kovagoadi/hunfabric
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
7,017 Commits 1 Branch 1 Tag
abff147a952f37681fa725f012cee2f9d46d9483
Commit Graph

60 Commits

Author SHA1 Message Date
Ludovico Magnocavallo
f794d764e9 Support additional dns_access attributes in GKE cluster modules (#3781) 2026-03-04 11:06:48 +01:00
Simon Roberts
6708731d6d Bugfix/maintenance exclusion (#3759) 
* Fix default maintenance_config.maintenance_exclusions in GKE.

* tfdoc
 2026-02-23 11:26:38 +00:00
Michael Woodham
bc5732357c Updates to GKE modules to support Secret Sync (#3562) 
* Updates to add secret_sync to GKE module in CFF

* updated READMEs against the python tfdoc command

* updated version for secret_sync to reflect 7.12.0

* update provider versions to 7.12.0

* Updated READMEs which got clobbered by merge with main

* Fixed test errors in secret-manager module

---------

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2025-12-05 15:30:49 +00:00
Vannick Trinquier
171a2c6690 Add support for CMEK in logging bucket, big query dataset and gke notifications (#3558) 2025-12-04 10:01:32 +00:00
Vannick Trinquier
15a5486a1e Add hardened controls for gke, networking and monitoring alerts recommended in CIS Benchmarks for GCP (#3484) 2025-11-10 11:06:25 +00:00
Daniel Strebel
c672298834 feat: add GKE fleet property (#3477) 2025-10-27 09:58:46 +01:00
Taneli Leppä
f1762a5465 Add resource_manager_tags to gke-standard-cluster, gke-autopilot-cluster and gke-nodepool (#3350) 
* Add resource_manager_tags to gke-nodepool, gke-standard-cluster's node_config and gke-autopilot
 2025-09-23 15:51:37 +02:00
Ludovico Magnocavallo
dc24cd10b6 add support for permissive mode to GKE cluster modules backup plans (#3331) 2025-09-17 07:15:20 +00:00
Ludovico Magnocavallo
75906c4e9e add support for upgrade notification filters to gke cluster modules (#3316) 2025-09-10 16:03:32 +02:00
apichick
0b27e312a6 Added node_pool_auto_config to GKE cluster (#3196) 2025-06-26 18:26:09 +00:00
jacklever-hub24
e3b73b8867 Bring back master ipv4 cidr block (#3153) 
* Re-added master_ipv4_cidr_block to fix issue 3152

* Regenerate tfdoc

* Extend to GKE Autopilot

---------

Co-authored-by: Julio Castillo <jccb@google.com>
 2025-06-11 11:51:47 +02:00
Julio Castillo
a4e157a237 Expose private_endpoint_enforcement_enabled in gke modules (#3119) 2025-05-29 12:33:03 +02:00
Jai Srivastav
41eaeb8ea0 Remove default values for access_config.ip_config for gke cluster modules (#3083) 
* Change default values for authorized_ranges from {} to null and
gcp_public_cidrs_access_enabled from false to null in the
access_config.ip_access variable. This ensures the dynamic
master_authorized_networks_config block is properly
conditional on user input.

Previously, these fields would never be null due to their
default values, causing the block to always be initialized
even when users didn't intend to configure authorized networks.

* remove explicit null

* Remove all defaults for access_config.ip_access. Fix permadiff.

* Fix tests

* Swap try with coalesce

---------

Co-authored-by: Julio Castillo <jccb@google.com>
 2025-05-28 20:07:36 +00:00
apichick
a5895d4e7c Added auto-provisioning-locations to gke-cluster-standard module (#3103) 2025-05-20 15:42:03 +00:00
Maciej Sikora
2e3335630a Enable multi-network GKE (#3096) 
* feat: enable multi networking feature

* enable multi nerworking

* enable multi nerworking

* fmt

* regenerate docs

* feat: enables multinetwork in autopilot clusters
 2025-05-19 16:43:59 +00:00
6uellerBpanda
c0afa55b3b feat(gke): add kubelet_readonly_port_enabled (#3092) 
Thanks for this!
 2025-05-19 11:07:15 +02:00
Julio Castillo
bd829e6ba3 Allow disabling GKE IP endpoints and setting GKE VPC scope DNS domain (#2997) 
* Allow disabling IP access to GKE control plane

* Add additive VPC scope DNS domain to gke clusters

* Fix typo

* Bump provider to 6.27.0

* Update readme
 2025-04-02 07:03:58 +00:00
Marco Cadetg
2b2e52fecd feat: add gcp_public_cidrs_access_enabled to gke-cluster-{autopilot,standard} (#2993) 2025-04-01 06:17:44 +00:00
Federico Preli
acaac300ae Adding enterprise_config -> desired_tier feature to GKE autopilot and standard (#2962) 
Add
 2025-03-17 16:41:48 +00:00
Julio Castillo
34e7d90448 Update GKE addons and features (#2956) 
* Update GKE addons and features

