cloud-foundation-fabric/modules/gke-hub/variables.tf

/**
 * Copyright 2022 Google LLC
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

variable "clusters" {
  description = "Clusters members of this GKE Hub in name => id format."
  type        = map(string)
  default     = {}
  nullable    = false
}

variable "configmanagement_clusters" {
  description = "Config management features enabled on specific sets of member clusters, in config name => [cluster name] format."
  type        = map(list(string))
  default     = {}
  nullable    = false
}

variable "configmanagement_templates" {
  description = "Sets of config management configurations that can be applied to member clusters, in config name => {options} format."
  type = map(object({
    binauthz = optional(bool)
    version  = optional(string)
    config_sync = object({
      git = optional(object({
        sync_repo                 = string
        policy_dir                = string
        gcp_service_account_email = optional(string)
        https_proxy               = optional(string)
        secret_type               = optional(string, "none")
        sync_branch               = optional(string)
        sync_rev                  = optional(string)
        sync_wait_secs            = optional(number)
      }))
      prevent_drift = optional(bool)
      source_format = optional(string, "hierarchy")
    })
    hierarchy_controller = optional(object({
      enable_hierarchical_resource_quota = optional(bool)
      enable_pod_tree_labels             = optional(bool)
    }))
    policy_controller = object({
      audit_interval_seconds     = optional(number)
      exemptable_namespaces      = optional(list(string))
      log_denies_enabled         = optional(bool)
      referential_rules_enabled  = optional(bool)
      template_library_installed = optional(bool)
    })
  }))
  default  = {}
  nullable = false
}

variable "features" {
  description = "Enable and configure fleet features."
  type = object({
    appdevexperience             = optional(bool, false)
    configmanagement             = optional(bool, false)
    identityservice              = optional(bool, false)
    multiclusteringress          = optional(string, null)
    multiclusterservicediscovery = optional(bool, false)
    servicemesh                  = optional(bool, false)
  })
  default  = {}
  nullable = false
}

variable "project_id" {
  description = "GKE hub project ID."
  type        = string
}

variable "workload_identity_clusters" {
  description = "Clusters that will use Fleet Workload Identity."
  type        = list(string)
  default     = []
  nullable    = false
}
Add GKE Hub module to fabric (#540) * GKE Hub initial PR commit * variable management adjust * comments, fixes and alphabetically ordered variables * Update README.md * Update README.md * Update README.md * fix test * resources vs modules still needs some love * remove modules usage * comments, readme update and output * adjusting outputs and README * fix README.md * fix README * adjusted based on comments still need some love in the google_gke_hub_feature_membership variables management * types and variable management * optionally enable required api * Update README.md * reorder locals and use standard formatting * Don't enable services from modules * Use self links for member clusters * Update readme * members_clusters back to map @juliocc let's talk about this cause we saw it together in our call and if I change it to a list than the other resources are not going to work, they need location there too. * Forcing null feature to false due to a bug in provider If a block is set to null the provider will crash with a "panic: interface conversion: interface {} is nil, not map[string]interface {}" a PR will follow * Readme update * Readme.md update * Update README.md * bring back tolist, WIP * Update main.tf * Readme.md update * Update README.md * Update main.tf * Update main.tf * Add id and self_links output to gke-cluster * Use try and make all member feature blocks dynamic/optional * Change member clusters to map * Add gke-hub tests * Address PR comments * Update gke-hub readme Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com> Co-authored-by: Julio Castillo <jccb@google.com> 2022-02-28 03:40:48 -08:00			`/**`
			`* Copyright 2022 Google LLC`
			`*`
			`* Licensed under the Apache License, Version 2.0 (the "License");`
			`* you may not use this file except in compliance with the License.`
			`* You may obtain a copy of the License at`
			`*`
			`* http://www.apache.org/licenses/LICENSE-2.0`
			`*`
			`* Unless required by applicable law or agreed to in writing, software`
			`* distributed under the License is distributed on an "AS IS" BASIS,`
			`* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`* See the License for the specific language governing permissions and`
			`* limitations under the License.`
			`*/`

