From 68c3b13d6a6a388f69a54cb749ff3664f6213a8f Mon Sep 17 00:00:00 2001 From: Natalia Strelkova Date: Thu, 10 Nov 2022 15:05:53 +0000 Subject: [PATCH 1/4] prefix variable consistency across modules --- modules/cloud-function/README.md | 18 ++++++++-------- modules/cloud-function/variables.tf | 4 ++++ modules/cloud-run/README.md | 20 +++++++++--------- modules/cloud-run/variables.tf | 4 ++++ modules/cloudsql-instance/README.md | 16 +++++++------- modules/cloudsql-instance/variables.tf | 6 +++++- modules/data-catalog-policy-tag/README.md | 6 +++--- modules/data-catalog-policy-tag/variables.tf | 6 +++++- modules/gcs/README.md | 14 ++++++------- modules/gcs/main.tf | 6 +----- modules/gcs/variables.tf | 7 ++++++- modules/iam-service-account/README.md | 6 +++--- modules/iam-service-account/main.tf | 2 +- modules/iam-service-account/variables.tf | 4 ++++ modules/net-vpc-peering/README.md | 2 +- modules/net-vpc-peering/main.tf | 5 +++-- modules/net-vpc-peering/variables.tf | 8 +++++-- modules/project/README.md | 22 ++++++++++---------- modules/project/variables.tf | 6 +++++- 19 files changed, 96 insertions(+), 66 deletions(-) diff --git a/modules/cloud-function/README.md b/modules/cloud-function/README.md index b51285b3c4..aa0d0f9d46 100644 --- a/modules/cloud-function/README.md +++ b/modules/cloud-function/README.md @@ -163,7 +163,7 @@ module "cf-http" { | [bucket_name](variables.tf#L26) | Name of the bucket that will be used for the function code. It will be created with prefix prepended if bucket_config is not null. | string | ✓ | | | [bundle_config](variables.tf#L31) | Cloud function source folder and generated zip bundle paths. Output path defaults to '/tmp/bundle.zip' if null. | object({…}) | ✓ | | | [name](variables.tf#L88) | Name used for cloud function and associated resources. | string | ✓ | | -| [project_id](variables.tf#L99) | Project id used for all resources. | string | ✓ | | +| [project_id](variables.tf#L103) | Project id used for all resources. | string | ✓ | | | [bucket_config](variables.tf#L17) | Enable and configure auto-created bucket. Set fields to null to use defaults. | object({…}) | | null | | [description](variables.tf#L40) | Optional description. | string | | "Terraform managed." | | [environment_variables](variables.tf#L46) | Cloud function environment variables. | map(string) | | {} | @@ -172,14 +172,14 @@ module "cf-http" { | [ingress_settings](variables.tf#L76) | Control traffic that reaches the cloud function. Allowed values are ALLOW_ALL, ALLOW_INTERNAL_AND_GCLB and ALLOW_INTERNAL_ONLY . | string | | null | | [labels](variables.tf#L82) | Resource labels. | map(string) | | {} | | [prefix](variables.tf#L93) | Optional prefix used for resource names. | string | | null | -| [region](variables.tf#L104) | Region used for all resources. | string | | "europe-west1" | -| [secrets](variables.tf#L110) | Secret Manager secrets. Key is the variable name or mountpoint, volume versions are in version:path format. | map(object({…})) | | {} | -| [service_account](variables.tf#L122) | Service account email. Unused if service account is auto-created. | string | | null | -| [service_account_create](variables.tf#L128) | Auto-create service account. | bool | | false | -| [trigger_config](variables.tf#L134) | Function trigger configuration. Leave null for HTTP trigger. | object({…}) | | null | -| [v2](variables.tf#L163) | Whether to use Cloud Function version 2nd Gen or 1st Gen. | bool | | false | -| [vpc_connector](variables.tf#L144) | VPC connector configuration. Set create to 'true' if a new connector needs to be created. | object({…}) | | null | -| [vpc_connector_config](variables.tf#L154) | VPC connector network configuration. Must be provided if new VPC connector is being created. | object({…}) | | null | +| [region](variables.tf#L108) | Region used for all resources. | string | | "europe-west1" | +| [secrets](variables.tf#L114) | Secret Manager secrets. Key is the variable name or mountpoint, volume versions are in version:path format. | map(object({…})) | | {} | +| [service_account](variables.tf#L126) | Service account email. Unused if service account is auto-created. | string | | null | +| [service_account_create](variables.tf#L132) | Auto-create service account. | bool | | false | +| [trigger_config](variables.tf#L138) | Function trigger configuration. Leave null for HTTP trigger. | object({…}) | | null | +| [v2](variables.tf#L167) | Whether to use Cloud Function version 2nd Gen or 1st Gen. | bool | | false | +| [vpc_connector](variables.tf#L148) | VPC connector configuration. Set create to 'true' if a new connector needs to be created. | object({…}) | | null | +| [vpc_connector_config](variables.tf#L158) | VPC connector network configuration. Must be provided if new VPC connector is being created. | object({…}) | | null | ## Outputs diff --git a/modules/cloud-function/variables.tf b/modules/cloud-function/variables.tf index 