diff --git a/0-bootstrap/README.md b/0-bootstrap/README.md index 1fb8d3f6..88bedfaa 100644 --- a/0-bootstrap/README.md +++ b/0-bootstrap/README.md @@ -145,12 +145,12 @@ Using Terraform Cloud requires manual creation of the GitHub repositories or Git **Note:** When deploying with cloud build is also possible to use a [script helper](../helpers/foundation-deployer/README.md) to do the deploy. -1. Clone [terraform-example-foundation](https://github.com/terraform-google-modules/terraform-example-foundation) into your local environment and navigate to the `0-bootstrap` folder. +1. Clone [terraform-example-foundation](https://github.com/GoogleCloudPlatform/pbmm-on-gcp-onboarding) into your local environment and navigate to the `0-bootstrap` folder. ```bash - git clone https://github.com/terraform-google-modules/terraform-example-foundation.git + git clone https://github.com/GoogleCloudPlatform/pbmm-on-gcp-onboarding.git - cd terraform-example-foundation/0-bootstrap + cd pbmm-on-gcp-onboarding/0-bootstrap ``` 1. Rename `terraform.example.tfvars` to `terraform.tfvars` and update the file with values from your environment: @@ -236,7 +236,7 @@ Using Terraform Cloud requires manual creation of the GitHub repositories or Git ``` 1. (Optional) Run `terraform plan` to verify that state is configured correctly. You should see no changes from the previous state. -1. Clone the policy repo and copy contents of policy-library to new repo. Clone the repo at the same level of the `terraform-example-foundation` folder. +1. Clone the policy repo and copy contents of policy-library to new repo. Clone the repo at the same level of the `pbmm-on-gcp-onboarding` folder. ```bash cd ../.. @@ -245,7 +245,7 @@ Using Terraform Cloud requires manual creation of the GitHub repositories or Git cd gcp-policies git checkout -b main - cp -RT ../terraform-example-foundation/policy-library/ . + cp -RT ../pbmm-on-gcp-onboarding/policy-library/ . ``` 1. Commit changes and push your main branch to the policy repo. @@ -271,9 +271,9 @@ Using Terraform Cloud requires manual creation of the GitHub repositories or Git git checkout -b plan mkdir -p envs/shared - cp -RT ../terraform-example-foundation/0-bootstrap/ ./envs/shared - cp ../terraform-example-foundation/build/cloudbuild-tf-* . - cp ../terraform-example-foundation/build/tf-wrapper.sh . + cp -RT ../pbmm-on-gcp-onboarding/0-bootstrap/ ./envs/shared + cp ../pbmm-on-gcp-onboarding/build/cloudbuild-tf-* . + cp ../pbmm-on-gcp-onboarding/build/tf-wrapper.sh . chmod 755 ./tf-wrapper.sh git add . diff --git a/1-org/README.md b/1-org/README.md index 9dd52a4f..7b7bbd46 100644 --- a/1-org/README.md +++ b/1-org/README.md @@ -113,11 +113,11 @@ This module creates and applies [tags](https://cloud.google.com/resource-manager ### Deploying with Cloud Build 1. Clone the `gcp-org` repo based on the Terraform output from the `0-bootstrap` step. -Clone the repo at the same level of the `terraform-example-foundation` folder. +Clone the repo at the same level of the `pbmm-on-gcp-onboarding` folder. If required, run `terraform output cloudbuild_project_id` in the `0-bootstrap` folder to get the Cloud Build Project ID. ```bash - export CLOUD_BUILD_PROJECT_ID=$(terraform -chdir="terraform-example-foundation/0-bootstrap/" output -raw cloudbuild_project_id) + export CLOUD_BUILD_PROJECT_ID=$(terraform -chdir="pbmm-on-gcp-onboarding/0-bootstrap/" output -raw cloudbuild_project_id) echo ${CLOUD_BUILD_PROJECT_ID} gcloud source repos clone gcp-org --project=${CLOUD_BUILD_PROJECT_ID} @@ -134,9 +134,9 @@ If required, run `terraform output cloudbuild_project_id` in the `0-bootstrap` f cd gcp-org git checkout -b plan - cp -RT ../terraform-example-foundation/1-org/ . - cp ../terraform-example-foundation/build/cloudbuild-tf-* . - cp ../terraform-example-foundation/build/tf-wrapper.sh . + cp -RT ../pbmm-on-gcp-onboarding/1-org/ . + cp ../pbmm-on-gcp-onboarding/build/cloudbuild-tf-* . + cp ../pbmm-on-gcp-onboarding/build/tf-wrapper.sh . chmod 755 ./tf-wrapper.sh ``` @@ -149,7 +149,7 @@ If required, run `terraform output cloudbuild_project_id` in the `0-bootstrap` f 1. Check if a Security Command Center notification with the default name, **scc-notify**, already exists. If it exists, choose a different value for the `scc_notification_name` variable in the `./envs/shared/terraform.tfvars` file. ```bash - export ORGANIZATION_ID=$(terraform -chdir="../terraform-example-foundation/0-bootstrap/" output -json common_config | jq '.org_id' --raw-output) + export ORGANIZATION_ID=$(terraform -chdir="../pbmm-on-gcp-onboarding/0-bootstrap/" output -json common_config | jq '.org_id' --raw-output) gcloud scc notifications describe "scc-notify" --organization=${ORGANIZATION_ID} ``` @@ -163,7 +163,7 @@ If required, run `terraform output cloudbuild_project_id` in the `0-bootstrap` f 1. Update the `envs/shared/terraform.tfvars` file with values from your environment and 0-bootstrap step. If the previous step showed a numeric value, un-comment the variable `create_access_context_manager_access_policy = false`. See the shared folder [README.md](./envs/shared/README.md) for additional information on the values in the `terraform.tfvars` file. ```bash - export backend_bucket=$(terraform -chdir="../terraform-example-foundation/0-bootstrap/" output -raw gcs_bucket_tfstate) + export backend_bucket=$(terraform -chdir="../pbmm-on-gcp-onboarding/0-bootstrap/" output -raw gcs_bucket_tfstate) echo "remote_state_bucket = ${backend_bucket}" sed -i'' -e "s/REMOTE_STATE_BUCKET/${backend_bucket}/" ./envs/shared/terraform.tfvars @@ -200,7 +200,7 @@ If required, run `terraform output cloudbuild_project_id` in the `0-bootstrap` f If you received a `PERMISSION_DENIED` error while running the `gcloud access-context-manager` or the `gcloud scc notifications` commands, you can append the following to run the command as the Terraform service account: ```bash ---impersonate-service-account=$(terraform -chdir="../terraform-example-foundation/0-bootstrap/" output -raw organization_step_terraform_service_account_email) +--impersonate-service-account=$(terraform -chdir="../pbmm-on-gcp-onboarding/0-bootstrap/" output -raw organization_step_terraform_service_account_email) ``` ### Deploying with Jenkins @@ -213,11 +213,11 @@ See `0-bootstrap` [README-GitHub.md](../0-bootstrap/README-GitHub.md#deploying-s ### Running Terraform locally -1. The next instructions assume that you are at the same level of the `terraform-example-foundation` folder. +1. The next instructions assume that you are at the same level of the `pbmm-on-gcp-onboarding` folder. Change into the `1-org` folder, copy the Terraform wrapper script, and ensure it can be executed. ```bash - cd terraform-example-foundation/1-org + cd pbmm-on-gcp-onboarding/1-org cp ../build/tf-wrapper.sh . chmod 755 ./tf-wrapper.sh ``` diff --git a/2-environments/README.md b/2-environments/README.md index ef26d7a9..e1a51dac 100644 --- a/2-environments/README.md +++ b/2-environments/README.md @@ -90,11 +90,11 @@ commands. The `-T` flag is needed for Linux, but causes