diff --git a/fast/addons/2-networking-test/factory.tf b/fast/addons/2-networking-test/factory.tf index 76679e356f..d6e7f30072 100644 --- a/fast/addons/2-networking-test/factory.tf +++ b/fast/addons/2-networking-test/factory.tf @@ -17,16 +17,18 @@ # tfdoc:file:description Factory locals. locals { + _factory_i_path = pathexpand(coalesce(var.factories_config.instances, "-")) _factory_i_data = { - for f in try(fileset(var.factories_config.instances, "*.yaml"), []) : + for f in try(fileset(local._factory_i_path, "*.yaml"), []) : replace(f, ".yaml", "") => yamldecode( - file("${var.factories_config.instances}/${f}") + file("${local._factory_i_path}/${f}") ) } + _factory_sa_path = pathexpand(coalesce(var.factories_config.service_accounts, "-")) _factory_sa_data = { - for f in try(fileset(var.factories_config.service_accounts, "*.yaml"), []) : + for f in try(fileset(local._factory_sa_path, "*.yaml"), []) : replace(f, ".yaml", "") => yamldecode( - file("${var.factories_config.service_accounts}/${f}") + file("${local._factory_sa_path}/${f}") ) } factory_instances = { diff --git a/fast/stages/2-networking-a-simple/monitoring.tf b/fast/stages/2-networking-a-simple/monitoring.tf index e02e894e50..f8c5574f48 100644 --- a/fast/stages/2-networking-a-simple/monitoring.tf +++ b/fast/stages/2-networking-a-simple/monitoring.tf @@ -17,10 +17,11 @@ # tfdoc:file:description Network monitoring dashboards. locals { - dashboard_files = fileset(var.factories_config.dashboards, "*.json") + _dashboard_path = pathexpand(var.factories_config.dashboards) + dashboard_files = try(fileset(local._dashboard_path, "*.json"), []) dashboards = { for filename in local.dashboard_files : - filename => "${var.factories_config.dashboards}/${filename}" + filename => "${local._dashboard_path}/${filename}" } } diff --git a/fast/stages/2-networking-b-nva/monitoring.tf b/fast/stages/2-networking-b-nva/monitoring.tf index 776ee24ae6..76e667a9cb 100644 --- a/fast/stages/2-networking-b-nva/monitoring.tf +++ b/fast/stages/2-networking-b-nva/monitoring.tf @@ -17,11 +17,11 @@ # tfdoc:file:description Network monitoring dashboards. locals { - dashboard_path = var.factories_config.dashboards - dashboard_files = fileset(local.dashboard_path, "*.json") + _dashboard_path = pathexpand(var.factories_config.dashboards) + dashboard_files = try(fileset(local._dashboard_path, "*.json"), []) dashboards = { for filename in local.dashboard_files : - filename => "${local.dashboard_path}/${filename}" + filename => "${local._dashboard_path}/${filename}" } } diff --git a/fast/stages/2-networking-c-separate-envs/monitoring.tf b/fast/stages/2-networking-c-separate-envs/monitoring.tf index dbf0149669..e1c182eb42 100644 --- a/fast/stages/2-networking-c-separate-envs/monitoring.tf +++ b/fast/stages/2-networking-c-separate-envs/monitoring.tf @@ -17,10 +17,11 @@ # tfdoc:file:description Network monitoring dashboards. locals { - dashboard_files = fileset(var.factories_config.dashboards, "*.json") + _dashboard_path = pathexpand(var.factories_config.dashboards) + dashboard_files = try(fileset(local._dashboard_path, "*.json"), []) dashboards = { for filename in local.dashboard_files : - filename => "${var.factories_config.dashboards}/${filename}" + filename => "${local._dashboard_path}/${filename}" } } diff --git a/modules/analytics-hub/main.tf b/modules/analytics-hub/main.tf index 0480dea636..09f3cef0c4 100644 --- a/modules/analytics-hub/main.tf +++ b/modules/analytics-hub/main.tf @@ -15,11 +15,12 @@ */ locals { - prefix = var.prefix == null || var.prefix == "" ? "" : "${var.prefix}_" + prefix = var.prefix == null || var.prefix == "" ? "" : "${var.prefix}_" + _factory_listings_path = pathexpand(coalesce(var.factories_config.listings, "-")) _factory_listings = { - for f in try(fileset(var.factories_config.listings, "*.yaml"), []) : + for f in try(fileset(local._factory_listings_path, "*.yaml"), []) : trimsuffix(f, ".yaml") => yamldecode( - file("${var.factories_config.listings}/${f}") + file("${local._factory_listings_path}/${f}") ) } factory_listings = merge(local._factory_listings, var.listings) diff --git a/modules/data-catalog-tag/main.tf b/modules/data-catalog-tag/main.tf index ee9d1b7cbb..ef8053f78f 100644 --- a/modules/data-catalog-tag/main.tf +++ b/modules/data-catalog-tag/main.tf @@ -15,9 +15,10 @@ */ locals { + _factory_tag_template_path = pathexpand(coalesce(var.factories_config.tags, "-")) _factory_tag_template = { - for f in try(fileset(var.factories_config.tags, "*.yaml"), []) : - trimsuffix(f, ".yaml") => yamldecode(file("${var.factories_config.tags}/${f}")) + for f in try(fileset(local._factory_tag_template_path, "*.yaml"), []) : + trimsuffix(f, ".yaml") => yamldecode(file("${local._factory_tag_template_path}/${f}")) } factory_tag_template = merge(local._factory_tag_template, var.tags) diff --git a/modules/organization/iam.tf b/modules/organization/iam.tf index 607a54f0ae..0b7edf69bc 100644 --- a/modules/organization/iam.tf +++ b/modules/organization/iam.tf @@ -17,10 +17,11 @@ # tfdoc:file:description IAM bindings. locals { + _custom_roles_path = pathexpand(coalesce(var.factories_config.custom_roles, "-")) _custom_roles = { - for f in try(fileset(var.factories_config.custom_roles, "*.yaml"), []) : + for f in try(fileset(local._custom_roles_path, "*.yaml"), []) : replace(f, ".yaml", "") => yamldecode( - file("${var.factories_config.custom_roles}/${f}") + file("${local._custom_roles_path}/${f}") ) } _iam_principal_roles = distinct(flatten(values(var.iam_by_principals))) diff --git a/modules/organization/org-policy-custom-constraints.tf b/modules/organization/org-policy-custom-constraints.tf index cae888d1c6..0f8cff7245 100644 --- a/modules/organization/org-policy-custom-constraints.tf +++ b/modules/organization/org-policy-custom-constraints.tf @@ -15,9 +15,10 @@ */ locals { + _custom_constraints_factory_path = pathexpand(coalesce(var.factories_config.org_policy_custom_constraints, "-")) _custom_constraints_factory_data_raw = merge([ - for f in try(fileset(var.factories_config.org_policy_custom_constraints, "*.yaml"), []) : - yamldecode(file("${var.factories_config.org_policy_custom_constraints}/${f}")) + for f in try(fileset(local._custom_constraints_factory_path, "*.yaml"), []) : + yamldecode(file("${local._custom_constraints_factory_path}/${f}")) ]...) _custom_constraints_factory_data = { for k, v in local._custom_constraints_factory_data_raw : diff --git a/modules/project/iam.tf b/modules/project/iam.tf index 481edf023c..092f4c2485 100644 --- a/modules/project/iam.tf +++ b/modules/project/iam.tf @@ -20,10 +20,11 @@ # - external users need to have accepted the invitation email to join locals { + _custom_roles_path = pathexpand(coalesce(var.factories_config.custom_roles, "-")) _custom_roles = { - for f in try(fileset(var.factories_config.custom_roles, "*.yaml"), []) : + for f in try(fileset(local._custom_roles_path, "*.yaml"), []) : replace(f, ".yaml", "") => yamldecode( - file("${var.factories_config.custom_roles}/${f}") + file("${local._custom_roles_path}/${f}") ) } _iam_principal_roles = distinct(flatten(values(var.iam_by_principals))) diff --git a/modules/project/main.tf b/modules/project/main.tf index c789c11a46..8cbfbfe8e6 100644 --- a/modules/project/main.tf +++ b/modules/project/main.tf @@ -16,12 +16,13 @@ locals { # descriptive_name cannot contain colons, so we omit the universe from the default + _observability_factory_path = pathexpand(coalesce(var.factories_config.observability, "-")) descriptive_name = ( var.descriptive_name != null ? var.descriptive_name : "${local.prefix}${var.name}" ) observability_factory_data_raw = [ - for f in try(fileset(var.factories_config.observability, "*.yaml"), []) : - yamldecode(file("${var.factories_config.observability}/${f}")) + for f in try(fileset(local._observability_factory_path, "*.yaml"), []) : + yamldecode(file("${local._observability_factory_path}/${f}")) ] parent_type = var.parent == null ? null : split("/", var.parent)[0] parent_id = var.parent == null ? null : split("/", var.parent)[1] diff --git a/modules/project/quotas.tf b/modules/project/quotas.tf index 22d7e9d5b9..2fab386a4a 100644 --- a/modules/project/quotas.tf +++ b/modules/project/quotas.tf @@ -15,9 +15,10 @@ */ locals { + _quota_factory_path = pathexpand(coalesce(var.factories_config.quotas, "-")) _quota_factory_data_raw = merge([ - for f in try(fileset(var.factories_config.quotas, "*.yaml"), []) : - yamldecode(file("${var.factories_config.quotas}/${f}")) + for f in try(fileset(local._quota_factory_path, "*.yaml"), []) : + yamldecode(file("${local._quota_factory_path}/${f}")) ]...) # simulate applying defaults to data coming from yaml files _quota_factory_data = { diff --git a/modules/secops-rules/main.tf b/modules/secops-rules/main.tf index b76191bb4e..841a8437b4 100644 --- a/modules/secops-rules/main.tf +++ b/modules/secops-rules/main.tf @@ -15,7 +15,8 @@ */ locals { - reference_lists = try(yamldecode(file(var.factories_config.reference_lists)), var.reference_lists_config) + _secops_rules_path = pathexpand(coalesce(var.factories_config.rules_defs, "-")) + reference_lists = try(yamldecode(file(var.factories_config.reference_lists)), var.reference_lists_config) reference_lists_entries = { for k, v in local.reference_lists : k => split("\n", file("${var.factories_config.reference_lists_defs}/${k}.txt")) } @@ -25,8 +26,8 @@ locals { CIDR = "REFERENCE_LIST_SYNTAX_TYPE_CIDR" } secops_rules = { - for file_name in fileset(var.factories_config.rules_defs, "*.yaral") : - replace(file_name, ".yaral", "") => file("${var.factories_config.rules_defs}/${file_name}") + for file_name in fileset(local._secops_rules_path, "*.yaral") : + replace(file_name, ".yaral", "") => file("${local._secops_rules_path}/${file_name}") } secops_rule_deployment = try(yamldecode(file(var.factories_config.rules)), var.rules_config) }