################################################################################
# OKE Advanced Terraform Root Module                                           #
# File: ~/oke_advanced_module/variables.tf                                     #
#                                                                              #
# Description:                                                                 #
#   Input variables for advanced OKE (Oracle Kubernetes Engine) Terraform      #
#   deployments, with comments and validation for OCI, networking,             #
#   bastion, and cluster configuration.                                        #
#                                                                              #
# -----------------------------------------------------------------------------#
#   This Ttemplate is for sharing only. Default values are REPLACE_BY_YOUR_XX. #    
#   For non-sensitive fields, previous default are shown in as example.        #
#                                                                              #
# Authors: Mahamat H. Guiagoussou, Payal Sharma, Matthew McDaniel              #
# Copyright (c) 2025 Oracle                                                    #
################################################################################

#-------------------------------#
# Provider & Authentication     #
#-------------------------------#

variable "tenancy_ocid" {
  description = "Tenancy OCID for your Oracle Cloud tenancy."
  type        = string
  default     = "REPLACE_BY_YOUR_OCID"
}


variable "region" {
  description = "OCI region identifier (e.g., us-ashburn-1)."
  type        = string
  default     = "REPLACE_BY_YOUR_REGION"  # "us-ashburn-1"
}


#-------------------------------#
# Compartment Management        #
#-------------------------------#

variable "is_networking_compartment_separate" {
  description = "A flag to indicate if the same compartment is used for both Container (OKE) and Networking."
  type        = bool
  default     = REPLACE_BY_YOUR_BOOL  # true
}


variable "compartment_id" {
  description = "OCID of the compartment where resources (OKE cluster, nodepools, etc.) will be created"
  type        = string
  default     = "REPLACE_BY_YOUR_OCID"
}


variable "networking_compartment_id" {
  description = "The OCID of the compartment for networking resources (VCN, subnets, etc.)."
  type        = string
  default     = "REPLACE_BY_YOUR_OCID"
}


#-------------------------------#
# Networking / VCN Configuration#
#-------------------------------#

variable "vcn_cidr_block" {
  description = "The CIDR block for the VCN."
  type        = string
  default     = "REPLACE_BY_YOUR_CIDR"  # "10...0.0.0/16"
}


variable "display_name_prefix" {
  description = "A prefix for all resource display names."
  type        = string
  default     = "REPLACE_BY_YOUR_DISPLAY_NAME_PREFIX"  # "ORM-OKE-Module-Test"
}


variable "host_name_prefix" {
  description = "A prefix for all resource hostnames."
  type        = string
  default     = "REPLACE_BY_YOUR_HOSTNAME_PREFIX"  # "avcn"
}


variable "k8apiendpoint_private_subnet_cidr_block" {
  description = "The CIDR block for the Kubernetes API Endpoint private subnet."
  type        = string
  default     = "REPLACE_BY_YOUR_CIDR"  # "10..0.0.0/30"
}


variable "workernodes_private_subnet_cidr_block" {
  description = "The CIDR block for the worker nodes private subnet."
  type        = string
  default     = "REPLACE_BY_YOUR_CIDR"  # "10..0.1.0/24"
}


variable "pods_private_subnet_cidr_block" {
  description = "The CIDR block for the Node Pods private subnet."
  type        = string
  default     = "REPLACE_BY_YOUR_CIDR"  # "10..0.32.0/19"
}


variable "pod_network_cidr" {
  description = "Bastion Public Subnet CIDR Block"
  type        = string
  default     = "REPLACE_BY_YOUR_CIDR"  # "10..0.1.0/24
}


variable "serviceloadbalancers_public_subnet_cidr_block" {
  description = "The CIDR block for the public load balancers subnet."
  type        = string
  default     = "REPLACE_BY_YOUR_CIDR"  # "10..0.2.0/24"
}


variable "bastion_public_subnet_cidr_block" {
  description = "The CIDR block for a public subnet for general compute testing and for the bastion."
  type        = string
  default     = "REPLACE_BY_YOUR_CIDR"  # "10..0.3.0/24"
}


