From c49798e2c333b93da4169d1e857d673022560880 Mon Sep 17 00:00:00 2001
From: Bob Callaway <bcallaway@google.com>
Date: Fri, 31 May 2024 08:03:35 -0400
Subject: [PATCH] add variable to expose index.html from tuf buckets

Signed-off-by: Bob Callaway <bcallaway@google.com>
---
 terraform/gcp/modules/sigstore/sigstore.tf  | 1 +
 terraform/gcp/modules/sigstore/variables.tf | 6 ++++++
 terraform/gcp/modules/tuf/tuf.tf            | 8 ++++++++
 terraform/gcp/modules/tuf/variables.tf      | 6 ++++++
 4 files changed, 21 insertions(+)

diff --git a/terraform/gcp/modules/sigstore/sigstore.tf b/terraform/gcp/modules/sigstore/sigstore.tf
index e51ef637b..845335aca 100644
--- a/terraform/gcp/modules/sigstore/sigstore.tf
+++ b/terraform/gcp/modules/sigstore/sigstore.tf
@@ -64,6 +64,7 @@ module "tuf" {
   gcs_logging_enabled = var.gcs_logging_enabled
   gcs_logging_bucket  = var.gcs_logging_bucket
   storage_class       = var.tuf_storage_class
+  main_page_suffix    = var.tuf_main_page_suffix
 
   tuf_service_account_name = var.tuf_service_account_name
 
diff --git a/terraform/gcp/modules/sigstore/variables.tf b/terraform/gcp/modules/sigstore/variables.tf
index 89bac1f23..6ea17c432 100644
--- a/terraform/gcp/modules/sigstore/variables.tf
+++ b/terraform/gcp/modules/sigstore/variables.tf
@@ -107,6 +107,12 @@ variable "tuf_kms_location" {
   default     = "global"
 }
 
+variable "tuf_main_page_suffix" {
+  type        = string
+  description = "path to tuf bucket's directory index when missing object is treated as potential directories"
+  default     = ""
+}
+
 variable "ca_pool_name" {
   description = "Certificate authority pool name"
   type        = string
diff --git a/terraform/gcp/modules/tuf/tuf.tf b/terraform/gcp/modules/tuf/tuf.tf
index 1bed71ac9..7a476adca 100644
--- a/terraform/gcp/modules/tuf/tuf.tf
+++ b/terraform/gcp/modules/tuf/tuf.tf
@@ -64,6 +64,10 @@ resource "google_storage_bucket" "tuf" {
       log_bucket = var.gcs_logging_bucket
     }
   }
+
+  website {
+    main_page_suffix = var.main_page_suffix
+  }
 }
 
 resource "google_storage_bucket_iam_member" "public_tuf_member" {
@@ -123,6 +127,10 @@ resource "google_storage_bucket" "tuf_preprod" {
       log_bucket = var.gcs_logging_bucket
     }
   }
+
+  website {
+    main_page_suffix = var.main_page_suffix
+  }
 }
 
 resource "google_storage_bucket_iam_member" "public_tuf_preprod_member" {
diff --git a/terraform/gcp/modules/tuf/variables.tf b/terraform/gcp/modules/tuf/variables.tf
index 0de08b3ec..b14fefece 100644
--- a/terraform/gcp/modules/tuf/variables.tf
+++ b/terraform/gcp/modules/tuf/variables.tf
@@ -94,3 +94,9 @@ variable "tuf_key_viewers" {
   description = "List of members who can view the public key. See https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/google_kms_key_ring_iam#argument-reference for supported values"
   default     = []
 }
+
+variable "main_page_suffix" {
+  type        = string
+  description = "Behaves as the bucket's directory index where missing objects are treated as potential directories"
+  default     = ""
+}