feat: update 3-networks to support TPG 4 and other updates (#733)

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Andrew Peabody <[email protected]>

Author: dependabot[bot]

0-bootstrap/main.tf

@@ -46,6 +46,9 @@ module "seed_bootstrap" {
   org_admins_org_iam_permissions = local.org_admins_org_iam_permissions
   project_prefix                 = var.project_prefix
 
+  # Remove after github.com/terraform-google-modules/terraform-google-bootstrap/issues/160
+  depends_on = [google_folder.bootstrap]
+
   project_labels = {
     environment       = "bootstrap"
     application_name  = "seed-bootstrap"
@@ -121,6 +124,9 @@ module "cloudbuild_bootstrap" {
   terraform_version           = "0.13.7"
   terraform_version_sha256sum = "4a52886e019b4fdad2439da5ff43388bbcc6cce9784fde32c53dcd0e28ca9957"
 
+  # Remove after github.com/terraform-google-modules/terraform-google-bootstrap/issues/160
+  depends_on = [module.seed_bootstrap]
+
   activate_apis = [
     "serviceusage.googleapis.com",
     "servicenetworking.googleapis.com",

3-networks/envs/shared/dns-hub.tf

@@ -53,7 +53,7 @@ data "google_projects" "dns_hub" {
 
 module "dns_hub_vpc" {
   source                                 = "terraform-google-modules/network/google"
-  version                                = "~> 2.0"
+  version                                = "~> 5.1"
   project_id                             = local.dns_hub_project_id
   network_name                           = "vpc-c-dns-hub"
   shared_vpc_host                        = "false"
@@ -123,7 +123,7 @@ module "dns-forwarding-zone" {
 
 module "dns_hub_region1_router1" {
   source  = "terraform-google-modules/cloud-router/google"
-  version = "~> 0.4.0"
+  version = "~> 2.0"
   name    = "cr-c-dns-hub-${local.default_region1}-cr1"
   project = local.dns_hub_project_id
   network = module.dns_hub_vpc.network_name
@@ -136,7 +136,7 @@ module "dns_hub_region1_router1" {
 
 module "dns_hub_region1_router2" {
   source  = "terraform-google-modules/cloud-router/google"
-  version = "~> 0.4.0"
+  version = "~> 2.0"
   name    = "cr-c-dns-hub-${local.default_region1}-cr2"
   project = local.dns_hub_project_id
   network = module.dns_hub_vpc.network_name
@@ -149,7 +149,7 @@ module "dns_hub_region1_router2" {
 
 module "dns_hub_region2_router1" {
   source  = "terraform-google-modules/cloud-router/google"
-  version = "~> 0.4.0"
+  version = "~> 2.0"
   name    = "cr-c-dns-hub-${local.default_region2}-cr3"
   project = local.dns_hub_project_id
   network = module.dns_hub_vpc.network_name
@@ -162,7 +162,7 @@ module "dns_hub_region2_router1" {
 
 module "dns_hub_region2_router2" {
   source  = "terraform-google-modules/cloud-router/google"
-  version = "~> 0.4.0"
+  version = "~> 2.0"
   name    = "cr-c-dns-hub-${local.default_region2}-cr4"
   project = local.dns_hub_project_id
   network = module.dns_hub_vpc.network_name

3-networks/modules/base_shared_vpc/main.tf

@@ -83,7 +83,7 @@ module "main" {
 
 module "peering" {
   source                    = "terraform-google-modules/network/google//modules/network-peering"
-  version                   = "~> 2.0"
+  version                   = "~> 5.1"
   count                     = var.mode == "spoke" ? 1 : 0
   prefix                    = "np"
   local_network             = module.main.network_self_link
@@ -124,7 +124,7 @@ resource "google_service_networking_connection" "private_vpc_connection" {
 
 module "region1_router1" {
   source  = "terraform-google-modules/cloud-router/google"
-  version = "~> 0.4.0"
+  version = "~> 2.0.0"
   count   = var.mode != "spoke" ? 1 : 0
   name    = "cr-${local.vpc_name}-${var.default_region1}-cr1"
   project = var.project_id

3-networks/modules/dedicated_interconnect/main.tf

@@ -34,7 +34,7 @@ data "google_projects" "interconnect_project" {
 
 module "interconnect_attachment1_region1" {
   source  = "terraform-google-modules/cloud-router/google//modules/interconnect_attachment"
-  version = "~> 1.3.0"
+  version = "~> 2.0.0"
 
   name    = "vl-${var.region1_interconnect1_location}-${var.vpc_name}-${var.region1}-${local.suffix1}"
   project = local.interconnect_project_id

