diff --git a/.github/workflows/go-lint.yaml b/.github/workflows/go-lint.yaml index 7cbfef489..f9034d723 100644 --- a/.github/workflows/go-lint.yaml +++ b/.github/workflows/go-lint.yaml @@ -37,12 +37,12 @@ jobs: folder: [helpers/foundation-deployer] steps: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1 + - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: go-version-file: ${{ matrix.folder }}/go.mod cache-dependency-path: ${{ matrix.folder }}/go.sum - name: golangci-lint - uses: golangci/golangci-lint-action@a4f60bb28d35aeee14e6880718e0c85ff1882e64 # v6.0.1 + uses: golangci/golangci-lint-action@aaa42aa0628b4ae2578232a66b541047968fac86 # v6.1.0 with: version: latest working-directory: ${{ matrix.folder }} diff --git a/.github/workflows/go-test.yaml b/.github/workflows/go-test.yaml index bea72208b..a1fe59243 100644 --- a/.github/workflows/go-test.yaml +++ b/.github/workflows/go-test.yaml @@ -39,7 +39,7 @@ jobs: folder: [helpers/foundation-deployer] steps: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1 + - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: go-version-file: ${{ matrix.folder }}/go.mod cache-dependency-path: ${{ matrix.folder }}/go.sum diff --git a/0-bootstrap/modules/tfc-agent-gke/versions.tf b/0-bootstrap/modules/tfc-agent-gke/versions.tf index 3b9b2652c..2ccf6ddc9 100644 --- a/0-bootstrap/modules/tfc-agent-gke/versions.tf +++ b/0-bootstrap/modules/tfc-agent-gke/versions.tf @@ -35,7 +35,7 @@ terraform { } provider_meta "google" { - module_name = "blueprints/terraform/terraform-google-tf-cloud-agents:tfc-agent-gke/v4.0.0" + module_name = "blueprints/terraform/terraform-google-tf-cloud-agents:tfc-agent-gke/v4.1.0" } } diff --git a/0-bootstrap/versions.tf b/0-bootstrap/versions.tf index a995dda8e..ee8f24e58 100644 --- a/0-bootstrap/versions.tf +++ b/0-bootstrap/versions.tf @@ -43,7 +43,7 @@ terraform { } provider_meta "google" { - module_name = "blueprints/terraform/terraform-example-foundation:bootstrap/v4.0.0" + module_name = "blueprints/terraform/terraform-example-foundation:bootstrap/v4.1.0" } } diff --git a/1-org/envs/shared/README.md b/1-org/envs/shared/README.md index 3ef32b23e..671157da3 100644 --- a/1-org/envs/shared/README.md +++ b/1-org/envs/shared/README.md @@ -9,6 +9,7 @@ | data\_access\_logs\_enabled | Enable Data Access logs of types DATA\_READ, DATA\_WRITE for all GCP services. Enabling Data Access logs might result in your organization being charged for the additional logs usage. See https://cloud.google.com/logging/docs/audit#data-access The ADMIN\_READ logs are enabled by default. | `bool` | `false` | no | | domains\_to\_allow | The list of domains to allow users from in IAM. Used by Domain Restricted Sharing Organization Policy. Must include the domain of the organization you are deploying the foundation. To add other domains you must also grant access to these domains to the Terraform Service Account used in the deploy. | `list(string)` | n/a | yes | | enable\_hub\_and\_spoke | Enable Hub-and-Spoke architecture. | `bool` | `false` | no | +| enable\_scc\_resources\_in\_terraform | Create Security Command Center resources in Terraform. If your organization has newly enabled any preview features for SCC and get an error related to the v2 API, you must set this variable to false because the v2 API does not yet support Terraform resources. See [issue 1189](https://github.com/terraform-google-modules/terraform-example-foundation/issues/1189) for context. | `bool` | `false` | no | | enforce\_allowed\_worker\_pools | Whether to enforce the organization policy restriction on allowed worker pools for Cloud Build. | `bool` | `false` | no | | essential\_contacts\_domains\_to\_allow | The list of domains that email addresses added to Essential Contacts can have. | `list(string)` | n/a | yes | | essential\_contacts\_language | Essential Contacts preferred language for notifications, as a ISO 639-1 language code. See [Supported languages](https://cloud.google.com/resource-manager/docs/managing-notification-contacts#supported-languages) for a list of supported languages. | `string` | `"en"` | no | diff --git a/1-org/envs/shared/cai_monitoring.tf b/1-org/envs/shared/cai_monitoring.tf index 81621c625..7d7ab8e14 100644 --- a/1-org/envs/shared/cai_monitoring.tf +++ b/1-org/envs/shared/cai_monitoring.tf @@ -15,11 +15,11 @@ */ module "cai_monitoring" { - source = "../../modules/cai-monitoring" - + source = "../../modules/cai-monitoring" + count = var.enable_scc_resources_in_terraform ? 1 : 0 org_id = local.org_id billing_account = local.billing_account project_id = module.scc_notifications.project_id location = local.default_region - build_service_account = "projects/${module.scc_notifications.project_id}/serviceAccounts/${google_service_account.cai_monitoring_builder.email}" + build_service_account = "projects/${module.scc_notifications.project_id}/serviceAccounts/${google_service_account.cai_monitoring_builder[0].email}" } diff --git a/1-org/envs/shared/iam.tf b/1-org/envs/shared/iam.tf index 4c99d1fde..3a0cca12b 100644 --- a/1-org/envs/shared/iam.tf +++ b/1-org/envs/shared/iam.tf @@ -169,7 +169,7 @@ resource "google_organization_iam_member" "org_scc_admin" { } resource "google_project_iam_member" "project_scc_admin" { - count = var.gcp_groups.scc_admin != null ? 1 : 0 + count = var.gcp_groups.scc_admin != null && var.enable_scc_resources_in_terraform ? 1 : 0 project = module.scc_notifications.project_id role = "roles/securitycenter.adminEditor" member = "group:${var.gcp_groups.scc_admin}" @@ -191,11 +191,12 @@ resource "google_project_iam_member" "kms_admin" { resource "google_project_iam_member" "cai_monitoring_builder" { project = module.scc_notifications.project_id - for_each = toset([ - "roles/logging.logWriter", - "roles/storage.objectViewer", - "roles/artifactregistry.writer", - ]) + for_each = toset(var.enable_scc_resources_in_terraform ? + [ + "roles/logging.logWriter", + "roles/storage.objectViewer", + "roles/artifactregistry.writer", + ] : []) role = each.key - member = "serviceAccount:${google_service_account.cai_monitoring_builder.email}" + member = "serviceAccount:${google_service_account.cai_monitoring_builder[0].email}" } diff --git a/1-org/envs/shared/outputs.tf b/1-org/envs/shared/outputs.tf index 5c705f50f..b1cc75605 100644 --- a/1-org/envs/shared/outputs.tf +++ b/1-org/envs/shared/outputs.tf @@ -75,7 +75,7 @@ output "interconnect_project_number" { } output "scc_notifications_project_id" { - value = module.scc_notifications.project_id + value = try(module.scc_notifications.project_id, null) description = "The SCC notifications project ID" } @@ -140,21 +140,21 @@ output "shared_vpc_projects" { } output "cai_monitoring_artifact_registry" { - value = module.cai_monitoring.artifact_registry_name + value = try(module.cai_monitoring[0].artifact_registry_name, null) description = "CAI Monitoring Cloud Function Artifact Registry name." } output "cai_monitoring_asset_feed" { - value = module.cai_monitoring.asset_feed_name + value = try(module.cai_monitoring[0].asset_feed_name, null) description = "CAI Monitoring Cloud Function Organization Asset Feed name." } output "cai_monitoring_bucket" { - value = module.cai_monitoring.bucket_name + value = try(module.cai_monitoring[0].bucket_name, null) description = "CAI Monitoring Cloud Function Source Bucket name." } output "cai_monitoring_topic" { - value = module.cai_monitoring.topic_name + value = try(module.cai_monitoring[0].topic_name, null) description = "CAI Monitoring Cloud Function Pub/Sub Topic name." } diff --git a/1-org/envs/shared/sa.tf b/1-org/envs/shared/sa.tf index 9708f6e34..fe3ed30d6 100644 --- a/1-org/envs/shared/sa.tf +++ b/1-org/envs/shared/sa.tf @@ -16,6 +16,7 @@ resource "google_service_account" "cai_monitoring_builder" { project = module.scc_notifications.project_id + count = var.enable_scc_resources_in_terraform ? 1 : 0 account_id = "cai-monitoring-builder" description = "Cloud Functions has an underlying dependency on Cloud Build and other services. This service account allows Cloud Build to provision the necessary resources for Cloud Functions." create_ignore_already_exists = true diff --git a/1-org/envs/shared/scc_notification.tf b/1-org/envs/shared/scc_notification.tf index 76fcd012d..3911c320b 100644 --- a/1-org/envs/shared/scc_notification.tf +++ b/1-org/envs/shared/scc_notification.tf @@ -19,21 +19,24 @@ *****************************************/ resource "google_pubsub_topic" "scc_notification_topic" { + count = var.enable_scc_resources_in_terraform ? 1 : 0 name = "top-scc-notification" project = module.scc_notifications.project_id } resource "google_pubsub_subscription" "scc_notification_subscription" { + count = var.enable_scc_resources_in_terraform ? 1 : 0 name = "sub-scc-notification" - topic = google_pubsub_topic.scc_notification_topic.name + topic = google_pubsub_topic.scc_notification_topic[0].name project = module.scc_notifications.project_id } resource "google_scc_notification_config" "scc_notification_config" { + count = var.enable_scc_resources_in_terraform ? 