Skip to content

Commit

Permalink
Format files using terreaform fmt. (#469)
Browse files Browse the repository at this point in the history
  • Loading branch information
@ensonic
ensonic authored Dec 3, 2024
1 parent e565165 commit bd7aaac
Show file tree
Hide file tree
Showing 7 changed files with 44 additions and 44 deletions.
2 changes: 1 addition & 1 deletion src/bootstrap/cloud/terraform/cluster.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -149,5 +149,5 @@ resource "google_project_iam_member" "gke_node_roles" {
"roles/monitoring.metricWriter",
"roles/stackdriver.resourceMetadata.writer",
])
role = each.key
role = each.key
}
12 changes: 6 additions & 6 deletions src/bootstrap/cloud/terraform/dns.tf
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
resource "google_dns_managed_zone" "external-dns" {
name = "external-dns"
dns_name = "${var.domain}."
count = var.domain == "" ? 0 : 1
name = "external-dns"
dns_name = "${var.domain}."
count = var.domain == "" ? 0 : 1
# This is used to be true but is no longer, but we keep it here so that
# Terraform doesn't delete and recreate the zone.
description = "Automatically managed zone by kubernetes.io/external-dns"
Expand Down Expand Up @@ -47,8 +47,8 @@ data "google_iam_policy" "external-dns" {
}

resource "google_dns_managed_zone_iam_policy" "external-dns" {
count = var.domain == "" ? 0 : 1
project = google_dns_managed_zone.external-dns[0].project
count = var.domain == "" ? 0 : 1
project = google_dns_managed_zone.external-dns[0].project
managed_zone = google_dns_managed_zone.external-dns[0].name
policy_data = data.google_iam_policy.external-dns.policy_data
policy_data = data.google_iam_policy.external-dns.policy_data
}
8 changes: 4 additions & 4 deletions src/bootstrap/cloud/terraform/input.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,8 +66,8 @@ variable "certificate_subject_organizational_unit" {

variable "cluster_type" {
description = "GKE cluster type. Must be one of {zonal,regional}."
type = string
default = "zonal"
type = string
default = "zonal"

validation {
condition = contains(["zonal", "regional"], var.cluster_type)
Expand All @@ -77,6 +77,6 @@ variable "cluster_type" {

variable "onprem_federation" {
description = "Enable google cloud robotics layer 1"
type = bool
default = true
type = bool
default = true
}
22 changes: 11 additions & 11 deletions src/bootstrap/cloud/terraform/multi-cluster-ingress.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,18 +8,18 @@
resource "google_gke_hub_feature" "multi_cluster_service_discovery" {
count = length(var.additional_regions) > 0 ? 1 : 0

name = "multiclusterservicediscovery"
location = "global"
project = data.google_project.project.project_id
name = "multiclusterservicediscovery"
location = "global"
project = data.google_project.project.project_id
depends_on = [google_project_service.project-services["gkehub.googleapis.com"]]
}

resource "google_gke_hub_feature" "multi_cluster_ingress" {
count = length(var.additional_regions) > 0 ? 1 : 0

name = "multiclusteringress"
name = "multiclusteringress"
location = "global"
project = data.google_project.project.project_id
project = data.google_project.project.project_id
spec {
multiclusteringress {
config_membership = google_gke_hub_membership.cloud_robotics[0].id
Expand All @@ -40,8 +40,8 @@ resource "google_gke_hub_membership" "cloud_robotics" {
count = length(var.additional_regions) > 0 ? 1 : 0

membership_id = "cloud-robotics"
project = data.google_project.project.project_id
location = var.region
project = data.google_project.project.project_id
location = var.region
endpoint {
gke_cluster {
resource_link = google_container_cluster.cloud-robotics.id
Expand All @@ -51,10 +51,10 @@ resource "google_gke_hub_membership" "cloud_robotics" {
}

resource "google_gke_hub_membership" "cloud_robotics_ar" {
for_each = var.additional_regions
project = data.google_project.project.project_id
membership_id = format("%s-%s", each.key, "ar-cloud-robotics")
location = each.value.region
for_each = var.additional_regions
project = data.google_project.project.project_id
membership_id = format("%s-%s", each.key, "ar-cloud-robotics")
location = each.value.region
endpoint {
gke_cluster {
resource_link = google_container_cluster.cloud-robotics-ar[each.key].id
Expand Down
12 changes: 6 additions & 6 deletions src/bootstrap/cloud/terraform/project.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,13 +32,13 @@ resource "google_project_service" "project-services" {
"servicemanagement.googleapis.com",
"serviceusage.googleapis.com",
"storage-component.googleapis.com",
], length(var.additional_regions) == 0 ? [] : [
], length(var.additional_regions) == 0 ? [] : [
# Following APIs are only needed when using multi-cluster gateways.
"gkeconnect.googleapis.com",
"gkehub.googleapis.com",
"trafficdirector.googleapis.com",
"multiclusterservicediscovery.googleapis.com",
"multiclusteringress.googleapis.com",
"gkeconnect.googleapis.com",
"gkehub.googleapis.com",
"trafficdirector.googleapis.com",
"multiclusterservicediscovery.googleapis.com",
"multiclusteringress.googleapis.com",
]))
service = each.value
}
Expand Down
26 changes: 13 additions & 13 deletions src/bootstrap/cloud/terraform/registry.tf
View file
Original file line number Diff line number Diff line change
@@ -1,19 +1,19 @@
# Container registry configuration

locals {
service_acounts = flatten([
"serviceAccount:${google_service_account.gke_node.email}",
"serviceAccount:${google_service_account.human-acl.email}",
var.onprem_federation ? ["serviceAccount:${google_service_account.robot-service[0].email}"] : [],
])
private_repo_access = flatten([
for sa in local.service_acounts : [
for prj in var.private_image_repositories : {
prj = prj
sa = sa
}
]
])
service_acounts = flatten([
"serviceAccount:${google_service_account.gke_node.email}",
"serviceAccount:${google_service_account.human-acl.email}",
var.onprem_federation ? ["serviceAccount:${google_service_account.robot-service[0].email}"] : [],
])
private_repo_access = flatten([
for sa in local.service_acounts : [
for prj in var.private_image_repositories : {
prj = prj
sa = sa
}
]
])
}

resource "google_artifact_registry_repository_iam_member" "gcrio_gar_reader" {
Expand Down
6 changes: 3 additions & 3 deletions src/bootstrap/cloud/terraform/service-account.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ resource "google_service_account" "robot-service" {
account_id = "robot-service"
display_name = "robot-service"
project = data.google_project.project.project_id
count = var.onprem_federation ? 1 : 0
count = var.onprem_federation ? 1 : 0
}

# Allow the the token-vendor to impersonate the "robot-service" service account
Expand Down Expand Up @@ -57,9 +57,9 @@ resource "google_project_iam_member" "robot-service-roles" {
project = data.google_project.project.project_id
member = "serviceAccount:${google_service_account.robot-service[0].email}"
for_each = var.onprem_federation ? toset([
"roles/cloudtrace.agent", # Upload cloud traces
"roles/cloudtrace.agent", # Upload cloud traces
"roles/container.clusterViewer", # Sync CRs from the GKE cluster.
"roles/logging.logWriter", # Upload text logs to Cloud logging
"roles/logging.logWriter", # Upload text logs to Cloud logging
# Required to use robot-service@ for GKE clusters that simulate robots
"roles/monitoring.viewer",
]) : toset([])
Expand Down

0 comments on commit bd7aaac

Please sign in to comment.