0-bootstrap needs servicenetworking api enabled on seed project

[obriensystems]

TL;DR

terraform apply

google_artifact_registry_repository_iam_member.terraform_sa_artifact_registry_reader["org"]: Creation complete after 21s [id=projects/prj-b-cicd-wm4z/locations/us-central1/repositories/tf-runners/roles/artifactregistry.reader/serviceAccount:[email protected]]
╷
│ Error: Error waiting for Create Service Networking Connection: error while retrieving operation: googleapi: Error 403: Service Networking API has not been used in project tef-olapp before or it is disabled. Enable it by visiting https://console.developers.google.com/apis/api/servicenetworking.googleapis.com/overview?project=tef-olapp then retry. If you enabled this API recently, wait a few minutes for the action to propagate to our systems and retry.
│ Details:
│ [
│   {
│     "@type": "type.googleapis.com/google.rpc.Help",
│     "links": [
│       {
│         "description": "Google developers console API activation",
│         "url": "https://console.developers.google.com/apis/api/servicenetworking.googleapis.com/overview?project=tef-olapp"
│       }
│     ]
│   },
│   {
│     "@type": "type.googleapis.com/google.rpc.ErrorInfo",
│     "domain": "googleapis.com",
│     "metadata": {
│       "consumer": "projects/tef-olapp",
│       "service": "servicenetworking.googleapis.com"
│     },
│     "reason": "SERVICE_DISABLED"
│   }
│ ]
│ , accessNotConfigured
│ 
│   with module.tf_private_pool.google_service_networking_connection.worker_pool_conn[0],
│   on modules/cb-private-pool/network.tf line 72, in resource "google_service_networking_connection" "worker_pool_conn":
│   72: resource "google_service_networking_connection" "worker_pool_conn" {
│ 

fix

michael@cloudshell:~/tef-olapp/github/terraform-example-foundation/0-bootstrap (tef-olapp)$ gcloud services enable servicenetworking.googleapis.com
Operation "operations/acat.p2-153288813308-a0696e44-3f2a-4f4c-b577-fe31c70e488d" finished successfully.

current list

michael@cloudshell:~/tef-olapp/github/terraform-example-foundation/0-bootstrap (tef-olapp)$ gcloud services list | grep NAME
NAME: analyticshub.googleapis.com
NAME: bigquery.googleapis.com
NAME: bigqueryconnection.googleapis.com
NAME: bigquerydatapolicy.googleapis.com
NAME: bigquerymigration.googleapis.com
NAME: bigqueryreservation.googleapis.com
NAME: bigquerystorage.googleapis.com
NAME: cloudapis.googleapis.com
NAME: cloudbilling.googleapis.com
NAME: cloudidentity.googleapis.com
NAME: cloudkms.googleapis.com
NAME: cloudresourcemanager.googleapis.com
NAME: cloudtrace.googleapis.com
NAME: dataform.googleapis.com
NAME: dataplex.googleapis.com
NAME: datastore.googleapis.com
NAME: iam.googleapis.com
NAME: iamcredentials.googleapis.com
NAME: logging.googleapis.com
NAME: monitoring.googleapis.com
NAME: servicemanagement.googleapis.com
NAME: servicenetworking.googleapis.com
NAME: serviceusage.googleapis.com
NAME: sql-component.googleapis.com
NAME: storage-api.googleapis.com
NAME: storage-component.googleapis.com
NAME: storage.googleapis.com

I am going to enable all services below
The list is in
https://github.com/terraform-google-modules/terraform-example-foundation/blob/master/0-bootstrap/main.tf#L78

activate_apis = [
    "serviceusage.googleapis.com",
    "servicenetworking.googleapis.com",
    "cloudkms.googleapis.com",
    "compute.googleapis.com",
    "logging.googleapis.com",
    "bigquery.googleapis.com",
    "cloudresourcemanager.googleapis.com",
    "cloudbilling.googleapis.com",
    "cloudbuild.googleapis.com",
    "iam.googleapis.com",
    "admin.googleapis.com",
    "appengine.googleapis.com",
    "storage-api.googleapis.com",
    "monitoring.googleapis.com",
    "pubsub.googleapis.com",
    "securitycenter.googleapis.com",
    "accesscontextmanager.googleapis.com",
    "billingbudgets.googleapis.com",
    "essentialcontacts.googleapis.com",
    "assuredworkloads.googleapis.com",
    "cloudasset.googleapis.com"
  ]

enabling - even though most of these are for CB project

cloudbuild.googleapis.com
appengine.googleapis.com
pubsub.googleapis.com
securitycenter.googleapis.com
accesscontextmanager.googleapis.com
billingbudgets.googleapis.com
essentialcontacts.googleapis.com
assuredworkloads.googleapis.com
cloudasset.googleapis.com

Expected behavior

No response

Observed behavior

No response

Terraform Configuration

cloud shell

Terraform Version

1.7.4

Additional information

No response

[fmichaelobrien]

0-bootstrap is up with the changes from #1133 to #1143

[fmichaelobrien]

stale bot timer restart - https://github.com/terraform-google-modules/terraform-example-foundation/blob/master/.github/workflows/stale.yml#L21

[fmichaelobrien]

fixed by

PRs merged to the terraform-example-foundation upstream repo

• 20240426 fix: Add roles and service enablements to bootstrap project #1175