{"id":21514855,"url":"https://github.com/getindata/terraform-gke-helm-release","last_synced_at":"2026-03-19T20:41:42.843Z","repository":{"id":216836765,"uuid":"738859698","full_name":"getindata/terraform-gke-helm-release","owner":"getindata","description":"GKE Helm release module","archived":false,"fork":false,"pushed_at":"2024-03-18T17:27:04.000Z","size":74,"stargazers_count":1,"open_issues_count":5,"forks_count":0,"subscribers_count":5,"default_branch":"main","last_synced_at":"2025-03-17T16:14:48.080Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/getindata.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":"CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-01-04T08:00:48.000Z","updated_at":"2024-03-13T14:55:21.000Z","dependencies_parsed_at":"2024-01-13T06:24:46.799Z","dependency_job_id":"7fa75338-cf98-415c-bf03-2a3175cd2cdc","html_url":"https://github.com/getindata/terraform-gke-helm-release","commit_stats":null,"previous_names":["getindata/terraform-gke-helm-release"],"tags_count":5,"template":false,"template_full_name":"getindata/terraform-module-template","purl":"pkg:github/getindata/terraform-gke-helm-release","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/getindata%2Fterraform-gke-helm-release","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/getindata%2Fterraform-gke-helm-release/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/getindata%2Fterraform-gke-helm-release/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/getindata%2Fterraform-gke-helm-release/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/getindata","download_url":"https://codeload.github.com/getindata/terraform-gke-helm-release/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/getindata%2Fterraform-gke-helm-release/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28195272,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2026-01-03T02:00:06.471Z","response_time":75,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-23T23:53:15.060Z","updated_at":"2026-01-03T23:03:12.060Z","avatar_url":"https://github.com/getindata.png","language":"HCL","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Terraform Gke Helm Release Module \n\n\n\u003c!--- Pick Cloud provider Badge --\u003e\n\u003c!---![Azure](https://img.shields.io/badge/azure-%230072C6.svg?style=for-the-badge\u0026logo=microsoftazure\u0026logoColor=white) --\u003e\n![Google Cloud](https://img.shields.io/badge/GoogleCloud-%234285F4.svg?style=for-the-badge\u0026logo=google-cloud\u0026logoColor=white) \n![Terraform](https://img.shields.io/badge/terraform-%235835CC.svg?style=for-the-badge\u0026logo=terraform\u0026logoColor=white)\n\n\u003c!--- Replace repository name --\u003e\n![License](https://badgen.net/github/license/getindata/terraform-gke-helm-release/)\n![Release](https://badgen.net/github/release/getindata/terraform-gke-helm-release/)\n\n\u003cp align=\"center\"\u003e\n  \u003cimg height=\"150\" src=\"https://getindata.com/img/logo.svg\"\u003e\n  \u003ch3 align=\"center\"\u003eWe help companies turn their data into assets\u003c/h3\u003e\n\u003c/p\u003e\n\n---\n\nTerraform module for GCP and K8S ServiceAccounts\n* Can create IAM Service Account binding to roles/iam.workloadIdentityUser\n* Can create a Google Service Account with appropriate permissions\n* Can create a Kubernetes Service Account\n* Link both accounts (GCP ServiceAccount and K8S ServiceAccount) \n* Can use created ServiceAccount in helm deployment to establish connection between GCP and K8S with appropriate permissions\n\n## USAGE\nLocal Chart - simple example\n```terraform\nmodule \"terraform_gke_helm_release\" {\n  source                     = \"getindata/terraform-gke-helm-release\"\n  kubernetes_namespace       = \"default\"\n  project_id                 = \"example-project\"\n  name                       = \"example-name\"\n  service_account_value_path = \"serviceAccount.name\"\n  values = [\n   file(\"./test-chart/values.yaml\")\n  ]\n  roles                 = [\"roles/storage.admin\"]\n\n  app = {\n    name          = \"example-name\"\n    chart         = \"./test-chart\"\n    force_update  = true\n    wait          = false\n    recreate_pods = false\n    deploy        = 1\n  }\n}\n```\nPublic Chart - complete example\n```terraform\nmodule \"terraform_gke_helm_release\" {\n  source                     = \"getindata/terraform-gke-helm-release\"\n  kubernetes_namespace       = \"default\"\n  project_id                 = \"example-project\"\n  name                       = \"example-name\"\n  service_account_value_path = \"serviceAccount.name\"\n  descriptor_formats = {\n   gcp-service-account = {\n    labels = [\"namespace\", \"environment\", \"name\"]\n    format = \"sa-%v-%v-%v\"\n   }\n  }\n  values = [templatefile(\"./extra-values/values.yaml\", {\n   replicaCount = 2\n  })]\n  roles                 = [\"roles/compute.admin\"]\n\n  app = {\n    name          = \"example-name\"\n    chart         = \"nginx\"\n    repository    = \"https://charts.bitnami.com/bitnami\"\n    version       = \"15.6.1\"\n    force_update  = true\n    wait          = false\n    recreate_pods = false\n    deploy        = 1\n  }\n}\n```\n\n## EXAMPLES\n\n- [Simple](examples/simple) - Basic usage of the module\n- [Complete](examples/complete) - Advanced usage of the module\n\n\u003c!-- BEGIN_TF_DOCS --\u003e\n\n\n\n\n## Inputs\n\n| Name | Description | Type | Default | Required |\n|------|-------------|------|---------|:--------:|\n| \u003ca name=\"input_additional_tag_map\"\u003e\u003c/a\u003e [additional\\_tag\\_map](#input\\_additional\\_tag\\_map) | Additional key-value pairs to add to each map in `tags_as_list_of_maps`. Not added to `tags` or `id`.\u003cbr\u003eThis is for some rare cases where resources want additional configuration of tags\u003cbr\u003eand therefore take a list of maps with tag key, value, and additional configuration. | `map(string)` | `{}` | no |\n| \u003ca name=\"input_app\"\u003e\u003c/a\u003e [app](#input\\_app) | An application to deploy with specific values Here you can specify: The name of the application to deploy,Chart name, Repository address, Chart version | \u003cpre\u003eobject({\u003cbr\u003e    name                       = string\u003cbr\u003e    chart                      = string\u003cbr\u003e    repository                 = optional(string, null)\u003cbr\u003e    version                    = optional(string, null)\u003cbr\u003e    force_update               = optional(bool, true)\u003cbr\u003e    wait                       = optional(bool, true)\u003cbr\u003e    recreate_pods              = optional(bool, true)\u003cbr\u003e    max_history                = optional(number, 0)\u003cbr\u003e    lint                       = optional(bool, true)\u003cbr\u003e    cleanup_on_fail            = optional(bool, false)\u003cbr\u003e    create_namespace           = optional(bool, false)\u003cbr\u003e    disable_webhooks           = optional(bool, false)\u003cbr\u003e    verify                     = optional(bool, false)\u003cbr\u003e    reuse_values               = optional(bool, false)\u003cbr\u003e    reset_values               = optional(bool, false)\u003cbr\u003e    atomic                     = optional(bool, false)\u003cbr\u003e    skip_crds                  = optional(bool, false)\u003cbr\u003e    render_subchart_notes      = optional(bool, true)\u003cbr\u003e    disable_openapi_validation = optional(bool, false)\u003cbr\u003e    wait_for_jobs              = optional(bool, false)\u003cbr\u003e    dependency_update          = optional(bool, false)\u003cbr\u003e    replace                    = optional(bool, false)\u003cbr\u003e    timeout                    = optional(number, 300)\u003cbr\u003e  })\u003c/pre\u003e | n/a | yes |\n| \u003ca name=\"input_attributes\"\u003e\u003c/a\u003e [attributes](#input\\_attributes) | ID element. Additional attributes (e.g. `workers` or `cluster`) to add to `id`,\u003cbr\u003ein the order they appear in the list. New attributes are appended to the\u003cbr\u003eend of the list. The elements of the list are joined by the `delimiter`\u003cbr\u003eand treated as a single ID element. | `list(string)` | `[]` | no |\n| \u003ca name=\"input_context\"\u003e\u003c/a\u003e [context](#input\\_context) | Single object for setting entire context at once.