From c6c77db40164028b95e9760a13a0bb8c2a3538b2 Mon Sep 17 00:00:00 2001 From: chrislovecnm Date: Wed, 26 Jun 2019 10:11:43 -0600 Subject: [PATCH] Updating output for psp and binary auth Removing psp output from private cluster module and adding it to beta modules. Adding binary auth output to the beta modules. --- autogen/main.tf | 15 ++++++++------- modules/beta-private-cluster/main.tf | 14 ++++++++++---- modules/beta-public-cluster/main.tf | 10 ++++++++++ modules/private-cluster/main.tf | 5 ----- 4 files changed, 28 insertions(+), 16 deletions(-) diff --git a/autogen/main.tf b/autogen/main.tf index 9d0f2ab9c8..bae7f9abe3 100644 --- a/autogen/main.tf +++ b/autogen/main.tf @@ -140,6 +140,14 @@ locals { regional = "${element(concat(google_container_cluster.primary.*.addons_config.0.cloudrun_config.0.disabled, list("")), 0)}" zonal = "${element(concat(google_container_cluster.zonal_primary.*.addons_config.0.cloudrun_config.0.disabled, list("")), 0)}" } + cluster_type_output_pod_security_policy_enabled = { + regional = "${element(concat(google_container_cluster.primary.*.pod_security_policy_config.0.enabled, list("")), 0)}" + zonal = "${element(concat(google_container_cluster.zonal_primary.*.pod_security_policy_config.0.enabled, list("")), 0)}" + } + cluster_type_output_binary_authorization_enabled = { + regional = "${element(concat(google_container_cluster.primary.*.enable_binary_authorization.0.enabled, list("")), 0)}" + zonal = "${element(concat(google_container_cluster.zonal_primary.*.enable_binary_authorization.0.enabled, list("")), 0)}" + } # /BETA features {% endif %} @@ -153,13 +161,6 @@ locals { zonal = "${concat(google_container_node_pool.zonal_pools.*.version, list(""))}" } -{% if private_cluster %} - cluster_type_output_pod_security_policy_enabled = { - regional = "${element(concat(google_container_cluster.primary.*.pod_security_policy_config.0.enabled, list("")), 0)}" - zonal = "${element(concat(google_container_cluster.zonal_primary.*.pod_security_policy_config.0.enabled, list("")), 0)}" - } - -{% endif %} cluster_master_auth_list_layer1 = "${local.cluster_type_output_master_auth[local.cluster_type]}" cluster_master_auth_list_layer2 = "${local.cluster_master_auth_list_layer1[0]}" cluster_master_auth_map = "${local.cluster_master_auth_list_layer2[0]}" diff --git a/modules/beta-private-cluster/main.tf b/modules/beta-private-cluster/main.tf index f9ebd7f70a..063bed9278 100644 --- a/modules/beta-private-cluster/main.tf +++ b/modules/beta-private-cluster/main.tf @@ -133,6 +133,16 @@ locals { zonal = "${element(concat(google_container_cluster.zonal_primary.*.addons_config.0.cloudrun_config.0.disabled, list("")), 0)}" } + cluster_type_output_pod_security_policy_enabled = { + regional = "${element(concat(google_container_cluster.primary.*.pod_security_policy_config.0.enabled, list("")), 0)}" + zonal = "${element(concat(google_container_cluster.zonal_primary.*.pod_security_policy_config.0.enabled, list("")), 0)}" + } + + cluster_type_output_binary_authorization_enabled = { + regional = "${element(concat(google_container_cluster.primary.*.enable_binary_authorization.0.enabled, list("")), 0)}" + zonal = "${element(concat(google_container_cluster.zonal_primary.*.enable_binary_authorization.0.enabled, list("")), 0)}" + } + # /BETA features cluster_type_output_node_pools_names = { @@ -143,10 +153,6 @@ locals { regional = "${concat(google_container_node_pool.pools.*.version, list(""))}" zonal = "${concat(google_container_node_pool.zonal_pools.*.version, list(""))}" } - cluster_type_output_pod_security_policy_enabled = { - regional = "${element(concat(google_container_cluster.primary.*.pod_security_policy_config.0.enabled, list("")), 0)}" - zonal = "${element(concat(google_container_cluster.zonal_primary.*.pod_security_policy_config.0.enabled, list("")), 0)}" - } cluster_master_auth_list_layer1 = "${local.cluster_type_output_master_auth[local.cluster_type]}" cluster_master_auth_list_layer2 = "${local.cluster_master_auth_list_layer1[0]}" cluster_master_auth_map = "${local.cluster_master_auth_list_layer2[0]}" diff --git a/modules/beta-public-cluster/main.tf b/modules/beta-public-cluster/main.tf index 83f4865b38..61d5a28098 100644 --- a/modules/beta-public-cluster/main.tf +++ b/modules/beta-public-cluster/main.tf @@ -124,6 +124,16 @@ locals { zonal = "${element(concat(google_container_cluster.zonal_primary.*.addons_config.0.cloudrun_config.0.disabled, list("")), 0)}" } + cluster_type_output_pod_security_policy_enabled = { + regional = "${element(concat(google_container_cluster.primary.*.pod_security_policy_config.0.enabled, list("")), 0)}" + zonal = "${element(concat(google_container_cluster.zonal_primary.*.pod_security_policy_config.0.enabled, list("")), 0)}" + } + + cluster_type_output_binary_authorization_enabled = { + regional = "${element(concat(google_container_cluster.primary.*.enable_binary_authorization.0.enabled, list("")), 0)}" + zonal = "${element(concat(google_container_cluster.zonal_primary.*.enable_binary_authorization.0.enabled, list("")), 0)}" + } + # /BETA features cluster_type_output_node_pools_names = { diff --git a/modules/private-cluster/main.tf b/modules/private-cluster/main.tf index ecb267e9ce..a2c3554190 100644 --- a/modules/private-cluster/main.tf +++ b/modules/private-cluster/main.tf @@ -132,11 +132,6 @@ locals { zonal = "${concat(google_container_node_pool.zonal_pools.*.version, list(""))}" } - cluster_type_output_pod_security_policy_enabled = { - regional = "${element(concat(google_container_cluster.primary.*.pod_security_policy_config.0.enabled, list("")), 0)}" - zonal = "${element(concat(google_container_cluster.zonal_primary.*.pod_security_policy_config.0.enabled, list("")), 0)}" - } - cluster_master_auth_list_layer1 = "${local.cluster_type_output_master_auth[local.cluster_type]}" cluster_master_auth_list_layer2 = "${local.cluster_master_auth_list_layer1[0]}" cluster_master_auth_map = "${local.cluster_master_auth_list_layer2[0]}"