diff --git a/autogen/main/cluster.tf.tmpl b/autogen/main/cluster.tf.tmpl index 93689f2403..723fcf84da 100644 --- a/autogen/main/cluster.tf.tmpl +++ b/autogen/main/cluster.tf.tmpl @@ -274,11 +274,8 @@ resource "google_container_cluster" "primary" { } } - dynamic "secret_manager_config" { - for_each = var.enable_secret_manager_addon ? [var.enable_secret_manager_addon] : [] - content { - enabled = secret_manager_config.value - } + secret_manager_config { + enabled = var.enable_secret_manager_addon } dynamic "pod_autoscaling" { diff --git a/autogen/main/main.tf.tmpl b/autogen/main/main.tf.tmpl index ce3268200c..af1cd47474 100644 --- a/autogen/main/main.tf.tmpl +++ b/autogen/main/main.tf.tmpl @@ -172,7 +172,7 @@ locals { cluster_output_vertical_pod_autoscaling_enabled = google_container_cluster.primary.vertical_pod_autoscaling != null && length(google_container_cluster.primary.vertical_pod_autoscaling) == 1 ? google_container_cluster.primary.vertical_pod_autoscaling[0].enabled : false cluster_output_intranode_visbility_enabled = google_container_cluster.primary.enable_intranode_visibility cluster_output_identity_service_enabled = google_container_cluster.primary.identity_service_config != null && length(google_container_cluster.primary.identity_service_config) == 1 ? google_container_cluster.primary.identity_service_config[0].enabled : false - cluster_output_secret_manager_addon_enabled = google_container_cluster.primary.secret_manager_config != null && length(google_container_cluster.primary.secret_manager_config) == 1 ? google_container_cluster.primary.secret_manager_config[0].enabled : false + cluster_output_secret_manager_addon_enabled = google_container_cluster.primary.secret_manager_config[0].enabled {% if beta_cluster %} # BETA features diff --git a/cluster.tf b/cluster.tf index 73d4de51ff..e636b3adcf 100644 --- a/cluster.tf +++ b/cluster.tf @@ -213,11 +213,8 @@ resource "google_container_cluster" "primary" { } } - dynamic "secret_manager_config" { - for_each = var.enable_secret_manager_addon ? [var.enable_secret_manager_addon] : [] - content { - enabled = secret_manager_config.value - } + secret_manager_config { + enabled = var.enable_secret_manager_addon } dynamic "pod_autoscaling" { diff --git a/main.tf b/main.tf index acd49578db..e2e24bf07f 100644 --- a/main.tf +++ b/main.tf @@ -124,7 +124,7 @@ locals { cluster_output_vertical_pod_autoscaling_enabled = google_container_cluster.primary.vertical_pod_autoscaling != null && length(google_container_cluster.primary.vertical_pod_autoscaling) == 1 ? google_container_cluster.primary.vertical_pod_autoscaling[0].enabled : false cluster_output_intranode_visbility_enabled = google_container_cluster.primary.enable_intranode_visibility cluster_output_identity_service_enabled = google_container_cluster.primary.identity_service_config != null && length(google_container_cluster.primary.identity_service_config) == 1 ? google_container_cluster.primary.identity_service_config[0].enabled : false - cluster_output_secret_manager_addon_enabled = google_container_cluster.primary.secret_manager_config != null && length(google_container_cluster.primary.secret_manager_config) == 1 ? google_container_cluster.primary.secret_manager_config[0].enabled : false + cluster_output_secret_manager_addon_enabled = google_container_cluster.primary.secret_manager_config[0].enabled cluster_output_node_pools_names = concat( [for np in google_container_node_pool.pools : np.name], [""], diff --git a/modules/beta-autopilot-private-cluster/cluster.tf b/modules/beta-autopilot-private-cluster/cluster.tf index 2c41d52604..75351efa6c 100644 --- a/modules/beta-autopilot-private-cluster/cluster.tf +++ b/modules/beta-autopilot-private-cluster/cluster.tf @@ -133,11 +133,8 @@ resource "google_container_cluster" "primary" { } } - dynamic "secret_manager_config" { - for_each = var.enable_secret_manager_addon ? [var.enable_secret_manager_addon] : [] - content { - enabled = secret_manager_config.value - } + secret_manager_config { + enabled = var.enable_secret_manager_addon } dynamic "pod_autoscaling" { diff --git a/modules/beta-autopilot-private-cluster/main.tf b/modules/beta-autopilot-private-cluster/main.tf index 04b06a22e3..013dca685a 100644 --- a/modules/beta-autopilot-private-cluster/main.tf +++ b/modules/beta-autopilot-private-cluster/main.tf @@ -96,7 +96,7 @@ locals { cluster_output_vertical_pod_autoscaling_enabled = google_container_cluster.primary.vertical_pod_autoscaling != null && length(google_container_cluster.primary.vertical_pod_autoscaling) == 1 ? google_container_cluster.primary.vertical_pod_autoscaling[0].enabled : false cluster_output_intranode_visbility_enabled = google_container_cluster.primary.enable_intranode_visibility cluster_output_identity_service_enabled = google_container_cluster.primary.identity_service_config != null && length(google_container_cluster.primary.identity_service_config) == 1 ? google_container_cluster.primary.identity_service_config[0].enabled : false - cluster_output_secret_manager_addon_enabled = google_container_cluster.primary.secret_manager_config != null && length(google_container_cluster.primary.secret_manager_config) == 1 ? google_container_cluster.primary.secret_manager_config[0].enabled : false + cluster_output_secret_manager_addon_enabled = google_container_cluster.primary.secret_manager_config[0].enabled # BETA features cluster_output_istio_disabled = google_container_cluster.primary.addons_config[0].istio_config != null && length(google_container_cluster.primary.addons_config[0].istio_config) == 1 ? google_container_cluster.primary.addons_config[0].istio_config[0].disabled : false diff --git a/modules/beta-autopilot-public-cluster/cluster.tf b/modules/beta-autopilot-public-cluster/cluster.tf index 13bb1a7665..b9bc80917e 100644 --- a/modules/beta-autopilot-public-cluster/cluster.tf +++ b/modules/beta-autopilot-public-cluster/cluster.tf @@ -133,11 +133,8 @@ resource "google_container_cluster" "primary" { } } - dynamic "secret_manager_config" { - for_each = var.enable_secret_manager_addon ? [var.enable_secret_manager_addon] : [] - content { - enabled = secret_manager_config.value - } + secret_manager_config { + enabled = var.enable_secret_manager_addon } dynamic "pod_autoscaling" { diff --git a/modules/beta-autopilot-public-cluster/main.tf b/modules/beta-autopilot-public-cluster/main.tf index a665591fd6..7cbab2e32e 100644 --- a/modules/beta-autopilot-public-cluster/main.tf +++ b/modules/beta-autopilot-public-cluster/main.tf @@ -89,7 +89,7 @@ locals { cluster_output_vertical_pod_autoscaling_enabled = google_container_cluster.primary.vertical_pod_autoscaling != null && length(google_container_cluster.primary.vertical_pod_autoscaling) == 1 ? google_container_cluster.primary.vertical_pod_autoscaling[0].enabled : false cluster_output_intranode_visbility_enabled = google_container_cluster.primary.enable_intranode_visibility cluster_output_identity_service_enabled = google_container_cluster.primary.identity_service_config != null && length(google_container_cluster.primary.identity_service_config) == 1 ? google_container_cluster.primary.identity_service_config[0].enabled : false - cluster_output_secret_manager_addon_enabled = google_container_cluster.primary.secret_manager_config != null && length(google_container_cluster.primary.secret_manager_config) == 1 ? google_container_cluster.primary.secret_manager_config[0].enabled : false + cluster_output_secret_manager_addon_enabled = google_container_cluster.primary.secret_manager_config[0].enabled # BETA features cluster_output_istio_disabled = google_container_cluster.primary.addons_config[0].istio_config != null && length(google_container_cluster.primary.addons_config[0].istio_config) == 1 ? google_container_cluster.primary.addons_config[0].istio_config[0].disabled : false diff --git a/modules/beta-private-cluster-update-variant/cluster.tf b/modules/beta-private-cluster-update-variant/cluster.tf index 6edda6bb67..396222e243 100644 --- a/modules/beta-private-cluster-update-variant/cluster.tf +++ b/modules/beta-private-cluster-update-variant/cluster.tf @@ -226,11 +226,8 @@ resource "google_container_cluster" "primary" { } } - dynamic "secret_manager_config" { - for_each = var.enable_secret_manager_addon ? [var.enable_secret_manager_addon] : [] - content { - enabled = secret_manager_config.value - } + secret_manager_config { + enabled = var.enable_secret_manager_addon } dynamic "pod_autoscaling" { diff --git a/modules/beta-private-cluster-update-variant/main.tf b/modules/beta-private-cluster-update-variant/main.tf index 7e82e41d1e..112ff256a6 100644 --- a/modules/beta-private-cluster-update-variant/main.tf +++ b/modules/beta-private-cluster-update-variant/main.tf @@ -143,7 +143,7 @@ locals { cluster_output_vertical_pod_autoscaling_enabled = google_container_cluster.primary.vertical_pod_autoscaling != null && length(google_container_cluster.primary.vertical_pod_autoscaling) == 1 ? google_container_cluster.primary.vertical_pod_autoscaling[0].enabled : false cluster_output_intranode_visbility_enabled = google_container_cluster.primary.enable_intranode_visibility cluster_output_identity_service_enabled = google_container_cluster.primary.identity_service_config != null && length(google_container_cluster.primary.identity_service_config) == 1 ? google_container_cluster.primary.identity_service_config[0].enabled : false - cluster_output_secret_manager_addon_enabled = google_container_cluster.primary.secret_manager_config != null && length(google_container_cluster.primary.secret_manager_config) == 1 ? google_container_cluster.primary.secret_manager_config[0].enabled : false + cluster_output_secret_manager_addon_enabled = google_container_cluster.primary.secret_manager_config[0].enabled # BETA features cluster_output_istio_disabled = google_container_cluster.primary.addons_config[0].istio_config != null && length(google_container_cluster.primary.addons_config[0].istio_config) == 1 ? google_container_cluster.primary.addons_config[0].istio_config[0].disabled : false diff --git a/modules/beta-private-cluster/cluster.tf b/modules/beta-private-cluster/cluster.tf index fba8aee7c2..702ac4b068 100644 --- a/modules/beta-private-cluster/cluster.tf +++ b/modules/beta-private-cluster/cluster.tf @@ -226,11 +226,8 @@ resource "google_container_cluster" "primary" { } } - dynamic "secret_manager_config" { - for_each = var.enable_secret_manager_addon ? [var.enable_secret_manager_addon] : [] - content { - enabled = secret_manager_config.value - } + secret_manager_config { + enabled = var.enable_secret_manager_addon } dynamic "pod_autoscaling" { diff --git a/modules/beta-private-cluster/main.tf b/modules/beta-private-cluster/main.tf index 7e82e41d1e..112ff256a6 100644 --- a/modules/beta-private-cluster/main.tf +++ b/modules/beta-private-cluster/main.tf @@ -143,7 +143,7 @@ locals { cluster_output_vertical_pod_autoscaling_enabled = google_container_cluster.primary.vertical_pod_autoscaling != null && length(google_container_cluster.primary.vertical_pod_autoscaling) == 1 ? google_container_cluster.primary.vertical_pod_autoscaling[0].enabled : false cluster_output_intranode_visbility_enabled = google_container_cluster.primary.enable_intranode_visibility cluster_output_identity_service_enabled = google_container_cluster.primary.identity_service_config != null && length(google_container_cluster.primary.identity_service_config) == 1 ? google_container_cluster.primary.identity_service_config[0].enabled : false - cluster_output_secret_manager_addon_enabled = google_container_cluster.primary.secret_manager_config != null && length(google_container_cluster.primary.secret_manager_config) == 1 ? google_container_cluster.primary.secret_manager_config[0].enabled : false + cluster_output_secret_manager_addon_enabled = google_container_cluster.primary.secret_manager_config[0].enabled # BETA features cluster_output_istio_disabled = google_container_cluster.primary.addons_config[0].istio_config != null && length(google_container_cluster.primary.addons_config[0].istio_config) == 1 ? google_container_cluster.primary.addons_config[0].istio_config[0].disabled : false diff --git a/modules/beta-public-cluster-update-variant/cluster.tf b/modules/beta-public-cluster-update-variant/cluster.tf index c4cc286ac4..4f424e509b 100644 --- a/modules/beta-public-cluster-update-variant/cluster.tf +++ b/modules/beta-public-cluster-update-variant/cluster.tf @@ -226,11 +226,8 @@ resource "google_container_cluster" "primary" { } } - dynamic "secret_manager_config" { - for_each = var.enable_secret_manager_addon ? [var.enable_secret_manager_addon] : [] - content { - enabled = secret_manager_config.value - } + secret_manager_config { + enabled = var.enable_secret_manager_addon } dynamic "pod_autoscaling" { diff --git a/modules/beta-public-cluster-update-variant/main.tf b/modules/beta-public-cluster-update-variant/main.tf index 015c44702c..4287e1ca21 100644 --- a/modules/beta-public-cluster-update-variant/main.tf +++ b/modules/beta-public-cluster-update-variant/main.tf @@ -136,7 +136,7 @@ locals { cluster_output_vertical_pod_autoscaling_enabled = google_container_cluster.primary.vertical_pod_autoscaling != null && length(google_container_cluster.primary.vertical_pod_autoscaling) == 1 ? google_container_cluster.primary.vertical_pod_autoscaling[0].enabled : false cluster_output_intranode_visbility_enabled = google_container_cluster.primary.enable_intranode_visibility cluster_output_identity_service_enabled = google_container_cluster.primary.identity_service_config != null && length(google_container_cluster.primary.identity_service_config) == 1 ? google_container_cluster.primary.identity_service_config[0].enabled : false - cluster_output_secret_manager_addon_enabled = google_container_cluster.primary.secret_manager_config != null && length(google_container_cluster.primary.secret_manager_config) == 1 ? google_container_cluster.primary.secret_manager_config[0].enabled : false + cluster_output_secret_manager_addon_enabled = google_container_cluster.primary.secret_manager_config[0].enabled # BETA features cluster_output_istio_disabled = google_container_cluster.primary.addons_config[0].istio_config != null && length(google_container_cluster.primary.addons_config[0].istio_config) == 1 ? google_container_cluster.primary.addons_config[0].istio_config[0].disabled : false diff --git a/modules/beta-public-cluster/cluster.tf b/modules/beta-public-cluster/cluster.tf index a15e83bb1a..2d2a1a3fb3 100644 --- a/modules/beta-public-cluster/cluster.tf +++ b/modules/beta-public-cluster/cluster.tf @@ -226,11 +226,8 @@ resource "google_container_cluster" "primary" { } } - dynamic "secret_manager_config" { - for_each = var.enable_secret_manager_addon ? [var.enable_secret_manager_addon] : [] - content { - enabled = secret_manager_config.value - } + secret_manager_config { + enabled = var.enable_secret_manager_addon } dynamic "pod_autoscaling" { diff --git a/modules/beta-public-cluster/main.tf b/modules/beta-public-cluster/main.tf index 015c44702c..4287e1ca21 100644 --- a/modules/beta-public-cluster/main.tf +++ b/modules/beta-public-cluster/main.tf @@ -136,7 +136,7 @@ locals { cluster_output_vertical_pod_autoscaling_enabled = google_container_cluster.primary.vertical_pod_autoscaling != null && length(google_container_cluster.primary.vertical_pod_autoscaling) == 1 ? google_container_cluster.primary.vertical_pod_autoscaling[0].enabled : false cluster_output_intranode_visbility_enabled = google_container_cluster.primary.enable_intranode_visibility cluster_output_identity_service_enabled = google_container_cluster.primary.identity_service_config != null && length(google_container_cluster.primary.identity_service_config) == 1 ? google_container_cluster.primary.identity_service_config[0].enabled : false - cluster_output_secret_manager_addon_enabled = google_container_cluster.primary.secret_manager_config != null && length(google_container_cluster.primary.secret_manager_config) == 1 ? google_container_cluster.primary.secret_manager_config[0].enabled : false + cluster_output_secret_manager_addon_enabled = google_container_cluster.primary.secret_manager_config[0].enabled # BETA features cluster_output_istio_disabled = google_container_cluster.primary.addons_config[0].istio_config != null && length(google_container_cluster.primary.addons_config[0].istio_config) == 1 ? google_container_cluster.primary.addons_config[0].istio_config[0].disabled : false diff --git a/modules/gke-autopilot-cluster/main.tf b/modules/gke-autopilot-cluster/main.tf index 76ccbdd4b4..d59607ff17 100644 --- a/modules/gke-autopilot-cluster/main.tf +++ b/modules/gke-autopilot-cluster/main.tf @@ -160,11 +160,8 @@ resource "google_container_cluster" "main" { } } - dynamic "secret_manager_config" { - for_each = var.secret_manager_config != null ? [var.secret_manager_config] : [] - content { - enabled = secret_manager_config.value.enabled - } + secret_manager_config { + enabled = var.secret_manager_config != null ? var.secret_manager_config.enabled : false } dynamic "pod_autoscaling" { diff --git a/modules/gke-autopilot-cluster/outputs.tf b/modules/gke-autopilot-cluster/outputs.tf index 4229fdc334..a9eb189bce 100644 --- a/modules/gke-autopilot-cluster/outputs.tf +++ b/modules/gke-autopilot-cluster/outputs.tf @@ -125,5 +125,5 @@ output "intranode_visibility_enabled" { output "secret_manager_addon_enabled" { description = "Whether Secret Manager add-on is enabled" - value = google_container_cluster.main.secret_manager_config != null && length(google_container_cluster.main.secret_manager_config) == 1 ? google_container_cluster.main.secret_manager_config[0].enabled : false + value = google_container_cluster.main.secret_manager_config[0].enabled } diff --git a/modules/gke-standard-cluster/main.tf b/modules/gke-standard-cluster/main.tf index c866223dc8..09c9f10862 100644 --- a/modules/gke-standard-cluster/main.tf +++ b/modules/gke-standard-cluster/main.tf @@ -1051,11 +1051,8 @@ resource "google_container_cluster" "main" { } } - dynamic "secret_manager_config" { - for_each = var.secret_manager_config != null ? [var.secret_manager_config] : [] - content { - enabled = secret_manager_config.value.enabled - } + secret_manager_config { + enabled = var.secret_manager_config != null ? var.secret_manager_config.enabled : false } dynamic "authenticator_groups_config" { diff --git a/modules/gke-standard-cluster/outputs.tf b/modules/gke-standard-cluster/outputs.tf index b443f53439..8fc15a73ae 100644 --- a/modules/gke-standard-cluster/outputs.tf +++ b/modules/gke-standard-cluster/outputs.tf @@ -140,5 +140,5 @@ output "intranode_visibility_enabled" { output "secret_manager_addon_enabled" { description = "Whether Secret Manager add-on is enabled" - value = google_container_cluster.main.secret_manager_config != null && length(google_container_cluster.main.secret_manager_config) == 1 ? google_container_cluster.main.secret_manager_config[0].enabled : false + value = google_container_cluster.main.secret_manager_config[0].enabled } diff --git a/modules/private-cluster-update-variant/cluster.tf