feat: deploy harbor helm chart

[mulmuri]

Reverts #48

[atlantis-goboolean]

Ran Plan for dir: projects/dev workspace: default

Show Output

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
+ create

Terraform will perform the following actions:

  # module.harbor.helm_release.harbor will be created
+ resource "helm_release" "harbor" {
      + atomic                     = false
      + chart                      = "harbor"
      + cleanup_on_fail            = false
      + create_namespace           = true
      + dependency_update          = false
      + disable_crd_hooks          = false
      + disable_openapi_validation = false
      + disable_webhooks           = false
      + force_update               = false
      + id                         = (known after apply)
      + lint                       = false
      + manifest                   = (known after apply)
      + max_history                = 0
      + metadata                   = (known after apply)
      + name                       = "harbor"
      + namespace                  = "foundation"
      + pass_credentials           = false
      + recreate_pods              = false
      + render_subchart_notes      = true
      + replace                    = false
      + repository                 = "https://helm.goharbor.io"
      + reset_values               = false
      + reuse_values               = false
      + skip_crds                  = false
      + status                     = "deployed"
      + timeout                    = 300
      + values                     = [
          + <<-EOT
                harbor:
                  expose:
                    # Set how to expose the service. Set the type as "ingress", "clusterIP", "nodePort" or "loadBalancer"
                    # and fill the information in the corresponding section
                    type: loadBalancer
                    tls:
                      # Enable TLS or not.
                      # Delete the "ssl-redirect" annotations in "expose.ingress.annotations" when TLS is disabled and "expose.type" is "ingress"
                      # Note: if the "expose.type" is "ingress" and TLS is disabled,
                      # the port must be included in the command when pulling/pushing images.
                      # Refer to https://github.com/goharbor/harbor/issues/5291 for details.
                      enabled: false
                
                  # The external URL for Harbor core service. It is used to
                  # 1) populate the docker/helm commands showed on portal
                  # 2) populate the token service URL returned to docker client
                  #
                  # Format: protocol://domain[:port]. Usually:
                  # 1) if "expose.type" is "ingress", the "domain" should be
                  # the value of "expose.ingress.hosts.core"
                  # 2) if "expose.type" is "clusterIP", the "domain" should be
                  # the value of "expose.clusterIP.name"
                  # 3) if "expose.type" is "nodePort", the "domain" should be
                  # the IP address of k8s node
                  #
                  # If Harbor is deployed behind the proxy, set it as the URL of proxy
                  externalURL: http://core.harbor.domain
            EOT,
        ]
      + verify                     = false
      + version                    = "1.15.1"
      + wait                       = true
      + wait_for_jobs              = false
    }

Plan: 1 to add, 0 to change, 0 to destroy.

• ▶️ To apply this plan, comment:

  atlantis apply -d projects/dev

• 🚮 To delete this plan and lock, click here
• 🔁 To plan this project again, comment:

  atlantis plan -d projects/dev

Plan: 1 to add, 0 to change, 0 to destroy.

---

• ⏩ To apply all unapplied plans from this Pull Request, comment:

  atlantis apply

• 🚮 To delete all plans and locks from this Pull Request, comment:

  atlantis unlock

[Yeeun411]

approved

[Yeeun411]

atlantis apply

[atlantis-goboolean]

Ran Apply for dir: projects/dev workspace: default

Apply Error

Show Output

running "/usr/bin/terraform apply -input=false \"/home/mulmuri/.atlantis/repos/Goboolean/infrastructure/50/default/projects/dev/default.tfplan\"" in "/home/mulmuri/.atlantis/repos/Goboolean/infrastructure/50/default/projects/dev": exit status 1
module.harbor.helm_release.harbor: Creating...
╷
│ Error: Kubernetes cluster unreachable: Get "https://34.64.179.216/version": getting credentials: exec: executable gke-gcloud-auth-plugin not found
│ 
│ It looks like you are trying to use a client-go credential plugin that is not installed.
│ 
│ To learn more about this feature, consult the documentation available at:
│       https://kubernetes.io/docs/reference/access-authn-authz/authentication/#client-go-credential-plugins
│ 
│ Install gke-gcloud-auth-plugin for use with kubectl by following https://cloud.google.com/kubernetes-engine/docs/how-to/cluster-access-for-kubectl#install_plugin
│ 
│   with module.harbor.helm_release.harbor,
│   on ../../modules/infra/harbor/main.tf line 1, in resource "helm_release" "harbor":
│    1: resource "helm_release" "harbor" {
│ 
╵

