From b1ecad22a39889db4a3c6ac81a0a7748d30f1357 Mon Sep 17 00:00:00 2001
From: MahekKatariya <52340640+MahekKatariya@users.noreply.github.com>
Date: Mon, 23 Sep 2024 21:36:08 +0530
Subject: [PATCH] fix(TPG >= 4.53)!: update regional proxy lb module (#111)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
---
 modules/regional_proxy_lb/README.md    |  5 +++--
 modules/regional_proxy_lb/main.tf      |  3 ++-
 modules/regional_proxy_lb/variables.tf | 12 ++++++++++--
 modules/regional_proxy_lb/versions.tf  |  4 ++--
 4 files changed, 17 insertions(+), 7 deletions(-)

diff --git a/modules/regional_proxy_lb/README.md b/modules/regional_proxy_lb/README.md
index 57aabce..73b367b 100644
--- a/modules/regional_proxy_lb/README.md
+++ b/modules/regional_proxy_lb/README.md
@@ -75,9 +75,10 @@ module "gce-lb-tcp" {
 | network\_project | Name of the project where the network resides. Useful for shared VPC. Default is var.project. | `string` | n/a | yes |
 | port\_front\_end | Port of the load balancer front end | `number` | n/a | yes |
 | project | The project to deploy to, if not set the default provider project is used. | `string` | `null` | no |
-| proxy\_only\_subnet\_cidr | The CIDR block of the proxy only subnet | `string` | n/a | yes |
+| proxy\_header | Specifies the type of proxy header to append before sending data to the backend. Default value is NONE. Possible values are: NONE, PROXY\_V1 | `string` | `"NONE"` | no |
+| proxy\_only\_subnet\_cidr | The CIDR block of the proxy only subnet.This is required when create\_proxy\_only\_subnet is set to true. | `string` | `""` | no |
 | region | Region of the created GCP resources from this module. | `string` | n/a | yes |
-| target\_tags | List of target tags to allow traffic using firewall rule. | `list(string)` | n/a | yes |
+| target\_tags | List of target tags to allow traffic using firewall rule.This is required when create\_firewall\_rules is set to true. | `list(string)` | `[]` | no |
 
 ## Outputs
 
diff --git a/modules/regional_proxy_lb/main.tf b/modules/regional_proxy_lb/main.tf
index 43f3305..e1a590e 100644
--- a/modules/regional_proxy_lb/main.tf
+++ b/modules/regional_proxy_lb/main.tf
@@ -51,6 +51,7 @@ resource "google_compute_region_target_tcp_proxy" "default" {
   name            = "${var.name}-proxy"
   project         = var.project
   region          = var.region
+  proxy_header    = var.proxy_header
   backend_service = google_compute_region_backend_service.default.id
 }
 
@@ -135,7 +136,7 @@ resource "google_compute_firewall" "default-hc-fw" {
 }
 
 resource "google_compute_firewall" "default-proxy-fw" {
-  count         = var.create_firewall_rules ? 1 : 0
+  count         = var.create_firewall_rules && var.create_proxy_only_subnet ? 1 : 0
   name          = "${var.name}-allow-proxy"
   direction     = "INGRESS"
   project       = var.network_project
diff --git a/modules/regional_proxy_lb/variables.tf b/modules/regional_proxy_lb/variables.tf
index 838b41a..8149b58 100644
--- a/modules/regional_proxy_lb/variables.tf
+++ b/modules/regional_proxy_lb/variables.tf
@@ -47,8 +47,9 @@ variable "create_firewall_rules" {
 }
 
 variable "target_tags" {
-  description = "List of target tags to allow traffic using firewall rule."
+  description = "List of target tags to allow traffic using firewall rule.This is required when create_firewall_rules is set to true."
   type        = list(string)
+  default     = []
 }
 
 
@@ -66,7 +67,8 @@ variable "create_proxy_only_subnet" {
 
 variable "proxy_only_subnet_cidr" {
   type        = string
-  description = "The CIDR block of the proxy only subnet"
+  default     = ""
+  description = "The CIDR block of the proxy only subnet.This is required when create_proxy_only_subnet is set to true."
 }
 
 variable "port_front_end" {
@@ -74,6 +76,12 @@ variable "port_front_end" {
   type        = number
 }
 
+variable "proxy_header" {
+  type        = string
+  default     = "NONE"
+  description = "Specifies the type of proxy header to append before sending data to the backend. Default value is NONE. Possible values are: NONE, PROXY_V1"
+}
+
 variable "health_check" {
   description = "Health check to determine whether instances are responsive and able to do work"
   type = object({
diff --git a/modules/regional_proxy_lb/versions.tf b/modules/regional_proxy_lb/versions.tf
index 83e4bcc..08aa918 100644
--- a/modules/regional_proxy_lb/versions.tf
+++ b/modules/regional_proxy_lb/versions.tf
@@ -19,12 +19,12 @@ terraform {
   required_providers {
     google = {
       source  = "hashicorp/google"
-      version = ">= 3.53, < 7"
+      version = ">= 4.53, < 7"
     }
 
     google-beta = {
       source  = "hashicorp/google-beta"
-      version = ">= 3.53, < 7"
+      version = ">= 4.53, < 7"
     }
   }