kovagoadi/hunfabric
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Enable terraform_naming_convention in tflint (#3930)

Browse Source 
* Draft terraform_naming_convention

* Two fast/stages fixes for terraform_naming_convention

* Disable terraform_naming_convention for resources for now

* module fixes for terraform_naming_convention

* tfdoc

* Remove "moved" from recipe and needs-fixing

* Fix moved for spoke_ra

* fix tests

* Use default (snake_case) for resources

* factory.terraform_data.project-preconditions

* First-pass migration of resources + tests

* Fix tests/modules/organization

* Require snake_case for variables; Add annotations for _testing

* permit _fast_debug variable

* Fix net_vpc_factory and net_vpc_firewall tests

* tfdoc addons and recipe

* Fix more tests

* Fix some net-global -> net_global tests

---------

Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com>
This commit is contained in:
Simon Roberts
2026-05-06 16:06:26 +10:00
committed by GitHub
parent ba56d9afbc
commit 26dbaa2d6e
83 changed files with 570 additions and 284 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
tests/fast/stages/s0_org_setup/hardened.yaml
View File

@@ -2240,19 +2240,19 @@ values:
member: serviceAccount:iac-vpcsc-rw@ft0-prod-iac-core-0.iam.gserviceaccount.com
project: ft0-prod-iac-core-0
timeouts: null
? module.factory.module.service_accounts-iam["iac-0/iac-org-cicd-ro"].google_service_account_iam_member.additive["$service_account_ids:iac-0/iac-org-ro-roles/iam.serviceAccountTokenCreator"]
? module.factory.module.service-accounts-iam["iac-0/iac-org-cicd-ro"].google_service_account_iam_member.additive["$service_account_ids:iac-0/iac-org-ro-roles/iam.serviceAccountTokenCreator"]
: condition: []
role: roles/iam.serviceAccountTokenCreator
service_account_id: projects/ft0-prod-iac-core-0/serviceAccounts/iac-org-ro@ft0-prod-iac-core-0.iam.gserviceaccount.com
? module.factory.module.service_accounts-iam["iac-0/iac-org-cicd-ro"].google_service_account_iam_member.additive["$service_account_ids:iac-0/iac-org-ro-roles/iam.workloadIdentityUser"]
? module.factory.module.service-accounts-iam["iac-0/iac-org-cicd-ro"].google_service_account_iam_member.additive["$service_account_ids:iac-0/iac-org-ro-roles/iam.workloadIdentityUser"]
: condition: []
role: roles/iam.workloadIdentityUser
service_account_id: projects/ft0-prod-iac-core-0/serviceAccounts/iac-org-ro@ft0-prod-iac-core-0.iam.gserviceaccount.com
? module.factory.module.service_accounts-iam["iac-0/iac-org-cicd-rw"].google_service_account_iam_member.additive["$service_account_ids:iac-0/iac-org-rw-roles/iam.serviceAccountTokenCreator"]
? module.factory.module.service-accounts-iam["iac-0/iac-org-cicd-rw"].google_service_account_iam_member.additive["$service_account_ids:iac-0/iac-org-rw-roles/iam.serviceAccountTokenCreator"]
: condition: []
role: roles/iam.serviceAccountTokenCreator
service_account_id: projects/ft0-prod-iac-core-0/serviceAccounts/iac-org-rw@ft0-prod-iac-core-0.iam.gserviceaccount.com
? module.factory.module.service_accounts-iam["iac-0/iac-org-cicd-rw"].google_service_account_iam_member.additive["$service_account_ids:iac-0/iac-org-rw-roles/iam.workloadIdentityUser"]
? module.factory.module.service-accounts-iam["iac-0/iac-org-cicd-rw"].google_service_account_iam_member.additive["$service_account_ids:iac-0/iac-org-rw-roles/iam.workloadIdentityUser"]
: condition: []
role: roles/iam.workloadIdentityUser
service_account_id: projects/ft0-prod-iac-core-0/serviceAccounts/iac-org-rw@ft0-prod-iac-core-0.iam.gserviceaccount.com
@@ -2260,7 +2260,7 @@ values:
input: null
output: null
triggers_replace: null
module.factory.terraform_data.project-preconditions:
module.factory.terraform_data.project_preconditions:
input: null
output: null
triggers_replace: null
@@ -6740,15 +6740,15 @@ values:
- serviceAccount:iac-pf-ro@ft0-prod-iac-core-0.iam.gserviceaccount.com
org_id: '1234567890'
role: roles/orgpolicy.policyViewer
module.organization-iam[0].google_project_iam_member.bucket-sinks-binding["audit-logs"]:
module.organization-iam[0].google_project_iam_member.bucket_sinks_binding["audit-logs"]:
condition:
- title: audit-logs bucket writer
role: roles/logging.bucketWriter
module.organization-iam[0].google_project_iam_member.bucket-sinks-binding["iam"]:
module.organization-iam[0].google_project_iam_member.bucket_sinks_binding["iam"]:
condition:
- title: iam bucket writer
role: roles/logging.bucketWriter
module.organization-iam[0].google_project_iam_member.bucket-sinks-binding["vpc-sc"]:
module.organization-iam[0].google_project_iam_member.bucket_sinks_binding["vpc-sc"]:
condition:
- title: vpc-sc bucket writer
role: roles/logging.bucketWriter
@@ -8368,7 +8368,7 @@ values:
input: null
output: null
triggers_replace: null
terraform_data.precondition-cicd:
terraform_data.precondition_cicd:
input: null
output: null
triggers_replace: null

