From 36c20c0cf1581e32a2fcba29f5dae6301cafc3d4 Mon Sep 17 00:00:00 2001 From: abhishek kumar tiwari Date: Thu, 2 Jan 2025 12:24:40 +0000 Subject: [PATCH 01/13] fix: use less privilege roles for ci service account (#264) --- metadata.yaml | 7 +- modules/memcache/metadata.yaml | 78 +++++++++-------- modules/redis-cluster/metadata.yaml | 84 ++++++++++-------- modules/valkey/metadata.yaml | 130 +++++++++++++++------------- test/setup/iam.tf | 6 +- test/setup/main.tf | 1 + 6 files changed, 172 insertions(+), 134 deletions(-) diff --git a/metadata.yaml b/metadata.yaml index e08df17..f2e6f5b 100644 --- a/metadata.yaml +++ b/metadata.yaml @@ -195,7 +195,11 @@ spec: roles: - level: Project roles: - - roles/owner + - roles/memorystore.admin + - roles/redis.admin + - roles/memcache.admin + - roles/compute.networkAdmin + - roles/resourcemanager.projectIamAdmin services: - cloudresourcemanager.googleapis.com - serviceusage.googleapis.com @@ -204,6 +208,7 @@ spec: - serviceconsumermanagement.googleapis.com - networkconnectivity.googleapis.com - compute.googleapis.com + - memorystore.googleapis.com providerVersions: - source: hashicorp/google version: ">= 4.74.0, < 7" diff --git a/modules/memcache/metadata.yaml b/modules/memcache/metadata.yaml index 9ede930..6c18006 100644 --- a/modules/memcache/metadata.yaml +++ b/modules/memcache/metadata.yaml @@ -46,24 +46,53 @@ spec: location: examples/valkey interfaces: variables: + - name: region + description: The GCP region to use. + varType: string + required: true + - name: project_id + description: The ID of the project in which the resource belongs to. + varType: string + required: true + - name: enable_apis + description: Flag for enabling memcache.googleapis.com in your project + varType: bool + defaultValue: true + - name: name + description: The ID of the instance or a fully qualified identifier for the instance. + varType: string + required: true + - name: memcache_version + description: The major version of Memcached software. + varType: string - name: authorized_network description: The full name of the Google Compute Engine network to which the instance is connected. If left unspecified, the default network will be used. varType: string + - name: node_count + description: Number of nodes in the memcache instance. + varType: number + defaultValue: 1 - name: cpu_count description: Number of CPUs per node varType: number defaultValue: 1 + - name: memory_size_mb + description: Memcache memory size in MiB. Defaulted to 1024 + varType: number + defaultValue: 1024 + - name: zones + description: Zones where memcache nodes should be provisioned. If not provided, all zones will be used. + varType: list(string) - name: display_name description: An arbitrary and optional user-provided name for the instance. varType: string - - name: enable_apis - description: Flag for enabling memcache.googleapis.com in your project - varType: bool - defaultValue: true - name: labels description: The resource labels to represent user provided metadata. varType: map(string) defaultValue: {} + - name: params + description: Parameters for the memcache process + varType: map(string) - name: maintenance_policy description: The maintenance policy for an instance. varType: |- @@ -77,35 +106,6 @@ spec: nanos = number }) }) - - name: memcache_version - description: The major version of Memcached software. - varType: string - - name: memory_size_mb - description: Memcache memory size in MiB. Defaulted to 1024 - varType: number - defaultValue: 1024 - - name: name - description: The ID of the instance or a fully qualified identifier for the instance. - varType: string - required: true - - name: node_count - description: Number of nodes in the memcache instance. - varType: number - defaultValue: 1 - - name: params - description: Parameters