fix: fixes lint issues and generates metadata (#117)

Makefile

@@ -18,7 +18,7 @@
 # Make will use bash instead of sh
 SHELL := /usr/bin/env bash
 
-DOCKER_TAG_VERSION_DEVELOPER_TOOLS := 1.5
+DOCKER_TAG_VERSION_DEVELOPER_TOOLS := 1.10
 DOCKER_IMAGE_DEVELOPER_TOOLS := cft/developer-tools
 REGISTRY_URL := gcr.io/cloud-foundation-cicd
 

build/int.cloudbuild.yaml

@@ -38,4 +38,4 @@ tags:
 - 'integration'
 substitutions:
   _DOCKER_IMAGE_DEVELOPER_TOOLS: 'cft/developer-tools'
-  _DOCKER_TAG_VERSION_DEVELOPER_TOOLS: '1.5'
+  _DOCKER_TAG_VERSION_DEVELOPER_TOOLS: '1.10'

build/lint.cloudbuild.yaml

@@ -21,4 +21,4 @@ tags:
 - 'lint'
 substitutions:
   _DOCKER_IMAGE_DEVELOPER_TOOLS: 'cft/developer-tools'
-  _DOCKER_TAG_VERSION_DEVELOPER_TOOLS: '1.5'
+  _DOCKER_TAG_VERSION_DEVELOPER_TOOLS: '1.10'

examples/kms/README.md

@@ -7,8 +7,6 @@ This example illustrates how to use the `pubsub` module with a custom `kms` key.
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| kms\_key\_name | Name of KMS key to use for pubsub topic | `string` | n/a | yes |
-| kms\_keyring\_name | Name of KMS key ring to use for pubsub topic | `string` | n/a | yes |
 | project\_id | The project ID to manage the Pub/Sub resources | `string` | n/a | yes |
 | topic\_labels | A map of labels to assign to the Pub/Sub topic | `map(string)` | `{}` | no |
 | topic\_name | The name for the Pub/Sub topic | `string` | n/a | yes |

examples/kms/variables.tf

@@ -29,13 +29,3 @@ variable "topic_labels" {
   description = "A map of labels to assign to the Pub/Sub topic"
   default     = {}
 }
-
-variable "kms_key_name" {
-  type        = string
-  description = "Name of KMS key to use for pubsub topic"
-}
-
-variable "kms_keyring_name" {
-  type        = string
-  description = "Name of KMS key ring to use for pubsub topic"
-}

main.tf

@@ -132,7 +132,7 @@ resource "google_pubsub_subscription" "push_subscriptions" {
   for_each = var.create_subscriptions ? { for i in var.push_subscriptions : i.name => i } : {}
 
   name    = each.value.name
-  topic   = var.create_topic ? google_pubsub_topic.topic.0.name : var.topic
+  topic   = var.create_topic ? google_pubsub_topic.topic[0].name : var.topic
   project = var.project_id
   labels  = var.subscription_labels
   ack_deadline_seconds = lookup(
@@ -205,7 +205,7 @@ resource "google_pubsub_subscription" "pull_subscriptions" {
   for_each = var.create_subscriptions ? { for i in var.pull_subscriptions : i.name => i } : {}
 
   name    = each.value.name
-  topic   = var.create_topic ? google_pubsub_topic.topic.0.name : var.topic
+  topic   = var.create_topic ? google_pubsub_topic.topic[0].name : var.topic
   project = var.project_id
   labels  = var.subscription_labels
   enable_exactly_once_delivery = lookup(
@@ -271,7 +271,7 @@ resource "google_pubsub_subscription" "bigquery_subscriptions" {
   for_each = var.create_subscriptions ? { for i in var.bigquery_subscriptions : i.name => i } : {}
 
   name    = each.value.name
-  topic   = var.create_topic ? google_pubsub_topic.topic.0.name : var.topic
+  topic   = var.create_topic ? google_pubsub_topic.topic[0].name : var.topic
   project = var.project_id
   labels  = var.subscription_labels
   ack_deadline_seconds = lookup(