1 : 0 config_id = var.scc_notification_name organization = local.org_id description = "SCC Notification for all active findings" - pubsub_topic = google_pubsub_topic.scc_notification_topic.id + pubsub_topic = google_pubsub_topic.scc_notification_topic[0].id streaming_config { filter = var.scc_notification_filter diff --git a/1-org/envs/shared/variables.tf b/1-org/envs/shared/variables.tf index 43d5fdaa0..24d454e6e 100644 --- a/1-org/envs/shared/variables.tf +++ b/1-org/envs/shared/variables.tf @@ -20,6 +20,12 @@ variable "enable_hub_and_spoke" { default = false } +variable "enable_scc_resources_in_terraform" { + description = "Create Security Command Center resources in Terraform. If your organization has newly enabled any preview features for SCC and get an error related to the v2 API, you must set this variable to false because the v2 API does not yet support Terraform resources. See [issue 1189](https://github.com/terraform-google-modules/terraform-example-foundation/issues/1189) for context." + type = bool + default = false +} + variable "domains_to_allow" { description = "The list of domains to allow users from in IAM. Used by Domain Restricted Sharing Organization Policy. Must include the domain of the organization you are deploying the foundation. To add other domains you must also grant access to these domains to the Terraform Service Account used in the deploy." type = list(string) diff --git a/1-org/envs/shared/versions.tf b/1-org/envs/shared/versions.tf index f854fca6c..44e43b5c2 100644 --- a/1-org/envs/shared/versions.tf +++ b/1-org/envs/shared/versions.tf @@ -31,10 +31,10 @@ terraform { } provider_meta "google" { - module_name = "blueprints/terraform/terraform-example-foundation:org/v4.0.0" + module_name = "blueprints/terraform/terraform-example-foundation:org/v4.1.0" } provider_meta "google-beta" { - module_name = "blueprints/terraform/terraform-example-foundation:org/v4.0.0" + module_name = "blueprints/terraform/terraform-example-foundation:org/v4.1.0" } } diff --git a/1-org/modules/cai-monitoring/function-source/package-lock.json b/1-org/modules/cai-monitoring/function-source/package-lock.json index 32fd625e6..2d9e5cc66 100644 --- a/1-org/modules/cai-monitoring/function-source/package-lock.json +++ b/1-org/modules/cai-monitoring/function-source/package-lock.json @@ -5,17 +5,17 @@ "requires": true, "dependencies": { "@google-cloud/security-center": { - "version": "8.8.0", - "resolved": "https://registry.npmjs.org/@google-cloud/security-center/-/security-center-8.8.0.tgz", - "integrity": "sha512-dKvrRfEtaFEJp9LjhgKlPHDuuYkwCCCHRVaPPnCikGL0T51GwctZ8QV2KnsM/0obIE2AM914A+h8vpmUWijhSA==", + "version": "8.11.0", + "resolved": "https://registry.npmjs.org/@google-cloud/security-center/-/security-center-8.11.0.tgz", + "integrity": "sha512-8AtMQi0I/8z0HpahejiqP4S2DBrsXIgqCb0iKPrM7LJCmepSpdB9o31QgvbHVsMSRQFKhSTMgjYv9K1UNl7/pg==", "requires": { "google-gax": "^4.0.3" } }, "@grpc/grpc-js": { - "version": "1.10.9", - "resolved": "https://registry.npmjs.org/@grpc/grpc-js/-/grpc-js-1.10.9.tgz", - "integrity": "sha512-5tcgUctCG0qoNyfChZifz2tJqbRbXVO9J7X6duFcOjY3HUNCxg5D0ZCK7EP9vIcZ0zRpLU9bWkyCqVCLZ46IbQ==", + "version": "1.11.1", + "resolved": "https://registry.npmjs.org/@grpc/grpc-js/-/grpc-js-1.11.1.tgz", + "integrity": "sha512-gyt/WayZrVPH2w/UTLansS7F9Nwld472JxxaETamrM8HNlsa+jSLNyKAZmhxI2Me4c3mQHFiS1wWHDY1g1Kthw==", "requires": { "@grpc/proto-loader": "^0.7.13", "@js-sdsl/ordered-map": "^4.4.2" @@ -107,11 +107,11 @@ "integrity": "sha512-MqTGEo5bj5t157U6fA/BiDynNkn0YknVdh48CMPkTSpFTVmvao5UQmm7uEF6xBEo7qIMAlY/JSleYaE6VOdpaA==" }, "@types/node": { - "version": "20.12.13", - "resolved": "https://registry.npmjs.org/@types/node/-/node-20.12.13.tgz", - "integrity": "sha512-gBGeanV41c1L171rR7wjbMiEpEI/l5XFQdLLfhr/REwpgDy/4U8y89+i8kRiLzDyZdOkXh+cRaTetUnCYutoXA==", + "version": "22.1.0", + "resolved": "https://registry.npmjs.org/@types/node/-/node-22.1.0.tgz", + "integrity": "sha512-AOmuRF0R2/5j1knA3c6G3HOk523Ga+l+ZXltX8SF1+5oqcXijjfTd8fY3XRZqSihEu9XhtQnKYLmkFaoxgsJHw==", "requires": { - "undici-types": "~5.26.4" + "undici-types": "~6.13.0" } }, "@types/request": { @@ -211,9 +211,9 @@ } }, "debug": { - "version": "4.3.4", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", - "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", + "version": "4.3.6", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.6.tgz", + "integrity": "sha512-O/09Bd4Z1fBrU4VzkhFqVgpPzaGbw6Sm9FEkBT1A/YBXQFGuuSxa1dN2nxgxS34JmKXqYx8CZAwEVoJFImUXIg==", "requires": { "ms": "2.1.2" } @@ -281,15 +281,22 @@ } }, "gaxios": { - "version": "6.6.0", - "resolved": "https://registry.npmjs.org/gaxios/-/gaxios-6.6.0.tgz", - "integrity": "sha512-bpOZVQV5gthH/jVCSuYuokRo2bTKOcuBiVWpjmTn6C5Agl5zclGfTljuGsQZxwwDBkli+YhZhP4TdlqTnhOezQ==", + "version": "6.7.0", + "resolved": "https://registry.npmjs.org/gaxios/-/gaxios-6.7.0.tgz", + "integrity": "sha512-DSrkyMTfAnAm4ks9Go20QGOcXEyW/NmZhvTYBU2rb4afBB393WIMQPWPEDMl/k8xqiNN9HYq2zao3oWXsdl2Tg==", "requires": { "extend": "^3.0.2", "https-proxy-agent": "^7.0.1", "is-stream": "^2.0.0", "node-fetch": "^2.6.9", - "uuid": "^9.0.1" + "uuid": "^10.0.0" + }, + "dependencies": { + "uuid": { + "version": "10.0.0", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-10.0.0.tgz", + "integrity": "sha512-8XkAphELsDnEGrDxUOHB3RGvXz6TeuYSGEZBOjtTtPm2lwhGBjLgOzLHB63IUWfBpNucQjND6d3AOudO+H3RWQ==" + } } }, "gcp-metadata": { @@ -307,9 +314,9 @@ "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==" }, "google-auth-library": { - "version": "9.10.0", - "resolved": "https://registry.npmjs.org/google-auth-library/-/google-auth-library-9.10.0.tgz", - "integrity": "sha512-ol+oSa5NbcGdDqA+gZ3G3mev59OHBZksBTxY/tYwjtcp1H/scAFwJfSQU9/1RALoyZ7FslNbke8j4i3ipwlyuQ==", + "version": "9.13.0", + "resolved": "https://registry.npmjs.org/google-auth-library/-/google-auth-library-9.13.0.tgz", + "integrity": "sha512-p9Y03Uzp/Igcs36zAaB0XTSwZ8Y0/tpYiz5KIde5By+H9DCVUSYtDWZu6aFXsWTqENMb8BD/pDT3hR8NVrPkfA==", "requires": { "base64-js": "^1.3.0", "ecdsa-sig-formatter": "^1.0.11", @@ -320,20 +327,20 @@ } }, "google-gax": { - "version": "4.3.5", - "resolved": "https://registry.npmjs.org/google-gax/-/google-gax-4.3.5.tgz", - "integrity": "sha512-zXRSGgHp33ottCQMdYlKEFX/MhWkzKVX5P3Vpmx+DW6rtseLILzp3V0YV5Rh4oQzzkM0BH9+nJIyX01EUgmd3g==", + "version": "4.3.8", + "resolved": "https://registry.npmjs.org/google-gax/-/google-gax-4.3.8.tgz", + "integrity": "sha512-SKAQKtvdjtNW3PMOhmKEqpQP+2C5ZqNKfwWxy70efpSwxvRYuAcgMJs6aRHTBPJjz3SO6ZbiXwM6WIuGYFZ7LQ==", "requires": { - "@grpc/grpc-js": "~1.10.3", - "@grpc/proto-loader": "^0.7.0", + "@grpc/grpc-js": "^1.10.9", + "@grpc/proto-loader": "^0.7.13", "@types/long": "^4.0.0", "abort-controller": "^3.0.0", "duplexify": "^4.0.0", "google-auth-library": "^9.3.0", "node-fetch": "^2.6.1", "object-hash": "^3.0.0", - "proto3-json-serializer": "^2.0.0", - "protobufjs": "7.3.0", + "proto3-json-serializer": "^2.0.2", + "protobufjs": "^7.3.2", "retry-request": "^7.0.0", "uuid": "^9.0.1" } @@ -368,9 +375,9 @@ } }, "https-proxy-agent": { - "version": "7.0.4", - "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-7.0.4.tgz", - "integrity": "sha512-wlwpilI7YdjSkWaQ/7omYBMTliDcmCN8OLihO6I9B86g06lMyAoqgoDpV0XqoaPOKj+0DIdAvnsWfyAAhmimcg==", + "version": "7.0.5", + "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-7.0.5.tgz", + "integrity": "sha512-1e4Wqeblerz+tMKPIq2EMGiiWW1dIjZOksyHWSUm1rmuvw/how9hBHZ38lAGj5ID4Ik6EdkOw7NmWPy6LAwalw==", "requires": { "agent-base": "^7.0.2", "debug": "4" @@ -481,9 +488,9 @@ } }, "protobufjs": { - "version": "7.3.0", - "resolved": "https://registry.npmjs.org/protobufjs/-/protobufjs-7.3.0.tgz", - "integrity": "sha512-YWD03n3shzV9ImZRX3ccbjqLxj7NokGN0V/ESiBV5xWqrommYHYiihuIyavq03pWSGqlyvYUFmfoMKd+1rPA/g==", + "version": "7.3.2", + "resolved": "https://registry.npmjs.org/protobufjs/-/protobufjs-7.3.2.tgz", + "integrity": "sha512-RXyHaACeqXeqAKGLDl68rQKbmObRsTIn4TYVUUug1KfS47YWCo5MacGITEryugIgZqORCvJWEk4l449POg5Txg==", "requires": { "@protobufjs/aspromise": "^1.1.2", "@protobufjs/base64": "^1.1.2", @@ -610,9 +617,9 @@ "integrity": "sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw==" }, "undici-types": { - "version": "5.26.5", - "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", - "integrity": "sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA==" + "version": "6.13.0", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.13.0.tgz", + "integrity": "sha512-xtFJHudx8S2DSoujjMd1WeWvn7KKWFRESZTMeL1RptAYERu29D6jphMjjY+vn96jvN3kVPDNxU/E13VTaXj6jg==" }, "util-deprecate": { "version": "1.0.2", diff --git a/1-org/modules/cai-monitoring/function-source/package.json b/1-org/modules/cai-monitoring/function-source/package.json index 8fe99c1a0..e2da1bd86 100644 --- a/1-org/modules/cai-monitoring/function-source/package.json +++ b/1-org/modules/cai-monitoring/function-source/package.json @@ -9,7 +9,7 @@ "author": "", "license": "ISC", "dependencies": { - "@google-cloud/security-center": "8.8.0", + "@google-cloud/security-center": "8.11.0", "uuid4": "2.0.3", "moment": "2.30.1" } diff --git a/1-org/modules/cai-monitoring/main.tf b/1-org/modules/cai-monitoring/main.tf index c1ccc6a8e..22d6425ff 100644 --- a/1-org/modules/cai-monitoring/main.tf +++ b/1-org/modules/cai-monitoring/main.tf @@ -162,9 +162,8 @@ module "cloud_function" { service_config = { service_account_email = google_service_account.cloudfunction.email runtime_env_variables = { - ROLES = join(",", var.roles_to_monitor) - SOURCE_ID = google_scc_source.cai_monitoring.id - LOG_EXECUTION_ID = "true" + ROLES = join(",", var.roles_to_monitor) + SOURCE_ID = google_scc_source.cai_monitoring.id } } diff --git a/1-org/modules/cai-monitoring/versions.tf b/1-org/modules/cai-monitoring/versions.tf index 328699bc4..414c1c685 100644 --- a/1-org/modules/cai-monitoring/versions.tf +++ b/1-org/modules/cai-monitoring/versions.tf @@ -19,11 +19,11 @@ terraform { required_providers { google = { source = "hashicorp/google" - version = ">= 3.77" + version = ">= 5.42" } google-beta = { source = "hashicorp/google-beta" - version = ">= 3.77" + version = ">= 5.42" } random = { source = "hashicorp/random" diff --git a/2-environments/modules/env_baseline/versions.tf b/2-environments/modules/env_baseline/versions.tf index bdff9ea35..ab758d276 100644 --- a/2-environments/modules/env_baseline/versions.tf +++ b/2-environments/modules/env_baseline/versions.tf @@ -28,10 +28,10 @@ terraform { } provider_meta "google" { - module_name = "blueprints/terraform/terraform-example-foundation:environments/v4.0.0" + module_name = "blueprints/terraform/terraform-example-foundation:environments/v4.1.0" } provider_meta "google-beta" { - module_name = "blueprints/terraform/terraform-example-foundation:environments/v4.0.0" + module_name = "blueprints/terraform/terraform-example-foundation:environments/v4.1.0" } } diff --git a/3-networks-dual-svpc/README.md b/3-networks-dual-svpc/README.md index ac2e51d07..a3b5c438a 100644 --- a/3-networks-dual-svpc/README.md +++ b/3-networks-dual-svpc/README.md @@ -59,7 +59,7 @@ For an overview of the architecture and the parts, see the The purpose of this step is to: - Set up the global [DNS Hub](https://cloud.google.com/blog/products/networking/cloud-forwarding-peering-and-zones). -- Set up base and restricted Hubs and it corresponding Spokes. With default DNS, NAT (optional), Private Service networking, VPC Service Controls (optional), on-premises Dedicated or Partner Interconnect, and baseline firewall rules for each environment. +- Set up base and restricted shared VPCs with default DNS, NAT (optional), Private Service networking, VPC Service Controls (optional), on-premises Dedicated or Partner Interconnect, and baseline firewall rules for each environment. ## Prerequisites diff --git a/3-networks-dual-svpc/modules/base_env/versions.tf b/3-networks-dual-svpc/modules/base_env/versions.tf index 9698795c2..f0935ecf6 100644 --- a/3-networks-dual-svpc/modules/base_env/versions.tf +++ b/3-networks-dual-svpc/modules/base_env/versions.tf @@ -28,10 +28,10 @@ terraform { } provider_meta "google" { - module_name = "blueprints/terraform/terraform-example-foundation:networks-dual-svpc/v4.0.0" + module_name = "blueprints/terraform/terraform-example-foundation:networks-dual-svpc/v4.1.0" } provider_meta "google-beta" { - module_name = "blueprints/terraform/terraform-example-foundation:networks-dual-svpc/v4.0.0" + module_name = "blueprints/terraform/terraform-example-foundation:networks-dual-svpc/v4.1.0" } } diff --git a/3-networks-dual-svpc/modules/base_shared_vpc/versions.tf b/3-networks-dual-svpc/modules/base_shared_vpc/versions.tf index 18e75f93f..4624e5927 100644 --- a/3-networks-dual-svpc/modules/base_shared_vpc/versions.tf +++ b/3-networks-dual-svpc/modules/base_shared_vpc/versions.tf @@ -28,10 +28,10 @@ terraform { } provider_meta "google" { - module_name = "blueprints/terraform/terraform-example-foundation:base_shared_vpc/v4.0.0" + module_name = "blueprints/terraform/terraform-example-foundation:base_shared_vpc/v4.1.0" } provider_meta "google-beta" { - module_name = "blueprints/terraform/terraform-example-foundation:base_shared_vpc/v4.0.0" + module_name = "blueprints/terraform/terraform-example-foundation:base_shared_vpc/v4.1.0" } } diff --git a/3-networks-dual-svpc/modules/dedicated_interconnect/versions.tf b/3-networks-dual-svpc/modules/dedicated_interconnect/versions.tf index 74896340c..8a4a361c4 100644 --- a/3-networks-dual-svpc/modules/dedicated_interconnect/versions.tf +++ b/3-networks-dual-svpc/modules/dedicated_interconnect/versions.tf @@ -28,10 +28,10 @@ terraform { } provider_meta "google" { - module_name = "blueprints/terraform/terraform-example-foundation:dedicated_interconnect/v4.0.0" + module_name = "blueprints/terraform/terraform-example-foundation:dedicated_interconnect/v4.1.0" } provider_meta "google-beta" { - module_name = "blueprints/terraform/terraform-example-foundation:dedicated_interconnect/v4.0.0" + module_name = "blueprints/terraform/terraform-example-foundation:dedicated_interconnect/v4.1.0" } } diff --git a/3-networks-dual-svpc/modules/hierarchical_firewall_policy/versions.tf b/3-networks-dual-svpc/modules/hierarchical_firewall_policy/versions.tf index 3cb33d1a9..e42c1229a 100644 --- a/3-networks-dual-svpc/modules/hierarchical_firewall_policy/versions.tf +++ b/3-networks-dual-svpc/modules/hierarchical_firewall_policy/versions.tf @@ -31,10 +31,10 @@ terraform { } provider_meta "google" { - module_name = "blueprints/terraform/terraform-example-foundation:hierarchical_firewall_policy/v4.0.0" + module_name = "blueprints/terraform/terraform-example-foundation:hierarchical_firewall_policy/v4.1.0" } provider_meta "google-beta" { - module_name = "blueprints/terraform/terraform-example-foundation:hierarchical_firewall_policy/v4.0.0" + module_name = "blueprints/terraform/terraform-example-foundation:hierarchical_firewall_policy/v4.1.0" } } diff --git a/3-networks-dual-svpc/modules/partner_interconnect/versions.tf b/3-networks-dual-svpc/modules/partner_interconnect/versions.tf index 11fd2039a..0fb11f02f 100644 --- a/3-networks-dual-svpc/modules/partner_interconnect/versions.tf +++ b/3-networks-dual-svpc/modules/partner_interconnect/versions.tf @@ -28,10 +28,10 @@ terraform { } provider_meta "google" { - module_name = "blueprints/terraform/terraform-example-foundation:partner_interconnect/v4.0.0" + module_name = "blueprints/terraform/terraform-example-foundation:partner_interconnect/v4.1.0" } provider_meta "google-beta" { - module_name = "blueprints/terraform/terraform-example-foundation:partner_interconnect/v4.0.0" + module_name = "blueprints/terraform/terraform-example-foundation:partner_interconnect/v4.1.0" } } diff --git a/3-networks-dual-svpc/modules/restricted_shared_vpc/service_control.tf b/3-networks-dual-svpc/modules/restricted_shared_vpc/service_control.tf index 38c4ddd3f..636dcb2bf 100644 --- a/3-networks-dual-svpc/modules/restricted_shared_vpc/service_control.tf +++ b/3-networks-dual-svpc/modules/restricted_shared_vpc/service_control.tf @@ -37,7 +37,7 @@ module "access_level" { module "access_level_dry_run" { source = "terraform-google-modules/vpc-service-controls/google//modules/access_level" - version = "~> 5.0" + version = "~> 6.0" description = "${local.prefix} Access Level for testing with a dry run perimeter" policy = var.access_context_manager_policy_id diff --git a/3-networks-dual-svpc/modules/restricted_shared_vpc/versions.tf b/3-networks-dual-svpc/modules/restricted_shared_vpc/versions.tf index 422a5efb7..234c7d5c7 100644 --- a/3-networks-dual-svpc/modules/restricted_shared_vpc/versions.tf +++ b/3-networks-dual-svpc/modules/restricted_shared_vpc/versions.tf @@ -31,10 +31,10 @@ terraform { } provider_meta "google" { - module_name = "blueprints/terraform/terraform-example-foundation:restricted_shared_vpc/v4.0.0" + module_name = "blueprints/terraform/terraform-example-foundation:restricted_shared_vpc/v4.1.0" } provider_meta "google-beta" { - module_name = "blueprints/terraform/terraform-example-foundation:restricted_shared_vpc/v4.0.0" + module_name = "blueprints/terraform/terraform-example-foundation:restricted_shared_vpc/v4.1.0" } } diff --git a/3-networks-hub-and-spoke/modules/base_env/versions.tf b/3-networks-hub-and-spoke/modules/base_env/versions.tf index 165f60627..7a7a32cec 100644 --- a/3-networks-hub-and-spoke/modules/base_env/versions.tf +++ b/3-networks-hub-and-spoke/modules/base_env/versions.tf @@ -28,10 +28,10 @@ terraform { } provider_meta "google" { - module_name = "blueprints/terraform/terraform-example-foundation:networks-hub-and-spoke/v4.0.0" + module_name = "blueprints/terraform/terraform-example-foundation:networks-hub-and-spoke/v4.1.0" } provider_meta "google-beta" { - module_name = "blueprints/terraform/terraform-example-foundation:networks-hub-and-spoke/v4.0.0" + module_name = "blueprints/terraform/terraform-example-foundation:networks-hub-and-spoke/v4.1.0" } } diff --git a/3-networks-hub-and-spoke/modules/base_shared_vpc/versions.tf b/3-networks-hub-and-spoke/modules/base_shared_vpc/versions.tf index 717c7d09b..bcffc4274 100644 --- a/3-networks-hub-and-spoke/modules/base_shared_vpc/versions.tf +++ b/3-networks-hub-and-spoke/modules/base_shared_vpc/versions.tf @@ -28,10 +28,10 @@ terraform { } provider_meta "google" { - module_name = "blueprints/terraform/terraform-example-foundation:base_shared_vpc/v4.0.0" + module_name = "blueprints/terraform/terraform-example-foundation:base_shared_vpc/v4.1.0" } provider_meta "google-beta" { - module_name = "blueprints/terraform/terraform-example-foundation:base_shared_vpc/v4.0.0" + module_name = "blueprints/terraform/terraform-example-foundation:base_shared_vpc/v4.1.0" } } diff --git