From 83eae9823a6453fa5f6787af8184f306ca53a134 Mon Sep 17 00:00:00 2001 From: Dan Cassidy <5643061+rux616@users.noreply.github.com> Date: Thu, 25 Feb 2021 08:37:07 +1300 Subject: [PATCH] fix: Remove deprecated variable "registry_project_id" (#832) BREAKING CHANGE: Replaced `registry_project_id` with `registry_project_ids` list. --- README.md | 1 - autogen/main/sa.tf.tmpl | 6 +----- autogen/main/variables.tf.tmpl | 6 ------ autogen/safer-cluster/main.tf.tmpl | 1 - autogen/safer-cluster/variables.tf.tmpl | 6 ------ modules/beta-private-cluster-update-variant/README.md | 1 - modules/beta-private-cluster-update-variant/sa.tf | 6 +----- modules/beta-private-cluster-update-variant/variables.tf | 6 ------ modules/beta-private-cluster/README.md | 1 - modules/beta-private-cluster/sa.tf | 6 +----- modules/beta-private-cluster/variables.tf | 6 ------ modules/beta-public-cluster-update-variant/README.md | 1 - modules/beta-public-cluster-update-variant/sa.tf | 6 +----- modules/beta-public-cluster-update-variant/variables.tf | 6 ------ modules/beta-public-cluster/README.md | 1 - modules/beta-public-cluster/sa.tf | 6 +----- modules/beta-public-cluster/variables.tf | 6 ------ modules/private-cluster-update-variant/README.md | 1 - modules/private-cluster-update-variant/sa.tf | 6 +----- modules/private-cluster-update-variant/variables.tf | 6 ------ modules/private-cluster/README.md | 1 - modules/private-cluster/sa.tf | 6 +----- modules/private-cluster/variables.tf | 6 ------ modules/safer-cluster-update-variant/README.md | 1 - modules/safer-cluster-update-variant/main.tf | 1 - modules/safer-cluster-update-variant/variables.tf | 6 ------ modules/safer-cluster/README.md | 1 - modules/safer-cluster/main.tf | 1 - modules/safer-cluster/variables.tf | 6 ------ sa.tf | 6 +----- variables.tf | 6 ------ 31 files changed, 8 insertions(+), 118 deletions(-) diff --git a/README.md b/README.md index 1997ee910..5bef0a3ba 100644 --- a/README.md +++ b/README.md @@ -178,7 +178,6 @@ Then perform the following commands on the root folder: | project\_id | The project ID to host the cluster in (required) | `string` | n/a | yes | | region | The region to host the cluster in (optional if zonal cluster / required if regional) | `string` | `null` | no | | regional | Whether is a regional cluster (zonal cluster if set false. WARNING: changing this after cluster creation is destructive!) | `bool` | `true` | no | -| registry\_project\_id | Deprecated. Replaced by `registry_project_ids`. Still works for the purposes of backwards compatibility, but will be removed in a future version. | `string` | `""` | no | | registry\_project\_ids | Projects holding Google Container Registries. If empty, we use the cluster project. If a service account is created and the `grant_registry_access` variable is set to `true`, the `storage.objectViewer` role is assigned on these projects. | `list(string)` | `[]` | no | | release\_channel | The release channel of this cluster. Accepted values are `UNSPECIFIED`, `RAPID`, `REGULAR` and `STABLE`. Defaults to `UNSPECIFIED`. | `string` | `null` | no | | remove\_default\_node\_pool | Remove default node pool while setting up the cluster | `bool` | `false` | no | diff --git a/autogen/main/sa.tf.tmpl b/autogen/main/sa.tf.tmpl index 287072dea..28074556e 100644 --- a/autogen/main/sa.tf.tmpl +++ b/autogen/main/sa.tf.tmpl @@ -26,11 +26,7 @@ locals { // if user set var.service_account it will be used even if var.create_service_account==true, so service account will be created but not used service_account = (var.service_account == "" || var.service_account == "create") && var.create_service_account ? local.service_account_list[0] : var.service_account - registry_projects_list = compact( - length(var.registry_project_ids) == 0 && var.registry_project_id == "" - ? [var.project_id] - : concat([var.registry_project_id], var.registry_project_ids) - ) + registry_projects_list = length(var.registry_project_ids) == 0 ? [var.project_id] : var.registry_project_ids } resource "random_string" "cluster_service_account_suffix" { diff --git a/autogen/main/variables.tf.tmpl b/autogen/main/variables.tf.tmpl index 3dfd9e03c..f3fea7c60 