8458bff6a0..0a91177ecd 100644 --- a/modules/cloud-function/variables.tf +++ b/modules/cloud-function/variables.tf @@ -94,6 +94,10 @@ variable "prefix" { description = "Optional prefix used for resource names." type = string default = null + validation { + condition = var.prefix != "" + error_message = "Prefix can not be empty, please use null instead." + } } variable "project_id" { diff --git a/modules/cloud-run/README.md b/modules/cloud-run/README.md index 376b927b09..e8e2fc1ff2 100644 --- a/modules/cloud-run/README.md +++ b/modules/cloud-run/README.md @@ -214,21 +214,21 @@ module "cloud_run" { |---|---|:---:|:---:|:---:| | [containers](variables.tf#L27) | Containers. | list(object({…})) | ✓ | | | [name](variables.tf#L77) | Name used for cloud run service. | string | ✓ | | -| [project_id](variables.tf#L88) | Project id used for all resources. | string | ✓ | | +| [project_id](variables.tf#L92) | Project id used for all resources. | string | ✓ | | | [audit_log_triggers](variables.tf#L18) | Event arc triggers (Audit log). | list(object({…})) | | null | | [iam](variables.tf#L59) | IAM bindings for Cloud Run service in {ROLE => [MEMBERS]} format. | map(list(string)) | | {} | | [ingress_settings](variables.tf#L65) | Ingress settings. | string | | null | | [labels](variables.tf#L71) | Resource labels. | map(string) | | {} | | [prefix](variables.tf#L82) | Optional prefix used for resource names. | string | | null | -| [pubsub_triggers](variables.tf#L93) | Eventarc triggers (Pub/Sub). | list(string) | | null | -| [region](variables.tf#L99) | Region used for all resources. | string | | "europe-west1" | -| [revision_annotations](variables.tf#L105) | Configure revision template annotations. | object({…}) | | null | -| [revision_name](variables.tf#L119) | Revision name. | string | | null | -| [service_account](variables.tf#L125) | Service account email. Unused if service account is auto-created. | string | | null | -| [service_account_create](variables.tf#L131) | Auto-create service account. | bool | | false | -| [traffic](variables.tf#L137) | Traffic. | map(number) | | null | -| [volumes](variables.tf#L143) | Volumes. | list(object({…})) | | null | -| [vpc_connector_create](variables.tf#L156) | Populate this to create a VPC connector. You can then refer to it in the template annotations. | object({…}) | | null | +| [pubsub_triggers](variables.tf#L97) | Eventarc triggers (Pub/Sub). | list(string) | | null | +| [region](variables.tf#L103) | Region used for all resources. | string | | "europe-west1" | +| [revision_annotations](variables.tf#L109) | Configure revision template annotations. | object({…}) | | null | +| [revision_name](variables.tf#L123) | Revision name. | string | | null | +| [service_account](variables.tf#L129) | Service account email. Unused if service account is auto-created. | string | | null | +| [service_account_create](variables.tf#L135) | Auto-create service account. | bool | | false | +| [traffic](variables.tf#L141) | Traffic. | map(number) | | null | +| [volumes](variables.tf#L147) | Volumes. | list(object({…})) | | null | +| [vpc_connector_create](variables.tf#L160) | Populate this to create a VPC connector. You can then refer to it in the template annotations. | object({…}) | | null | ## Outputs diff --git a/modules/cloud-run/variables.tf b/modules/cloud-run/variables.tf index ab9b552b41..fc3579f359 100644 --- a/modules/cloud-run/variables.tf +++ b/modules/cloud-run/variables.tf @@ -83,6 +83,10 @@ variable "prefix" { description = "Optional prefix used for resource names." type = string default = null + validation { + condition = var.prefix != "" + error_message = "Prefix can not be empty, please use null instead." + } } variable "project_id" { diff --git a/modules/cloudsql-instance/README.md b/modules/cloudsql-instance/README.md index bf2a12e402..0355486664 100644 --- a/modules/cloudsql-instance/README.md +++ b/modules/cloudsql-instance/README.md @@ -149,9 +149,9 @@ module "db" { | [database_version](variables.tf#L50) | Database type and version to create. | string | ✓ | | | [name](variables.tf#L97) | Name of primary instance. | string | ✓ | | | [network](variables.tf#L102) | VPC self link where the instances will be deployed. Private Service Networking must be enabled and configured in this VPC. | string | ✓ | | -| [project_id](variables.tf#L113) | The ID of the project where this instances will be created. | string | ✓ | | -| [region](variables.tf#L118) | Region of the primary instance. | string | ✓ | | -| [tier](variables.tf#L138) | The machine type to use for the instances. | string | ✓ | | +| [project_id](variables.tf#L117) | The ID of the project where this instances will be created. | string | ✓ | | +| [region](variables.tf#L122) | Region of the primary instance. | string | ✓ | | +| [tier](variables.tf#L142) | The machine type to use for the instances. | string | ✓ | | | [authorized_networks](variables.tf#L17) | Map of NAME=>CIDR_RANGE