From 489e4b2d6e2184127701ddcc5c9ebdb74576bd28 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Johannes=20W=C3=BCrbach?= Date: Fri, 22 Dec 2023 22:37:02 +0100 Subject: [PATCH] feat: iterate --- .tflint.hcl | 10 ++++ examples/gcs/README.md | 46 +++++++++++++++++++ examples/gcs/terraform.tfvars.example | 17 +++++++ .../gcp-service-account/workload/README.md | 37 +++++++++++++++ .../workload/terraform.tfvars.example | 17 +++++++ humanitec-resource-defs/gcs/basic/README.md | 38 +++++++++++++++ .../gcs/basic/terraform.tfvars.example | 20 ++++++++ .../iam-role-binding/gcs-admin/README.md | 36 +++++++++++++++ .../gcs-admin/terraform.tfvars.example | 14 ++++++ .../k8s/service-account/README.md | 32 +++++++++++++ .../service-account/terraform.tfvars.example | 1 + .../workload/service-account/README.md | 32 +++++++++++++ .../service-account/terraform.tfvars.example | 1 + .../gcp-service-account/workload/README.md | 42 +++++++++++++++++ .../workload/terraform.tfvars.example | 19 ++++++++ modules/gcs/basic/README.md | 38 +++++++++++++++ modules/gcs/basic/terraform.tfvars.example | 17 +++++++ modules/iam-role-binding/gcs-admin/README.md | 37 +++++++++++++++ .../gcs-admin/terraform.tfvars.example | 12 +++++ 19 files changed, 466 insertions(+) create mode 100644 .tflint.hcl create mode 100644 examples/gcs/README.md create mode 100644 examples/gcs/terraform.tfvars.example create mode 100644 humanitec-resource-defs/gcp-service-account/workload/README.md create mode 100644 humanitec-resource-defs/gcp-service-account/workload/terraform.tfvars.example create mode 100644 humanitec-resource-defs/gcs/basic/README.md create mode 100644 humanitec-resource-defs/gcs/basic/terraform.tfvars.example create mode 100644 humanitec-resource-defs/iam-role-binding/gcs-admin/README.md create mode 100644 humanitec-resource-defs/iam-role-binding/gcs-admin/terraform.tfvars.example create mode 100644 humanitec-resource-defs/k8s/service-account/README.md create mode 100644 humanitec-resource-defs/k8s/service-account/terraform.tfvars.example create mode 100644 humanitec-resource-defs/workload/service-account/README.md create mode 100644 humanitec-resource-defs/workload/service-account/terraform.tfvars.example create mode 100644 modules/gcp-service-account/workload/README.md create mode 100644 modules/gcp-service-account/workload/terraform.tfvars.example create mode 100644 modules/gcs/basic/README.md create mode 100644 modules/gcs/basic/terraform.tfvars.example create mode 100644 modules/iam-role-binding/gcs-admin/README.md create mode 100644 modules/iam-role-binding/gcs-admin/terraform.tfvars.example diff --git a/.tflint.hcl b/.tflint.hcl new file mode 100644 index 0000000..bb66fff --- /dev/null +++ b/.tflint.hcl @@ -0,0 +1,10 @@ +plugin "terraform" { + enabled = true + preset = "recommended" +} + +plugin "google" { + enabled = true + version = "0.26.0" + source = "github.com/terraform-linters/tflint-ruleset-google" +} diff --git a/examples/gcs/README.md b/examples/gcs/README.md new file mode 100644 index 0000000..6892f12 --- /dev/null +++ b/examples/gcs/README.md @@ -0,0 +1,46 @@ + +## Requirements + +| Name | Version | +|------|---------| +| terraform | >= 1.3.0 | +| humanitec | ~> 0 | + +## Providers + +| Name | Version | +|------|---------| +| humanitec | ~> 0 | + +## Modules + +| Name | Source | Version | +|------|--------|---------| +| gcp\_service\_account\_workload | ../../humanitec-resource-defs/gcp-service-account/workload | n/a | +| gcs\_basic | ../../humanitec-resource-defs/gcs/basic | n/a | +| iam\_role\_binding\_gcs\_admin | ../../humanitec-resource-defs/iam-role-binding/gcs-admin | n/a | +| k8s\_service\_account | ../../humanitec-resource-defs/k8s/service-account | n/a | +| workload | ../../humanitec-resource-defs/workload/service-account | n/a | + +## Resources + +| Name | Type | +|------|------| +| [humanitec_application.example](https://registry.terraform.io/providers/humanitec/humanitec/latest/docs/resources/application) | resource | +| [humanitec_resource_definition_criteria.gcp_service_account_workload](https://registry.terraform.io/providers/humanitec/humanitec/latest/docs/resources/resource_definition_criteria) | resource | +| [humanitec_resource_definition_criteria.gcs_basic](https://registry.terraform.io/providers/humanitec/humanitec/latest/docs/resources/resource_definition_criteria) | resource | +| [humanitec_resource_definition_criteria.iam_role_binding_gcs_admin](https://registry.terraform.io/providers/humanitec/humanitec/latest/docs/resources/resource_definition_criteria) | resource | +| [humanitec_resource_definition_criteria.k8s_service_account](https://registry.terraform.io/providers/humanitec/humanitec/latest/docs/resources/resource_definition_criteria) | resource | +| [humanitec_resource_definition_criteria.workload](https://registry.terraform.io/providers/humanitec/humanitec/latest/docs/resources/resource_definition_criteria) | resource | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| credentials | GCP credentials | `string` | n/a | yes | +| location | The location of the bucket | `string` | n/a | yes | +| project | GCP project ID | `string` | n/a | yes | +| humanitec\_application | n/a | `string` | `"gcs-test"` | no | +| resource\_packs\_gcp\_rev | GCP Resource Pack git ref | `string` | `"refs/heads/main"` | no | +| resource\_packs\_gcp\_url | GCP Resource Pack git url | `string` | `"https://github.com/humanitec-architecture/resource-packs-gcp.git"` | no | + diff --git a/examples/gcs/terraform.tfvars.example b/examples/gcs/terraform.tfvars.example new file mode 100644 index 0000000..bac12b6 --- /dev/null +++ b/examples/gcs/terraform.tfvars.example @@ -0,0 +1,17 @@ + +# GCP credentials +credentials = "" + +humanitec_application = "gcs-test" + +# The location of the bucket +location = "" + +# GCP project ID +project = "" + +# GCP Resource Pack git ref +resource_packs_gcp_rev = "refs/heads/main" + +# GCP Resource Pack git url +resource_packs_gcp_url = "https://github.com/humanitec-architecture/resource-packs-gcp.git" \ No newline at end of file diff --git a/humanitec-resource-defs/gcp-service-account/workload/README.md b/humanitec-resource-defs/gcp-service-account/workload/README.md new file mode 100644 index 0000000..3426980 --- /dev/null +++ b/humanitec-resource-defs/gcp-service-account/workload/README.md @@ -0,0 +1,37 @@ + +## Requirements + +| Name | Version | +|------|---------| +| terraform | >= 1.3.0 | +| humanitec | ~> 0 | + +## Providers + +| Name | Version | +|------|---------| +| humanitec | ~> 0 | + +## Resources + +| Name | Type | +|------|------| +| [humanitec_resource_definition.main](https://registry.terraform.io/providers/humanitec/humanitec/latest/docs/resources/resource_definition) | resource | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| credentials | GCP credentials | `string` | n/a | yes | +| prefix | n/a | `string` | n/a | yes | +| project | GCP project ID | `string` | n/a | yes | +| roles | List of roles to assign to the service account | `set(string)` | n/a | yes | +| resource\_packs\_gcp\_rev | GCP Resource Pack git ref | `string` | `"refs/heads/main"` | no | +| resource\_packs\_gcp\_url | GCP Resource Pack git url | `string` | `"https://github.com/humanitec-architecture/resource-packs-gcp.git"` | no | + +## Outputs + +| Name | Description | +|------|-------------| +| id | n/a | + diff --git a/humanitec-resource-defs/gcp-service-account/workload/terraform.tfvars.example b/humanitec-resource-defs/gcp-service-account/workload/terraform.tfvars.example new file mode 100644 index 0000000..77af4d3 --- /dev/null +++ b/humanitec-resource-defs/gcp-service-account/workload/terraform.tfvars.example @@ -0,0 +1,17 @@ + +# GCP credentials +credentials = "" + +prefix = "" + +# GCP project ID +project = "" + +# GCP Resource