Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Sync branch #8

Merged
merged 78 commits into from
Feb 10, 2023
Merged

Sync branch #8

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
78 commits
Select commit Hold shift + click to select a range
84be665
First commit.
lcaggio Jan 17, 2023
191e56f
Merge branch 'master' into lcaggio/shieldedfolder
lcaggio Jan 17, 2023
b9a4c27
VPC-SC
lcaggio Jan 18, 2023
dcbfdd9
Merge branch 'master' into lcaggio/shieldedfolder
lcaggio Jan 19, 2023
4007d42
Add KMS and Log.
lcaggio Jan 21, 2023
440e9c5
Update
lcaggio Jan 25, 2023
0ce110f
Make KMS and Log sink optionals
lcaggio Jan 25, 2023
1189e38
Fix
lcaggio Jan 25, 2023
9a46f06
update readme
lcaggio Jan 27, 2023
a808ea3
Draft README
lcaggio Jan 30, 2023
66a10d7
Add test
lcaggio Jan 30, 2023
6a39d80
Fix README
lcaggio Jan 30, 2023
a166c61
Merge branch 'master' into lcaggio/shieldedfolder
lcaggio Jan 30, 2023
0e5f2f7
Fix Linting
lcaggio Jan 30, 2023
2584eb1
Fix test
lcaggio Jan 30, 2023
fb04e78
Fix variables
lcaggio Jan 31, 2023
f36b004
Make VPCSC optional; ingress policy
lcaggio Jan 31, 2023
3995ec1
Merge branch 'master' into lcaggio/shieldedfolder
lcaggio Jan 31, 2023
053d415
Chane feature name, improve README
lcaggio Jan 31, 2023
840fc86
Fix groups. Fix tests.
lcaggio Feb 1, 2023
3516988
Fix test names and update to yaml-based tests
juliocc Feb 1, 2023
f9e3eb7
Update copyright
lcaggio Feb 1, 2023
e3daaf2
Update READMEs
lcaggio Feb 1, 2023
30f2b49
README Typos
lcaggio Feb 1, 2023
6298ee5
Removed unused file package-lock.json (#1124)
apichick Feb 1, 2023
0da76cd
Delete package-lock.json
ludoo Feb 1, 2023
a046f28
Delete package-lock.json
ludoo Feb 1, 2023
fafc69a
Merge branch 'master' into lcaggio/shieldedfolder
lcaggio Feb 2, 2023
824f873
Added mesh_certificates setting in GKE cluster.
rosmo Feb 2, 2023
f051ac0
Merge pull request #1125 from rosmo/gke-mesh-certificates
rosmo Feb 2, 2023
46ba8f5
Skip node config for autopilot (#1127)
ludoo Feb 2, 2023
ce1f86d
Vertex Pipelines MLOps framework blueprint (#1038)
javiergp Feb 2, 2023
2958063
Remove info about non-existing vpc-peering-*.tf files
skalolazka Feb 3, 2023
f00d4d3
Merge branch 'master' into lcaggio/shieldedfolder
lcaggio Feb 3, 2023
45a74f3
Mention policies in the costomization section.
lcaggio Feb 4, 2023
04dc782
update changelog
ludoo Feb 4, 2023
ea09a0d
update for v20.0.0
ludoo Feb 4, 2023
5453c58
FAST multitenant bootstrap and resource management, rename org-level …
ludoo Feb 4, 2023
5241b2c
update changelog
ludoo Feb 4, 2023
803c9c3
Merge branch 'master' into fast-networking-nva-no-peering-files
Feb 4, 2023
ce1cc5f
Merge branch 'master' into lcaggio/shieldedfolder
lcaggio Feb 4, 2023
38fc9e8
First commit
lcaggio Feb 5, 2023
47c75f8
Implement project_config variable
lcaggio Feb 5, 2023
884ec71
Merge pull request #1129 from GoogleCloudPlatform/lcaggio/kms-update
lcaggio Feb 5, 2023
f49e5cc
Fix readmes and variables.
lcaggio Feb 5, 2023
39ffdcf
Merge branch 'master' into lcaggio/shieldedfolder
lcaggio Feb 5, 2023
02d8d83
[Feature] Update data platform blue print with Dataflow Flex template…
