terraform-google-modules
diff --git a/‎.kitchen.yml‎
Lines changed: 0 additions & 135 deletions b/‎.kitchen.yml‎
Lines changed: 0 additions & 135 deletions
diff --git a/‎autogen/main/cluster.tf.tmpl‎
Lines changed: 21 additions & 12 deletions b/‎autogen/main/cluster.tf.tmpl‎
Lines changed: 21 additions & 12 deletions
diff --git a/‎autogen/main/variables.tf.tmpl‎
Lines changed: 47 additions & 12 deletions b/‎autogen/main/variables.tf.tmpl‎
Lines changed: 47 additions & 12 deletions
@@ -32,57 +32,6 @@ platforms:
   - name: local
 
 suites:
-  - name: "shared_vpc"
-    transport:
-      root_module_directory: test/fixtures/shared_vpc
-    verifier:
-      systems:
-        - name: shared_vpc
-          backend: local
-  - name: "safer_cluster"
-    transport:
-      root_module_directory: test/fixtures/safer_cluster
-    verifier:
-      systems:
-        - name: safer_cluster
-          backend: local
-          controls:
-            - gcloud
-        - name: inspec-gcp
-          backend: gcp
-          controls:
-            - network
-  - name: "simple_regional"
-    transport:
-      root_module_directory: test/fixtures/simple_regional
-    verifier:
-      systems:
-        - name: simple_regional
-          backend: local
-  - name: "simple_regional_with_networking"
-    transport:
-      root_module_directory: test/fixtures/simple_regional_with_networking
-    verifier:
-      systems:
-        - name: simple_regional_with_networking
-          backend: local
-          controls:
-            - gcloud
-        - name: subnet
-          backend: local
-          controls:
-            - subnet
-        - name: network
-          backend: gcp
-          controls:
-            - network
-  - name: "simple_regional_private"
-    transport:
-      root_module_directory: test/fixtures/simple_regional_private
-    verifier:
-      systems:
-        - name: simple_regional_private
-          backend: local
   - name: "simple_regional_with_gateway_api"
     transport:
       root_module_directory: test/fixtures/simple_regional_with_gateway_api
@@ -97,36 +46,6 @@ suites:
       systems:
         - name: simple_regional_with_ipv6
           backend: local
-  - name: "simple_regional_with_kubeconfig"
-    transport:
-      root_module_directory: test/fixtures/simple_regional_with_kubeconfig
-    verifier:
-      systems:
-        - name: simple_regional_with_kubeconfig
-          backend: local
-  - name: "simple_zonal"
-    transport:
-      root_module_directory: test/fixtures/simple_zonal
-    verifier:
-      systems:
-        - name: gcloud
-          backend: local
-          controls:
-            - gcloud
-            - acm
-        - name: gcp
-          backend: gcp
-          controls:
-            - gcp
-  - name: "simple_zonal_private"
-    transport:
-      root_module_directory: test/fixtures/simple_zonal_private
-    verifier:
-      systems:
-        - name: simple_zonal_private
-          backend: local
-          controls:
-            - gcloud
   - name: "stub_domains"
     transport:
       root_module_directory: test/fixtures/stub_domains
@@ -179,29 +98,6 @@ suites:
       systems:
         - name: workload_metadata_config
           backend: local
-  - name: "simple_windows_node_pool"
-    transport:
-      root_module_directory: test/fixtures/simple_windows_node_pool
-    verifier:
-      systems:
-        - name: gcloud
-          backend: local
-          controls:
-            - gcloud
-        - name: gcp
-          backend: gcp
-          controls:
-            - gcp
-  - name: "deploy_service"
-    transport:
-      root_module_directory: test/fixtures/deploy_service
-    verifier:
-      systems:
-        - name: deploy_service
-          backend: local
-          controls:
-            - gcloud
-            - kubectl
   - name: "node_pool"
     transport:
       root_module_directory: test/fixtures/node_pool
@@ -212,41 +108,10 @@ suites:
           controls:
             - gcloud
             - kubectl
-  - name: "sandbox_enabled"
-    transport:
-      root_module_directory: test/fixtures/sandbox_enabled
-    verifier:
-      systems:
-        - name: sandbox_enabled
-          backend: local
   - name: "safer_cluster_iap_bastion"
     transport:
       root_module_directory: test/fixtures/safer_cluster_iap_bastion
     verifier:
       systems:
         - name: safer_cluster_iap_bastion
           backend: local
-  - name: "simple_zonal_with_asm"
-    transport:
-      root_module_directory: test/fixtures/simple_zonal_with_asm
-    verifier:
-      systems:
-        - name: simple_zonal_with_asm
-          backend: local
-          controls:
-            - gcloud
-            - kubectl
-  - name: "simple_autopilot_private"
-    transport:
-      root_module_directory: test/fixtures/simple_autopilot_private
-    verifier:
-      systems:
-        - name: simple_autopilot_private
-          backend: local
-  - name: "simple_autopilot_public"
-    transport:
-      root_module_directory: test/fixtures/simple_autopilot_public
-    verifier:
-      systems:
-        - name: simple_autopilot_public
-          backend: local
@@ -94,42 +94,51 @@ resource "google_container_cluster" "primary" {
     }
   }
 {% endif %}
-{% if autopilot_cluster != true %}
-  # only one of logging/monitoring_service or logging/monitoring_config can be specified
-  {% if beta_cluster %}
-  logging_service = local.cluster_telemetry_type_is_set || local.logmon_config_is_set ? null : var.logging_service
-  {% else %}
-  logging_service = local.logmon_config_is_set ? null : var.logging_service
-  {% endif %}
   dynamic "logging_config" {
     for_each = length(var.logging_enabled_components) > 0 ? [1] : []
 
