From 4b3f60985ac90265c79a4c5378f8a688f642de96 Mon Sep 17 00:00:00 2001 From: Jonathan Meyers Date: Thu, 25 Jun 2020 13:59:33 -1000 Subject: [PATCH] feat: add configconnector to safer variant (#581) --- autogen/safer-cluster/main.tf.tmpl | 2 ++ autogen/safer-cluster/variables.tf.tmpl | 6 ++++++ modules/safer-cluster-update-variant/README.md | 1 + modules/safer-cluster-update-variant/main.tf | 2 ++ modules/safer-cluster-update-variant/variables.tf | 6 ++++++ modules/safer-cluster/README.md | 1 + modules/safer-cluster/main.tf | 2 ++ modules/safer-cluster/variables.tf | 6 ++++++ 8 files changed, 26 insertions(+) diff --git a/autogen/safer-cluster/main.tf.tmpl b/autogen/safer-cluster/main.tf.tmpl index 5270137dc..e58a4e60d 100644 --- a/autogen/safer-cluster/main.tf.tmpl +++ b/autogen/safer-cluster/main.tf.tmpl @@ -128,6 +128,8 @@ module "gke" { dns_cache = var.dns_cache + config_connector = var.config_connector + default_max_pods_per_node = var.default_max_pods_per_node database_encryption = var.database_encryption diff --git a/autogen/safer-cluster/variables.tf.tmpl b/autogen/safer-cluster/variables.tf.tmpl index 64dde3d74..6b057482b 100644 --- a/autogen/safer-cluster/variables.tf.tmpl +++ b/autogen/safer-cluster/variables.tf.tmpl @@ -360,3 +360,9 @@ variable "firewall_inbound_ports" { description = "List of TCP ports for admission/webhook controllers" default = ["8443", "9443", "15017"] } + +variable "config_connector" { + type = bool + description = "(Beta) Whether ConfigConnector is enabled for this cluster." + default = false +} diff --git a/modules/safer-cluster-update-variant/README.md b/modules/safer-cluster-update-variant/README.md index 3d9a16630..6f9120c81 100644 --- a/modules/safer-cluster-update-variant/README.md +++ b/modules/safer-cluster-update-variant/README.md @@ -205,6 +205,7 @@ For simplicity, we suggest using `roles/container.admin` and | cloudrun | (Beta) Enable CloudRun addon | string | `"false"` | no | | cluster\_resource\_labels | The GCE resource labels (a map of key/value pairs) to be applied to the cluster | map(string) | `` | no | | compute\_engine\_service\_account | Use the given service account for nodes rather than creating a new dedicated service account. | string | `""` | no | +| config\_connector | (Beta) Whether ConfigConnector is enabled for this cluster. | bool | `"false"` | no | | database\_encryption | Application-layer Secrets Encryption settings. The object format is {state = string, key_name = string}. Valid values of state are: "ENCRYPTED"; "DECRYPTED". key_name is the name of a CloudKMS key. | object | `` | no | | default\_max\_pods\_per\_node | The maximum number of pods to schedule per node | string | `"110"` | no | | description | The description of the cluster | string | `""` | no | diff --git a/modules/safer-cluster-update-variant/main.tf b/modules/safer-cluster-update-variant/main.tf index d259f1794..1d044fb07 100644 --- a/modules/safer-cluster-update-variant/main.tf +++ b/modules/safer-cluster-update-variant/main.tf @@ -124,6 +124,8 @@ module "gke" { dns_cache = var.dns_cache + config_connector = var.config_connector + default_max_pods_per_node = var.default_max_pods_per_node database_encryption = var.database_encryption diff --git a/modules/safer-cluster-update-variant/variables.tf b/modules/safer-cluster-update-variant/variables.tf index 8340f1d82..4644b2d5f 100644 --- a/modules/safer-cluster-update-variant/variables.tf +++ b/modules/safer-cluster-update-variant/variables.tf @@ -360,3 +360,9 @@ variable "firewall_inbound_ports" { description = "List of TCP ports for admission/webhook controllers" default = ["8443", "9443", "15017"] } + +variable "config_connector" { + type = bool + description = "(Beta) Whether ConfigConnector is enabled for this cluster." + default = false +} diff --git a/modules/safer-cluster/README.md b/modules/safer-cluster/README.md index 3d9a16630..6f9120c81 100644 --- a/modules/safer-cluster/README.md +++ b/modules/safer-cluster/README.md @@ -205,6 +205,7 @@ For simplicity, we suggest using `roles/container.admin` and | cloudrun | (Beta) Enable CloudRun addon | string | `"false"` | no | | cluster\_resource\_labels | The GCE resource labels (a map of key/value pairs) to be applied to the cluster | map(string) | `` | no | | compute\_engine\_service\_account | Use the given service account for nodes rather than creating a new dedicated service account. | string | `""` | no | +| config\_connector | (Beta) Whether ConfigConnector is enabled for this cluster. | bool | `"false"` | no | | database\_encryption | Application-layer Secrets Encryption settings. The object format is {state = string, key_name = string}. Valid values of state are: "ENCRYPTED"; "DECRYPTED". key_name is the name of a CloudKMS key. | object | `` | no | | default\_max\_pods\_per\_node | The maximum number of pods to schedule per node | string | `"110"` | no | | description | The description of the cluster | string | `""` | no | diff --git a/modules/safer-cluster/main.tf b/modules/safer-cluster/main.tf index 853919227..0ecca42f5 100644 --- a/modules/safer-cluster/main.tf +++ b/modules/safer-cluster/main.tf @@ -124,6 +124,8 @@ module "gke" { dns_cache = var.dns_cache + config_connector = var.config_connector + default_max_pods_per_node = var.default_max_pods_per_node database_encryption = var.database_encryption diff --git a/modules/safer-cluster/variables.tf b/modules/safer-cluster/variables.tf index 8340f1d82..4644b2d5f 100644 --- a/modules/safer-cluster/variables.tf +++ b/modules/safer-cluster/variables.tf @@ -360,3 +360,9 @@ variable "firewall_inbound_ports" { description = "List of TCP ports for admission/webhook controllers" default = ["8443", "9443", "15017"] } + +variable "config_connector" { + type = bool + description = "(Beta) Whether ConfigConnector is enabled for this cluster." + default = false +}