[mulmuri]

atlantis apply

[atlantis-goboolean]

Ran Apply for dir: projects/dev workspace: default

Apply Error

running "/usr/bin/terraform apply -input=false \"/home/mulmuri/.atlantis/repos/Goboolean/infrastructure/50/default/projects/dev/default.tfplan\"" in "/home/mulmuri/.atlantis/repos/Goboolean/infrastructure/50/default/projects/dev": exit status 1
╷
│ Error: Saved plan is stale
│ 
│ The given plan file can no longer be applied because the state was changed
│ by another operation after the plan was created.
╵

[mulmuri]

atlantis plan

[atlantis-goboolean]

Ran Plan for dir: projects/dev workspace: default

Show Output

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
+ create

Terraform will perform the following actions:

  # module.harbor.helm_release.harbor will be created
+ resource "helm_release" "harbor" {
      + atomic                     = false
      + chart                      = "harbor"
      + cleanup_on_fail            = false
      + create_namespace           = true
      + dependency_update          = false
      + disable_crd_hooks          = false
      + disable_openapi_validation = false
      + disable_webhooks           = false
      + force_update               = false
      + id                         = (known after apply)
      + lint                       = false
      + manifest                   = (known after apply)
      + max_history                = 0
      + metadata                   = (known after apply)
      + name                       = "harbor"
      + namespace                  = "foundation"
      + pass_credentials           = false
      + recreate_pods              = false
      + render_subchart_notes      = true
      + replace                    = false
      + repository                 = "https://helm.goharbor.io"
      + reset_values               = false
      + reuse_values               = false
      + skip_crds                  = false
      + status                     = "deployed"
      + timeout                    = 300
      + values                     = [
          + <<-EOT
                harbor:
                  expose:
                    # Set how to expose the service. Set the type as "ingress", "clusterIP", "nodePort" or "loadBalancer"
                    # and fill the information in the corresponding section
                    type: loadBalancer
                    tls:
                      # Enable TLS or not.
                      # Delete the "ssl-redirect" annotations in "expose.ingress.annotations" when TLS is disabled and "expose.type" is "ingress"
                      # Note: if the "expose.type" is "ingress" and TLS is disabled,
                      # the port must be included in the command when pulling/pushing images.
                      # Refer to https://github.com/goharbor/harbor/issues/5291 for details.
                      enabled: false
                
                  # The external URL for Harbor core service. It is used to
                  # 1) populate the docker/helm commands showed on portal
                  # 2) populate the token service URL returned to docker client
                  #
                  # Format: protocol://domain[:port]. Usually:
                  # 1) if "expose.type" is "ingress", the "domain" should be
                  # the value of "expose.ingress.hosts.core"
                  # 2) if "expose.type" is "clusterIP", the "domain" should be
                  # the value of "expose.clusterIP.name"
                  # 3) if "expose.type" is "nodePort", the "domain" should be
                  # the IP address of k8s node
                  #
                  # If Harbor is deployed behind the proxy, set it as the URL of proxy
                  externalURL: http://core.harbor.domain
            EOT,
        ]
      + verify                     = false
      + version                    = "1.15.1"
      + wait                       = true
      + wait_for_jobs              = false
    }

Plan: 1 to add, 0 to change, 0 to destroy.

• ▶️ To apply this plan, comment:

  atlantis apply -d projects/dev

• 🚮 To delete this plan and lock, click here
• 🔁 To plan this project again, comment:

  atlantis plan -d projects/dev

Plan: 1 to add, 0 to change, 0 to destroy.

