Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

#446 - Draft: gh446-hub to main diff only for #611 clean org hub-env/fortigate cluster deploy - script moved to #766 - no merge #612

Closed
wants to merge 27 commits into from
Closed

#446 - Draft: gh446-hub to main diff only for #611 clean org hub-env/fortigate cluster deploy - script moved to #766 - no merge #612

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
27 commits
Select commit Hold shift + click to select a range
6bb75fd
#446 - clz setters.yaml (#566)
obriensystems Oct 19, 2023
b9d696d
#446 - add setup.sh lz automation script stub (#567)
obriensystems Oct 20, 2023
4cc193b
#446 - cluster/lz delete added (#569)
obriensystems Oct 20, 2023
2705eba
#446 - fix hub-env missing org-id (#575)
obriensystems Oct 20, 2023
d207392
#446 - chmod 777 (#576)
obriensystems Oct 21, 2023
c1df6b5
#446 - lz delete script adjust (#582)
obriensystems Oct 21, 2023
dc17544
#446 - adjust proj delete (#585)
obriensystems Oct 21, 2023
33ad188
#446 - automated setters.yaml (#589)
obriensystems Oct 22, 2023
8a33ac7
#446 - testing automated setters (#592)
obriensystems Oct 22, 2023
fd4e10a
#446 - completed setters.yaml automation (#594)
obriensystems Oct 22, 2023
759b998
#466 - start hub-env automation - pre test (#597)
obriensystems Oct 23, 2023
d422fa4
#446 - fix 596 hardcoded hub-env/project (#598)
obriensystems Oct 23, 2023
7cdb148
#446 - fix 599 missing management-namespace setters.yaml var (#600)
obriensystems Oct 24, 2023
017ad6e
#446 - fix 599 management-namespace for hub service account kpt-set 1…
obriensystems Oct 24, 2023
af0902a
#466 - update kpt destroy (#605)
obriensystems Oct 24, 2023
df7f0ce
#625 - N2_CPUS quota of 8 requires fortigate management vm to use e2-…
obriensystems Oct 27, 2023
11efcac
#446 - merge main
fmichaelobrien Oct 27, 2023
5e67b93
#446 - rebase main 20231117
fmichaelobrien Nov 17, 2023
5bf8532
#710 - #446 - add gke enterprise anthos service enablement (#711)
obriensystems Nov 21, 2023
928f7f3
Merge branch 'main' into gh446-hub
fmichaelobrien Nov 23, 2023
7dbbeba
#446 - LINT - add vars.sh export (#720)
obriensystems Nov 23, 2023
0ba1d20
#446 - LINT: double management-project-id (#721)
obriensystems Nov 23, 2023
b8773c4
#446 - lint warning (#725)
obriensystems Nov 23, 2023
6d1e884
#446 - LINT remove unused export causing warnings (#726)
obriensystems Nov 23, 2023
8aaee84
#446 - remove last LINT warning - unused email (#727)
obriensystems Nov 23, 2023
7ea1d36
Merge branch 'main' into gh446-hub
obriensystems Nov 28, 2023
090013c
add KCC_PROJECT_ID in case gke up w/o clz (#745)
obriensystems Nov 28, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions docs/landing-zone-v2/onboarding-hub.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
# Hub Environment Onboarding
2 changes: 1 addition & 1 deletion solutions/project/hub-env/fortigate/service-account.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ apiVersion: iam.cnrm.cloud.google.com/v1beta1
kind: IAMPolicyMember
metadata:
name: fortigatesdn-sa-fortigatesdnviewer-role-permissions
namespace: config-control # kpt-set: ${management-namespace}
namespace: networking
annotations:
cnrm.cloud.google.com/project-id: hub-project-id # kpt-set: ${hub-project-id}
cnrm.cloud.google.com/ignore-clusterless: "true"
Expand Down
5 changes: 4 additions & 1 deletion solutions/project/hub-env/setters.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ metadata:
annotations:
config.kubernetes.io/local-config: "true"
data:
# Organization ID
# Organization ID see usage in the custom-role.yaml
org-id: "123456789012"
# Billing Account ID to be associated with this project
project-billing-id: "AAAAAA-BBBBBB-CCCCCC"
Expand All @@ -18,6 +18,9 @@ data:
management-project-id: management-project-id
# Identity that should be allowed to access the management VM using IAP TCP forwarding
# https://cloud.google.com/iap/docs/using-tcp-forwarding
# keep config-control as the default
management-namespace: config-control
# Identity that should be allowed to access the management VM using IAP TCP forwarding
hub-admin: group:group@domain.com
#################
# Org Policies
Expand Down
Loading