Align service account scopes naming convention in Packer module with …

…rest of the Toolkit

modules/packer/custom-image/README.md

@@ -286,8 +286,9 @@ No resources.
 | <a name="input_omit_external_ip"></a> [omit\_external\_ip](#input\_omit\_external\_ip) | Provision the image building VM without a public IP address | `bool` | `true` | no |
 | <a name="input_on_host_maintenance"></a> [on\_host\_maintenance](#input\_on\_host\_maintenance) | Describes maintenance behavior for the instance. If left blank this will default to `MIGRATE` except the use of GPUs requires it to be `TERMINATE` | `string` | `null` | no |
 | <a name="input_project_id"></a> [project\_id](#input\_project\_id) | Project in which to create VM and image | `string` | n/a | yes |
-| <a name="input_scopes"></a> [scopes](#input\_scopes) | Service account scopes to attach to the instance. See<br>https://cloud.google.com/compute/docs/access/service-accounts. | `list(string)` | <pre>[<br>  "https://www.googleapis.com/auth/cloud-platform"<br>]</pre> | no |
+| <a name="input_scopes"></a> [scopes](#input\_scopes) | DEPRECATED: use var.service\_account\_scopes | `set(string)` | `null` | no |
 | <a name="input_service_account_email"></a> [service\_account\_email](#input\_service\_account\_email) | The service account email to use. If null or 'default', then the default Compute Engine service account will be used. | `string` | `null` | no |
+| <a name="input_service_account_scopes"></a> [service\_account\_scopes](#input\_service\_account\_scopes) | Service account scopes to attach to the instance. See<br>https://cloud.google.com/compute/docs/access/service-accounts. | `set(string)` | <pre>[<br>  "https://www.googleapis.com/auth/cloud-platform"<br>]</pre> | no |
 | <a name="input_shell_scripts"></a> [shell\_scripts](#input\_shell\_scripts) | A list of paths to local shell scripts which will be uploaded to customize the VM image | `list(string)` | `[]` | no |
 | <a name="input_shielded_instance_config"></a> [shielded\_instance\_config](#input\_shielded\_instance\_config) | Shielded VM configuration for the instance (must set var.enabled\_shielded\_vm) | <pre>object({<br>    enable_secure_boot          = bool<br>    enable_vtpm                 = bool<br>    enable_integrity_monitoring = bool<br>  })</pre> | <pre>{<br>  "enable_integrity_monitoring": true,<br>  "enable_secure_boot": true,<br>  "enable_vtpm": true<br>}</pre> | no |
 | <a name="input_source_image"></a> [source\_image](#input\_source\_image) | Source OS image to build from | `string` | `null` | no |

modules/packer/custom-image/variables.pkr.hcl

@@ -109,11 +109,22 @@ variable "service_account_email" {
 }
 
 variable "scopes" {
+  description = "DEPRECATED: use var.service_account_scopes"
+  type        = set(string)
+  default     = null
+
+  validation {
+    condition     = var.scopes == null
+    error_message = "DEPRECATED: var.scopes was renamed to var.service_account_scopes with identical format."
+  }
+}
+
+variable "service_account_scopes" {
   description = <<EOD
 Service account scopes to attach to the instance. See
 https://cloud.google.com/compute/docs/access/service-accounts.
 EOD
-  type        = list(string)
+  type        = set(string)
   default = [
     "https://www.googleapis.com/auth/cloud-platform",
   ]

tools/validate_configs/golden_copies/expectations/igc_pkr/one/image/image.pkr.hcl

@@ -107,6 +107,7 @@ source "googlecompute" "toolkit_image" {
   use_internal_ip             = var.omit_external_ip
   subnetwork                  = var.subnetwork_name
   network_project_id          = var.network_project_id
+  service_account_email       = var.service_account_email
   scopes                      = var.scopes
   source_image                = var.source_image
   source_image_family         = var.source_image_family

tools/validate_configs/golden_copies/expectations/igc_pkr/one/image/variables.pkr.hcl

@@ -109,11 +109,22 @@ variable "service_account_email" {
 }
 
 variable "scopes" {
+  description = "DEPRECATED: use var.service_account_scopes"
+  type        = set(string)
+  default     = null
+
+  validation {
+    condition     = var.scopes == null
+    error_message = "DEPRECATED: var.scopes was renamed to var.service_account_scopes with identical format."
+  }
+}
+
+variable "service_account_scopes" {
   description = <<EOD
 Service account scopes to attach to the instance. See
 https://cloud.google.com/compute/docs/access/service-accounts.
 EOD
-  type        = list(string)
+  type        = set(string)
   default = [
     "https://www.googleapis.com/auth/cloud-platform",
   ]

tools/validate_configs/golden_copies/expectations/text_escape/zero/lime/image.pkr.hcl

@@ -107,6 +107,7 @@ source "googlecompute" "toolkit_image" {
   use_internal_ip             = var.omit_external_ip
   subnetwork                  = var.subnetwork_name
   network_project_id          = var.network_project_id
+  service_account_email       = var.service_account_email
   scopes                      = var.scopes
   source_image                = var.source_image
   source_image_family         = var.source_image_family

tools/validate_configs/golden_copies/expectations/text_escape/zero/lime/variables.pkr.hcl

@@ -109,11 +109,22 @@ variable "service_account_email" {
 }
 
 variable "scopes" {
+  description = "DEPRECATED: use var.service_account_scopes"
+  type        = set(string)
+  default     = null
+
+  validation {
+    condition     = var.scopes == null
+    error_message = "DEPRECATED: var.scopes was renamed to var.service_account_scopes with identical format."
+  }
+}
+
+variable "service_account_scopes" {
   description = <<EOD
 Service account scopes to attach to the instance. See
 https://cloud.google.com/compute/docs/access/service-accounts.
 EOD
-  type        = list(string)
+  type        = set(string)
   default = [
     "https://www.googleapis.com/auth/cloud-platform",
   ]