feat: update 3-networks to support TPG 4 and other updates (#733)

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Andrew Peabody <andrewpeabody@google.com>

0-bootstrap/main.tf

@@ -46,6 +46,9 @@ module "seed_bootstrap" {
   org_admins_org_iam_permissions = local.org_admins_org_iam_permissions
   project_prefix                 = var.project_prefix
 
+  # Remove after github.com/terraform-google-modules/terraform-google-bootstrap/issues/160
+  depends_on = [google_folder.bootstrap]
+
   project_labels = {
     environment       = "bootstrap"
     application_name  = "seed-bootstrap"
@@ -121,6 +124,9 @@ module "cloudbuild_bootstrap" {
   terraform_version           = "0.13.7"
   terraform_version_sha256sum = "4a52886e019b4fdad2439da5ff43388bbcc6cce9784fde32c53dcd0e28ca9957"
 
+  # Remove after github.com/terraform-google-modules/terraform-google-bootstrap/issues/160
+  depends_on = [module.seed_bootstrap]
+
   activate_apis = [
     "serviceusage.googleapis.com",
     "servicenetworking.googleapis.com",

3-networks/envs/shared/dns-hub.tf

@@ -53,7 +53,7 @@ data "google_projects" "dns_hub" {
 
 module "dns_hub_vpc" {
   source                                 = "terraform-google-modules/network/google"
-  version                                = "~> 2.0"
+  version                                = "~> 5.1"
   project_id                             = local.dns_hub_project_id
   network_name                           = "vpc-c-dns-hub"
   shared_vpc_host                        = "false"
@@ -123,7 +123,7 @@ module "dns-forwarding-zone" {
 
 module "dns_hub_region1_router1" {
   source  = "terraform-google-modules/cloud-router/google"
-  version = "~> 0.4.0"
+  version = "~> 2.0"
   name    = "cr-c-dns-hub-${local.default_region1}-cr1"
   project = local.dns_hub_project_id
   network = module.dns_hub_vpc.network_name
@@ -136,7 +136,7 @@ module "dns_hub_region1_router1" {
 
 module "dns_hub_region1_router2" {
   source  = "terraform-google-modules/cloud-router/google"
-  version = "~> 0.4.0"
+  version = "~> 2.0"
   name    = "cr-c-dns-hub-${local.default_region1}-cr2"
   project = local.dns_hub_project_id
   network = module.dns_hub_vpc.network_name
@@ -149,7 +149,7 @@ module "dns_hub_region1_router2" {
 
 module "dns_hub_region2_router1" {
   source  = "terraform-google-modules/cloud-router/google"
-  version = "~> 0.4.0"
+  version = "~> 2.0"
   name    = "cr-c-dns-hub-${local.default_region2}-cr3"
   project = local.dns_hub_project_id
   network = module.dns_hub_vpc.network_name
@@ -162,7 +162,7 @@ module "dns_hub_region2_router1" {
 
 module "dns_hub_region2_router2" {
   source  = "terraform-google-modules/cloud-router/google"
-  version = "~> 0.4.0"
+  version = "~> 2.0"
   name    = "cr-c-dns-hub-${local.default_region2}-cr4"
   project = local.dns_hub_project_id
   network = module.dns_hub_vpc.network_name

3-networks/modules/base_shared_vpc/main.tf

@@ -83,7 +83,7 @@ module "main" {
 
 module "peering" {
   source                    = "terraform-google-modules/network/google//modules/network-peering"
-  version                   = "~> 2.0"
+  version                   = "~> 5.1"
   count                     = var.mode == "spoke" ? 1 : 0
   prefix                    = "np"
   local_network             = module.main.network_self_link
@@ -124,7 +124,7 @@ resource "google_service_networking_connection" "private_vpc_connection" {
 
 module "region1_router1" {
   source  = "terraform-google-modules/cloud-router/google"
-  version = "~> 0.4.0"
+  version = "~> 2.0.0"
   count   = var.mode != "spoke" ? 1 : 0
   name    = "cr-${local.vpc_name}-${var.default_region1}-cr1"
   project = var.project_id

3-networks/modules/dedicated_interconnect/main.tf

@@ -34,7 +34,7 @@ data "google_projects" "interconnect_project" {
 
 module "interconnect_attachment1_region1" {
   source  = "terraform-google-modules/cloud-router/google//modules/interconnect_attachment"
-  version = "~> 1.3.0"
+  version = "~> 2.0.0"
 
   name    = "vl-${var.region1_interconnect1_location}-${var.vpc_name}-${var.region1}-${local.suffix1}"
   project = local.interconnect_project_id

