fix blueprint cloudsql users value + minor fix

blueprints/data-solutions/cloudsql-multiregion/cloudsql.tf

@@ -34,7 +34,9 @@ module "db" {
   }
   databases = [var.postgres_database]
   users = {
-    postgres = var.postgres_user_password
+    "postgres" = {
+      password = var.postgres_user_password
+    }
   }
 }
 

blueprints/third-party-solutions/phpipam/cloudsql.tf

@@ -27,6 +27,8 @@ module "cloudsql" {
   region              = var.region
   tier                = local.cloudsql_conf.tier
   users = {
-    "${local.cloudsql_conf.user}" = var.cloudsql_password
+    "${local.cloudsql_conf.user}" = {
+      password = var.cloudsql_password
+    }
   }
 }

blueprints/third-party-solutions/wordpress/cloudrun/cloudsql.tf

@@ -61,7 +61,9 @@ module "cloudsql" {
   tier             = local.cloudsql_conf.tier
   databases        = [local.cloudsql_conf.db]
   users = {
-    "${local.cloudsql_conf.user}" = var.cloudsql_password
+    "${local.cloudsql_conf.user}" = {
+      password = var.cloudsql_password
+    }
   }
   deletion_protection = false
 }

modules/cloudsql-instance/main.tf

@@ -1,4 +1,4 @@
-/**
+/** TO MOD
  * Copyright 2022 Google LLC
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
@@ -27,18 +27,18 @@ locals {
 
   users = {
     for k, v in var.users :
-    (k) =>
+    k =>
     local.is_mysql ?
     {
-      name     = v.type == "BUILT_IN" ? split("@", v.name)[0] : v.name
-      host     = v.type == "BUILT_IN" ? try(split("@", v.name)[1], null) : null
-      password = v.type == "BUILT_IN" ? try(random_password.passwords[v.name].result, v.password) : null
-      type     = v.type
+      name     = try(v.type, "BUILT_IN") == "BUILT_IN" ? split("@", k)[0] : k
+      host     = try(v.type, "BUILT_IN") == "BUILT_IN" ? try(split("@", k)[1], null) : null
+      password = try(v.type, "BUILT_IN") == "BUILT_IN" ? try(random_password.passwords[v.name].result, v.password) : null
+      type     = try(v.type, "BUILT_IN")
       } : {
-      name     = local.is_postgres ? try(trimsuffix(v.name, ".gserviceaccount.com"), v.name) : v.name
+      name     = local.is_postgres ? try(trimsuffix(v.name, ".gserviceaccount.com"), k) : k
       host     = null
-      password = v.type == "BUILT_IN" ? try(random_password.passwords[v.name].result, v.password) : null
-      type     = v.type
+      password = try(v.type, "BUILT_IN") == "BUILT_IN" ? try(random_password.passwords[k].result, v.password) : null
+      type     = try(v.type, "BUILT_IN")
     }
   }
 
@@ -179,14 +179,15 @@ resource "google_sql_database" "databases" {
 
 resource "random_password" "passwords" {
   for_each = toset([
-    for user in coalesce(var.users, []) :
-    user.name
-    if user.password == null
+    for k, v in coalesce(var.users, {}) :
+    k
+    if v.password == null
   ])
   length  = 16
   special = true
 }
 
+
 resource "google_sql_user" "users" {
   for_each = local.users
   project  = var.project_id

modules/cloudsql-instance/variables.tf

@@ -203,7 +203,7 @@ variable "tier" {
 }
 
 variable "users" {
-  description = "list of users to create in the primary instance (and replicated to other replicas). For MySQL, anything afterr the first `@` (if persent) will be used as the user's host. Set PASSWORD to null if you want to get an autogenerated password. The user types available are: 'BUILT_IN', 'CLOUD_IAM_USER' or 'CLOUD_IAM_SERVICE_ACCOUNT'"
+  description = "list of users to create in the primary instance (and replicated to other replicas). For MySQL, anything afterr the first `@` (if persent) will be used as the user's host. Set PASSWORD to null if you want to get an autogenerated password. The user types available are: 'BUILT_IN', 'CLOUD_IAM_USER' or 'CLOUD_IAM_SERVICE_ACCOUNT'."
   type = list(object({
     name     = string
     password = optional(string)