3-networks/modules/restricted_shared_vpc/main.tf

@@ -84,7 +84,7 @@ module "main" {
 
 module "peering" {
   source                    = "terraform-google-modules/network/google//modules/network-peering"
-  version                   = "~> 2.0"
+  version                   = "~> 5.1"
   count                     = var.mode == "spoke" ? 1 : 0
   prefix                    = "np"
   local_network             = module.main.network_self_link
@@ -125,7 +125,7 @@ resource "google_service_networking_connection" "private_vpc_connection" {
 
 module "region1_router1" {
   source  = "terraform-google-modules/cloud-router/google"
-  version = "~> 1.3.0"
+  version = "~> 2.0.0"
   count   = var.mode != "spoke" ? 1 : 0
   name    = "cr-${local.vpc_name}-${var.default_region1}-cr5"
   project = var.project_id

3-networks/modules/transitivity/main.tf

@@ -54,7 +54,7 @@ module "templates" {
 
 module "migs" {
   source            = "terraform-google-modules/vm/google//modules/mig"
-  version           = "6.0.0"
+  version           = "~> 7.7"
   for_each          = toset(var.regions)
   project_id        = var.project_id
   region            = each.key
@@ -71,13 +71,14 @@ module "migs" {
       min_ready_sec                = 180
       minimal_action               = "RESTART"
       type                         = "OPPORTUNISTIC"
+      replacement_method           = "SUBSTITUTE"
     }
   ]
 }
 
 module "ilbs" {
   source                  = "GoogleCloudPlatform/lb-internal/google"
-  version                 = "~> 4.5.0"
+  version                 = "~> 4.6.0"
   for_each                = toset(var.regions)
   region                  = each.key
   name                    = each.key

4-projects/business_unit_1/shared/example_infra_pipeline.tf

@@ -32,7 +32,6 @@ module "app_infra_cloudbuild_project" {
     "artifactregistry.googleapis.com",
     "cloudresourcemanager.googleapis.com"
   ]
-
   # Metadata
   project_suffix    = "infra-pipeline"
   application_name  = "app-infra-pipelines"

4-projects/business_unit_2/shared/README.md

@@ -8,10 +8,10 @@
 | billing\_account | The ID of the billing account to associated this project with | `string` | n/a | yes |
 | budget\_amount | The amount to use as the budget | `number` | `1000` | no |
 | default\_region | Default region to create resources where applicable. | `string` | `"us-central1"` | no |
-| folder\_prefix | Name prefix to use for folders created. | `string` | `"fldr"` | no |
+| folder\_prefix | Name prefix to use for folders created. Should be the same in all steps. | `string` | `"fldr"` | no |
 | org\_id | The organization id for the associated services | `string` | n/a | yes |
-| parent\_folder | Optional - if using a folder for testing. | `string` | `""` | no |
-| project\_prefix | Name prefix to use for projects created. | `string` | `"prj"` | no |
+| parent\_folder | Optional - for an organization with existing projects or for development/validation. It will place all the example foundation resources under the provided folder instead of the root organization. The value is the numeric folder ID. The folder must already exist. Must be the same value used in previous step. | `string` | `""` | no |
+| project\_prefix | Name prefix to use for projects created. Should be the same in all steps. Max size is 3 characters. | `string` | `"prj"` | no |
 | terraform\_service\_account | Service account email of the account to impersonate to run Terraform | `string` | n/a | yes |
 
 ## Outputs

4-projects/business_unit_2/shared/variables.tf

@@ -36,7 +36,7 @@ variable "billing_account" {
 }
 
 variable "parent_folder" {
-  description = "Optional - if using a folder for testing."
+  description = "Optional - for an organization with existing projects or for development/validation. It will place all the example foundation resources under the provided folder instead of the root organization. The value is the numeric folder ID. The folder must already exist. Must be the same value used in previous step."
   type        = string
   default     = ""
 }
@@ -60,13 +60,13 @@ variable "budget_amount" {
 }
 
 variable "folder_prefix" {
-  description = "Name prefix to use for folders created."
+  description = "Name prefix to use for folders created. Should be the same in all steps."
   type        = string
   default     = "fldr"
 }
 
 variable "project_prefix" {
-  description = "Name prefix to use for projects created."
+  description = "Name prefix to use for projects created. Should be the same in all steps. Max size is 3 characters."
   type        = string
   default     = "prj"
 }

4-projects/modules/base_env/example_storage_cmek.tf

@@ -59,7 +59,7 @@ module "kms" {
 resource "random_string" "bucket_name" {
   length  = 5
   upper   = false
-  number  = true
+  numeric = true
   lower   = true
   special = false
 }