From 2bb0082876e95117dccefa7a484fb321cc9a1d62 Mon Sep 17 00:00:00 2001 From: Billy Lynch Date: Tue, 21 Jan 2025 15:25:03 -0500 Subject: [PATCH] update docs --- modules/dashboard/README.md | 6 +- modules/dashboard/alerts/README.md | 10 +--- .../dashboard/sections/resources/README.md | 1 + modules/gke/README.md | 60 +++++++++++++++++++ modules/regional-go-service/README.md | 2 +- modules/regional-service/README.md | 2 +- modules/regional-service/main.tf | 7 +++ modules/workqueue/testing/README.md | 41 +++++++++++++ 8 files changed, 118 insertions(+), 11 deletions(-) create mode 100644 modules/gke/README.md create mode 100644 modules/workqueue/testing/README.md diff --git a/modules/dashboard/README.md b/modules/dashboard/README.md index d2fcc003..0d4fd2d6 100644 --- a/modules/dashboard/README.md +++ b/modules/dashboard/README.md @@ -53,9 +53,11 @@ No modules. | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| -| [object](#input\_object) | Object to encode into JSON | `object({})` | n/a | yes | +| [object](#input\_object) | Object to encode into JSON | `any` | n/a | yes | ## Outputs -No outputs. +| Name | Description | +|------|-------------| +| [json](#output\_json) | n/a | diff --git a/modules/dashboard/alerts/README.md b/modules/dashboard/alerts/README.md index a8080f7f..fe46b61e 100644 --- a/modules/dashboard/alerts/README.md +++ b/modules/dashboard/alerts/README.md @@ -5,23 +5,19 @@ No requirements. ## Providers -| Name | Version | -|------|---------| -| [google](#provider\_google) | n/a | +No providers. ## Modules | Name | Source | Version | |------|--------|---------| | [alerts](#module\_alerts) | ../widgets/alert | n/a | -| [dashboard-json](#module\_dashboard-json) | ../json | n/a | +| [dashboard](#module\_dashboard) | ../ | n/a | | [width](#module\_width) | ../sections/width | n/a | ## Resources -| Name | Type | -|------|------| -| [google_monitoring_dashboard.dashboard](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/monitoring_dashboard) | resource | +No resources. ## Inputs diff --git a/modules/dashboard/sections/resources/README.md b/modules/dashboard/sections/resources/README.md index b74214fa..9f10478c 100644 --- a/modules/dashboard/sections/resources/README.md +++ b/modules/dashboard/sections/resources/README.md @@ -13,6 +13,7 @@ No providers. |------|--------|---------| | [collapsible](#module\_collapsible) | ../collapsible | n/a | | [cpu\_utilization](#module\_cpu\_utilization) | ../../widgets/xy | n/a | +| [disk\_usage](#module\_disk\_usage) | ../../widgets/xy | n/a | | [instance\_count](#module\_instance\_count) | ../../widgets/xy | n/a | | [memory\_utilization](#module\_memory\_utilization) | ../../widgets/xy | n/a | | [received\_bytes](#module\_received\_bytes) | ../../widgets/xy | n/a | diff --git a/modules/gke/README.md b/modules/gke/README.md new file mode 100644 index 00000000..026d8f30 --- /dev/null +++ b/modules/gke/README.md @@ -0,0 +1,60 @@ + + +## Requirements + +No requirements. + +## Providers + +| Name | Version | +| ------------------------------------------------------------------------ | ------- | +| [google](#provider_google) | n/a | +| [google-beta](#provider_google-beta) | n/a | + +## Modules + +No modules. + +## Resources + +| Name | Type | +| -------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------- | +| [google-beta_google_container_node_pool.pools](https://registry.terraform.io/providers/hashicorp/google-beta/latest/docs/resources/google_container_node_pool) | resource | +| [google_compute_firewall.master_webhook](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_firewall) | resource | +| [google_container_cluster.this](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster) | resource | +| [google_project_iam_member.cluster](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/project_iam_member) | resource | +| [google_service_account.cluster_default](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/service_account) | resource | + +## Inputs + +| Name | Description | Type | Default | Required | +| ------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------- | :------: | +| [cluster_autoscaling](#input_cluster_autoscaling) | Enabling of node auto-provisioning | `bool` | `false` | no | +| [cluster_autoscaling_cpu_limits](#input_cluster_autoscaling_cpu_limits) | cluster autoscaling cpu limits | 
object({
 resource_type = optional(string, "cpu")
 minimum = optional(number, 4)
 maximum = optional(number, 10)
 })
| `{}` | no | +| [cluster_autoscaling_memory_limits](#input_cluster_autoscaling_memory_limits) | cluster autoscaling memory limits | 
object({
 resource_type = optional(string, "memory"),
 minimum = optional(number, 8)
 maximum = optional(number, 80)
 })
| `null` | no | +| [cluster_autoscaling_profile](#input_cluster_autoscaling_profile) | cluster autoscaling profile | `string` | `null` | no | +| [cluster_autoscaling_provisioning_defaults](#input_cluster_autoscaling_provisioning_defaults) | cluster autoscaling provisioning defaults | 
object({
 disk_size = optional(number, null)
 disk_type = optional(string, null)
 shielded_instance_config = optional(object({
 enable_secure_boot = optional(bool, null)
 enable_integrity_monitoring = optional(bool, null)
 }), null)
 management = optional(object({
 auto_upgrade = optional(bool, null)
