foundation-deployer

command module

v0.0.0-...-5e11853 Latest Latest Go to latest Published: Apr 30, 2024 License: Apache-2.0 Imports: 13 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/terraform-google-modules/terraform-example-foundation

README ¶

Terraform Example Foundation deploy helper

Helper tool to deploy the Terraform example foundation using Cloud Build and Cloud Source repositories.

Usage

Requirements

Go 1.18+
Google Cloud SDK version 393.0.0+
Git version 2.28.0+
Terraform version 1.3.0+
See 0-bootstrap README for additional IAM requirements on the user deploying the Foundation.

Validate required tools

Check if required tools, Go 1.21.0+, Terraform 1.3.0+, gcloud 393.0.0+, and Git 2.28.0+, are installed:
```
go version

terraform -version

gcloud --version

git --version
```

check if required components of gcloud are installed:

gcloud components list --filter="id=beta OR id=terraform-tools"

Follow the instructions in the output of the command if components beta and terraform-tools are not installed to install them.

Prepare the deploy environment

Create a directory in the file system to host the Cloud Source repositories the will be created and a copy of the terraform example foundation.
Clone the terraform-example-foundation repository on this directory.
```
deploy-directory/
└── terraform-example-foundation
```

Copy the file global.tfvars.example as global.tfvars to the same directory.

deploy-directory/
└── global.tfvars
└── terraform-example-foundation

Update global.tfvars with values from your environment.
The 0-bootstrap README prerequisites section has additional prerequisites needed to run this helper.
Variable code_checkout_path is the full path to deploy-directory directory.
Variable foundation_code_path is the full path to terraform-example-foundation directory.
See the READMEs for the stages for additional information:

Location

By default the foundation regional resources are deployed in us-west1 and us-central1 regions and multi-regional resources are deployed in the US multi-region.

In addition to the variables declared in the file global.tfvars for configuring location, there are two locals, default_region1 and default_region2, in each one of the environments (production, nonproduction, and development) in the network steps (3-networks-dual-svpc and 3-networks-hub-and-spoke). They are located in the main.tf files for each environments. Change the two locals before starting the deployment to deploy in other regions.

Note: the region used for the variable default_region in the file global.tfvars MUST be one of the regions used for the default_region1 and default_region2 locals.

Application default credentials

Set the billing quota project in the gcloud configuration

gcloud config set billing/quota_project <QUOTA-PROJECT>

gcloud services enable \
"cloudresourcemanager.googleapis.com" \
"iamcredentials.googleapis.com" \
"cloudbuild.googleapis.com" \
"securitycenter.googleapis.com" \
"accesscontextmanager.googleapis.com" \
--project <QUOTA-PROJECT>

Configure Application Default Credentials
```
gcloud auth application-default login
```

Run the helper

Install the helper:
```
go install
```
Validate the tfvars file. If you configured a validator_project_id in the global.tfvars file the validate flag will do additional checks for the Secure Command Center notification name and for the Tag Key name. For these extra check you need at least the roles Security Center Notification Configurations Viewer (roles/securitycenter.notificationConfigViewer) and Tag Viewer (roles/resourcemanager.tagViewer):
```
$HOME/go/bin/foundation-deployer -tfvars_file <PATH TO 'global.tfvars' FILE> -validate
```

Run the helper:

$HOME/go/bin/foundation-deployer -tfvars_file <PATH TO 'global.tfvars' FILE>

To Suppress additional output use:

$HOME/go/bin/foundation-deployer -tfvars_file <PATH TO 'global.tfvars' FILE> -quiet

To destroy the deployment run:

$HOME/go/bin/foundation-deployer -tfvars_file <PATH TO 'global.tfvars' FILE> -destroy

After deployment:

deploy-directory/
└── bu1-example-app
└── gcp-bootstrap
└── gcp-environments
└── gcp-networks
└── gcp-org
└── gcp-policies
└── gcp-policies-app-infra
└── gcp-projects
└── global.tfvars
└── terraform-example-foundation

Supported flags

  -tfvars_file file
        Full path to the Terraform .tfvars file with the configuration to be used.
  -steps_file file
        Path to the steps file to be used to save progress. (default ".steps.json")
  -list_steps
        List the existing steps.
  -reset_step step
        Name of a step to be reset. The step will be marked as pending.
  -validate
        Validate tfvars file inputs
  -quiet
        If true, additional output is suppressed.
  -disable_prompt
        Disable interactive prompt.
  -destroy
        Destroy the deployment.
  -help
        Prints this help text and exits.

Troubleshooting

See troubleshooting if you run into issues during this deploy.

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

main.go

Directories ¶

Path	Synopsis
gcp
msg
stages
steps
utils

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL