Changes for Forseti module release 5.1.3 (#524)

* Update forseti version to 2.24.2. * Update changelog * Update changelog
forseti-security · Feb 25, 2020 · 0970825 · 0970825
1 parent 8e1efcb
commit 0970825
Show file tree

Hide file tree

Showing 18 changed files with 34 additions and 26 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -6,6 +6,12 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 Extending the adopted spec, each change should have a link to its corresponding pull request appended.
 
+## [5.1.3] - 2020-02-25
+
+### Added
+
+- Support for Forseti v2.24.2 [#524]
+
 ## [5.1.2] - 2020-02-07
 
 ### Added
@@ -16,7 +22,7 @@ Extending the adopted spec, each change should have a link to its corresponding
 
 ### Added
 
-- Support for Forseti v2.24.1 [#386]
+- Support for Forseti v2.24.0 [#386]
 - Parameterized Kubernetes version [#385]
 - GCS bucket location to tutorials and examples [#382]
 - Improved existing resource import in v5.0.0 [#354]
@@ -324,7 +330,9 @@ Version 4.0.0 is a backwards-incompatible release. Please see the [upgrade instr
 [v5.1.0]: https://github.com/terraform-google-modules/terraform-google-forseti/compare/v5.0.0...v5.1.0
 [v5.1.1]: https://github.com/terraform-google-modules/terraform-google-forseti/compare/v5.1.0...v5.1.1
 [v5.1.2]: https://github.com/terraform-google-modules/terraform-google-forseti/compare/v5.1.1...v5.1.2
+[v5.1.3]: https://github.com/terraform-google-modules/terraform-google-forseti/compare/v5.1.2...v5.1.3
 
+[#524]: https://github.com/forseti-security/terraform-google-forseti/pull/524
 [#499]: https://github.com/forseti-security/terraform-google-forseti/pull/499
 [#386]: https://github.com/forseti-security/terraform-google-forseti/pull/386
 [#385]: https://github.com/forseti-security/terraform-google-forseti/pull/385

diff --git a/README.md b/README.md
@@ -7,7 +7,7 @@ A Google Cloud Shell Walkthrough has been setup to make it easy for users who ar
 
 If you are familiar with Terraform and would like to run Terraform from a different machine, you can skip this walkthrough and move onto the [How to Deploy](#how-to-deploy) section.
 
-[![Open in Google Cloud Shell](https://gstatic.com/cloudssh/images/open-btn.svg)](https://console.cloud.google.com/cloudshell/open?cloudshell_git_repo=https%3A%2F%2Fgithub.com%2Fforseti-security%2Fterraform-google-forseti.git&cloudshell_git_branch=modulerelease511&cloudshell_working_dir=examples/install_simple&cloudshell_image=gcr.io%2Fgraphite-cloud-shell-images%2Fterraform%3Alatest&cloudshell_tutorial=.%2Ftutorial.md)
+[![Open in Google Cloud Shell](https://gstatic.com/cloudssh/images/open-btn.svg)](https://console.cloud.google.com/cloudshell/open?cloudshell_git_repo=https%3A%2F%2Fgithub.com%2Fforseti-security%2Fterraform-google-forseti.git&cloudshell_git_branch=modulerelease513&cloudshell_working_dir=examples/install_simple&cloudshell_image=gcr.io%2Fgraphite-cloud-shell-images%2Fterraform%3Alatest&cloudshell_tutorial=.%2Ftutorial.md)
 
 ## How to Deploy
 In order to run this module you will need to be authenticated as a user that has access to the project and can create/authorize service accounts at both the organization and project levels. To login to GCP from a shell:
@@ -20,7 +20,7 @@ gcloud auth login
 The repository has several helper scripts that can be used with the deployment process.
 
 ```bash
-git clone --branch modulerelease511 --depth 1 https://github.com/forseti-security/terraform-google-forseti.git
+git clone --branch modulerelease513 --depth 1 https://github.com/forseti-security/terraform-google-forseti.git
 ```
 
