Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make CloudSQL secret replication configurable #2828

Merged
merged 2 commits into from
Aug 9, 2024
Merged

Make CloudSQL secret replication configurable #2828

merged 2 commits into from
Aug 9, 2024

Conversation

dgouju
Copy link
Contributor

@dgouju dgouju commented Jul 30, 2024
edited
Loading

Currently, the replication configuration of the CloudSQL secret makes it statically global. Customers who are using constraints/gcp.resourceLocations Org Policy to restrict regions are blocked because it forbids global resources:

Error: Error creating Secret: googleapi: Error 400: Constraint constraints/gcp.resourceLocations violated for [orgpolicy:projects/XXXX] attempting to create a secret in [global]. 
For more information, see https://cloud.google.com/resource-manager/docs/organization-policy/defining-locations.

This proposal is based on HTCondor secret management: 1 2

@mr0re1
Copy link
Collaborator

mr0re1 commented Jul 30, 2024

/gcbrun

@mr0re1 mr0re1 added the release-module-improvements Added to release notes under the "Module Improvements" heading. label Jul 31, 2024
@tpdownes tpdownes assigned dgouju and unassigned tpdownes Jul 31, 2024
@dgouju dgouju requested review from mr0re1 and tpdownes August 1, 2024 06:49
@tpdownes tpdownes assigned tpdownes and unassigned dgouju Aug 7, 2024
@tpdownes
Copy link
Member

tpdownes commented Aug 9, 2024

/gcbrun

@tpdownes tpdownes enabled auto-merge August 9, 2024 21:22
@tpdownes tpdownes force-pushed the cloudsql-secret-regions branch from eba09e7 to 0ba99e5 Compare August 9, 2024 21:26
@tpdownes
Copy link
Member

tpdownes commented Aug 9, 2024

/gcbrun

@tpdownes tpdownes merged commit d1d5590 into GoogleCloudPlatform:develop Aug 9, 2024
8 of 51 checks passed
@rohitramu rohitramu mentioned this pull request Sep 12, 2024
Merged
@dgouju dgouju deleted the cloudsql-secret-regions branch September 23, 2024 08:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tpdownes tpdownes tpdownes approved these changes

@mr0re1 mr0re1 Awaiting requested review from mr0re1

Assignees

@tpdownes tpdownes

Labels
release-module-improvements Added to release notes under the "Module Improvements" heading.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@dgouju @mr0re1 @tpdownes