests/blueprints/cloud_operations/asset_inventory_feed_remediation/test_plan.py +++ b/tests/blueprints/cloud_operations/asset_inventory_feed_remediation/test_plan.py @@ -16,4 +16,4 @@ def test_resources(e2e_plan_runner): "Test that plan works and the numbers of resources is as expected." modules, resources = e2e_plan_runner() assert len(modules) == 6 - assert len(resources) == 18 + assert len(resources) == 19 diff --git a/tests/blueprints/cloud_operations/scheduled_asset_inventory_export_bq/test_plan.py b/tests/blueprints/cloud_operations/scheduled_asset_inventory_export_bq/test_plan.py index c5394839de..3bcc634406 100644 --- a/tests/blueprints/cloud_operations/scheduled_asset_inventory_export_bq/test_plan.py +++ b/tests/blueprints/cloud_operations/scheduled_asset_inventory_export_bq/test_plan.py @@ -16,4 +16,4 @@ def test_resources(e2e_plan_runner): "Test that plan works and the numbers of resources is as expected." modules, resources = e2e_plan_runner() assert len(modules) == 7 - assert len(resources) == 29 + assert len(resources) == 30 diff --git a/tests/blueprints/cloud_operations/unmanaged_instances_healthcheck/test_plan.py b/tests/blueprints/cloud_operations/unmanaged_instances_healthcheck/test_plan.py index c79be049e8..b1f0fba3ca 100644 --- a/tests/blueprints/cloud_operations/unmanaged_instances_healthcheck/test_plan.py +++ b/tests/blueprints/cloud_operations/unmanaged_instances_healthcheck/test_plan.py @@ -16,4 +16,4 @@ def test_resources(e2e_plan_runner): "Test that plan works and the numbers of resources is as expected." modules, resources = e2e_plan_runner() assert len(modules) == 10 - assert len(resources) == 31 + assert len(resources) == 32 diff --git a/tests/blueprints/data_solutions/data_platform_foundations/test_plan.py b/tests/blueprints/data_solutions/data_platform_foundations/test_plan.py index 17563647c1..93961b5e8b 100644 --- a/tests/blueprints/data_solutions/data_platform_foundations/test_plan.py +++ b/tests/blueprints/data_solutions/data_platform_foundations/test_plan.py @@ -22,4 +22,4 @@ def test_resources(e2e_plan_runner): "Test that plan works and the numbers of resources is as expected." modules, resources = e2e_plan_runner(FIXTURES_DIR) assert len(modules) == 38 - assert len(resources) == 285 + assert len(resources) == 286 diff --git a/tests/blueprints/gke/binauthz/test_plan.py b/tests/blueprints/gke/binauthz/test_plan.py index cf012c0615..b4437b6f3d 100644 --- a/tests/blueprints/gke/binauthz/test_plan.py +++ b/tests/blueprints/gke/binauthz/test_plan.py @@ -16,4 +16,4 @@ def test_resources(e2e_plan_runner): "Test that plan works and the numbers of resources is as expected." modules, resources = e2e_plan_runner() assert len(modules) == 13 - assert len(resources) == 43 + assert len(resources) == 44 diff --git a/tests/blueprints/networking/private_cloud_function_from_onprem/test_plan.py b/tests/blueprints/networking/private_cloud_function_from_onprem/test_plan.py index 2b3f8d7f77..81225db364 100644 --- a/tests/blueprints/networking/private_cloud_function_from_onprem/test_plan.py +++ b/tests/blueprints/networking/private_cloud_function_from_onprem/test_plan.py @@ -16,4 +16,4 @@ def test_resources(e2e_plan_runner): "Test that plan works and the numbers of resources is as expected." modules, resources = e2e_plan_runner() assert len(modules) == 10 - assert len(resources) == 38 + assert len(resources) == 39 diff --git a/tests/blueprints/serverless/api_gateway/test_plan.py b/tests/blueprints/serverless/api_gateway/test_plan.py index 6cf48a87ba..9d658398ec 100644 --- a/tests/blueprints/serverless/api_gateway/test_plan.py +++ b/tests/blueprints/serverless/api_gateway/test_plan.py @@ -16,4 +16,4 @@ def test_resources(e2e_plan_runner): "Test that plan works and the numbers of resources is as expected." modules, resources = e2e_plan_runner() assert len(modules) == 7 - assert len(resources) == 31 + assert len(resources) == 32 diff --git a/tests/fast/stages/s00_bootstrap/simple.yaml b/tests/fast/stages/s00_bootstrap/simple.yaml index 703b84b456..ed0d773808 100644 --- a/tests/fast/stages/s00_bootstrap/simple.yaml +++ b/tests/fast/stages/s00_bootstrap/simple.yaml @@ -24,7 +24,7 @@ counts: google_project_iam_binding: 9 google_project_iam_member: 1 google_project_service: 29 - google_project_service_identity: 2 + google_project_service_identity: 3 google_service_account: 3 google_service_account_iam_binding: 3 google_storage_bucket: 4 From 83a0916bff99c4e7c0457c1412c7a5b57d3facd4 Mon Sep 17 00:00:00 2001 From: Ludo Date: Sat, 28 Jan 2023 09:27:31 +0100 Subject: [PATCH 12/26] add missing newline --- fast/stages/00-bootstrap/README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/fast/stages/00-bootstrap/README.md b/fast/stages/00-bootstrap/README.md index 6e0e1b5559..889b0bcea8 100644 --- a/fast/stages/00-bootstrap/README.md +++ b/fast/stages/00-bootstrap/README.md @@ -264,6 +264,7 @@ terraform init terraform apply \ -var bootstrap_user=$(gcloud config list --format 'value(core.account)') ``` + > If you see an error related to project name already exists, please make sure the project name is unique or the project was not deleted recently Once the initial `apply` completes successfully, configure a remote backend using the new GCS bucket, and impersonation on the automation service account for this stage. To do this you can use the generated `providers.tf` file if you have configured output files as described above, or extract its contents from Terraform's output, then migrate state with `terraform init`: From 7b96ed429c956165dfce19d8c214d578574a59f3 Mon Sep 17 00:00:00 2001 From: Ludovico Magnocavallo Date: Sat, 28 Jan 2023 09:41:22 +0100 Subject: [PATCH 13/26] add missing role for initial user (#1118) --- fast/stages/00-bootstrap/organization.tf | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/fast/stages/00-bootstrap/organization.tf b/fast/stages/00-bootstrap/organization.tf index 0700d564e2..33b87820d3 100644 --- a/fast/stages/00-bootstrap/organization.tf +++ b/fast/stages/00-bootstrap/organization.tf @@ -23,9 +23,10 @@ locals { "roles/browser" = [ "domain:${var.organization.domain}" ] - "roles/logging.admin" = [ - module.automation-tf-bootstrap-sa.iam_email - ] + "roles/logging.admin" = concat( + [module.automation-tf-bootstrap-sa.iam_email], + local._iam_bootstrap_user + ) "roles/owner" = local._iam_bootstrap_user "roles/resourcemanager.folderAdmin" = [ module.automation-tf-resman-sa.iam_email From b0f177a2cf7abd44c9d93717c3c69ce8016de0fe Mon Sep 17 00:00:00 2001 From: Ludovico Magnocavallo Date: Sun, 29 Jan 2023 12:35:58 +0100 Subject: [PATCH 14/26] Update README.md --- modules/net-glb/README.md | 30 ++++++++++-------------------- 1 file changed, 10 insertions(+), 20 deletions(-) diff --git a/modules/net-glb/README.md b/modules/net-glb/README.md index 84ee8798d0..874468dc7f 100644 --- a/modules/net-glb/README.md +++ b/modules/net-glb/README.md @@ -224,23 +224,19 @@ module "win-template" { project_id = "myprj" zone = "europe-west8-a" name = "win-template" - instance_type = "n2d-standard-2" - + create_template = true + boot_disk = { + image = "projects/windows-cloud/global/images/windows-server-2019-dc-v20221214" + type = "pd-balanced" + size = 70 + } network_interfaces = [{ network = var.vpc.self_link subnetwork = var.subnet.self_link nat = false addresses = null }] - - boot_disk = { - image = "projects/windows-cloud/global/images/windows-server-2019-dc-v20221214" - type = "pd-balanced" - size = 70 - } - - create_template = true } module "win-mig" { @@ -248,9 +244,7 @@ module "win-mig" { project_id = "myprj" location = "europe-west8-a" name = "win-mig" - instance_template = module.win-template.template.self_link - autoscaler_config = { max_replicas = 3 min_replicas = 1 @@ -261,14 +255,16 @@ module "win-mig" { } } } + named_port { + name = "http" + port = 80 + } } module "glb-0" { source = "./fabric/modules/net-glb" project_id = "myprj" name = "glb-test-0" - - backend_service_configs = { default = { backends = [ @@ -276,12 +272,6 @@ module "glb-0" { ] } } - - health_check_configs = { - default = { - tcp = { port = 80 } - } - } } # tftest modules=3 resources=8 ``` From 181b072d168911f33563f0578276ea18856a5117 Mon Sep 17 00:00:00 2001 From: Ludovico Magnocavallo Date: Sun, 29 Jan 2023 12:56:07 +0100 Subject: [PATCH 15/26] Update README.md --- modules/net-glb/README.md | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/modules/net-glb/README.md b/modules/net-glb/README.md index 874468dc7f..ad770f8f87 100644 --- a/modules/net-glb/README.md +++ b/modules/net-glb/README.md @@ -255,9 +255,8 @@ module "win-mig" { } } } - named_port { - name = "http" - port = 80 + named_ports { + http = 80 } } @@ -590,7 +589,6 @@ The module also allows managing managed and self-managed SSL certificates via th THe [HTTPS example above](#minimal-https-examples) shows how to configure manage certificated, the following example shows how to use an unmanaged (or self managed) certificate. The example uses Terraform resource for the key and certificate so that the we don't depend on external files when running tests, in real use the key and certificate are generally provided via external files read by the Terraform `file()` function. ```hcl - resource "tls_private_key" "default" { algorithm = "RSA" rsa_bits = 4096 From ac8698b3dfb4332f857fc123717f911d023261e8 Mon Sep 17 00:00:00 2001 From: Ludo Date: Sun, 29 Jan 2023 13:36:54 +0100 Subject: [PATCH 16/26] update changelog --- CHANGELOG.md | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index ddd8b0c982..59e4d371bf 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,15 @@ All notable changes to this project will be documented in this file. ### BLUEPRINTS +- [[#1106](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1106)] Network Dashboard: PSA support for Filestore and Memorystore ([aurelienlegrand](https://github.com/aurelienlegrand)) +- [[#1110](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1110)] Bump cookiejar from 2.1.3 to 2.1.4 in /blueprints/apigee/bigquery-analytics/functions/export ([dependabot[bot]](https://github.com/dependabot[bot])) +- [[#1097](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1097)] Use terraform resource to activate Anthos Service Mesh ([wiktorn](https://github.com/wiktorn)) +- [[#1104](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1104)] Updated apigee hybrid for gke README ([apichick](https://github.com/apichick)) +- [[#1107](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1107)] Check linting for Python dashboard files ([ludoo](https://github.com/ludoo)) +- [[#1102](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1102)] Improvements in apigee hybrid-gke: now using workload identity and GLB ([apichick](https://github.com/apichick)) +- [[#1098](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1098)] Add shared-vpc support on data-playground blueprint ([lcaggio](https://github.com/lcaggio)) +- [[#1095](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1095)] [Data Platform] Fix Table in readme ([lcaggio](https://github.com/lcaggio)) +- [[#1089](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1089)] Update Data Platform ([lcaggio](https://github.com/lcaggio)) - [[#1081](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1081)] Apigee hybrid on GKE ([apichick](https://github.com/apichick)) - [[#1082](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1082)] Fixes in Apigee Bigquery Analytics blueprint ([apichick](https://github.com/apichick)) - [[#1071](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1071)] Moved apigee bigquery analytics blueprint, added apigee network patterns ([apichick](https://github.com/apichick)) @@ -20,6 +29,8 @@ All notable changes to this project will be documented in this file. ### DOCUMENTATION +- [[#1101](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1101)] First batch of testing updates to core modules ([juliocc](https://github.com/juliocc)) +- [[#1089](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1089)] Update Data Platform ([lcaggio](https://github.com/lcaggio)) - [[#1084](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1084)] Fixes in Apigee blueprints README files ([apichick](https://github.com/apichick)) - [[#1081](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1081)] Apigee hybrid on GKE ([apichick](https://github.com/apichick)) - [[#1074](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1074)] Adding new section for Authentication issues ([agutta](https://github.com/agutta)) @@ -28,6 +39,9 @@ All notable changes to this project will be documented in this file. ### FAST +- [[#1118](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1118)] Add missing logging admin role for initial user ([ludoo](https://github.com/ludoo)) +- [[#1099](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1099)] Fix destroy in stage 1 outputs ([ludoo](https://github.com/ludoo)) +- [[#1089](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1089)] Update Data Platform ([lcaggio](https://github.com/lcaggio)) - [[#1085](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1085)] fix restricted services not being added to the perimeter configurations ([drebes](https://github.com/drebes)) - [[#1057](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1057)] Adding new file FAQ and an image ([agutta](https://github.com/agutta)) - [[#1054](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1054)] FAST: fix typo in bootstrap stage README ([agutta](https://github.com/agutta)) @@ -35,6 +49,14 @@ All notable changes to this project will be documented in this file. ### MODULES +- [[#1116](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1116)] Include cloudbuild API in project module ([aymanfarhat](https://github.com/aymanfarhat)) +- [[#1115](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1115)] add new parameters support in apigee module ([blackillzone](https://github.com/blackillzone)) +- [[#1112](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1112)] Add HTTPS frontend with SNEG example ([juliodiez](https://github.com/juliodiez)) +- [[#1097](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1097)] Use terraform resource to activate Anthos Service Mesh ([wiktorn](https://github.com/wiktorn)) +- [[#1101](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1101)] First batch of testing updates to core modules ([juliocc](https://github.com/juliocc)) +- [[#1098](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1098)] Add shared-vpc support on data-playground blueprint ([lcaggio](https://github.com/lcaggio)) +- [[#1096](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1096)] [VPC-SC] Add support for scoped Policies ([lcaggio](https://github.com/lcaggio)) +- [[#1093](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1093)] Added tags to gke-cluster module ([apichick](https://github.com/apichick)) - [[#1078](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1078)] Fixed delete_rule in compute-mig module for stateful disks ([rosmo](https://github.com/rosmo)) - [[#1080](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1080)] Added device_name field to compute-vm attached_disks parameter ([rosmo](https://github.com/rosmo)) - [[#1079](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1079)] Reorder org policy rules ([juliocc](https://github.com/juliocc)) @@ -53,6 +75,8 @@ All notable changes to this project will be documented in this file. ### TOOLS +- [[#1107](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1107)] Check linting for Python dashboard files ([ludoo](https://github.com/ludoo)) +- [[#1101](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1101)] First batch of testing updates to core modules ([juliocc](https://github.com/juliocc)) - [[#1091](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1091)] Fix check_documentation output ([juliocc](https://github.com/juliocc)) - [[#1053](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1053)] Extend inventory-based testing to examples ([juliocc](https://github.com/juliocc)) From 46c52776d01b2612d483f6bb5bf58d1debe4cf5c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Wiktor=20Niesiob=C4=99dzki?= Date: Wed, 25 Jan 2023 16:50:59 +0100 Subject: [PATCH 17/26] Make features optional --- modules/gke-hub/variables.tf | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/modules/gke-hub/variables.tf b/modules/gke-hub/variables.tf index c7133c07fb..25e3d21d53 100644 --- a/modules/gke-hub/variables.tf +++ b/modules/gke-hub/variables.tf @@ -66,12 +66,12 @@ variable "configmanagement_templates" { variable "features" { description = "Enable and configue fleet features." type = object({ - appdevexperience = bool - configmanagement = bool - identityservice = bool - multiclusteringress = string - multiclusterservicediscovery = bool - servicemesh = bool + appdevexperience = optional(bool, false) + configmanagement = optional(bool, false) + identityservice = optional(bool, false) + multiclusteringress = optional(string, null) + multiclusterservicediscovery = optional(bool, false) + servicemesh = optional(bool, false) }) default = { appdevexperience = false From 0af5399389abc798436aae3d5c5b7926afb95d0b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Wiktor=20Niesiob=C4=99dzki?= Date: Wed, 25 Jan 2023 16:51:49 +0100 Subject: [PATCH 18/26] Add gateway_api_config, change workload_identity default value Make the default value on `enable_features` inline with what is set by optionals. --- modules/gke-cluster/main.tf | 7 +++++++ modules/gke-cluster/variables.tf | 3 ++- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/modules/gke-cluster/main.tf b/modules/gke-cluster/main.tf index d529cb4251..03e6c39476 100644 --- a/modules/gke-cluster/main.tf +++ b/modules/gke-cluster/main.tf @@ -197,6 +197,13 @@ resource "google_container_cluster" "cluster" { } } + dynamic "gateway_api_config" { + for_each = var.enable_features.gateway_api ? [""] : [] + content { + channel = "CHANNEL_STANDARD" + } + } + maintenance_policy { dynamic "daily_maintenance_window" { for_each = ( diff --git a/modules/gke-cluster/variables.tf b/modules/gke-cluster/variables.tf index 72f7fc14bc..f02ed50470 100644 --- a/modules/gke-cluster/variables.tf +++ b/modules/gke-cluster/variables.tf @@ -80,6 +80,7 @@ variable "enable_features" { key_name = string })) dataplane_v2 = optional(bool, false) + gateway_api = optional(bool, false) groups_for_rbac = optional(string) intranode_visibility = optional(bool, false) l4_ilb_subsetting = optional(bool, false) @@ -95,7 +96,7 @@ variable "enable_features" { topic_id = optional(string) })) vertical_pod_autoscaling = optional(bool, false) - workload_identity = optional(bool, false) + workload_identity = optional(bool, true) }) default = { workload_identity = true From 135f01f1911eaa941cb88f158a894adf37d447ef Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Wiktor=20Niesiob=C4=99dzki?