- Added
default_namespace
output.
- Fixed destruction of
external-secrets
namespace from stalling. - Added full set of labels to
external-secrets
namespace.
- Increase wait timeout for destruction of
external-secrets
namespace.
- Moved
external-secrets
helm chart into this TF module.
- Revert unknown Service Account Config on k8s cluster.
- Enable Gateway API on k8s cluster.
- Enable Service Account on k8s cluster.
- Cluster CA certificate is no longer marked as a sensitive output because it's used to verify server identity.
- Added permissions so that we can read images from the artifact registry.
- Remove deletion protection since Nullstone has approvals for destruction.
- Upgrade TF providers.
- Upgrade TF providers.
- Enable several storage csi driver addons by default. (filestore, persistent disk, fuse)
- Enable config connector addon by default.
- Enable container Google API.
- Enable iam Google API.
- Fixed missing
num_node_zones
functionality.
- Added
num_node_zones
to provide limits around how many nodes in the cluster.
- Add missing
ip_allocation_policy
for VPC-Native Traffic routing.
- Enabled VPC-Native Traffic Routing.
- Drop
cluster_name
from outputs.
- Moved
deployer
service account into app module. - Increased default machine type to
n2-standard-2
for node pool.
- Enabled Workload Identity on GKE cluster.
- Added
roles/container.nodeServiceAccount
to cluster service account to ensure minimum set of permissions.
- Truncated deployer account_id so it does not exceed 28 character limit.
- Added
.terraform.lock.hcl
. - Changed platform to
k8s:gke
.