Add metadata files and connection metadata

Author: q2w

metadata.yaml

@@ -33,6 +33,10 @@ spec:
     subBlueprints:
       - name: dynamic_backends
         location: modules/dynamic_backends
+      - name: lb-http-backend
+        location: modules/lb-http-backend
+      - name: lb-http-frontend
+        location: modules/lb-http-frontend
       - name: serverless_negs
         location: modules/serverless_negs
     examples:
@@ -131,11 +135,11 @@ spec:
                 max_rate_per_endpoint        = optional(number)
                 max_utilization              = optional(number)
               }))
-              iap_config = object({
+              iap_config = optional(object({
                 enable               = bool
                 oauth2_client_id     = optional(string)
                 oauth2_client_secret = optional(string)
-              })
+              }))
               cdn_policy = optional(object({
                 cache_mode                   = optional(string)
                 signed_url_cache_max_age_sec = optional(string)

modules/dynamic_backends/metadata.yaml

@@ -127,11 +127,11 @@ spec:
                 max_rate_per_endpoint        = optional(number)
                 max_utilization              = optional(number)
               }))
-              iap_config = object({
+              iap_config = optional(object({
                 enable               = bool
                 oauth2_client_id     = optional(string)
                 oauth2_client_secret = optional(string)
-              })
+              }))
               cdn_policy = optional(object({
                 cache_mode                   = optional(string)
                 signed_url_cache_max_age_sec = optional(string)

modules/lb-http-backend/README.md

@@ -0,0 +1,42 @@
+# HTTP Load balancer backend module
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| affinity\_cookie\_ttl\_sec | n/a | `number` | `null` | no |
+| cdn\_policy | n/a | <pre>object({<br>    cache_mode                      = optional(string)<br>    signed_url_cache_max_age_sec    = optional(string)<br>    default_ttl                     = optional(number)<br>    max_ttl                         = optional(number)<br>    client_ttl                      = optional(number)<br>    negative_caching                = optional(bool)<br>    serve_while_stale               = optional(number)<br>    bypass_cache_on_request_headers = optional(list(string))<br>    negative_caching_policy = optional(object({<br>      code = optional(number)<br>      ttl  = optional(number)<br>    }))<br>    cache_key_policy = optional(object({<br>      include_host           = optional(bool)<br>      include_protocol       = optional(bool)<br>      include_query_string   = optional(bool)<br>      query_string_blacklist = optional(list(string))<br>      query_string_whitelist = optional(list(string))<br>      include_http_headers   = optional(list(string))<br>      include_named_cookies  = optional(list(string))<br>    }))<br>  })</pre> | `{}` | no |
+| compression\_mode | n/a | `string` | `"DISABLED"` | no |
+| connection\_draining\_timeout\_sec | n/a | `number` | `null` | no |
+| custom\_request\_headers | n/a | `list(string)` | `[]` | no |
+| custom\_response\_headers | n/a | `list(string)` | `[]` | no |
+| description | n/a | `string` | `null` | no |
+| edge\_security\_policy | The resource URL for the edge security policy to associate with the backend service | `string` | `null` | no |
+| enable\_cdn | n/a | `bool` | `false` | no |
+| firewall\_networks | Names of the networks to create firewall rules in | `list(string)` | <pre>[<br>  "default"<br>]</pre> | no |
+| firewall\_projects | Names of the projects to create firewall rules in | `list(string)` | <pre>[<br>  "default"<br>]</pre> | no |
+| groups | n/a | <pre>list(object({<br>    group       = string<br>    description = optional(string)<br>  }))</pre> | `[]` | no |
+| health\_check | n/a | <pre>object({<br>    host                = optional(string, null)<br>    request_path        = optional(string, null)<br>    request             = optional(string, null)<br>    response            = optional(string, null)<br>    port                = optional(number, null)<br>    port_name           = optional(string, null)<br>    proxy_header        = optional(string, null)<br>    port_specification  = optional(string, null)<br>    protocol            = optional(string, null)<br>    check_interval_sec  = optional(number, 5)<br>    timeout_sec         = optional(number, 5)<br>    healthy_threshold   = optional(number, 2)<br>    unhealthy_threshold = optional(number, 2)<br>    logging             = optional(bool, false)<br>  })</pre> | `null` | no |
+| host\_path\_mappings | The list of host/path for which traffic could be sent to the backend service | `list(object({ host : string, path : string }))` | <pre>[<br>  {<br>    "host": "*",<br>    "path": "/*"<br>  }<br>]</pre> | no |
+| iap\_config | n/a | <pre>object({<br>    enable               = bool<br>    oauth2_client_id     = optional(string)<br>    oauth2_client_secret = optional(string)<br>  })</pre> | <pre>{<br>  "enable": false<br>}</pre> | no |
+| load\_balancing\_scheme | Load balancing scheme type (EXTERNAL for classic external load balancer, EXTERNAL\_MANAGED for Envoy-based load balancer, and INTERNAL\_SELF\_MANAGED for traffic director) | `string` | `"EXTERNAL_MANAGED"` | no |
+| locality\_lb\_policy | n/a | `string` | `null` | no |
+| log\_config | n/a | <pre>object({<br>    enable      = bool<br>    sample_rate = number<br>  })</pre> | <pre>{<br>  "enable": true,<br>  "sample_rate": 1<br>}</pre> | no |
+| name | Name for the backend service | `string` | n/a | yes |
+| outlier\_detection | n/a | <pre>object({<br>    base_ejection_time = optional(object({<br>      seconds = number<br>      nanos   = optional(number)<br>    }))<br>    consecutive_errors                    = optional(number)<br>    consecutive_gateway_failure           = optional(number)<br>    enforcing_consecutive_errors          = optional(number)<br>    enforcing_consecutive_gateway_failure = optional(number)<br>    enforcing_success_rate                = optional(number)<br>    interval = optional(object({<br>      seconds = number<br>      nanos   = optional(number)<br>    }))<br>    max_ejection_percent        = optional(number)<br>    success_rate_minimum_hosts  = optional(number)<br>    success_rate_request_volume = optional(number)<br>    success_rate_stdev_factor   = optional(number)<br>  })</pre> | `null` | no |
+| port\_name | n/a | `string` | `"http"` | no |
+| project\_id | The project to deploy to, if not set the default provider project is used. | `string` | n/a | yes |
+| protocol | n/a | `string` | `"HTTP"` | no |
+| security\_policy | The resource URL for the security policy to associate with the backend service | `string` | `null` | no |
+| serverless\_neg\_backends | n/a | <pre>list(object({<br>    region          = string<br>    type            = string // cloud-run, cloud-function, and app-engine<br>    service_name    = string<br>    service_version = optional(string)<br>  }))</pre> | `[]` | no |
+| session\_affinity | n/a | `string` | `null` | no |
+| target\_service\_accounts | List of target service accounts for health check firewall rule. Exactly one of target\_tags or target\_service\_accounts should be specified. | `list(string)` | `[]` | no |
+| target\_tags | List of target tags for health check firewall rule. Exactly one of target\_tags or target\_service\_accounts should be specified. | `list(string)` | `[]` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| backend\_service\_info | Host, path and backend service mapping |
+
+<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->

