diff --git a/.github/workflows/go-lint.yaml b/.github/workflows/go-lint.yaml index 6c7ccc9d9..d148f3d39 100644 --- a/.github/workflows/go-lint.yaml +++ b/.github/workflows/go-lint.yaml @@ -36,13 +36,13 @@ jobs: matrix: folder: [helpers/foundation-deployer] steps: - - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1 with: go-version-file: ${{ matrix.folder }}/go.mod cache-dependency-path: ${{ matrix.folder }}/go.sum - name: golangci-lint - uses: golangci/golangci-lint-action@9d1e0624a798bb64f6c3cea93db47765312263dc # v5.1.0 + uses: golangci/golangci-lint-action@a4f60bb28d35aeee14e6880718e0c85ff1882e64 # v6.0.1 with: version: latest working-directory: ${{ matrix.folder }} diff --git a/.github/workflows/go-test.yaml b/.github/workflows/go-test.yaml index 056f27bd3..af3cae33d 100644 --- a/.github/workflows/go-test.yaml +++ b/.github/workflows/go-test.yaml @@ -38,7 +38,7 @@ jobs: matrix: folder: [helpers/foundation-deployer] steps: - - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1 with: go-version-file: ${{ matrix.folder }}/go.mod diff --git a/0-bootstrap/README-GitHub.md b/0-bootstrap/README-GitHub.md index dfa1390ca..5a4472dff 100644 --- a/0-bootstrap/README-GitHub.md +++ b/0-bootstrap/README-GitHub.md @@ -823,6 +823,8 @@ An environment variable `GOOGLE_IMPERSONATE_SERVICE_ACCOUNT` will be set with th cd gcp-projects ``` + + 1. Seed the repository if it has not been initialized yet. ```bash @@ -878,6 +880,20 @@ An environment variable `GOOGLE_IMPERSONATE_SERVICE_ACCOUNT` will be set with th sed -i'' -e "s/REMOTE_STATE_BUCKET/${remote_state_bucket}/" ./common.auto.tfvars ``` +1. (Optional) If you want additional subfolders for separate business units or entities, make additional copies of the folder `business_unit_1` and modify any values that vary across business unit like `business_code`, `business_unit`, or `subnet_ip_range`. + +For example, to create a new business unit similar to business_unit_1, run the following: + + ```bash + #copy the business_unit_1 folder and it's contents to a new folder business_unit_2 + cp -r business_unit_1 business_unit_2 + + # search all files under the folder `business_unit_2` and replace strings for business_unit_1 with strings for business_unit_2 + grep -rl bu1 business_unit_2/ | xargs sed -i 's/bu1/bu2/g' + grep -rl business_unit_1 business_unit_2/ | xargs sed -i 's/business_unit_1/business_unit_2/g' + ``` + + 1. Commit changes. ```bash diff --git a/0-bootstrap/README-GitLab.md b/0-bootstrap/README-GitLab.md index 96f066a74..862bade17 100644 --- a/0-bootstrap/README-GitLab.md +++ b/0-bootstrap/README-GitLab.md @@ -837,6 +837,20 @@ An environment variable `GOOGLE_IMPERSONATE_SERVICE_ACCOUNT` will be set with th sed -i'' -e "s/REMOTE_STATE_BUCKET/${remote_state_bucket}/" ./common.auto.tfvars ``` +1. (Optional) If you want additional subfolders for separate business units or entities, make additional copies of the folder `business_unit_1` and modify any values that vary across business unit like `business_code`, `business_unit`, or `subnet_ip_range`. + +For example, to create a new business unit similar to business_unit_1, run the following: + + ```bash + #copy the business_unit_1 folder and it's contents to a new folder business_unit_2 + cp -r business_unit_1 business_unit_2 + + # search all files under the folder `business_unit_2` and replace strings for business_unit_1 with strings for business_unit_2 + grep -rl bu1 business_unit_2/ | xargs sed -i 's/bu1/bu2/g' + grep -rl business_unit_1 business_unit_2/ | xargs sed -i 's/business_unit_1/business_unit_2/g' + ``` + + 1. Commit changes. ```bash diff --git a/0-bootstrap/README-Jenkins.md b/0-bootstrap/README-Jenkins.md index 469e25694..688772522 100644 --- a/0-bootstrap/README-Jenkins.md +++ b/0-bootstrap/README-Jenkins.md @@ -886,6 +886,20 @@ Here you will configure a VPN Network tunnel to enable connectivity between the sed -i'' -e "s/REMOTE_STATE_BUCKET/${backend_bucket}/" ./common.auto.tfvars ``` +1. (Optional) If you want additional subfolders for separate business units or entities, make additional copies of the folder `business_unit_1` and modify any values that vary across business unit like `business_code`, `business_unit`, or `subnet_ip_range`. + +For example, to create a new business unit similar to business_unit_1, run the following: + + ```bash + #copy the business_unit_1 folder and it's contents to a new folder business_unit_2 + cp -r business_unit_1 business_unit_2 + + # search all files under the folder `business_unit_2` and replace strings for business_unit_1 with strings for business_unit_2 + grep -rl bu1 business_unit_2/ | xargs sed -i 's/bu1/bu2/g' + grep -rl business_unit_1 business_unit_2/ | xargs sed -i 's/business_unit_1/business_unit_2/g' + ``` + + 1. Commit changes. ```bash diff --git a/0-bootstrap/README-Terraform-Cloud.md b/0-bootstrap/README-Terraform-Cloud.md index 256ae2446..0239aa984 100644 --- a/0-bootstrap/README-Terraform-Cloud.md +++ b/0-bootstrap/README-Terraform-Cloud.md @@ -862,6 +862,20 @@ An environment variable `GOOGLE_IMPERSONATE_SERVICE_ACCOUNT` will be set with th terraform -chdir="business_unit_2/shared/" init ``` +1. (Optional) If you want additional subfolders for separate business units or entities, make additional copies of the folder `business_unit_1` and modify any values that vary across business unit like `business_code`, `business_unit`, or `subnet_ip_range`. + +For example, to create a new business unit similar to business_unit_1, run the following: + + ```bash + #copy the business_unit_1 folder and it's contents to a new folder business_unit_2 + cp -r business_unit_1 business_unit_2 + + # search all files under the folder `business_unit_2` and replace strings for business_unit_1 with strings for business_unit_2 + grep -rl bu1 business_unit_2/ | xargs sed -i 's/bu1/bu2/g' + grep -rl business_unit_1 business_unit_2/ | xargs sed -i 's/business_unit_1/business_unit_2/g' + ``` + + 1. Commit changes ```bash diff --git a/0-bootstrap/github.tf.example b/0-bootstrap/github.tf.example index 34273e6b6..64b0973a0 100644 --- a/0-bootstrap/github.tf.example +++ b/0-bootstrap/github.tf.example @@ -38,7 +38,7 @@ locals { } } - commom_secrets = { + common_secrets = { "PROJECT_ID" : module.gh_cicd.project_id, "WIF_PROVIDER_NAME" : module.gh_oidc.provider_name, "TF_BACKEND" : module.seed_bootstrap.gcs_bucket_tfstate, @@ -47,7 +47,7 @@ locals { secrets_list = flatten([ for k, v in local.gh_config : [ - for secret, plaintext in local.commom_secrets : { + for secret, plaintext in local.common_secrets : { config = k secret_name = secret plaintext_value = plaintext diff --git a/0-bootstrap/modules/jenkins-agent/main.tf b/0-bootstrap/modules/jenkins-agent/main.tf index 04487b72b..3532db922 100644 --- a/0-bootstrap/modules/jenkins-agent/main.tf +++ b/0-bootstrap/modules/jenkins-agent/main.tf @@ -29,7 +29,7 @@ resource "random_id" "suffix" { *******************************************/ module "cicd_project" { source = "terraform-google-modules/project-factory/google" - version = "~> 14.0" + version = "~> 15.0" name = local.cicd_project_name random_project_id = true diff --git a/1-org/envs/shared/cai_monitoring.tf b/1-org/envs/shared/cai_monitoring.tf index ff9311bfa..ad8e7e545 100644 --- a/1-org/envs/shared/cai_monitoring.tf +++ b/1-org/envs/shared/cai_monitoring.tf @@ -28,11 +28,10 @@ module "kms" { module "cai_monitoring" { source = "../../modules/cai-monitoring" - org_id = local.org_id - billing_account = local.billing_account - project_id = module.scc_notifications.project_id - location = local.default_region - enable_cmek = true - encryption_key = module.kms.keys["key-cai-monitoring"] - impersonate_sa_email = local.org_step_terraform_service_account_email + org_id = local.org_id + billing_account = local.billing_account + project_id = module.scc_notifications.project_id + location = local.default_region + enable_cmek = true + encryption_key = module.kms.keys["key-cai-monitoring"] } diff --git a/1-org/envs/shared/projects.tf b/1-org/envs/shared/projects.tf index 681d8570a..503d82305 100644 --- a/1-org/envs/shared/projects.tf +++ b/1-org/envs/shared/projects.tf @@ -34,7 +34,7 @@ locals { module "org_audit_logs" { source = "terraform-google-modules/project-factory/google" - version = "~> 14.0" + version = "~> 15.0" random_project_id = true random_project_id_length = 4 @@ -63,7 +63,7 @@ module "org_audit_logs" { module "org_billing_logs" { source = "terraform-google-modules/project-factory/google" - version = "~> 14.0" + version = "~> 15.0" random_project_id = true random_project_id_length = 4 @@ -96,7 +96,7 @@ module "org_billing_logs" { module "org_kms" { source = "terraform-google-modules/project-factory/google" - version = "~> 14.0" + version = "~> 15.0" random_project_id = true random_project_id_length = 4 @@ -130,7 +130,7 @@ module "org_kms" { module "org_secrets" { source = "terraform-google-modules/project-factory/google" - version = "~> 14.0" + version = "~> 15.0" random_project_id = true random_project_id_length = 4 @@ -163,7 +163,7 @@ module "org_secrets" { module "interconnect" { source = "terraform-google-modules/project-factory/google" - version = "~> 14.0" + version = "~> 15.0" random_project_id = true random_project_id_length = 4 @@ -196,7 +196,7 @@ module "interconnect" { module "scc_notifications" { source = "terraform-google-modules/project-factory/google" - version = "~> 14.0" + version = "~> 15.0" random_project_id = true random_project_id_length = 4 @@ -229,7 +229,7 @@ module "scc_notifications" { module "dns_hub" { source = "terraform-google-modules/project-factory/google" - version = "~> 14.0" + version = "~> 15.0" random_project_id = true random_project_id_length = 4 @@ -270,7 +270,7 @@ module "dns_hub" { module "base_network_hub" { source = "terraform-google-modules/project-factory/google" - version = "~> 14.0" + version = "~> 15.0" count = var.enable_hub_and_spoke ? 1 : 0 random_project_id = true @@ -320,7 +320,7 @@ resource "google_project_iam_member" "network_sa_base" { module "restricted_network_hub" { source = "terraform-google-modules/project-factory/google" - version = "~> 14.0" + version = "~> 15.0" count = var.enable_hub_and_spoke ? 