add variable to expose index.html from tuf buckets

Signed-off-by: Bob Callaway <[email protected]>

terraform/gcp/modules/sigstore/sigstore.tf

@@ -64,6 +64,7 @@ module "tuf" {
   gcs_logging_enabled = var.gcs_logging_enabled
   gcs_logging_bucket  = var.gcs_logging_bucket
   storage_class       = var.tuf_storage_class
+  main_page_suffix    = var.tuf_main_page_suffix
 
   tuf_service_account_name = var.tuf_service_account_name
 

terraform/gcp/modules/sigstore/variables.tf

@@ -107,6 +107,12 @@ variable "tuf_kms_location" {
   default     = "global"
 }
 
+variable "tuf_main_page_suffix" {
+  type        = string
+  description = "path to tuf bucket's directory index when missing object is treated as potential directories"
+  default     = ""
+}
+
 variable "ca_pool_name" {
   description = "Certificate authority pool name"
   type        = string

terraform/gcp/modules/tuf/tuf.tf

@@ -64,6 +64,10 @@ resource "google_storage_bucket" "tuf" {
       log_bucket = var.gcs_logging_bucket
     }
   }
+
+  website {
+    main_page_suffix = var.main_page_suffix
+  }
 }
 
 resource "google_storage_bucket_iam_member" "public_tuf_member" {
@@ -123,6 +127,10 @@ resource "google_storage_bucket" "tuf_preprod" {
       log_bucket = var.gcs_logging_bucket
     }
   }
+
+  website {
+    main_page_suffix = var.main_page_suffix
+  }
 }
 
 resource "google_storage_bucket_iam_member" "public_tuf_preprod_member" {

terraform/gcp/modules/tuf/variables.tf

@@ -94,3 +94,9 @@ variable "tuf_key_viewers" {
   description = "List of members who can view the public key. See https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/google_kms_key_ring_iam#argument-reference for supported values"
   default     = []
 }
+
+variable "main_page_suffix" {
+  type        = string
+  description = "Behaves as the bucket's directory index where missing objects are treated as potential directories"
+  default     = ""
+}