for the memcache process - varType: map(string) - - name: project_id - description: The ID of the project in which the resource belongs to. - varType: string - required: true - - name: region - description: The GCP region to use. - varType: string - required: true - - name: zones - description: Zones where memcache nodes should be provisioned. If not provided, all zones will be used. - varType: list(string) outputs: - name: discovery description: The memorystore discovery endpoint. @@ -119,7 +119,11 @@ spec: roles: - level: Project roles: - - roles/owner + - roles/memorystore.admin + - roles/redis.admin + - roles/memcache.admin + - roles/compute.networkAdmin + - roles/resourcemanager.projectIamAdmin services: - cloudresourcemanager.googleapis.com - serviceusage.googleapis.com @@ -128,3 +132,9 @@ spec: - serviceconsumermanagement.googleapis.com - networkconnectivity.googleapis.com - compute.googleapis.com + - memorystore.googleapis.com + providerVersions: + - source: hashicorp/google + version: ">= 4.23.0, < 7" + - source: hashicorp/google-beta + version: ">= 4.23.0, < 7" diff --git a/modules/redis-cluster/metadata.yaml b/modules/redis-cluster/metadata.yaml index 654afaa..f15cc9a 100644 --- a/modules/redis-cluster/metadata.yaml +++ b/modules/redis-cluster/metadata.yaml @@ -46,52 +46,42 @@ spec: location: examples/valkey interfaces: variables: - - name: authorization_mode - description: "The authorization mode of the Redis cluster. If not provided, auth feature is disabled for the cluster. Default value is AUTH_MODE_DISABLED. Possible values are: AUTH_MODE_UNSPECIFIED, AUTH_MODE_IAM_AUTH, AUTH_MODE_DISABLED" - varType: string - defaultValue: AUTH_MODE_DISABLED - - name: deletion_protection_enabled - description: " Indicates if the cluster is deletion protected or not. If the value if set to true, any delete cluster operation will fail. Default value is true" - varType: bool - defaultValue: true - - name: enable_apis - description: Flag for enabling memcache.googleapis.com in your project - varType: bool - defaultValue: true - name: name description: The ID of the instance or a fully qualified identifier for the instance. must be 1 to 63 characters and use only lowercase letters, numbers, or hyphens. It must start with a lowercase letter and end with a lowercase letter or number varType: string required: true - - name: network - description: List of consumer network where the network address of the discovery endpoint will be reserved, in the form of projects/{network_project_id_or_number}/global/networks/{network_id}. Currently, only one item is supported - varType: list(string) - required: true - - name: node_type - description: "The nodeType for the Redis cluster. If not provided, REDIS_HIGHMEM_MEDIUM will be used as default Possible values are: REDIS_SHARED_CORE_NANO, REDIS_HIGHMEM_MEDIUM, REDIS_HIGHMEM_XLARGE, REDIS_STANDARD_SMALL." - varType: string - name: project_id description: The ID of the project in which the resource belongs to. varType: string required: true - - name: redis_configs - description: Configure Redis Cluster behavior using a subset of native Redis configuration parameters - varType: |- - object({ - maxmemory-clients = optional(string) - maxmemory = optional(string) - maxmemory-policy = optional(string) - notify-keyspace-events = optional(string) - slowlog-log-slower-than = optional(number) - maxclients = optional(number) - }) - name: region description: The name of the region of the Redis cluster varType: string required: true + - name: enable_apis + description: Flag for enabling memcache.googleapis.com in your project + varType: bool + defaultValue: true + - name: shard_count + description: Required. Number of shards for the Redis cluster. The minimum number of shards in a Memorystore cluster is 3 shards + varType: number + defaultValue: 3 - name: replica_count description: The number of replica nodes per shard. Each shard can have 0, 1, or 2 replica nodes. Replicas provide high availability and additional read throughput, and are evenly distributed across zones varType: number defaultValue: 0 + - name: transit_encryption_mode + description: "The in-transit encryption for the Redis cluster. If not provided, encryption is disabled for the cluster. Default value is TRANSIT_ENCRYPTION_MODE_DISABLED. Possible values are: TRANSIT_ENCRYPTION_MODE_UNSPECIFIED, TRANSIT_ENCRYPTION_MODE_DISABLED, TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION" + varType: string + defaultValue: TRANSIT_ENCRYPTION_MODE_DISABLED + - name: authorization_mode + description: "The authorization mode of the Redis cluster. If not provided, auth feature is disabled for the cluster. Default value is AUTH_MODE_DISABLED. Possible values are: AUTH_MODE_UNSPECIFIED, AUTH_MODE_IAM_AUTH, AUTH_MODE_DISABLED" + varType: string + defaultValue: AUTH_MODE_DISABLED + - name: network + description: List of consumer network where the network address of the discovery endpoint will be reserved, in the form of projects/{network_project_id_or_number}/global/networks/{network_id}. Currently, only one item is supported + varType: list(string) + required: true - name: service_connection_policies description: The Service Connection Policies to create varType: |- @@ -104,14 +94,20 @@ spec: labels = optional(map(string), {}) })) defaultValue: {} - - name: shard_count - description: Required. Number of shards for the Redis cluster. The minimum number of shards in a Memorystore cluster is 3 shards - varType: number - defaultValue: 3 - - name: transit_encryption_mode - description: "The in-transit encryption for the Redis cluster. If not provided, encryption is disabled for the cluster. Default value is TRANSIT_ENCRYPTION_MODE_DISABLED. Possible values are: TRANSIT_ENCRYPTION_MODE_UNSPECIFIED, TRANSIT_ENCRYPTION_MODE_DISABLED, TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION" + - name: node_type + description: "The nodeType for the Redis cluster. If not provided, REDIS_HIGHMEM_MEDIUM will be used as default Possible values are: REDIS_SHARED_CORE_NANO, REDIS_HIGHMEM_MEDIUM, REDIS_HIGHMEM_XLARGE, REDIS_STANDARD_SMALL." varType: string - defaultValue: TRANSIT_ENCRYPTION_MODE_DISABLED + - name: redis_configs + description: Configure Redis Cluster behavior using a subset of native Redis configuration parameters + varType: |- + object({ + maxmemory-clients = optional(string) + maxmemory = optional(string) + maxmemory-policy = optional(string) + notify-keyspace-events = optional(string) + slowlog-log-slower-than = optional(number) + maxclients = optional(number) + }) - name: zone_distribution_config_mode description: "The mode for zone distribution for Memorystore Redis cluster (Immutable). If not provided, MULTI_ZONE will be used as default value. Possible values are: MULTI_ZONE, SINGLE_ZONE" varType: string @@ -119,6 +115,10 @@ spec: - name: zone_distribution_config_zone description: The zone for single zone Memorystore Redis cluster (Immutable) varType: string + - name: deletion_protection_enabled + description: " Indicates if the cluster is deletion protected or not. If the value if set to true, any delete cluster operation will fail. Default value is true" + varType: bool + defaultValue: true outputs: - name: discovery_endpoints description: Endpoints created on each given network, for Redis clients to connect to the cluster. Currently only one endpoint is supported @@ -132,7 +132,11 @@ spec: roles: - level: Project roles: - - roles/owner + - roles/memorystore.admin + - roles/redis.admin + - roles/memcache.admin + - roles/compute.networkAdmin + - roles/resourcemanager.projectIamAdmin