Skip to content

Commit

Permalink
Fix "inconsistent conditional result types" error in modules/vpc-sc (
Browse files Browse the repository at this point in the history
…#2676)

* Fix inconsistent conditional result types error in modules/vpc-sc

* Revert example based tests of the vpc-sc module

* Add additional example based test to the vpc-sc module readme

---------

Co-authored-by: Ludovico Magnocavallo <[email protected]>
  • Loading branch information
joelvoss and ludoo authored Nov 12, 2024
1 parent 80978ed commit 6c19e96
Show file tree
Hide file tree
Showing 2 changed files with 73 additions and 2 deletions.
71 changes: 71 additions & 0 deletions modules/vpc-sc/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ If you are using [Application Default Credentials](https://cloud.google.com/sdk/
- [Files](#files)
- [Variables](#variables)
- [Outputs](#outputs)
- [Tests](#tests)
<!-- END TOC -->

## Examples
Expand Down Expand Up @@ -362,3 +363,73 @@ to:
| [service_perimeters_bridge](outputs.tf#L47) | Bridge service perimeter resources. | |
| [service_perimeters_regular](outputs.tf#L52) | Regular service perimeter resources. | |
<!-- END TFDOC -->

## Tests

```hcl
module "test" {
source = "./fabric/modules/vpc-sc"
access_policy = "12345678"
factories_config = {
access_levels = "data/access-levels"
egress_policies = "data/egress-policies"
ingress_policies = "data/ingress-policies"
}
ingress_policies = {
variable-policy = {
from = {
identities = [
"serviceAccount:[email protected]"
]
access_levels = ["*"]
}
to = {
operations = [{ service_name = "*" }]
resources = ["*"]
}
}
}
service_perimeters_regular = {
default = {
status = {
access_levels = ["geo-it"]
resources = ["projects/11111"]
egress_policies = ["variable-policy", "factory-egress-policy"]
ingress_policies = ["variable-policy", "factory-ingress-policy"]
}
}
}
}
# tftest modules=1 resources=2 files=t1a1,t1i1,t1e1
```

```yaml
conditions:
- regions:
- IT
# tftest-file id=t1a1 path=data/access-levels/geo-it.yaml schema=access-level.schema.json
```

```yaml
from:
access_levels:
- geo-it
identity_type: ANY_IDENTITY
to:
operations:
- service_name: "*"
resources:
- projects/1234567890
# tftest-file id=t1i1 path=data/ingress-policies/factory-ingress-policy.yaml schema=ingress-policy.schema.json
```

```yaml
from:
identity_type: ANY_IDENTITY
to:
operations:
- service_name: "*"
resources:
- "*"
# tftest-file id=t1e1 path=data/egress-policies/factory-egress-policy.yaml schema=egress-policy.schema.json
```
4 changes: 2 additions & 2 deletions modules/vpc-sc/factory.tf
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ locals {
for k, v in local._data.egress_policies : k => {
from = merge({
identity_type = null
identities = null
identities = []
}, try(v.from, {}))
to = {
operations = [
Expand All @@ -69,7 +69,7 @@ locals {
from = merge({
access_levels = []
identity_type = null
identities = null
identities = []
resources = []
}, try(v.from, {}))
to = {
Expand Down

0 comments on commit 6c19e96

Please sign in to comment.