problems for MacOS. ### Deploying with Cloud Build 1. Clone the `gcp-environments` repo based on the Terraform output from the `0-bootstrap` step. -Clone the repo at the same level of the `terraform-example-foundation` folder, the following instructions assume this layout. +Clone the repo at the same level of the `pbmm-on-gcp-onboarding` folder, the following instructions assume this layout. Run `terraform output cloudbuild_project_id` in the `0-bootstrap` folder to get the Cloud Build Project ID. ```bash - export CLOUD_BUILD_PROJECT_ID=$(terraform -chdir="terraform-example-foundation/0-bootstrap/" output -raw cloudbuild_project_id) + export CLOUD_BUILD_PROJECT_ID=$(terraform -chdir="pbmm-on-gcp-onboarding/0-bootstrap/" output -raw cloudbuild_project_id) echo ${CLOUD_BUILD_PROJECT_ID} gcloud source repos clone gcp-environments --project=${CLOUD_BUILD_PROJECT_ID} @@ -108,9 +108,9 @@ Run `terraform output cloudbuild_project_id` in the `0-bootstrap` folder to get cd gcp-environments git checkout -b plan - cp -RT ../terraform-example-foundation/2-environments/ . - cp ../terraform-example-foundation/build/cloudbuild-tf-* . - cp ../terraform-example-foundation/build/tf-wrapper.sh . + cp -RT ../pbmm-on-gcp-onboarding/2-environments/ . + cp ../pbmm-on-gcp-onboarding/build/cloudbuild-tf-* . + cp ../pbmm-on-gcp-onboarding/build/tf-wrapper.sh . chmod 755 ./tf-wrapper.sh ``` @@ -123,7 +123,7 @@ Run `terraform output cloudbuild_project_id` in the `0-bootstrap` folder to get 1. Update the file with values from your environment and bootstrap (you can re-run `terraform output` in the 0-bootstrap directory to find these values). See any of the envs folder [README.md](./envs/production/README.md#inputs) files for additional information on the values in the `terraform.tfvars` file. ```bash - export backend_bucket=$(terraform -chdir="../terraform-example-foundation/0-bootstrap/" output -raw gcs_bucket_tfstate) + export backend_bucket=$(terraform -chdir="../pbmm-on-gcp-onboarding/0-bootstrap/" output -raw gcs_bucket_tfstate) echo "remote_state_bucket = ${backend_bucket}" sed -i'' -e "s/REMOTE_STATE_BUCKET/${backend_bucket}/" terraform.tfvars @@ -182,10 +182,10 @@ See `0-bootstrap` [README-GitHub.md](../0-bootstrap/README-GitHub.md#deploying-s ### Run Terraform locally -1. The next instructions assume that you are at the same level of the `terraform-example-foundation` folder. Change into `2-environments` folder, copy the Terraform wrapper script and ensure it can be executed. +1. The next instructions assume that you are at the same level of the `pbmm-on-gcp-onboarding` folder. Change into `2-environments` folder, copy the Terraform wrapper script and ensure it can be executed. ```bash - cd terraform-example-foundation/2-environments + cd pbmm-on-gcp-onboarding/2-environments cp ../build/tf-wrapper.sh . chmod 755 ./tf-wrapper.sh ``` diff --git a/3-networks-hub-and-spoke/README.md b/3-networks-hub-and-spoke/README.md index 73bf4db3..3623a078 100644 --- a/3-networks-hub-and-spoke/README.md +++ b/3-networks-hub-and-spoke/README.md @@ -65,10 +65,10 @@ The purpose of this step is to: 1. 0-bootstrap executed successfully. 1. 1-org executed successfully. 1. 