Infra updates: remove tags, update packages (#81)

* Update the infrastructure

- Add additional notes to the readme.
- Update package versions to latest for that distro to prevent errors
- Remove the ssh rule

* remove tags

Author: jcscottiii

README.md

@@ -155,12 +155,14 @@ Requirements:
 - [GNU Make](https://www.gnu.org/software/make/)
 - [Terraform](https://www.terraform.io/) version 1.2.5
 - [Python 3](https://python.org)
-- access credentials to the Google Cloud Platform project, saved to a file named
-  `google-cloud-platform-credentials.json` in the root pf this repository
 
 The following commands will build Docker images for the respective sub-systems
 and upload them to Google Cloud Platform:
 
+    gcloud auth login
+    gcloud auth configure-docker gcr.io
+    make cert-renewer
+    make wpt-server-tot
     make publish-cert-renewer
     make publish-wpt-server-tot
 

cert-renewer.Dockerfile

@@ -17,9 +17,9 @@ RUN apt-get -qqy update && \
     ca-certificates \
     curl \
     gnupg \
-    python3=3.10.6-1~22.04 \
-    python3-dev=3.10.6-1~22.04 \
-    python3-pip=22.0.2+dfsg-1
+    python3=3.10.6-1~22.04.1 \
+    python3-dev=3.10.6-1~22.04.1 \
+    python3-pip=22.0.2+dfsg-1ubuntu0.5
 # For Google Cloud, look under https://packages.cloud.google.com/apt/dists/cloud-sdk/main/binary-amd64/Packages
 # https://cloud.google.com/storage/docs/gsutil_install
 # Copy the "Docker Tip" instructions from gsutil_install link and then pin the version

infrastructure/docker-image/main.tf

@@ -9,9 +9,9 @@ variable "image" {
 }
 
 output "identifier" {
-  value = "${var.registry}/${var.image}@${data.docker_registry_image.image.sha256_digest}"
+  value = "${data.docker_image.image.repo_digest}"
 }
 
-data "docker_registry_image" "image" {
+data "docker_image" "image" {
   name = "${var.registry}/${var.image}:latest"
 }

infrastructure/web-platform-tests/compute.tf

@@ -71,27 +71,11 @@ resource "google_compute_firewall" "wpt-server-mig-health-check" {
   # This range comes from this module that was used previously:
   # https://github.com/Ecosystem-Infra/terraform-google-multi-port-managed-instance-group/blob/master/main.tf#L347
   source_ranges = ["130.211.0.0/22", "35.191.0.0/16"]
-  target_tags   = ["${var.name}-allow"]
-}
-
-resource "google_compute_firewall" "wpt-servers-default-ssh" {
-  name    = "${var.name}-wpt-servers-vm-ssh"
-  network = var.network_name
-
-  allow {
-    protocol = "tcp"
-    ports    = ["22"]
-  }
-
-  source_ranges = ["0.0.0.0/0"]
-  target_tags   = ["allow-ssh"]
 }
 
 resource "google_compute_instance_template" "wpt_server" {
   name_prefix = "default-"
 
-  tags = ["allow-ssh", "${var.name}-allow"]
-
   # As of 2020-06-17, we were running into OOM issues with the 1.7 GB
   # "g1-small" instance[1]. This was suspected to be due to 'git gc' needing
   # more memory, so we upgraded to "e2-medium" (4 GB of RAM).

infrastructure/web-platform-tests/load-balancing.tf

@@ -49,5 +49,4 @@ resource "google_compute_firewall" "default-lb-fw" {
   }
 
   source_ranges = ["0.0.0.0/0"]
-  target_tags   = ["${var.name}-allow"]
 }