2.6
This release of HackyStack implements the remaining automation for GitOps and Terraform environment automation for GCP projects, notably fixing the workarounds in the v1.11 release.
Every GitLab Sandbox Cloud GCP project now has a service account and key automatically created and the JSON key is added as a CI variable in the automatically created GitLab project. A new Cloud DNS managed zone is now automatically created for each environment and the NS records are added to the top-level domain managed zone to allow subdomain state of authority (SOA) and propagation of records created for each user's environment without affecting other environments.
This release also implements the new glamstack/google-cloud-sdk which allows a significantly improved developer experience for interacting with the Google Cloud API. There will be a progressive refactoring of legacy API/SDK methods to use this new architecture.
New Features
- #19 Create DNS subdomain and managed zone for each Cloud Account Environment
- #92 Add terraform-ci IAM Service Account provisioning and role mapping for each Cloud Account Environment
Backend Changes and Fixes
- #121 Upgrade Laravel to v9.9 and remove unused Socialite providers
- #123 Add Glamstack packages for next-generation API usage
- #124 Add backwards compatible Glamstack Google Auth SDK to GCP BaseService
- #126 Change GitLab CI Docker image from self-managed image to lorisleiva/laravel-docker
-
#88
Fixed
Fix bugs with Cloud Account Environment implementation -
#105
Fixed
Environments' TF_VAR_gcp_dns_zone_name variable does not adhere to GCP's Managed Zones naming restrictions -
#86
Fixed
GCP Google-provided service accounts removed with HackyStack Group Projects IAM provisioning -
#69
Fixed
Fix GCP multiple user IAM policy that uses single JSON binding
Additional Resources
- Released glamstack/google-auth-sdk v2.5.25 with support for dynamic connection parameters from database values
- Released glamstack/google-auth-sdk v2.5.25 with support for generic REST API calls to Google API and easy-to-use Cloud DNS Managed Zone and Recordset endpoints.
Limitations
- #131 Add Support for enabling Google API's in a project. We support API activation but have a manual work around for enabling the GCP Service Usage API due to a catch 22 with Google's design of their API.