From 7e3481b73831f7588e9d7e4ea9bf3c1766e2bf77 Mon Sep 17 00:00:00 2001 From: Noah Kraemer Date: Wed, 11 Oct 2023 16:31:57 -0700 Subject: [PATCH 1/7] Pin google provider and terraform versions due to breaking changes --- .../services/cloud-bench-workload-identity/versions.tf | 8 ++++---- modules/services/cloud-bench/versions.tf | 6 +++--- modules/services/cloud-connector/versions.tf | 4 ++-- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/modules/services/cloud-bench-workload-identity/versions.tf b/modules/services/cloud-bench-workload-identity/versions.tf index 62874d0..52dbc9a 100644 --- a/modules/services/cloud-bench-workload-identity/versions.tf +++ b/modules/services/cloud-bench-workload-identity/versions.tf @@ -1,18 +1,18 @@ terraform { - required_version = ">= 0.15.0" + required_version = ">= 0.15.0, < 1.6.0" required_providers { google = { source = "hashicorp/google" - version = ">= 4.21.0" + version = ">= 4.21.0, < 5.0.0" } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.21.0" + version = ">= 4.21.0, < 5.0.0" } sysdig = { source = "sysdiglabs/sysdig" - version = ">= 0.5.46" + version = ">= 0.5.21" } } } diff --git a/modules/services/cloud-bench/versions.tf b/modules/services/cloud-bench/versions.tf index 801dd7e..52dbc9a 100644 --- a/modules/services/cloud-bench/versions.tf +++ b/modules/services/cloud-bench/versions.tf @@ -1,14 +1,14 @@ terraform { - required_version = ">= 0.15.0" + required_version = ">= 0.15.0, < 1.6.0" required_providers { google = { source = "hashicorp/google" - version = ">= 4.21.0" + version = ">= 4.21.0, < 5.0.0" } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.21.0" + version = ">= 4.21.0, < 5.0.0" } sysdig = { source = "sysdiglabs/sysdig" diff --git a/modules/services/cloud-connector/versions.tf b/modules/services/cloud-connector/versions.tf index 349b478..09bc51e 100644 --- a/modules/services/cloud-connector/versions.tf +++ b/modules/services/cloud-connector/versions.tf @@ -1,10 +1,10 @@ terraform { - required_version = ">= 0.15.0" + required_version = ">= 0.15.0, < 1.6.0" required_providers { google = { source = "hashicorp/google" - version = ">= 4.21.0" + version = ">= 4.21.0, < 5.0.0" } random = { version = ">= 3.1.0" From 52778193e3ea9cb9027acb42b83d9fb153267e8c Mon Sep 17 00:00:00 2001 From: iru Date: Thu, 12 Oct 2023 08:41:56 +0200 Subject: [PATCH 2/7] chore: propagate verion to examples --- examples/organization-org_compliance/README.md | 8 ++++---- examples/organization-org_compliance/versions.tf | 6 +++--- examples/organization/README.md | 8 ++++---- examples/organization/versions.tf | 6 +++--- examples/single-project-k8s/README.md | 8 ++++---- examples/single-project-k8s/versions.tf | 6 +++--- examples/single-project/README.md | 8 ++++---- examples/single-project/versions.tf | 6 +++--- modules/services/cloud-bench/README.md | 6 +++--- modules/services/cloud-connector/README.md | 6 +++--- modules/services/cloud-connector/main.tf | 4 ++-- 11 files changed, 36 insertions(+), 36 deletions(-) diff --git a/examples/organization-org_compliance/README.md b/examples/organization-org_compliance/README.md index 5f5626d..c6fb7fe 100644 --- a/examples/organization-org_compliance/README.md +++ b/examples/organization-org_compliance/README.md @@ -111,16 +111,16 @@ module "secure-for-cloud_example_organization" { | Name | Version | |------|---------| -| [terraform](#requirement\_terraform) | >= 0.15.0 | -| [google](#requirement\_google) | >= 4.21.0 | -| [google-beta](#requirement\_google-beta) | >= 4.21.0 | +| [terraform](#requirement\_terraform) | >= 0.15.0, < 1.6.0 | +| [google](#requirement\_google) | >= 4.21.0, < 5.0.0 | +| [google-beta](#requirement\_google-beta) | >= 4.21.0, < 5.0.0 | | [sysdig](#requirement\_sysdig) | >= 0.5.46 | ## Providers | Name | Version | |------|---------| -| [google](#provider\_google) | >= 4.21.0 | +| [google](#provider\_google) | >= 4.21.0, < 5.0.0 | | [sysdig](#provider\_sysdig) | >= 0.5.46 | ## Modules diff --git a/examples/organization-org_compliance/versions.tf b/examples/organization-org_compliance/versions.tf index 205eca8..cf8f134 