a/3-networks-hub-and-spoke/modules/dedicated_interconnect/versions.tf b/3-networks-hub-and-spoke/modules/dedicated_interconnect/versions.tf index ce9442ad6..4b50cfdd2 100644 --- a/3-networks-hub-and-spoke/modules/dedicated_interconnect/versions.tf +++ b/3-networks-hub-and-spoke/modules/dedicated_interconnect/versions.tf @@ -28,10 +28,10 @@ terraform { } provider_meta "google" { - module_name = "blueprints/terraform/terraform-example-foundation:dedicated_interconnect/v4.0.0" + module_name = "blueprints/terraform/terraform-example-foundation:dedicated_interconnect/v4.1.0" } provider_meta "google-beta" { - module_name = "blueprints/terraform/terraform-example-foundation:dedicated_interconnect/v4.0.0" + module_name = "blueprints/terraform/terraform-example-foundation:dedicated_interconnect/v4.1.0" } } diff --git a/3-networks-hub-and-spoke/modules/hierarchical_firewall_policy/versions.tf b/3-networks-hub-and-spoke/modules/hierarchical_firewall_policy/versions.tf index dfb965c68..4cd3715ac 100644 --- a/3-networks-hub-and-spoke/modules/hierarchical_firewall_policy/versions.tf +++ b/3-networks-hub-and-spoke/modules/hierarchical_firewall_policy/versions.tf @@ -31,10 +31,10 @@ terraform { } provider_meta "google" { - module_name = "blueprints/terraform/terraform-example-foundation:hierarchical_firewall_policy/v4.0.0" + module_name = "blueprints/terraform/terraform-example-foundation:hierarchical_firewall_policy/v4.1.0" } provider_meta "google-beta" { - module_name = "blueprints/terraform/terraform-example-foundation:hierarchical_firewall_policy/v4.0.0" + module_name = "blueprints/terraform/terraform-example-foundation:hierarchical_firewall_policy/v4.1.0" } } diff --git a/3-networks-hub-and-spoke/modules/partner_interconnect/versions.tf b/3-networks-hub-and-spoke/modules/partner_interconnect/versions.tf index 26475877e..e363eb942 100644 --- a/3-networks-hub-and-spoke/modules/partner_interconnect/versions.tf +++ b/3-networks-hub-and-spoke/modules/partner_interconnect/versions.tf @@ -28,10 +28,10 @@ terraform { } provider_meta "google" { - module_name = "blueprints/terraform/terraform-example-foundation:partner_interconnect/v4.0.0" + module_name = "blueprints/terraform/terraform-example-foundation:partner_interconnect/v4.1.0" } provider_meta "google-beta" { - module_name = "blueprints/terraform/terraform-example-foundation:partner_interconnect/v4.0.0" + module_name = "blueprints/terraform/terraform-example-foundation:partner_interconnect/v4.1.0" } } diff --git a/3-networks-hub-and-spoke/modules/restricted_shared_vpc/service_control.tf b/3-networks-hub-and-spoke/modules/restricted_shared_vpc/service_control.tf index be8c42270..4772a396c 100644 --- a/3-networks-hub-and-spoke/modules/restricted_shared_vpc/service_control.tf +++ b/3-networks-hub-and-spoke/modules/restricted_shared_vpc/service_control.tf @@ -38,7 +38,7 @@ module "access_level" { module "access_level_dry_run" { source = "terraform-google-modules/vpc-service-controls/google//modules/access_level" - version = "~> 5.0" + version = "~> 6.0" description = "${local.prefix} Access Level for testing with a dry run perimeter" policy = var.access_context_manager_policy_id diff --git a/3-networks-hub-and-spoke/modules/restricted_shared_vpc/versions.tf b/3-networks-hub-and-spoke/modules/restricted_shared_vpc/versions.tf index 55effa5e6..4277a2715 100644 --- a/3-networks-hub-and-spoke/modules/restricted_shared_vpc/versions.tf +++ b/3-networks-hub-and-spoke/modules/restricted_shared_vpc/versions.tf @@ -31,10 +31,10 @@ terraform { } provider_meta "google" { - module_name = "blueprints/terraform/terraform-example-foundation:restricted_shared_vpc/v4.0.0" + module_name = "blueprints/terraform/terraform-example-foundation:restricted_shared_vpc/v4.1.0" } provider_meta "google-beta" { - module_name = "blueprints/terraform/terraform-example-foundation:restricted_shared_vpc/v4.0.0" + module_name = "blueprints/terraform/terraform-example-foundation:restricted_shared_vpc/v4.1.0" } } diff --git a/3-networks-hub-and-spoke/modules/transitivity/versions.tf b/3-networks-hub-and-spoke/modules/transitivity/versions.tf index 5b4350cd6..5f77b730f 100644 --- a/3-networks-hub-and-spoke/modules/transitivity/versions.tf +++ b/3-networks-hub-and-spoke/modules/transitivity/versions.tf @@ -28,10 +28,10 @@ terraform { } provider_meta "google" { - module_name = "blueprints/terraform/terraform-example-foundation:transitivity/v4.0.0" + module_name = "blueprints/terraform/terraform-example-foundation:transitivity/v4.1.0" } provider_meta "google-beta" { - module_name = "blueprints/terraform/terraform-example-foundation:transitivity/v4.0.0" + module_name = "blueprints/terraform/terraform-example-foundation:transitivity/v4.1.0" } } diff --git a/4-projects/modules/base_env/versions.tf b/4-projects/modules/base_env/versions.tf index 29b942523..859fcfe60 100644 --- a/4-projects/modules/base_env/versions.tf +++ b/4-projects/modules/base_env/versions.tf @@ -24,10 +24,10 @@ terraform { } provider_meta "google" { - module_name = "blueprints/terraform/terraform-example-foundation:projects/v4.0.0" + module_name = "blueprints/terraform/terraform-example-foundation:projects/v4.1.0" } provider_meta "google-beta" { - module_name = "blueprints/terraform/terraform-example-foundation:projects/v4.0.0" + module_name = "blueprints/terraform/terraform-example-foundation:projects/v4.1.0" } } diff --git a/4-projects/modules/infra_pipelines/versions.tf b/4-projects/modules/infra_pipelines/versions.tf index ca3974c7c..b392be026 100644 --- a/4-projects/modules/infra_pipelines/versions.tf +++ b/4-projects/modules/infra_pipelines/versions.tf @@ -36,10 +36,10 @@ terraform { } provider_meta "google" { - module_name = "blueprints/terraform/terraform-example-foundation:infra_pipelines/v4.0.0" + module_name = "blueprints/terraform/terraform-example-foundation:infra_pipelines/v4.1.0" } provider_meta "google-beta" { - module_name = "blueprints/terraform/terraform-example-foundation:infra_pipelines/v4.0.0" + module_name = "blueprints/terraform/terraform-example-foundation:infra_pipelines/v4.1.0" } } diff --git a/4-projects/modules/single_project/versions.tf b/4-projects/modules/single_project/versions.tf index 49b32971d..b198fef54 100644 --- a/4-projects/modules/single_project/versions.tf +++ b/4-projects/modules/single_project/versions.tf @@ -28,10 +28,10 @@ terraform { } provider_meta "google" { - module_name = "blueprints/terraform/terraform-example-foundation:single_project/v4.0.0" + module_name = "blueprints/terraform/terraform-example-foundation:single_project/v4.1.0" } provider_meta "google-beta" { - module_name = "blueprints/terraform/terraform-example-foundation:single_project/v4.0.0" + module_name = "blueprints/terraform/terraform-example-foundation:single_project/v4.1.0" } } diff --git a/5-app-infra/modules/env_base/versions.tf b/5-app-infra/modules/env_base/versions.tf index a6f1d00ba..49acd3e73 100644 --- a/5-app-infra/modules/env_base/versions.tf +++ b/5-app-infra/modules/env_base/versions.tf @@ -37,10 +37,10 @@ terraform { } provider_meta "google" { - module_name = "blueprints/terraform/terraform-example-foundation:app_env_base/v4.0.0" + module_name = "blueprints/terraform/terraform-example-foundation:app_env_base/v4.1.0" } provider_meta "google-beta" { - module_name = "blueprints/terraform/terraform-example-foundation:app_env_base/v4.0.0" + module_name = "blueprints/terraform/terraform-example-foundation:app_env_base/v4.1.0" } } diff --git a/CHANGELOG.md b/CHANGELOG.md index 7419828c0..717c05118 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,57 @@ # Changelog +## [4.1.0](https://github.com/terraform-google-modules/terraform-example-foundation/compare/v4.0.0...v4.1.0) (2024-08-01) + + +### Features + +* Add Billing Account Log sinks ([#1164](https://github.com/terraform-google-modules/terraform-example-foundation/issues/1164)) ([a72d12f](https://github.com/terraform-google-modules/terraform-example-foundation/commit/a72d12f54f4cf637a8261b08e8dd48b98c53a869)) +* Create project destination and remove log bucket destination for the centralized logging ([#1148](https://github.com/terraform-google-modules/terraform-example-foundation/issues/1148)) ([0a03623](https://github.com/terraform-google-modules/terraform-example-foundation/commit/0a03623744c8d8a5426d929ed60d1aa34e2c3e6c)) + + +### Bug Fixes + +* [#1229](https://github.com/terraform-google-modules/terraform-example-foundation/issues/1229) - fix 3-nhas symlinks ([#1230](https://github.com/terraform-google-modules/terraform-example-foundation/issues/1230)) ([05a2308](https://github.com/terraform-google-modules/terraform-example-foundation/commit/05a2308b7b2c0734bdaead6fed40296404bcf3c6)) +* Add roles and service enablements to bootstrap project ([#1175](https://github.com/terraform-google-modules/terraform-example-foundation/issues/1175)) ([a759ee9](https://github.com/terraform-google-modules/terraform-example-foundation/commit/a759ee9ddb429b58b5750523922c07eb83fb152d)) +* bump terraform base version from 1.3.0 to 1.3.10 ([#1253](https://github.com/terraform-google-modules/terraform-example-foundation/issues/1253)) ([a97d2b4](https://github.com/terraform-google-modules/terraform-example-foundation/commit/a97d2b40cfa349e4cbd936e87c260661223df833)) +* bump terraform