feat(TPG>=6.42)!: add support for gke_auto_upgrade_config (#2395)

Signed-off-by: drfaust92 <ilia.lazebnik@gmail.com>

Author: DrFaust92

README.md

@@ -194,6 +194,7 @@ Then perform the following commands on the root folder:
 | gce\_pd\_csi\_driver | Whether this cluster should enable the Google Compute Engine Persistent Disk Container Storage Interface (CSI) Driver. | `bool` | `true` | no |
 | gcp\_public\_cidrs\_access\_enabled | Allow access through Google Cloud public IP addresses | `bool` | `null` | no |
 | gcs\_fuse\_csi\_driver | Whether GCE FUSE CSI driver is enabled for this cluster. | `bool` | `false` | no |
+| gke\_auto\_upgrade\_config\_patch\_mode | The selected auto-upgrade patch type. Accepted values are: `ACCELERATED`: Upgrades to the latest available patch version in a given minor and release channel. | `string` | `null` | no |
 | gke\_backup\_agent\_config | Whether Backup for GKE agent is enabled for this cluster. | `bool` | `false` | no |
 | grant\_registry\_access | Grants created cluster-specific service account storage.objectViewer and artifactregistry.reader roles. | `bool` | `false` | no |
 | horizontal\_pod\_autoscaling | Enable horizontal pod autoscaling addon | `bool` | `true` | no |

autogen/main/cluster.tf.tmpl

@@ -64,6 +64,14 @@ resource "google_container_cluster" "primary" {
     }
   }
 
+  dynamic "gke_auto_upgrade_config" {
+    for_each = var.gke_auto_upgrade_config_patch_mode != null ? [1] : []
+
+    content {
+      patch_mode = var.gke_auto_upgrade_config_patch_mode
+    }
+  }
+
   dynamic "cost_management_config" {
     for_each = var.enable_cost_allocation ? [1] : []
     content {

autogen/main/variables.tf.tmpl

@@ -698,6 +698,12 @@ variable "enable_cilium_clusterwide_network_policy" {
   default       = false
 }
 
+variable "gke_auto_upgrade_config_patch_mode" {
+  type        = string
+  description = "The selected auto-upgrade patch type. Accepted values are: `ACCELERATED`: Upgrades to the latest available patch version in a given minor and release channel."
+  default     = null
+}
+
 variable "in_transit_encryption_config" {
   type        = string
   description = "Defines the config of in-transit encryption. Valid values are `IN_TRANSIT_ENCRYPTION_DISABLED` and `IN_TRANSIT_ENCRYPTION_INTER_NODE_TRANSPARENT`."

autogen/main/versions.tf.tmpl

@@ -24,33 +24,33 @@ terraform {
   required_providers {
     google = {
       source  = "hashicorp/google"
-      version = ">= 6.41.0, < 7"
+      version = ">= 6.42.0, < 7"
     }
     google-beta = {
       source  = "hashicorp/google-beta"
-      version = ">= 6.41.0, < 7"
+      version = ">= 6.42.0, < 7"
     }
 {% elif beta_cluster and autopilot_cluster %}
   required_providers {
     google = {
       source = "hashicorp/google"
-      version = ">= 6.41.0, < 7"
+      version = ">= 6.42.0, < 7"
     }
     google-beta = {
       source = "hashicorp/google-beta"
-      version = ">= 6.41.0, < 7"
+      version = ">= 6.42.0, < 7"
     }
 {% elif autopilot_cluster  %}
   required_providers {
     google = {
       source = "hashicorp/google"
-      version = ">= 6.41.0, < 7"
+      version = ">= 6.42.0, < 7"
     }
 {% else %}
   required_providers {
     google = {
       source  = "hashicorp/google"
-      version = ">= 6.41.0, < 7"
+      version = ">= 6.42.0, < 7"
     }
 {% endif %}
     kubernetes = {