to allow to connect to the database(s). | map(string) | | null | | [availability_type](variables.tf#L23) | Availability type for the primary replica. Either `ZONAL` or `REGIONAL`. | string | | "ZONAL" | | [backup_configuration](variables.tf#L29) | Backup settings for primary instance. Will be automatically enabled if using MySQL with one or more replicas. | object({…}) | | {…} | @@ -161,12 +161,12 @@ module "db" { | [disk_type](variables.tf#L73) | The type of data disk: `PD_SSD` or `PD_HDD`. | string | | "PD_SSD" | | [encryption_key_name](variables.tf#L79) | The full path to the encryption key used for the CMEK disk encryption of the primary instance. | string | | null | | [flags](variables.tf#L85) | Map FLAG_NAME=>VALUE for database-specific tuning. | map(string) | | null | -| [ipv4_enabled](variables.tf#L149) | Add a public IP address to database instance. | bool | | false | +| [ipv4_enabled](variables.tf#L153) | Add a public IP address to database instance. | bool | | false | | [labels](variables.tf#L91) | Labels to be attached to all instances. | map(string) | | null | -| [prefix](variables.tf#L107) | Prefix used to generate instance names. | string | | null | -| [replicas](variables.tf#L123) | Map of NAME=> {REGION, KMS_KEY} for additional read replicas. Set to null to disable replica creation. | map(object({…})) | | {} | -| [root_password](variables.tf#L132) | Root password of the Cloud SQL instance. Required for MS SQL Server | string | | null | -| [users](variables.tf#L143) | Map of users to create in the primary instance (and replicated to other replicas) in the format USER=>PASSWORD. For MySQL, anything afterr the first `@` (if persent) will be used as the user's host. Set PASSWORD to null if you want to get an autogenerated password. | map(string) | | null | +| [prefix](variables.tf#L107) | Optional prefix used to generate instance names. | string | | null | +| [replicas](variables.tf#L127) | Map of NAME=> {REGION, KMS_KEY} for additional read replicas. Set to null to disable replica creation. | map(object({…})) | | {} | +| [root_password](variables.tf#L136) | Root password of the Cloud SQL instance. Required for MS SQL Server | string | | null | +| [users](variables.tf#L147) | Map of users to create in the primary instance (and replicated to other replicas) in the format USER=>PASSWORD. For MySQL, anything afterr the first `@` (if persent) will be used as the user's host. Set PASSWORD to null if you want to get an autogenerated password. | map(string) | | null | ## Outputs diff --git a/modules/cloudsql-instance/variables.tf b/modules/cloudsql-instance/variables.tf index 05fbaf299e..c661a3d4ab 100644 --- a/modules/cloudsql-instance/variables.tf +++ b/modules/cloudsql-instance/variables.tf @@ -105,9 +105,13 @@ variable "network" { } variable "prefix" { - description = "Prefix used to generate instance names." + description = "Optional prefix used to generate instance names." type = string default = null + validation { + condition = var.prefix != "" + error_message = "Prefix can not be empty, please use null instead." + } } variable "project_id" { diff --git a/modules/data-catalog-policy-tag/README.md b/modules/data-catalog-policy-tag/README.md index 2e6059bb3e..b38ab77d53 100644 --- a/modules/data-catalog-policy-tag/README.md +++ b/modules/data-catalog-policy-tag/README.md @@ -44,7 +44,7 @@ module "cmn-dc" { | name | description | type | required | default | |---|---|:---:|:---:|:---:| | [name](variables.tf#L59) | Name of this taxonomy. | string | ✓ | | -| [project_id](variables.tf#L70) | GCP project id. | | ✓ | | +| [project_id](variables.tf#L74) | GCP project id. | | ✓ | | | [activated_policy_types](variables.tf#L17) | A list of policy types that are activated for this taxonomy. | list(string) | | ["FINE_GRAINED_ACCESS_CONTROL"] | | [description](variables.tf#L23) | Description of this taxonomy. | string | | "Taxonomy - Terraform managed" | | [group_iam](variables.tf#L29) | Authoritative IAM binding for organization groups, in {GROUP_EMAIL => [ROLES]} format. Group emails need to be static. Can be used in combination with the `iam` variable. | map(list(string)) | | {} | @@ -52,8 +52,8 @@ module "cmn-dc" { | [iam_additive](variables.tf#L41) | IAM additive bindings in {ROLE => [MEMBERS]} format. | map(list(string)) | | {} | | [iam_additive_members](variables.tf#L47) | IAM additive bindings in {MEMBERS => [ROLE]} format. This might break if members are dynamic values. | map(list(string)) | | {} | | [location](variables.tf#L53) | Data Catalog Taxonomy location. | string | | "eu" | -| [prefix](variables.tf#L64) | Prefix used to generate project id and name. | string | | null | -| [tags](variables.tf#L74) | List of Data Catalog Policy tags to be created with optional IAM binging configuration in {tag => {ROLE => [MEMBERS]}} format. | map(map(list(string))) | | {} | +| [prefix](variables.tf#L64) | Optional prefix used to generate