From 6d28d99d64de936850656482a4192bc20985801b Mon Sep 17 00:00:00 2001 From: James Scott Date: Mon, 23 Oct 2023 17:16:04 -0400 Subject: [PATCH] Migrate cert-renewal process to cloud run job Previously, the cert-renewal process was a long standing instance that ran the script once and slept. The problem arises that this sleep eventually breaks and the instance never recovers. This migrates the job to be a cloud run job that runs the script and that is it. The sleep is now handled by a cron schedule. This ensures the instance is always fresh. Fixes #57 Fixes #77 --- .github/workflows/lint.yml | 2 +- .terraform.lock.hcl | 53 +- README.md | 2 +- cert-renewer.Dockerfile | 61 +- infrastructure/docker-image/versions.tf | 2 +- infrastructure/web-platform-tests/compute.tf | 118 ++-- infrastructure/web-platform-tests/main.tf | 25 - .../web-platform-tests/variables.tf | 4 + infrastructure/web-platform-tests/versions.tf | 2 +- terraform.tfstate | 580 +++++++++--------- versions.tf | 2 +- 11 files changed, 398 insertions(+), 453 deletions(-) diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 18202f8..e328b55 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -21,6 +21,6 @@ jobs: - name: Set up Terraform uses: hashicorp/setup-terraform@v1 with: - terraform_version: '1.2.5' + terraform_version: '1.6.2' - name: terraform run: terraform fmt --check diff --git a/.terraform.lock.hcl b/.terraform.lock.hcl index caa2f8a..5359458 100644 --- a/.terraform.lock.hcl +++ b/.terraform.lock.hcl @@ -2,39 +2,40 @@ # Manual edits may be lost in future updates. provider "registry.terraform.io/hashicorp/external" { - version = "2.2.2" + version = "2.3.1" hashes = [ - "h1:e7RpnZ2PbJEEPnfsg7V0FNwbfSk0/Z3FdrLsXINBmDY=", - "zh:0b84ab0af2e28606e9c0c1289343949339221c3ab126616b831ddb5aaef5f5ca", - "zh:10cf5c9b9524ca2e4302bf02368dc6aac29fb50aeaa6f7758cce9aa36ae87a28", - "zh:56a016ee871c8501acb3f2ee3b51592ad7c3871a1757b098838349b17762ba6b", - "zh:719d6ef39c50e4cffc67aa67d74d195adaf42afcf62beab132dafdb500347d39", + "h1:bROCw6g5D/3fFnWeJ01L4IrdnJl1ILU8DGDgXCtYzaY=", + "zh:001e2886dc81fc98cf17cf34c0d53cb2dae1e869464792576e11b0f34ee92f54", + "zh:2eeac58dd75b1abdf91945ac4284c9ccb2bfb17fa9bdb5f5d408148ff553b3ee", + "zh:2fc39079ba61411a737df2908942e6970cb67ed2f4fb19090cd44ce2082903dd", + "zh:472a71c624952cff7aa98a7b967f6c7bb53153dbd2b8f356ceb286e6743bb4e2", + "zh:4cff06d31272aac8bc35e9b7faec42cf4554cbcbae1092eaab6ab7f643c215d9", "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", - "zh:7fbfc4d37435ac2f717b0316f872f558f608596b389b895fcb549f118462d327", - "zh:8ac71408204db606ce63fe8f9aeaf1ddc7751d57d586ec421e62d440c402e955", - "zh:a4cacdb06f114454b6ed0033add28006afa3f65a0ea7a43befe45fc82e6809fb", - "zh:bb5ce3132b52ae32b6cc005bc9f7627b95259b9ffe556de4dad60d47d47f21f0", - "zh:bb60d2976f125ffd232a7ccb4b3f81e7109578b23c9c6179f13a11d125dca82a", - "zh:f9540ecd2e056d6e71b9ea5f5a5cf8f63dd5c25394b9db831083a9d4ea99b372", - "zh:ffd998b55b8a64d4335a090b6956b4bf8855b290f7554dd38db3302de9c41809", + "zh:7ed16ccd2049fa089616b98c0bd57219f407958f318f3c697843e2397ddf70df", + "zh:842696362c92bf2645eb85c739410fd51376be6c488733efae44f4ce688da50e", + "zh:8985129f2eccfd7f1841ce06f3bf2bbede6352ec9e9f926fbaa6b1a05313b326", + "zh:a5f0602d8ec991a5411ef42f872aa90f6347e93886ce67905c53cfea37278e05", + "zh:bf4ab82cbe5256dcef16949973bf6aa1a98c2c73a98d6a44ee7bc40809d002b8", + "zh:e70770be62aa70198fa899526d671643ff99eecf265bf1a50e798fc3480bd417", ] } provider "registry.terraform.io/hashicorp/google" { - version = "4.30.0" + version = "4.84.0" + constraints = ">= 3.53.0, < 5.0.0" hashes = [ - "h1:6g4NhLzNgi8X2JE/ZLdKtS3Vth7jMCRDPNmcBYvoZgo=", - "zh:06baf0926f7654a1e4fda55f6319a88c1ac074c0429f38cba20435d59e3a0e74", - "zh:0c243ca97c0360602af08310534f14575ec373a76c908b67092ddb17db790eda", - "zh:1d77ceebcda0287fd7155e8da0fb5875a43be61b39cee5a7069874914b6deb00", - "zh:3fadc3d63ceb84068307e578434f35aff1c14814641bd96014a13da5c30e4391", - "zh:674882303e37fc88b287d1f4d4a3f39d767b5f3c067bd1ac05655e4548fdac6f", - "zh:70a18212af02fd7e537062bd6efd59c738d805e8a7e4d362ce06982ada4db076", - "zh:7fc9fa630c4f52f5ecaa12bb9f4af5e47b4720f5c453b46614242964a1f48839", - "zh:af87c19cfc56c8017ee2daab5e948550fd812a2a20aff7259c749894fde72952", - "zh:bd36b8892e6d77007e436d373c30fd36aee7afcf13fee19254b2491471f65e73", - "zh:d0b3e6d3bae5a68dda5607b04413027d612fd117f4dd7762f69b5db101524ca1", - "zh:eba24876922d1db24c51c619588299f50e2a661ac6fe4852cf037a44cff81d7b", + "h1:1UxlwVhklQbnsyuCelue0dkQZUHA2cMjgYvl8lWRE8Q=", + "zh:0b3e945fa76876c312bdddca7b18c93b734998febb616b2ebb84a0a299ae97c2", + "zh:1d47d00730fab764bddb6d548fed7e124739b0bcebb9f3b3c6aa247de55fb804", + "zh:29bff92b4375a35a7729248b3bc5db8991ca1b9ba640fc25b13700e12f99c195", + "zh:382353516e7d408a81f1a09a36f9015429be73ca3665367119aad88713209d9a", + "zh:78afa20e25a690d076eeaafd7879993ef9763a8a1b6762e2cbe42330464cc1fa", + "zh:8f6422e94de865669b33a2d9fb95a3e392e841988e890f7379a206e9d47e3415", + "zh:be5c7b52c893b971c860146aec643f7007f34430106f101eab686ed81eccbd26", + "zh:bfc37b641bf3378183eb3b8735554c3949a5cfaa8f76403d7eff38de1474b6d9", + "zh:c834f88dc8eb21af992871ed13a221015ae3b051aeca7386662071026f1546b4", + "zh:f3296c8c0d57dc28e23cf91717484264531655ac478d994584ebc73f70679471", "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c", + "zh:f8efe114ff4891776f48f7d2620b8d6963d3ddac6e42ce25bc761343da964c24", ] } diff --git a/README.md b/README.md index bc98b8f..b790876 