fix(google): Fix GKE legacy endpoint use detection (#497)

Resolves #470

Signed-off-by: Liam Galvin <[email protected]>

internal/adapters/terraform/google/gke/adapt.go

@@ -133,9 +133,13 @@ func (a *adapter) adaptCluster(resource *terraform.Block, module *terraform.Modu
 		cluster.PodSecurityPolicy.Enabled = enabledAttr.AsBoolValueOrDefault(false, policyBlock)
 	}
 
-	legacyMetadataAttr := resource.GetNestedAttribute("metadata.disable-legacy-endpoints")
-	if legacyMetadataAttr.IsNotNil() && legacyMetadataAttr.IsTrue() {
-		cluster.ClusterMetadata.EnableLegacyEndpoints = types.Bool(false, legacyMetadataAttr.GetMetadata())
+	legacyMetadataAttr := resource.GetNestedAttribute("node_config.metadata.disable-legacy-endpoints")
+	if legacyMetadataAttr.IsNotNil() {
+		if legacyMetadataAttr.IsTrue() {
+			cluster.ClusterMetadata.EnableLegacyEndpoints = types.Bool(false, legacyMetadataAttr.GetMetadata())
+		} else if legacyMetadataAttr.IsFalse() {
+			cluster.ClusterMetadata.EnableLegacyEndpoints = types.Bool(true, legacyMetadataAttr.GetMetadata())
+		}
 	}
 
 	if masterBlock := resource.GetBlock("master_auth"); masterBlock.IsNotNil() {

internal/rules/google/gke/metadata_endpoints_disabled.tf.go

@@ -3,18 +3,22 @@ package gke
 var terraformMetadataEndpointsDisabledGoodExamples = []string{
 	`
  resource "google_container_cluster" "good_example" {
- 	metadata {
-     disable-legacy-endpoints = true
-   }
+    node_config {
+      metadata {
+        disable-legacy-endpoints = true
+      }
+    }
  }`,
 }
 
 var terraformMetadataEndpointsDisabledBadExamples = []string{
 	`
  resource "google_container_cluster" "bad_example" {
- 	metadata {
-     disable-legacy-endpoints = false
-   }
+    node_config {
+      metadata {
+        disable-legacy-endpoints = false
+      }
+    }
  }`,
 }