Skip to content

Commit

Permalink
Merge pull request terraform-google-modules#318 from cray0000/f-make-…
Browse files Browse the repository at this point in the history
…params-optional

Make node_pools_* params optional and allow pool-specific overrides.
  • Loading branch information
Aaron Lane authored Nov 21, 2019
2 parents 77380cb + 1eae078 commit 2ac6f25
Show file tree
Hide file tree
Showing 30 changed files with 712 additions and 181 deletions.
2 changes: 1 addition & 1 deletion Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@
# Make will use bash instead of sh
SHELL := /usr/bin/env bash

DOCKER_TAG_VERSION_DEVELOPER_TOOLS := 0.4.6
DOCKER_TAG_VERSION_DEVELOPER_TOOLS := 0
DOCKER_IMAGE_DEVELOPER_TOOLS := cft/developer-tools
REGISTRY_URL := gcr.io/cloud-foundation-cicd

Expand Down
61 changes: 32 additions & 29 deletions autogen/cluster.tf.tmpl
Original file line number Diff line number Diff line change
Expand Up @@ -252,10 +252,10 @@ resource "random_id" "name" {
labels = join(",",
sort(
concat(
keys(var.node_pools_labels["all"]),
values(var.node_pools_labels["all"]),
keys(var.node_pools_labels[var.node_pools[count.index]["name"]]),
values(var.node_pools_labels[var.node_pools[count.index]["name"]])
keys(local.node_pools_labels["all"]),
values(local.node_pools_labels["all"]),
keys(local.node_pools_labels[var.node_pools[count.index]["name"]]),
values(local.node_pools_labels[var.node_pools[count.index]["name"]])
)
)
)
Expand All @@ -264,10 +264,10 @@ resource "random_id" "name" {
metadata = join(",",
sort(
concat(
keys(var.node_pools_metadata["all"]),
values(var.node_pools_metadata["all"]),
keys(var.node_pools_metadata[var.node_pools[count.index]["name"]]),
values(var.node_pools_metadata[var.node_pools[count.index]["name"]])
keys(local.node_pools_metadata["all"]),
values(local.node_pools_metadata["all"]),
keys(local.node_pools_metadata[var.node_pools[count.index]["name"]]),
values(local.node_pools_metadata[var.node_pools[count.index]["name"]])
)
)
)
Expand All @@ -276,8 +276,8 @@ resource "random_id" "name" {
oauth_scopes = join(",",
sort(
concat(
var.node_pools_oauth_scopes["all"],
var.node_pools_oauth_scopes[var.node_pools[count.index]["name"]]
local.node_pools_oauth_scopes["all"],
local.node_pools_oauth_scopes[var.node_pools[count.index]["name"]]
)
)
)
Expand All @@ -286,8 +286,8 @@ resource "random_id" "name" {
tags = join(",",
sort(
concat(
var.node_pools_tags["all"],
var.node_pools_tags[var.node_pools[count.index]["name"]]
local.node_pools_tags["all"],
local.node_pools_tags[var.node_pools[count.index]["name"]]
)
)
)
Expand All @@ -314,7 +314,9 @@ resource "google_container_node_pool" "pools" {
// use node_locations if provided, defaults to cluster level node_locations if not specified
node_locations = lookup(var.node_pools[count.index], "node_locations", "") != "" ? split(",", var.node_pools[count.index]["node_locations"]) : null
{% endif %}
cluster = google_container_cluster.primary.name

