Adding support for Cloud DNS Additive VPC Scope for GKE, currently in preview (#10590) (#7321)

[upstream:d20b9dd485b908780761f82ad6a89c8fa62d592a]

Signed-off-by: Modular Magician <[email protected]>

Author: modular-magician

google-beta/services/container/resource_container_cluster.go

@@ -2015,6 +2015,11 @@ func ResourceContainerCluster() *schema.Resource {
 				Description:      `Configuration for Cloud DNS for Kubernetes Engine.`,
 				Elem: &schema.Resource{
 					Schema: map[string]*schema.Schema{
+						"additive_vpc_scope_dns_domain": {
+							Type:        schema.TypeString,
+							Description: `Enable additive VPC scope DNS in a GKE cluster.`,
+							Optional:    true,
+						},
 						"cluster_dns": {
 							Type:         schema.TypeString,
 							Default:      "PROVIDER_UNSPECIFIED",
@@ -5240,9 +5245,10 @@ func expandDnsConfig(configured interface{}) *container.DNSConfig {
 
 	config := l[0].(map[string]interface{})
 	return &container.DNSConfig{
-		ClusterDns:       config["cluster_dns"].(string),
-		ClusterDnsScope:  config["cluster_dns_scope"].(string),
-		ClusterDnsDomain: config["cluster_dns_domain"].(string),
+		AdditiveVpcScopeDnsDomain: config["additive_vpc_scope_dns_domain"].(string),
+		ClusterDns:                config["cluster_dns"].(string),
+		ClusterDnsScope:           config["cluster_dns_scope"].(string),
+		ClusterDnsDomain:          config["cluster_dns_domain"].(string),
 	}
 }
 
@@ -6101,9 +6107,10 @@ func flattenDnsConfig(c *container.DNSConfig) []map[string]interface{} {
 	}
 	return []map[string]interface{}{
 		{
-			"cluster_dns":        c.ClusterDns,
-			"cluster_dns_scope":  c.ClusterDnsScope,
-			"cluster_dns_domain": c.ClusterDnsDomain,
+			"additive_vpc_scope_dns_domain": c.AdditiveVpcScopeDnsDomain,
+			"cluster_dns":                   c.ClusterDns,
+			"cluster_dns_scope":             c.ClusterDnsScope,
+			"cluster_dns_domain":            c.ClusterDnsDomain,
 		},
 	}
 }

google-beta/services/container/resource_container_cluster_test.go

@@ -487,6 +487,29 @@ func TestAccContainerCluster_withFQDNNetworkPolicy(t *testing.T) {
 	})
 }
 
+func TestAccContainerCluster_withAdditiveVPC(t *testing.T) {
+	t.Parallel()
+
+	clusterName := fmt.Sprintf("tf-test-cluster-%s", acctest.RandString(t, 10))
+
+	acctest.VcrTest(t, resource.TestCase{
+		PreCheck:                 func() { acctest.AccTestPreCheck(t) },
+		ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t),
+		CheckDestroy:             testAccCheckContainerClusterDestroyProducer(t),
+		Steps: []resource.TestStep{
+			{
+				Config: testAccContainerCluster_withAdditiveVPC(clusterName),
+			},
+			{
+				ResourceName:            "google_container_cluster.cluster",
+				ImportState:             true,
+				ImportStateVerify:       true,
+				ImportStateVerifyIgnore: []string{"min_master_version", "deletion_protection"},
+			},
+		},
+	})
+}
+
 func TestAccContainerCluster_withMasterAuthConfig_NoCert(t *testing.T) {
 	t.Parallel()
 
@@ -627,6 +650,23 @@ resource "google_container_cluster" "cluster" {
 `, clusterName, clusterName)
 }
 
+func testAccContainerCluster_withAdditiveVPC(clusterName string) string {
+	return fmt.Sprintf(`
+resource "google_container_cluster" "cluster" {
+  name               = "%s"
+  location           = "us-central1-a"
+  initial_node_count = 1
+
+  dns_config {
+    cluster_dns = "CLOUD_DNS"
+    additive_vpc_scope_dns_domain = "test.com"
+    cluster_dns_scope = "CLUSTER_SCOPE"
+  }
+  deletion_protection = false
+}
+`, clusterName)
+}
+
 func testAccContainerCluster_withFQDNNetworkPolicy(clusterName string, enabled bool) string {
 	return fmt.Sprintf(`
 data "google_container_engine_versions" "uscentral1a" {

website/docs/r/container_cluster.html.markdown

@@ -1287,6 +1287,8 @@ linux_node_config {
 
 <a name="nested_dns_config"></a>The `dns_config` block supports:
 
+* `additive_vpc_scope_dns_domain` - (Optional, [Beta](https://terraform.io/docs/providers/google/guides/provider_versions.html)) This will enable Cloud DNS additive VPC scope. Must provide a domain name that is unique within the VPC. For this to work `cluster_dns = "CLOUD_DNS"` and `cluster_dns_scope = "CLUSTER_SCOPE"` must both be set as well.
+
 * `cluster_dns` - (Optional) Which in-cluster DNS provider should be used. `PROVIDER_UNSPECIFIED` (default) or `PLATFORM_DEFAULT` or `CLOUD_DNS`.
 
 * `cluster_dns_scope` - (Optional) The scope of access to cluster DNS records. `DNS_SCOPE_UNSPECIFIED` (default) or `CLUSTER_SCOPE` or `VPC_SCOPE`.