3-networks/modules/restricted_shared_vpc/main.tf

@@ -84,7 +84,7 @@ module "main" {
 
 module "peering" {
   source                    = "terraform-google-modules/network/google//modules/network-peering"
-  version                   = "~> 2.0"
+  version                   = "~> 5.1"
   count                     = var.mode == "spoke" ? 1 : 0
   prefix                    = "np"
   local_network             = module.main.network_self_link
@@ -125,7 +125,7 @@ resource "google_service_networking_connection" "private_vpc_connection" {
 
 module "region1_router1" {
   source  = "terraform-google-modules/cloud-router/google"
-  version = "~> 1.3.0"
+  version = "~> 2.0.0"
   count   = var.mode != "spoke" ? 1 : 0
   name    = "cr-${local.vpc_name}-${var.default_region1}-cr5"
   project = var.project_id

3-networks/modules/transitivity/main.tf

@@ -54,7 +54,7 @@ module "templates" {
 
 module "migs" {
   source            = "terraform-google-modules/vm/google//modules/mig"
-  version           = "6.0.0"
+  version           = "~> 7.7"
   for_each          = toset(var.regions)
   project_id        = var.project_id
   region            = each.key
@@ -71,13 +71,14 @@ module "migs" {
       min_ready_sec                = 180
       minimal_action               = "RESTART"
       type                         = "OPPORTUNISTIC"
+      replacement_method           = "SUBSTITUTE"
     }
   ]
 }
 
 module "ilbs" {
   source                  = "GoogleCloudPlatform/lb-internal/google"
-  version                 = "~> 4.5.0"
+  version                 = "~> 4.6.0"
   for_each                = toset(var.regions)
   region                  = each.key
   name                    = each.key

4-projects/business_unit_1/shared/example_infra_pipeline.tf

@@ -32,7 +32,6 @@ module "app_infra_cloudbuild_project" {
     "artifactregistry.googleapis.com",
     "cloudresourcemanager.googleapis.com"
   ]
-
   # Metadata
   project_suffix    = "infra-pipeline"
   application_name  = "app-infra-pipelines"

4-projects/business_unit_2/shared/README.md

@@ -8,10 +8,10 @@
 | billing\_account | The ID of the billing account to associated this project with | `string` | n/a | yes |
 | budget\_amount | The amount to use as the budget | `number` | `1000` | no |
 | default\_region | Default region to create resources where applicable. | `string` | `"us-central1"` | no |
-| folder\_prefix | Name prefix to use for folders created. | `string` | `"fldr"` | no |
+| folder\_prefix | Name prefix to use for folders created. Should be the same in all steps. | `string` | `"fldr"` | no |
 | org\_id | The organization id for the associated services | `string` | n/a | yes |
-| parent\_folder | Optional - if using a folder for testing. | `string` | `""` | no |
-| project\_prefix | Name prefix to use for projects created. | `string` | `"prj"` | no |
+| parent\_folder | Optional - for an organization with existing projects or for development/validation. It will place all the example foundation resources under the provided folder instead of the root organization. The value is the numeric folder ID. The folder must already exist. Must be the same value used in previous step. | `string` | `""` | no |
+| project\_prefix | Name prefix to use for projects created. Should be the same in all steps. Max size is 3 characters. | `string` | `"prj"` | no |
 | terraform\_service\_account | Service account email of the account to impersonate to run Terraform | `string` | n/a | yes |
 
 ## Outputs

4-projects/business_unit_2/shared/variables.tf

@@ -36,7 +36,7 @@ variable "billing_account" {
 }
 
 variable "parent_folder" {
-  description = "Optional - if using a folder for testing."
+  description = "Optional - for an organization with existing projects or for development/validation. It will place all the example foundation resources under the provided folder instead of the root organization. The value is the numeric folder ID. The folder must already exist. Must be the same value used in previous step."
   type        = string
   default     = ""
 }
@@ -60,13 +60,13 @@ variable "budget_amount" {
 }
 
 variable "folder_prefix" {
-  description = "Name prefix to use for folders created."
+  description = "Name prefix to use for folders created. Should be the same in all steps."
   type        = string
   default     = "fldr"
 }
 
 variable "project_prefix" {
-  description = "Name prefix to use for projects created."
+  description = "Name prefix to use for projects created. Should be the same in all steps. Max size is 3 characters."
   type        = string
   default     = "prj"
 }

4-projects/modules/base_env/example_storage_cmek.tf

@@ -59,7 +59,7 @@ module "kms" {
 resource "random_string" "bucket_name" {
   length  = 5
   upper   = false
-  number  = true
+  numeric = true
   lower   = true
   special = false
 }

4-projects/modules/base_env/versions.tf

@@ -0,0 +1,25 @@
+/**
+ * Copyright 2022 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+terraform {
+  required_providers {
+    random = {
+      source  = "hashicorp/random"
+      version = ">= 3.3"
+    }
+  }
+
+}