b/modules/private-cluster-update-variant/cluster.tf index ddff47ffed..480e9f2132 100644 --- a/modules/private-cluster-update-variant/cluster.tf +++ b/modules/private-cluster-update-variant/cluster.tf @@ -213,11 +213,8 @@ resource "google_container_cluster" "primary" { } } - dynamic "secret_manager_config" { - for_each = var.enable_secret_manager_addon ? [var.enable_secret_manager_addon] : [] - content { - enabled = secret_manager_config.value - } + secret_manager_config { + enabled = var.enable_secret_manager_addon } dynamic "pod_autoscaling" { diff --git a/modules/private-cluster-update-variant/main.tf b/modules/private-cluster-update-variant/main.tf index b311f148c0..0d946ab54b 100644 --- a/modules/private-cluster-update-variant/main.tf +++ b/modules/private-cluster-update-variant/main.tf @@ -131,7 +131,7 @@ locals { cluster_output_vertical_pod_autoscaling_enabled = google_container_cluster.primary.vertical_pod_autoscaling != null && length(google_container_cluster.primary.vertical_pod_autoscaling) == 1 ? google_container_cluster.primary.vertical_pod_autoscaling[0].enabled : false cluster_output_intranode_visbility_enabled = google_container_cluster.primary.enable_intranode_visibility cluster_output_identity_service_enabled = google_container_cluster.primary.identity_service_config != null && length(google_container_cluster.primary.identity_service_config) == 1 ? google_container_cluster.primary.identity_service_config[0].enabled : false - cluster_output_secret_manager_addon_enabled = google_container_cluster.primary.secret_manager_config != null && length(google_container_cluster.primary.secret_manager_config) == 1 ? google_container_cluster.primary.secret_manager_config[0].enabled : false + cluster_output_secret_manager_addon_enabled = google_container_cluster.primary.secret_manager_config[0].enabled cluster_output_node_pools_names = concat( [for np in google_container_node_pool.pools : np.name], [""], diff --git a/modules/private-cluster/cluster.tf b/modules/private-cluster/cluster.tf index 719ad31332..ba11f5f011 100644 --- a/modules/private-cluster/cluster.tf +++ b/modules/private-cluster/cluster.tf @@ -213,11 +213,8 @@ resource "google_container_cluster" "primary" { } } - dynamic "secret_manager_config" { - for_each = var.enable_secret_manager_addon ? [var.enable_secret_manager_addon] : [] - content { - enabled = secret_manager_config.value - } + secret_manager_config { + enabled = var.enable_secret_manager_addon } dynamic "pod_autoscaling" { diff --git a/modules/private-cluster/main.tf b/modules/private-cluster/main.tf index b311f148c0..0d946ab54b 100644 --- a/modules/private-cluster/main.tf +++ b/modules/private-cluster/main.tf @@ -131,7 +131,7 @@ locals { cluster_output_vertical_pod_autoscaling_enabled = google_container_cluster.primary.vertical_pod_autoscaling != null && length(google_container_cluster.primary.vertical_pod_autoscaling) == 1 ? google_container_cluster.primary.vertical_pod_autoscaling[0].enabled : false cluster_output_intranode_visbility_enabled = google_container_cluster.primary.enable_intranode_visibility cluster_output_identity_service_enabled = google_container_cluster.primary.identity_service_config != null && length(google_container_cluster.primary.identity_service_config) == 1 ? google_container_cluster.primary.identity_service_config[0].enabled : false - cluster_output_secret_manager_addon_enabled = google_container_cluster.primary.secret_manager_config != null && length(google_container_cluster.primary.secret_manager_config) == 1 ? google_container_cluster.primary.secret_manager_config[0].enabled : false + cluster_output_secret_manager_addon_enabled = google_container_cluster.primary.secret_manager_config[0].enabled cluster_output_node_pools_names = concat( [for np in google_container_node_pool.pools : np.name], [""],