From 966135f2d201d2d05032f31753c87e4f7d43b00a Mon Sep 17 00:00:00 2001 From: Tolsee Date: Sat, 14 Jan 2023 07:01:55 +0545 Subject: [PATCH] feat!: promote gke_backup_agent_config to ga (#1513) --- README.md | 1 + autogen/main/cluster.tf.tmpl | 16 ++++++++-------- autogen/main/main.tf.tmpl | 2 +- autogen/main/variables.tf.tmpl | 12 ++++++------ autogen/main/versions.tf.tmpl | 2 +- cluster.tf | 8 ++++++++ main.tf | 1 + .../beta-autopilot-private-cluster/versions.tf | 2 +- .../beta-autopilot-public-cluster/versions.tf | 2 +- .../README.md | 2 +- .../cluster.tf | 16 ++++++++-------- .../beta-private-cluster-update-variant/main.tf | 2 +- .../variables.tf | 12 ++++++------ .../versions.tf | 2 +- modules/beta-private-cluster/README.md | 2 +- modules/beta-private-cluster/cluster.tf | 16 ++++++++-------- modules/beta-private-cluster/main.tf | 2 +- modules/beta-private-cluster/variables.tf | 12 ++++++------ modules/beta-private-cluster/versions.tf | 2 +- .../beta-public-cluster-update-variant/README.md | 2 +- .../cluster.tf | 16 ++++++++-------- .../beta-public-cluster-update-variant/main.tf | 2 +- .../variables.tf | 12 ++++++------ .../versions.tf | 2 +- modules/beta-public-cluster/README.md | 2 +- modules/beta-public-cluster/cluster.tf | 16 ++++++++-------- modules/beta-public-cluster/main.tf | 2 +- modules/beta-public-cluster/variables.tf | 12 ++++++------ modules/beta-public-cluster/versions.tf | 2 +- modules/private-cluster-update-variant/README.md | 1 + .../private-cluster-update-variant/cluster.tf | 8 ++++++++ modules/private-cluster-update-variant/main.tf | 1 + .../private-cluster-update-variant/variables.tf | 6 ++++++ modules/private-cluster/README.md | 1 + modules/private-cluster/cluster.tf | 8 ++++++++ modules/private-cluster/main.tf | 1 + modules/private-cluster/variables.tf | 6 ++++++ .../testdata/TestDisableClientCert.json | 1 + .../testdata/TestPrivateZonalWithNetworking.json | 1 + variables.tf | 6 ++++++ 40 files changed, 136 insertions(+), 86 deletions(-) diff --git a/README.md b/README.md index 4e34f2c6b..7bb313042 100644 --- a/README.md +++ b/README.md @@ -158,6 +158,7 @@ Then perform the following commands on the root folder: | firewall\_priority | Priority rule for firewall rules | `number` | `1000` | no | | gateway\_api\_channel | The gateway api channel of this cluster. Accepted values are `CHANNEL_STANDARD` and `CHANNEL_DISABLED`. | `string` | `null` | no | | gce\_pd\_csi\_driver | Whether this cluster should enable the Google Compute Engine Persistent Disk Container Storage Interface (CSI) Driver. | `bool` | `true` | no | +| gke\_backup\_agent\_config | Whether Backup for GKE agent is enabled for this cluster. | `bool` | `false` | no | | grant\_registry\_access | Grants created cluster-specific service account storage.objectViewer and artifactregistry.reader roles. | `bool` | `false` | no | | horizontal\_pod\_autoscaling | Enable horizontal pod autoscaling addon | `bool` | `true` | no | | http\_load\_balancing | Enable httpload balancer addon | `bool` | `true` | no | diff --git a/autogen/main/cluster.tf.tmpl b/autogen/main/cluster.tf.tmpl index 67f30694d..52e06cfa1 100644 --- a/autogen/main/cluster.tf.tmpl +++ b/autogen/main/cluster.tf.tmpl @@ -259,6 +259,14 @@ resource "google_container_cluster" "primary" { enabled = gce_persistent_disk_csi_driver_config.value.enabled } } + + dynamic "gke_backup_agent_config" { + for_each = local.gke_backup_agent_config + + content { + enabled = gke_backup_agent_config.value.enabled + } + } {% endif %} {% if beta_cluster and autopilot_cluster != true %} @@ -282,14 +290,6 @@ resource "google_container_cluster" "primary" { config_connector_config { enabled = var.config_connector } - - dynamic "gke_backup_agent_config" { - for_each = local.gke_backup_agent_config - - content { - enabled = gke_backup_agent_config.value.enabled - } - } {% endif %} } diff --git a/autogen/main/main.tf.tmpl b/autogen/main/main.tf.tmpl index cb637d58a..e665d694d 100644 --- a/autogen/main/main.tf.tmpl +++ b/autogen/main/main.tf.tmpl @@ -103,6 +103,7 @@ locals { }] cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus + gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] {% endif %} {% if beta_cluster and autopilot_cluster != true %} cluster_cloudrun_config_load_balancer_config = (var.cloudrun && var.cloudrun_load_balancer_type != "") ? { @@ -117,7 +118,6 @@ locals { ) ] : [] cluster_cloudrun_enabled = var.cloudrun - gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] {% endif %} cluster_authenticator_security_group = var.authenticator_security_group == null ? [] : [{ diff --git a/autogen/main/variables.tf.tmpl b/autogen/main/variables.tf.tmpl index ff3c153b8..6f3e28717 100644 --- a/autogen/main/variables.tf.tmpl +++ b/autogen/main/variables.tf.tmpl @@ -641,6 +641,12 @@ variable "gce_pd_csi_driver" { default = true } +variable "gke_backup_agent_config" { + type = bool + description = "Whether Backup for GKE agent is enabled for this cluster." + default = false +} + {% endif %} variable "timeouts" { type = map(string) @@ -703,12 +709,6 @@ variable "config_connector" { default = false } -variable "gke_backup_agent_config" { - type = bool - description = "(Beta) Whether Backup for GKE agent is enabled for this cluster." - default = false -} - variable "cloudrun" { description = "(Beta) Enable CloudRun addon" default = false diff --git a/autogen/main/versions.tf.tmpl b/autogen/main/versions.tf.tmpl index 2c36fce02..50f1c956b 100644 --- a/autogen/main/versions.tf.tmpl +++ b/autogen/main/versions.tf.tmpl @@ -24,7 +24,7 @@ terraform { required_providers { google-beta = { source = "hashicorp/google-beta" - version = ">= 4.46.0, < 5.0" + version = ">= 4.47.0, < 5.0" } kubernetes = { source = "hashicorp/kubernetes" diff --git a/cluster.tf b/cluster.tf index e0fa17b8a..af621528f 100644 --- a/cluster.tf +++ b/cluster.tf @@ -184,6 +184,14 @@ resource "google_container_cluster" "primary" { enabled = gce_persistent_disk_csi_driver_config.value.enabled } } + + dynamic "gke_backup_agent_config" { + for_each = local.gke_backup_agent_config + + content { + enabled = gke_backup_agent_config.value.enabled + } + } } datapath_provider = var.datapath_provider diff --git a/main.tf b/main.tf index 41a6e1c3c..48bf66213 100644 --- a/main.tf +++ b/main.tf @@ -85,6 +85,7 @@ locals { }] cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus + gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] cluster_authenticator_security_group = var.authenticator_security_group == null ? [] : [{ security_group = var.authenticator_security_group diff --git a/modules/beta-autopilot-private-cluster/versions.tf b/modules/beta-autopilot-private-cluster/versions.tf index e0d011de5..0e367f034 100644 --- a/modules/beta-autopilot-private-cluster/versions.tf +++ b/modules/beta-autopilot-private-cluster/versions.tf @@ -21,7 +21,7 @@ terraform { required_providers { google-beta = { source = "hashicorp/google-beta" - version = ">= 4.46.0, < 5.0" + version = ">= 4.47.0, < 5.0" } kubernetes = { source = "hashicorp/kubernetes" diff --git a/modules/beta-autopilot-public-cluster/versions.tf b/modules/beta-autopilot-public-cluster/versions.tf index 5c1a49a6a..6df195547 100644 --- a/modules/beta-autopilot-public-cluster/versions.tf +++ b/modules/beta-autopilot-public-cluster/versions.tf @@ -21,7 +21,7 @@ terraform { required_providers { google-beta = { source = "hashicorp/google-beta" - version = ">= 4.46.0, < 5.0" + version = ">= 4.47.0, < 5.0" } kubernetes = { source = "hashicorp/kubernetes" diff --git a/modules/beta-private-cluster-update-variant/README.md b/modules/beta-private-cluster-update-variant/README.md index 9bb5cf130..c770bc913 100644 --- a/modules/beta-private-cluster-update-variant/README.md +++ b/modules/beta-private-cluster-update-variant/README.md @@ -203,7 +203,7 @@ Then perform the following commands on the root folder: | firewall\_priority | Priority rule for firewall rules | `number` | `1000` | no | | gateway\_api\_channel | The gateway api channel of this cluster. Accepted values are `CHANNEL_STANDARD` and `CHANNEL_DISABLED`. | `string` | `null` | no | | gce\_pd\_csi\_driver | Whether this cluster should enable the Google Compute Engine Persistent Disk Container Storage Interface (CSI) Driver. | `bool` | `true` | no | -| gke\_backup\_agent\_config | (Beta) Whether Backup for GKE agent is enabled for this cluster. | `bool` | `false` | no | +| gke\_backup\_agent\_config | Whether Backup for GKE agent is enabled for this cluster. | `bool` | `false` | no | | grant\_registry\_access | Grants created cluster-specific service account storage.objectViewer and artifactregistry.reader roles. | `bool` | `false` | no | | horizontal\_pod\_autoscaling | Enable horizontal pod autoscaling addon | `bool` | `true` | no | | http\_load\_balancing | Enable httpload balancer addon | `bool` | `true` | no | diff --git a/modules/beta-private-cluster-update-variant/cluster.tf b/modules/beta-private-cluster-update-variant/cluster.tf index 35432586e..467915f46 100644 --- a/modules/beta-private-cluster-update-variant/cluster.tf +++ b/modules/beta-private-cluster-update-variant/cluster.tf @@ -217,6 +217,14 @@ resource "google_container_cluster" "primary" { } } + dynamic "gke_backup_agent_config" { + for_each = local.gke_backup_agent_config + + content { + enabled = gke_backup_agent_config.value.enabled + } + } + istio_config { disabled = !var.istio auth = var.istio_auth @@ -237,14 +245,6 @@ resource "google_container_cluster" "primary" { config_connector_config { enabled = var.config_connector } - - dynamic "gke_backup_agent_config" { - for_each = local.gke_backup_agent_config - - content { - enabled = gke_backup_agent_config.value.enabled - } - } } datapath_provider = var.datapath_provider diff --git a/modules/beta-private-cluster-update-variant/main.tf b/modules/beta-private-cluster-update-variant/main.tf index 73521f01e..975390944 100644 --- a/modules/beta-private-cluster-update-variant/main.tf +++ b/modules/beta-private-cluster-update-variant/main.tf @@ -86,6 +86,7 @@ locals { }] cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus + gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] cluster_cloudrun_config_load_balancer_config = (var.cloudrun && var.cloudrun_load_balancer_type != "") ? { load_balancer_type = var.cloudrun_load_balancer_type } : {} @@ -98,7 +99,6 @@ locals { ) ] : [] cluster_cloudrun_enabled = var.cloudrun - gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] cluster_authenticator_security_group = var.authenticator_security_group == null ? [] : [{ security_group = var.authenticator_security_group diff --git a/modules/beta-private-cluster-update-variant/variables.tf b/modules/beta-private-cluster-update-variant/variables.tf index a1c33bb50..558a3c9e2 100644 --- a/modules/beta-private-cluster-update-variant/variables.tf +++ b/modules/beta-private-cluster-update-variant/variables.tf @@ -614,6 +614,12 @@ variable "gce_pd_csi_driver" { default = true } +variable "gke_backup_agent_config" { + type = bool + description = "Whether Backup for GKE agent is enabled for this cluster." + default = false +} + variable "timeouts" { type = map(string) description = "Timeout for cluster operations." @@ -671,12 +677,6 @@ variable "config_connector" { default = false } -variable "gke_backup_agent_config" { - type = bool - description = "(Beta) Whether Backup for GKE agent is enabled for this cluster." - default = false -} - variable "cloudrun" { description = "(Beta) Enable CloudRun addon" default = false diff --git a/modules/beta-private-cluster-update-variant/versions.tf b/modules/beta-private-cluster-update-variant/versions.tf index ef70d94a7..d578a8020 100644 --- a/modules/beta-private-cluster-update-variant/versions.tf +++ b/modules/beta-private-cluster-update-variant/versions.tf @@ -21,7 +21,7 @@ terraform { required_providers { google-beta = { source = "hashicorp/google-beta" - version = ">= 4.46.0, < 5.0" + version = ">= 4.47.0, < 5.0" } kubernetes = { source = "hashicorp/kubernetes" diff --git a/modules/beta-private-cluster/README.md b/modules/beta-private-cluster/README.md