kovagoadi/hunfabric
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

artifact-registry: support common_repository in maven, npm, and python remote formats (#3944)

Browse Source 
Add `common_repository` support to `maven`, `npm`, and `python` remote repository configurations in the `artifact-registry` module. This replaces the deprecated `custom_repository` feature which is now discouraged by the provider.

Existing README example `registry-mirror` has been updated to use `common_repository`. A legacy test case `legacy_custom_repo` has been added to the bottom of `README.md` to ensure backward compatibility for `custom_repository` continues to work.

TAG=agy
CONV=ffe77e65-ccef-4701-95e6-4ba2d2446f1b
This commit is contained in:
Ludovico Magnocavallo
2026-05-07 12:00:40 +02:00
committed by GitHub
parent bf9ccb7547
commit 48fdf03233
8 changed files with 163 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
modules/artifact-registry/README.md
View File

@@ -12,6 +12,8 @@ This module simplifies the creation of repositories using Google Cloud Artifact
- [IAM](#iam)
- [Variables](#variables)
- [Outputs](#outputs)
- [Tests](#tests)
- [Legacy Custom Repository (Deprecated)](#legacy-custom-repository-deprecated)
<!-- END TOC -->
## Simple Docker Repository
@@ -121,7 +123,7 @@ module "registry-mirror" {
format = {
docker = {
remote = {
custom_repository = "https://example.com"
common_repository = "https://example.com"
upstream_credentials = {
username = "myuser"
password_secret_version = "${module.secret-manager.ids["example-com-password"]}/versions/latest"
@@ -368,9 +370,9 @@ module "additive_iam" {
|---|---|:---:|:---:|:---:|
| [cleanup_policies](variables.tf#L17) | Object containing details about the cleanup policies for an Artifact Registry repository. | <code>map&#40;object&#40;&#123;&#8230;default &#61; null</code> | ✓ | |
| [format](variables.tf#L83) | Repository format. | <code>object&#40;&#123;&#8230;&#125;&#41;</code> | ✓ | |
| [location](variables.tf#L233) | Registry location. Use `gcloud beta artifacts locations list' to get valid values. | <code>string</code> | ✓ | |
| [name](variables.tf#L238) | Registry name. | <code>string</code> | ✓ | |
| [project_id](variables.tf#L243) | Registry project id. | <code>string</code> | ✓ | |
| [location](variables.tf#L236) | Registry location. Use `gcloud beta artifacts locations list' to get valid values. | <code>string</code> | ✓ | |
| [name](variables.tf#L241) | Registry name. | <code>string</code> | ✓ | |
| [project_id](variables.tf#L246) | Registry project id. | <code>string</code> | ✓ | |
| [cleanup_policy_dry_run](variables.tf#L38) | If true, the cleanup pipeline is prevented from deleting versions in this repository. | <code>bool</code> | | <code>null</code> |
| [context](variables.tf#L44) | Context-specific interpolations. | <code>object&#40;&#123;&#8230;&#125;&#41;</code> | | <code>&#123;&#125;</code> |
| [description](variables.tf#L65) | An optional description for the repository. | <code>string</code> | | <code>&#34;Terraform-managed registry&#34;</code> |
@@ -380,9 +382,9 @@ module "additive_iam" {
| [iam_bindings](variables-iam.tf#L43) | Authoritative IAM bindings in {KEY => {role = ROLE, members = [], condition = {}}}. Keys are arbitrary. | <code>map&#40;object&#40;&#123;&#8230;&#125;&#41;&#41;</code> | | <code>&#123;&#125;</code> |
| [iam_bindings_additive](variables-iam.tf#L58) | Individual additive IAM bindings. Keys are arbitrary. | <code>map&#40;object&#40;&#123;&#8230;&#125;&#41;&#41;</code> | | <code>&#123;&#125;</code> |
| [iam_by_principals](variables-iam.tf#L73) | Authoritative IAM binding in {PRINCIPAL => [ROLES]} format. Principals need to be statically defined to avoid cycle errors. Merged internally with the `iam` variable. | <code>map&#40;list&#40;string&#41;&#41;</code> | | <code>&#123;&#125;</code> |
| [labels](variables.tf#L227) | Labels to be attached to the registry. | <code>map&#40;string&#41;</code> | | <code>&#123;&#125;</code> |
| [tag_bindings](variables.tf#L248) | Tag bindings for this repository, in key => tag value id format. | <code>map&#40;string&#41;</code> | | <code>&#123;&#125;</code> |
| [universe](variables.tf#L255) | GCP universe where to deploy the project. The prefix will be prepended to the project id. | <code>object&#40;&#123;&#8230;&#125;&#41;</code> | | <code>null</code> |
| [labels](variables.tf#L230) | Labels to be attached to the registry. | <code>map&#40;string&#41;</code> | | <code>&#123;&#125;</code> |
| [tag_bindings](variables.tf#L251) | Tag bindings for this repository, in key => tag value id format. | <code>map&#40;string&#41;</code> | | <code>&#123;&#125;</code> |
| [universe](variables.tf#L258) | GCP universe where to deploy the project. The prefix will be prepended to the project id. | <code>object&#40;&#123;&#8230;&#125;&#41;</code> | | <code>null</code> |
## Outputs
@@ -393,3 +395,28 @@ module "additive_iam" {
| [repository](outputs.tf#L54) | Repository object. | |
| [url](outputs.tf#L64) | Repository URL. | |
<!-- END TFDOC -->
## Tests
These tests are used to verify specific behaviors and backward compatibility. They are not intended as general examples.
### Legacy Custom Repository (Deprecated)
This test ensures that the deprecated `custom_repository` configuration still works for backward compatibility. It should be removed once support for `custom_repository` is fully dropped.
```hcl
module "legacy_custom_repo" {
source = "./fabric/modules/artifact-registry"
project_id = "myproject"
location = "europe-west1"
name = "legacy-custom"
format = {
maven = {
remote = {
custom_repository = "https://example.com"
}
}
}
}
# tftest modules=1 resources=1 inventory=legacy-custom.yaml
```