Pack git ref +resource_packs_gcp_rev = "refs/heads/main" + +# GCP Resource Pack git url +resource_packs_gcp_url = "https://github.com/humanitec-architecture/resource-packs-gcp.git" + +# List of roles to assign to the service account +roles = "" \ No newline at end of file diff --git a/humanitec-resource-defs/gcs/basic/README.md b/humanitec-resource-defs/gcs/basic/README.md new file mode 100644 index 0000000..d846a42 --- /dev/null +++ b/humanitec-resource-defs/gcs/basic/README.md @@ -0,0 +1,38 @@ + +## Requirements + +| Name | Version | +|------|---------| +| terraform | >= 1.3.0 | +| humanitec | ~> 0 | + +## Providers + +| Name | Version | +|------|---------| +| humanitec | ~> 0 | + +## Resources + +| Name | Type | +|------|------| +| [humanitec_resource_definition.main](https://registry.terraform.io/providers/humanitec/humanitec/latest/docs/resources/resource_definition) | resource | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| credentials | GCP credentials | `string` | n/a | yes | +| location | The location of the bucket | `string` | n/a | yes | +| prefix | n/a | `string` | n/a | yes | +| project | GCP project ID | `string` | n/a | yes | +| force\_destroy | Whether to force destroy the bucket when deleting | `bool` | `false` | no | +| resource\_packs\_gcp\_rev | GCP Resource Pack git ref | `string` | `"refs/heads/main"` | no | +| resource\_packs\_gcp\_url | GCP Resource Pack git url | `string` | `"https://github.com/humanitec-architecture/resource-packs-gcp.git"` | no | + +## Outputs + +| Name | Description | +|------|-------------| +| id | n/a | + diff --git a/humanitec-resource-defs/gcs/basic/terraform.tfvars.example b/humanitec-resource-defs/gcs/basic/terraform.tfvars.example new file mode 100644 index 0000000..5c10f72 --- /dev/null +++ b/humanitec-resource-defs/gcs/basic/terraform.tfvars.example @@ -0,0 +1,20 @@ + +# GCP credentials +credentials = "" + +# Whether to force destroy the bucket when deleting +force_destroy = false + +# The location of the bucket +location = "" + +prefix = "" + +# GCP project ID +project = "" + +# GCP Resource Pack git ref +resource_packs_gcp_rev = "refs/heads/main" + +# GCP Resource Pack git url +resource_packs_gcp_url = "https://github.com/humanitec-architecture/resource-packs-gcp.git" \ No newline at end of file diff --git a/humanitec-resource-defs/iam-role-binding/gcs-admin/README.md b/humanitec-resource-defs/iam-role-binding/gcs-admin/README.md new file mode 100644 index 0000000..93c00a6 --- /dev/null +++ b/humanitec-resource-defs/iam-role-binding/gcs-admin/README.md @@ -0,0 +1,36 @@ + +## Requirements + +| Name | Version | +|------|---------| +| terraform | >= 1.3.0 | +| humanitec | ~> 0 | + +## Providers + +| Name | Version | +|------|---------| +| humanitec | ~> 0 | + +## Resources + +| Name | Type | +|------|------| +| [humanitec_resource_definition.main](https://registry.terraform.io/providers/humanitec/humanitec/latest/docs/resources/resource_definition) | resource | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| credentials | GCP credentials | `string` | n/a | yes | +| prefix | n/a | `string` | n/a | yes | +| project | GCP project ID | `string` | n/a | yes | +| resource\_packs\_gcp\_rev | GCP Resource Pack git ref | `string` | `"refs/heads/main"` | no | +| resource\_packs\_gcp\_url | GCP Resource Pack git url | `string` | `"https://github.com/humanitec-architecture/resource-packs-gcp.git"` | no | + +## Outputs + +| Name | Description | +|------|-------------| +| id | n/a | + diff --git a/humanitec-resource-defs/iam-role-binding/gcs-admin/terraform.tfvars.example b/humanitec-resource-defs/iam-role-binding/gcs-admin/terraform.tfvars.example new file mode 100644 index 0000000..d04943e --- /dev/null +++ b/humanitec-resource-defs/iam-role-binding/gcs-admin/terraform.tfvars.example @@ -0,0 +1,14 @@ + +# GCP credentials +credentials = "" + +prefix = "" + +# GCP project ID +project = "" + +# GCP Resource Pack git ref +resource_packs_gcp_rev = "refs/heads/main" + +# GCP Resource Pack git url +resource_packs_gcp_url = "https://github.com/humanitec-architecture/resource-packs-gcp.git" \ No newline at end of file diff --git a/humanitec-resource-defs/k8s/service-account/README.md b/humanitec-resource-defs/k8s/service-account/README.md new file mode 100644 index 0000000..74b4bf1 --- /dev/null +++ b/humanitec-resource-defs/k8s/service-account/README.md @@ -0,0 +1,32 @@ + +## Requirements + +| Name | Version | +|------|---------| +| terraform | >= 1.3.0 | +| humanitec | ~> 0 | + +## Providers + +| Name | Version | +|------|---------| +| humanitec | ~> 0 | + +## Resources + +| Name | Type | +|------|------| +| [humanitec_resource_definition.main](https://registry.terraform.io/providers/humanitec/humanitec/latest/docs/resources/resource_definition) | resource | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| prefix | n/a | `string` | `""` | no | + +## Outputs + +| Name | Description | +|------|-------------| +| id | n/a | + \ No newline at end of file diff --git a/humanitec-resource-defs/k8s/service-account/terraform.tfvars.example b/humanitec-resource-defs/k8s/service-account/terraform.tfvars.example new file mode 100644 index 0000000..95169cd --- /dev/null +++ b/humanitec-resource-defs/k8s/service-account/terraform.tfvars.example @@ -0,0 +1 @@ +prefix = "" \ No newline at end of file diff --git a/humanitec-resource-defs/workload/service-account/README.md b/humanitec-resource-defs/workload/service-account/README.md new file mode 100644 index 0000000..74b4bf1 --- /dev/null +++ b/humanitec-resource-defs/workload/service-account/README.md @@ -0,0 +1,32 @@ + +## Requirements + +| Name | Version | +|------|---------| +| terraform | >= 1.3.0 | +| humanitec | ~> 0 | + +## Providers + +| Name | Version | +|------|---------| +| humanitec | ~> 0 | + +## Resources + +| Name | Type | +|------|------| +| [humanitec_resource_definition.main](https://registry.terraform.io/providers/humanitec/humanitec/latest/docs/resources/resource_definition) | resource | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| prefix | n/a | `string` | `""` | no | + +## Outputs + +| Name | Description | +|------|-------------| +| id | n/a | + \ No newline at end of file diff --git a/humanitec-resource-defs/workload/service-account/terraform.tfvars.example b/humanitec-resource-defs/workload/service-account/terraform.tfvars.example new file mode 100644 index 0000000..95169cd --- /dev/null +++ b/humanitec-resource-defs/workload/service-account/terraform.tfvars.example @@ -0,0 +1 @@ +prefix = "" \ No newline at end of file diff --git a/modules/gcp-service-account/workload/README.md b/modules/gcp-service-account/workload/README.md new file mode 100644 index 0000000..a9e8530 --- /dev/null +++ b/modules/gcp-service-account/workload/README.md @@ -0,0 +1,42 @@ + +## Requirements + +| Name | Version | +|------|---------| +| terraform | >= 1.3.0 | +| google | ~> 5.1 | + +## Providers + +| Name | Version | +|------|---------| +| google | ~> 5.1 | + +## Resources + +| Name | Type | +|------|------| +| [google_project_iam_member.role](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/project_iam_member) | resource | +| [google_service_account.main](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/service_account) | resource | +| [google_service_account_iam_member.workload_identity_k8s_service_account](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/service_account_iam_member) | resource | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| app\_id | n/a | `string` | n/a | yes | +| credentials | GCP credentials | `string` | n/a | yes | +| env\_id | n/a | `string` | n/a | yes | +| namespace | k8s namespace | `string` | n/a | yes | +| prefix | n/a | `string` | n/a | yes | +| project | GCP project ID | `string` | n/a | yes | +| res\_id | n/a | `string` | n/a | yes | +| roles | List of roles to assign to the service account | `set(string)` | n/a | yes | + +## Outputs + +| Name | Description | +|------|-------------| +| email | n/a | +| k8s\_service\_account\_name | n/a | + \ No newline at end of file diff --git a/modules/gcp-service-account/workload/terraform.tfvars.example b/modules/gcp-service-account/workload/terraform.tfvars.example new file mode 100644 index 0000000..bc4b10d --- /dev/null +++ b/modules/gcp-service-account/workload/terraform.tfvars.example @@ -0,0 +1,19 @@ +app_id = "" + +# GCP credentials +credentials = "" + +env_id = "" + +# k8s namespace +namespace = "" + +prefix = "" + +# GCP project ID +project = "" + +res_id = "" + +# List of roles to assign to the service account +roles = "" \ No newline at end of file diff --git a/modules/gcs/basic/README.md b/modules/gcs/basic/README.md new file mode 100644 index 0000000..b9ebd5f --- /dev/null +++ b/modules/gcs/basic/README.md @@ -0,0 +1,38 @@ + +## Requirements + +| Name | Version | +|------|---------| +| terraform | >= 1.3.0 | +| google | ~> 5.1 | + +## Providers + +| Name | Version | +|------|---------| +| google | ~> 5.1 | + +## Resources + +| Name | Type | +|------|------| +| [google_storage_bucket.main](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/storage_bucket) | resource | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| app\_id | n/a | `string` | n/a | yes | +| credentials | GCP credentials | `string` | n/a | yes | +| env\_id | n/a | `string` | n/a | yes | +| location | The location of the bucket | `string` | n/a | yes | +| prefix | n/a | `string` | n/a | yes | +| project | GCP project ID | `string` | n/a | yes | +| force\_destroy | Whether to force destroy the bucket when deleting | `bool` | `false` | no | + +## Outputs + +| Name | Description | +|------|-------------| +| name | n/a | + \ No newline at end of file diff --git a/modules/gcs/basic/terraform.tfvars.example b/modules/gcs/basic/terraform.tfvars.example new file mode 100644 index 0000000..85483ce --- /dev/null +++ b/modules/gcs/basic/terraform.tfvars.example @@ -0,0 +1,17 @@ +app_id = "" + +# GCP credentials +credentials = "" + +env_id = "" + +# Whether to force destroy the bucket when deleting +force_destroy = false + +# The location of the bucket +location = "" + +prefix = "" + +# GCP project ID +project = "" \ No newline at end of file diff --git a/modules/iam-role-binding/gcs-admin/README.md b/modules/iam-role-binding/gcs-admin/README.md new file mode 100644 index 0000000..ec3fb3f --- /dev/null +++ b/modules/iam-role-binding/gcs-admin/README.md @@ -0,0 +1,37 @@ + +## Requirements + +| Name | Version | +|------|---------| +| terraform | >= 1.3.0 | +| google | ~> 5.1 | + +## Providers + +| Name | Version | +|------|---------| +| google | ~> 5.1 | + +## Resources + +| Name | Type | +|------|------| +| [google_storage_bucket_iam_member.main](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/storage_bucket_iam_member) | resource | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| app\_id | n/a | `string` | n/a | yes | +| bucket | n/a | `string` | n/a | yes | +| credentials | GCP credentials | `string` | n/a | yes | +| env\_id | n/a | `string` | n/a | yes | +| project | GCP project ID | `string` | n/a | yes | +| service\_account | n/a | `string` | n/a | yes | + +## Outputs + +| Name | Description | +|------|-------------| +| id | n/a | + \ No newline at end of file diff --git a/modules/iam-role-binding/gcs-admin/terraform.tfvars.example b/modules/iam-role-binding/gcs-admin/terraform.tfvars.example new file mode 100644 index 0000000..9d202af --- /dev/null +++ b/modules/iam-role-binding/gcs-admin/terraform.tfvars.example @@ -0,0 +1,12 @@ +app_id = "" +bucket = "" + +# GCP credentials +credentials = "" + +env_id = "" + +# GCP project ID +project = "" + +service_account = "" \ No newline at end of file