fix!: properly implement additional_ip_ranges_config

README.md

@@ -144,7 +144,7 @@ Then perform the following commands on the root folder:
 | add\_master\_webhook\_firewall\_rules | Create master\_webhook firewall rules for ports defined in `firewall_inbound_ports` | `bool` | `false` | no |
 | add\_shadow\_firewall\_rules | Create GKE shadow firewall (the same as default firewall rules with firewall logs enabled). | `bool` | `false` | no |
 | additional\_ip\_range\_pods | List of _names_ of the additional secondary subnet ip ranges to use for pods | `list(string)` | `[]` | no |
-| additional\_pod\_ranges\_config | the configuration for individual additional subnetworks attached to the cluster | `list(object({ subnetwork = string, pod_ipv4_range_names = list(string) }))` | `[]` | no |
+| additional\_ip\_ranges\_config | the configuration for individual additional subnetworks attached to the cluster | `list(object({ subnetwork = string, pod_ipv4_range_names = list(string) }))` | `[]` | no |
 | additive\_vpc\_scope\_dns\_domain | This will enable Cloud DNS additive VPC scope. Must provide a domain name that is unique within the VPC. For this to work cluster\_dns = `CLOUD_DNS` and cluster\_dns\_scope = `CLUSTER_SCOPE` must both be set as well. | `string` | `""` | no |
 | authenticator\_security\_group | The name of the RBAC security group for use with Google security groups in Kubernetes RBAC. Group name must be in format [email protected] | `string` | `null` | no |
 | boot\_disk\_kms\_key | The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool, if not overridden in `node_pools`. This should be of the form projects/[KEY\_PROJECT\_ID]/locations/[LOCATION]/keyRings/[RING\_NAME]/cryptoKeys/[KEY\_NAME]. For more information about protecting resources with Cloud KMS Keys please see: https://cloud.google.com/compute/docs/disks/customer-managed-encryption | `string` | `null` | no |

autogen/main/cluster.tf.tmpl

@@ -541,11 +541,11 @@ resource "google_container_cluster" "primary" {
         pod_range_names = var.additional_ip_range_pods
       }
     }
-    dynamic "additional_pod_ranges_config" {
-      for_each = var.additional_pod_ranges_config
+    dynamic "additional_ip_ranges_config" {
+      for_each = var.additional_ip_ranges_config
       content {
-        subnetwork           = var.additional_pod_ranges_config.subnetwork
-        pod_ipv4_range_names = var.additional_pod_ranges_config.pod_ipv4_range_names
+        subnetwork           = var.additional_ip_ranges_config.subnetwork
+        pod_ipv4_range_names = var.additional_ip_ranges_config.pod_ipv4_range_names
       }
     }
     stack_type                    = var.stack_type

autogen/main/variables.tf.tmpl

@@ -174,7 +174,7 @@ variable "additional_ip_range_pods" {
   default     = []
 }
 
-variable "additional_pod_ranges_config" {
+variable "additional_ip_ranges_config" {
   type        = list(object({ subnetwork = string, pod_ipv4_range_names = list(string) }))
   description = "the configuration for individual additional subnetworks attached to the cluster"
   default = []

cluster.tf

@@ -411,11 +411,11 @@ resource "google_container_cluster" "primary" {
         pod_range_names = var.additional_ip_range_pods
       }
     }
-    dynamic "additional_pod_ranges_config" {
-      for_each = var.additional_pod_ranges_config
+    dynamic "additional_ip_ranges_config" {
+      for_each = var.additional_ip_ranges_config
       content {
-        subnetwork           = var.additional_pod_ranges_config.subnetwork
-        pod_ipv4_range_names = var.additional_pod_ranges_config.pod_ipv4_range_names
+        subnetwork           = var.additional_ip_ranges_config.subnetwork
+        pod_ipv4_range_names = var.additional_ip_ranges_config.pod_ipv4_range_names
       }
     }
     stack_type = var.stack_type

examples/gke_autopilot_cluster/main.tf

@@ -36,7 +36,7 @@ module "gke" {
   source  = "terraform-google-modules/kubernetes-engine/google//modules/gke-autopilot-cluster"
   version = "~> 38.0"
 