aymanfarhat Feb 6, 2023
d02c86b
Merge branch 'master' into fast-networking-nva-no-peering-files
skalolazka Feb 6, 2023
feffdf1
Merge pull request #1128 from GoogleCloudPlatform/fast-networking-nva…
skalolazka Feb 6, 2023
1e4499c
Fixes
lcaggio Feb 6, 2023
f2b61b1
Add descriptive name as optional argument
paulwoelfel Feb 6, 2023
bd90aa7
Add descriptive_name
paulwoelfel Feb 6, 2023
c883d5e
Fix README
juliocc Feb 6, 2023
e1e0c38
Fix README and var order
juliocc Feb 6, 2023
44af6e5
Merge pull request #1132 from paulwoelfel/feature/add-project-descrip…
juliocc Feb 6, 2023
9b8de3e
fix stage links, fix stage 1 output file names (#1134)
ludoo Feb 6, 2023
d68bb4b
Fixes
lcaggio Feb 6, 2023
307cf32
Fix
lcaggio Feb 6, 2023
dd77c2f
Merge branch 'master' into lcaggio/shieldedfolder
lcaggio Feb 7, 2023
2471e25
post PR message on init or validate failure (#1135)
ludoo Feb 7, 2023
f0c53a1
Merge branch 'master' into lcaggio/shieldedfolder
lcaggio Feb 7, 2023
7146967
Add variables validation
lcaggio Feb 7, 2023
d78815d
Fix README
lcaggio Feb 7, 2023
8b51d8b
Merge pull request #1121 from GoogleCloudPlatform/lcaggio/shieldedfolder
lcaggio Feb 7, 2023
0460235
New compute-vm examples and tests
juliocc Feb 7, 2023
fa064dd
Fix typo
juliocc Feb 7, 2023
08f2540
Bump provider version
juliocc Feb 7, 2023
1784dd8
Remove unneeded __init__.py
juliocc Feb 7, 2023
bb565b7
Add Disk examples
juliocc Feb 7, 2023
1aba238
Remove empty section
juliocc Feb 7, 2023
3395464
Update TOC
juliocc Feb 7, 2023
8c48028
Merge pull request #1138 from GoogleCloudPlatform/jccb/compute-vm-exa…
juliocc Feb 7, 2023
779c635
Merged old bgp_peer_config parameter into bgp_peer aligning with newe…
simonebruzzechesse Feb 7, 2023
8708f49
Allow configuring regions from tfvars in FAST networking stages (#1137)
ludoo Feb 8, 2023
d7b88b7
Fix bq factory docs
juliocc Feb 8, 2023
9092fce
Merge pull request #1142 from GoogleCloudPlatform/jccb/bq-factory-fix
juliocc Feb 8, 2023
fab2ad0
Fixes for service-mesh example in gke-hub
wiktorn Feb 9, 2023
d9791a3
Merge pull request #7 from GoogleCloudPlatform/master
juliodiez Feb 10, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
  •  
  •  
  •  
12 changes: 6 additions & 6 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,13 +21,13 @@ bundle.zip
**/*.pkrvars.hcl
fixture_*
fast/configs
fast/stages/**/[0-9]*providers.tf
fast/stages/**/terraform.tfvars
fast/stages/**/terraform.tfvars.json
fast/stages/**/terraform-*.auto.tfvars.json
fast/stages/**/0*.auto.tfvars*
fast/**/[0-9]*providers.tf
fast/**/terraform.tfvars
fast/**/terraform.tfvars.json
fast/**/terraform-*.auto.tfvars.json
fast/**/[0-9]*.auto.tfvars*
**/node_modules
fast/stages/**/globals.auto.tfvars.json
fast/**/globals.auto.tfvars.json
cloud_sql_proxy
examples/cloud-operations/binauthz/tenant-setup.yaml
examples/cloud-operations/binauthz/app/app.yaml
Expand Down
39 changes: 34 additions & 5 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,10 +4,33 @@ All notable changes to this project will be documented in this file.
<!-- markdownlint-disable MD024 -->