version from 1.3.10 to 1.5.7 ([#1268](https://github.com/terraform-google-modules/terraform-example-foundation/issues/1268)) ([77827b2](https://github.com/terraform-google-modules/terraform-example-foundation/commit/77827b2dfdd2108c153920a3d684cc14a71058a7)) +* **cai:** modules must not define providers ([#1132](https://github.com/terraform-google-modules/terraform-example-foundation/issues/1132)) ([f396741](https://github.com/terraform-google-modules/terraform-example-foundation/commit/f396741d6cce892c3b823ec1260677086758fdfc)) +* **deps:** bump debug from 4.1.1 to 4.3.4 in /1-org/modules/cai-monitoring/function-source ([#1048](https://github.com/terraform-google-modules/terraform-example-foundation/issues/1048)) ([145c433](https://github.com/terraform-google-modules/terraform-example-foundation/commit/145c4332693d8c0d4da3b8fcead53639574c096f)) +* **deps:** relax to terraform google v5 ([#1066](https://github.com/terraform-google-modules/terraform-example-foundation/issues/1066)) ([a6adc7e](https://github.com/terraform-google-modules/terraform-example-foundation/commit/a6adc7eee3b8b83238122a54a82b35b142c299f2)) +* **deps:** update dependency @google-cloud/security-center to v8.8.0 ([#1123](https://github.com/terraform-google-modules/terraform-example-foundation/issues/1123)) ([299f10c](https://github.com/terraform-google-modules/terraform-example-foundation/commit/299f10cf2871634e442e4bd70e7605646f643969)) +* **deps:** update dependency moment to v2.30.1 ([#1068](https://github.com/terraform-google-modules/terraform-example-foundation/issues/1068)) ([05acc75](https://github.com/terraform-google-modules/terraform-example-foundation/commit/05acc75027a252bdff3335d53cfe5754cff15357)) +* **deps:** update GO 1.21 ([#1057](https://github.com/terraform-google-modules/terraform-example-foundation/issues/1057)) ([e96ab70](https://github.com/terraform-google-modules/terraform-example-foundation/commit/e96ab703210acf354348ea3087081625eae16ca4)) +* **deps:** update GO modules ([#1077](https://github.com/terraform-google-modules/terraform-example-foundation/issues/1077)) ([2d9a438](https://github.com/terraform-google-modules/terraform-example-foundation/commit/2d9a438a0c77ca8974441e38166d4848329fe031)) +* **deps:** Update golangci/golangci-lint-action action to v4 ([#1114](https://github.com/terraform-google-modules/terraform-example-foundation/issues/1114)) ([ba6b860](https://github.com/terraform-google-modules/terraform-example-foundation/commit/ba6b860c84a3e5cab61e5e559b8d0d2d982c7a64)) +* **deps:** update module github.com/hashicorp/hcl/v2 to v2.21.0 ([#1279](https://github.com/terraform-google-modules/terraform-example-foundation/issues/1279)) ([822cc42](https://github.com/terraform-google-modules/terraform-example-foundation/commit/822cc42428f2db8ca78b4139187373b253b19be2)) +* **deps:** Update Terraform terraform-google-modules/bootstrap/google to v7 ([#1093](https://github.com/terraform-google-modules/terraform-example-foundation/issues/1093)) ([16bd67c](https://github.com/terraform-google-modules/terraform-example-foundation/commit/16bd67ce69cca00d1644d2c127a44b693e849c4a)) +* **deps:** update terraform terraform-google-modules/cloud-router/google to v6 ([#1089](https://github.com/terraform-google-modules/terraform-example-foundation/issues/1089)) ([cb5b516](https://github.com/terraform-google-modules/terraform-example-foundation/commit/cb5b5163c2deef8e54a6ff8df1d0ba923c1a1ed3)) +* **deps:** update terraform terraform-google-modules/cloud-storage/google to v5 ([#1088](https://github.com/terraform-google-modules/terraform-example-foundation/issues/1088)) ([5c737b0](https://github.com/terraform-google-modules/terraform-example-foundation/commit/5c737b04b1e1573daec0c19ffcf95666f09cd9f1)) +* **deps:** update terraform terraform-google-modules/kubernetes-engine/google to v29 ([#1094](https://github.com/terraform-google-modules/terraform-example-foundation/issues/1094)) ([0f79a88](https://github.com/terraform-google-modules/terraform-example-foundation/commit/0f79a88ec4a34b73b58f4132bd3f16e195b8c0f1)) +* **deps:** Update Terraform terraform-google-modules/kubernetes-engine/google to v30 ([#1108](https://github.com/terraform-google-modules/terraform-example-foundation/issues/1108)) ([66ea687](https://github.com/terraform-google-modules/terraform-example-foundation/commit/66ea68735ac3b5ac6fee0da642d9a58fe393e7f5)) +* **deps:** update terraform terraform-google-modules/kubernetes-engine/google to v31 ([#1260](https://github.com/terraform-google-modules/terraform-example-foundation/issues/1260)) ([01ed7d0](https://github.com/terraform-google-modules/terraform-example-foundation/commit/01ed7d05c444655cde028dcd2e9f78d2f0276809)) +* **deps:** update terraform terraform-google-modules/log-export/google to v8 ([#1171](https://github.com/terraform-google-modules/terraform-example-foundation/issues/1171)) ([a63dc88](https://github.com/terraform-google-modules/terraform-example-foundation/commit/a63dc886fd8a326348fb2b5668f235e562f84e6a)) +* **deps:** Update Terraform terraform-google-modules/network/google to v9 ([#1095](https://github.com/terraform-google-modules/terraform-example-foundation/issues/1095)) ([fdba866](https://github.com/terraform-google-modules/terraform-example-foundation/commit/fdba8669fc6ecb840ce798e63146807974827d5a)) +* **deps:** update terraform terraform-google-modules/pubsub/google to v6 ([#1096](https://github.com/terraform-google-modules/terraform-example-foundation/issues/1096)) ([3a92c9a](https://github.com/terraform-google-modules/terraform-example-foundation/commit/3a92c9ac036f920dbfaf1b7fb9a7ae7ed6bfbd67)) +* **deps:** update terraform terraform-google-modules/vm/google to v10 ([#1097](https://github.com/terraform-google-modules/terraform-example-foundation/issues/1097)) ([8a0e477](https://github.com/terraform-google-modules/terraform-example-foundation/commit/8a0e477325d61cbb8beba528817bd57a00c060b0)) +* **deps:** update terraform terraform-google-modules/vpc-service-controls/google to v5 ([#1098](https://github.com/terraform-google-modules/terraform-example-foundation/issues/1098)) ([b1be0d5](https://github.com/terraform-google-modules/terraform-example-foundation/commit/b1be0d5e362a39d439bc323d7777df8feba5f60c)) +* **deps:** Update Terraform terraform-google-modules/vpn/google to v4 ([#1100](https://github.com/terraform-google-modules/terraform-example-foundation/issues/1100)) ([2c4a27b](https://github.com/terraform-google-modules/terraform-example-foundation/commit/2c4a27b059202878e9190f8b3f8ca1786684771b)) +* **deps:** update terraform-google-modules/network/google to v8.0 ([#1082](https://github.com/terraform-google-modules/terraform-example-foundation/issues/1082)) ([6d8e106](https://github.com/terraform-google-modules/terraform-example-foundation/commit/6d8e106444ca1b7b04b0beafbde5eac1b353559f)) +* **deps:** update tf modules ([#1023](https://github.com/terraform-google-modules/terraform-example-foundation/issues/1023)) ([03b1976](https://github.com/terraform-google-modules/terraform-example-foundation/commit/03b1976b42c427e3efbc879a894641593206d1c6)) +* **deps:** update to terraform-google-modules/network/google//modules/network-peering v8 for increased TPG v5 compatibility ([#1073](https://github.com/terraform-google-modules/terraform-example-foundation/issues/1073)) ([5d808b1](https://github.com/terraform-google-modules/terraform-example-foundation/commit/5d808b16fe23b0a1d7c6b43664d6d599cfb2bf8b)) +* **docs:** Update 3-networks-dual-svpc README after accidental change ([#1294](https://github.com/terraform-google-modules/terraform-example-foundation/issues/1294)) ([57c96c4](https://github.com/terraform-google-modules/terraform-example-foundation/commit/57c96c4d669e296b02cf4ad00c8000ee55eee6ea)) +* Fix of the new group structure ([#1174](https://github.com/terraform-google-modules/terraform-example-foundation/issues/1174)) ([dd6c09c](https://github.com/terraform-google-modules/terraform-example-foundation/commit/dd6c09ccc73dc13abf989c511caf73094ecf5d11)) +* Fix project labels ([#1107](https://github.com/terraform-google-modules/terraform-example-foundation/issues/1107)) ([eb28ecb](https://github.com/terraform-google-modules/terraform-example-foundation/commit/eb28ecb1ca659b1279db83b0b7f9667d56698c22)) +* Groups creation and permissions ([#1110](https://github.com/terraform-google-modules/terraform-example-foundation/issues/1110)) ([f57a47c](https://github.com/terraform-google-modules/terraform-example-foundation/commit/f57a47c2e36e9924a3232983385e741fd05ee2f3)) +* module seed_bootstrap now waiting on module required_groups ([#1273](https://github.com/terraform-google-modules/terraform-example-foundation/issues/1273)) ([ceeead2](https://github.com/terraform-google-modules/terraform-example-foundation/commit/ceeead24430999d89ab18da71e9a520389a15d92)) +* **provider:** perma-diff in provider causes Cloud Functions in 1-org to always fail ([#1311](https://github.com/terraform-google-modules/terraform-example-foundation/issues/1311)) ([4a92a09](https://github.com/terraform-google-modules/terraform-example-foundation/commit/4a92a0943b13078cedcf7fb83377972b1865f567)) +* removed duplicate folder in README segment 5. app-infra ([#1244](https://github.com/terraform-google-modules/terraform-example-foundation/issues/1244)) ([229e53c](https://github.com/terraform-google-modules/terraform-example-foundation/commit/229e53c8ca7ab6dd43305ab59f63a280c00dae55)) +* **tfvars:** fix broken symlinks ([#1196](https://github.com/terraform-google-modules/terraform-example-foundation/issues/1196)) ([5e11853](https://github.com/terraform-google-modules/terraform-example-foundation/commit/5e11853bfced58827cf13f978e23397db6c0418a)) +* update project-factory version in CI/CD projects ([#1255](https://github.com/terraform-google-modules/terraform-example-foundation/issues/1255)) ([e23f95e](https://github.com/terraform-google-modules/terraform-example-foundation/commit/e23f95ef47228c587d6554589bd2c106093cac3f)) +* use bootstrap.outputs.common_config as default region ([#1181](https://github.com/terraform-google-modules/terraform-example-foundation/issues/1181)) ([105fe52](https://github.com/terraform-google-modules/terraform-example-foundation/commit/105fe526442156c2341e07253d7ee64813513452)) +* **vars:** remove additional variables leftover from env monitoring project ([#1281](https://github.com/terraform-google-modules/terraform-example-foundation/issues/1281)) ([55b06bf](https://github.com/terraform-google-modules/terraform-example-foundation/commit/55b06bf7de332fe0c5d7cdfdf5404388800b132d)) +* **VPCSC:** enable dryrun mode ([#1210](https://github.com/terraform-google-modules/terraform-example-foundation/issues/1210)) ([4365eab](https://github.com/terraform-google-modules/terraform-example-foundation/commit/4365eab9ea9ca9d5659337cac9302130a9017b33)) + ## [4.0.0](https://github.com/terraform-google-modules/terraform-example-foundation/compare/v3.0.0...v4.0.0) (2024-01-10) diff --git a/Makefile b/Makefile index 552729d2a..597f7e4b6 100644 --- a/Makefile +++ b/Makefile @@ -18,7 +18,7 @@ # Make will use bash instead of sh SHELL := /usr/bin/env bash -DOCKER_TAG_VERSION_DEVELOPER_TOOLS := 1.21 +DOCKER_TAG_VERSION_DEVELOPER_TOOLS := 1.22 DOCKER_IMAGE_DEVELOPER_TOOLS := cft/developer-tools REGISTRY_URL := gcr.io/cloud-foundation-cicd diff --git a/build/github-tf-apply.yaml b/build/github-tf-apply.yaml index 47afce909..109a6263e 100644 --- a/build/github-tf-apply.yaml +++ b/build/github-tf-apply.yaml @@ -34,20 +34,20 @@ jobs: id-token: 'write' steps: - - uses: 'actions/checkout@v3' + - uses: 'actions/checkout@v4' - id: 'auth' - uses: 'google-github-actions/auth@v1' + uses: 'google-github-actions/auth@v2' with: token_format: 'access_token' workload_identity_provider: ${{ secrets.WIF_PROVIDER_NAME }} service_account: ${{ secrets.SERVICE_ACCOUNT_EMAIL }} - - uses: 'google-github-actions/setup-gcloud@v1' + - uses: 'google-github-actions/setup-gcloud@v2' with: install_components: "beta,terraform-tools" - - uses: 'hashicorp/setup-terraform@v2' + - uses: 'hashicorp/setup-terraform@v3' with: terraform_version: '1.5.7' diff --git a/build/github-tf-pull-request.yaml b/build/github-tf-pull-request.yaml index f2a6e5648..6defed40b 100644 --- a/build/github-tf-pull-request.yaml +++ b/build/github-tf-pull-request.yaml @@ -36,20 +36,20 @@ jobs: pull-requests: "write" steps: - - uses: "actions/checkout@v3" + - uses: "actions/checkout@v4" - id: "auth" - uses: "google-github-actions/auth@v1" + uses: "google-github-actions/auth@v2" with: token_format: "access_token" workload_identity_provider: ${{ secrets.WIF_PROVIDER_NAME }} service_account: ${{ secrets.SERVICE_ACCOUNT_EMAIL }} - - uses: "google-github-actions/setup-gcloud@v1" + - uses: "google-github-actions/setup-gcloud@v2" with: install_components: "beta,terraform-tools" - - uses: "hashicorp/setup-terraform@v2" + - uses: "hashicorp/setup-terraform@v3" with: terraform_version: "1.5.7" diff --git a/build/int.cloudbuild.yaml b/build/int.cloudbuild.yaml index 13dbd628c..a0177bbb2 100644 --- a/build/int.cloudbuild.yaml +++ b/build/int.cloudbuild.yaml @@ -175,4 +175,4 @@ options: - 'TF_IN_AUTOMATION=true' substitutions: _DOCKER_IMAGE_DEVELOPER_TOOLS: 'cft/developer-tools' - _DOCKER_TAG_VERSION_DEVELOPER_TOOLS: '1.21' + _DOCKER_TAG_VERSION_DEVELOPER_TOOLS: '1.22' diff --git a/build/lint.cloudbuild.yaml b/build/lint.cloudbuild.yaml index 07abf8be0..a4829b401 100644 --- a/build/lint.cloudbuild.yaml +++ b/build/lint.cloudbuild.yaml @@ -24,7 +24,7 @@ tags: - 'lint' substitutions: _DOCKER_IMAGE_DEVELOPER_TOOLS: 'cft/developer-tools' - _DOCKER_TAG_VERSION_DEVELOPER_TOOLS: '1.21' + _DOCKER_TAG_VERSION_DEVELOPER_TOOLS: '1.22' options: machineType: 'N1_HIGHCPU_8' env: diff --git a/helpers/foundation-deployer/go.mod b/helpers/foundation-deployer/go.mod index 911c88bd8..fc274f3e6 100644 --- a/helpers/foundation-deployer/go.mod +++ b/helpers/foundation-deployer/go.mod @@ -2,16 +2,16 @@ module github.com/terraform-google-modules/terraform-example-foundation/helpers/ go 1.22 -toolchain go1.22.4 +toolchain go1.22.6 require ( - github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test v0.15.1 - github.com/gruntwork-io/terratest v0.46.15 + github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test v0.16.1 + github.com/gruntwork-io/terratest v0.47.0 github.com/hashicorp/hcl/v2 v2.21.0 github.com/mitchellh/go-testing-interface v1.14.2-0.20210821155943-2d9075ca8770 github.com/stretchr/testify v1.9.0 - github.com/terraform-google-modules/terraform-example-foundation/test/integration v0.0.0-20240530101341-20e72789e0ac - github.com/tidwall/gjson v1.17.1 + github.com/terraform-google-modules/terraform-example-foundation/test/integration v0.0.0-20240808135927-5f1fd0f4104a + github.com/tidwall/gjson v1.17.3 ) require ( @@ -53,9 +53,9 @@ require ( github.com/zclconf/go-cty v1.14.4 // indirect go.opencensus.io v0.24.0 // indirect golang.org/x/crypto v0.21.0 // indirect - golang.org/x/mod v0.17.0 // indirect + golang.org/x/mod v0.19.0 // indirect golang.org/x/net v0.23.0 // indirect - golang.org/x/oauth2 v0.20.0 // indirect + golang.org/x/oauth2 v0.22.0 // indirect golang.org/x/sync v0.4.0 // indirect golang.org/x/sys v0.18.0 // indirect golang.org/x/text v0.14.0 // indirect diff --git a/helpers/foundation-deployer/go.sum b/helpers/foundation-deployer/go.sum index 57dd38299..9bffcc149 100644 --- a/helpers/foundation-deployer/go.sum +++ b/helpers/foundation-deployer/go.sum @@ -185,8 +185,8 @@ cloud.google.com/go/workflows v1.7.0/go.mod h1:JhSrZuVZWuiDfKEFxU0/F1PQjmpnpcoIS dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= -github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test v0.15.1 h1:c1tEK/Ma0NstqqkjS1tCClrFxIX1cNLdrM5cB03Sv24= -github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test v0.15.1/go.mod h1:bssUTs81Q0xIUg/dYT8/8fqEXOVB8GQVyngw9U79EN4= +github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test v0.16.1 h1:IfsF5yta+pslEAWF1QYFSP/3obWsjLQzFyEKJYAhzos= +github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test v0.16.1/go.mod h1:Bop47HzdH60K1rPgNRNqBHrBWhhmqCBG9Y4Y5PEn9fE= github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= github.com/agext/levenshtein v1.2.3 h1:YB2fHEn0UJagG8T1rrWknE3ZQzWM06O8AMAatNn7lmo= github.com/agext/levenshtein v1.2.3/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= @@ -336,8 +336,8 @@ github.com/googleapis/gax-go/v2 v2.12.0 h1:A+gCJKdRfqXkr+BIRGtZLibNXf0m1f9E4HG56 github.com/googleapis/gax-go/v2 v2.12.0/go.mod h1:y+aIqrI5eb1YGMVJfuV3185Ts/D7qKpsEkdD5+I6QGU= github.com/googleapis/go-type-adapters v1.0.0/go.mod h1:zHW75FOG2aur7gAO2B+MLby+cLsWGBF62rFAi7WjWO4= github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw= -github.com/gruntwork-io/terratest v0.46.15 h1:qfqjTFveymaqe7aAWn3LjlK0SwVGpRfoOut5ggNyfQ8= -github.com/gruntwork-io/terratest v0.46.15/go.mod h1:9bd22zAojjBBiYdsp+AR1iyl2iB6bRUVm2Yf1AFhfrA= +github.com/gruntwork-io/terratest v0.47.0 h1:xIy1pT7NbGVlMLDZEHl3+3iSnvffh8tN2pL6idn448c= +github.com/gruntwork-io/terratest v0.47.0/go.mod h1:oywHw1cFKXSYvKPm27U7quZVzDUlA22H2xUrKCe26xM= github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I= github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= @@ -410,11 +410,11 @@ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= -github.com/terraform-google-modules/terraform-example-foundation/test/integration v0.0.0-20240530101341-20e72789e0ac h1:hKmWS3gfdchjfK1xC6z0Tll65D+Poxr0aBCgRgGoaNs= -github.com/terraform-google-modules/terraform-example-foundation/test/integration v0.0.0-20240530101341-20e72789e0ac/go.mod h1:tQ3UD4Hq6eDIfxNp5qKK6UVePeTc+fQBUqjx8jN/NyM= +github.com/terraform-google-modules/terraform-example-foundation/test/integration v0.0.0-20240808135927-5f1fd0f4104a h1:4Ih0BauwdUTF+YuA55/qY8Q+d5brYKPpae0YWkB9D2A= +github.com/terraform-google-modules/terraform-example-foundation/test/integration v0.0.0-20240808135927-5f1fd0f4104a/go.mod h1:p8CvVuYRey5Nb8dipH5KM+eY+TnqfLgDnQ5M1a7oHiw= github.com/tidwall/gjson v1.14.2/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk= -github.com/tidwall/gjson v1.17.1 h1:wlYEnwqAHgzmhNUFfw7Xalt2JzQvsMx2Se4PcoFCT/U= -github.com/tidwall/gjson v1.17.1/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk= +github.com/tidwall/gjson v1.17.3 h1:bwWLZU7icoKRG+C+0PNwIKC6FCJO/Q3p2pZvuP0jN94= +github.com/tidwall/gjson v1.17.3/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk= github.com/tidwall/match v1.1.1 h1:+Ho715JplO36QYgwN9PGYNhgZvoUSc9X2c80KVTi+GA= github.com/tidwall/match v1.1.1/go.mod h1:eRSPERbgtNPcGhD8UCthc6PmLEQXEWd3PRB5JTxsfmM= github.com/tidwall/pretty v1.2.0/go.mod h1:ITEVvHYasfjBbM0u2Pg8T2nJnzm8xPwvNhhsoaGGjNU= @@ -491,8 +491,8 @@ golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= -golang.org/x/mod v0.17.0 h1:zY54UmvipHiNd+pm+m0x9KhZ9hl1/7QNMyxXbc6ICqA= -golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= +golang.org/x/mod v0.19.0 h1:fEdghXQSo20giMthA7cd28ZC+jts4amQ3YMXiP5oMQ8= +golang.org/x/mod v0.19.