1 : 0 random_project_id = true diff --git a/1-org/modules/cai-monitoring/README.md b/1-org/modules/cai-monitoring/README.md index d01c95c6b..449b04c60 100644 --- a/1-org/modules/cai-monitoring/README.md +++ b/1-org/modules/cai-monitoring/README.md @@ -13,7 +13,6 @@ module "secure_cai_notification" { region = encryption_key = labels = - impersonate_sa_email = roles_to_monitor = } ``` @@ -26,7 +25,6 @@ module "secure_cai_notification" { | billing\_account | The ID of the billing account to associate projects with. | `string` | n/a | yes | | enable\_cmek | The KMS Key to Encrypt Artifact Registry repository, Cloud Storage Bucket and Pub/Sub. | `bool` | `false` | no | | encryption\_key | The KMS Key to Encrypt Artifact Registry repository, Cloud Storage Bucket and Pub/Sub. | `string` | `null` | no | -| impersonate\_sa\_email | The Service Account email who will execute terraform code. | `string` | n/a | yes | | labels | Labels to be assigned to resources. | `map(any)` | `{}` | no | | location | Default location to create resources where applicable. | `string` | `"us-central1"` | no | | org\_id | GCP Organization ID | `string` | n/a | yes | diff --git a/1-org/modules/cai-monitoring/main.tf b/1-org/modules/cai-monitoring/main.tf index 5518b66d7..1378adadf 100644 --- a/1-org/modules/cai-monitoring/main.tf +++ b/1-org/modules/cai-monitoring/main.tf @@ -142,7 +142,7 @@ resource "google_scc_source" "cai_monitoring" { // Cloud Function module "cloud_function" { source = "GoogleCloudPlatform/cloud-functions/google" - version = "0.4.1" + version = "~> 0.5" function_name = "caiMonitoring" description = "Check on the Organization for members (users, groups and service accounts) that contains the IAM roles listed." diff --git a/1-org/modules/cai-monitoring/providers.tf b/1-org/modules/cai-monitoring/providers.tf deleted file mode 100644 index a801ce2f3..000000000 --- a/1-org/modules/cai-monitoring/providers.tf +++ /dev/null @@ -1,25 +0,0 @@ -/** - * Copyright 2023 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -provider "google" { - impersonate_service_account = var.impersonate_sa_email - request_timeout = "60s" -} - -provider "google-beta" { - impersonate_service_account = var.impersonate_sa_email - request_timeout = "60s" -} diff --git a/1-org/modules/cai-monitoring/variables.tf b/1-org/modules/cai-monitoring/variables.tf index a6652cc8d..0e07c4346 100644 --- a/1-org/modules/cai-monitoring/variables.tf +++ b/1-org/modules/cai-monitoring/variables.tf @@ -53,11 +53,6 @@ variable "labels" { default = {} } -variable "impersonate_sa_email" { - description = "The Service Account email who will execute terraform code." - type = string -} - variable "roles_to_monitor" { description = "List of roles that will save a SCC Finding if granted to any member (service account, user or group) on an update in the IAM Policy." type = list(string) diff --git a/1-org/modules/network/main.tf b/1-org/modules/network/main.tf index f3386a073..15c771d00 100644 --- a/1-org/modules/network/main.tf +++ b/1-org/modules/network/main.tf @@ -20,7 +20,7 @@ module "base_shared_vpc_host_project" { source = "terraform-google-modules/project-factory/google" - version = "~> 14.0" + version = "~> 15.0" random_project_id = true random_project_id_length = 4 @@ -56,7 +56,7 @@ module "base_shared_vpc_host_project" { module "restricted_shared_vpc_host_project" { source = "terraform-google-modules/project-factory/google" - version = "~> 14.0" + version = "~> 15.0" random_project_id = true random_project_id_length = 4 diff --git a/2-environments/modules/env_baseline/kms.tf b/2-environments/modules/env_baseline/kms.tf index f7315cab3..e6e4d992f 100644 --- a/2-environments/modules/env_baseline/kms.tf +++ b/2-environments/modules/env_baseline/kms.tf @@ -21,7 +21,7 @@ module "env_kms" { source = "terraform-google-modules/project-factory/google" - version = "~> 14.0" + version = "~> 15.0" random_project_id = true random_project_id_length = 4 diff --git a/2-environments/modules/env_baseline/secrets.tf b/2-environments/modules/env_baseline/secrets.tf index c379a140b..fa875c67a 100644 --- a/2-environments/modules/env_baseline/secrets.tf +++ b/2-environments/modules/env_baseline/secrets.tf @@ -21,7 +21,7 @@ module "env_secrets" { source = "terraform-google-modules/project-factory/google" - version = "~> 14.0" + version = "~> 15.0" random_project_id = true random_project_id_length = 4 diff --git a/3-networks-hub-and-spoke/modules/transitivity/main.tf b/3-networks-hub-and-spoke/modules/transitivity/main.tf index d5451b2fa..b01483b20 100644 --- a/3-networks-hub-and-spoke/modules/transitivity/main.tf +++ b/3-networks-hub-and-spoke/modules/transitivity/main.tf @@ -90,7 +90,7 @@ module "migs" { module "ilbs" { source = "GoogleCloudPlatform/lb-internal/google" - version = "~> 5.0" + version = "~> 6.0" for_each = toset(var.regions) region = each.key diff --git a/4-projects/README.md b/4-projects/README.md index af33885d1..986140179 100644 --- a/4-projects/README.md +++ b/4-projects/README.md @@ -134,6 +134,20 @@ Run `terraform output cloudbuild_project_id` in the `0-bootstrap` folder to get sed -i'' -e "s/REMOTE_STATE_BUCKET/${remote_state_bucket}/" ./common.auto.tfvars ``` +1. (Optional) If you want additional subfolders for separate business units or entities, make additional copies of the folder `business_unit_1` and modify any values that vary across business unit like `business_code`, `business_unit`, or `subnet_ip_range`. + +For example, to create a new business unit similar to business_unit_1, run the following: + + ```bash + #copy the business_unit_1 folder and it's contents to a new folder business_unit_2 + cp -r business_unit_1 business_unit_2 + + # search all files under the folder `business_unit_2` and replace strings for business_unit_1 with strings for business_unit_2 + grep -rl bu1 business_unit_2/ | xargs sed -i 's/bu1/bu2/g' + grep -rl business_unit_1 business_unit_2/ | xargs sed -i 's/business_unit_1/business_unit_2/g' + ``` + + 1. Commit changes. ```bash @@ -268,6 +282,20 @@ To use the `validate` option of the `tf-wrapper.sh` script, please follow the [i echo ${GOOGLE_IMPERSONATE_SERVICE_ACCOUNT} ``` +1. (Optional) If you want additional subfolders for separate business units or entities, make additional copies of the folder `business_unit_1` and modify any values that vary across business unit like `business_code`, `business_unit`, or `subnet_ip_range`. + +For example, to create a new business unit similar to business_unit_1, run the following: + + ```bash + #copy the business_unit_1 folder and it's contents to a new folder business_unit_2 + cp -r business_unit_1 business_unit_2 + + # search all files under the folder `business_unit_2` and replace strings for business_unit_1 with strings for business_unit_2 + grep -rl bu1 business_unit_2/ | xargs sed -i 's/bu1/bu2/g' + grep -rl business_unit_1 business_unit_2/ | xargs sed -i 's/business_unit_1/business_unit_2/g' + ``` + + 1. Run `init` and `plan` and review output for environment shared. ```bash diff --git a/4-projects/business_unit_2/development/README.md b/4-projects/business_unit_2/development/README.md deleted file mode 100644 index b6841087a..000000000 --- a/4-projects/business_unit_2/development/README.md +++ /dev/null @@ -1,37 +0,0 @@ - -## Inputs - -| Name | Description | Type | Default | Required | -|------|-------------|------|---------|:--------:| -| instance\_region | Region which the peered subnet will be created (Should be same region as the VM that will be created on step 5-app-infra on the peering project). | `string` | `"us-central1"` | no | -| location\_gcs | Case-Sensitive Location for GCS Bucket (Should be same region as the KMS Keyring) | `string` | `"US"` | no | -| location\_kms | Case-Sensitive Location for KMS Keyring (Should be same region as the GCS Bucket) | `string` | `"us"` | no | -| peering\_module\_depends\_on | List of modules or resources peering module depends on. | `list(any)` | `[]` | no | -| remote\_state\_bucket | Backend bucket to load Terraform Remote State Data from previous steps. | `string` | n/a | yes | -| tfc\_org\_name | Name of the TFC organization. | `string` | `""` | no | - -## Outputs - -| Name | Description | -|------|-------------| -| access\_context\_manager\_policy\_id | Access Context Manager Policy ID. | -| base\_shared\_vpc\_project | Project sample base project. | -| base\_shared\_vpc\_project\_sa | Project sample base project SA. | -| base\_subnets\_self\_links | The self-links of subnets from base environment. | -| bucket | The created storage bucket. | -| env\_kms\_project | Project sample for KMS usage project ID. | -| floating\_project | Project sample floating project. | -| iap\_firewall\_tags | The security tags created for IAP (SSH and RDP) firewall rules and to be used on the VM created on step 5-app-infra on the peering network project. | -| keyring | The name of the keyring. | -| keys | List of created key names. | -| peering\_complete | Output to be used as a module dependency. | -| peering\_network | Peer network peering resource. | -| peering\_project | Project sample peering project id. | -| peering\_subnetwork\_self\_link | The subnetwork self link of the peering network. | -| restricted\_enabled\_apis | Activated APIs. | -| restricted\_shared\_vpc\_project | Project sample restricted project id. | -| restricted\_shared\_vpc\_project\_number | Project sample restricted project. | -| restricted\_subnets\_self\_links | The self-links of subnets from restricted environment. | -| vpc\_service\_control\_perimeter\_name | VPC Service Control name. | - - diff --git a/4-projects/business_unit_2/development/backend.tf b/4-projects/business_unit_2/development/backend.tf deleted file mode 100644 index 1505fcecf..000000000 --- a/4-projects/business_unit_2/development/backend.tf +++ /dev/null @@ -1,22 +0,0 @@ -/** - * Copyright 2021 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -terraform { - backend "gcs" { - bucket = "UPDATE_PROJECTS_BACKEND" - prefix = "terraform/projects/business_unit_2/development" - } -} diff --git a/4-projects/business_unit_2/development/backend.tf.cloud.example b/4-projects/business_unit_2/development/backend.tf.cloud.example deleted file mode 100644 index f1893f851..000000000 --- a/4-projects/business_unit_2/development/backend.tf.cloud.example +++ /dev/null @@ -1,23 +0,0 @@ -/** - * Copyright 2023 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -terraform { - cloud { - workspaces { - name = "4-bu2-development" - } - } -} diff --git a/4-projects/business_unit_2/development/common.auto.tfvars b/4-projects/business_unit_2/development/common.auto.tfvars deleted file mode 120000 index 39aaa4621..000000000 --- a/4-projects/business_unit_2/development/common.auto.tfvars +++ /dev/null @@ -1 +0,0 @@ -../../common.auto.tfvars \ No newline at end of file diff --git a/4-projects/business_unit_2/development/development.auto.tfvars b/4-projects/business_unit_2/development/development.auto.tfvars deleted file mode 120000 index 0351835de..000000000 --- a/4-projects/business_unit_2/development/development.auto.tfvars +++ /dev/null @@ -1 +0,0 @@ -../../development.auto.tfvars \ No newline at end of file diff --git a/4-projects/business_unit_2/development/main.tf b/4-projects/business_unit_2/development/main.tf deleted file mode 100644 index caf741ec0..000000000 --- a/4-projects/business_unit_2/development/main.tf +++ /dev/null @@ -1,31 +0,0 @@ -/** - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -module "env" { - source = "../../modules/base_env" - - env = "development" - business_code = "bu2" - business_unit = "business_unit_2" - remote_state_bucket = var.remote_state_bucket - location_kms = var.location_kms - location_gcs = var.location_gcs - tfc_org_name = var.tfc_org_name - peering_module_depends_on = var.peering_module_depends_on - peering_iap_fw_rules_enabled = true - subnet_region = var.instance_region - subnet_ip_range = "10.4.64.0/21" -} diff --git a/4-projects/business_unit_2/development/outputs.tf b/4-projects/business_unit_2/development/outputs.tf deleted file mode 100644 index 6f07af601..000000000 --- a/4-projects/business_unit_2/development/outputs.tf +++ /dev/null @@ -1,110 +0,0 @@ -/** - * Copyright 2021 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -output "base_shared_vpc_project" { - description = "Project sample base project." - value = module.env.base_shared_vpc_project -} - -output "base_shared_vpc_project_sa" { - description = "Project sample base project SA." - value = module.env.base_shared_vpc_project_sa -} - -output "base_subnets_self_links" { - value = module.env.base_subnets_self_links - description = "The self-links of subnets from base