terraform-example-foundation issues

expand on docs for local terraform for bootstrap

### TL;DR https://github.com/terraform-google-modules/terraform-example-foundation/tree/master/0-bootstrap#running-terraform-locally Only parameters are discussed at the same level as cloud build - for the case for where we run ADO for example https://github.com/terraform-google-modules/terraform-example-foundation/tree/master/0-bootstrap#deploying-with-cloud-build ### Expected behavior _No...

obriensystems

bug

upgrade terraform 1.3.0 past 1.6 to 1.7.4 to allow for PBR policy based routing - workaround is to gcloud the api

1

### TL;DR check at least 1.5.4 see The version of terraform run internally has issues with lack of support for later APIs https://github.com/terraform-google-modules/terraform-example-foundation/blob/master/0-bootstrap/Dockerfile#L18 ``` ARG TERRAFORM_VERSION=1.3.0 ``` We need support...

obriensystems

bug

Eliminate hardcoding of location

1

### TL;DR There are a number of places where the location is hardcoded as e.g. us_central_1 or us_west1. Shoule be parameterizable ### Terraform Resources _No response_ ### Detailed design ```markdown...

mromascanu123

enhancement

Eliminate hardcoding of business_unit (1 & 2) in 4-Projects

1

### TL;DR - why hardcoded rather than passed via global config via their parameters - why subnet_ip_range hardcoded? ### Terraform Resources _No response_ ### Detailed design ```markdown Provide configurations via...

mromascanu123

enhancement

Eliminate hardcoding of assured-workloads in 2-environments/envs/production/main.tf

1

### TL;DR module "env" { source = "../../modules/env_baseline" ... assured_workload_configuration = { hardcoded enabled, compliance_regime and location } ### Terraform Resources _No response_ ### Detailed design ```markdown Provide top-level configuration...

mromascanu123

enhancement

1-org tf plan check step 9 requires a 0-bootstrap plan check on backend validation errors - due to terraform 1.3.0 (docker) and 1.7.4 (console) mismatch - may require console terraform downgrade before starting deployment and creating the state file

8

### TL;DR see related https://github.com/terraform-google-modules/terraform-example-foundation/issues/1141 raised for readme adjustments https://github.com/terraform-google-modules/terraform-example-foundation/issues/1151 step 9 of https://github.com/terraform-google-modules/terraform-example-foundation/blob/master/1-org/README.md#deploying-with-cloud-build ## 1-org - step 9 checking tf plan issues - was due to bootstrap gcp-org -...

obriensystems

bug

Add terraform downgrade requirements to 1.3.0 to avoid state file errors in cloud build - as of 20230312 GCP cloud shell is at terraform 1.7.4 - downgrade or use a local shell

2

### TL;DR Update: should have followed the warning around 1.3.0 in https://github.com/terraform-google-modules/terraform-example-foundation/pull/831/files https://github.com/terraform-google-modules/terraform-example-foundation/blob/master/0-bootstrap/README.md#prerequisites Note: Make sure that you use version 1.3.0 of Terraform throughout this series. Otherwise, you might experience...

obriensystems

bug

upstream rebase and redeploy procedure/plan for changes since last CSR repos create

### TL;DR Tracking changes since 20240306 https://github.com/terraform-google-modules/terraform-example-foundation/pull/1148/files document a plan around managing the rebase into local CSR ### Expected behavior _No response_ ### Observed behavior _No response_ ### Terraform Configuration...

obriensystems

bug

1-org - ACM policy API failure - step 5 requires "Access Context Manager Admin" or lower on the super admin account

1

### TL;DR Same as #1145 step 5 https://github.com/terraform-google-modules/terraform-example-foundation/blob/master/1-org/README.md#deploying-with-cloud-build ``` michael@cloudshell:~/tef-olapp/github/gcp-org (tef-olapp)$ export ACCESS_CONTEXT_MANAGER_ID=$(gcloud access-context-manager policies list --organization ${ORGANIZATION_ID} --format="value(name)") echo "access_context_manager_policy_id = ${ACCESS_CONTEXT_MANAGER_ID}" ERROR: (gcloud.access-context-manager.policies.list) PERMISSION_DENIED: The caller does not...

obriensystems

bug

terraform init fails with conflicting module version requirements for hashicorp/google and hashicorp/google-beta

2

### TL;DR - ```terraform init``` fails with conflicting module version requirements - Affected providers are hashicorp/google and hashicorp/google-beta - Trying to get the TF Cloud path working (not CloudBuild or...

danscarf

backlog

bug

terraform-example-foundation
terraform-example-foundation copied to clipboard

Metadata

expand on docs for local terraform for bootstrap

upgrade terraform 1.3.0 past 1.6 to 1.7.4 to allow for PBR policy based routing - workaround is to gcloud the api

Eliminate hardcoding of location

Eliminate hardcoding of business_unit (1 & 2) in 4-Projects

Eliminate hardcoding of assured-workloads in 2-environments/envs/production/main.tf

1-org tf plan check step 9 requires a 0-bootstrap plan check on backend validation errors - due to terraform 1.3.0 (docker) and 1.7.4 (console) mismatch - may require console terraform downgrade before starting deployment and creating the state file

Add terraform downgrade requirements to 1.3.0 to avoid state file errors in cloud build - as of 20230312 GCP cloud shell is at terraform 1.7.4 - downgrade or use a local shell

upstream rebase and redeploy procedure/plan for changes since last CSR repos create

1-org - ACM policy API failure - step 5 requires "Access Context Manager Admin" or lower on the super admin account

terraform init fails with conflicting module version requirements for hashicorp/google and hashicorp/google-beta

← Metadata

Owner

Metadata

terraform-example-foundation terraform-example-foundation copied to clipboard

Metadata

← Metadata

Owner

Metadata

terraform-example-foundation
terraform-example-foundation copied to clipboard