feat: add node_pool_taints to all the modules (#705)

Author: marko7460

README.md

@@ -140,6 +140,7 @@ Then perform the following commands on the root folder:
 | node\_pools\_metadata | Map of maps containing node metadata by node-pool name | map(map(string)) | `<map>` | no |
 | node\_pools\_oauth\_scopes | Map of lists containing node oauth scopes by node-pool name | map(list(string)) | `<map>` | no |
 | node\_pools\_tags | Map of lists containing node network tags by node-pool name | map(list(string)) | `<map>` | no |
+| node\_pools\_taints | Map of lists containing node taints by node-pool name | object | `<map>` | no |
 | non\_masquerade\_cidrs | List of strings in CIDR notation that specify the IP address ranges that do not use IP masquerading. | list(string) | `<list>` | no |
 | project\_id | The project ID to host the cluster in (required) | string | n/a | yes |
 | region | The region to host the cluster in (optional if zonal cluster / required if regional) | string | `"null"` | no |

autogen/main/cluster.tf.tmpl

@@ -458,7 +458,6 @@ resource "google_container_node_pool" "pools" {
         "disable-legacy-endpoints" = var.disable_legacy_metadata_endpoints
       },
     )
-    {% if beta_cluster %}
     dynamic "taint" {
       for_each = concat(
         local.node_pools_taints["all"],
@@ -470,7 +469,6 @@ resource "google_container_node_pool" "pools" {
         value  = taint.value.value
       }
     }
-    {% endif %}
     tags = concat(
       lookup(local.node_pools_tags, "default_values", [true, true])[0] ? [local.cluster_network_tag] : [],
       lookup(local.node_pools_tags, "default_values", [true, true])[1] ? ["${local.cluster_network_tag}-${each.value["name"]}"] : [],

autogen/main/variables.tf.tmpl

@@ -227,6 +227,7 @@ variable "cluster_autoscaling" {
   }
   description = "Cluster autoscaling configuration. See [more details](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#clusterautoscaling)"
 }
+{% endif %}
 
 variable "node_pools_taints" {
   type        = map(list(object({ key = string, value = string, effect = string })))
@@ -239,7 +240,6 @@ variable "node_pools_taints" {
   }
 }
 
-{% endif %}
 variable "node_pools_tags" {
   type        = map(list(string))
   description = "Map of lists containing node network tags by node-pool name"

autogen/main/variables_defaults.tf

@@ -40,7 +40,6 @@ locals {
     var.node_pools_metadata
   )
 
-{% if beta_cluster %}
   node_pools_taints = merge(
     { all = [] },
     { default-node-pool = [] },
@@ -51,7 +50,6 @@ locals {
     var.node_pools_taints
   )
 
-{% endif %}
   node_pools_tags = merge(
     { all = [] },
     { default-node-pool = [] },

cluster.tf

@@ -198,6 +198,17 @@ resource "google_container_node_pool" "pools" {
         "disable-legacy-endpoints" = var.disable_legacy_metadata_endpoints
       },
     )
+    dynamic "taint" {
+      for_each = concat(
+        local.node_pools_taints["all"],
+        local.node_pools_taints[each.value["name"]],
+      )
+      content {
+        effect = taint.value.effect
+        key    = taint.value.key
+        value  = taint.value.value
+      }
+    }
     tags = concat(
       lookup(local.node_pools_tags, "default_values", [true, true])[0] ? [local.cluster_network_tag] : [],
       lookup(local.node_pools_tags, "default_values", [true, true])[1] ? ["${local.cluster_network_tag}-${each.value["name"]}"] : [],

examples/deploy_service/main.tf

@@ -19,7 +19,7 @@ locals {
 }
 
 provider "google" {
-  version = "~> 3.35.0"
+  version = "~> 3.42.0"
   region  = var.region
 }
 

examples/disable_client_cert/main.tf

@@ -19,7 +19,7 @@ locals {
 }
 
 provider "google" {
-  version = "~> 3.35.0"
+  version = "~> 3.42.0"
   region  = var.region
 }
 

examples/node_pool/main.tf

@@ -19,7 +19,7 @@ locals {
 }
 
 provider "google-beta" {
-  version = "~> 3.35.0"
+  version = "~> 3.42.0"
   region  = var.region
 }
 

