terraform-google-modules
diff --git a/‎CHANGELOG.md‎
Lines changed: 23 additions & 0 deletions b/‎CHANGELOG.md‎
Lines changed: 23 additions & 0 deletions
diff --git a/‎README.md‎
Lines changed: 1 addition & 0 deletions b/‎README.md‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎autogen/main/cluster.tf.tmpl‎
Lines changed: 7 additions & 0 deletions b/‎autogen/main/cluster.tf.tmpl‎
Lines changed: 7 additions & 0 deletions
diff --git a/‎autogen/main/variables.tf.tmpl‎
Lines changed: 6 additions & 0 deletions b/‎autogen/main/variables.tf.tmpl‎
Lines changed: 6 additions & 0 deletions
diff --git a/‎autogen/main/versions.tf.tmpl‎
Lines changed: 1 addition & 1 deletion b/‎autogen/main/versions.tf.tmpl‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎autogen/safer-cluster/versions.tf.tmpl‎
Lines changed: 1 addition & 1 deletion b/‎autogen/safer-cluster/versions.tf.tmpl‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎cluster.tf‎
Lines changed: 7 additions & 0 deletions b/‎cluster.tf‎
Lines changed: 7 additions & 0 deletions
diff --git a/‎metadata.display.yaml‎
Lines changed: 3 additions & 0 deletions b/‎metadata.display.yaml‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎metadata.yaml‎
Lines changed: 5 additions & 1 deletion b/‎metadata.yaml‎
Lines changed: 5 additions & 1 deletion
diff --git a/‎modules/auth/metadata.yaml‎
Lines changed: 1 addition & 1 deletion b/‎modules/auth/metadata.yaml‎
Lines changed: 1 addition & 1 deletion
@@ -6,6 +6,29 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 Extending the adopted spec, each change should have a link to its corresponding pull request appended.
 
+## [39.0.0](https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/compare/v38.1.0...v39.0.0) (2025-09-15)
+
+
+### ⚠ BREAKING CHANGES
+
+* **TPG >= 6.47:** add support for lustre csi driver ([#2433](https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/issues/2433))
+* **TPG>=6.47:** add support for rbac_binding_config ([#2401](https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/issues/2401))
+
+### Features
+
+* add enable_k8s_beta_apis support ([#2387](https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/issues/2387)) ([090781d](https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/commit/090781d4edc596cafe8a4241ea3d068e851ff0c6))
+* add support for additional_pod_ranges_config ([#2435](https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/issues/2435)) ([8b6a803](https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/commit/8b6a803b7c56574a13797aff892357326e9df0ad))
+* **TPG >= 6.47:** add support for lustre csi driver ([#2433](https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/issues/2433)) ([b56546d](https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/commit/b56546d24fb83a0d34952f9b5d0fd97893fd4f8b))
+* **TPG>=6.47:** add support for rbac_binding_config ([#2401](https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/issues/2401)) ([2c8b78d](https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/commit/2c8b78dd0acfa050fd7fdb020fce4ddc4b451c32))
+
+
+### Bug Fixes
+
+* Add the nodepool cgroup mode to the NAP config ([#2356](https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/issues/2356)) ([eeaf95d](https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/commit/eeaf95d511a9cf500e45c1cd9c34d0e13482b0f3))
+* Avoid flapping network_tags when insecure_kubelet_readonly_port_enabled is non-null ([#2439](https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/issues/2439)) ([0ffe3f9](https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/commit/0ffe3f9929f28e4d4b449fc32e67a5c30e0e12c0))
+* Make GKE components ADC compatible ([#2440](https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/issues/2440)) ([74d37d8](https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/commit/74d37d8b2d489150acc839991719e0fb70f2ecdb))
+* typo in taint dynamic block in main.tf for gke-node-pools module ([#2424](https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/issues/2424)) ([0848345](https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/commit/0848345a65b7f5192385d79410c4a98203045f70))
+
 ## [38.1.0](https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/compare/v38.0.1...v38.1.0) (2025-08-29)
 
 
 
