Skip to content

Commit

Permalink
feat: added confidential-nodes flag for node-pools (#2110)
Browse files Browse the repository at this point in the history
  • Loading branch information
t-indumathy authored Oct 2, 2024
1 parent 08e58de commit b2a597b
Show file tree
Hide file tree
Showing 8 changed files with 128 additions and 4 deletions.
11 changes: 10 additions & 1 deletion autogen/main/cluster.tf.tmpl
Original file line number Diff line number Diff line change
Expand Up @@ -721,7 +721,8 @@ locals {
"enable_confidential_storage",
"consume_reservation_type",
"reservation_affinity_key",
"reservation_affinity_values"
"reservation_affinity_values",
"enable_confidential_nodes",
]
}

Expand Down Expand Up @@ -1085,6 +1086,14 @@ resource "google_container_node_pool" "windows_pools" {
enable_secure_boot = lookup(each.value, "enable_secure_boot", false)
enable_integrity_monitoring = lookup(each.value, "enable_integrity_monitoring", true)
}

dynamic "confidential_nodes" {
for_each = lookup(each.value, "enable_confidential_nodes", null) != null ? [each.value.confidential_nodes] : []
content {
enabled = confidential_nodes.value
}
}

}

lifecycle {
Expand Down
16 changes: 16 additions & 0 deletions cluster.tf
Original file line number Diff line number Diff line change
Expand Up @@ -772,6 +772,14 @@ resource "google_container_node_pool" "pools" {
enable_secure_boot = lookup(each.value, "enable_secure_boot", false)
enable_integrity_monitoring = lookup(each.value, "enable_integrity_monitoring", true)
}

dynamic "confidential_nodes" {
for_each = lookup(each.value, "enable_confidential_nodes", null) != null ? [each.value.confidential_nodes] : []
content {
enabled = confidential_nodes.value
}
}

}

lifecycle {
Expand Down Expand Up @@ -1039,6 +1047,14 @@ resource "google_container_node_pool" "windows_pools" {
enable_secure_boot = lookup(each.value, "enable_secure_boot", false)
enable_integrity_monitoring = lookup(each.value, "enable_integrity_monitoring", true)
}

dynamic "confidential_nodes" {
for_each = lookup(each.value, "enable_confidential_nodes", null) != null ? [each.value.confidential_nodes] : []
content {
enabled = confidential_nodes.value
}
}

}

lifecycle {
Expand Down
19 changes: 18 additions & 1 deletion modules/beta-private-cluster-update-variant/cluster.tf
Original file line number Diff line number Diff line change
Expand Up @@ -617,7 +617,8 @@ locals {
"enable_confidential_storage",
"consume_reservation_type",
"reservation_affinity_key",
"reservation_affinity_values"
"reservation_affinity_values",
"enable_confidential_nodes",
]
}

Expand Down Expand Up @@ -952,6 +953,14 @@ resource "google_container_node_pool" "pools" {
enable_secure_boot = lookup(each.value, "enable_secure_boot", false)
enable_integrity_monitoring = lookup(each.value, "enable_integrity_monitoring", true)
}

dynamic "confidential_nodes" {
for_each = lookup(each.value, "enable_confidential_nodes", null) != null ? [each.value.confidential_nodes] : []
content {
enabled = confidential_nodes.value
}
}

}

lifecycle {
Expand Down Expand Up @@ -1233,6 +1242,14 @@ resource "google_container_node_pool" "windows_pools" {
enable_secure_boot = lookup(each.value, "enable_secure_boot", false)
enable_integrity_monitoring = lookup(each.value, "enable_integrity_monitoring", true)
}

dynamic "confidential_nodes" {
for_each = lookup(each.value, "enable_confidential_nodes", null) != null ? [each.value.confidential_nodes] : []
content {
enabled = confidential_nodes.value
}
}

}

lifecycle {
Expand Down
16 changes: 16 additions & 0 deletions modules/beta-private-cluster/cluster.tf
Original file line number Diff line number Diff line change
Expand Up @@ -870,6 +870,14 @@ resource "google_container_node_pool" "pools" {
enable_secure_boot = lookup(each.value, "enable_secure_boot", false)
enable_integrity_monitoring = lookup(each.value, "enable_integrity_monitoring", true)
}

dynamic "confidential_nodes" {
for_each = lookup(each.value, "enable_confidential_nodes", null) != null ? [each.value.confidential_nodes] : []
content {
enabled = confidential_nodes.value
}
}

}

lifecycle {
Expand Down Expand Up @@ -1150,6 +1158,14 @@ resource "google_container_node_pool" "windows_pools" {
enable_secure_boot = lookup(each.value, "enable_secure_boot", false)
enable_integrity_monitoring = lookup(each.value, "enable_integrity_monitoring", true)
}

dynamic "confidential_nodes" {
for_each = lookup(each.value, "enable_confidential_nodes", null) != null ? [each.value.confidential_nodes] : []
content {
enabled = confidential_nodes.value
}
}

