From 7ff75bf5faa068a78953531b13ee53a58c8d9a1f Mon Sep 17 00:00:00 2001
From: Bob Callaway <bcallaway@google.com>
Date: Wed, 3 Jul 2024 09:53:54 -0400
Subject: [PATCH 1/3] enable os patch runs nightly for bastion images

Signed-off-by: Bob Callaway <bcallaway@google.com>
---
 terraform/gcp/modules/bastion/bastion.tf | 27 ++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/terraform/gcp/modules/bastion/bastion.tf b/terraform/gcp/modules/bastion/bastion.tf
index d885c604a..5a35dbb2f 100644
--- a/terraform/gcp/modules/bastion/bastion.tf
+++ b/terraform/gcp/modules/bastion/bastion.tf
@@ -147,6 +147,33 @@ resource "google_compute_instance" "bastion" {
   depends_on = [google_project_service.service, google_kms_crypto_key_iam_binding.disk-key]
 }
 
+resource "google_os_config_patch_deployment" "patch" {
+  patch_deployment_id = "patch-deploy"
+
+  instance_filter {
+    instances = [google_compute_instance.bastion.id]
+  }
+
+  patch_config {
+    apt {
+      type = "DIST"
+    }
+  }
+
+  recurring_schedule {
+    time_zone {
+      id = "America/New_York"
+    }
+
+    time_of_day {
+      hours = 0
+      minutes = 0
+      seconds = 0
+      nanos = 0
+    }
+  }
+}
+
 // Grant tunnel access to the GA team 
 resource "google_project_iam_member" "ga_tunnel_accessor_verifier_member" {
   project = var.project_id

From e9de77847d406df95d419540d824508d504a7dd9 Mon Sep 17 00:00:00 2001
From: Bob Callaway <bcallaway@google.com>
Date: Wed, 3 Jul 2024 09:55:54 -0400
Subject: [PATCH 2/3] fix fmt

Signed-off-by: Bob Callaway <bcallaway@google.com>
---
 terraform/gcp/modules/bastion/bastion.tf | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/terraform/gcp/modules/bastion/bastion.tf b/terraform/gcp/modules/bastion/bastion.tf
index 5a35dbb2f..e145f2ec9 100644
--- a/terraform/gcp/modules/bastion/bastion.tf
+++ b/terraform/gcp/modules/bastion/bastion.tf
@@ -166,10 +166,10 @@ resource "google_os_config_patch_deployment" "patch" {
     }
 
     time_of_day {
-      hours = 0
+      hours   = 0
       minutes = 0
       seconds = 0
-      nanos = 0
+      nanos   = 0
     }
   }
 }

From 95923d5a21bfeaff96b8edce5a1f2d28b02ea40c Mon Sep 17 00:00:00 2001
From: Bob Callaway <bcallaway@google.com>
Date: Wed, 3 Jul 2024 11:23:55 -0400
Subject: [PATCH 3/3] switch to UTC

Signed-off-by: Bob Callaway <bcallaway@google.com>
---
 terraform/gcp/modules/bastion/bastion.tf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/terraform/gcp/modules/bastion/bastion.tf b/terraform/gcp/modules/bastion/bastion.tf
index e145f2ec9..7ca08dde3 100644
--- a/terraform/gcp/modules/bastion/bastion.tf
+++ b/terraform/gcp/modules/bastion/bastion.tf
@@ -162,7 +162,7 @@ resource "google_os_config_patch_deployment" "patch" {
 
   recurring_schedule {
     time_zone {
-      id = "America/New_York"
+      id = "Etc/UTC"
     }
 
     time_of_day {