100644 --- a/README.md +++ b/README.md @@ -139,7 +139,7 @@ Requirements: - [Python 3](https://python.org) - [Pipenv](https://pipenv.pypa.io/) -- [Terraform](https://www.terraform.io/) version 1.2.5 +- [Terraform](https://www.terraform.io/) version 1.6.2 The following commands will run the lints: diff --git a/cert-renewer.Dockerfile b/cert-renewer.Dockerfile index 1d8d263..4172208 100644 --- a/cert-renewer.Dockerfile +++ b/cert-renewer.Dockerfile @@ -8,32 +8,26 @@ ENV WPT_HOST=wpt.live \ WPT_ALT_HOST=not-wpt.live \ WPT_BUCKET=wpt-live -# Pin the versions for repeatable builds +# Pin the versions of python and google cloud cli for repeatable builds # For ubuntu package versions, go to https://packages.ubuntu.com/ # Search for the package with the "jammy" distribution (aka 22.04) selected. -# For Google Cloud, look under https://packages.cloud.google.com/apt/dists/cloud-sdk/main/binary-amd64/Packages RUN apt-get -qqy update && \ apt-get -qqy install \ - apt-transport-https=2.4.6 \ - ca-certificates=20211016 \ - curl=7.81.0-1ubuntu1.3 \ - gnupg=2.2.27-3ubuntu2.1 \ - python3=3.10.4-0ubuntu2 \ - python3-dev=3.10.4-0ubuntu2 \ - python3-pip=22.0.2+dfsg-1 && \ - # https://cloud.google.com/storage/docs/gsutil_install - echo "deb [signed-by=/usr/share/keyrings/cloud.google.gpg] https://packages.cloud.google.com/apt cloud-sdk main" | \ - tee -a /etc/apt/sources.list.d/google-cloud-sdk.list && \ - curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | \ - tee /usr/share/keyrings/cloud.google.gpg && \ - apt-get -qqy update && \ - apt-get -qqy install \ - google-cloud-cli=396.0.0-0 && \ - rm -rf /var/lib/apt/lists/* && apt-get clean + apt-transport-https \ + ca-certificates \ + curl \ + gnupg \ + python3=3.10.6-1~22.04 \ + python3-dev=3.10.6-1~22.04 \ + python3-pip=22.0.2+dfsg-1 +# For Google Cloud, look under https://packages.cloud.google.com/apt/dists/cloud-sdk/main/binary-amd64/Packages +# https://cloud.google.com/storage/docs/gsutil_install +# Copy the "Docker Tip" instructions from gsutil_install link and then pin the version +RUN echo "deb [signed-by=/usr/share/keyrings/cloud.google.gpg] http://packages.cloud.google.com/apt cloud-sdk main" | tee -a /etc/apt/sources.list.d/google-cloud-sdk.list && curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key --keyring /usr/share/keyrings/cloud.google.gpg add - && apt-get update -y && apt-get install google-cloud-cli=451.0.1-0 -y # Instructions for certbot installation # https://certbot.eff.org/instructions?ws=other&os=pip -RUN pip install certbot==1.29.0 certbot-dns-google==1.29.0 +RUN pip install acme==1.29.0 certbot==1.29.0 certbot-dns-google==1.29.0 COPY src/cert-store.sh /usr/local/bin/ @@ -47,19 +41,16 @@ COPY src/cert-store.sh /usr/local/bin/ # https://eff-certbot.readthedocs.io/en/stable/using.html?highlight=wildcard#dns-plugins CMD bash -c '\ - cert-store.sh fetch ${WPT_BUCKET} ${WPT_HOST}; \ - while true; do \ - certbot certonly \ - -d ${WPT_HOST} \ - -d *.${WPT_HOST} \ - -d ${WPT_ALT_HOST} \ - -d *.${WPT_ALT_HOST} \ - --dns-google \ - --dns-google-propagation-seconds 120 \ - --agree-tos \ - --non-interactive \ - --email infrastructure@bocoup.com \ - --server https://acme-v02.api.letsencrypt.org/directory \ - --deploy-hook "cert-store.sh save ${WPT_BUCKET} ${WPT_HOST}"; \ - sleep $((60 * 60 * 24)); \ - done' + cert-store.sh fetch ${WPT_BUCKET} ${WPT_HOST} && \ + certbot certonly \ + -d ${WPT_HOST} \ + -d *.${WPT_HOST} \ + -d ${WPT_ALT_HOST} \ + -d *.${WPT_ALT_HOST} \ + --dns-google \ + --dns-google-propagation-seconds 120 \ + --agree-tos \ + --non-interactive \ + --email infrastructure@bocoup.com \ + --server https://acme-v02.api.letsencrypt.org/directory \ + --deploy-hook "cert-store.sh save ${WPT_BUCKET} ${WPT_HOST}"' diff --git a/infrastructure/docker-image/versions.tf b/infrastructure/docker-image/versions.tf index 149322a..12c8187 100644 --- a/infrastructure/docker-image/versions.tf +++ b/infrastructure/docker-image/versions.tf @@ -1,6 +1,6 @@ terraform { - required_version = "~> 1.2.5" + required_version = "~> 1.6.2" required_providers { external = { source = "hashicorp/external" diff --git a/infrastructure/web-platform-tests/compute.tf b/infrastructure/web-platform-tests/compute.tf index 2cf7463..7e19c08 100644 --- a/infrastructure/web-platform-tests/compute.tf +++ b/infrastructure/web-platform-tests/compute.tf @@ -154,96 +154,54 @@ resource "google_compute_instance_template" "wpt_server" { ######################################## # Cert Renewers -# These configurations come from: github.com/dcaba/terraform-google-managed-instance-group -# More information about how it was used previously: https://github.com/web-platform-tests/wpt.live/blob/67dc5976ccce2e64483f2028a35659d4d6e58891/infrastructure/web-platform-tests/main.tf#L139-L178 ######################################## -resource "google_compute_instance_template" "cert_renewers" { - name_prefix = "default-" - - machine_type = "f1-micro" - - region = var.region - - tags = ["allow-ssh", "${var.name}-allow"] - - labels = { - "${module.cert-renewer-container.vm_container_label_key}" = module.cert-renewer-container.vm_container_label - } - - network_interface { - network = var.network_name - subnetwork = var.subnetwork_name - network_ip = "" - access_config { - network_tier = "PREMIUM" +resource "google_cloud_run_v2_job" "cert_renewers" { + name = "${var.name}-cert-renewers" + location = var.region + launch_stage = "BETA" + + template { + template { + containers { + image = var.cert_renewer_image + env { + name = "WPT_HOST" + value = var.host_name + } + env { + name = "WPT_ALT_HOST" + value = var.alt_host_name + } + env { + name = "WPT_BUCKET" + value = local.bucket_name + } + } } } - - can_ip_forward = false - - disk { - auto_delete = true - boot = true - source_image = module.cert-renewer-container.source_image - type = "PERSISTENT" - disk_type = "pd-ssd" - mode = "READ_WRITE" - } - - service_account { - email = "default" - scopes = ["cloud-platform"] - } - - # startup-script and tf_depends_id comes from the module previously used for cert renewer. (see link at top) - # TODO: evaluate if those two should be removed. - metadata = { - "${module.cert-renewer-container.metadata_key}" = module.cert-renewer-container.metadata_value - "startup-script" = "" - "tf_depends_id" = "" - "google-logging-enabled" = "true" - } - - scheduling { - preemptible = false - automatic_restart = true - on_host_maintenance = "MIGRATE" - } - - lifecycle { - create_before_destroy = true - } } -resource "google_compute_instance_group_manager" "cert_renewers" { - name = "${var.name}-cert-renewers" - description = "compute VM Instance Group" - wait_for_instances = false - - base_instance_name = "${var.name}-cert-renewers" - - version { - instance_template = google_compute_instance_template.cert_renewers.self_link - } +data "google_project" "project" { +} - zone = var.zone +resource "google_cloud_scheduler_job" "cert_renewer_schedule" { + provider = google + name = "${var.name}-cert-renewer-schedule" + description = "cert renewal schedule job" + schedule = "0 0 * * *" + attempt_deadline = "320s" + region = "us-central1" - update_policy { - type = local.update_policy.type - minimal_action = local.update_policy.minimal_action - max_unavailable_fixed = local.update_policy.max_unavailable_fixed + retry_config { + retry_count = 3 } - target_pools = [] - - target_size = 1 - - dynamic "named_port" { - for_each = var.cert_renewer_ports - content { - name = named_port.value["name"] - port = named_port.value["port"] + http_target { + http_method = "POST" + uri = "https://${google_cloud_run_v2_job.cert_renewers.location}-run.googleapis.com/apis/run.googleapis.com/v1/namespaces/${data.google_project.project.number}/jobs/${google_cloud_run_v2_job.cert_renewers.name}:run" + oauth_token { + service_account_email = var.service_account_email } } } diff --git a/infrastructure/web-platform-tests/main.tf b/infrastructure/web-platform-tests/main.tf index 35bd766..bc9cf55 100644 --- a/infrastructure/web-platform-tests/main.tf +++ b/infrastructure/web-platform-tests/main.tf @@ -36,31 +36,6 @@ module "wpt-server-container" { restart_policy = "Always" } -module "cert-renewer-container" { - source = "terraform-google-modules/container-vm/google" - version = "3.0.0" - - container = { - image = var.cert_renewer_image - env = [ - { - name = "WPT_HOST" - value = var.host_name - }, - { - name = "WPT_ALT_HOST" - value = var.alt_host_name - }, - { - name = "WPT_BUCKET" - value = local.bucket_name - }, - ] - } - - restart_policy = "Always" -} - resource "google_storage_bucket" "certificates" { name = local.bucket_name location = "US" diff --git a/infrastructure/web-platform-tests/variables.tf b/infrastructure/web-platform-tests/variables.tf index 6c481b3..12b76e8 100644 --- a/infrastructure/web-platform-tests/variables.tf +++ b/infrastructure/web-platform-tests/variables.tf @@ -89,6 +89,10 @@ variable "wpt_server_ports" { ] } +variable "service_account_email" { + type = string + default = "393246102209-compute@developer.gserviceaccount.com" +} variable "cert_renewer_ports" { type = list(object({ diff --git a/infrastructure/web-platform-tests/versions.tf b/infrastructure/web-platform-tests/versions.tf index aeb6576..ed59b82 100644 --- a/infrastructure/web-platform-tests/versions.tf +++ b/infrastructure/web-platform-tests/versions.tf @@ -1,6 +1,6 @@ terraform { - required_version = "~> 1.2.5" + required_version = "~> 1.6.2" required_providers { google = { source = "hashicorp/google" diff --git a/terraform.tfstate b/terraform.tfstate index 8a99044..0aadebc 100644 --- a/terraform.tfstate +++ b/terraform.tfstate @@ -1,7 +1,7 @@ { "version": 4, - "terraform_version": "1.2.5", - "serial": 42, + "terraform_version": "1.6.2", + "serial": 81, "lineage": "3e752c40-46ae-cf3a-9a1d-073d2251df8c", "outputs": { "wpt-live-address": { @@ -28,6 +28,7 @@ "internal_ipv6_range": "", "mtu": 0, "name": "wpt-live-network", + "network_firewall_policy_enforcement_order": "AFTER_CLASSIC_FIREWALL", "project": "wpt-live", "routing_mode": "REGIONAL", "self_link": "https://www.googleapis.com/compute/v1/projects/wpt-live/global/networks/wpt-live-network", @@ -58,6 +59,7 @@ "fingerprint": "_4CEx9NGrfE=", "gateway_address": "10.127.0.1", "id": "us-central1/wpt-live-subnetwork", + "internal_ipv6_prefix": "", "ip_cidr_range": "10.127.0.0/20", "ipv6_access_type": "", "ipv6_cidr_range": "", @@ -109,8 +111,8 @@ ], "query": null, "result": { - "identifier": "sha256:cf3bd94c854d9eb43cec6af9d38e68f4882d8bd7ad064f71d52f04d1995b1ff3", - "time_created": "1659629001935" + "identifier": "sha256:680844d4fa079c007dc531412574f68ae63214223c5578f1f7da548785068e41", + "time_created": "1698094561108" }, "working_dir": null }, @@ -131,6 +133,7 @@ "description": "", "dns_name": "not-wpt.live.", "id": "projects/wpt-live/managedZones/not-wpt-live", + "managed_zone_id": 