forked from runatlantis/terraform-gce-atlantis
-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathvariables.tf
209 lines (177 loc) · 5.39 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
variable "name" {
type = string
description = "Custom name that's used during resource creation"
}
variable "network" {
type = string
description = "Name of the network"
}
variable "subnetwork" {
type = string
description = "Name of the subnetwork to attach a network interface to"
}
variable "region" {
type = string
description = "The region that resources should be created in"
}
variable "zone" {
type = string
description = "The zone that instances should be created in"
}
variable "machine_image" {
type = string
description = "The machine image to create VMs with, if not specified, latest cos_cloud/cos_stable is used"
default = null
}
variable "machine_type" {
type = string
description = "The machine type to run Atlantis on"
default = "n2-standard-2"
}
variable "persistent_disk_size_gb" {
type = number
description = "The size of the persistent disk that Atlantis uses to store its data on"
default = 50
}
variable "spot_machine_enabled" {
type = bool
description = "A Spot VM is discounted Compute Engine capacity that may be preemptively stopped or deleted by Compute Engine if the capacity is needed"
default = false
}
variable "startup_script" {
type = string
description = "A startup script that runs during the boot cycle when you first launch an instance"
default = null
}
variable "disk_kms_key_self_link" {
type = string
description = "The self link of the encryption key that is stored in Google Cloud KMS"
default = null
}
variable "image" {
type = string
description = "Docker image. This is most often a reference to a container located in a container registry"
default = "ghcr.io/runatlantis/atlantis:latest"
}
variable "env_vars" {
type = map(any)
description = "Key-value pairs representing environment variables and their respective values"
}
variable "service_account" {
type = object({
email = string,
scopes = list(string)
})
description = "Service account to attach to the instance running Atlantis"
default = {
email = ""
scopes = ["cloud-platform"]
}
}
variable "shielded_instance_config" {
type = object({
enable_integrity_monitoring = optional(bool)
enable_vtpm = optional(bool)
enable_secure_boot = optional(bool)
})
description = "Shielded VM provides verifiable integrity to prevent against malware and rootkits"
default = {
enable_integrity_monitoring = true
enable_vtpm = true
enable_secure_boot = true
}
}
variable "domain" {
type = string
description = "Domain to associate Atlantis with and to request a managed SSL certificate for. Without `https://`"
}
variable "block_project_ssh_keys_enabled" {
type = bool
description = "Blocks the use of project-wide publich SSH keys"
default = false
}
variable "enable_oslogin" {
type = bool
description = "Enables OS Login service on the VM"
default = false
}
variable "iap" {
type = object({
oauth2_client_id = string
oauth2_client_secret = string
})
description = "Settings for enabling Cloud Identity Aware Proxy to protect the Atlantis UI"
default = null
}
variable "ssl_policy" {
type = string
description = "The SSL policy name that the certificate must follow"
default = null
}
variable "tags" {
type = list(string)
description = "Tags to attach to the instance running Atlantis"
default = []
}
variable "project" {
type = string
description = "The ID of the project in which the resource belongs"
default = null
}
variable "expose_metrics_publicly" {
type = bool
description = "Exposes the /metrics endpoint publicly even if Atlantis is protected by IAP"
default = false
}
variable "expose_healthz_publicly" {
type = bool
description = "Exposes the /healthz endpoint publicly even if Atlantis is protected by IAP"
default = false
}
variable "google_logging_enabled" {
type = bool
description = "Enable Google Cloud Logging"
default = true
}
variable "google_logging_use_fluentbit" {
type = bool
description = "Enable Google Cloud Logging using Fluent Bit"
default = false
}
variable "google_monitoring_enabled" {
type = bool
description = "Enable Google Cloud Monitoring"
default = true
}
variable "labels" {
type = map(any)
description = "Key-value pairs representing labels attaching to instance & instance template"
default = {}
}
variable "default_backend_security_policy" {
type = string
description = "Name of the security policy to apply to the default backend service"
default = null
}
variable "iap_backend_security_policy" {
type = string
description = "Name of the security policy to apply to the IAP backend service"
default = null
}
variable "enable_confidential_vm" {
type = bool
description = "Enable Confidential VM. If true, on host maintenance will be set to TERMINATE"
default = false
}
variable "shared_vpc" {
description = "Whether to deploy within a shared VPC"
type = object({
host_project_id = string
})
default = null
}
variable "persistent_disk_type" {
type = string
description = "The type of persistent disk that Atlantis uses to store its data on"
default = "pd-ssd"
}