From b04ce2f563b8f1755667e67ac84c65423364ee9b Mon Sep 17 00:00:00 2001 From: Kyle Kotowick Date: Thu, 11 Jul 2024 15:18:46 -0400 Subject: [PATCH] Switch to integrated Terraform variable validation (#4) --- .github/workflows/CICD.yml | 14 +++++++------- LICENSE | 2 +- main.tf | 13 ------------- outputs.tf | 12 +++++++++++- variables.tf | 19 ++++++++++++++----- versions.tf | 8 +------- 6 files changed, 34 insertions(+), 34 deletions(-) delete mode 100644 main.tf diff --git a/.github/workflows/CICD.yml b/.github/workflows/CICD.yml index 20b5f22..271d828 100644 --- a/.github/workflows/CICD.yml +++ b/.github/workflows/CICD.yml @@ -9,9 +9,9 @@ jobs: steps: - name: Generate Matrix id: matrix - uses: Invicton-Labs/terraform-module-testing/matrix@v0.1.0 + uses: Invicton-Labs/terraform-module-testing/matrix@v0.2.0 with: - minimum_tf_version: '0.13.0' + minimum_tf_version: '1.9.0' - name: Output Matrix run: | @@ -28,23 +28,23 @@ jobs: steps: - name: Initialize - Pass id: init-pass - uses: Invicton-Labs/terraform-module-testing/initialize@v0.1.0 + uses: Invicton-Labs/terraform-module-testing/initialize@v0.2.0 with: tf_path: tests/pass - name: Run Tests - Pass id: tests-pass - uses: Invicton-Labs/terraform-module-testing/apply-destroy@v0.1.0 + uses: Invicton-Labs/terraform-module-testing/apply-destroy@v0.2.0 with: tf_path: tests/pass - name: Initialize - Fail id: init-fail - uses: Invicton-Labs/terraform-module-testing/initialize@v0.1.0 + uses: Invicton-Labs/terraform-module-testing/initialize@v0.2.0 with: tf_path: tests/fail - name: Run Tests - Fail id: tests-fail - uses: Invicton-Labs/terraform-module-testing/apply-failure@v0.1.0 + uses: Invicton-Labs/terraform-module-testing/apply-failure@v0.2.0 with: tf_path: tests/fail @@ -56,4 +56,4 @@ jobs: needs: [Test] steps: - name: Mark tests as passed - run: echo "🎉" \ No newline at end of file + run: echo "🎉" diff --git a/LICENSE b/LICENSE index 65ede90..667eff7 100644 --- a/LICENSE +++ b/LICENSE @@ -1,6 +1,6 @@ MIT License -Copyright (c) 2021-2022 Invicton Labs (https://invictonlabs.com) +Copyright (c) 2021-2024 Invicton Labs (https://invictonlabs.com) Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/main.tf b/main.tf deleted file mode 100644 index a019ad6..0000000 --- a/main.tf +++ /dev/null @@ -1,13 +0,0 @@ -// Previously, this check was done in a local. Somewhere around TF v1.4.0 though, it changed -// such that locals wouldn't be computed unless they were necessary for a resource or data source. -// Therefore, unless the "checked" output parameter was actually used somewhere in the parent module, -// the assertion check would never actually run. By putting it in a data source, it will always run -// regardless of whether any outputs of this module are used in the parent module. The `null` data -// source would be ideal, but it throws a deprecation warning. This CloudInit data source is the -// next best alternative, since it is fast and doesn't interact with the operating system at all -// (unlike an external data source, for example), and isn't deprecated. -data "cloudinit_config" "check" { - part { - content = var.condition ? "" : SEE_ABOVE_ERROR_MESSAGE(true ? null : "ERROR: ${var.error_message}") - } -} diff --git a/outputs.tf b/outputs.tf index d2bce0e..c653073 100644 --- a/outputs.tf +++ b/outputs.tf @@ -1,4 +1,14 @@ +output "error_message" { + description = "The value of the `error_message` input variable." + value = var.error_message +} + +output "condition" { + description = "The value of the `condition` input variable." + value = var.condition +} + output "checked" { description = "Whether the condition has been checked (used for assertion dependencies)." - value = data.cloudinit_config.check.rendered == "" ? true : true + value = var.condition == true ? true : true } diff --git a/variables.tf b/variables.tf index ed0106b..0350283 100644 --- a/variables.tf +++ b/variables.tf @@ -1,9 +1,18 @@ -variable "condition" { - description = "The condition to ensure is `true`." - type = bool -} - variable "error_message" { description = "The error message to display if the condition evaluates to `false`." type = string + nullable = false +} + +variable "condition" { + description = "The condition to ensure is `true`." + type = bool + validation { + // We have to use var.error_message != null to force the evaluation to wait + // until var.error_message is known. Otherwise, it can fail during the validation + // phase but won't output the proper error message. + // https://github.com/hashicorp/terraform/issues/35397 + condition = var.error_message != null && var.condition == true + error_message = var.error_message + } } diff --git a/versions.tf b/versions.tf index eb46da1..bfb98ab 100644 --- a/versions.tf +++ b/versions.tf @@ -1,9 +1,3 @@ terraform { - required_version = ">= 0.13.0" - required_providers { - cloudinit = { - source = "hashicorp/cloudinit" - version = ">= 2.3.1" - } - } + required_version = ">= 1.9.0" }