From 8db2eb352c3998b4981553e2bdeb72c2c7c34f5b Mon Sep 17 00:00:00 2001 From: Zackary Maupin <5122444+zmaupin@users.noreply.github.com> Date: Fri, 13 Jan 2023 15:04:41 -0500 Subject: [PATCH] feat!: Add matches_prefix and matches_suffix conditions (#202) Co-authored-by: Zackary Maupin --- README.md | 2 +- examples/simple_bucket/main.tf | 5 +++-- main.tf | 2 ++ modules/simple_bucket/README.md | 2 +- modules/simple_bucket/main.tf | 4 +++- modules/simple_bucket/variables.tf | 2 ++ modules/simple_bucket/versions.tf | 2 +- variables.tf | 2 ++ versions.tf | 2 +- 9 files changed, 16 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 5ad5d51f..2a267711 100644 --- a/README.md +++ b/README.md @@ -63,7 +63,7 @@ Functional examples are included in the | force\_destroy | Optional map of lowercase unprefixed name => boolean, defaults to false. | `map(bool)` | `{}` | no | | hmac\_key\_admins | IAM-style members who will be granted roles/storage.hmacKeyAdmin on all buckets. | `list(string)` | `[]` | no | | labels | Labels to be attached to the buckets | `map(string)` | `{}` | no | -| lifecycle\_rules | List of lifecycle rules to configure. Format is the same as described in provider documentation https://www.terraform.io/docs/providers/google/r/storage_bucket.html#lifecycle_rule except condition.matches\_storage\_class should be a comma delimited string. | 
set(object({
    # Object with keys:
    # - type - The type of the action of this Lifecycle Rule. Supported values: Delete and SetStorageClass.
    # - storage_class - (Required if action type is SetStorageClass) The target Storage Class of objects affected by this Lifecycle Rule.
    action = map(string)

    # Object with keys:
    # - age - (Optional) Minimum age of an object in days to satisfy this condition.
    # - created_before - (Optional) Creation date of an object in RFC 3339 (e.g. 2017-06-13) to satisfy this condition.
    # - with_state - (Optional) Match to live and/or archived objects. Supported values include: "LIVE", "ARCHIVED", "ANY".
    # - matches_storage_class - (Optional) Comma delimited string for storage class of objects to satisfy this condition. Supported values include: MULTI_REGIONAL, REGIONAL, NEARLINE, COLDLINE, STANDARD, DURABLE_REDUCED_AVAILABILITY.
    # - num_newer_versions - (Optional) Relevant only for versioned objects. The number of newer versions of an object to satisfy this condition.
    # - custom_time_before - (Optional) A date in the RFC 3339 format YYYY-MM-DD. This condition is satisfied when the customTime metadata for the object is set to an earlier date than the date used in this lifecycle condition.
    # - days_since_custom_time - (Optional) The number of days from the Custom-Time metadata attribute after which this condition becomes true.
    # - days_since_noncurrent_time - (Optional) Relevant only for versioned objects. Number of days elapsed since the noncurrent timestamp of an object.
    # - noncurrent_time_before - (Optional) Relevant only for versioned objects. The date in RFC 3339 (e.g. 2017-06-13) when the object became nonconcurrent.
    condition = map(string)
  }))
| `[]` | no | +| lifecycle\_rules | List of lifecycle rules to configure. Format is the same as described in provider documentation https://www.terraform.io/docs/providers/google/r/storage_bucket.html#lifecycle_rule except condition.matches\_storage\_class should be a comma delimited string. | 
set(object({
    # Object with keys:
    # - type - The type of the action of this Lifecycle Rule. Supported values: Delete and SetStorageClass.
    # - storage_class - (Required if action type is SetStorageClass) The target Storage Class of objects affected by this Lifecycle Rule.
    action = map(string)

    # Object with keys:
    # - age - (Optional) Minimum age of an object in days to satisfy this condition.
    # - created_before - (Optional) Creation date of an object in RFC 3339 (e.g. 2017-06-13) to satisfy this condition.
    # - with_state - (Optional) Match to live and/or archived objects. Supported values include: "LIVE", "ARCHIVED", "ANY".
    # - matches_storage_class - (Optional) Comma delimited string for storage class of objects to satisfy this condition. Supported values include: MULTI_REGIONAL, REGIONAL, NEARLINE, COLDLINE, STANDARD, DURABLE_REDUCED_AVAILABILITY.
    # - matches_prefix - (Optional) One or more matching name prefixes to satisfy this condition.
    # - matches_suffix - (Optional) One or more matching name suffixes to satisfy this condition.
    # - num_newer_versions - (Optional) Relevant only for versioned objects. The number of newer versions of an object to satisfy this condition.
    # - custom_time_before - (Optional) A date in the RFC 3339 format YYYY-MM-DD. This condition is satisfied when the customTime metadata for the object is set to an earlier date than the date used in this lifecycle condition.
    # - days_since_custom_time - (Optional) The number of days from the Custom-Time metadata attribute after which this condition becomes true.
    # - days_since_noncurrent_time - (Optional) Relevant only for versioned objects. Number of days elapsed since the noncurrent timestamp of an object.
