fix: fixes lint issues and generates metadata (#171)

Co-authored-by: Awais Malik <[email protected]>

.kitchen.yml

@@ -31,3 +31,5 @@ suites:
       name: terraform
       command_timeout: 1800
       root_module_directory: test/fixtures/full
+      # setting version verification to false since it requires TF to be less than v1.1
+      verify_version: false

Makefile

@@ -18,7 +18,7 @@
 # Make will use bash instead of sh
 SHELL := /usr/bin/env bash
 
-DOCKER_TAG_VERSION_DEVELOPER_TOOLS := 1.0
+DOCKER_TAG_VERSION_DEVELOPER_TOOLS := 1.10
 DOCKER_IMAGE_DEVELOPER_TOOLS := cft/developer-tools
 REGISTRY_URL := gcr.io/cloud-foundation-cicd
 

build/int.cloudbuild.yaml

@@ -38,4 +38,4 @@ tags:
 - 'integration'
 substitutions:
   _DOCKER_IMAGE_DEVELOPER_TOOLS: 'cft/developer-tools'
-  _DOCKER_TAG_VERSION_DEVELOPER_TOOLS: '1.0'
+  _DOCKER_TAG_VERSION_DEVELOPER_TOOLS: '1.10'

build/lint.cloudbuild.yaml

@@ -21,4 +21,4 @@ tags:
 - 'lint'
 substitutions:
   _DOCKER_IMAGE_DEVELOPER_TOOLS: 'cft/developer-tools'
-  _DOCKER_TAG_VERSION_DEVELOPER_TOOLS: '1.0'
+  _DOCKER_TAG_VERSION_DEVELOPER_TOOLS: '1.10'

examples/basic_view/README.md

@@ -8,7 +8,6 @@ This is a common practice for providing limited data in a different dataset.
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| default\_table\_expiration\_ms | Default TTL of tables using the dataset in MS. | `any` | `null` | no |
 | delete\_contents\_on\_destroy | (Optional) If set to true, delete all the tables in the dataset when destroying the resource; otherwise, destroying the resource will fail if tables are present. | `bool` | `null` | no |
 | table\_dataset\_labels | A mapping of labels to assign to the table. | `map(string)` | n/a | yes |
 | table\_project\_id | Project where the dataset and table are created. | `any` | n/a | yes |

examples/basic_view/variables.tf

@@ -20,11 +20,6 @@ variable "delete_contents_on_destroy" {
   default     = null
 }
 
-variable "default_table_expiration_ms" {
-  description = "Default TTL of tables using the dataset in MS."
-  default     = null
-}
-
 variable "table_project_id" {
   description = "Project where the dataset and table are created."
 }