examples/node_pool_update_variant/main.tf

@@ -19,7 +19,7 @@ locals {
 }
 
 provider "google" {
-  version = "~> 3.35.0"
+  version = "~> 3.42.0"
   region  = var.region
 }
 

examples/node_pool_update_variant_beta/main.tf

@@ -19,7 +19,7 @@ locals {
 }
 
 provider "google-beta" {
-  version     = "~> 3.35.0"
+  version     = "~> 3.42.0"
   credentials = file(var.credentials_path)
   region      = var.region
 }

examples/private_zonal_with_networking/main.tf

@@ -16,7 +16,7 @@
 
 module "gcp-network" {
   source       = "terraform-google-modules/network/google"
-  version      = "~> 2.0"
+  version      = "~> 2.5"
   project_id   = var.project_id
   network_name = var.network
 

examples/regional_private_node_pool_oauth_scopes/network.tf

@@ -16,7 +16,7 @@
 
 module "gke-network" {
   source       = "terraform-google-modules/network/google"
-  version      = "~> 2.0"
+  version      = "~> 2.5"
   project_id   = var.project_id
   network_name = "random-gke-network"
 

examples/regional_private_node_pool_oauth_scopes/provider.tf

@@ -15,9 +15,9 @@
  */
 
 provider "google" {
-  version = "~> 3.35.0"
+  version = "~> 3.42.0"
 }
 
 provider "google-beta" {
-  version = "~> 3.35.0"
+  version = "~> 3.42.0"
 }

examples/safer_cluster/main.tf

@@ -30,11 +30,11 @@ locals {
 }
 
 provider "google" {
-  version = "~> 3.35.0"
+  version = "~> 3.42.0"
 }
 
 provider "google-beta" {
-  version = "~> 3.35.0"
+  version = "~> 3.42.0"
 }
 
 module "gke" {

examples/safer_cluster/network.tf

@@ -16,7 +16,7 @@
 
 module "gcp-network" {
   source       = "terraform-google-modules/network/google"
-  version      = "~> 2.0"
+  version      = "~> 2.5"
   project_id   = var.project_id
   network_name = local.network_name
 

examples/safer_cluster_iap_bastion/network.tf

@@ -17,7 +17,7 @@
 
 module "vpc" {
   source  = "terraform-google-modules/network/google"
-  version = "~> 2.3"
+  version = "~> 2.5"
 
   project_id   = module.enabled_google_apis.project_id
   network_name = var.network_name

examples/safer_cluster_iap_bastion/provider.tf

@@ -15,9 +15,9 @@
  */
 
 provider "google" {
-  version = "~> 3.35.0"
+  version = "~> 3.42.0"
 }
 
 provider "google-beta" {
-  version = "~> 3.35.0"
+  version = "~> 3.42.0"
 }

examples/shared_vpc/main.tf

@@ -19,7 +19,7 @@ locals {
 }
 
 provider "google" {
-  version = "~> 3.35.0"
+  version = "~> 3.42.0"
   region  = var.region
 }
 

examples/simple_regional/main.tf

@@ -19,7 +19,7 @@ locals {
 }
 
 provider "google" {
-  version = "~> 3.35.0"
+  version = "~> 3.42.0"
   region  = var.region
 }
 

examples/simple_regional_beta/main.tf

@@ -19,7 +19,7 @@ locals {
 }
 
 provider "google-beta" {
-  version = "~> 3.35.0"
+  version = "~> 3.42.0"
   region  = var.region
 }
 

examples/simple_regional_private/main.tf

@@ -19,7 +19,7 @@ locals {
 }
 
 provider "google" {
-  version = "~> 3.35.0"
+  version = "~> 3.42.0"
   region  = var.region
 }
 

examples/simple_regional_private_beta/main.tf

@@ -19,12 +19,12 @@ locals {
 }
 
 provider "google" {
-  version = "~> 3.35.0"
+  version = "~> 3.42.0"
   region  = var.region
 }
 
 provider "google-beta" {
-  version = "~> 3.35.0"
+  version = "~> 3.42.0"
   region  = var.region
 }
 

examples/simple_regional_with_kubeconfig/main.tf

@@ -19,7 +19,7 @@ locals {
 }
 
 provider "google" {
-  version = "~> 3.35.0"
+  version = "~> 3.42.0"
   region  = var.region
 }
 

