89 lines
3.1 KiB
HCL
89 lines
3.1 KiB
HCL
# ─── Cluster ─────────────────────────────────────────────────────────
|
|
|
|
output "cluster_name" {
|
|
description = "GKE cluster name"
|
|
value = google_container_cluster.main.name
|
|
}
|
|
|
|
output "project_id" {
|
|
description = "GCP project ID"
|
|
value = var.project_id
|
|
}
|
|
|
|
output "region" {
|
|
description = "GCP region"
|
|
value = var.region
|
|
}
|
|
|
|
# ─── PostgreSQL ───────────────────────────────────────────────────────
|
|
|
|
output "pg_host" {
|
|
description = "Cloud SQL private IP address (reachable from GKE via VPC)"
|
|
value = google_sql_database_instance.main.private_ip_address
|
|
}
|
|
|
|
output "pg_port" {
|
|
description = "PostgreSQL port"
|
|
value = 5432
|
|
}
|
|
|
|
output "pg_admin_login" {
|
|
description = "PostgreSQL administrator login"
|
|
value = google_sql_user.pg_admin.name
|
|
}
|
|
|
|
output "pg_admin_password" {
|
|
description = "PostgreSQL administrator password"
|
|
value = random_password.pg_admin.result
|
|
sensitive = true
|
|
}
|
|
|
|
output "pg_keycloak_password" {
|
|
description = "Pre-generated password for keycloak DB user — create user post-provision"
|
|
value = random_password.pg_keycloak.result
|
|
sensitive = true
|
|
}
|
|
|
|
output "pg_gitlab_password" {
|
|
description = "Pre-generated password for gitlab DB user — create user post-provision"
|
|
value = random_password.pg_gitlab.result
|
|
sensitive = true
|
|
}
|
|
|
|
# ─── Redis ────────────────────────────────────────────────────────────
|
|
|
|
output "redis_host" {
|
|
description = "Memorystore Redis host (private IP within VPC)"
|
|
value = google_redis_instance.main.host
|
|
}
|
|
|
|
output "redis_port" {
|
|
description = "Memorystore Redis port"
|
|
value = google_redis_instance.main.port
|
|
}
|
|
|
|
output "redis_auth_string" {
|
|
description = "Memorystore Redis AUTH string — store in gitlab-redis-secret K8s secret"
|
|
value = google_redis_instance.main.auth_string
|
|
sensitive = true
|
|
}
|
|
|
|
# ─── GCS ─────────────────────────────────────────────────────────────
|
|
|
|
output "gitlab_gcs_bucket_prefix" {
|
|
description = "GCS bucket name prefix — buckets are {prefix}-artifacts, {prefix}-uploads, etc."
|
|
value = local.gcs_bucket_prefix
|
|
}
|
|
|
|
# ─── Workload Identity ────────────────────────────────────────────────
|
|
|
|
output "gitlab_gsa_email" {
|
|
description = "GitLab Google Service Account email — annotate the K8s service account with this value"
|
|
value = google_service_account.gitlab.email
|
|
}
|
|
|
|
output "external_dns_gsa_email" {
|
|
description = "External-DNS Google Service Account email — written to config.yaml by sync-tofu-outputs.sh"
|
|
value = google_service_account.external_dns.email
|
|
}
|