From e75f7a2c4f1c4126f80f599c725f4f4ec9727b82 Mon Sep 17 00:00:00 2001 From: Andrew Peabody Date: Mon, 12 Aug 2024 16:28:46 +0000 Subject: [PATCH] fixes for tflint --- .github/.tflint.repo.hcl | 75 +++++++++++++++++++ .../modules/app-group-baseline/README.md | 2 +- .../modules/app-group-baseline/variables.tf | 5 +- 5-appinfra/modules/cicd-pipeline/versions.tf | 6 +- 5-appinfra/modules/env_baseline/versions.tf | 11 +++ 5 files changed, 94 insertions(+), 5 deletions(-) create mode 100644 .github/.tflint.repo.hcl diff --git a/.github/.tflint.repo.hcl b/.github/.tflint.repo.hcl new file mode 100644 index 00000000..89d23d38 --- /dev/null +++ b/.github/.tflint.repo.hcl @@ -0,0 +1,75 @@ +# Copyright 2022-2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +// disable all rules by default +config { + disabled_by_default = true +} + +plugin "terraform" { + enabled = true +} + +rule "terraform_deprecated_index" { + enabled = true +} + +rule "terraform_deprecated_interpolation" { + enabled = true +} + +rule "terraform_empty_list_equality" { + enabled = true +} + +rule "terraform_module_pinned_source" { + enabled = true +} + +rule "terraform_module_version" { + enabled = true +} + +rule "terraform_unused_declarations" { + enabled = true +} + +// module specific +rule "terraform_documented_outputs" { + enabled = true +} + +rule "terraform_documented_variables" { + enabled = true +} + +rule "terraform_module_pinned_source" { + enabled = true +} + +rule "terraform_module_version" { + enabled = true +} + +rule "terraform_required_providers" { + enabled = true +} + +rule "terraform_required_version" { + enabled = true +} + +rule "terraform_typed_variables" { + enabled = true +} diff --git a/3-appfactory/modules/app-group-baseline/README.md b/3-appfactory/modules/app-group-baseline/README.md index 1b97c6c5..b4a4cb12 100644 --- a/3-appfactory/modules/app-group-baseline/README.md +++ b/3-appfactory/modules/app-group-baseline/README.md @@ -8,7 +8,7 @@ | bucket\_force\_destroy | When deleting a bucket, this boolean option will delete all contained objects. If false, Terraform will fail to delete buckets which contain objects. | `bool` | `false` | no | | bucket\_prefix | Name prefix to use for buckets created. | `string` | `"bkt"` | no | | cloudbuild\_sa\_roles | Optional to assign to custom CloudBuild SA. Map of project name or any static key to object with list of roles. Keys much match keys from var.envs |
map(object({
roles = list(string)
}))
| `{}` | no | -| create\_env\_projects | n/a | `bool` | `true` | no | +| create\_env\_projects | Create environment-specific application infra projects | `bool` | `true` | no | | env\_project\_apis | List of APIs to enable for environment-specific application infra projects | `list(string)` |
[
"iam.googleapis.com",
"cloudresourcemanager.googleapis.com",
"serviceusage.googleapis.com",
"cloudbilling.googleapis.com"
]
| no | | envs | Environments |
map(object({
billing_account = string
folder_id = string
network_project_id = string
network_self_link = string
org_id = string
subnets_self_links = list(string)
}))
| n/a | yes | | folder\_id | Folder ID of parent folder for application admin resources. If deploying on the enterprise foundation blueprint, this is usually the 'common' folder. | `string` | n/a | yes | diff --git a/3-appfactory/modules/app-group-baseline/variables.tf b/3-appfactory/modules/app-group-baseline/variables.tf index e568544f..00070c72 100644 --- a/3-appfactory/modules/app-group-baseline/variables.tf +++ b/3-appfactory/modules/app-group-baseline/variables.tf @@ -48,8 +48,9 @@ variable "envs" { } variable "create_env_projects" { - type = bool - default = true + type = bool + default = true + description = "Create environment-specific application infra projects" } variable "env_project_apis" { diff --git a/5-appinfra/modules/cicd-pipeline/versions.tf b/5-appinfra/modules/cicd-pipeline/versions.tf index ebf5b706..c7bf27f3 100644 --- a/5-appinfra/modules/cicd-pipeline/versions.tf +++ b/5-appinfra/modules/cicd-pipeline/versions.tf @@ -19,10 +19,12 @@ terraform { required_providers { google = { - source = "hashicorp/google" + source = "hashicorp/google" + version = ">= 5, < 6" } google-beta = { - source = "hashicorp/google-beta" + source = "hashicorp/google-beta" + version = ">= 5, < 6" } } diff --git a/5-appinfra/modules/env_baseline/versions.tf b/5-appinfra/modules/env_baseline/versions.tf index ab78a33b..2c114261 100644 --- a/5-appinfra/modules/env_baseline/versions.tf +++ b/5-appinfra/modules/env_baseline/versions.tf @@ -17,6 +17,17 @@ terraform { required_version = ">= 1.3" + required_providers { + google = { + source = "hashicorp/google" + version = ">= 5, < 6" + } + random = { + source = "hashicorp/random" + version = ">= 3" + } + } + provider_meta "google" { module_name = "blueprints/terraform/terraform-google-enterprise-application:bootstrap/v0.1.0" }