All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning. This changelog is generated automatically based on Conventional Commits.
0.2.0 (2024-09-27)
- 2-multitenant: enable binauthz on AP and add test (#207) (c3ccaa1)
- 4-fleetscope: migrate to Workload Identity Federation for GKE (#191) (dfdae3f)
- 4-fleetscope: use fleet_app_operator_permissions (#209) (5e4114a)
- add app folder, remove allauthenticatedusers permissions for docker images and update local deployment docs (#221) (99e5ede)
- add backend.tf instructions and cluster service accounts output (#219) (7001a69)
- adds frontend app infra test (#108) (d0110ec)
- adds prefix at project and resources created at shared projects (#231) (b7f66f6)
- appfactory: refactor appfactory to support multiple apps and nested parallel tests (#112) (d87c954)
- appinfra: configurable envs (#154) (1e1fa2e)
- deploy with cloudbuild (#237) (099bad5)
- deps: Update Terraform Google Provider to v6 (major) (#213) (58e500e)
- first version of E2E tests (#180) (44f4ffc)
- granted cloud service mesh agent the necessary permission on ne… (#162) (73028ab)
- Input group name to fleet-scope for log viewing (#155) (8064ecf)
- module: ensure there are no external ips in the cluster nodes (#212) (030cad1)
- multitenant: add certificate (#179) (f5a31e3)
- multitenant: add NAP & AP as cluster types (#198) (31a9a7e)
- multitenant: enable security_posture, dpv2, cost_allocation (#135) (ae06552)
- multitenant: enforce private cluster control plane ip address (#214) (52edb3d)
- multitenant: make cluster project creation optional (#117) (878a63e)
- multitenant: refactor multitenant to be multi-app configurable (#148) (64e8b40)
- Refactor integration tests 5-appinfra (#169) (77263bf)
- refactor step 6 integration tests (#137) (5aa2981)
- replaced cloudsql with alloydb (#165) (27ec2d2)
- use namespaces created on fleetscope on cymbal-bank manifests (#228) (1a4991f)
- add minimum TF version requirements (#168) (cf8a456)
- add permission, clarifications, dedup (#160) (818f119)
- Adds prefix at frontend namespace (#248) (8131e86)
- deps: Update Terraform GoogleCloudPlatform/cloud-armor/google to v3 (#227) (4056964)
- deps: update terraform terraform-google-modules/cloud-storage/google to v6 (#138) (3335013)
- deps: Update Terraform terraform-google-modules/iam/google to v8 (#241) (d784d89)
- deps: update terraform terraform-google-modules/kubernetes-engine/google to v31 (#157) (0e7ed98)
- deps: Update Terraform terraform-google-modules/kubernetes-engine/google to v32 (#205) (ab8b5b4)
- deps: Update Terraform terraform-google-modules/kubernetes-engine/google to v33 (#233) (fac40bf)
- deps: Update Terraform terraform-google-modules/project-factory/google to v16 (#211) (a2fdf6e)
- deps: Update Terraform terraform-google-modules/project-factory/google to v17 (#240) (d31f750)
- deps: Update terraform-google-modules/project-factory v17 (#246) (fe09967)
- fixes for lint (#204) (7980e05)
- Fixes nonproduction name (#235) (293b5fd)
- fixes provider_metadata (#249) (92ec3ae)
- fixing production environment drift (#250) (9c1b05b)
- fleetscope: add config_sync enable (#244) (e166a00)
- fleetscope: depends on and separate poco membership (#124) (1f7df6e)
- fleetscope: serialize fleet feature enables (#177) (a510901)
- Grants metric and trace roles to k8s agent, enables metric api (#174) (7cb1d5f)
- migrate non-production to nonproduction (#190) (204a0f6)
- migrate to nonprod (#243) (6776ceb)
- multitenant: avoid 5.44.0 & 6.2.0 (#229) (91f7b9d)
- multitenant: remove unused app service accounts (#194) (a10a6e7)
- refactor 3-fleetscope, fetch remote state from 2-multitenant for variable values (#225) (e30ba1d)