index 6f46c9ae4..64f126ba8 100644 --- a/modules/beta-private-cluster/README.md +++ b/modules/beta-private-cluster/README.md @@ -181,7 +181,7 @@ Then perform the following commands on the root folder: | firewall\_priority | Priority rule for firewall rules | `number` | `1000` | no | | gateway\_api\_channel | The gateway api channel of this cluster. Accepted values are `CHANNEL_STANDARD` and `CHANNEL_DISABLED`. | `string` | `null` | no | | gce\_pd\_csi\_driver | Whether this cluster should enable the Google Compute Engine Persistent Disk Container Storage Interface (CSI) Driver. | `bool` | `true` | no | -| gke\_backup\_agent\_config | (Beta) Whether Backup for GKE agent is enabled for this cluster. | `bool` | `false` | no | +| gke\_backup\_agent\_config | Whether Backup for GKE agent is enabled for this cluster. | `bool` | `false` | no | | grant\_registry\_access | Grants created cluster-specific service account storage.objectViewer and artifactregistry.reader roles. | `bool` | `false` | no | | horizontal\_pod\_autoscaling | Enable horizontal pod autoscaling addon | `bool` | `true` | no | | http\_load\_balancing | Enable httpload balancer addon | `bool` | `true` | no | diff --git a/modules/beta-private-cluster/cluster.tf b/modules/beta-private-cluster/cluster.tf index 7b5425c9d..8d9575147 100644 --- a/modules/beta-private-cluster/cluster.tf +++ b/modules/beta-private-cluster/cluster.tf @@ -217,6 +217,14 @@ resource "google_container_cluster" "primary" { } } + dynamic "gke_backup_agent_config" { + for_each = local.gke_backup_agent_config + + content { + enabled = gke_backup_agent_config.value.enabled + } + } + istio_config { disabled = !var.istio auth = var.istio_auth @@ -237,14 +245,6 @@ resource "google_container_cluster" "primary" { config_connector_config { enabled = var.config_connector } - - dynamic "gke_backup_agent_config" { - for_each = local.gke_backup_agent_config - - content { - enabled = gke_backup_agent_config.value.enabled - } - } } datapath_provider = var.datapath_provider diff --git a/modules/beta-private-cluster/main.tf b/modules/beta-private-cluster/main.tf index 73521f01e..975390944 100644 --- a/modules/beta-private-cluster/main.tf +++ b/modules/beta-private-cluster/main.tf @@ -86,6 +86,7 @@ locals { }] cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus + gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] cluster_cloudrun_config_load_balancer_config = (var.cloudrun && var.cloudrun_load_balancer_type != "") ? { load_balancer_type = var.cloudrun_load_balancer_type } : {} @@ -98,7 +99,6 @@ locals { ) ] : [] cluster_cloudrun_enabled = var.cloudrun - gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] cluster_authenticator_security_group = var.authenticator_security_group == null ? [] : [{ security_group = var.authenticator_security_group diff --git a/modules/beta-private-cluster/variables.tf b/modules/beta-private-cluster/variables.tf index a1c33bb50..558a3c9e2 100644 --- a/modules/beta-private-cluster/variables.tf +++ b/modules/beta-private-cluster/variables.tf @@ -614,6 +614,12 @@ variable "gce_pd_csi_driver" { default = true } +variable "gke_backup_agent_config" { + type = bool + description = "Whether Backup for GKE agent is enabled for this cluster." + default = false +} + variable "timeouts" { type = map(string) description = "Timeout for cluster operations." @@ -671,12 +677,6 @@ variable "config_connector" { default = false } -variable "gke_backup_agent_config" { - type = bool - description = "(Beta) Whether Backup for GKE agent is enabled for this cluster." - default = false -} - variable "cloudrun" { description = "(Beta) Enable CloudRun addon" default = false diff --git a/modules/beta-private-cluster/versions.tf b/modules/beta-private-cluster/versions.tf index b7ba568fc..2fc9d7c76 100644 --- a/modules/beta-private-cluster/versions.tf +++ b/modules/beta-private-cluster/versions.tf @@ -21,7 +21,7 @@ terraform { required_providers { google-beta = { source = "hashicorp/google-beta" - version = ">= 4.46.0, < 