-  project_id    = var.project_id
+  project_id = var.project_id
   name       = "${local.cluster_type}-cluster"
   location   = var.region
   network    = module.gcp-network.network_self_link

examples/gke_standard_cluster/main.tf

@@ -37,7 +37,7 @@ module "gke" {
   source  = "terraform-google-modules/kubernetes-engine/google//modules/gke-standard-cluster"
   version = "~> 38.0"
 
-  project_id    = var.project_id
+  project_id = var.project_id
   name       = "${local.cluster_type}-cluster${var.cluster_name_suffix}"
   location   = var.region
   network    = var.network
@@ -87,9 +87,9 @@ module "node_pool" {
   source  = "terraform-google-modules/kubernetes-engine/google//modules/gke-node-pool"
   version = "~> 38.0"
 
-  project_id  = var.project_id
-  location = var.region
-  cluster  = module.gke.cluster_name
+  project_id = var.project_id
+  location   = var.region
+  cluster    = module.gke.cluster_name
   node_config = {
     disk_size_gb    = 100
     disk_type       = "pd-standard"

examples/node_pool/main.tf

@@ -163,7 +163,7 @@ module "gke" {
   }
 
   node_pools_cgroup_mode = {
-    all = "CGROUP_MODE_V2"
+    all     = "CGROUP_MODE_V2"
     pool-01 = "CGROUP_MODE_V1"
   }
 

metadata.display.yaml

@@ -39,6 +39,9 @@ spec:
         additional_ip_range_pods:
           name: additional_ip_range_pods
           title: Additional Ip Range Pods
+        additional_ip_ranges_config:
+          name: additional_ip_ranges_config
+          title: Additional Ip Ranges Config
         additional_pod_ranges_config:
           name: additional_pod_ranges_config
           title: Additional Pod Ranges Config

metadata.yaml

@@ -259,7 +259,7 @@ spec:
         description: List of _names_ of the additional secondary subnet ip ranges to use for pods
         varType: list(string)
         defaultValue: []
-      - name: additional_pod_ranges_config
+      - name: additional_ip_ranges_config
         description: the configuration for individual additional subnetworks attached to the cluster
         varType: list(object({ subnetwork = string, pod_ipv4_range_names = list(string) }))
         defaultValue: []

modules/beta-autopilot-private-cluster/README.md

@@ -77,7 +77,7 @@ Then perform the following commands on the root folder:
 | add\_master\_webhook\_firewall\_rules | Create master\_webhook firewall rules for ports defined in `firewall_inbound_ports` | `bool` | `false` | no |
 | add\_shadow\_firewall\_rules | Create GKE shadow firewall (the same as default firewall rules with firewall logs enabled). | `bool` | `false` | no |
 | additional\_ip\_range\_pods | List of _names_ of the additional secondary subnet ip ranges to use for pods | `list(string)` | `[]` | no |
-| additional\_pod\_ranges\_config | the configuration for individual additional subnetworks attached to the cluster | `list(object({ subnetwork = string, pod_ipv4_range_names = list(string) }))` | `[]` | no |
+| additional\_ip\_ranges\_config | the configuration for individual additional subnetworks attached to the cluster | `list(object({ subnetwork = string, pod_ipv4_range_names = list(string) }))` | `[]` | no |
 | allow\_net\_admin | (Optional) Enable NET\_ADMIN for the cluster. | `bool` | `null` | no |
 | authenticator\_security\_group | The name of the RBAC security group for use with Google security groups in Kubernetes RBAC. Group name must be in format [email protected] | `string` | `null` | no |
 | boot\_disk\_kms\_key | The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool, if not overridden in `node_pools`. This should be of the form projects/[KEY\_PROJECT\_ID]/locations/[LOCATION]/keyRings/[RING\_NAME]/cryptoKeys/[KEY\_NAME]. For more information about protecting resources with Cloud KMS Keys please see: https://cloud.google.com/compute/docs/disks/customer-managed-encryption | `string` | `null` | no |

modules/beta-autopilot-private-cluster/cluster.tf

@@ -312,11 +312,11 @@ resource "google_container_cluster" "primary" {
         pod_range_names = var.additional_ip_range_pods
       }
     }
-    dynamic "additional_pod_ranges_config" {
-      for_each = var.additional_pod_ranges_config
+    dynamic "additional_ip_ranges_config" {
+      for_each = var.additional_ip_ranges_config
       content {
-        subnetwork           = var.additional_pod_ranges_config.subnetwork
-        pod_ipv4_range_names = var.additional_pod_ranges_config.pod_ipv4_range_names
+        subnetwork           = var.additional_ip_ranges_config.subnetwork
+        pod_ipv4_range_names = var.additional_ip_ranges_config.pod_ipv4_range_names
       }
     }
     stack_type = var.stack_type