}

lifecycle {
Expand Down
19 changes: 18 additions & 1 deletion modules/beta-public-cluster-update-variant/cluster.tf
Original file line number Diff line number Diff line change
Expand Up @@ -596,7 +596,8 @@ locals {
"enable_confidential_storage",
"consume_reservation_type",
"reservation_affinity_key",
"reservation_affinity_values"
"reservation_affinity_values",
"enable_confidential_nodes",
]
}

Expand Down Expand Up @@ -931,6 +932,14 @@ resource "google_container_node_pool" "pools" {
enable_secure_boot = lookup(each.value, "enable_secure_boot", false)
enable_integrity_monitoring = lookup(each.value, "enable_integrity_monitoring", true)
}

dynamic "confidential_nodes" {
for_each = lookup(each.value, "enable_confidential_nodes", null) != null ? [each.value.confidential_nodes] : []
content {
enabled = confidential_nodes.value
}
}

}

lifecycle {
Expand Down Expand Up @@ -1212,6 +1221,14 @@ resource "google_container_node_pool" "windows_pools" {
enable_secure_boot = lookup(each.value, "enable_secure_boot", false)
enable_integrity_monitoring = lookup(each.value, "enable_integrity_monitoring", true)
}

dynamic "confidential_nodes" {
for_each = lookup(each.value, "enable_confidential_nodes", null) != null ? [each.value.confidential_nodes] : []
content {
enabled = confidential_nodes.value
}
}

}

lifecycle {
Expand Down
16 changes: 16 additions & 0 deletions modules/beta-public-cluster/cluster.tf
Original file line number Diff line number Diff line change
Expand Up @@ -849,6 +849,14 @@ resource "google_container_node_pool" "pools" {
enable_secure_boot = lookup(each.value, "enable_secure_boot", false)
enable_integrity_monitoring = lookup(each.value, "enable_integrity_monitoring", true)
}

dynamic "confidential_nodes" {
for_each = lookup(each.value, "enable_confidential_nodes", null) != null ? [each.value.confidential_nodes] : []
content {
enabled = confidential_nodes.value
}
}

}

lifecycle {
Expand Down Expand Up @@ -1129,6 +1137,14 @@ resource "google_container_node_pool" "windows_pools" {
enable_secure_boot = lookup(each.value, "enable_secure_boot", false)
enable_integrity_monitoring = lookup(each.value, "enable_integrity_monitoring", true)
}

dynamic "confidential_nodes" {
for_each = lookup(each.value, "enable_confidential_nodes", null) != null ? [each.value.confidential_nodes] : []
content {
enabled = confidential_nodes.value
}
}

}

lifecycle {
Expand Down
19 changes: 18 additions & 1 deletion modules/private-cluster-update-variant/cluster.tf
Original file line number Diff line number Diff line change
Expand Up @@ -553,7 +553,8 @@ locals {
"enable_confidential_storage",
"consume_reservation_type",
"reservation_affinity_key",
"reservation_affinity_values"
"reservation_affinity_values",
"enable_confidential_nodes",
]
}

Expand Down Expand Up @@ -875,6 +876,14 @@ resource "google_container_node_pool" "pools" {
enable_secure_boot = lookup(each.value, "enable_secure_boot", false)
enable_integrity_monitoring = lookup(each.value, "enable_integrity_monitoring", true)
}

dynamic "confidential_nodes" {
for_each = lookup(each.value, "enable_confidential_nodes", null) != null ? [each.value.confidential_nodes] : []
content {
enabled = confidential_nodes.value
}
}

}

lifecycle {
Expand Down Expand Up @@ -1143,6 +1152,14 @@ resource "google_container_node_pool" "windows_pools" {
enable_secure_boot = lookup(each.value, "enable_secure_boot", false)
enable_integrity_monitoring = lookup(each.value, "enable_integrity_monitoring", true)
}

dynamic "confidential_nodes" {
for_each = lookup(each.value, "enable_confidential_nodes", null) != null ? [each.value.confidential_nodes] : []
content {
enabled = confidential_nodes.value
}
}

}

lifecycle {
Expand Down
16 changes: 16 additions & 0 deletions modules/private-cluster/cluster.tf
Original file line number Diff line number Diff line change
Expand Up @@ -793,6 +793,14 @@ resource "google_container_node_pool" "pools" {
enable_secure_boot = lookup(each.value, "enable_secure_boot", false)
enable_integrity_monitoring = lookup(each.value, "enable_integrity_monitoring", true)
}

dynamic "confidential_nodes" {
for_each = lookup(each.value, "enable_confidential_nodes", null) != null ? [each.value.confidential_nodes] : []
content {
enabled = confidential_nodes.value
}
}

}

lifecycle {
Expand Down Expand Up @@ -1060,6 +1068,14 @@ resource "google_container_node_pool" "windows_pools" {
enable_secure_boot = lookup(each.value, "enable_secure_boot", false)
enable_integrity_monitoring = lookup(each.value, "enable_integrity_monitoring", true)
}

dynamic "confidential_nodes" {
for_each = lookup(each.value, "enable_confidential_nodes", null) != null ? [each.value.confidential_nodes] : []
content {
enabled = confidential_nodes.value
}
}

}

lifecycle {
Expand Down

0 comments on commit b2a597b

Please sign in to comment.