 ### Install Terraform
@@ -238,7 +238,7 @@ For this module to work, you need the following APIs enabled on the Forseti proj
 | forseti\_home | Forseti installation directory | string | `"$USER_HOME/forseti-security"` | no |
 | forseti\_repo\_url | Git repo for the Forseti installation | string | `"https://github.com/forseti-security/forseti-security"` | no |
 | forseti\_run\_frequency | Schedule of running the Forseti scans | string | `"null"` | no |
-| forseti\_version | The version of Forseti to install | string | `"v2.24.1"` | no |
+| forseti\_version | The version of Forseti to install | string | `"v2.24.2"` | no |
 | forwarding\_rule\_enabled | Forwarding rule scanner enabled. | bool | `"false"` | no |
 | forwarding\_rule\_violations\_should\_notify | Notify for forwarding rule violations | bool | `"true"` | no |
 | group\_enabled | Group scanner enabled. | bool | `"true"` | no |

diff --git a/examples/install_simple/README.md b/examples/install_simple/README.md
@@ -2,7 +2,7 @@
 
 This configuration is used to simply install Forseti. It includes a full Cloud Shell [tutorial](./tutorial.md).
 
-[![Open in Cloud Shell](https://gstatic.com/cloudssh/images/open-btn.svg)](https://console.cloud.google.com/cloudshell/open?cloudshell_git_repo=https%3A%2F%2Fgithub.com%2Fforseti-security%2Fterraform-google-forseti.git&cloudshell_git_branch=modulerelease511&cloudshell_working_dir=examples/install_simple&cloudshell_image=gcr.io%2Fgraphite-cloud-shell-images%2Fterraform%3Alatest&cloudshell_tutorial=.%2Ftutorial.md)
+[![Open in Cloud Shell](https://gstatic.com/cloudssh/images/open-btn.svg)](https://console.cloud.google.com/cloudshell/open?cloudshell_git_repo=https%3A%2F%2Fgithub.com%2Fforseti-security%2Fterraform-google-forseti.git&cloudshell_git_branch=modulerelease513&cloudshell_working_dir=examples/install_simple&cloudshell_image=gcr.io%2Fgraphite-cloud-shell-images%2Fterraform%3Alatest&cloudshell_tutorial=.%2Ftutorial.md)
 
 <!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
 ## Inputs

diff --git a/examples/on_gke_end_to_end/README.md b/examples/on_gke_end_to_end/README.md
@@ -76,8 +76,8 @@ This script will also activate necessary APIs required for Terraform to deploy F
 | gsuite\_admin\_email | G-Suite administrator email address to manage your Forseti installation | string | n/a | yes |
 | helm\_repository\_url | The Helm repository containing the 'forseti-security' Helm charts | string | `"https://forseti-security-charts.storage.googleapis.com/release/"` | no |
 | k8s\_forseti\_namespace | The Kubernetes namespace in which to deploy Forseti. | string | `"forseti"` | no |
-| k8s\_forseti\_orchestrator\_image\_tag | The tag for the container image for the Forseti orchestrator | string | `"v2.24.1"` | no |
-| k8s\_forseti\_server\_image\_tag | The tag for the container image for the Forseti server | string | `"v2.24.1"` | no |
+| k8s\_forseti\_orchestrator\_image\_tag | The tag for the container image for the Forseti orchestrator | string | `"v2.24.2"` | no |
+| k8s\_forseti\_server\_image\_tag | The tag for the container image for the Forseti server | string | `"v2.24.2"` | no |
 | k8s\_tiller\_sa\_name | The Kubernetes Service Account used by Tiller | string | `"tiller"` | no |
 | kubernetes\_version | The Kubernetes version of the masters. If set to 'latest' it will pull latest available version in the selected region. | string | `"1.13.12-gke.8"` | no |
 | network | The name of the VPC being created | string | `"forseti-gke-network"` | no |

diff --git a/examples/on_gke_end_to_end/variables.tf b/examples/on_gke_end_to_end/variables.tf
@@ -126,12 +126,12 @@ variable "k8s_tiller_sa_name" {
 
 variable "k8s_forseti_orchestrator_image_tag" {
   description = "The tag for the container image for the Forseti orchestrator"
-  default     = "v2.24.1"
+  default     = "v2.24.2"
 }
 
 variable "k8s_forseti_server_image_tag" {
   description = "The tag for the container image for the Forseti server"
-  default     = "v2.24.1"
+  default     = "v2.24.2"
 }
 
