in 0-bootstrap, gh_cicd module outdated dep creates conflict for hashicorp/google provider

TL;DR

Following 0-bootstrap/README-GitHub.md, executing step 19 (terraform init) fails because it cannot resolve a version for the hashicorp/google provider:

The gh_cicd module references version "~> 12.0" of "terraform-google-modules/project-factory/google", which constrains the hashicorp/google provider to >= 3.50.0, < 5.0.0.
The seed_bootstrap module references the seed_project module, which references version "~> 15.0" of "terraform-google-modules/project-factory/google", which constrains the hashicorp/google provider to >= 5.22.0, < 6.0.0.

Terraform Configuration

Output of `terraform providers` command:

Providers required by configuration:
.
├── provider[registry.terraform.io/hashicorp/google-beta]
├── provider[registry.terraform.io/hashicorp/google] >= 3.50.0, != 4.31.0
├── provider[registry.terraform.io/integrations/github] 5.34.0
├── module.seed_project_iam_member
│   ├── provider[registry.terraform.io/hashicorp/google-beta] >= 3.77.0
│   ├── provider[registry.terraform.io/hashicorp/random]
│   └── provider[registry.terraform.io/hashicorp/google] >= 3.77.0
├── module.bootstrap_projects_remove_editor
│   └── provider[registry.terraform.io/hashicorp/google] >= 3.77.0
├── module.optional_group
│   ├── provider[registry.terraform.io/hashicorp/google-beta] >= 3.67.0, < 6.0.0
│   └── provider[registry.terraform.io/hashicorp/google] >= 3.67.0, < 6.0.0
├── module.gh_oidc
│   ├── provider[registry.terraform.io/hashicorp/google] >= 3.64.0, < 6.0.0
│   └── provider[registry.terraform.io/hashicorp/google-beta] >= 3.64.0, < 6.0.0
├── module.org_iam_member
│   ├── provider[registry.terraform.io/hashicorp/random]
│   ├── provider[registry.terraform.io/hashicorp/google] >= 3.77.0
│   └── provider[registry.terraform.io/hashicorp/google-beta] >= 3.77.0
├── module.seed_bootstrap
│   ├── provider[registry.terraform.io/hashicorp/google] >= 3.50.0, < 6.0.0
│   ├── provider[registry.terraform.io/hashicorp/random] >= 3.1.0
│   ├── module.enable_cross_project_service_account_usage
│       ├── provider[registry.terraform.io/hashicorp/null] >= 2.1.0
│       └── provider[registry.terraform.io/hashicorp/google] >= 3.53.0, < 6.0.0
│   ├── module.kms
│       └── provider[registry.terraform.io/hashicorp/google] >= 3.53.0, < 6.0.0
│   └── module.seed_project
│       ├── provider[registry.terraform.io/hashicorp/google-beta] >= 5.22.0, < 6.0.0
│       ├── provider[registry.terraform.io/hashicorp/google] >= 5.22.0, < 6.0.0
│       ├── module.project-factory
│           ├── provider[registry.terraform.io/hashicorp/google-beta] >= 5.22.0, < 6.0.0
│           ├── provider[registry.terraform.io/hashicorp/null] >= 2.1.0
│           ├── provider[registry.terraform.io/hashicorp/random] >= 2.2.0
│           ├── provider[registry.terraform.io/hashicorp/time] >= 0.5.0
│           ├── provider[registry.terraform.io/hashicorp/google] >= 5.22.0, < 6.0.0
│           └── module.project_services
│               ├── provider[registry.terraform.io/hashicorp/google-beta] >= 3.43.0, < 6.0.0
│               └── provider[registry.terraform.io/hashicorp/google] >= 3.43.0, < 6.0.0
│       ├── module.quotas
│           └── provider[registry.terraform.io/hashicorp/google-beta] >= 4.11.0, < 6.0.0
│       ├── module.shared_vpc_access
│           ├── provider[registry.terraform.io/hashicorp/google] >= 3.43.0, < 6.0.0