    # - noncurrent_time_before - (Optional) Relevant only for versioned objects. The date in RFC 3339 (e.g. 2017-06-13) when the object became nonconcurrent.
    condition = map(string)
  }))
| `[]` | no | | location | Bucket location. | `string` | `"EU"` | no | | logging | Map of lowercase unprefixed name => bucket logging config object. Format is the same as described in provider documentation https://www.terraform.io/docs/providers/google/r/storage_bucket.html#logging | `any` | `{}` | no | | names | Bucket name suffixes. | `list(string)` | n/a | yes | diff --git a/examples/simple_bucket/main.tf b/examples/simple_bucket/main.tf index 4fcd68dd..4ba7146e 100644 --- a/examples/simple_bucket/main.tf +++ b/examples/simple_bucket/main.tf @@ -26,8 +26,9 @@ module "bucket" { type = "Delete" } condition = { - age = 365 - with_state = "ANY" + age = 365 + with_state = "ANY" + matches_prefix = var.project_id } }] diff --git a/main.tf b/main.tf index 7ca5c82c..c3e7fdae 100644 --- a/main.tf +++ b/main.tf @@ -121,6 +121,8 @@ resource "google_storage_bucket" "buckets" { created_before = lookup(lifecycle_rule.value.condition, "created_before", null) with_state = lookup(lifecycle_rule.value.condition, "with_state", lookup(lifecycle_rule.value.condition, "is_live", false) ? "LIVE" : null) matches_storage_class = contains(keys(lifecycle_rule.value.condition), "matches_storage_class") ? split(",", lifecycle_rule.value.condition["matches_storage_class"]) : null + matches_prefix = contains(keys(lifecycle_rule.value.condition), "matches_prefix") ? split(",", lifecycle_rule.value.condition["matches_prefix"]) : null + matches_suffix = contains(keys(lifecycle_rule.value.condition), "matches_suffix") ? split(",", lifecycle_rule.value.condition["matches_suffix"]) : null num_newer_versions = lookup(lifecycle_rule.value.condition, "num_newer_versions", null) custom_time_before = lookup(lifecycle_rule.value.condition, "custom_time_before", null) days_since_custom_time = lookup(lifecycle_rule.value.condition, "days_since_custom_time", null) diff --git a/modules/simple_bucket/README.md b/modules/simple_bucket/README.md index ef09548d..8eb764d7 100644 --- a/modules/simple_bucket/README.md +++ b/modules/simple_bucket/README.md @@ -44,7 +44,7 @@ Functional examples are included in the | force\_destroy | When deleting a bucket, this boolean option will delete all contained objects. If false, Terraform will fail to delete buckets which contain objects. | `bool` | `false` | no | | iam\_members | The list of IAM members to grant permissions on the bucket. | 
list(object({
    role   = string
    member = string
  }))
| `[]` | no | | labels | A set of key/value label pairs to assign to the bucket. | `map(string)` | `null` | no | -| lifecycle\_rules | The bucket's Lifecycle Rules configuration. | 
list(object({
    # Object with keys:
    # - type - The type of the action of this Lifecycle Rule. Supported values: Delete and SetStorageClass.
    # - storage_class - (Required if action type is SetStorageClass) The target Storage Class of objects affected by this Lifecycle Rule.
    action = any

    # Object with keys:
    # - age - (Optional) Minimum age of an object in days to satisfy this condition.
    # - created_before - (Optional) Creation date of an object in RFC 3339 (e.g. 2017-06-13) to satisfy this condition.
    # - with_state - (Optional) Match to live and/or archived objects. Supported values include: "LIVE", "ARCHIVED", "ANY".
    # - matches_storage_class - (Optional) Storage Class of objects to satisfy this condition. Supported values include: MULTI_REGIONAL, REGIONAL, NEARLINE, COLDLINE, STANDARD, DURABLE_REDUCED_AVAILABILITY.
    # - num_newer_versions - (Optional) Relevant only for versioned objects. The number of newer versions of an object to satisfy this condition.
    condition = any
  }))
| `[]` | no | +| lifecycle\_rules | The bucket's Lifecycle Rules configuration. | 
list(object({
    # Object with keys:
    # - type - The type of the action of this Lifecycle Rule. Supported values: Delete and SetStorageClass.
    # - storage_class - (Required if action type is SetStorageClass) The target Storage Class of objects affected by this Lifecycle Rule.
    action = any

    # Object with keys:
    # - age - (Optional) Minimum age of an object in days to satisfy this condition.
    # - created_before - (Optional) Creation date of an object in RFC 3339 (e.g. 2017-06-13) to satisfy this condition.
    # - with_state - (Optional) Match to live and/or archived objects. Supported values include: "LIVE", "ARCHIVED", "ANY".
    # - matches_storage_class - (Optional) Storage Class of objects to satisfy this condition. Supported values include: MULTI_REGIONAL, REGIONAL, NEARLINE, COLDLINE, STANDARD, DURABLE_REDUCED_AVAILABILITY.