environment." -} - -output "floating_project" { - description = "Project sample floating project." - value = module.env.floating_project -} - -output "peering_project" { - description = "Project sample peering project id." - value = module.env.peering_project -} - -output "peering_network" { - description = "Peer network peering resource." - value = module.env.peering_network -} - -output "restricted_shared_vpc_project" { - description = "Project sample restricted project id." - value = module.env.restricted_shared_vpc_project -} - -output "restricted_shared_vpc_project_number" { - description = "Project sample restricted project." - value = module.env.restricted_shared_vpc_project_number -} - -output "restricted_subnets_self_links" { - value = module.env.restricted_subnets_self_links - description = "The self-links of subnets from restricted environment." -} - -output "vpc_service_control_perimeter_name" { - description = "VPC Service Control name." - value = module.env.vpc_service_control_perimeter_name -} - -output "restricted_enabled_apis" { - description = "Activated APIs." - value = module.env.restricted_enabled_apis -} - -output "access_context_manager_policy_id" { - description = "Access Context Manager Policy ID." - value = module.env.access_context_manager_policy_id -} - -output "peering_complete" { - description = "Output to be used as a module dependency." - value = module.env.peering_complete -} - -output "env_kms_project" { - description = "Project sample for KMS usage project ID." - value = module.env.env_kms_project -} - -output "keyring" { - description = "The name of the keyring." - value = module.env.keyring -} - -output "keys" { - description = "List of created key names." - value = module.env.keys -} - -output "bucket" { - description = "The created storage bucket." - value = module.env.bucket -} - -output "peering_subnetwork_self_link" { - description = "The subnetwork self link of the peering network." - value = module.env.peering_subnetwork_self_link -} - -output "iap_firewall_tags" { - description = "The security tags created for IAP (SSH and RDP) firewall rules and to be used on the VM created on step 5-app-infra on the peering network project." - value = module.env.iap_firewall_tags -} diff --git a/4-projects/business_unit_2/development/variables.tf b/4-projects/business_unit_2/development/variables.tf deleted file mode 100644 index b337bae90..000000000 --- a/4-projects/business_unit_2/development/variables.tf +++ /dev/null @@ -1,50 +0,0 @@ -/** - * Copyright 2021 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -variable "remote_state_bucket" { - description = "Backend bucket to load Terraform Remote State Data from previous steps." - type = string -} - -variable "location_kms" { - description = "Case-Sensitive Location for KMS Keyring (Should be same region as the GCS Bucket)" - type = string - default = "us" -} - -variable "location_gcs" { - description = "Case-Sensitive Location for GCS Bucket (Should be same region as the KMS Keyring)" - type = string - default = "US" -} - -variable "peering_module_depends_on" { - description = "List of modules or resources peering module depends on." - type = list(any) - default = [] -} - -variable "tfc_org_name" { - description = "Name of the TFC organization." - type = string - default = "" -} - -variable "instance_region" { - description = "Region which the peered subnet will be created (Should be same region as the VM that will be created on step 5-app-infra on the peering project)." - type = string - default = "us-central1" -} diff --git a/4-projects/business_unit_2/nonproduction/README.md b/4-projects/business_unit_2/nonproduction/README.md deleted file mode 100644 index bb68bcc2d..000000000 --- a/4-projects/business_unit_2/nonproduction/README.md +++ /dev/null @@ -1,37 +0,0 @@ - -## Inputs - -| Name | Description | Type | Default | Required | -|------|-------------|------|---------|:--------:| -| instance\_region | Region which the peered subnet will be created (Should be same region as the VM that will be created on step 5-app-infra on the peering project). | `string` | `"us-central1"` | no | -| location\_gcs | Case-Sensitive Location for GCS Bucket (Should be same region as the KMS Keyring) | `string` | `"US"` | no | -| location\_kms | Case-Sensitive Location for KMS Keyring (Should be same region as the GCS Bucket) | `string` | `"us"` | no | -| peering\_module\_depends\_on | List of modules or resources peering module depends on. | `list(any)` | `[]` | no | -| remote\_state\_bucket | Backend bucket to load Terraform Remote State Data from previous steps. | `string` | n/a | yes | -| tfc\_org\_name | Name of the TFC organization | `string` | `""` | no | - -## Outputs - -| Name | Description | -|------|-------------| -| access\_context\_manager\_policy\_id | Access Context Manager Policy ID. | -| base\_shared\_vpc\_project | Project sample base project. | -| base\_shared\_vpc\_project\_sa | Project sample base project SA. | -| base\_subnets\_self\_links | The self-links of subnets from base environment. | -| bucket | The created storage bucket. | -| env\_kms\_project | Project sample for KMS usage project ID. | -| floating\_project | Project sample floating project. | -| iap\_firewall\_tags | The security tags created for IAP (SSH and RDP) firewall rules and to be used on the VM created on step 5-app-infra on the peering network project. | -| keyring | The name of the keyring. | -| keys | List of created key names. | -| peering\_complete | Output to be used as a module dependency. | -| peering\_network | Peer network peering resource. | -| peering\_project | Project sample peering project id. | -| peering\_subnetwork\_self\_link | The subnetwork self link of the peering network. | -| restricted\_enabled\_apis | Activated APIs. | -| restricted\_shared\_vpc\_project | Project sample restricted project id. | -| restricted\_shared\_vpc\_project\_number | Project sample restricted project. | -| restricted\_subnets\_self\_links | The self-links of subnets from restricted environment. | -| vpc\_service\_control\_perimeter\_name | VPC Service Control name. | - - diff --git a/4-projects/business_unit_2/nonproduction/backend.tf b/4-projects/business_unit_2/nonproduction/backend.tf deleted file mode 100644 index 8d75824f7..000000000 --- a/4-projects/business_unit_2/nonproduction/backend.tf +++ /dev/null @@ -1,22 +0,0 @@ -/** - * Copyright 2021 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -terraform { - backend "gcs" { - bucket = "UPDATE_PROJECTS_BACKEND" - prefix = "terraform/projects/business_unit_2/nonproduction" - } -} diff --git a/4-projects/business_unit_2/nonproduction/backend.tf.cloud.example b/4-projects/business_unit_2/nonproduction/backend.tf.cloud.example deleted file mode 100644 index f6921e66f..000000000 --- a/4-projects/business_unit_2/nonproduction/backend.tf.cloud.example +++ /dev/null @@ -1,23 +0,0 @@ -/** - * Copyright 2023 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -terraform { - cloud { - workspaces { - name = "4-bu2-nonproduction" - } - } -} diff --git a/4-projects/business_unit_2/nonproduction/common.auto.tfvars b/4-projects/business_unit_2/nonproduction/common.auto.tfvars deleted file mode 120000 index 39aaa4621..000000000 --- a/4-projects/business_unit_2/nonproduction/common.auto.tfvars +++ /dev/null @@ -1 +0,0 @@ -../../common.auto.tfvars \ No newline at end of file diff --git a/4-projects/business_unit_2/nonproduction/main.tf b/4-projects/business_unit_2/nonproduction/main.tf deleted file mode 100644 index ab1570069..000000000 --- a/4-projects/business_unit_2/nonproduction/main.tf +++ /dev/null @@ -1,31 +0,0 @@ -/** - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -module "env" { - source = "../../modules/base_env" - - env = "nonproduction" - business_code = "bu2" - business_unit = "business_unit_2" - remote_state_bucket = var.remote_state_bucket - location_kms = var.location_kms - location_gcs = var.location_gcs - tfc_org_name = var.tfc_org_name - peering_module_depends_on = var.peering_module_depends_on - peering_iap_fw_rules_enabled = true - subnet_region = var.instance_region - subnet_ip_range = "10.4.128.0/21" -} diff --git a/4-projects/business_unit_2/nonproduction/nonproduction.auto.tfvars b/4-projects/business_unit_2/nonproduction/nonproduction.auto.tfvars deleted file mode 120000 index d2ffd5e85..000000000 --- a/4-projects/business_unit_2/nonproduction/nonproduction.auto.tfvars +++ /dev/null @@ -1 +0,0 @@ -../../nonproduction.auto.tfvars \ No newline at end of file diff --git a/4-projects/business_unit_2/nonproduction/outputs.tf b/4-projects/business_unit_2/nonproduction/outputs.tf deleted file mode 100644 index 6f07af601..000000000 --- a/4-projects/business_unit_2/nonproduction/outputs.tf +++ /dev/null @@ -1,110 +0,0 @@ -/** - * Copyright 2021 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -output "base_shared_vpc_project" { - description = "Project sample base project." - value = module.env.base_shared_vpc_project -} - -output "base_shared_vpc_project_sa" { - description = "Project sample base project SA." - value = module.env.base_shared_vpc_project_sa -} - -output "base_subnets_self_links" { - value = module.env.base_subnets_self_links - description = "The self-links of subnets from base environment." -} - -output "floating_project" { - description = "Project sample floating project." - value = module.env.floating_project -} - -output "peering_project" { - description = "Project sample peering project id." - value = module.env.peering_project -} - -output "peering_network" { - description = "Peer network peering resource." - value = module.env.peering_network -} - -output "restricted_shared_vpc_project" { - description = "Project sample restricted project id." - value = module.env.restricted_shared_vpc_project -} - -output "restricted_shared_vpc_project_number" { - description = "Project sample restricted project." - value = module.env.restricted_shared_vpc_project_number -} - -output "restricted_subnets_self_links" { - value = module.env.restricted_subnets_self_links - description = "The self-links of subnets from restricted environment." -} - -output "vpc_service_control_perimeter_name" { - description = "VPC Service Control name." - value = module.env.vpc_service_control_perimeter_name -} - -output "restricted_enabled_apis" { - description = "Activated APIs." - value = module.env.restricted_enabled_apis -} - -output "access_context_manager_policy_id" { - description = "Access Context Manager Policy ID." - value = module.env.access_context_manager_policy_id -} - -output "peering_complete" { - description = "Output to be used as a module dependency." - value = module.env.peering_complete -} - -output "env_kms_project" { - description = "Project sample for KMS usage project ID." - value = module.env.env_kms_project -} - -output "keyring" { - description = "The name of the keyring." - value = module.env.keyring -} - -output "keys" { - description = "List of created key names." - value = module.env.keys -} - -output "bucket" { - description = "The created storage bucket." - value = module.env.bucket -} - -output "peering_subnetwork_self_link" { - description = "The subnetwork self link of the peering network." - value = module.env.peering_subnetwork_self_link -} - -output "iap_firewall_tags" { - description = "The security tags created for IAP (SSH and RDP) firewall rules and to be used on the VM created