hunfabric

Author	SHA1	Message	Date
Michael Woodham	bc5732357c	Updates to GKE modules to support Secret Sync (#3562 ) * Updates to add secret_sync to GKE module in CFF * updated READMEs against the python tfdoc command * updated version for secret_sync to reflect 7.12.0 * update provider versions to 7.12.0 * Updated READMEs which got clobbered by merge with main * Fixed test errors in secret-manager module --------- Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>	2025-12-05 15:30:49 +00:00
Vannick Trinquier	171a2c6690	Add support for CMEK in logging bucket, big query dataset and gke notifications (#3558 )	2025-12-04 10:01:32 +00:00
Vannick Trinquier	15a5486a1e	Add hardened controls for gke, networking and monitoring alerts recommended in CIS Benchmarks for GCP (#3484 )	2025-11-10 11:06:25 +00:00
Daniel Strebel	c672298834	feat: add GKE fleet property (#3477 )	2025-10-27 09:58:46 +01:00
Taneli Leppä	f1762a5465	Add resource_manager_tags to gke-standard-cluster, gke-autopilot-cluster and gke-nodepool (#3350 ) * Add resource_manager_tags to gke-nodepool, gke-standard-cluster's node_config and gke-autopilot	2025-09-23 15:51:37 +02:00
Ludovico Magnocavallo	dc24cd10b6	add support for permissive mode to GKE cluster modules backup plans (#3331 )	2025-09-17 07:15:20 +00:00
Ludovico Magnocavallo	75906c4e9e	add support for upgrade notification filters to gke cluster modules (#3316 )	2025-09-10 16:03:32 +02:00
Deepak Kumar	fe9d1a589e	Provide node_pool_auto_config only when node auto provisioning is enabled for GKE standard cluster (#3275 ) * Set node_pool_auto_config for GKE standard cluster only if auto provisioning is enabled * handle null dereference for terraform cli less than v1.12 * fixed gke-hub test Explicitly enable node auto provisioning	2025-08-14 12:47:07 +00:00
apichick	0b27e312a6	Added node_pool_auto_config to GKE cluster (#3196 )	2025-06-26 18:26:09 +00:00
jacklever-hub24	e3b73b8867	Bring back master ipv4 cidr block (#3153 ) * Re-added master_ipv4_cidr_block to fix issue 3152 * Regenerate tfdoc * Extend to GKE Autopilot --------- Co-authored-by: Julio Castillo <jccb@google.com>	2025-06-11 11:51:47 +02:00
Julio Castillo	a4e157a237	Expose private_endpoint_enforcement_enabled in gke modules (#3119 )	2025-05-29 12:33:03 +02:00
Jai Srivastav	41eaeb8ea0	Remove default values for access_config.ip_config for gke cluster modules (#3083 ) * Change default values for authorized_ranges from {} to null and gcp_public_cidrs_access_enabled from false to null in the access_config.ip_access variable. This ensures the dynamic master_authorized_networks_config block is properly conditional on user input. Previously, these fields would never be null due to their default values, causing the block to always be initialized even when users didn't intend to configure authorized networks. * remove explicit null * Remove all defaults for access_config.ip_access. Fix permadiff. * Fix tests * Swap try with coalesce --------- Co-authored-by: Julio Castillo <jccb@google.com>	2025-05-28 20:07:36 +00:00
apichick	a5895d4e7c	Added auto-provisioning-locations to gke-cluster-standard module (#3103 )	2025-05-20 15:42:03 +00:00
Maciej Sikora	2e3335630a	Enable multi-network GKE (#3096 ) * feat: enable multi networking feature * enable multi nerworking * enable multi nerworking * fmt * regenerate docs * feat: enables multinetwork in autopilot clusters	2025-05-19 16:43:59 +00:00
6uellerBpanda	c0afa55b3b	feat(gke): add kubelet_readonly_port_enabled (#3092 ) Thanks for this!	2025-05-19 11:07:15 +02:00
