From 04cf6a663fe2dda30271d171b55408b6edb2c249 Mon Sep 17 00:00:00 2001 From: Bruno Schaatsbergen Date: Wed, 25 Oct 2023 22:06:35 +0200 Subject: [PATCH 1/2] feat: add monitoring and fluentbit tags --- README.md | 3 +++ examples/basic/main.tf | 14 +++++++------- examples/complete/main.tf | 8 +++----- examples/secure-env-vars/main.tf | 16 ++++++++-------- main.tf | 12 +++++++----- variables.tf | 18 ++++++++++++++++++ 6 files changed, 46 insertions(+), 25 deletions(-) diff --git a/README.md b/README.md index 5acd35e..b5e8cce 100644 --- a/README.md +++ b/README.md @@ -230,6 +230,9 @@ You can check the status of the certificate in the Google Cloud Console. | [enable\_oslogin](#input\_enable\_oslogin) | Enables OS Login service on the VM | `bool` | `false` | no | | [env\_vars](#input\_env\_vars) | Key-value pairs representing environment variables and their respective values | `map(any)` | n/a | yes | | [expose\_metrics\_publicly](#input\_expose\_metrics\_publicly) | Exposes the /metrics endpoint publicly even if Atlantis is protected by IAP | `bool` | `false` | no | +| [google\_logging\_enabled](#input\_google\_logging\_enabled) | Enable Google Cloud Logging | `bool` | `true` | no | +| [google\_logging\_use\_fluentbit](#input\_google\_logging\_use\_fluentbit) | Enable Google Cloud Logging using Fluent Bit ( available from COS 105+ ) | `bool` | `false` | no | +| [google\_monitoring\_enabled](#input\_google\_monitoring\_enabled) | Enable Google Cloud Monitoring | `bool` | `true` | no | | [iap](#input\_iap) | Settings for enabling Cloud Identity Aware Proxy to protect the Atlantis UI | 
object({
    oauth2_client_id     = string
    oauth2_client_secret = string
  })
| `null` | no | | [image](#input\_image) | Docker image. This is most often a reference to a container located in a container registry | `string` | `"ghcr.io/runatlantis/atlantis:latest"` | no | | [labels](#input\_labels) | Key-value pairs representing labels attaching to instance & instance template | `map(any)` | `{}` | no | diff --git a/examples/basic/main.tf b/examples/basic/main.tf index a5a25ec..0c9fca7 100644 --- a/examples/basic/main.tf +++ b/examples/basic/main.tf @@ -1,11 +1,11 @@ locals { - project_id = "" - network = "" - subnetwork = "" - region = "" - zone = "" - domain = "" - managed_zone = "" + project_id = "" + network = "" + subnetwork = "" + region = "" + zone = "" + domain = "" + managed_zone = "" github_repo_allow_list = "github.com/example/*" github_user = "" diff --git a/examples/complete/main.tf b/examples/complete/main.tf index 41e04bb..59e881b 100644 --- a/examples/complete/main.tf +++ b/examples/complete/main.tf @@ -1,7 +1,5 @@ locals { project_id = "" - network = "" - subnetwork = "" region = "" zone = "" domain = "" @@ -33,9 +31,9 @@ resource "google_project_iam_member" "atlantis_metric_writer" { } resource "google_compute_network" "default" { - name = "example-network" - auto_create_subnetworks = false - project = local.project_id + name = "example-network" + auto_create_subnetworks = false + project = local.project_id } resource "google_compute_subnetwork" "default" { diff --git a/examples/secure-env-vars/main.tf b/examples/secure-env-vars/main.tf index cdc2b32..9011c2e 100644 --- a/examples/secure-env-vars/main.tf +++ b/examples/secure-env-vars/main.tf @@ -1,12 +1,12 @@ locals { - project_id = "" - network = "" - subnetwork = "" - region = "" - zone = "" - image = "" - domain = "" - managed_zone = "" + project_id = "" + network = "" + subnetwork = "" + region = "" + zone = "" + image = "" + domain = "" + managed_zone = "" github_repo_allow_list = "github.com/example/*" } diff --git a/main.tf b/main.tf index 48e05ce..965b633 