refactor(gcp): unify GCP modules removing Azure-leaked duplicates

infrastructure/gcp/artifact-registry/main.tf

@@ -3,6 +3,8 @@ resource "google_artifact_registry_repository" "registry" {
   location      = var.location
   repository_id = var.repository_id
   format        = var.format
+
+  labels = var.tags
 }
 
 resource "google_service_account" "artifact_sa" {

infrastructure/gcp/artifact-registry/variables.tf

@@ -19,6 +19,12 @@ variable "format" {
   default     = "DOCKER"
 }
 
+variable "tags" {
+  type        = map(string)
+  description = "A mapping of labels to assign to the Artifact Registry repository"
+  default     = {}
+}
+
 variable "workload_identity_bindings" {
   description = "Kubernetes ServiceAccounts allowed to impersonate the GCP Service Account via Workload Identity. Each entry grants roles/iam.workloadIdentityUser on the GSA to the KSA identified by namespace/ksa_name."
   type = list(object({

infrastructure/gcp/cloud-dns/main.tf

@@ -1,6 +1,10 @@
+locals {
+  zone_name = var.zone_name != null ? var.zone_name : replace(var.domain_name, ".", "-")
+}
+
 resource "google_dns_managed_zone" "zone" {
   project    = var.project_id
-  name       = var.zone_name
+  name       = local.zone_name
   dns_name   = "${var.domain_name}."
   visibility = var.visibility
 
@@ -15,4 +19,6 @@ resource "google_dns_managed_zone" "zone" {
       }
     }
   }
+
+  labels = var.tags
 }

infrastructure/gcp/cloud-dns/outputs.tf

@@ -1,7 +1,14 @@
 output "zone_name" {
-  value = google_dns_managed_zone.zone.name
+  description = "The name of the created DNS managed zone"
+  value       = google_dns_managed_zone.zone.name
+}
+
+output "zone_id" {
+  description = "The ID of the created DNS managed zone"
+  value       = google_dns_managed_zone.zone.id
 }
 
 output "name_servers" {
-  value = google_dns_managed_zone.zone.name_servers
+  description = "The list of name servers for the DNS managed zone"
+  value       = google_dns_managed_zone.zone.name_servers
 }

infrastructure/gcp/cloud-dns/tests/cloud_dns.tftest.hcl

@@ -45,3 +45,32 @@ run "zone_uses_provided_name" {
     error_message = "Zone name should match zone_name variable"
   }
 }
+
+run "zone_name_derived_from_domain_when_omitted" {
+  command = plan
+
+  variables {
+    zone_name = null
+  }
+
+  assert {
+    condition     = google_dns_managed_zone.zone.name == "myorg-example-com"
+    error_message = "Zone name should derive from domain_name by replacing dots with dashes when zone_name is null"
+  }
+}
+
+run "labels_applied_from_tags" {
+  command = plan
+
+  variables {
+    tags = {
+      env  = "test"
+      team = "platform"
+    }
+  }
+
+  assert {
+    condition     = google_dns_managed_zone.zone.labels["env"] == "test"
+    error_message = "Labels should be applied from tags variable"
+  }
+}

infrastructure/gcp/cloud-dns/variables.tf

@@ -3,14 +3,15 @@ variable "project_id" {
   description = "The GCP project ID"
 }
 
-variable "zone_name" {
+variable "domain_name" {
   type        = string
-  description = "The name of the DNS zone resource"
+  description = "The domain name for the DNS zone (without trailing dot, e.g. example.com)"
 }
 
-variable "domain_name" {
+variable "zone_name" {
   type        = string
-  description = "The domain name (without trailing dot)"
+  description = "The name of the DNS zone resource. Defaults to domain_name with dots replaced by dashes."
+  default     = null
 }
 
 variable "visibility" {
@@ -24,3 +25,9 @@ variable "private_zone_networks" {
   description = "VPC network self-links for private zones"
   default     = []
 }
+
+variable "tags" {
+  type        = map(string)
+  description = "A mapping of labels to assign to the DNS managed zone"
+  default     = {}
+}

infrastructure/gcp/cloud-nat/outputs.tf

@@ -1,7 +1,9 @@
 output "router_name" {
-  value = google_compute_router.router.name
+  description = "The name of the created Cloud Router"
+  value       = google_compute_router.router.name
 }
 
 output "nat_name" {
-  value = google_compute_router_nat.nat.name
+  description = "The name of the created Cloud NAT gateway"
+  value       = google_compute_router_nat.nat.name
 }