Julio Castillo	bd829e6ba3	Allow disabling GKE IP endpoints and setting GKE VPC scope DNS domain (#2997 ) * Allow disabling IP access to GKE control plane * Add additive VPC scope DNS domain to gke clusters * Fix typo * Bump provider to 6.27.0 * Update readme	2025-04-02 07:03:58 +00:00
Marco Cadetg	2b2e52fecd	feat: add gcp_public_cidrs_access_enabled to gke-cluster-{autopilot,standard} (#2993 )	2025-04-01 06:17:44 +00:00
Federico Preli	acaac300ae	Adding enterprise_config -> desired_tier feature to GKE autopilot and standard (#2962 ) Add	2025-03-17 16:41:48 +00:00
HeiglAnna	efa1ef6f7e	Add cAdvisor Metrics to Autopilot/Standard GKE Cluster (#2841 ) * Add cAdvisor Metrics to Autopilot/Standard GKE Cluster * Fix tests --------- Co-authored-by: AnnaHeigl <85624888+AnnaHeigl@users.noreply.github.com> Co-authored-by: Julio Castillo <jccb@google.com>	2025-01-30 13:29:07 +00:00
Ludovico Magnocavallo	d86b8d565c	Refactor GKE cluster modules access configurations, add support for DNS endpoint (#2761 ) * stub * gke standard module and tests * blueprints * tfdoc * autopilot * blueprints * tfdoc * gke hub module examples * dataproc and gke fixture	2024-12-12 11:02:24 +01:00
Ludovico Magnocavallo	e3cdde35b6	Add support for secret manager config to gke cluster modules (#2741 ) * add secret manager config to gke cluster * fix variable default	2024-11-29 09:24:18 +01:00
Tirthankar17	a90fe65b8b	Add support for workload_metadata_config in Standard GKE clusters (#2716 ) * Added workload_metadata_config option * tfdoc * Update autopilot and nodepool modeules. Generate READMEs --------- Co-authored-by: Julio Castillo <jccb@google.com>	2024-11-20 09:36:10 +00:00
oluakingcp	0e2127979f	included the security_posture configuration (#2553 ) Co-authored-by: Julio Castillo <jccb@google.com>	2024-09-04 15:29:18 +02:00
okguru1	fe55217887	Add support for disable default snat (#2508 ) * added disable_default_snat variable * add an option to disable default snat * tfdoc readme * change order of variables * modify variable to exist within vpc_config and have a null default, creating a conditional dynamic block to provide backward compatability * defining disable snat variable in autopilot as it is also an option * fix conditional * update readme * null is implied in optional bool * update readmes	2024-08-21 09:43:27 +00:00
Aurélien Legrand	59657415be	Adding TPU limits for GKE cluster node auto-provisioning (NAP) (#2406 ) * Adding TPU limits for GKE cluster node auto-provisioning (NAP) * rework of the cluster autoscaling configuration * updated README * fixing README * Update modules/gke-cluster-standard/README.md Co-authored-by: Wiktor Niesiobędzki <wiktorn@google.com> * fixing indentation --------- Co-authored-by: Wiktor Niesiobędzki <wiktorn@google.com>	2024-07-09 09:26:30 +00:00
luigi-bitonti	750cff01cd	Added private_endpoint_subnetwork parameters to GKE module (#2380 )	2024-06-25 16:16:00 +02:00
luigi-bitonti	9b095a540e	Added additional range field to GKE standand and autopilot (#2366 ) * Added additional range field to GKE standand and autopilot * Bug fix * Bug fix	2024-06-18 12:17:08 +00:00
Ludovico Magnocavallo	795cb4a48d	enable stateful ha in gke cluster standard module (#2339 )	2024-06-04 09:51:19 +02:00
fulyagonultas	0d60e39aee	resource_labels added to the node_config nodepool (#2317 ) * resource_labels added to the node_config nodepool * labels added to the gke standard module * labels set to mandatory * Updating variables names * Fix nodepool label variables defaults * Fix tests --------- Co-authored-by: Julio Castillo <jccb@google.com>	2024-05-29 14:56:15 +02:00
