kovagoadi/hunfabric
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add context to net-lb-proxy-int (#3988)

Browse Source 
* net-lb-proxy-int: add context

* Update modules/net-lb-proxy-int/README.md

* Update modules/net-lb-proxy-int/README.md

* Update modules/net-lb-proxy-int/README.md

* Update modules/net-lb-proxy-int/README.md

* Update modules/net-lb-proxy-int/README.md

* Update modules/net-lb-proxy-int/README.md

* Update modules/net-lb-proxy-int/README.md

* Update modules/net-lb-proxy-int/README.md

* Update modules/net-lb-proxy-int/README.md

* Update modules/net-lb-proxy-int/README.md

---------

Co-authored-by: Julio Castillo <jccb@google.com>
This commit is contained in:
Luca Prete
2026-05-24 19:03:56 +02:00
committed by GitHub
parent c24dae395b
commit e4f2c68d8b
7 changed files with 279 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

85
modules/net-lb-proxy-int/main.tf
View File

@@ -14,6 +14,19 @@
* limitations under the License.
*/
locals {
ctx = {
for k, v in var.context : k => {
for kk, vv in v : "${local.ctx_p}${k}:${kk}" => vv
}
}
ctx_p = "$"
network = lookup(local.ctx.networks, var.vpc_config.network, var.vpc_config.network)
project_id = lookup(local.ctx.project_ids, var.project_id, var.project_id)
region = lookup(local.ctx.locations, var.region, var.region)
subnetwork = lookup(local.ctx.subnets, var.vpc_config.subnetwork, var.vpc_config.subnetwork)
}
locals {
# we need keys in the endpoint type to address issue #1055
_neg_endpoints = flatten([
@@ -23,6 +36,11 @@ locals {
})
]
])
health_check = (
var.health_check != null
? var.health_check
: google_compute_region_health_check.default[0].self_link
)
neg_endpoints = {
for v in local._neg_endpoints : (v.key) => v
}
@@ -41,25 +59,24 @@ locals {
for k, v in var.neg_configs :
k => v if v.psc != null
}
health_check = (
var.health_check != null
? var.health_check
: google_compute_region_health_check.default[0].self_link
)
}
resource "google_compute_forwarding_rule" "default" {
provider = google-beta
project = var.project_id
region = var.region
name = var.name
description = var.description
ip_address = var.address
provider = google-beta
project = local.project_id
region = local.region
name = var.name
description = var.description
ip_address = (
var.address == null
? null
: lookup(local.ctx.addresses, var.address, var.address)
)
ip_protocol = "TCP"
load_balancing_scheme = "INTERNAL_MANAGED"
network = var.vpc_config.network
network = local.network
port_range = var.port
subnetwork = var.vpc_config.subnetwork
subnetwork = local.subnetwork
labels = var.labels
target = google_compute_region_target_tcp_proxy.default.id
# during the preview phase you cannot change this attribute on an existing rule
@@ -67,10 +84,10 @@ resource "google_compute_forwarding_rule" "default" {
}
resource "google_compute_region_target_tcp_proxy" "default" {
project = var.project_id
project = local.project_id
name = var.name
description = var.description
region = var.region
region = local.region
backend_service = google_compute_region_backend_service.default.self_link
}
@@ -78,22 +95,27 @@ resource "google_compute_network_endpoint_group" "default" {
for_each = local.neg_zonal
project = (
each.value.project_id == null
? var.project_id
? local.project_id
: each.value.project_id
)
zone = each.value.zone
zone = try(local.ctx.locations[each.value.zone], each.value.zone)
name = "${var.name}-${each.key}"
# re-enable once provider properly supports this
# default_port = each.value.default_port
description = var.description
network_endpoint_type = each.value.type
network = (
each.value.network != null ? each.value.network : var.vpc_config.network
each.value.network != null
? try(local.ctx.networks[each.value.network], each.value.network)
: local.network
)
subnetwork = (
each.value.type == "NON_GCP_PRIVATE_IP_PORT"
? null
: coalesce(each.value.subnetwork, var.vpc_config.subnetwork)
: coalesce(
try(local.ctx.subnets[each.value.subnetwork], each.value.subnetwork),
local.subnetwork
)
)
}
@@ -108,19 +130,27 @@ resource "google_compute_network_endpoint" "default" {
instance = try(each.value.instance, null)
ip_address = each.value.ip_address
port = each.value.port
zone = each.value.zone
zone = try(local.ctx.locations[each.value.zone], each.value.zone)
}
resource "google_compute_region_network_endpoint_group" "psc" {
for_each = local.neg_regional_psc
project = var.project_id
project = local.project_id
region = each.value.psc.region
name = "${var.name}-${each.key}"
//description = coalesce(each.value.description, var.description)
network_endpoint_type = "PRIVATE_SERVICE_CONNECT"
psc_target_service = each.value.psc.target_service
network = each.value.psc.network
subnetwork = each.value.psc.subnetwork
network = (
each.value.psc.network == null
? null
: try(local.ctx.networks[each.value.psc.network], each.value.psc.network)
)
subnetwork = (
each.value.psc.subnetwork == null
? null
: try(local.ctx.subnets[each.value.psc.subnetwork], each.value.psc.subnetwork)
)
lifecycle {
# ignore until https://github.com/hashicorp/terraform-provider-google/issues/20576 is fixed
ignore_changes = [psc_data]
@@ -147,7 +177,7 @@ locals {
resource "google_compute_region_network_endpoint_group" "internet" {
for_each = local.neg_internet
project = var.project_id
project = local.project_id
name = "${var.name}-${each.key}"
region = each.value.internet.region
# re-enable once provider properly supports this
@@ -176,12 +206,15 @@ resource "google_compute_region_network_endpoint" "internet" {
# PSC Producer Service attachments
resource "google_compute_service_attachment" "default" {
count = var.service_attachment == null ? 0 : 1
project = var.project_id
project = local.project_id
region = var.region
name = var.name
description = var.description
target_service = google_compute_forwarding_rule.default.id
nat_subnets = var.service_attachment.nat_subnets
nat_subnets = [
for s in var.service_attachment.nat_subnets
: lookup(local.ctx.subnets, s, s)
]
connection_preference = (
var.service_attachment.automatic_connection
? "ACCEPT_AUTOMATIC"