- renames fleetscope and appfactory folders (#218) (3f06411)
- update team name (#216) (496368b)
- Bootstrap test integration and change in buckets creation (#41)
- 2-multitenant: initial README, tfvar, and variable object (#84) (6b28838)
- add appfactory integration tests (#59) (01dd44a)
- add cloud armor policy (#48) (b2cc1af)
- add cluster and fleet projects (#25) (841e864)
- add GKE clusters and hub memberships (#12) (7618b55)
- add integration tests 2-multitenant (#91) (2948189)
- Add multitenant integration test (#46) (b8b1c10)
- add node pool using surge strategy (#19) (25a50fc)
- add phases 2-5 (#9) (b71a3a9)
- add prerequisite VPCs and projects (#11) (626867c)
- added acm: config sync and policy controller (#31) (70200c1)
- added appfactory for other 5 apps (#79) (1038c4d)
- added ci/cd pipeline for the frontend service (#51) (7c1c50c)
- added cicd for accounts and ledger services for cymbal bank app (#69) (8bfb465)
- added cloud armor rule to block xss attack (#58) (d47ff70)
- added fleet scope and namespace (#15) (f02c26f)
- added fleet scope logging (#26) (d2ec68c)
- added gateway and asm ingress k8s resources (#65) (5034fee)
- added integration tests to the CI for the 5 other apps (#78) (13615d0)
- added k8s manifests for cymbal bank frontend (#68) (a0dda5c)
- added labels, permissions needed for service mesh, and multi cl… (#54) (0976081)
- added multiclusteringress hub feature for use by multiclustergateway (#24) (ae268bd)
- added namespace for accounts and ledger with label istio-injection (#83) (d93659f)
- added service mesh (#27) (207e2bd)
- added sql database (#72) (bc5ebec)
- added virtual service and destination rule to allow for localit… (#56) (84cff84)
- adjusted sqli cloudarmor rule sensitivity level 1 to allow for cymbal bank app (#85) (fca30d6)
- Application factory phase (#38) (2e95d39)
- Application Source phase folder (#42) (fc83bcc)
- bootstrap phase (#8) (06b47d7)
- Bootstrap test integration and change in buckets creation (#41) (6f5421e)
- cluster: enable binauthz (#36) (e6135dc)
- cluster: enabled balanced autoscaling (#34) (cb43517)
- cluster: switch to private cluster (#35) (779db70)
- create ip_address (#50) (5c2c7b9)
- create multiple namespaces with namespace_ids, one namespace per scope … (#40) (e59bb7f)
- cross_project_sa upstream (#39) (7fcc0d9)
- enable workload identity (#49) (5dd8784)
- fleetscope: add poco pss-baseline and fleet_project_id (#105) (a0ae960)
- gateway and ingress (#55) (e118ebb)
- initial fleetscope README, tfvar, and variable object (#86) (4b6cec2)
- Integration tests fleetscope (#61) (454618c)
- moved db from 2-multitenant to 5-appinfra (#96) (f197505)
- switch to release gke module (#37) (adbb4e6)
- switched to use Cymbal Bank logo and title (#76) (a1a0754)
- add stage 2 outputs (#17) (f22d434)
- appfactory: add clouddeploy api to app admin project (#114) (014b8da)
- CI: use larger collusion domain for eab_cluster_project suffix (#100) (60497b1)
- consolidate fleet into gke project (#64) (69b2a91)
- deps: Update module github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test to v0.12.0 (#14) (92d805b)
- deps: Update module github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test to v0.12.1 (#16) (6ceaaf0)
- deps: Update Terraform terraform-google-modules/kubernetes-engine/google to v30 (#18) (56c3360)
- deps: Update Terraform terraform-google-modules/project-factory/google to v15 (#118) (7aafd39)
- fleetscope: prevent possible race condition (#106) (2a7637f)
- only create a single cluster in dev (#23) (846f68e)
- provider_meta and test boilerplate (#6) (646dc9f)
- use google_project_service_identity for servicemesh sa (#66) (1964445)
0.1.0 - 20XX-YY-ZZ
- Initial release