diff --git a/Makefile b/Makefile index 3e3026f9160a35db621364f45430023d3bb193ee..17336eef50bc8df62b1a2ff3d3cd2bbae8f130b7 100644 --- a/Makefile +++ b/Makefile @@ -3,7 +3,7 @@ MAKEFILE_DIR := $(dir $(firstword $(MAKEFILE_LIST))) GCP_ROOT_DIR := $(realpath ${MAKEFILE_DIR}../..) # include env vars -include ${GCP_ROOT_DIR}/env.mk +include gcp-env.mk include ${MAKEFILE_DIR}/env.mk export diff --git a/gcp-env.mk b/gcp-env.mk index 07956fccbe88b73e676677c37a683618bb980078..285ce00b1dbbf2a1438b8a31ee83a0cb41c3d707 100644 --- a/gcp-env.mk +++ b/gcp-env.mk @@ -1,9 +1,5 @@ -# GENERATED GCP SHARED ENVIRONMENT VARIABLES. DO NOT EDIT. -# The source file is env.sh in the uit-authnz repository. -# If it is changed, re-run 'make sync-env' in uit-authnz repository. -# # Terraform version -TF_VERSION = "= 0.12.19" +TF_VERSION = 1.2.7 # GCLOUD Configuration GOOGLE_CLOUD_PROJECT=uit-authnz @@ -17,6 +13,11 @@ GCP_DNS_DOMAIN=iam.stanford.edu ACME_DNS_PROVIDER=${GCP_PROJECT_NAME}-d GCP_NETWORK=services +# Default SSL policy +MIN_TLS_VERSION=TLS_1_2 +SSL_POLICY_PROFILE=MODERN +SSL_POLICY_NAME=${MIN_TLS_VERSION}-${SSL_POLICY_PROFILE} + # Default Docker registry DOCKER_NAMESPACE=${GCP_PROJECT_ID} DOCKER_REGISTRY=gcr.io @@ -49,9 +50,6 @@ DOCKER_REGISTRY_PASSWORD_PATH_GCR_USER=${SEC_PATH}/common/gcr-user DOCKER_REGISTRY_PASSWORD_PATH_GCR_PULL=${SEC_PATH}/common/gcr-pull SPLUNK_ADDON_SA=${SEC_PATH}/common/splunk-addon-sa -# Drone server for CI/CD -DRONE_SERVER=https://drone.svc.stanford.edu - # GitLab ci configuration GITLAB_SERVER=https://code.stanford.edu GITLAB_SEC_FILE=../.gitlab-ci.sec @@ -121,3 +119,5 @@ WALLET_BACKUP_BUCKET=${GCP_ENVIRONMENT}-${GCP_PROJECT_NAME}-wallet-backup WALLET_BACKUP_BUCKET_LOCATION=US FORCE_DESTROY_WALLET_BACKUP_BUCKET=true WALLET_NUMBER_NEWER_VERSIONS_BACKUP_BUCKET=30 + + GITLAB_REPO=authnz/uit-authnz