* Fix tests
 2025-03-14 19:07:16 +00:00
HeiglAnna
efa1ef6f7e Add cAdvisor Metrics to Autopilot/Standard GKE Cluster (#2841) 
* Add cAdvisor Metrics to Autopilot/Standard GKE Cluster

* Fix tests

---------

Co-authored-by: AnnaHeigl <85624888+AnnaHeigl@users.noreply.github.com>
Co-authored-by: Julio Castillo <jccb@google.com>
 2025-01-30 13:29:07 +00:00
Ludovico Magnocavallo
d86b8d565c Refactor GKE cluster modules access configurations, add support for DNS endpoint (#2761) 
* stub

* gke standard module and tests

* blueprints

* tfdoc

* autopilot

* blueprints

* tfdoc

* gke hub module examples

* dataproc and gke fixture
 2024-12-12 11:02:24 +01:00
Ludovico Magnocavallo
e3cdde35b6 Add support for secret manager config to gke cluster modules (#2741) 
* add secret manager config to gke cluster

* fix variable default
 2024-11-29 09:24:18 +01:00
Tirthankar17
a90fe65b8b Add support for workload_metadata_config in Standard GKE clusters (#2716) 
* Added workload_metadata_config option

* tfdoc

* Update autopilot and nodepool modeules. Generate READMEs

---------

Co-authored-by: Julio Castillo <jccb@google.com>
 2024-11-20 09:36:10 +00:00
Simone Ruffilli
7f8a02a405 Add support for google provider 6.x (#2536) 
* Add support for google provider 6.x

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
Co-authored-by: Wiktor Niesiobędzki <wiktorn@google.com>
Co-authored-by: Julio Castillo <jccb@google.com>
 2024-09-05 10:35:58 +00:00
oluakingcp
0e2127979f included the security_posture configuration (#2553) 
Co-authored-by: Julio Castillo <jccb@google.com>
 2024-09-04 15:29:18 +02:00
okguru1
fe55217887 Add support for disable default snat (#2508) 
* added disable_default_snat variable

* add an option to disable default snat

* tfdoc readme

* change order of variables

* modify variable to exist within vpc_config and have a null default,
creating a conditional dynamic block to provide backward compatability

* defining disable snat variable in autopilot as it is also an option

* fix conditional

* update readme

* null is implied in optional bool

* update readmes
 2024-08-21 09:43:27 +00:00
fulyagonultas
9e3b9edf54 Remove default values to secondary range names in GKE cluster modules (#2439) 
* pods and services not appended anymore to sec range names

* tfdoc

---------

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
 2024-07-22 20:20:58 +00:00
Aurélien Legrand
59657415be Adding TPU limits for GKE cluster node auto-provisioning (NAP) (#2406) 
* Adding TPU limits for GKE cluster node auto-provisioning (NAP)

* rework of the cluster autoscaling configuration

* updated README

* fixing README

* Update modules/gke-cluster-standard/README.md

Co-authored-by: Wiktor Niesiobędzki <wiktorn@google.com>

* fixing indentation

---------

Co-authored-by: Wiktor Niesiobędzki <wiktorn@google.com>
 2024-07-09 09:26:30 +00:00
luigi-bitonti
750cff01cd Added private_endpoint_subnetwork parameters to GKE module (#2380) 2024-06-25 16:16:00 +02:00
luigi-bitonti
9b095a540e Added additional range field to GKE standand and autopilot (#2366) 
* Added additional range field to GKE standand and autopilot

* Bug fix

* Bug fix
 2024-06-18 12:17:08 +00:00
Ludovico Magnocavallo
795cb4a48d enable stateful ha in gke cluster standard module (#2339) 2024-06-04 09:51:19 +02:00
fulyagonultas
0d60e39aee resource_labels added to the node_config nodepool (#2317) 
* resource_labels added to the node_config nodepool

* labels added to the gke standard module

* labels set to mandatory

* Updating variables names

* Fix nodepool label variables defaults

* Fix tests

---------

Co-authored-by: Julio Castillo <jccb@google.com>
 2024-05-29 14:56:15 +02:00
Ludovico Magnocavallo
fdcd309729 add support for labels to GKE backup plans (#2252) 2024-05-01 20:20:21 +02:00
Deepak Kumar
64ac89d59c fix: allow disabling node autoprovisioning (#2238) 
- This fix allows a GKE Standard cluster to be configured with no auto-provisioned node pool,
  but allow setting autocluster profile for user-provisioned node pools like created via `gke-nodepool` module.

Co-authored-by: Julio Castillo <jccb@google.com>
 2024-04-26 07:17:48 +00:00
Tone
2831af09fa feat(gke-cluster-standard): Add optional CiliumClusterWideNetworkPolicy (#2207) 
* feat(gke-cluster-standard): Add optionnal `CiliumClusterWideNetworkPolicy`

Add `CiliumClusterWideNetworkPolicy` option on cluster.