examples/simple_regional_with_networking/main.tf

@@ -15,12 +15,12 @@
  */
 
 provider "google" {
-  version = "~> 3.35.0"
+  version = "~> 3.42.0"
 }
 
 module "gcp-network" {
   source       = "terraform-google-modules/network/google"
-  version      = "~> 2.0"
+  version      = "~> 2.5"
   project_id   = var.project_id
   network_name = var.network
 

examples/simple_zonal_private/main.tf

@@ -19,7 +19,7 @@ locals {
 }
 
 provider "google" {
-  version = "~> 3.35.0"
+  version = "~> 3.42.0"
   region  = var.region
 }
 

examples/simple_zonal_with_acm/main.tf

@@ -19,7 +19,7 @@ locals {
 }
 
 provider "google" {
-  version = "~> 3.35.0"
+  version = "~> 3.42.0"
   region  = var.region
 }
 

examples/simple_zonal_with_asm/main.tf

@@ -19,7 +19,7 @@ locals {
 }
 
 provider "google-beta" {
-  version = "~> 3.35.0"
+  version = "~> 3.42.0"
   region  = var.region
 }
 

examples/simple_zonal_with_hub/main.tf

@@ -19,7 +19,7 @@ locals {
 }
 
 provider "google" {
-  version = "~> 3.16.0"
+  version = "~> 3.42.0"
   region  = var.region
 }
 

examples/stub_domains/main.tf

@@ -19,7 +19,7 @@ locals {
 }
 
 provider "google" {
-  version = "~> 3.35.0"
+  version = "~> 3.42.0"
   region  = var.region
 }
 

examples/stub_domains_private/main.tf

@@ -15,7 +15,7 @@
  */
 
 provider "google" {
-  version = "~> 3.35.0"
+  version = "~> 3.42.0"
   region  = var.region
 }
 

examples/stub_domains_upstream_nameservers/main.tf

@@ -19,7 +19,7 @@ locals {
 }
 
 provider "google" {
-  version = "~> 3.35.0"
+  version = "~> 3.42.0"
   region  = var.region
 }
 

examples/upstream_nameservers/main.tf

@@ -19,7 +19,7 @@ locals {
 }
 
 provider "google" {
-  version = "~> 3.35.0"
+  version = "~> 3.42.0"
   region  = var.region
 }
 

examples/workload_identity/main.tf

@@ -19,7 +19,7 @@ locals {
 }
 
 provider "google" {
-  version = "~> 3.35.0"
+  version = "~> 3.42.0"
   region  = var.region
 }
 

examples/workload_metadata_config/main.tf

@@ -19,7 +19,7 @@ locals {
 }
 
 provider "google-beta" {
-  version = "~> 3.35.0"
+  version = "~> 3.42.0"
   region  = var.region
 }
 

modules/private-cluster-update-variant/README.md

@@ -172,6 +172,7 @@ Then perform the following commands on the root folder:
 | node\_pools\_metadata | Map of maps containing node metadata by node-pool name | map(map(string)) | `<map>` | no |
 | node\_pools\_oauth\_scopes | Map of lists containing node oauth scopes by node-pool name | map(list(string)) | `<map>` | no |
 | node\_pools\_tags | Map of lists containing node network tags by node-pool name | map(list(string)) | `<map>` | no |
+| node\_pools\_taints | Map of lists containing node taints by node-pool name | object | `<map>` | no |
 | non\_masquerade\_cidrs | List of strings in CIDR notation that specify the IP address ranges that do not use IP masquerading. | list(string) | `<list>` | no |
 | project\_id | The project ID to host the cluster in (required) | string | n/a | yes |
 | region | The region to host the cluster in (optional if zonal cluster / required if regional) | string | `"null"` | no |

modules/private-cluster-update-variant/cluster.tf

@@ -283,6 +283,17 @@ resource "google_container_node_pool" "pools" {
         "disable-legacy-endpoints" = var.disable_legacy_metadata_endpoints
       },
     )
+    dynamic "taint" {
+      for_each = concat(
+        local.node_pools_taints["all"],
+        local.node_pools_taints[each.value["name"]],
+      )
+      content {
+        effect = taint.value.effect
+        key    = taint.value.key
+        value  = taint.value.value
+      }
+    }
     tags = concat(
       lookup(local.node_pools_tags, "default_values", [true, true])[0] ? [local.cluster_network_tag] : [],
       lookup(local.node_pools_tags, "default_values", [true, true])[1] ? ["${local.cluster_network_tag}-${each.value["name"]}"] : [],