feat!: support maintenance_exclusion (terraform-google-modules#1273)

Author: ericyz

README.md

@@ -161,7 +161,7 @@ Then perform the following commands on the root folder:
 | kubernetes\_version | The Kubernetes version of the masters. If set to 'latest' it will pull latest available version in the selected region. | `string` | `"latest"` | no |
 | logging\_service | The logging service that the cluster should write logs to. Available options include logging.googleapis.com, logging.googleapis.com/kubernetes (beta), and none | `string` | `"logging.googleapis.com/kubernetes"` | no |
 | maintenance\_end\_time | Time window specified for recurring maintenance operations in RFC3339 format | `string` | `""` | no |
-| maintenance\_exclusions | List of maintenance exclusions. A cluster can have up to three | `list(object({ name = string, start_time = string, end_time = string }))` | `[]` | no |
+| maintenance\_exclusions | List of maintenance exclusions. A cluster can have up to three | `list(object({ name = string, start_time = string, end_time = string, exclusion_scope = string }))` | `[]` | no |
 | maintenance\_recurrence | Frequency of the recurring maintenance window in RFC5545 format. | `string` | `""` | no |
 | maintenance\_start\_time | Time window specified for daily or recurring maintenance operations in RFC3339 format | `string` | `"05:00"` | no |
 | master\_authorized\_networks | List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically whitelists). | `list(object({ cidr_block = string, display_name = string }))` | `[]` | no |

autogen/main/cluster.tf.tmpl

@@ -265,6 +265,13 @@ resource "google_container_cluster" "primary" {
  exclusion_name = maintenance_exclusion.value.name
  start_time = maintenance_exclusion.value.start_time
  end_time = maintenance_exclusion.value.end_time
+
+ dynamic "exclusion_options" {
+ for_each = maintenance_exclusion.value.exclusion_scope == null ? [] : [maintenance_exclusion.value.exclusion_scope]
+ content {
+ scope = exclusion_options.value
+ }
+ }
  }
  }
  }

autogen/main/variables.tf.tmpl

@@ -109,7 +109,7 @@ variable "maintenance_start_time" {
 }
 
 variable "maintenance_exclusions" {
- type = list(object({ name = string, start_time = string, end_time = string }))
+ type = list(object({ name = string, start_time = string, end_time = string, exclusion_scope = string }))
  description = "List of maintenance exclusions. A cluster can have up to three"
  default = []
 }

autogen/safer-cluster/variables.tf.tmpl

@@ -108,9 +108,9 @@ variable "maintenance_start_time" {
 }
 
 variable "maintenance_exclusions" {
- type = list(object({ name = string, start_time = string, end_time = string }))
+ type = list(object({ name = string, start_time = string, end_time = string, exclusion_scope = string }))
  description = "List of maintenance exclusions. A cluster can have up to three"
- default  = []
+ default = []
 }
 
 variable "maintenance_end_time" {

cluster.tf

@@ -146,6 +146,13 @@ resource "google_container_cluster" "primary" {
  exclusion_name = maintenance_exclusion.value.name
  start_time = maintenance_exclusion.value.start_time
  end_time = maintenance_exclusion.value.end_time
+
+ dynamic "exclusion_options" {
+ for_each = maintenance_exclusion.value.exclusion_scope == null ? [] : [maintenance_exclusion.value.exclusion_scope]
+ content {
+ scope = exclusion_options.value
+ }
+ }
  }
  }
  }

