Closed Narinas closed 1 year ago
Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).
View this failed invocation of the CLA check for more information.
For the most up to date status, view the checks section at the bottom of the pull request.
Thanks for the PR! 🚀 Unfortunately it looks like some of our CI checks failed. See the Contributing Guide for details.
⚠️check_terraform Failed Terraform check. More details below.
Running terraform fmt
variables.tf
--- old/variables.tf
+++ new/variables.tf
@@ -102,7 +102,7 @@
variable "use_google_org_policy_policy" {
description = "Use google_org_policy_policy instead of the google_organization_policy_* resources (V2 API). https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/org_policy_policy"
Error: terraform fmt failed with exit code 3 Check the output for diffs and correct using terraform fmt
count = var.use_google_org_policy_policy && local.organization && local.boolean_policy ? 1 : 0
name = "organization/${var.organization_id}/policies/${var.constraint}"
count = var.use_google_org_policy_policy && local.organization && local.boolean_policy ? 1 : 0
name = "organization/${var.organization_id}/policies/${var.constraint}" parent = "organization/${var.organization_id}"
spec { rules { enforce = local.enforce_v2 dynamic "condition" {
for_each = var.conditions
for_each = var.conditions
content {
description = each.key.description
@@ -46,11 +46,11 @@ resource "google_org_policy_policy" "policy_policy_boolean_exclude_folders" { for_each = (var.use_google_org_policy_policy && local.boolean_policy && !local.project) ? var.exclude_folders : []
name = "folders/${var.organization_id}/policies/${var.constraint}"
name = "folders/${var.organization_id}/policies/${var.constraint}" parent = "folders/${var.organization_id}" spec { rules {
enforce = local.enforce_v2 == false ? "TRUE": "FALSE"
enforce = local.enforce_v2 == false ? "TRUE" : "FALSE" } } } @@ -61,11 +61,11 @@ resource "google_org_policy_policy" "policy_policy_boolean_exclude_projects" { for_each = (var.use_google_org_policy_policy && local.boolean_policy && !local.project) ? var.exclude_projects : []
name = "projects/${var.organization_id}/policies/${var.constraint}"
name = "projects/${var.organization_id}/policies/${var.constraint}" parent = "projects/${var.organization_id}" spec { rules {
enforce = local.enforce_v2 == false ? "TRUE": "FALSE"
enforce = local.enforce_v2 == false ? "TRUE" : "FALSE" } } } Error: terraform fmt failed with exit code 3 Check the output for diffs and correct using terraform fmt
// If allow/deny list empty and enforce is not set, enforce is set to true
enforce = var.allow_list_length > 0 || var.deny_list_length > 0 ? null : var.enforce != false
enforce = var.allow_list_length > 0 || var.deny_list_length > 0 ? null : var.enforce != false // variables set for use of google_org_policy_policy resource
enforce_v2 = local.enforce == true ? "TRUE" : local.enforce == false ? "FALSE" : null
parent_root = local.organization ? "organizations" : local.folder ? "folders" : "projects"
enforce_v2 = local.enforce == true ? "TRUE" : local.enforce == false ? "FALSE" : null
parent_root = local.organization ? "organizations" : local.folder ? "folders" : "projects" policy_for_id = local.organization ? var.organization_id : local.folder ? var.folder_id : var.folder_id
invalid_config_case_1 = var.deny_list_length > 0 && var.allow_list_length > 0 Error: terraform fmt failed with exit code 3 Check the output for diffs and correct using terraform fmt
for_each = (!var.use_google_org_policy_policy && local.list_policy && ! local.project) ? var.exclude_folders : []
for_each = (!var.use_google_org_policy_policy && local.list_policy && !local.project) ? var.exclude_folders : []
folder = each.value constraint = var.constraint @@ -224,7 +224,7 @@ Exclude projects from policy (list constraint) *****/ resource "google_project_organization_policy" "project_policy_list_exclude_projects" {
for_each = (!var.use_google_org_policy_policy && local.list_policy && ! local.project) ? var.exclude_projects : []
for_each = (!var.use_google_org_policy_policy && local.list_policy && !local.project) ? var.exclude_projects : []
project = each.value constraint = var.constraint Error: terraform fmt failed with exit code 3 Check the output for diffs and correct using terraform fmt
for_each = var.conditions
for_each = var.conditions
content {
description = each.key.description
expression = each.key.expression
location = each.key.location
title = each.key.title
}
description = each.key.description
expression = each.key.expression
location = each.key.location
title = each.key.title
} }
values { @@ -57,7 +57,7 @@ Exclude folders from policy (list constraint) *****/ resource "google_org_policy_policy" "folder_policy_list_exclude_folders" {
for_each = (var.use_google_org_policy_policy && local.list_policy && ! local.project) ? var.exclude_folders : []
for_each = (var.use_google_org_policy_policy && local.list_policy && !local.project) ? var.exclude_folders : []
name = "folders/${each.value}/policies/${var.constraint}" parent = "folders/${each.value}" @@ -65,7 +65,7 @@
spec { inherit_from_parent = false
reset = true
reset = true } }
@@ -73,7 +73,7 @@ Exclude projects from policy (list constraint) *****/ resource "google_org_policy_policy" "project_policy_list_exclude_projects" {
for_each = (var.use_google_org_policy_policy && local.list_policy && !local.project) ? var.exclude_projects : []
name = "projects/${each.value}/policies/${var.constraint}" parent = "projects/${each.value}" @@ -81,6 +81,6 @@
spec { inherit_from_parent = false
This PR is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days
Added support for the Resource Manager V2 API with the new Google Provider google_org_policy_policy resource. Testing is pending, if maintainers are able to test it will be much appreciated, if not I will make testing later.