\u003cbr\u003eSee description of individual variables for details.\u003cbr\u003eLeave string and numeric variables as `null` to use default value.\u003cbr\u003eIndividual variable settings (non-null) override settings in context object,\u003cbr\u003eexcept for attributes, tags, and additional\\_tag\\_map, which are merged. | `any` | \u003cpre\u003e{\u003cbr\u003e  \"additional_tag_map\": {},\u003cbr\u003e  \"attributes\": [],\u003cbr\u003e  \"delimiter\": null,\u003cbr\u003e  \"descriptor_formats\": {},\u003cbr\u003e  \"enabled\": true,\u003cbr\u003e  \"environment\": null,\u003cbr\u003e  \"id_length_limit\": null,\u003cbr\u003e  \"label_key_case\": null,\u003cbr\u003e  \"label_order\": [],\u003cbr\u003e  \"label_value_case\": null,\u003cbr\u003e  \"labels_as_tags\": [\u003cbr\u003e    \"unset\"\u003cbr\u003e  ],\u003cbr\u003e  \"name\": null,\u003cbr\u003e  \"namespace\": null,\u003cbr\u003e  \"regex_replace_chars\": null,\u003cbr\u003e  \"stage\": null,\u003cbr\u003e  \"tags\": {},\u003cbr\u003e  \"tenant\": null\u003cbr\u003e}\u003c/pre\u003e | no |\n| \u003ca name=\"input_create_namespace\"\u003e\u003c/a\u003e [create\\_namespace](#input\\_create\\_namespace) | Create the namespace if it does not exist | `bool` | `false` | no |\n| \u003ca name=\"input_delimiter\"\u003e\u003c/a\u003e [delimiter](#input\\_delimiter) | Delimiter to be used between ID elements.\u003cbr\u003eDefaults to `-` (hyphen). Set to `\"\"` to use no delimiter at all. | `string` | `null` | no |\n| \u003ca name=\"input_descriptor_formats\"\u003e\u003c/a\u003e [descriptor\\_formats](#input\\_descriptor\\_formats) | Describe additional descriptors to be output in the `descriptors` output map.\u003cbr\u003eMap of maps. Keys are names of descriptors. Values are maps of the form\u003cbr\u003e`{\u003cbr\u003e   format = string\u003cbr\u003e   labels = list(string)\u003cbr\u003e}`\u003cbr\u003e(Type is `any` so the map values can later be enhanced to provide additional options.)\u003cbr\u003e`format` is a Terraform format string to be passed to the `format()` function.\u003cbr\u003e`labels` is a list of labels, in order, to pass to `format()` function.\u003cbr\u003eLabel values will be normalized before being passed to `format()` so they will be\u003cbr\u003eidentical to how they appear in `id`.\u003cbr\u003eDefault is `{}` (`descriptors` output will be empty). | `any` | `{}` | no |\n| \u003ca name=\"input_descriptor_name\"\u003e\u003c/a\u003e [descriptor\\_name](#input\\_descriptor\\_name) | Name of the descriptor used to form a resource name | `string` | `\"gcp-service-account\"` | no |\n| \u003ca name=\"input_enabled\"\u003e\u003c/a\u003e [enabled](#input\\_enabled) | Set to false to prevent the module from creating any resources | `bool` | `null` | no |\n| \u003ca name=\"input_environment\"\u003e\u003c/a\u003e [environment](#input\\_environment) | ID element. Usually used for region e.g. 'uw2', 'us-west-2', OR role 'prod', 'staging', 'dev', 'UAT' | `string` | `null` | no |\n| \u003ca name=\"input_id_length_limit\"\u003e\u003c/a\u003e [id\\_length\\_limit](#input\\_id\\_length\\_limit) | Limit `id` to this many characters (minimum 6).\u003cbr\u003eSet to `0` for unlimited length.\u003cbr\u003eSet to `null` for keep the existing setting, which defaults to `0`.\u003cbr\u003eDoes not affect `id_full`. | `number` | `null` | no |\n| \u003ca name=\"input_kubernetes_namespace\"\u003e\u003c/a\u003e [kubernetes\\_namespace](#input\\_kubernetes\\_namespace) | Namespace where kubernetes SA will be applyed | `string` | n/a | yes |\n| \u003ca name=\"input_label_key_case\"\u003e\u003c/a\u003e [label\\_key\\_case](#input\\_label\\_key\\_case) | Controls the letter case of the `tags` keys (label names) for tags generated by this module.\u003cbr\u003eDoes not affect keys of tags passed in via the `tags` input.\u003cbr\u003ePossible values: `lower`, `title`, `upper`.\u003cbr\u003eDefault value: `title`. | `string` | `null` | no |\n| \u003ca name=\"input_label_order\"\u003e\u003c/a\u003e [label\\_order](#input\\_label\\_order) | The order in which the labels (ID elements) appear in the `id`.