metadata.yaml

@@ -0,0 +1,249 @@
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: blueprints.cloud.google.com/v1alpha1
+kind: BlueprintMetadata
+metadata:
+  name: terraform-google-bigquery
+  annotations:
+    config.kubernetes.io/local-config: "true"
+spec:
+  title: terraform-google-bigquery
+  source:
+    repo: https://github.com/terraform-google-modules/terraform-google-bigquery
+    sourceType: git
+  version: 5.4.2
+  actuationTool:
+    type: Terraform
+    version: '>= 0.13'
+  subBlueprints:
+  - name: authorization
+    location: modules/authorization
+  - name: scheduled_queries
+    location: modules/scheduled_queries
+  - name: udf
+    location: modules/udf
+  examples:
+  - name: basic_bq
+    location: examples/basic_bq
+  - name: basic_view
+    location: examples/basic_view
+  - name: multiple_tables
+    location: examples/multiple_tables
+  - name: scheduled_queries
+    location: examples/scheduled_queries
+  variables:
+  - name: access
+    description: An array of objects that define dataset access for one or more entities.
+    type: any
+    default:
+    - role: roles/bigquery.dataOwner
+      special_group: projectOwners
+    required: false
+  - name: dataset_id
+    description: Unique ID for the dataset being provisioned.
+    type: string
+    required: true
+  - name: dataset_labels
+    description: Key value pairs in a map for dataset labels
+    type: map(string)
+    default: {}
+    required: false
+  - name: dataset_name
+    description: Friendly name for the dataset being provisioned.
+    type: string
+    required: false
+  - name: default_table_expiration_ms
+    description: TTL of tables using the dataset in MS
+    type: number
+    required: false
+  - name: delete_contents_on_destroy
+    description: (Optional) If set to true, delete all the tables in the dataset when destroying the resource; otherwise, destroying the resource will fail if tables are present.
+    type: bool
+    required: false
+  - name: deletion_protection
+    description: Whether or not to allow Terraform to destroy the instance. Unless this field is set to false in Terraform state, a terraform destroy or terraform apply that would delete the instance will fail
+    type: bool
+    default: false
+    required: false
+  - name: description
+    description: Dataset description.
+    type: string
+    required: false
+  - name: encryption_key
+    description: Default encryption key to apply to the dataset. Defaults to null (Google-managed).
+    type: string
+    required: false
+  - name: external_tables
+    description: A list of objects which include table_id, expiration_time, external_data_configuration, and labels.
+    type: |-
+      list(object({
+          table_id              = string,
+          autodetect            = bool,
+          compression           = string,
+          ignore_unknown_values = bool,
+          max_bad_records       = number,
+          schema                = string,
+          source_format         = string,
+          source_uris           = list(string),
+          csv_options = object({
+            quote                 = string,
+            allow_jagged_rows     = bool,
+            allow_quoted_newlines = bool,
+            encoding              = string,
+            field_delimiter       = string,
+            skip_leading_rows     = number,
+          }),
+          google_sheets_options = object({
+            range             = string,
+            skip_leading_rows = number,
+          }),
+          hive_partitioning_options = object({
+            mode              = string,
+            source_uri_prefix = string,
+          }),
+          expiration_time = string,
+          labels          = map(string),
+        }))
+    default: []
+    required: false
+  - name: location
+    description: The regional location for the dataset only US and EU are allowed in module
+    type: string
+    default: US
+    required: false
+  - name: materialized_views
+    description: A list of objects which includes view_id, view_query, clustering, time_partitioning, range_partitioning, expiration_time and labels
+    type: |-
+      list(object({
+          view_id             = string,
+          query               = string,
+          enable_refresh      = bool,
+          refresh_interval_ms = string,
+          clustering          = list(string),
+          time_partitioning = object({
+            expiration_ms            = string,
+            field                    = string,
+            type                     = string,
+            require_partition_filter = bool,
+          }),
+          range_partitioning = object({
+            field = string,
+            range = object({
+              start    = string,
+              end      = string,
+              interval = string,
+            }),
+          }),
+          expiration_time = string,
+          labels          = map(string),
+        }))
+    default: []
+    required: false
+  - name: project_id
+    description: Project where the dataset and table are created
+    type: string
+    required: true
+  - name: routines
+    description: A list of objects which include routine_id, routine_type, routine_language, definition_body, return_type, routine_description and arguments.
+    type: |-
+      list(object({
+          routine_id      = string,
+          routine_type    = string,
+          language        = string,
+          definition_body = string,
+          return_type     = string,
+          description     = string,
+          arguments = list(object({
+            name          = string,
+            data_type     = string,
+            argument_kind = string,
+            mode          = string,
+          })),
+        }))
+    default: []
+    required: false
+  - name: tables
+    description: A list of objects which include table_id, schema, clustering, time_partitioning, range_partitioning, expiration_time and labels.
+    type: |-
+      list(object({
+          table_id   = string,
+          schema     = string,
+          clustering = list(string),
+          time_partitioning = object({
+            expiration_ms            = string,
+            field                    = string,
+            type                     = string,
+            require_partition_filter = bool,
+          }),
+          range_partitioning = object({
+            field = string,
+            range = object({
+              start    = string,
+              end      = string,
+              interval = string,
+            }),
+          }),
+          expiration_time = string,
+          labels          = map(string),
+        }))
+    default: []
+    required: false
+  - name: views
+    description: A list of objects which include view_id and view query
+    type: |-
+      list(object({
+          view_id        = string,
+          query          = string,
+          use_legacy_sql = bool,
+          labels         = map(string),
+        }))
+    default: []
+    required: false
+  outputs:
+  - name: bigquery_dataset
+    description: Bigquery dataset resource.
+  - name: bigquery_external_tables
+    description: Map of BigQuery external table resources being provisioned.
+  - name: bigquery_tables
+    description: Map of bigquery table resources being provisioned.
+  - name: bigquery_views
+    description: Map of bigquery view resources being provisioned.
+  - name: external_table_ids
+    description: Unique IDs for any external tables being provisioned
+  - name: external_table_names
+    description: Friendly names for any external tables being provisioned
+  - name: project
+    description: Project where the dataset and tables are created
+  - name: routine_ids
+    description: Unique IDs for any routine being provisioned
+  - name: table_ids
+    description: Unique id for the table being provisioned
+  - name: table_names
+    description: Friendly name for the table being provisioned
+  - name: view_ids
+    description: Unique id for the view being provisioned
+  - name: view_names
+    description: friendlyname for the view being provisioned
+  roles:
+  - level: Project
+    roles:
+    - roles/bigquery.admin
+    - roles/cloudkms.cryptoKeyEncrypterDecrypter
+  services:
+  - cloudkms.googleapis.com
+  - cloudresourcemanager.googleapis.com
+  - bigquery.googleapis.com
+  - bigquerystorage.googleapis.com
+  - serviceusage.googleapis.com