100644 --- a/examples/organization-org_compliance/versions.tf +++ b/examples/organization-org_compliance/versions.tf @@ -1,15 +1,15 @@ terraform { - required_version = ">= 0.15.0" + required_version = ">= 0.15.0, < 1.6.0" required_providers { google = { source = "hashicorp/google" - version = ">= 4.21.0" + version = ">= 4.21.0, < 5.0.0" configuration_aliases = [google.multiproject] } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.21.0" + version = ">= 4.21.0, < 5.0.0" configuration_aliases = [google-beta.multiproject] } sysdig = { diff --git a/examples/organization/README.md b/examples/organization/README.md index 4434bf4..63534b1 100644 --- a/examples/organization/README.md +++ b/examples/organization/README.md @@ -100,16 +100,16 @@ module "secure-for-cloud_example_organization" { | Name | Version | |------|---------| -| [terraform](#requirement\_terraform) | >= 0.15.0 | -| [google](#requirement\_google) | >= 4.21.0 | -| [google-beta](#requirement\_google-beta) | >= 4.21.0 | +| [terraform](#requirement\_terraform) | >= 0.15.0, < 1.6.0 | +| [google](#requirement\_google) | >= 4.21.0, < 5.0.0 | +| [google-beta](#requirement\_google-beta) | >= 4.21.0, < 5.0.0 | | [sysdig](#requirement\_sysdig) | >= 0.5.21 | ## Providers | Name | Version | |------|---------| -| [google](#provider\_google) | >= 4.21.0 | +| [google](#provider\_google) | >= 4.21.0, < 5.0.0 | | [sysdig](#provider\_sysdig) | >= 0.5.21 | ## Modules diff --git a/examples/organization/versions.tf b/examples/organization/versions.tf index 0810f06..f991f5a 100644 --- a/examples/organization/versions.tf +++ b/examples/organization/versions.tf @@ -1,15 +1,15 @@ terraform { - required_version = ">= 0.15.0" + required_version = ">= 0.15.0, < 1.6.0" required_providers { google = { source = "hashicorp/google" - version = ">= 4.21.0" + version = ">= 4.21.0, < 5.0.0" configuration_aliases = [google.multiproject] } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.21.0" + version = ">= 4.21.0, < 5.0.0" configuration_aliases = [google-beta.multiproject] } sysdig = { diff --git a/examples/single-project-k8s/README.md b/examples/single-project-k8s/README.md index a7ab0c7..ab1d718 100644 --- a/examples/single-project-k8s/README.md +++ b/examples/single-project-k8s/README.md @@ -71,9 +71,9 @@ See [inputs summary](#inputs) or module module [`variables.tf`](./variables.tf) | Name | Version | |------|---------| -| [terraform](#requirement\_terraform) | >= 0.15.0 | -| [google](#requirement\_google) | >= 4.21.0 | -| [google-beta](#requirement\_google-beta) | >= 4.21.0 | +| [terraform](#requirement\_terraform) | >= 0.15.0, < 1.6.0 | +| [google](#requirement\_google) | >= 4.21.0, < 5.0.0 | +| [google-beta](#requirement\_google-beta) | >= 4.21.0, < 5.0.0 | | [helm](#requirement\_helm) | >=2.3.0 | | [sysdig](#requirement\_sysdig) | >= 0.5.21 | @@ -81,7 +81,7 @@ See [inputs summary](#inputs) or module module [`variables.tf`](./variables.tf) | Name | Version | |------|---------| -| [google](#provider\_google) | >= 4.21.0 | +| [google](#provider\_google) | >= 4.21.0, < 5.0.0 | | [helm](#provider\_helm) | >=2.3.0 | | [sysdig](#provider\_sysdig) | >= 0.5.21 | diff --git a/examples/single-project-k8s/versions.tf b/examples/single-project-k8s/versions.tf index 598ae51..64a39c3 100644 --- a/examples/single-project-k8s/versions.tf +++ b/examples/single-project-k8s/versions.tf @@ -1,13 +1,13 @@ terraform { - required_version = ">= 0.15.0" + required_version = ">= 0.15.0, < 1.6.0" required_providers { google = { source = "hashicorp/google" - version = ">= 4.21.0" + version = ">= 4.21.0, < 5.0.0" } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.21.0" + version = ">= 4.21.0, < 5.0.0" } sysdig = { source = "sysdiglabs/sysdig" diff --git a/examples/single-project/README.md b/examples/single-project/README.md index 49630f7..fe9bf4b 100644 --- a/examples/single-project/README.md +++ b/examples/single-project/README.md @@ -73,16 +73,16 @@ module "secure-for-cloud_example_single-project" { | Name | Version | |------|---------| -| [terraform](#requirement\_terraform) | >= 0.15.0 | -| [google](#requirement\_google) | >= 4.21.0 | -| [google-beta](#requirement\_google-beta) | >= 4.21.0 | +| [terraform](#requirement\_terraform) | >= 0.15.0, < 1.6.0 | +| [google](#requirement\_google) | >= 4.21.0, < 5.0.0 | +| [google-beta](#requirement\_google-beta) | >= 4.21.0, < 5.0.0 | | [sysdig](#requirement\_sysdig) | >= 0.5.21 | ## Providers | Name | Version | |------|---------| -| [google](#provider\_google) | >= 4.21.0 | +| [google](#provider\_google) | >= 4.21.0, < 5.0.0 | | [sysdig](#provider\_sysdig) | >= 0.5.21 | ## Modules diff --git a/examples/single-project/versions.tf b/examples/single-project/versions.tf index 801dd7e..52dbc9a 100644 --- a/examples/single-project/versions.tf +++ b/examples/single-project/versions.tf @@ -1,14 +1,14 @@ terraform { - required_version = ">= 0.15.0" + required_version = ">= 0.15.0, < 1.6.0" required_providers { google = { source = "hashicorp/google" - version = ">= 4.21.0" + version = ">= 4.21.0, < 5.0.0" } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.21.0" + version = ">= 4.21.0, < 5.0.0" } sysdig = { source = "sysdiglabs/sysdig" diff --git a/modules/services/cloud-bench/README.md b/modules/services/cloud-bench/README.md index e357524..ebfbe16 100644 --- a/modules/services/cloud-bench/README.md +++ b/modules/services/cloud-bench/README.md @@ -15,9 +15,9 @@ Deployed on **Sysdig Backend** | Name | Version | |------|---------| -| [terraform](#requirement\_terraform) | >= 0.15.0 | -| [google](#requirement\_google) | >= 4.21.0 | -| [google-beta](#requirement\_google-beta) | >= 4.21.0 | +| [terraform](#requirement\_terraform) | >= 0.15.0, < 1.6.0 | +| [google](#requirement\_google) | >= 4.21.0, < 5.0.0 | +| [google-beta](#requirement\_google-beta) | >= 4.21.0, < 5.0.0 | | [sysdig](#requirement\_sysdig) | >= 0.5.21 | ## Providers diff --git a/modules/services/cloud-connector/README.md b/modules/services/cloud-connector/README.md index a760cc9..e164448 100644 --- a/modules/services/cloud-connector/README.md +++ b/modules/services/cloud-connector/README.md @@ -24,15 +24,15 @@ module "cloud_connector_gcp" { | Name | Version | |------|---------| -| [terraform](#requirement\_terraform) | >= 0.15.0 | -| [google](#requirement\_google) | >= 4.21.0 | +| [terraform](#requirement\_terraform) | >= 0.15.0, < 1.6.0 | +| [google](#requirement\_google) | >= 4.21.0, < 5.0.0 | | [random](#requirement\_random) | >= 3.1.0 | ## Providers | Name | Version | |------|---------| -| [google](#provider\_google) | >= 4.21.0 | +| [google](#provider\_google) | >= 4.21.0, < 5.0.0 | ## Modules diff --git a/modules/services/cloud-connector/main.tf b/modules/services/cloud-connector/main.tf index ad5f95f..d38a19a 100644 --- a/modules/services/cloud-connector/main.tf +++ b/modules/services/cloud-connector/main.tf @@ -79,7 +79,7 @@ resource "google_cloud_run_service" "cloud_connector" { } dynamic "env" { - for_each = var.sysdig_secure_api_token == "" ? [] : [1] + for_each = var.sysdig_secure_api_token == "" ? toset([]) : toset([1]) content { name = "SECURE_API_TOKEN" @@ -88,7 +88,7 @@ resource "google_cloud_run_service" "cloud_connector" { } dynamic "env" { - for_each = var.sysdig_secure_api_token_secret_id == "" ? [] : [1] + for_each = var.sysdig_secure_api_token_secret_id == "" ? toset([]) : toset([1]) content { name = "SECURE_API_TOKEN" From 49a3e515adcab664816aea48f7f328a30a92e9e0 Mon Sep 17 00:00:00 2001 From: iru Date: Thu, 12 Oct 2023 08:53:22 +0200 Subject: [PATCH 3/7] ci: only use examples to determine min/max --- .github/workflows/pre-commit.