feat: add support for GitHub and gitlab in helper (#1442)

Co-authored-by: Duda Martins <109083465+mariammartins@users.noreply.github.com>

Author: daniel-cit

0-bootstrap/README-GitHub.md

@@ -148,20 +148,9 @@ You must be [authenticated to GitHub](https://docs.github.com/en/authentication/
    cd ./envs/shared
    ```
 
-1. In the versions file `./versions.tf` un-comment the `github` required provider
-1. In the variables file `./variables.tf` un-comment variables in the section `Specific to github_bootstrap`
-1. In the outputs file `./outputs.tf` Comment-out outputs in the section `Specific to cloudbuild_module`
-1. In the outputs file `./outputs.tf` un-comment outputs in the section `Specific to github_bootstrap`
-1. Rename file `./cb.tf` to `./cb.tf.example`
-
-   ```bash
-   mv ./cb.tf ./cb.tf.example
-   ```
-
-1. Rename file `./github.tf.example` to `./github.tf`
-
+1. Run the helper script `choose_build_type.sh` to enable Bootstrap GitHub version
    ```bash
-   mv ./github.tf.example ./github.tf
+   ./scripts/choose_build_type.sh github
    ```
 
 1. Rename file `terraform.example.tfvars` to `terraform.tfvars`

0-bootstrap/README-GitLab.md

@@ -8,6 +8,8 @@ It is a best practice to have two separate projects here (`prj-b-seed` and `prj-
 On one hand, `prj-b-seed` stores terraform state and has the Service Accounts able to create / modify infrastructure.
 On the other hand, the authentication infrastructure using [Workload identity federation](https://cloud.google.com/iam/docs/workload-identity-federation) is implemented in `prj-b-cicd-wif-gl`.
 
+## Requirements
+
 To run the instructions described in this document, install the following:
 
 - [Google Cloud SDK](https://cloud.google.com/sdk/install) version 393.0.0 or later
@@ -216,20 +218,9 @@ Run the `0-bootstrap/scripts/git_create_branches_helper.sh` script to create the
    cd ./envs/shared
    ```
 
-1. In the versions file `./versions.tf` un-comment the `gitlab` required provider
-1. In the variables file `./variables.tf` un-comment variables in the section `Specific to gitlab_bootstrap`
-1. In the outputs file `./outputs.tf` Comment-out outputs in the section `Specific to cloudbuild_module`
-1. In the outputs file `./outputs.tf` un-comment outputs in the section `Specific to gitlab_bootstrap`
-1. Rename file `./cb.tf` to `./cb.tf.example`
-
-   ```bash
-   mv ./cb.tf ./cb.tf.example
-   ```
-
-1. Rename file `./gitlab.tf.example` to `./gitlab.tf`
-
+1. Run the helper script `choose_build_type.sh` to enable Bootstrap GitLab version
    ```bash
-   mv ./gitlab.tf.example ./gitlab.tf
+   ./scripts/choose_build_type.sh gitlab
    ```
 
 1. Rename file `terraform.example.tfvars` to `terraform.tfvars`

0-bootstrap/README-Jenkins.md

@@ -139,22 +139,11 @@ You arrived to these instructions because you are using the `jenkins_bootstrap`
    cd ./envs/shared
    ```
 
-1. Activate the Jenkins module and disable the Cloud Build module. This implies manually editing the following files:
-   1. Rename file `./cb.tf` to `./cb.tf.example`
-
-   ```bash
-   mv ./cb.tf ./cb.tf.example
-   ```
-
-   1. Rename file `./jenkins.tf.example` to `./jenkins.tf`
-
+1. Run the helper script `choose_build_type.sh` to enable Bootstrap Jenkins version
    ```bash
-   mv ./jenkins.tf.example ./jenkins.tf
+   ./scripts/choose_build_type.sh jenkins
    ```
 
-   1. Un-comment the `jenkins_bootstrap` variables in `./variables.tf`
-   1. Un-comment the `jenkins_bootstrap` outputs in `./outputs.tf`
-   1. Comment-out the `cloudbuild_bootstrap` outputs in `./outputs.tf`
 1. Rename `terraform.example.tfvars` to `terraform.tfvars` and update the file with values from your environment.
 
    ```bash

0-bootstrap/README-Terraform-Cloud.md

@@ -136,21 +136,9 @@ You must be authenticated to the VCS provider. See [GitHub authentication](https
    cd ./envs/shared
    ```
 
-1. In the versions file `./versions.tf` un-comment the `tfe` required provider
-1. In the variables file `./variables.tf` un-comment variables in the section `Specific to tfc_bootstrap`
-1. In the outputs file `./outputs.tf` Comment-out outputs in the section `Specific to cloudbuild_module`
-1. In the outputs file `./outputs.tf` un-comment outputs in the section `Specific to tfc_bootstrap`
-    1. If you want to use [Terraform Cloud with Agents](https://developer.hashicorp.com/terraform/cloud-docs/agents), in addition to `Specific to tfc_bootstrap`, un-comment outputs in the section `Specific to tfc_bootstrap with Terraform Cloud Agents` and update `enable_tfc_cloud_agents` to `true` variable at `terraform.tfvars`
-1. Rename file `./cb.tf` to `./cb.tf.example`
-
-   ```bash
-   mv ./cb.tf ./cb.tf.example
-   ```
-
-1. Rename file `.terraform_cloud.tf.example` to `./terraform_cloud.tf`
-
+1. Run the helper script `choose_build_type.sh` to enable Bootstrap Terraform Cloud version
    ```bash
-   mv ./terraform_cloud.tf.example ./terraform_cloud.tf
+   ./scripts/choose_build_type.sh terraform_cloud
    ```
 