GKE hub module refactor (#760) GKE hub module refactor Co-authored-by: Daniel Marzini <danielmarzini@users.noreply.github.com> Co-authored-by: Miren Esnaola <mirene@google.com> 2022-07-28 23:39:25 -07:00			`variable "clusters" {`
			`description = "Clusters members of this GKE Hub in name => id format."`
			`type = map(string)`
			`default = {}`
			`nullable = false`
Add GKE Hub module to fabric (#540) * GKE Hub initial PR commit * variable management adjust * comments, fixes and alphabetically ordered variables * Update README.md * Update README.md * Update README.md * fix test * resources vs modules still needs some love * remove modules usage * comments, readme update and output * adjusting outputs and README * fix README.md * fix README * adjusted based on comments still need some love in the google_gke_hub_feature_membership variables management * types and variable management * optionally enable required api * Update README.md * reorder locals and use standard formatting * Don't enable services from modules * Use self links for member clusters * Update readme * members_clusters back to map @juliocc let's talk about this cause we saw it together in our call and if I change it to a list than the other resources are not going to work, they need location there too. * Forcing null feature to false due to a bug in provider If a block is set to null the provider will crash with a "panic: interface conversion: interface {} is nil, not map[string]interface {}" a PR will follow * Readme update * Readme.md update * Update README.md * bring back tolist, WIP * Update main.tf * Readme.md update * Update README.md * Update main.tf * Update main.tf * Add id and self_links output to gke-cluster * Use try and make all member feature blocks dynamic/optional * Change member clusters to map * Add gke-hub tests * Address PR comments * Update gke-hub readme Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com> Co-authored-by: Julio Castillo <jccb@google.com> 2022-02-28 03:40:48 -08:00			`}`

GKE hub module refactor (#760) GKE hub module refactor Co-authored-by: Daniel Marzini <danielmarzini@users.noreply.github.com> Co-authored-by: Miren Esnaola <mirene@google.com> 2022-07-28 23:39:25 -07:00			`variable "configmanagement_clusters" {`
			`description = "Config management features enabled on specific sets of member clusters, in config name => [cluster name] format."`
			`type = map(list(string))`
Add GKE Hub module to fabric (#540) * GKE Hub initial PR commit * variable management adjust * comments, fixes and alphabetically ordered variables * Update README.md * Update README.md * Update README.md * fix test * resources vs modules still needs some love * remove modules usage * comments, readme update and output * adjusting outputs and README * fix README.md * fix README * adjusted based on comments still need some love in the google_gke_hub_feature_membership variables management * types and variable management * optionally enable required api * Update README.md * reorder locals and use standard formatting * Don't enable services from modules * Use self links for member clusters * Update readme * members_clusters back to map @juliocc let's talk about this cause we saw it together in our call and if I change it to a list than the other resources are not going to work, they need location there too. * Forcing null feature to false due to a bug in provider If a block is set to null the provider will crash with a "panic: interface conversion: interface {} is nil, not map[string]interface {}" a PR will follow * Readme update * Readme.md update * Update README.md * bring back tolist, WIP * Update main.tf * Readme.md update * Update README.md * Update main.tf * Update main.tf * Add id and self_links output to gke-cluster * Use try and make all member feature blocks dynamic/optional * Change member clusters to map * Add gke-hub tests * Address PR comments * Update gke-hub readme Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com> Co-authored-by: Julio Castillo <jccb@google.com> 2022-02-28 03:40:48 -08:00			`default = {}`
			`nullable = false`
			`}`