100644 --- a/autogen/main/variables.tf.tmpl +++ b/autogen/main/variables.tf.tmpl @@ -358,12 +358,6 @@ variable "grant_registry_access" { default = false } -variable "registry_project_id" { - type = string - description = "Deprecated. Replaced by `registry_project_ids`. Still works for the purposes of backwards compatibility, but will be removed in a future version." - default = "" -} - variable "registry_project_ids" { type = list(string) description = "Projects holding Google Container Registries. If empty, we use the cluster project. If a service account is created and the `grant_registry_access` variable is set to `true`, the `storage.objectViewer` role is assigned on these projects." diff --git a/autogen/safer-cluster/main.tf.tmpl b/autogen/safer-cluster/main.tf.tmpl index bf79748cb..230f51386 100644 --- a/autogen/safer-cluster/main.tf.tmpl +++ b/autogen/safer-cluster/main.tf.tmpl @@ -100,7 +100,6 @@ module "gke" { // wants to maintain control of their service accounts. create_service_account = var.compute_engine_service_account == "" ? true : false service_account = var.compute_engine_service_account - registry_project_id = var.registry_project_id registry_project_ids = var.registry_project_ids grant_registry_access = var.grant_registry_access diff --git a/autogen/safer-cluster/variables.tf.tmpl b/autogen/safer-cluster/variables.tf.tmpl index b978434d6..6a8a8c4e2 100644 --- a/autogen/safer-cluster/variables.tf.tmpl +++ b/autogen/safer-cluster/variables.tf.tmpl @@ -208,12 +208,6 @@ variable "grant_registry_access" { default = true } -variable "registry_project_id" { - type = string - description = "Deprecated. Replaced by `registry_project_ids`. Still works for the purposes of backwards compatibility, but will be removed in a future version." - default = "" -} - variable "registry_project_ids" { type = list(string) description = "Projects holding Google Container Registries. If empty, we use the cluster project. If a service account is created and the `grant_registry_access` variable is set to `true`, the `storage.objectViewer` role is assigned on these projects." diff --git a/modules/beta-private-cluster-update-variant/README.md b/modules/beta-private-cluster-update-variant/README.md index 3e99c2e7a..f065fb3a5 100644 --- a/modules/beta-private-cluster-update-variant/README.md +++ b/modules/beta-private-cluster-update-variant/README.md @@ -233,7 +233,6 @@ Then perform the following commands on the root folder: | project\_id | The project ID to host the cluster in (required) | `string` | n/a | yes | | region | The region to host the cluster in (optional if zonal cluster / required if regional) | `string` | `null` | no | | regional | Whether is a regional cluster (zonal cluster if set false. WARNING: changing this after cluster creation is destructive!) | `bool` | `true` | no | -| registry\_project\_id | Deprecated. Replaced by `registry_project_ids`. Still works for the purposes of backwards compatibility, but will be removed in a future version. | `string` | `""` | no | | registry\_project\_ids | Projects holding Google Container Registries. If empty, we use the cluster project. If a service account is created and the `grant_registry_access` variable is set to `true`, the `storage.objectViewer` role is assigned on these projects. | `list(string)` | `[]` | no | | release\_channel | The release channel of this cluster. Accepted values are `UNSPECIFIED`, `RAPID`, `REGULAR` and `STABLE`. Defaults to `UNSPECIFIED`. | `string` | `null` | no | | remove\_default\_node\_pool | Remove default node pool while setting up the cluster | `bool` | `false` | no | diff --git a/modules/beta-private-cluster-update-variant/sa.tf b/modules/beta-private-cluster-update-variant/sa.tf index 7ea31ba05..b12b3befd 100644 --- a/modules/beta-private-cluster-update-variant/sa.tf +++ b/modules/beta-private-cluster-update-variant/sa.tf @@ -26,11 +26,7 @@ locals { // if user set var.service_account it will be used even if var.create_service_account==true, so service account will be created but not used service_account = (var.service_account == "" || var.service_account == "create") && var.create_service_account ? local.service_account_list[0] : var.service_account - registry_projects_list = compact( - length(var.registry_project_ids) == 0 && var.registry_project_id == "" - ? [var.project_id] - : concat([var.registry_project_id], var.registry_project_ids) - ) + registry_projects_list = length(var.registry_project_ids) == 0 ? [var.project_id] : var.registry_project_ids } resource "random_string" "cluster_service_account_suffix" { diff --git a/modules/beta-private-cluster-update-variant/variables.tf b/modules/beta-private-cluster-update-variant/variables.tf index b9cbdab3a..cd2487b35 100644 --- a/modules/beta-private-cluster-update-variant/variables.tf +++ b/modules/beta-private-cluster-update-variant/variables.tf @@ -346,12 +346,6 @@ variable "grant_registry_access" { default = false } -variable "registry_project_id" { - type = string - description = "Deprecated. Replaced by `registry_project_ids`. Still works for the purposes of backwards compatibility, but will be removed in a future version." - default = "" -} - variable "registry_project_ids" { type = list(string) description = "Projects holding Google Container Registries. If empty, we use the cluster project. If a service account is created and the `grant_registry_access` variable is set to `true`, the `storage.objectViewer` role is assigned on these projects." diff --git a/modules/beta-private-cluster/README.md b/modules/beta-private-cluster/README.md index 32afa72fe..9dff5b0e3 100644 --- a/modules/beta-private-cluster/README.md +++ b/modules/beta-private-cluster/README.md @@ -211,7 +211,6 @@ Then perform the following commands on the root folder: | project\_id | The project ID to host the cluster in (required) | `string` | n/a | yes | | region | The region to host the cluster in (optional if zonal cluster / required if regional) | `string` | `null` | no | | regional | Whether is a regional cluster (zonal cluster if set false. WARNING: changing this after cluster creation is destructive!) | `bool` | `true` | no | -| registry\_project\_id | Deprecated. Replaced by `registry_project_ids`. Still works for the purposes of backwards compatibility, but will be removed in a future version. | `string` | `""` | no | | registry\_project\_ids | Projects holding Google Container Registries. If empty, we use the cluster project. If a service account is created and the `grant_registry_access` variable is set to `true`, the `storage.objectViewer` role is assigned on these projects. | `list(string)` | `[]` | no | | release\_channel | The release channel of this cluster. Accepted values are `UNSPECIFIED`, `RAPID`, `REGULAR` and `STABLE`. Defaults to `UNSPECIFIED`. | `string` | `null` | no | | remove\_default\_node\_pool | Remove default node pool while setting up the cluster | `bool` | `false` | no | diff --git a/modules/beta-private-cluster/sa.tf b/modules/beta-private-cluster/sa.tf index 7ea31ba05..b12b3befd 100644 --- a/modules/beta-private-cluster/sa.tf +++ b/modules/beta-private-cluster/sa.tf @@ -26,11 +26,7 @@ locals { // if user set var.service_account it will be used even if var.create_service_account==true, so service account will be created but not used service_account = (var.service_account == "" || var.service_account == "create") && var.create_service_account ? local.service_account_list[0] : var.service_account - registry_projects_list = compact( - length(var.registry_project_ids) == 0 && var.registry_project_id == "" - ? [var.project_id] - : concat([var.registry_project_id], var.registry_project_ids) - ) + registry_projects_list = length(var.registry_project_ids) == 0 ? [var.project_id] : var.registry_project_ids } resource "random_string" "cluster_service_account_suffix" { diff --git a/modules/beta-private-cluster/variables.tf b/modules/beta-private-cluster/variables.tf index b9cbdab3a..cd2487b35 100644 --- a/modules/beta-private-cluster/variables.tf +++ b/modules/beta-private-cluster/variables.tf @@ -346,12 +346,6 @@ variable "grant_registry_access" { default = false } -variable "registry_project_id" { - type = string - description = "Deprecated. Replaced by `registry_project_ids`. Still works for the purposes of backwards compatibility, but will