 auto_repair = optional(bool, null)
 }), null)
 })
| `null` | no | +| [extra_roles](#input_extra_roles) | Extra roles to add to the cluster's default service account | `map(string)` | `{}` | no | +| [master_ipv4_cidr_block](#input_master_ipv4_cidr_block) | If specified, will use this CIDR block for the master's IP address | `any` | n/a | yes | +| [name](#input_name) | n/a | `any` | n/a | yes | +| [network](#input_network) | n/a | `any` | n/a | yes | +| [pools](#input_pools) | n/a | 
map(object({
 min_node_count = optional(number, 1)
 max_node_count = optional(number, 1)
 machine_type = optional(string, "c3-standard-4")
 disk_type = optional(string, "pd-balanced")
 disk_size = optional(number, 100)
 ephemeral_storage_local_ssd_count = optional(number, 0)
 spot = optional(bool, false)
 gvisor = optional(bool, false)
 labels = optional(map(string), {})
 taints = optional(list(object({
 key = string
 value = string
 effect = string
 })), [])
 }))
| n/a | yes | +| [project](#input_project) | n/a | `any` | n/a | yes | +| [region](#input_region) | Always create a regional cluster since GKE doesn't charge differently for regional/zonal clusters. Rather, we configure the node locations using `var.zones` | `any` | n/a | yes | +| [release_channel](#input_release_channel) | GKE release channel | `string` | `"REGULAR"` | no | +| [require_squad](#input_require_squad) | Whether to require squad variable to be specified | `bool` | `true` | no | +| [squad](#input_squad) | squad label to apply to the service. | `string` | `""` | no | +| [subnetwork](#input_subnetwork) | n/a | `any` | n/a | yes | +| [zones](#input_zones) | If specified, will spread nodes across these zones | `any` | `null` | no | + +## Outputs + +| Name | Description | +| ----------------------------------------------------------------------------------------------------- | ----------- | +| [cluster_ca_certificate](#output_cluster_ca_certificate) | n/a | +| [cluster_endpoint](#output_cluster_endpoint) | n/a | +| [cluster_id](#output_cluster_id) | n/a | +| [cluster_name](#output_cluster_name) | n/a | +| [service_account_email](#output_service_account_email) | n/a | + + diff --git a/modules/regional-go-service/README.md b/modules/regional-go-service/README.md index dc167ffb..323b5ae2 100644 --- a/modules/regional-go-service/README.md +++ b/modules/regional-go-service/README.md @@ -94,7 +94,7 @@ No requirements. | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| -| [containers](#input\_containers) | The containers to run in the service. Each container will be run in each region. | 
map(object({
    source = object({
      base_image  = optional(string, "cgr.dev/chainguard/static:latest-glibc")
      working_dir = string
      importpath  = string
      env         = optional(list(string), [])
    })
    args = optional(list(string), [])
    ports = optional(list(object({
      name           = optional(string, "http1")
      container_port = number
    })), [])
    resources = optional(
      object(
        {
          limits = optional(object(
            {
              cpu    = string
              memory = string
            }
          ), null)
          cpu_idle          = optional(bool, true)
          startup_cpu_boost = optional(bool, true)
        }
      ),
      {
        cpu_idle = true
      }
    )
    env = optional(list(object({
      name  = string
      value = optional(string)
      value_source = optional(object({
        secret_key_ref = object({
          secret  = string
          version = string
        })
      }), null)
    })), [])
    regional-env = optional(list(object({
      name  = string
      value = map(string)
    })), [])
    volume_mounts = optional(list(object({
      name       = string
      mount_path = string
    })), [])
  }))
| n/a | yes | +| [containers](#input\_containers) | The containers to run in the service. Each container will be run in each region. | 
map(object({
    source = object({
      base_image  = optional(string, "cgr.dev/chainguard/static:latest-glibc")
      working_dir = string
      importpath  = string
      env         = optional(list(string), [])
    })
    args = optional(list(string), [])
    ports = optional(list(object({
      name           = optional(string, "http1")
      container_port = number
    })), [])
    resources = optional(
      object(
        {
          limits = optional(object(
            {
              cpu    = string
              memory = string
            }
          ), null)
          cpu_idle          = optional(bool, true)
          startup_cpu_boost = optional(bool, true)
        }
      ),
      {
        cpu_idle = true
      }
    )
    env = optional(list(object({
      name  = string
      value = optional(string)
      value_source = optional(object({
        secret_key_ref = object({
          secret  = string
          version = string
        })
      }), null)
    })), [])
    regional-env = optional(list(object({
      name  = string
      value = map(string)
    })), [])
    volume_mounts = optional(list(object({
      name       = string
      mount_path = string
    })), [])
    startup_probe = optional(object({
      initial_delay_seconds = optional(number)
      // GCP Terraform provider defaults differ from Cloud Run defaults.
