From d4e7dc6a585770474ea4cdee3452cf98b404c6e2 Mon Sep 17 00:00:00 2001
From: Daniel Patriche <rebelthor@gmail.com>
Date: Mon, 11 May 2020 21:58:14 +0300
Subject: [PATCH] feat: Expose gce_pd_csi_driver for Safer Cluster modules #503
 (#514)

* Expose gce_pd_csi_driver for Safer Cluster modules #503

* Use autogen folder to generate modules #503

Co-authored-by: Daniel Patriche <daniel@mambu.com>
---
 autogen/safer-cluster/main.tf.tmpl                | 2 ++
 autogen/safer-cluster/variables.tf.tmpl           | 6 ++++++
 modules/safer-cluster-update-variant/README.md    | 1 +
 modules/safer-cluster-update-variant/main.tf      | 2 ++
 modules/safer-cluster-update-variant/variables.tf | 6 ++++++
 modules/safer-cluster/README.md                   | 1 +
 modules/safer-cluster/main.tf                     | 2 ++
 modules/safer-cluster/variables.tf                | 6 ++++++
 8 files changed, 26 insertions(+)

diff --git a/autogen/safer-cluster/main.tf.tmpl b/autogen/safer-cluster/main.tf.tmpl
index 82c368ba0..cef7a38d5 100644
--- a/autogen/safer-cluster/main.tf.tmpl
+++ b/autogen/safer-cluster/main.tf.tmpl
@@ -154,4 +154,6 @@ module "gke" {
   enable_shielded_nodes = var.enable_shielded_nodes
 
   skip_provisioners = var.skip_provisioners
+
+  gce_pd_csi_driver = var.gce_pd_csi_driver
 }
diff --git a/autogen/safer-cluster/variables.tf.tmpl b/autogen/safer-cluster/variables.tf.tmpl
index bcce76b1e..e419f6385 100644
--- a/autogen/safer-cluster/variables.tf.tmpl
+++ b/autogen/safer-cluster/variables.tf.tmpl
@@ -336,3 +336,9 @@ variable "pod_security_policy_config" {
     "enabled" = true
   }]
 }
+
+variable "gce_pd_csi_driver" {
+  type        = bool
+  description = "(Beta) Whether this cluster should enable the Google Compute Engine Persistent Disk Container Storage Interface (CSI) Driver."
+  default     = true
+}
diff --git a/modules/safer-cluster-update-variant/README.md b/modules/safer-cluster-update-variant/README.md
index 862df8d4e..b0f48354b 100644
--- a/modules/safer-cluster-update-variant/README.md
+++ b/modules/safer-cluster-update-variant/README.md
@@ -214,6 +214,7 @@ For simplicity, we suggest using `roles/container.admin` and
 | enable\_resource\_consumption\_export | Whether to enable resource consumption metering on this cluster. When enabled, a table will be created in the resource export BigQuery dataset to store resource consumption data. The resulting table can be joined with the resource usage table or with BigQuery billing export. | bool | `"true"` | no |
 | enable\_shielded\_nodes | Enable Shielded Nodes features on all nodes in this cluster. | bool | `"true"` | no |
 | enable\_vertical\_pod\_autoscaling | Vertical Pod Autoscaling automatically adjusts the resources of pods controlled by it | bool | `"false"` | no |
+| gce\_pd\_csi\_driver | (Beta) Whether this cluster should enable the Google Compute Engine Persistent Disk Container Storage Interface (CSI) Driver. | bool | `"true"` | no |
 | grant\_registry\_access | Grants created cluster-specific service account storage.objectViewer role. | bool | `"true"` | no |
 | horizontal\_pod\_autoscaling | Enable horizontal pod autoscaling addon | bool | `"true"` | no |
 | http\_load\_balancing | Enable httpload balancer addon. The addon allows whoever can create Ingress objects to expose an application to a public IP. Network policies or Gatekeeper policies should be used to verify that only authorized applications are exposed. | bool | `"true"` | no |
diff --git a/modules/safer-cluster-update-variant/main.tf b/modules/safer-cluster-update-variant/main.tf
index eae4f4023..7e04c8781 100644
--- a/modules/safer-cluster-update-variant/main.tf
+++ b/modules/safer-cluster-update-variant/main.tf
@@ -150,4 +150,6 @@ module "gke" {
   enable_shielded_nodes = var.enable_shielded_nodes
 