on step 5-app-infra on the peering network project." - value = module.env.iap_firewall_tags -} diff --git a/4-projects/business_unit_2/nonproduction/variables.tf b/4-projects/business_unit_2/nonproduction/variables.tf deleted file mode 100644 index 2cb800af8..000000000 --- a/4-projects/business_unit_2/nonproduction/variables.tf +++ /dev/null @@ -1,50 +0,0 @@ -/** - * Copyright 2021 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -variable "remote_state_bucket" { - description = "Backend bucket to load Terraform Remote State Data from previous steps." - type = string -} - -variable "location_kms" { - description = "Case-Sensitive Location for KMS Keyring (Should be same region as the GCS Bucket)" - type = string - default = "us" -} - -variable "location_gcs" { - description = "Case-Sensitive Location for GCS Bucket (Should be same region as the KMS Keyring)" - type = string - default = "US" -} - -variable "peering_module_depends_on" { - description = "List of modules or resources peering module depends on." - type = list(any) - default = [] -} - -variable "tfc_org_name" { - description = "Name of the TFC organization" - type = string - default = "" -} - -variable "instance_region" { - description = "Region which the peered subnet will be created (Should be same region as the VM that will be created on step 5-app-infra on the peering project)." - type = string - default = "us-central1" -} diff --git a/4-projects/business_unit_2/production/README.md b/4-projects/business_unit_2/production/README.md deleted file mode 100644 index bb68bcc2d..000000000 --- a/4-projects/business_unit_2/production/README.md +++ /dev/null @@ -1,37 +0,0 @@ - -## Inputs - -| Name | Description | Type | Default | Required | -|------|-------------|------|---------|:--------:| -| instance\_region | Region which the peered subnet will be created (Should be same region as the VM that will be created on step 5-app-infra on the peering project). | `string` | `"us-central1"` | no | -| location\_gcs | Case-Sensitive Location for GCS Bucket (Should be same region as the KMS Keyring) | `string` | `"US"` | no | -| location\_kms | Case-Sensitive Location for KMS Keyring (Should be same region as the GCS Bucket) | `string` | `"us"` | no | -| peering\_module\_depends\_on | List of modules or resources peering module depends on. | `list(any)` | `[]` | no | -| remote\_state\_bucket | Backend bucket to load Terraform Remote State Data from previous steps. | `string` | n/a | yes | -| tfc\_org\_name | Name of the TFC organization | `string` | `""` | no | - -## Outputs - -| Name | Description | -|------|-------------| -| access\_context\_manager\_policy\_id | Access Context Manager Policy ID. | -| base\_shared\_vpc\_project | Project sample base project. | -| base\_shared\_vpc\_project\_sa | Project sample base project SA. | -| base\_subnets\_self\_links | The self-links of subnets from base environment. | -| bucket | The created storage bucket. | -| env\_kms\_project | Project sample for KMS usage project ID. | -| floating\_project | Project sample floating project. | -| iap\_firewall\_tags | The security tags created for IAP (SSH and RDP) firewall rules and to be used on the VM created on step 5-app-infra on the peering network project. | -| keyring | The name of the keyring. | -| keys | List of created key names. | -| peering\_complete | Output to be used as a module dependency. | -| peering\_network | Peer network peering resource. | -| peering\_project | Project sample peering project id. | -| peering\_subnetwork\_self\_link | The subnetwork self link of the peering network. | -| restricted\_enabled\_apis | Activated APIs. | -| restricted\_shared\_vpc\_project | Project sample restricted project id. | -| restricted\_shared\_vpc\_project\_number | Project sample restricted project. | -| restricted\_subnets\_self\_links | The self-links of subnets from restricted environment. | -| vpc\_service\_control\_perimeter\_name | VPC Service Control name. | - - diff --git a/4-projects/business_unit_2/production/backend.tf b/4-projects/business_unit_2/production/backend.tf deleted file mode 100644 index 29515ef83..000000000 --- a/4-projects/business_unit_2/production/backend.tf +++ /dev/null @@ -1,22 +0,0 @@ -/** - * Copyright 2021 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -terraform { - backend "gcs" { - bucket = "UPDATE_PROJECTS_BACKEND" - prefix = "terraform/projects/business_unit_2/production" - } -} diff --git a/4-projects/business_unit_2/production/backend.tf.cloud.example b/4-projects/business_unit_2/production/backend.tf.cloud.example deleted file mode 100644 index e182845e6..000000000 --- a/4-projects/business_unit_2/production/backend.tf.cloud.example +++ /dev/null @@ -1,23 +0,0 @@ -/** - * Copyright 2023 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -terraform { - cloud { - workspaces { - name = "4-bu2-production" - } - } -} diff --git a/4-projects/business_unit_2/production/common.auto.tfvars b/4-projects/business_unit_2/production/common.auto.tfvars deleted file mode 120000 index 39aaa4621..000000000 --- a/4-projects/business_unit_2/production/common.auto.tfvars +++ /dev/null @@ -1 +0,0 @@ -../../common.auto.tfvars \ No newline at end of file diff --git a/4-projects/business_unit_2/production/main.tf b/4-projects/business_unit_2/production/main.tf deleted file mode 100644 index c0e5fc299..000000000 --- a/4-projects/business_unit_2/production/main.tf +++ /dev/null @@ -1,31 +0,0 @@ -/** - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -module "env" { - source = "../../modules/base_env" - - env = "production" - business_code = "bu2" - business_unit = "business_unit_2" - remote_state_bucket = var.remote_state_bucket - location_kms = var.location_kms - location_gcs = var.location_gcs - tfc_org_name = var.tfc_org_name - peering_module_depends_on = var.peering_module_depends_on - peering_iap_fw_rules_enabled = true - subnet_region = var.instance_region - subnet_ip_range = "10.4.192.0/21" -} diff --git a/4-projects/business_unit_2/production/outputs.tf b/4-projects/business_unit_2/production/outputs.tf deleted file mode 100644 index 6f07af601..000000000 --- a/4-projects/business_unit_2/production/outputs.tf +++ /dev/null @@ -1,110 +0,0 @@ -/** - * Copyright 2021 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -output "base_shared_vpc_project" { - description = "Project sample base project." - value = module.env.base_shared_vpc_project -} - -output "base_shared_vpc_project_sa" { - description = "Project sample base project SA." - value = module.env.base_shared_vpc_project_sa -} - -output "base_subnets_self_links" { - value = module.env.base_subnets_self_links - description = "The self-links of subnets from base environment." -} - -output "floating_project" { - description = "Project sample floating project." - value = module.env.floating_project -} - -output "peering_project" { - description = "Project sample peering project id." - value = module.env.peering_project -} - -output "peering_network" { - description = "Peer network peering resource." - value = module.env.peering_network -} - -output "restricted_shared_vpc_project" { - description = "Project sample restricted project id." - value = module.env.restricted_shared_vpc_project -} - -output "restricted_shared_vpc_project_number" { - description = "Project sample restricted project." - value = module.env.restricted_shared_vpc_project_number -} - -output "restricted_subnets_self_links" { - value = module.env.restricted_subnets_self_links - description = "The self-links of subnets from restricted environment." -} - -output "vpc_service_control_perimeter_name" { - description = "VPC Service Control name." - value = module.env.vpc_service_control_perimeter_name -} - -output "restricted_enabled_apis" { - description = "Activated APIs." - value = module.env.restricted_enabled_apis -} - -output "access_context_manager_policy_id" { - description = "Access Context Manager Policy ID." - value = module.env.access_context_manager_policy_id -} - -output "peering_complete" { - description = "Output to be used as a module dependency." - value = module.env.peering_complete -} - -output "env_kms_project" { - description = "Project sample for KMS usage project ID." - value = module.env.env_kms_project -} - -output "keyring" { - description = "The name of the keyring." - value = module.env.keyring -} - -output "keys" { - description = "List of created key names." - value = module.env.keys -} - -output "bucket" { - description = "The created storage bucket." - value = module.env.bucket -} - -output "peering_subnetwork_self_link" { - description = "The subnetwork self link of the peering network." - value = module.env.peering_subnetwork_self_link -} - -output "iap_firewall_tags" { - description = "The security tags created for IAP (SSH and RDP) firewall rules and to be used on the VM created on step 5-app-infra on the peering network project." - value = module.env.iap_firewall_tags -} diff --git a/4-projects/business_unit_2/production/production.auto.tfvars b/4-projects/business_unit_2/production/production.auto.tfvars deleted file mode 120000 index be31a2edd..000000000 --- a/4-projects/business_unit_2/production/production.auto.tfvars +++ /dev/null @@ -1 +0,0 @@ -../../production.auto.tfvars \ No newline at end of file diff --git a/4-projects/business_unit_2/production/variables.tf b/4-projects/business_unit_2/production/variables.tf deleted file mode 100644 index 2cb800af8..000000000 --- a/4-projects/business_unit_2/production/variables.tf +++ /dev/null @@ -1,50 +0,0 @@ -/** - * Copyright 2021 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -variable "remote_state_bucket" { - description = "Backend bucket to load Terraform Remote State Data from previous steps." - type = string -} - -variable "location_kms" { - description = "Case-Sensitive Location for KMS Keyring (Should be same region as the GCS Bucket)" - type = string - default = "us" -} - -variable "location_gcs" { - description = "Case-Sensitive Location for GCS Bucket (Should be same region as the KMS Keyring)" - type = string - default = "US" -} - -variable "peering_module_depends_on" { - description = "List of modules or resources peering module depends on." - type = list(any) - default = [] -} - -variable "tfc_org_name" { - description = "Name of the TFC organization" - type = string - default = "" -} - -variable "instance_region" { - description = "Region which the peered subnet will be created (Should be same region as the VM that will be created on step 5-app-infra on the peering project)." - type = string - default = "us-central1" -} diff --git a/4-projects/business_unit_2/shared/README.md b/4-projects/business_unit_2/shared/README.md deleted file mode 100644 index 9515329eb..000000000 --- a/4-projects/business_unit_2/shared/README.md +++ /dev/null @@ -1,26 +0,0 @@ - -## Inputs - -| Name | Description | Type | Default | Required | -|------|-------------|------|---------|:--------:| -| default\_region | Default region to create resources where applicable. | `string` | `"us-central1"` | no | -| project\_budget | Budget configuration.
budget\_amount: The amount to use as the budget.
alert\_spent\_percents: A list of percentages of the budget to alert on when threshold is exceeded.
alert\_pubsub\_topic: The name of the Cloud Pub/Sub topic where budget related messages will be published, in the form of `projects/{project_id}/topics/{topic_id}`.
