feat: default to private nodes on gcp gke

[cameronraysmith]

Of note, this is tested 1x and with google dns.

You can enable gke private nodes, while retaining a public endpoint https://github.com/terraform-google-modules/terraform-google-kubernetes-engine/tree/2f5a2769fada01333b178d0bc9ec1e8192535043/modules/private-cluster

module "gke" {
  source                     = "terraform-google-modules/kubernetes-engine/google//modules/private-cluster"
  enable_private_endpoint    = false
  enable_private_nodes       = true

This might be a workable and, at least slightly, more secure default near https://github.com/kubefirst/gitops-template/blob/ef737f88cf87216f05d8459da69d7d2d0f673b45/gcp-github/terraform/gcp/gke/main.tf#L12

[fharper]

Thank for this PR @cameronraysmith 🎉

[johndietz]

quick note to express support of a contribution to change the gcp default in this direction - thanks for thinking through this @cameronraysmith. this would bring gcp into tighter alignment with how we have our aws eks ecosystem set up. 💯