@@ -144,6 +144,7 @@ Then perform the following commands on the root folder:
 | add\_master\_webhook\_firewall\_rules | Create master\_webhook firewall rules for ports defined in `firewall_inbound_ports` | `bool` | `false` | no |
 | add\_shadow\_firewall\_rules | Create GKE shadow firewall (the same as default firewall rules with firewall logs enabled). | `bool` | `false` | no |
 | additional\_ip\_range\_pods | List of _names_ of the additional secondary subnet ip ranges to use for pods | `list(string)` | `[]` | no |
+| additional\_pod\_ranges\_config | the configuration for individual additional subnetworks attached to the cluster | `list(object({ subnetwork = string, pod_ipv4_range_names = list(string) }))` | `[]` | no |
 | additive\_vpc\_scope\_dns\_domain | This will enable Cloud DNS additive VPC scope. Must provide a domain name that is unique within the VPC. For this to work cluster\_dns = `CLOUD_DNS` and cluster\_dns\_scope = `CLUSTER_SCOPE` must both be set as well. | `string` | `""` | no |
 | authenticator\_security\_group | The name of the RBAC security group for use with Google security groups in Kubernetes RBAC. Group name must be in format [email protected] | `string` | `null` | no |
 | boot\_disk\_kms\_key | The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool, if not overridden in `node_pools`. This should be of the form projects/[KEY\_PROJECT\_ID]/locations/[LOCATION]/keyRings/[RING\_NAME]/cryptoKeys/[KEY\_NAME]. For more information about protecting resources with Cloud KMS Keys please see: https://cloud.google.com/compute/docs/disks/customer-managed-encryption | `string` | `null` | no |
 
@@ -541,6 +541,13 @@ resource "google_container_cluster" "primary" {
         pod_range_names = var.additional_ip_range_pods
       }
     }
+    dynamic "additional_pod_ranges_config" {
+      for_each = var.additional_pod_ranges_config
+      content {
+        subnetwork           = var.additional_pod_ranges_config.subnetwork
+        pod_ipv4_range_names = var.additional_pod_ranges_config.pod_ipv4_range_names
+      }
+    }
     stack_type                    = var.stack_type
   }
 
 
@@ -174,6 +174,12 @@ variable "additional_ip_range_pods" {
   default     = []
 }
 
+variable "additional_pod_ranges_config" {
+  type        = list(object({ subnetwork = string, pod_ipv4_range_names = list(string) }))
+  description = "the configuration for individual additional subnetworks attached to the cluster"
+  default = []
+}
+
 variable "ip_range_services" {
   type        = string
   description = "The _name_ of the secondary subnet range to use for services. If not provided, the default `34.118.224.0/20` range will be used."
 
@@ -63,6 +63,6 @@ terraform {
     }
   }
   provider_meta "{% if beta_cluster %}google-beta{% else %}google{% endif %}" {
-    module_name = "blueprints/terraform/terraform-google-kubernetes-engine{% if module_registry_name %}:{{ module_registry_name }}{% endif %}/v38.1.0"
+    module_name = "blueprints/terraform/terraform-google-kubernetes-engine{% if module_registry_name %}:{{ module_registry_name }}{% endif %}/v39.0.0"
   }
 }
@@ -23,6 +23,6 @@ terraform {
   required_version = ">=1.3"
 
   provider_meta "google-beta" {
-    module_name = "blueprints/terraform/terraform-google-kubernetes-engine{% if module_registry_name %}:{{ module_registry_name }}{% endif %}/v38.1.0"
+    module_name = "blueprints/terraform/terraform-google-kubernetes-engine{% if module_registry_name %}:{{ module_registry_name }}{% endif %}/v39.0.0"
   }
 }
@@ -411,6 +411,13 @@ resource "google_container_cluster" "primary" {
         pod_range_names = var.additional_ip_range_pods
       }
     }
+    dynamic "additional_pod_ranges_config" {
+      for_each = var.additional_pod_ranges_config
+      content {
+        subnetwork           = var.additional_pod_ranges_config.subnetwork
+        pod_ipv4_range_names = var.additional_pod_ranges_config.pod_ipv4_range_names
+      }
+    }
     stack_type = var.stack_type
   }
 
 
@@ -39,6 +39,9 @@ spec:
         additional_ip_range_pods:
           name: additional_ip_range_pods
           title: Additional Ip Range Pods
+        additional_pod_ranges_config:
+          name: additional_pod_ranges_config
+          title: Additional Pod Ranges Config
         additive_vpc_scope_dns_domain:
           name: additive_vpc_scope_dns_domain
           title: Additive Vpc Scope Dns Domain
 
