fix: pipeline

padok-team · Sep 22, 2023 · a3029c8 · a3029c8
1 parent 28102aa
commit a3029c8
Show file tree

Hide file tree

Showing 3 changed files with 22 additions and 19 deletions.
diff --git a/.github/workflows/terratest.yml b/.github/workflows/terratest.yml
@@ -7,6 +7,7 @@ on:
 
 env:
   GCP_PROJECT_ID: padok-library-gcp-host
+  GCP_PROJECT_NUMBER: "552840532740"
   GCP_SERVICE_ACCOUNT: "identity-terraform-gcp-network"
 
 jobs:
@@ -26,7 +27,7 @@ jobs:
         uses: google-github-actions/auth@v1
         with:
           token_format: "access_token"
-          workload_identity_provider: "projects/${{ env.GCP_PROJECT_ID }}/locations/global/workloadIdentityPools/identity-pool-padok-lab/providers/identity-provider-padok-lab"
+          workload_identity_provider: "projects/${{ env.GCP_PROJECT_NUMBER }}/locations/global/workloadIdentityPools/identity-terraform-gpc-network/providers/identity-terraform-gcp-network"
           service_account: "${{ env.GCP_SERVICE_ACCOUNT }}@${{ env.GCP_PROJECT_ID }}.iam.gserviceaccount.com"
       - name: Set up Go
         uses: actions/setup-go@v3

diff --git a/tests/bootstrap/main.tf b/tests/bootstrap/main.tf
@@ -17,13 +17,15 @@ provider "google" {
 data "google_client_config" "this" {}
 
 module "github_action_enabler_padok_lab_sa" {
+  #checkov:skip=CKV_TF_1 Ensure Terraform module sources use a commit hash
   source       = "github.com/padok-team/terraform-google-serviceaccount?ref=v2.0.0"
   name         = "identity-terraform-gcp-network"
   project_id   = data.google_client_config.this.project
   display_name = "Service Account for padok-team/terraform-google-network Github Action"
 }
 
 module "gh_oidc" {
+  #checkov:skip=CKV_TF_1 Ensure Terraform module sources use a commit hash
   source      = "terraform-google-modules/github-actions-runners/google//modules/gh-oidc"
   version     = "v3.1.1"
   project_id  = data.google_client_config.this.project

diff --git a/tests/tests.tfvars b/tests/tests.tfvars
@@ -1,21 +1,21 @@
-  name       = "testing"
-  project_id = "padok-library-gcp-host"
+name       = "testing"
+project_id = "padok-library-gcp-host"
 
-  subnets = {
+subnets = {
 
-    "eu-1" = {
-      name             = "eu-1"
-      region           = "europe-west1"
-      primary_cidr     = "172.16.0.0/20"
-      serverless_cidr  = ""
-      secondary_ranges = {}
-    },
-    "eu-2" = {
-      name             = "eu-2"
-      region           = "europe-west2"
-      primary_cidr     = "172.16.48.0/20"
-      serverless_cidr  = "172.16.80.0/28"
-      secondary_ranges = {}
-    }
+  "eu-1" = {
+    name             = "eu-1"
+    region           = "europe-west1"
+    primary_cidr     = "172.16.0.0/20"
+    serverless_cidr  = ""
+    secondary_ranges = {}
+  },
+  "eu-2" = {
+    name             = "eu-2"
+    region           = "europe-west2"
+    primary_cidr     = "172.16.48.0/20"
+    serverless_cidr  = "172.16.80.0/28"
+    secondary_ranges = {}
   }
-  gcp_peering_cidr = "172.16.64.0/20"
+}
+gcp_peering_cidr = "172.16.64.0/20"