cluster.tf

@@ -58,6 +58,14 @@ resource "google_container_cluster" "primary" {
     }
   }
 
+  dynamic "gke_auto_upgrade_config" {
+    for_each = var.gke_auto_upgrade_config_patch_mode != null ? [1] : []
+
+    content {
+      patch_mode = var.gke_auto_upgrade_config_patch_mode
+    }
+  }
+
   dynamic "cost_management_config" {
     for_each = var.enable_cost_allocation ? [1] : []
     content {

metadata.display.yaml

@@ -189,6 +189,9 @@ spec:
         gcs_fuse_csi_driver:
           name: gcs_fuse_csi_driver
           title: Gcs Fuse Csi Driver
+        gke_auto_upgrade_config_patch_mode:
+          name: gke_auto_upgrade_config_patch_mode
+          title: Gke Auto Upgrade Config Patch Mode
         gke_backup_agent_config:
           name: gke_backup_agent_config
           title: Gke Backup Agent Config

metadata.yaml

@@ -552,6 +552,9 @@ spec:
         description: Enable Cilium Cluster Wide Network Policies on the cluster
         varType: bool
         defaultValue: false
+      - name: gke_auto_upgrade_config_patch_mode
+        description: "The selected auto-upgrade patch type. Accepted values are: `ACCELERATED`: Upgrades to the latest available patch version in a given minor and release channel."
+        varType: string
       - name: in_transit_encryption_config
         description: Defines the config of in-transit encryption. Valid values are `IN_TRANSIT_ENCRYPTION_DISABLED` and `IN_TRANSIT_ENCRYPTION_INTER_NODE_TRANSPARENT`.
         varType: string

modules/beta-autopilot-private-cluster/README.md

@@ -113,6 +113,7 @@ Then perform the following commands on the root folder:
 | fleet\_project\_grant\_service\_agent | (Optional) Grant the fleet project service identity the `roles/gkehub.serviceAgent` and `roles/gkehub.crossProjectServiceAgent` roles. | `bool` | `false` | no |
 | gateway\_api\_channel | The gateway api channel of this cluster. Accepted values are `CHANNEL_STANDARD` and `CHANNEL_DISABLED`. | `string` | `null` | no |
 | gcp\_public\_cidrs\_access\_enabled | Allow access through Google Cloud public IP addresses | `bool` | `null` | no |
+| gke\_auto\_upgrade\_config\_patch\_mode | The selected auto-upgrade patch type. Accepted values are: `ACCELERATED`: Upgrades to the latest available patch version in a given minor and release channel. | `string` | `null` | no |
 | gke\_backup\_agent\_config | Whether Backup for GKE agent is enabled for this cluster. | `bool` | `false` | no |
 | grant\_registry\_access | Grants created cluster-specific service account storage.objectViewer and artifactregistry.reader roles. | `bool` | `false` | no |
 | horizontal\_pod\_autoscaling | Enable horizontal pod autoscaling addon | `bool` | `true` | no |

modules/beta-autopilot-private-cluster/cluster.tf

@@ -50,6 +50,14 @@ resource "google_container_cluster" "primary" {
     }
   }
 
+  dynamic "gke_auto_upgrade_config" {
+    for_each = var.gke_auto_upgrade_config_patch_mode != null ? [1] : []
+
+    content {
+      patch_mode = var.gke_auto_upgrade_config_patch_mode
+    }
+  }
+
   dynamic "cost_management_config" {
     for_each = var.enable_cost_allocation ? [1] : []
     content {

modules/beta-autopilot-private-cluster/metadata.display.yaml

@@ -151,6 +151,9 @@ spec:
         gcp_public_cidrs_access_enabled:
           name: gcp_public_cidrs_access_enabled
           title: Gcp Public Cidrs Access Enabled
+        gke_auto_upgrade_config_patch_mode:
+          name: gke_auto_upgrade_config_patch_mode
+          title: Gke Auto Upgrade Config Patch Mode
         gke_backup_agent_config:
           name: gke_backup_agent_config
           title: Gke Backup Agent Config