project id and name. | string | | null | +| [tags](variables.tf#L78) | List of Data Catalog Policy tags to be created with optional IAM binging configuration in {tag => {ROLE => [MEMBERS]}} format. | map(map(list(string))) | | {} | ## Outputs diff --git a/modules/data-catalog-policy-tag/variables.tf b/modules/data-catalog-policy-tag/variables.tf index ad1be567fe..803fc95ba4 100644 --- a/modules/data-catalog-policy-tag/variables.tf +++ b/modules/data-catalog-policy-tag/variables.tf @@ -62,9 +62,13 @@ variable "name" { } variable "prefix" { - description = "Prefix used to generate project id and name." + description = "Optional prefix used to generate project id and name." type = string default = null + validation { + condition = var.prefix != "" + error_message = "Prefix can not be empty, please use null instead." + } } variable "project_id" { diff --git a/modules/gcs/README.md b/modules/gcs/README.md index 5fe0a0786f..7e6cc22f4f 100644 --- a/modules/gcs/README.md +++ b/modules/gcs/README.md @@ -113,7 +113,7 @@ module "bucket-gcs-notification" { | name | description | type | required | default | |---|---|:---:|:---:|:---:| | [name](variables.tf#L89) | Bucket name suffix. | string | ✓ | | -| [project_id](variables.tf#L112) | Bucket project id. | string | ✓ | | +| [project_id](variables.tf#L117) | Bucket project id. | string | ✓ | | | [cors](variables.tf#L17) | CORS configuration for the bucket. Defaults to null. | object({…}) | | null | | [encryption_key](variables.tf#L28) | KMS key that will be used for encryption. | string | | null | | [force_destroy](variables.tf#L34) | Optional map to set force destroy keyed by name, defaults to false. | bool | | false | @@ -123,12 +123,12 @@ module "bucket-gcs-notification" { | [location](variables.tf#L74) | Bucket location. | string | | "EU" | | [logging_config](variables.tf#L80) | Bucket logging configuration. | object({…}) | | null | | [notification_config](variables.tf#L94) | GCS Notification configuration. | object({…}) | | null | -| [prefix](variables.tf#L106) | Prefix used to generate the bucket name. | string | | null | -| [retention_policy](variables.tf#L117) | Bucket retention policy. | object({…}) | | null | -| [storage_class](variables.tf#L126) | Bucket storage class. | string | | "MULTI_REGIONAL" | -| [uniform_bucket_level_access](variables.tf#L136) | Allow using object ACLs (false) or not (true, this is the recommended behavior) , defaults to true (which is the recommended practice, but not the behavior of storage API). | bool | | true | -| [versioning](variables.tf#L142) | Enable versioning, defaults to false. | bool | | false | -| [website](variables.tf#L148) | Bucket website. | object({…}) | | null | +| [prefix](variables.tf#L107) | Optional prefix used to generate the bucket name. | string | | null | +| [retention_policy](variables.tf#L122) | Bucket retention policy. | object({…}) | | null | +| [storage_class](variables.tf#L131) | Bucket storage class. | string | | "MULTI_REGIONAL" | +| [uniform_bucket_level_access](variables.tf#L141) | Allow using object ACLs (false) or not (true, this is the recommended behavior) , defaults to true (which is the recommended practice, but not the behavior of storage API). | bool | | true | +| [versioning](variables.tf#L147) | Enable versioning, defaults to false. | bool | | false | +| [website](variables.tf#L153) | Bucket website. | object({…}) | | null | ## Outputs diff --git a/modules/gcs/main.tf b/modules/gcs/main.tf index 020d235954..a5abaab676 100644 --- a/modules/gcs/main.tf +++ b/modules/gcs/main.tf @@ -15,11 +15,7 @@ */ locals { - prefix = ( - var.prefix == null || var.prefix == "" # keep "" for backward compatibility - ? "" - : "${var.prefix}-" - ) + prefix = var.prefix == null ? "" : "${var.prefix}-" notification = try(var.notification_config.enabled, false) } diff --git a/modules/gcs/variables.tf b/modules/gcs/variables.tf index d8885bbb81..f87802c6dd 100644 --- a/modules/gcs/variables.tf +++ b/modules/gcs/variables.tf @@ -103,10 +103,15 @@ variable "notification_config" { }) default = null } + variable "prefix" { - description = "Prefix used to generate the bucket name." + description = "Optional prefix used to generate the bucket name." type = string default = null + validation { + condition = var.prefix != "" + error_message = "Prefix can not be empty, please use null instead." + } } variable "project_id" { diff --git a/modules/iam-service-account/README.md b/modules/iam-service-account/README.md index 688506855f..2c6faee525 100644 --- a/modules/iam-service-account/README.md +++ b/modules/iam-service-account/README.md @@ -44,7 +44,7 @@ module "myproject-default-service-accounts" { | name | description | type | required | default | |---|---|:---:|:---:|:---:| | [name](variables.tf#L91) | Name of the service account to create. | string | ✓ | | -| [project_id](variables.tf#L102) | Project id where service account will be created. | string | ✓ | | +| [project_id](variables.tf#L106) | Project id where service account will be created. | string | ✓ | | | [description](variables.tf#L17) | Optional description. | string | | null | | [display_name](variables.tf#L23) | Display name of the service account to create. | string | | "Terraform-managed." | | [generate_key](variables.tf#L29) | Generate a key for service account. | bool | | false | @@ -57,8 +57,8 @@ module "myproject-default-service-accounts" { | [iam_sa_roles](variables.tf#L77) | Service account roles granted to this service account, by service account name. | map(list(string)) | | {} | | [iam_storage_roles](variables.tf#L84) | Storage roles granted to this service account, by bucket name. | map(list(string)) | | {} | | [prefix](variables.tf#L96) | Prefix applied to service account names. | string | | null | -| [public_keys_directory](variables.tf#L107) | Path to public keys data files to upload to the service account (should have `.pem` extension). | string | | "" | -| [service_account_create](variables.tf#L113) | Create service account. When set to false, uses a data source to reference an existing service account. | bool | | true | +| [public_keys_directory](variables.tf#L111) | Path to public keys data files to upload to the service account (should have `.pem` extension). | string | | "" | +| [service_account_create](variables.tf#L117) | Create service account. When set to false, uses a data source to reference an existing service account. | bool | | true | ## Outputs diff --git a/modules/iam-service-account/main.tf b/modules/iam-service-account/main.tf index d9f3b9c4f6..2c9ee36bee 100644 --- a/modules/iam-service-account/main.tf +++ b/modules/iam-service-account/main.tf @@ -21,7 +21,7 @@ locals { ? google_service_account_key.key["1"] : map("", null) , {}) - prefix = var.prefix == null || var.prefix == "" ? "" : "${var.prefix}-" + prefix = var.prefix == null ? "" : "${var.prefix}-" resource_email_static = "${local.prefix}${var.name}@${var.project_id}.iam.gserviceaccount.com" resource_iam_email = ( local.service_account != null diff --git a/modules/iam-service-account/variables.tf b/modules/iam-service-account/variables.tf index 363814e186..35bb790e87 100644 --- a/modules/iam-service-account/variables.tf +++ b/modules/iam-service-account/variables.tf @@ -97,6 +97,10 @@ variable "prefix" { description = "Prefix applied to service account names." type = string default = null + validation { + condition = var.prefix != "" + error_message = "Prefix can not be empty, please use null instead." + } } variable "project_id" { diff --git a/modules/net-vpc-peering/README.md b/modules/net-vpc-peering/README.md index c25fb8db3f..0555b994da 100644 --- a/modules/net-vpc-peering/README.md +++ b/modules/net-vpc-peering/README.md @@ -51,7 +51,7 @@ module "peering-a-c" { | [export_local_custom_routes](variables.tf#L18) | Export custom routes to peer network from local network. | bool | | false | | [export_peer_custom_routes](variables.tf#L24) | Export custom routes to local network from peer network. | bool | | false | | [peer_create_peering](variables.tf#L35) | Create the peering on the remote side. If false, only the peering from this network to the remote network is created. | bool | | true | -| [prefix](variables.tf#L46) | Name prefix for the network peerings. | string | | "network-peering" | +| [prefix](variables.tf#L46) | Optional name prefix for the network peerings. | string | | null | ## Outputs diff --git a/modules/net-vpc-peering/main.tf b/modules/net-vpc-peering/main.tf index 1bade5f14f..82207feebf 100644 --- a/modules/net-vpc-peering/main.tf +++ b/modules/net-vpc-peering/main.tf @@ -17,10 +17,11 @@ locals { local_network_name = element(reverse(split("/", var.local_network)), 0) peer_network_name = element(reverse(split("/", var.peer_network)), 0) + prefix = var.prefix == null ? "" : "${var.prefix}-" } resource "google_compute_network_peering" "local_network_peering" { - name = "${var.prefix}-${local.local_network_name}-${local.peer_network_name}" + name = "${local.prefix}${local.local_network_name}-${local.peer_network_name}" network = var.local_network peer_network = var.peer_network export_custom_routes = var.export_local_custom_routes @@ -29,7 +30,7 @@ resource "google_compute_network_peering" "local_network_peering" { resource "google_compute_network_peering" "peer_network_peering" { count = var.peer_create_peering ? 