Skip to content

Commit

Permalink
feat!: use random_project_id_length (#891)
Browse files Browse the repository at this point in the history 
feat: use random_project_id_length

Co-authored-by: Bharath KKB <bharathkrishnakb@gmail.com>
  • Loading branch information
@apeabody @bharathkkb
apeabody and bharathkkb committed Dec 1, 2022
1 parent b5071b3 commit dd063aa
Show file tree
Hide file tree
Showing 7 changed files with 98 additions and 83 deletions.
1 change: 1 addition & 0 deletions 0-bootstrap/modules/jenkins-agent/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@ module "cicd_project" {
version = "~> 14.0"
name = local.cicd_project_name
random_project_id = true
random_project_id_length = 4
disable_services_on_destroy = false
folder_id = var.folder_id
org_id = var.org_id
Expand Down
150 changes: 79 additions & 71 deletions 1-org/envs/shared/projects.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,15 +28,16 @@ locals {
*****************************************/

module "org_audit_logs" {
source = "terraform-google-modules/project-factory/google"
version = "~> 14.0"
random_project_id = true
default_service_account = "deprivilege"
name = "${local.project_prefix}-c-logging"
org_id = local.org_id
billing_account = local.billing_account
folder_id = google_folder.common.id
activate_apis = ["logging.googleapis.com", "bigquery.googleapis.com", "billingbudgets.googleapis.com"]
source = "terraform-google-modules/project-factory/google"
version = "~> 14.0"
random_project_id = true
random_project_id_length = 4
default_service_account = "deprivilege"
name = "${local.project_prefix}-c-logging"
org_id = local.org_id
billing_account = local.billing_account
folder_id = google_folder.common.id
activate_apis = ["logging.googleapis.com", "bigquery.googleapis.com", "billingbudgets.googleapis.com"]

labels = {
environment = "production"
Expand All @@ -53,15 +54,16 @@ module "org_audit_logs" {
}

module "org_billing_logs" {
source = "terraform-google-modules/project-factory/google"
version = "~> 14.0"
random_project_id = true
default_service_account = "deprivilege"
name = "${local.project_prefix}-c-billing-logs"
org_id = local.org_id
billing_account = local.billing_account
folder_id = google_folder.common.id
activate_apis = ["logging.googleapis.com", "bigquery.googleapis.com", "billingbudgets.googleapis.com"]
source = "terraform-google-modules/project-factory/google"
version = "~> 14.0"
random_project_id = true
random_project_id_length = 4
default_service_account = "deprivilege"
name = "${local.project_prefix}-c-billing-logs"
org_id = local.org_id
billing_account = local.billing_account
folder_id = google_folder.common.id
activate_apis = ["logging.googleapis.com", "bigquery.googleapis.com", "billingbudgets.googleapis.com"]

labels = {
environment = "production"
Expand All @@ -82,15 +84,16 @@ module "org_billing_logs" {
*****************************************/

module "org_secrets" {
source = "terraform-google-modules/project-factory/google"
version = "~> 14.0"
random_project_id = true
default_service_account = "deprivilege"
name = "${local.project_prefix}-c-secrets"
org_id = local.org_id
billing_account = local.billing_account
folder_id = google_folder.common.id
activate_apis = ["logging.googleapis.com", "secretmanager.googleapis.com", "billingbudgets.googleapis.com"]
source = "terraform-google-modules/project-factory/google"
version = "~> 14.0"
random_project_id = true
random_project_id_length = 4
default_service_account = "deprivilege"
name = "${local.project_prefix}-c-secrets"
org_id = local.org_id
billing_account = local.billing_account
folder_id = google_folder.common.id
activate_apis = ["logging.googleapis.com", "secretmanager.googleapis.com", "billingbudgets.googleapis.com"]

labels = {
environment = "production"
Expand All @@ -111,15 +114,16 @@ module "org_secrets" {
*****************************************/

