kovagoadi/hunfabric
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e3e261442f5b4886257ddc2b5176aad46005fe31
hunfabric/modules/project-factory/outputs.tf
Ludovico Magnocavallo 981e4581ee Add project-factory based data platform dataset to FAST project factory stage (#3957) 
* dp rewrite stage 0, projects

* remove plan files

* generalize handling of basepath for projects in project-factory module

* central-0 ---> core-0

* add schemas, validate YAMLs, tags

* aspect types

* data catalog policy tag factory

* add support for data catalog taxonomy to project factory

* complete retrofit of old stage configuration, except networking

* shared vpc networking

* networking

* data platform as pf dataset

* docs

* test

* remove legacy dp stage, fix tests and links

* boilerplate

* tfdoc

* fix unrelated tfdoc

* schemas

* fix errors

* schema

* duplicate schemas

* yamllint

* Fix module naming convention for aspect-types

* Fix factories_config in vpcs.tf for net-vpc-factory compatibility

* Update schema documentation based on schema changes

* Fix false rename conflict in .config.yaml files

* Sync schemas and update documentation

* Fix path expansion for aspect-types and revert projects_input to master

* Restore path expansion for org_policies in projects-iam call

* Fix trailing newlines in schema duplicates to satisfy duplicate-diff

* Fix path expansion for data_catalog_taxonomy in taxonomies.tf

* Update inventory for data-platform test and clean up debug prints

* Add full values to data-platform inventory

* Align Stage 2 VPC Factory integration with Stage 0 and fix tests

TAG=agy

* Fix project factory context resolution and data platform datasets

- Update tag context keys in project factory to use file key without 'projects/' prefix.
- Fix tag reference in product-0.yaml.
- Fix shared_vpc_service_config in shared-0.yaml by moving service account to network_users.
- Set parent for domain-0 folder to data-platform.
- Mock net-dev-0 project ID in tests.
- Update inventories.

TAG=agy
CONV=4b37fa5b-bf59-4604-9e8f-b55353d967a0

* Fix project-level tag keys context resolution in project factory

* Fix commented out tag reference in domain-0 .config.yaml

* Fix merge() calls with empty arguments in project-factory and data-catalog-policy-tag

* Update Data Platform dataset README with prerequisites and customization guide

* Add Table of Contents to Data Platform dataset README

* docs: update Data Platform README with project templates tip

* Document data platform output files and linking sequence in README

* Update data platform README with VPC-SC and delegated IAM details

* Refactor data platform dataset and align stage defaults

* Update test inventory and variables for data platform with new prefix
2026-05-12 16:44:32 +02:00

201 lines
5.2 KiB
HCL
Raw Blame History

/**
* Copyright 2025 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
locals {
_outputs_automation_buckets = {
for k, v in local.automation_buckets : v.parent_name => k
}
_outputs_automation_sas = {
for k, v in local.automation_sas : v.prefix => k...
}
outputs_projects = {
for k, v in local.projects_input : k => {
aspect_types = (
v.factories_config.aspect_types == null
? {}
: module.aspect-types[k].ids
)
automation = {
bucket = try(
module.automation-bucket[local._outputs_automation_buckets[k]].name,
null
)
service_accounts = {
for sa in lookup(local._outputs_automation_sas, k, []) :
sa => {
email = module.automation-service-accounts[sa].email
iam_email = module.automation-service-accounts[sa].iam_email
id = module.automation-service-accounts[sa].id
}
}
}
kms_keys = local.projects_kms_keys[k]
number = module.projects[k].number
project_id = module.projects[k].project_id
log_buckets = {
for sk, sv in lookup(v, "log_buckets", {}) :
"${k}/${sk}" => (
module.log-buckets["${k}/${sk}"].id
)
}
pubsub_topics = {
for sk, sv in lookup(v, "pubsub_topics", {}) :
"${k}/${sk}" => (
module.pubsub["${k}/${sk}"].id
)
}
service_accounts = {
for sk, sv in lookup(v, "service_accounts", {}) :
"${k}/${sk}" => {
email = module.service-accounts["${k}/${sk}"].email
iam_email = module.service-accounts["${k}/${sk}"].iam_email
id = module.service-accounts["${k}/${sk}"].id
}
}
storage_buckets = {
for sk, sv in lookup(v, "buckets", {}) :
"${k}/${sk}" => (
module.buckets["${k}/${sk}"].name
)
}
tag_keys = {
for sk, sv in module.projects[k].tag_keys : sk => sv.id
}
tag_values = {
for sk, sv in module.projects[k].tag_values : sk => sv.id
}
tag_vars = {
for sk, sv in module.projects[k].tag_keys : sk => sv.namespaced_name
# the provider returns allowed_values_regex set to "" not null
if try(sv.allowed_values_regex, "") != ""
}
workload_identity_pools = (
module.projects[k].workload_identity_pool_ids
)
workload_identity_providers = (
module.projects[k].workload_identity_providers
)
}
}
outputs_service_accounts = merge(
merge([
for k, v in local.outputs_projects : v.service_accounts
]...),
{
for k, v in module.automation-service-accounts : k => {
email = v.email
iam_email = v.iam_email
id = v.id
}
}
)
}
output "folder_ids" {
description = "Folder ids."
value = local.folder_ids
}
output "iam_principals" {
description = "IAM principals mappings."
value = local.iam_principals
}
output "kms_keys" {
description = "KMS key ids."
value = local.kms_keys
}
output "log_buckets" {
description = "Log bucket ids."
value = merge([
for k, v in local.outputs_projects : v.log_buckets
]...)
}
output "project_ids" {
description = "Project ids."
value = local.project_ids
}
output "project_numbers" {
description = "Project numbers."
value = {
for k, v in local.outputs_projects : k => v.number
}
}
output "projects" {
description = "Project attributes."
value = local.outputs_projects
}
output "pubsub_topics" {
description = "PubSub topic ids."
value = merge([
for k, v in local.outputs_projects : v.pubsub_topics
]...)
}
output "service_account_emails" {
description = "Service account emails."
value = {
for k, v in local.outputs_service_accounts : k => v.email
}
}
output "service_account_iam_emails" {
description = "Service account IAM-format emails."
value = {
for k, v in local.outputs_service_accounts : k => v.iam_email
}
}
output "service_account_ids" {
description = "Service account IDs."
value = {
for k, v in local.outputs_service_accounts : k => v.id
}
}
output "service_accounts" {
description = "Service account emails."
value = local.outputs_service_accounts
}
output "service_agents" {
description = "Service agent emails."
value = {
for k, v in local.projects_service_agents
: trimprefix(k, "service_agents/") => {
email = trimprefix(v, "serviceAccount:")
iam_email = v
}
}
}
output "storage_buckets" {
description = "Bucket names."
value = merge(
merge([
for k, v in local.outputs_projects : v.storage_buckets
]...),
{
for k, v in module.automation-bucket : k => v.name
}
)
}
Reference in New Issue View Git Blame Copy Permalink