1 : 0 - name = "${var.prefix}-${local.peer_network_name}-${local.local_network_name}" + name = "${local.prefix}${local.peer_network_name}-${local.local_network_name}" network = var.peer_network peer_network = var.local_network export_custom_routes = var.export_peer_custom_routes diff --git a/modules/net-vpc-peering/variables.tf b/modules/net-vpc-peering/variables.tf index 908578fa55..a519b53c54 100644 --- a/modules/net-vpc-peering/variables.tf +++ b/modules/net-vpc-peering/variables.tf @@ -44,7 +44,11 @@ variable "peer_network" { } variable "prefix" { - description = "Name prefix for the network peerings." + description = "Optional name prefix for the network peerings." type = string - default = "network-peering" + default = null + validation { + condition = var.prefix != "" + error_message = "Prefix can not be empty, please use null instead." + } } diff --git a/modules/project/README.md b/modules/project/README.md index 37af720c97..215c782dda 100644 --- a/modules/project/README.md +++ b/modules/project/README.md @@ -477,17 +477,17 @@ output "compute_robot" { | [oslogin_admins](variables.tf#L188) | List of IAM-style identities that will be granted roles necessary for OS Login administrators. | list(string) | | [] | | [oslogin_users](variables.tf#L196) | List of IAM-style identities that will be granted roles necessary for OS Login users. | list(string) | | [] | | [parent](variables.tf#L203) | Parent folder or organization in 'folders/folder_id' or 'organizations/org_id' format. | string | | null | -| [prefix](variables.tf#L213) | Prefix used to generate project id and name. | string | | null | -| [project_create](variables.tf#L219) | Create project. When set to false, uses a data source to reference existing project. | bool | | true | -| [service_config](variables.tf#L225) | Configure service API activation. | object({…}) | | {…} | -| [service_encryption_key_ids](variables.tf#L237) | Cloud KMS encryption key in {SERVICE => [KEY_URL]} format. | map(list(string)) | | {} | -| [service_perimeter_bridges](variables.tf#L244) | Name of VPC-SC Bridge perimeters to add project into. See comment in the variables file for format. | list(string) | | null | -| [service_perimeter_standard](variables.tf#L251) | Name of VPC-SC Standard perimeter to add project into. See comment in the variables file for format. | string | | null | -| [services](variables.tf#L257) | Service APIs to enable. | list(string) | | [] | -| [shared_vpc_host_config](variables.tf#L263) | Configures this project as a Shared VPC host project (mutually exclusive with shared_vpc_service_project). | object({…}) | | null | -| [shared_vpc_service_config](variables.tf#L272) | Configures this project as a Shared VPC service project (mutually exclusive with shared_vpc_host_config). | object({…}) | | null | -| [skip_delete](variables.tf#L282) | Allows the underlying resources to be destroyed without destroying the project itself. | bool | | false | -| [tag_bindings](variables.tf#L288) | Tag bindings for this project, in key => tag value id format. | map(string) | | null | +| [prefix](variables.tf#L213) | Optional prefix used to generate project id and name. | string | | null | +| [project_create](variables.tf#L223) | Create project. When set to false, uses a data source to reference existing project. | bool | | true | +| [service_config](variables.tf#L229) | Configure service API activation. | object({…}) | | {…} | +| [service_encryption_key_ids](variables.tf#L241) | Cloud KMS encryption key in {SERVICE => [KEY_URL]} format. | map(list(string)) | | {} | +| [service_perimeter_bridges](variables.tf#L248) | Name of VPC-SC Bridge perimeters to add project into. See comment in the variables file for format. | list(string) | | null | +| [service_perimeter_standard](variables.tf#L255) | Name of VPC-SC Standard perimeter to add project into. See comment in the variables file for format. | string | | null | +| [services](variables.tf#L261) | Service APIs to enable. | list(string) | | [] | +| [shared_vpc_host_config](variables.tf#L267) | Configures this project as a Shared VPC host project (mutually exclusive with shared_vpc_service_project). | object({…}) | | null | +| [shared_vpc_service_config](variables.tf#L276) | Configures this project as a Shared VPC service project (mutually exclusive with shared_vpc_host_config). | object({…}) | | null | +| [skip_delete](variables.tf#L286) | Allows the underlying resources to be destroyed without destroying the project itself. | bool | | false | +| [tag_bindings](variables.tf#L292) | Tag bindings for this project, in key => tag value id format. | map(string) | | null | ## Outputs diff --git a/modules/project/variables.tf b/modules/project/variables.tf index 7cd36c82be..eb7cbcba45 100644 --- a/modules/project/variables.tf +++ b/modules/project/variables.tf @@ -211,9 +211,13 @@ variable "parent" { } variable "prefix" { - description = "Prefix used to generate project id and name." + description = "Optional prefix used to generate project id and name." type = string default = null + validation { + condition = var.prefix != "" + error_message = "Prefix can not be empty, please use null instead." + } } variable "project_create" { From da483d3d3ec7f83935041ca5df003cf85cbe1fe2 Mon Sep 17 00:00:00 2001 From: Natalia Strelkova Date: Thu, 10 Nov 2022 15:07:53 +0000 Subject: [PATCH 2/4] prefix var usage in contributing guide --- CONTRIBUTING.md | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 