2-environments executed successfully. -1. Obtain the value for the access_context_manager_policy_id variable. It can be obtained by running the following commands. We assume you are at the same level as directory `terraform-example-foundation`, If you run them from another directory, adjust your paths accordingly. +1. Obtain the value for the access_context_manager_policy_id variable. It can be obtained by running the following commands. We assume you are at the same level as directory `pbmm-on-gcp-onboarding`, If you run them from another directory, adjust your paths accordingly. ```bash - export ORGANIZATION_ID=$(terraform -chdir="terraform-example-foundation/0-bootstrap/" output -json common_config | jq '.org_id' --raw-output) + export ORGANIZATION_ID=$(terraform -chdir="pbmm-on-gcp-onboarding/0-bootstrap/" output -json common_config | jq '.org_id' --raw-output) export ACCESS_CONTEXT_MANAGER_ID=$(gcloud access-context-manager policies list --organization ${ORGANIZATION_ID} --format="value(name)") echo "access_context_manager_policy_id = ${ACCESS_CONTEXT_MANAGER_ID}" ``` @@ -146,11 +146,11 @@ If you are not able to use Dedicated or Partner Interconnect, you can also use a ### Deploying with Cloud Build 1. Clone the `gcp-networks` repo based on the Terraform output from the `0-bootstrap` step. -Clone the repo at the same level of the `terraform-example-foundation` folder, the following instructions assume this layout. +Clone the repo at the same level of the `pbmm-on-gcp-onboarding` folder, the following instructions assume this layout. Run `terraform output cloudbuild_project_id` in the `0-bootstrap` folder to get the Cloud Build Project ID. ```bash - export CLOUD_BUILD_PROJECT_ID=$(terraform -chdir="terraform-example-foundation/0-bootstrap/" output -raw cloudbuild_project_id) + export CLOUD_BUILD_PROJECT_ID=$(terraform -chdir="pbmm-on-gcp-onboarding/0-bootstrap/" output -raw cloudbuild_project_id) echo ${CLOUD_BUILD_PROJECT_ID} gcloud source repos clone gcp-networks --project=${CLOUD_BUILD_PROJECT_ID} @@ -162,9 +162,9 @@ Run `terraform output cloudbuild_project_id` in the `0-bootstrap` folder to get cd gcp-networks/ git checkout -b plan - cp -RT ../terraform-example-foundation/3-networks-hub-and-spoke/ . - cp ../terraform-example-foundation/build/cloudbuild-tf-* . - cp ../terraform-example-foundation/build/tf-wrapper.sh . + cp -RT ../pbmm-on-gcp-onboarding/3-networks-hub-and-spoke/ . + cp ../pbmm-on-gcp-onboarding/build/cloudbuild-tf-* . + cp ../pbmm-on-gcp-onboarding/build/tf-wrapper.sh . chmod 755 ./tf-wrapper.sh ``` @@ -182,13 +182,13 @@ Run `terraform output cloudbuild_project_id` in the `0-bootstrap` folder to get Use `terraform output` to get the backend bucket value from 0-bootstrap output. ```bash - export ORGANIZATION_ID=$(terraform -chdir="../terraform-example-foundation/0-bootstrap/" output -json common_config | jq '.org_id' --raw-output) + export ORGANIZATION_ID=$(terraform -chdir="../pbmm-on-gcp-onboarding/0-bootstrap/" output -json common_config | jq '.org_id' --raw-output) export ACCESS_CONTEXT_MANAGER_ID=$(gcloud access-context-manager policies list --organization ${ORGANIZATION_ID} --format="value(name)") echo "access_context_manager_policy_id = ${ACCESS_CONTEXT_MANAGER_ID}" sed -i'' -e "s/ACCESS_CONTEXT_MANAGER_ID/${ACCESS_CONTEXT_MANAGER_ID}/" ./access_context.auto.tfvars - export backend_bucket=$(terraform -chdir="../terraform-example-foundation/0-bootstrap/" output -raw gcs_bucket_tfstate) + export backend_bucket=$(terraform -chdir="../pbmm-on-gcp-onboarding/0-bootstrap/" output -raw gcs_bucket_tfstate) echo "remote_state_bucket = ${backend_bucket}" sed -i'' -e "s/REMOTE_STATE_BUCKET/${backend_bucket}/" ./common.auto.tfvars @@ -207,10 +207,10 @@ Run `terraform output cloudbuild_project_id` in the `0-bootstrap` folder to get 1. Use `terraform output` to get the Cloud Build project