fix(deps)!: Update Terraform module dependencies (#1384)

Author: daniel-cit

0-bootstrap/README.md

@@ -533,6 +533,7 @@ The following steps will guide you through deploying without using Cloud Build.
 | parent\_folder | Optional - for an organization with existing projects or for development/validation. It will place all the example foundation resources under the provided folder instead of the root organization. The value is the numeric folder ID. The folder must already exist. | `string` | `""` | no |
 | project\_deletion\_policy | The deletion policy for the project created. | `string` | `"PREVENT"` | no |
 | project\_prefix | Name prefix to use for projects created. Should be the same in all steps. Max size is 3 characters. | `string` | `"prj"` | no |
+| workflow\_deletion\_protection | Whether Terraform will be prevented from destroying a workflow. When the field is set to true or unset in Terraform state, a `terraform apply` or `terraform destroy` that would delete the workflow will fail. When the field is set to false, deleting the workflow is allowed. | `bool` | `true` | no |
 
 ## Outputs
 

0-bootstrap/cb.tf

@@ -68,7 +68,7 @@ resource "random_string" "suffix" {
 
 module "gcp_projects_state_bucket" {
   source  = "terraform-google-modules/cloud-storage/google//modules/simple_bucket"
-  version = "~> 8.0"
+  version = "~> 9.0"
 
   name          = "${var.bucket_prefix}-${module.seed_bootstrap.seed_project_id}-gcp-projects-tfstate"
   project_id    = module.seed_bootstrap.seed_project_id
@@ -84,7 +84,7 @@ module "gcp_projects_state_bucket" {
 
 module "tf_source" {
   source  = "terraform-google-modules/bootstrap/google//modules/tf_cloudbuild_source"
-  version = "~> 9.0"
+  version = "~> 11.0"
 
   org_id                = var.org_id
   folder_id             = google_folder.bootstrap.id
@@ -164,7 +164,7 @@ module "tf_private_pool" {
 
 module "tf_cloud_builder" {
   source  = "terraform-google-modules/bootstrap/google//modules/tf_cloudbuild_builder"
-  version = "~> 9.0"
+  version = "~> 11.0"
 
   project_id                   = module.tf_source.cloudbuild_project_id
   dockerfile_repo_uri          = module.tf_source.csr_repos[local.cloudbuilder_repo].url
@@ -177,6 +177,7 @@ module "tf_cloud_builder" {
   enable_worker_pool           = true
   worker_pool_id               = module.tf_private_pool.private_worker_pool_id
   bucket_name                  = "${var.bucket_prefix}-${module.tf_source.cloudbuild_project_id}-tf-cloudbuilder-build-logs"
+  workflow_deletion_protection = var.workflow_deletion_protection
 }
 
 module "bootstrap_csr_repo" {
@@ -215,7 +216,7 @@ module "build_terraform_image" {
 
 module "tf_workspace" {
   source   = "terraform-google-modules/bootstrap/google//modules/tf_cloudbuild_workspace"
-  version  = "~> 9.0"
+  version  = "~> 11.0"
   for_each = local.granular_sa
 
   project_id                = module.tf_source.cloudbuild_project_id

0-bootstrap/github.tf.example

@@ -70,7 +70,7 @@ locals {
 
 module "gh_cicd" {
   source  = "terraform-google-modules/project-factory/google"
-  version = "~> 17.0"
+  version = "~> 18.0"
 
   name              = "${var.project_prefix}-b-cicd-wif-gh"
   random_project_id = true
@@ -120,7 +120,7 @@ resource "google_service_account_iam_member" "self_impersonate" {
 
 module "gcp_projects_state_bucket" {
   source  = "terraform-google-modules/cloud-storage/google//modules/simple_bucket"
-  version = "~> 8.0"
+  version = "~> 9.0"
 
   name          = "${var.bucket_prefix}-${module.seed_bootstrap.seed_project_id}-gcp-projects-tfstate"
   project_id    = module.seed_bootstrap.seed_project_id

0-bootstrap/gitlab.tf.example

@@ -81,7 +81,7 @@ provider "gitlab" {
 
 module "gitlab_cicd" {
   source  = "terraform-google-modules/project-factory/google"
-  version = "~> 17.0"
+  version = "~> 18.0"
 
   name              = "${var.project_prefix}-b-cicd-wif-gl"
   random_project_id = true