= Date: Wed, 25 Jan 2023 16:52:37 +0100 Subject: [PATCH 19/26] Add aditional Multi-Cluster related services --- modules/gke-cluster/main.tf | 2 +- modules/project/service-accounts.tf | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/modules/gke-cluster/main.tf b/modules/gke-cluster/main.tf index 03e6c39476..f55f46e8e3 100644 --- a/modules/gke-cluster/main.tf +++ b/modules/gke-cluster/main.tf @@ -198,7 +198,7 @@ resource "google_container_cluster" "cluster" { } dynamic "gateway_api_config" { - for_each = var.enable_features.gateway_api ? [""] : [] + for_each = var.enable_features.gateway_api ? [""] : [] content { channel = "CHANNEL_STANDARD" } diff --git a/modules/project/service-accounts.tf b/modules/project/service-accounts.tf index b25c612697..1979958ba2 100644 --- a/modules/project/service-accounts.tf +++ b/modules/project/service-accounts.tf @@ -45,6 +45,8 @@ locals { # TODO: jit? gke-mcs = "service-%s@gcp-sa-mcsd" monitoring-notifications = "service-%s@gcp-sa-monitoring-notification" + multicluster-ingress = "service-%s@gcp-sa-multiclusteringress" + multicluster-discovery = "service-%s@gcp-sa-mcsd" notebooks = "service-%s@gcp-sa-notebooks" pubsub = "service-%s@gcp-sa-pubsub" secretmanager = "service-%s@gcp-sa-secretmanager" @@ -73,6 +75,7 @@ locals { "artifactregistry.googleapis.com", "cloudasset.googleapis.com", "gkehub.googleapis.com", + "multiclusteringress.googleapis.com", "pubsub.googleapis.com", "secretmanager.googleapis.com", "sqladmin.googleapis.com", From e47242b5c8eb052452187acd9a3000bca0ceb2bd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Wiktor=20Niesiob=C4=99dzki?= Date: Sun, 29 Jan 2023 11:02:47 +0100 Subject: [PATCH 20/26] tfdoc --- modules/gke-cluster/README.md | 34 ++++++++++++++++------------------ modules/gke-hub/README.md | 2 +- 2 files changed, 17 insertions(+), 19 deletions(-) diff --git a/modules/gke-cluster/README.md b/modules/gke-cluster/README.md index 0ba75cd617..1a6b611f9e 100644 --- a/modules/gke-cluster/README.md +++ b/modules/gke-cluster/README.md @@ -96,33 +96,31 @@ module "cluster-autopilot" { } # tftest modules=1 resources=1 inventory=autopilot.yaml ``` - - ## Variables | name | description | type | required | default | |---|---|:---:|:---:|:---:| -| [location](variables.tf#L117) | Cluster zone or region. | string | ✓ | | -| [name](variables.tf#L174) | Cluster name. | string | ✓ | | -| [project_id](variables.tf#L200) | Cluster project id. | string | ✓ | | -| [vpc_config](variables.tf#L217) | VPC-level configuration. | object({…}) | ✓ | | +| [location](variables.tf#L118) | Cluster zone or region. | string | ✓ | | +| [name](variables.tf#L175) | Cluster name. | string | ✓ | | +| [project_id](variables.tf#L201) | Cluster project id. | string | ✓ | | +| [vpc_config](variables.tf#L218) | VPC-level configuration. | object({…}) | ✓ | | | [cluster_autoscaling](variables.tf#L17) | Enable and configure limits for Node Auto-Provisioning with Cluster Autoscaler. | object({…}) | | null | | [description](variables.tf#L38) | Cluster description. | string | | null | | [enable_addons](variables.tf#L44) | Addons enabled in the cluster (true means enabled). | object({…}) | | {…} | -| [enable_features](variables.tf#L68) | Enable cluster-level features. Certain features allow configuration. | object({…}) | | {…} | -| [issue_client_certificate](variables.tf#L105) | Enable issuing client certificate. | bool | | false | -| [labels](variables.tf#L111) | Cluster resource labels. | map(string) | | null | -| [logging_config](variables.tf#L122) | Logging configuration. | list(string) | | ["SYSTEM_COMPONENTS"] | -| [maintenance_config](variables.tf#L128) | Maintenance window configuration. | object({…}) | | {…} | -| [max_pods_per_node](variables.tf#L151) | Maximum number of pods per node in this cluster. | number | | 110 | -| [min_master_version](variables.tf#L157) | Minimum version of the master, defaults to the version of the most recent official release. | string | | null | -| [monitoring_config](variables.tf#L163) | Monitoring components. | object({…}) | | {…} | -| [node_locations](variables.tf#L179) | Zones in which the cluster's nodes are located. | list(string) | | [] | -| [private_cluster_config](variables.tf#L186) | Private cluster configuration. | object({…}) | | null | -| [release_channel](variables.tf#L205) | Release channel for GKE upgrades. | string | | null | -| [tags](variables.tf#L211) | Network tags applied to nodes. | list(string) | | null | +| [enable_features](variables.tf#L68) | Enable cluster-level features. Certain features allow configuration. | object({…}) | | {…} | +| [issue_client_certificate](variables.tf#L106) | Enable issuing client certificate. | bool | | false | +| [labels](variables.tf#L112) | Cluster resource labels. | map(string) | | null | +| [logging_config](variables.tf#L123) | Logging configuration. | list(string) | | ["SYSTEM_COMPONENTS"] | +| [maintenance_config](variables.tf#L129) | Maintenance window configuration. | object({…}) | | {…} | +| [max_pods_per_node](variables.tf#L152) | Maximum number of pods per node in this cluster. | number | | 110 | +| [min_master_version](variables.tf#L158) | Minimum version of the master, defaults to the version of the most recent official release. | string | | null | +| [monitoring_config](variables.tf#L164) | Monitoring components. | object({…}) | | {…} | +| [node_locations](variables.tf#L180) | Zones in which the cluster's nodes are located. | list(string) | | [] | +| [private_cluster_config](variables.tf#L187) | Private cluster configuration. | object({…}) | | null | +| [release_channel](variables.tf#L206) | Release channel for GKE upgrades. | string | | null | +| [tags](variables.tf#L212) | Network tags applied to nodes. | list(string) | | null | ## Outputs diff --git a/modules/gke-hub/README.md b/modules/gke-hub/README.md index 17d7b427a4..f3f31755ee 100644 --- a/modules/gke-hub/README.md +++ b/modules/gke-hub/README.md @@ -307,7 +307,7 @@ module "hub" { | [clusters](variables.tf#L17) | Clusters members of this GKE Hub in name => id format. | map(string) | | {} | | [configmanagement_clusters](variables.tf#L24) | Config management features enabled on specific sets of member clusters, in config name => [cluster name] format. | map(list(string)) | | {} | | [configmanagement_templates](variables.tf#L31) | Sets of config management configurations that can be applied to member clusters, in config name => {options} format. | map(object({…})) | | {} | -| [features](variables.tf#L66) | Enable and configue fleet features. | object({…}) | | {…} | +| [features](variables.tf#L66) | Enable and configue fleet features. | object({…}) | | {…} | | [workload_identity_clusters](variables.tf#L92) | Clusters that will use Fleet Workload Identity. | list(string) | | [] | ## Outputs From 2976df596ef120624b2000287c1ad1be4ebb7f0a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Wiktor=20Niesiob=C4=99dzki?= Date: Sun, 29 Jan 2023 13:42:06 +0100 Subject: [PATCH 21/26] Fix tests (add JIT-ed SA for multiclusteringress.googleapis.com) --- blueprints/gke/multitenant-fleet/README.md | 4 ++-- modules/gke-hub/README.md | 2 +- tests/blueprints/gke/multitenant_fleet/test_plan.py | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/blueprints/gke/multitenant-fleet/README.md b/blueprints/gke/multitenant-fleet/README.md index ce14b5a0f2..1e09afaa29 100644 --- a/blueprints/gke/multitenant-fleet/README.md +++ b/blueprints/gke/multitenant-fleet/README.md @@ -115,7 +115,7 @@ module "gke-fleet" { vpc_self_link = "projects/prj-host/global/networks/prod-0" } } -# tftest modules=7 resources=26 +# tftest modules=7 resources=27 ``` ## GKE Fleet @@ -224,7 +224,7 @@ module "gke" { } } -# tftest modules=8 resources=37 +# tftest modules=8 resources=38 ``` diff --git a/modules/gke-hub/README.md b/modules/gke-hub/README.md index f3f31755ee..6afcd1c817 100644 --- a/modules/gke-hub/README.md +++ b/modules/gke-hub/README.md @@ -119,7 +119,7 @@ module "hub" { } } -# tftest modules=4 resources=15 +# tftest modules=4 resources=16 ``` ## Multi-cluster mesh on GKE diff --git a/tests/blueprints/gke/multitenant_fleet/test_plan.py b/tests/blueprints/gke/multitenant_fleet/test_plan.py index 2b94b766f7..c8a8369496 100644 --- a/tests/blueprints/gke/multitenant_fleet/test_plan.py +++ b/tests/blueprints/gke/multitenant_fleet/test_plan.py @@ -17,4 +17,4 @@ def test_resources(e2e_plan_runner): "Test that plan works and the numbers of resources is as expected." modules, resources = e2e_plan_runner() assert len(modules) == 4 - assert len(resources) == 22 + assert len(resources) == 23 From 37626c8ac7a02c71c9629d3e581a043e9a6af174 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Wiktor=20Niesiob=C4=99dzki?