ID and the networks step Terraform Service Account from 0-bootstrap output. An environment variable `GOOGLE_IMPERSONATE_SERVICE_ACCOUNT` will be set using the Terraform Service Account to enable impersonation. ```bash - export CLOUD_BUILD_PROJECT_ID=$(terraform -chdir="../terraform-example-foundation/0-bootstrap/" output -raw cloudbuild_project_id) + export CLOUD_BUILD_PROJECT_ID=$(terraform -chdir="../pbmm-on-gcp-onboarding/0-bootstrap/" output -raw cloudbuild_project_id) echo ${CLOUD_BUILD_PROJECT_ID} - export GOOGLE_IMPERSONATE_SERVICE_ACCOUNT=$(terraform -chdir="../terraform-example-foundation/0-bootstrap/" output -raw networks_step_terraform_service_account_email) + export GOOGLE_IMPERSONATE_SERVICE_ACCOUNT=$(terraform -chdir="../pbmm-on-gcp-onboarding/0-bootstrap/" output -raw networks_step_terraform_service_account_email) echo ${GOOGLE_IMPERSONATE_SERVICE_ACCOUNT} ``` @@ -285,10 +285,10 @@ See `0-bootstrap` [README-GitHub.md](../0-bootstrap/README-GitHub.md#deploying-s ### Run Terraform locally -1. The next instructions assume that you are at the same level of the `terraform-example-foundation` folder. Change into `3-networks-hub-and-spoke` folder, copy the Terraform wrapper script and ensure it can be executed. +1. The next instructions assume that you are at the same level of the `pbmm-on-gcp-onboarding` folder. Change into `3-networks-hub-and-spoke` folder, copy the Terraform wrapper script and ensure it can be executed. ```bash - cd terraform-example-foundation/3-networks-hub-and-spoke + cd pbmm-on-gcp-onboarding/3-networks-hub-and-spoke cp ../build/tf-wrapper.sh . chmod 755 ./tf-wrapper.sh ``` diff --git a/4-projects/README.md b/4-projects/README.md index fcb785a9..ffe92a73 100644 --- a/4-projects/README.md +++ b/4-projects/README.md @@ -94,7 +94,7 @@ Clone the repo at the same level of the `terraform-example-foundation` folder, t Run `terraform output cloudbuild_project_id` in the `0-bootstrap` folder to get the Cloud Build Project ID. ```bash - export CLOUD_BUILD_PROJECT_ID=$(terraform -chdir="terraform-example-foundation/0-bootstrap/" output -raw cloudbuild_project_id) + export CLOUD_BUILD_PROJECT_ID=$(terraform -chdir="pbmm-on-gcp-onboarding/0-bootstrap/" output -raw cloudbuild_project_id) echo ${CLOUD_BUILD_PROJECT_ID} gcloud source repos clone gcp-projects --project=${CLOUD_BUILD_PROJECT_ID} @@ -106,9 +106,9 @@ Run `terraform output cloudbuild_project_id` in the `0-bootstrap` folder to get cd gcp-projects git checkout -b plan - cp -RT ../terraform-example-foundation/4-projects/ . - cp ../terraform-example-foundation/build/cloudbuild-tf-* . - cp ../terraform-example-foundation/build/tf-wrapper.sh . + cp -RT ../pbmm-on-gcp-onboarding/4-projects/ . + cp ../pbmm-on-gcp-onboarding/build/cloudbuild-tf-* . + cp ../pbmm-on-gcp-onboarding/build/tf-wrapper.sh . chmod 755 ./tf-wrapper.sh ``` @@ -128,7 +128,7 @@ Run `terraform output cloudbuild_project_id` in the `0-bootstrap` folder to get 1. Use `terraform output` to get the backend bucket value from 0-bootstrap output. ```bash - export remote_state_bucket=$(terraform -chdir="../terraform-example-foundation/0-bootstrap/" output -raw gcs_bucket_tfstate) + export remote_state_bucket=$(terraform -chdir="../pbmm-on-gcp-onboarding/0-bootstrap/" output -raw gcs_bucket_tfstate) echo "remote_state_bucket = ${remote_state_bucket}" sed -i'' -e "s/REMOTE_STATE_BUCKET/${remote_state_bucket}/" ./common.auto.tfvars @@ -146,10 +146,10 @@ Run `terraform output cloudbuild_project_id` in the `0-bootstrap` folder to get 1. Use `terraform output` to get the Cloud Build project ID and the projects step Terraform Service Account from 0-bootstrap output. An environment variable `GOOGLE_IMPERSONATE_SERVICE_ACCOUNT` will be set using the Terraform Service Account to enable impersonation. ```bash - export CLOUD_BUILD_PROJECT_ID=$(terraform -chdir="../terraform-example-foundation/0-bootstrap/" output -raw cloudbuild_project_id) + export CLOUD_BUILD_PROJECT_ID=$(terraform -chdir="../pbmm-on-gcp-onboarding/0-bootstrap/" output -raw cloudbuild_project_id) echo ${CLOUD_BUILD_PROJECT_ID} - export GOOGLE_IMPERSONATE_SERVICE_ACCOUNT=$(terraform -chdir="../terraform-example-foundation/0-bootstrap/" output -raw projects_step_terraform_service_account_email) + export GOOGLE_IMPERSONATE_SERVICE_ACCOUNT=$(terraform -chdir="../pbmm-on-gcp-onboarding/0-bootstrap/" output -raw projects_step_terraform_service_account_email) echo ${GOOGLE_IMPERSONATE_SERVICE_ACCOUNT} ``` diff --git a/5-app-infra/README.md b/5-app-infra/README.md index 843bd0f3..00b94da9 100644 --- a/5-app-infra/README.md +++ b/5-app-infra/README.md @@ -101,7 +101,7 @@ Run `terraform output cloudbuild_project_id` in the `0-bootstrap` folder to get cd gcp-policies-app-infra git checkout -b main - cp -RT ../terraform-example-foundation/policy-library/ . + cp -RT ../pbmm-on-gcp-onboarding/policy-library/ . ``` 1. Commit changes and push your main branch to the new repo. @@ -133,9 +133,9 @@ Run `terraform output cloudbuild_project_id` in the `0-bootstrap` folder to get cd bu1-example-app git checkout -b plan - cp -RT ../terraform-example-foundation/5-app-infra/ . - cp ../terraform-example-foundation/build/cloudbuild-tf-* . - cp ../terraform-example-foundation/build/tf-wrapper.sh . + cp -RT ../pbmm-on-gcp-onboarding/5-app-infra/ . + cp ../pbmm-on-gcp-onboarding/build/cloudbuild-tf-* . + cp ../pbmm-on-gcp-onboarding/build/tf-wrapper.sh . chmod 755 ./tf-wrapper.sh ``` @@ -148,7 +148,7 @@ Run `terraform output cloudbuild_project_id` in the `0-bootstrap` folder to get 1. Update the file with values from your environment and 0-bootstrap. See any of the business unit 1 envs folders [README.md](./business_unit_1/production/README.md) files for additional information on the values in the `common.auto.tfvars` file. ```bash - export remote_state_bucket=$(terraform -chdir="../terraform-example-foundation/0-bootstrap/" output -raw projects_gcs_bucket_tfstate) + export remote_state_bucket=$(terraform -chdir="../pbmm-on-gcp-onboarding/0-bootstrap/" output -raw projects_gcs_bucket_tfstate) echo "remote_state_bucket = ${remote_state_bucket}" sed -i'' -e "s/REMOTE_STATE_BUCKET/${remote_state_bucket}/" ./common.auto.tfvars ``` @@ -197,7 +197,7 @@ Run `terraform output cloudbuild_project_id` in the `0-bootstrap` folder to get 1. The next instructions assume that you are at the same level of the `terraform-example-foundation` folder. Change into `5-app-infra` folder, copy the Terraform wrapper script and ensure it can be executed. ```bash - cd terraform-example-foundation/5-app-infra + cd pbmm-on-gcp-onboarding/5-app-infra cp ../build/tf-wrapper.sh . chmod 755 ./tf-wrapper.sh ``` diff --git a/scripts/validate-requirements.sh b/scripts/validate-requirements.sh index f9a883a9..00825773 100755 --- a/scripts/validate-requirements.sh +++ b/scripts/validate-requirements.sh @@ -291,7 +291,7 @@ function main(){ validate_gcloud echo "Validating Git installation..." - validate_git + #validate_git if [[ ! "$ERRORS" == *"gcloud"* ]]; then echo "Validating local gcloud configuration..."