cluster = google_container_cluster.primary.name

version = lookup(var.node_pools[count.index], "auto_upgrade", false) ? "" : lookup(
var.node_pools[count.index],
"version",
Expand Down Expand Up @@ -350,25 +352,25 @@ resource "google_container_node_pool" "pools" {
image_type = lookup(var.node_pools[count.index], "image_type", "COS")
machine_type = lookup(var.node_pools[count.index], "machine_type", "n1-standard-2")
labels = merge(
lookup(lookup(var.node_pools_labels, "default_values", {}), "cluster_name", true) ? { "cluster_name" = var.name } : {},
lookup(lookup(var.node_pools_labels, "default_values", {}), "node_pool", true) ? { "node_pool" = var.node_pools[count.index]["name"] } : {},
var.node_pools_labels["all"],
var.node_pools_labels[var.node_pools[count.index]["name"]],
lookup(lookup(local.node_pools_labels, "default_values", {}), "cluster_name", true) ? { "cluster_name" = var.name } : {},
lookup(lookup(local.node_pools_labels, "default_values", {}), "node_pool", true) ? { "node_pool" = var.node_pools[count.index]["name"] } : {},
local.node_pools_labels["all"],
local.node_pools_labels[var.node_pools[count.index]["name"]],
)
metadata = merge(
lookup(lookup(var.node_pools_metadata, "default_values", {}), "cluster_name", true) ? { "cluster_name" = var.name } : {},
lookup(lookup(var.node_pools_metadata, "default_values", {}), "node_pool", true) ? { "node_pool" = var.node_pools[count.index]["name"] } : {},
var.node_pools_metadata["all"],
var.node_pools_metadata[var.node_pools[count.index]["name"]],
lookup(lookup(local.node_pools_metadata, "default_values", {}), "cluster_name", true) ? { "cluster_name" = var.name } : {},
lookup(lookup(local.node_pools_metadata, "default_values", {}), "node_pool", true) ? { "node_pool" = var.node_pools[count.index]["name"] } : {},
local.node_pools_metadata["all"],
local.node_pools_metadata[var.node_pools[count.index]["name"]],
{
"disable-legacy-endpoints" = var.disable_legacy_metadata_endpoints
},
)
{% if beta_cluster %}
dynamic "taint" {
for_each = concat(
var.node_pools_taints["all"],
var.node_pools_taints[var.node_pools[count.index]["name"]],
local.node_pools_taints["all"],
local.node_pools_taints[var.node_pools[count.index]["name"]],
)
content {
effect = taint.value.effect
Expand All @@ -378,10 +380,10 @@ resource "google_container_node_pool" "pools" {
}
{% endif %}
tags = concat(
lookup(var.node_pools_tags, "default_values", [true, true])[0] ? ["gke-${var.name}"] : [],
lookup(var.node_pools_tags, "default_values", [true, true])[1] ? ["gke-${var.name}-${var.node_pools[count.index]["name"]}"] : [],
var.node_pools_tags["all"],
var.node_pools_tags[var.node_pools[count.index]["name"]],
lookup(local.node_pools_tags, "default_values", [true, true])[0] ? ["gke-${var.name}"] : [],
lookup(local.node_pools_tags, "default_values", [true, true])[1] ? ["gke-${var.name}-${var.node_pools[count.index]["name"]}"] : [],
local.node_pools_tags["all"],
local.node_pools_tags[var.node_pools[count.index]["name"]],
)

local_ssd_count = lookup(var.node_pools[count.index], "local_ssd_count", 0)
Expand All @@ -396,8 +398,8 @@ resource "google_container_node_pool" "pools" {
preemptible = lookup(var.node_pools[count.index], "preemptible", false)

oauth_scopes = concat(
var.node_pools_oauth_scopes["all"],
var.node_pools_oauth_scopes[var.node_pools[count.index]["name"]],
local.node_pools_oauth_scopes["all"],
local.node_pools_oauth_scopes[var.node_pools[count.index]["name"]],
)

guest_accelerator = [
Expand Down Expand Up @@ -431,6 +433,7 @@ resource "google_container_node_pool" "pools" {

lifecycle {
ignore_changes = [initial_node_count]

{% if update_variant %}
create_before_destroy = true
{% endif %}
Expand Down
3 changes: 2 additions & 1 deletion autogen/main.tf.tmpl
Original file line number Diff line number Diff line change
Expand Up @@ -147,7 +147,8 @@ locals {
cluster_pod_security_policy_enabled = local.cluster_output_pod_security_policy_enabled
cluster_intranode_visibility_enabled = local.cluster_output_intranode_visbility_enabled
cluster_vertical_pod_autoscaling_enabled = local.cluster_output_vertical_pod_autoscaling_enabled
cluster_workload_identity_config = var.identity_namespace == "" ? [] : [{

cluster_workload_identity_config = var.identity_namespace == "" ? [] : [{
identity_namespace = var.identity_namespace
}]
# /BETA features
Expand Down
25 changes: 16 additions & 9 deletions autogen/variables.tf.tmpl
Original file line number Diff line number Diff line change
Expand Up @@ -79,7 +79,7 @@ variable "node_version" {
}

variable "master_authorized_networks_config" {
type = list(object({cidr_blocks = list(object({cidr_block = string, display_name = string}))}))
type = list(object({ cidr_blocks = list(object({ cidr_block = string, display_name = string })) }))
description = "The desired configuration options for master authorized networks. The object format is {cidr_blocks = list(object({cidr_block = string, display_name = string}))}. Omit the nested cidr_blocks attribute to disallow external access (except the cluster node IPs, which GKE automatically whitelists)."
default = []
}
Expand Down Expand Up @@ -163,6 +163,7 @@ variable "node_pools_labels" {
type = map(map(string))
description = "Map of maps containing node labels by node-pool name"

# Default is being set in variables_defaults.tf
default = {
all = {}
default-node-pool = {}
Expand All @@ -173,6 +174,7 @@ variable "node_pools_metadata" {
type = map(map(string))
description = "Map of maps containing node metadata by node-pool name"

# Default is being set in variables_defaults.tf
default = {
all = {}
default-node-pool = {}
Expand All @@ -181,9 +183,10 @@ variable "node_pools_metadata" {

