From 6361ce238453d918e8c1d03c706916e65ebfa940 Mon Sep 17 00:00:00 2001 From: Justin Bedard Date: Fri, 10 Oct 2025 15:09:53 -0400 Subject: [PATCH] Expanding the configuration of GKE Backup. --- .../gke_backup.tf | 32 +++++++++++++++++++ .../outputs.tf | 15 +++++++++ .../variables.tf | 27 ++++++++++++++-- 3 files changed, 71 insertions(+), 3 deletions(-) create mode 100644 modules/beta-private-cluster-update-variant/gke_backup.tf diff --git a/modules/beta-private-cluster-update-variant/gke_backup.tf b/modules/beta-private-cluster-update-variant/gke_backup.tf new file mode 100644 index 0000000000..aec5828c1f --- /dev/null +++ b/modules/beta-private-cluster-update-variant/gke_backup.tf @@ -0,0 +1,32 @@ +# Add backup plan resources outside the cluster resource +resource "google_gke_backup_backup_plan" "this" { + for_each = { + for plan in try(var.gke_backup_agent_config.backup_plans, []) : + plan.name => plan + if try(var.gke_backup_agent_config.enabled, false) + } + + name = each.value.name + location = each.value.location + cluster = each.value.cluster + + description = try(each.value.description, null) + labels = try(each.value.labels, null) + + dynamic "retention_policy" { + for_each = each.value.retention_policy != null ? [each.value.retention_policy] : [] + content { + backup_delete_lock_days = try(retention_policy.value.backup_delete_lock_days, null) + backup_retain_days = try(retention_policy.value.backup_retain_days, null) + locked = try(retention_policy.value.locked, null) + } + } + + dynamic "schedule" { + for_each = each.value.schedule != null ? [each.value.schedule] : [] + content { + cron_schedule = schedule.value.cron_schedule + paused = try(schedule.value.paused, null) + } + } +} diff --git a/modules/beta-private-cluster-update-variant/outputs.tf b/modules/beta-private-cluster-update-variant/outputs.tf index abdf16f900..4656693956 100644 --- a/modules/beta-private-cluster-update-variant/outputs.tf +++ b/modules/beta-private-cluster-update-variant/outputs.tf @@ -205,3 +205,18 @@ output "tpu_ipv4_cidr_block" { description = "The IP range in CIDR notation used for the TPUs" value = var.enable_tpu ? google_container_cluster.primary.tpu_ipv4_cidr_block : null } + +output "gke_backup_agent_config_enabled" { + value = var.gke_backup_agent_config.enabled + description = "Whether the Backup for GKE agent is enabled." +} + +output "gke_backup_backup_plan_ids" { + value = { for k, v in google_gke_backup_backup_plan.this : k => v.id } + description = "IDs of created Backup for GKE backup plans." +} + +output "gke_backup_backup_plan_names" { + value = { for k, v in google_gke_backup_backup_plan.this : k => v.name } + description = "Names of created Backup for GKE backup plans." +} diff --git a/modules/beta-private-cluster-update-variant/variables.tf b/modules/beta-private-cluster-update-variant/variables.tf index 11bd398c68..fb09612f25 100644 --- a/modules/beta-private-cluster-update-variant/variables.tf +++ b/modules/beta-private-cluster-update-variant/variables.tf @@ -631,9 +631,30 @@ variable "gce_pd_csi_driver" { } variable "gke_backup_agent_config" { - type = bool - description = "Whether Backup for GKE agent is enabled for this cluster." - default = false + description = "Config for Backup for GKE add-on and backup plans" + type = object({ + enabled = bool + backup_plans = optional(list(object({ + name = string + location = string + cluster = string + description = optional(string) + labels = optional(map(string)) + retention_policy = optional(object({ + backup_delete_lock_days = optional(number) + backup_retain_days = optional(number) + locked = optional(bool) + })) + schedule = optional(object({ + cron_schedule = string + paused = optional(bool) + })) + })), []) + }) + default = { + enabled = false + backup_plans = [] + } } variable "timeouts" {