modules/authorization/metadata.yaml

@@ -0,0 +1,88 @@
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: blueprints.cloud.google.com/v1alpha1
+kind: BlueprintMetadata
+metadata:
+  name: terraform-google-bigquery
+  annotations:
+    config.kubernetes.io/local-config: "true"
+spec:
+  title: BigQuery Authorized Views
+  source:
+    repo: https://github.com/terraform-google-modules/terraform-google-bigquery
+    sourceType: git
+  version: 5.4.2
+  actuationTool:
+    type: Terraform
+    version: '>= 0.13'
+  examples:
+  - name: basic_bq
+    location: examples/basic_bq
+  - name: basic_view
+    location: examples/basic_view
+  - name: multiple_tables
+    location: examples/multiple_tables
+  - name: scheduled_queries
+    location: examples/scheduled_queries
+  variables:
+  - name: authorized_datasets
+    description: An array of datasets to be authorized on the dataset
+    type: |-
+      list(object({
+          dataset_id = string,
+          project_id = string,
+        }))
+    default: []
+    required: false
+  - name: authorized_views
+    description: An array of views to give authorize for the dataset
+    type: |-
+      list(object({
+          dataset_id = string,
+          project_id = string,
+          table_id   = string # this is the view id, but we keep table_id to stay consistent as the resource
+        }))
+    required: true
+  - name: dataset_id
+    description: Unique ID for the dataset being provisioned.
+    type: string
+    required: true
+  - name: project_id
+    description: Project where the dataset and table are created
+    type: string
+    required: true
+  - name: roles
+    description: An array of objects that define dataset access for one or more entities.
+    type: any
+    default: []
+    required: false
+  outputs:
+  - name: authorized_dataset
+    description: Authorized datasets for the BQ dataset
+  - name: authorized_roles
+    description: Authorized roles for the dataset
+  - name: authorized_views
+    description: Authorized views for the dataset
+  roles:
+  - level: Project
+    roles:
+    - roles/bigquery.admin
+    - roles/cloudkms.cryptoKeyEncrypterDecrypter
+  services:
+  - cloudkms.googleapis.com
+  - cloudresourcemanager.googleapis.com
+  - bigquery.googleapis.com
+  - bigquerystorage.googleapis.com
+  - serviceusage.googleapis.com