@@ -24,7 +24,7 @@ spec:
     source:
       repo: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine.git
       sourceType: git
-    version: 38.1.0
+    version: 39.0.0
     actuationTool:
       flavor: Terraform
       version: ">=1.3"
@@ -259,6 +259,10 @@ spec:
         description: List of _names_ of the additional secondary subnet ip ranges to use for pods
         varType: list(string)
         defaultValue: []
+      - name: additional_pod_ranges_config
+        description: the configuration for individual additional subnetworks attached to the cluster
+        varType: list(object({ subnetwork = string, pod_ipv4_range_names = list(string) }))
+        defaultValue: []
       - name: ip_range_services
         description: The _name_ of the secondary subnet range to use for services. If not provided, the default `34.118.224.0/20` range will be used.
         varType: string
 
@@ -25,7 +25,7 @@ spec:
       repo: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine.git
       sourceType: git
       dir: /modules/auth
-    version: 38.1.0
+    version: 39.0.0
     actuationTool:
       flavor: Terraform
       version: ">= 1.3"
Original file line number	Diff line number	Diff line change
`@@ -541,6 +541,13 @@ resource "google_container_cluster" "primary" {`
`541`	`541`	`pod_range_names = var.additional_ip_range_pods`
`542`	`542`	`}`
`543`	`543`	`}`
	`544`	`+ dynamic "additional_pod_ranges_config" {`
	`545`	`+ for_each = var.additional_pod_ranges_config`
	`546`	`+ content {`
	`547`	`+ subnetwork = var.additional_pod_ranges_config.subnetwork`
	`548`	`+ pod_ipv4_range_names = var.additional_pod_ranges_config.pod_ipv4_range_names`
	`549`	`+ }`
	`550`	`+ }`
`544`	`551`	`stack_type = var.stack_type`
`545`	`552`	`}`
`546`	`553`
Original file line number	Diff line number	Diff line change
`@@ -63,6 +63,6 @@ terraform {`
`63`	`63`	`}`
`64`	`64`	`}`
`65`	`65`	`provider_meta "{% if beta_cluster %}google-beta{% else %}google{% endif %}" {`
`66`		`- module_name = "blueprints/terraform/terraform-google-kubernetes-engine{% if module_registry_name %}:{{ module_registry_name }}{% endif %}/v38.1.0"`
	`66`	`+ module_name = "blueprints/terraform/terraform-google-kubernetes-engine{% if module_registry_name %}:{{ module_registry_name }}{% endif %}/v39.0.0"`
`67`	`67`	`}`
`68`	`68`	`}`
Original file line number	Diff line number	Diff line change
`@@ -23,6 +23,6 @@ terraform {`
`23`	`23`	`required_version = ">=1.3"`
`24`	`24`
`25`	`25`	`provider_meta "google-beta" {`
`26`		`- module_name = "blueprints/terraform/terraform-google-kubernetes-engine{% if module_registry_name %}:{{ module_registry_name }}{% endif %}/v38.1.0"`
	`26`	`+ module_name = "blueprints/terraform/terraform-google-kubernetes-engine{% if module_registry_name %}:{{ module_registry_name }}{% endif %}/v39.0.0"`
`27`	`27`	`}`
`28`	`28`	`}`
Original file line number	Diff line number	Diff line change
`@@ -411,6 +411,13 @@ resource "google_container_cluster" "primary" {`
`411`	`411`	`pod_range_names = var.additional_ip_range_pods`
`412`	`412`	`}`
`413`	`413`	`}`
	`414`	`+ dynamic "additional_pod_ranges_config" {`
	`415`	`+ for_each = var.additional_pod_ranges_config`
	`416`	`+ content {`
	`417`	`+ subnetwork = var.additional_pod_ranges_config.subnetwork`
	`418`	`+ pod_ipv4_range_names = var.additional_pod_ranges_config.pod_ipv4_range_names`
	`419`	`+ }`
	`420`	`+ }`
`414`	`421`	`stack_type = var.stack_type`
`415`	`422`	`}`
`416`	`423`