#-------------------------------#
# OKE Cluster Configuration     #
#-------------------------------#

variable "control_plane_kubernetes_version" {
  description = "The Kubernetes version for the OKE control plane."
  type        = string
  default     = "REPLACE_BY_YOUR_VERSION"  # "v1.33.1"
}


variable "worker_nodes_kubernetes_version" {
  description = "The Kubernetes version for the worker nodes."
  type        = string
  default     = "REPLACE_BY_YOUR_VERSION"  # "v1.33.1"
}


variable "control_plane_is_public" {
  description = "Whether the Kubernetes API endpoint should be publicly accessible."
  type        = bool
  default     = REPLACE_BY_YOUR_BOOL  # false
}


variable "cni_type" {
  description = "The CNI type for the cluster."
  type        = string
  default     = "REPLACE_BY_YOUR_CNI_TYPE"  # "FLANNEL_OVERLAY" OR "OCI_VCN_IP_NATIVE"
}


variable "cluster_type" {
  description = "The type of cluster (e.g., 'ENHANCED_CLUSTER' or 'BASIC_CLUSTER')."
  type        = string
  default     = "REPLACE_BY_YOUR_VALUE"  # "ENHANCED_CLUSTER" or "BASIC_CLUSTER"
}


variable "image_signing_enabled" {
  description = "Whether image signing is enabled."
  type        = bool
  default     = REPLACE_BY_YOUR_BOOL  # false
}


variable "image_signing_key_id" {
  description = "The OCID of the KMS key for image signing."
  type        = string
  default     = "REPLACE_BY_YOUR_VALUE"
}


variable "worker_node_pools" {
  description = "A map of node pool configurations."
  type = map(object({
    name                      = string
    shape                     = string
    shape_config              = object({
      memory = number
      ocpus  = number
    })
    boot_volume_size          = number
    operating_system          = string
    kubernetes_version        = string
    source_type               = string
    node_labels               = map(string)
    availability_domains      = list(string)
    number_of_nodes           = number
    pv_in_transit_encryption  = bool
    node_cycle_config         = object({
      node_cycling_enabled = bool
      maximum_surge        = string
      maximum_unavailable  = string
    })
    ssh_key                  = string
  }))
  default = {
    node_pools = {
      name                      = "REPLACE_BY_YOUR_NODEPOOL_NAME"    # "node_pool_1"
      shape                     = "REPLACE_BY_YOUR_SHAPE"            # "VM.Standard.E5.Flex"
      shape_config              = {
        memory = REPLACE_BY_YOUR_NUMBER  # 16
        ocpus  = REPLACE_BY_YOUR_NUMBER  # 1
      }
      boot_volume_size          = REPLACE_BY_YOUR_NUMBER  # 50
      operating_system          = "REPLACE_BY_YOUR_OS"    # "Oracle-Linux"
      kubernetes_version        = "REPLACE_BY_YOUR_VERSION" # "v1.33.1"
      source_type               = "REPLACE_BY_YOUR_SOURCE_TYPE"  # "IMAGE"
      node_labels               = {
        Trigger = "REPLACE_BY_YOUR_NODE_LABEL"             # "HelloWorld"
      }
      availability_domains      = [
        "REPLACE_BY_YOUR_AD_1",  # "AQob:US-ASHBURN-AD-1"
        "REPLACE_BY_YOUR_AD_2",  # "AQob:US-ASHBURN-AD-2"
        "REPLACE_BY_YOUR_AD_3"   # "AQob:US-ASHBURN-AD-3"
      ]
      number_of_nodes           = REPLACE_BY_YOUR_NUMBER  # 1
      pv_in_transit_encryption  = REPLACE_BY_YOUR_BOOL    # false
      node_cycle_config         = {
        node_cycling_enabled = REPLACE_BY_YOUR_BOOL       # true
        maximum_surge        = REPLACE_BY_YOUR_NUMBER     # 1
        maximum_unavailable  = REPLACE_BY_YOUR_NUMBER     # 0
        cycle_modes          = REPLACE_BY_YOUR_Cycle_mode # "BOOT_VOLUME_REPLACE" or "INSTANCE_REPLACE"
      }
      ssh_key = "REPLACE_BY_YOUR_FILENAME"                # "oke_node_key.pub"
    }
  }
}


