diff --git a/CHANGELOG.md b/CHANGELOG.md index 798813718..477894f99 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,11 +6,17 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 Extending the adopted spec, each change should have a link to its corresponding pull request appended. +## [5.1.2] - 2020-02-07 + +### Added + +- Support for Forseti v2.24.1 [#499] + ## [5.1.0] - 2019-11-15 ### Added -- Support for Forseti v2.24.0 [#386] +- Support for Forseti v2.24.1 [#386] - Parameterized Kubernetes version [#385] - GCS bucket location to tutorials and examples [#382] - Improved existing resource import in v5.0.0 [#354] @@ -316,7 +322,10 @@ Version 4.0.0 is a backwards-incompatible release. Please see the [upgrade instr [v4.3.0]: https://github.com/terraform-google-modules/terraform-google-forseti/compare/v4.2.1...v4.3.0 [v5.0.0]: https://github.com/terraform-google-modules/terraform-google-forseti/compare/v4.3.0...v5.0.0 [v5.1.0]: https://github.com/terraform-google-modules/terraform-google-forseti/compare/v5.0.0...v5.1.0 +[v5.1.1]: https://github.com/terraform-google-modules/terraform-google-forseti/compare/v5.1.0...v5.1.1 +[v5.1.2]: https://github.com/terraform-google-modules/terraform-google-forseti/compare/v5.1.1...v5.1.2 +[#499]: https://github.com/forseti-security/terraform-google-forseti/pull/499 [#386]: https://github.com/forseti-security/terraform-google-forseti/pull/386 [#385]: https://github.com/forseti-security/terraform-google-forseti/pull/385 [#383]: https://github.com/forseti-security/terraform-google-forseti/pull/383 diff --git a/README.md b/README.md index bed8fa288..50a4b9caa 100644 --- a/README.md +++ b/README.md @@ -238,7 +238,7 @@ For this module to work, you need the following APIs enabled on the Forseti proj | forseti\_home | Forseti installation directory | string | `"$USER_HOME/forseti-security"` | no | | forseti\_repo\_url | Git repo for the Forseti installation | string | `"https://github.com/forseti-security/forseti-security"` | no | | forseti\_run\_frequency | Schedule of running the Forseti scans | string | `"null"` | no | -| forseti\_version | The version of Forseti to install | string | `"v2.24.0"` | no | +| forseti\_version | The version of Forseti to install | string | `"v2.24.1"` | no | | forwarding\_rule\_enabled | Forwarding rule scanner enabled. | bool | `"false"` | no | | forwarding\_rule\_violations\_should\_notify | Notify for forwarding rule violations | bool | `"true"` | no | | group\_enabled | Group scanner enabled. | bool | `"true"` | no | diff --git a/examples/on_gke_end_to_end/README.md b/examples/on_gke_end_to_end/README.md index 08ecfb33b..ce3f2fffa 100644 --- a/examples/on_gke_end_to_end/README.md +++ b/examples/on_gke_end_to_end/README.md @@ -76,8 +76,8 @@ This script will also activate necessary APIs required for Terraform to deploy F | gsuite\_admin\_email | G-Suite administrator email address to manage your Forseti installation | string | n/a | yes | | helm\_repository\_url | The Helm repository containing the 'forseti-security' Helm charts | string | `"https://forseti-security-charts.storage.googleapis.com/release/"` | no | | k8s\_forseti\_namespace | The Kubernetes namespace in which to deploy Forseti. | string | `"forseti"` | no | -| k8s\_forseti\_orchestrator\_image\_tag | The tag for the container image for the Forseti orchestrator | string | `"v2.24.0"` | no | -| k8s\_forseti\_server\_image\_tag | The tag for the container image for the Forseti server | string | `"v2.24.0"` | no | +| k8s\_forseti\_orchestrator\_image\_tag | The tag for the container image for the Forseti orchestrator | string | `"v2.24.1"` | no | +| k8s\_forseti\_server\_image\_tag | The tag for the container image for the Forseti server | string | `"v2.24.1"` | no | | k8s\_tiller\_sa\_name | The Kubernetes Service Account used by Tiller | string | `"tiller"` | no | | kubernetes\_version | The Kubernetes version of the masters. If set to 'latest' it will pull latest available version in the selected region. | string | `"1.13.12-gke.8"` | no | | network | The name of the VPC being created | string | `"forseti-gke-network"` | no | diff --git a/examples/on_gke_end_to_end/variables.tf b/examples/on_gke_end_to_end/variables.tf index c322c3f45..d5049bf67 100644 --- a/examples/on_gke_end_to_end/variables.tf +++ b/examples/on_gke_end_to_end/variables.tf @@ -126,12 +126,12 @@ variable "k8s_tiller_sa_name" { variable "k8s_forseti_orchestrator_image_tag" { description = "The tag for the container image for the Forseti orchestrator" - default = "v2.24.0" + default = "v2.24.1" } variable "k8s_forseti_server_image_tag" { description = "The tag for the container image for the Forseti server" - default = "v2.24.0" + default = "v2.24.1" } variable "kubernetes_version" { diff --git a/examples/shared_vpc/README.md b/examples/shared_vpc/README.md index 08ed05bac..47fb9f77c 100644 --- a/examples/shared_vpc/README.md +++ b/examples/shared_vpc/README.md @@ -8,7 +8,7 @@ This example illustrates how to set up a Forseti installation with shared VPC. | Name | Description | Type | Default | Required | |------|-------------|:----:|:-----:|:-----:| | domain | Organization domain | string | n/a | yes | -| forseti\_version | The version of Forseti to install | string | `"v2.24.0"` | no | +| forseti\_version | The version of Forseti to install | string | `"v2.24.1"` | no | | gsuite\_admin\_email | G Suite admin email | string | n/a | yes | | instance\_metadata | Metadata key/value pairs to make available from within the client and server instances. | map(string) | `` | no | | network | Name of the shared VPC | string | n/a | yes | diff --git a/examples/shared_vpc/variables.tf b/examples/shared_vpc/variables.tf index 92ae3cb36..f348211ab 100644 --- a/examples/shared_vpc/variables.tf +++ b/examples/shared_vpc/variables.tf @@ -16,7 +16,7 @@ variable "forseti_version" { description = "The version of Forseti to install" - default = "v2.24.0" + default = "v2.24.1" } variable "network_project" { diff --git a/examples/simple_example/README.md b/examples/simple_example/README.md index 7bf7fadaa..09c1ed656 100644 --- a/examples/simple_example/README.md +++ b/examples/simple_example/README.md @@ -10,7 +10,7 @@ This example illustrates how to set up a minimal Forseti installation. | domain | The domain associated with the GCP Organization ID | string | n/a | yes | | forseti\_email\_recipient | Forseti email recipient. | string | `""` | no | | forseti\_email\_sender | Forseti email sender. | string | `""` | no | -| forseti\_version | The version of Forseti to install | string | `"v2.24.0"` | no | +| forseti\_version | The version of Forseti to install | string | `"v2.24.1"` | no | | gsuite\_admin\_email | The email of a GSuite super admin, used for pulling user directory information *and* sending notifications. | string | n/a | yes | | instance\_metadata | Metadata key/value pairs to make available from within the client and server instances. | map(string) | `` | no | | instance\_tags | Tags to assign the client and server instances. | list(string) | `` | no | diff --git a/examples/simple_example/variables.tf b/examples/simple_example/variables.tf index b0fa0244c..5c06ee13d 100644 --- a/examples/simple_example/variables.tf +++ b/examples/simple_example/variables.tf @@ -16,7 +16,7 @@ variable "forseti_version" { description = "The version of Forseti to install" - default = "v2.24.0" + default = "v2.24.1" } variable "gsuite_admin_email" { diff --git a/modules/client/variables.tf b/modules/client/variables.tf index a0cbde49e..bb07446dc 100644 --- a/modules/client/variables.tf +++ b/modules/client/variables.tf @@ -23,7 +23,7 @@ variable "project_id" { variable "forseti_version" { description = "The version of Forseti to install" - default = "v2.24.0" + default = "v2.24.1" } variable "forseti_repo_url" { diff --git a/modules/on_gke/README.md b/modules/on_gke/README.md index fb5d16b47..cb1127ded 100644 --- a/modules/on_gke/README.md +++ b/modules/on_gke/README.md @@ -79,7 +79,7 @@ This sub-module deploys Forseti on GKE. In short, this deploys a server contain | forseti\_home | Forseti installation directory | string | `"$USER_HOME/forseti-security"` | no | | forseti\_repo\_url | Git repo for the Forseti installation | string | `"https://github.com/forseti-security/forseti-security"` | no | | forseti\_run\_frequency | Schedule of running the Forseti scans | string | `"null"` | no | -| forseti\_version | The version of Forseti to install | string | `"v2.24.0"` | no | +| forseti\_version | The version of Forseti to install | string | `"v2.24.1"` | no | | forwarding\_rule\_enabled | Forwarding rule scanner enabled. | bool | `"false"` | no | | forwarding\_rule\_violations\_should\_notify | Notify for forwarding rule violations | bool | `"true"` | no | | git\_sync\_image | The container image used by the config-validator git-sync side-car | string | `"gcr.io/google-containers/git-sync"` | no | @@ -113,9 +113,9 @@ This sub-module deploys Forseti on GKE. In short, this deploys a server contain | k8s\_config\_validator\_image\_tag | The tag for the config-validator image. | string | `"572e207"` | no | | k8s\_forseti\_namespace | The Kubernetes namespace in which to deploy Forseti. | string | `"forseti"` | no | | k8s\_forseti\_orchestrator\_image | The container image for the Forseti orchestrator | string | `"gcr.io/forseti-containers/forseti"` | no | -| k8s\_forseti\_orchestrator\_image\_tag | The tag for the container image for the Forseti orchestrator | string | `"v2.24.0"` | no | +| k8s\_forseti\_orchestrator\_image\_tag | The tag for the container image for the Forseti orchestrator | string | `"v2.24.1"` | no | | k8s\_forseti\_server\_image | The container image for the Forseti server | string | `"gcr.io/forseti-containers/forseti"` | no | -| k8s\_forseti\_server\_image\_tag | The tag for the container image for the Forseti server | string | `"v2.24.0"` | no | +| k8s\_forseti\_server\_image\_tag | The tag for the container image for the Forseti server | string | `"v2.24.1"` | no | | k8s\_forseti\_server\_ingress\_cidr | If network_policy is true, k8s_forseti_server_ingress_cidr will restrict connections to the Forseti Server service from the CIDR's specified | string | `""` | no | | k8s\_tiller\_sa\_name | The Kubernetes Service Account used by Tiller | string | `"tiller"` | no | | ke\_scanner\_enabled | KE scanner enabled. | bool | `"false"` | no | diff --git a/modules/on_gke/variables.tf b/modules/on_gke/variables.tf index c6fa3a731..da0fdb922 100644 --- a/modules/on_gke/variables.tf +++ b/modules/on_gke/variables.tf @@ -80,7 +80,7 @@ variable "gsuite_admin_email" { variable "forseti_version" { description = "The version of Forseti to install" - default = "v2.24.0" + default = "v2.24.1" } variable "forseti_repo_url" { @@ -890,7 +890,7 @@ variable "k8s_forseti_orchestrator_image" { variable "k8s_forseti_orchestrator_image_tag" { description = "The tag for the container image for the Forseti orchestrator" - default = "v2.24.0" + default = "v2.24.1" } variable "k8s_forseti_server_image" { @@ -900,7 +900,7 @@ variable "k8s_forseti_server_image" { variable "k8s_forseti_server_image_tag" { description = "The tag for the container image for the Forseti server" - default = "v2.24.0" + default = "v2.24.1" } variable "k8s_forseti_server_ingress_cidr" { diff --git a/modules/on_gke/versions.tf b/modules/on_gke/versions.tf index cc867589a..cbb72f943 100644 --- a/modules/on_gke/versions.tf +++ b/modules/on_gke/versions.tf @@ -19,5 +19,6 @@ terraform { required_version = ">= 0.12" required_providers { google = "~> 2.12" + helm = "~> 0.10" } } diff --git a/modules/server/variables.tf b/modules/server/variables.tf index c2a168211..9a95a1e6f 100644 --- a/modules/server/variables.tf +++ b/modules/server/variables.tf @@ -23,7 +23,7 @@ variable "project_id" { variable "forseti_version" { description = "The version of Forseti to install" - default = "v2.24.0" + default = "v2.24.1" } variable "forseti_repo_url" { diff --git a/test/fixtures/shared_vpc/variables.tf b/test/fixtures/shared_vpc/variables.tf index 8fc242f40..a5caf27e7 100644 --- a/test/fixtures/shared_vpc/variables.tf +++ b/test/fixtures/shared_vpc/variables.tf @@ -20,7 +20,7 @@ variable "domain" { variable "forseti_version" { description = "The version of Forseti to install" - default = "v2.24.0" + default = "v2.24.1" } variable "gsuite_admin_email" { diff --git a/test/fixtures/simple_example/variables.tf b/test/fixtures/simple_example/variables.tf index 62c6fec70..570c952cb 100644 --- a/test/fixtures/simple_example/variables.tf +++ b/test/fixtures/simple_example/variables.tf @@ -24,7 +24,7 @@ variable "gsuite_admin_email" { variable "forseti_version" { description = "The version of Forseti to install" - default = "v2.24.0" + default = "v2.24.1" } variable "instance_metadata" { diff --git a/test/integration/simple_example/controls/client.rb b/test/integration/simple_example/controls/client.rb index 5322e1382..1ee4460d6 100644 --- a/test/integration/simple_example/controls/client.rb +++ b/test/integration/simple_example/controls/client.rb @@ -15,7 +15,7 @@ require "yaml" forseti_server_vm_ip = attribute("forseti-server-vm-ip") -forseti_version = "2.24.0" +forseti_version = "2.24.1" control "client" do title "Forseti client instance resources" diff --git a/test/integration/simple_example/controls/server.rb b/test/integration/simple_example/controls/server.rb index bff10b182..83eb248ba 100644 --- a/test/integration/simple_example/controls/server.rb +++ b/test/integration/simple_example/controls/server.rb @@ -14,7 +14,7 @@ require "yaml" -forseti_version = "2.24.0" +forseti_version = "2.24.1" control "server" do title "Forseti server instance resources" diff --git a/variables.tf b/variables.tf index 9a8e313ee..9f5b81520 100644 --- a/variables.tf +++ b/variables.tf @@ -28,7 +28,7 @@ variable "gsuite_admin_email" { variable "forseti_version" { description = "The version of Forseti to install" - default = "v2.24.0" + default = "v2.24.1" } variable "forseti_repo_url" { diff --git a/versions.tf b/versions.tf index 8ecec47fe..42425c561 100644 --- a/versions.tf +++ b/versions.tf @@ -19,6 +19,7 @@ terraform { required_version = ">= 0.12" required_providers { google = "~> 2.11" + helm = "~> 0.10" null = "~> 2.0" template = "~> 2.0" random = "~> 2.0"