      // See https://cloud.google.com/run/docs/configuring/healthchecks#tcp-startup-probe
      period_seconds    = optional(number, 240)
      timeout_seconds   = optional(number, 240)
      failure_threshold = optional(number, 1)
      http_get = optional(object({
        path = string
        port = optional(number)
      }), null)
      tcp_socket = optional(object({
        port = optional(number)
      }), null)
      grpc = optional(object({
        service = optional(string)
        port    = optional(number)
      }), null)
    }))
    liveness_probe = optional(object({
      initial_delay_seconds = optional(number)
      // GCP Terraform provider defaults differ from Cloud Run defaults.
      // See https://cloud.google.com/run/docs/configuring/healthchecks#tcp-startup-probe
      period_seconds    = optional(number, 240)
      timeout_seconds   = optional(number, 240)
      failure_threshold = optional(number, 1)
      http_get = optional(object({
        path = string
        port = optional(number)
      }), null)
      tcp_socket = optional(object({
        port = optional(number)
      }), null)
      grpc = optional(object({
        service = optional(string)
        port    = optional(number)
      }), null)
    }))
  }))
| n/a | yes | | [deletion\_protection](#input\_deletion\_protection) | Whether to enable delete protection for the service. | `bool` | `true` | no | | [egress](#input\_egress) | Which type of egress traffic to send through the VPC.

- ALL\_TRAFFIC sends all traffic through regional VPC network
- PRIVATE\_RANGES\_ONLY sends only traffic to private IP addresses through regional VPC network | `string` | `"ALL_TRAFFIC"` | no | | [enable\_profiler](#input\_enable\_profiler) | Enable cloud profiler. | `bool` | `false` | no | diff --git a/modules/regional-service/README.md b/modules/regional-service/README.md index d4e0015b..7d3b1e4d 100644 --- a/modules/regional-service/README.md +++ b/modules/regional-service/README.md @@ -83,7 +83,7 @@ No modules. | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| -| [containers](#input\_containers) | The containers to run in the service. Each container will be run in each region. | 
map(object({
    image = string
    args  = optional(list(string), [])
    ports = optional(list(object({
      name           = optional(string, "http1")
      container_port = number
    })), [])
    resources = optional(
      object(
        {
          limits = optional(object(
            {
              cpu    = string
              memory = string
            }
          ), null)
          cpu_idle          = optional(bool, true)
          startup_cpu_boost = optional(bool, true)
        }
      ),
      {
        cpu_idle = true
      }
    )
    env = optional(list(object({
      name  = string
      value = optional(string)
      value_source = optional(object({
        secret_key_ref = object({
          secret  = string
          version = string
        })
      }), null)
    })), [])
    regional-env = optional(list(object({
      name  = string
      value = map(string)
    })), [])
    volume_mounts = optional(list(object({
      name       = string
      mount_path = string
    })), [])
  }))
| n/a | yes | +| [containers](#input\_containers) | The containers to run in the service. Each container will be run in each region. | 
map(object({
    image = string
    args  = optional(list(string), [])
    ports = optional(list(object({
      name           = optional(string, "http1")
      container_port = number
    })), [])
    resources = optional(
      object(
        {
          limits = optional(object(
            {
              cpu    = string
              memory = string
            }
          ), null)
          cpu_idle          = optional(bool, true)
          startup_cpu_boost = optional(bool, true)
        }
      ),
      {
        cpu_idle = true
      }
    )
    env = optional(list(object({
      name  = string
      value = optional(string)
      value_source = optional(object({
        secret_key_ref = object({
          secret  = string
          version = string
        })
      }), null)
    })), [])
    regional-env = optional(list(object({
      name  = string
      value = map(string)
    })), [])
    volume_mounts = optional(list(object({
      name       = string
      mount_path = string
    })), [])
    startup_probe = optional(object({
      initial_delay_seconds = optional(number)
      // GCP Terraform provider defaults differ from Cloud Run defaults.
