CHANGELOG.md

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning. This changelog is generated automatically based on Conventional Commits.

0.2.0 (2024-09-27)

Features

• 2-multitenant: enable binauthz on AP and add test (#207) (c3ccaa1)
• 4-fleetscope: migrate to Workload Identity Federation for GKE (#191) (dfdae3f)
• 4-fleetscope: use fleet_app_operator_permissions (#209) (5e4114a)
• add app folder, remove allauthenticatedusers permissions for docker images and update local deployment docs (#221) (99e5ede)
• add backend.tf instructions and cluster service accounts output (#219) (7001a69)
• adds frontend app infra test (#108) (d0110ec)
• adds prefix at project and resources created at shared projects (#231) (b7f66f6)
• appfactory: refactor appfactory to support multiple apps and nested parallel tests (#112) (d87c954)
• appinfra: configurable envs (#154) (1e1fa2e)
• deploy with cloudbuild (#237) (099bad5)
• deps: Update Terraform Google Provider to v6 (major) (#213) (58e500e)
• first version of E2E tests (#180) (44f4ffc)
• granted cloud service mesh agent the necessary permission on ne… (#162) (73028ab)
• Input group name to fleet-scope for log viewing (#155) (8064ecf)
• module: ensure there are no external ips in the cluster nodes (#212) (030cad1)
• multitenant: add certificate (#179) (f5a31e3)
• multitenant: add NAP & AP as cluster types (#198) (31a9a7e)
• multitenant: enable security_posture, dpv2, cost_allocation (#135) (ae06552)
• multitenant: enforce private cluster control plane ip address (#214) (52edb3d)
• multitenant: make cluster project creation optional (#117) (878a63e)
• multitenant: refactor multitenant to be multi-app configurable (#148) (64e8b40)
• Refactor integration tests 5-appinfra (#169) (77263bf)
• refactor step 6 integration tests (#137) (5aa2981)
• replaced cloudsql with alloydb (#165) (27ec2d2)
• use namespaces created on fleetscope on cymbal-bank manifests (#228) (1a4991f)

Bug Fixes

• add minimum TF version requirements (#168) (cf8a456)
• add permission, clarifications, dedup (#160) (818f119)
• Adds prefix at frontend namespace (#248) (8131e86)
• deps: Update Terraform GoogleCloudPlatform/cloud-armor/google to v3 (#227) (4056964)
• deps: update terraform terraform-google-modules/cloud-storage/google to v6 (#138) (3335013)
• deps: Update Terraform terraform-google-modules/iam/google to v8 (#241) (d784d89)
• deps: update terraform terraform-google-modules/kubernetes-engine/google to v31 (#157) (0e7ed98)
• deps: Update Terraform terraform-google-modules/kubernetes-engine/google to v32 (#205) (ab8b5b4)
• deps: Update Terraform terraform-google-modules/kubernetes-engine/google to v33 (#233) (fac40bf)
• deps: Update Terraform terraform-google-modules/project-factory/google to v16 (#211) (a2fdf6e)
• deps: Update Terraform terraform-google-modules/project-factory/google to v17 (#240) (d31f750)
• deps: Update terraform-google-modules/project-factory v17 (#246) (fe09967)
• fixes for lint (#204) (7980e05)
• Fixes nonproduction name (#235) (293b5fd)
• fixes provider_metadata (#249) (92ec3ae)
• fixing production environment drift (#250) (9c1b05b)
• fleetscope: add config_sync enable (#244) (e166a00)
• fleetscope: depends on and separate poco membership (#124) (1f7df6e)
• fleetscope: serialize fleet feature enables (#177) (a510901)
• Grants metric and trace roles to k8s agent, enables metric api (#174) (7cb1d5f)
• migrate non-production to nonproduction (#190) (204a0f6)
• migrate to nonprod (#243) (6776ceb)
• multitenant: avoid 5.44.0 & 6.2.0 (#229) (91f7b9d)
• multitenant: remove unused app service accounts (#194) (a10a6e7)
• refactor 3-fleetscope, fetch remote state from 2-multitenant for variable values (#225) (e30ba1d)
• renames fleetscope and appfactory folders (#218) (3f06411)
• update team name (#216) (496368b)