module "interconnect" {
source = "terraform-google-modules/project-factory/google"
version = "~> 14.0"
random_project_id = true
default_service_account = "deprivilege"
name = "${local.project_prefix}-c-interconnect"
org_id = local.org_id
billing_account = local.billing_account
folder_id = google_folder.common.id
activate_apis = ["billingbudgets.googleapis.com", "compute.googleapis.com"]
source = "terraform-google-modules/project-factory/google"
version = "~> 14.0"
random_project_id = true
random_project_id_length = 4
default_service_account = "deprivilege"
name = "${local.project_prefix}-c-interconnect"
org_id = local.org_id
billing_account = local.billing_account
folder_id = google_folder.common.id
activate_apis = ["billingbudgets.googleapis.com", "compute.googleapis.com"]

labels = {
environment = "production"
Expand All @@ -140,15 +144,16 @@ module "interconnect" {
*****************************************/

module "scc_notifications" {
source = "terraform-google-modules/project-factory/google"
version = "~> 14.0"
random_project_id = true
default_service_account = "deprivilege"
name = "${local.project_prefix}-c-scc"
org_id = local.org_id
billing_account = local.billing_account
folder_id = google_folder.common.id
activate_apis = ["logging.googleapis.com", "pubsub.googleapis.com", "securitycenter.googleapis.com", "billingbudgets.googleapis.com"]
source = "terraform-google-modules/project-factory/google"
version = "~> 14.0"
random_project_id = true
random_project_id_length = 4
default_service_account = "deprivilege"
name = "${local.project_prefix}-c-scc"
org_id = local.org_id
billing_account = local.billing_account
folder_id = google_folder.common.id
activate_apis = ["logging.googleapis.com", "pubsub.googleapis.com", "securitycenter.googleapis.com", "billingbudgets.googleapis.com"]

labels = {
environment = "production"
Expand All @@ -169,14 +174,15 @@ module "scc_notifications" {
*****************************************/

module "dns_hub" {
source = "terraform-google-modules/project-factory/google"
version = "~> 14.0"
random_project_id = true
default_service_account = "deprivilege"
name = "${local.project_prefix}-c-dns-hub"
org_id = local.org_id
billing_account = local.billing_account
folder_id = google_folder.common.id
source = "terraform-google-modules/project-factory/google"
version = "~> 14.0"
random_project_id = true
random_project_id_length = 4
default_service_account = "deprivilege"
name = "${local.project_prefix}-c-dns-hub"
org_id = local.org_id
billing_account = local.billing_account
folder_id = google_folder.common.id

activate_apis = [
"compute.googleapis.com",
Expand Down Expand Up @@ -206,15 +212,16 @@ module "dns_hub" {
*****************************************/

module "base_network_hub" {
source = "terraform-google-modules/project-factory/google"
version = "~> 14.0"
count = var.enable_hub_and_spoke ? 1 : 0
random_project_id = true
default_service_account = "deprivilege"
name = "${local.project_prefix}-c-base-net-hub"
org_id = local.org_id
billing_account = local.billing_account
folder_id = google_folder.common.id
source = "terraform-google-modules/project-factory/google"
version = "~> 14.0"
count = var.enable_hub_and_spoke ? 1 : 0
random_project_id = true
random_project_id_length = 4
default_service_account = "deprivilege"
name = "${local.project_prefix}-c-base-net-hub"
org_id = local.org_id
billing_account = local.billing_account
folder_id = google_folder.common.id

activate_apis = [
"compute.googleapis.com",
Expand Down Expand Up @@ -252,15 +259,16 @@ resource "google_project_iam_member" "network_sa_base" {
*****************************************/