{% if beta_cluster %}
variable "node_pools_taints" {
type = map(list(object({key=string,value=string,effect=string})))
type = map(list(object({ key = string, value = string, effect = string })))
description = "Map of lists containing node taints by node-pool name"

# Default is being set in variables_defaults.tf
default = {
all = []
default-node-pool = []
Expand All @@ -195,6 +198,7 @@ variable "node_pools_tags" {
type = map(list(string))
description = "Map of lists containing node network tags by node-pool name"

# Default is being set in variables_defaults.tf
default = {
all = []
default-node-pool = []
Expand All @@ -205,6 +209,7 @@ variable "node_pools_oauth_scopes" {
type = map(list(string))
description = "Map of lists containing node oauth scopes by node-pool name"

# Default is being set in variables_defaults.tf
default = {
all = ["https://www.googleapis.com/auth/cloud-platform"]
default-node-pool = []
Expand Down Expand Up @@ -356,10 +361,11 @@ variable "default_max_pods_per_node" {

variable "database_encryption" {
description = "Application-layer Secrets Encryption settings. The object format is {state = string, key_name = string}. Valid values of state are: \"ENCRYPTED\"; \"DECRYPTED\". key_name is the name of a CloudKMS key."
type = list(object({state = string, key_name = string}))
default = [{
state = "DECRYPTED"
key_name = ""
type = list(object({ state = string, key_name = string }))

default = [{
state = "DECRYPTED"
key_name = ""
}]
}

Expand All @@ -375,7 +381,8 @@ variable "enable_binary_authorization" {

variable "pod_security_policy_config" {
description = "enabled - Enable the PodSecurityPolicy controller for this cluster. If enabled, pods must be valid under a PodSecurityPolicy to be created."
default = [{

default = [{
"enabled" = false
}]
}
Expand Down Expand Up @@ -429,8 +436,8 @@ variable "release_channel" {
}

variable "enable_shielded_nodes" {
type = bool
type = bool
description = "Enable Shielded Nodes features on all nodes in this cluster"
default = false
default = false
}
{% endif %}
74 changes: 74 additions & 0 deletions autogen/variables_defaults.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,74 @@
/**
* Copyright 2019 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

{{ autogeneration_note }}

# Setup dynamic default values for variables which can't be setup using
# the standard terraform "variable default" functionality

locals {
node_pools_labels = merge(
{ all = {} },
{ default-node-pool = {} },
zipmap(
[for node_pool in var.node_pools : node_pool["name"]],
[for node_pool in var.node_pools : {}]
),
var.node_pools_labels
)

node_pools_metadata = merge(
{ all = {} },
{ default-node-pool = {} },
zipmap(
[for node_pool in var.node_pools : node_pool["name"]],
[for node_pool in var.node_pools : {}]
),
var.node_pools_metadata
)

{% if beta_cluster %}
node_pools_taints = merge(
{ all = [] },
{ default-node-pool = [] },
zipmap(
[for node_pool in var.node_pools : node_pool["name"]],
[for node_pool in var.node_pools : []]
),
var.node_pools_taints
)

{% endif %}
node_pools_tags = merge(
{ all = [] },
{ default-node-pool = [] },
zipmap(
[for node_pool in var.node_pools : node_pool["name"]],
[for node_pool in var.node_pools : []]
),
var.node_pools_tags
)

node_pools_oauth_scopes = merge(
{ all = ["https://www.googleapis.com/auth/cloud-platform"] },
{ default-node-pool = [] },
zipmap(
[for node_pool in var.node_pools : node_pool["name"]],
[for node_pool in var.node_pools : []]
),
var.node_pools_oauth_scopes
)
}
4 changes: 2 additions & 2 deletions build/int.cloudbuild.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ steps:
args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && download_acm']
- id: prepare
name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && prepare_environment']
args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && prepare_environment && sleep 120']
env:
- 'TF_VAR_org_id=$_ORG_ID'
- 'TF_VAR_folder_id=$_FOLDER_ID'
Expand Down Expand Up @@ -309,6 +309,6 @@ tags:
- 'integration'
substitutions:
_DOCKER_IMAGE_DEVELOPER_TOOLS: 'cft/developer-tools'
_DOCKER_TAG_VERSION_DEVELOPER_TOOLS: '0.5.4'
_DOCKER_TAG_VERSION_DEVELOPER_TOOLS: '0'
options:
machineType: 'N1_HIGHCPU_8'
2 changes: 1 addition & 1 deletion build/lint.cloudbuild.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -24,4 +24,4 @@ tags:
- 'lint'
substitutions:
_DOCKER_IMAGE_DEVELOPER_TOOLS: 'cft/developer-tools'
_DOCKER_TAG_VERSION_DEVELOPER_TOOLS: '0.5.4'
_DOCKER_TAG_VERSION_DEVELOPER_TOOLS: '0'
Loading

0 comments on commit 2ac6f25

Please sign in to comment.