# TODO: put IP address ranges into variables
terraform {
  backend "gcs" {
    bucket = "tf-state-4b00"
    prefix = "terraform/deid_test" # TODO: fix this
  }

  required_providers {
    google = {
      source  = "hashicorp/google"
      version = "6.21.0"
    }
    google-beta = {
      source  = "hashicorp/google-beta"
      version = "6.21.0"
    }
    random = {
      source  = "hashicorp/random"
      version = "3.6.2"
    }
  }
}

variable "provider_project" {
  description = "Project ID."
  type        = string
  default     = "terraform-management-427323"
}

variable "region" {
  description = "Region."
  type        = string
  default     = "us-central1"
}

variable "zone" {
  description = "Zone."
  type        = string
  default     = "us-central1-f"
}

variable "public_ingress" {
  description = "Set to true to make the kubernetes ingresses exposed to the public internet."
  type        = bool
  default     = false
}

variable "ingress_type" {
  description = "What controller should we use to handle incoming http(s) connections."
  type        = string
  default     = "gateway"

  validation {
    condition     = contains(["gateway", "nginx", "gce"], var.ingress_type)
    error_message = "Must be either \"gateway\", \"nginx\", or \"gce\"."
  }
}

variable "cluster_exists" {
  description = "Set to true after the kubernetes clusters exist to install the kubernetes_manifest resources. See https://github.com/hashicorp/terraform-provider-kubernetes/issues/1775"
  type        = bool
}

variable "quota_email" {
  description = "Contact E-Mail to put on quota increase requests."
  type        = string
  default     = null
}

variable "quota_justification" {
  description = "The reason given to Google for why the quotas need to be increased."
  type        = string
  default     = null
}

variable "ssh_key" {
  description = "SSH key to install on user machine and GKE nodes. Format: username:public key"
  type        = string
  default     = null
}

variable "enable_snat" {
  description = "Whether we should enable source network address translation to the node IP address."
  type        = bool
  default     = false
}

# manual step: enable cloudbilling.googleapis.com in the terraform provider project
# https://console.developers.google.com/apis/api/cloudbilling.googleapis.com/overview?project=terraform-management-427323
provider "google" {
  project               = var.provider_project
  region                = var.region
  zone                  = var.zone
  billing_project       = var.provider_project
  user_project_override = true
}

provider "google-beta" {
  project               = var.provider_project
  region                = var.region
  zone                  = var.zone
  billing_project       = var.provider_project
  user_project_override = true
}

# TODO: Switch to random_string
resource "random_id" "project" {
  byte_length = 4
}

data "google_billing_account" "acct" {
  display_name = "My Billing Account"
  open         = true
}

resource "google_project" "project" {
  name            = "K8s IP Demo"
  project_id      = "k8s-ip-demo-${random_id.project.hex}"
  billing_account = data.google_billing_account.acct.id
  deletion_policy = "DELETE"
}

resource "google_project_service" "service" {
  # "recommender" is for enabling IP utilization metrics for GKE clusters
  project                    = google_project.project.project_id
  for_each                   = toset(["iam", "monitoring", "compute", "container", "logging", "recommender", "cloudquotas"])
  service                    = "${each.key}.googleapis.com"
  disable_dependent_services = true
}