= Date: Sun, 29 Jan 2023 13:49:33 +0100 Subject: [PATCH 22/26] Adapt example to optional default --- modules/gke-cluster/README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/modules/gke-cluster/README.md b/modules/gke-cluster/README.md index 1a6b611f9e..dabead4fbf 100644 --- a/modules/gke-cluster/README.md +++ b/modules/gke-cluster/README.md @@ -91,7 +91,8 @@ module "cluster-autopilot" { master_ipv4_cidr_block = "192.168.0.0/28" } enable_features = { - autopilot = true + autopilot = true + workload_identity = false } } # tftest modules=1 resources=1 inventory=autopilot.yaml From 1a657b31d364d614800a6c76118aa31905e6e5ae Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Wiktor=20Niesiob=C4=99dzki?= Date: Sun, 29 Jan 2023 14:04:22 +0100 Subject: [PATCH 23/26] Bump beta provider to 4.48 This is the first version that supports `gateway_api_config` block --- blueprints/apigee/bigquery-analytics/versions.tf | 4 ++-- .../nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/versions.tf | 4 ++-- blueprints/cloud-operations/adfs/versions.tf | 4 ++-- .../asset-inventory-feed-remediation/versions.tf | 4 ++-- blueprints/cloud-operations/dns-fine-grained-iam/versions.tf | 4 ++-- blueprints/cloud-operations/dns-shared-vpc/versions.tf | 4 ++-- .../cloud-operations/iam-delegated-role-grants/versions.tf | 4 ++-- .../cloud-operations/onprem-sa-key-management/versions.tf | 4 ++-- blueprints/cloud-operations/packer-image-builder/versions.tf | 4 ++-- blueprints/cloud-operations/quota-monitoring/versions.tf | 4 ++-- .../scheduled-asset-inventory-export-bq/versions.tf | 4 ++-- .../tfc-workflow-using-wif/tfc-oidc/versions.tf | 4 ++-- .../data-solutions/cmek-via-centralized-kms/versions.tf | 4 ++-- blueprints/data-solutions/data-playground/versions.tf | 4 ++-- .../gcs-to-bq-with-least-privileges/versions.tf | 4 ++-- blueprints/factories/net-vpc-firewall-yaml/versions.tf | 4 ++-- .../__need_fixing/nginx-reverse-proxy-cluster/versions.tf | 4 ++-- .../__need_fixing/onprem-google-access-dns/versions.tf | 4 ++-- blueprints/networking/decentralized-firewall/versions.tf | 4 ++-- blueprints/networking/filtering-proxy-psc/versions.tf | 4 ++-- blueprints/networking/filtering-proxy/versions.tf | 4 ++-- blueprints/networking/hub-and-spoke-peering/versions.tf | 4 ++-- blueprints/networking/hub-and-spoke-vpn/versions.tf | 4 ++-- blueprints/networking/ilb-next-hop/versions.tf | 4 ++-- .../networking/private-cloud-function-from-onprem/versions.tf | 4 ++-- blueprints/networking/shared-vpc-gke/versions.tf | 4 ++-- blueprints/third-party-solutions/openshift/tf/versions.tf | 4 ++-- default-versions.tf | 4 ++-- modules/__experimental/net-neg/versions.tf | 4 ++-- modules/api-gateway/versions.tf | 4 ++-- modules/apigee/versions.tf | 4 ++-- modules/artifact-registry/versions.tf | 4 ++-- modules/bigquery-dataset/versions.tf | 4 ++-- modules/bigtable-instance/versions.tf | 4 ++-- modules/billing-budget/versions.tf | 4 ++-- modules/binauthz/versions.tf | 4 ++-- .../cloud-config-container/__need_fixing/onprem/versions.tf | 4 ++-- modules/cloud-config-container/coredns/versions.tf | 4 ++-- .../cloud-config-container/cos-generic-metadata/versions.tf | 4 ++-- .../cloud-config-container/envoy-traffic-director/versions.tf | 4 ++-- modules/cloud-config-container/mysql/versions.tf | 4 ++-- modules/cloud-config-container/nginx-tls/versions.tf | 4 ++-- modules/cloud-config-container/nginx/versions.tf | 4 ++-- modules/cloud-config-container/simple-nva/versions.tf | 4 ++-- modules/cloud-config-container/squid/versions.tf | 4 ++-- modules/cloud-function/versions.tf | 4 ++-- modules/cloud-identity-group/versions.tf | 4 ++-- modules/cloud-run/versions.tf | 4 ++-- modules/cloudsql-instance/versions.tf | 4 ++-- modules/compute-mig/versions.tf | 4 ++-- modules/compute-vm/versions.tf | 4 ++-- modules/container-registry/versions.tf | 4 ++-- modules/data-catalog-policy-tag/versions.tf | 4 ++-- modules/datafusion/versions.tf | 4 ++-- modules/dns/versions.tf | 4 ++-- modules/endpoints/versions.tf | 4 ++-- modules/folder/versions.tf | 4 ++-- modules/gcs/versions.tf | 4 ++-- modules/gke-cluster/versions.tf | 4 ++-- modules/gke-hub/versions.tf | 4 ++-- modules/gke-nodepool/versions.tf | 4 ++-- modules/iam-service-account/versions.tf | 4 ++-- modules/kms/versions.tf | 4 ++-- modules/logging-bucket/versions.tf | 4 ++-- modules/net-address/versions.tf | 4 ++-- modules/net-cloudnat/versions.tf | 4 ++-- modules/net-glb/versions.tf | 4 ++-- modules/net-ilb-l7/versions.tf | 4 ++-- modules/net-ilb/versions.tf | 4 ++-- modules/net-interconnect-attachment-direct/versions.tf | 4 ++-- modules/net-vpc-firewall/versions.tf | 4 ++-- modules/net-vpc-peering/versions.tf | 4 ++-- modules/net-vpc/versions.tf | 4 ++-- modules/net-vpn-dynamic/versions.tf | 4 ++-- modules/net-vpn-ha/versions.tf | 4 ++-- modules/net-vpn-static/versions.tf | 4 ++-- modules/organization/versions.tf | 4 ++-- modules/project/versions.tf | 4 ++-- modules/projects-data-source/versions.tf | 4 ++-- modules/pubsub/versions.tf | 4 ++-- modules/secret-manager/versions.tf | 4 ++-- modules/service-directory/versions.tf | 4 ++-- modules/source-repository/versions.tf | 4 ++-- modules/vpc-sc/versions.tf | 4 ++-- 84 files changed, 168 insertions(+), 168 deletions(-) diff --git a/blueprints/apigee/bigquery-analytics/versions.tf b/blueprints/apigee/bigquery-analytics/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/apigee/bigquery-analytics/versions.tf +++ b/blueprints/apigee/bigquery-analytics/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/versions.tf b/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/versions.tf +++ b/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/cloud-operations/adfs/versions.tf b/blueprints/cloud-operations/adfs/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/cloud-operations/adfs/versions.tf +++ b/blueprints/cloud-operations/adfs/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/cloud-operations/asset-inventory-feed-remediation/versions.tf b/blueprints/cloud-operations/asset-inventory-feed-remediation/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/cloud-operations/asset-inventory-feed-remediation/versions.tf +++ b/blueprints/cloud-operations/asset-inventory-feed-remediation/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/cloud-operations/dns-fine-grained-iam/versions.tf b/blueprints/cloud-operations/dns-fine-grained-iam/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/cloud-operations/dns-fine-grained-iam/versions.tf +++ b/blueprints/cloud-operations/dns-fine-grained-iam/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/cloud-operations/dns-shared-vpc/versions.tf b/blueprints/cloud-operations/dns-shared-vpc/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/cloud-operations/dns-shared-vpc/versions.tf +++ b/blueprints/cloud-operations/dns-shared-vpc/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/cloud-operations/iam-delegated-role-grants/versions.tf b/blueprints/cloud-operations/iam-delegated-role-grants/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/cloud-operations/iam-delegated-role-grants/versions.tf +++ b/blueprints/cloud-operations/iam-delegated-role-grants/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/cloud-operations/onprem-sa-key-management/versions.tf b/blueprints/cloud-operations/onprem-sa-key-management/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/cloud-operations/onprem-sa-key-management/versions.tf +++ b/blueprints/cloud-operations/onprem-sa-key-management/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/cloud-operations/packer-image-builder/versions.tf b/blueprints/cloud-operations/packer-image-builder/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/cloud-operations/packer-image-builder/versions.tf +++ b/blueprints/cloud-operations/packer-image-builder/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/cloud-operations/quota-monitoring/versions.tf b/blueprints/cloud-operations/quota-monitoring/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/cloud-operations/quota-monitoring/versions.tf +++ b/blueprints/cloud-operations/quota-monitoring/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/cloud-operations/scheduled-asset-inventory-export-bq/versions.tf b/blueprints/cloud-operations/scheduled-asset-inventory-export-bq/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/cloud-operations/scheduled-asset-inventory-export-bq/versions.tf +++ b/blueprints/cloud-operations/scheduled-asset-inventory-export-bq/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/cloud-operations/terraform-enterprise-wif/tfc-workflow-using-wif/tfc-oidc/versions.tf b/blueprints/cloud-operations/terraform-enterprise-wif/tfc-workflow-using-wif/tfc-oidc/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/cloud-operations/terraform-enterprise-wif/tfc-workflow-using-wif/tfc-oidc/versions.tf +++ b/blueprints/cloud-operations/terraform-enterprise-wif/tfc-workflow-using-wif/tfc-oidc/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/data-solutions/cmek-via-centralized-kms/versions.tf b/blueprints/data-solutions/cmek-via-centralized-kms/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/data-solutions/cmek-via-centralized-kms/versions.tf +++ b/blueprints/data-solutions/cmek-via-centralized-kms/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/data-solutions/data-playground/versions.tf