From a3029c89d6b999cf758d19951505becfbbe169bc Mon Sep 17 00:00:00 2001 From: Thomas de Lachaux Date: Fri, 22 Sep 2023 17:38:19 +0200 Subject: [PATCH] fix: pipeline --- .github/workflows/terratest.yml | 3 ++- tests/bootstrap/main.tf | 2 ++ tests/tests.tfvars | 36 ++++++++++++++++----------------- 3 files changed, 22 insertions(+), 19 deletions(-) diff --git a/.github/workflows/terratest.yml b/.github/workflows/terratest.yml index db271b9..9394ef7 100644 --- a/.github/workflows/terratest.yml +++ b/.github/workflows/terratest.yml @@ -7,6 +7,7 @@ on: env: GCP_PROJECT_ID: padok-library-gcp-host + GCP_PROJECT_NUMBER: "552840532740" GCP_SERVICE_ACCOUNT: "identity-terraform-gcp-network" jobs: @@ -26,7 +27,7 @@ jobs: uses: google-github-actions/auth@v1 with: token_format: "access_token" - workload_identity_provider: "projects/${{ env.GCP_PROJECT_ID }}/locations/global/workloadIdentityPools/identity-pool-padok-lab/providers/identity-provider-padok-lab" + workload_identity_provider: "projects/${{ env.GCP_PROJECT_NUMBER }}/locations/global/workloadIdentityPools/identity-terraform-gpc-network/providers/identity-terraform-gcp-network" service_account: "${{ env.GCP_SERVICE_ACCOUNT }}@${{ env.GCP_PROJECT_ID }}.iam.gserviceaccount.com" - name: Set up Go uses: actions/setup-go@v3 diff --git a/tests/bootstrap/main.tf b/tests/bootstrap/main.tf index b963c6f..fbe25df 100644 --- a/tests/bootstrap/main.tf +++ b/tests/bootstrap/main.tf @@ -17,6 +17,7 @@ provider "google" { data "google_client_config" "this" {} module "github_action_enabler_padok_lab_sa" { + #checkov:skip=CKV_TF_1 Ensure Terraform module sources use a commit hash source = "github.com/padok-team/terraform-google-serviceaccount?ref=v2.0.0" name = "identity-terraform-gcp-network" project_id = data.google_client_config.this.project @@ -24,6 +25,7 @@ module "github_action_enabler_padok_lab_sa" { } module "gh_oidc" { + #checkov:skip=CKV_TF_1 Ensure Terraform module sources use a commit hash source = "terraform-google-modules/github-actions-runners/google//modules/gh-oidc" version = "v3.1.1" project_id = data.google_client_config.this.project diff --git a/tests/tests.tfvars b/tests/tests.tfvars index ceb373b..8d46b08 100644 --- a/tests/tests.tfvars +++ b/tests/tests.tfvars @@ -1,21 +1,21 @@ - name = "testing" - project_id = "padok-library-gcp-host" +name = "testing" +project_id = "padok-library-gcp-host" - subnets = { +subnets = { - "eu-1" = { - name = "eu-1" - region = "europe-west1" - primary_cidr = "172.16.0.0/20" - serverless_cidr = "" - secondary_ranges = {} - }, - "eu-2" = { - name = "eu-2" - region = "europe-west2" - primary_cidr = "172.16.48.0/20" - serverless_cidr = "172.16.80.0/28" - secondary_ranges = {} - } + "eu-1" = { + name = "eu-1" + region = "europe-west1" + primary_cidr = "172.16.0.0/20" + serverless_cidr = "" + secondary_ranges = {} + }, + "eu-2" = { + name = "eu-2" + region = "europe-west2" + primary_cidr = "172.16.48.0/20" + serverless_cidr = "172.16.80.0/28" + secondary_ranges = {} } - gcp_peering_cidr = "172.16.64.0/20" +} +gcp_peering_cidr = "172.16.64.0/20"