services: - cloudresourcemanager.googleapis.com - serviceusage.googleapis.com @@ -141,3 +145,7 @@ spec: - serviceconsumermanagement.googleapis.com - networkconnectivity.googleapis.com - compute.googleapis.com + - memorystore.googleapis.com + providerVersions: + - source: hashicorp/google + version: ">= 6.0, < 7" diff --git a/modules/valkey/metadata.yaml b/modules/valkey/metadata.yaml index 6f7b05c..9df7376 100644 --- a/modules/valkey/metadata.yaml +++ b/modules/valkey/metadata.yaml @@ -46,18 +46,77 @@ spec: location: examples/valkey interfaces: variables: + - name: project_id + description: The ID of the project in which the resource belongs to. + varType: string + required: true + - name: instance_id + description: The ID to use for the instance, which will become the final component of the instance's resource name. Must be 4-63 characters in length with lowercase letters, digits, and hyphens. Must not end with a hyphen. Must be unique within a location + varType: string + required: true + - name: shard_count + description: Number of shards for the instance + varType: number + defaultValue: 3 + - name: location + description: The region where valkey cluster will be created + varType: string + required: true + - name: labels + description: The resource labels to represent user provided metadata. + varType: map(string) + defaultValue: {} + - name: replica_count + description: Number of replica nodes per shard. If omitted the default is 0 replicas + varType: number + defaultValue: 0 - name: authorization_mode description: "The Immutable. Authorization mode of the instance. Possible values: AUTH_DISABLED IAM_AUTH" varType: string defaultValue: AUTH_DISABLED + - name: transit_encryption_mode + description: "Immutable. In-transit encryption mode of the instance. Possible values: TRANSIT_ENCRYPTION_DISABLED SERVER_AUTHENTICATION" + varType: string + defaultValue: TRANSIT_ENCRYPTION_DISABLED + - name: node_type + description: "The nodeType for the valkey cluster. Possible values are: SHARED_CORE_NANO, HIGHMEM_MEDIUM, HIGHMEM_XLARGE, STANDARD_SMALL" + varType: string - name: deletion_protection_enabled description: If set to true deletion of the instance will fail varType: bool defaultValue: true + - name: zone_distribution_config_mode + description: "The mode for zone distribution for Memorystore valkey cluster (Immutable). If not provided, MULTI_ZONE will be used as default value. Possible values are: MULTI_ZONE, SINGLE_ZONE" + varType: string + defaultValue: MULTI_ZONE + - name: zone_distribution_config_zone + description: The zone for single zone Memorystore valkey cluster (Immutable) + varType: string + - name: engine_version + description: Immutable. Engine version of the instance + varType: string + defaultValue: VALKEY_8_0 - name: enable_apis description: Flag for enabling memcache.googleapis.com in your project varType: bool defaultValue: false + - name: network + description: Name of the consumer network where the network address of the discovery endpoint will be reserved + varType: string + required: true + - name: network_project + description: project ID of the consumer network where the network address of the discovery endpoint will be reserved. Required for Shared VPC host + varType: string + - name: service_connection_policies + description: The Service Connection Policies to create. Required to create service connection policy. Not needed if service connection policy already exist + varType: |- + map(object({ + subnet_names = list(string) + description = optional(string) + limit = optional(number) + labels = optional(map(string), {}) + })) + defaultValue: {} - name: engine_configs description: User-provided engine configurations for the instance varType: |- @@ -69,32 +128,6 @@ spec: slowlog-log-slower-than = optional(number) maxclients = optional(number) }) - - name: engine_version - description: Immutable. Engine version of the instance - varType: string - defaultValue: VALKEY_8_0 - - name: instance_id - description: The ID to use for the instance, which will become the final component of the instance's resource name. Must be 4-63 characters in length with lowercase letters, digits, and hyphens. Must not end with a hyphen. Must be unique within a location - varType: string - required: true - - name: labels - description: The resource labels to represent user provided metadata. - varType: map(string) - defaultValue: {} - - name: location - description: The region where valkey cluster will be created - varType: string - required: true - - name: network - description: Name of the consumer network where the network address of the discovery endpoint will be reserved - varType: string - required: true - - name: network_project - description: project ID of the consumer network where the network address of the discovery endpoint will be reserved. Required for Shared VPC host - varType: string - - name: node_type - description: "The nodeType for the valkey cluster. Possible values are: SHARED_CORE_NANO, HIGHMEM_MEDIUM, HIGHMEM_XLARGE, STANDARD_SMALL" - varType: string - name: persistence_config description: User-provided persistence configurations for the instance varType: |- @@ -109,39 +142,6 @@ spec: }), null) }) defaultValue: {} - - name: project_id - description: The ID of the project in which the resource belongs to. - varType: string - required: true - - name: replica_count - description: Number of replica nodes per shard. If omitted the default is 0 replicas - varType: number - defaultValue: 0 - - name: service_connection_policies - description: The Service Connection Policies to create. Required to create service connection policy. Not needed if service connection policy already exist - varType: |- - map(object({ - subnet_names = list(string) - description = optional(string) - limit = optional(number) - labels = optional(map(string), {}) - })) - defaultValue: {} - - name: shard_count - description: Number of shards for the instance - varType: number - defaultValue: 3 - - name: transit_encryption_mode - description: "Immutable. In-transit encryption mode of the instance. Possible values: TRANSIT_ENCRYPTION_DISABLED SERVER_AUTHENTICATION" - varType: string - defaultValue: TRANSIT_ENCRYPTION_DISABLED - - name: zone_distribution_config_mode - description: "The mode for zone distribution for Memorystore valkey cluster (Immutable). If not provided, MULTI_ZONE will be used as default value. Possible values are: MULTI_ZONE, SINGLE_ZONE" - varType: string - defaultValue: MULTI_ZONE - - name: zone_distribution_config_zone - description: The zone for single zone Memorystore valkey cluster (Immutable) - varType: string outputs: - name: discovery_endpoints description: Endpoints created on each given network, for valkey clients to connect to the cluster. Currently only one endpoint is supported @@ -155,7 +155,11 @@ spec: roles: - level: Project roles: - - roles/owner + - roles/memorystore.admin + - roles/redis.admin + - roles/memcache.admin + - roles/compute.networkAdmin + - roles/resourcemanager.projectIamAdmin services: - cloudresourcemanager.googleapis.com - serviceusage.googleapis.com @@ -164,3 +168,9 @@ spec: - serviceconsumermanagement.googleapis.com - networkconnectivity.googleapis.com - compute.googleapis.com + - memorystore.googleapis.com + providerVersions: + - source: hashicorp/google + version: ">= 6.3, < 7" + - source: hashicorp/google-beta + version: ">= 6.3, < 7" diff --git a/test/setup/iam.tf b/test/setup/iam.tf index aaeacac..a7baf49 100644 --- a/test/setup/iam.tf +++ b/test/setup/iam.tf @@ -16,7 +16,11 @@ locals { int_required_roles = [ - "roles/owner" + "roles/memorystore.admin", + "roles/redis.admin", + "roles/memcache.admin", + "roles/compute.networkAdmin", + "roles/resourcemanager.projectIamAdmin" ] } diff --git a/test/setup/main.tf b/test/setup/main.tf index 4eb6640..330aea4 100644 --- a/test/setup/main.tf +++ b/test/setup/main.tf @@ -34,6 +34,7 @@ module "project" { "serviceconsumermanagement.googleapis.com", "networkconnectivity.googleapis.com", "compute.googleapis.com", + "memorystore.googleapis.com", ] } From 240dc5540c9cb2097d1b2cb0419b2540fd3c6d51 Mon Sep 17 00:00:00 2001 From: CFT Bot Date: Fri, 3 Jan 2025 15:50:56 -0800 Subject: [PATCH 02/13] chore: update CODEOWNERS From 1ae48afffaa0c49e4eee93eee3f46fc68d3dba3e Mon Sep 17 00:00:00 2001 From: CFT Bot Date: Fri, 3 Jan 2025 15:50:58 -0800 Subject: [PATCH 03/13] chore: update .github/trusted-contribution.yml From ac990435f83575cee25ce529b4b92d23e84205e4 Mon Sep 17 00:00:00 2001 From: CFT Bot Date: Fri, 3 Jan 2025 15:52:33 -0800 Subject: [PATCH 04/13] chore: update .github/conventional-commit-lint.yaml From 156b75712d120df3d6444c50ea2ed0d197f86215 Mon Sep 17 00:00:00 2001 From: CFT Bot Date: Fri, 3 Jan 2025 15:52:48 -0800 Subject: [PATCH 05/13] chore: update .github/renovate.json From 48b6b018f9804ec02a8b5ef60556c65ff38a6c26 Mon Sep 17 00:00:00 2001 From: CFT Bot Date: Fri, 3 Jan 2025 15:53:02 -0800 Subject: [PATCH 06/13] chore: update .github/workflows/stale.yml From 8878da78c7db24e5acb393fc11a92dc56e74ad2b Mon Sep 17 00:00:00 2001 From: CFT Bot Date: Fri, 3 Jan 2025 15:53:29 -0800 Subject: [PATCH 07/13] chore: update .github/workflows/lint.yaml --- .github/workflows/lint.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml index ef3d95b..638dd91 100644 --- a/.github/workflows/lint.yaml +++ b/.github/workflows/lint.yaml @@ -21,7 +21,7 @@ on: workflow_dispatch: pull_request: branches: - - master + - main concurrency: group: '${{ github.workflow }}-${{ github.head_ref || github.ref }}' From b6d9cbb7a3bc5d247d04524741ea592dfbac0616 Mon Sep 17 00:00:00 2001 From: CFT Bot Date: Fri, 3 Jan 2025 17:10:24 -0800 Subject: [PATCH 08/13] chore: update .github/trusted-contribution.yml --- .github/trusted-contribution.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/trusted-contribution.yml b/.github/trusted-contribution.yml index a3b4ff2..ae57820 100644 --- a/.github/trusted-contribution.yml +++ b/.github/trusted-contribution.yml @@ -1,4 +1,4 @@ -# Copyright 2023 Google LLC +# Copyright 2023-2025 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,7 +13,7 @@ # limitations under the License. # NOTE: This file is automatically generated from: -# https://github.com/GoogleCloudPlatform/cloud-foundation-toolkit/blob/master/infra/terraform/test-org/github +# https://github.com/GoogleCloudPlatform/cloud-foundation-toolkit/blob/main/infra/terraform/test-org/github annotations: - type: comment From 082f5f9cf4aee9dc6cb03ed6f97ab0623ff030c9 Mon Sep 17 00:00:00 2001 From: CFT Bot Date: Fri, 3 Jan 2025 17:14:11 -0800 Subject: [PATCH 09/13] chore: update .github/workflows/lint.yaml --- .github/workflows/lint.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml index 638dd91..b24662a 100644 --- a/.github/workflows/lint.yaml +++ b/.github/workflows/lint.yaml @@ -1,4 +1,4 @@ -# Copyright 2023 Google LLC +# Copyright 2023-2025 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,7 +13,7 @@ # limitations under the License. # NOTE: This file is automatically generated from values at: -# https://github.com/GoogleCloudPlatform/cloud-foundation-toolkit/blob/master/infra/terraform/test-org/org/locals.tf +# https://github.com/GoogleCloudPlatform/cloud-foundation-toolkit/blob/main/infra/terraform/test-org/org/locals.tf name: 'lint' From 55243e1ad5cc46f7691f99c2c8337a084055ad7b Mon Sep 17 00:00:00 2001 From: CFT Bot Date: Fri, 3 Jan 2025 17:15:20 -0800 Subject: [PATCH 10/13] chore: update .github/workflows/stale.yml --- .github/workflows/stale.