733d6ba9bd..c2d37a812e 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -531,6 +531,27 @@ locals { } ``` +#### The `prefix` variable + +If you would like to use a "prefix" variable for resource names, please keep its definition consistent across all code: +```hcl +# variables.tf +variable "prefix" { + description = "Optional prefix used for resource names." + type = string + default = null + validation { + condition = var.prefix != "" + error_message = "Prefix can not be empty, please use null instead." + } +} + +# main.tf +locals { + prefix = var.prefix == null ? "" : "${var.prefix}-" +} +``` + ### Interacting with checks, tests and tools Our modules are designed for composition and live in a monorepo together with several end-to-end blueprints, so it was inevitable that over time we found ways of ensuring that a change does not break consumers. From d5d1d9eb348a898e2a9fc95db01179b6cab7a4a6 Mon Sep 17 00:00:00 2001 From: Natalia Strelkova Date: Thu, 10 Nov 2022 15:11:38 +0000 Subject: [PATCH 3/4] terraform formatting fixed --- modules/cloud-function/variables.tf | 2 +- modules/cloud-run/variables.tf | 2 +- modules/cloudsql-instance/variables.tf | 2 +- modules/data-catalog-policy-tag/variables.tf | 2 +- modules/gcs/main.tf | 2 +- modules/gcs/variables.tf | 2 +- modules/iam-service-account/variables.tf | 2 +- modules/net-vpc-peering/main.tf | 2 +- modules/net-vpc-peering/variables.tf | 2 +- modules/project/variables.tf | 2 +- 10 files changed, 10 insertions(+), 10 deletions(-) diff --git a/modules/cloud-function/variables.tf b/modules/cloud-function/variables.tf index 0a91177ecd..317be9e101 100644 --- a/modules/cloud-function/variables.tf +++ b/modules/cloud-function/variables.tf @@ -95,7 +95,7 @@ variable "prefix" { type = string default = null validation { - condition = var.prefix != "" + condition = var.prefix != "" error_message = "Prefix can not be empty, please use null instead." } } diff --git a/modules/cloud-run/variables.tf b/modules/cloud-run/variables.tf index fc3579f359..12556ef039 100644 --- a/modules/cloud-run/variables.tf +++ b/modules/cloud-run/variables.tf @@ -84,7 +84,7 @@ variable "prefix" { type = string default = null validation { - condition = var.prefix != "" + condition = var.prefix != "" error_message = "Prefix can not be empty, please use null instead." } } diff --git a/modules/cloudsql-instance/variables.tf b/modules/cloudsql-instance/variables.tf index c661a3d4ab..712974982b 100644 --- a/modules/cloudsql-instance/variables.tf +++ b/modules/cloudsql-instance/variables.tf @@ -109,7 +109,7 @@ variable "prefix" { type = string default = null validation { - condition = var.prefix != "" + condition = var.prefix != "" error_message = "Prefix can not be empty, please use null instead." } } diff --git a/modules/data-catalog-policy-tag/variables.tf b/modules/data-catalog-policy-tag/variables.tf index 803fc95ba4..0651251949 100644 --- a/modules/data-catalog-policy-tag/variables.tf +++ b/modules/data-catalog-policy-tag/variables.tf @@ -66,7 +66,7 @@ variable "prefix" { type = string default = null validation { - condition = var.prefix != "" + condition = var.prefix != "" error_message = "Prefix can not be empty, please use null instead." } } diff --git a/modules/gcs/main.tf b/modules/gcs/main.tf index a5abaab676..960b23d2e0 100644 --- a/modules/gcs/main.tf +++ b/modules/gcs/main.tf @@ -15,7 +15,7 @@ */ locals { - prefix = var.prefix == null ? "" : "${var.prefix}-" + prefix = var.prefix == null ? "" : "${var.prefix}-" notification = try(var.notification_config.enabled, false) } diff --git a/modules/gcs/variables.tf b/modules/gcs/variables.tf index f87802c6dd..2592295d62 100644 --- a/modules/gcs/variables.tf +++ b/modules/gcs/variables.tf @@ -109,7 +109,7 @@ variable "prefix" { type = string default = null validation { - condition = var.prefix != "" + condition = var.prefix != "" error_message = "Prefix can not be empty, please use null instead." } } diff --git a/modules/iam-service-account/variables.tf b/modules/iam-service-account/variables.tf index 35bb790e87..5c4aaa2e9c 100644 --- a/modules/iam-service-account/variables.tf +++ b/modules/iam-service-account/variables.tf @@ -98,7 +98,7 @@ variable "prefix" { type = string default = null validation { - condition = var.prefix != "" + condition = var.prefix != "" error_message = "Prefix can not be empty, please use null instead." } } diff --git a/modules/net-vpc-peering/main.tf b/modules/net-vpc-peering/main.tf index 82207feebf..f705df715b 100644 --- a/modules/net-vpc-peering/main.tf +++ b/modules/net-vpc-peering/main.tf @@ -17,7 +17,7 @@ locals { local_network_name = element(reverse(split("/", var.local_network)), 0) peer_network_name = element(reverse(split("/", var.peer_network)), 0) - prefix = var.prefix == null ? "" : "${var.prefix}-" + prefix = var.prefix == null ? "" : "${var.prefix}-" } resource "google_compute_network_peering" "local_network_peering" { diff --git a/modules/net-vpc-peering/variables.tf b/modules/net-vpc-peering/variables.tf index a519b53c54..0bc256939d 100644 --- a/modules/net-vpc-peering/variables.tf +++ b/modules/net-vpc-peering/variables.tf @@ -48,7 +48,7 @@ variable "prefix" { type = string default = null validation { - condition = var.prefix != "" + condition = var.prefix != "" error_message = "Prefix can not be empty, please use null instead." } } diff --git a/modules/project/variables.tf b/modules/project/variables.tf index eb7cbcba45..3dedbb53f7 100644 --- a/modules/project/variables.tf +++ b/modules/project/variables.tf @@ -215,7 +215,7 @@ variable "prefix" { type = string default = null validation { - condition = var.prefix != "" + condition = var.prefix != "" error_message = "Prefix can not be empty, please use null instead." } } From d96f95c2b6cc03f79bc47ae930a6c273406d9695 Mon Sep 17 00:00:00 2001 From: Natalia Strelkova Date: Fri, 11 Nov 2022 11:56:47 +0000 Subject: [PATCH 4/4] cannot instead of can not --- modules/cloud-function/variables.tf | 2 +- modules/cloud-run/variables.tf | 2 +- modules/cloudsql-instance/variables.tf | 2 +- modules/data-catalog-policy-tag/variables.tf | 2 +- modules/gcs/variables.tf | 2 +- modules/iam-service-account/variables.tf | 2 +- modules/net-vpc-peering/variables.tf | 2 +- modules/project/variables.tf | 2 +- 8 files changed, 8 insertions(+), 8 deletions(-) diff --git a/modules/cloud-function/variables.tf b/modules/cloud-function/variables.tf index 317be9e101..8f3eeb3693 100644 --- a/modules/cloud-function/variables.tf +++ b/modules/cloud-function/variables.tf @@ -96,7 +96,7 @@ variable "prefix" { default = null validation { condition = var.prefix != "" - error_message = "Prefix can not be empty, please use null instead." + error_message = "Prefix cannot be empty, please use null instead." } } diff --git a/modules/cloud-run/variables.tf b/modules/cloud-run/variables.tf index 12556ef039..8029f1c411 100644 --- a/modules/cloud-run/variables.tf +++ b/modules/cloud-run/variables.tf @@ -85,7 +85,7 @@ variable "prefix" { default = null validation { condition = var.prefix != "" - error_message = "Prefix can not be empty, please use null instead." + error_message = "Prefix cannot be empty, please use null instead." } } diff --git a/modules/cloudsql-instance/variables.tf b/modules/cloudsql-instance/variables.tf index 712974982b..858807aebc 100644 --- a/modules/cloudsql-instance/variables.tf +++ b/modules/cloudsql-instance/variables.tf @@ -110,7 +110,7 @@ variable "prefix" { default = null validation { condition = var.prefix != "" - error_message = "Prefix can not be empty, please use null instead." + error_message = "Prefix cannot be empty, please use null instead." } } diff --git a/modules/data-catalog-policy-tag/variables.tf b/modules/data-catalog-policy-tag/variables.tf index 0651251949..2342e94747 100644 --- a/modules/data-catalog-policy-tag/variables.tf +++ b/modules/data-catalog-policy-tag/variables.tf @@ -67,7 +67,7 @@ variable "prefix" { default = null validation { condition = var.prefix != "" - error_message = "Prefix can not be empty, please use null instead." + error_message = "Prefix cannot be empty, please use null instead." } } diff --git a/modules/gcs/variables.tf b/modules/gcs/variables.tf index 2592295d62..2e1517234d 100644 --- a/modules/gcs/variables.tf +++ b/modules/gcs/variables.tf @@ -110,7 +110,7 @@ variable "prefix" { default = null validation { condition = var.prefix != "" - error_message = "Prefix can not be empty, please use null instead." + error_message = "Prefix cannot be empty, please use null instead." } } diff --git a/modules/iam-service-account/variables.tf b/modules/iam-service-account/variables.tf index 5c4aaa2e9c..a9f60bf239 100644 --- a/modules/iam-service-account/variables.tf +++ b/modules/iam-service-account/variables.tf @@ -99,7 +99,7 @@ variable "prefix" { default = null validation { condition = var.prefix != "" - error_message = "Prefix can not be empty, please use null instead." + error_message = "Prefix cannot be empty, please use null instead." } } diff --git a/modules/net-vpc-peering/variables.tf b/modules/net-vpc-peering/variables.tf index 0bc256939d..8f5f15f676 100644 --- a/modules/net-vpc-peering/variables.tf +++ b/modules/net-vpc-peering/variables.tf @@ -49,6 +49,6 @@ variable "prefix" { default = null validation { condition = var.prefix != "" - error_message = "Prefix can not be empty, please use null instead." + error_message = "Prefix cannot be empty, please use null instead." } } diff --git a/modules/project/variables.tf b/modules/project/variables.tf index 3dedbb53f7..be388d6049 100644 --- a/modules/project/variables.tf +++ b/modules/project/variables.tf @@ -216,7 +216,7 @@ variable "prefix" { default = null validation { condition = var.prefix != "" - error_message = "Prefix can not be empty, please use null instead." + error_message = "Prefix cannot be empty, please use null instead." } }