## [Unreleased]
<!-- None < 2022-12-13 10:03:24+00:00 -->
<!-- None < 2023-02-04 13:47:22+00:00 -->

### DOCUMENTATION

- [[#1052](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1052)] **incompatible change:** FAST multitenant bootstrap and resource management, rename org-level FAST stages ([ludoo](https://github.com/ludoo)) <!-- 2023-02-04 14:00:46+00:00 -->

### FAST

- [[#1052](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1052)] **incompatible change:** FAST multitenant bootstrap and resource management, rename org-level FAST stages ([ludoo](https://github.com/ludoo)) <!-- 2023-02-04 14:00:46+00:00 -->

### MODULES

- [[#1052](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1052)] **incompatible change:** FAST multitenant bootstrap and resource management, rename org-level FAST stages ([ludoo](https://github.com/ludoo)) <!-- 2023-02-04 14:00:46+00:00 -->

### TOOLS

- [[#1052](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1052)] **incompatible change:** FAST multitenant bootstrap and resource management, rename org-level FAST stages ([ludoo](https://github.com/ludoo)) <!-- 2023-02-04 14:00:46+00:00 -->

## [20.0.0] - 2023-02-04
<!-- 2023-02-04 13:47:22+00:00 < 2022-12-13 10:03:24+00:00 -->

### BLUEPRINTS

- [[#1038](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1038)] Vertex Pipelines MLOps framework blueprint ([javiergp](https://github.com/javiergp)) <!-- 2023-02-02 18:13:13+00:00 -->
- [[#1124](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1124)] Removed unused file package-lock.json ([apichick](https://github.com/apichick)) <!-- 2023-02-01 17:54:25+00:00 -->
- [[#1119](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1119)] **incompatible change:** Multi-Cluster Ingress gateway api config ([wiktorn](https://github.com/wiktorn)) <!-- 2023-01-31 13:16:52+00:00 -->
- [[#1111](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1111)] **incompatible change:** In the apigee module now both the /22 and /28 peering IP ranges are p… ([apichick](https://github.com/apichick)) <!-- 2023-01-31 10:46:38+00:00 -->
- [[#1106](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1106)] Network Dashboard: PSA support for Filestore and Memorystore ([aurelienlegrand](https://github.com/aurelienlegrand)) <!-- 2023-01-25 15:02:31+00:00 -->
- [[#1110](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1110)] Bump cookiejar from 2.1.3 to 2.1.4 in /blueprints/apigee/bigquery-analytics/functions/export ([dependabot[bot]](https://github.com/dependabot[bot])) <!-- 2023-01-24 15:07:12+00:00 -->
- [[#1097](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1097)] Use terraform resource to activate Anthos Service Mesh ([wiktorn](https://github.com/wiktorn)) <!-- 2023-01-23 08:25:31+00:00 -->
Expand Down Expand Up @@ -49,6 +72,11 @@ All notable changes to this project will be documented in this file.

