From f664a530958decfa9a1de21844c34d17d2fef8f0 Mon Sep 17 00:00:00 2001 From: Brett Curtis Date: Sat, 1 Feb 2025 17:54:58 -0500 Subject: [PATCH 1/4] Add cert-manager root certificate --- .pre-commit-config.yaml | 4 +- .terraform.lock.hcl | 45 ++++++++++++----- README.md | 1 + main.tf | 49 +++++++++++-------- regional/cert-manager/.terraform.lock.hcl | 26 +++++----- regional/cert-manager/README.md | 2 +- .../istio-csr/.terraform.lock.hcl | 27 +++++----- regional/cert-manager/istio-csr/README.md | 2 +- regional/datadog/.terraform.lock.hcl | 26 +++++----- regional/datadog/README.md | 2 +- .../datadog/manifests/.terraform.lock.hcl | 26 +++++----- regional/datadog/manifests/README.md | 2 +- regional/istio/.terraform.lock.hcl | 26 +++++----- regional/istio/README.md | 2 +- regional/istio/manifests/.terraform.lock.hcl | 26 +++++----- regional/istio/manifests/README.md | 2 +- regional/istio/test/README.md | 4 +- regional/onboarding/.terraform.lock.hcl | 26 +++++----- regional/onboarding/README.md | 2 +- regional/opa-gatekeeper/.terraform.lock.hcl | 26 +++++----- regional/opa-gatekeeper/README.md | 2 +- .../manifests/.terraform.lock.hcl | 27 +++++----- 22 files changed, 191 insertions(+), 164 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 4d982673..d09045c5 100755 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -33,12 +33,12 @@ repos: - --hook-config=--create-file-if-not-exist=false - repo: https://github.com/bridgecrewio/checkov.git - rev: 3.2.357 + rev: 3.2.360 hooks: - id: checkov verbose: true args: - --download-external-modules=true - --skip-check - - "CKV_TF_1" + - "CKV_TF_1,CKV_TF_2" - --quiet diff --git a/.terraform.lock.hcl b/.terraform.lock.hcl index de34be30..bb7193bc 100644 --- a/.terraform.lock.hcl +++ b/.terraform.lock.hcl @@ -42,21 +42,21 @@ provider "registry.terraform.io/hashicorp/google" { } provider "registry.terraform.io/hashicorp/google-beta" { - version = "6.17.0" + version = "6.18.1" hashes = [ - "h1:1VPOmKMlzFBSZwi5rcyeW4a/GI1uvPiTAMCiNjuZj/Q=", - "zh:41018bb792fbc6eeb389be133ebeb88df5c0c7ab1cdd70cb49ef3b834b5253ef", - "zh:464a0432a42a0973a7cdaf40713a0e54adf74a18db2d9390b00ab691a7cbab14", - "zh:57d8f8c2f8d2ea2512ba73caf58b80b6643e268e63dd33aa6b3908f8e9c92e8c", - "zh:5a7e90f80f6a8fe19597053565565c4d85efd9896cbe28038c8e1f9452acef74", - "zh:5c5ad4eed1bc1c42c088555aa90c99e499b2904e4de0009aacf57fff90ebb2de", - "zh:6c950ac6dc08c4db26762717907109665989bb3c6faa0be2db8bf65f82112eaa", - "zh:846c821a7664b29569626dcba87667416b399a506ca86f045263e3b918dc73c6", - "zh:e06a2ac6afa592127e01768bf3b47051ac010e8c7ddc515dbd42b232d2ecfa2e", - "zh:ea2eec97f55eff6cf5cc67f41b1d4d4ec4403b1f61cd762dc1c028ba50e3b349", - "zh:f0e102bfdb2c70b747e7a439b31fe2c03480b598f46193325287a51ef744d2fa", + "h1:ltJM3AxNdo++P8gCXoZx1TmGt9zm/qBrKwG7mTO4kj8=", + "zh:3aa1d66cd6cad3da34f571db3e21a5a86498dc62305e5f79842617d32244fb58", + "zh:417bdcff60b11388e2e25313160e595a8bd6831c5f901f04315817491d8648ee", + "zh:444b829a4e5d8317bd655dffd1ecec2a9b65020980b629cca1d5834ca6ee28cc", + "zh:46e9b385956f45504f91fc28b3828d3d403c23c8e4187f25671ec85326e0a3fc", + "zh:743707347a1474edc2266b264fd427c8758a9df156e75e92a72ec172f49090b1", + "zh:9cb11645075ad90bdfcbe4c78c13a03ee7e1a24ad7e635a93a09ae54324248b6", + "zh:b3be1acdf4d54f9b72c69887ae788f23b5dc417beb8bacbaab2f1a1aab55db99", + "zh:ca5bdccd2e4c621d7b9ba217070249b79d262fee2db6854f4610034cbf02894b", + "zh:cdabced672a4e6d7efc21af38200b2be8f45b4eea7979d145220110a7c2fb95c", + "zh:e00d2987c61af0f87e337bd85feb2488f10eac2dc026cbbe4b0de2dfe56b50e1", "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c", - "zh:f76136bfb3c9c0848ff84a3bf98fba1b61c13124ade4194020d18583951b9df2", + "zh:f882db4a120e41fcfce6dc96bd94342c7188ba70ae0a5e6040e7087c141cca0a", ] } @@ -78,3 +78,22 @@ provider "registry.terraform.io/hashicorp/random" { "zh:eff58323099f1bd9a0bec7cb04f717e7f1b2774c7d612bf7581797e1622613a0", ] } + +provider "registry.terraform.io/hashicorp/tls" { + version = "4.0.6" + hashes = [ + "h1:dYSb3V94K5dDMtrBRLPzBpkMTPn+3cXZ/kIJdtFL+2M=", + "zh:10de0d8af02f2e578101688fd334da3849f56ea91b0d9bd5b1f7a243417fdda8", + "zh:37fc01f8b2bc9d5b055dc3e78bfd1beb7c42cfb776a4c81106e19c8911366297", + "zh:4578ca03d1dd0b7f572d96bd03f744be24c726bfd282173d54b100fd221608bb", + "zh:6c475491d1250050765a91a493ef330adc24689e8837a0f07da5a0e1269e11c1", + "zh:81bde94d53cdababa5b376bbc6947668be4c45ab655de7aa2e8e4736dfd52509", + "zh:abdce260840b7b050c4e401d4f75c7a199fafe58a8b213947a258f75ac18b3e8", + "zh:b754cebfc5184873840f16a642a7c9ef78c34dc246a8ae29e056c79939963c7a", + "zh:c928b66086078f9917aef0eec15982f2e337914c5c4dbc31dd4741403db7eb18", + "zh:cded27bee5f24de6f2ee0cfd1df46a7f88e84aaffc2ecbf3ff7094160f193d50", + "zh:d65eb3867e8f69aaf1b8bb53bd637c99c6b649ba3db16ded50fa9a01076d1a27", + "zh:ecb0c8b528c7a619fa71852bb3fb5c151d47576c5aab2bf3af4db52588722eeb", + "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c", + ] +} diff --git a/README.md b/README.md index a46fda70..57b4f4af 100644 --- a/README.md +++ b/README.md @@ -57,6 +57,7 @@ No providers. |------|--------|---------| | [datadog](#module\_datadog) | github.com/osinfra-io/terraform-datadog-google-integration | v0.3.0 | | [helpers](#module\_helpers) | github.com/osinfra-io/terraform-core-helpers//root | v0.1.2 | +| [kubernetes\_cert\_manager](#module\_kubernetes\_cert\_manager) | github.com/osinfra-io/terraform-kubernetes-cert-manager | tls | | [kubernetes\_engine](#module\_kubernetes\_engine) | github.com/osinfra-io/terraform-google-kubernetes-engine | v0.2.2 | | [kubernetes\_istio](#module\_kubernetes\_istio) | github.com/osinfra-io/terraform-kubernetes-istio | v0.1.7 | | [project](#module\_project) | github.com/osinfra-io/terraform-google-project | v0.4.5 | diff --git a/main.tf b/main.tf index dda17756..c97f2214 100644 --- a/main.tf +++ b/main.tf @@ -12,6 +12,34 @@ module "datadog" { project = module.project.id } +# Kubernetes cert-manager Module (osinfra.io) +# https://github.com/osinfra-io/terraform-kubernetes-cert-manager + +module "kubernetes_cert_manager" { + source = "github.com/osinfra-io/terraform-kubernetes-cert-manager?ref=tls" +} + +# Google Kubernetes Engine Module (osinfra.io) +# https://github.com/osinfra-io/terraform-google-kubernetes-engine + +module "kubernetes_engine" { + source = "github.com/osinfra-io/terraform-google-kubernetes-engine?ref=v0.2.2" + + namespaces = var.kubernetes_engine_namespaces + project = module.project.id +} + +# Kubernetes Istio Module (osinfra.io) +# https://github.com/osinfra-io/terraform-kubernetes-istio + +module "kubernetes_istio" { + source = "github.com/osinfra-io/terraform-kubernetes-istio?ref=v0.1.7" + + gateway_dns = var.kubernetes_istio_gateway_dns + labels = module.helpers.labels + project = module.project.id +} + # Google Project Module (osinfra.io) # https://github.com/osinfra-io/terraform-google-project @@ -48,24 +76,3 @@ module "project" { "trafficdirector.googleapis.com" ] } - -# Google Kubernetes Engine Module (osinfra.io) -# https://github.com/osinfra-io/terraform-google-kubernetes-engine - -module "kubernetes_engine" { - source = "github.com/osinfra-io/terraform-google-kubernetes-engine?ref=v0.2.2" - - namespaces = var.kubernetes_engine_namespaces - project = module.project.id -} - -# Kubernetes Istio Module (osinfra.io) -# https://github.com/osinfra-io/terraform-kubernetes-istio - -module "kubernetes_istio" { - source = "github.com/osinfra-io/terraform-kubernetes-istio?ref=v0.1.7" - - gateway_dns = var.kubernetes_istio_gateway_dns - labels = module.helpers.labels - project = module.project.id -} diff --git a/regional/cert-manager/.terraform.lock.hcl b/regional/cert-manager/.terraform.lock.hcl index 2eda8057..48f537e3 100644 --- a/regional/cert-manager/.terraform.lock.hcl +++ b/regional/cert-manager/.terraform.lock.hcl @@ -2,21 +2,21 @@ # Manual edits may be lost in future updates. provider "registry.terraform.io/hashicorp/google" { - version = "6.17.0" + version = "6.18.1" hashes = [ - "h1:J7qp2vw9rlE7S80yO/WAK6kpri6r18J18/9lYm9lNB8=", - "zh:2ae1ba33889babf740298f131c3151477c638a6d8dc2d850f207380ae91d5ee0", - "zh:2b950b0f4dcb1f79e10ad9611fc1573114028be423af742eb9b5027d1e1127fc", - "zh:4557ce5a9ce78e365af99c15c3a2d4d37a246535d0d62182a66cfc1c9de53cbd", - "zh:5ced8255a5cd868ebd6a0ba377b5016f578be402daea7479e488c109a74e8339", - "zh:6b7666678f6238637c7f78020edb8405669804a18ae580296419fb4179642cf6", - "zh:8677c153477daf1b636421a00633f25022b8c33fc803699d6ea6f89b75b4554b", - "zh:9f85498e26bf90049c252e6220a5a47cff88a4cd249e08845c59bd4c16aa48f3", - "zh:dce93c05d1852f1c692566c2ebf7200cb98aa059301044c2211c10319354c680", - "zh:df72b36e76e0721904c63eab34191bc9c4ccf93d067c2a0d455dd8bb39e73b66", - "zh:e9a9e8d8ae14ab6e661f3f9b07c5edec60507203dac7d2f187dc716317f4d79c", + "h1:8zB9kfcafSCeIFO/Ein+Z5gN6hMIV4CrPm43evEkzTE=", + "zh:43543160dc2cee6f05b37eadc49e0da2ed99b1d16ca40dcb74de4ec17bf30430", + "zh:44e92661b6b2e7823f931c459780eaa844c7ee8fecca676aa632ededfc0d6180", + "zh:504cc9967f9e51969d012338e7b36bf689a672e0c780d821ea36bbad0d1bd4c4", + "zh:6e3c24761dd073984274dcdb5e5a7f81619c2665c2aef5b35769b31cb1c72bb8", + "zh:86ce6f0049a4d243574f5c3a31b6e405cc48e203f3d97722615779a5f06143e4", + "zh:bf2b79a89ea02d146a3ea0c1c1232bb065ba2283c54f4a3d4ac8b04e11f2119d", + "zh:ca5e3a2758c92a934e91a5d1919947300e0645e2ba71aeb9884b896e6b123d3f", + "zh:d8f4f55faea7250226839a02c6134d193f3d072293452be58e8181aab925b1ad", + "zh:e5189f66c2c4e1264092c79d11bc07e7dc82d99701dc0592dcd879a746ec2910", + "zh:e6471441d4565910a67d79f480dafc8c1d19e29ae1588b0515269f7fb815f40f", + "zh:e6514660a85b8f921b968576250ac3d983cda1c06aaef801c21e908a8b9f873b", "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c", - "zh:fb92287bca4fc7b49666c644ca7789e4acf5b17317acb963f138c0ae6347a289", ] } diff --git a/regional/cert-manager/README.md b/regional/cert-manager/README.md index c8f9b4d9..6feb5680 100755 --- a/regional/cert-manager/README.md +++ b/regional/cert-manager/README.md @@ -9,7 +9,7 @@ No requirements. | Name | Version | |------|---------| -| [google](#provider\_google) | 6.17.0 | +| [google](#provider\_google) | 6.18.1 | ## Modules diff --git a/regional/cert-manager/istio-csr/.terraform.lock.hcl b/regional/cert-manager/istio-csr/.terraform.lock.hcl index d17c351a..eeb38796 100644 --- a/regional/cert-manager/istio-csr/.terraform.lock.hcl +++ b/regional/cert-manager/istio-csr/.terraform.lock.hcl @@ -2,22 +2,21 @@ # Manual edits may be lost in future updates. provider "registry.terraform.io/hashicorp/google" { - version = "6.17.0" + version = "6.18.1" hashes = [ - "h1:J7qp2vw9rlE7S80yO/WAK6kpri6r18J18/9lYm9lNB8=", - "h1:n7/r4bk/I43ZsknRp26fyyrO1/cIg6ITQejdcYene18=", - "zh:2ae1ba33889babf740298f131c3151477c638a6d8dc2d850f207380ae91d5ee0", - "zh:2b950b0f4dcb1f79e10ad9611fc1573114028be423af742eb9b5027d1e1127fc", - "zh:4557ce5a9ce78e365af99c15c3a2d4d37a246535d0d62182a66cfc1c9de53cbd", - "zh:5ced8255a5cd868ebd6a0ba377b5016f578be402daea7479e488c109a74e8339", - "zh:6b7666678f6238637c7f78020edb8405669804a18ae580296419fb4179642cf6", - "zh:8677c153477daf1b636421a00633f25022b8c33fc803699d6ea6f89b75b4554b", - "zh:9f85498e26bf90049c252e6220a5a47cff88a4cd249e08845c59bd4c16aa48f3", - "zh:dce93c05d1852f1c692566c2ebf7200cb98aa059301044c2211c10319354c680", - "zh:df72b36e76e0721904c63eab34191bc9c4ccf93d067c2a0d455dd8bb39e73b66", - "zh:e9a9e8d8ae14ab6e661f3f9b07c5edec60507203dac7d2f187dc716317f4d79c", + "h1:8zB9kfcafSCeIFO/Ein+Z5gN6hMIV4CrPm43evEkzTE=", + "zh:43543160dc2cee6f05b37eadc49e0da2ed99b1d16ca40dcb74de4ec17bf30430", + "zh:44e92661b6b2e7823f931c459780eaa844c7ee8fecca676aa632ededfc0d6180", + "zh:504cc9967f9e51969d012338e7b36bf689a672e0c780d821ea36bbad0d1bd4c4", + "zh:6e3c24761dd073984274dcdb5e5a7f81619c2665c2aef5b35769b31cb1c72bb8", + "zh:86ce6f0049a4d243574f5c3a31b6e405cc48e203f3d97722615779a5f06143e4", + "zh:bf2b79a89ea02d146a3ea0c1c1232bb065ba2283c54f4a3d4ac8b04e11f2119d", + "zh:ca5e3a2758c92a934e91a5d1919947300e0645e2ba71aeb9884b896e6b123d3f", + "zh:d8f4f55faea7250226839a02c6134d193f3d072293452be58e8181aab925b1ad", + "zh:e5189f66c2c4e1264092c79d11bc07e7dc82d99701dc0592dcd879a746ec2910", + "zh:e6471441d4565910a67d79f480dafc8c1d19e29ae1588b0515269f7fb815f40f", + "zh:e6514660a85b8f921b968576250ac3d983cda1c06aaef801c21e908a8b9f873b", "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c", - "zh:fb92287bca4fc7b49666c644ca7789e4acf5b17317acb963f138c0ae6347a289", ] } diff --git a/regional/cert-manager/istio-csr/README.md b/regional/cert-manager/istio-csr/README.md index 11c6fa4a..dd6b29d2 100755 --- a/regional/cert-manager/istio-csr/README.md +++ b/regional/cert-manager/istio-csr/README.md @@ -9,7 +9,7 @@ No requirements. | Name | Version | |------|---------| -| [google](#provider\_google) | 6.17.0 | +| [google](#provider\_google) | 6.18.1 | ## Modules diff --git a/regional/datadog/.terraform.lock.hcl b/regional/datadog/.terraform.lock.hcl index c2231ef5..12a575e6 100644 --- a/regional/datadog/.terraform.lock.hcl +++ b/regional/datadog/.terraform.lock.hcl @@ -2,21 +2,21 @@ # Manual edits may be lost in future updates. provider "registry.terraform.io/hashicorp/google" { - version = "6.17.0" + version = "6.18.1" hashes = [ - "h1:J7qp2vw9rlE7S80yO/WAK6kpri6r18J18/9lYm9lNB8=", - "zh:2ae1ba33889babf740298f131c3151477c638a6d8dc2d850f207380ae91d5ee0", - "zh:2b950b0f4dcb1f79e10ad9611fc1573114028be423af742eb9b5027d1e1127fc", - "zh:4557ce5a9ce78e365af99c15c3a2d4d37a246535d0d62182a66cfc1c9de53cbd", - "zh:5ced8255a5cd868ebd6a0ba377b5016f578be402daea7479e488c109a74e8339", - "zh:6b7666678f6238637c7f78020edb8405669804a18ae580296419fb4179642cf6", - "zh:8677c153477daf1b636421a00633f25022b8c33fc803699d6ea6f89b75b4554b", - "zh:9f85498e26bf90049c252e6220a5a47cff88a4cd249e08845c59bd4c16aa48f3", - "zh:dce93c05d1852f1c692566c2ebf7200cb98aa059301044c2211c10319354c680", - "zh:df72b36e76e0721904c63eab34191bc9c4ccf93d067c2a0d455dd8bb39e73b66", - "zh:e9a9e8d8ae14ab6e661f3f9b07c5edec60507203dac7d2f187dc716317f4d79c", + "h1:8zB9kfcafSCeIFO/Ein+Z5gN6hMIV4CrPm43evEkzTE=", + "zh:43543160dc2cee6f05b37eadc49e0da2ed99b1d16ca40dcb74de4ec17bf30430", + "zh:44e92661b6b2e7823f931c459780eaa844c7ee8fecca676aa632ededfc0d6180", + "zh:504cc9967f9e51969d012338e7b36bf689a672e0c780d821ea36bbad0d1bd4c4", + "zh:6e3c24761dd073984274dcdb5e5a7f81619c2665c2aef5b35769b31cb1c72bb8", + "zh:86ce6f0049a4d243574f5c3a31b6e405cc48e203f3d97722615779a5f06143e4", + "zh:bf2b79a89ea02d146a3ea0c1c1232bb065ba2283c54f4a3d4ac8b04e11f2119d", + "zh:ca5e3a2758c92a934e91a5d1919947300e0645e2ba71aeb9884b896e6b123d3f", + "zh:d8f4f55faea7250226839a02c6134d193f3d072293452be58e8181aab925b1ad", + "zh:e5189f66c2c4e1264092c79d11bc07e7dc82d99701dc0592dcd879a746ec2910", + "zh:e6471441d4565910a67d79f480dafc8c1d19e29ae1588b0515269f7fb815f40f", + "zh:e6514660a85b8f921b968576250ac3d983cda1c06aaef801c21e908a8b9f873b", "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c", - "zh:fb92287bca4fc7b49666c644ca7789e4acf5b17317acb963f138c0ae6347a289", ] } diff --git a/regional/datadog/README.md b/regional/datadog/README.md index 5e239465..95fc4bca 100755 --- a/regional/datadog/README.md +++ b/regional/datadog/README.md @@ -9,7 +9,7 @@ No requirements. | Name | Version | |------|---------| -| [google](#provider\_google) | 6.17.0 | +| [google](#provider\_google) | 6.18.1 | ## Modules diff --git a/regional/datadog/manifests/.terraform.lock.hcl b/regional/datadog/manifests/.terraform.lock.hcl index 2eda8057..48f537e3 100644 --- a/regional/datadog/manifests/.terraform.lock.hcl +++ b/regional/datadog/manifests/.terraform.lock.hcl @@ -2,21 +2,21 @@ # Manual edits may be lost in future updates. provider "registry.terraform.io/hashicorp/google" { - version = "6.17.0" + version = "6.18.1" hashes = [ - "h1:J7qp2vw9rlE7S80yO/WAK6kpri6r18J18/9lYm9lNB8=", - "zh:2ae1ba33889babf740298f131c3151477c638a6d8dc2d850f207380ae91d5ee0", - "zh:2b950b0f4dcb1f79e10ad9611fc1573114028be423af742eb9b5027d1e1127fc", - "zh:4557ce5a9ce78e365af99c15c3a2d4d37a246535d0d62182a66cfc1c9de53cbd", - "zh:5ced8255a5cd868ebd6a0ba377b5016f578be402daea7479e488c109a74e8339", - "zh:6b7666678f6238637c7f78020edb8405669804a18ae580296419fb4179642cf6", - "zh:8677c153477daf1b636421a00633f25022b8c33fc803699d6ea6f89b75b4554b", - "zh:9f85498e26bf90049c252e6220a5a47cff88a4cd249e08845c59bd4c16aa48f3", - "zh:dce93c05d1852f1c692566c2ebf7200cb98aa059301044c2211c10319354c680", - "zh:df72b36e76e0721904c63eab34191bc9c4ccf93d067c2a0d455dd8bb39e73b66", - "zh:e9a9e8d8ae14ab6e661f3f9b07c5edec60507203dac7d2f187dc716317f4d79c", + "h1:8zB9kfcafSCeIFO/Ein+Z5gN6hMIV4CrPm43evEkzTE=", + "zh:43543160dc2cee6f05b37eadc49e0da2ed99b1d16ca40dcb74de4ec17bf30430", + "zh:44e92661b6b2e7823f931c459780eaa844c7ee8fecca676aa632ededfc0d6180", + "zh:504cc9967f9e51969d012338e7b36bf689a672e0c780d821ea36bbad0d1bd4c4", + "zh:6e3c24761dd073984274dcdb5e5a7f81619c2665c2aef5b35769b31cb1c72bb8", + "zh:86ce6f0049a4d243574f5c3a31b6e405cc48e203f3d97722615779a5f06143e4", + "zh:bf2b79a89ea02d146a3ea0c1c1232bb065ba2283c54f4a3d4ac8b04e11f2119d", + "zh:ca5e3a2758c92a934e91a5d1919947300e0645e2ba71aeb9884b896e6b123d3f", + "zh:d8f4f55faea7250226839a02c6134d193f3d072293452be58e8181aab925b1ad", + "zh:e5189f66c2c4e1264092c79d11bc07e7dc82d99701dc0592dcd879a746ec2910", + "zh:e6471441d4565910a67d79f480dafc8c1d19e29ae1588b0515269f7fb815f40f", + "zh:e6514660a85b8f921b968576250ac3d983cda1c06aaef801c21e908a8b9f873b", "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c", - "zh:fb92287bca4fc7b49666c644ca7789e4acf5b17317acb963f138c0ae6347a289", ] } diff --git a/regional/datadog/manifests/README.md b/regional/datadog/manifests/README.md index 9a9437af..0770f0be 100755 --- a/regional/datadog/manifests/README.md +++ b/regional/datadog/manifests/README.md @@ -9,7 +9,7 @@ No requirements. | Name | Version | |------|---------| -| [google](#provider\_google) | 6.17.0 | +| [google](#provider\_google) | 6.18.1 | ## Modules diff --git a/regional/istio/.terraform.lock.hcl b/regional/istio/.terraform.lock.hcl index 2eda8057..48f537e3 100644 --- a/regional/istio/.terraform.lock.hcl +++ b/regional/istio/.terraform.lock.hcl @@ -2,21 +2,21 @@ # Manual edits may be lost in future updates. provider "registry.terraform.io/hashicorp/google" { - version = "6.17.0" + version = "6.18.1" hashes = [ - "h1:J7qp2vw9rlE7S80yO/WAK6kpri6r18J18/9lYm9lNB8=", - "zh:2ae1ba33889babf740298f131c3151477c638a6d8dc2d850f207380ae91d5ee0", - "zh:2b950b0f4dcb1f79e10ad9611fc1573114028be423af742eb9b5027d1e1127fc", - "zh:4557ce5a9ce78e365af99c15c3a2d4d37a246535d0d62182a66cfc1c9de53cbd", - "zh:5ced8255a5cd868ebd6a0ba377b5016f578be402daea7479e488c109a74e8339", - "zh:6b7666678f6238637c7f78020edb8405669804a18ae580296419fb4179642cf6", - "zh:8677c153477daf1b636421a00633f25022b8c33fc803699d6ea6f89b75b4554b", - "zh:9f85498e26bf90049c252e6220a5a47cff88a4cd249e08845c59bd4c16aa48f3", - "zh:dce93c05d1852f1c692566c2ebf7200cb98aa059301044c2211c10319354c680", - "zh:df72b36e76e0721904c63eab34191bc9c4ccf93d067c2a0d455dd8bb39e73b66", - "zh:e9a9e8d8ae14ab6e661f3f9b07c5edec60507203dac7d2f187dc716317f4d79c", + "h1:8zB9kfcafSCeIFO/Ein+Z5gN6hMIV4CrPm43evEkzTE=", + "zh:43543160dc2cee6f05b37eadc49e0da2ed99b1d16ca40dcb74de4ec17bf30430", + "zh:44e92661b6b2e7823f931c459780eaa844c7ee8fecca676aa632ededfc0d6180", + "zh:504cc9967f9e51969d012338e7b36bf689a672e0c780d821ea36bbad0d1bd4c4", + "zh:6e3c24761dd073984274dcdb5e5a7f81619c2665c2aef5b35769b31cb1c72bb8", + "zh:86ce6f0049a4d243574f5c3a31b6e405cc48e203f3d97722615779a5f06143e4", + "zh:bf2b79a89ea02d146a3ea0c1c1232bb065ba2283c54f4a3d4ac8b04e11f2119d", + "zh:ca5e3a2758c92a934e91a5d1919947300e0645e2ba71aeb9884b896e6b123d3f", + "zh:d8f4f55faea7250226839a02c6134d193f3d072293452be58e8181aab925b1ad", + "zh:e5189f66c2c4e1264092c79d11bc07e7dc82d99701dc0592dcd879a746ec2910", + "zh:e6471441d4565910a67d79f480dafc8c1d19e29ae1588b0515269f7fb815f40f", + "zh:e6514660a85b8f921b968576250ac3d983cda1c06aaef801c21e908a8b9f873b", "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c", - "zh:fb92287bca4fc7b49666c644ca7789e4acf5b17317acb963f138c0ae6347a289", ] } diff --git a/regional/istio/README.md b/regional/istio/README.md index 4ab74a55..03b0ecd2 100755 --- a/regional/istio/README.md +++ b/regional/istio/README.md @@ -9,7 +9,7 @@ No requirements. | Name | Version | |------|---------| -| [google](#provider\_google) | 6.17.0 | +| [google](#provider\_google) | 6.18.1 | | [terraform](#provider\_terraform) | n/a | ## Modules diff --git a/regional/istio/manifests/.terraform.lock.hcl b/regional/istio/manifests/.terraform.lock.hcl index 2eda8057..48f537e3 100644 --- a/regional/istio/manifests/.terraform.lock.hcl +++ b/regional/istio/manifests/.terraform.lock.hcl @@ -2,21 +2,21 @@ # Manual edits may be lost in future updates. provider "registry.terraform.io/hashicorp/google" { - version = "6.17.0" + version = "6.18.1" hashes = [ - "h1:J7qp2vw9rlE7S80yO/WAK6kpri6r18J18/9lYm9lNB8=", - "zh:2ae1ba33889babf740298f131c3151477c638a6d8dc2d850f207380ae91d5ee0", - "zh:2b950b0f4dcb1f79e10ad9611fc1573114028be423af742eb9b5027d1e1127fc", - "zh:4557ce5a9ce78e365af99c15c3a2d4d37a246535d0d62182a66cfc1c9de53cbd", - "zh:5ced8255a5cd868ebd6a0ba377b5016f578be402daea7479e488c109a74e8339", - "zh:6b7666678f6238637c7f78020edb8405669804a18ae580296419fb4179642cf6", - "zh:8677c153477daf1b636421a00633f25022b8c33fc803699d6ea6f89b75b4554b", - "zh:9f85498e26bf90049c252e6220a5a47cff88a4cd249e08845c59bd4c16aa48f3", - "zh:dce93c05d1852f1c692566c2ebf7200cb98aa059301044c2211c10319354c680", - "zh:df72b36e76e0721904c63eab34191bc9c4ccf93d067c2a0d455dd8bb39e73b66", - "zh:e9a9e8d8ae14ab6e661f3f9b07c5edec60507203dac7d2f187dc716317f4d79c", + "h1:8zB9kfcafSCeIFO/Ein+Z5gN6hMIV4CrPm43evEkzTE=", + "zh:43543160dc2cee6f05b37eadc49e0da2ed99b1d16ca40dcb74de4ec17bf30430", + "zh:44e92661b6b2e7823f931c459780eaa844c7ee8fecca676aa632ededfc0d6180", + "zh:504cc9967f9e51969d012338e7b36bf689a672e0c780d821ea36bbad0d1bd4c4", + "zh:6e3c24761dd073984274dcdb5e5a7f81619c2665c2aef5b35769b31cb1c72bb8", + "zh:86ce6f0049a4d243574f5c3a31b6e405cc48e203f3d97722615779a5f06143e4", + "zh:bf2b79a89ea02d146a3ea0c1c1232bb065ba2283c54f4a3d4ac8b04e11f2119d", + "zh:ca5e3a2758c92a934e91a5d1919947300e0645e2ba71aeb9884b896e6b123d3f", + "zh:d8f4f55faea7250226839a02c6134d193f3d072293452be58e8181aab925b1ad", + "zh:e5189f66c2c4e1264092c79d11bc07e7dc82d99701dc0592dcd879a746ec2910", + "zh:e6471441d4565910a67d79f480dafc8c1d19e29ae1588b0515269f7fb815f40f", + "zh:e6514660a85b8f921b968576250ac3d983cda1c06aaef801c21e908a8b9f873b", "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c", - "zh:fb92287bca4fc7b49666c644ca7789e4acf5b17317acb963f138c0ae6347a289", ] } diff --git a/regional/istio/manifests/README.md b/regional/istio/manifests/README.md index 7faacb50..16c435fb 100755 --- a/regional/istio/manifests/README.md +++ b/regional/istio/manifests/README.md @@ -9,7 +9,7 @@ No requirements. | Name | Version | |------|---------| -| [google](#provider\_google) | 6.17.0 | +| [google](#provider\_google) | 6.18.1 | ## Modules diff --git a/regional/istio/test/README.md b/regional/istio/test/README.md index fb09e1bf..530a9644 100755 --- a/regional/istio/test/README.md +++ b/regional/istio/test/README.md @@ -9,8 +9,8 @@ No requirements. | Name | Version | |------|---------| -| [datadog](#provider\_datadog) | 3.52.1 | -| [google](#provider\_google) | 6.16.0 | +| [datadog](#provider\_datadog) | 3.53.0 | +| [google](#provider\_google) | 6.18.1 | | [kubernetes](#provider\_kubernetes) | 2.35.1 | ## Modules diff --git a/regional/onboarding/.terraform.lock.hcl b/regional/onboarding/.terraform.lock.hcl index 2eda8057..48f537e3 100644 --- a/regional/onboarding/.terraform.lock.hcl +++ b/regional/onboarding/.terraform.lock.hcl @@ -2,21 +2,21 @@ # Manual edits may be lost in future updates. provider "registry.terraform.io/hashicorp/google" { - version = "6.17.0" + version = "6.18.1" hashes = [ - "h1:J7qp2vw9rlE7S80yO/WAK6kpri6r18J18/9lYm9lNB8=", - "zh:2ae1ba33889babf740298f131c3151477c638a6d8dc2d850f207380ae91d5ee0", - "zh:2b950b0f4dcb1f79e10ad9611fc1573114028be423af742eb9b5027d1e1127fc", - "zh:4557ce5a9ce78e365af99c15c3a2d4d37a246535d0d62182a66cfc1c9de53cbd", - "zh:5ced8255a5cd868ebd6a0ba377b5016f578be402daea7479e488c109a74e8339", - "zh:6b7666678f6238637c7f78020edb8405669804a18ae580296419fb4179642cf6", - "zh:8677c153477daf1b636421a00633f25022b8c33fc803699d6ea6f89b75b4554b", - "zh:9f85498e26bf90049c252e6220a5a47cff88a4cd249e08845c59bd4c16aa48f3", - "zh:dce93c05d1852f1c692566c2ebf7200cb98aa059301044c2211c10319354c680", - "zh:df72b36e76e0721904c63eab34191bc9c4ccf93d067c2a0d455dd8bb39e73b66", - "zh:e9a9e8d8ae14ab6e661f3f9b07c5edec60507203dac7d2f187dc716317f4d79c", + "h1:8zB9kfcafSCeIFO/Ein+Z5gN6hMIV4CrPm43evEkzTE=", + "zh:43543160dc2cee6f05b37eadc49e0da2ed99b1d16ca40dcb74de4ec17bf30430", + "zh:44e92661b6b2e7823f931c459780eaa844c7ee8fecca676aa632ededfc0d6180", + "zh:504cc9967f9e51969d012338e7b36bf689a672e0c780d821ea36bbad0d1bd4c4", + "zh:6e3c24761dd073984274dcdb5e5a7f81619c2665c2aef5b35769b31cb1c72bb8", + "zh:86ce6f0049a4d243574f5c3a31b6e405cc48e203f3d97722615779a5f06143e4", + "zh:bf2b79a89ea02d146a3ea0c1c1232bb065ba2283c54f4a3d4ac8b04e11f2119d", + "zh:ca5e3a2758c92a934e91a5d1919947300e0645e2ba71aeb9884b896e6b123d3f", + "zh:d8f4f55faea7250226839a02c6134d193f3d072293452be58e8181aab925b1ad", + "zh:e5189f66c2c4e1264092c79d11bc07e7dc82d99701dc0592dcd879a746ec2910", + "zh:e6471441d4565910a67d79f480dafc8c1d19e29ae1588b0515269f7fb815f40f", + "zh:e6514660a85b8f921b968576250ac3d983cda1c06aaef801c21e908a8b9f873b", "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c", - "zh:fb92287bca4fc7b49666c644ca7789e4acf5b17317acb963f138c0ae6347a289", ] } diff --git a/regional/onboarding/README.md b/regional/onboarding/README.md index 7dea4872..5f88b5d6 100755 --- a/regional/onboarding/README.md +++ b/regional/onboarding/README.md @@ -9,7 +9,7 @@ No requirements. | Name | Version | |------|---------| -| [google](#provider\_google) | 6.17.0 | +| [google](#provider\_google) | 6.18.1 | | [terraform](#provider\_terraform) | n/a | ## Modules diff --git a/regional/opa-gatekeeper/.terraform.lock.hcl b/regional/opa-gatekeeper/.terraform.lock.hcl index 2eda8057..48f537e3 100644 --- a/regional/opa-gatekeeper/.terraform.lock.hcl +++ b/regional/opa-gatekeeper/.terraform.lock.hcl @@ -2,21 +2,21 @@ # Manual edits may be lost in future updates. provider "registry.terraform.io/hashicorp/google" { - version = "6.17.0" + version = "6.18.1" hashes = [ - "h1:J7qp2vw9rlE7S80yO/WAK6kpri6r18J18/9lYm9lNB8=", - "zh:2ae1ba33889babf740298f131c3151477c638a6d8dc2d850f207380ae91d5ee0", - "zh:2b950b0f4dcb1f79e10ad9611fc1573114028be423af742eb9b5027d1e1127fc", - "zh:4557ce5a9ce78e365af99c15c3a2d4d37a246535d0d62182a66cfc1c9de53cbd", - "zh:5ced8255a5cd868ebd6a0ba377b5016f578be402daea7479e488c109a74e8339", - "zh:6b7666678f6238637c7f78020edb8405669804a18ae580296419fb4179642cf6", - "zh:8677c153477daf1b636421a00633f25022b8c33fc803699d6ea6f89b75b4554b", - "zh:9f85498e26bf90049c252e6220a5a47cff88a4cd249e08845c59bd4c16aa48f3", - "zh:dce93c05d1852f1c692566c2ebf7200cb98aa059301044c2211c10319354c680", - "zh:df72b36e76e0721904c63eab34191bc9c4ccf93d067c2a0d455dd8bb39e73b66", - "zh:e9a9e8d8ae14ab6e661f3f9b07c5edec60507203dac7d2f187dc716317f4d79c", + "h1:8zB9kfcafSCeIFO/Ein+Z5gN6hMIV4CrPm43evEkzTE=", + "zh:43543160dc2cee6f05b37eadc49e0da2ed99b1d16ca40dcb74de4ec17bf30430", + "zh:44e92661b6b2e7823f931c459780eaa844c7ee8fecca676aa632ededfc0d6180", + "zh:504cc9967f9e51969d012338e7b36bf689a672e0c780d821ea36bbad0d1bd4c4", + "zh:6e3c24761dd073984274dcdb5e5a7f81619c2665c2aef5b35769b31cb1c72bb8", + "zh:86ce6f0049a4d243574f5c3a31b6e405cc48e203f3d97722615779a5f06143e4", + "zh:bf2b79a89ea02d146a3ea0c1c1232bb065ba2283c54f4a3d4ac8b04e11f2119d", + "zh:ca5e3a2758c92a934e91a5d1919947300e0645e2ba71aeb9884b896e6b123d3f", + "zh:d8f4f55faea7250226839a02c6134d193f3d072293452be58e8181aab925b1ad", + "zh:e5189f66c2c4e1264092c79d11bc07e7dc82d99701dc0592dcd879a746ec2910", + "zh:e6471441d4565910a67d79f480dafc8c1d19e29ae1588b0515269f7fb815f40f", + "zh:e6514660a85b8f921b968576250ac3d983cda1c06aaef801c21e908a8b9f873b", "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c", - "zh:fb92287bca4fc7b49666c644ca7789e4acf5b17317acb963f138c0ae6347a289", ] } diff --git a/regional/opa-gatekeeper/README.md b/regional/opa-gatekeeper/README.md index 5a4a2d1f..693336b6 100755 --- a/regional/opa-gatekeeper/README.md +++ b/regional/opa-gatekeeper/README.md @@ -9,7 +9,7 @@ No requirements. | Name | Version | |------|---------| -| [google](#provider\_google) | 6.17.0 | +| [google](#provider\_google) | 6.18.1 | ## Modules diff --git a/regional/opa-gatekeeper/manifests/.terraform.lock.hcl b/regional/opa-gatekeeper/manifests/.terraform.lock.hcl index dda261c4..5aee0e1b 100644 --- a/regional/opa-gatekeeper/manifests/.terraform.lock.hcl +++ b/regional/opa-gatekeeper/manifests/.terraform.lock.hcl @@ -2,21 +2,22 @@ # Manual edits may be lost in future updates. provider "registry.terraform.io/hashicorp/google" { - version = "6.16.0" + version = "6.18.1" hashes = [ - "h1:dVywsjJ17IF+o9c9PQqGrCJiQvCrrWBRt2Gt4OPzTlo=", - "zh:1e263d01a64740d550f14c83e91efaf5b3f7ee46163cce58b736da284e488377", - "zh:5b0885ee8875b98ef75f558e278ac5f2ba0850e0e6579c898d75a488be227e93", - "zh:6eb8d06a5cf9843e7a4dd18bd93fc785bdec9f5aebdef748bfbe349c0e085ce5", - "zh:82f57bcccc35271f39a090b687c37489f81ddeec2a792e7f5341c7cdcc51fa5c", - "zh:898d7ed728f45c3124e2bfbbde57b762e59c9c54e020453edc9454858d65a8c5", - "zh:8effa4a08cc3ffce2048b4e51ad6df0c288ce0c79c161b9716a16b482d2f18be", - "zh:ac80c44c9dc0c7016c3422390b17380ad03257abc09a224734ed359b2cd61d0a", - "zh:c2e03eba3d9af62948ba82aa1de627c692731b9a7dd46119b932c6fc9514306c", - "zh:ca77c67f72e7210112f485ef0fc555fde3ac818de9b7136f0b37142893ba6428", - "zh:ea8ccff7fece47be816f3f20fdd61b8ac3a72f515720c579a2560183b1e17658", + "h1:8zB9kfcafSCeIFO/Ein+Z5gN6hMIV4CrPm43evEkzTE=", + "h1:vv2CxjgTP7/K6xk/s1lK9LOBvDKXjnCb6yUsbfhiMwA=", + "zh:43543160dc2cee6f05b37eadc49e0da2ed99b1d16ca40dcb74de4ec17bf30430", + "zh:44e92661b6b2e7823f931c459780eaa844c7ee8fecca676aa632ededfc0d6180", + "zh:504cc9967f9e51969d012338e7b36bf689a672e0c780d821ea36bbad0d1bd4c4", + "zh:6e3c24761dd073984274dcdb5e5a7f81619c2665c2aef5b35769b31cb1c72bb8", + "zh:86ce6f0049a4d243574f5c3a31b6e405cc48e203f3d97722615779a5f06143e4", + "zh:bf2b79a89ea02d146a3ea0c1c1232bb065ba2283c54f4a3d4ac8b04e11f2119d", + "zh:ca5e3a2758c92a934e91a5d1919947300e0645e2ba71aeb9884b896e6b123d3f", + "zh:d8f4f55faea7250226839a02c6134d193f3d072293452be58e8181aab925b1ad", + "zh:e5189f66c2c4e1264092c79d11bc07e7dc82d99701dc0592dcd879a746ec2910", + "zh:e6471441d4565910a67d79f480dafc8c1d19e29ae1588b0515269f7fb815f40f", + "zh:e6514660a85b8f921b968576250ac3d983cda1c06aaef801c21e908a8b9f873b", "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c", - "zh:f5d626eb6e9015022796849d6ba733627fa9e082302a8658dd83fc74c75db162", ] } From 470563c44553ef0f6a0f166f4bd6d85d4f587964 Mon Sep 17 00:00:00 2001 From: Brett Curtis Date: Sat, 1 Feb 2025 19:01:14 -0500 Subject: [PATCH 2/4] Update cert-manager module to include self-signed certificate outputs and add remote state datasource --- .pre-commit-config.yaml | 2 +- README.md | 2 ++ outputs.tf | 11 ++++++++++ .../istio-csr/.terraform.lock.hcl | 2 -- regional/cert-manager/istio-csr/README.md | 8 +++++-- regional/cert-manager/istio-csr/locals.tf | 6 +++++ regional/cert-manager/istio-csr/main.tf | 22 ++++++++++++++++--- regional/cert-manager/istio-csr/variables.tf | 7 ++++++ regional/datadog/.terraform.lock.hcl | 1 - .../manifests/.terraform.lock.hcl | 1 - 10 files changed, 52 insertions(+), 10 deletions(-) create mode 100755 regional/cert-manager/istio-csr/locals.tf create mode 100755 regional/cert-manager/istio-csr/variables.tf diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index d09045c5..5500d77d 100755 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -12,7 +12,7 @@ repos: - id: check-symlinks - repo: https://github.com/antonbabenko/pre-commit-terraform - rev: v1.97.0 + rev: v1.97.1 hooks: - id: terraform_fmt diff --git a/README.md b/README.md index 57b4f4af..e40de159 100644 --- a/README.md +++ b/README.md @@ -84,6 +84,8 @@ No resources. | Name | Description | |------|-------------| +| [kubernetes\_cert\_manager\_tls\_self\_signed\_cert\_cert\_manager\_root\_cert](#output\_kubernetes\_cert\_manager\_tls\_self\_signed\_cert\_cert\_manager\_root\_cert) | The self-signed certificate for the cert-manager root certificate | +| [kubernetes\_cert\_manager\_tls\_self\_signed\_cert\_cert\_manager\_root\_key](#output\_kubernetes\_cert\_manager\_tls\_self\_signed\_cert\_cert\_manager\_root\_key) | The private key for the cert-manager root certificate | | [kubernetes\_engine\_container\_deployer\_service\_accounts](#output\_kubernetes\_engine\_container\_deployer\_service\_accounts) | The service accounts for the container deployer | | [kubernetes\_engine\_workload\_identity\_service\_account\_emails](#output\_kubernetes\_engine\_workload\_identity\_service\_account\_emails) | The email addresses of the service accounts for the Kubernetes namespace workload identity | | [kubernetes\_istio\_gateway\_mci\_global\_address](#output\_kubernetes\_istio\_gateway\_mci\_global\_address) | The IP address for the Istio Gateway multi-cluster ingress | diff --git a/outputs.tf b/outputs.tf