metadata.yaml

@@ -0,0 +1,141 @@
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: blueprints.cloud.google.com/v1alpha1
+kind: BlueprintMetadata
+metadata:
+  name: terraform-google-pubsub
+  annotations:
+    config.kubernetes.io/local-config: "true"
+spec:
+  title: terraform-google-pubsub
+  source:
+    repo: https://github.com/terraform-google-modules/terraform-google-pubsub
+    sourceType: git
+  version: 4.0.1
+  actuationTool:
+    type: Terraform
+    version: '>= 0.13'
+  subBlueprints:
+  - name: cloudiot
+    location: modules/cloudiot
+  examples:
+  - name: bigquery
+    location: examples/bigquery
+  - name: cloudiot
+    location: examples/cloudiot
+  - name: kms
+    location: examples/kms
+  - name: simple
+    location: examples/simple
+  - name: subscriptions_only
+    location: examples/subscriptions_only
+  variables:
+  - name: bigquery_subscriptions
+    description: The list of the bigquery push subscriptions.
+    type: list(map(string))
+    default: []
+    required: false
+  - name: create_subscriptions
+    description: Specify true if you want to create subscriptions.
+    type: bool
+    default: true
+    required: false
+  - name: create_topic
+    description: Specify true if you want to create a topic.
+    type: bool
+    default: true
+    required: false
+  - name: grant_token_creator
+    description: Specify true if you want to add token creator role to the default Pub/Sub SA.
+    type: bool
+    default: true
+    required: false
+  - name: message_storage_policy
+    description: A map of storage policies. Default - inherit from organization's Resource Location Restriction policy.
+    type: map(any)
+    default: {}
+    required: false
+  - name: project_id
+    description: The project ID to manage the Pub/Sub resources.
+    type: string
+    required: true
+  - name: pull_subscriptions
+    description: The list of the pull subscriptions.
+    type: list(map(string))
+    default: []
+    required: false
+  - name: push_subscriptions
+    description: The list of the push subscriptions.
+    type: list(map(string))
+    default: []
+    required: false
+  - name: schema
+    description: Schema for the topic.
+    type: |-
+      object({
+          name       = string
+          type       = string
+          definition = string
+          encoding   = string
+        })
+    required: false
+  - name: subscription_labels
+    description: A map of labels to assign to every Pub/Sub subscription.
+    type: map(string)
+    default: {}
+    required: false
+  - name: topic
+    description: The Pub/Sub topic name.
+    type: string
+    required: true
+  - name: topic_kms_key_name
+    description: The resource name of the Cloud KMS CryptoKey to be used to protect access to messages published on this topic.
+    type: string
+    required: false
+  - name: topic_labels
+    description: A map of labels to assign to the Pub/Sub topic.
+    type: map(string)
+    default: {}
+    required: false
+  - name: topic_message_retention_duration
+    description: The minimum duration in seconds to retain a message after it is published to the topic.
+    type: string
+    required: false
+  outputs:
+  - name: id
+    description: The ID of the Pub/Sub topic
+  - name: subscription_names
+    description: The name list of Pub/Sub subscriptions
+  - name: subscription_paths
+    description: The path list of Pub/Sub subscriptions
+  - name: topic
+    description: The name of the Pub/Sub topic
+  - name: topic_labels
+    description: Labels assigned to the Pub/Sub topic
+  - name: uri
+    description: The URI of the Pub/Sub topic
+  roles:
+  - level: Project
+    roles:
+    - roles/cloudiot.admin
+    - roles/pubsub.admin
+    - roles/resourcemanager.projectIamAdmin
+    - roles/bigquery.admin
+  services:
+  - cloudiot.googleapis.com
+  - cloudresourcemanager.googleapis.com
+  - pubsub.googleapis.com
+  - serviceusage.googleapis.com
+  - bigquery.googleapis.com