0-bootstrap/main.tf

@@ -45,7 +45,7 @@ resource "google_folder" "bootstrap" {
 
 module "seed_bootstrap" {
   source  = "terraform-google-modules/bootstrap/google"
-  version = "~> 9.0"
+  version = "~> 11.0"
 
   org_id                         = var.org_id
   folder_id                      = google_folder.bootstrap.id

0-bootstrap/modules/cb-private-pool/network.tf

@@ -20,7 +20,7 @@ locals {
 
 module "peered_network" {
   source  = "terraform-google-modules/network/google"
-  version = "~> 9.0"
+  version = "~> 10.0"
   count   = var.private_worker_pool.create_peered_network ? 1 : 0
 
   project_id                             = var.project_id
@@ -90,7 +90,7 @@ resource "google_compute_network_peering_routes_config" "peering_routes" {
 
 module "firewall_rules" {
   source  = "terraform-google-modules/network/google//modules/firewall-rules"
-  version = "~> 9.0"
+  version = "~> 10.0"
   count   = var.private_worker_pool.enable_network_peering ? 1 : 0
 
   project_id   = var.project_id

0-bootstrap/modules/jenkins-agent/main.tf

@@ -29,7 +29,7 @@ resource "random_id" "suffix" {
 *******************************************/
 module "cicd_project" {
   source  = "terraform-google-modules/project-factory/google"
-  version = "~> 17.0"
+  version = "~> 18.0"
 
   name                        = local.cicd_project_name
   random_project_id           = true
@@ -130,8 +130,9 @@ resource "google_tags_tag_value" "jenkins_agents" {
 }
 
 module "jenkins_firewall_rules" {
-  source      = "terraform-google-modules/network/google//modules/network-firewall-policy"
-  version     = "~> 9.0"
+  source  = "terraform-google-modules/network/google//modules/network-firewall-policy"
+  version = "~> 10.0"
+
   project_id  = module.cicd_project.project_id
   policy_name = "fp-${google_compute_network.jenkins_agents.name}-jenkins-firewall"
   description = "Jenkins Agent GCE network firewall rules."

0-bootstrap/modules/tfc-agent-gke/main.tf

@@ -34,7 +34,7 @@ resource "random_string" "suffix" {
 
 module "network" {
   source  = "terraform-google-modules/network/google"
-  version = "~> 9.0"
+  version = "~> 10.0"
 
   project_id                             = var.project_id
   network_name                           = var.network_name
@@ -96,7 +96,7 @@ resource "google_service_account" "tfc_agent_service_account" {
 
 module "tfc_agent_cluster" {
   source  = "terraform-google-modules/kubernetes-engine/google//modules/beta-autopilot-private-cluster/"
-  version = "~> 34.0"
+  version = "~> 36.0"
 
   project_id         = var.project_id
   region             = var.region
@@ -372,7 +372,7 @@ resource "google_compute_firewall" "allow_private_api_egress" {
 
 module "private_service_connect" {
   source  = "terraform-google-modules/network/google//modules/private-service-connect"
-  version = "~> 9.1"
+  version = "~> 10.0"
 
   project_id                 = var.project_id
   dns_code                   = "dz-${local.vpc_name}"
@@ -394,7 +394,7 @@ resource "google_dns_policy" "default_policy" {
 
 module "hub" {
   source  = "terraform-google-modules/kubernetes-engine/google//modules/fleet-membership"
-  version = "~> 34.0"
+  version = "~> 36.0"
 
   project_id   = var.project_id
   location     = var.region

0-bootstrap/terraform_cloud.tf.example

@@ -230,7 +230,7 @@ resource "tfe_run_trigger" "projects_bu2_shared_production" {
 
 module "tfc_cicd" {
   source  = "terraform-google-modules/project-factory/google"
-  version = "~> 17.0"
+  version = "~> 18.0"
 
   name              = "${var.project_prefix}-b-cicd-wif-tfc"
   random_project_id = true

0-bootstrap/variables.tf

@@ -108,6 +108,12 @@ variable "folder_deletion_protection" {
   default     = true
 }
 
+variable "workflow_deletion_protection" {
+  description = "Whether Terraform will be prevented from destroying a workflow. When the field is set to true or unset in Terraform state, a `terraform apply` or `terraform destroy` that would delete the workflow will fail. When the field is set to false, deleting the workflow is allowed."
+  type        = bool
+  default     = true
+}
+
 /* ----------------------------------------
     Specific to Groups creation
    ---------------------------------------- */