alert\_spend\_basis: The type of basis used to determine if spend has passed the threshold. Possible choices are `CURRENT_SPEND` or `FORECASTED_SPEND` (default). | 
object({
    budget_amount        = optional(number, 1000)
    alert_spent_percents = optional(list(number), [1.2])
    alert_pubsub_topic   = optional(string, null)
    alert_spend_basis    = optional(string, "FORECASTED_SPEND")
  })
| `{}` | no | -| remote\_state\_bucket | Backend bucket to load Terraform Remote State Data from previous steps. | `string` | n/a | yes | -| tfc\_org\_name | Name of the TFC organization | `string` | `""` | no | - -## Outputs - -| Name | Description | -|------|-------------| -| apply\_triggers\_id | CB apply triggers | -| artifact\_buckets | GCS Buckets to store Cloud Build Artifacts | -| cloudbuild\_project\_id | n/a | -| default\_region | Default region to create resources where applicable. | -| enable\_cloudbuild\_deploy | Enable infra deployment using Cloud Build. | -| log\_buckets | GCS Buckets to store Cloud Build logs | -| plan\_triggers\_id | CB plan triggers | -| repos | CSRs to store source code | -| state\_buckets | GCS Buckets to store TF state | -| terraform\_service\_accounts | APP Infra Pipeline Terraform Accounts. | - - diff --git a/4-projects/business_unit_2/shared/backend.tf b/4-projects/business_unit_2/shared/backend.tf deleted file mode 100644 index 42d41b40c..000000000 --- a/4-projects/business_unit_2/shared/backend.tf +++ /dev/null @@ -1,22 +0,0 @@ -/** - * Copyright 2021 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -terraform { - backend "gcs" { - bucket = "UPDATE_PROJECTS_BACKEND" - prefix = "terraform/projects/business_unit_2/shared" - } -} diff --git a/4-projects/business_unit_2/shared/backend.tf.cloud.example b/4-projects/business_unit_2/shared/backend.tf.cloud.example deleted file mode 100644 index 5dfb05be0..000000000 --- a/4-projects/business_unit_2/shared/backend.tf.cloud.example +++ /dev/null @@ -1,23 +0,0 @@ -/** - * Copyright 2023 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -terraform { - cloud { - workspaces { - name = "4-bu2-shared" - } - } -} diff --git a/4-projects/business_unit_2/shared/common.auto.tfvars b/4-projects/business_unit_2/shared/common.auto.tfvars deleted file mode 120000 index 39aaa4621..000000000 --- a/4-projects/business_unit_2/shared/common.auto.tfvars +++ /dev/null @@ -1 +0,0 @@ -../../common.auto.tfvars \ No newline at end of file diff --git a/4-projects/business_unit_2/shared/example_infra_pipeline.tf b/4-projects/business_unit_2/shared/example_infra_pipeline.tf deleted file mode 100644 index 6bc339edd..000000000 --- a/4-projects/business_unit_2/shared/example_infra_pipeline.tf +++ /dev/null @@ -1,71 +0,0 @@ -/** - * Copyright 2021 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -locals { - repo_names = ["bu2-example-app"] -} - -module "app_infra_cloudbuild_project" { - source = "../../modules/single_project" - count = local.enable_cloudbuild_deploy ? 1 : 0 - - org_id = local.org_id - billing_account = local.billing_account - folder_id = local.common_folder_name - environment = "common" - project_budget = var.project_budget - project_prefix = local.project_prefix - activate_apis = [ - "cloudbuild.googleapis.com", - "sourcerepo.googleapis.com", - "cloudkms.googleapis.com", - "iam.googleapis.com", - "artifactregistry.googleapis.com", - "cloudresourcemanager.googleapis.com" - ] - # Metadata - project_suffix = "infra-pipeline" - application_name = "app-infra-pipelines" - billing_code = "1234" - primary_contact = "example@example.com" - secondary_contact = "example2@example.com" - business_code = "bu2" -} - -module "infra_pipelines" { - source = "../../modules/infra_pipelines" - count = local.enable_cloudbuild_deploy ? 1 : 0 - - org_id = local.org_id - cloudbuild_project_id = module.app_infra_cloudbuild_project[0].project_id - cloud_builder_artifact_repo = local.cloud_builder_artifact_repo - remote_tfstate_bucket = local.projects_remote_bucket_tfstate - billing_account = local.billing_account - default_region = var.default_region - app_infra_repos = local.repo_names - private_worker_pool_id = local.cloud_build_private_worker_pool_id -} - -/** - * When Jenkins CICD is used for deployment this resource - * is created to terraform validation works. - * Without this resource, this module creates zero resources - * and it breaks terraform validation throwing the error below: - * ERROR: [Terraform plan json does not contain resource_changes key] - */ -resource "null_resource" "jenkins_cicd" { - count = !local.enable_cloudbuild_deploy ? 1 : 0 -} diff --git a/4-projects/business_unit_2/shared/outputs.tf b/4-projects/business_unit_2/shared/outputs.tf deleted file mode 100644 index 5c3a84874..000000000 --- a/4-projects/business_unit_2/shared/outputs.tf +++ /dev/null @@ -1,64 +0,0 @@ -/** - * Copyright 2021 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -output "default_region" { - description = "Default region to create resources where applicable." - value = try(module.infra_pipelines[0].default_region, "") -} - -output "cloudbuild_project_id" { - value = try(module.app_infra_cloudbuild_project[0].project_id, "") -} - -output "terraform_service_accounts" { - description = "APP Infra Pipeline Terraform Accounts." - value = try(module.infra_pipelines[0].terraform_service_accounts, {}) -} - -output "repos" { - description = "CSRs to store source code" - value = try(module.infra_pipelines[0].repos, toset([])) -} - -output "artifact_buckets" { - description = "GCS Buckets to store Cloud Build Artifacts" - value = try(module.infra_pipelines[0].artifact_buckets, {}) -} - -output "state_buckets" { - description = "GCS Buckets to store TF state" - value = try(module.infra_pipelines[0].state_buckets, {}) -} - -output "log_buckets" { - description = "GCS Buckets to store Cloud Build logs" - value = try(module.infra_pipelines[0].log_buckets, {}) -} - -output "plan_triggers_id" { - description = "CB plan triggers" - value = try(module.infra_pipelines[0].plan_triggers_id, []) -} - -output "apply_triggers_id" { - description = "CB apply triggers" - value = try(module.infra_pipelines[0].apply_triggers_id, []) -} - -output "enable_cloudbuild_deploy" { - description = "Enable infra deployment using Cloud Build." - value = local.enable_cloudbuild_deploy -} diff --git a/4-projects/business_unit_2/shared/remote.tf b/4-projects/business_unit_2/shared/remote.tf deleted file mode 100644 index 2597f19ba..000000000 --- a/4-projects/business_unit_2/shared/remote.tf +++ /dev/null @@ -1,48 +0,0 @@ -/** - * Copyright 2022 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -locals { - org_id = data.terraform_remote_state.bootstrap.outputs.common_config.org_id - parent_folder = data.terraform_remote_state.bootstrap.outputs.common_config.parent_folder - parent = data.terraform_remote_state.bootstrap.outputs.common_config.parent_id - billing_account = data.terraform_remote_state.bootstrap.outputs.common_config.billing_account - common_folder_name = data.terraform_remote_state.org.outputs.common_folder_name - default_region = data.terraform_remote_state.bootstrap.outputs.common_config.default_region - project_prefix = data.terraform_remote_state.bootstrap.outputs.common_config.project_prefix - folder_prefix = data.terraform_remote_state.bootstrap.outputs.common_config.folder_prefix - projects_remote_bucket_tfstate = data.terraform_remote_state.bootstrap.outputs.projects_gcs_bucket_tfstate - cloud_build_private_worker_pool_id = try(data.terraform_remote_state.bootstrap.outputs.cloud_build_private_worker_pool_id, "") - cloud_builder_artifact_repo = try(data.terraform_remote_state.bootstrap.outputs.cloud_builder_artifact_repo, "") - enable_cloudbuild_deploy = local.cloud_builder_artifact_repo != "" -} - -data "terraform_remote_state" "bootstrap" { - backend = "gcs" - - config = { - bucket = var.remote_state_bucket - prefix = "terraform/bootstrap/state" - } -} - -data "terraform_remote_state" "org" { - backend = "gcs" - - config = { - bucket = var.remote_state_bucket - prefix = "terraform/org/state" - } -} diff --git a/4-projects/business_unit_2/shared/remote.tf.cloud.example b/4-projects/business_unit_2/shared/remote.tf.cloud.example deleted file mode 100644 index 525ba30af..000000000 --- a/4-projects/business_unit_2/shared/remote.tf.cloud.example +++ /dev/null @@ -1,40 +0,0 @@ -/** - * Copyright 2023 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -locals { - org_id = data.tfe_outputs.bootstrap.nonsensitive_values.common_config.org_id - parent_folder = data.tfe_outputs.bootstrap.nonsensitive_values.common_config.parent_folder - parent = data.tfe_outputs.bootstrap.nonsensitive_values.common_config.parent_id - billing_account = data.tfe_outputs.bootstrap.nonsensitive_values.common_config.billing_account - common_folder_name = data.tfe_outputs.org.nonsensitive_values.common_folder_name - default_region = data.tfe_outputs.bootstrap.nonsensitive_values.common_config.default_region - project_prefix = data.tfe_outputs.bootstrap.nonsensitive_values.common_config.project_prefix - folder_prefix = data.tfe_outputs.bootstrap.nonsensitive_values.common_config.folder_prefix - projects_remote_bucket_tfstate = "" - cloud_build_private_worker_pool_id = try(data.tfe_outputs.bootstrap.nonsensitive_values.cloud_build_private_worker_pool_id, "") - cloud_builder_artifact_repo = try(data.tfe_outputs.bootstrap.nonsensitive_values.cloud_builder_artifact_repo, "") - enable_cloudbuild_deploy = local.cloud_builder_artifact_repo != "" -} - -data "tfe_outputs" "bootstrap" { - organization = var.tfc_org_name - workspace = "0-shared" -} - -data "tfe_outputs" "org" { - organization = var.tfc_org_name - workspace = "1-shared" -} diff --git a/4-projects/business_unit_2/shared/shared.auto.tfvars b/4-projects/business_unit_2/shared/shared.auto.tfvars deleted file mode 120000 index b7f8387a8..000000000 --- a/4-projects/business_unit_2/shared/shared.auto.tfvars +++ /dev/null @@ -1 +0,0 @@ -../../shared.auto.tfvars \ No newline at end of file diff --git a/4-projects/business_unit_2/shared/variables.tf b/4-projects/business_unit_2/shared/variables.tf deleted file mode 100644 index 5f08bcddf..000000000 --- a/4-projects/business_unit_2/shared/variables.tf +++ /dev/null @@ -1,49 +0,0 @@ -/** - * Copyright 2021 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -variable "default_region" { - description = "Default region to create resources where applicable." - type = string - default = "us-central1" -} - -variable "project_budget" { - description = < ${GITHUB_WORKSPACE}/plan.out + ${GITHUB_WORKSPACE}/tf-wrapper.sh plan_validate_all "${GITHUB_REF_NAME}" "${GITHUB_WORKSPACE}/policy-library" "${PROJECT_ID}" "FILESYSTEM" "GITHUB" - uses: actions/github-script@v6 if: github.event_name == 'pull_request' @@ -84,34 +84,41 @@ jobs: const run_url = process.env.GITHUB_SERVER_URL + '/' + process.env.GITHUB_REPOSITORY + '/actions/runs/' + process.env.GITHUB_RUN_ID const run_link = 'Actions.' const fs = require('fs') - const plan_file = fs.readFileSync('plan.out', 'utf8') - const plan = plan_file.length > 65000 ? plan_file.toString().substring(0, 65000) + " ..." : plan_file - const truncated_message = plan_file.length > 65000 ? "Output is too long and was truncated. You can read full Plan in " + run_link + "

