terraform-google-modules
diff --git a/‎.dockerignore
Lines changed: 2 additions & 1 deletion b/‎.dockerignore
Lines changed: 2 additions & 1 deletion
diff --git a/‎.kitchen.yml
Lines changed: 50 additions & 20 deletions b/‎.kitchen.yml
Lines changed: 50 additions & 20 deletions
diff --git a/‎.ruby-version
Lines changed: 0 additions & 1 deletion b/‎.ruby-version
Lines changed: 0 additions & 1 deletion
diff --git a/‎CHANGELOG.md
Lines changed: 78 additions & 1 deletion b/‎CHANGELOG.md
Lines changed: 78 additions & 1 deletion
diff --git a/‎CONTRIBUTING.md
Lines changed: 122 additions & 0 deletions b/‎CONTRIBUTING.md
Lines changed: 122 additions & 0 deletions
@@ -7,4 +7,5 @@ test/fixtures/*/.terraform
 test/fixtures/*/terraform.tfstate.d
 examples/.kitchen
 examples/*/.terraform
-examples/*/terraform.tfstate.d
+examples/*/terraform.tfstate.d
+
@@ -29,27 +29,31 @@ platforms:
   - name: local
 
 suites:
-  - name: "deploy_service"
-    driver:
-      root_module_directory: test/fixtures/deploy_service
-    verifier:
-      systems:
-        - name: deploy_service
-          backend: local
+# Disabled due to issue #274
+# (https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/issues/274)
+#  - name: "deploy_service"
+#    driver:
+#      root_module_directory: test/fixtures/deploy_service
+#    verifier:
+#      systems:
+#        - name: deploy_service
+#          backend: local
   - name: "disable_client_cert"
     driver:
       root_module_directory: test/fixtures/disable_client_cert
     verifier:
       systems:
         - name: disable_client_cert
           backend: local
-  - name: "node_pool"
-    driver:
-      root_module_directory: test/fixtures/node_pool
-    verifier:
-      systems:
-        - name: node_pool
-          backend: local
+# Disabled due to issue #274
+# (https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/issues/274)
+#  - name: "node_pool"
+#    driver:
+#      root_module_directory: test/fixtures/node_pool
+#    verifier:
+#      systems:
+#        - name: node_pool
+#          backend: local
   - name: "shared_vpc"
     driver:
       root_module_directory: test/fixtures/shared_vpc
@@ -64,6 +68,23 @@ suites:
       systems:
         - name: simple_regional
           backend: local
+  - name: "simple_regional_with_networking"
+    driver:
+      root_module_directory: test/fixtures/simple_regional_with_networking
+    verifier:
+      systems:
+        - name: simple_regional_with_networking
+          backend: local
+          controls:
+            - gcloud
+        - name: subnet
+          backend: local
+          controls:
+            - subnet
+        - name: network
+          backend: gcp
+          controls:
+            - network
   - name: "simple_regional_private"
     driver:
       root_module_directory: test/fixtures/simple_regional_private
@@ -98,12 +119,14 @@ suites:
       systems:
         - name: stub_domains
           backend: local
-  - name: stub_domains_private
-    driver:
-      root_module_directory: test/fixtures/stub_domains_private
-      systems:
-        - name: stub_domains_private
-          backend: local
+# Disabled due to issue #264
+# (https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/issues/264)
+#  - name: stub_domains_private
+#    driver:
+#      root_module_directory: test/fixtures/stub_domains_private
+#      systems:
+#        - name: stub_domains_private
+#          backend: local
   - name: "upstream_nameservers"
     driver:
       root_module_directory: test/fixtures/upstream_nameservers
@@ -138,3 +161,10 @@ suites:
           backend: gcp
           controls:
             - gcp
+  - name: "sandbox_enabled"
+    driver:
+      root_module_directory: test/fixtures/sandbox_enabled
+    verifier:
+      systems:
+        - name: sandbox_enabled
+          backend: local
@@ -7,9 +7,52 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 Extending the adopted spec, each change should have a link to its corresponding pull request appended.
 
 ## [Unreleased]
+
+## [v5.1.1] - 2019-10-25
+
+### Fixed
+
+* Fixed bug with setting up sandboxing on nodes. [#286]
+
+## [v5.1.0] - 2019-10-24
+
 ### Added
 
