InSpec resources extend gcp_backend resource #930
Conversation
|
I am a robot that works on MagicModules PRs! I built this PR into one or more PRs on other repositories, and when those are closed, this PR will also be merged and closed. |
slevenick
requested review from
rambleraptor and
nat-henderson
and removed request for
rambleraptor
|
I am (still) a robot that works on MagicModules PRs! I just wanted to let you know that your changes (as of commit d36ef41) have been included in your existing downstream PRs. |
| @@ -24,11 +24,6 @@ apt-get update && apt-get install google-cloud-sdk -y | |||
|
|
|||
There was a problem hiding this comment.
A lot of this file isn't quite right - downloading terraform, for instance, belongs in the container build process. So does installing unzip, so does installing the google cloud sdk, etc etc.
| @@ -75,7 +64,7 @@ for i in {1..30} | |||
| do | |||
| # Cleanup cassettes folder each time, we don't want to use a recorded cassette if it records an unauthorized response | |||
| rm -r inspec-cassettes | |||
| inspec exec inspec-mm --attrs=attributes/attributes.yaml -t gcp2:// | |||
| inspec exec verify-mm --attrs=attributes/attributes.yaml -t gcp:// --no-distinct-exit | |||
| if [ "$?" -eq "0" ]; then | |||
There was a problem hiding this comment.
The best way to do this is just
if inspec exec verify-mm .... ; then
The current way has an implicit dependency between the two lines which later editing might break.
.ci/magic-modules/generate-inspec.sh
Outdated
| @@ -25,6 +24,8 @@ if [ -z "$INSPEC_COMMIT_MSG" ]; then | |||
| fi | |||
|
|
|||
| pushd "build/inspec" | |||
| # We are not ready to overwrite changelog yet. | |||
| git checkout CHANGELOG.md | |||
There was a problem hiding this comment.
best to specify where to check it out from, like git checkout HEAD -- CHANGELOG.md. This seems silly but you'd be surprised what can happen with git - in this case, if someone ever pushes a branch called CHANGELOG.md, you'd wind up in an absurd (and confused) state.
|
Could you revise the name of the PR, also? Or maybe just add a comment explaining it - I don't quite understand what it means right now. |
slevenick
changed the title
|
I am (still) a robot that works on MagicModules PRs! I just wanted to let you know that your changes (as of commit bf3f9c7) have been included in your existing downstream PRs. |
|
I am (still) a robot that works on MagicModules PRs! I just wanted to let you know that your changes (as of commit 45497d4) have been included in your existing downstream PRs. |
Tracked submodules are build/terraform-beta build/terraform build/ansible build/inspec.
modular-magician
force-pushed
the
inspec-inherit-gcp-super
branch
from
569c932 to
f125db5
Compare
InSpec resources inherit from base GcpResource class to handle auth/api requests. Single new resource generation for SSL policy
[all]
[terraform]
[terraform-beta]
[ansible]
[inspec]
Inherit from base GcpResource, SSL policy generation