chore: cleanup terraform linter errors (#214)

abcxyz · Mar 17, 2023 · 47c8f5d · 47c8f5d
1 parent 9f73998
commit 47c8f5d
Show file tree

Hide file tree

Showing 10 changed files with 90 additions and 49 deletions.
diff --git a/terraform/ci/main.tf b/terraform/ci/main.tf
@@ -23,29 +23,36 @@ resource "google_project_service" "services" {
     "cloudkms.googleapis.com",
   ])
 
-  project            = var.project_id
+  project = var.project_id
+
   service            = each.value
   disable_on_destroy = false
 }
 
 // IAM roles needed to run tests.
 resource "google_project_iam_member" "gh_access_acc_iam" {
   for_each = toset(var.ci_iam_roles)
-  project  = var.project_id
-  role     = each.key
-  member   = module.github_ci_infra.service_account_member
+
+  project = var.project_id
+
+  role   = each.key
+  member = module.github_ci_infra.service_account_member
 }
 
 module "github_ci_infra" {
-  source               = "git::https://github.com/abcxyz/terraform-modules.git//modules/github_ci_infra?ref=41836e2b91baa1a7552b41f76fb9a8f261ae7dbe"
-  project_id           = var.project_id
+  source = "git::https://github.com/abcxyz/terraform-modules.git//modules/github_ci_infra?ref=41836e2b91baa1a7552b41f76fb9a8f261ae7dbe"
+
+  project_id = var.project_id
+
   name                 = "jvs"
   github_repository_id = local.github_repo_id
   github_owner_id      = local.github_owner_id
 }
 
 module "jvs_common" {
-  source           = "../modules/common"
-  project_id       = var.project_id
+  source = "../modules/common"
+
+  project_id = var.project_id
+
   kms_key_location = var.kms_key_location
 }
diff --git a/terraform/e2e/gclb.tf b/terraform/e2e/gclb.tf
@@ -13,7 +13,8 @@
 # limitations under the License.
 
 resource "google_compute_global_address" "default" {
-  project    = var.project_id
+  project = var.project_id
+
   name       = "jvs-${random_id.default.hex}-address" # 63 character limit
   ip_version = "IPV4"
 
@@ -23,7 +24,8 @@ resource "google_compute_global_address" "default" {
 }
 
 resource "google_compute_global_forwarding_rule" "http" {
-  project               = var.project_id
+  project = var.project_id
+
   name                  = "jvs-${random_id.default.hex}-http" # 63 character limit
   target                = google_compute_target_http_proxy.default.self_link
   ip_address            = google_compute_global_address.default.address
@@ -32,7 +34,8 @@ resource "google_compute_global_forwarding_rule" "http" {
 }
 
 resource "google_compute_global_forwarding_rule" "https" {
-  project               = var.project_id
+  project = var.project_id
+
   name                  = "jvs-${random_id.default.hex}-https" # 63 character limit
   target                = google_compute_target_https_proxy.default.self_link
   ip_address            = google_compute_global_address.default.address
@@ -42,23 +45,24 @@ resource "google_compute_global_forwarding_rule" "https" {
 
 resource "google_compute_managed_ssl_certificate" "default" {
   project = var.project_id
-  name    = "jvs-${random_id.default.hex}-cert" # 63 character limit
+
+  name = "jvs-${random_id.default.hex}-cert" # 63 character limit
 
   managed {
     domains = toset([var.jvs_api_domain, var.jvs_ui_domain])
   }
 
-  lifecycle {
-    create_before_destroy = true
-  }
-
   depends_on = [
     google_project_service.services["compute.googleapis.com"],
   ]
+  lifecycle {
+    create_before_destroy = true
+  }
 }
 
 resource "google_compute_url_map" "default" {
-  project         = var.project_id
+  project = var.project_id
+
   name            = "jvs-${random_id.default.hex}-url-map" # 63 character limit
   default_service = google_compute_backend_service.jvs_api_backend.self_link
 
@@ -90,7 +94,8 @@ resource "google_compute_url_map" "default" {
 
 resource "google_compute_url_map" "https_redirect" {
   project = var.project_id
-  name    = "jvs-${random_id.default.hex}-https-redirect" # 63 character limit
+
+  name = "jvs-${random_id.default.hex}-https-redirect" # 63 character limit
   default_url_redirect {
     https_redirect         = true
     redirect_response_code = "MOVED_PERMANENTLY_DEFAULT"
@@ -104,21 +109,24 @@ resource "google_compute_url_map" "https_redirect" {
 
 resource "google_compute_target_http_proxy" "default" {
   project = var.project_id
-  name    = "jvs-${random_id.default.hex}-http-proxy" # 63 character limit
+
+  name = "jvs-${random_id.default.hex}-http-proxy" # 63 character limit
 
   url_map = google_compute_url_map.https_redirect.self_link
 }
 
 resource "google_compute_target_https_proxy" "default" {
   project = var.project_id
+
   name    = "jvs-${random_id.default.hex}-https-proxy" # 63 character limit
   url_map = google_compute_url_map.default.self_link
 