+* Added ability to skip local-exec provisioners. [#258]
+* Added [private](https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/tree/master/modules/private-cluster-update-variant) and [beta private](https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/tree/master/modules/beta-private-cluster-update-variant) variants which allow node pools to be created before being destroyed. [#256]
+* Add a parameter `registry_project_id` to allow connecting to registries in other projects. [#273]
+
+### Changed
+
+* Made `region` variable optional for zonal clusters. [#247]
+* Made default metadata, labels, and tags optional. [#282]
+
+### Fixed
+
+* Authenticate gcloud in wait-for-cluster.sh using value of `GOOGLE_APPLICATION_CREDENTIALS`. [#284] [#285]
+
+## [v5.0.0] - 2019-09-25
+v5.0.0 is a backwards-incompatible release. Please see the [upgrading guide](./docs/upgrading_to_v5.0.md).
+
+The v5.0.0 module requires using the [2.12 version](https://github.com/terraform-providers/terraform-provider-google/blob/master/CHANGELOG.md#2120-august-01-2019) of the Google provider.
+
+### Changed
+
+* **Breaking**: Enabled metadata-concealment by default [#248]
+* All beta functionality removed from non-beta clusters, moved `node_pool_taints` to beta modules [#228]
+
+### Added
+* Added support for resource usage export config [#238]
+* Added `sandbox_enabled` variable to use GKE Sandbox [#241]
+* Added `grant_registry_access` variable to grant Container Registry access to created SA [#236]
 * Support for Intranode Visbiility (IV) and Veritical Pod Autoscaling (VPA) beta features [#216]
+* Support for Workload Identity beta feature [#234]
+* Support for Google Groups based RBAC beta feature [#217]
+* Support for disabling node pool autoscaling by setting `autoscaling` to `false` within the node pool variable. [#250]
+
+### Fixed
+
+* Fixed issue with passing a dynamically created Service Account to the module. [#27]
 
 ## [v4.1.0] 2019-07-24
 
@@ -28,6 +71,8 @@ Extending the adopted spec, each change should have a link to its corresponding
 * Supported version of Terraform is 0.12. [#177]
 
 ## [v3.0.0] - 2019-07-08
+v3.0.0 is a breaking release. Refer to the
+[Upgrading to v3.0 guide][upgrading-to-v3.0] for details.
 
 ### Added
 
@@ -68,6 +113,8 @@ Extending the adopted spec, each change should have a link to its corresponding
   2.3. [#148]
 
 ## [v2.0.0] - 2019-04-12
+v2.0.0 is a breaking release. Refer to the
+[Upgrading to v2.0 guide][upgrading-to-v2.0] for details.
 
 ### Added
 
@@ -99,6 +146,10 @@ Extending the adopted spec, each change should have a link to its corresponding
 * Fix empty zone list. [#132]
 
 ## [v1.0.0] - 2019-03-25
+Version 1.0.0 of this module introduces a breaking change: adding the `disable-legacy-endpoints` metadata field to all node pools. This metadata is required by GKE and [determines whether the `/0.1/` and `/v1beta1/` paths are available in the nodes' metadata server](https://cloud.google.com/kubernetes-engine/docs/how-to/protecting-cluster-metadata#disable-legacy-apis). If your applications do not require access to the node's metadata server, you can leave the default value of `true` provided by the module. If your applications require access to the metadata server, be sure to read the linked documentation to see if you need to set the value for this field to `false` to allow your applications access to the above metadata server paths.
+
+In either case, upgrading to module version `v1.0.0` will trigger a recreation of all node pools in the cluster.
+
 ### Added
 * Allow creation of service accounts. [#80]
 * Add support for private clusters via submodule. [#69]
@@ -153,7 +204,10 @@ Extending the adopted spec, each change should have a link to its corresponding
 
 * Initial release of module.
 
-[Unreleased]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/compare/v4.1.0...HEAD
+[Unreleased]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/compare/v5.1.1...HEAD
+[v5.1.1]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/compare/v5.1.0...v5.1.1
+[v5.1.0]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/compare/v5.0.0...v5.1.0
+[v5.0.0]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/compare/v4.1.0...v5.0.0
 [v4.1.0]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/compare/v4.0.0...v4.1.0
 [v4.0.0]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/compare/v3.0.0...v4.0.0
 [v3.0.0]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/compare/v2.1.0...v3.0.0
@@ -167,6 +221,23 @@ Extending the adopted spec, each change should have a link to its corresponding
 [v0.3.0]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/compare/v0.2.0...v0.3.0
 [v0.2.0]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/compare/v0.1.0...v0.2.0
 