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -567,8 +567,8 @@ golang.org/x/oauth2 v0.0.0-20220822191816-0ebed06d0094/go.mod h1:h4gKUeWbJ4rQPri golang.org/x/oauth2 v0.0.0-20220909003341-f21342109be1/go.mod h1:h4gKUeWbJ4rQPri7E0u6Gs4e9Ri2zaLxzw5DI5XGrYg= golang.org/x/oauth2 v0.0.0-20221014153046-6fdb5e3db783/go.mod h1:h4gKUeWbJ4rQPri7E0u6Gs4e9Ri2zaLxzw5DI5XGrYg= golang.org/x/oauth2 v0.1.0/go.mod h1:G9FE4dLTsbXUu90h/Pf85g4w1D+SSAgR+q46nJZ8M4A= -golang.org/x/oauth2 v0.20.0 h1:4mQdhULixXKP1rwYBW0vAijoXnkTG0BLCDRzfe1idMo= -golang.org/x/oauth2 v0.20.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= +golang.org/x/oauth2 v0.22.0 h1:BzDx2FehcG7jJwgWLELCdmLuxk2i+x9UDpSiss2u0ZA= +golang.org/x/oauth2 v0.22.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= diff --git a/helpers/foundation-deployer/steps/steps_test.go b/helpers/foundation-deployer/steps/steps_test.go index d87a4a28a..a10a5f413 100644 --- a/helpers/foundation-deployer/steps/steps_test.go +++ b/helpers/foundation-deployer/steps/steps_test.go @@ -77,7 +77,7 @@ func TestProcessSteps(t *testing.T) { badStepMsg := "bad step" assert.False(t, s.IsStepComplete("bad"), "check if 'bad' is 'COMPLETED' should be false") err = s.RunStep("bad", func() error { - return fmt.Errorf(badStepMsg) + return fmt.Errorf("%s", badStepMsg) }) assert.Error(t, err) assert.False(t, s.IsStepComplete("bad"), "check if 'bad' is 'COMPLETED' should be false") @@ -86,7 +86,7 @@ func TestProcessSteps(t *testing.T) { // complete states are not executed again assert.True(t, s.IsStepComplete("good"), "check if 'good' is 'COMPLETED' should be true") err = s.RunStep("good", func() error { - return fmt.Errorf("will fail if executed") + return fmt.Errorf("%s", "will fail if executed") }) assert.NoError(t, err) assert.True(t, s.IsStepComplete("good"), "check if 'good' is 'COMPLETED' should be true") @@ -103,7 +103,7 @@ func TestProcessSteps(t *testing.T) { assert.NoError(t, err) assert.False(t, s.IsStepDestroyed("destroy"), "check if 'destroy' is 'DESTROYED' should be false") err = s.RunDestroyStep("destroy", func() error { - return fmt.Errorf(badStepMsg) + return fmt.Errorf("%s", badStepMsg) }) assert.Error(t, err) assert.False(t, s.IsStepDestroyed("destroy"), "check if 'destroy' is 'DESTROYED' should be false") @@ -113,7 +113,7 @@ func TestProcessSteps(t *testing.T) { assert.NoError(t, err) assert.True(t, s.IsStepDestroyed("gone"), "check if 'gone' is 'DESTROYED' should be true") err = s.RunDestroyStep("gone", func() error { - return fmt.Errorf("will fail if executed") + return fmt.Errorf("%s", "will fail if executed") }) assert.NoError(t, err) assert.True(t, s.IsStepDestroyed("gone"), "check if 'gone' is 'DESTROYED' should be true") diff --git a/test/integration/go.mod b/test/integration/go.mod index 62e48ff50..d7e5c890b 100644 --- a/test/integration/go.mod +++ b/test/integration/go.mod @@ -2,15 +2,15 @@ module github.com/terraform-google-modules/terraform-example-foundation/test/int go 1.22 -toolchain go1.22.4 +toolchain go1.22.6 require ( - github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test v0.15.1 - github.com/gruntwork-io/terratest v0.46.15 + github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test v0.16.1 + github.com/gruntwork-io/terratest v0.47.0 github.com/mitchellh/go-testing-interface v1.14.2-0.20210821155943-2d9075ca8770 github.com/stretchr/testify v1.9.0 - github.com/tidwall/gjson v1.17.1 - golang.org/x/oauth2 v0.21.0 + github.com/tidwall/gjson v1.17.3 + golang.org/x/oauth2 v0.22.0 ) require ( @@ -38,13 +38,13 @@ require ( github.com/googleapis/gax-go/v2 v2.12.0 // indirect github.com/hashicorp/errwrap v1.1.0 // indirect github.com/hashicorp/go-cleanhttp v0.5.2 // indirect - github.com/hashicorp/go-getter v1.7.4 // indirect + github.com/hashicorp/go-getter v1.7.5 // indirect github.com/hashicorp/go-multierror v1.1.1 // indirect github.com/hashicorp/go-safetemp v1.0.0 // indirect github.com/hashicorp/go-version v1.6.0 // indirect github.com/hashicorp/hcl v0.0.0-20170504190234-a4b07c25de5f // indirect github.com/hashicorp/hcl/v2 v2.20.1 // indirect - github.com/hashicorp/terraform-config-inspect v0.0.0-20240509232506-4708120f8f30 // indirect + github.com/hashicorp/terraform-config-inspect v0.0.0-20240701073647-9fc3669f7553 // indirect github.com/hashicorp/terraform-json v0.22.1 // indirect github.com/jinzhu/copier v0.4.0 // indirect github.com/jmespath/go-jmespath v0.4.0 // indirect @@ -63,7 +63,7 @@ require ( github.com/zclconf/go-cty v1.14.4 // indirect go.opencensus.io v0.24.0 // indirect golang.org/x/crypto v0.21.0 // indirect - golang.org/x/mod v0.17.0 // indirect + golang.org/x/mod v0.19.0 // indirect golang.org/x/net v0.23.0 // indirect golang.org/x/sync v0.4.0 // indirect golang.org/x/sys v0.18.0 // indirect @@ -79,6 +79,6 @@ require ( google.golang.org/protobuf v1.33.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 // indirect - sigs.k8s.io/kustomize/kyaml v0.17.1 // indirect + sigs.k8s.io/kustomize/kyaml v0.17.2 // indirect sigs.k8s.io/yaml v1.4.0 // indirect ) diff --git a/test/integration/go.sum b/test/integration/go.sum index 8ee58ea6e..947f1c11b 100644 --- a/test/integration/go.sum +++ b/test/integration/go.sum @@ -185,8 +185,8 @@ cloud.google.com/go/workflows v1.7.0/go.mod h1:JhSrZuVZWuiDfKEFxU0/F1PQjmpnpcoIS dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= -github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test v0.15.1 h1:c1tEK/Ma0NstqqkjS1tCClrFxIX1cNLdrM5cB03Sv24= -github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test v0.15.1/go.mod h1:bssUTs81Q0xIUg/dYT8/8fqEXOVB8GQVyngw9U79EN4= +github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test v0.16.1 h1:IfsF5yta+pslEAWF1QYFSP/3obWsjLQzFyEKJYAhzos= +github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test v0.16.1/go.mod h1:Bop47HzdH60K1rPgNRNqBHrBWhhmqCBG9Y4Y5PEn9fE= github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= github.com/agext/levenshtein v1.2.3 h1:YB2fHEn0UJagG8T1rrWknE3ZQzWM06O8AMAatNn7lmo= github.com/agext/levenshtein v1.2.3/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= @@ -353,15 +353,15 @@ github.com/googleapis/gax-go/v2 v2.12.0 h1:A+gCJKdRfqXkr+BIRGtZLibNXf0m1f9E4HG56 github.com/googleapis/gax-go/v2 v2.12.0/go.mod h1:y+aIqrI5eb1YGMVJfuV3185Ts/D7qKpsEkdD5+I6QGU= github.com/googleapis/go-type-adapters v1.0.0/go.mod h1:zHW75FOG2aur7gAO2B+MLby+cLsWGBF62rFAi7WjWO4= github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw= -github.com/gruntwork-io/terratest v0.46.15 h1:qfqjTFveymaqe7aAWn3LjlK0SwVGpRfoOut5ggNyfQ8= -github.com/gruntwork-io/terratest v0.46.15/go.mod h1:9bd22zAojjBBiYdsp+AR1iyl2iB6bRUVm2Yf1AFhfrA= +github.com/gruntwork-io/terratest v0.47.0 h1:xIy1pT7NbGVlMLDZEHl3+3iSnvffh8tN2pL6idn448c= +github.com/gruntwork-io/terratest v0.47.0/go.mod h1:oywHw1cFKXSYvKPm27U7quZVzDUlA22H2xUrKCe26xM= github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I= github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ= github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48= -github.com/hashicorp/go-getter v1.7.4 h1:3yQjWuxICvSpYwqSayAdKRFcvBl1y/vogCxczWSmix0= -github.com/hashicorp/go-getter v1.7.4/go.mod h1:W7TalhMmbPmsSMdNjD0ZskARur/9GJ17cfHTRtXV744= +github.com/hashicorp/go-getter v1.7.5 h1:dT58k9hQ/vbxNMwoI5+xFYAJuv6152UNvdHokfI5wE4= +github.com/hashicorp/go-getter v1.7.5/go.mod h1:W7TalhMmbPmsSMdNjD0ZskARur/9GJ17cfHTRtXV744= github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= github.com/hashicorp/go-safetemp v1.0.0 h1:2HR189eFNrjHQyENnQMMpCiBAsRxzbTMIgBhEyExpmo= @@ -374,8 +374,8 @@ github.com/hashicorp/hcl v0.0.0-20170504190234-a4b07c25de5f h1:UdxlrJz4JOnY8W+Db github.com/hashicorp/hcl v0.0.0-20170504190234-a4b07c25de5f/go.mod h1:oZtUIOe8dh44I2q6ScRibXws4Ajl+d+nod3AaR9vL5w= github.com/hashicorp/hcl/v2 v2.20.1 h1:M6hgdyz7HYt1UN9e61j+qKJBqR3orTWbI1HKBJEdxtc= github.com/hashicorp/hcl/v2 v2.20.1/go.mod h1:TZDqQ4kNKCbh1iJp99FdPiUaVDDUPivbqxZulxDYqL4= -github.com/hashicorp/terraform-config-inspect v0.0.0-20240509232506-4708120f8f30 h1:0qwr2oZy9mIIJMWh7W9NTHLWGMbEF5KEQ+QqM9hym34= -github.com/hashicorp/terraform-config-inspect v0.0.0-20240509232506-4708120f8f30/go.mod h1:Gz/z9Hbn+4KSp8A2FBtNszfLSdT2Tn/uAKGuVqqWmDI= +github.com/hashicorp/terraform-config-inspect v0.0.0-20240701073647-9fc3669f7553 h1:ApSEBSu6EhcJWCdwSMd1VbQUeJDtB1jAOHfIxjZyMTc= +github.com/hashicorp/terraform-config-inspect v0.0.0-20240701073647-9fc3669f7553/go.mod h1:Gz/z9Hbn+4KSp8A2FBtNszfLSdT2Tn/uAKGuVqqWmDI= github.com/hashicorp/terraform-json v0.22.1 h1:xft84GZR0QzjPVWs4lRUwvTcPnegqlyS7orfb5Ltvec= github.com/hashicorp/terraform-json v0.22.1/go.mod h1:JbWSQCLFSXFFhg42T7l9iJwdGXBYV8fmmD6o/ML4p3A= github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= @@ -439,8 +439,8 @@ github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/tidwall/gjson v1.14.2/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk= -github.com/tidwall/gjson v1.17.1 h1:wlYEnwqAHgzmhNUFfw7Xalt2JzQvsMx2Se4PcoFCT/U= -github.com/tidwall/gjson v1.17.1/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk= +github.com/tidwall/gjson v1.17.3 h1:bwWLZU7icoKRG+C+0PNwIKC6FCJO/Q3p2pZvuP0jN94= +github.com/tidwall/gjson v1.17.3/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk= github.com/tidwall/match v1.1.1 h1:+Ho715JplO36QYgwN9PGYNhgZvoUSc9X2c80KVTi+GA= github.com/tidwall/match v1.1.1/go.mod h1:eRSPERbgtNPcGhD8UCthc6PmLEQXEWd3PRB5JTxsfmM= github.com/tidwall/pretty v1.2.0/go.mod h1:ITEVvHYasfjBbM0u2Pg8T2nJnzm8xPwvNhhsoaGGjNU= @@ -517,8 +517,8 @@ golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= -golang.org/x/mod v0.17.0 h1:zY54UmvipHiNd+pm+m0x9KhZ9hl1/7QNMyxXbc6ICqA= -golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= +golang.org/x/mod v0.19.0 h1:fEdghXQSo20giMthA7cd28ZC+jts4amQ3YMXiP5oMQ8= +golang.org/x/mod v0.19.