Add atlantis config file in the repo

.lacework/config.yaml

@@ -0,0 +1,3 @@
+suppress:
+  - "ckv-aws-50"
+  - "ckv-gcp-20"

atlantis.yaml

@@ -0,0 +1,16 @@
+---
+version: 3
+projects:
+ - dir: terraform-gcp
+   workflow: testing
+workflows:
+  testing:
+    plan:
+      steps:
+        - run: "printf 'print getting started: $PLANFILE $WORKSPACE $DIR  $HEAD_COMMIT $HEAD_BRANCH_NAME $PULL_NUM $PROJECT_NAME $HEAD_REPO_OWNER $HEAD_BRANCH_NAME $ATLANTIS_TERRAFORM_VERSION'"
+        - run: "echo $DIR, $WORKSPACE, $HEAD_COMMIT, $PULL_NUM, $PROJECT_NAME, $HEAD_BRANCH_NAME, $HEAD_REPO_NAME, $BASE_REPO_NAME, $HEAD_REPO_OWNER"
+        - init
+        - run: "terraform plan -input=false -refresh -out $PLANFILE"
+        - run: "terraform show -json $PLANFILE > $SHOWFILE"
+        - run: "soluble ea terraform-plan-scan --plan $SHOWFILE"
+        - run: "printf 'print meeee'"

kubernetes.tf

@@ -0,0 +1,43 @@
+data "google_compute_zones" "available" {
+}
+
+# tfsec:ignore:GCP009: test comment
+resource "google_container_cluster" "primary" {
+  name           = var.cluster_name
+  location 	     = "us-central1"
+  initial_node_count = 1
+
+  min_master_version = var.kubernetes_version
+  node_version       = var.kubernetes_version
+
+  monitoring_service = "monitoring.googleapis.com/kubernetes"
+
+  master_auth {
+    client_certificate_config {
+      issue_client_certificate = false
+    }
+  }
+
+  node_config {
+    # tfsec:ignore:AVD-GCP-0050
+    oauth_scopes = [
+      "https://www.googleapis.com/auth/compute",
+      "https://www.googleapis.com/auth/devstorage.read_only",
+      "https://www.googleapis.com/auth/logging.write",
+    ]
+
+  }
+
+}
+
+output "cluster_name" {
+  value = google_container_cluster.primary.name
+}
+
+output "endpoint" {
+  value = google_container_cluster.primary.endpoint
+}
+
+output "node_version" {
+  value = google_container_cluster.primary.node_version
+}

main.tf

@@ -0,0 +1,3 @@
+resource "null_resource" "example" {
+
+}

provider.tf

@@ -0,0 +1,4 @@
+provider "google" {
+  project = "soluble-ci"
+  region  = var.region
+}

terraform-gcp/kubernetes.tf

@@ -1,19 +1,21 @@
+data "google_compute_zones" "available" {
+}
+
 # tfsec:ignore:GCP009: test comment
 resource "google_container_cluster" "primary" {
-  name               = var.cluster_name
-  location 	     = data.google_compute_zones.available.names[0]
-  initial_node_count = 3
+  name           = var.cluster_name
+  location 	     = "us-central1"
+  initial_node_count = 1
 
   min_master_version = var.kubernetes_version
   node_version       = var.kubernetes_version
 
-  node_locations = [
-    data.google_compute_zones.available.names[1],
-  ]
+  monitoring_service = "monitoring.googleapis.com/kubernetes"
 
   master_auth {
-    username = var.username
-    password = var.password
+    client_certificate_config {
+      issue_client_certificate = false
+    }
   }
 
   node_config {
@@ -22,23 +24,16 @@ resource "google_container_cluster" "primary" {
       "https://www.googleapis.com/auth/compute",
       "https://www.googleapis.com/auth/devstorage.read_only",
       "https://www.googleapis.com/auth/logging.write",
-
     ]
+
   }
+
 }
 
 output "cluster_name" {
   value = google_container_cluster.primary.name
 }
 
-output "primary_zone" {
-  value = google_container_cluster.primary.zone
-}
-
-output "additional_zones" {
-  value = google_container_cluster.primary.additional_zones
-}
-
 output "endpoint" {
   value = google_container_cluster.primary.endpoint
 }

terraform-gcp/provider.tf

@@ -1,3 +1,4 @@
 provider "google" {
+  project = "soluble-ci"
   region = var.region
 }

variables.tf

@@ -0,0 +1,24 @@
+variable "region" {
+  type = string
+  default = "us-west-2"
+}
+
+variable "kubernetes_version" {
+  default = "1.16.8"
+}
+
+variable "username" {
+   type = string
+   default = "ubuntu"
+}
+
+variable "password" {
+  type = string
+  #tfsec:ignore:GEN001
+  default = "ubuntu"
+}
+
+variable "cluster_name" {
+  type = string
+  default = "soluble-gcp-example-cluster"
+}