---

• ⏩ To apply all unapplied plans from this Pull Request, comment:

  atlantis apply

• 🚮 To delete all plans and locks from this Pull Request, comment:

  atlantis unlock

[mulmuri]

atlantis apply -d projects/dev

[atlantis-goboolean]

Ran Apply for dir: projects/dev workspace: default

Apply Error

Show Output

running "/usr/bin/terraform apply -input=false \"/home/mulmuri/.atlantis/repos/Goboolean/infrastructure/50/default/projects/dev/default.tfplan\"" in "/home/mulmuri/.atlantis/repos/Goboolean/infrastructure/50/default/projects/dev": exit status 1
module.harbor.helm_release.harbor: Creating...
╷
│ Error: Kubernetes cluster unreachable: Get "https://34.64.179.216/version": getting credentials: exec: executable gke-gcloud-auth-plugin not found
│ 
│ It looks like you are trying to use a client-go credential plugin that is not installed.
│ 
│ To learn more about this feature, consult the documentation available at:
│       https://kubernetes.io/docs/reference/access-authn-authz/authentication/#client-go-credential-plugins
│ 
│ Install gke-gcloud-auth-plugin for use with kubectl by following https://cloud.google.com/kubernetes-engine/docs/how-to/cluster-access-for-kubectl#install_plugin
│ 
│   with module.harbor.helm_release.harbor,
│   on ../../modules/infra/harbor/main.tf line 1, in resource "helm_release" "harbor":
│    1: resource "helm_release" "harbor" {
│ 
╵

[mulmuri]

atlantis apply -d projects/dev

[atlantis-goboolean]

Ran Apply for dir: projects/dev workspace: default

Apply Error

running "/usr/bin/terraform apply -input=false \"/home/mulmuri/.atlantis/repos/Goboolean/infrastructure/50/default/projects/dev/default.tfplan\"" in "/home/mulmuri/.atlantis/repos/Goboolean/infrastructure/50/default/projects/dev": exit status 1
╷
│ Error: Saved plan is stale
│ 
│ The given plan file can no longer be applied because the state was changed
│ by another operation after the plan was created.
╵

[mulmuri]

atlantis plan

[atlantis-goboolean]

Ran Plan for dir: projects/dev workspace: default

Show Output

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
+ create

Terraform will perform the following actions:

  # module.harbor.helm_release.harbor will be created
+ resource "helm_release" "harbor" {
      + atomic                     = false
      + chart                      = "harbor"
      + cleanup_on_fail            = false
      + create_namespace           = true
      + dependency_update          = false
      + disable_crd_hooks          = false
      + disable_openapi_validation = false
      + disable_webhooks           = false
      + force_update               = false
      + id                         = (known after apply)
      + lint                       = false
      + manifest                   = (known after apply)
      + max_history                = 0
      + metadata                   = (known after apply)
      + name                       = "harbor"
      + namespace                  = "foundation"
      + pass_credentials           = false
      + recreate_pods              = false
      + render_subchart_notes      = true
      + replace                    = false
      + repository                 = "https://helm.goharbor.io"
      + reset_values               = false
      + reuse_values               = false
      + skip_crds                  = false
      + status                     = "deployed"
      + timeout                    = 300
      + values                     = [
          + <<-EOT
                harbor:
                  expose:
                    # Set how to expose the service. Set the type as "ingress", "clusterIP", "nodePort" or "loadBalancer"
                    # and fill the information in the corresponding section
                    type: loadBalancer
                    tls:
                      # Enable TLS or not.
                      # Delete the "ssl-redirect" annotations in "expose.ingress.annotations" when TLS is disabled and "expose.type" is "ingress"
                      # Note: if the "expose.type" is "ingress" and TLS is disabled,
                      # the port must be included in the command when pulling/pushing images.
                      # Refer to https://github.com/goharbor/harbor/issues/5291 for details.
                      enabled: false
                
                  # The external URL for Harbor core service. It is used to
                  # 1) populate the docker/helm commands showed on portal
                  # 2) populate the token service URL returned to docker client
                  #
                  # Format: protocol://domain[:port]. Usually:
                  # 1) if "expose.type" is "ingress", the "domain" should be
                  # the value of "expose.ingress.hosts.core"
                  # 2) if "expose.type" is "clusterIP", the "domain" should be
                  # the value of "expose.clusterIP.name"
                  # 3) if "expose.type" is "nodePort", the "domain" should be
                  # the IP address of k8s node
                  #
                  # If Harbor is deployed behind the proxy, set it as the URL of proxy
                  externalURL: http://core.harbor.domain
            EOT,
        ]
      + verify                     = false
      + version                    = "1.15.1"
      + wait                       = true
      + wait_for_jobs              = false
    }

Plan: 1 to add, 0 to change, 0 to destroy.

