From cb7c65135ec9ccb31441fc30fa171bc8e3336bda Mon Sep 17 00:00:00 2001 From: Julio Castillo Date: Thu, 12 Aug 2021 17:30:53 +0200 Subject: [PATCH] Update CI processes (#296) - Upgrade to latest terraform version (1.0.4) - Remove tflint from linting pipeline (was not doing anything) - Add terraform fmt check to linting pipeline - Pass all code through terraform fmt --- .ci/cloudbuild.lint.yaml | 24 ++++++++++-- .ci/cloudbuild.test.environments.yaml | 2 +- .ci/cloudbuild.test.examples.yaml | 2 +- .ci/cloudbuild.test.modules.yaml | 2 +- .../01-environment/variables.tf | 4 +- foundations/environments/locals.tf | 2 +- foundations/environments/main.tf | 4 +- modules/apigee-organization/README.md | 2 +- modules/apigee-organization/variables.tf | 28 +++++++------- modules/apigee-x-instance/main.tf | 6 +-- modules/bigtable-instance/main.tf | 2 +- modules/cloud-config-container/instance.tf | 4 +- modules/cloud-function/main.tf | 6 +-- modules/cloud-function/outputs.tf | 4 +- modules/compute-mig/main.tf | 38 +++++++++---------- modules/datafusion/outputs.tf | 2 +- modules/endpoints/outputs.tf | 2 +- modules/folders-unit/locals.tf | 2 +- modules/gcs/main.tf | 10 ++--- modules/gke-nodepool/main.tf | 12 +++--- modules/kms/main.tf | 2 +- modules/net-ilb/main.tf | 16 ++++---- modules/net-vpc/versions.tf | 4 +- modules/net-vpn-ha/main.tf | 4 +- modules/project/main.tf | 2 +- modules/pubsub/main.tf | 10 ++--- modules/secret-manager/main.tf | 6 +-- modules/vpc-sc/versions.tf | 4 +- .../outputs.tf | 2 +- .../apigee_organization/fixture/main.tf | 10 ++--- .../modules/apigee_x_instance/fixture/main.tf | 10 ++--- .../fixture/variables.tf | 6 +-- .../hub_and_spoke_peering/fixture/main.tf | 2 +- .../openshift/tf/providers.tf | 2 +- tools/check_documentation.py | 2 +- 35 files changed, 128 insertions(+), 112 deletions(-) diff --git a/.ci/cloudbuild.lint.yaml b/.ci/cloudbuild.lint.yaml index d4e88d5b2..002536cd6 100644 --- a/.ci/cloudbuild.lint.yaml +++ b/.ci/cloudbuild.lint.yaml @@ -19,13 +19,25 @@ steps: args: - -c - | - python -m pip install --user --no-warn-script-location -r /workspace/tools/REQUIREMENTS.txt + python -m pip install --user --no-warn-script-location -r /workspace/tools/REQUIREMENTS.txt && + wget https://releases.hashicorp.com/terraform/${_TERRAFORM_VERSION}/terraform_${_TERRAFORM_VERSION}_linux_amd64.zip && + unzip terraform_${_TERRAFORM_VERSION}_linux_amd64.zip -d /builder/home/.local/bin && + rm terraform_${_TERRAFORM_VERSION}_linux_amd64.zip && + chmod 755 /builder/home/.local/bin/terraform && + mkdir -p /workspace/.terraform.d/plugin-cache - name: python:3-alpine id: boilerplate args: ["/workspace/tools/check_boilerplate.py", "/workspace"] - - name: wata727/tflint - id: lint - args: ["/workspace"] + - name: python:3-alpine + id: terraform-fmt-check + entrypoint: sh + args: + - -c + - | + terraform fmt -recursive -check /workspace/ + env: + - PATH=/usr/local/bin:/usr/bin:/bin:/builder/home/.local/bin + - TF_CLI_CONFIG_FILE=/workspace/.ci/.terraformrc - name: python:3-alpine id: documentation args: @@ -37,6 +49,10 @@ steps: "foundations", "networking", ] + +substitutions: + _TERRAFORM_VERSION: 1.0.4 + tags: - ci - lint diff --git a/.ci/cloudbuild.test.environments.yaml b/.ci/cloudbuild.test.environments.yaml index 4b2bdd6a6..9c5b2a6ff 100644 --- a/.ci/cloudbuild.test.environments.yaml +++ b/.ci/cloudbuild.test.environments.yaml @@ -39,7 +39,7 @@ steps: - TF_CLI_CONFIG_FILE=/workspace/.ci/.terraformrc substitutions: - _TERRAFORM_VERSION: 0.15.4 + _TERRAFORM_VERSION: 1.0.4 tags: - "ci" diff --git a/.ci/cloudbuild.test.examples.yaml b/.ci/cloudbuild.test.examples.yaml index 4b7186e51..83c7cb946 100644 --- a/.ci/cloudbuild.test.examples.yaml +++ b/.ci/cloudbuild.test.examples.yaml @@ -40,7 +40,7 @@ options: machineType: "N1_HIGHCPU_8" substitutions: - _TERRAFORM_VERSION: 0.15.4 + _TERRAFORM_VERSION: 1.0.4 tags: - "ci" diff --git a/.ci/cloudbuild.test.modules.yaml b/.ci/cloudbuild.test.modules.yaml index ed1e6cc23..1222f2a53 100644 --- a/.ci/cloudbuild.test.modules.yaml +++ b/.ci/cloudbuild.test.modules.yaml @@ -39,7 +39,7 @@ options: machineType: "N1_HIGHCPU_8" substitutions: - _TERRAFORM_VERSION: 0.15.4 + _TERRAFORM_VERSION: 1.0.4 tags: - "ci" diff --git a/data-solutions/data-platform-foundations/01-environment/variables.tf b/data-solutions/data-platform-foundations/01-environment/variables.tf index ec945a881..92ba230d7 100644 --- a/data-solutions/data-platform-foundations/01-environment/variables.tf +++ b/data-solutions/data-platform-foundations/01-environment/variables.tf @@ -71,6 +71,6 @@ variable "service_encryption_key_ids" { variable "service_perimeter_standard" { description = "VPC Service control standard perimeter name in the form of 'accessPolicies/ACCESS_POLICY_NAME/servicePerimeters/PERIMETER_NAME'. All projects will be added to the perimeter in enforced mode." - type = string - default = null + type = string + default = null } diff --git a/foundations/environments/locals.tf b/foundations/environments/locals.tf index 841fe152f..e18fc2acc 100644 --- a/foundations/environments/locals.tf +++ b/foundations/environments/locals.tf @@ -21,7 +21,7 @@ locals { var.iam_billing_config.target_org ? [] : ["roles/billing.user"] ) sa_billing_org_role = ( - ! var.iam_billing_config.target_org ? [] : ["roles/billing.user"] + !var.iam_billing_config.target_org ? [] : ["roles/billing.user"] ) sa_xpn_folder_role = ( local.sa_xpn_target_org ? [] : ["roles/compute.xpnAdmin"] diff --git a/foundations/environments/main.tf b/foundations/environments/main.tf index 4352f2f22..7174b2f5b 100644 --- a/foundations/environments/main.tf +++ b/foundations/environments/main.tf @@ -24,7 +24,7 @@ module "tf-project" { parent = var.root_node prefix = var.prefix billing_account = var.billing_account_id - iam_additive = { + iam_additive = { "roles/owner" = var.iam_terraform_owners } services = var.project_services @@ -158,7 +158,7 @@ module "sharedsvc-project" { parent = var.root_node prefix = var.prefix billing_account = var.billing_account_id - iam_additive = { + iam_additive = { "roles/owner" = var.iam_shared_owners } services = var.project_services diff --git a/modules/apigee-organization/README.md b/modules/apigee-organization/README.md index b62950f40..b725243f4 100644 --- a/modules/apigee-organization/README.md +++ b/modules/apigee-organization/README.md @@ -107,7 +107,7 @@ module "apigee-organization" { | analytics_region | Analytics Region for the Apigee Organization (immutable). See https://cloud.google.com/apigee/docs/api-platform/get-started/install-cli. | string | ✓ | | | project_id | Project ID to host this Apigee organization (will also become the Apigee Org name). | string | ✓ | | | runtime_type | None | string | ✓ | | -| *apigee_envgroups* | Apigee Environment Groups. | map(object({...})) | | {} | +| *apigee_envgroups* | Apigee Environment Groups. | map(object({...})) | | {} | | *apigee_environments* | Apigee Environment Names. | list(string) | | [] | | *authorized_network* | VPC network self link (requires service network peering enabled (Used in Apigee X only). | string | | null | | *database_encryption_key* | Cloud KMS key self link (e.g. `projects/foo/locations/us/keyRings/bar/cryptoKeys/baz`) used for encrypting the data that is stored and replicated across runtime instances (immutable, used in Apigee X only). | string | | null | diff --git a/modules/apigee-organization/variables.tf b/modules/apigee-organization/variables.tf index eff016c8c..8978542e7 100644 --- a/modules/apigee-organization/variables.tf +++ b/modules/apigee-organization/variables.tf @@ -16,46 +16,46 @@ variable "authorized_network" { description = "VPC network self link (requires service network peering enabled (Used in Apigee X only)." - type = string - default = null + type = string + default = null } variable "analytics_region" { description = "Analytics Region for the Apigee Organization (immutable). See https://cloud.google.com/apigee/docs/api-platform/get-started/install-cli." - type = string + type = string } variable "apigee_envgroups" { description = "Apigee Environment Groups." type = map(object({ - environments = list(string) - hostnames = list(string) + environments = list(string) + hostnames = list(string) })) default = {} } variable "apigee_environments" { description = "Apigee Environment Names." - type = list(string) - default = [] + type = list(string) + default = [] } variable "database_encryption_key" { description = "Cloud KMS key self link (e.g. `projects/foo/locations/us/keyRings/bar/cryptoKeys/baz`) used for encrypting the data that is stored and replicated across runtime instances (immutable, used in Apigee X only)." - type = string - default = null + type = string + default = null } variable "description" { description = "Description of the Apigee Organization." - type = string - default = "Apigee Organization created by tf module" + type = string + default = "Apigee Organization created by tf module" } variable "display_name" { description = "Display Name of the Apigee Organization." - type = string - default = null + type = string + default = null } variable "project_id" { @@ -64,7 +64,7 @@ variable "project_id" { } variable "runtime_type" { - type = string + type = string validation { condition = contains(["CLOUD", "HYBRID"], var.runtime_type) diff --git a/modules/apigee-x-instance/main.tf b/modules/apigee-x-instance/main.tf index 9c3008283..552d6d085 100644 --- a/modules/apigee-x-instance/main.tf +++ b/modules/apigee-x-instance/main.tf @@ -23,7 +23,7 @@ resource "google_apigee_instance" "apigee_instance" { } resource "google_apigee_instance_attachment" "apigee_instance_attchment" { - for_each = toset(var.apigee_environments) - instance_id = google_apigee_instance.apigee_instance.id - environment = each.key + for_each = toset(var.apigee_environments) + instance_id = google_apigee_instance.apigee_instance.id + environment = each.key } diff --git a/modules/bigtable-instance/main.tf b/modules/bigtable-instance/main.tf index 33c4806e3..f3081fca3 100644 --- a/modules/bigtable-instance/main.tf +++ b/modules/bigtable-instance/main.tf @@ -49,7 +49,7 @@ resource "google_bigtable_table" "default" { name = each.key split_keys = each.value.split_keys - dynamic column_family { + dynamic "column_family" { for_each = each.value.column_family != null ? [""] : [] content { diff --git a/modules/cloud-config-container/instance.tf b/modules/cloud-config-container/instance.tf index a947c4f67..447becf51 100644 --- a/modules/cloud-config-container/instance.tf +++ b/modules/cloud-config-container/instance.tf @@ -59,7 +59,7 @@ resource "google_compute_instance" "default" { user-data = local.cloud_config }) - dynamic attached_disk { + dynamic "attached_disk" { for_each = var.test_instance_defaults.disks iterator = disk content { @@ -84,7 +84,7 @@ resource "google_compute_instance" "default" { network_interface { network = var.test_instance.network subnetwork = var.test_instance.subnetwork - dynamic access_config { + dynamic "access_config" { for_each = var.test_instance_defaults.nat ? [""] : [] iterator = config content { diff --git a/modules/cloud-function/main.tf b/modules/cloud-function/main.tf index 52904093c..cbef1b477 100644 --- a/modules/cloud-function/main.tf +++ b/modules/cloud-function/main.tf @@ -78,12 +78,12 @@ resource "google_cloudfunctions_function" "function" { var.vpc_connector_config.egress_settings, null ) - dynamic event_trigger { + dynamic "event_trigger" { for_each = var.trigger_config == null ? [] : [""] content { event_type = var.trigger_config.event resource = var.trigger_config.resource - dynamic failure_policy { + dynamic "failure_policy" { for_each = var.trigger_config.retry == null ? [] : [""] content { retry = var.trigger_config.retry @@ -114,7 +114,7 @@ resource "google_storage_bucket" "bucket" { ) labels = var.labels - dynamic lifecycle_rule { + dynamic "lifecycle_rule" { for_each = var.bucket_config.lifecycle_delete_age == null ? [] : [""] content { action { type = "Delete" } diff --git a/modules/cloud-function/outputs.tf b/modules/cloud-function/outputs.tf index 593a607fd..0b625b12c 100644 --- a/modules/cloud-function/outputs.tf +++ b/modules/cloud-function/outputs.tf @@ -16,7 +16,7 @@ output "bucket" { description = "Bucket resource (only if auto-created)." - value = try( + value = try( var.bucket_config == null ? null : google_storage_bucket.bucket.0, null ) } @@ -38,7 +38,7 @@ output "function_name" { output "service_account" { description = "Service account resource." - value = try(google_service_account.service_account[0], null) + value = try(google_service_account.service_account[0], null) } output "service_account_email" { diff --git a/modules/compute-mig/main.tf b/modules/compute-mig/main.tf index 968d41ed8..75ab2d3dc 100644 --- a/modules/compute-mig/main.tf +++ b/modules/compute-mig/main.tf @@ -28,7 +28,7 @@ resource "google_compute_autoscaler" "default" { min_replicas = var.autoscaler_config.min_replicas cooldown_period = var.autoscaler_config.cooldown_period - dynamic cpu_utilization { + dynamic "cpu_utilization" { for_each = ( var.autoscaler_config.cpu_utilization_target == null ? [] : [""] ) @@ -37,7 +37,7 @@ resource "google_compute_autoscaler" "default" { } } - dynamic load_balancing_utilization { + dynamic "load_balancing_utilization" { for_each = ( var.autoscaler_config.load_balancing_utilization_target == null ? [] : [""] ) @@ -46,7 +46,7 @@ resource "google_compute_autoscaler" "default" { } } - dynamic metric { + dynamic "metric" { for_each = ( var.autoscaler_config.metric == null ? [] @@ -76,7 +76,7 @@ resource "google_compute_instance_group_manager" "default" { target_size = var.target_size target_pools = var.target_pools wait_for_instances = var.wait_for_instances - dynamic auto_healing_policies { + dynamic "auto_healing_policies" { for_each = var.auto_healing_policies == null ? [] : [var.auto_healing_policies] iterator = config content { @@ -84,7 +84,7 @@ resource "google_compute_instance_group_manager" "default" { initial_delay_sec = config.value.initial_delay_sec } } - dynamic update_policy { + dynamic "update_policy" { for_each = var.update_policy == null ? [] : [var.update_policy] iterator = config content { @@ -105,7 +105,7 @@ resource "google_compute_instance_group_manager" "default" { ) } } - dynamic named_port { + dynamic "named_port" { for_each = var.named_ports == null ? {} : var.named_ports iterator = config content { @@ -117,7 +117,7 @@ resource "google_compute_instance_group_manager" "default" { instance_template = var.default_version.instance_template name = var.default_version.name } - dynamic version { + dynamic "version" { for_each = var.versions == null ? {} : var.versions iterator = version content { @@ -150,7 +150,7 @@ resource "google_compute_region_autoscaler" "default" { min_replicas = var.autoscaler_config.min_replicas cooldown_period = var.autoscaler_config.cooldown_period - dynamic cpu_utilization { + dynamic "cpu_utilization" { for_each = ( var.autoscaler_config.cpu_utilization_target == null ? [] : [""] ) @@ -159,7 +159,7 @@ resource "google_compute_region_autoscaler" "default" { } } - dynamic load_balancing_utilization { + dynamic "load_balancing_utilization" { for_each = ( var.autoscaler_config.load_balancing_utilization_target == null ? [] : [""] ) @@ -168,7 +168,7 @@ resource "google_compute_region_autoscaler" "default" { } } - dynamic metric { + dynamic "metric" { for_each = ( var.autoscaler_config.metric == null ? [] @@ -198,7 +198,7 @@ resource "google_compute_region_instance_group_manager" "default" { target_size = var.target_size target_pools = var.target_pools wait_for_instances = var.wait_for_instances - dynamic auto_healing_policies { + dynamic "auto_healing_policies" { for_each = var.auto_healing_policies == null ? [] : [var.auto_healing_policies] iterator = config content { @@ -206,7 +206,7 @@ resource "google_compute_region_instance_group_manager" "default" { initial_delay_sec = config.value.initial_delay_sec } } - dynamic update_policy { + dynamic "update_policy" { for_each = var.update_policy == null ? [] : [var.update_policy] iterator = config content { @@ -227,7 +227,7 @@ resource "google_compute_region_instance_group_manager" "default" { ) } } - dynamic named_port { + dynamic "named_port" { for_each = var.named_ports == null ? {} : var.named_ports iterator = config content { @@ -239,7 +239,7 @@ resource "google_compute_region_instance_group_manager" "default" { instance_template = var.default_version.instance_template name = var.default_version.name } - dynamic version { + dynamic "version" { for_each = var.versions == null ? {} : var.versions iterator = version content { @@ -279,7 +279,7 @@ resource "google_compute_health_check" "http" { response = try(var.health_check_config.check.response, null) } - dynamic log_config { + dynamic "log_config" { for_each = try(var.health_check_config.logging, false) ? [""] : [] content { enable = true @@ -309,7 +309,7 @@ resource "google_compute_health_check" "https" { response = try(var.health_check_config.check.response, null) } - dynamic log_config { + dynamic "log_config" { for_each = try(var.health_check_config.logging, false) ? [""] : [] content { enable = true @@ -338,7 +338,7 @@ resource "google_compute_health_check" "tcp" { response = try(var.health_check_config.check.response, null) } - dynamic log_config { + dynamic "log_config" { for_each = try(var.health_check_config.logging, false) ? [""] : [] content { enable = true @@ -367,7 +367,7 @@ resource "google_compute_health_check" "ssl" { response = try(var.health_check_config.check.response, null) } - dynamic log_config { + dynamic "log_config" { for_each = try(var.health_check_config.logging, false) ? [""] : [] content { enable = true @@ -397,7 +397,7 @@ resource "google_compute_health_check" "http2" { response = try(var.health_check_config.check.response, null) } - dynamic log_config { + dynamic "log_config" { for_each = try(var.health_check_config.logging, false) ? [""] : [] content { enable = true diff --git a/modules/datafusion/outputs.tf b/modules/datafusion/outputs.tf index 06023210d..9c626a72c 100644 --- a/modules/datafusion/outputs.tf +++ b/modules/datafusion/outputs.tf @@ -21,7 +21,7 @@ output "id" { output "ip_allocation" { description = "IP range reserved for Data Fusion instance in case of a private instance." - value = "${local.ip_allocation}" + value = local.ip_allocation } output "resource" { diff --git a/modules/endpoints/outputs.tf b/modules/endpoints/outputs.tf index 181e15fed..7878d026a 100644 --- a/modules/endpoints/outputs.tf +++ b/modules/endpoints/outputs.tf @@ -26,5 +26,5 @@ output "endpoints_service" { output "endpoints" { description = "A list of Endpoint objects." - value = google_endpoints_service.default.endpoints + value = google_endpoints_service.default.endpoints } diff --git a/modules/folders-unit/locals.tf b/modules/folders-unit/locals.tf index c7f4e2239..a275da1cc 100644 --- a/modules/folders-unit/locals.tf +++ b/modules/folders-unit/locals.tf @@ -40,7 +40,7 @@ locals { var.iam_billing_config.target_org ? [] : ["roles/billing.user"] ) sa_billing_org_roles = ( - ! var.iam_billing_config.target_org ? [] : ["roles/billing.user"] + !var.iam_billing_config.target_org ? [] : ["roles/billing.user"] ) sa_xpn_folder_roles = ( local.sa_xpn_target_org ? [] : ["roles/compute.xpnAdmin"] diff --git a/modules/gcs/main.tf b/modules/gcs/main.tf index 59cbb1350..26fb66277 100644 --- a/modules/gcs/main.tf +++ b/modules/gcs/main.tf @@ -38,7 +38,7 @@ resource "google_storage_bucket" "bucket" { storage_class = lower(var.storage_class) }) - dynamic encryption { + dynamic "encryption" { for_each = var.encryption_key == null ? [] : [""] content { @@ -46,7 +46,7 @@ resource "google_storage_bucket" "bucket" { } } - dynamic retention_policy { + dynamic "retention_policy" { for_each = var.retention_policy == null ? [] : [""] content { retention_period = var.retention_policy.retention_period @@ -54,7 +54,7 @@ resource "google_storage_bucket" "bucket" { } } - dynamic logging { + dynamic "logging" { for_each = var.logging_config == null ? [] : [""] content { log_bucket = var.logging_config.log_bucket @@ -62,7 +62,7 @@ resource "google_storage_bucket" "bucket" { } } - dynamic cors { + dynamic "cors" { for_each = var.cors == null ? [] : [""] content { origin = var.cors.origin @@ -72,7 +72,7 @@ resource "google_storage_bucket" "bucket" { } } - dynamic lifecycle_rule { + dynamic "lifecycle_rule" { for_each = var.lifecycle_rule == null ? [] : [""] content { action { diff --git