GKE hub module refactor (#760) GKE hub module refactor Co-authored-by: Daniel Marzini <danielmarzini@users.noreply.github.com> Co-authored-by: Miren Esnaola <mirene@google.com> 2022-07-28 23:39:25 -07:00			`variable "configmanagement_templates" {`
			`description = "Sets of config management configurations that can be applied to member clusters, in config name => {options} format."`
			`type = map(object({`
Add example to FAST GKE stage, streamline GKE Hub module variables and usage (#1977) * implement optionals in gke-hub module * simplify gke hub module call in mc mesh blueprint * simplify gke hub module call and variables in multitenant blueprint * gke hub inventory * provide cluster and fleet examples in stage 2024-01-20 02:06:38 -08:00			`binauthz = optional(bool)`
			`version = optional(string)`
GKE hub module refactor (#760) GKE hub module refactor Co-authored-by: Daniel Marzini <danielmarzini@users.noreply.github.com> Co-authored-by: Miren Esnaola <mirene@google.com> 2022-07-28 23:39:25 -07:00			`config_sync = object({`
Add example to FAST GKE stage, streamline GKE Hub module variables and usage (#1977) * implement optionals in gke-hub module * simplify gke hub module call in mc mesh blueprint * simplify gke hub module call and variables in multitenant blueprint * gke hub inventory * provide cluster and fleet examples in stage 2024-01-20 02:06:38 -08:00			`git = optional(object({`
Add GKE Hub module to fabric (#540) * GKE Hub initial PR commit * variable management adjust * comments, fixes and alphabetically ordered variables * Update README.md * Update README.md * Update README.md * fix test * resources vs modules still needs some love * remove modules usage * comments, readme update and output * adjusting outputs and README * fix README.md * fix README * adjusted based on comments still need some love in the google_gke_hub_feature_membership variables management * types and variable management * optionally enable required api * Update README.md * reorder locals and use standard formatting * Don't enable services from modules * Use self links for member clusters * Update readme * members_clusters back to map @juliocc let's talk about this cause we saw it together in our call and if I change it to a list than the other resources are not going to work, they need location there too. * Forcing null feature to false due to a bug in provider If a block is set to null the provider will crash with a "panic: interface conversion: interface {} is nil, not map[string]interface {}" a PR will follow * Readme update * Readme.md update * Update README.md * bring back tolist, WIP * Update main.tf * Readme.md update * Update README.md * Update main.tf * Update main.tf * Add id and self_links output to gke-cluster * Use try and make all member feature blocks dynamic/optional * Change member clusters to map * Add gke-hub tests * Address PR comments * Update gke-hub readme Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com> Co-authored-by: Julio Castillo <jccb@google.com> 2022-02-28 03:40:48 -08:00			`sync_repo = string`
Add example to FAST GKE stage, streamline GKE Hub module variables and usage (#1977) * implement optionals in gke-hub module * simplify gke hub module call in mc mesh blueprint * simplify gke hub module call and variables in multitenant blueprint * gke hub inventory * provide cluster and fleet examples in stage 2024-01-20 02:06:38 -08:00			`policy_dir = string`
			`gcp_service_account_email = optional(string)`
			`https_proxy = optional(string)`
			`secret_type = optional(string, "none")`
			`sync_branch = optional(string)`
			`sync_rev = optional(string)`
			`sync_wait_secs = optional(number)`
			`}))`
			`prevent_drift = optional(bool)`
			`source_format = optional(string, "hierarchy")`
GKE hub module refactor (#760) GKE hub module refactor Co-authored-by: Daniel Marzini <danielmarzini@users.noreply.github.com> Co-authored-by: Miren Esnaola <mirene@google.com> 2022-07-28 23:39:25 -07:00			`})`
Add example to FAST GKE stage, streamline GKE Hub module variables and usage (#1977) * implement optionals in gke-hub module * simplify gke hub module call in mc mesh blueprint * simplify gke hub module call and variables in multitenant blueprint * gke hub inventory * provide cluster and fleet examples in stage 2024-01-20 02:06:38 -08:00			`hierarchy_controller = optional(object({`
			`enable_hierarchical_resource_quota = optional(bool)`
			`enable_pod_tree_labels = optional(bool)`
			`}))`
GKE hub module refactor (#760) GKE hub module refactor Co-authored-by: Daniel Marzini <danielmarzini@users.noreply.github.com> Co-authored-by: Miren Esnaola <mirene@google.com> 2022-07-28 23:39:25 -07:00			`policy_controller = object({`
Add example to FAST GKE stage, streamline GKE Hub module variables and usage (#1977) * implement optionals in gke-hub module * simplify gke hub module call in mc mesh blueprint * simplify gke hub module call and variables in multitenant blueprint * gke hub inventory * provide cluster and fleet examples in stage 2024-01-20 02:06:38 -08:00			`audit_interval_seconds = optional(number)`
			`exemptable_namespaces = optional(list(string))`
			`log_denies_enabled = optional(bool)`
			`referential_rules_enabled = optional(bool)`
			`template_library_installed = optional(bool)`
Add GKE Hub module to fabric (#540) * GKE Hub initial PR commit * variable management adjust * comments, fixes and alphabetically ordered variables * Update README.md * Update README.md * Update README.md * fix test * resources vs modules still needs some love * remove modules usage * comments, readme update and output * adjusting outputs and README * fix README.md * fix README * adjusted based on comments still need some love in the google_gke_hub_feature_membership variables management * types and variable management * optionally enable required api * Update README.md * reorder locals and use standard formatting * Don't enable services from modules * Use self links for member clusters * Update readme * members_clusters back to map @juliocc let's talk about this cause we saw it together in our call and if I change it to a list than the other resources are not going to work, they need location there too. * Forcing null feature to false due to a bug in provider If a block is set to null the provider will crash with a "panic: interface conversion: interface {} is nil, not map[string]interface {}" a PR will follow * Readme update * Readme.md update * Update README.md * bring back tolist, WIP * Update main.tf * Readme.md update * Update README.md * Update main.tf * Update main.tf * Add id and self_links output to gke-cluster * Use try and make all member feature blocks dynamic/optional * Change member clusters to map * Add gke-hub tests * Address PR comments * Update gke-hub readme Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com> Co-authored-by: Julio Castillo <jccb@google.com> 2022-02-28 03:40:48 -08:00			`})`
GKE hub module refactor (#760) GKE hub module refactor Co-authored-by: Daniel Marzini <danielmarzini@users.noreply.github.com> Co-authored-by: Miren Esnaola <mirene@google.com> 2022-07-28 23:39:25 -07:00			`}))`
			`default = {}`
			`nullable = false`
			`}`