#-------------------------------#
# Bastion Host Configuration    #
#-------------------------------#

variable "linux_images" {
  description = "A map of Linux image OCIDs, keyed by region and version."
  type        = map(any)
  default = {
    us-ashburn-1 = {
      ol8_1_25_4 = "REPLACE_BY_YOUR_OCID"
      ol8_1_24_1 = "REPLACE_BY_YOUR_OCID"
    }
    us-phoenix-1 = {
      ol8_1_25_4 = "REPLACE_BY_YOUR_OCID"
      ol8_1_24_1 = "REPLACE_BY_YOUR_OCID"
    }
  }
}


variable "ssh_public_key_path" {
  description = "SSH Public key File Path."
  type        = string
  default     = "REPLACE_BY_YOUR_FILENAME"   # "oke_node_key.pub"
}


variable "ssh_private_key_path" {
  description = "SSH Private Key File Path."
  type        = string
  default     = "REPLACE_BY_YOUR_FILENAME"   # "oke_node_key"
}


variable "bastion_params" {
  description = "A map of bastion instance configurations."
  type = map(object({
    ad_number    = number
    fault_domain = number
    shape        = string
    shape_config = object({
      memory = number
      ocpus  = number
    })
    hostname             = string
    version              = string
    boot_volume_size     = number
    assign_public_ip     = bool
    preserve_boot_volume = bool
    freeform_tags        = map(string)
    platform_config = object({
      is_symmetric_multi_threading_enabled = string
      type                                 = string
    })
    instance_options_legacy_imds_endpoints_disabled = bool
  }))
  default = {
    this_bastion = {
      ad_number    = REPLACE_BY_YOUR_NUMBER        # 1
      fault_domain = REPLACE_BY_YOUR_NUMBER        # 1
      shape        = "REPLACE_BY_YOUR_SHAPE"       # "VM.Standard.E5.Flex"
      shape_config = {
        memory = REPLACE_BY_YOUR_NUMBER           # 12
        ocpus  = REPLACE_BY_YOUR_NUMBER           # 1
      }
      platform_config = {
        is_symmetric_multi_threading_enabled = "REPLACE_BY_YOUR_BOOL" # true
        type                                 = "REPLACE_BY_YOUR_VALUE" # "AMD_VM"
      }
      hostname                                        = "REPLACE_BY_YOUR_HOSTNAME"   # "tfokebh"
      version                                         = "REPLACE_BY_YOUR_VALUE"      # "ol8_1_25_4"
      boot_volume_size                                = REPLACE_BY_YOUR_NUMBER       # 50
      assign_public_ip                                = REPLACE_BY_YOUR_BOOL         # true
      preserve_boot_volume                            = REPLACE_BY_YOUR_BOOL         # false
      instance_options_legacy_imds_endpoints_disabled = REPLACE_BY_YOUR_BOOL         # false
      freeform_tags = {
        project = "REPLACE_BY_YOUR_PROJECT"         # "prod-network"
        env     = "REPLACE_BY_YOUR_ENV"             # "production"
      }
    }
  }
}


#-------------------------------#
# Control Flags                 #
#-------------------------------#

variable "is_vcn_created" {
  description = "A flag to control the creation of the VCN and its related resources."
  type        = bool
  default     = REPLACE_BY_YOUR_BOOL  # true
}


variable "is_k8cluster_created" {
  description = "A flag to control the creation of the OKE cluster."
  type        = bool
  default     = REPLACE_BY_YOUR_BOOL  # true
}


variable "is_nodepool_created" {
  description = "A flag to control the creation of the OKE worker node pool."
  type        = bool
  default     = REPLACE_BY_YOUR_BOOL  # true
}


variable "is_bastion_created" {
  description = "A flag to control the creation of the Bastion host."
  type        = bool
  default     = REPLACE_BY_YOUR_BOOL  # true
}


variable "use_nsg" {
  description = "A flag to use Network Security Groups (NSGs) instead of Security Lists (SLs)."
  type        = bool
  default     = REPLACE_BY_YOUR_BOOL  # false
}


#-------------------------------#
# Tagging and Misc              #
#-------------------------------#

variable "cluster_freeform_tag_key" {
  description = "Freeform tag key for OKE cluster resources."
  type    = string
  default = "REPLACE_BY_YOUR_TAG"  # "Environment"
}


variable "cluster_freeform_tag_value" {
  description = "Freeform tag value for OKE cluster resources."
  type    = string
  default = "REPLACE_BY_YOUR_VALUE"  # "ORM Test/Dev"
}


variable "node_pool_freeform_tag_key" {
  description = "Freeform tag key for OKE node pools."
  type    = string
  default = "REPLACE_BY_YOUR_TAG"  # "LOB"
}


variable "node_pool_freeform_tag_value" {
  description = "Freeform tag value for OKE node pools."
  type    = string
  default = "REPLACE_BY_YOUR_VALUE"  # "DevOps Tech with ORM"
}