From f90bf55899d5b377b7853f3f1fd7937a8d8f3c37 Mon Sep 17 00:00:00 2001
From: caetano-colin <ccolin@ciandt.com>
Date: Fri, 21 Jun 2024 09:26:17 -0300
Subject: [PATCH] ar module

---
 .../modules/artifact_registry/README.md       |  3 ++-
 .../modules/artifact_registry/data.tf         | 12 +--------
 .../modules/artifact_registry/locals.tf       |  1 -
 .../modules/artifact_registry/variables.tf    | 27 ++++++++++++-------
 4 files changed, 20 insertions(+), 23 deletions(-)

diff --git a/5-app-infra/source_repos/service-catalog/modules/artifact_registry/README.md b/5-app-infra/source_repos/service-catalog/modules/artifact_registry/README.md
index 0031846c..455f824f 100644
--- a/5-app-infra/source_repos/service-catalog/modules/artifact_registry/README.md
+++ b/5-app-infra/source_repos/service-catalog/modules/artifact_registry/README.md
@@ -63,8 +63,9 @@ No outputs.
 | cleanup\_policy\_dry\_run | Whether to perform a dry run of the cleanup policy. | `bool` | `false` | no |
 | description | Description of the repository. | `string` | `""` | no |
 | format | Format of the repository. | `string` | `"DOCKER"` | no |
+| kms\_keyring | The KMS keyring that will be used when selecting the KMS key, preferably this should be on the same region as the other resources and the same environment.<br>This value can be obtained by running "gcloud kms keyrings list --project=KMS\_PROJECT\_ID --location=REGION." | `string` | n/a | yes |
 | name | Name of the repository. | `string` | n/a | yes |
-| project\_id | Optional Project ID. | `string` | `null` | no |
+| project\_id | Project ID. | `string` | n/a | yes |
 | region | The resource region, one of [us-central1, us-east4]. | `string` | `"us-central1"` | no |
 
 ## Outputs
diff --git a/5-app-infra/source_repos/service-catalog/modules/artifact_registry/data.tf b/5-app-infra/source_repos/service-catalog/modules/artifact_registry/data.tf
index 0ce9ad7b..72555a5b 100644
--- a/5-app-infra/source_repos/service-catalog/modules/artifact_registry/data.tf
+++ b/5-app-infra/source_repos/service-catalog/modules/artifact_registry/data.tf
@@ -18,17 +18,7 @@ data "google_project" "project" {
   project_id = var.project_id
 }
 
-data "google_projects" "kms" {
-  filter = "labels.application_name:env-kms labels.environment:${data.google_project.project.labels.environment} lifecycleState:ACTIVE"
-}
-
-data "google_kms_key_ring" "kms" {
-  name     = local.keyring_name
-  location = var.region
-  project  = data.google_projects.kms.projects.0.project_id
-}
-
 data "google_kms_crypto_key" "key" {
   name     = data.google_project.project.name
-  key_ring = data.google_kms_key_ring.kms.id
+  key_ring = var.kms_keyring
 }
diff --git a/5-app-infra/source_repos/service-catalog/modules/artifact_registry/locals.tf b/5-app-infra/source_repos/service-catalog/modules/artifact_registry/locals.tf
index c11543ac..8b98b2db 100644
--- a/5-app-infra/source_repos/service-catalog/modules/artifact_registry/locals.tf
+++ b/5-app-infra/source_repos/service-catalog/modules/artifact_registry/locals.tf
@@ -15,7 +15,6 @@
  */
 
 locals {
-  keyring_name = "sample-keyring"
   region_short_code = {
     "us-central1" = "usc1"
     "us-east4"    = "use4"
diff --git a/5-app-infra/source_repos/service-catalog/modules/artifact_registry/variables.tf b/5-app-infra/source_repos/service-catalog/modules/artifact_registry/variables.tf
index 99cb1a45..8b5241b5 100644
--- a/5-app-infra/source_repos/service-catalog/modules/artifact_registry/variables.tf
+++ b/5-app-infra/source_repos/service-catalog/modules/artifact_registry/variables.tf
@@ -1,5 +1,5 @@
-/** <!--
- * 4Copyright 2024 Google LLC
+/**
+ * Copyright 2024 Google LLC
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -12,23 +12,23 @@
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
- * -->
+ *
  */
 
 variable "name" {
-  description = "Name of the repository."
   type        = string
+  description = "Name of the repository."
 }
 
 variable "description" {
-  description = "Description of the repository."
   type        = string
+  description = "Description of the repository."
   default     = ""
 }
 
 variable "format" {
-  description = "Format of the repository."
   type        = string
+  description = "Format of the repository."
   default     = "DOCKER"
 }
 
@@ -43,13 +43,12 @@ variable "region" {
 }
 
 variable "cleanup_policy_dry_run" {
-  description = "Whether to perform a dry run of the cleanup policy."
   type        = bool
+  description = "Whether to perform a dry run of the cleanup policy."
   default     = false
 }
 
 variable "cleanup_policies" {
-  description = "List of cleanup policies."
   type = list(object({
     id     = string
     action = optional(string)
@@ -64,6 +63,7 @@ variable "cleanup_policies" {
       keep_count            = optional(number)
     })))
   }))
+  description = "List of cleanup policies."
   default = [
     {
       id     = "delete-prerelease"
@@ -81,6 +81,13 @@ variable "cleanup_policies" {
 
 variable "project_id" {
   type        = string
-  description = "Optional Project ID."
-  default     = null
+  description = "Project ID."
+}
+
+variable "kms_keyring" {
+  type        = string
+  description = <<EOF
+The KMS keyring that will be used when selecting the KMS key, preferably this should be on the same region as the other resources and the same environment.
+This value can be obtained by running "gcloud kms keyrings list --project=KMS_PROJECT_ID --location=REGION."
+EOF
 }