• ▶️ To apply this plan, comment:

  atlantis apply -d projects/dev

• 🚮 To delete this plan and lock, click here
• 🔁 To plan this project again, comment:

  atlantis plan -d projects/dev

Plan: 1 to add, 0 to change, 0 to destroy.

---

• ⏩ To apply all unapplied plans from this Pull Request, comment:

  atlantis apply

• 🚮 To delete all plans and locks from this Pull Request, comment:

  atlantis unlock

[mulmuri]

atlantis apply

[atlantis-goboolean]

Ran Apply for dir: projects/dev workspace: default

Apply Error

Show Output

running "/usr/bin/terraform apply -input=false \"/home/mulmuri/.atlantis/repos/Goboolean/infrastructure/50/default/projects/dev/default.tfplan\"" in "/home/mulmuri/.atlantis/repos/Goboolean/infrastructure/50/default/projects/dev": exit status 1
module.harbor.helm_release.harbor: Creating...
╷
│ Error: Kubernetes cluster unreachable: Get "https://34.64.179.216/version": getting credentials: exec: executable gke-gcloud-auth-plugin not found
│ 
│ It looks like you are trying to use a client-go credential plugin that is not installed.
│ 
│ To learn more about this feature, consult the documentation available at:
│       https://kubernetes.io/docs/reference/access-authn-authz/authentication/#client-go-credential-plugins
│ 
│ Install gke-gcloud-auth-plugin for use with kubectl by following https://cloud.google.com/kubernetes-engine/docs/how-to/cluster-access-for-kubectl#install_plugin
│ 
│   with module.harbor.helm_release.harbor,
│   on ../../modules/infra/harbor/main.tf line 1, in resource "helm_release" "harbor":
│    1: resource "helm_release" "harbor" {
│ 
╵

[atlantis-goboolean]

Ran Plan for dir: projects/dev workspace: default

Plan Error

Show Output

running "/usr/bin/terraform plan -input=false -refresh -out \"/home/mulmuri/.atlantis/repos/Goboolean/infrastructure/50/default/projects/dev/default.tfplan\"" in "/home/mulmuri/.atlantis/repos/Goboolean/infrastructure/50/default/projects/dev": exit status 1
data.google_client_config.current: Reading...
data.google_client_config.current: Read complete after 0s [id=projects/<null>/regions/<null>/zones/<null>]
module.gke.data.google_container_engine_versions.gke_version: Reading...
module.gke.google_compute_network.vpc: Refreshing state... [id=projects/goboolean-436921/global/networks/goboolean-436921-vpc]
module.gke.google_compute_subnetwork.subnet: Refreshing state... [id=projects/goboolean-436921/regions/asia-northeast3/subnetworks/goboolean-436921-subnet]
module.gke.google_container_cluster.primary: Refreshing state... [id=projects/goboolean-436921/locations/asia-northeast3-a/clusters/goboolean-436921-gke]

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
-/+ destroy and then create replacement

Terraform planned the following actions, but then encountered a problem:

  # module.gke.google_compute_network.vpc must be replaced
-/+ resource "google_compute_network" "vpc" {
      - enable_ula_internal_ipv6                  = false -> null
      + gateway_ipv4                              = (known after apply)
      ~ id                                        = "projects/goboolean-436921/global/networks/goboolean-436921-vpc" -> (known after apply)
      + internal_ipv6_range                       = (known after apply)
      ~ mtu                                       = 0 -> (known after apply)
      ~ name                                      = "goboolean-436921-vpc" -> "goboolean-dev-vpc" # forces replacement
      ~ project                                   = "goboolean-436921" -> (known after apply)
      ~ routing_mode                              = "REGIONAL" -> (known after apply)
      ~ self_link                                 = "https://www.googleapis.com/compute/v1/projects/goboolean-436921/global/networks/goboolean-436921-vpc" -> (known after apply)
        # (4 unchanged attributes hidden)
    }