be removed in a future version." - default = "" -} - variable "registry_project_ids" { type = list(string) description = "Projects holding Google Container Registries. If empty, we use the cluster project. If a service account is created and the `grant_registry_access` variable is set to `true`, the `storage.objectViewer` role is assigned on these projects." diff --git a/modules/beta-public-cluster-update-variant/README.md b/modules/beta-public-cluster-update-variant/README.md index eca813cc9..8e632524c 100644 --- a/modules/beta-public-cluster-update-variant/README.md +++ b/modules/beta-public-cluster-update-variant/README.md @@ -222,7 +222,6 @@ Then perform the following commands on the root folder: | project\_id | The project ID to host the cluster in (required) | `string` | n/a | yes | | region | The region to host the cluster in (optional if zonal cluster / required if regional) | `string` | `null` | no | | regional | Whether is a regional cluster (zonal cluster if set false. WARNING: changing this after cluster creation is destructive!) | `bool` | `true` | no | -| registry\_project\_id | Deprecated. Replaced by `registry_project_ids`. Still works for the purposes of backwards compatibility, but will be removed in a future version. | `string` | `""` | no | | registry\_project\_ids | Projects holding Google Container Registries. If empty, we use the cluster project. If a service account is created and the `grant_registry_access` variable is set to `true`, the `storage.objectViewer` role is assigned on these projects. | `list(string)` | `[]` | no | | release\_channel | The release channel of this cluster. Accepted values are `UNSPECIFIED`, `RAPID`, `REGULAR` and `STABLE`. Defaults to `UNSPECIFIED`. | `string` | `null` | no | | remove\_default\_node\_pool | Remove default node pool while setting up the cluster | `bool` | `false` | no | diff --git a/modules/beta-public-cluster-update-variant/sa.tf b/modules/beta-public-cluster-update-variant/sa.tf index 7ea31ba05..b12b3befd 100644 --- a/modules/beta-public-cluster-update-variant/sa.tf +++ b/modules/beta-public-cluster-update-variant/sa.tf @@ -26,11 +26,7 @@ locals { // if user set var.service_account it will be used even if var.create_service_account==true, so service account will be created but not used service_account = (var.service_account == "" || var.service_account == "create") && var.create_service_account ? local.service_account_list[0] : var.service_account - registry_projects_list = compact( - length(var.registry_project_ids) == 0 && var.registry_project_id == "" - ? [var.project_id] - : concat([var.registry_project_id], var.registry_project_ids) - ) + registry_projects_list = length(var.registry_project_ids) == 0 ? [var.project_id] : var.registry_project_ids } resource "random_string" "cluster_service_account_suffix" { diff --git a/modules/beta-public-cluster-update-variant/variables.tf b/modules/beta-public-cluster-update-variant/variables.tf index fc59b854f..0deb6f32d 100644 --- a/modules/beta-public-cluster-update-variant/variables.tf +++ b/modules/beta-public-cluster-update-variant/variables.tf @@ -346,12 +346,6 @@ variable "grant_registry_access" { default = false } -variable "registry_project_id" { - type = string - description = "Deprecated. Replaced by `registry_project_ids`. Still works for the purposes of backwards compatibility, but will be removed in a future version." - default = "" -} - variable "registry_project_ids" { type = list(string) description = "Projects holding Google Container Registries. If empty, we use the cluster project. If a service account is created and the `grant_registry_access` variable is set to `true`, the `storage.objectViewer` role is assigned on these projects." diff --git a/modules/beta-public-cluster/README.md b/modules/beta-public-cluster/README.md index 65b5e790a..39f353544 100644 --- a/modules/beta-public-cluster/README.md +++ b/modules/beta-public-cluster/README.md @@ -200,7 +200,6 @@ Then perform the following commands on the root folder: | project\_id | The project ID to host the cluster in (required) | `string` | n/a | yes | | region | The region to host the cluster in (optional