5.0" + version = ">= 4.47.0, < 5.0" } kubernetes = { source = "hashicorp/kubernetes" diff --git a/modules/beta-public-cluster-update-variant/README.md b/modules/beta-public-cluster-update-variant/README.md index 58e14ec26..5c9e6a1c4 100644 --- a/modules/beta-public-cluster-update-variant/README.md +++ b/modules/beta-public-cluster-update-variant/README.md @@ -194,7 +194,7 @@ Then perform the following commands on the root folder: | firewall\_priority | Priority rule for firewall rules | `number` | `1000` | no | | gateway\_api\_channel | The gateway api channel of this cluster. Accepted values are `CHANNEL_STANDARD` and `CHANNEL_DISABLED`. | `string` | `null` | no | | gce\_pd\_csi\_driver | Whether this cluster should enable the Google Compute Engine Persistent Disk Container Storage Interface (CSI) Driver. | `bool` | `true` | no | -| gke\_backup\_agent\_config | (Beta) Whether Backup for GKE agent is enabled for this cluster. | `bool` | `false` | no | +| gke\_backup\_agent\_config | Whether Backup for GKE agent is enabled for this cluster. | `bool` | `false` | no | | grant\_registry\_access | Grants created cluster-specific service account storage.objectViewer and artifactregistry.reader roles. | `bool` | `false` | no | | horizontal\_pod\_autoscaling | Enable horizontal pod autoscaling addon | `bool` | `true` | no | | http\_load\_balancing | Enable httpload balancer addon | `bool` | `true` | no | diff --git a/modules/beta-public-cluster-update-variant/cluster.tf b/modules/beta-public-cluster-update-variant/cluster.tf index 8480a0bfb..161088310 100644 --- a/modules/beta-public-cluster-update-variant/cluster.tf +++ b/modules/beta-public-cluster-update-variant/cluster.tf @@ -217,6 +217,14 @@ resource "google_container_cluster" "primary" { } } + dynamic "gke_backup_agent_config" { + for_each = local.gke_backup_agent_config + + content { + enabled = gke_backup_agent_config.value.enabled + } + } + istio_config { disabled = !var.istio auth = var.istio_auth @@ -237,14 +245,6 @@ resource "google_container_cluster" "primary" { config_connector_config { enabled = var.config_connector } - - dynamic "gke_backup_agent_config" { - for_each = local.gke_backup_agent_config - - content { - enabled = gke_backup_agent_config.value.enabled - } - } } datapath_provider = var.datapath_provider diff --git a/modules/beta-public-cluster-update-variant/main.tf b/modules/beta-public-cluster-update-variant/main.tf index eac084000..491200ba7 100644 --- a/modules/beta-public-cluster-update-variant/main.tf +++ b/modules/beta-public-cluster-update-variant/main.tf @@ -86,6 +86,7 @@ locals { }] cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus + gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] cluster_cloudrun_config_load_balancer_config = (var.cloudrun && var.cloudrun_load_balancer_type != "") ? { load_balancer_type = var.cloudrun_load_balancer_type } : {} @@ -98,7 +99,6 @@ locals { ) ] : [] cluster_cloudrun_enabled = var.cloudrun - gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] cluster_authenticator_security_group = var.authenticator_security_group == null ? [] : [{ security_group = var.authenticator_security_group diff --git a/modules/beta-public-cluster-update-variant/variables.tf b/modules/beta-public-cluster-update-variant/variables.tf index 85dfbd432..56f603751 100644 --- a/modules/beta-public-cluster-update-variant/variables.tf +++ b/modules/beta-public-cluster-update-variant/variables.tf @@ -584,6 +584,12 @@ variable "gce_pd_csi_driver" { default = true } +variable "gke_backup_agent_config" { + type = bool + description = "Whether Backup for GKE agent is enabled for this cluster." + default = false +} + variable "timeouts" { type = map(string) description = "Timeout for cluster operations." @@ -641,12 +647,6 @@ variable "config_connector" { default = false } -variable "gke_backup_agent_config" { - type = bool - description = "(Beta) Whether Backup for GKE agent is enabled for this cluster." - default = false -} - variable "cloudrun" { description = "(Beta) Enable