a/modules/gke-nodepool/main.tf b/modules/gke-nodepool/main.tf index 750d606c6..ad6591dd5 100644 --- a/modules/gke-nodepool/main.tf +++ b/modules/gke-nodepool/main.tf @@ -91,7 +91,7 @@ resource "google_container_node_pool" "nodepool" { tags = var.node_tags boot_disk_kms_key = var.node_boot_disk_kms_key - dynamic guest_accelerator { + dynamic "guest_accelerator" { for_each = var.node_guest_accelerator iterator = config content { @@ -100,7 +100,7 @@ resource "google_container_node_pool" "nodepool" { } } - dynamic sandbox_config { + dynamic "sandbox_config" { for_each = ( var.node_sandbox_config != null ? [var.node_sandbox_config] @@ -112,7 +112,7 @@ resource "google_container_node_pool" "nodepool" { } } - dynamic shielded_instance_config { + dynamic "shielded_instance_config" { for_each = ( var.node_shielded_instance_config != null ? [var.node_shielded_instance_config] @@ -131,7 +131,7 @@ resource "google_container_node_pool" "nodepool" { } - dynamic autoscaling { + dynamic "autoscaling" { for_each = var.autoscaling_config != null ? [var.autoscaling_config] : [] iterator = config content { @@ -140,7 +140,7 @@ resource "google_container_node_pool" "nodepool" { } } - dynamic management { + dynamic "management" { for_each = var.management_config != null ? [var.management_config] : [] iterator = config content { @@ -149,7 +149,7 @@ resource "google_container_node_pool" "nodepool" { } } - dynamic upgrade_settings { + dynamic "upgrade_settings" { for_each = var.upgrade_config != null ? [var.upgrade_config] : [] iterator = config content { diff --git a/modules/kms/main.tf b/modules/kms/main.tf index 5c773556f..62ed33c53 100644 --- a/modules/kms/main.tf +++ b/modules/kms/main.tf @@ -64,7 +64,7 @@ resource "google_kms_crypto_key" "default" { rotation_period = try(each.value.rotation_period, null) labels = try(each.value.labels, null) purpose = try(local.key_purpose[each.key].purpose, null) - dynamic version_template { + dynamic "version_template" { for_each = local.key_purpose[each.key].version_template == null ? [] : [""] content { algorithm = local.key_purpose[each.key].version_template.algorithm diff --git a/modules/net-ilb/main.tf b/modules/net-ilb/main.tf index f1382ab02..329a56983 100644 --- a/modules/net-ilb/main.tf +++ b/modules/net-ilb/main.tf @@ -67,7 +67,7 @@ resource "google_compute_region_backend_service" "default" { timeout_sec = try(var.backend_config.timeout_sec, null) connection_draining_timeout_sec = try(var.backend_config.connection_draining_timeout_sec, null) - dynamic backend { + dynamic "backend" { for_each = { for b in var.backends : b.group => b } iterator = backend content { @@ -78,7 +78,7 @@ resource "google_compute_region_backend_service" "default" { } } - dynamic failover_policy { + dynamic "failover_policy" { for_each = var.failover_config == null ? [] : [var.failover_config] iterator = config content { @@ -97,7 +97,7 @@ resource "google_compute_instance_group" "unmanaged" { name = each.key description = "Terraform-managed." instances = each.value.instances - dynamic named_port { + dynamic "named_port" { for_each = each.value.named_ports != null ? each.value.named_ports : {} iterator = config content { @@ -131,7 +131,7 @@ resource "google_compute_health_check" "http" { response = try(var.health_check_config.check.response, null) } - dynamic log_config { + dynamic "log_config" { for_each = try(var.health_check_config.logging, false) ? [""] : [] content { enable = true @@ -163,7 +163,7 @@ resource "google_compute_health_check" "https" { response = try(var.health_check_config.check.response, null) } - dynamic log_config { + dynamic "log_config" { for_each = try(var.health_check_config.logging, false) ? [""] : [] content { enable = true @@ -194,7 +194,7 @@ resource "google_compute_health_check" "tcp" { response = try(var.health_check_config.check.response, null) } - dynamic log_config { + dynamic "log_config" { for_each = try(var.health_check_config.logging, false) ? [""] : [] content { enable = true @@ -225,7 +225,7 @@ resource "google_compute_health_check" "ssl" { response = try(var.health_check_config.check.response, null) } - dynamic