+[#286]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/286
+[#285]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/285
+[#284]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/284
+[#282]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/282
+[#273]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/273
+[#258]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/issues/258
+[#256]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/256
+[#248]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/248
+[#247]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/247
+[#228]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/228
+[#238]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/238
+[#241]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/241
+[#250]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/250
+[#236]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/236
+[#217]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/217
+[#234]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/234
+[#27]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/issues/27
 [#216]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/216
 [#214]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/214
 [#210]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/210
@@ -221,3 +292,9 @@ Extending the adopted spec, each change should have a link to its corresponding
 [#15]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/issues/15
 [#10]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/10
 [#9]: https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/9
+
+[upgrading-to-v2.0]: docs/upgrading_to_v2.0.md
+[upgrading-to-v3.0]: docs/upgrading_to_v3.0.md
+[terraform-provider-google]: https://github.com/terraform-providers/terraform-provider-google
+[3.0.0]: https://registry.terraform.io/modules/terraform-google-modules/kubernetes-engine/google/3.0.0
+[terraform-0.12-upgrade]: https://www.terraform.io/upgrade-guides/0-12.html
@@ -0,0 +1,122 @@
+# Contributing
+
+This document provides guidelines for contributing to the module.
+
+## Dependencies
+
+The following dependencies must be installed on the development system:
+
+- [Docker Engine][docker-engine]
+- [Google Cloud SDK][google-cloud-sdk]
+- [make]
+
+## Generating Documentation for Inputs and Outputs
+
+The Inputs and Outputs tables in the READMEs of the root module,
+submodules, and example modules are automatically generated based on
+the `variables` and `outputs` of the respective modules. These tables
+must be refreshed if the module interfaces are changed.
+
+## Templating
+
+To more cleanly handle cases where desired functionality would require complex duplication of Terraform resources (i.e. [PR 51](https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/pull/51)), this repository is largely generated from the [`autogen`](/autogen) directory.
+
+The root module is generated by running `make generate`. Changes to this repository should be made in the [`autogen`](/autogen) directory where appropriate.
+
+Note: The correct sequence to update the repo using autogen functionality is to run
+`make docker_generate && make docker_generate_docs`.  This will create the various Terraform files, and then
+generate the Terraform documentation using `terraform-docs`.
+
+### Autogeneration of documentation from .tf files
+To generate new Inputs and Outputs tables run
+```
+make docker_generate_docs
+```
+
+## Integration Testing
+
+Integration tests are used to verify the behaviour of the root module,
+submodules, and example modules. Additions, changes, and fixes should
+be accompanied with tests.
+
+The integration tests are run using [Kitchen][kitchen],
+[Kitchen-Terraform][kitchen-terraform], and [InSpec][inspec]. These
+tools are packaged within a Docker image for convenience.
+
+The general strategy for these tests is to verify the behaviour of the
+[example modules](./examples/), thus ensuring that the root module,
+submodules, and example modules are all functionally correct.
+
+Six test-kitchen instances are defined:
+
+- `deploy-service`
+- `node-pool`
+- `shared-vpc`
+- `simple-regional`
+- `simple-zonal`
+- `stub-domains`
+
+The test-kitchen instances in `test/fixtures/` wrap identically-named examples in the `examples/` directory.`
+
+### Test Environment
+The easiest way to test the module is in an isolated test project. The setup for such a project is defined in [test/setup](./test/setup/) directory.
+
+To use this setup, you need a service account with Project Creator access on a folder. Export the Service Account credentials to your environment like so:
+
+```
+export SERVICE_ACCOUNT_JSON=$(< credentials.json)
+```
+
+You will also need to set a few environment variables:
+```
+export TF_VAR_org_id="your_org_id"
+export TF_VAR_folder_id="your_folder_id"
+export TF_VAR_billing_account="your_billing_account_id"
+```
+
+With these settings in place, you can prepare a test project using Docker:
+```
+make docker_test_prepare
+```
+
+### Noninteractive Execution
+
+Run `make docker_test_integration` to test all of the example modules
+noninteractively, using the prepared test project.
+
+### Interactive Execution
+
+1. Run `make docker_run` to start the testing Docker container in
+   interactive mode.
+
+1. Run `kitchen_do create <EXAMPLE_NAME>` to initialize the working
+   directory for an example module.
+
+1. Run `kitchen_do converge <EXAMPLE_NAME>` to apply the example module.
+
+1. Run `kitchen_do verify <EXAMPLE_NAME>` to test the example module.
+
+1. Run `kitchen_do destroy <EXAMPLE_NAME>` to destroy the example module
+   state.
+
+## Linting and Formatting
+
+Many of the files in the repository can be linted or formatted to
+maintain a standard of quality.
+
+### Execution
+
+Run `make docker_test_lint`.
+
+[docker-engine]: https://www.docker.com/products/docker-engine
+[flake8]: http://flake8.pycqa.org/en/latest/
+[gofmt]: https://golang.org/cmd/gofmt/
+[google-cloud-sdk]: https://cloud.google.com/sdk/install
+[hadolint]: https://github.com/hadolint/hadolint
+[inspec]: https://inspec.io/
+[kitchen-terraform]: https://github.com/newcontext-oss/kitchen-terraform
+[kitchen]: https://kitchen.ci/
+[make]: https://en.wikipedia.org/wiki/Make_(software)
+[shellcheck]: https://www.shellcheck.net/
+[terraform-docs]: https://github.com/segmentio/terraform-docs
+[terraform]: https://terraform.io/