Skip to content

Commit

Permalink
bug(tf/locals): used locals var to create or lookup provider (#21)
Browse files Browse the repository at this point in the history
* Bump hashicorp/setup-terraform from 2 to 3

Bumps [hashicorp/setup-terraform](https://github.com/hashicorp/setup-terraform) from 2 to 3.
- [Release notes](https://github.com/hashicorp/setup-terraform/releases)
- [Changelog](https://github.com/hashicorp/setup-terraform/blob/main/CHANGELOG.md)
- [Commits](hashicorp/setup-terraform@v2...v3)

---
updated-dependencies:
- dependency-name: hashicorp/setup-terraform
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>

* bug(tf/locals): used locals var to create or lookup provider

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
  • Loading branch information
saidsef and dependabot[bot] authored Nov 11, 2023
1 parent 0409a10 commit f27f61b
Show file tree
Hide file tree
Showing 5 changed files with 10 additions and 13 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/ci.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ jobs:
- name: Checkout code
uses: actions/checkout@v4
- name: Setup Terraform
uses: hashicorp/setup-terraform@v2
uses: hashicorp/setup-terraform@v3
with:
terraform_version: ${{ matrix.tf-version }}
- name: Terraform Init
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/tfsec.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ jobs:
- name: Clone repo
uses: actions/checkout@v4
- name: Setup Terraform
uses: hashicorp/setup-terraform@v2
uses: hashicorp/setup-terraform@v3
with:
terraform_version: 1.5
- name: Example Remote Validate
Expand Down
12 changes: 6 additions & 6 deletions TERRAFORM.md
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,8 @@
| Name | Version |
|------|---------|
| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | ~> 1 |
| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 4 |
| <a name="requirement_tls"></a> [tls](#requirement\_tls) | >= 4 |
| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 4, < 6 |
| <a name="requirement_tls"></a> [tls](#requirement\_tls) | >= 4, < 5 |

## Providers

Expand Down Expand Up @@ -45,7 +45,7 @@ No modules.
| <a name="input_iam_role_permissions_boundary"></a> [iam\_role\_permissions\_boundary](#input\_iam\_role\_permissions\_boundary) | ARN of the permissions boundary to be used by the IAM role | `string` | `""` | no |
| <a name="input_iam_role_policy_arns"></a> [iam\_role\_policy\_arns](#input\_iam\_role\_policy\_arns) | List of IAM policy ARNs to attach to the IAM role | `list(string)` | `[]` | no |
| <a name="input_max_session_duration"></a> [max\_session\_duration](#input\_max\_session\_duration) | Maximum session duration in seconds | `number` | `3600` | no |
| <a name="input_organisation"></a> [organisation](#input\_organisation) | Terraform Cloud Organisation name | `string` | `"saidsef"` | no |
| <a name="input_organisation"></a> [organisation](#input\_organisation) | Terraform Cloud Organisation name | `string` | n/a | yes |
| <a name="input_projects"></a> [projects](#input\_projects) | List of Workspaces and run\_phase or patterns | <pre>list(object({<br> project = string<br> run_phase = string<br> workspaces = list(string)<br> }))</pre> | <pre>[<br> {<br> "project": null,<br> "run_phase": null,<br> "workspaces": null<br> }<br>]</pre> | no |
| <a name="input_provider_client_id_list"></a> [provider\_client\_id\_list](#input\_provider\_client\_id\_list) | A list of client IDs (also known as audiences) | `list(string)` | <pre>[<br> "aws.workload.identity"<br>]</pre> | no |
| <a name="input_tags"></a> [tags](#input\_tags) | Map of tags to be applied to all resources | `map(string)` | `{}` | no |
Expand All @@ -55,6 +55,6 @@ No modules.

| Name | Description |
|------|-------------|
| <a name="output_projects"></a> [projects](#output\_projects) | List of projects |
| <a name="output_role_arn"></a> [role\_arn](#output\_role\_arn) | AWS role ARN |
| <a name="output_role_id"></a> [role\_id](#output\_role\_id) | AWS role ID |
| <a name="output_projects"></a> [projects](#output\_projects) | List of Terraform Cloud projects |
| <a name="output_role_arn"></a> [role\_arn](#output\_role\_arn) | AWS Role ARN |
| <a name="output_role_id"></a> [role\_id](#output\_role\_id) | AWS Role ID |
3 changes: 2 additions & 1 deletion current.tf
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
locals {
oidc_provider = tobool(var.create_oidc_provider) ? aws_iam_openid_connect_provider.provider[0] : data.aws_iam_openid_connect_provider.provider[0]
projects = flatten([
for repo in var.projects : [
for workspace in repo.workspaces : {
Expand All @@ -19,7 +20,7 @@ data "aws_iam_policy_document" "assume_role" {

condition {
test = "StringEquals"
values = [format("%s", one(aws_iam_openid_connect_provider.provider[0].client_id_list))]
values = [format("%s", one(local.oidc_provider.client_id_list))]
variable = format("%s:aud", var.url)
}

Expand Down
4 changes: 0 additions & 4 deletions main.tf
Original file line number Diff line number Diff line change
@@ -1,7 +1,3 @@
locals {
oidc_provider = tobool(var.create_oidc_provider) ? aws_iam_openid_connect_provider.provider[0] : data.aws_iam_openid_connect_provider.provider[0]
}

resource "aws_iam_role" "role" {
count = tobool(var.enabled) ? 1 : 0

Expand Down

0 comments on commit f27f61b

Please sign in to comment.