log_config { + dynamic "log_config" { for_each = try(var.health_check_config.logging, false) ? [""] : [] content { enable = true @@ -257,7 +257,7 @@ resource "google_compute_health_check" "http2" { response = try(var.health_check_config.check.response, null) } - dynamic log_config { + dynamic "log_config" { for_each = try(var.health_check_config.logging, false) ? [""] : [] content { enable = true diff --git a/modules/net-vpc/versions.tf b/modules/net-vpc/versions.tf index 20c35afe3..04caecd4b 100644 --- a/modules/net-vpc/versions.tf +++ b/modules/net-vpc/versions.tf @@ -16,7 +16,7 @@ terraform { required_version = ">= 0.13.0" - required_providers { - google = ">= 3.45" + required_providers { + google = ">= 3.45" } } diff --git a/modules/net-vpn-ha/main.tf b/modules/net-vpn-ha/main.tf index 9b0016195..cb2ba6877 100644 --- a/modules/net-vpn-ha/main.tf +++ b/modules/net-vpn-ha/main.tf @@ -79,7 +79,7 @@ resource "google_compute_router" "router" { : var.router_advertise_config.groups ) ) - dynamic advertised_ip_ranges { + dynamic "advertised_ip_ranges" { for_each = ( var.router_advertise_config == null ? {} : ( var.router_advertise_config.mode != "CUSTOM" @@ -122,7 +122,7 @@ resource "google_compute_router_peer" "bgp_peer" { : each.value.bgp_peer_options.advertise_groups ) ) - dynamic advertised_ip_ranges { + dynamic "advertised_ip_ranges" { for_each = ( each.value.bgp_peer_options == null ? {} : ( each.value.bgp_peer_options.advertise_mode != "CUSTOM" diff --git a/modules/project/main.tf b/modules/project/main.tf index 7e7285bbd..d52c8e87e 100644 --- a/modules/project/main.tf +++ b/modules/project/main.tf @@ -16,7 +16,7 @@ locals { descriptive_name = var.descriptive_name != null ? var.descriptive_name : "${local.prefix}${var.name}" - group_iam_roles = distinct(flatten(values(var.group_iam))) + group_iam_roles = distinct(flatten(values(var.group_iam))) group_iam = { for r in local.group_iam_roles : r => [ for k, v in var.group_iam : "group:${k}" if try(index(v, r), null) != null diff --git a/modules/pubsub/main.tf b/modules/pubsub/main.tf index d65756365..f66c73245 100644 --- a/modules/pubsub/main.tf +++ b/modules/pubsub/main.tf @@ -41,7 +41,7 @@ resource "google_pubsub_topic" "default" { kms_key_name = var.kms_key labels = var.labels - dynamic message_storage_policy { + dynamic "message_storage_policy" { for_each = length(var.regions) > 0 ? [var.regions] : [] content { allowed_persistence_regions = var.regions @@ -67,14 +67,14 @@ resource "google_pubsub_subscription" "default" { message_retention_duration = each.value.options.message_retention_duration retain_acked_messages = each.value.options.retain_acked_messages - dynamic expiration_policy { + dynamic "expiration_policy" { for_each = each.value.options.expiration_policy_ttl == null ? [] : [""] content { ttl = each.value.options.expiration_policy_ttl } } - dynamic dead_letter_policy { + dynamic "dead_letter_policy" { for_each = try(var.dead_letter_configs[each.key], null) == null ? [] : [""] content { dead_letter_topic = var.dead_letter_configs[each.key].topic @@ -82,12 +82,12 @@ resource "google_pubsub_subscription" "default" { } } - dynamic push_config { + dynamic "push_config" { for_each = try(var.push_configs[each.key], null) == null ? [] : [""] content { push_endpoint = var.push_configs[each.key].endpoint attributes = var.push_configs[each.key].attributes - dynamic oidc_token { + dynamic "oidc_token" { for_each = ( local.oidc_config[each.key] == null ? [] : [""] ) diff --git a/modules/secret-manager/main.tf b/modules/secret-manager/main.tf index 696331a81..6b6154e6e 100644 --- a/modules/secret-manager/main.tf +++ b/modules/secret-manager/main.tf @@ -42,19 +42,19 @@ resource "google_secret_manager_secret" "default" { secret_id = each.key labels = lookup(var.labels, each.key, null) - dynamic replication { + dynamic "replication" { for_each = each.value == null ? [""] : [] content { automatic = true } } - dynamic replication { + dynamic "replication" { for_each = each.value == null ? [] : [each.value] iterator = locations content { user_managed { - dynamic replicas { + dynamic "replicas" { for_each = locations.value iterator = location content { diff --git a/modules/vpc-sc/versions.tf b/modules/vpc-sc/versions.tf index 6ecbc64ee..2146648bd 100644 --- a/modules/vpc-sc/versions.tf +++ b/modules/vpc-sc/versions.tf @@ -17,6 +17,6 @@ terraform { required_version = ">= 0.12.6" required_providers { - google = ">= 3.62" - } + google = ">= 3.62" + } } diff --git a/networking/private-cloud-function-from-onprem/outputs.tf b/networking/private-cloud-function-from-onprem/outputs.tf index 2c52e5809..76a2fc680 100644 --- a/networking/private-cloud-function-from-onprem/outputs.tf +++ b/networking/private-cloud-function-from-onprem/outputs.tf @@ -16,5 +16,5 @@ output "function_url" { description = "URL of the Cloud Function." - value = module.function-hello.function.https_trigger_url + value = module.function-hello.function.https_trigger_url } \ No newline at end of file diff --git a/tests/modules/apigee_organization/fixture/main.tf b/tests/modules/apigee_organization/fixture/main.tf index 7f5aa1649..e3b60b6d9 100644 --- a/tests/modules/apigee_organization/fixture/main.tf +++ b/tests/modules/apigee_organization/fixture/main.tf @@ -15,10 +15,10 @@ */ module "test" { - source = "../../../../modules/apigee-organization" - project_id = "my-project" - analytics_region = var.analytics_region - runtime_type = "CLOUD" + source = "../../../../modules/apigee-organization" + project_id = "my-project" + analytics_region = var.analytics_region + runtime_type = "CLOUD" authorized_network = var.network apigee_environments = [ "eval1", @@ -30,7 +30,7 @@ module "test" { "eval1", "eval2" ] - hostnames = [ + hostnames = [ "eval.api.example.com" ] } diff --git a/tests/modules/apigee_x_instance/fixture/main.tf b/tests/modules/apigee_x_instance/fixture/main.tf index 7a4b73b55..9915ef207 100644 --- a/tests/modules/apigee_x_instance/fixture/main.tf +++ b/tests/modules/apigee_x_instance/fixture/main.tf @@ -15,12 +15,12 @@ */ module "apigee-x-instance" { - source = "../../../../modules/apigee-x-instance" - name = var.name - region = var.region - cidr_mask = 22 + source = "../../../../modules/apigee-x-instance" + name = var.name + region = var.region + cidr_mask = 22 - apigee_org_id = "my-project" + apigee_org_id = "my-project" apigee_environments = [ "eval1", "eval2" diff --git a/tests/modules/net_interconnect_attachment_direct/fixture/variables.tf b/tests/modules/net_interconnect_attachment_direct/fixture/variables.tf index 16353cbbb..08126b344 100644 --- a/tests/modules/net_interconnect_attachment_direct/fixture/variables.tf +++ b/tests/modules/net_interconnect_attachment_direct/fixture/variables.tf @@ -81,9 +81,9 @@ variable "router_config" { }) default = { - description = null - asn = 64514 - advertise_config = null + description = null + asn = 64514 + advertise_config = null } } diff --git a/tests/networking/hub_and_spoke_peering/fixture/main.tf b/tests/networking/hub_and_spoke_peering/fixture/main.tf index 5df89997e..899a622e1 100644 --- a/tests/networking/hub_and_spoke_peering/fixture/main.tf +++ b/tests/networking/hub_and_spoke_peering/fixture/main.tf @@ -15,7 +15,7 @@ */ module "test" { - source = "../../../../networking/hub-and-spoke-peering" + source = "../../../../networking/hub-and-spoke-peering" project_create = { billing_account = "123456-123456-123456" oslogin = true diff --git a/third-party-solutions/openshift/tf/providers.tf b/third-party-solutions/openshift/tf/providers.tf index 11735b9f7..52f428818 100644 --- a/third-party-solutions/openshift/tf/providers.tf +++ b/third-party-solutions/openshift/tf/providers.tf @@ -15,7 +15,7 @@ */ # pinning to avoid some weird issues we had with the following version - + terraform { required_providers { google = { diff --git a/tools/check_documentation.py b/tools/check_documentation.py index 5f03abf9f..667b2dd5b 100755 --- a/tools/check_documentation.py +++ b/tools/check_documentation.py @@ -31,7 +31,7 @@ class DocState(enum.Enum): UNKNOWN = 4 def __str__(self): - return {1: '✗', 2: '✓', 3: '✗', 4: '?'}[self.value] + return {1: '✗', 2: '✓', 3: '!', 4: '?'}[self.value] def check_path(pathname):