modules/beta-autopilot-private-cluster/metadata.display.yaml

@@ -40,6 +40,9 @@ spec:
         additional_ip_range_pods:
           name: additional_ip_range_pods
           title: Additional Ip Range Pods
+        additional_ip_ranges_config:
+          name: additional_ip_ranges_config
+          title: Additional Ip Ranges Config
         additional_pod_ranges_config:
           name: additional_pod_ranges_config
           title: Additional Pod Ranges Config

modules/beta-autopilot-private-cluster/metadata.yaml

@@ -218,7 +218,7 @@ spec:
         description: List of _names_ of the additional secondary subnet ip ranges to use for pods
         varType: list(string)
         defaultValue: []
-      - name: additional_pod_ranges_config
+      - name: additional_ip_ranges_config
         description: the configuration for individual additional subnetworks attached to the cluster
         varType: list(object({ subnetwork = string, pod_ipv4_range_names = list(string) }))
         defaultValue: []

modules/beta-autopilot-private-cluster/variables.tf

@@ -164,7 +164,7 @@ variable "additional_ip_range_pods" {
   default     = []
 }
 
-variable "additional_pod_ranges_config" {
+variable "additional_ip_ranges_config" {
   type        = list(object({ subnetwork = string, pod_ipv4_range_names = list(string) }))
   description = "the configuration for individual additional subnetworks attached to the cluster"
   default     = []

modules/beta-autopilot-public-cluster/README.md

@@ -71,7 +71,7 @@ Then perform the following commands on the root folder:
 | add\_master\_webhook\_firewall\_rules | Create master\_webhook firewall rules for ports defined in `firewall_inbound_ports` | `bool` | `false` | no |
 | add\_shadow\_firewall\_rules | Create GKE shadow firewall (the same as default firewall rules with firewall logs enabled). | `bool` | `false` | no |
 | additional\_ip\_range\_pods | List of _names_ of the additional secondary subnet ip ranges to use for pods | `list(string)` | `[]` | no |
-| additional\_pod\_ranges\_config | the configuration for individual additional subnetworks attached to the cluster | `list(object({ subnetwork = string, pod_ipv4_range_names = list(string) }))` | `[]` | no |
+| additional\_ip\_ranges\_config | the configuration for individual additional subnetworks attached to the cluster | `list(object({ subnetwork = string, pod_ipv4_range_names = list(string) }))` | `[]` | no |
 | allow\_net\_admin | (Optional) Enable NET\_ADMIN for the cluster. | `bool` | `null` | no |
 | authenticator\_security\_group | The name of the RBAC security group for use with Google security groups in Kubernetes RBAC. Group name must be in format [email protected] | `string` | `null` | no |
 | boot\_disk\_kms\_key | The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool, if not overridden in `node_pools`. This should be of the form projects/[KEY\_PROJECT\_ID]/locations/[LOCATION]/keyRings/[RING\_NAME]/cryptoKeys/[KEY\_NAME]. For more information about protecting resources with Cloud KMS Keys please see: https://cloud.google.com/compute/docs/disks/customer-managed-encryption | `string` | `null` | no |

modules/beta-autopilot-public-cluster/cluster.tf

@@ -312,11 +312,11 @@ resource "google_container_cluster" "primary" {
         pod_range_names = var.additional_ip_range_pods
       }
     }
-    dynamic "additional_pod_ranges_config" {
-      for_each = var.additional_pod_ranges_config
+    dynamic "additional_ip_ranges_config" {
+      for_each = var.additional_ip_ranges_config
       content {
-        subnetwork           = var.additional_pod_ranges_config.subnetwork
-        pod_ipv4_range_names = var.additional_pod_ranges_config.pod_ipv4_range_names
+        subnetwork           = var.additional_ip_ranges_config.subnetwork
+        pod_ipv4_range_names = var.additional_ip_ranges_config.pod_ipv4_range_names
       }
     }
     stack_type = var.stack_type