if zonal cluster / required if regional) | `string` | `null` | no | | regional | Whether is a regional cluster (zonal cluster if set false. WARNING: changing this after cluster creation is destructive!) | `bool` | `true` | no | -| registry\_project\_id | Deprecated. Replaced by `registry_project_ids`. Still works for the purposes of backwards compatibility, but will be removed in a future version. | `string` | `""` | no | | registry\_project\_ids | Projects holding Google Container Registries. If empty, we use the cluster project. If a service account is created and the `grant_registry_access` variable is set to `true`, the `storage.objectViewer` role is assigned on these projects. | `list(string)` | `[]` | no | | release\_channel | The release channel of this cluster. Accepted values are `UNSPECIFIED`, `RAPID`, `REGULAR` and `STABLE`. Defaults to `UNSPECIFIED`. | `string` | `null` | no | | remove\_default\_node\_pool | Remove default node pool while setting up the cluster | `bool` | `false` | no | diff --git a/modules/beta-public-cluster/sa.tf b/modules/beta-public-cluster/sa.tf index 7ea31ba05..b12b3befd 100644 --- a/modules/beta-public-cluster/sa.tf +++ b/modules/beta-public-cluster/sa.tf @@ -26,11 +26,7 @@ locals { // if user set var.service_account it will be used even if var.create_service_account==true, so service account will be created but not used service_account = (var.service_account == "" || var.service_account == "create") && var.create_service_account ? local.service_account_list[0] : var.service_account - registry_projects_list = compact( - length(var.registry_project_ids) == 0 && var.registry_project_id == "" - ? [var.project_id] - : concat([var.registry_project_id], var.registry_project_ids) - ) + registry_projects_list = length(var.registry_project_ids) == 0 ? [var.project_id] : var.registry_project_ids } resource "random_string" "cluster_service_account_suffix" { diff --git a/modules/beta-public-cluster/variables.tf b/modules/beta-public-cluster/variables.tf index fc59b854f..0deb6f32d 100644 --- a/modules/beta-public-cluster/variables.tf +++ b/modules/beta-public-cluster/variables.tf @@ -346,12 +346,6 @@ variable "grant_registry_access" { default = false } -variable "registry_project_id" { - type = string - description = "Deprecated. Replaced by `registry_project_ids`. Still works for the purposes of backwards compatibility, but will be removed in a future version." - default = "" -} - variable "registry_project_ids" { type = list(string) description = "Projects holding Google Container Registries. If empty, we use the cluster project. If a service account is created and the `grant_registry_access` variable is set to `true`, the `storage.objectViewer` role is assigned on these projects." diff --git a/modules/private-cluster-update-variant/README.md b/modules/private-cluster-update-variant/README.md index be0359347..e5ce66761 100644 --- a/modules/private-cluster-update-variant/README.md +++ b/modules/private-cluster-update-variant/README.md @@ -210,7 +210,6 @@ Then perform the following commands on the root folder: | project\_id | The project ID to host the cluster in (required) | `string` | n/a | yes | | region | The region to host the cluster in (optional if zonal cluster / required if regional) | `string` | `null` | no | | regional | Whether is a regional cluster (zonal cluster if set false. WARNING: changing this after cluster creation is destructive!) | `bool` | `true` | no | -| registry\_project\_id | Deprecated. Replaced by `registry_project_ids`. Still works for the purposes of backwards compatibility, but will be removed in a future version. | `string` | `""` | no | | registry\_project\_ids | Projects holding Google Container Registries. If empty, we use the cluster project. If a service account is created and the `grant_registry_access` variable is set to `true`, the `storage.objectViewer` role is assigned on these projects. | `list(string)` | `[]` | no | | release\_channel | The release channel of this cluster. Accepted values are `UNSPECIFIED`, `RAPID`, `REGULAR` and `STABLE`. Defaults to `UNSPECIFIED`. | `string` | `null` | no | | remove\_default\_node\_pool | Remove default node pool while setting up the cluster | `bool` | `false` | no | diff --git a/modules/private-cluster-update-variant/sa.tf b/modules/private-cluster-update-variant/sa.tf index 7ea31ba05..b12b3befd 100644 --- a/modules/private-cluster-update-variant/sa.tf +++ b/modules/private-cluster-update-variant/sa.tf @@ -26,11 +26,7 @@ locals { // if user set var.service_account it will be used even if var.create_service_account==true, so service account will be created but not used service_account = (var.service_account == "" || var.service_account == "create") && var.create_service_account ? local.service_account_list[0] : var.service_account - registry_projects_list = compact( - length(var.registry_project_ids) == 0 && var.registry_project_id == "" - ? [var.project_id] - : concat([var.registry_project_id], var.registry_project_ids) - ) + registry_projects_list = length(var.registry_project_ids) == 0 ? [var.project_id] : var.registry_project_ids } resource "random_string" "cluster_service_account_suffix" { diff --git a/modules/private-cluster-update-variant/variables.tf b/modules/private-cluster-update-variant/variables.tf index 3131f26fa..1d2dde3fc 100644 --- a/modules/private-cluster-update-variant/variables.tf +++ b/modules/private-cluster-update-variant/variables.tf @@ -310,12 +310,6 @@ variable "grant_registry_access" { default = false } -variable "registry_project_id" { - type = string - description = "Deprecated. Replaced by `registry_project_ids`. Still works for the purposes of backwards compatibility, but will be removed in a future version." - default = "" -} - variable "registry_project_ids" { type = list(string) description = "Projects holding Google Container Registries. If empty, we use the cluster project. If a service account is created and the `grant_registry_access` variable is set to `true`, the `storage.objectViewer` role is assigned on these projects." diff --git a/modules/private-cluster/README.md b/modules/private-cluster/README.md index 88981d751..b3e82a7a4 100644 --- a/modules/private-cluster/README.md +++ b/modules/private-cluster/README.md @@ -188,7 +188,6 @@ Then perform the following commands on the root folder: | project\_id | The project ID to host the cluster in (required) | `string` | n/a | yes | | region | The region to host the cluster in (optional if zonal cluster / required if regional) | `string` | `null` | no | | regional | Whether is a regional cluster (zonal cluster if set false. WARNING: changing this after cluster creation is destructive!) | `bool` | `true` | no | -| registry\_project\_id | Deprecated. Replaced by `registry_project_ids`. Still works for the purposes of backwards compatibility, but will be removed in a future version. | `string` | `""` | no | | registry\_project\_ids | Projects holding Google Container Registries. If empty, we use the cluster project. If a service account is created and the `grant_registry_access` variable is set to `true`, the `storage.objectViewer` role is assigned on these projects. | `list(string)` | `[]` | no | | release\_channel | The release channel of this cluster. Accepted values are `UNSPECIFIED`, `RAPID`, `REGULAR` and `STABLE`. Defaults to `UNSPECIFIED`. | `string` | `null` | no | | remove\_default\_node\_pool | Remove default node pool while setting up the cluster | `bool` | `false` | no | diff --git a/modules/private-cluster/sa.tf b/modules/private-cluster/sa.tf index 7ea31ba05..b12b3befd 100644 --- a/modules/private-cluster/sa.tf +++ b/modules/private-cluster/sa.tf @@ -26,11 +26,7 @@ locals { // if user set var.service_account it will be used even if var.create_service_account==true, so service account will be created but not used service_account = (var.service_account == "" || var.service_account == "create") && var.create_service_account ? local.service_account_list[0] : var.service_account - registry_projects_list = compact( - length(var.registry_project_ids) == 0 && var.registry_project_id == "" - ? [var.project_id] - : concat([var.registry_project_id], var.registry_project_ids) - ) + registry_projects_list = length(var.registry_project_ids) == 0 ? [var.project_id] : var.registry_project_ids } resource "random_string" "cluster_service_account_suffix" { diff --git a/modules/private-cluster/variables.tf b/modules/private-cluster/variables.tf index 3131f26fa..1d2dde3fc 100644 --- a/modules/private-cluster/variables.tf +++ b/modules/private-cluster/variables.tf @@ -310,12 +310,6 @@ variable "grant_registry_access" { default = false } -variable "registry_project_id" { - type = string - description = "Deprecated. Replaced by `registry_project_ids`. Still works for the purposes of backwards compatibility, but will be removed in a future version." - default = "" -} - variable "registry_project_ids" { type = list(string) description = "Projects holding Google Container Registries. If empty, we use the cluster project. If a service account is created and the `grant_registry_access` variable is set to `true`, the `storage.objectViewer` role is assigned on these projects." diff --git a/modules/safer-cluster-update-variant/README.md b/modules/safer-cluster-update-variant/README.md index 99e42298f..0f86a5009 100644 --- a/modules/safer-cluster-update-variant/README.md +++ b/modules/safer-cluster-update-variant/README.md @@ -250,7 +250,6 @@ For simplicity, we suggest using `roles/container.admin` and | project\_id | The project ID to host the cluster in | `string` | n/a | yes | | region | The region to host the cluster in | `string` | n/a | yes | | regional | Whether is a regional cluster (zonal cluster if set false. WARNING: changing this after cluster creation is destructive!) | `bool` | `true` | no | -| registry\_project\_id | Deprecated. Replaced by `registry_project_ids`. Still works for the purposes of backwards compatibility, but will be removed in a future version. | `string` | `""` | no | | registry\_project\_ids | Projects holding Google Container Registries. If empty, we use the cluster project. If a service account is created and the `grant_registry_access` variable is set to `true`, the `storage.objectViewer` role is assigned on these projects. | `list(string)` | `[]` | no | | release\_channel | (Beta) The release channel of this cluster. Accepted values are `UNSPECIFIED`, `RAPID`, `REGULAR` and `STABLE`. Defaults to `REGULAR`. | `string` | `"REGULAR"` | no | | resource\_usage\_export\_dataset\_id | The dataset id for which network egress metering for this cluster will be enabled. If enabled, a daemonset will be created in the cluster to meter network egress traffic. | `string` | `""` | no | diff --git a/modules/safer-cluster-update-variant/main.tf b/modules/safer-cluster-update-variant/main.tf index 97be992c8..1d48fd9aa 100644 --- a/modules/safer-cluster-update-variant/main.tf +++ b/modules/safer-cluster-update-variant/main.tf @@ -96,7 +96,6 @@ module "gke" { // wants to maintain control of their service accounts. create_service_account = var.compute_engine_service_account == "" ? true : false service_account = var.compute_engine_service_account - registry_project_id = var.registry_project_id registry_project_ids = var.registry_project_ids grant_registry_access = var.grant_registry_access diff --git a/modules/safer-cluster-update-variant/variables.tf b/modules/safer-cluster-update-variant/variables.tf index e64b3fb75..c5bfbde88 100644 --- a/modules/safer-cluster-update-variant/variables.tf +++ b/modules/safer-cluster-update-variant/variables.tf @@ -208,12 +208,6 @@ variable "grant_registry_access" { default = true } -variable "registry_project_id" { - type = string - description = "Deprecated. Replaced by `registry_project_ids`. Still works for the purposes of backwards compatibility, but will be removed in a future version." - default = "" -} - variable "registry_project_ids" { type = list(string) description = "Projects holding Google Container Registries. If empty, we use the cluster project. If a service account is created and the `grant_registry_access` variable is set to `true`, the `storage.objectViewer` role is assigned on these projects." diff --git a/modules/safer-cluster/README.md b/modules/safer-cluster/README.md index 99e42298f..0f86a5009 100644 --- a/modules/safer-cluster/README.md +++ b/modules/safer-cluster/README.md @@ -250,7 +250,6 @@ For