index 2635057a..2c92e563 100755 --- a/outputs.tf +++ b/outputs.tf @@ -11,6 +11,17 @@ output "kubernetes_engine_workload_identity_service_account_emails" { value = module.kubernetes_engine.workload_identity_service_account_emails } +output "kubernetes_cert_manager_tls_self_signed_cert_cert_manager_root_cert" { + description = "The self-signed certificate for the cert-manager root certificate" + value = module.kubernetes_cert_manager.tls_self_signed_cert_cert_manager_root_cert +} + +output "kubernetes_cert_manager_tls_self_signed_cert_cert_manager_root_key" { + description = "The private key for the cert-manager root certificate" + value = module.kubernetes_cert_manager.tls_self_signed_cert_cert_manager_root_key + sensitive = true +} + output "kubernetes_istio_gateway_mci_global_address" { description = "The IP address for the Istio Gateway multi-cluster ingress" value = module.kubernetes_istio.gateway_mci_global_address diff --git a/regional/cert-manager/istio-csr/.terraform.lock.hcl b/regional/cert-manager/istio-csr/.terraform.lock.hcl index eeb38796..48f537e3 100644 --- a/regional/cert-manager/istio-csr/.terraform.lock.hcl +++ b/regional/cert-manager/istio-csr/.terraform.lock.hcl @@ -24,7 +24,6 @@ provider "registry.terraform.io/hashicorp/helm" { version = "2.17.0" hashes = [ "h1:K5FEjxvDnxb1JF1kG1xr8J3pNGxoaR3Z0IBG9Csm/Is=", - "h1:d+dlN1Fkoz5lceag+thNtavfNgK7xeNXoiyfblGvCWM=", "zh:06fb4e9932f0afc1904d2279e6e99353c2ddac0d765305ce90519af410706bd4", "zh:104eccfc781fc868da3c7fec4385ad14ed183eb985c96331a1a937ac79c2d1a7", "zh:129345c82359837bb3f0070ce4891ec232697052f7d5ccf61d43d818912cf5f3", @@ -44,7 +43,6 @@ provider "registry.terraform.io/hashicorp/kubernetes" { version = "2.35.1" hashes = [ "h1:Av0Wk8g2XjY2oap7nyWNHEgfCRfphdJvrkqJjEM2ZKM=", - "h1:oTRH/lPQZH5SvBfmd1BKUqYQwE7Y/ALGY6XwMQTlAuw=", "zh:12212ca5ae47823ce14bfafb909eeb6861faf1e2435fb2fc4a8b334b3544b5f5", "zh:3f49b3d77182df06b225ab266667de69681c2e75d296867eb2cf06a8f8db768c", "zh:40832494d19f8a2b3cd0c18b80294d0b23ef6b82f6f6897b5fe00248a9997460", diff --git a/regional/cert-manager/istio-csr/README.md b/regional/cert-manager/istio-csr/README.md index dd6b29d2..01cb1ab9 100755 --- a/regional/cert-manager/istio-csr/README.md +++ b/regional/cert-manager/istio-csr/README.md @@ -10,13 +10,14 @@ No requirements. | Name | Version | |------|---------| | [google](#provider\_google) | 6.18.1 | +| [terraform](#provider\_terraform) | n/a | ## Modules | Name | Source | Version | |------|--------|---------| | [helpers](#module\_helpers) | github.com/osinfra-io/terraform-core-helpers//root | v0.1.2 | -| [kubernetes\_cert\_manager\_istio\_csr](#module\_kubernetes\_cert\_manager\_istio\_csr) | github.com/osinfra-io/terraform-kubernetes-cert-manager//regional/istio-csr | v0.1.4 | +| [kubernetes\_cert\_manager\_istio\_csr](#module\_kubernetes\_cert\_manager\_istio\_csr) | github.com/osinfra-io/terraform-kubernetes-cert-manager//regional/istio-csr | tls | ## Resources @@ -26,10 +27,13 @@ No requirements. | [google_container_cluster.this](https://registry.terraform.io/providers/hashicorp/google/latest/docs/data-sources/container_cluster) | data source | | [google_project.this](https://registry.terraform.io/providers/hashicorp/google/latest/docs/data-sources/project) | data source | | [google_projects.this](https://registry.terraform.io/providers/hashicorp/google/latest/docs/data-sources/projects) | data source | +| [terraform_remote_state.main](https://registry.terraform.io/providers/hashicorp/terraform/latest/docs/data-sources/remote_state) | data source | ## Inputs -No inputs. +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [remote\_bucket](#input\_remote\_bucket) | The remote bucket the `terraform_remote_state` data source retrieves the state from | `string` | n/a | yes | ## Outputs diff --git a/regional/cert-manager/istio-csr/locals.tf b/regional/cert-manager/istio-csr/locals.tf new file mode 100755 index 00000000..9077824a --- /dev/null +++ b/regional/cert-manager/istio-csr/locals.tf @@ -0,0 +1,6 @@ +# Local Values +# https://www.terraform.io/docs/language/values/locals.html + +locals { + main = data.terraform_remote_state.main.outputs +} diff --git a/regional/cert-manager/istio-csr/main.tf b/regional/cert-manager/istio-csr/main.tf index 52f884ec..df8e607c 100644 --- a/regional/cert-manager/istio-csr/main.tf +++ b/regional/cert-manager/istio-csr/main.tf @@ -1,9 +1,25 @@ +# Terraform Remote State Datasource +# https://www.terraform.io/docs/language/state/remote-state-data.html + +data "terraform_remote_state" "main" { + backend = "gcs" + + config = { + bucket = var.remote_bucket + prefix = module.helpers.repository + } + + workspace = "main-${module.helpers.environment}" +} + # Kubernetes cert-manager Module (osinfra.io) # https://github.com/osinfra-io/terraform-kubernetes-cert-manager module "kubernetes_cert_manager_istio_csr" { - source = "github.com/osinfra-io/terraform-kubernetes-cert-manager//regional/istio-csr?ref=v0.1.4" + source = "github.com/osinfra-io/terraform-kubernetes-cert-manager//regional/istio-csr?ref=tls" - artifact_registry = "us-docker.pkg.dev/plt-lz-services-tf79-prod/plt-docker-virtual" - cluster_prefix = "plt" + artifact_registry = "us-docker.pkg.dev/plt-lz-services-tf79-prod/plt-docker-virtual" + cluster_prefix = "plt" + tls_self_signed_cert_cert_manager_root_cert = local.main.kubernetes_cert_manager_tls_self_signed_cert_cert_manager_root_cert + tls_self_signed_cert_cert_manager_root_key = local.main.kubernetes_cert_manager_tls_self_signed_cert_cert_manager_root_key } diff --git a/regional/cert-manager/istio-csr/variables.tf b/regional/cert-manager/istio-csr/variables.tf new file mode 100755 index 00000000..6188dc71 --- /dev/null +++ b/regional/cert-manager/istio-csr/variables.tf @@ -0,0 +1,7 @@ +# Input Variables +# https://www.terraform.io/language/values/variables + +variable "remote_bucket" { + type = string + description = "The remote bucket the `terraform_remote_state` data source retrieves the state from" +} diff --git a/regional/datadog/.terraform.lock.hcl b/regional/datadog/.terraform.lock.hcl index 12a575e6..48f537e3 100644 --- a/regional/datadog/.terraform.lock.hcl +++ b/regional/datadog/.terraform.lock.hcl @@ -24,7 +24,6 @@ provider "registry.terraform.io/hashicorp/helm" { version = "2.17.0" hashes = [ "h1:K5FEjxvDnxb1JF1kG1xr8J3pNGxoaR3Z0IBG9Csm/Is=", - "h1:bbJRf27xTk2hCi771wqKQEl+EyaTQAE5vk/pIoYkRsw=", "zh:06fb4e9932f0afc1904d2279e6e99353c2ddac0d765305ce90519af410706bd4", "zh:104eccfc781fc868da3c7fec4385ad14ed183eb985c96331a1a937ac79c2d1a7", "zh:129345c82359837bb3f0070ce4891ec232697052f7d5ccf61d43d818912cf5f3", diff --git a/regional/opa-gatekeeper/manifests/.terraform.lock.hcl b/regional/opa-gatekeeper/manifests/.terraform.lock.hcl index 5aee0e1b..48f537e3 100644 --- a/regional/opa-gatekeeper/manifests/.terraform.lock.hcl +++ b/regional/opa-gatekeeper/manifests/.terraform.lock.hcl @@ -5,7 +5,6 @@ provider "registry.terraform.io/hashicorp/google" { version = "6.18.1" hashes = [ "h1:8zB9kfcafSCeIFO/Ein+Z5gN6hMIV4CrPm43evEkzTE=", - "h1:vv2CxjgTP7/K6xk/s1lK9LOBvDKXjnCb6yUsbfhiMwA=", "zh:43543160dc2cee6f05b37eadc49e0da2ed99b1d16ca40dcb74de4ec17bf30430", "zh:44e92661b6b2e7823f931c459780eaa844c7ee8fecca676aa632ededfc0d6180", "zh:504cc9967f9e51969d012338e7b36bf689a672e0c780d821ea36bbad0d1bd4c4", From 3b99264a72ad0a45f1cf91a94789a77eca424fc2 Mon Sep 17 00:00:00 2001 From: Brett Curtis Date: Sat, 1 Feb 2025 19:36:11 -0500 Subject: [PATCH 3/4] Add remote bucket configurations for Istio CSR in multiple environments --- .../istio-csr/tfvars/us-east1-b-non-production.tfvars | 1 + .../cert-manager/istio-csr/tfvars/us-east1-b-production.tfvars | 1 + regional/cert-manager/istio-csr/tfvars/us-east1-b-sandbox.tfvars | 1 + .../istio-csr/tfvars/us-east1-c-non-production.tfvars | 1 + .../cert-manager/istio-csr/tfvars/us-east1-c-production.tfvars | 1 + regional/cert-manager/istio-csr/tfvars/us-east1-c-sandbox.tfvars | 1 + .../istio-csr/tfvars/us-east1-d-non-production.tfvars | 1 + .../cert-manager/istio-csr/tfvars/us-east1-d-production.tfvars | 1 + regional/cert-manager/istio-csr/tfvars/us-east1-d-sandbox.tfvars | 1 + .../istio-csr/tfvars/us-east4-a-non-production.tfvars | 1 + .../cert-manager/istio-csr/tfvars/us-east4-a-production.tfvars | 1 + regional/cert-manager/istio-csr/tfvars/us-east4-a-sandbox.tfvars | 1 + .../istio-csr/tfvars/us-east4-b-non-production.tfvars | 1 + .../cert-manager/istio-csr/tfvars/us-east4-b-production.tfvars | 1 + regional/cert-manager/istio-csr/tfvars/us-east4-b-sandbox.tfvars | 1 + .../istio-csr/tfvars/us-east4-c-non-production.tfvars | 1 + .../cert-manager/istio-csr/tfvars/us-east4-c-production.tfvars | 1 + regional/cert-manager/istio-csr/tfvars/us-east4-c-sandbox.tfvars | 1 + 18 files changed, 18 insertions(+) diff --git a/regional/cert-manager/istio-csr/tfvars/us-east1-b-non-production.tfvars b/regional/cert-manager/istio-csr/tfvars/us-east1-b-non-production.tfvars index e69de29b..552ae9e2 100755 --- a/regional/cert-manager/istio-csr/tfvars/us-east1-b-non-production.tfvars +++ b/regional/cert-manager/istio-csr/tfvars/us-east1-b-non-production.tfvars @@ -0,0 +1 @@ +remote_bucket = "plt-k8s-ae26-nonprod" diff --git a/regional/cert-manager/istio-csr/tfvars/us-east1-b-production.tfvars b/regional/cert-manager/istio-csr/tfvars/us-east1-b-production.tfvars index e69de29b..565a4280 100755 --- a/regional/cert-manager/istio-csr/tfvars/us-east1-b-production.tfvars +++ b/regional/cert-manager/istio-csr/tfvars/us-east1-b-production.tfvars @@ -0,0 +1 @@ +remote_bucket = "plt-k8s-53a5-prod" diff --git a/regional/cert-manager/istio-csr/tfvars/us-east1-b-sandbox.tfvars b/regional/cert-manager/istio-csr/tfvars/us-east1-b-sandbox.tfvars index e69de29b..633f36fa 100755 --- a/regional/cert-manager/istio-csr/tfvars/us-east1-b-sandbox.tfvars +++ b/regional/cert-manager/istio-csr/tfvars/us-east1-b-sandbox.tfvars @@ -0,0 +1 @@ +remote_bucket = "plt-k8s-4312-sb" diff --git a/regional/cert-manager/istio-csr/tfvars/us-east1-c-non-production.tfvars b/regional/cert-manager/istio-csr/tfvars/us-east1-c-non-production.tfvars index e69de29b..552ae9e2 100755 --- a/regional/cert-manager/istio-csr/tfvars/us-east1-c-non-production.tfvars +++ b/regional/cert-manager/istio-csr/tfvars/us-east1-c-non-production.tfvars @@ -0,0 +1 @@ +remote_bucket = "plt-k8s-ae26-nonprod" diff --git a/regional/cert-manager/istio-csr/tfvars/us-east1-c-production.tfvars b/regional/cert-manager/istio-csr/tfvars/us-east1-c-production.tfvars index e69de29b..565a4280 100755 --- a/regional/cert-manager/istio-csr/tfvars/us-east1-c-production.tfvars +++ b/regional/cert-manager/istio-csr/tfvars/us-east1-c-production.tfvars @@ -0,0 +1 @@ +remote_bucket = "plt-k8s-53a5-prod" diff --git a/regional/cert-manager/istio-csr/tfvars/us-east1-c-sandbox.tfvars b/regional/cert-manager/istio-csr/tfvars/us-east1-c-sandbox.tfvars index e69de29b..633f36fa 100755 --- a/regional/cert-manager/istio-csr/tfvars/us-east1-c-sandbox.tfvars +++ b/regional/cert-manager/istio-csr/tfvars/us-east1-c-sandbox.tfvars @@ -0,0 +1 @@ +remote_bucket = "plt-k8s-4312-sb" diff --git a/regional/cert-manager/istio-csr/tfvars/us-east1-d-non-production.tfvars b/regional/cert-manager/istio-csr/tfvars/us-east1-d-non-production.tfvars index e69de29b..552ae9e2 100755 --- a/regional/cert-manager/istio-csr/tfvars/us-east1-d-non-production.tfvars +++ b/regional/cert-manager/istio-csr/tfvars/us-east1-d-non-production.tfvars @@ -0,0 +1 @@ +remote_bucket = "plt-k8s-ae26-nonprod" diff --git a/regional/cert-manager/istio-csr/tfvars/us-east1-d-production.tfvars b/regional/cert-manager/istio-csr/tfvars/us-east1-d-production.tfvars index e69de29b..565a4280 100755 --- a/regional/cert-manager/istio-csr/tfvars/us-east1-d-production.tfvars +++ b/regional/cert-manager/istio-csr/tfvars/us-east1-d-production.tfvars @@ -0,0 +1 @@ +remote_bucket = "plt-k8s-53a5-prod" diff --git a/regional/cert-manager/istio-csr/tfvars/us-east1-d-sandbox.tfvars b/regional/cert-manager/istio-csr/tfvars/us-east1-d-sandbox.tfvars index e69de29b..633f36fa 100755 --- a/regional/cert-manager/istio-csr/tfvars/us-east1-d-sandbox.tfvars +++ b/regional/cert-manager/istio-csr/tfvars/us-east1-d-sandbox.tfvars @@ -0,0 +1 @@ +remote_bucket = "plt-k8s-4312-sb" diff --git a/regional/cert-manager/istio-csr/tfvars/us-east4-a-non-production.tfvars b/regional/cert-manager/istio-csr/tfvars/us-east4-a-non-production.tfvars index e69de29b..552ae9e2 100755 --- a/regional/cert-manager/istio-csr/tfvars/us-east4-a-non-production.tfvars +++ b/regional/cert-manager/istio-csr/tfvars/us-east4-a-non-production.tfvars @@ -0,0 +1 @@ +remote_bucket = "plt-k8s-ae26-nonprod" diff --git a/regional/cert-manager/istio-csr/tfvars/us-east4-a-production.tfvars b/regional/cert-manager/istio-csr/tfvars/us-east4-a-production.tfvars index e69de29b..565a4280 100755 --- a/regional/cert-manager/istio-csr/tfvars/us-east4-a-production.tfvars +++ b/regional/cert-manager/istio-csr/tfvars/us-east4-a-production.tfvars @@ -0,0 +1 @@ +remote_bucket = "plt-k8s-53a5-prod" diff --git a/regional/cert-manager/istio-csr/tfvars/us-east4-a-sandbox.tfvars b/regional/cert-manager/istio-csr/tfvars/us-east4-a-sandbox.tfvars index e69de29b..633f36fa 100755 --- a/regional/cert-manager/istio-csr/tfvars/us-east4-a-sandbox.tfvars +++ b/regional/cert-manager/istio-csr/tfvars/us-east4-a-sandbox.tfvars @@ -0,0 +1 @@ +remote_bucket = "plt-k8s-4312-sb" diff --git a/regional/cert-manager/istio-csr/tfvars/us-east4-b-non-production.tfvars b/regional/cert-manager/istio-csr/tfvars/us-east4-b-non-production.tfvars index e69de29b..552ae9e2 100755 --- a/regional/cert-manager/istio-csr/tfvars/us-east4-b-non-production.tfvars +++ b/regional/cert-manager/istio-csr/tfvars/us-east4-b-non-production.tfvars @@ -0,0 +1 @@ +remote_bucket = "plt-k8s-ae26-nonprod" diff --git a/regional/cert-manager/istio-csr/tfvars/us-east4-b-production.tfvars b/regional/cert-manager/istio-csr/tfvars/us-east4-b-production.tfvars index e69de29b..565a4280 100755 --- a/regional/cert-manager/istio-csr/tfvars/us-east4-b-production.tfvars +++ b/regional/cert-manager/istio-csr/tfvars/us-east4-b-production.tfvars @@ -0,0 +1 @@ +remote_bucket = "plt-k8s-53a5-prod" diff --git a/regional/cert-manager/istio-csr/tfvars/us-east4-b-sandbox.tfvars b/regional/cert-manager/istio-csr/tfvars/us-east4-b-sandbox.tfvars index e69de29b..633f36fa 100755 --- a/regional/cert-manager/istio-csr/tfvars/us-east4-b-sandbox.tfvars +++ b/regional/cert-manager/istio-csr/tfvars/us-east4-b-sandbox.tfvars @@ -0,0 +1 @@ +remote_bucket = "plt-k8s-4312-sb" diff --git a/regional/cert-manager/istio-csr/tfvars/us-east4-c-non-production.tfvars b/regional/cert-manager/istio-csr/tfvars/us-east4-c-non-production.tfvars index e69de29b..552ae9e2 100755 --- a/regional/cert-manager/istio-csr/tfvars/us-east4-c-non-production.tfvars +++ b/regional/cert-manager/istio-csr/tfvars/us-east4-c-non-production.tfvars @@ -0,0 +1 @@ +remote_bucket = "plt-k8s-ae26-nonprod" diff --git a/regional/cert-manager/istio-csr/tfvars/us-east4-c-production.tfvars b/regional/cert-manager/istio-csr/tfvars/us-east4-c-production.tfvars index e69de29b..565a4280 100755 --- a/regional/cert-manager/istio-csr/tfvars/us-east4-c-production.tfvars +++ b/regional/cert-manager/istio-csr/tfvars/us-east4-c-production.tfvars @@ -0,0 +1 @@ +remote_bucket = "plt-k8s-53a5-prod" diff --git a/regional/cert-manager/istio-csr/tfvars/us-east4-c-sandbox.tfvars b/regional/cert-manager/istio-csr/tfvars/us-east4-c-sandbox.tfvars index e69de29b..633f36fa 100755 --- a/regional/cert-manager/istio-csr/tfvars/us-east4-c-sandbox.tfvars +++ b/regional/cert-manager/istio-csr/tfvars/us-east4-c-sandbox.tfvars @@ -0,0 +1 @@ +remote_bucket = "plt-k8s-4312-sb" From 31c6664cd34d878f6962892e2d1f491b0319ef7d Mon Sep 17 00:00:00 2001 From: Brett Curtis Date: Sun, 2 Feb 2025 06:49:42 -0500 Subject: [PATCH 4/4] Update Istio module references to use 'ecdsa' version --- README.md | 2 +- main.tf | 2 +- regional/istio/README.md | 2 +- regional/istio/main.tf | 2 +- regional/istio/manifests/README.md | 2 +- regional/istio/manifests/main.tf | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index e40de159..9e404a36 100644 --- a/README.md +++ b/README.md @@ -59,7 +59,7 @@ No providers. | [helpers](#module\_helpers) | github.com/osinfra-io/terraform-core-helpers//root | v0.1.2 | | [kubernetes\_cert\_manager](#module\_kubernetes\_cert\_manager) | github.com/osinfra-io/terraform-kubernetes-cert-manager | tls | | [kubernetes\_engine](#module\_kubernetes\_engine) | github.com/osinfra-io/terraform-google-kubernetes-engine | v0.2.2 | -| [kubernetes\_istio](#module\_kubernetes\_istio) | github.com/osinfra-io/terraform-kubernetes-istio | v0.1.7 | +| [kubernetes\_istio](#module\_kubernetes\_istio) | github.com/osinfra-io/terraform-kubernetes-istio | ecdsa | | [project](#module\_project) | github.com/osinfra-io/terraform-google-project | v0.4.5 | #### Resources diff --git a/main.tf b/main.tf index c97f2214..e799e7a2 100644 --- a/main.tf +++ b/main.tf @@ -33,7 +33,7 @@ module "kubernetes_engine" { # https://github.com/osinfra-io/terraform-kubernetes-istio module "kubernetes_istio" { - source = "github.com/osinfra-io/terraform-kubernetes-istio?ref=v0.1.7" + source = "github.com/osinfra-io/terraform-kubernetes-istio?ref=ecdsa" gateway_dns = var.kubernetes_istio_gateway_dns labels = module.helpers.labels diff --git a/regional/istio/README.md b/regional/istio/README.md index 03b0ecd2..6364911f 100755 --- a/regional/istio/README.md +++ b/regional/istio/README.md @@ -17,7 +17,7 @@ No requirements. | Name | Source | Version | |------|--------|---------| | [helpers](#module\_helpers) | github.com/osinfra-io/terraform-core-helpers//root | v0.1.2 | -| [kubernetes\_istio](#module\_kubernetes\_istio) | github.com/osinfra-io/terraform-kubernetes-istio//regional | v0.1.7 | +| [kubernetes\_istio](#module\_kubernetes\_istio) | github.com/osinfra-io/terraform-kubernetes-istio//regional | ecdsa | ## Resources diff --git a/regional/istio/main.tf b/regional/istio/main.tf index 92449c72..cf4e11f5 100755 --- a/regional/istio/main.tf +++ b/regional/istio/main.tf @@ -16,7 +16,7 @@ data "terraform_remote_state" "main" { # https://github.com/osinfra-io/terraform-kubernetes-istio module "kubernetes_istio" { - source = "github.com/osinfra-io/terraform-kubernetes-istio//regional?ref=v0.1.7" + source = "github.com/osinfra-io/terraform-kubernetes-istio//regional?ref=ecdsa" artifact_registry = "us-docker.pkg.dev/plt-lz-services-tf79-prod/plt-docker-virtual" cluster_prefix = "plt" diff --git a/regional/istio/manifests/README.md b/regional/istio/manifests/README.md index 16c435fb..3b46328d 100755 --- a/regional/istio/manifests/README.md +++ b/regional/istio/manifests/README.md @@ -16,7 +16,7 @@ No requirements. | Name | Source | Version | |------|--------|---------| | [helpers](#module\_helpers) | github.com/osinfra-io/terraform-core-helpers//root | v0.1.2 | -| [kubernetes\_istio\_manifests](#module\_kubernetes\_istio\_manifests) | github.com/osinfra-io/terraform-kubernetes-istio//regional/manifests | v0.1.7 | +| [kubernetes\_istio\_manifests](#module\_kubernetes\_istio\_manifests) | github.com/osinfra-io/terraform-kubernetes-istio//regional/manifests | ecdsa | ## Resources diff --git a/regional/istio/manifests/main.tf b/regional/istio/manifests/main.tf index 663afd14..8eb47002 100644 --- a/regional/istio/manifests/main.tf +++ b/regional/istio/manifests/main.tf @@ -2,7 +2,7 @@ # https://github.com/osinfra-io/terraform-kubernetes-istio module "kubernetes_istio_manifests" { - source = "github.com/osinfra-io/terraform-kubernetes-istio//regional/manifests?ref=v0.1.7" + source = "github.com/osinfra-io/terraform-kubernetes-istio//regional/manifests?ref=ecdsa" common_istio_test_virtual_services = var.kubernetes_istio_common_istio_test_virtual_services common_virtual_services = var.kubernetes_istio_common_virtual_services