diff --git a/modules/source-repository/README.md b/modules/source-repository/README.md
index 9beae2447..78a7e7d71 100644
--- a/modules/source-repository/README.md
+++ b/modules/source-repository/README.md
@@ -12,7 +12,7 @@ module "repo" {
source e = "./modules/source-repository"
project_id = "my-project"
name = "my-repo"
- iam_members = {
+ iam = {
"roles/source.reader" = ["user:foo@example.com"]
}
}
@@ -23,9 +23,9 @@ module "repo" {
| name | description | type | required | default |
|---|---|:---: |:---:|:---:|
-| name | Repository topic name. | string | ✓ | |
+| name | Repository name. | string | ✓ | |
| project_id | Project used for resources. | string | ✓ | |
-| *iam_members* | IAM members for each topic role. | map(set(string)) | | {} |
+| *iam* | IAM bindings in {ROLE => [MEMBERS]} format. | map(list(string)) | | {} |
## Outputs
diff --git a/modules/source-repository/main.tf b/modules/source-repository/main.tf
index 71432e16a..f7bea1b1f 100644
--- a/modules/source-repository/main.tf
+++ b/modules/source-repository/main.tf
@@ -20,7 +20,7 @@ resource "google_sourcerepo_repository" "default" {
}
resource "google_sourcerepo_repository_iam_binding" "default" {
- for_each = var.iam_members
+ for_each = var.iam
project = var.project_id
repository = google_sourcerepo_repository.default.name
role = each.key
diff --git a/modules/source-repository/variables.tf b/modules/source-repository/variables.tf
index a7254370f..9d5d0832f 100644
--- a/modules/source-repository/variables.tf
+++ b/modules/source-repository/variables.tf
@@ -19,13 +19,13 @@ variable "project_id" {
type = string
}
-variable "iam_members" {
- description = "IAM members for each topic role."
- type = map(set(string))
+variable "iam" {
+ description = "IAM bindings in {ROLE => [MEMBERS]} format."
+ type = map(list(string))
default = {}
}
variable "name" {
- description = "Repository topic name."
+ description = "Repository name."
type = string
}
diff --git a/tests/modules/source_repository/__init__.py b/tests/modules/source_repository/__init__.py
new file mode 100644
index 000000000..6913f02e3
--- /dev/null
+++ b/tests/modules/source_repository/__init__.py
@@ -0,0 +1,13 @@
+# Copyright 2020 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
diff --git a/tests/modules/source_repository/fixture/main.tf b/tests/modules/source_repository/fixture/main.tf
new file mode 100644
index 000000000..14bb53d92
--- /dev/null
+++ b/tests/modules/source_repository/fixture/main.tf
@@ -0,0 +1,22 @@
+/**
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+module "test" {
+ source = "../../../../modules/source-repository"
+ project_id = var.project_id
+ name = var.name
+ iam = var.iam
+}
diff --git a/tests/modules/source_repository/fixture/variables.tf b/tests/modules/source_repository/fixture/variables.tf
new file mode 100644
index 000000000..dd58ca529
--- /dev/null
+++ b/tests/modules/source_repository/fixture/variables.tf
@@ -0,0 +1,32 @@
+/**
+ * Copyright 2020 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+variable "project_id" {
+ type = string
+ default = "test-project"
+}
+
+variable "iam" {
+ type = map(list(string))
+ default = {
+ "roles/source.reader" = ["foo@example.org"]
+ }
+}
+
+variable "name" {
+ type = string
+ default = "test"
+}
diff --git a/tests/modules/source_repository/test_plan.py b/tests/modules/source_repository/test_plan.py
new file mode 100644
index 000000000..88ff4a69d
--- /dev/null
+++ b/tests/modules/source_repository/test_plan.py
@@ -0,0 +1,39 @@
+# Copyright 2020 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+import os
+import pytest
+
+
+FIXTURES_DIR = os.path.join(os.path.dirname(__file__), 'fixture')
+
+
+@pytest.fixture
+def resources(plan_runner):
+ _, resources = plan_runner(FIXTURES_DIR)
+ return resources
+
+
+def test_resource_count(resources):
+ "Test number of resources created."
+ assert len(resources) == 2
+
+
+def test_iam(resources):
+ "Test IAM binding resources."
+ bindings = [r['values'] for r in resources if r['type']
+ == 'google_sourcerepo_repository_iam_binding']
+ assert len(bindings) == 1
+ assert bindings[0]['role'] == 'roles/source.reader'