 variable "kubernetes_version" {

diff --git a/examples/shared_vpc/README.md b/examples/shared_vpc/README.md
@@ -8,7 +8,7 @@ This example illustrates how to set up a Forseti installation with shared VPC.
 | Name | Description | Type | Default | Required |
 |------|-------------|:----:|:-----:|:-----:|
 | domain | Organization domain | string | n/a | yes |
-| forseti\_version | The version of Forseti to install | string | `"v2.24.1"` | no |
+| forseti\_version | The version of Forseti to install | string | `"v2.24.2"` | no |
 | gsuite\_admin\_email | G Suite admin email | string | n/a | yes |
 | instance\_metadata | Metadata key/value pairs to make available from within the client and server instances. | map(string) | `<map>` | no |
 | network | Name of the shared VPC | string | n/a | yes |

diff --git a/examples/shared_vpc/variables.tf b/examples/shared_vpc/variables.tf
@@ -16,7 +16,7 @@
 
 variable "forseti_version" {
   description = "The version of Forseti to install"
-  default     = "v2.24.1"
+  default     = "v2.24.2"
 }
 
 variable "network_project" {

diff --git a/examples/simple_example/README.md b/examples/simple_example/README.md
@@ -10,7 +10,7 @@ This example illustrates how to set up a minimal Forseti installation.
 | domain | The domain associated with the GCP Organization ID | string | n/a | yes |
 | forseti\_email\_recipient | Forseti email recipient. | string | `""` | no |
 | forseti\_email\_sender | Forseti email sender. | string | `""` | no |
-| forseti\_version | The version of Forseti to install | string | `"v2.24.1"` | no |
+| forseti\_version | The version of Forseti to install | string | `"v2.24.2"` | no |
 | gsuite\_admin\_email | The email of a GSuite super admin, used for pulling user directory information *and* sending notifications. | string | n/a | yes |
 | instance\_metadata | Metadata key/value pairs to make available from within the client and server instances. | map(string) | `<map>` | no |
 | instance\_tags | Tags to assign the client and server instances. | list(string) | `<list>` | no |

diff --git a/examples/simple_example/variables.tf b/examples/simple_example/variables.tf
@@ -16,7 +16,7 @@
 
 variable "forseti_version" {
   description = "The version of Forseti to install"
-  default     = "v2.24.1"
+  default     = "v2.24.2"
 }
 
 variable "gsuite_admin_email" {

diff --git a/modules/client/variables.tf b/modules/client/variables.tf
@@ -23,7 +23,7 @@ variable "project_id" {
 
 variable "forseti_version" {
   description = "The version of Forseti to install"
-  default     = "v2.24.1"
+  default     = "v2.24.2"
 }
 
 variable "forseti_repo_url" {

diff --git a/modules/on_gke/README.md b/modules/on_gke/README.md
@@ -79,7 +79,7 @@ This sub-module deploys Forseti on GKE.  In short, this deploys a server contain
 | forseti\_home | Forseti installation directory | string | `"$USER_HOME/forseti-security"` | no |
 | forseti\_repo\_url | Git repo for the Forseti installation | string | `"https://github.com/forseti-security/forseti-security"` | no |
 | forseti\_run\_frequency | Schedule of running the Forseti scans | string | `"null"` | no |
-| forseti\_version | The version of Forseti to install | string | `"v2.24.1"` | no |
+| forseti\_version | The version of Forseti to install | string | `"v2.24.2"` | no |
 | forwarding\_rule\_enabled | Forwarding rule scanner enabled. | bool | `"false"` | no |
 | forwarding\_rule\_violations\_should\_notify | Notify for forwarding rule violations | bool | `"true"` | no |
 | git\_sync\_image | The container image used by the config-validator git-sync side-car | string | `"gcr.io/google-containers/git-sync"` | no |
@@ -113,9 +113,9 @@ This sub-module deploys Forseti on GKE.  In short, this deploys a server contain
 | k8s\_config\_validator\_image\_tag | The tag for the config-validator image. | string | `"572e207"` | no |
 | k8s\_forseti\_namespace | The Kubernetes namespace in which to deploy Forseti. | string | `"forseti"` | no |
 | k8s\_forseti\_orchestrator\_image | The container image for the Forseti orchestrator | string | `"gcr.io/forseti-containers/forseti"` | no |
-| k8s\_forseti\_orchestrator\_image\_tag | The tag for the container image for the Forseti orchestrator | string | `"v2.24.1"` | no |
+| k8s\_forseti\_orchestrator\_image\_tag | The tag for the container image for the Forseti orchestrator | string | `"v2.24.2"` | no |
 | k8s\_forseti\_server\_image | The container image for the Forseti server | string | `"gcr.io/forseti-containers/forseti"` | no |
-| k8s\_forseti\_server\_image\_tag | The tag for the container image for the Forseti server | string | `"v2.24.1"` | no |
+| k8s\_forseti\_server\_image\_tag | The tag for the container image for the Forseti server | string | `"v2.24.2"` | no |
 | k8s\_forseti\_server\_ingress\_cidr | If network_policy is true, k8s_forseti_server_ingress_cidr will restrict connections to the Forseti Server service from the CIDR's specified | string | `""` | no |
 | k8s\_tiller\_sa\_name | The Kubernetes Service Account used by Tiller | string | `"tiller"` | no |
 | ke\_scanner\_enabled | KE scanner enabled. | bool | `"false"` | no |

