From 2782340b070823f8cc684bb81184f3cb9d4c97c3 Mon Sep 17 00:00:00 2001 From: Jieyu Tian Date: Mon, 28 Oct 2024 11:36:41 -0400 Subject: [PATCH] fix: Fix apphub uri and id representation (#360) Co-authored-by: abhishek kumar tiwari --- README.md | 2 +- metadata.yaml | 13 +++++-------- modules/simple_bucket/README.md | 1 + modules/simple_bucket/metadata.yaml | 25 +++++++++++++++++++++---- modules/simple_bucket/outputs.tf | 8 ++++++++ outputs.tf | 10 +++++----- 6 files changed, 41 insertions(+), 18 deletions(-) diff --git a/README.md b/README.md index 8ba1b3f..2c4cbb6 100644 --- a/README.md +++ b/README.md @@ -92,7 +92,7 @@ Functional examples are included in the | Name | Description | |------|-------------| -| apphub\_service\_uri | Service URI in CAIS style to be used by Apphub. | +| apphub\_service\_uri | URI in CAIS style to be used by Apphub. | | bucket | Bucket resource (for single use). | | buckets | Bucket resources as list. | | buckets\_map | Bucket resources by name. | diff --git a/metadata.yaml b/metadata.yaml index 9de14fe..5e1c0a8 100644 --- a/metadata.yaml +++ b/metadata.yaml @@ -240,15 +240,12 @@ spec: defaultValue: {} outputs: - name: apphub_service_uri - description: Service URI in CAIS style to be used by Apphub. + description: URI in CAIS style to be used by Apphub. type: - - object - - service_id: - - tuple - - - string - service_uri: - - tuple - - - string + - tuple + - - - object + - service_id: string + service_uri: string - name: bucket description: Bucket resource (for single use). type: diff --git a/modules/simple_bucket/README.md b/modules/simple_bucket/README.md index db05ef8..0bbe665 100644 --- a/modules/simple_bucket/README.md +++ b/modules/simple_bucket/README.md @@ -64,6 +64,7 @@ Functional examples are included in the | Name | Description | |------|-------------| +| apphub\_service\_uri | URI in CAIS style to be used by Apphub. | | bucket | The created storage bucket | | internal\_kms\_configuration | The intenal KMS Resource. | | name | Bucket name. | diff --git a/modules/simple_bucket/metadata.yaml b/modules/simple_bucket/metadata.yaml index 14e3179..1c3cd64 100644 --- a/modules/simple_bucket/metadata.yaml +++ b/modules/simple_bucket/metadata.yaml @@ -47,7 +47,7 @@ spec: varType: string required: true - name: location - description: The location of the bucket. + description: The location of the bucket. See https://cloud.google.com/storage/docs/locations. varType: string required: true - name: storage_class @@ -109,7 +109,7 @@ spec: varType: any defaultValue: [] - name: encryption - description: A Cloud KMS key that will be used to encrypt objects inserted into this bucket. If default_kms_key_name is set to 'null' a new keyring and key pair will be created and used to encrypt bucket using CMEK. + description: A Cloud KMS key that will be used to encrypt objects inserted into this bucket. To use a Cloud KMS key automatically created by the module use `internal_encryption_config`. varType: |- object({ default_kms_key_name = string @@ -155,7 +155,23 @@ spec: retention_duration_seconds = optional(number) }) defaultValue: {} + - name: internal_encryption_config + description: " Configuration for the creation of an internal Google Cloud Key Management Service (KMS) Key for use as Customer-managed encryption key (CMEK) for the GCS Bucket\n instead of creating one in advance and providing the key in the variable `encryption.default_kms_key_name`.\n create_encryption_key: If `true` a Google Cloud Key Management Service (KMS) KeyRing and a Key will be created\n prevent_destroy: Set the prevent_destroy lifecycle attribute on keys.\n key_destroy_scheduled_duration: Set the period of time that versions of keys spend in the `DESTROY_SCHEDULED` state before transitioning to `DESTROYED`.\n key_rotation_period: Generate a new key every time this period passes.\n" + varType: |- + object({ + create_encryption_key = optional(bool, false) + prevent_destroy = optional(bool, false) + key_destroy_scheduled_duration = optional(string, null) + key_rotation_period = optional(string, "7776000s") + }) + defaultValue: {} outputs: + - name: apphub_service_uri + description: URI in CAIS style to be used by Apphub. + type: + - object + - service_id: string + service_uri: string - name: bucket description: The created storage bucket type: @@ -223,6 +239,7 @@ spec: matches_suffix: - list - string + no_age: bool noncurrent_time_before: string num_newer_versions: number send_age_if_zero: bool @@ -273,6 +290,8 @@ spec: - - object - main_page_suffix: string not_found_page: string + - name: internal_kms_configuration + description: The intenal KMS Resource. - name: name description: Bucket name. type: string @@ -296,5 +315,3 @@ spec: providerVersions: - source: hashicorp/google version: ">= 5.43.0, < 7" - - source: hashicorp/random - version: ">= 2.1" diff --git a/modules/simple_bucket/outputs.tf b/modules/simple_bucket/outputs.tf index aa0bd4c..4b7ff62 100644 --- a/modules/simple_bucket/outputs.tf +++ b/modules/simple_bucket/outputs.tf @@ -33,3 +33,11 @@ output "internal_kms_configuration" { description = "The intenal KMS Resource." value = var.internal_encryption_config.create_encryption_key ? module.encryption_key[0] : null } + +output "apphub_service_uri" { + value = { + service_uri = "//storage.googleapis.com/${google_storage_bucket.bucket.name}" + service_id = substr(google_storage_bucket.bucket.name, 0, 63) + } + description = "URI in CAIS style to be used by Apphub." +} diff --git a/outputs.tf b/outputs.tf index a702208..29efc18 100644 --- a/outputs.tf +++ b/outputs.tf @@ -70,9 +70,9 @@ output "hmac_keys" { } output "apphub_service_uri" { - value = { - service_uri = local.buckets_list[*].self_link - service_id = local.buckets_list[*].name - } - description = "Service URI in CAIS style to be used by Apphub." + value = [for bucket in local.buckets_list : { + service_uri = "//storage.googleapis.com/${bucket.name}" + service_id = substr(bucket.name, 0, 63) + }] + description = "URI in CAIS style to be used by Apphub." }