Add network policy

Author: Sébastien GLON

google/resource_container_cluster.go

@@ -236,6 +236,22 @@ func resourceContainerCluster() *schema.Resource {
 								},
 							},
 						},
+						"network_policy": {
+							Type:     schema.TypeList,
+							Optional: true,
+							ForceNew: true,
+							MaxItems: 1,
+							Elem: &schema.Resource{
+								Schema: map[string]*schema.Schema{
+									"disabled": {
+										Type:     schema.TypeBool,
+										Default:  true,
+										Optional: true,
+										ForceNew: true,
+									},
+								},
+							},
+						},
 					},
 				},
 			},
@@ -795,6 +811,14 @@ func expandClusterAddonsConfig(configured interface{}) *container.AddonsConfig {
 			ForceSendFields: []string{"Disabled"},
 		}
 	}
+
+	if v, ok := config["network_policy"]; ok && len(v.([]interface{})) > 0 {
+		addon := v.([]interface{})[0].(map[string]interface{})
+		ac.NetworkPolicyConfig = &container.NetworkPolicyConfig{
+			Disabled:        addon["disabled"].(bool),
+			ForceSendFields: []string{"Disabled"},
+		}
+	}
 	return ac
 }
 

google/resource_container_cluster_test.go

@@ -644,9 +644,14 @@ func testAccCheckContainerCluster(n string) resource.TestCheckFunc {
 		if cluster.AddonsConfig != nil && cluster.AddonsConfig.KubernetesDashboard != nil {
 			kubernetesDashboardDisabled = cluster.AddonsConfig.KubernetesDashboard.Disabled
 		}
+		networkPolicyDisabled := false
+		if cluster.AddonsConfig != nil && cluster.AddonsConfig.NetworkPolicyConfig != nil {
+			networkPolicyDisabled = cluster.AddonsConfig.NetworkPolicyConfig.Disabled
+		}
 		clusterTests = append(clusterTests, clusterTestField{"addons_config.0.http_load_balancing.0.disabled", httpLoadBalancingDisabled})
 		clusterTests = append(clusterTests, clusterTestField{"addons_config.0.horizontal_pod_autoscaling.0.disabled", horizontalPodAutoscalingDisabled})
 		clusterTests = append(clusterTests, clusterTestField{"addons_config.0.kubernetes_dashboard.0.disabled", kubernetesDashboardDisabled})
+		clusterTests = append(clusterTests, clusterTestField{"addons_config.0.network_policy.0.disabled", networkPolicyDisabled})
 
 		for i, np := range cluster.NodePools {
 			prefix := fmt.Sprintf("node_pool.%d.", i)
@@ -853,6 +858,7 @@ resource "google_container_cluster" "primary" {
 	addons_config {
 		http_load_balancing { disabled = true }
 		kubernetes_dashboard { disabled = true }
+		network_policy { disabled = true }
 	}
 }`, clusterName)
 }
@@ -868,6 +874,7 @@ resource "google_container_cluster" "primary" {
 		http_load_balancing { disabled = false }
 		kubernetes_dashboard { disabled = true }
 		horizontal_pod_autoscaling { disabled = true }
+		network_policy { disabled = false }
 	}
 }`, clusterName)
 }

website/docs/r/container_cluster.html.markdown

@@ -169,12 +169,17 @@ which the cluster's instances are launched
 
 * `http_load_balancing` - (Optional) The status of the HTTP Load Balancing
     add-on. It is enabled by default; set `disabled = true` to disable.
+
 * `horizontal_pod_autoscaling` - (Optional) The status of the Horizontal Pod
     Autoscaling addon. It is enabled by default; set `disabled = true` to
     disable.
+
 * `kubernetes_dashboard` - (Optional) The status of the Kubernetes Dashboard
     add-on. It is enabled by default; set `disabled = true` to disable.
 
+* `network_policy` - (Optional) The status of the Network Policy
+    add-on. It is disable by default; set `disabled = false` to enable.
+
 This example `addons_config` disables both addons:
 
 ```