18
tests/fast/stages/s0_org_setup/simple.yaml
View File

@@ -1607,19 +1607,19 @@ values:
member: serviceAccount:iac-vpcsc-rw@ft0-prod-iac-core-0.iam.gserviceaccount.com
project: ft0-prod-iac-core-0
timeouts: null
? module.factory.module.service_accounts-iam["iac-0/iac-org-cicd-ro"].google_service_account_iam_member.additive["$service_account_ids:iac-0/iac-org-ro-roles/iam.serviceAccountTokenCreator"]
? module.factory.module.service-accounts-iam["iac-0/iac-org-cicd-ro"].google_service_account_iam_member.additive["$service_account_ids:iac-0/iac-org-ro-roles/iam.serviceAccountTokenCreator"]
: condition: []
role: roles/iam.serviceAccountTokenCreator
service_account_id: projects/ft0-prod-iac-core-0/serviceAccounts/iac-org-ro@ft0-prod-iac-core-0.iam.gserviceaccount.com
? module.factory.module.service_accounts-iam["iac-0/iac-org-cicd-ro"].google_service_account_iam_member.additive["$service_account_ids:iac-0/iac-org-ro-roles/iam.workloadIdentityUser"]
? module.factory.module.service-accounts-iam["iac-0/iac-org-cicd-ro"].google_service_account_iam_member.additive["$service_account_ids:iac-0/iac-org-ro-roles/iam.workloadIdentityUser"]
: condition: []
role: roles/iam.workloadIdentityUser
service_account_id: projects/ft0-prod-iac-core-0/serviceAccounts/iac-org-ro@ft0-prod-iac-core-0.iam.gserviceaccount.com
? module.factory.module.service_accounts-iam["iac-0/iac-org-cicd-rw"].google_service_account_iam_member.additive["$service_account_ids:iac-0/iac-org-rw-roles/iam.serviceAccountTokenCreator"]
? module.factory.module.service-accounts-iam["iac-0/iac-org-cicd-rw"].google_service_account_iam_member.additive["$service_account_ids:iac-0/iac-org-rw-roles/iam.serviceAccountTokenCreator"]
: condition: []
role: roles/iam.serviceAccountTokenCreator
service_account_id: projects/ft0-prod-iac-core-0/serviceAccounts/iac-org-rw@ft0-prod-iac-core-0.iam.gserviceaccount.com
? module.factory.module.service_accounts-iam["iac-0/iac-org-cicd-rw"].google_service_account_iam_member.additive["$service_account_ids:iac-0/iac-org-rw-roles/iam.workloadIdentityUser"]
? module.factory.module.service-accounts-iam["iac-0/iac-org-cicd-rw"].google_service_account_iam_member.additive["$service_account_ids:iac-0/iac-org-rw-roles/iam.workloadIdentityUser"]
: condition: []
role: roles/iam.workloadIdentityUser
service_account_id: projects/ft0-prod-iac-core-0/serviceAccounts/iac-org-rw@ft0-prod-iac-core-0.iam.gserviceaccount.com
@@ -1627,7 +1627,7 @@ values:
input: null
output: null
triggers_replace: null
module.factory.terraform_data.project-preconditions:
module.factory.terraform_data.project_preconditions:
input: null
output: null
triggers_replace: null
@@ -2558,15 +2558,15 @@ values:
- serviceAccount:iac-pf-ro@ft0-prod-iac-core-0.iam.gserviceaccount.com
org_id: '1234567890'
role: roles/orgpolicy.policyViewer
module.organization-iam[0].google_project_iam_member.bucket-sinks-binding["audit-logs"]:
module.organization-iam[0].google_project_iam_member.bucket_sinks_binding["audit-logs"]:
condition:
- title: audit-logs bucket writer
role: roles/logging.bucketWriter
module.organization-iam[0].google_project_iam_member.bucket-sinks-binding["iam"]:
module.organization-iam[0].google_project_iam_member.bucket_sinks_binding["iam"]:
condition:
- title: iam bucket writer
role: roles/logging.bucketWriter
module.organization-iam[0].google_project_iam_member.bucket-sinks-binding["vpc-sc"]:
module.organization-iam[0].google_project_iam_member.bucket_sinks_binding["vpc-sc"]:
condition:
- title: vpc-sc bucket writer
role: roles/logging.bucketWriter
@@ -2826,7 +2826,7 @@ values:
input: null
output: null
triggers_replace: null
terraform_data.precondition-cicd:
terraform_data.precondition_cicd:
input: null
output: null
triggers_replace: null

