From 4a8ae8b8c8e326039909460c400dec492b723a4d Mon Sep 17 00:00:00 2001 From: dkuji Date: Sun, 29 Oct 2023 00:25:49 +0900 Subject: [PATCH] feat: Enable multiple display name --- examples/multiple_service_accounts/main.tf | 2 +- main.tf | 2 +- outputs.tf | 5 +++++ test/integration/multiple_service_accounts/controls/gcp.rb | 5 +++++ test/integration/multiple_service_accounts/inspec.yml | 3 +++ variables.tf | 6 ++++++ 6 files changed, 21 insertions(+), 2 deletions(-) diff --git a/examples/multiple_service_accounts/main.tf b/examples/multiple_service_accounts/main.tf index b4fd667..6259fd7 100644 --- a/examples/multiple_service_accounts/main.tf +++ b/examples/multiple_service_accounts/main.tf @@ -20,7 +20,7 @@ module "service_accounts" { prefix = "" names = ["test-first", "test-second"] generate_keys = true - display_name = "Test Service Accounts" + display_names = ["Test Service Accounts first", "Test Service Accounts second"] description = "Test Service Accounts description" project_roles = [ diff --git a/main.tf b/main.tf index 61376fd..6cb46a7 100644 --- a/main.tf +++ b/main.tf @@ -37,7 +37,7 @@ locals { resource "google_service_account" "service_accounts" { for_each = local.names account_id = "${local.prefix}${lower(each.value)}" - display_name = var.display_name + display_name = index(var.names, each.value) >= length(var.display_names) ? var.display_name : element(var.display_names, index(var.names, each.value)) description = index(var.names, each.value) >= length(var.descriptions) ? var.description : element(var.descriptions, index(var.names, each.value)) project = var.project_id } diff --git a/outputs.tf b/outputs.tf index 35e2506..d66d913 100644 --- a/outputs.tf +++ b/outputs.tf @@ -70,3 +70,8 @@ output "keys" { sensitive = true value = { for k, v in local.names : k => var.generate_keys ? base64decode(google_service_account_key.keys[v].private_key) : "" } } + +output "display_names" { + description = "display names variable." + value = var.display_names +} diff --git a/test/integration/multiple_service_accounts/controls/gcp.rb b/test/integration/multiple_service_accounts/controls/gcp.rb index 4272287..6bd289e 100644 --- a/test/integration/multiple_service_accounts/controls/gcp.rb +++ b/test/integration/multiple_service_accounts/controls/gcp.rb @@ -30,4 +30,9 @@ end end + attribute('display_names').each do |display_name| + describe google_service_accounts(project: "#{attribute('project_id')}") do + its('service_account_display_names'){ should include display_name } + end + end end diff --git a/test/integration/multiple_service_accounts/inspec.yml b/test/integration/multiple_service_accounts/inspec.yml index dfa7304..1b71492 100644 --- a/test/integration/multiple_service_accounts/inspec.yml +++ b/test/integration/multiple_service_accounts/inspec.yml @@ -30,3 +30,6 @@ attributes: - name: iam_emails required: true type: hash + - name: display_names + required: true + type: array diff --git a/variables.tf b/variables.tf index 484d229..5c102ca 100644 --- a/variables.tf +++ b/variables.tf @@ -73,6 +73,12 @@ variable "display_name" { default = "Terraform-managed service account" } +variable "display_names" { + type = list(string) + description = "List of display_names for the created service accounts (elements default to the value of `display_name`)" + default = [] +} + variable "description" { type = string description = "Default description of the created service accounts (defaults to no description)"