  # module.gke.google_compute_subnetwork.subnet must be replaced
-/+ resource "google_compute_subnetwork" "subnet" {
      ~ creation_timestamp         = "2024-10-09T13:00:12.342-07:00" -> (known after apply)
      + external_ipv6_prefix       = (known after apply)
      + fingerprint                = (known after apply)
      ~ gateway_address            = "10.10.0.1" -> (known after apply)
      ~ id                         = "projects/goboolean-436921/regions/asia-northeast3/subnetworks/goboolean-436921-subnet" -> (known after apply)
      + ipv6_cidr_range            = (known after apply)
      ~ name                       = "goboolean-436921-subnet" -> "goboolean-dev-subnet" # forces replacement
      ~ network                    = "https://www.googleapis.com/compute/v1/projects/goboolean-436921/global/networks/goboolean-436921-vpc" -> "goboolean-dev-vpc" # forces replacement
      ~ private_ip_google_access   = true -> (known after apply)
      ~ private_ipv6_google_access = "DISABLE_GOOGLE_ACCESS" -> (known after apply)
      ~ project                    = "goboolean-436921" -> (known after apply)
      ~ purpose                    = "PRIVATE" -> (known after apply)
      ~ secondary_ip_range         = [] -> (known after apply)
      ~ self_link                  = "https://www.googleapis.com/compute/v1/projects/goboolean-436921/regions/asia-northeast3/subnetworks/goboolean-436921-subnet" -> (known after apply)
      ~ stack_type                 = "IPV4_ONLY" -> (known after apply)
        # (5 unchanged attributes hidden)
    }

  # module.gke.google_container_cluster.primary must be replaced
-/+ resource "google_container_cluster" "primary" {
      ~ cluster_ipv4_cidr           = "10.160.0.0/14" -> (known after apply)
      + datapath_provider           = (known after apply)
      + default_max_pods_per_node   = (known after apply)
      - enable_autopilot            = false -> null
      ~ enable_intranode_visibility = false -> (known after apply)
      - enable_tpu                  = false -> null
      ~ endpoint                    = "34.64.179.216" -> (known after apply)
      ~ id                          = "projects/goboolean-436921/locations/asia-northeast3-a/clusters/goboolean-436921-gke" -> (known after apply)
      ~ label_fingerprint           = "a9dc16a7" -> (known after apply)
      ~ logging_service             = "logging.googleapis.com/kubernetes" -> (known after apply)
      ~ master_version              = "1.30.4-gke.1348000" -> (known after apply)
      ~ monitoring_service          = "monitoring.googleapis.com/kubernetes" -> (known after apply)
      ~ name                        = "goboolean-436921-gke" -> "goboolean-dev-gke" # forces replacement
      ~ network                     = "projects/goboolean-436921/global/networks/goboolean-436921-vpc" -> "goboolean-dev-vpc" # forces replacement
      ~ networking_mode             = "ROUTES" -> (known after apply)
      ~ node_locations              = [] -> (known after apply)
      ~ node_version                = "1.30.4-gke.1348000" -> (known after apply)
      + operation                   = (known after apply)
      + private_ipv6_google_access  = (known after apply)
      ~ project                     = "goboolean-436921" -> (known after apply)
      - resource_labels             = {} -> null
      ~ self_link                   = "https://container.googleapis.com/v1/projects/goboolean-436921/zones/asia-northeast3-a/clusters/goboolean-436921-gke" -> (known after apply)
      ~ services_ipv4_cidr          = "10.163.240.0/20" -> (known after apply)
      ~ subnetwork                  = "projects/goboolean-436921/regions/asia-northeast3/subnetworks/goboolean-436921-subnet" -> "goboolean-dev-subnet" # forces replacement
      + tpu_ipv4_cidr_block         = (known after apply)
        # (9 unchanged attributes hidden)

      ~ addons_config (known after apply)
      - addons_config {
          - gce_persistent_disk_csi_driver_config {
              - enabled = true -> null
            }
          - network_policy_config {
              - disabled = true -> null
            }
        }

      ~ authenticator_groups_config (known after apply)

      - binary_authorization {
          - enabled         = false -> null
            # (1 unchanged attribute hidden)
        }