18
tests/fast/stages/s0_org_setup/starter-gcd.yaml
View File

@@ -835,7 +835,7 @@ values:
input: null
output: null
triggers_replace: null
module.factory.terraform_data.project-preconditions:
module.factory.terraform_data.project_preconditions:
input: null
output: null
triggers_replace: null
@@ -987,7 +987,7 @@ values:
- serviceAccount:iac-org-rw@ft0-prod-iac-core-0.iam.gserviceaccount.com
org_id: '1234567890'
role: roles/resourcemanager.tagUser
module.organization-iam[0].google_project_iam_member.bucket-sinks-binding["audit-logs"]:
module.organization-iam[0].google_project_iam_member.bucket_sinks_binding["audit-logs"]:
condition:
- title: audit-logs bucket writer
role: roles/logging.bucketWriter
@@ -1038,7 +1038,7 @@ values:
description: Production.
short_name: production
timeouts: null
module.vpcs.module.firewall["dev"].google_compute_firewall.custom-rules["ingress-default-allow-healthchecks"]:
module.vpcs.module.firewall["dev"].google_compute_firewall.custom_rules["ingress-default-allow-healthchecks"]:
allow:
- ports: []
protocol: all
@@ -1062,7 +1062,7 @@ values:
target_service_accounts: null
target_tags: null
timeouts: null
module.vpcs.module.firewall["dev"].google_compute_firewall.custom-rules["ingress-default-allow-iap"]:
module.vpcs.module.firewall["dev"].google_compute_firewall.custom_rules["ingress-default-allow-iap"]:
allow:
- ports: []
protocol: all
@@ -1083,7 +1083,7 @@ values:
target_service_accounts: null
target_tags: null
timeouts: null
module.vpcs.module.firewall["dev"].google_compute_firewall.custom-rules["ingress-default-allow-icmp"]:
module.vpcs.module.firewall["dev"].google_compute_firewall.custom_rules["ingress-default-allow-icmp"]:
allow:
- ports: []
protocol: icmp
@@ -1104,7 +1104,7 @@ values:
target_service_accounts: null
target_tags: null
timeouts: null
module.vpcs.module.firewall["prod"].google_compute_firewall.custom-rules["ingress-default-allow-healthchecks"]:
module.vpcs.module.firewall["prod"].google_compute_firewall.custom_rules["ingress-default-allow-healthchecks"]:
allow:
- ports: []
protocol: all
@@ -1128,7 +1128,7 @@ values:
target_service_accounts: null
target_tags: null
timeouts: null
module.vpcs.module.firewall["prod"].google_compute_firewall.custom-rules["ingress-default-allow-iap"]:
module.vpcs.module.firewall["prod"].google_compute_firewall.custom_rules["ingress-default-allow-iap"]:
allow:
- ports: []
protocol: all
@@ -1149,7 +1149,7 @@ values:
target_service_accounts: null
target_tags: null
timeouts: null
module.vpcs.module.firewall["prod"].google_compute_firewall.custom-rules["ingress-default-allow-icmp"]:
module.vpcs.module.firewall["prod"].google_compute_firewall.custom_rules["ingress-default-allow-icmp"]:
allow:
- ports: []
protocol: icmp
@@ -1320,7 +1320,7 @@ values:
input: null
output: null
triggers_replace: null
terraform_data.precondition-cicd:
terraform_data.precondition_cicd:
input: null
output: null
triggers_replace: null

2
tests/fast/stages/s2_networking/vlan_attachments.yaml
View File

@@ -313,7 +313,7 @@ values:
input: null
output: null
triggers_replace: null
module.projects.terraform_data.project-preconditions:
module.projects.terraform_data.project_preconditions:
input: null
output: null
triggers_replace: null

2
tests/fast/stages/s2_security/simple.yaml
View File

@@ -310,7 +310,7 @@ values:
input: null
output: null
triggers_replace: null
module.factory.terraform_data.project-preconditions:
module.factory.terraform_data.project_preconditions:
input: null
output: null
triggers_replace: null