   skip_provisioners = var.skip_provisioners
+
+  gce_pd_csi_driver = var.gce_pd_csi_driver
 }
diff --git a/modules/safer-cluster-update-variant/variables.tf b/modules/safer-cluster-update-variant/variables.tf
index 3ffb9d091..5ba756531 100644
--- a/modules/safer-cluster-update-variant/variables.tf
+++ b/modules/safer-cluster-update-variant/variables.tf
@@ -336,3 +336,9 @@ variable "pod_security_policy_config" {
     "enabled" = true
   }]
 }
+
+variable "gce_pd_csi_driver" {
+  type        = bool
+  description = "(Beta) Whether this cluster should enable the Google Compute Engine Persistent Disk Container Storage Interface (CSI) Driver."
+  default     = true
+}
diff --git a/modules/safer-cluster/README.md b/modules/safer-cluster/README.md
index 862df8d4e..b0f48354b 100644
--- a/modules/safer-cluster/README.md
+++ b/modules/safer-cluster/README.md
@@ -214,6 +214,7 @@ For simplicity, we suggest using `roles/container.admin` and
 | enable\_resource\_consumption\_export | Whether to enable resource consumption metering on this cluster. When enabled, a table will be created in the resource export BigQuery dataset to store resource consumption data. The resulting table can be joined with the resource usage table or with BigQuery billing export. | bool | `"true"` | no |
 | enable\_shielded\_nodes | Enable Shielded Nodes features on all nodes in this cluster. | bool | `"true"` | no |
 | enable\_vertical\_pod\_autoscaling | Vertical Pod Autoscaling automatically adjusts the resources of pods controlled by it | bool | `"false"` | no |
+| gce\_pd\_csi\_driver | (Beta) Whether this cluster should enable the Google Compute Engine Persistent Disk Container Storage Interface (CSI) Driver. | bool | `"true"` | no |
 | grant\_registry\_access | Grants created cluster-specific service account storage.objectViewer role. | bool | `"true"` | no |
 | horizontal\_pod\_autoscaling | Enable horizontal pod autoscaling addon | bool | `"true"` | no |
 | http\_load\_balancing | Enable httpload balancer addon. The addon allows whoever can create Ingress objects to expose an application to a public IP. Network policies or Gatekeeper policies should be used to verify that only authorized applications are exposed. | bool | `"true"` | no |
diff --git a/modules/safer-cluster/main.tf b/modules/safer-cluster/main.tf
index 9eaf20f6e..4e89dc154 100644
--- a/modules/safer-cluster/main.tf
+++ b/modules/safer-cluster/main.tf
@@ -150,4 +150,6 @@ module "gke" {
   enable_shielded_nodes = var.enable_shielded_nodes
 
   skip_provisioners = var.skip_provisioners
+
+  gce_pd_csi_driver = var.gce_pd_csi_driver
 }
diff --git a/modules/safer-cluster/variables.tf b/modules/safer-cluster/variables.tf
index 3ffb9d091..5ba756531 100644
--- a/modules/safer-cluster/variables.tf
+++ b/modules/safer-cluster/variables.tf
@@ -336,3 +336,9 @@ variable "pod_security_policy_config" {
     "enabled" = true
   }]
 }
+
+variable "gce_pd_csi_driver" {
+  type        = bool
+  description = "(Beta) Whether this cluster should enable the Google Compute Engine Persistent Disk Container Storage Interface (CSI) Driver."
+  default     = true
+}