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pre-commit.yaml b/.github/workflows/pre-commit.yaml index 5e13d78..3220a0a 100644 --- a/.github/workflows/pre-commit.yaml +++ b/.github/workflows/pre-commit.yaml @@ -26,7 +26,7 @@ jobs: - name: Build matrix id: matrix run: | - DIRS=$(python -c "import json; import glob; print(json.dumps([x.replace('/versions.tf', '') for x in glob.glob('./**/versions.tf', recursive=True)]))") + DIRS=$(python -c "import json; import glob; print(json.dumps([x.replace('/versions.tf', '') for x in glob.glob('./examples/**/versions.tf', recursive=True)]))") echo "::set-output name=directories::$DIRS" outputs: directories: ${{ steps.matrix.outputs.directories }} From 05328576576a170765977283a8c309d06cf68e0f Mon Sep 17 00:00:00 2001 From: iru Date: Thu, 12 Oct 2023 08:57:38 +0200 Subject: [PATCH 4/7] chore: move trigg-events utils to test --- {examples => test}/trigger-events/README.md | 0 {examples => test}/trigger-events/main.tf | 0 {examples => test}/trigger-events/outputs.tf | 0 {examples => test}/trigger-events/variables.tf | 0 {examples => test}/trigger-events/versions.tf | 0 5 files changed, 0 insertions(+), 0 deletions(-) rename {examples => test}/trigger-events/README.md (100%) rename {examples => test}/trigger-events/main.tf (100%) rename {examples => test}/trigger-events/outputs.tf (100%) rename {examples => test}/trigger-events/variables.tf (100%) rename {examples => test}/trigger-events/versions.tf (100%) diff --git a/examples/trigger-events/README.md b/test/trigger-events/README.md similarity index 100% rename from examples/trigger-events/README.md rename to test/trigger-events/README.md diff --git a/examples/trigger-events/main.tf b/test/trigger-events/main.tf similarity index 100% rename from examples/trigger-events/main.tf rename to test/trigger-events/main.tf diff --git a/examples/trigger-events/outputs.tf b/test/trigger-events/outputs.tf similarity index 100% rename from examples/trigger-events/outputs.tf rename to test/trigger-events/outputs.tf diff --git a/examples/trigger-events/variables.tf b/test/trigger-events/variables.tf similarity index 100% rename from examples/trigger-events/variables.tf rename to test/trigger-events/variables.tf diff --git a/examples/trigger-events/versions.tf b/test/trigger-events/versions.tf similarity index 100% rename from examples/trigger-events/versions.tf rename to test/trigger-events/versions.tf From 8c242779b22bbc6bc9d2352e0500281fe3019eab Mon Sep 17 00:00:00 2001 From: iru Date: Thu, 12 Oct 2023 09:03:54 +0200 Subject: [PATCH 5/7] ci: skip minmax for terraform version --- .github/workflows/pre-commit.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pre-commit.yaml b/.github/workflows/pre-commit.yaml index 3220a0a..b6076b6 100644 --- a/.github/workflows/pre-commit.yaml +++ b/.github/workflows/pre-commit.yaml @@ -55,7 +55,7 @@ jobs: - name: Install Terraform v${{ steps.minMax.outputs.minVersion }} uses: hashicorp/setup-terraform@v1 with: - terraform_version: ${{ steps.minMax.outputs.minVersion }} + terraform_version: 1.6.0 # ${{ steps.minMax.outputs.minVersion }} - name: Install pre-commit dependencies run: | pip install pre-commit From 0d805bd36038fe31456e407874a81a56a9c889e5 Mon Sep 17 00:00:00 2001 From: iru Date: Thu, 12 Oct 2023 09:06:03 +0200 Subject: [PATCH 6/7] ci: skip minmax for terraform version --- .github/workflows/pre-commit.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pre-commit.yaml b/.github/workflows/pre-commit.yaml index b6076b6..8474477 100644 --- a/.github/workflows/pre-commit.yaml +++ b/.github/workflows/pre-commit.yaml @@ -55,7 +55,7 @@ jobs: - name: Install Terraform v${{ steps.minMax.outputs.minVersion }} uses: hashicorp/setup-terraform@v1 with: - terraform_version: 1.6.0 # ${{ steps.minMax.outputs.minVersion }} + terraform_version: 1.5 # ${{ steps.minMax.outputs.minVersion }} - name: Install pre-commit dependencies run: | pip install pre-commit From ce2585185ad6954d2f9287ba42c6ed52e7b44c4f Mon Sep 17 00:00:00 2001 From: iru Date: Thu, 12 Oct 2023 09:10:52 +0200 Subject: [PATCH 7/7] ci: skip minmax for terraform version --- .github/workflows/pre-commit.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pre-commit.yaml b/.github/workflows/pre-commit.yaml index 8474477..e69a7d1 100644 --- a/.github/workflows/pre-commit.yaml +++ b/.github/workflows/pre-commit.yaml @@ -109,7 +109,7 @@ jobs: - name: Install Terraform v${{ matrix.version }} uses: hashicorp/setup-terraform@v1 with: - terraform_version: ${{ matrix.version }} + terraform_version: 1.5 #${{ matrix.version }} - name: Install pre-commit dependencies run: | pip install pre-commit