modules/lb-http-backend/main.tf

@@ -1,3 +1,19 @@
+/**
+ * Copyright 2024 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
 resource "google_compute_backend_service" "default" {
   provider = google-beta
 

modules/lb-http-backend/metadata.display.yaml

@@ -0,0 +1,114 @@
+# Copyright 2024 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: blueprints.cloud.google.com/v1alpha1
+kind: BlueprintMetadata
+metadata:
+  name: terraform-google-lb-http-lb-http-backend-display
+  annotations:
+    config.kubernetes.io/local-config: "true"
+spec:
+  info:
+    title: HTTP Load balancer backend module
+    source:
+      repo: https://github.com/terraform-google-modules/terraform-google-lb-http.git
+      sourceType: git
+      dir: /modules/lb-http-backend
+  ui:
+    input:
+      variables:
+        affinity_cookie_ttl_sec:
+          name: affinity_cookie_ttl_sec
+          title: Affinity Cookie Ttl Sec
+        cdn_policy:
+          name: cdn_policy
+          title: Cdn Policy
+        compression_mode:
+          name: compression_mode
+          title: Compression Mode
+        connection_draining_timeout_sec:
+          name: connection_draining_timeout_sec
+          title: Connection Draining Timeout Sec
+        custom_request_headers:
+          name: custom_request_headers
+          title: Custom Request Headers
+        custom_response_headers:
+          name: custom_response_headers
+          title: Custom Response Headers
+        description:
+          name: description
+          title: Description
+        edge_security_policy:
+          name: edge_security_policy
+          title: Edge Security Policy
+        enable_cdn:
+          name: enable_cdn
+          title: Enable Cdn
+        firewall_networks:
+          name: firewall_networks
+          title: Firewall Networks
+        firewall_projects:
+          name: firewall_projects
+          title: Firewall Projects
+        groups:
+          name: groups
+          title: Groups
+        health_check:
+          name: health_check
+          title: Health Check
+        host_path_mappings:
+          name: host_path_mappings
+          title: Host Path Mappings
+        iap_config:
+          name: iap_config
+          title: Iap Config
+        load_balancing_scheme:
+          name: load_balancing_scheme
+          title: Load Balancing Scheme
+        locality_lb_policy:
+          name: locality_lb_policy
+          title: Locality Lb Policy
+        log_config:
+          name: log_config
+          title: Log Config
+        name:
+          name: name
+          title: Name
+        outlier_detection:
+          name: outlier_detection
+          title: Outlier Detection
+        port_name:
+          name: port_name
+          title: Port Name
+        project_id:
+          name: project_id
+          title: Project Id
+        protocol:
+          name: protocol
+          title: Protocol
+        security_policy:
+          name: security_policy
+          title: Security Policy
+        serverless_neg_backends:
+          name: serverless_neg_backends
+          title: Serverless Neg Backends
+        session_affinity:
+          name: session_affinity
+          title: Session Affinity
+        target_service_accounts:
+          name: target_service_accounts
+          title: Target Service Accounts
+        target_tags:
+          name: target_tags
+          title: Target Tags