### MODULES

- [[#1127](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1127)] Skip node config for autopilot ([ludoo](https://github.com/ludoo)) <!-- 2023-02-02 15:13:57+00:00 -->
- [[#1125](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1125)] Added mesh_certificates setting in GKE cluster ([rosmo](https://github.com/rosmo)) <!-- 2023-02-02 10:19:01+00:00 -->
- [[#1094](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1094)] Added GLB example with MIG as backend ([eliamaldini](https://github.com/eliamaldini)) <!-- 2023-01-31 13:49:13+00:00 -->
- [[#1119](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1119)] **incompatible change:** Multi-Cluster Ingress gateway api config ([wiktorn](https://github.com/wiktorn)) <!-- 2023-01-31 13:16:52+00:00 -->
- [[#1111](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1111)] **incompatible change:** In the apigee module now both the /22 and /28 peering IP ranges are p… ([apichick](https://github.com/apichick)) <!-- 2023-01-31 10:46:38+00:00 -->
- [[#1116](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1116)] Include cloudbuild API in project module ([aymanfarhat](https://github.com/aymanfarhat)) <!-- 2023-01-27 20:38:01+00:00 -->
- [[#1115](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1115)] add new parameters support in apigee module ([blackillzone](https://github.com/blackillzone)) <!-- 2023-01-27 16:39:46+00:00 -->
- [[#1112](https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/pull/1112)] Add HTTPS frontend with SNEG example ([juliodiez](https://github.com/juliodiez)) <!-- 2023-01-26 19:17:31+00:00 -->
Expand Down Expand Up @@ -470,7 +498,7 @@ All notable changes to this project will be documented in this file.
- fix `tag` output on `data-catalog-policy-tag` module
- add shared-vpc support on `gcs-to-bq-with-least-privileges`
- new `net-ilb-l7` module
- new [02-networking-peering](fast/stages/02-networking-peering) networking stage
- new `02-networking-peering` networking stage
- **incompatible change** the variable for PSA ranges in networking stages have changed

## [14.0.0] - 2022-02-25
Expand All @@ -489,8 +517,8 @@ All notable changes to this project will be documented in this file.
- **incompatible change** removed `ingress_settings` configuration option in the `cloud-functions` module.
- new [m4ce VM example](blueprints/cloud-operations/vm-migration/)
- Support for resource management tags in the `organization`, `folder`, `project`, `compute-vm`, and `kms` modules
- new [data platform](fast/stages/03-data-platform) stage 3
- new [02-networking-nva](fast/stages/02-networking-nva) networking stage
- new `data platform` stage 3
- new `02-networking-nva` networking stage
- allow customizing the names of custom roles
- added `environment` and `context` resource management tags
- use resource management tags to restrict scope of roles/orgpolicy.policyAdmin
Expand Down Expand Up @@ -925,7 +953,8 @@ All notable changes to this project will be documented in this file.
- merge development branch with suite of new modules and end-to-end examples

<!-- markdown-link-check-disable -->
[Unreleased]: https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/compare/v19.0.0...HEAD
[Unreleased]: https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/compare/v20.0.0...HEAD
[20.0.0]: https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/compare/v19.0.0...v20.0.0
[19.0.0]: https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/compare/v18.0.0...v19.0.0
[18.0.0]: https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/compare/v16.0.0...v18.0.0
[16.0.0]: https://github.com/GoogleCloudPlatform/cloud-foundation-fabric/compare/v15.0.0...v16.0.0
Expand Down
2 changes: 1 addition & 1 deletion blueprints/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ Currently available blueprints:

