add skipping variable #644
Conversation
There was a problem hiding this comment.
@Aayush-Abhyarthi I think we both agree on the renaming as per https://github.com/terraform-ibm-modules/terraform-ibm-landing-zone/pull/644/files#r1414474051
Bare in mind, the new variable will need to be exposed in all of the patterns
variables.tf
Outdated
| @@ -1497,10 +1497,16 @@ variable "vpc_placement_groups" { | |||
| # s2s variables | |||
| ############################################################################## | |||
|
|
|||
| variable "add_kms_block_storage_s2s" { | |||
| variable "skip_kms_block_storage_s2s_auth_policy" { | |||
| description = "Whether to create a service-to-service authorization between block storage and the key management service." | |||
There was a problem hiding this comment.
since the variable has changed, the description needs to be updated to: "Whether to skip the creation of a service-to-service authorization policy between block storage and the key management service."
There was a problem hiding this comment.
You will need to update the description for this variable everywhere it exists too
variables.tf
Outdated
| } | ||
|
|
||
| variable "skip_all_s2s_auth_policies" { | ||
| description = "Set it to true to create the authorization policy." |
There was a problem hiding this comment.
"Whether to skip the creation of all of the service-to-service authorization policies. If setting to true, policies must be in place on the account before provisioning."
There was a problem hiding this comment.
You will need to update the description for this variable everywhere you added it too
| @@ -43,7 +43,7 @@ locals { | |||
| module "kms_to_block_storage" { | |||
| source = "../list_to_map" | |||
| list = [ | |||
| for instance in(var.add_kms_block_storage_s2s ? ["block-storage"] : []) : | |||
| for instance in(var.skip_kms_block_storage_s2s_auth_policy ? ["block-storage"] : []) : | |||
There was a problem hiding this comment.
The logic needs to be reversed now since skip_kms_block_storage_s2s_auth_policy will have value of false now
|
@Aayush-Abhyarthi A PR was merged yesterday that has a reference to the |
|
@Aayush-Abhyarthi Can you resolve conflicts? Is there anything remaining in this PR? If PR is ready for review, can you remove the |
|
/run pipeline |
Aayush-Abhyarthi
changed the title
|
/run pipeline |
|
@toddgiguere any further concerns with this PR? I'm thinking it might be good now? |
|
/run pipeline |
patterns/mixed/config.tf
Outdated
| key_management = lookup(local.override[local.override_type], "key_management", local.config.key_management) | ||
| atracker = lookup(local.override[local.override_type], "atracker", local.config.atracker) | ||
| clusters = lookup(local.override[local.override_type], "clusters", local.config.clusters) | ||
| wait_till = lookup(local.override[local.override_type], "wait_till", "IngressReady") |
There was a problem hiding this comment.
A change was made on this line recently and look like you do not have it in your branch, so hence TFLint is failing. Can you replace "IngressReady" with var.wait_till
patterns/roks/module/config.tf
Outdated
| key_management = lookup(local.override[local.override_type], "key_management", local.config.key_management) | ||
| atracker = lookup(local.override[local.override_type], "atracker", local.config.atracker) | ||
| clusters = lookup(local.override[local.override_type], "clusters", local.config.clusters) | ||
| wait_till = lookup(local.override[local.override_type], "wait_till", "IngressReady") |
There was a problem hiding this comment.
| key_management = lookup(local.override[local.override_type], "key_management", local.config.key_management) | ||
| atracker = lookup(local.override[local.override_type], "atracker", local.config.atracker) | ||
| clusters = lookup(local.override[local.override_type], "clusters", local.config.clusters) | ||
| wait_till = lookup(local.override[local.override_type], "wait_till", "IngressReady") |
There was a problem hiding this comment.
|
/run pipeline |
|
@Aayush-Abhyarthi You must have introduced a bug somewhere.. |
|
/run pipeline |
|
/run pipeline |
|
/run pipeline |
|
Will run the pipeline once #670 is merged (since this PR will need a rebase then anyway) |
|
@Aayush-Abhyarthi looks like there is now a conflict in this PR after rebase. Can you resolve it please. Hold off on running the pipeline though, as #677 is running now and will be merged first |
|
/run pipeline |
|
/run pipeline |
|
The |
|
@Aayush-Abhyarthi There was another PR ready so I just merged it and now this has conflicts again. Can you please resolve, and I'll priortise this PR once conflicts addressed. Thanks |
|
/run pipeline |
|
🎉 This PR is included in version 5.11.0 🎉 The release is available on:
Your semantic-release bot 📦🚀 |
Description
#573
Release required?
x.x.X)x.X.x)X.x.x)Release notes content
Run the pipeline
If the CI pipeline doesn't run when you create the PR, the PR requires a user with GitHub collaborators access to run the pipeline.
Run the CI pipeline when the PR is ready for review and you expect tests to pass. Add a comment to the PR with the following text:
Checklist for reviewers
For mergers