kovagoadi/hunfabric
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Refactor secret manager module (#3315)

Browse Source 
* wip

* wip

* wip

* wip

* tested, missing versions

* working

* fix secops stage

* readme

* tests

* tflint
This commit is contained in:
Ludovico Magnocavallo
2025-09-10 13:47:35 +02:00
committed by GitHub
parent c1e8f9d70c
commit 63a22cd9a2
25 changed files with 1222 additions and 513 deletions
Download Patch File Download Diff File Expand all files Collapse all files

69
modules/secret-manager/outputs.tf
View File

@@ -14,50 +14,79 @@
* limitations under the License.
*/
locals {
o_secrets = merge(
google_secret_manager_secret.default,
google_secret_manager_regional_secret.default
)
o_versions = merge(
google_secret_manager_secret_version.default,
google_secret_manager_regional_secret_version.default
)
}
output "ids" {
description = "Fully qualified secret ids."
value = {
for k, v in google_secret_manager_secret.default : v.secret_id => v.id
}
value = { for k, v in local.o_secrets : k => v.id }
depends_on = [
google_secret_manager_secret_iam_binding.default
google_secret_manager_secret_iam_binding.authoritative,
google_secret_manager_secret_iam_binding.bindings,
google_secret_manager_secret_iam_member.members,
google_secret_manager_regional_secret_iam_binding.authoritative,
google_secret_manager_regional_secret_iam_binding.bindings,
google_secret_manager_regional_secret_iam_member.members
]
}
output "secrets" {
description = "Secret resources."
value = google_secret_manager_secret.default
value = local.o_secrets
depends_on = [
google_secret_manager_secret_iam_binding.default
google_secret_manager_secret_iam_binding.authoritative,
google_secret_manager_secret_iam_binding.bindings,
google_secret_manager_secret_iam_member.members,
google_secret_manager_regional_secret_iam_binding.authoritative,
google_secret_manager_regional_secret_iam_binding.bindings,
google_secret_manager_regional_secret_iam_member.members
]
}
output "version_ids" {
description = "Version ids keyed by secret name : version name."
value = {
for k, v in google_secret_manager_secret_version.default : k => v.id
}
description = "Fully qualified version ids."
value = { for k, v in local.o_versions : k => v.id }
depends_on = [
google_secret_manager_secret_iam_binding.default
google_secret_manager_secret_iam_binding.authoritative,
google_secret_manager_secret_iam_binding.bindings,
google_secret_manager_secret_iam_member.members,
google_secret_manager_regional_secret_iam_binding.authoritative,
google_secret_manager_regional_secret_iam_binding.bindings,
google_secret_manager_regional_secret_iam_member.members
]
}
output "version_versions" {
description = "Version versions keyed by secret name : version name."
value = {
for k, v in google_secret_manager_secret_version.default : k => v.version
}
description = "Version versions."
value = { for k, v in local.o_versions : k => v.version }
depends_on = [
google_secret_manager_secret_iam_binding.default
google_secret_manager_secret_iam_binding.authoritative,
google_secret_manager_secret_iam_binding.bindings,
google_secret_manager_secret_iam_member.members,
google_secret_manager_regional_secret_iam_binding.authoritative,
google_secret_manager_regional_secret_iam_binding.bindings,
google_secret_manager_regional_secret_iam_member.members
]
}
output "versions" {
description = "Secret versions."
value = google_secret_manager_secret_version.default
description = "Version resources."
value = local.o_versions
sensitive = true
depends_on = [
google_secret_manager_secret_iam_binding.default
google_secret_manager_secret_iam_binding.authoritative,
google_secret_manager_secret_iam_binding.bindings,
google_secret_manager_secret_iam_member.members,
google_secret_manager_regional_secret_iam_binding.authoritative,
google_secret_manager_regional_secret_iam_binding.bindings,
google_secret_manager_regional_secret_iam_member.members
]
}