0.1.0 (2024-05-10)

⚠ BREAKING CHANGES

• Bootstrap test integration and change in buckets creation (#41)

Features

• 2-multitenant: initial README, tfvar, and variable object (#84) (6b28838)
• add appfactory integration tests (#59) (01dd44a)
• add cloud armor policy (#48) (b2cc1af)
• add cluster and fleet projects (#25) (841e864)
• add GKE clusters and hub memberships (#12) (7618b55)
• add integration tests 2-multitenant (#91) (2948189)
• Add multitenant integration test (#46) (b8b1c10)
• add node pool using surge strategy (#19) (25a50fc)
• add phases 2-5 (#9) (b71a3a9)
• add prerequisite VPCs and projects (#11) (626867c)
• added acm: config sync and policy controller (#31) (70200c1)
• added appfactory for other 5 apps (#79) (1038c4d)
• added ci/cd pipeline for the frontend service (#51) (7c1c50c)
• added cicd for accounts and ledger services for cymbal bank app (#69) (8bfb465)
• added cloud armor rule to block xss attack (#58) (d47ff70)
• added fleet scope and namespace (#15) (f02c26f)
• added fleet scope logging (#26) (d2ec68c)
• added gateway and asm ingress k8s resources (#65) (5034fee)
• added integration tests to the CI for the 5 other apps (#78) (13615d0)
• added k8s manifests for cymbal bank frontend (#68) (a0dda5c)
• added labels, permissions needed for service mesh, and multi cl… (#54) (0976081)
• added multiclusteringress hub feature for use by multiclustergateway (#24) (ae268bd)
• added namespace for accounts and ledger with label istio-injection (#83) (d93659f)
• added service mesh (#27) (207e2bd)
• added sql database (#72) (bc5ebec)
• added virtual service and destination rule to allow for localit… (#56) (84cff84)
• adjusted sqli cloudarmor rule sensitivity level 1 to allow for cymbal bank app (#85) (fca30d6)
• Application factory phase (#38) (2e95d39)
• Application Source phase folder (#42) (fc83bcc)
• bootstrap phase (#8) (06b47d7)
• Bootstrap test integration and change in buckets creation (#41) (6f5421e)
• cluster: enable binauthz (#36) (e6135dc)
• cluster: enabled balanced autoscaling (#34) (cb43517)
• cluster: switch to private cluster (#35) (779db70)
• create ip_address (#50) (5c2c7b9)
• create multiple namespaces with namespace_ids, one namespace per scope … (#40) (e59bb7f)
• cross_project_sa upstream (#39) (7fcc0d9)
• enable workload identity (#49) (5dd8784)
• fleetscope: add poco pss-baseline and fleet_project_id (#105) (a0ae960)
• gateway and ingress (#55) (e118ebb)
• initial fleetscope README, tfvar, and variable object (#86) (4b6cec2)
• Integration tests fleetscope (#61) (454618c)
• moved db from 2-multitenant to 5-appinfra (#96) (f197505)
• switch to release gke module (#37) (adbb4e6)
• switched to use Cymbal Bank logo and title (#76) (a1a0754)

Bug Fixes

• add stage 2 outputs (#17) (f22d434)
• appfactory: add clouddeploy api to app admin project (#114) (014b8da)
• CI: use larger collusion domain for eab_cluster_project suffix (#100) (60497b1)
• consolidate fleet into gke project (#64) (69b2a91)
• deps: Update module github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test to v0.12.0 (#14) (92d805b)
• deps: Update module github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test to v0.12.1 (#16) (6ceaaf0)
• deps: Update Terraform terraform-google-modules/kubernetes-engine/google to v30 (#18) (56c3360)
• deps: Update Terraform terraform-google-modules/project-factory/google to v15 (#118) (7aafd39)
• fleetscope: prevent possible race condition (#106) (2a7637f)
• only create a single cluster in dev (#23) (846f68e)
• provider_meta and test boilerplate (#6) (646dc9f)
• use google_project_service_identity for servicemesh sa (#66) (1964445)

0.1.0 - 20XX-YY-ZZ

Features

• Initial release