From c93431c2c9a84541733872c81d8bec241345c16b Mon Sep 17 00:00:00 2001
From: Caetano Colin <164910343+caetano-colin@users.noreply.github.com>
Date: Mon, 24 Jun 2024 16:58:25 -0300
Subject: [PATCH] refactor pubsub (#60)

---
 .../service-catalog/modules/pubsub/README.md  |  7 ++++---
 .../service-catalog/modules/pubsub/data.tf    | 13 +------------
 .../service-catalog/modules/pubsub/locals.tf  | 19 -------------------
 .../modules/pubsub/variables.tf               | 16 +++++++++++-----
 4 files changed, 16 insertions(+), 39 deletions(-)
 delete mode 100644 5-app-infra/source_repos/service-catalog/modules/pubsub/locals.tf

diff --git a/5-app-infra/source_repos/service-catalog/modules/pubsub/README.md b/5-app-infra/source_repos/service-catalog/modules/pubsub/README.md
index 1aa923b9..20f8b04d 100644
--- a/5-app-infra/source_repos/service-catalog/modules/pubsub/README.md
+++ b/5-app-infra/source_repos/service-catalog/modules/pubsub/README.md
@@ -67,11 +67,12 @@ The following table outlines which of the suggested controls for Vertex Generati
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| locked\_regions | Regions that pubsub presistence is locked to | `list(any)` | <pre>[<br>  "us-central1",<br>  "us-east4"<br>]</pre> | no |
+| kms\_keyring | The KMS keyring that will be used when selecting the KMS key, preferably this should be on the same region as the other resources and the same environment.<br>This value can be obtained by running "gcloud kms keyrings list --project=KMS\_PROJECT\_ID --location=REGION." | `string` | n/a | yes |
+| locked\_regions | Regions that Pub/Sub persistence is locked to. | `list(any)` | <pre>[<br>  "us-central1",<br>  "us-east4"<br>]</pre> | no |
 | message\_retention\_duration | Message retention duration. | `string` | `"86400s"` | no |
-| project\_id | Optional Project ID. | `string` | `null` | no |
+| project\_id | Project ID. | `string` | n/a | yes |
 | region | The resource region, one of [us-central1, us-east4]. | `string` | `"us-central1"` | no |
-| topic\_name | Topic name | `string` | n/a | yes |
+| topic\_name | Topic name. | `string` | n/a | yes |
 
 ## Outputs
 
diff --git a/5-app-infra/source_repos/service-catalog/modules/pubsub/data.tf b/5-app-infra/source_repos/service-catalog/modules/pubsub/data.tf
index 5ec06b5d..b45bc6cd 100644
--- a/5-app-infra/source_repos/service-catalog/modules/pubsub/data.tf
+++ b/5-app-infra/source_repos/service-catalog/modules/pubsub/data.tf
@@ -18,18 +18,7 @@ data "google_project" "project" {
   project_id = var.project_id
 }
 
-data "google_projects" "kms" {
-  filter = "labels.application_name:env-kms labels.environment:${data.google_project.project.labels.environment} lifecycleState:ACTIVE"
-}
-
-data "google_kms_key_ring" "kms" {
-  name     = local.keyring_name
-  location = var.region
-  project  = data.google_projects.kms.projects.0.project_id
-}
-
 data "google_kms_crypto_key" "key" {
   name     = data.google_project.project.name
-  key_ring = data.google_kms_key_ring.kms.id
+  key_ring = var.kms_keyring
 }
-
diff --git a/5-app-infra/source_repos/service-catalog/modules/pubsub/locals.tf b/5-app-infra/source_repos/service-catalog/modules/pubsub/locals.tf
deleted file mode 100644
index 9a1fcf38..00000000
--- a/5-app-infra/source_repos/service-catalog/modules/pubsub/locals.tf
+++ /dev/null
@@ -1,19 +0,0 @@
-/**
- * Copyright 2024 Google LLC
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-locals {
-  keyring_name = "sample-keyring"
-}
diff --git a/5-app-infra/source_repos/service-catalog/modules/pubsub/variables.tf b/5-app-infra/source_repos/service-catalog/modules/pubsub/variables.tf
index 8101d407..4cab7a21 100644
--- a/5-app-infra/source_repos/service-catalog/modules/pubsub/variables.tf
+++ b/5-app-infra/source_repos/service-catalog/modules/pubsub/variables.tf
@@ -16,14 +16,13 @@
 
 variable "project_id" {
   type        = string
-  description = "Optional Project ID."
-  default     = null
+  description = "Project ID."
 }
 
 variable "message_retention_duration" {
+  type        = string
   description = "Message retention duration."
   default     = "86400s"
-  type        = string
 }
 
 variable "region" {
@@ -37,16 +36,23 @@ variable "region" {
 }
 
 variable "topic_name" {
-  description = "Topic name"
   type        = string
+  description = "Topic name."
 }
 
 variable "locked_regions" {
-  description = "Regions that pubsub presistence is locked to"
   type        = list(any)
+  description = "Regions that Pub/Sub persistence is locked to."
   default = [
     "us-central1",
     "us-east4"
   ]
 }
 
+variable "kms_keyring" {
+  type        = string
+  description = <<EOF
+The KMS keyring that will be used when selecting the KMS key, preferably this should be on the same region as the other resources and the same environment.
+This value can be obtained by running "gcloud kms keyrings list --project=KMS_PROJECT_ID --location=REGION."
+EOF
+}