" : "" - const output = ` - #### Terraform Plan Validate All 📖\`${{ steps.plan-validate-all.outcome }}\` + const plan_dir = 'tmp_plan' + const plan_dir_files = fs.readdirSync('tmp_plan') + const plan_files = plan_dir_files.filter(file => file.match(new RegExp(`.*\.(.txt)$`, 'ig'))) + for (const file in plan_files) { + const plan_file_path = plan_dir.concat('/', plan_files[file]) + const plan_file = fs.readFileSync(plan_file_path, 'utf8') + const plan = plan_file.length > 65000 ? plan_file.toString().substring(0, 65000) + " ..." : plan_file + const truncated_message = plan_file.length > 65000 ? "Output is too long and was truncated. You can read full Plan in " + run_link + "

" : "" + const output = ` + #### Terraform Plan Validate All 📖: \`${{ steps.plan-validate-all.outcome }}\` + Plan File: \`${plan_file_path.replace('.txt', '.plan')}\` -
Show Plan +
Show Plan - \`\`\`\n - ${plan} - \`\`\` + \`\`\`\n + ${plan} + \`\`\` -
- ${truncated_message} - `; +
+ ${truncated_message} + `; - if (botComment) { - github.rest.issues.updateComment({ - owner: context.repo.owner, - repo: context.repo.repo, - comment_id: botComment.id, - body: output - }) - } else { - github.rest.issues.createComment({ - issue_number: context.issue.number, - owner: context.repo.owner, - repo: context.repo.repo, - body: output - }) + if (botComment) { + github.rest.issues.updateComment({ + owner: context.repo.owner, + repo: context.repo.repo, + comment_id: botComment.id, + body: output + }) + } else { + github.rest.issues.createComment({ + issue_number: context.issue.number, + owner: context.repo.owner, + repo: context.repo.repo, + body: output + }) + } } diff --git a/build/tf-wrapper.sh b/build/tf-wrapper.sh index 9fe7da7d6..1d7a650a8 100755 --- a/build/tf-wrapper.sh +++ b/build/tf-wrapper.sh @@ -139,7 +139,7 @@ convert_path() { ## Terraform apply for single environment. tf_apply() { local path=$1 - local tf_env="${path#$base_dir/}" + local tf_env="${path#"$base_dir"/}" local tf_file tf_file="$(convert_path "$tf_env")" echo "*************** TERRAFORM APPLY *******************" @@ -157,7 +157,7 @@ tf_apply() { ## terraform init for single environment. tf_init() { local path=$1 - local tf_env="${path#$base_dir/}" + local tf_env="${path#"$base_dir"/}" echo "*************** TERRAFORM INIT *******************" echo " At environment: ${tf_env} " echo "**************************************************" @@ -173,7 +173,7 @@ tf_init() { ## terraform plan for single environment. tf_plan() { local path=$1 - local tf_env="${path#$base_dir/}" + local tf_env="${path#"$base_dir"/}" local tf_file tf_file="$(convert_path "$tf_env")" echo "*************** TERRAFORM PLAN *******************" @@ -206,7 +206,7 @@ tf_plan_validate_all() { tf_plan "$env_path" tf_validate "$env_path" "$policy_source" else - echo "${env_path#$base_dir/} doesn't match $leaf_regex_plan; skipping" + echo "${env_path#"$base_dir"/} doesn't match $leaf_regex_plan; skipping" fi done done @@ -215,7 +215,7 @@ tf_plan_validate_all() { ## terraform show for single environment. tf_show() { local path=$1 - local tf_env="${path#$base_dir/}" + local tf_env="${path#"$base_dir"/}" local tf_file tf_file="$(convert_path "$tf_env")" echo "*************** TERRAFORM SHOW *******************" @@ -234,9 +234,9 @@ tf_show() { tf_validate() { local path=$1 local policy_file_path=$2 - local tf_env="${path#$base_dir/}" + local tf_env="${path#"$base_dir"/}" local tf_file - tf_file="$(convert_path "$tf_env")" + tf_file="${tmp_plan}/$(convert_path "$tf_env")" echo "*************** TERRAFORM VALIDATE ******************" echo " At environment: ${tf_env} " echo " Using policy from: ${policy_file_path} " @@ -251,9 +251,11 @@ tf_validate() { # that prints the command 'terraform show' itself in the redirection to the json file, making # the json file to have an invalid format. 'terraform-bin' is the actual terraform binary. if [[ "$runner_env" == "GITHUB" ]]; then - terraform-bin show -no-color -json "${tmp_plan}/${tf_file}.tfplan" > "${tf_file}.json" || exit 32 + terraform-bin show -no-color -json "${tf_file}.tfplan" > "${tf_file}.json" || exit 32 + terraform-bin show -no-color "${tf_file}.tfplan" > "${tf_file}.txt" || exit 36 else - terraform show -no-color -json "${tmp_plan}/${tf_file}.tfplan" > "${tf_file}.json" || exit 32 + terraform show -no-color -json "${tf_file}.tfplan" > "${tf_file}.json" || exit 32 + terraform show -no-color "${tf_file}.tfplan" > "${tf_file}.txt" || exit 36 fi if [[ "$policy_type" == "CLOUDSOURCE" ]]; then # Check if $policy_file_path is empty so we clone the policies repo only once @@ -319,7 +321,7 @@ single_action_runner() { ;; esac else - echo "${env_path#$base_dir/} doesn't match ${branch}; skipping" + echo "${env_path#"$base_dir"/} doesn't match ${branch}; skipping" fi done done diff --git a/helpers/foundation-deployer/go.mod b/helpers/foundation-deployer/go.mod index 087e4b97b..78949439d 100644 --- a/helpers/foundation-deployer/go.mod +++ b/helpers/foundation-deployer/go.mod @@ -3,7 +3,7 @@ module github.com/terraform-google-modules/terraform-example-foundation/helpers/ go 1.21.0 require ( - github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test v0.14.0 + github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test v0.14.1 github.com/gruntwork-io/terratest v0.46.14 github.com/hashicorp/hcl/v2 v2.20.1 github.com/mitchellh/go-testing-interface v1.14.2-0.20210821155943-2d9075ca8770 @@ -36,7 +36,7 @@ require ( github.com/hashicorp/go-multierror v1.1.1 // indirect github.com/hashicorp/go-safetemp v1.0.0 // indirect github.com/hashicorp/go-version v1.6.0 // indirect - github.com/hashicorp/terraform-json v0.17.1 // indirect + github.com/hashicorp/terraform-json v0.21.0 // indirect github.com/jinzhu/copier v0.4.0 // indirect github.com/jmespath/go-jmespath v0.4.0 // indirect github.com/klauspost/compress v1.16.7 // indirect @@ -49,7 +49,7 @@ require ( github.com/tidwall/sjson v1.2.5 // indirect github.com/tmccombs/hcl2json v0.6.0 // indirect github.com/ulikunitz/xz v0.5.11 // indirect - github.com/zclconf/go-cty v1.14.0 // indirect + github.com/zclconf/go-cty v1.14.1 // indirect go.opencensus.io v0.24.0 // indirect golang.org/x/crypto v0.21.0 // indirect golang.org/x/mod v0.17.0 // indirect diff --git a/helpers/foundation-deployer/go.sum b/helpers/foundation-deployer/go.sum index 998d06567..b4d63b03d 100644 --- a/helpers/foundation-deployer/go.sum +++ b/helpers/foundation-deployer/go.sum @@ -187,10 +187,8 @@ cloud.google.com/go/workflows v1.7.0/go.mod h1:JhSrZuVZWuiDfKEFxU0/F1PQjmpnpcoIS dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= -github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test v0.11.1 h1:S4Y7o5RKRC9Bk71VszCx9NeheWjdSAn5ejPuD1W6lNE= -github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test v0.11.1/go.mod h1:v4TFK9TmX4mYyXL3v9wFXVN3A5vrt2LaVDBX2/OVU7Y= -github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test v0.14.0 h1:db17HvmQPwTAq7/ex/w2DiNMA4oGUmTiHvScfPW/cRI= -github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test v0.14.0/go.mod h1:JSsaDg/h4yaiNNTNnrCjyL6/czHb/Oz/z+dzWVqJYBE= +github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test v0.14.1 h1:xfCNVLZQAclUxmhICDwaOUJUw4OioNc1wIEfjtSgfCg= +github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test v0.14.1/go.mod h1:AEQP8/V/hIp+SllHtmBV7ftuoQQ82eC032UdsnL3tnY= github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= github.com/agext/levenshtein v1.2.3 h1:YB2fHEn0UJagG8T1rrWknE3ZQzWM06O8AMAatNn7lmo= github.com/agext/levenshtein v1.2.3/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= @@ -220,7 +218,6 @@ github.com/cncf/xds/go v0.0.0-20210922020428-25de7278fc84/go.mod h1:eXthEFrGJvWH github.com/cncf/xds/go v0.0.0-20211001041855-01bcc9b48dfe/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= @@ -292,7 +289,6 @@ github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.7/go.mod h1:n+brtR0CgQNWTVd5ZUFpTBC8YFBDLK/h/bpaJ8/DtOE= github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= -github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= @@ -342,8 +338,6 @@ github.com/googleapis/gax-go/v2 v2.12.0 h1:A+gCJKdRfqXkr+BIRGtZLibNXf0m1f9E4HG56 github.com/googleapis/gax-go/v2 v2.12.0/go.mod h1:y+aIqrI5eb1YGMVJfuV3185Ts/D7qKpsEkdD5+I6QGU= github.com/googleapis/go-type-adapters v1.0.0/go.mod h1:zHW75FOG2aur7gAO2B+MLby+cLsWGBF62rFAi7WjWO4= github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw= -github.com/gruntwork-io/terratest v0.46.11 h1:1Z9G18I2FNuH87Ro0YtjW4NH9ky4GDpfzE7+ivkPeB8= -github.com/gruntwork-io/terratest v0.46.11/go.mod h1:DVZG/s7eP1u3KOQJJfE6n7FDriMWpDvnj85XIlZMEM8= github.com/gruntwork-io/terratest v0.46.14 h1:nVT2JpOPLr7KbwOSNDP0GJffljH+Yu5833cwLorxRjs= github.com/gruntwork-io/terratest v0.46.14/go.mod h1:L/IHbj195wnjfIFpZYWUhjwA3jm4O6ehO//xz7NxN8o= github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= @@ -361,12 +355,10 @@ github.com/hashicorp/go-version v1.6.0 h1:feTTfFNnjP967rlCxM/I9g701jU+RN74YKx2mO github.com/hashicorp/go-version v1.6.