      ~ cluster_autoscaling (known after apply)
      - cluster_autoscaling {
          - enabled = false -> null
        }

      ~ confidential_nodes (known after apply)

      ~ cost_management_config (known after apply)

      ~ database_encryption (known after apply)
      - database_encryption {
          - state    = "DECRYPTED" -> null
            # (1 unchanged attribute hidden)
        }

      ~ default_snat_status (known after apply)
      - default_snat_status {
          - disabled = false -> null
        }

      ~ gateway_api_config (known after apply)

      ~ ip_allocation_policy (known after apply)

      ~ logging_config (known after apply)
      - logging_config {
          - enable_components = [
              - "SYSTEM_COMPONENTS",
              - "WORKLOADS",
            ] -> null
        }

      ~ master_auth (known after apply)
      - master_auth {
          - cluster_ca_certificate = "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVMVENDQXBXZ0F3SUJBZ0lSQUsyREpWLzVOS3QxMS9xQ2hxMnZCdWt3RFFZSktvWklodmNOQVFFTEJRQXcKTHpFdE1Dc0dBMVVFQXhNa04yWTFZalUyWlRndE5XVmlNeTAwTlRNeExXRXdaR0V0TlRnMFl6azBZalprTlRsagpNQ0FYRFRJME1UQXdPVEU1TURBME0xb1lEekl3TlRReE1EQXlNakF3TURReldqQXZNUzB3S3dZRFZRUURFeVEzClpqVmlOVFpsT0MwMVpXSXpMVFExTXpFdFlUQmtZUzAxT0RSak9UUmlObVExT1dNd2dnR2lNQTBHQ1NxR1NJYjMKRFFFQkFRVUFBNElCandBd2dnR0tBb0lCZ1FERExhNmVYQUVYR2ZZci9oaFJCTWYvNWx6NDBwSWE4Q3VJZTkzbgpMcHl6bVpPaFBzVGkzOTBqSUw5bTRpZ21MV3BDYkJuZzd0QmFYTGtHeEI4Wi9YVjVPc3hBRko5RVVuQ3NyNC9sCjN3U3ZGRTUxalQvVmFJYW80SUZtYWRIVW1QeXcrWmNMMDBsaFo2Rk1XNlVoVnROeUFBNHdiNUxpL0pNZm5ZbHQKQ3BNK0ZEbHRUaGhxdTUydDhydFZDa3Y2QUlyTVRFcmlpQS90TGhMa0ROMWJ4SU9RUmhKMURNS3hWRVMzWWlyWQprT0s5cUNieDlSRDZ2RGNZdEJ5U2FocjdndVFQTWFnbWNpTkQyT0s1RlhsUkpDSy9HM2VlbjQzSmFwczZkVmM3CkYzOVUrcVNkRytYc2Rkc2hkWitJMnIwZDZQTk93L0Myang2bDc3RWlGOXFXcjZFZkJEZ1hDeGgxUXF0Q3dpWWsKQ2c0UWFOUDFlUnJ1MDNkY1JjWldNZVBPWk1rREVBdUhlbUxtV1hVQ1dwSFF0Skd6ci9lck1sVDJjZFlqbDZ1UQpySXh1eG1pOU9jUFp5UVlURk9BTmpUeG1lamhGWEViWUFIN1BTOWdTc0dsVDYzY1dVUkRuMy9ZSUFKV041Q2N0CjRDMWdURjg3ejZMempLQ0k5S1RrSHV0Z3Myc0NBd0VBQWFOQ01FQXdEZ1lEVlIwUEFRSC9CQVFEQWdJRU1BOEcKQTFVZEV3RUIvd1FGTUFNQkFmOHdIUVlEVlIwT0JCWUVGRDVLc2dwYTNzNUNtQmRnZ2RKVWhLVEpoZGQ1TUEwRwpDU3FHU0liM0RRRUJDd1VBQTRJQmdRQW1kWS9ZYXh4SktKVWhvaGdTM3k1WDNtOFJvRGFBbTNaSzZPVGhHU3c5Cm83ZG1USW1NbTZoVUxpSHV2SG5MNXVZRmxlOVA3eWtOOGQ1R3N1L1gxM0ZJck1wU0U0aytZZkg5NjVQSWx1SmQKNzVaZGJRQy82aVdVa04zQlRETzd2SndwajJZUHV1K244UEc3OFFzRlZZZnFzb0VVRDk2dzlsVXFrTVpjeHlqUQp3WGxuVHNtVm9WbmJQR3A3MzJqUTZ4bGtWYkRzLzFJZm5XdUtOa3E3UUxiU2VIb0N2am1vT2h6MkkzRXNody9QCm15RzMydW9tZmZ0TlZabUU1ZFpZT2dSelNCRXFueStxMkdoSUIwN2ZvQXJ2L2NYRUppcFFMa3dnM3JZaUd2U2cKTmJLT1MwR0NjSVgzQldLN2lKWnlPY0kvOFZrNHJrdmlDK21pQXlPZGg5aG9saDFEVVRUM0xrYWtkSEpCMmJIdgpKT3dBMzlBcDJHYUEydHVLS2laQzhpS0hvOFN5N1JKeDJzUzY4WGQ5MGtlZzZlSFRQNkl3WDVqUi9QMDV0c0F1CkhnWmpzVFhNR2tNRjFMSzhET2tsQ0o0Z05QSXlxVTUzN3ZOVjVtVHRsKzlBMGtIWWVBTjYvQlpnS0FVMXdDRTMKRXBSNTkza09vNkRjam4vWHFjZ0l3ZkU9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" -> null
            # (2 unchanged attributes hidden)

