added gcp provider

Author: ShibraAmin18

README.md

@@ -65,6 +65,7 @@ No requirements.
 | Name | Version |
 |------|---------|
 | <a name="provider_aws"></a> [aws](#provider\_aws) | n/a |
+| <a name="provider_google"></a> [google](#provider\_google) | n/a |
 | <a name="provider_helm"></a> [helm](#provider\_helm) | n/a |
 | <a name="provider_kubernetes"></a> [kubernetes](#provider\_kubernetes) | n/a |
 | <a name="provider_random"></a> [random](#provider\_random) | n/a |
@@ -79,6 +80,8 @@ No modules.
 |------|------|
 | [aws_secretsmanager_secret.redis_password](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret) | resource |
 | [aws_secretsmanager_secret_version.redis_password](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret_version) | resource |
+| [google_secret_manager_secret.redis_secret](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/secret_manager_secret) | resource |
+| [google_secret_manager_secret_version.redis_secret](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/secret_manager_secret_version) | resource |
 | [helm_release.redis](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource |
 | [kubernetes_namespace.redis](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/namespace) | resource |
 | [random_password.redis_password](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/password) | resource |
@@ -95,7 +98,8 @@ No modules.
 | <a name="input_grafana_monitoring_enabled"></a> [grafana\_monitoring\_enabled](#input\_grafana\_monitoring\_enabled) | Specify whether or not to deploy Redis exporter to collect Redis metrics for monitoring in Grafana. | `bool` | `false` | no |
 | <a name="input_namespace"></a> [namespace](#input\_namespace) | Namespace where the Redis resources will be deployed. | `string` | `"redis"` | no |
 | <a name="input_recovery_window_aws_secret"></a> [recovery\_window\_aws\_secret](#input\_recovery\_window\_aws\_secret) | Number of days that AWS Secrets Manager will wait before it can delete the secret. The value can be 0 to force deletion without recovery, or a range from 7 to 30 days. | `number` | `0` | no |
-| <a name="input_redis_config"></a> [redis\_config](#input\_redis\_config) | Specify the configuration settings for Redis, including the name, environment, storage options, replication settings, store password to secret manager and custom YAML values. | `any` | <pre>{<br>  "architecture": "replication",<br>  "environment": "",<br>  "master_volume_size": "",<br>  "name": "",<br>  "slave_replica_count": 1,<br>  "slave_volume_size": "",<br>  "storage_class_name": "",<br>  "store_password_to_secret_manager": "",<br>  "values_yaml": ""<br>}</pre> | no |
+| <a name="input_redis_config"></a> [redis\_config](#input\_redis\_config) | Specify the configuration settings for Redis, including the name, environment, storage options, replication settings, store password to secret manager and custom YAML values. | `any` | <pre>{<br>  "architecture": "replication",<br>  "environment": "",<br>  "master_volume_size": "",<br>  "name": "",<br>  "slave_replica_count": 1,<br>  "slave_volume_size": "",<br>  "storage_class_name": "",<br>  "store_password_to_secret_manager": true,<br>  "values_yaml": ""<br>}</pre> | no |
+| <a name="input_secret_provider_type"></a> [secret\_provider\_type](#input\_secret\_provider\_type) | Choose where secrets will be stored (aws, gcp) | `string` | `"aws"` | no |
 
 ## Outputs
 

examples/complete/README.md

@@ -6,6 +6,13 @@
 ### [SquareOps Technologies](https://squareops.com/) Your DevOps Partner for Accelerating cloud journey.
 <br>
 This example will be very useful for users who are new to a module and want to quickly learn how to use it. By reviewing the examples, users can gain a better understanding of how the module works, what features it supports, and how to customize it to their specific needs.
+
+## Usage
+
+Use the provider file as per your need.
+- If deploying into AWS EKS use `provider-aws.tf` file and remove `provider-gcp.tf` file.
+- If deploying into Google GKE use `provider-gcp.tf` file and remove `provider-aws.tf` file.
+
 <!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
 ## Requirements
 
@@ -16,6 +23,7 @@ No requirements.
 | Name | Version |
 |------|---------|
 | <a name="provider_aws"></a> [aws](#provider\_aws) | n/a |
+| <a name="provider_google"></a> [google](#provider\_google) | n/a |
 