     content {
       enable_components = var.logging_enabled_components
     }
   }
-  {% if beta_cluster %}
-  monitoring_service = local.cluster_telemetry_type_is_set || local.logmon_config_is_set ? null : var.monitoring_service
-  {% else %}
-  monitoring_service = local.logmon_config_is_set ? null : var.monitoring_service
-  {% endif %}
+
   dynamic "monitoring_config" {
+  {% if autopilot_cluster != true %}
     {% if beta_cluster %}
     for_each = local.cluster_telemetry_type_is_set || local.logmon_config_is_set ? [1] : []
     {% else %}
     for_each = local.logmon_config_is_set || local.logmon_config_is_set ? [1] : []
     {% endif %}
+  {% else %}
+    for_each = length(var.monitoring_enabled_components) > 0 ? [1] : []
+  {% endif %}
     content{
       enable_components = var.monitoring_enabled_components
+    {% if autopilot_cluster != true %}
       managed_prometheus {
         enabled = var.monitoring_enable_managed_prometheus
       }
       advanced_datapath_observability_config {
         enable_metrics = var.monitoring_enable_observability_metrics
         enable_relay   = var.monitoring_enable_observability_relay
       }
+    {% endif %}
     }
   }
+
+{% if autopilot_cluster != true %}
+  # only one of logging/monitoring_service or logging/monitoring_config can be specified
+  {% if beta_cluster %}
+  logging_service = local.cluster_telemetry_type_is_set || local.logmon_config_is_set ? null : var.logging_service
+  {% else %}
+  logging_service = local.logmon_config_is_set ? null : var.logging_service
+  {% endif %}
+  {% if beta_cluster %}
+  monitoring_service = local.cluster_telemetry_type_is_set || local.logmon_config_is_set ? null : var.monitoring_service
+  {% else %}
+  monitoring_service = local.logmon_config_is_set ? null : var.monitoring_service
+  {% endif %}
+
   cluster_autoscaling {
     enabled = var.cluster_autoscaling.enabled
     dynamic "auto_provisioning_defaults" {
 
@@ -852,6 +852,53 @@ variable "timeouts" {
   }
 }
 
+variable "monitoring_enabled_components" {
+  type        = list(string)
+  description = "List of services to monitor: SYSTEM_COMPONENTS, APISERVER, SCHEDULER, CONTROLLER_MANAGER, STORAGE, HPA, POD, DAEMONSET, DEPLOYMENT, STATEFULSET, KUBELET, CADVISOR and DCGM. In beta provider, WORKLOADS is supported on top of those 12 values. (WORKLOADS is deprecated and removed in GKE 1.24.) KUBELET and CADVISOR are only supported in GKE 1.29.3-gke.1093000 and above. Empty list is default GKE configuration."
+  default     = []
+  validation {
+    condition     = alltrue([
+      for c in var.monitoring_enabled_components:
+      contains([
+        "SYSTEM_COMPONENTS",
+        "APISERVER",
+        "SCHEDULER",
+        "CONTROLLER_MANAGER",
+        "STORAGE",
+        "HPA",
+        "POD",
+        "DAEMONSET",
+        "DEPLOYMENT",
+        "STATEFULSET",
+        "WORKLOADS",
+        "KUBELET",
+        "CADVISOR",
+        "DCGM"
+      ], c)
+    ])
+    error_message = "Valid values are SYSTEM_COMPONENTS, APISERVER, SCHEDULER, CONTROLLER_MANAGER, STORAGE, HPA, POD, DAEMONSET, DEPLOYMENT, STATEFULSET, WORKLOADS, KUBELET, CADVISOR and DCGM."
+  }
+}
+
+variable "logging_enabled_components" {
+  type        = list(string)
+  description = "List of services to monitor: SYSTEM_COMPONENTS, APISERVER, CONTROLLER_MANAGER, SCHEDULER, and WORKLOADS. Empty list is default GKE configuration."
+  default     = []
+  validation {
+    condition     = alltrue([
+      for c in var.logging_enabled_components:
+      contains([
+        "SYSTEM_COMPONENTS",
+        "APISERVER",
+        "CONTROLLER_MANAGER",
+        "SCHEDULER",
+        "WORKLOADS"
+      ], c)
+    ])
+    error_message = "Valid values are SYSTEM_COMPONENTS, APISERVER, CONTROLLER_MANAGER, SCHEDULER, and WORKLOADS."
+  }
+}
+
 {% if autopilot_cluster != true %}
 variable "monitoring_enable_managed_prometheus" {
   type        = bool
@@ -871,18 +918,6 @@ variable "monitoring_enable_observability_relay" {
   default     = false
 }
 
-variable "monitoring_enabled_components" {
-  type        = list(string)
-  description = "List of services to monitor: SYSTEM_COMPONENTS, APISERVER, SCHEDULER, CONTROLLER_MANAGER, STORAGE, HPA, POD, DAEMONSET, DEPLOYMENT, STATEFULSET, KUBELET, CADVISOR and DCGM. In beta provider, WORKLOADS is supported on top of those 12 values. (WORKLOADS is deprecated and removed in GKE 1.24.) KUBELET and CADVISOR are only supported in GKE 1.29.3-gke.1093000 and above. Empty list is default GKE configuration."
-  default     = []
-}
-
-variable "logging_enabled_components" {
-  type        = list(string)
-  description = "List of services to monitor: SYSTEM_COMPONENTS, APISERVER, CONTROLLER_MANAGER, SCHEDULER, and WORKLOADS. Empty list is default GKE configuration."
-  default     = []
-}
-
 variable "enable_kubernetes_alpha" {
   type        = bool
   description = "Whether to enable Kubernetes Alpha features for this cluster. Note that when this option is enabled, the cluster cannot be upgraded and will be automatically deleted after 30 days."