module "restricted_network_hub" {
source = "terraform-google-modules/project-factory/google"
version = "~> 14.0"
count = var.enable_hub_and_spoke ? 1 : 0
random_project_id = true
default_service_account = "deprivilege"
name = "${local.project_prefix}-c-restricted-net-hub"
org_id = local.org_id
billing_account = local.billing_account
folder_id = google_folder.common.id
source = "terraform-google-modules/project-factory/google"
version = "~> 14.0"
count = var.enable_hub_and_spoke ? 1 : 0
random_project_id = true
random_project_id_length = 4
default_service_account = "deprivilege"
name = "${local.project_prefix}-c-restricted-net-hub"
org_id = local.org_id
billing_account = local.billing_account
folder_id = google_folder.common.id

activate_apis = [
"compute.googleapis.com",
Expand Down
1 change: 1 addition & 0 deletions 2-environments/modules/env_baseline/monitoring.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ module "monitoring_project" {
source = "terraform-google-modules/project-factory/google"
version = "~> 14.0"
random_project_id = true
random_project_id_length = 4
name = "${local.project_prefix}-${var.environment_code}-monitoring"
org_id = local.org_id
billing_account = local.billing_account
Expand Down
2 changes: 2 additions & 0 deletions 2-environments/modules/env_baseline/networking.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ module "base_shared_vpc_host_project" {
source = "terraform-google-modules/project-factory/google"
version = "~> 14.0"
random_project_id = true
random_project_id_length = 4
name = format("%s-%s-shared-base", local.project_prefix, var.environment_code)
org_id = local.org_id
billing_account = local.billing_account
Expand Down Expand Up @@ -55,6 +56,7 @@ module "restricted_shared_vpc_host_project" {
source = "terraform-google-modules/project-factory/google"
version = "~> 14.0"
random_project_id = true
random_project_id_length = 4
name = format("%s-%s-shared-restricted", local.project_prefix, var.environment_code)
org_id = local.org_id
billing_account = local.billing_account
Expand Down
1 change: 1 addition & 0 deletions 2-environments/modules/env_baseline/secrets.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@ module "env_secrets" {
source = "terraform-google-modules/project-factory/google"
version = "~> 14.0"
random_project_id = true
random_project_id_length = 4
default_service_account = "deprivilege"
name = "${local.project_prefix}-${var.environment_code}-secrets"
org_id = local.org_id
Expand Down
13 changes: 7 additions & 6 deletions 4-projects/modules/single_project/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,12 +46,13 @@ module "project" {
source = "terraform-google-modules/project-factory/google"
version = "~> 14.1"

random_project_id = true
activate_apis = distinct(concat(var.activate_apis, ["billingbudgets.googleapis.com"]))
name = "${var.project_prefix}-${var.business_code}-${local.env_code}-${var.project_suffix}"
org_id = var.org_id
billing_account = var.billing_account
folder_id = var.folder_id
random_project_id = true
random_project_id_length = 4
activate_apis = distinct(concat(var.activate_apis, ["billingbudgets.googleapis.com"]))
name = "${var.project_prefix}-${var.business_code}-${local.env_code}-${var.project_suffix}"
org_id = var.org_id
billing_account = var.billing_account
folder_id = var.folder_id

svpc_host_project_id = var.shared_vpc_host_project_id
shared_vpc_subnets = var.shared_vpc_subnets # Optional: To enable subnetting, replace to "module.networking_project.subnetwork_self_link"
Expand Down
13 changes: 7 additions & 6 deletions test/setup/main.tf
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/**
* Copyright 2021 Google LLC
* Copyright 2021-2022 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
Expand Down Expand Up @@ -48,11 +48,12 @@ module "project" {
source = "terraform-google-modules/project-factory/google"
version = "~> 14.0"

name = "ci-foundation-${random_string.suffix.result}"
random_project_id = true
org_id = var.org_id
folder_id = var.folder_id
billing_account = var.billing_account
name = "ci-foundation-${random_string.suffix.result}"
random_project_id = true
random_project_id_length = 4
org_id = var.org_id
folder_id = var.folder_id
billing_account = var.billing_account

activate_apis = [
"cloudresourcemanager.googleapis.com",
Expand Down

0 comments on commit dd063aa

Please sign in to comment.