modules/cloudiot/metadata.yaml

@@ -0,0 +1,140 @@
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: blueprints.cloud.google.com/v1alpha1
+kind: BlueprintMetadata
+metadata:
+  name: terraform-google-pubsub
+  annotations:
+    config.kubernetes.io/local-config: "true"
+spec:
+  title: terraform-google-pubsub for Cloud IoT
+  source:
+    repo: https://github.com/terraform-google-modules/terraform-google-pubsub
+    sourceType: git
+  version: 4.0.1
+  actuationTool:
+    type: Terraform
+    version: '>= 0.13'
+  examples:
+  - name: bigquery
+    location: examples/bigquery
+  - name: cloudiot
+    location: examples/cloudiot
+  - name: kms
+    location: examples/kms
+  - name: simple
+    location: examples/simple
+  - name: subscriptions_only
+    location: examples/subscriptions_only
+  variables:
+  - name: event_notification_config
+    description: The event notification configuration for the Cloud IoT registry. This contains `topic`, `topic_labels`, `pull_subscriptions` and `push_subscriptions` and `create_topic`.
+    type: |-
+      object({
+          topic              = string
+          topic_labels       = map(string)
+          push_subscriptions = list(map(string))
+          pull_subscriptions = list(map(string))
+          create_topic       = bool
+        })
+    default:
+      create_topic: false
+      pull_subscriptions: []
+      push_subscriptions: []
+      topic: ""
+      topic_labels: {}
+    required: false
+  - name: http_enabled_state
+    description: The field allows HTTP_ENABLED or HTTP_DISABLED
+    type: string
+    default: HTTP_DISABLED
+    required: false
+  - name: mqtt_enabled_state
+    description: The field allows MQTT_ENABLED or MQTT_DISABLED
+    type: string
+    default: MQTT_ENABLED
+    required: false
+  - name: name
+    description: The Cloud IoT registry name
+    type: string
+    required: true
+  - name: project_id
+    description: The project ID to manage the Cloud IoT resources
+    type: string
+    required: true
+  - name: public_key_certificates
+    description: The list for public key certificates
+    type: list(object({ format = string, certificate = string }))
+    default: []
+    required: false
+  - name: region
+    description: The region to host the registry
+    type: string
+    required: true
+  - name: state_notification_config
+    description: The state notification configuration for the Cloud IoT registry. This contains `topic`, `topic_labels`, `pull_subscriptions` and `push_subscriptions` and `create_topic`.
+    type: |-
+      object({
+          topic              = string
+          topic_labels       = map(string)
+          push_subscriptions = list(map(string))
+          pull_subscriptions = list(map(string))
+          create_topic       = bool
+        })
+    default:
+      create_topic: false
+      pull_subscriptions: []
+      push_subscriptions: []
+      topic: ""
+      topic_labels: {}
+    required: false
+  outputs:
+  - name: credentials
+    description: The credentials for Cloud IoT registry
+  - name: event_notification_subscription_names
+    description: The name list of Pub/Sub subscriptions associated with the registry
+  - name: event_notification_subscription_paths
+    description: The path list of Pub/Sub subscriptions associated with the registry
+  - name: event_notification_topic
+    description: The name of the Pub/Sub topic associated with the registry
+  - name: event_notification_topic_id
+    description: The id of the Pub/Sub topic associated with the registry
+  - name: name
+    description: The name of the Cloud IoT registry
+  - name: region
+    description: The region of the Cloud IoT registry
+  - name: registry
+    description: The registry being created by this module
+  - name: state_notification_subscription_names
+    description: The name list of Pub/Sub subscriptions associated with the registry
+  - name: state_notification_subscription_paths
+    description: The path list of Pub/Sub subscriptions associated with the registry
+  - name: state_notification_topic
+    description: The name of the Pub/Sub topic associated with the registry
+  - name: state_notification_topic_id
+    description: The id of the Pub/Sub topic associated with the registry
+  roles:
+  - level: Project
+    roles:
+    - roles/cloudiot.admin
+    - roles/pubsub.admin
+    - roles/resourcemanager.projectIamAdmin
+    - roles/bigquery.admin
+  services:
+  - cloudiot.googleapis.com
+  - cloudresourcemanager.googleapis.com
+  - pubsub.googleapis.com
+  - serviceusage.googleapis.com
+  - bigquery.googleapis.com

outputs.tf

@@ -15,22 +15,22 @@
  */
 
 output "topic" {
-  value       = length(google_pubsub_topic.topic) > 0 ? google_pubsub_topic.topic.0.name : ""
+  value       = length(google_pubsub_topic.topic) > 0 ? google_pubsub_topic.topic[0].name : ""
   description = "The name of the Pub/Sub topic"
 }
 
 output "topic_labels" {
-  value       = length(google_pubsub_topic.topic) > 0 ? google_pubsub_topic.topic.0.labels : {}
+  value       = length(google_pubsub_topic.topic) > 0 ? google_pubsub_topic.topic[0].labels : {}
   description = "Labels assigned to the Pub/Sub topic"
 }
 
 output "id" {
-  value       = length(google_pubsub_topic.topic) > 0 ? google_pubsub_topic.topic.0.id : ""
+  value       = length(google_pubsub_topic.topic) > 0 ? google_pubsub_topic.topic[0].id : ""
   description = "The ID of the Pub/Sub topic"
 }
 
 output "uri" {
-  value       = length(google_pubsub_topic.topic) > 0 ? "pubsub.googleapis.com/${google_pubsub_topic.topic.0.id}" : ""
+  value       = length(google_pubsub_topic.topic) > 0 ? "pubsub.googleapis.com/${google_pubsub_topic.topic[0].id}" : ""
   description = "The URI of the Pub/Sub topic"
 }