simplicity, we suggest using `roles/container.admin` and | project\_id | The project ID to host the cluster in | `string` | n/a | yes | | region | The region to host the cluster in | `string` | n/a | yes | | regional | Whether is a regional cluster (zonal cluster if set false. WARNING: changing this after cluster creation is destructive!) | `bool` | `true` | no | -| registry\_project\_id | Deprecated. Replaced by `registry_project_ids`. Still works for the purposes of backwards compatibility, but will be removed in a future version. | `string` | `""` | no | | registry\_project\_ids | Projects holding Google Container Registries. If empty, we use the cluster project. If a service account is created and the `grant_registry_access` variable is set to `true`, the `storage.objectViewer` role is assigned on these projects. | `list(string)` | `[]` | no | | release\_channel | (Beta) The release channel of this cluster. Accepted values are `UNSPECIFIED`, `RAPID`, `REGULAR` and `STABLE`. Defaults to `REGULAR`. | `string` | `"REGULAR"` | no | | resource\_usage\_export\_dataset\_id | The dataset id for which network egress metering for this cluster will be enabled. If enabled, a daemonset will be created in the cluster to meter network egress traffic. | `string` | `""` | no | diff --git a/modules/safer-cluster/main.tf b/modules/safer-cluster/main.tf index 49731d5b2..7ceb2b286 100644 --- a/modules/safer-cluster/main.tf +++ b/modules/safer-cluster/main.tf @@ -96,7 +96,6 @@ module "gke" { // wants to maintain control of their service accounts. create_service_account = var.compute_engine_service_account == "" ? true : false service_account = var.compute_engine_service_account - registry_project_id = var.registry_project_id registry_project_ids = var.registry_project_ids grant_registry_access = var.grant_registry_access diff --git a/modules/safer-cluster/variables.tf b/modules/safer-cluster/variables.tf index e64b3fb75..c5bfbde88 100644 --- a/modules/safer-cluster/variables.tf +++ b/modules/safer-cluster/variables.tf @@ -208,12 +208,6 @@ variable "grant_registry_access" { default = true } -variable "registry_project_id" { - type = string - description = "Deprecated. Replaced by `registry_project_ids`. Still works for the purposes of backwards compatibility, but will be removed in a future version." - default = "" -} - variable "registry_project_ids" { type = list(string) description = "Projects holding Google Container Registries. If empty, we use the cluster project. If a service account is created and the `grant_registry_access` variable is set to `true`, the `storage.objectViewer` role is assigned on these projects." diff --git a/sa.tf b/sa.tf index 7ea31ba05..b12b3befd 100644 --- a/sa.tf +++ b/sa.tf @@ -26,11 +26,7 @@ locals { // if user set var.service_account it will be used even if var.create_service_account==true, so service account will be created but not used service_account = (var.service_account == "" || var.service_account == "create") && var.create_service_account ? local.service_account_list[0] : var.service_account - registry_projects_list = compact( - length(var.registry_project_ids) == 0 && var.registry_project_id == "" - ? [var.project_id] - : concat([var.registry_project_id], var.registry_project_ids) - ) + registry_projects_list = length(var.registry_project_ids) == 0 ? [var.project_id] : var.registry_project_ids } resource "random_string" "cluster_service_account_suffix" { diff --git a/variables.tf b/variables.tf index a386da2fc..c0bd3b6ee 100644 --- a/variables.tf +++ b/variables.tf @@ -310,12 +310,6 @@ variable "grant_registry_access" { default = false } -variable "registry_project_id" { - type = string - description = "Deprecated. Replaced by `registry_project_ids`. Still works for the purposes of backwards compatibility, but will be removed in a future version." - default = "" -} - variable "registry_project_ids" { type = list(string) description = "Projects holding Google Container Registries. If empty, we use the cluster project. If a service account is created and the `grant_registry_access` variable is set to `true`, the `storage.objectViewer` role is assigned on these projects."