Merge pull request terraform-google-modules#346 from paulpalamarchuk/add_var_to_pass_ssh-key_in_acm

Add variable to allow a pre-generated SSH key to be passed to the ACM module

Author: morgante

modules/acm/README.md

@@ -53,6 +53,7 @@ By default, this module will attempt to download the ACM operator from Google di
 | operator\_path | Path to the operator yaml config. If unset, will download from GCS releases. | string | `"null"` | no |
 | policy\_dir | Subfolder containing configs in ACM Git repo | string | n/a | yes |
 | project\_id | The project in which the resource belongs. | string | n/a | yes |
+| ssh\_auth\_key | Key for Git authentication. Overrides 'create_ssh_key' variable. Can be set using 'file(path/to/file)'-function. | string | `"null"` | no |
 | sync\_branch | ACM repo Git branch | string | `"master"` | no |
 | sync\_repo | ACM Git repo address | string | n/a | yes |
 

modules/acm/main.tf

@@ -18,7 +18,7 @@ locals {
  cluster_endpoint = "https://${var.cluster_endpoint}"
  token = data.google_client_config.default.access_token
  cluster_ca_certificate = data.google_container_cluster.primary.master_auth.0.cluster_ca_certificate
- private_key = var.create_ssh_key ? tls_private_key.git_creds[0].private_key_pem : ""
+ private_key = var.create_ssh_key && var.ssh_auth_key == null ? tls_private_key.git_creds[0].private_key_pem : var.ssh_auth_key
  download_operator = var.operator_path == null ? true : false
  operator_path = local.download_operator ? "${path.module}/config-management-operator.yaml" : var.operator_path
 }

modules/acm/variables.tf

@@ -62,6 +62,12 @@ variable "create_ssh_key" {
  default = true
 }
 
+variable "ssh_auth_key" {
+ description = "Key for Git authentication. Overrides 'create_ssh_key' variable. Can be set using 'file(path/to/file)'-function."
+ type = string
+ default = null
+}
+
 variable "enable_policy_controller" {
  description = "Whether to enable the ACM Policy Controller on the cluster"
  type = bool