      // See https://cloud.google.com/run/docs/configuring/healthchecks#tcp-startup-probe
      period_seconds    = optional(number, 240)
      timeout_seconds   = optional(number, 240)
      failure_threshold = optional(number, 1)
      http_get = optional(object({
        path = string
        port = optional(number)
      }), null)
      tcp_socket = optional(object({
        port = optional(number)
      }), null)
      grpc = optional(object({
        service = optional(string)
        port    = optional(number)
      }), null)
    }))
    liveness_probe = optional(object({
      initial_delay_seconds = optional(number)
      // GCP Terraform provider defaults differ from Cloud Run defaults.
      // See https://cloud.google.com/run/docs/configuring/healthchecks#tcp-startup-probe
      period_seconds    = optional(number, 240)
      timeout_seconds   = optional(number, 240)
      failure_threshold = optional(number, 1)
      http_get = optional(object({
        path = string
        port = optional(number)
      }), null)
      tcp_socket = optional(object({
        port = optional(number)
      }), null)
      grpc = optional(object({
        service = optional(string)
        port    = optional(number)
      }), null)
    }))
  }))
| n/a | yes | | [deletion\_protection](#input\_deletion\_protection) | Whether to enable delete protection for the service. | `bool` | `true` | no | | [egress](#input\_egress) | Which type of egress traffic to send through the VPC.

- ALL\_TRAFFIC sends all traffic through regional VPC network
- PRIVATE\_RANGES\_ONLY sends only traffic to private IP addresses through regional VPC network | `string` | `"ALL_TRAFFIC"` | no | | [enable\_profiler](#input\_enable\_profiler) | Enable cloud profiler. | `bool` | `false` | no | diff --git a/modules/regional-service/main.tf b/modules/regional-service/main.tf index 0457db87..fc09978d 100644 --- a/modules/regional-service/main.tf +++ b/modules/regional-service/main.tf @@ -160,6 +160,13 @@ resource "google_cloud_run_v2_service" "this" { port = tcp_socket.value.port } } + dynamic "grpc" { + for_each = startup_probe.value.grpc != null ? { "" : startup_probe.value.grpc } : {} + content { + service = grpc.value.service + port = grpc.value.port + } + } initial_delay_seconds = startup_probe.value.initial_delay_seconds period_seconds = startup_probe.value.period_seconds diff --git a/modules/workqueue/testing/README.md b/modules/workqueue/testing/README.md new file mode 100644 index 00000000..a7cb68f1 --- /dev/null +++ b/modules/workqueue/testing/README.md @@ -0,0 +1,41 @@ + + +## Requirements + +No requirements. + +## Providers + +| Name | Version | +| --------------------------------------------------------------------- | ------- | +| [ko](#provider_ko) | n/a | +| [kubernetes](#provider_kubernetes) | n/a | + +## Modules + +No modules. + +## Resources + +| Name | Type | +| ----------------------------------------------------------------------------------------------------------------------------- | -------- | +| [ko_build.inmem](https://registry.terraform.io/providers/ko-build/ko/latest/docs/resources/build) | resource | +| [kubernetes_manifest.inmem-ksvc](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/manifest) | resource | +| [kubernetes_manifest.svc-acct](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/manifest) | resource | + +## Inputs + +| Name | Description | Type | Default | Required | +| --------------------------------------------------------------------------------------- | ---------------------------------------------------------- | -------- | ------- | :------: | +| [concurrent-work](#input_concurrent-work) | The amount of concurrent work to dispatch at a given time. | `number` | n/a | yes | +| [name](#input_name) | n/a | `string` | n/a | yes | +| [namespace](#input_namespace) | n/a | `string` | n/a | yes | +| [reconciler-service](#input_reconciler-service) | The address of the k8s service to push keys to. | `string` | n/a | yes | + +## Outputs + +| Name | Description | +| ----------------------------------------------------------- | ----------- | +| [receiver](#output_receiver) | n/a | + +