100644 --- a/main.tf +++ b/main.tf @@ -127,11 +127,13 @@ resource "google_compute_instance_template" "default" { metadata_startup_script = var.startup_script metadata = { - gce-container-declaration = module.container.metadata_value - user-data = data.cloudinit_config.config.rendered - google-logging-enabled = true - block-project-ssh-keys = var.block_project_ssh_keys_enabled - enable-oslogin = var.enable_oslogin + gce-container-declaration = module.container.metadata_value + user-data = data.cloudinit_config.config.rendered + google-logging-enabled = var.google_monitoring_enabled + google-monitoring-enabled = var.google_monitoring_enabled + google-logging-use-fluentbit = var.google_logging_use_fluentbit + block-project-ssh-keys = var.block_project_ssh_keys_enabled + enable-oslogin = var.enable_oslogin } # Using the below scheduling configuration, diff --git a/variables.tf b/variables.tf index 9ff201a..c732c02 100644 --- a/variables.tf +++ b/variables.tf @@ -146,6 +146,24 @@ variable "expose_metrics_publicly" { default = false } +variable "google_logging_enabled" { + type = bool + description = "Enable Google Cloud Logging" + default = true +} + +variable "google_logging_use_fluentbit" { + type = bool + description = "Enable Google Cloud Logging using Fluent Bit ( available from COS 105+ )" + default = false +} + +variable "google_monitoring_enabled" { + type = bool + description = "Enable Google Cloud Monitoring" + default = true +} + variable "labels" { type = map(any) description = "Key-value pairs representing labels attaching to instance & instance template" From dc223b90ec059d4aacd6b22461e203a71583b02a Mon Sep 17 00:00:00 2001 From: Bruno Schaatsbergen Date: Wed, 25 Oct 2023 22:09:40 +0200 Subject: [PATCH 2/2] chore: rm version --- README.md | 2 +- variables.tf | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index b5e8cce..170b953 100644 --- a/README.md +++ b/README.md @@ -231,7 +231,7 @@ You can check the status of the certificate in the Google Cloud Console. | [env\_vars](#input\_env\_vars) | Key-value pairs representing environment variables and their respective values | `map(any)` | n/a | yes | | [expose\_metrics\_publicly](#input\_expose\_metrics\_publicly) | Exposes the /metrics endpoint publicly even if Atlantis is protected by IAP | `bool` | `false` | no | | [google\_logging\_enabled](#input\_google\_logging\_enabled) | Enable Google Cloud Logging | `bool` | `true` | no | -| [google\_logging\_use\_fluentbit](#input\_google\_logging\_use\_fluentbit) | Enable Google Cloud Logging using Fluent Bit ( available from COS 105+ ) | `bool` | `false` | no | +| [google\_logging\_use\_fluentbit](#input\_google\_logging\_use\_fluentbit) | Enable Google Cloud Logging using Fluent Bit | `bool` | `false` | no | | [google\_monitoring\_enabled](#input\_google\_monitoring\_enabled) | Enable Google Cloud Monitoring | `bool` | `true` | no | | [iap](#input\_iap) | Settings for enabling Cloud Identity Aware Proxy to protect the Atlantis UI | 
object({
    oauth2_client_id     = string
    oauth2_client_secret = string
  })
| `null` | no | | [image](#input\_image) | Docker image. This is most often a reference to a container located in a container registry | `string` | `"ghcr.io/runatlantis/atlantis:latest"` | no | diff --git a/variables.tf b/variables.tf index c732c02..2c55785 100644 --- a/variables.tf +++ b/variables.tf @@ -154,7 +154,7 @@ variable "google_logging_enabled" { variable "google_logging_use_fluentbit" { type = bool - description = "Enable Google Cloud Logging using Fluent Bit ( available from COS 105+ )" + description = "Enable Google Cloud Logging using Fluent Bit" default = false }