Skip to content

Commit

Permalink
Pass project id to tf examples
Browse files Browse the repository at this point in the history
  • Loading branch information
@koenighotze
koenighotze committed May 29, 2024
1 parent f353964 commit dc6aec4
Show file tree
Hide file tree
Showing 10 changed files with 11 additions and 20 deletions.
2 changes: 1 addition & 1 deletion terraform-examples.tf
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
module "terraform_examples" {
source = "./terraform-examples"

project_postfix = var.project_postfix
project_id = local.terraform_examples_project_id

workload_identity_provider_name = var.workload_identity_provider_name
workload_identity_pool_id = var.workload_identity_pool_id
Expand Down
1 change: 0 additions & 1 deletion terraform-examples/main.tf
View file

This file was deleted.

4 changes: 0 additions & 4 deletions terraform-examples/outputs.tf
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,3 @@
output "project_id" {
value = data.google_project.project.project_id
}

output "service_account_email" {
value = google_service_account.sa.email
}
3 changes: 0 additions & 3 deletions terraform-examples/project-data.tf
View file

This file was deleted.

2 changes: 1 addition & 1 deletion terraform-examples/project.tf
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
resource "google_project_iam_audit_config" "audit" {
project = data.google_project.project.project_id
project = var.project_id
service = "allServices"

audit_log_config {
Expand Down
2 changes: 1 addition & 1 deletion terraform-examples/repository-secrets.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ resource "github_actions_secret" "secrets" {
for_each = {
"CICD_SA_EMAIL_ADDRESS" = google_service_account.sa.email
"CICD_SA_ID" = google_service_account.sa.id
"GCP_PROJECT_ID" = data.google_project.project.project_id
"GCP_PROJECT_ID" = var.project_id
"TERRAFORM_STATE_BUCKET" = google_storage_bucket.state_bucket.name
"WORKLOAD_IDENTITY_POOL_ID" = var.workload_identity_pool_id
"WORKLOAD_IDENTITY_PROVIDER" = var.workload_identity_provider_name
Expand Down
4 changes: 2 additions & 2 deletions terraform-examples/sa.tf
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
resource "google_service_account" "sa" {
project = data.google_project.project.project_id
project = var.project_id
account_id = "terraform-examples-sa"
display_name = "TF EXamples Service Account"
description = "Service account for handling the TF Examples"
Expand All @@ -15,7 +15,7 @@ resource "google_project_iam_member" "iam_member_project" {
"roles/viewer"
])

project = data.google_project.project.project_id
project = var.project_id
#checkov:skip=CKV_GCP_117:Allow admin for this
#checkov:skip=CKV_GCP_49:Allow admin for this sa
role = each.key
Expand Down
2 changes: 1 addition & 1 deletion terraform-examples/terraform-state-bucket-admin-iam.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ resource "google_project_iam_binding" "project_iam_binding" {
for_each = toset([
"roles/storage.admin"
])
project = data.google_project.project.project_id
project = var.project_id
role = "roles/storage.admin"

members = [
Expand Down
7 changes: 3 additions & 4 deletions terraform-examples/terraform-state-bucket.tf
View file
Original file line number Diff line number Diff line change
@@ -1,17 +1,16 @@
#trivy:ignore:avd-gcp-0066
resource "google_storage_bucket" "state_bucket" {
#checkov:skip=CKV_GCP_62:Logging deactivated for now
project = data.google_project.project.project_id
name = "${data.google_project.project.project_id}-state"
project = var.project_id
name = "${var.project_id}-state"
location = var.location
uniform_bucket_level_access = true
force_destroy = true

public_access_prevention = "enforced"

versioning {
#checkov:skip=CKV_GCP_78:We don't version states
enabled = false
enabled = true
}
}

Expand Down
4 changes: 2 additions & 2 deletions terraform-examples/variables.tf
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
variable "project_postfix" {
variable "project_id" {
type = string
description = "The unique postfix for the projects"
description = "The id of the project"
}

variable "region" {
Expand Down

0 comments on commit dc6aec4

Please sign in to comment.