7543056422836685136, "name": "not-wpt-live", "name_servers": [ "ns-cloud-a1.googledomains.com.", @@ -158,6 +161,7 @@ "description": "", "dns_name": "wpt.live.", "id": "projects/wpt-live/managedZones/wpt-live", + "managed_zone_id": 475339612882606645, "name": "wpt-live", "name_servers": [ "ns-cloud-b1.googledomains.com.", @@ -172,6 +176,208 @@ } ] }, + { + "module": "module.wpt-live", + "mode": "data", + "type": "google_project", + "name": "project", + "provider": "provider[\"registry.terraform.io/hashicorp/google\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "auto_create_network": null, + "billing_account": null, + "folder_id": "", + "id": "projects/wpt-live", + "labels": {}, + "name": "wpt-live", + "number": "393246102209", + "org_id": "164504376708", + "project_id": "wpt-live", + "skip_delete": null + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.wpt-live", + "mode": "managed", + "type": "google_cloud_run_v2_job", + "name": "cert_renewers", + "provider": "provider[\"registry.terraform.io/hashicorp/google\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "annotations": {}, + "binary_authorization": [], + "client": "", + "client_version": "", + "conditions": [], + "create_time": "2023-10-23T20:15:40.911182Z", + "creator": "", + "delete_time": "", + "etag": "\"CIvE26kGEIiM_tMB/cHJvamVjdHMvd3B0LWxpdmUvbG9jYXRpb25zL3VzLWNlbnRyYWwxL2pvYnMvd3B0LXRvdC1jZXJ0LXJlbmV3ZXJz\"", + "execution_count": 7, + "expire_time": "", + "generation": "6", + "id": "projects/wpt-live/locations/us-central1/jobs/wpt-tot-cert-renewers", + "labels": {}, + "last_modifier": "", + "latest_created_execution": [ + { + "completion_time": "2023-10-23T21:10:33.485467Z", + "create_time": "2023-10-23T21:07:36.891788Z", + "name": "wpt-tot-cert-renewers-4vpk4" + } + ], + "launch_stage": "GA", + "location": "us-central1", + "name": "wpt-tot-cert-renewers", + "observed_generation": "6", + "project": "wpt-live", + "reconciling": false, + "template": [ + { + "annotations": {}, + "labels": {}, + "parallelism": 0, + "task_count": 1, + "template": [ + { + "containers": [ + { + "args": [], + "command": [], + "env": [ + { + "name": "WPT_HOST", + "value": "wpt.live", + "value_source": [] + }, + { + "name": "WPT_ALT_HOST", + "value": "not-wpt.live", + "value_source": [] + }, + { + "name": "WPT_BUCKET", + "value": "wpt-tot-certificates", + "value_source": [] + } + ], + "image": "gcr.io/wpt-live/wpt-live-cert-renewer@sha256:680844d4fa079c007dc531412574f68ae63214223c5578f1f7da548785068e41", + "liveness_probe": [], + "name": "", + "ports": [], + "resources": [ + { + "limits": { + "cpu": "1000m", + "memory": "512Mi" + } + } + ], + "startup_probe": [], + "volume_mounts": [], + "working_dir": "" + } + ], + "encryption_key": "", + "execution_environment": "EXECUTION_ENVIRONMENT_GEN2", + "max_retries": 3, + "service_account": "393246102209-compute@developer.gserviceaccount.com", + "timeout": "600s", + "volumes": [], + "vpc_access": [] + } + ] + } + ], + "terminal_condition": [ + { + "execution_reason": "", + "last_transition_time": "2023-10-23T20:16:53.165829Z", + "message": "", + "reason": "", + "revision_reason": "", + "severity": "", + "state": "CONDITION_SUCCEEDED", + "type": "Ready" + } + ], + "timeouts": null, + "uid": "ec42709d-31ce-439a-a99d-04acbb35c565", + "update_time": "2023-10-23T21:13:47.444565Z" + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjEyMDAwMDAwMDAwMDAsInVwZGF0ZSI6MTIwMDAwMDAwMDAwMH19", + "dependencies": [ + "module.cert-renewer-image.data.external.image" + ] + } + ] + }, + { + "module": "module.wpt-live", + "mode": "managed", + "type": "google_cloud_scheduler_job", + "name": "cert_renewer_schedule", + "provider": "provider[\"registry.terraform.io/hashicorp/google\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "app_engine_http_target": [], + "attempt_deadline": "320s", + "description": "cert renewal schedule job", + "http_target": [ + { + "body": "", + "headers": {}, + "http_method": "POST", + "oauth_token": [ + { + "scope": "https://www.googleapis.com/auth/cloud-platform", + "service_account_email": "393246102209-compute@developer.gserviceaccount.com" + } + ], + "oidc_token": [], + "uri": "https://us-central1-run.googleapis.com/apis/run.googleapis.com/v1/namespaces/393246102209/jobs/wpt-tot-cert-renewers:run" + } + ], + "id": "projects/wpt-live/locations/us-central1/jobs/wpt-tot-cert-renewer-schedule", + "name": "wpt-tot-cert-renewer-schedule", + "paused": false, + "project": "wpt-live", + "pubsub_target": [], + "region": "us-central1", + "retry_config": [ + { + "max_backoff_duration": "3600s", + "max_doublings": 5, + "max_retry_duration": "0s", + "min_backoff_duration": "5s", + "retry_count": 3 + } + ], + "schedule": "0 0 * * *", + "state": "ENABLED", + "time_zone": "Etc/UTC", + "timeouts": null + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjEyMDAwMDAwMDAwMDAsInVwZGF0ZSI6MTIwMDAwMDAwMDAwMH19", + "dependencies": [ + "module.cert-renewer-image.data.external.image", + "module.wpt-live.data.google_project.project", + "module.wpt-live.google_cloud_run_v2_job.cert_renewers" + ] + } + ] + }, { "module": "module.wpt-live", "mode": "managed", @@ -187,6 +393,8 @@ "creation_timestamp": "2019-10-30T15:49:38.932-07:00", "description": "", "id": "wpt-live/us-central1/wpt-tot-address", + "ip_version": "", + "ipv6_endpoint_type": "", "name": "wpt-tot-address", "network": "", "network_tier": "PREMIUM", @@ -400,12 +608,15 @@ "attributes": { "all_ports": false, "allow_global_access": false, + "allow_psc_global_access": false, "backend_service": "", + "base_forwarding_rule": "", "creation_timestamp": "2019-10-30T15:49:46.570-07:00", "description": "", "id": "wpt-tot-load-balancing-0", "ip_address": "35.223.122.27", "ip_protocol": "TCP", + "ip_version": "", "is_mirroring_collector": false, "label_fingerprint": "42WmSpB8rSM=", "labels": {}, @@ -413,6 +624,7 @@ "name": "wpt-tot-load-balancing-0", "network": "", "network_tier": "PREMIUM", + "no_automate_dns_zone": null, "port_range": "80-80", "ports": [], "project": "wpt-live", @@ -423,6 +635,7 @@ "service_directory_registrations": [], "service_label": "", "service_name": "", + "source_ip_ranges": [], "subnetwork": "", "target": "https://www.googleapis.com/compute/v1/projects/wpt-live/regions/us-central1/targetPools/wpt-tot-load-balancing", "timeouts": { @@ -445,12 +658,15 @@ "attributes": { "all_ports": false, "allow_global_access": false, + "allow_psc_global_access": false, "backend_service": "", + "base_forwarding_rule": "", "creation_timestamp": "2019-10-30T15:49:50.318-07:00", "description": "", "id": "wpt-tot-load-balancing-1", "ip_address": "35.223.122.27", "ip_protocol": "TCP", + "ip_version": "", "is_mirroring_collector": false, "label_fingerprint": "42WmSpB8rSM=", "labels": {}, @@ -458,6 +674,7 @@ "name": "wpt-tot-load-balancing-1", "network": "", "network_tier": "PREMIUM", + "no_automate_dns_zone": null, "port_range": "8000-8000", "ports": [], "project": "wpt-live", @@ -468,6 +685,7 @@ "service_directory_registrations": [], "service_label": "", "service_name": "", + "source_ip_ranges": [], "subnetwork": "", "target": "https://www.googleapis.com/compute/v1/projects/wpt-live/regions/us-central1/targetPools/wpt-tot-load-balancing", "timeouts": { @@ -490,12 +708,15 @@ "attributes": { "all_ports": false, "allow_global_access": false, + "allow_psc_global_access": false, "backend_service": "", + "base_forwarding_rule": "", "creation_timestamp": "2019-10-30T15:49:48.236-07:00", "description": "", "id": "wpt-tot-load-balancing-2", "ip_address": "35.223.122.27", "ip_protocol": "TCP", + "ip_version": "", "is_mirroring_collector": false, "label_fingerprint": "42WmSpB8rSM=", "labels": {}, @@ -503,6 +724,7 @@ "name": "wpt-tot-load-balancing-2", "network": "", "network_tier": "PREMIUM", + "no_automate_dns_zone": null, "port_range": "443-443", "ports": [], "project": "wpt-live", @@ -513,6 +735,7 @@ "service_directory_registrations": [], "service_label": "", "service_name": "", + "source_ip_ranges": [], "subnetwork": "", "target": "https://www.googleapis.com/compute/v1/projects/wpt-live/regions/us-central1/targetPools/wpt-tot-load-balancing", "timeouts": { @@ -535,12 +758,15 @@ "attributes": { "all_ports": false, "allow_global_access": false, + "allow_psc_global_access": false, "backend_service": "", + "base_forwarding_rule": "", "creation_timestamp": "2019-10-30T15:49:47.101-07:00", "description": "", "id": "wpt-tot-load-balancing-3", "ip_address": "35.223.122.27", "ip_protocol": "TCP", + "ip_version": "", "is_mirroring_collector": false, "label_fingerprint": "42WmSpB8rSM=", "labels": {}, @@ -548,6 +774,7 @@ "name": "wpt-tot-load-balancing-3", "network": "", "network_tier": "PREMIUM", + "no_automate_dns_zone": null, "port_range": "8001-8001", "ports": [], "project": "wpt-live", @@ -558,6 +785,7 @@ "service_directory_registrations": [], "service_label": "", "service_name": "", + "source_ip_ranges": [], "subnetwork": "", "target": "https://www.googleapis.com/compute/v1/projects/wpt-live/regions/us-central1/targetPools/wpt-tot-load-balancing", "timeouts": { @@ -580,12 +808,15 @@ "attributes": { "all_ports": false, "allow_global_access": false, + "allow_psc_global_access": false, "backend_service": "", + "base_forwarding_rule": "", "creation_timestamp": "2019-10-30T15:49:49.208-07:00", "description": "", "id": "wpt-tot-load-balancing-4", "ip_address": "35.223.122.27", "ip_protocol": "TCP", + "ip_version": "", "is_mirroring_collector": false, "label_fingerprint": "42WmSpB8rSM=", "labels": {}, @@ -593,6 +824,7 @@ "name": "wpt-tot-load-balancing-4", "network": "", "network_tier": "PREMIUM", + "no_automate_dns_zone": null, "port_range": "8002-8002", "ports": [], "project": "wpt-live", @@ -603,6 +835,7 @@ "service_directory_registrations": [], "service_label": "", "service_name": "", + "source_ip_ranges": [], "subnetwork": "", "target": "https://www.googleapis.com/compute/v1/projects/wpt-live/regions/us-central1/targetPools/wpt-tot-load-balancing", "timeouts": { @@ -625,12 +858,15 @@ "attributes": { "all_ports": false, "allow_global_access": false, + "allow_psc_global_access": false, "backend_service": "", + "base_forwarding_rule": "", "creation_timestamp": "2019-10-30T15:49:47.752-07:00", "description": "", "id": "wpt-tot-load-balancing-5", "ip_address": "35.223.122.27", "ip_protocol": "TCP", + "ip_version": "", "is_mirroring_collector": false, "label_fingerprint": "42WmSpB8rSM=", "labels": {}, @@ -638,6 +874,7 @@ "name": "wpt-tot-load-balancing-5", "network": "", "network_tier": "PREMIUM", + "no_automate_dns_zone": null, "port_range": "8003-8003", "ports": [], "project": "wpt-live", @@ -648,6 +885,7 @@ "service_directory_registrations": [], "service_label": "", "service_name": "", + "source_ip_ranges": [], "subnetwork": "", "target": "https://www.googleapis.com/compute/v1/projects/wpt-live/regions/us-central1/targetPools/wpt-tot-load-balancing", "timeouts": { @@ -670,12 +908,15 @@ "attributes": { "all_ports": false, "allow_global_access": false, + "allow_psc_global_access": false, "backend_service": "", + "base_forwarding_rule": "", "creation_timestamp": "2020-08-11T07:10:08.564-07:00", "description": "", "id": "wpt-tot-load-balancing-6", "ip_address": "35.223.122.27", "ip_protocol": "TCP", + "ip_version": "", "is_mirroring_collector": false, "label_fingerprint": "42WmSpB8rSM=", "labels": {}, @@ -683,6 +924,7 @@ "name": "wpt-tot-load-balancing-6", "network": "", "network_tier": "PREMIUM", + "no_automate_dns_zone": null, "port_range": "8443-8443", "ports": [], "project": "wpt-live", @@ -693,6 +935,7 @@ "service_directory_registrations": [], "service_label": "", "service_name": "", + "source_ip_ranges": [], "subnetwork": "", "target": "https://www.googleapis.com/compute/v1/projects/wpt-live/regions/us-central1/targetPools/wpt-tot-load-balancing", "timeouts": { @@ -798,95 +1041,6 @@ } ] }, - { - "module": "module.wpt-live", - "mode": "managed", - "type": "google_compute_instance_group_manager", - "name": "cert_renewers", - "provider": "provider[\"registry.terraform.io/hashicorp/google\"]", - "instances": [ - { - "schema_version": 0, - "attributes": { - "auto_healing_policies": [], - "base_instance_name": "wpt-tot-cert-renewers", - "description": "compute VM Instance Group", - "fingerprint": "Cv7c4xciZn4=", - "id": "wpt-live/us-central1-b/wpt-tot-cert-renewers", - "instance_group": "https://www.googleapis.com/compute/v1/projects/wpt-live/zones/us-central1-b/instanceGroups/wpt-tot-cert-renewers", - "name": "wpt-tot-cert-renewers", - "named_port": [ - { - "name": "http", - "port": 8004 - } - ], - "operation": null, - "project": "wpt-live", - "self_link": "https://www.googleapis.com/compute/v1/projects/wpt-live/zones/us-central1-b/instanceGroupManagers/wpt-tot-cert-renewers", - "stateful_disk": [], - "status": [ - { - "is_stable": false, - "stateful": [ - { - "has_stateful_config": false, - "per_instance_configs": [ - { - "all_effective": true - } - ] - } - ], - "version_target": [ - { - "is_reached": false - } - ] - } - ], - "target_pools": [], - "target_size": 1, - "timeouts": { - "create": null, - "delete": null, - "update": null - }, - "update_policy": [ - { - "max_surge_fixed": 1, - "max_surge_percent": 0, - "max_unavailable_fixed": 1, - "max_unavailable_percent": 0, - "minimal_action": "RESTART", - "most_disruptive_allowed_action": "", - "replacement_method": "SUBSTITUTE", - "type": "PROACTIVE" - } - ], - "version": [ - { - "instance_template": "https://www.googleapis.com/compute/v1/projects/wpt-live/global/instanceTemplates/default-20220906194131963800000002", - "name": "", - "target_size": [] - } - ], - "wait_for_instances": false, - "wait_for_instances_status": "STABLE", - "zone": "us-central1-b" - }, - "sensitive_attributes": [], - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo5MDAwMDAwMDAwMDAsImRlbGV0ZSI6OTAwMDAwMDAwMDAwLCJ1cGRhdGUiOjkwMDAwMDAwMDAwMH19", - "dependencies": [ - "google_compute_network.default", - "google_compute_subnetwork.default", - "module.cert-renewer-image.data.external.image", - "module.wpt-live.google_compute_instance_template.cert_renewers", - "module.wpt-live.module.cert-renewer-container.data.google_compute_image.coreos" - ] - } - ] - }, { "module": "module.wpt-live", "mode": "managed", @@ -905,9 +1059,15 @@ ], "base_instance_name": "wpt-tot-wpt-servers", "description": "compute VM Instance Group", - "fingerprint": "1wRfSfZ0h6Y=", + "fingerprint": "Sgm9qbR4nZc=", "id": "wpt-live/us-central1-b/wpt-tot-wpt-servers", "instance_group": "https://www.googleapis.com/compute/v1/projects/wpt-live/zones/us-central1-b/instanceGroups/wpt-tot-wpt-servers", + "instance_lifecycle_policy": [ + { + "force_update_on_repair": "NO" + } + ], + "list_managed_instances_results": "PAGELESS", "name": "wpt-tot-wpt-servers", "named_port": [ { @@ -945,7 +1105,7 @@ "stateful_disk": [], "status": [ { - "is_stable": false, + "is_stable": true, "stateful": [ { "has_stateful_config": false, @@ -958,7 +1118,7 @@ ], "version_target": [ { - "is_reached": false + "is_reached": true } ] } @@ -967,11 +1127,7 @@ "https://www.googleapis.com/compute/v1/projects/wpt-live/regions/us-central1/targetPools/wpt-tot-load-balancing" ], "target_size": 2, - "timeouts": { - "create": null, - "delete": null, - "update": null - }, + "timeouts": null, "update_policy": [ { "max_surge_fixed": 0, @@ -986,7 +1142,7 @@ ], "version": [ { - "instance_template": "https://www.googleapis.com/compute/v1/projects/wpt-live/global/instanceTemplates/default-20220906194131960800000001", + "instance_template": "https://www.googleapis.com/compute/v1/projects/wpt-live/global/instanceTemplates/default-20231023201308212900000001", "name": "wpt-tot-wpt-servers-default", "target_size": [] } @@ -1001,6 +1157,7 @@ "google_compute_network.default", "google_compute_subnetwork.default", "module.wpt-live.google_compute_health_check.wpt_health_check", + "module.wpt-live.google_compute_http_health_check.default", "module.wpt-live.google_compute_instance_template.wpt_server", "module.wpt-live.google_compute_target_pool.default", "module.wpt-live.module.wpt-server-container.data.google_compute_image.coreos", @@ -1009,121 +1166,6 @@ } ] }, - { - "module": "module.wpt-live", - "mode": "managed", - "type": "google_compute_instance_template", - "name": "cert_renewers", - "provider": "provider[\"registry.terraform.io/hashicorp/google\"]", - "instances": [ - { - "schema_version": 1, - "attributes": { - "advanced_machine_features": [], - "can_ip_forward": false, - "confidential_instance_config": null, - "description": "", - "disk": [ - { - "auto_delete": true, - "boot": true, - "device_name": "persistent-disk-0", - "disk_encryption_key": [], - "disk_name": "", - "disk_size_gb": 0, - "disk_type": "pd-ssd", - "interface": "SCSI", - "labels": null, - "mode": "READ_WRITE", - "resource_policies": null, - "source": "", - "source_image": "projects/cos-cloud/global/images/cos-stable-97-16919-103-33", - "type": "PERSISTENT" - } - ], - "guest_accelerator": [], - "id": "projects/wpt-live/global/instanceTemplates/default-20220906194131963800000002", - "instance_description": "", - "labels": { - "container-vm": "cos-stable-97-16919-103-33" - }, - "machine_type": "f1-micro", - "metadata": { - "gce-container-declaration": "\"spec\":\n \"containers\":\n - \"env\":\n - \"name\": \"WPT_HOST\"\n \"value\": \"wpt.live\"\n - \"name\": \"WPT_ALT_HOST\"\n \"value\": \"not-wpt.live\"\n - \"name\": \"WPT_BUCKET\"\n \"value\": \"wpt-tot-certificates\"\n \"image\": \"gcr.io/wpt-live/wpt-live-cert-renewer@sha256:cf3bd94c854d9eb43cec6af9d38e68f4882d8bd7ad064f71d52f04d1995b1ff3\"\n \"restartPolicy\": \"Always\"\n \"volumes\": []\n", - "google-logging-enabled": "true", - "startup-script": "", - "tf_depends_id": "" - }, - "metadata_fingerprint": "f0mMYijrpbo=", - "metadata_startup_script": null, - "min_cpu_platform": "", - "name": "default-20220906194131963800000002", - "name_prefix": "default-", - "network_interface": [ - { - "access_config": [ - { - "nat_ip": "", - "network_tier": "PREMIUM", - "public_ptr_domain_name": "" - } - ], - "alias_ip_range": [], - "ipv6_access_config": [], - "ipv6_access_type": "", - "name": "nic0", - "network": "https://www.googleapis.com/compute/v1/projects/wpt-live/global/networks/wpt-live-network", - "network_ip": "", - "nic_type": "", - "queue_count": 0, - "stack_type": "", - "subnetwork": "https://www.googleapis.com/compute/v1/projects/wpt-live/regions/us-central1/subnetworks/wpt-live-subnetwork", - "subnetwork_project": "wpt-live" - } - ], - "project": "wpt-live", - "region": "us-central1", - "reservation_affinity": [], - "scheduling": [ - { - "automatic_restart": true, - "instance_termination_action": "", - "min_node_cpus": 0, - "node_affinities": [], - "on_host_maintenance": "MIGRATE", - "preemptible": false, - "provisioning_model": "STANDARD" - } - ], - "self_link": "https://www.googleapis.com/compute/v1/projects/wpt-live/global/instanceTemplates/default-20220906194131963800000002", - "service_account": [ - { - "email": "default", - "scopes": [ - "https://www.googleapis.com/auth/cloud-platform" - ] - } - ], - "shielded_instance_config": [], - "tags": [ - "allow-ssh", - "wpt-tot-allow" - ], - "tags_fingerprint": "", - "timeouts": null - }, - "sensitive_attributes": [], - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoyNDAwMDAwMDAwMDAsImRlbGV0ZSI6MjQwMDAwMDAwMDAwfSwic2NoZW1hX3ZlcnNpb24iOiIxIn0=", - "dependencies": [ - "google_compute_network.default", - "google_compute_subnetwork.default", - "module.cert-renewer-image.data.external.image", - "module.wpt-live.module.cert-renewer-container.data.google_compute_image.coreos" - ], - "create_before_destroy": true - } - ] - }, { "module": "module.wpt-live", "mode": "managed", @@ -1136,7 +1178,7 @@ "attributes": { "advanced_machine_features": [], "can_ip_forward": false, - "confidential_instance_config": null, + "confidential_instance_config": [], "description": "", "disk": [ { @@ -1148,19 +1190,23 @@ "disk_size_gb": 0, "disk_type": "pd-ssd", "interface": "SCSI", - "labels": null, + "labels": {}, "mode": "READ_WRITE", - "resource_policies": null, + "provisioned_iops": 0, + "resource_policies": [], "source": "", - "source_image": "projects/cos-cloud/global/images/cos-stable-97-16919-103-33", + "source_image": "projects/cos-cloud/global/images/cos-stable-109-17800-0-51", + "source_image_encryption_key": [], + "source_snapshot": "", + "source_snapshot_encryption_key": [], "type": "PERSISTENT" } ], "guest_accelerator": [], - "id": "projects/wpt-live/global/instanceTemplates/default-20220906194131960800000001", + "id": "projects/wpt-live/global/instanceTemplates/default-20231023201308212900000001", "instance_description": "", "labels": { - "container-vm": "cos-stable-97-16919-103-33" + "container-vm": "cos-stable-109-17800-0-51" }, "machine_type": "e2-medium", "metadata": { @@ -1172,7 +1218,7 @@ "metadata_fingerprint": "0NBhS1bTNQE=", "metadata_startup_script": null, "min_cpu_platform": "", - "name": "default-20220906194131960800000001", + "name": "default-20231023201308212900000001", "name_prefix": "default-", "network_interface": [ { @@ -1184,8 +1230,10 @@ } ], "alias_ip_range": [], + "internal_ipv6_prefix_length": 0, "ipv6_access_config": [], "ipv6_access_type": "", + "ipv6_address": "", "name": "nic0", "network": "https://www.googleapis.com/compute/v1/projects/wpt-live/global/networks/wpt-live-network", "network_ip": "", @@ -1196,13 +1244,16 @@ "subnetwork_project": "wpt-live" } ], + "network_performance_config": [], "project": "wpt-live", "region": "us-central1", "reservation_affinity": [], + "resource_policies": null, "scheduling": [ { "automatic_restart": true, "instance_termination_action": "", + "local_ssd_recovery_timeout": [], "min_node_cpus": 0, "node_affinities": [], "on_host_maintenance": "MIGRATE", @@ -1210,7 +1261,8 @@ "provisioning_model": "STANDARD" } ], - "self_link": "https://www.googleapis.com/compute/v1/projects/wpt-live/global/instanceTemplates/default-20220906194131960800000001", + "self_link": "https://www.googleapis.com/compute/v1/projects/wpt-live/global/instanceTemplates/default-20231023201308212900000001", + "self_link_unique": "https://www.googleapis.com/compute/v1/projects/wpt-live/global/instanceTemplates/default-20231023201308212900000001?uniqueId=7398941491111619897", "service_account": [ { "email": "default", @@ -1258,8 +1310,8 @@ ], "id": "wpt-tot-load-balancing", "instances": [ - "us-central1-b/wpt-tot-wpt-servers-cnc0", - "us-central1-b/wpt-tot-wpt-servers-h0d9" + "us-central1-b/wpt-tot-wpt-servers-vgbp", + "us-central1-b/wpt-tot-wpt-servers-x370" ], "name": "wpt-tot-load-balancing", "project": "wpt-live", @@ -1459,7 +1511,9 @@ { "schema_version": 0, "attributes": { + "autoclass": [], "cors": [], + "custom_placement_config": [], "default_event_based_hold": false, "encryption": [], "force_destroy": false, @@ -1470,6 +1524,7 @@ "logging": [], "name": "wpt-tot-certificates", "project": "wpt-live", + "public_access_prevention": "inherited", "requester_pays": false, "retention_policy": [], "self_link": "https://www.googleapis.com/storage/v1/b/wpt-tot-certificates", @@ -1488,48 +1543,6 @@ } ] }, - { - "module": "module.wpt-live.module.cert-renewer-container", - "mode": "data", - "type": "google_compute_image", - "name": "coreos", - "provider": "provider[\"registry.terraform.io/hashicorp/google\"]", - "instances": [ - { - "schema_version": 0, - "attributes": { - "archive_size_bytes": 1325516352, - "creation_timestamp": "2022-08-29T12:14:45.103-07:00", - "description": "Google, Container-Optimized OS, 97-16919.103.33 stable, Kernel: COS-5.10.133 Kubernetes: 1.23.3 Docker: 20.10.12 Family: cos-stable, supports Shielded VM features", - "disk_size_gb": 10, - "family": "cos-stable", - "filter": null, - "id": "projects/cos-cloud/global/images/cos-stable-97-16919-103-33", - "image_encryption_key_sha256": "", - "image_id": "5835453359655530187", - "label_fingerprint": "-NgU7SCTPwo=", - "labels": { - "build_number": "16919-103-33", - "milestone": "97" - }, - "licenses": [ - "https://www.googleapis.com/compute/v1/projects/cos-cloud/global/licenses/cos-pcid", - "https://www.googleapis.com/compute/v1/projects/cos-cloud/global/licenses/cos", - "https://www.googleapis.com/compute/v1/projects/cos-cloud-shielded/global/licenses/shielded-cos" - ], - "name": "cos-stable-97-16919-103-33", - "project": "cos-cloud", - "self_link": "https://www.googleapis.com/compute/v1/projects/cos-cloud/global/images/cos-stable-97-16919-103-33", - "source_disk": "", - "source_disk_encryption_key_sha256": "", - "source_disk_id": "", - "source_image_id": "", - "status": "READY" - }, - "sensitive_attributes": [] - } - ] - }, { "module": "module.wpt-live.module.wpt-server-container", "mode": "data", @@ -1540,28 +1553,30 @@ { "schema_version": 0, "attributes": { - "archive_size_bytes": 1325516352, - "creation_timestamp": "2022-08-29T12:14:45.103-07:00", - "description": "Google, Container-Optimized OS, 97-16919.103.33 stable, Kernel: COS-5.10.133 Kubernetes: 1.23.3 Docker: 20.10.12 Family: cos-stable, supports Shielded VM features", + "archive_size_bytes": 1782645888, + "creation_timestamp": "2023-10-11T14:04:26.110-07:00", + "description": "Google, Container-Optimized OS, 109-17800.0.51 stable, Kernel: COS-6.1.42 Kubernetes: 1.27.3 Docker: 24.0.5 Family: cos-stable", "disk_size_gb": 10, "family": "cos-stable", "filter": null, - "id": "projects/cos-cloud/global/images/cos-stable-97-16919-103-33", + "id": "projects/cos-cloud/global/images/cos-stable-109-17800-0-51", "image_encryption_key_sha256": "", - "image_id": "5835453359655530187", - "label_fingerprint": "-NgU7SCTPwo=", + "image_id": "244476392107586358", + "label_fingerprint": "YbPIZzC8zKo=", "labels": { - "build_number": "16919-103-33", - "milestone": "97" + "build_number": "17800-0-51", + "milestone": "109", + "public-image": "true" }, "licenses": [ + "https://www.googleapis.com/compute/v1/projects/cos-cloud-shielded/global/licenses/shielded-cos", "https://www.googleapis.com/compute/v1/projects/cos-cloud/global/licenses/cos-pcid", - "https://www.googleapis.com/compute/v1/projects/cos-cloud/global/licenses/cos", - "https://www.googleapis.com/compute/v1/projects/cos-cloud-shielded/global/licenses/shielded-cos" + "https://www.googleapis.com/compute/v1/projects/cos-cloud/global/licenses/cos" ], - "name": "cos-stable-97-16919-103-33", + "most_recent": false, + "name": "cos-stable-109-17800-0-51", "project": "cos-cloud", - "self_link": "https://www.googleapis.com/compute/v1/projects/cos-cloud/global/images/cos-stable-97-16919-103-33", + "self_link": "https://www.googleapis.com/compute/v1/projects/cos-cloud/global/images/cos-stable-109-17800-0-51", "source_disk": "", "source_disk_encryption_key_sha256": "", "source_disk_id": "", @@ -1602,5 +1617,6 @@ } ] } - ] + ], + "check_results": null } diff --git a/versions.tf b/versions.tf index aeb6576..ed59b82 100644 --- a/versions.tf +++ b/versions.tf @@ -1,6 +1,6 @@ terraform { - required_version = "~> 1.2.5" + required_version = "~> 1.6.2" required_providers { google = { source = "hashicorp/google"