\u003cbr\u003eDefaults to [\"namespace\", \"environment\", \"stage\", \"name\", \"attributes\"].\u003cbr\u003eYou can omit any of the 6 labels (\"tenant\" is the 6th), but at least one must be present. | `list(string)` | `null` | no |\n| \u003ca name=\"input_label_value_case\"\u003e\u003c/a\u003e [label\\_value\\_case](#input\\_label\\_value\\_case) | Controls the letter case of ID elements (labels) as included in `id`,\u003cbr\u003eset as tag values, and output by this module individually.\u003cbr\u003eDoes not affect values of tags passed in via the `tags` input.\u003cbr\u003ePossible values: `lower`, `title`, `upper` and `none` (no transformation).\u003cbr\u003eSet this to `title` and set `delimiter` to `\"\"` to yield Pascal Case IDs.\u003cbr\u003eDefault value: `lower`. | `string` | `null` | no |\n| \u003ca name=\"input_labels_as_tags\"\u003e\u003c/a\u003e [labels\\_as\\_tags](#input\\_labels\\_as\\_tags) | Set of labels (ID elements) to include as tags in the `tags` output.\u003cbr\u003eDefault is to include all labels.\u003cbr\u003eTags with empty values will not be included in the `tags` output.\u003cbr\u003eSet to `[]` to suppress all generated tags.\u003cbr\u003e**Notes:**\u003cbr\u003e  The value of the `name` tag, if included, will be the `id`, not the `name`.\u003cbr\u003e  Unlike other `null-label` inputs, the initial setting of `labels_as_tags` cannot be\u003cbr\u003e  changed in later chained modules. Attempts to change it will be silently ignored. | `set(string)` | \u003cpre\u003e[\u003cbr\u003e  \"default\"\u003cbr\u003e]\u003c/pre\u003e | no |\n| \u003ca name=\"input_name\"\u003e\u003c/a\u003e [name](#input\\_name) | ID element. Usually the component or solution name, e.g. 'app' or 'jenkins'.\u003cbr\u003eThis is the only ID element not also included as a `tag`.\u003cbr\u003eThe \"name\" tag is set to the full `id` string. There is no tag with the value of the `name` input. | `string` | n/a | yes |\n| \u003ca name=\"input_namespace\"\u003e\u003c/a\u003e [namespace](#input\\_namespace) | ID element. Usually an abbreviation of your organization name, e.g. 'eg' or 'cp', to help ensure generated IDs are globally unique | `string` | `null` | no |\n| \u003ca name=\"input_project_id\"\u003e\u003c/a\u003e [project\\_id](#input\\_project\\_id) | GCP project ID | `string` | n/a | yes |\n| \u003ca name=\"input_regex_replace_chars\"\u003e\u003c/a\u003e [regex\\_replace\\_chars](#input\\_regex\\_replace\\_chars) | Terraform regular expression (regex) string.\u003cbr\u003eCharacters matching the regex will be removed from the ID elements.\u003cbr\u003eIf not set, `\"/[^a-zA-Z0-9-]/\"` is used to remove all characters other than hyphens, letters and digits. | `string` | `null` | no |\n| \u003ca name=\"input_roles\"\u003e\u003c/a\u003e [roles](#input\\_roles) | A list of roles to be added to the created service account | `list(string)` | `[]` | no |\n| \u003ca name=\"input_service_account_value_path\"\u003e\u003c/a\u003e [service\\_account\\_value\\_path](#input\\_service\\_account\\_value\\_path) | Path to ServiceAccount value in values.yaml | `string` | n/a | yes |\n| \u003ca name=\"input_set\"\u003e\u003c/a\u003e [set](#input\\_set) | Value block with custom STRING values to be merged with the values yaml. | \u003cpre\u003elist(object({\u003cbr\u003e    name  = string\u003cbr\u003e    value = string\u003cbr\u003e  }))\u003c/pre\u003e | `null` | no |\n| \u003ca name=\"input_set_sensitive\"\u003e\u003c/a\u003e [set\\_sensitive](#input\\_set\\_sensitive) | Value block with custom sensitive values to be merged with the values yaml that won't be exposed in the plan's diff. | \u003cpre\u003elist(object({\u003cbr\u003e    path  = string\u003cbr\u003e    value = string\u003cbr\u003e  }))\u003c/pre\u003e | `null` | no |\n| \u003ca name=\"input_stage\"\u003e\u003c/a\u003e [stage](#input\\_stage) | ID element. Usually used to indicate role, e.g. 'prod', 'staging', 'source', 'build', 'test', 'deploy', 'release' | `string` | `null` | no |\n| \u003ca name=\"input_tags\"\u003e\u003c/a\u003e [tags](#input\\_tags) | Additional tags (e.g. `{'BusinessUnit': 'XYZ'}`).