 ## Modules
 
@@ -29,6 +37,8 @@ No requirements.
 |------|------|
 | [aws_eks_cluster.cluster](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/eks_cluster) | data source |
 | [aws_eks_cluster_auth.cluster](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/eks_cluster_auth) | data source |
+| [google_client_config.default](https://registry.terraform.io/providers/hashicorp/google/latest/docs/data-sources/client_config) | data source |
+| [google_container_cluster.primary](https://registry.terraform.io/providers/hashicorp/google/latest/docs/data-sources/container_cluster) | data source |
 
 ## Inputs
 

examples/complete/main.tf

@@ -22,6 +22,7 @@ module "redis" {
     storage_class_name               = "gp3"
     slave_replica_count              = 2
     store_password_to_secret_manager = local.store_password_to_secret_manager
+    secret_provider_type             = "aws"
   }
   grafana_monitoring_enabled = true
   recovery_window_aws_secret = 0

examples/complete/provider.tf examples/complete/provider-aws.tfexamples/complete/provider.tf renamed to examples/complete/provider-aws.tf

@@ -0,0 +1,21 @@
+data "google_client_config" "default" {}
+
+data "google_container_cluster" "primary" {
+  name     = ""
+  location = ""
+  project  = ""
+}
+
+provider "kubernetes" {
+  host                   = "https://${data.google_container_cluster.primary.endpoint}"
+  token                  = data.google_client_config.default.access_token
+  cluster_ca_certificate = base64decode(data.google_container_cluster.primary.master_auth.0.cluster_ca_certificate)
+}
+
+provider "helm" {
+  kubernetes {
+    host                   = "https://${data.google_container_cluster.primary.endpoint}"
+    token                  = data.google_client_config.default.access_token
+    cluster_ca_certificate = base64decode(data.google_container_cluster.primary.master_auth.0.cluster_ca_certificate)
+  }
+}

examples/complete/provider-gcp.tf

@@ -5,13 +5,13 @@ resource "random_password" "redis_password" {
 }
 
 resource "aws_secretsmanager_secret" "redis_password" {
-  count                   = var.redis_config.store_password_to_secret_manager ? 1 : 0
+  count                   = var.redis_config.store_password_to_secret_manager && var.secret_provider_type == "aws" ? 1 : 0
   name                    = format("%s/%s/%s", var.redis_config.environment, var.redis_config.name, "redis")
   recovery_window_in_days = var.recovery_window_aws_secret
 }
 
 resource "aws_secretsmanager_secret_version" "redis_password" {
-  count     = var.redis_config.store_password_to_secret_manager ? 1 : 0
+  count     = var.redis_config.store_password_to_secret_manager && var.secret_provider_type == "aws" ? 1 : 0
   secret_id = aws_secretsmanager_secret.redis_password[0].id
   secret_string = var.custom_credentials_enabled ? jsonencode(
     {
@@ -25,6 +25,32 @@ resource "aws_secretsmanager_secret_version" "redis_password" {
   })
 }
 
+resource "google_secret_manager_secret" "redis_secret" {
+  count     = var.redis_config.store_password_to_secret_manager && var.secret_provider_type == "gcp" ? 1 : 0
+  project   = var.project_id
+  secret_id = format("%s-%s-%s", var.redis_config.environment, var.redis_config.name, "redis")
+
+  replication {
+    automatic = true
+  }
+}
+
+resource "google_secret_manager_secret_version" "redis_secret" {
+  count  = var.redis_config.store_password_to_secret_manager && var.secret_provider_type == "gcp" ? 1 : 0
+  secret = google_secret_manager_secret.redis_secret[0].id
+  secret_data = var.custom_credentials_enabled ? jsonencode(
+    {
+      "redis_username" : "root",
+      "redis_password" : "${var.custom_credentials_config.password}"
+
+    }) : jsonencode(
+    {
+      "redis_username" : "root",
+      "redis_password" : "${random_password.redis_password[0].result}"
+  })
+}
+
+
 resource "kubernetes_namespace" "redis" {
   count = var.create_namespace ? 1 : 0
   metadata {

main.tf

@@ -8,7 +8,7 @@ variable "redis_config" {
     slave_replica_count              = 1
     slave_volume_size                = ""
     storage_class_name               = ""
-    store_password_to_secret_manager = ""
+    store_password_to_secret_manager = true
     values_yaml                      = ""
   }
   description = "Specify the configuration settings for Redis, including the name, environment, storage options, replication settings, store password to secret manager and custom YAML values."
@@ -63,3 +63,9 @@ variable "custom_credentials_config" {
   }
   description = "Specify the configuration settings for Redis to pass custom credentials during creation."
 }
+
+variable "secret_provider_type" {
+  type        = string
+  default     = "aws"
+  description = "Choose where secrets will be stored (aws, gcp)"
+}