   ssl_certificates = [google_compute_managed_ssl_certificate.default.self_link]
 }
 
 resource "google_compute_region_network_endpoint_group" "jvs_api_neg" {
-  project               = var.project_id
+  project = var.project_id
+
   region                = var.region
   name                  = "jvs-api-${random_id.default.hex}-neg" # 63 character limit
   network_endpoint_type = "SERVERLESS"
@@ -133,7 +141,8 @@ resource "google_compute_region_network_endpoint_group" "jvs_api_neg" {
 }
 
 resource "google_compute_backend_service" "jvs_api_backend" {
-  project               = var.project_id
+  project = var.project_id
+
   name                  = "jvs-api-${random_id.default.hex}-backend" # 63 character limit
   load_balancing_scheme = "EXTERNAL"
   description           = "jvs-api backend"
@@ -150,7 +159,8 @@ resource "google_compute_backend_service" "jvs_api_backend" {
 }
 
 resource "google_compute_region_network_endpoint_group" "jvs_ui_neg" {
-  project               = var.project_id
+  project = var.project_id
+
   region                = var.region
   name                  = "jvs-ui-${random_id.default.hex}-neg" # 63 character limit
   network_endpoint_type = "SERVERLESS"
@@ -165,7 +175,8 @@ resource "google_compute_region_network_endpoint_group" "jvs_ui_neg" {
 }
 
 resource "google_compute_backend_service" "jvs_ui_backend" {
-  project               = var.project_id
+  project = var.project_id
+
   name                  = "jvs-ui-${random_id.default.hex}-backend" # 63 character limit
   load_balancing_scheme = "EXTERNAL"
   description           = "jvs-ui backend"
@@ -187,7 +198,8 @@ resource "google_compute_backend_service" "jvs_ui_backend" {
 }
 
 resource "google_compute_region_network_endpoint_group" "jvs_public_key_neg" {
-  project               = var.project_id
+  project = var.project_id
+
   region                = var.region
   name                  = "jvs-public-key-${random_id.default.hex}-neg" # 63 character limit
   network_endpoint_type = "SERVERLESS"
@@ -202,7 +214,8 @@ resource "google_compute_region_network_endpoint_group" "jvs_public_key_neg" {
 }
 
 resource "google_compute_backend_service" "jvs_public_key_backend" {
-  project               = var.project_id
+  project = var.project_id
+
   name                  = "jvs-public-key-${random_id.default.hex}-backend" # 63 character limit
   load_balancing_scheme = "EXTERNAL"
   description           = "jvs-public-key backend"

diff --git a/terraform/e2e/iap.tf b/terraform/e2e/iap.tf
@@ -13,7 +13,8 @@
 # limitations under the License.
 
 resource "google_iap_brand" "project_brand" {
-  project           = var.project_id
+  project = var.project_id
+
   support_email     = var.iap_support_email
   application_title = "JVS UI"
 
@@ -35,8 +36,9 @@ resource "google_iap_web_iam_member" "member" {
   for_each = toset(var.jvs_invoker_members)
 
   project = var.project_id
-  member  = each.key
-  role    = "roles/iap.httpsResourceAccessor"
+
+  member = each.key
+  role   = "roles/iap.httpsResourceAccessor"
 }
 
 # Allow allUsers to invoke the UI. This is safe because the service is behind
@@ -47,8 +49,9 @@ resource "google_iap_web_iam_member" "member" {
 # Cloud Run is GA, we should change this to grant the IAP SA permission to
 # invoke the Cloud Run service.
 resource "google_cloud_run_service_iam_member" "iap_invoker" {
+  project = var.project_id
+
   location = var.region
-  project  = var.project_id
   service  = module.jvs_services.jvs_ui_service_name
   role     = "roles/run.invoker"
   member   = "allUsers"

diff --git a/terraform/e2e/main.tf b/terraform/e2e/main.tf
@@ -21,7 +21,8 @@ resource "google_project_service" "services" {
     "iap.googleapis.com",
   ])
 
-  project            = var.project_id
+  project = var.project_id
+
   service            = each.value
   disable_on_destroy = false
 }
@@ -31,8 +32,9 @@ resource "google_project_iam_member" "jvs_invoker_iam" {
   for_each = toset(var.jvs_invoker_members)
 
   project = var.project_id
-  role    = "roles/run.invoker"
-  member  = each.key
+
+  role   = "roles/run.invoker"
+  member = each.key
 }
 
 resource "random_id" "default" {
@@ -42,14 +44,16 @@ resource "random_id" "default" {
 module "jvs_common" {
   source = "../modules/common"
 
-  project_id       = var.project_id
+  project_id = var.project_id
+
   kms_key_location = var.kms_key_location
 }
 
 module "jvs_services" {
   source = "../modules/jvs-services"
 
-  project_id      = var.project_id
+  project_id = var.project_id
+
   region          = var.region
   service_ingress = "internal-and-cloud-load-balancing"
 

diff --git a/terraform/modules/common/main.tf b/terraform/modules/common/main.tf
@@ -17,7 +17,8 @@ resource "google_project_service" "services" {
     "cloudkms.googleapis.com",
   ])
 