          - client_certificate_config {
              - issue_client_certificate = false -> null
            }
        }

      ~ master_authorized_networks_config (known after apply)

      ~ mesh_certificates (known after apply)

      ~ monitoring_config (known after apply)
      - monitoring_config {
          - enable_components = [
              - "SYSTEM_COMPONENTS",
              - "STATEFULSET",
              - "STORAGE",
              - "HPA",
              - "POD",
              - "DAEMONSET",
              - "DEPLOYMENT",
              - "CADVISOR",
              - "KUBELET",
            ] -> null

          - managed_prometheus {
              - enabled = true -> null
            }
        }

      - network_policy {
          - enabled  = false -> null
          - provider = "PROVIDER_UNSPECIFIED" -> null
        }

      ~ node_config (known after apply)
      - node_config {
          - disk_size_gb      = 10 -> null
          - disk_type         = "pd-balanced" -> null
          - guest_accelerator = [] -> null
          - image_type        = "COS_CONTAINERD" -> null
          - labels            = {
              - "env" = "goboolean-436921"
            } -> null
          - local_ssd_count   = 0 -> null
          - logging_variant   = "DEFAULT" -> null
          - machine_type      = "n1-standard-1" -> null
          - metadata          = {
              - "disable-legacy-endpoints" = "true"
            } -> null
          - oauth_scopes      = [
              - "https://www.googleapis.com/auth/logging.write",
              - "https://www.googleapis.com/auth/monitoring",
            ] -> null
          - preemptible       = false -> null
          - resource_labels   = {} -> null
          - service_account   = "default" -> null
          - spot              = false -> null
          - tags              = [
              - "gke-node",
              - "goboolean-436921-gke",
            ] -> null
          - taint             = [] -> null
            # (3 unchanged attributes hidden)

          - shielded_instance_config {
              - enable_integrity_monitoring = true -> null
              - enable_secure_boot          = false -> null
            }
        }

      ~ node_pool (known after apply)
      - node_pool {
          - initial_node_count          = 3 -> null
          - instance_group_urls         = [
              - "https://www.googleapis.com/compute/v1/projects/goboolean-436921/zones/asia-northeast3-a/instanceGroupManagers/gke-goboolean-436921-goboolean-436921-fe211885-grp",
            ] -> null
          - managed_instance_group_urls = [
              - "https://www.googleapis.com/compute/v1/projects/goboolean-436921/zones/asia-northeast3-a/instanceGroups/gke-goboolean-436921-goboolean-436921-fe211885-grp",
            ] -> null
          - max_pods_per_node           = 0 -> null
          - name                        = "goboolean-436921-gke" -> null
          - node_count                  = 3 -> null
          - node_locations              = [
              - "asia-northeast3-a",
            ] -> null
          - version                     = "1.30.4-gke.1348000" -> null
            # (1 unchanged attribute hidden)