    # - matches_prefix - (Optional) One or more matching name prefixes to satisfy this condition.
    # - matches_suffix - (Optional) One or more matching name suffixes to satisfy this condition
    # - num_newer_versions - (Optional) Relevant only for versioned objects. The number of newer versions of an object to satisfy this condition.
    condition = any
  }))
| `[]` | no | | location | The location of the bucket. | `string` | n/a | yes | | log\_bucket | The bucket that will receive log objects. | `string` | `null` | no | | log\_object\_prefix | The object prefix for log objects. If it's not provided, by default GCS sets this to this bucket's name | `string` | `null` | no | diff --git a/modules/simple_bucket/main.tf b/modules/simple_bucket/main.tf index b3f66067..fa06d705 100644 --- a/modules/simple_bucket/main.tf +++ b/modules/simple_bucket/main.tf @@ -71,7 +71,9 @@ resource "google_storage_bucket" "bucket" { age = lookup(lifecycle_rule.value.condition, "age", null) created_before = lookup(lifecycle_rule.value.condition, "created_before", null) with_state = lookup(lifecycle_rule.value.condition, "with_state", lookup(lifecycle_rule.value.condition, "is_live", false) ? "LIVE" : null) - matches_storage_class = lookup(lifecycle_rule.value.condition, "matches_storage_class", null) + matches_storage_class = contains(keys(lifecycle_rule.value.condition), "matches_storage_class") ? split(",", lifecycle_rule.value.condition["matches_storage_class"]) : null + matches_prefix = contains(keys(lifecycle_rule.value.condition), "matches_prefix") ? split(",", lifecycle_rule.value.condition["matches_prefix"]) : null + matches_suffix = contains(keys(lifecycle_rule.value.condition), "matches_suffix") ? split(",", lifecycle_rule.value.condition["matches_suffix"]) : null num_newer_versions = lookup(lifecycle_rule.value.condition, "num_newer_versions", null) custom_time_before = lookup(lifecycle_rule.value.condition, "custom_time_before", null) days_since_custom_time = lookup(lifecycle_rule.value.condition, "days_since_custom_time", null) diff --git a/modules/simple_bucket/variables.tf b/modules/simple_bucket/variables.tf index 315a34c3..e06a8ac4 100644 --- a/modules/simple_bucket/variables.tf +++ b/modules/simple_bucket/variables.tf @@ -105,6 +105,8 @@ variable "lifecycle_rules" { # - created_before - (Optional) Creation date of an object in RFC 3339 (e.g. 2017-06-13) to satisfy this condition. # - with_state - (Optional) Match to live and/or archived objects. Supported values include: "LIVE", "ARCHIVED", "ANY". # - matches_storage_class - (Optional) Storage Class of objects to satisfy this condition. Supported values include: MULTI_REGIONAL, REGIONAL, NEARLINE, COLDLINE, STANDARD, DURABLE_REDUCED_AVAILABILITY. + # - matches_prefix - (Optional) One or more matching name prefixes to satisfy this condition. + # - matches_suffix - (Optional) One or more matching name suffixes to satisfy this condition # - num_newer_versions - (Optional) Relevant only for versioned objects. The number of newer versions of an object to satisfy this condition. condition = any })) diff --git a/modules/simple_bucket/versions.tf b/modules/simple_bucket/versions.tf index ac411630..21ba5f5a 100644 --- a/modules/simple_bucket/versions.tf +++ b/modules/simple_bucket/versions.tf @@ -20,7 +20,7 @@ terraform { google = { source = "hashicorp/google" - version = ">= 3.53, < 5.0" + version = ">= 4.31, < 5.0" } } diff --git a/variables.tf b/variables.tf index 57029902..275cf9c9 100644 --- a/variables.tf +++ b/variables.tf @@ -193,6 +193,8 @@ variable "lifecycle_rules" { # - created_before - (Optional) Creation date of an object in RFC 3339 (e.g. 2017-06-13) to satisfy this condition. # - with_state - (Optional) Match to live and/or archived objects. Supported values include: "LIVE", "ARCHIVED", "ANY". # - matches_storage_class - (Optional) Comma delimited string for storage class of objects to satisfy this condition. Supported values include: MULTI_REGIONAL, REGIONAL, NEARLINE, COLDLINE, STANDARD, DURABLE_REDUCED_AVAILABILITY. + # - matches_prefix - (Optional) One or more matching name prefixes to satisfy this condition. + # - matches_suffix - (Optional) One or more matching name suffixes to satisfy this condition. # - num_newer_versions - (Optional) Relevant only for versioned objects. The number of newer versions of an object to satisfy this condition. # - custom_time_before - (Optional) A date in the RFC 3339 format YYYY-MM-DD. This condition is satisfied when the customTime metadata for the object is set to an earlier date than the date used in this lifecycle condition. # - days_since_custom_time - (Optional) The number of days from the Custom-Time metadata attribute after which this condition becomes true. diff --git a/versions.tf b/versions.tf index 487381de..8795531d 100644 --- a/versions.tf +++ b/versions.tf @@ -20,7 +20,7 @@ terraform { google = { source = "hashicorp/google" - version = ">= 3.53, < 5.0" + version = ">= 4.31, < 5.0" } random = {