CloudRun addon" default = false diff --git a/modules/beta-public-cluster-update-variant/versions.tf b/modules/beta-public-cluster-update-variant/versions.tf index 842486641..a4d5064d5 100644 --- a/modules/beta-public-cluster-update-variant/versions.tf +++ b/modules/beta-public-cluster-update-variant/versions.tf @@ -21,7 +21,7 @@ terraform { required_providers { google-beta = { source = "hashicorp/google-beta" - version = ">= 4.46.0, < 5.0" + version = ">= 4.47.0, < 5.0" } kubernetes = { source = "hashicorp/kubernetes" diff --git a/modules/beta-public-cluster/README.md b/modules/beta-public-cluster/README.md index fd174ff94..bcbae8fea 100644 --- a/modules/beta-public-cluster/README.md +++ b/modules/beta-public-cluster/README.md @@ -172,7 +172,7 @@ Then perform the following commands on the root folder: | firewall\_priority | Priority rule for firewall rules | `number` | `1000` | no | | gateway\_api\_channel | The gateway api channel of this cluster. Accepted values are `CHANNEL_STANDARD` and `CHANNEL_DISABLED`. | `string` | `null` | no | | gce\_pd\_csi\_driver | Whether this cluster should enable the Google Compute Engine Persistent Disk Container Storage Interface (CSI) Driver. | `bool` | `true` | no | -| gke\_backup\_agent\_config | (Beta) Whether Backup for GKE agent is enabled for this cluster. | `bool` | `false` | no | +| gke\_backup\_agent\_config | Whether Backup for GKE agent is enabled for this cluster. | `bool` | `false` | no | | grant\_registry\_access | Grants created cluster-specific service account storage.objectViewer and artifactregistry.reader roles. | `bool` | `false` | no | | horizontal\_pod\_autoscaling | Enable horizontal pod autoscaling addon | `bool` | `true` | no | | http\_load\_balancing | Enable httpload balancer addon | `bool` | `true` | no | diff --git a/modules/beta-public-cluster/cluster.tf b/modules/beta-public-cluster/cluster.tf index 904a53c8a..46ed3b42c 100644 --- a/modules/beta-public-cluster/cluster.tf +++ b/modules/beta-public-cluster/cluster.tf @@ -217,6 +217,14 @@ resource "google_container_cluster" "primary" { } } + dynamic "gke_backup_agent_config" { + for_each = local.gke_backup_agent_config + + content { + enabled = gke_backup_agent_config.value.enabled + } + } + istio_config { disabled = !var.istio auth = var.istio_auth @@ -237,14 +245,6 @@ resource "google_container_cluster" "primary" { config_connector_config { enabled = var.config_connector } - - dynamic "gke_backup_agent_config" { - for_each = local.gke_backup_agent_config - - content { - enabled = gke_backup_agent_config.value.enabled - } - } } datapath_provider = var.datapath_provider diff --git a/modules/beta-public-cluster/main.tf b/modules/beta-public-cluster/main.tf index eac084000..491200ba7 100644 --- a/modules/beta-public-cluster/main.tf +++ b/modules/beta-public-cluster/main.tf @@ -86,6 +86,7 @@ locals { }] cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus + gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] cluster_cloudrun_config_load_balancer_config = (var.cloudrun && var.cloudrun_load_balancer_type != "") ? { load_balancer_type = var.cloudrun_load_balancer_type } : {} @@ -98,7 +99,6 @@ locals { ) ] : [] cluster_cloudrun_enabled = var.cloudrun - gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] cluster_authenticator_security_group = var.authenticator_security_group == null ? [] : [{ security_group = var.authenticator_security_group diff --git a/modules/beta-public-cluster/variables.tf b/modules/beta-public-cluster/variables.tf index 85dfbd432..56f603751 100644 --- a/modules/beta-public-cluster/variables.tf +++ b/modules/beta-public-cluster/variables.tf @@ -584,6 +584,12 @@ variable "gce_pd_csi_driver" { default = true } +variable "gke_backup_agent_config" { + type = bool + description = "Whether Backup for GKE agent is enabled for this cluster." + default = false +} + variable "timeouts" { type = map(string) description = "Timeout for cluster operations." @@ -641,12 +647,6 @@ variable "config_connector" { default = false } -variable "gke_backup_agent_config" { - type = bool - description = "(Beta) Whether Backup for GKE agent is enabled for this cluster." - default = false -} - variable "cloudrun" { description = "(Beta) Enable CloudRun addon" default = false diff --git a/modules/beta-public-cluster/versions.tf b/modules/beta-public-cluster/versions.tf index 147446d22..413ce1cf0 100644 --- a/modules/beta-public-cluster/versions.tf +++ b/modules/beta-public-cluster/versions.tf @@ -21,7 +21,7 @@ terraform { required_providers { google-beta = { source = "hashicorp/google-beta" - version = ">= 4.46.0, < 5.0" + version = ">= 4.47.0, < 5.0" } kubernetes = { source = "hashicorp/kubernetes" diff --git a/modules/private-cluster-update-variant/README.md b/modules/private-cluster-update-variant/README.md index ed0579ab0..c04608764 100644 --- a/modules/private-cluster-update-variant/README.md +++ b/modules/private-cluster-update-variant/README.md @@ -189,6 +189,7 @@ Then perform the following commands on the root folder: | firewall\_priority | Priority rule for firewall rules | `number` | `1000` | no | | gateway\_api\_channel | The gateway api channel of this cluster. Accepted values are `CHANNEL_STANDARD` and `CHANNEL_DISABLED`. | `string` | `null` | no | | gce\_pd\_csi\_driver | Whether this cluster should enable the Google Compute Engine Persistent Disk Container Storage Interface (CSI) Driver. | `bool` | `true` | no | +| gke\_backup\_agent\_config | Whether Backup for GKE agent is enabled for this cluster. | `bool` | `false` | no | | grant\_registry\_access | Grants created cluster-specific service account storage.objectViewer and artifactregistry.reader roles. | `bool` | `false` | no | | horizontal\_pod\_autoscaling | Enable horizontal pod autoscaling addon | `bool` | `true` | no | | http\_load\_balancing | Enable httpload balancer addon | `bool` | `true` | no | diff --git a/modules/private-cluster-update-variant/cluster.tf b/modules/private-cluster-update-variant/cluster.tf index 48775f35b..94956c090 100644 --- a/modules/private-cluster-update-variant/cluster.tf +++ b/modules/private-cluster-update-variant/cluster.tf @@ -184,6 +184,14 @@ resource "google_container_cluster" "primary" { enabled = gce_persistent_disk_csi_driver_config.value.enabled } } + + dynamic "gke_backup_agent_config" { + for_each = local.gke_backup_agent_config + + content { + enabled = gke_backup_agent_config.value.enabled + } + } } datapath_provider = var.datapath_provider diff --git a/modules/private-cluster-update-variant/main.tf b/modules/private-cluster-update-variant/main.tf index 4f9a4f7ab..1082e1abc 100644 --- a/modules/private-cluster-update-variant/main.tf +++ b/modules/private-cluster-update-variant/main.tf @@ -85,6 +85,7 @@ locals { }] cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus + gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] cluster_authenticator_security_group = var.authenticator_security_group == null ? [] : [{ security_group = var.authenticator_security_group diff --git a/modules/private-cluster-update-variant/variables.tf b/modules/private-cluster-update-variant/variables.tf index c2deafdfe..a6cdccd88 100644 --- a/modules/private-cluster-update-variant/variables.tf +++ b/modules/private-cluster-update-variant/variables.tf @@ -585,6 +585,12 @@ variable "gce_pd_csi_driver" { default = true } +variable "gke_backup_agent_config" { + type = bool + description = "Whether Backup for GKE agent is enabled for this cluster." + default = false +} + variable "timeouts" { type = map(string) description = "Timeout for cluster operations." diff --git a/modules/private-cluster/README.md b/modules/private-cluster/README.md index c0f5d07ac..b319b2b9d 100644 --- a/modules/private-cluster/README.md +++ b/modules/private-cluster/README.md @@ -167,6 +167,7 @@ Then perform the following commands on the root folder: | firewall\_priority | Priority rule for firewall rules | `number` | `1000` | no | | gateway\_api\_channel | The gateway api channel of this cluster. Accepted values are `CHANNEL_STANDARD` and `CHANNEL_DISABLED`. | `string` | `null` | no | | gce\_pd\_csi\_driver | Whether this cluster should enable the Google Compute Engine Persistent Disk Container Storage Interface (CSI) Driver. | `bool` | `true` | no | +| gke\_backup\_agent\_config | Whether Backup for GKE agent is enabled for this cluster. | `bool` | `false` | no | | grant\_registry\_access | Grants created cluster-specific service account storage.objectViewer and artifactregistry.reader roles. | `bool` | `false` | no | | horizontal\_pod\_autoscaling | Enable horizontal pod autoscaling addon | `bool` | `true` | no | | http\_load\_balancing | Enable httpload balancer addon | `bool` | `true` | no | diff --git a/modules/private-cluster/cluster.tf b/modules/private-cluster/cluster.tf index f5ffb39fb..149dad054 100644 --- a/modules/private-cluster/cluster.tf +++ b/modules/private-cluster/cluster.tf @@ -184,6 +184,14 @@ resource "google_container_cluster" "primary" { enabled = gce_persistent_disk_csi_driver_config.value.enabled } } + + dynamic "gke_backup_agent_config" { + for_each = local.gke_backup_agent_config + + content { + enabled = gke_backup_agent_config.value.enabled + } + } } datapath_provider = var.datapath_provider diff --git a/modules/private-cluster/main.tf b/modules/private-cluster/main.tf index 4f9a4f7ab..1082e1abc 100644 --- a/modules/private-cluster/main.tf +++ b/modules/private-cluster/main.tf @@ -85,6 +85,7 @@ locals { }] cluster_gce_pd_csi_config = var.gce_pd_csi_driver ? [{ enabled = true }] : [{ enabled = false }] logmon_config_is_set = length(var.logging_enabled_components) > 0 || length(var.monitoring_enabled_components) > 0 || var.monitoring_enable_managed_prometheus + gke_backup_agent_config = var.gke_backup_agent_config ? [{ enabled = true }] : [{ enabled = false }] cluster_authenticator_security_group = var.authenticator_security_group == null ? [] : [{ security_group = var.authenticator_security_group diff --git a/modules/private-cluster/variables.tf b/modules/private-cluster/variables.tf index c2deafdfe..a6cdccd88 100644 --- a/modules/private-cluster/variables.tf +++ b/modules/private-cluster/variables.tf @@ -585,6 +585,12 @@ variable "gce_pd_csi_driver" { default = true } +variable "gke_backup_agent_config" { + type = bool + description = "Whether Backup for GKE agent is enabled for this cluster." + default = false +} + variable "timeouts" { type = map(string) description = "Timeout for cluster operations." diff --git a/test/integration/disable_client_cert/testdata/TestDisableClientCert.json b/test/integration/disable_client_cert/testdata/TestDisableClientCert.json index 3128aac00..9d58f326f 100755 --- a/test/integration/disable_client_cert/testdata/TestDisableClientCert.json +++ b/test/integration/disable_client_cert/testdata/TestDisableClientCert.json @@ -5,6 +5,7 @@ "enabled": true }, "gcpFilestoreCsiDriverConfig": {}, + "gkeBackupAgentConfig": {}, "horizontalPodAutoscaling": {}, "httpLoadBalancing": {}, "kubernetesDashboard": { diff --git a/test/integration/private_zonal_with_networking/testdata/TestPrivateZonalWithNetworking.json b/test/integration/private_zonal_with_networking/testdata/TestPrivateZonalWithNetworking.json index d1871d8ba..b2b000990 100755 --- a/test/integration/private_zonal_with_networking/testdata/TestPrivateZonalWithNetworking.json +++ b/test/integration/private_zonal_with_networking/testdata/TestPrivateZonalWithNetworking.json @@ -5,6 +5,7 @@ "enabled": true }, "gcpFilestoreCsiDriverConfig": {}, + "gkeBackupAgentConfig": {}, "horizontalPodAutoscaling": {}, "httpLoadBalancing": {}, "kubernetesDashboard": { diff --git a/variables.tf b/variables.tf index 923b7215d..57e4db6fb 100644 --- a/variables.tf +++ b/variables.tf @@ -555,6 +555,12 @@ variable "gce_pd_csi_driver" { default = true } +variable "gke_backup_agent_config" { + type = bool + description = "Whether Backup for GKE agent is enabled for this cluster." + default = false +} + variable "timeouts" { type = map(string) description = "Timeout for cluster operations."