 1. Rename file `terraform.example.tfvars` to `terraform.tfvars`

0-bootstrap/cb.tf 0-bootstrap/build_cb.tf0-bootstrap/cb.tf renamed to 0-bootstrap/build_cb.tf

@@ -68,7 +68,7 @@ resource "random_string" "suffix" {
 
 module "gcp_projects_state_bucket" {
   source  = "terraform-google-modules/cloud-storage/google//modules/simple_bucket"
-  version = "~> 9.0"
+  version = "~> 12.0"
 
   name          = "${var.bucket_prefix}-${module.seed_bootstrap.seed_project_id}-gcp-projects-tfstate"
   project_id    = module.seed_bootstrap.seed_project_id
@@ -186,7 +186,7 @@ module "tf_cloud_builder" {
 
 module "bootstrap_csr_repo" {
   source  = "terraform-google-modules/gcloud/google"
-  version = "~> 3.1"
+  version = "~> 4.0"
   upgrade = false
 
   create_cmd_entrypoint = "${path.module}/scripts/push-to-repo.sh"
@@ -204,7 +204,7 @@ resource "time_sleep" "cloud_builder" {
 
 module "build_terraform_image" {
   source  = "terraform-google-modules/gcloud/google"
-  version = "~> 3.1"
+  version = "~> 4.0"
   upgrade = false
 
   create_cmd_triggers = {

0-bootstrap/github.tf.example 0-bootstrap/build_github.tf.example0-bootstrap/github.tf.example renamed to 0-bootstrap/build_github.tf.example

@@ -120,7 +120,7 @@ resource "google_service_account_iam_member" "self_impersonate" {
 
 module "gcp_projects_state_bucket" {
   source  = "terraform-google-modules/cloud-storage/google//modules/simple_bucket"
-  version = "~> 9.0"
+  version = "~> 12.0"
 
   name          = "${var.bucket_prefix}-${module.seed_bootstrap.seed_project_id}-gcp-projects-tfstate"
   project_id    = module.seed_bootstrap.seed_project_id
@@ -133,4 +133,3 @@ module "gcp_projects_state_bucket" {
 
   depends_on = [module.seed_bootstrap.gcs_bucket_tfstate]
 }
-

0-bootstrap/gitlab.tf.example 0-bootstrap/build_gitlab.tf.example0-bootstrap/gitlab.tf.example renamed to 0-bootstrap/build_gitlab.tf.example

@@ -108,11 +108,11 @@ module "gitlab_cicd" {
 module "gitlab_oidc" {
   source = "./modules/gitlab-oidc"
 
-  project_id  = module.gitlab_cicd.project_id
-  pool_id     = "foundation-pool"
-  provider_id = "foundation-gl-provider"
-  sa_mapping  = local.sa_mapping
-  attribute_condition = "assertion.user_login=='${var.gl_repos.owner}'"
+  project_id          = module.gitlab_cicd.project_id
+  pool_id             = "foundation-pool"
+  provider_id         = "foundation-gl-provider"
+  sa_mapping          = local.sa_mapping
+  attribute_condition = "assertion.project_path.startsWith('${var.gl_repos.owner}/')"
 }
 
 resource "gitlab_project_variable" "variables" {
@@ -178,7 +178,7 @@ resource "google_service_account_iam_member" "self_impersonate" {
 
 module "gcp_projects_state_bucket" {
   source  = "terraform-google-modules/cloud-storage/google//modules/simple_bucket"
-  version = "~> 9.0"
+  version = "~> 12.0"
 
   name          = "${var.bucket_prefix}-${module.seed_bootstrap.seed_project_id}-gcp-projects-tfstate"
   project_id    = module.seed_bootstrap.seed_project_id
@@ -191,4 +191,3 @@ module "gcp_projects_state_bucket" {
 
   depends_on = [module.seed_bootstrap.gcs_bucket_tfstate]
 }
-

0-bootstrap/jenkins.tf.example 0-bootstrap/build_jenkins.tf.example0-bootstrap/jenkins.tf.example renamed to 0-bootstrap/build_jenkins.tf.example

@@ -304,7 +304,7 @@ module "tfc_agent_gke" {
   service_account_email  = google_service_account.terraform-env-sa["bootstrap"].email
   service_account_id     = google_service_account.terraform-env-sa["bootstrap"].id
 
-  //If you are using Terraform Cloud Agents, un-comment this block after the first apply according README instructions
+  //If you are using Terraform Cloud Agents, un-comment this block after the first apply according to README instructions
   # providers = {
   #   kubernetes = kubernetes
   # }

0-bootstrap/terraform_cloud.tf.example …otstrap/build_terraform_cloud.tf.example0-bootstrap/terraform_cloud.tf.example renamed to 0-bootstrap/build_terraform_cloud.tf.example 0-bootstrap/terraform_cloud.tf.example renamed to 0-bootstrap/build_terraform_cloud.tf.example

@@ -34,7 +34,7 @@ data "google_organization" "org" {
 
 module "required_group" {
   source   = "terraform-google-modules/group/google"
-  version  = "~> 0.7"
+  version  = "~> 0.8"
   for_each = local.required_groups_to_create
 
   id                   = each.value
@@ -46,7 +46,7 @@ module "required_group" {
 
 module "optional_group" {
   source   = "terraform-google-modules/group/google"
-  version  = "~> 0.7"
+  version  = "~> 0.8"
   for_each = local.optional_groups_to_create
 
   id                   = each.value