Ludovico Magnocavallo	fdcd309729	add support for labels to GKE backup plans (#2252 )	2024-05-01 20:20:21 +02:00
Deepak Kumar	64ac89d59c	fix: allow disabling node autoprovisioning (#2238 ) - This fix allows a GKE Standard cluster to be configured with no auto-provisioned node pool, but allow setting autocluster profile for user-provisioned node pools like created via `gke-nodepool` module. Co-authored-by: Julio Castillo <jccb@google.com>	2024-04-26 07:17:48 +00:00
cmalpe	1563a76011	added missing option for exclusion scope (#2224 ) * added missing option for exclusion scope * added validation and changes for gke autopilot	2024-04-18 14:12:16 +03:00
Julio Castillo	3af7e257d2	Add tflint to pipelines (#2220 ) * Fix terraform_deprecated_index https://github.com/terraform-linters/tflint-ruleset-terraform/blob/v0.5.0/docs/rules/terraform_deprecated_index.md * Fix terraform_deprecated_interpolation Reference: https://github.com/terraform-linters/tflint-ruleset-terraform/blob/v0.5.0/docs/rules/terraform_deprecated_interpolation.md * Fix more indexing * Remove unused variable * Enable TFLint for modules * Add tflint config file * Fix chdir * Lint modules * TFLint fixes * TFLint * Fixes binauthz README * Fixes DNS response policy tests. Restores MIG outputs. * Fixes other DNS response policy tests. * Update tests for fast 2-e * Moar fixed tests --------- Co-authored-by: Simone Ruffilli <sruffilli@google.com>	2024-04-17 10:23:48 +02:00
Tone	2831af09fa	feat(gke-cluster-standard): Add optional `CiliumClusterWideNetworkPolicy` (#2207 ) * feat(gke-cluster-standard): Add optionnal `CiliumClusterWideNetworkPolicy` Add `CiliumClusterWideNetworkPolicy` option on cluster. Ref: - https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster#enable_cilium_clusterwide_network_policy - https://cloud.google.com/kubernetes-engine/docs/how-to/configure-cilium-network-policy * feat(gke-cluster-standard): Update Google provider to manage new feature * feat(gke-cluster-standard): Move `cilium_clusterwide_network_policy` to `enable_features` field * fix(scheduled-asset-inventory-export-bq): Set `dataset_id` with underscores * fix(bigquery-dataset): Set `dataset_id` with underscores	2024-04-09 17:08:36 +02:00
Ludovico Magnocavallo	f487b27aa9	Fix default nodepool defaults in gke standard module (#2182 ) * fix default nodepool defaults in gke standard module * fix inventory	2024-03-28 11:22:14 +01:00
Tone	0f44e581d5	feat(gke-cluster-standard): Set optionnal `default_node_pool` configuration (#2175 ) * feat(gke-cluster-standard): Set optionnal `default_node_pool` configuration * feat(gke-cluster-standard): Improve `default_node_pool` variable setup * feat(gke-cluster-standard): Improve `default_node_pool` condition validation	2024-03-26 18:05:35 +01:00
Ludovico Magnocavallo	5ac86ecae7	Support advanced_datapath_observability in gke cluster standard module (#2168 ) * support advanced_datapath_observability in gke cluster standard module * bump provider to 5.17.0	2024-03-22 08:25:43 +01:00
luigi-bitonti	0ef7ee4670	Added beta apis feature (#1999 )	2024-01-23 11:09:22 +00:00
luigi-bitonti	cec11d2d55	Add support for service_external_ips_config to GKE cluster modules (#1970 ) * Added variable in gke standard and autopilot modules * Changed variable position * Added dynamic block	2024-01-12 11:50:53 +01:00
Thomas Colomb	201ff284f6	gke-cluster-standard : Support upgrade_settings for node auto provisioner (#1905 ) * gke-cluster-standard : Support upgrade_settings for node auto provisionner * implement suggestions * tfdoc --------- Co-authored-by: Ludo <ludomagno@google.com>	2023-12-12 19:17:51 +00:00