b/blueprints/data-solutions/data-playground/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/data-solutions/data-playground/versions.tf +++ b/blueprints/data-solutions/data-playground/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/data-solutions/gcs-to-bq-with-least-privileges/versions.tf b/blueprints/data-solutions/gcs-to-bq-with-least-privileges/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/data-solutions/gcs-to-bq-with-least-privileges/versions.tf +++ b/blueprints/data-solutions/gcs-to-bq-with-least-privileges/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/factories/net-vpc-firewall-yaml/versions.tf b/blueprints/factories/net-vpc-firewall-yaml/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/factories/net-vpc-firewall-yaml/versions.tf +++ b/blueprints/factories/net-vpc-firewall-yaml/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/networking/__need_fixing/nginx-reverse-proxy-cluster/versions.tf b/blueprints/networking/__need_fixing/nginx-reverse-proxy-cluster/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/networking/__need_fixing/nginx-reverse-proxy-cluster/versions.tf +++ b/blueprints/networking/__need_fixing/nginx-reverse-proxy-cluster/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/networking/__need_fixing/onprem-google-access-dns/versions.tf b/blueprints/networking/__need_fixing/onprem-google-access-dns/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/networking/__need_fixing/onprem-google-access-dns/versions.tf +++ b/blueprints/networking/__need_fixing/onprem-google-access-dns/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/networking/decentralized-firewall/versions.tf b/blueprints/networking/decentralized-firewall/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/networking/decentralized-firewall/versions.tf +++ b/blueprints/networking/decentralized-firewall/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/networking/filtering-proxy-psc/versions.tf b/blueprints/networking/filtering-proxy-psc/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/networking/filtering-proxy-psc/versions.tf +++ b/blueprints/networking/filtering-proxy-psc/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/networking/filtering-proxy/versions.tf b/blueprints/networking/filtering-proxy/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/networking/filtering-proxy/versions.tf +++ b/blueprints/networking/filtering-proxy/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/networking/hub-and-spoke-peering/versions.tf b/blueprints/networking/hub-and-spoke-peering/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/networking/hub-and-spoke-peering/versions.tf +++ b/blueprints/networking/hub-and-spoke-peering/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/networking/hub-and-spoke-vpn/versions.tf b/blueprints/networking/hub-and-spoke-vpn/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/networking/hub-and-spoke-vpn/versions.tf +++ b/blueprints/networking/hub-and-spoke-vpn/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/networking/ilb-next-hop/versions.tf b/blueprints/networking/ilb-next-hop/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/networking/ilb-next-hop/versions.tf +++ b/blueprints/networking/ilb-next-hop/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/networking/private-cloud-function-from-onprem/versions.tf b/blueprints/networking/private-cloud-function-from-onprem/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/networking/private-cloud-function-from-onprem/versions.tf +++ b/blueprints/networking/private-cloud-function-from-onprem/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/networking/shared-vpc-gke/versions.tf b/blueprints/networking/shared-vpc-gke/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/networking/shared-vpc-gke/versions.tf +++ b/blueprints/networking/shared-vpc-gke/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/blueprints/third-party-solutions/openshift/tf/versions.tf b/blueprints/third-party-solutions/openshift/tf/versions.tf index 90b632f6d4..4900174aae 100644 --- a/blueprints/third-party-solutions/openshift/tf/versions.tf +++ b/blueprints/third-party-solutions/openshift/tf/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/default-versions.tf b/default-versions.tf index 90b632f6d4..4900174aae 100644 --- a/default-versions.tf +++ b/default-versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/__experimental/net-neg/versions.tf b/modules/__experimental/net-neg/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/__experimental/net-neg/versions.tf +++ b/modules/__experimental/net-neg/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/api-gateway/versions.tf b/modules/api-gateway/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/api-gateway/versions.tf +++ b/modules/api-gateway/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/apigee/versions.tf b/modules/apigee/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/apigee/versions.tf +++ b/modules/apigee/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/artifact-registry/versions.tf b/modules/artifact-registry/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/artifact-registry/versions.tf +++ b/modules/artifact-registry/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/bigquery-dataset/versions.tf b/modules/bigquery-dataset/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/bigquery-dataset/versions.tf +++ b/modules/bigquery-dataset/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/bigtable-instance/versions.tf b/modules/bigtable-instance/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/bigtable-instance/versions.tf +++ b/modules/bigtable-instance/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/billing-budget/versions.tf b/modules/billing-budget/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/billing-budget/versions.tf +++ b/modules/billing-budget/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/binauthz/versions.tf b/modules/binauthz/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/binauthz/versions.tf +++ b/modules/binauthz/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/cloud-config-container/__need_fixing/onprem/versions.tf b/modules/cloud-config-container/__need_fixing/onprem/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/cloud-config-container/__need_fixing/onprem/versions.tf +++ b/modules/cloud-config-container/__need_fixing/onprem/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/cloud-config-container/coredns/versions.tf b/modules/cloud-config-container/coredns/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/cloud-config-container/coredns/versions.tf +++ b/modules/cloud-config-container/coredns/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/cloud-config-container/cos-generic-metadata/versions.tf b/modules/cloud-config-container/cos-generic-metadata/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/cloud-config-container/cos-generic-metadata/versions.tf +++ b/modules/cloud-config-container/cos-generic-metadata/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/cloud-config-container/envoy-traffic-director/versions.tf b/modules/cloud-config-container/envoy-traffic-director/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/cloud-config-container/envoy-traffic-director/versions.tf +++ b/modules/cloud-config-container/envoy-traffic-director/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/cloud-config-container/mysql/versions.tf b/modules/cloud-config-container/mysql/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/cloud-config-container/mysql/versions.tf +++ b/modules/cloud-config-container/mysql/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/cloud-config-container/nginx-tls/versions.tf b/modules/cloud-config-container/nginx-tls/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/cloud-config-container/nginx-tls/versions.tf +++ b/modules/cloud-config-container/nginx-tls/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/cloud-config-container/nginx/versions.tf b/modules/cloud-config-container/nginx/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/cloud-config-container/nginx/versions.tf +++ b/modules/cloud-config-container/nginx/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/cloud-config-container/simple-nva/versions.tf b/modules/cloud-config-container/simple-nva/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/cloud-config-container/simple-nva/versions.tf +++ b/modules/cloud-config-container/simple-nva/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/cloud-config-container/squid/versions.tf b/modules/cloud-config-container/squid/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/cloud-config-container/squid/versions.tf +++ b/modules/cloud-config-container/squid/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/cloud-function/versions.tf b/modules/cloud-function/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/cloud-function/versions.tf +++ b/modules/cloud-function/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/cloud-identity-group/versions.tf b/modules/cloud-identity-group/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/cloud-identity-group/versions.tf +++ b/modules/cloud-identity-group/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/cloud-run/versions.tf b/modules/cloud-run/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/cloud-run/versions.tf +++ b/modules/cloud-run/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/cloudsql-instance/versions.tf b/modules/cloudsql-instance/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/cloudsql-instance/versions.tf +++ b/modules/cloudsql-instance/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/compute-mig/versions.tf b/modules/compute-mig/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/compute-mig/versions.tf +++ b/modules/compute-mig/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/compute-vm/versions.tf b/modules/compute-vm/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/compute-vm/versions.tf +++ b/modules/compute-vm/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/container-registry/versions.tf b/modules/container-registry/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/container-registry/versions.tf +++ b/modules/container-registry/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/data-catalog-policy-tag/versions.tf b/modules/data-catalog-policy-tag/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/data-catalog-policy-tag/versions.tf +++ b/modules/data-catalog-policy-tag/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/datafusion/versions.tf b/modules/datafusion/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/datafusion/versions.tf +++ b/modules/datafusion/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/dns/versions.tf b/modules/dns/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/dns/versions.tf +++ b/modules/dns/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/endpoints/versions.tf b/modules/endpoints/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/endpoints/versions.tf +++ b/modules/endpoints/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/folder/versions.tf b/modules/folder/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/folder/versions.tf +++ b/modules/folder/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/gcs/versions.tf b/modules/gcs/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/gcs/versions.tf +++ b/modules/gcs/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/gke-cluster/versions.tf b/modules/gke-cluster/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/gke-cluster/versions.tf +++ b/modules/gke-cluster/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/gke-hub/versions.tf b/modules/gke-hub/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/gke-hub/versions.tf +++ b/modules/gke-hub/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/gke-nodepool/versions.tf b/modules/gke-nodepool/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/gke-nodepool/versions.tf +++ b/modules/gke-nodepool/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/iam-service-account/versions.tf b/modules/iam-service-account/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/iam-service-account/versions.tf +++ b/modules/iam-service-account/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/kms/versions.tf b/modules/kms/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/kms/versions.tf +++ b/modules/kms/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/logging-bucket/versions.tf b/modules/logging-bucket/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/logging-bucket/versions.tf +++ b/modules/logging-bucket/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/net-address/versions.tf b/modules/net-address/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/net-address/versions.tf +++ b/modules/net-address/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/net-cloudnat/versions.tf b/modules/net-cloudnat/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/net-cloudnat/versions.tf +++ b/modules/net-cloudnat/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/net-glb/versions.tf b/modules/net-glb/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/net-glb/versions.tf +++ b/modules/net-glb/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/net-ilb-l7/versions.tf b/modules/net-ilb-l7/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/net-ilb-l7/versions.tf +++ b/modules/net-ilb-l7/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/net-ilb/versions.tf b/modules/net-ilb/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/net-ilb/versions.tf +++ b/modules/net-ilb/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/net-interconnect-attachment-direct/versions.tf b/modules/net-interconnect-attachment-direct/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/net-interconnect-attachment-direct/versions.tf +++ b/modules/net-interconnect-attachment-direct/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/net-vpc-firewall/versions.tf b/modules/net-vpc-firewall/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/net-vpc-firewall/versions.tf +++ b/modules/net-vpc-firewall/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/net-vpc-peering/versions.tf b/modules/net-vpc-peering/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/net-vpc-peering/versions.tf +++ b/modules/net-vpc-peering/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/net-vpc/versions.tf b/modules/net-vpc/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/net-vpc/versions.tf +++ b/modules/net-vpc/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/net-vpn-dynamic/versions.tf b/modules/net-vpn-dynamic/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/net-vpn-dynamic/versions.tf +++ b/modules/net-vpn-dynamic/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/net-vpn-ha/versions.tf b/modules/net-vpn-ha/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/net-vpn-ha/versions.tf +++ b/modules/net-vpn-ha/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/net-vpn-static/versions.tf b/modules/net-vpn-static/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/net-vpn-static/versions.tf +++ b/modules/net-vpn-static/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/organization/versions.tf b/modules/organization/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/organization/versions.tf +++ b/modules/organization/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/project/versions.tf b/modules/project/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/project/versions.tf +++ b/modules/project/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/projects-data-source/versions.tf b/modules/projects-data-source/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/projects-data-source/versions.tf +++ b/modules/projects-data-source/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/pubsub/versions.tf b/modules/pubsub/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/pubsub/versions.tf +++ b/modules/pubsub/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/secret-manager/versions.tf b/modules/secret-manager/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/secret-manager/versions.tf +++ b/modules/secret-manager/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/service-directory/versions.tf b/modules/service-directory/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/service-directory/versions.tf +++ b/modules/service-directory/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/source-repository/versions.tf b/modules/source-repository/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/source-repository/versions.tf +++ b/modules/source-repository/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } diff --git a/modules/vpc-sc/versions.tf b/modules/vpc-sc/versions.tf index 90b632f6d4..4900174aae 100644 --- a/modules/vpc-sc/versions.tf +++ b/modules/vpc-sc/versions.tf @@ -17,11 +17,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.47.0" # tftest + version = ">= 4.48.0" # tftest } } } From db8382fc02539e59742ff350e3fd5a04baa18c2c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Wiktor=20Niesiob=C4=99dzki?