feat: add support for policy bundles

terraform-google-modules · Jan 30, 2023 · 49863ec · 49863ec
1 parent b71c813
commit 49863ec
Show file tree

Hide file tree

Showing 4 changed files with 4 additions and 4 deletions.
diff --git a/examples/simple_zonal_with_acm/acm.tf b/examples/simple_zonal_with_acm/acm.tf
@@ -26,5 +26,5 @@ module "acm" {
 
   secret_type = "ssh"
 
-  policy_bundles = "https://github.com/GoogleCloudPlatform/acm-policy-controller-library.git/bundles/policy-essentials-v2022"
+  policy_bundles = "https://github.com/GoogleCloudPlatform/acm-policy-controller-library/bundles/policy-essentials-v2022#e4094aacb91a35b0219f6f4cf6a31580e85b3c28"
 }
diff --git a/modules/acm/README.md b/modules/acm/README.md
@@ -78,7 +78,7 @@ data "google_client_config" "default" {}
 | https\_proxy | URL for the HTTPS proxy to be used when communicating with the Git repo. | `string` | `null` | no |
 | install\_template\_library | Whether to install the default Policy Controller template library | `bool` | `true` | no |
 | location | GCP location used to reach cluster. | `string` | n/a | yes |
-| policy\_bundles | A space separated list of Policy Controller policy bundles urls to install on the cluster. | `string` | `null` | no |
+| policy\_bundles | A space separated list of Policy Controller policy bundles git urls (example: https://github.com/GoogleCloudPlatform/acm-policy-controller-library.git/bundles/policy-essentials-v2022) to install on the cluster. | `string` | `null` | no |
 | policy\_dir | Subfolder containing configs in ACM Git repo. If un-set, uses Config Management default. | `string` | `""` | no |
 | project\_id | GCP project\_id used to reach cluster. | `string` | n/a | yes |
 | secret\_type | git authentication secret type, is passed through to ConfigManagement spec.git.secretType. Overriden to value 'ssh' if `create_ssh_key` is true | `string` | `"ssh"` | no |

diff --git a/modules/acm/creds.tf b/modules/acm/creds.tf
@@ -25,7 +25,7 @@ resource "time_sleep" "wait_acm" {
   count      = (var.create_ssh_key == true || var.ssh_auth_key != null) ? 1 : 0
   depends_on = [google_gke_hub_feature_membership.main]
 
-  create_duration = "60s"
+  create_duration = "300s"
 }
 
 resource "kubernetes_secret_v1" "creds" {

diff --git a/modules/acm/variables.tf b/modules/acm/variables.tf
@@ -148,7 +148,7 @@ variable "enable_referential_rules" {
 }
 
 variable "policy_bundles" {
-  description = "A space separated list of Policy Controller policy bundles urls to install on the cluster."
+  description = "A space separated list of Policy Controller policy bundles git urls (example: https://github.com/GoogleCloudPlatform/acm-policy-controller-library.git/bundles/policy-essentials-v2022) to install on the cluster."
   type        = string
   default     = null
 }