Thomas Colomb	b92389066e	gke-cluster-standard : Add possibility to enable image streaming feature at cluster level (#1904 )	2023-12-07 06:36:21 +01:00
Ludovico Magnocavallo	637926fb68	Support boot disk KMS key in GKE cluster modules (#1881 ) * gke cluster standard * tfdoc * gke cluster autopilot * fix autopilot tags test	2023-11-23 11:52:13 +00:00
Tone	0f446e89d4	Extend `cluster_autoscaling` fields in gke-cluster-standard (#1845 ) * feat(gke-cluster-standard): Add feature to setup `cluster_autoscaling` * feat(gke-cluster-standard): Add GPUs setup feature for `cluster_autoscaling` * feat(gke-cluster-standard): Add validation for `autoscaling_profile` and `disk_type` to ensure only valid values are specified * feat(gke-cluster-standard): Fix validation condition for `cluster_autoscaling`	2023-11-10 12:39:50 +01:00
Ewa Wojtach	33ce0e1db5	AI models support (#1750 ) * nodepool config * added gpu driver configuration * documentation update * regenerated docs * review comments * review comments * blocks structure * documentation update * test fix and doc update * review comments * doc * Extend inventory * Update README --------- Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com> Co-authored-by: Julio Castillo <jccb@google.com>	2023-10-25 09:42:36 +00:00
luigi-bitonti	4e439720aa	Added ProtectedApplication feature to GKE Backup (#1774 ) * Added ProtectedApplication feature to GKE Backup * Fixed location name and added example * Modified test module * Changed test * Changed test * Changed test * Restore old "all_namespaces" logic * Bug fix * Ran fmt on README example * Modified variable structure * Fix test * Fix	2023-10-19 19:54:22 +02:00
luigi-bitonti	bb76878d0d	Added FQDN Network Policy feature on GKE Cluster (#1732 ) * Added FQDN Network Policy feature on GKE Cluster * Fix README.md. Added validation into variable. * README.md updated --------- Co-authored-by: Bitonti, Luigi <luigi.bitonti@nttdata.com>	2023-10-06 10:05:54 +02:00
Julio Castillo	dfc5023e0b	Make deletion protection consistent across all modules (#1735 ) * Expose deletion_protection in GKE modules * Make deletion protection consistent across all modules * Add deletion_protection option to blueprints * Fix blueprints tests * Fix types * Update READMEs * Fix dp readme * Fix cmek blueprint default deletion_protection * Fix blueprints tests	2023-10-05 17:31:07 +02:00
Ludovico Magnocavallo	789328ff5a	Bump provider versions to v5.0.0 (#1724 ) * bump provider versions to 5.0.0 * fix cloud run, logging and vpc-sc * Fix secret manager * fix gke nodepool * fix gke multitenant stage and blueprint * Moving alloydb module to experimental. * Add project to bare resources in examples * tfdoc * fix svpc blueprint test * Revert "fix svpc blueprint test" This reverts commit 14f02659098070136e64ead600580dd52c23c339. * Fix GKE peering project * Disable tests in alloydb module * Bring back secret ids in secret manager tests * Remove duplicate key * last push --------- Co-authored-by: Julio Castillo <jccb@google.com>	2023-10-03 12:15:36 +00:00
Ludo	d78616b6c3	add support for default nodepool sa in GKE cluster module	2023-09-22 10:15:22 +02:00
Oliver Frolovs	6eb862a775	GKE cluster modules: add optional kube state metrics (#1682 ) * `gke-cluster-standard`: add optional kube state metrics * `gke-cluster-autopilot`: add optional kube state metrics * FAST: add kube state metrics support for GKE * blueprints/gke: add kube state metrics support * Bump up the provider version to `v4.82.0`	2023-09-15 12:18:45 +01:00

1 2

59 Commits