-  project            = var.project_id
+  project = var.project_id
+
   service            = each.value
   disable_on_destroy = false
 }
@@ -27,7 +28,8 @@ resource "random_id" "default" {
 }
 
 resource "google_kms_key_ring" "keyring" {
-  project  = var.project_id
+  project = var.project_id
+
   name     = "${var.kms_keyring_name}-${random_id.default.hex}"
   location = var.kms_key_location
   depends_on = [
@@ -36,7 +38,8 @@ resource "google_kms_key_ring" "keyring" {
 }
 
 resource "google_service_account" "api_acc" {
-  project      = var.project_id
+  project = var.project_id
+
   account_id   = var.jvs_api_service_account_name
   display_name = "JVS API Service Account"
 }
@@ -53,7 +56,8 @@ resource "google_kms_key_ring_iam_member" "api_acc_roles" {
 }
 
 resource "google_service_account" "ui_acc" {
-  project      = var.project_id
+  project = var.project_id
+
   account_id   = var.jvs_ui_service_account_name
   display_name = "JVS UI Service Account"
 }
@@ -70,7 +74,8 @@ resource "google_kms_key_ring_iam_member" "ui_acc_roles" {
 }
 
 resource "google_service_account" "rotator_acc" {
-  project      = var.project_id
+  project = var.project_id
+
   account_id   = var.jvs_cert_rotator_service_account_name
   display_name = "Rotator Service Account"
 }
@@ -86,7 +91,8 @@ resource "google_kms_key_ring_iam_member" "rotator_acc_roles" {
 }
 
 resource "google_service_account" "public_key_acc" {
-  project      = var.project_id
+  project = var.project_id
+
   account_id   = var.jvs_public_key_service_account_name
   display_name = "Public Key Hosting Service Account"
 }

diff --git a/terraform/modules/jvs-services/cert-rotator.tf b/terraform/modules/jvs-services/cert-rotator.tf
@@ -13,7 +13,8 @@
 # limitations under the License.
 
 resource "google_project_service" "scheduler_api" {
-  project            = var.project_id
+  project = var.project_id
+
   service            = "cloudscheduler.googleapis.com"
   disable_on_destroy = false
 }
@@ -22,9 +23,10 @@ module "cert_rotator_cloud_run" {
   source = "git::https://github.com/abcxyz/terraform-modules.git//modules/cloud_run?ref=5445543e21491176528fb5cd7adcb505d9dec5dd"
 
   project_id = var.project_id
-  region     = var.region
-  name       = "jvs-cert-rotator"
-  image      = var.jvs_cert_rotator_service_image
+
+  region = var.region
+  name   = "jvs-cert-rotator"
+  image  = var.jvs_cert_rotator_service_image
 
   # Cert rotator is not a user facing service. Ignore the ingress input.
   ingress = "all"
@@ -39,9 +41,11 @@ data "google_compute_default_service_account" "default" {
 
 resource "google_cloud_scheduler_job" "job" {
   # Don't create scheduler if cadence is zero.
-  count       = var.kms_key_rotation_minutes > 0 ? 1 : 0
+  count = var.kms_key_rotation_minutes > 0 ? 1 : 0
+
+  project = var.project_id
+
   name        = "cert-rotation-job"
-  project     = var.project_id
   region      = var.region
   description = "Regularly executes the certificate rotator"
   schedule    = "*/${var.kms_key_rotation_minutes} * * * *"

diff --git a/terraform/modules/jvs-services/jvs-api.tf b/terraform/modules/jvs-services/jvs-api.tf
@@ -15,7 +15,8 @@
 module "api_cloud_run" {
   source = "git::https://github.com/abcxyz/terraform-modules.git//modules/cloud_run?ref=5445543e21491176528fb5cd7adcb505d9dec5dd"
 
-  project_id            = var.project_id
+  project_id = var.project_id
+
   region                = var.region
   name                  = "jvs-api"
   image                 = var.jvs_api_service_image

diff --git a/terraform/modules/jvs-services/jvs-ui.tf b/terraform/modules/jvs-services/jvs-ui.tf
@@ -15,7 +15,8 @@
 module "ui_cloud_run" {
   source = "git::https://github.com/abcxyz/terraform-modules.git//modules/cloud_run?ref=5445543e21491176528fb5cd7adcb505d9dec5dd"
 
-  project_id            = var.project_id
+  project_id = var.project_id
+
   region                = var.region
   name                  = "jvs-ui"
   image                 = var.jvs_ui_service_image

diff --git a/terraform/modules/jvs-services/public-key.tf b/terraform/modules/jvs-services/public-key.tf
@@ -15,7 +15,8 @@
 module "public_key_cloud_run" {
   source = "git::https://github.com/abcxyz/terraform-modules.git//modules/cloud_run?ref=5445543e21491176528fb5cd7adcb505d9dec5dd"
 
-  project_id            = var.project_id
+  project_id = var.project_id
+
   region                = var.region
   name                  = "jvs-public-key"
   image                 = var.jvs_public_key_service_image