diff --git a/google-workspace-variables.tf b/google-workspace-variables.tf index 5477811..8c8043c 100644 --- a/google-workspace-variables.tf +++ b/google-workspace-variables.tf @@ -25,3 +25,14 @@ variable "google_workspace_example_admin" { description = "user to impersonate for Google Workspace API calls (null for value of `google_workspace_example_user`)" default = null # will failover to user } + +locals { + # tflint-ignore: terraform_unused_declarations + validate_google_workspace_gcp_project_id = (var.google_workspace_gcp_project_id == null || var.google_workspace_gcp_project_id == "") && (length(setintersection(var.enabled_connectors, ["gcal", "gdirectory", "gdrive", "gmail", "google-meet", "google-chat"])) > 0) + validate_google_workspace_gcp_project_id_message = "The google_workspace_gcp_project_id var should be populated if a Google Workspace connector is enabled." + validate_google_workspace_gcp_project_id_check = regex( + "^${local.validate_google_workspace_gcp_project_id_message}$", + (!local.validate_google_workspace_gcp_project_id + ? local.validate_google_workspace_gcp_project_id_message + : "")) +} \ No newline at end of file diff --git a/google-workspace.tf b/google-workspace.tf index 1740f53..1647b4c 100644 --- a/google-workspace.tf +++ b/google-workspace.tf @@ -7,7 +7,7 @@ provider "google" { module "worklytics_connectors_google_workspace" { - source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-connectors-google-workspace?ref=v0.4.29" + source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-connectors-google-workspace?ref=v0.4.30" providers = { google = google.google_workspace diff --git a/init b/init index e7f1407..d9b7bc7 100755 --- a/init +++ b/init @@ -3,10 +3,14 @@ # Psoxy init script - lite version # # Usage: -# ./tools/release/init-example.sh +# ./tools/init-example.sh +# ./tools/init-example.sh +# +# if is omitted, presumes it's being run at the root of the Terraform +# configuration # # this is meant to be run from within a Terraform configuration for Psoxy, modeled on one of our -# examples +# examples. Copied as the `init` script in each example. # # this is a 'thin' version, expected to be duplicated across multiple examples and then leverage # that 'terraform init' will do a clone of the repo, in which a longer init script will be provided @@ -27,10 +31,6 @@ NC='\e[0m' # No Color EXPLICIT_REPO_CLONE_DIR=$1 -if [[ "${EXPLICIT_REPO_CLONE_DIR}" != */ ]]; then - EXPLICIT_REPO_CLONE_DIR="${EXPLICIT_REPO_CLONE_DIR}/" -fi - TF_CONFIG_ROOT=`pwd` if ! terraform -v &> /dev/null ; then @@ -48,18 +48,24 @@ if [[ $TF_INIT_EXIT_CODE -ne 0 ]]; then exit 1 fi -if [[ -z $EXPLICIT_REPO_CLONE_DIR ]]; then +# determine where the repo is cloned +if [[ -z "$EXPLICIT_REPO_CLONE_DIR" ]]; then if [[ -d ".terraform/modules/psoxy/" ]]; then REPO_CLONE_BASE_DIR=".terraform/modules/psoxy/" else - # use checkout of repo on your local machine - cd ../../.. - REPO_CLONE_BASE_DIR="$(pwd)/" - cd "${TF_CONFIG_ROOT}" # q: could be just `cd -`, right? + printf "${RED}No explicit path to repo clone provided, and 'psoxy' module in Terraform configuration.${NC}\n" + printf "Try running this script with a Terraform module named 'psoxy' that references to GitHub repo https://github.com/Worklytics/psoxy, or pass the path to a clone of that as the first argument to the script.\n" + printf " eg ${BLUE}./init ~/code/psoxy${NC}\n" + exit 1 fi else + # append trailing slash if not present + if [[ "${EXPLICIT_REPO_CLONE_DIR}" != */ ]]; then + EXPLICIT_REPO_CLONE_DIR="${EXPLICIT_REPO_CLONE_DIR}/" + fi + REPO_CLONE_BASE_DIR="$EXPLICIT_REPO_CLONE_DIR" fi # pass control to the full init script. -${REPO_CLONE_BASE_DIR}/tools/init-example-full.sh $REPO_CLONE_BASE_DIR +"${REPO_CLONE_BASE_DIR}/tools/init-example-full.sh" $REPO_CLONE_BASE_DIR diff --git a/main.tf b/main.tf index f279b63..9369b18 100644 --- a/main.tf +++ b/main.tf @@ -39,14 +39,17 @@ locals { # be provisioned via Terraform, so doesn't add any dependencies # call this 'generic_source_connectors'? module "worklytics_connectors" { - source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-connectors?ref=v0.4.29" + source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-connectors?ref=v0.4.30" - enabled_connectors = var.enabled_connectors - example_jira_issue_id = var.example_jira_issue_id - jira_cloud_id = var.jira_cloud_id - jira_server_url = var.jira_server_url - salesforce_domain = var.salesforce_domain + enabled_connectors = var.enabled_connectors + example_jira_issue_id = var.example_jira_issue_id + jira_cloud_id = var.jira_cloud_id + jira_server_url = var.jira_server_url + salesforce_domain = var.salesforce_domain + github_installation_id = var.github_installation_id + github_organization = var.github_organization + github_example_repository = var.github_example_repository } # sources which require additional dependencies are split into distinct Terraform files, following @@ -83,7 +86,7 @@ locals { } module "psoxy" { - source = "git::https://github.com/worklytics/psoxy//infra/modules/gcp-host?ref=v0.4.29" + source = "git::https://github.com/worklytics/psoxy//infra/modules/gcp-host?ref=v0.4.30" gcp_project_id = var.gcp_project_id environment_name = var.environment_name @@ -119,7 +122,7 @@ locals { module "connection_in_worklytics" { for_each = local.all_instances - source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-psoxy-connection-generic?ref=v0.4.29" + source = "git::https://github.com/worklytics/psoxy//infra/modules/worklytics-psoxy-connection-generic?ref=v0.4.30" psoxy_host_platform_id = local.host_platform_id psoxy_instance_id = each.key diff --git a/variables.tf b/variables.tf index f4096a2..93262c2 100644 --- a/variables.tf +++ b/variables.tf @@ -179,12 +179,12 @@ variable "custom_bulk_connectors" { input_bucket_name = optional(string) # allow override of default bucket name sanitized_bucket_name = optional(string) # allow override of default bucket name rules = object({ - pseudonymFormat = optional(string) - columnsToRedact = optional(list(string)) - columnsToInclude = optional(list(string)) - columnsToPseudonymize = optional(list(string)) - columnsToDuplicate = optional(map(string)) - columnsToRename = optional(map(string)) + pseudonymFormat = optional(string, "URL_SAFE_TOKEN") + columnsToRedact = optional(list(string)) # columns to remove from CSV + columnsToInclude = optional(list(string)) # if you prefer to include only an explicit list of columns, rather than redacting those you don't want + columnsToPseudonymize = optional(list(string)) # columns to pseudonymize + columnsToDuplicate = optional(map(string)) # columns to create copy of; name --> new name + columnsToRename = optional(map(string)) # columns to rename: original name --> new name; renames applied BEFORE pseudonymization }) settings_to_provide = optional(map(string), {}) })) @@ -207,15 +207,30 @@ variable "custom_bulk_connectors" { variable "custom_bulk_connector_rules" { type = map(object({ pseudonymFormat = optional(string, "URL_SAFE_TOKEN") - columnsToRedact = optional(list(string)) - columnsToInclude = optional(list(string)) - columnsToPseudonymize = optional(list(string)) - columnsToDuplicate = optional(map(string)) - columnsToRename = optional(map(string)) + columnsToRedact = optional(list(string)) # columns to remove from CSV + columnsToInclude = optional(list(string)) # if you prefer to include only an explicit list of columns, rather than redacting those you don't want + columnsToPseudonymize = optional(list(string)) # columns to pseudonymize + columnsToDuplicate = optional(map(string)) # columns to create copy of; name --> new name + columnsToRename = optional(map(string)) # columns to rename: original name --> new name; renames applied BEFORE pseudonymization })) description = "map of connector id --> rules object" - default = {} + default = { + # hris = { + # columnsToRedact = [] + # columnsToPseudonymize = [ + # "EMPLOYEE_ID", + # "EMPLOYEE_EMAIL", + # "MANAGER_ID", + # "MANAGER_EMAIL" + # ] + # columnsToRename = { + # # original --> new + # "workday_id" = "employee_id" + # } + # columnsToInclude = [ + # ] + } } variable "salesforce_domain" { @@ -242,6 +257,24 @@ variable "example_jira_issue_id" { description = "(Only required if using Jira Server/Cloud connector) Id of an issue for only to be used as part of example calls for Jira (ex: ETV-12)" } +variable "github_installation_id" { + type = string + default = null + description = "(Only required if using Github connector) InstallationId of the application in your org for authentication with the proxy instance (ex: 123456)" +} + +variable "github_organization" { + type = string + default = null + description = "(Only required if using Github connector) Name of the organization to be used as part of example calls for Github (ex: Worklytics)" +} + +variable "github_example_repository" { + type = string + default = null + description = "(Only required if using Github connector) Name for the repository to be used as part of example calls for Github (ex: psoxy)" +} + # build lookup tables to JOIN data you receive back from Worklytics with your original data. # - `join_key_column` should be the column you expect to JOIN on, usually 'employee_id' # - `columns_to_include` is an optional a list of columns to include in the lookup table, @@ -284,4 +317,3 @@ variable "todos_as_local_files" { description = "whether to render TODOs as flat files" default = true } -