From a3962dcaf72aba05b12039da027618a70a7c7d62 Mon Sep 17 00:00:00 2001
From: Roberto Rojas <robertojrojas@gmail.com>
Date: Sun, 16 Aug 2020 14:32:36 -0400
Subject: [PATCH]  #123: Proposal to extend gke-module (#124)

* allows the use of shared VPC network

* adds configuration block for host project id and shared vpc

* changes based on issue discussion

* changes based on issue discussion
---
 modules/gke-cluster/README.md    | 2 +-
 modules/gke-cluster/main.tf      | 3 ++-
 modules/gke-cluster/variables.tf | 1 +
 3 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/modules/gke-cluster/README.md b/modules/gke-cluster/README.md
index 7442ae539..98d8aaff6 100644
--- a/modules/gke-cluster/README.md
+++ b/modules/gke-cluster/README.md
@@ -58,7 +58,7 @@ module "cluster-1" {
 | *min_master_version* | Minimum version of the master, defaults to the version of the most recent official release. | <code title="">string</code> |  | <code title="">null</code> |
 | *monitoring_service* | Monitoring service (disable with an empty string). | <code title="">string</code> |  | <code title="">monitoring.googleapis.com/kubernetes</code> |
 | *node_locations* | Zones in which the cluster's nodes are located. | <code title="list&#40;string&#41;">list(string)</code> |  | <code title="">[]</code> |
-| *peering_config* | Configure peering with the master VPC for private clusters. | <code title="object&#40;&#123;&#10;export_routes &#61; bool&#10;import_routes &#61; bool&#10;&#125;&#41;">object({...})</code> |  | <code title="">null</code> |
+| *peering_config* | Configure peering with the master VPC for private clusters. | <code title="object&#40;&#123;&#10;export_routes &#61; bool&#10;import_routes &#61; bool&#10;project_id &#61; string&#10;&#125;&#41;">object({...})</code> |  | <code title="">null</code> |
 | *pod_security_policy* | Enable the PodSecurityPolicy feature. | <code title="">bool</code> |  | <code title="">null</code> |
 | *private_cluster_config* | Enable and configure private cluster, private nodes must be true if used. | <code title="object&#40;&#123;&#10;enable_private_nodes    &#61; bool&#10;enable_private_endpoint &#61; bool&#10;master_ipv4_cidr_block  &#61; string&#10;&#125;&#41;">object({...})</code> |  | <code title="">null</code> |
 | *release_channel* | Release channel for GKE upgrades. | <code title="">string</code> |  | <code title="">null</code> |
diff --git a/modules/gke-cluster/main.tf b/modules/gke-cluster/main.tf
index 86fe095a7..29e5a8eaf 100644
--- a/modules/gke-cluster/main.tf
+++ b/modules/gke-cluster/main.tf
@@ -22,6 +22,7 @@ locals {
     google_container_cluster.cluster.private_cluster_config.0.peering_name,
     null
   )
+  peering_project_id = try(var.peering_config.project_id, "") == "" ? var.project_id                    : (var.peering_config.project_id == "" ? var.project_id : var.peering_config.project_id)
 }
 
 resource "google_container_cluster" "cluster" {
@@ -218,7 +219,7 @@ resource "google_container_cluster" "cluster" {
 
 resource "google_compute_network_peering_routes_config" "gke_master" {
   count                = local.is_private && var.peering_config != null ? 1 : 0
-  project              = var.project_id
+  project              = local.peering_project_id
   peering              = local.peering
   network              = element(reverse(split("/", var.network)), 0)
   import_custom_routes = var.peering_config.import_routes
diff --git a/modules/gke-cluster/variables.tf b/modules/gke-cluster/variables.tf
index 62b3709c0..e0b245075 100644
--- a/modules/gke-cluster/variables.tf
+++ b/modules/gke-cluster/variables.tf
@@ -178,6 +178,7 @@ variable "peering_config" {
   type = object({
     export_routes = bool
     import_routes = bool
+    project_id    = string
   })
   default = null
 }