diff --git a/Makefile b/Makefile index 7487b0d..90858ac 100644 --- a/Makefile +++ b/Makefile @@ -76,6 +76,7 @@ docker_test_lint: .PHONY: docker_generate_docs docker_generate_docs: docker run --rm -it \ + -e ENABLE_BPMETADATA \ -v "$(CURDIR)":/workspace \ $(REGISTRY_URL)/${DOCKER_IMAGE_DEVELOPER_TOOLS}:${DOCKER_TAG_VERSION_DEVELOPER_TOOLS} \ /bin/bash -c 'source /usr/local/bin/task_helper_functions.sh && generate_docs' diff --git a/examples/simple_sa/README.md b/examples/simple_sa/README.md index 5648b50..b1e42ba 100644 --- a/examples/simple_sa/README.md +++ b/examples/simple_sa/README.md @@ -14,6 +14,8 @@ This example shows how to use the `simple-sa` submodule. | Name | Description | |------|-------------| | email | Service account email | +| env\_vars | Exported environment variables | +| iam\_email | IAM format service account email | diff --git a/examples/simple_sa/outputs.tf b/examples/simple_sa/outputs.tf index 3245354..f7fe49d 100644 --- a/examples/simple_sa/outputs.tf +++ b/examples/simple_sa/outputs.tf @@ -18,3 +18,13 @@ output "email" { description = "Service account email" value = module.sa.email } + +output "iam_email" { + description = "IAM format service account email" + value = module.sa.iam_email +} + +output "env_vars" { + description = "Exported environment variables" + value = module.sa.env_vars +} diff --git a/modules/simple-sa/README.md b/modules/simple-sa/README.md index 9c7e831..0c417d5 100644 --- a/modules/simple-sa/README.md +++ b/modules/simple-sa/README.md @@ -36,6 +36,8 @@ module "sa" { | Name | Description | |------|-------------| | email | Service account email | -| id | Service account id and email | +| env\_vars | Exported environment variables | +| iam\_email | IAM format service account email | +| id | Service account id in the format 'projects/{{project}}/serviceAccounts/{{email}}' | diff --git a/modules/simple-sa/metadata.yaml b/modules/simple-sa/metadata.yaml index 7f744ba..c0d71e1 100644 --- a/modules/simple-sa/metadata.yaml +++ b/modules/simple-sa/metadata.yaml @@ -65,6 +65,10 @@ spec: outputs: - name: email description: Service account email + - name: env_vars + description: Exported environment variables + - name: iam_email + description: IAM format service account email - name: id description: Service account id and email requirements: diff --git a/modules/simple-sa/outputs.tf b/modules/simple-sa/outputs.tf index 7ef7219..4c391bd 100644 --- a/modules/simple-sa/outputs.tf +++ b/modules/simple-sa/outputs.tf @@ -19,10 +19,18 @@ output "email" { value = google_service_account.sa.email } +output "iam_email" { + description = "IAM format service account email" + value = google_service_account.sa.member +} + output "id" { - description = "Service account id and email" - value = { - id = google_service_account.sa.account_id, - email = google_service_account.sa.email - } + description = "Service account id in the format 'projects/{{project}}/serviceAccounts/{{email}}'" + value = google_service_account.sa.account_id +} + +output "env_vars" { + description = "Exported environment variables" + value = { "SERVICE_ACCOUNT_EMAIL" : google_service_account.sa.email, + "SERVICE_ACCOUNT_IAM_EMAIL" : google_service_account.sa.member } } diff --git a/test/integration/simple_sa/simple_sa_test.go b/test/integration/simple_sa/simple_sa_test.go index 70983c1..e350cf9 100644 --- a/test/integration/simple_sa/simple_sa_test.go +++ b/test/integration/simple_sa/simple_sa_test.go @@ -37,6 +37,12 @@ func TestSimpleSA(t *testing.T) { for _, b := range bindings { assert.Contains(expectedRoles, b.Get("bindings.role").String()) } + + iam_email := sa.GetStringOutput("iam_email") + env_vars := sa.GetStringOutput("env_vars") + assert.Contains(iam_email, "serviceAccount:") + assert.Contains(env_vars, "SERVICE_ACCOUNT_EMAIL") + assert.Contains(env_vars, "SERVICE_ACCOUNT_IAM_EMAIL") }) sa.Test() }