From 674f77210a0a2b5236b53e0183393e34bd7a1dd2 Mon Sep 17 00:00:00 2001
From: CPL Markus <106060626+CPL-markus@users.noreply.github.com>
Date: Wed, 24 Jul 2024 20:00:44 +0200
Subject: [PATCH] feat: anthos modules remote fleet project (#1995)

---
 modules/acm/README.md    | 1 +
 modules/acm/feature.tf   | 4 ++--
 modules/acm/main.tf      | 1 +
 modules/acm/variables.tf | 6 ++++++
 4 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/modules/acm/README.md b/modules/acm/README.md
index f9207a51bc..9258f2c837 100644
--- a/modules/acm/README.md
+++ b/modules/acm/README.md
@@ -86,6 +86,7 @@ data "google_client_config" "default" {}
 | enable\_mutation | Whether to enable mutations for ACM Policy Controller. | `bool` | `false` | no |
 | enable\_policy\_controller | Whether to enable the ACM Policy Controller on the cluster | `bool` | `true` | no |
 | enable\_referential\_rules | Enables referential constraints which reference another object in it definition and are therefore eventually consistent. | `bool` | `true` | no |
+| fleet\_project\_id | The project in which the GKE fleet is located. Defaults to GKE cluster project\_id. | `string` | `""` | no |
 | gcp\_service\_account\_email | The service account email for authentication when `secret_type` is `gcpServiceAccount`. | `string` | `null` | no |
 | hierarchy\_controller | Configurations for Hierarchy Controller. See [Hierarchy Controller docs](https://cloud.google.com/anthos-config-management/docs/how-to/installing-hierarchy-controller) for more details | `map(any)` | `null` | no |
 | https\_proxy | URL for the HTTPS proxy to be used when communicating with the Git repo. | `string` | `null` | no |
diff --git a/modules/acm/feature.tf b/modules/acm/feature.tf
index a4bc58de9d..7a2d06d863 100644
--- a/modules/acm/feature.tf
+++ b/modules/acm/feature.tf
@@ -19,7 +19,7 @@ resource "google_gke_hub_feature" "acm" {
   provider = google-beta
 
   name     = "configmanagement"
-  project  = var.project_id
+  project  = coalesce(var.fleet_project_id, var.project_id)
   location = "global"
 }
 
@@ -33,7 +33,7 @@ resource "google_gke_hub_feature_membership" "main" {
   feature  = "configmanagement"
 
   membership = module.registration.cluster_membership_id
-  project    = var.project_id
+  project    = coalesce(var.fleet_project_id, var.project_id)
 
   configmanagement {
     version = var.configmanagement_version
diff --git a/modules/acm/main.tf b/modules/acm/main.tf
index 6ffe06f166..fcfd194137 100644
--- a/modules/acm/main.tf
+++ b/modules/acm/main.tf
@@ -24,6 +24,7 @@ module "registration" {
 
   cluster_name              = var.cluster_name
   project_id                = var.project_id
+  hub_project_id            = var.fleet_project_id
   location                  = var.location
   enable_fleet_registration = var.enable_fleet_registration
   membership_name           = var.cluster_membership_id
diff --git a/modules/acm/variables.tf b/modules/acm/variables.tf
index b1baa093fc..404c92f339 100644
--- a/modules/acm/variables.tf
+++ b/modules/acm/variables.tf
@@ -24,6 +24,12 @@ variable "project_id" {
   type        = string
 }
 
+variable "fleet_project_id" {
+  description = "The project in which the GKE fleet is located. Defaults to GKE cluster project_id."
+  type        = string
+  default     = ""
+}
+
 variable "location" {
   description = "GCP location used to reach cluster."
   type        = string