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 34a5677..d04506e 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -1,4 +1,4 @@ -# Copyright 2022-2024 Google LLC +# Copyright 2022-2025 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,7 +13,7 @@ # limitations under the License. # NOTE: This file is automatically generated from: -# https://github.com/GoogleCloudPlatform/cloud-foundation-toolkit/blob/master/infra/terraform/test-org/github +# https://github.com/GoogleCloudPlatform/cloud-foundation-toolkit/blob/main/infra/terraform/test-org/github name: "Close stale issues" on: From a21a9068f99aed4552c3df16e3d66b7e134b8e85 Mon Sep 17 00:00:00 2001 From: CFT Bot Date: Fri, 3 Jan 2025 17:18:05 -0800 Subject: [PATCH 11/13] chore: update CODEOWNERS --- CODEOWNERS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CODEOWNERS b/CODEOWNERS index 78ebf14..12f349f 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -1,5 +1,5 @@ # NOTE: This file is automatically generated from values at: -# https://github.com/GoogleCloudPlatform/cloud-foundation-toolkit/blob/master/infra/terraform/test-org/org/locals.tf +# https://github.com/GoogleCloudPlatform/cloud-foundation-toolkit/blob/main/infra/terraform/test-org/org/locals.tf * @terraform-google-modules/cft-admins @imrannayer @q2w From 966c17c67b618e26f0eeed8257de002e348cf134 Mon Sep 17 00:00:00 2001 From: CFT Bot Date: Fri, 3 Jan 2025 17:19:29 -0800 Subject: [PATCH 12/13] chore: update .github/conventional-commit-lint.yaml --- .github/conventional-commit-lint.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/conventional-commit-lint.yaml b/.github/conventional-commit-lint.yaml index ee8e163..b1d8d8b 100644 --- a/.github/conventional-commit-lint.yaml +++ b/.github/conventional-commit-lint.yaml @@ -1,4 +1,4 @@ -# Copyright 2022-2023 Google LLC +# Copyright 2022-2025 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -13,7 +13,7 @@ # limitations under the License. # NOTE: This file is automatically generated from: -# https://github.com/GoogleCloudPlatform/cloud-foundation-toolkit/blob/master/infra/terraform/test-org/github +# https://github.com/GoogleCloudPlatform/cloud-foundation-toolkit/blob/main/infra/terraform/test-org/github enabled: true always_check_pr_title: true From 63382090b5a80af6f86c1009e0a6ed69731ebc78 Mon Sep 17 00:00:00 2001 From: "release-please[bot]" <55107282+release-please[bot]@users.noreply.github.com> Date: Tue, 7 Jan 2025 17:55:26 +0530 Subject: [PATCH 13/13] chore(main): release 13.0.1 (#267) Co-authored-by: release-please[bot] <55107282+release-please[bot]@users.noreply.github.com> --- CHANGELOG.md | 7 +++++++ metadata.yaml | 2 +- modules/memcache/metadata.yaml | 2 +- modules/memcache/versions.tf | 4 ++-- modules/redis-cluster/metadata.yaml | 2 +- modules/redis-cluster/versions.tf | 4 ++-- modules/valkey/metadata.yaml | 2 +- modules/valkey/versions.tf | 4 ++-- versions.tf | 2 +- 9 files changed, 18 insertions(+), 11 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0f973a8..0251443 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,13 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/) and this project adheres to [Semantic Versioning](http://semver.org/). +## [13.0.1](https://github.com/terraform-google-modules/terraform-google-memorystore/compare/v13.0.0...v13.0.1) (2025-01-04) + + +### Bug Fixes + +* use less privilege roles for ci service account ([#264](https://github.com/terraform-google-modules/terraform-google-memorystore/issues/264)) ([36c20c0](https://github.com/terraform-google-modules/terraform-google-memorystore/commit/36c20c0cf1581e32a2fcba29f5dae6301cafc3d4)) + ## [13.0.0](https://github.com/terraform-google-modules/terraform-google-memorystore/compare/v12.0.1...v13.0.0) (2024-12-17) diff --git a/metadata.yaml b/metadata.yaml index f2e6f5b..68d2463 100644 --- a/metadata.yaml +++ b/metadata.yaml @@ -24,7 +24,7 @@ spec: source: repo: https://github.com/terraform-google-modules/terraform-google-memorystore.git sourceType: git - version: 13.0.0 + version: 13.0.1 actuationTool: flavor: Terraform version: ">= 1.3" diff --git a/modules/memcache/metadata.yaml b/modules/memcache/metadata.yaml index 6c18006..c464a40 100644 --- a/modules/memcache/metadata.yaml +++ b/modules/memcache/metadata.yaml @@ -25,7 +25,7 @@ spec: repo: https://github.com/terraform-google-modules/terraform-google-memorystore.git sourceType: git dir: /modules/memcache - version: 13.0.0 + version: 13.0.1 actuationTool: flavor: Terraform version: ">= 1.3" diff --git a/modules/memcache/versions.tf b/modules/memcache/versions.tf index b19cfa3..130b6e0 100644 --- a/modules/memcache/versions.tf +++ b/modules/memcache/versions.tf @@ -29,11 +29,11 @@ terraform { } provider_meta "google" { - module_name = "blueprints/terraform/terraform-google-memorystore:memcache/v13.0.0" + module_name = "blueprints/terraform/terraform-google-memorystore:memcache/v13.0.1" } provider_meta "google-beta" { - module_name = "blueprints/terraform/terraform-google-memorystore:memcache/v13.0.0" + module_name = "blueprints/terraform/terraform-google-memorystore:memcache/v13.0.1" } } diff --git a/modules/redis-cluster/metadata.yaml b/modules/redis-cluster/metadata.yaml index f15cc9a..a0e0cce 100644 --- a/modules/redis-cluster/metadata.yaml +++ b/modules/redis-cluster/metadata.yaml @@ -25,7 +25,7 @@ spec: repo: https://github.com/terraform-google-modules/terraform-google-memorystore.git sourceType: git dir: /modules/redis-cluster - version: 13.0.0 + version: 13.0.1 actuationTool: flavor: Terraform version: ">= 1.3" diff --git a/modules/redis-cluster/versions.tf b/modules/redis-cluster/versions.tf index ff198f6..7a2aafd 100644 --- a/modules/redis-cluster/versions.tf +++ b/modules/redis-cluster/versions.tf @@ -25,11 +25,11 @@ terraform { } provider_meta "google" { - module_name = "blueprints/terraform/terraform-google-memorystore:redis-cluster/v13.0.0" + module_name = "blueprints/terraform/terraform-google-memorystore:redis-cluster/v13.0.1" } provider_meta "google-beta" { - module_name = "blueprints/terraform/terraform-google-memorystore:redis-cluster/v13.0.0" + module_name = "blueprints/terraform/terraform-google-memorystore:redis-cluster/v13.0.1" } } diff --git a/modules/valkey/metadata.yaml b/modules/valkey/metadata.yaml index 9df7376..c6c6dfb 100644 --- a/modules/valkey/metadata.yaml +++ b/modules/valkey/metadata.yaml @@ -25,7 +25,7 @@ spec: repo: https://github.com/terraform-google-modules/terraform-google-memorystore.git sourceType: git dir: /modules/valkey - version: 13.0.0 + version: 13.0.1 actuationTool: flavor: Terraform version: ">= 1.3" diff --git a/modules/valkey/versions.tf b/modules/valkey/versions.tf index 010898b..1aa3aaa 100644 --- a/modules/valkey/versions.tf +++ b/modules/valkey/versions.tf @@ -29,11 +29,11 @@ terraform { } provider_meta "google" { - module_name = "blueprints/terraform/terraform-google-memorystore:valkey/v13.0.0" + module_name = "blueprints/terraform/terraform-google-memorystore:valkey/v13.0.1" } provider_meta "google-beta" { - module_name = "blueprints/terraform/terraform-google-memorystore:valkey/v13.0.0" + module_name = "blueprints/terraform/terraform-google-memorystore:valkey/v13.0.1" } } diff --git a/versions.tf b/versions.tf index 1d7cc31..66db8d1 100644 --- a/versions.tf +++ b/versions.tf @@ -25,7 +25,7 @@ terraform { } provider_meta "google" { - module_name = "blueprints/terraform/terraform-google-memorystore/v13.0.0" + module_name = "blueprints/terraform/terraform-google-memorystore/v13.0.1" } }