18
modules/artifact-registry/main.tf
View File

@@ -134,7 +134,8 @@ resource "google_artifact_registry_repository" "registry" {
}
dynamic "common_repository" {
for_each = (
local.format_string == "docker" && try(local.format_obj.remote.common_repository, null) != null
contains(["docker", "maven", "npm", "python"], local.format_string) &&
try(local.format_obj.remote.common_repository, null) != null
? [""] : []
)
content {
@@ -157,7 +158,10 @@ resource "google_artifact_registry_repository" "registry" {
}
}
dynamic "maven_repository" {
for_each = local.format_string == "maven" ? [""] : []
for_each = (
local.format_string == "maven" && try(local.format_obj.remote.common_repository, null) == null
? [""] : []
)
content {
public_repository = local.format_obj.remote.public_repository
dynamic "custom_repository" {
@@ -169,7 +173,10 @@ resource "google_artifact_registry_repository" "registry" {
}
}
dynamic "npm_repository" {
for_each = local.format_string == "npm" ? [""] : []
for_each = (
local.format_string == "npm" && try(local.format_obj.remote.common_repository, null) == null
? [""] : []
)
content {
public_repository = local.format_obj.remote.public_repository
dynamic "custom_repository" {
@@ -181,7 +188,10 @@ resource "google_artifact_registry_repository" "registry" {
}
}
dynamic "python_repository" {
for_each = local.format_string == "python" ? [""] : []
for_each = (
local.format_string == "python" && try(local.format_obj.remote.common_repository, null) == null
? [""] : []
)
content {
public_repository = local.format_obj.remote.public_repository
dynamic "custom_repository" {

3
modules/artifact-registry/variables.tf
View File

@@ -131,6 +131,7 @@ variable "format" {
maven = optional(object({
remote = optional(object({
public_repository = optional(string)
common_repository = optional(string)
custom_repository = optional(string)
disable_upstream_validation = optional(bool)
@@ -151,6 +152,7 @@ variable "format" {
npm = optional(object({
remote = optional(object({
public_repository = optional(string)
common_repository = optional(string)
custom_repository = optional(string)
disable_upstream_validation = optional(bool)
@@ -168,6 +170,7 @@ variable "format" {
python = optional(object({
remote = optional(object({
public_repository = optional(string)
common_repository = optional(string)
custom_repository = optional(string)
disable_upstream_validation = optional(bool)