From b3cdd948f703abcc35922678d543e0eb9ca29713 Mon Sep 17 00:00:00 2001
From: Amina Mansour <aminamansour@gmail.com>
Date: Thu, 22 Oct 2020 11:53:53 -0700
Subject: [PATCH 1/6] enable acm

---
 modules/acm/main.tf | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/modules/acm/main.tf b/modules/acm/main.tf
index 244816f99e..60f75ed8f9 100644
--- a/modules/acm/main.tf
+++ b/modules/acm/main.tf
@@ -14,6 +14,19 @@
  * limitations under the License.
  */
 
+module "enable_acm" {
+  source  = "terraform-google-modules/gcloud/google"
+  version = "~> 2.0"
+
+  platform = "linux"
+  upgrade  = true
+
+  create_cmd_entrypoint  = "gcloud"
+  create_cmd_body        = "alpha container hub config-management enable --project ${var.project_id}"
+  destroy_cmd_entrypoint = "gcloud"
+  destroy_cmd_body       = "alpha container hub config-management disable --force --project ${var.project_id}"
+}
+
 module "acm_operator" {
 
   source = "../k8s-operator-crd-support"

From 36d1307be40693c0ae7ebe162d631327f76f9090 Mon Sep 17 00:00:00 2001
From: Amina Mansour <aminamansour@gmail.com>
Date: Thu, 22 Oct 2020 12:08:24 -0700
Subject: [PATCH 2/6] update README

---
 modules/acm/README.md | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/modules/acm/README.md b/modules/acm/README.md
index 1a32bf83df..f4dab2a0f2 100644
--- a/modules/acm/README.md
+++ b/modules/acm/README.md
@@ -3,9 +3,10 @@
 This module installs [Anthos Config Management](https://cloud.google.com/anthos-config-management/docs/) (ACM) in a Kubernetes cluster.
 
 Specifically, this module automates the following steps for [installing ACM](https://cloud.google.com/anthos-config-management/docs/how-to/installing):
-1. Installing the ACM Operator on your cluster.
-2. Generating an SSH key for accessing Git and providing it to the Operator
-3. Configuring the Operator to connect to your ACM repository
+1. Enabling the ACM feature on hub.
+2. Installing the ACM Operator on your cluster.
+3. Optionally, generating an SSH key for accessing Git and providing it to the Operator
+4. Configuring the Operator to connect to your ACM repository
 
 ## Usage
 

From b4fe6fbebc32b555e698e1e25088160e8dda89d3 Mon Sep 17 00:00:00 2001
From: Amina Mansour <aminamansour@gmail.com>
Date: Thu, 22 Oct 2020 22:34:26 -0700
Subject: [PATCH 3/6] enable gkehub api on test project

---
 test/setup/main.tf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/test/setup/main.tf b/test/setup/main.tf
index 475a9ddf08..6e6090b267 100644
--- a/test/setup/main.tf
+++ b/test/setup/main.tf
@@ -65,6 +65,7 @@ module "gke-project-2" {
     "pubsub.googleapis.com",
     "serviceusage.googleapis.com",
     "storage-api.googleapis.com",
+    "gkehub.googleapis.com",
   ]
   activate_api_identities = [
     {

From 255ba4a69dcd914ec61978780a3ccfe54717579c Mon Sep 17 00:00:00 2001
From: Amina Mansour <aminamansour@gmail.com>
Date: Sun, 25 Oct 2020 23:26:07 -0700
Subject: [PATCH 4/6] Add Hub Admin role to SA

---
 test/setup/iam.tf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/test/setup/iam.tf b/test/setup/iam.tf
index dad03fab3b..5ce8de9f37 100644
--- a/test/setup/iam.tf
+++ b/test/setup/iam.tf
@@ -33,6 +33,7 @@ locals {
     "roles/compute.instanceAdmin",
     "roles/iam.roleAdmin",
     "roles/iap.admin",
+    "roles/gkehub.admin",
   ]
   # roles as documented https://cloud.google.com/service-mesh/docs/gke-install-new-cluster#setting_up_your_project
   int_asm_required_roles = [

From 5c697b47e5639953426a4a54307bb4a03fe5948d Mon Sep 17 00:00:00 2001
From: Amina Mansour <aminamansour@gmail.com>
Date: Tue, 3 Nov 2020 21:02:51 -0800
Subject: [PATCH 5/6] add service account key file

---
 modules/acm/main.tf | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/modules/acm/main.tf b/modules/acm/main.tf
index 60f75ed8f9..96b9fa6ee4 100644
--- a/modules/acm/main.tf
+++ b/modules/acm/main.tf
@@ -21,10 +21,11 @@ module "enable_acm" {
   platform = "linux"
   upgrade  = true
 
-  create_cmd_entrypoint  = "gcloud"
-  create_cmd_body        = "alpha container hub config-management enable --project ${var.project_id}"
-  destroy_cmd_entrypoint = "gcloud"
-  destroy_cmd_body       = "alpha container hub config-management disable --force --project ${var.project_id}"
+  service_account_key_file = var.service_account_key_file
+  create_cmd_entrypoint    = "gcloud"
+  create_cmd_body          = "alpha container hub config-management enable --project ${var.project_id}"
+  destroy_cmd_entrypoint   = "gcloud"
+  destroy_cmd_body         = "alpha container hub config-management disable --force --project ${var.project_id}"
 }
 
 module "acm_operator" {

From f8af235315c7a38a0348cde103696af2163b4ec1 Mon Sep 17 00:00:00 2001
From: Amina Mansour <aminamansour@gmail.com>
Date: Thu, 3 Dec 2020 16:14:35 -0800
Subject: [PATCH 6/6] add additional components

---
 modules/acm/main.tf | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/modules/acm/main.tf b/modules/acm/main.tf
index 96b9fa6ee4..e6ae18854f 100644
--- a/modules/acm/main.tf
+++ b/modules/acm/main.tf
@@ -18,8 +18,9 @@ module "enable_acm" {
   source  = "terraform-google-modules/gcloud/google"
   version = "~> 2.0"
 
-  platform = "linux"
-  upgrade  = true
+  platform              = "linux"
+  upgrade               = true
+  additional_components = ["alpha"]
 
   service_account_key_file = var.service_account_key_file
   create_cmd_entrypoint    = "gcloud"