Deploy GKE cluster 1st try

.gitlab-ci.yml

 include:
-  - project: 'gitops-demo/infra/templates'
-    file: '/terraform.gitlab-ci.yml'
+  - template: Terraform.gitlab-ci.yml
 
-.secrets:
-  secrets:
-    GOOGLE_CREDENTIALS_FILE:
-      vault: infrastructure/gcp/GOOGLE_CREDENTIALS@secret
-    GOOGLE_PROJECT_FILE:
-      vault: infrastructure/gcp/GOOGLE_PROJECT@secret
-    GOOGLE_REGION_FILE:
-      vault: infrastructure/gcp/GOOGLE_REGION@secret
-    GITLAB_TOKEN_FILE:
-      vault: infrastructure/gitlab/GITLAB_TOKEN@secret
+variables:
+  # If not using GitLab's HTTP backend, remove this line and specify TF_HTTP_* variables
+  TF_STATE_NAME: default
+  TF_CACHE_KEY: default
+  # If your terraform files are in a subdirectory, set TF_ROOT accordingly
+  # TF_ROOT: terraform/production
   
 before_script:
-  - export GOOGLE_CREDENTIALS=$(cat $GOOGLE_CREDENTIALS_FILE)
-  - export GOOGLE_PROJECT=$(cat $GOOGLE_PROJECT_FILE)
-  - export GOOGLE_REGION=$(cat $GOOGLE_REGION_FILE)
-  - export GITLAB_TOKEN=$(cat $GITLAB_TOKEN_FILE)
\ No newline at end of file
+  - export GOOGLE_CREDENTIALS=$(echo BASE64_GOOGLE_CREDENTIALS | base64 -d)

README.md

-# Terraform for Kubernetes Cluster on Google Cloud
+# Infrastructure as Code with GitLab and Terraform (GKE)
 
-## GitOps Demo Group
-See [Global Readme file](https://gitlab.com/gitops-demo/readme/-/blob/master/README.md) for the full details.
+This repository contains sample code for creating Google Kubernetes Engine (GKE) [Group level clusters](https://docs.gitlab.com/ee/user/group/clusters/) with the [GitLab Infrastructure as Code](https://docs.gitlab.com/ee/user/infrastructure/).
+
+## Which resources are provisioned?
+
+- A [cluster on Google Cloud Platform (GCP)](gke.tf) with some defaults for name, location, node count, k8s version, etc.
+- A [`gitlab-admin` K8s service account](gitlab-admin.tf) with `cluster-admin` privileges.
+- An association between this new cluster and an existing GitLab group that we assume you have admin right to it. You
+can [override the group `full_path` here](./group_cluster.tf).
+
+## Important Terraform files
+
+These are the Terraform files we have pre-configured for the project.
 
 ```
 ├── backend.tf         # State file Location Configuration
@@ -9,3 +19,23 @@ See [Global Readme file](https://gitlab.com/gitops-demo/readme/-/blob/master/REA
 ├── gitlab-admin.tf    # Adding kubernetes service account
 └── group_cluster.tf   # Registering kubernetes cluster to GitLab `apps` Group
 ```
+
+## Secrets
+
+The following [CI environment variables](https://docs.gitlab.com/ee/ci/variables/) need to be set so that your CI 
+job is able to provision the cluster on GCP and so that the CI job can associate the cluster to 
+your group. It is advised that you create them through the UI and not inside the `.gitlab-ci.yml` to not expose
+them in your code.
+
+- `GITLAB_TOKEN`: [GitLab personal access token](https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html) to add K8s clusters to your GitLab your group
+- `BASE64_GOOGLE_CREDENTIALS`: You must create [GCP service account](https://cloud.google.com/docs/authentication/getting-started), with a json service account key. After downloading this json file, encode it with: `base64 /path/to/sa-key.json | tr -d \\n`. Copy this value and use it to create your CI environment variable.
+
+## Other optional configuration
+
+In the [GCP terraform provider reference](https://registry.terraform.io/providers/hashicorp/google/latest/docs/guides/provider_reference) you will find other ways to configure your cluster throught environment variables. Here's
+a couple of suggestions:
+
+| Variable Name | required | Description |
+| ------ | ------ | ------ |
+| GOOGLE_PROJECT | optional | The default name of the GCP project. See the [GCP terraform provider reference](https://registry.terraform.io/providers/hashicorp/google/latest/docs/guides/provider_reference) |
+| GOOGLE_REGION | optional | The default region of your desired cluster. See the [GCP terraform provider reference](https://registry.terraform.io/providers/hashicorp/google/latest/docs/guides/provider_reference) |

gke.tf

 // Configure the Google Cloud resources
 resource "google_container_cluster" "primary" {
-  name                     = "gitops-demo-gke"
+  name                     = "iac-demo-gke"
   location                 = "us-west1-a"
   remove_default_node_pool = true
   initial_node_count       = 1

group_cluster.tf

-data "gitlab_group" "gitops-demo-apps" {
-  full_path = "gitops-demo/apps"
-}
-
-data "gitlab_projects" "cluster-management-search" {
-  # Returns a list of matching projects. limit to 1 result matching "cluster-management"
-  group_id            = data.gitlab_group.gitops-demo-apps.id
-  simple              = true
-  search              = "cluster-management"
-  per_page            = 1
-  max_queryable_pages = 1
+data "gitlab_group" "iac-demo-apps" {
+  full_path = "iac-demo/apps"
 }
 
 resource "gitlab_group_cluster" "gke_cluster" {
-  group                 = data.gitlab_group.gitops-demo-apps.id
+  group                 = data.gitlab_group.iac-demo-apps.id
   name                  = google_container_cluster.primary.name
-  domain                = "gke.gitops-demo.com"
+  domain                = "example.com"
   environment_scope     = "*"
   kubernetes_api_url    = "https://${google_container_cluster.primary.endpoint}"
   kubernetes_token      = data.kubernetes_secret.gitlab-admin-token.data.token
   kubernetes_ca_cert    = trimspace(base64decode(google_container_cluster.primary.master_auth.0.cluster_ca_certificate))
-  management_project_id = data.gitlab_projects.cluster-management-search.projects.0.id
 }