Ref:
 - https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster#enable_cilium_clusterwide_network_policy
 - https://cloud.google.com/kubernetes-engine/docs/how-to/configure-cilium-network-policy

* feat(gke-cluster-standard): Update Google provider to manage new feature

* feat(gke-cluster-standard): Move `cilium_clusterwide_network_policy` to `enable_features` field

* fix(scheduled-asset-inventory-export-bq): Set `dataset_id` with underscores

* fix(bigquery-dataset): Set `dataset_id` with underscores
 2024-04-09 17:08:36 +02:00
Ludovico Magnocavallo
f487b27aa9 Fix default nodepool defaults in gke standard module (#2182) 
* fix default nodepool defaults in gke standard module

* fix inventory
 2024-03-28 11:22:14 +01:00
Tone
0f44e581d5 feat(gke-cluster-standard): Set optionnal default_node_pool configuration (#2175) 
* feat(gke-cluster-standard): Set optionnal `default_node_pool` configuration

* feat(gke-cluster-standard): Improve `default_node_pool` variable setup

* feat(gke-cluster-standard): Improve `default_node_pool` condition validation
 2024-03-26 18:05:35 +01:00
Ludovico Magnocavallo
5ac86ecae7 Support advanced_datapath_observability in gke cluster standard module (#2168) 
* support advanced_datapath_observability in gke cluster standard module

* bump provider to 5.17.0
 2024-03-22 08:25:43 +01:00
Deepak Kumar
27e503a3ac fix: auto_provisioning_defaults is not really optional (#2051) 
Due to the disk_type validation for auto provision node pool,
this module always forced to create a GKE standard cluster
with a auto provisioned node pool. This is not desirable if
you manage pools separately like using the `gke-nodepool`.
 2024-02-06 07:09:13 +01:00
luigi-bitonti
0ef7ee4670 Added beta apis feature (#1999) 2024-01-23 11:09:22 +00:00
luigi-bitonti
cec11d2d55 Add support for service_external_ips_config to GKE cluster modules (#1970) 
* Added variable in gke standard and autopilot modules

* Changed variable position

* Added dynamic block
 2024-01-12 11:50:53 +01:00
Thomas Colomb
201ff284f6 gke-cluster-standard : Support upgrade_settings for node auto provisioner (#1905) 
* gke-cluster-standard : Support upgrade_settings for node auto provisionner

* implement suggestions

* tfdoc

---------

Co-authored-by: Ludo <ludomagno@google.com>
 2023-12-12 19:17:51 +00:00
Thomas Colomb
e4c55bc4c9 gke-cluster-standard : Set optional shielded_instance_config block in cluster_autoscaling.auto_provisioning_defaults (#1906) 
Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
Co-authored-by: Julio Castillo <jccb@google.com>
 2023-12-07 09:37:13 +00:00
Thomas Colomb
b92389066e gke-cluster-standard : Add possibility to enable image streaming feature at cluster level (#1904) 2023-12-07 06:36:21 +01:00
Ludovico Magnocavallo
637926fb68 Support boot disk KMS key in GKE cluster modules (#1881) 
* gke cluster standard

* tfdoc

* gke cluster autopilot

* fix autopilot tags test
 2023-11-23 11:52:13 +00:00
Tone
0f446e89d4 Extend cluster_autoscaling fields in gke-cluster-standard (#1845) 
* feat(gke-cluster-standard): Add feature to setup `cluster_autoscaling`

* feat(gke-cluster-standard): Add GPUs setup feature for `cluster_autoscaling`

* feat(gke-cluster-standard): Add validation for `autoscaling_profile` and `disk_type` to ensure only valid values are specified

* feat(gke-cluster-standard): Fix validation condition for `cluster_autoscaling`
 2023-11-10 12:39:50 +01:00
Ewa Wojtach
33ce0e1db5 AI models support (#1750) 
* nodepool config

* added gpu driver configuration

* documentation update

* regenerated docs

* review comments

* review comments

* blocks structure

* documentation update

* test fix and doc update

* review comments

* doc

* Extend inventory

* Update README

---------

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
Co-authored-by: Julio Castillo <jccb@google.com>
 2023-10-25 09:42:36 +00:00
luigi-bitonti
4e439720aa Added ProtectedApplication feature to GKE Backup (#1774) 
* Added ProtectedApplication feature to GKE Backup

* Fixed location name and added example

* Modified test module

* Changed test

* Changed test

* Changed test

* Restore old "all_namespaces" logic

* Bug fix

* Ran fmt on README example

* Modified variable structure

* Fix test

* Fix
 2023-10-19 19:54:22 +02:00
luigi-bitonti
bb76878d0d Added FQDN Network Policy feature on GKE Cluster (#1732) 
* Added FQDN Network Policy feature on GKE Cluster

* Fix README.md. Added validation into variable.

* README.md updated

---------

Co-authored-by: Bitonti, Luigi <luigi.bitonti@nttdata.com>
 2023-10-06 10:05:54 +02:00