- **apigee** - [Apigee Hybrid on GKE](./apigee/hybrid-gke/), [Apigee X analytics in BigQuery](./apigee/bigquery-analytics), [Apigee network patterns](./apigee/network-patterns/)
- **cloud operations** - [Active Directory Federation Services](./cloud-operations/adfs), [Cloud Asset Inventory feeds for resource change tracking and remediation](./cloud-operations/asset-inventory-feed-remediation), [Fine-grained Cloud DNS IAM via Service Directory](./cloud-operations/dns-fine-grained-iam), [Cloud DNS & Shared VPC design](./cloud-operations/dns-shared-vpc), [Delegated Role Grants](./cloud-operations/iam-delegated-role-grants), [Networking Dashboard](./cloud-operations/network-dashboard), [Managing on-prem service account keys by uploading public keys](./cloud-operations/onprem-sa-key-management), [Compute Image builder with Hashicorp Packer](./cloud-operations/packer-image-builder), [Packer example](./cloud-operations/packer-image-builder/packer), [Compute Engine quota monitoring](./cloud-operations/quota-monitoring), [Scheduled Cloud Asset Inventory Export to Bigquery](./cloud-operations/scheduled-asset-inventory-export-bq), [Configuring workload identity federation for Terraform Cloud/Enterprise workflow](./cloud-operations/terraform-enterprise-wif), [TCP healthcheck and restart for unmanaged GCE instances](./cloud-operations/unmanaged-instances-healthcheck), [Migrate for Compute Engine (v5) blueprints](./cloud-operations/vm-migration), [Configuring workload identity federation to access Google Cloud resources from apps running on Azure](./cloud-operations/workload-identity-federation)
- **data solutions** - [GCE and GCS CMEK via centralized Cloud KMS](./data-solutions/cmek-via-centralized-kms), [Cloud Composer version 2 private instance, supporting Shared VPC and external CMEK key](./data-solutions/composer-2), [Cloud SQL instance with multi-region read replicas](./data-solutions/cloudsql-multiregion), [Data Platform](./data-solutions/data-platform-foundations), [Spinning up a foundation data pipeline on Google Cloud using Cloud Storage, Dataflow and BigQuery](./data-solutions/gcs-to-bq-with-least-privileges), [#SQL Server Always On Groups blueprint](./data-solutions/sqlserver-alwayson), [Data Playground](./data-solutions/data-playground)
- **data solutions** - [GCE and GCS CMEK via centralized Cloud KMS](./data-solutions/cmek-via-centralized-kms), [Cloud Composer version 2 private instance, supporting Shared VPC and external CMEK key](./data-solutions/composer-2), [Cloud SQL instance with multi-region read replicas](./data-solutions/cloudsql-multiregion), [Data Platform](./data-solutions/data-platform-foundations), [Spinning up a foundation data pipeline on Google Cloud using Cloud Storage, Dataflow and BigQuery](./data-solutions/gcs-to-bq-with-least-privileges), [#SQL Server Always On Groups blueprint](./data-solutions/sqlserver-alwayson), [Data Playground](./data-solutions/data-playground), [MLOps with Vertex AI](./data-solutions/vertex-mlops), [Shielded Folder](./data-solutions/shielded-folder)
- **factories** - [The why and the how of Resource Factories](./factories), [Google Cloud Identity Group Factory](./factories/cloud-identity-group-factory), [Google Cloud BQ Factory](./factories/bigquery-factory), [Google Cloud VPC Firewall Factory](./factories/net-vpc-firewall-yaml), [Minimal Project Factory](./factories/project-factory)
- **GKE** - [Binary Authorization Pipeline Blueprint](./gke/binauthz), [Storage API](./gke/binauthz/image), [Multi-cluster mesh on GKE (fleet API)](./gke/multi-cluster-mesh-gke-fleet-api), [GKE Multitenant Blueprint](./gke/multitenant-fleet), [Shared VPC with GKE support](./networking/shared-vpc-gke/)
- **networking** - [Decentralized firewall management](./networking/decentralized-firewall), [Decentralized firewall validator](./networking/decentralized-firewall/validator), [Network filtering with Squid](./networking/filtering-proxy), [Network filtering with Squid with isolated VPCs using Private Service Connect](./networking/filtering-proxy-psc), [HTTP Load Balancer with Cloud Armor](./networking/glb-and-armor), [Hub and Spoke via VPN](./networking/hub-and-spoke-vpn), [Hub and Spoke via VPC Peering](./networking/hub-and-spoke-peering), [Internal Load Balancer as Next Hop](./networking/ilb-next-hop), On-prem DNS and Google Private Access, [Calling a private Cloud Function from On-premises](./networking/private-cloud-function-from-onprem), [Hybrid connectivity to on-premise services through PSC](./networking/psc-hybrid), [PSC Producer](./networking/psc-hybrid/psc-producer), [PSC Consumer](./networking/psc-hybrid/psc-consumer), [Shared VPC with optional GKE cluster](./networking/shared-vpc-gke)
Expand Down
Loading