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= -github.com/hashicorp/hcl/v2 v2.19.1 h1://i05Jqznmb2EXqa39Nsvyan2o5XyMowW5fnCKW5RPI= -github.com/hashicorp/hcl/v2 v2.19.1/go.mod h1:ThLC89FV4p9MPW804KVbe/cEXoQ8NZEh+JtMeeGErHE= github.com/hashicorp/hcl/v2 v2.20.1 h1:M6hgdyz7HYt1UN9e61j+qKJBqR3orTWbI1HKBJEdxtc= github.com/hashicorp/hcl/v2 v2.20.1/go.mod h1:TZDqQ4kNKCbh1iJp99FdPiUaVDDUPivbqxZulxDYqL4= -github.com/hashicorp/terraform-json v0.17.1 h1:eMfvh/uWggKmY7Pmb3T85u86E2EQg6EQHgyRwf3RkyA= -github.com/hashicorp/terraform-json v0.17.1/go.mod h1:Huy6zt6euxaY9knPAFKjUITn8QxUFIe9VuSzb4zn/0o= +github.com/hashicorp/terraform-json v0.21.0 h1:9NQxbLNqPbEMze+S6+YluEdXgJmhQykRyRNd+zTI05U= +github.com/hashicorp/terraform-json v0.21.0/go.mod h1:qdeBs11ovMzo5puhrRibdD6d2Dq6TyE/28JiU4tIQxk= github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/jinzhu/copier v0.4.0 h1:w3ciUoD19shMCRargcpm0cm91ytaBhDvuRpz1ODO/U8= @@ -388,8 +380,6 @@ github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= -github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= -github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= github.com/mattn/go-isatty v0.0.4/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= github.com/mattn/go-runewidth v0.0.4/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU= @@ -403,15 +393,12 @@ github.com/mitchellh/go-testing-interface v1.14.2-0.20210821155943-2d9075ca8770/ github.com/mitchellh/go-wordwrap v1.0.1 h1:TLuKupo69TCn6TQSyGxwI1EblZZEsQ0vMlAFQflz0v0= github.com/mitchellh/go-wordwrap v1.0.1/go.mod h1:R62XHJLzvMFRBbcrT7m7WgmE1eOyTSsCt+hzestvNj0= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= -github.com/sergi/go-diff v1.3.1 h1:xkr+Oxo4BOQKmkn/B9eMK0g5Kg/983T9DqqPHwYqD+8= -github.com/sergi/go-diff v1.3.1/go.mod h1:aMJSSKb2lpPvRNec0+w3fl7LP9IOFzdc9Pa4NFbPK1I= github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= @@ -423,15 +410,11 @@ github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= -github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= -github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/terraform-google-modules/terraform-example-foundation/test/integration v0.0.0-20240112234556-03b1976b42c4 h1:3FV1fVu3Hjchq5jqfnFhx1Z5wnNb/+wC2zNhuO2Sfz4= github.com/terraform-google-modules/terraform-example-foundation/test/integration v0.0.0-20240112234556-03b1976b42c4/go.mod h1:gOCAYIIyGNyY2c77Fyp4vy18QQefO6ZH92VSkf2QCQQ= github.com/tidwall/gjson v1.14.2/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk= -github.com/tidwall/gjson v1.17.0 h1:/Jocvlh98kcTfpN2+JzGQWQcqrPQwDrVEMApx/M5ZwM= -github.com/tidwall/gjson v1.17.0/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk= github.com/tidwall/gjson v1.17.1 h1:wlYEnwqAHgzmhNUFfw7Xalt2JzQvsMx2Se4PcoFCT/U= github.com/tidwall/gjson v1.17.1/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk= github.com/tidwall/match v1.1.1 h1:+Ho715JplO36QYgwN9PGYNhgZvoUSc9X2c80KVTi+GA= @@ -452,8 +435,10 @@ github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9de github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= -github.com/zclconf/go-cty v1.14.0 h1:/Xrd39K7DXbHzlisFP9c4pHao4yyf+/Ug9LEz+Y/yhc= -github.com/zclconf/go-cty v1.14.0/go.mod h1:VvMs5i0vgZdhYawQNq5kePSpLAoz8u1xvZgrPIxfnZE= +github.com/zclconf/go-cty v1.14.1 h1:t9fyA35fwjjUMcmL5hLER+e/rEPqrbCK1/OSE4SI9KA= +github.com/zclconf/go-cty v1.14.1/go.mod h1:VvMs5i0vgZdhYawQNq5kePSpLAoz8u1xvZgrPIxfnZE= +github.com/zclconf/go-cty-debug v0.0.0-20191215020915-b22d67c1ba0b h1:FosyBZYxY34Wul7O/MSKey3txpPYyCqVO5ZyceuQJEI= +github.com/zclconf/go-cty-debug v0.0.0-20191215020915-b22d67c1ba0b/go.mod h1:ZRKQfBXbGkpdV6QMzT3rU1kSTAnfu1dO8dPKjYprgj8= go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= @@ -508,8 +493,6 @@ golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= -golang.org/x/mod v0.14.0 h1:dGoOF9QVLYng8IHTm7BAyWqCqSheQ5pYWGhzW00YJr0= -golang.org/x/mod v0.14.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/mod v0.17.0 h1:zY54UmvipHiNd+pm+m0x9KhZ9hl1/7QNMyxXbc6ICqA= golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= diff --git a/helpers/foundation-deployer/stages/apply.go b/helpers/foundation-deployer/stages/apply.go index 741464f3f..243473fde 100644 --- a/helpers/foundation-deployer/stages/apply.go +++ b/helpers/foundation-deployer/stages/apply.go @@ -359,7 +359,7 @@ func DeployProjectsStage(t testing.TB, s steps.Steps, tfvars GlobalTFVars, outpu Repo: ProjectsRepo, GitConf: conf, HasManualStep: true, - GroupingUnits: []string{"business_unit_1", "business_unit_2"}, + GroupingUnits: []string{"business_unit_1"}, Envs: []string{"production", "nonproduction", "development"}, } diff --git a/helpers/foundation-deployer/stages/destroy.go b/helpers/foundation-deployer/stages/destroy.go index 7aacf3c9c..392a2f24a 100644 --- a/helpers/foundation-deployer/stages/destroy.go +++ b/helpers/foundation-deployer/stages/destroy.go @@ -135,7 +135,7 @@ func DestroyProjectsStage(t testing.TB, s steps.Steps, outputs BootstrapOutputs, Step: ProjectsStep, Repo: ProjectsRepo, HasManualStep: true, - GroupingUnits: []string{"business_unit_1", "business_unit_2"}, + GroupingUnits: []string{"business_unit_1"}, Envs: []string{"development", "nonproduction", "production"}, } return destroyStage(t, stageConf, s, c) @@ -194,9 +194,9 @@ func destroyStage(t testing.TB, sc StageConf, s steps.Steps, c CommonConf) error for _, g := range groupingUnits { err := s.RunDestroyStep(fmt.Sprintf("%s.%s.apply-shared", sc.Repo, g), func() error { options := &terraform.Options{ - TerraformDir: filepath.Join(gcpPath, g, "shared"), - Logger: c.Logger, - NoColor: true, + TerraformDir: filepath.Join(gcpPath, g, "shared"), + Logger: c.Logger, + NoColor: true, RetryableTerraformErrors: testutils.RetryableTransientErrors, MaxRetries: 2, TimeBetweenRetries: 2 * time.Minute, diff --git a/test/disable_tf_files.sh b/test/disable_tf_files.sh index ee9dc41bc..6b2743493 100755 --- a/test/disable_tf_files.sh +++ b/test/disable_tf_files.sh @@ -57,29 +57,21 @@ function shared(){ function projectsshared(){ # disable shared.auto.tfvars mv 4-projects/business_unit_1/shared/shared.auto.tfvars 4-projects/business_unit_1/shared/shared.auto.tfvars.disabled - mv 4-projects/business_unit_2/shared/shared.auto.tfvars 4-projects/business_unit_2/shared/shared.auto.tfvars.disabled # disable common.auto.tfvars mv 4-projects/business_unit_1/shared/common.auto.tfvars 4-projects/business_unit_1/shared/common.auto.tfvars.disabled - mv 4-projects/business_unit_2/shared/common.auto.tfvars 4-projects/business_unit_2/shared/common.auto.tfvars.disabled } function projects(){ # disable ENVS.auto.tfvars in main module mv 4-projects/business_unit_1/development/development.auto.tfvars 4-projects/business_unit_1/development/development.auto.tfvars.disabled - mv 4-projects/business_unit_2/development/development.auto.tfvars 4-projects/business_unit_2/development/development.auto.tfvars.disabled mv 4-projects/business_unit_1/nonproduction/nonproduction.auto.tfvars 4-projects/business_unit_1/nonproduction/nonproduction.auto.tfvars.disabled - mv 4-projects/business_unit_2/nonproduction/nonproduction.auto.tfvars 4-projects/business_unit_2/nonproduction/nonproduction.auto.tfvars.disabled mv 4-projects/business_unit_1/production/production.auto.tfvars 4-projects/business_unit_1/production/production.auto.tfvars.disabled - mv 4-projects/business_unit_2/production/production.auto.tfvars 4-projects/business_unit_2/production/production.auto.tfvars.disabled # disable common.auto.tfvars in main module mv 4-projects/business_unit_1/development/common.auto.tfvars 4-projects/business_unit_1/development/common.auto.tfvars.disabled mv 4-projects/business_unit_1/nonproduction/common.auto.tfvars 4-projects/business_unit_1/nonproduction/common.auto.tfvars.disabled mv 4-projects/business_unit_1/production/common.auto.tfvars 4-projects/business_unit_1/production/common.auto.tfvars.disabled - mv 4-projects/business_unit_2/development/common.auto.tfvars 4-projects/business_unit_2/development/common.auto.tfvars.disabled - mv 4-projects/business_unit_2/nonproduction/common.auto.tfvars 4-projects/business_unit_2/nonproduction/common.auto.tfvars.disabled - mv 4-projects/business_unit_2/production/common.auto.tfvars 4-projects/business_unit_2/production/common.auto.tfvars.disabled } function appinfra(){ diff --git a/test/integration/go.mod b/test/integration/go.mod index b26c82bb4..8985888bf 100644 --- a/test/integration/go.mod +++ b/test/integration/go.mod @@ -3,7 +3,7 @@ module github.com/terraform-google-modules/terraform-example-foundation/test/int go 1.21.0 require ( - github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test v0.14.0 + github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test v0.14.1 github.com/gruntwork-io/terratest v0.46.14 github.com/mitchellh/go-testing-interface v1.14.2-0.20210821155943-2d9075ca8770 github.com/stretchr/testify v1.9.0 @@ -43,7 +43,7 @@ require ( github.com/hashicorp/hcl v0.0.0-20170504190234-a4b07c25de5f // indirect github.com/hashicorp/hcl/v2 v2.18.0 // indirect github.com/hashicorp/terraform-config-inspect v0.0.0-20231204233900-a34142ec2a72 // indirect - github.com/hashicorp/terraform-json v0.17.1 // indirect + github.com/hashicorp/terraform-json v0.21.0 // indirect github.com/jinzhu/copier v0.4.0 // indirect github.com/jmespath/go-jmespath v0.4.0 // indirect github.com/josharian/intern v1.0.0 // indirect @@ -58,7 +58,7 @@ require ( github.com/tidwall/sjson v1.2.5 // indirect github.com/tmccombs/hcl2json v0.6.0 // indirect github.com/ulikunitz/xz v0.5.11 // indirect - github.com/zclconf/go-cty v1.14.0 // indirect + github.com/zclconf/go-cty v1.14.1 // indirect