modules/beta-autopilot-public-cluster/metadata.display.yaml

@@ -40,6 +40,9 @@ spec:
         additional_ip_range_pods:
           name: additional_ip_range_pods
           title: Additional Ip Range Pods
+        additional_ip_ranges_config:
+          name: additional_ip_ranges_config
+          title: Additional Ip Ranges Config
         additional_pod_ranges_config:
           name: additional_pod_ranges_config
           title: Additional Pod Ranges Config

modules/beta-autopilot-public-cluster/metadata.yaml

@@ -218,7 +218,7 @@ spec:
         description: List of _names_ of the additional secondary subnet ip ranges to use for pods
         varType: list(string)
         defaultValue: []
-      - name: additional_pod_ranges_config
+      - name: additional_ip_ranges_config
         description: the configuration for individual additional subnetworks attached to the cluster
         varType: list(object({ subnetwork = string, pod_ipv4_range_names = list(string) }))
         defaultValue: []

modules/beta-autopilot-public-cluster/variables.tf

@@ -164,7 +164,7 @@ variable "additional_ip_range_pods" {
   default     = []
 }
 
-variable "additional_pod_ranges_config" {
+variable "additional_ip_ranges_config" {
   type        = list(object({ subnetwork = string, pod_ipv4_range_names = list(string) }))
   description = "the configuration for individual additional subnetworks attached to the cluster"
   default     = []

modules/beta-private-cluster-update-variant/README.md

@@ -175,7 +175,7 @@ Then perform the following commands on the root folder:
 | add\_master\_webhook\_firewall\_rules | Create master\_webhook firewall rules for ports defined in `firewall_inbound_ports` | `bool` | `false` | no |
 | add\_shadow\_firewall\_rules | Create GKE shadow firewall (the same as default firewall rules with firewall logs enabled). | `bool` | `false` | no |
 | additional\_ip\_range\_pods | List of _names_ of the additional secondary subnet ip ranges to use for pods | `list(string)` | `[]` | no |
-| additional\_pod\_ranges\_config | the configuration for individual additional subnetworks attached to the cluster | `list(object({ subnetwork = string, pod_ipv4_range_names = list(string) }))` | `[]` | no |
+| additional\_ip\_ranges\_config | the configuration for individual additional subnetworks attached to the cluster | `list(object({ subnetwork = string, pod_ipv4_range_names = list(string) }))` | `[]` | no |
 | additive\_vpc\_scope\_dns\_domain | This will enable Cloud DNS additive VPC scope. Must provide a domain name that is unique within the VPC. For this to work cluster\_dns = `CLOUD_DNS` and cluster\_dns\_scope = `CLUSTER_SCOPE` must both be set as well. | `string` | `""` | no |
 | authenticator\_security\_group | The name of the RBAC security group for use with Google security groups in Kubernetes RBAC. Group name must be in format [email protected] | `string` | `null` | no |
 | boot\_disk\_kms\_key | The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool, if not overridden in `node_pools`. This should be of the form projects/[KEY\_PROJECT\_ID]/locations/[LOCATION]/keyRings/[RING\_NAME]/cryptoKeys/[KEY\_NAME]. For more information about protecting resources with Cloud KMS Keys please see: https://cloud.google.com/compute/docs/disks/customer-managed-encryption | `string` | `null` | no |

modules/beta-private-cluster-update-variant/cluster.tf

@@ -448,11 +448,11 @@ resource "google_container_cluster" "primary" {
         pod_range_names = var.additional_ip_range_pods
       }
     }
-    dynamic "additional_pod_ranges_config" {
-      for_each = var.additional_pod_ranges_config
+    dynamic "additional_ip_ranges_config" {
+      for_each = var.additional_ip_ranges_config
       content {
-        subnetwork           = var.additional_pod_ranges_config.subnetwork
-        pod_ipv4_range_names = var.additional_pod_ranges_config.pod_ipv4_range_names
+        subnetwork           = var.additional_ip_ranges_config.subnetwork
+        pod_ipv4_range_names = var.additional_ip_ranges_config.pod_ipv4_range_names
       }
     }
     stack_type = var.stack_type

modules/beta-private-cluster-update-variant/metadata.display.yaml

@@ -40,6 +40,9 @@ spec:
         additional_ip_range_pods:
           name: additional_ip_range_pods
           title: Additional Ip Range Pods
+        additional_ip_ranges_config:
+          name: additional_ip_ranges_config
+          title: Additional Ip Ranges Config
         additional_pod_ranges_config:
           name: additional_pod_ranges_config
           title: Additional Pod Ranges Config