│           └── provider[registry.terraform.io/hashicorp/google-beta] >= 3.43.0, < 6.0.0
│       ├── module.budget
│           └── provider[registry.terraform.io/hashicorp/google] >= 4.28.0, < 6.0.0
│       ├── module.essential_contacts
│           ├── provider[registry.terraform.io/hashicorp/google-beta] >= 3.43.0, < 6.0.0
│           └── provider[registry.terraform.io/hashicorp/google] >= 3.43.0, < 6.0.0
│       └── module.gsuite_group
│           └── provider[registry.terraform.io/hashicorp/google] >= 3.43.0, < 6.0.0
├── module.parent_iam_member
│   ├── provider[registry.terraform.io/hashicorp/google] >= 3.77.0
│   ├── provider[registry.terraform.io/hashicorp/google-beta] >= 3.77.0
│   └── provider[registry.terraform.io/hashicorp/random]
├── module.required_group
│   ├── provider[registry.terraform.io/hashicorp/google-beta] >= 3.67.0, < 6.0.0
│   └── provider[registry.terraform.io/hashicorp/google] >= 3.67.0, < 6.0.0
├── module.cicd_project_iam_member
│   ├── provider[registry.terraform.io/hashicorp/google] >= 3.77.0
│   ├── provider[registry.terraform.io/hashicorp/google-beta] >= 3.77.0
│   └── provider[registry.terraform.io/hashicorp/random]
└── module.gh_cicd
    ├── provider[registry.terraform.io/hashicorp/google] ~> 4.5
    ├── provider[registry.terraform.io/hashicorp/google-beta] ~> 4.5
    ├── module.project-factory
        ├── provider[registry.terraform.io/hashicorp/null] >= 2.1.0
        ├── provider[registry.terraform.io/hashicorp/random] >= 2.2.0
        ├── provider[registry.terraform.io/hashicorp/time]
        ├── provider[registry.terraform.io/hashicorp/google] >= 3.50.0, < 5.0.0
        ├── provider[registry.terraform.io/hashicorp/google-beta] >= 3.50.0, < 5.0.0
        └── module.project_services
            ├── provider[registry.terraform.io/hashicorp/google] >= 3.43.0, < 5.0.0
            └── provider[registry.terraform.io/hashicorp/google-beta] >= 3.43.0, < 5.0.0
    ├── module.quotas
        └── provider[registry.terraform.io/hashicorp/google-beta] >= 3.1.0, < 5.0.0
    ├── module.shared_vpc_access
        ├── provider[registry.terraform.io/hashicorp/google] >= 3.43.0, < 5.0.0
        └── provider[registry.terraform.io/hashicorp/google-beta] >= 3.43.0, < 5.0.0
    ├── module.budget
        └── provider[registry.terraform.io/hashicorp/google] ~> 4.5
    ├── module.essential_contacts
        ├── provider[registry.terraform.io/hashicorp/google] >= 3.43.0, < 5.0.0
        └── provider[registry.terraform.io/hashicorp/google-beta] >= 3.43.0, < 5.0.0
    └── module.gsuite_group
        └── provider[registry.terraform.io/hashicorp/google] >= 3.43.0, < 5.0.0

Terraform Version

$ terraform version
Terraform v1.8.4
on linux_amd64

Additional information

The fix is straightforward. Change the dependency for project-factory in the gh_cicd module definition to be "~> 15.0": https://github.com/terraform-google-modules/terraform-example-foundation/blob/v4.0.0/0-bootstrap/github.tf.example#L73

With this change, terraform init successfully finished.

Looking at the code, this outdated dependency is also in the gitlab_cicd and tfc_cicd modules. The Jenkins agent is properly using the "~> 15.0" project-factory version already.

This looks related to #1131 -- that issue mentions a conflict caused by the tfc_agent_gke module, which doesn't apply here. So solving this conflict may not be enough to resolve #1131.

terraform-google-modules / terraform-example-foundation