| resource "google_service_account" "gsa" { | |
| account_id = local.gsa_name | |
| display_name = "${var.name} K8s Service Account" | |
| project = var.project_id | |
| } | |
| resource "google_project_iam_member" "gsa-roles" { | |
| count = length(var.gsa_roles) | |
| project = var.project_id | |
| role = var.gsa_roles[count.index] |
| #!/usr/bin/env bash | |
| # | |
| # Simple script to list resources that are using a specified Security Group. | |
| # | |
| # Accepts only one command line argument, which is the ID of the SecurityGroup | |
| # to check for. | |
| # | |
| # Currently supports these resources: | |
| # | |
| # * EC2 Instances |
To reference the resources created by this stack in other stacks you need to define a data resource pointing to the S3 bucket and key defined in `remote-state.tf.
Your data definition should look something like this:
data "terraform_remote_state" "vpc" {
backend = "s3"
config {
| # extended LDIF | |
| # | |
| # LDAPv3 | |
| # base <cn=users,dc=ad,dc=example,dc=com> with scope subtree | |
| # filter: (cn=example12) | |
| # requesting: ALL | |
| # | |
| # example12, Users, ad.example.com | |
| dn: CN=example12,CN=Users,DC=ad,DC=example,DC=com |
| keycloak_1 | 20:45:52,571 WARN [org.keycloak.services.resources.admin.UsersResource] (default task-17) Could not create user: org.keycloak.models.ModelException: Could not modify attribute for DN [cn=example12,CN=Users,DC=ad,DC=example,DC=com] | |
| keycloak_1 | at org.keycloak.storage.ldap.idm.store.ldap.LDAPOperationManager.modifyAttributes(LDAPOperationManager.java:569) | |
| keycloak_1 | at org.keycloak.storage.ldap.idm.store.ldap.LDAPOperationManager.modifyAttributes(LDAPOperationManager.java:110) | |
| keycloak_1 | at org.keycloak.storage.ldap.idm.store.ldap.LDAPIdentityStore.update(LDAPIdentityStore.java:112) | |
| keycloak_1 | at org.keycloak.storage.ldap.mappers.LDAPTransaction.commitImpl(LDAPTransaction.java:48) | |
| keycloak_1 | at org.keycloak.models.AbstractKeycloakTransaction.commit(AbstractKeycloakTransaction.java:48) | |
| keycloak_1 | at org.keycloak.services.DefaultKeycloakTransactionManager.commit(DefaultKeycloakTransactionManager.java:146) | |
| keycloak_1 | at org.keycloak.services.resources.admin.UsersResource.c |
| #!/usr/bin/env bash | |
| set -eEo pipefail | |
| baseDir="$PWD/" | |
| modules="$(find . -maxdepth 1 -type d \! -name .git -a \! -name .)" | |
| for module in $modules; do | |
| echo "Checking $module" |
| stages: | |
| - test | |
| test: | |
| stage: test | |
| # hashicorp/terraform does not operate how the CI server wants. | |
| # Switched to alternate container to work better within GitLab CI. | |
| image: marcelocorreia/terraform | |
| script: | |
| - ./validate |
| -- This service checks all the servers in the named backend (see the | |
| -- backend_name var). If _any_ of them are up, it returns 200 OK. If | |
| -- they are all down it returns a 500 FAILED. | |
| -- | |
| -- This is intended to be used as a HTTP health check from an upstream | |
| -- load balancer, without this check the most intelligent health check | |
| -- that could be performed is a simple TCP check on the HAProxy frontend. | |
| -- This would not fail in the event that HAProxy cannot see *any* of its | |
| -- downstream servers |
| -- -- `core` is a static class provided by haproxy containing all | |
| -- -- the haproxy methods we can use. | |
| -- -- `register_init` registers a function to be executed after | |
| -- -- configuration parsing. | |
| -- core.register_init(function () | |
| -- core.log(core.info, "script loaded: case-200-ok") | |
| -- end) | |
| -- `register_service` registers a lua function to be executed |
| -- `core` is a static class provided by haproxy containing all | |
| -- the haproxy methods we can use. | |
| -- `register_init` registers a function to be executed after | |
| -- configuration parsing. | |
| core.register_init(function () | |
| core.log(core.info, "script loaded: case-200-ok") | |
| end) | |
| -- `register_service` registers a lua function to be executed |