modules/beta-private-cluster-update-variant/metadata.yaml

@@ -219,7 +219,7 @@ spec:
         description: List of _names_ of the additional secondary subnet ip ranges to use for pods
         varType: list(string)
         defaultValue: []
-      - name: additional_pod_ranges_config
+      - name: additional_ip_ranges_config
         description: the configuration for individual additional subnetworks attached to the cluster
         varType: list(object({ subnetwork = string, pod_ipv4_range_names = list(string) }))
         defaultValue: []

modules/beta-private-cluster-update-variant/variables.tf

@@ -155,7 +155,7 @@ variable "additional_ip_range_pods" {
   default     = []
 }
 
-variable "additional_pod_ranges_config" {
+variable "additional_ip_ranges_config" {
   type        = list(object({ subnetwork = string, pod_ipv4_range_names = list(string) }))
   description = "the configuration for individual additional subnetworks attached to the cluster"
   default     = []

modules/beta-private-cluster/README.md

@@ -153,7 +153,7 @@ Then perform the following commands on the root folder:
 | add\_master\_webhook\_firewall\_rules | Create master\_webhook firewall rules for ports defined in `firewall_inbound_ports` | `bool` | `false` | no |
 | add\_shadow\_firewall\_rules | Create GKE shadow firewall (the same as default firewall rules with firewall logs enabled). | `bool` | `false` | no |
 | additional\_ip\_range\_pods | List of _names_ of the additional secondary subnet ip ranges to use for pods | `list(string)` | `[]` | no |
-| additional\_pod\_ranges\_config | the configuration for individual additional subnetworks attached to the cluster | `list(object({ subnetwork = string, pod_ipv4_range_names = list(string) }))` | `[]` | no |
+| additional\_ip\_ranges\_config | the configuration for individual additional subnetworks attached to the cluster | `list(object({ subnetwork = string, pod_ipv4_range_names = list(string) }))` | `[]` | no |
 | additive\_vpc\_scope\_dns\_domain | This will enable Cloud DNS additive VPC scope. Must provide a domain name that is unique within the VPC. For this to work cluster\_dns = `CLOUD_DNS` and cluster\_dns\_scope = `CLUSTER_SCOPE` must both be set as well. | `string` | `""` | no |
 | authenticator\_security\_group | The name of the RBAC security group for use with Google security groups in Kubernetes RBAC. Group name must be in format [email protected] | `string` | `null` | no |
 | boot\_disk\_kms\_key | The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool, if not overridden in `node_pools`. This should be of the form projects/[KEY\_PROJECT\_ID]/locations/[LOCATION]/keyRings/[RING\_NAME]/cryptoKeys/[KEY\_NAME]. For more information about protecting resources with Cloud KMS Keys please see: https://cloud.google.com/compute/docs/disks/customer-managed-encryption | `string` | `null` | no |

modules/beta-private-cluster/cluster.tf

@@ -448,11 +448,11 @@ resource "google_container_cluster" "primary" {
         pod_range_names = var.additional_ip_range_pods
       }
     }
-    dynamic "additional_pod_ranges_config" {
-      for_each = var.additional_pod_ranges_config
+    dynamic "additional_ip_ranges_config" {
+      for_each = var.additional_ip_ranges_config
       content {
-        subnetwork           = var.additional_pod_ranges_config.subnetwork
-        pod_ipv4_range_names = var.additional_pod_ranges_config.pod_ipv4_range_names
+        subnetwork           = var.additional_ip_ranges_config.subnetwork
+        pod_ipv4_range_names = var.additional_ip_ranges_config.pod_ipv4_range_names
       }
     }
     stack_type = var.stack_type

modules/beta-private-cluster/metadata.display.yaml

@@ -40,6 +40,9 @@ spec:
         additional_ip_range_pods:
           name: additional_ip_range_pods
           title: Additional Ip Range Pods
+        additional_ip_ranges_config:
+          name: additional_ip_ranges_config
+          title: Additional Ip Ranges Config
         additional_pod_ranges_config:
           name: additional_pod_ranges_config
           title: Additional Pod Ranges Config