modules/beta-autopilot-private-cluster/README.md

@@ -104,7 +104,7 @@ Then perform the following commands on the root folder:
 | kubernetes\_version | The Kubernetes version of the masters. If set to 'latest' it will pull latest available version in the selected region. | `string` | `"latest"` | no |
 | logging\_service | The logging service that the cluster should write logs to. Available options include logging.googleapis.com, logging.googleapis.com/kubernetes (beta), and none | `string` | `"logging.googleapis.com/kubernetes"` | no |
 | maintenance\_end\_time | Time window specified for recurring maintenance operations in RFC3339 format | `string` | `""` | no |
-| maintenance\_exclusions | List of maintenance exclusions. A cluster can have up to three | `list(object({ name = string, start_time = string, end_time = string }))` | `[]` | no |
+| maintenance\_exclusions | List of maintenance exclusions. A cluster can have up to three | `list(object({ name = string, start_time = string, end_time = string, exclusion_scope = string }))` | `[]` | no |
 | maintenance\_recurrence | Frequency of the recurring maintenance window in RFC5545 format. | `string` | `""` | no |
 | maintenance\_start\_time | Time window specified for daily or recurring maintenance operations in RFC3339 format | `string` | `"05:00"` | no |
 | master\_authorized\_networks | List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically whitelists). | `list(object({ cidr_block = string, display_name = string }))` | `[]` | no |

modules/beta-autopilot-private-cluster/cluster.tf

@@ -120,6 +120,13 @@ resource "google_container_cluster" "primary" {
  exclusion_name = maintenance_exclusion.value.name
  start_time = maintenance_exclusion.value.start_time
  end_time = maintenance_exclusion.value.end_time
+
+ dynamic "exclusion_options" {
+ for_each = maintenance_exclusion.value.exclusion_scope == null ? [] : [maintenance_exclusion.value.exclusion_scope]
+ content {
+ scope = exclusion_options.value
+ }
+ }
  }
  }
  }

modules/beta-autopilot-private-cluster/variables.tf

@@ -109,7 +109,7 @@ variable "maintenance_start_time" {
 }
 
 variable "maintenance_exclusions" {
- type = list(object({ name = string, start_time = string, end_time = string }))
+ type = list(object({ name = string, start_time = string, end_time = string, exclusion_scope = string }))
  description = "List of maintenance exclusions. A cluster can have up to three"
  default = []
 }

modules/beta-autopilot-public-cluster/README.md

@@ -95,7 +95,7 @@ Then perform the following commands on the root folder:
 | kubernetes\_version | The Kubernetes version of the masters. If set to 'latest' it will pull latest available version in the selected region. | `string` | `"latest"` | no |
 | logging\_service | The logging service that the cluster should write logs to. Available options include logging.googleapis.com, logging.googleapis.com/kubernetes (beta), and none | `string` | `"logging.googleapis.com/kubernetes"` | no |
 | maintenance\_end\_time | Time window specified for recurring maintenance operations in RFC3339 format | `string` | `""` | no |
-| maintenance\_exclusions | List of maintenance exclusions. A cluster can have up to three | `list(object({ name = string, start_time = string, end_time = string }))` | `[]` | no |
+| maintenance\_exclusions | List of maintenance exclusions. A cluster can have up to three | `list(object({ name = string, start_time = string, end_time = string, exclusion_scope = string }))` | `[]` | no |
 | maintenance\_recurrence | Frequency of the recurring maintenance window in RFC5545 format. | `string` | `""` | no |
 | maintenance\_start\_time | Time window specified for daily or recurring maintenance operations in RFC3339 format | `string` | `"05:00"` | no |
 | master\_authorized\_networks | List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically whitelists). | `list(object({ cidr_block = string, display_name = string }))` | `[]` | no |

modules/beta-autopilot-public-cluster/cluster.tf

@@ -120,6 +120,13 @@ resource "google_container_cluster" "primary" {
  exclusion_name = maintenance_exclusion.value.name
  start_time = maintenance_exclusion.value.start_time
  end_time = maintenance_exclusion.value.end_time
+
+ dynamic "exclusion_options" {
+ for_each = maintenance_exclusion.value.exclusion_scope == null ? [] : [maintenance_exclusion.value.exclusion_scope]
+ content {
+ scope = exclusion_options.value
+ }
+ }
  }
  }
  }