\u003cbr\u003eNeither the tag keys nor the tag values will be modified by this module. | `map(string)` | `{}` | no |\n| \u003ca name=\"input_tenant\"\u003e\u003c/a\u003e [tenant](#input\\_tenant) | ID element \\_(Rarely used, not included by default)\\_. A customer identifier, indicating who this instance of a resource is for | `string` | `null` | no |\n| \u003ca name=\"input_values\"\u003e\u003c/a\u003e [values](#input\\_values) | Extra values | `list(string)` | `[]` | no |\n\n## Modules\n\n| Name | Source | Version |\n|------|--------|---------|\n| \u003ca name=\"module_this\"\u003e\u003c/a\u003e [this](#module\\_this) | cloudposse/label/null | 0.25.0 |\n| \u003ca name=\"module_workload_identity\"\u003e\u003c/a\u003e [workload\\_identity](#module\\_workload\\_identity) | terraform-google-modules/kubernetes-engine/google//modules/workload-identity | v29.0.0 |\n\n## Outputs\n\n| Name | Description |\n|------|-------------|\n| \u003ca name=\"output_deployment\"\u003e\u003c/a\u003e [deployment](#output\\_deployment) | The state of the helm deployment |\n| \u003ca name=\"output_gcp_service_account\"\u003e\u003c/a\u003e [gcp\\_service\\_account](#output\\_gcp\\_service\\_account) | GCP service account. |\n| \u003ca name=\"output_gcp_service_account_email\"\u003e\u003c/a\u003e [gcp\\_service\\_account\\_email](#output\\_gcp\\_service\\_account\\_email) | Email address of GCP service account. |\n| \u003ca name=\"output_gcp_service_account_fqn\"\u003e\u003c/a\u003e [gcp\\_service\\_account\\_fqn](#output\\_gcp\\_service\\_account\\_fqn) | FQN of GCP service account. |\n| \u003ca name=\"output_gcp_service_account_name\"\u003e\u003c/a\u003e [gcp\\_service\\_account\\_name](#output\\_gcp\\_service\\_account\\_name) | Name of GCP service account. |\n| \u003ca name=\"output_k8s_service_account_name\"\u003e\u003c/a\u003e [k8s\\_service\\_account\\_name](#output\\_k8s\\_service\\_account\\_name) | Name of K8S service account. |\n| \u003ca name=\"output_k8s_service_account_namespace\"\u003e\u003c/a\u003e [k8s\\_service\\_account\\_namespace](#output\\_k8s\\_service\\_account\\_namespace) | Namespace of k8s service account. |\n\n## Providers\n\n| Name | Version |\n|------|---------|\n| \u003ca name=\"provider_helm\"\u003e\u003c/a\u003e [helm](#provider\\_helm) | \u003e= 2.0, \u003c 3.0 |\n| \u003ca name=\"provider_kubernetes\"\u003e\u003c/a\u003e [kubernetes](#provider\\_kubernetes) | \u003e= 2.0, \u003c 3.0 |\n\n## Requirements\n\n| Name | Version |\n|------|---------|\n| \u003ca name=\"requirement_terraform\"\u003e\u003c/a\u003e [terraform](#requirement\\_terraform) | \u003e= 1.3.0 |\n| \u003ca name=\"requirement_helm\"\u003e\u003c/a\u003e [helm](#requirement\\_helm) | \u003e= 2.0, \u003c 3.0 |\n| \u003ca name=\"requirement_kubernetes\"\u003e\u003c/a\u003e [kubernetes](#requirement\\_kubernetes) | \u003e= 2.0, \u003c 3.0 |\n\n## Resources\n\n| Name | Type |\n|------|------|\n| [helm_release.this](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource |\n| [kubernetes_namespace.this](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/namespace) | resource |\n\u003c!-- END_TF_DOCS --\u003e\n\n## CONTRIBUTING\n\nContributions are very welcomed!\n\nStart by reviewing [contribution guide](CONTRIBUTING.md) and our [code of conduct](CODE_OF_CONDUCT.md). After that, start coding and ship your changes by creating a new PR.\n\n## LICENSE\n\nApache 2 Licensed. See [LICENSE](LICENSE) for full details.\n\n## AUTHORS\n\n\u003c!--- Replace repository name --\u003e\n\u003ca href=\"https://github.com/getindata/terraform-gke-helm-release/graphs/contributors\"\u003e\n  \u003cimg src=\"https://contrib.rocks/image?repo=getindata/terraform-module-template\" /\u003e\n\u003c/a\u003e\n\nMade with [contrib.rocks](https://contrib.rocks).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgetindata%2Fterraform-gke-helm-release","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgetindata%2Fterraform-gke-helm-release","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgetindata%2Fterraform-gke-helm-release/lists"}