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -593,8 +593,8 @@ golang.org/x/oauth2 v0.0.0-20220822191816-0ebed06d0094/go.mod h1:h4gKUeWbJ4rQPri golang.org/x/oauth2 v0.0.0-20220909003341-f21342109be1/go.mod h1:h4gKUeWbJ4rQPri7E0u6Gs4e9Ri2zaLxzw5DI5XGrYg= golang.org/x/oauth2 v0.0.0-20221014153046-6fdb5e3db783/go.mod h1:h4gKUeWbJ4rQPri7E0u6Gs4e9Ri2zaLxzw5DI5XGrYg= golang.org/x/oauth2 v0.1.0/go.mod h1:G9FE4dLTsbXUu90h/Pf85g4w1D+SSAgR+q46nJZ8M4A= -golang.org/x/oauth2 v0.21.0 h1:tsimM75w1tF/uws5rbeHzIWxEqElMehnc+iW793zsZs= -golang.org/x/oauth2 v0.21.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= +golang.org/x/oauth2 v0.22.0 h1:BzDx2FehcG7jJwgWLELCdmLuxk2i+x9UDpSiss2u0ZA= +golang.org/x/oauth2 v0.22.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -1010,7 +1010,7 @@ rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= -sigs.k8s.io/kustomize/kyaml v0.17.1 h1:TnxYQxFXzbmNG6gOINgGWQt09GghzgTP6mIurOgrLCQ= -sigs.k8s.io/kustomize/kyaml v0.17.1/go.mod h1:9V0mCjIEYjlXuCdYsSXvyoy2BTsLESH7TlGV81S282U= +sigs.k8s.io/kustomize/kyaml v0.17.2 h1:+AzvoJUY0kq4QAhH/ydPHHMRLijtUKiyVyh7fOSshr0= +sigs.k8s.io/kustomize/kyaml v0.17.2/go.mod h1:9V0mCjIEYjlXuCdYsSXvyoy2BTsLESH7TlGV81S282U= sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E= sigs.k8s.io/yaml v1.4.0/go.mod h1:Ejl7/uTz7PSA4eKMyQCUTnhZYNmLIl+5c2lQPGR2BPY= diff --git a/test/integration/org/org_test.go b/test/integration/org/org_test.go index e5606e42b..00c6b7b85 100644 --- a/test/integration/org/org_test.go +++ b/test/integration/org/org_test.go @@ -182,22 +182,22 @@ func TestOrg(t *testing.T) { requireOsLogin := gcloud.Runf(t, "resource-manager org-policies describe %s --folder %s", "constraints/compute.requireOsLogin", parentFolder) assert.Equal("constraints/compute.requireOsLogin", requireOsLogin.Get("constraint").String(), "org policy should require OS Login") - // security command center - sccProjectID := org.GetStringOutput("scc_notifications_project_id") - topicName := "top-scc-notification" - topicFullName := fmt.Sprintf("projects/%s/topics/%s", sccProjectID, topicName) - topic := gcloud.Runf(t, "pubsub topics describe %s --project %s", topicName, sccProjectID) - assert.Equal(topicFullName, topic.Get("name").String(), fmt.Sprintf("topic %s should have been created", topicName)) - - subscriptionName := "sub-scc-notification" - subscriptionFullName := fmt.Sprintf("projects/%s/subscriptions/%s", sccProjectID, subscriptionName) - subscription := gcloud.Runf(t, "pubsub subscriptions describe %s --project %s", subscriptionName, sccProjectID) - assert.Equal(subscriptionFullName, subscription.Get("name").String(), fmt.Sprintf("subscription %s should have been created", subscriptionName)) - - orgID := bootstrap.GetTFSetupStringOutput("org_id") - notificationName := org.GetStringOutput("scc_notification_name") - notification := gcloud.Runf(t, "scc notifications describe %s --organization %s", notificationName, orgID) - assert.Equal(topicFullName, notification.Get("pubsubTopic").String(), fmt.Sprintf("notification %s should use topic %s", notificationName, topicName)) + // security command center (commented out with issue #1189) + // sccProjectID := org.GetStringOutput("scc_notifications_project_id") + // topicName := "top-scc-notification" + // topicFullName := fmt.Sprintf("projects/%s/topics/%s", sccProjectID, topicName) + // topic := gcloud.Runf(t, "pubsub topics describe %s --project %s", topicName, sccProjectID) + // assert.Equal(topicFullName, topic.Get("name").String(), fmt.Sprintf("topic %s should have been created", topicName)) + + // subscriptionName := "sub-scc-notification" + // subscriptionFullName := fmt.Sprintf("projects/%s/subscriptions/%s", sccProjectID, subscriptionName) + // subscription := gcloud.Runf(t, "pubsub subscriptions describe %s --project %s", subscriptionName, sccProjectID) + // assert.Equal(subscriptionFullName, subscription.Get("name").String(), fmt.Sprintf("subscription %s should have been created", subscriptionName)) + + // orgID := bootstrap.GetTFSetupStringOutput("org_id") + // notificationName := org.GetStringOutput("scc_notification_name") + // notification := gcloud.Runf(t, "scc notifications describe %s --organization %s", notificationName, orgID) + // assert.Equal(topicFullName, notification.Get("pubsubTopic").String(), fmt.Sprintf("notification %s should use topic %s", notificationName, topicName)) //essential contacts //test case considers that just the Org Admin group exists and will subscribe for all categories @@ -293,33 +293,33 @@ func TestOrg(t *testing.T) { } } - // CAI Monitoring + // CAI Monitoring (commented out with issue #1189) // Variables - caiAr := org.GetStringOutput("cai_monitoring_artifact_registry") - caiBucket := org.GetStringOutput("cai_monitoring_bucket") - caiTopic := org.GetStringOutput("cai_monitoring_topic") + // caiAr := org.GetStringOutput("cai_monitoring_artifact_registry") + // caiBucket := org.GetStringOutput("cai_monitoring_bucket") + // caiTopic := org.GetStringOutput("cai_monitoring_topic") - caiSaEmail := fmt.Sprintf("cai-monitoring@%s.iam.gserviceaccount.com", sccProjectID) - caiTopicFullName := fmt.Sprintf("projects/%s/topics/%s", sccProjectID, caiTopic) + // caiSaEmail := fmt.Sprintf("cai-monitoring@%s.iam.gserviceaccount.com", sccProjectID) + // caiTopicFullName := fmt.Sprintf("projects/%s/topics/%s", sccProjectID, caiTopic) // Cloud Function - opCf := gcloud.Runf(t, "functions describe caiMonitoring --project %s --gen2 --region %s", sccProjectID, defaultRegion) - assert.Equal("ACTIVE", opCf.Get("state").String(), "Should be ACTIVE. Cloud Function is not successfully deployed.") - assert.Equal(caiSaEmail, opCf.Get("serviceConfig.serviceAccountEmail").String(), fmt.Sprintf("Cloud Function should use the service account %s.", caiSaEmail)) - assert.Contains(opCf.Get("eventTrigger.eventType").String(), "google.cloud.pubsub.topic.v1.messagePublished", "Event Trigger is not based on Pub/Sub message. Check the EventType configuration.") + // opCf := gcloud.Runf(t, "functions describe caiMonitoring --project %s --gen2 --region %s", sccProjectID, defaultRegion) + // assert.Equal("ACTIVE", opCf.Get("state").String(), "Should be ACTIVE. Cloud Function is not successfully deployed.") + // assert.Equal(caiSaEmail, opCf.Get("serviceConfig.serviceAccountEmail").String(), fmt.Sprintf("Cloud Function should use the service account %s.", caiSaEmail)) + // assert.Contains(opCf.Get("eventTrigger.eventType").String(), "google.cloud.pubsub.topic.v1.messagePublished", "Event Trigger is not based on Pub/Sub message. Check the EventType configuration.") // Cloud Function Storage Bucket - bktArgs := gcloud.WithCommonArgs([]string{"--project", sccProjectID, "--json"}) - opSrcBucket := gcloud.Run(t, fmt.Sprintf("alpha storage ls --buckets gs://%s", caiBucket), bktArgs).Array() - assert.Equal("true", opSrcBucket[0].Get("metadata.iamConfiguration.bucketPolicyOnly.enabled").String(), "Should have Bucket Policy Only enabled.") + // bktArgs := gcloud.WithCommonArgs([]string{"--project", sccProjectID, "--json"}) + // opSrcBucket := gcloud.Run(t, fmt.Sprintf("alpha storage ls --buckets gs://%s", caiBucket), bktArgs).Array() + // assert.Equal("true", opSrcBucket[0].Get("metadata.iamConfiguration.bucketPolicyOnly.enabled").String(), "Should have Bucket Policy Only enabled.") // Cloud Function Artifact Registry - opAR := gcloud.Runf(t, "artifacts repositories describe %s --project %s --location %s", caiAr, sccProjectID, defaultRegion) - assert.Equal("DOCKER", opAR.Get("format").String(), "Should have type: DOCKER") + // opAR := gcloud.Runf(t, "artifacts repositories describe %s --project %s --location %s", caiAr, sccProjectID, defaultRegion) + // assert.Equal("DOCKER", opAR.Get("format").String(), "Should have type: DOCKER") // Cloud Function Pub/Sub - opTopic := gcloud.Runf(t, "pubsub topics describe %s --project %s", caiTopic, sccProjectID) - assert.Equal(caiTopicFullName, opTopic.Get("name").String(), fmt.Sprintf("Topic %s should have been created", caiTopicFullName)) + // opTopic := gcloud.Runf(t, "pubsub topics describe %s --project %s", caiTopic, sccProjectID) + // assert.Equal(caiTopicFullName, opTopic.Get("name").String(), fmt.Sprintf("Topic %s should have been created", caiTopicFullName)) // Log Sink for _, sink := range []struct {