          - management {
              - auto_repair  = true -> null
              - auto_upgrade = true -> null
            }

          - node_config {
              - disk_size_gb      = 10 -> null
              - disk_type         = "pd-balanced" -> null
              - guest_accelerator = [] -> null
              - image_type        = "COS_CONTAINERD" -> null
              - labels            = {
                  - "env" = "goboolean-436921"
                } -> null
              - local_ssd_count   = 0 -> null
              - logging_variant   = "DEFAULT" -> null
              - machine_type      = "n1-standard-1" -> null
              - metadata          = {
                  - "disable-legacy-endpoints" = "true"
                } -> null
              - oauth_scopes      = [
                  - "https://www.googleapis.com/auth/logging.write",
                  - "https://www.googleapis.com/auth/monitoring",
                ] -> null
              - preemptible       = false -> null
              - resource_labels   = {} -> null
              - service_account   = "default" -> null
              - spot              = false -> null
              - tags              = [
                  - "gke-node",
                  - "goboolean-436921-gke",
                ] -> null
              - taint             = [] -> null
                # (3 unchanged attributes hidden)

              - shielded_instance_config {
                  - enable_integrity_monitoring = true -> null
                  - enable_secure_boot          = false -> null
                }
            }

          - upgrade_settings {
              - max_surge       = 1 -> null
              - max_unavailable = 0 -> null
              - strategy        = "SURGE" -> null
            }
        }

      ~ node_pool_defaults (known after apply)
      - node_pool_defaults {
          - node_config_defaults {
              - logging_variant = "DEFAULT" -> null
            }
        }

      ~ notification_config (known after apply)
      - notification_config {
          - pubsub {
              - enabled = false -> null
                # (1 unchanged attribute hidden)
            }
        }

      - private_cluster_config {
          - enable_private_endpoint     = false -> null
          - enable_private_nodes        = false -> null
          - private_endpoint            = "10.10.0.2" -> null
          - public_endpoint             = "34.64.179.216" -> null
            # (3 unchanged attributes hidden)

          - master_global_access_config {
              - enabled = false -> null
            }
        }

      ~ release_channel (known after apply)
      - release_channel {
          - channel = "REGULAR" -> null
        }

      ~ security_posture_config (known after apply)
      - security_posture_config {
          - mode               = "BASIC" -> null
          - vulnerability_mode = "VULNERABILITY_MODE_UNSPECIFIED" -> null
        }

      ~ service_external_ips_config (known after apply)
      - service_external_ips_config {
          - enabled = false -> null
        }

      ~ vertical_pod_autoscaling (known after apply)

      ~ workload_identity_config (known after apply)
    }

Plan: 3 to add, 0 to change, 3 to destroy.
╷
│ Error: Error retrieving available container cluster versions: googleapi: Error 403: Kubernetes Engine API has not been used in project goboolean-dev before or it is disabled. Enable it by visiting https://console.developers.google.com/apis/api/container.googleapis.com/overview?project=goboolean-dev then retry. If you enabled this API recently, wait a few minutes for the action to propagate to our systems and retry.
│ Details:
│ [
│   {
│     "@type": "type.googleapis.com/google.rpc.Help",
│     "links": [
│       {
│         "description": "Google developers console API activation",
│         "url": "https://console.developers.google.com/apis/api/container.googleapis.com/overview?project=goboolean-dev"
│       }
│     ]
│   },
│   {
│     "@type": "type.googleapis.com/google.rpc.ErrorInfo",
│     "domain": "googleapis.com",
│     "metadata": {
│       "consumer": "projects/goboolean-dev",
│       "service": "container.googleapis.com"
│     },
│     "reason": "SERVICE_DISABLED"
│   }
│ ]
│ , accessNotConfigured
│ 
│   with module.gke.data.google_container_engine_versions.gke_version,
│   on ../../modules/gcp/gke/gke.tf line 16, in data "google_container_engine_versions" "gke_version":
│   16: data "google_container_engine_versions" "gke_version" {
│ 
╵