go.opencensus.io v0.24.0 // indirect golang.org/x/crypto v0.21.0 // indirect golang.org/x/mod v0.17.0 // indirect diff --git a/test/integration/go.sum b/test/integration/go.sum index 3ad8786d6..03dec9114 100644 --- a/test/integration/go.sum +++ b/test/integration/go.sum @@ -185,8 +185,8 @@ cloud.google.com/go/workflows v1.7.0/go.mod h1:JhSrZuVZWuiDfKEFxU0/F1PQjmpnpcoIS dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= -github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test v0.14.0 h1:db17HvmQPwTAq7/ex/w2DiNMA4oGUmTiHvScfPW/cRI= -github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test v0.14.0/go.mod h1:JSsaDg/h4yaiNNTNnrCjyL6/czHb/Oz/z+dzWVqJYBE= +github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test v0.14.1 h1:xfCNVLZQAclUxmhICDwaOUJUw4OioNc1wIEfjtSgfCg= +github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test v0.14.1/go.mod h1:AEQP8/V/hIp+SllHtmBV7ftuoQQ82eC032UdsnL3tnY= github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= github.com/agext/levenshtein v1.2.3 h1:YB2fHEn0UJagG8T1rrWknE3ZQzWM06O8AMAatNn7lmo= github.com/agext/levenshtein v1.2.3/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= @@ -376,8 +376,8 @@ github.com/hashicorp/hcl/v2 v2.18.0 h1:wYnG7Lt31t2zYkcquwgKo6MWXzRUDIeIVU5naZwHL github.com/hashicorp/hcl/v2 v2.18.0/go.mod h1:ThLC89FV4p9MPW804KVbe/cEXoQ8NZEh+JtMeeGErHE= github.com/hashicorp/terraform-config-inspect v0.0.0-20231204233900-a34142ec2a72 h1:nZ5gGjbe5o7XUu1d7j+Y5Ztcxlp+yaumTKH9i0D3wlg= github.com/hashicorp/terraform-config-inspect v0.0.0-20231204233900-a34142ec2a72/go.mod h1:l8HcFPm9cQh6Q0KSWoYPiePqMvRFenybP1CH2MjKdlg= -github.com/hashicorp/terraform-json v0.17.1 h1:eMfvh/uWggKmY7Pmb3T85u86E2EQg6EQHgyRwf3RkyA= -github.com/hashicorp/terraform-json v0.17.1/go.mod h1:Huy6zt6euxaY9knPAFKjUITn8QxUFIe9VuSzb4zn/0o= +github.com/hashicorp/terraform-json v0.21.0 h1:9NQxbLNqPbEMze+S6+YluEdXgJmhQykRyRNd+zTI05U= +github.com/hashicorp/terraform-json v0.21.0/go.mod h1:qdeBs11ovMzo5puhrRibdD6d2Dq6TyE/28JiU4tIQxk= github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/jinzhu/copier v0.4.0 h1:w3ciUoD19shMCRargcpm0cm91ytaBhDvuRpz1ODO/U8= @@ -463,8 +463,8 @@ github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9de github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= -github.com/zclconf/go-cty v1.14.0 h1:/Xrd39K7DXbHzlisFP9c4pHao4yyf+/Ug9LEz+Y/yhc= -github.com/zclconf/go-cty v1.14.0/go.mod h1:VvMs5i0vgZdhYawQNq5kePSpLAoz8u1xvZgrPIxfnZE= +github.com/zclconf/go-cty v1.14.1 h1:t9fyA35fwjjUMcmL5hLER+e/rEPqrbCK1/OSE4SI9KA= +github.com/zclconf/go-cty v1.14.1/go.mod h1:VvMs5i0vgZdhYawQNq5kePSpLAoz8u1xvZgrPIxfnZE= go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= diff --git a/test/integration/projects-shared/projects_shared_test.go b/test/integration/projects-shared/projects_shared_test.go index e7f295d33..71c14681d 100644 --- a/test/integration/projects-shared/projects_shared_test.go +++ b/test/integration/projects-shared/projects_shared_test.go @@ -60,11 +60,6 @@ func TestProjectsShared(t *testing.T) { repo: "bu1-example-app", tfDir: "../../../4-projects/business_unit_1/shared", }, - { - name: "bu2", - repo: "bu2-example-app", - tfDir: "../../../4-projects/business_unit_2/shared", - }, } { tts := tts t.Run(tts.name, func(t *testing.T) { diff --git a/test/integration/projects/projects_test.go b/test/integration/projects/projects_test.go index 46b3b8ec4..fb6302967 100644 --- a/test/integration/projects/projects_test.go +++ b/test/integration/projects/projects_test.go @@ -98,27 +98,6 @@ func TestProjects(t *testing.T) { baseNetwork: fmt.Sprintf("vpc-p-shared-base%s", networkMode), restrictedNetwork: fmt.Sprintf("vpc-p-shared-restricted%s", networkMode), }, - { - name: "bu2_development", - repo: "bu2-example-app", - baseDir: "../../../4-projects/business_unit_2/%s", - baseNetwork: fmt.Sprintf("vpc-d-shared-base%s", networkMode), - restrictedNetwork: fmt.Sprintf("vpc-d-shared-restricted%s", networkMode), - }, - { - name: "bu2_nonproduction", - repo: "bu2-example-app", - baseDir: "../../../4-projects/business_unit_2/%s", - baseNetwork: fmt.Sprintf("vpc-n-shared-base%s", networkMode), - restrictedNetwork: fmt.Sprintf("vpc-n-shared-restricted%s", networkMode), - }, - { - name: "bu2_production", - repo: "bu2-example-app", - baseDir: "../../../4-projects/business_unit_2/%s", - baseNetwork: fmt.Sprintf("vpc-p-shared-base%s", networkMode), - restrictedNetwork: fmt.Sprintf("vpc-p-shared-restricted%s", networkMode), - }, } { tt := tt t.Run(tt.name, func(t *testing.T) { diff --git a/test/restore_tf_files.sh b/test/restore_tf_files.sh index 2f9df9634..4a71bfa9e 100644 --- a/test/restore_tf_files.sh +++ b/test/restore_tf_files.sh @@ -80,48 +80,28 @@ function projects(){ mv 4-projects/business_unit_1/nonproduction/backend.tf.disabled 4-projects/business_unit_1/nonproduction/backend.tf mv 4-projects/business_unit_1/production/backend.tf.disabled 4-projects/business_unit_1/production/backend.tf mv 4-projects/business_unit_1/shared/backend.tf.disabled 4-projects/business_unit_1/shared/backend.tf - mv 4-projects/business_unit_2/development/backend.tf.disabled 4-projects/business_unit_2/development/backend.tf - mv 4-projects/business_unit_2/nonproduction/backend.tf.disabled 4-projects/business_unit_2/nonproduction/backend.tf - mv 4-projects/business_unit_2/production/backend.tf.disabled 4-projects/business_unit_2/production/backend.tf - mv 4-projects/business_unit_2/shared/backend.tf.disabled 4-projects/business_unit_2/shared/backend.tf # restore access_context.auto.tfvars in main module mv 4-projects/business_unit_1/development/access_context.auto.tfvars.disabled 4-projects/business_unit_1/development/access_context.auto.tfvars mv 4-projects/business_unit_1/nonproduction/access_context.auto.tfvars.disabled 4-projects/business_unit_1/nonproduction/access_context.auto.tfvars mv 4-projects/business_unit_1/production/access_context.auto.tfvars.disabled 4-projects/business_unit_1/production/access_context.auto.tfvars - mv 4-projects/business_unit_2/development/access_context.auto.tfvars.disabled 4-projects/business_unit_2/development/access_context.auto.tfvars - mv 4-projects/business_unit_2/nonproduction/access_context.auto.tfvars.disabled 4-projects/business_unit_2/nonproduction/access_context.auto.tfvars - mv 4-projects/business_unit_2/production/access_context.auto.tfvars.disabled 4-projects/business_unit_2/production/access_context.auto.tfvars # restore business_unit_1.auto.tfvars in main module mv 4-projects/business_unit_1/development/business_unit_1.auto.tfvars.disabled 4-projects/business_unit_1/development/business_unit_1.auto.tfvars mv 4-projects/business_unit_1/nonproduction/business_unit_1.auto.tfvars.disabled 4-projects/business_unit_1/nonproduction/business_unit_1.auto.tfvars mv 4-projects/business_unit_1/production/business_unit_1.auto.tfvars.disabled 4-projects/business_unit_1/production/business_unit_1.auto.tfvars - # restore business_unit_2.auto.tfvars in main module - mv 4-projects/business_unit_2/development/business_unit_2.auto.tfvars.disabled 4-projects/business_unit_2/development/business_unit_2.auto.tfvars - mv 4-projects/business_unit_2/nonproduction/business_unit_2.auto.tfvars.disabled 4-projects/business_unit_2/nonproduction/business_unit_2.auto.tfvars - mv 4-projects/business_unit_2/production/business_unit_2.auto.tfvars.disabled 4-projects/business_unit_2/production/business_unit_2.auto.tfvars - # restore ENVS.auto.tfvars in main module mv 4-projects/business_unit_1/development/development.auto.tfvars.disabled 4-projects/business_unit_1/development/development.auto.tfvars - mv 4-projects/business_unit_2/development/development.auto.tfvars.disabled 4-projects/business_unit_2/development/development.auto.tfvars mv 4-projects/business_unit_1/nonproduction/nonproduction.auto.tfvars.disabled 4-projects/business_unit_1/nonproduction/nonproduction.auto.tfvars - mv 4-projects/business_unit_2/nonproduction/nonproduction.auto.tfvars.disabled 4-projects/business_unit_2/nonproduction/nonproduction.auto.tfvars mv 4-projects/business_unit_1/production/production.auto.tfvars.disabled 4-projects/business_unit_1/production/production.auto.tfvars - mv 4-projects/business_unit_2/production/production.auto.tfvars.disabled 4-projects/business_unit_2/production/production.auto.tfvars mv 4-projects/business_unit_1/shared/shared.auto.tfvars.disabled 4-projects/business_unit_1/shared/shared.auto.tfvars - mv 4-projects/business_unit_2/shared/shared.auto.tfvars.disabled 4-projects/business_unit_2/shared/shared.auto.tfvars # restore common.auto.tfvars in main module mv 4-projects/business_unit_1/development/common.auto.tfvars.disabled 4-projects/business_unit_1/development/common.auto.tfvars mv 4-projects/business_unit_1/nonproduction/common.auto.tfvars.disabled 4-projects/business_unit_1/nonproduction/common.auto.tfvars mv 4-projects/business_unit_1/production/common.auto.tfvars.disabled 4-projects/business_unit_1/production/common.auto.tfvars mv 4-projects/business_unit_1/shared/common.auto.tfvars.disabled 4-projects/business_unit_1/shared/common.auto.tfvars - mv 4-projects/business_unit_2/development/common.auto.tfvars.disabled 4-projects/business_unit_2/development/common.auto.tfvars - mv 4-projects/business_unit_2/nonproduction/common.auto.tfvars.disabled 4-projects/business_unit_2/nonproduction/common.auto.tfvars - mv 4-projects/business_unit_2/production/common.auto.tfvars.disabled 4-projects/business_unit_2/production/common.auto.tfvars - mv 4-projects/business_unit_2/shared/common.auto.tfvars.disabled 4-projects/business_unit_2/shared/common.auto.tfvars } diff --git a/test/setup/main.tf b/test/setup/main.tf index 2439902ac..7b85df91d 100644 --- a/test/setup/main.tf +++ b/test/setup/main.tf @@ -46,7 +46,7 @@ resource "google_folder" "test_folder" { module "project" { source = "terraform-google-modules/project-factory/google" - version = "~> 14.0" + version = "~> 15.0" name = "ci-foundation-${random_string.suffix.result}" random_project_id = true