= Date: Sun, 29 Jan 2023 14:32:29 +0100 Subject: [PATCH 24/26] Fix tests after version bump --- tests/modules/gke_hub/test_plan.py | 1 + tests/modules/gke_nodepool/examples/config.yaml | 3 +-- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/modules/gke_hub/test_plan.py b/tests/modules/gke_hub/test_plan.py index 51258c8316..8a71d12b57 100644 --- a/tests/modules/gke_hub/test_plan.py +++ b/tests/modules/gke_hub/test_plan.py @@ -61,6 +61,7 @@ def test_configmanagement_setup(resources): 'sync_wait_secs': None }], + 'oci': [], 'prevent_drift': False, 'source_format': 'hierarchy' }], diff --git a/tests/modules/gke_nodepool/examples/config.yaml b/tests/modules/gke_nodepool/examples/config.yaml index fc1682a826..858e5ca58c 100644 --- a/tests/modules/gke_nodepool/examples/config.yaml +++ b/tests/modules/gke_nodepool/examples/config.yaml @@ -15,8 +15,7 @@ values: module.cluster-1-nodepool-1.google_container_node_pool.nodepool: autoscaling: - - location_policy: null - max_node_count: 10 + - max_node_count: 10 min_node_count: 1 total_max_node_count: null total_min_node_count: null From 1a2745b632bd1d584818daa25b3a07dcfbfd50ac Mon Sep 17 00:00:00 2001 From: Miren Esnaola Date: Tue, 24 Jan 2023 16:57:01 +0100 Subject: [PATCH 25/26] In the apigee module now both the /22 and /28 peering IP ranges are passed at instance creation --- .../apigee/bigquery-analytics/README.md | 14 +++++----- blueprints/apigee/bigquery-analytics/main.tf | 9 ++++--- .../terraform.tfvars.sample | 3 ++- .../apigee/bigquery-analytics/variables.tf | 15 ++++++----- .../README.md | 21 ++++++++------- .../apigee.tf | 10 ++++--- .../variables.tf | 18 ++++++++----- modules/apigee/README.md | 27 ++++++++++--------- modules/apigee/main.tf | 2 +- modules/apigee/variables.tf | 15 ++++++----- .../apigee/bigquery-analytics/basic.tfvars | 7 ++--- .../apigee/bigquery-analytics/basic.yaml | 2 +- .../basic.yaml | 2 +- tests/modules/apigee/fixture/test.all.tfvars | 14 +++++----- .../apigee/fixture/test.instance_only.tfvars | 9 ++++--- tests/modules/apigee/fixture/variables.tf | 15 ++++++----- 16 files changed, 103 insertions(+), 80 deletions(-) diff --git a/blueprints/apigee/bigquery-analytics/README.md b/blueprints/apigee/bigquery-analytics/README.md index 361610a7a1..027f28ead8 100644 --- a/blueprints/apigee/bigquery-analytics/README.md +++ b/blueprints/apigee/bigquery-analytics/README.md @@ -60,14 +60,14 @@ Do the following to verify that everything works as expected. |---|---|:---:|:---:|:---:| | [envgroups](variables.tf#L24) | Environment groups (NAME => [HOSTNAMES]). | map(list(string)) | ✓ | | | [environments](variables.tf#L30) | Environments. | map(object({…})) | ✓ | | -| [instances](variables.tf#L45) | Instance. | map(object({…})) | ✓ | | -| [project_id](variables.tf#L91) | Project ID. | string | ✓ | | -| [psc_config](variables.tf#L97) | PSC configuration. | map(string) | ✓ | | +| [instances](variables.tf#L45) | Instance. | map(object({…})) | ✓ | | +| [project_id](variables.tf#L92) | Project ID. | string | ✓ | | +| [psc_config](variables.tf#L98) | PSC configuration. | map(string) | ✓ | | | [datastore_name](variables.tf#L17) | Datastore. | string | | "gcs" | -| [organization](variables.tf#L59) | Apigee organization. | object({…}) | | {…} | -| [path](variables.tf#L75) | Bucket path. | string | | "/analytics" | -| [project_create](variables.tf#L82) | Parameters for the creation of the new project. | object({…}) | | null | -| [vpc_create](variables.tf#L103) | Boolean flag indicating whether the VPC should be created or not. | bool | | true | +| [organization](variables.tf#L60) | Apigee organization. | object({…}) | | {…} | +| [path](variables.tf#L76) | Bucket path. | string | | "/analytics" | +| [project_create](variables.tf#L83) | Parameters for the creation of the new project. | object({…}) | | null | +| [vpc_create](variables.tf#L104) | Boolean flag indicating whether the VPC should be created or not. | bool | | true | ## Outputs diff --git a/blueprints/apigee/bigquery-analytics/main.tf b/blueprints/apigee/bigquery-analytics/main.tf index 8ecca62a85..68e672d254 100644 --- a/blueprints/apigee/bigquery-analytics/main.tf +++ b/blueprints/apigee/bigquery-analytics/main.tf @@ -68,9 +68,12 @@ module "vpc" { region = k }] psa_config = { - ranges = { - for k, v in var.instances : "apigee-${k}" => v.psa_ip_cidr_range - } + ranges = merge({ for k, v in var.instances : + "apigee-runtime-${k}" => v.runtime_ip_cidr_range + }, { for k, v in var.instances : + "apigee-troubleshooting-${k}" => v.troubleshooting_ip_cidr_range + } + ) } } diff --git a/blueprints/apigee/bigquery-analytics/terraform.tfvars.sample b/blueprints/apigee/bigquery-analytics/terraform.tfvars.sample index db4213210f..5a25a9f378 100644 --- a/blueprints/apigee/bigquery-analytics/terraform.tfvars.sample +++ b/blueprints/apigee/bigquery-analytics/terraform.tfvars.sample @@ -15,7 +15,8 @@ instances = { instance-ew1 = { region = "europe-west1" environments = ["apis-test"] - psa_ip_cidr_range = "10.0.4.0/22" + runtime_ip_cidr_range = "10.0.4.0/22" + troubleshooting_ip_cidr_range = "10.1.1.0/28" } } psc_config = { diff --git a/blueprints/apigee/bigquery-analytics/variables.tf b/blueprints/apigee/bigquery-analytics/variables.tf index ba7f5d78ae..1bd6cb0acd 100644 --- a/blueprints/apigee/bigquery-analytics/variables.tf +++ b/blueprints/apigee/bigquery-analytics/variables.tf @@ -45,13 +45,14 @@ variable "environments" { variable "instances" { description = "Instance." type = map(object({ - display_name = optional(string) - description = optional(string) - region = string - environments = list(string) - psa_ip_cidr_range = string - disk_encryption_key = optional(string) - consumer_accept_list = optional(list(string)) + display_name = optional(string) + description = optional(string) + region = string + environments = list(string) + runtime_ip_cidr_range = string + troubleshooting_ip_cidr_range = string + disk_encryption_key = optional(string) + consumer_accept_list = optional(list(string)) })) nullable = false } diff --git a/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/README.md b/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/README.md index 21bd9940bc..690458f03c 100644 --- a/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/README.md +++ b/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/README.md @@ -46,18 +46,19 @@ Do the following to verify that everything works as expected. | name | description | type | required | default | |---|---|:---:|:---:|:---:| | [apigee_project_id](variables.tf#L17) | Project ID. | string | ✓ | | -| [billing_account_id](variables.tf#L47) | Parameters for the creation of the new project. | string | ✓ | | -| [hostname](variables.tf#L52) | Host name. | string | ✓ | | -| [onprem_project_id](variables.tf#L57) | Project ID. | string | ✓ | | -| [parent](variables.tf#L75) | Parent (organizations/organizationID or folders/folderID). | string | ✓ | | +| [billing_account_id](variables.tf#L53) | Parameters for the creation of the new project. | string | ✓ | | +| [hostname](variables.tf#L58) | Host name. | string | ✓ | | +| [onprem_project_id](variables.tf#L63) | Project ID. | string | ✓ | | +| [parent](variables.tf#L81) | Parent (organizations/organizationID or folders/folderID). | string | ✓ | | | [apigee_proxy_only_subnet_ip_cidr_range](variables.tf#L23) | Subnet IP CIDR range. | string | | "10.2.1.0/24" | -| [apigee_psa_ip_cidr_range](variables.tf#L29) | Apigee PSA IP CIDR range. | string | | "10.0.4.0/22" | -| [apigee_psc_subnet_ip_cidr_range](variables.tf#L35) | Subnet IP CIDR range. | string | | "10.2.2.0/24" | +| [apigee_psc_subnet_ip_cidr_range](variables.tf#L29) | Subnet IP CIDR range. | string | | "10.2.2.0/24" | +| [apigee_runtime_ip_cidr_range](variables.tf#L35) | Apigee PSA IP CIDR range. | string | | "10.0.4.0/22" | | [apigee_subnet_ip_cidr_range](variables.tf#L41) | Subnet IP CIDR range. | string | | "10.2.0.0/24" | -| [onprem_proxy_only_subnet_ip_cidr_range](variables.tf#L63) | Subnet IP CIDR range. | string | | "10.1.1.0/24" | -| [onprem_subnet_ip_cidr_range](variables.tf#L69) | Subnet IP CIDR range. | string | | "10.1.0.0/24" | -| [region](variables.tf#L80) | Region. | string | | "europe-west1" | -| [zone](variables.tf#L86) | Zone. | string | | "europe-west1-c" | +| [apigee_troubleshooting_ip_cidr_range](variables.tf#L47) | Apigee PSA IP CIDR range. | string | | "10.1.0.0/28" | +| [onprem_proxy_only_subnet_ip_cidr_range](variables.tf#L69) | Subnet IP CIDR range. | string | | "10.1.1.0/24" | +| [onprem_subnet_ip_cidr_range](variables.tf#L75) | Subnet IP CIDR range. | string | | "10.1.0.0/24" | +| [region](variables.tf#L86) | Region. | string | | "europe-west1" | +| [zone](variables.tf#L92) | Zone. | string | | "europe-west1-c" | ## Outputs diff --git a/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/apigee.tf b/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/apigee.tf index 0e4faabfb5..8860e404c6 100644 --- a/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/apigee.tf +++ b/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/apigee.tf @@ -57,7 +57,8 @@ module "apigee_vpc" { }] psa_config = { ranges = { - "apigee" = var.apigee_psa_ip_cidr_range + "apigee-runtime" = var.apigee_runtime_ip_cidr_range + "apigee-troubleshooting" = var.apigee_troubleshooting_ip_cidr_range } } } @@ -79,9 +80,10 @@ module "apigee" { } instances = { instance-1 = { - region = var.region - environments = [local.environment] - psa_ip_cidr_range = var.apigee_psa_ip_cidr_range + region = var.region + environments = [local.environment] + runtime_ip_cidr_range = var.apigee_runtime_ip_cidr_range + troubleshooting_ip_cidr_range = var.apigee_troubleshooting_ip_cidr_range } } endpoint_attachments = { diff --git a/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/variables.tf b/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/variables.tf index 5d28ab9f7a..86a720e70a 100644 --- a/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/variables.tf +++ b/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/variables.tf @@ -26,24 +26,30 @@ variable "apigee_proxy_only_subnet_ip_cidr_range" { default = "10.2.1.0/24" } -variable "apigee_psa_ip_cidr_range" { - description = "Apigee PSA IP CIDR range." - type = string - default = "10.0.4.0/22" -} - variable "apigee_psc_subnet_ip_cidr_range" { description = "Subnet IP CIDR range." type = string default = "10.2.2.0/24" } +variable "apigee_runtime_ip_cidr_range" { + description = "Apigee PSA IP CIDR range." + type = string + default = "10.0.4.0/22" +} + variable "apigee_subnet_ip_cidr_range" { description = "Subnet IP CIDR range." type = string default = "10.2.0.0/24" } +variable "apigee_troubleshooting_ip_cidr_range" { + description = "Apigee PSA IP CIDR range." + type = string + default = "10.1.0.0/28" +} + variable "billing_account_id" { description = "Parameters for the creation of the new project." type = string diff --git a/modules/apigee/README.md b/modules/apigee/README.md index 02b1d13f99..0f3daa5662 100644 --- a/modules/apigee/README.md +++ b/modules/apigee/README.md @@ -44,14 +44,16 @@ module "apigee" { } instances = { instance-test-ew1 = { - region = "europe-west1" - environments = ["apis-test"] - psa_ip_cidr_range = "10.0.4.0/22" + region = "europe-west1" + environments = ["apis-test"] + runtime_ip_cidr_range = "10.0.4.0/22" + troubleshooting_ip_cidr_range = "10.1.1.0.0/28" } instance-prod-ew3 = { - region = "europe-west3" - environments = ["apis-prod"] - psa_ip_cidr_range = "10.0.5.0/22" + region = "europe-west3" + environments = ["apis-prod"] + runtime_ip_cidr_range = "10.0.8.0/22" + troubleshooting_ip_cidr_range = "10.1.16.0/28" } } endpoint_attachments = { @@ -141,9 +143,10 @@ module "apigee" { project_id = "my-project" instances = { instance-test-ew1 = { - region = "europe-west1" - environments = ["apis-test"] - psa_ip_cidr_range = "10.0.4.0/22" + region = "europe-west1" + environments = ["apis-test"] + runtime_ip_cidr_range = "10.0.4.0/22" + troubleshooting_ip_cidr_range = "10.1.1.0/28" } } } @@ -173,12 +176,12 @@ module "apigee" { | name | description | type | required | default | |---|---|:---:|:---:|:---:| -| [project_id](variables.tf#L77) | Project ID. | string | ✓ | | +| [project_id](variables.tf#L78) | Project ID. | string | ✓ | | | [endpoint_attachments](variables.tf#L17) | Endpoint attachments. | map(object({…})) | | null | | [envgroups](variables.tf#L26) | Environment groups (NAME => [HOSTNAMES]). | map(list(string)) | | null | | [environments](variables.tf#L32) | Environments. | map(object({…})) | | null | -| [instances](variables.tf#L49) | Instances. | map(object({…})) | | null | -| [organization](variables.tf#L63) | Apigee organization. If set to null the organization must already exist. | object({…}) | | null | +| [instances](variables.tf#L49) | Instances. | map(object({…})) | | null | +| [organization](variables.tf#L64) | Apigee organization. If set to null the organization must already exist. | object({…}) | | null | ## Outputs diff --git a/modules/apigee/main.tf b/modules/apigee/main.tf index f1c71ec1f1..aa2d076a2f 100644 --- a/modules/apigee/main.tf +++ b/modules/apigee/main.tf @@ -93,7 +93,7 @@ resource "google_apigee_instance" "instances" { description = each.value.description location = each.value.region org_id = local.org_id - ip_range = each.value.psa_ip_cidr_range + ip_range = "${each.value.runtime_ip_cidr_range},${each.value.troubleshooting_ip_cidr_range}" disk_encryption_key_name = each.value.disk_encryption_key consumer_accept_list = each.value.consumer_accept_list } diff --git a/modules/apigee/variables.tf b/modules/apigee/variables.tf index 81cf77f6ea..00961aac2c 100644 --- a/modules/apigee/variables.tf +++ b/modules/apigee/variables.tf @@ -49,13 +49,14 @@ variable "environments" { variable "instances" { description = "Instances." type = map(object({ - display_name = optional(string) - description = optional(string, "Terraform-managed") - region = string - environments = list(string) - psa_ip_cidr_range = string - disk_encryption_key = optional(string) - consumer_accept_list = optional(list(string)) + display_name = optional(string) + description = optional(string, "Terraform-managed") + region = string + environments = list(string) + runtime_ip_cidr_range = string + troubleshooting_ip_cidr_range = string + disk_encryption_key = optional(string) + consumer_accept_list = optional(list(string)) })) default = null } diff --git a/tests/blueprints/apigee/bigquery-analytics/basic.tfvars b/tests/blueprints/apigee/bigquery-analytics/basic.tfvars index 8a650b56e2..2f9315a439 100644 --- a/tests/blueprints/apigee/bigquery-analytics/basic.tfvars +++ b/tests/blueprints/apigee/bigquery-analytics/basic.tfvars @@ -13,9 +13,10 @@ environments = { } instances = { instance-ew1 = { - region = "europe-west1" - environments = ["apis-test"] - psa_ip_cidr_range = "10.0.4.0/22" + region = "europe-west1" + environments = ["apis-test"] + runtime_ip_cidr_range = "10.0.4.0/22" + troubleshooting_ip_cidr_range = "10.1.0.0/28" } } psc_config = { diff --git a/tests/blueprints/apigee/bigquery-analytics/basic.yaml b/tests/blueprints/apigee/bigquery-analytics/basic.yaml index d89eaef583..691af456b1 100644 --- a/tests/blueprints/apigee/bigquery-analytics/basic.yaml +++ b/tests/blueprints/apigee/bigquery-analytics/basic.yaml @@ -14,4 +14,4 @@ counts: modules: 9 - resources: 61 + resources: 62 diff --git a/tests/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/basic.yaml b/tests/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/basic.yaml index ef1fa1e009..de461ff2ea 100644 --- a/tests/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/basic.yaml +++ b/tests/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg/basic.yaml @@ -14,4 +14,4 @@ counts: modules: 13 - resources: 72 + resources: 73 diff --git a/tests/modules/apigee/fixture/test.all.tfvars b/tests/modules/apigee/fixture/test.all.tfvars index d0c29921ca..9eb337b748 100644 --- a/tests/modules/apigee/fixture/test.all.tfvars +++ b/tests/modules/apigee/fixture/test.all.tfvars @@ -29,14 +29,16 @@ environments = { } instances = { instance-test-ew1 = { - region = "europe-west1" - environments = ["apis-test"] - psa_ip_cidr_range = "10.0.4.0/22" + region = "europe-west1" + environments = ["apis-test"] + runtime_ip_cidr_range = "10.0.4.0/22" + troubleshooting_ip_cidr_range = "10.1.0.0/28" } instance-prod-ew3 = { - region = "europe-west3" - environments = ["apis-prod"] - psa_ip_cidr_range = "10.0.5.0/22" + region = "europe-west3" + environments = ["apis-prod"] + runtime_ip_cidr_range = "10.0.6.0/22" + troubleshooting_ip_cidr_range = "10.1.0.16/28" } } endpoint_attachments = { diff --git a/tests/modules/apigee/fixture/test.instance_only.tfvars b/tests/modules/apigee/fixture/test.instance_only.tfvars index 3d3eb1be1b..d9399bfa91 100644 --- a/tests/modules/apigee/fixture/test.instance_only.tfvars +++ b/tests/modules/apigee/fixture/test.instance_only.tfvars @@ -1,8 +1,9 @@ project_id = "my-project" instances = { instance-test-ew1 = { - region = "europe-west1" - environments = ["apis-test"] - psa_ip_cidr_range = "10.0.4.0/22" + region = "europe-west1" + environments = ["apis-test"] + runtime_ip_cidr_range = "10.0.4.0/22" + troubleshooting_ip_cidr_range = "10.1.1.0.0/28" } -} \ No newline at end of file +} diff --git a/tests/modules/apigee/fixture/variables.tf b/tests/modules/apigee/fixture/variables.tf index 81cf77f6ea..00961aac2c 100644 --- a/tests/modules/apigee/fixture/variables.tf +++ b/tests/modules/apigee/fixture/variables.tf @@ -49,13 +49,14 @@ variable "environments" { variable "instances" { description = "Instances." type = map(object({ - display_name = optional(string) - description = optional(string, "Terraform-managed") - region = string - environments = list(string) - psa_ip_cidr_range = string - disk_encryption_key = optional(string) - consumer_accept_list = optional(list(string)) + display_name = optional(string) + description = optional(string, "Terraform-managed") + region = string + environments = list(string) + runtime_ip_cidr_range = string + troubleshooting_ip_cidr_range = string + disk_encryption_key = optional(string) + consumer_accept_list = optional(list(string)) })) default = null } From e962d07e0429c9bf692edd6312cd04e1836bd9fe Mon Sep 17 00:00:00 2001 From: Julio Castillo Date: Tue, 31 Jan 2023 14:37:13 +0100 Subject: [PATCH 26/26] Fix tests/linting --- modules/net-glb/README.md | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/modules/net-glb/README.md b/modules/net-glb/README.md index ad770f8f87..8cd3f353f6 100644 --- a/modules/net-glb/README.md +++ b/modules/net-glb/README.md @@ -220,11 +220,11 @@ This example shows how to use the module with a manage instance group as backend ```hcl module "win-template" { - source = "./fabric/modules/compute-vm" - project_id = "myprj" - zone = "europe-west8-a" - name = "win-template" - instance_type = "n2d-standard-2" + source = "./fabric/modules/compute-vm" + project_id = "myprj" + zone = "europe-west8-a" + name = "win-template" + instance_type = "n2d-standard-2" create_template = true boot_disk = { image = "projects/windows-cloud/global/images/windows-server-2019-dc-v20221214" @@ -240,10 +240,10 @@ module "win-template" { } module "win-mig" { - source = "./fabric/modules/compute-mig" - project_id = "myprj" - location = "europe-west8-a" - name = "win-mig" + source = "./fabric/modules/compute-mig" + project_id = "myprj" + location = "europe-west8-a" + name = "win-mig" instance_template = module.win-template.template.self_link autoscaler_config = { max_replicas = 3 @@ -255,7 +255,7 @@ module "win-mig" { } } } - named_ports { + named_ports = { http = 80 } }