diff --git a/modules/on_gke/variables.tf b/modules/on_gke/variables.tf
@@ -80,7 +80,7 @@ variable "gsuite_admin_email" {
 
 variable "forseti_version" {
   description = "The version of Forseti to install"
-  default     = "v2.24.1"
+  default     = "v2.24.2"
 }
 
 variable "forseti_repo_url" {
@@ -890,7 +890,7 @@ variable "k8s_forseti_orchestrator_image" {
 
 variable "k8s_forseti_orchestrator_image_tag" {
   description = "The tag for the container image for the Forseti orchestrator"
-  default     = "v2.24.1"
+  default     = "v2.24.2"
 }
 
 variable "k8s_forseti_server_image" {
@@ -900,7 +900,7 @@ variable "k8s_forseti_server_image" {
 
 variable "k8s_forseti_server_image_tag" {
   description = "The tag for the container image for the Forseti server"
-  default     = "v2.24.1"
+  default     = "v2.24.2"
 }
 
 variable "k8s_forseti_server_ingress_cidr" {

diff --git a/modules/server/variables.tf b/modules/server/variables.tf
@@ -23,7 +23,7 @@ variable "project_id" {
 
 variable "forseti_version" {
   description = "The version of Forseti to install"
-  default     = "v2.24.1"
+  default     = "v2.24.2"
 }
 
 variable "forseti_repo_url" {

diff --git a/test/fixtures/shared_vpc/variables.tf b/test/fixtures/shared_vpc/variables.tf
@@ -20,7 +20,7 @@ variable "domain" {
 
 variable "forseti_version" {
   description = "The version of Forseti to install"
-  default     = "v2.24.1"
+  default     = "v2.24.2"
 }
 
 variable "gsuite_admin_email" {

diff --git a/test/fixtures/simple_example/variables.tf b/test/fixtures/simple_example/variables.tf
@@ -24,7 +24,7 @@ variable "gsuite_admin_email" {
 
 variable "forseti_version" {
   description = "The version of Forseti to install"
-  default     = "v2.24.1"
+  default     = "v2.24.2"
 }
 
 variable "instance_metadata" {

diff --git a/test/integration/simple_example/controls/client.rb b/test/integration/simple_example/controls/client.rb
@@ -15,7 +15,7 @@
 require "yaml"
 
 forseti_server_vm_ip = attribute("forseti-server-vm-ip")
-forseti_version = "2.24.1"
+forseti_version = "2.24.2"
 
 control "client" do
   title "Forseti client instance resources"

diff --git a/test/integration/simple_example/controls/server.rb b/test/integration/simple_example/controls/server.rb
@@ -14,7 +14,7 @@
 
 require "yaml"
 
-forseti_version = "2.24.1"
+forseti_version = "2.24.2"
 
 control "server" do
   title "Forseti server instance resources"

diff --git a/variables.tf b/variables.tf
@@ -28,7 +28,7 @@ variable "gsuite_admin_email" {
 
 variable "forseti_version" {
   description = "The version of Forseti to install"
-  default     = "v2.24.1"
+  default     = "v2.24.2"
 }
 
 variable "forseti_repo_url" {