			`variable "features" {`
Several updates Several updates 2023-05-13 20:51:46 -07:00			`description = "Enable and configure fleet features."`
GKE hub module refactor (#760) GKE hub module refactor Co-authored-by: Daniel Marzini <danielmarzini@users.noreply.github.com> Co-authored-by: Miren Esnaola <mirene@google.com> 2022-07-28 23:39:25 -07:00			`type = object({`
Make features optional 2023-01-25 07:50:59 -08:00			`appdevexperience = optional(bool, false)`
			`configmanagement = optional(bool, false)`
			`identityservice = optional(bool, false)`
			`multiclusteringress = optional(string, null)`
			`multiclusterservicediscovery = optional(bool, false)`
			`servicemesh = optional(bool, false)`
Add GKE Hub module to fabric (#540) * GKE Hub initial PR commit * variable management adjust * comments, fixes and alphabetically ordered variables * Update README.md * Update README.md * Update README.md * fix test * resources vs modules still needs some love * remove modules usage * comments, readme update and output * adjusting outputs and README * fix README.md * fix README * adjusted based on comments still need some love in the google_gke_hub_feature_membership variables management * types and variable management * optionally enable required api * Update README.md * reorder locals and use standard formatting * Don't enable services from modules * Use self links for member clusters * Update readme * members_clusters back to map @juliocc let's talk about this cause we saw it together in our call and if I change it to a list than the other resources are not going to work, they need location there too. * Forcing null feature to false due to a bug in provider If a block is set to null the provider will crash with a "panic: interface conversion: interface {} is nil, not map[string]interface {}" a PR will follow * Readme update * Readme.md update * Update README.md * bring back tolist, WIP * Update main.tf * Readme.md update * Update README.md * Update main.tf * Update main.tf * Add id and self_links output to gke-cluster * Use try and make all member feature blocks dynamic/optional * Change member clusters to map * Add gke-hub tests * Address PR comments * Update gke-hub readme Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com> Co-authored-by: Julio Castillo <jccb@google.com> 2022-02-28 03:40:48 -08:00			`})`
Add example to FAST GKE stage, streamline GKE Hub module variables and usage (#1977) * implement optionals in gke-hub module * simplify gke hub module call in mc mesh blueprint * simplify gke hub module call and variables in multitenant blueprint * gke hub inventory * provide cluster and fleet examples in stage 2024-01-20 02:06:38 -08:00			`default = {}`
Add GKE Hub module to fabric (#540) * GKE Hub initial PR commit * variable management adjust * comments, fixes and alphabetically ordered variables * Update README.md * Update README.md * Update README.md * fix test * resources vs modules still needs some love * remove modules usage * comments, readme update and output * adjusting outputs and README * fix README.md * fix README * adjusted based on comments still need some love in the google_gke_hub_feature_membership variables management * types and variable management * optionally enable required api * Update README.md * reorder locals and use standard formatting * Don't enable services from modules * Use self links for member clusters * Update readme * members_clusters back to map @juliocc let's talk about this cause we saw it together in our call and if I change it to a list than the other resources are not going to work, they need location there too. * Forcing null feature to false due to a bug in provider If a block is set to null the provider will crash with a "panic: interface conversion: interface {} is nil, not map[string]interface {}" a PR will follow * Readme update * Readme.md update * Update README.md * bring back tolist, WIP * Update main.tf * Readme.md update * Update README.md * Update main.tf * Update main.tf * Add id and self_links output to gke-cluster * Use try and make all member feature blocks dynamic/optional * Change member clusters to map * Add gke-hub tests * Address PR comments * Update gke-hub readme Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com> Co-authored-by: Julio Castillo <jccb@google.com> 2022-02-28 03:40:48 -08:00			`nullable = false`
			`}`

			`variable "project_id" {`
			`description = "GKE hub project ID."`
			`type = string`
			`}`
GKE hub module refactor (#760) GKE hub module refactor Co-authored-by: Daniel Marzini <danielmarzini@users.noreply.github.com> Co-authored-by: Miren Esnaola <mirene@google.com> 2022-07-28 23:39:25 -07:00
			`variable "workload_identity_clusters" {`
			`description = "Clusters that will use Fleet Workload Identity."`
			`type = list(string)`
			`default = []`
			`nullable = false`
			`}`