fix: fixes lint issues and generates metadata (#392)

Co-authored-by: Awais Malik <awmalik@google.com>

Makefile

@@ -18,7 +18,7 @@
 # Make will use bash instead of sh
 SHELL := /usr/bin/env bash
 
-DOCKER_TAG_VERSION_DEVELOPER_TOOLS := 1.8
+DOCKER_TAG_VERSION_DEVELOPER_TOOLS := 1.10
 DOCKER_IMAGE_DEVELOPER_TOOLS := cft/developer-tools
 REGISTRY_URL := gcr.io/cloud-foundation-cicd
 

build/int.cloudbuild.yaml

@@ -191,5 +191,5 @@ tags:
   - 'integration'
 substitutions:
   _DOCKER_IMAGE_DEVELOPER_TOOLS: 'cft/developer-tools'
-  _DOCKER_TAG_VERSION_DEVELOPER_TOOLS: '1.8'
+  _DOCKER_TAG_VERSION_DEVELOPER_TOOLS: '1.10'
   _API_ACTIVATION_SECONDS_WAIT: '900'

build/lint.cloudbuild.yaml

@@ -21,4 +21,4 @@ tags:
 - 'lint'
 substitutions:
   _DOCKER_IMAGE_DEVELOPER_TOOLS: 'cft/developer-tools'
-  _DOCKER_TAG_VERSION_DEVELOPER_TOOLS: '1.8'
+  _DOCKER_TAG_VERSION_DEVELOPER_TOOLS: '1.10'

examples/mssql-public/README.md

@@ -9,7 +9,6 @@ This example shows how create MS SQL Server database using the Terraform module.
 |------|-------------|------|---------|:--------:|
 | name | The name for Cloud SQL instance | `string` | `"tf-mssql-public"` | no |
 | project\_id | The project to run tests against | `string` | n/a | yes |
-| region | n/a | `string` | `"us-central1"` | no |
 | sql\_server\_audit\_config | SQL server audit config settings. | `map(string)` | `{}` | no |
 
 ## Outputs

examples/mssql-public/variables.tf

@@ -25,11 +25,6 @@ variable "name" {
   default     = "tf-mssql-public"
 }
 
-variable "region" {
-  default = "us-central1"
-  type    = string
-}
-
 variable "sql_server_audit_config" {
   description = "SQL server audit config settings."
   type        = map(string)

metadata.yaml

@@ -0,0 +1,78 @@
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: blueprints.cloud.google.com/v1alpha1
+kind: BlueprintMetadata
+metadata:
+  name: terraform-google-sql-db
+  annotations:
+    config.kubernetes.io/local-config: "true"
+spec:
+  title: terraform-google-sql
+  source:
+    repo: https://github.com/terraform-google-modules/terraform-google-sql-db
+    sourceType: git
+  subBlueprints:
+  - name: backup
+    location: modules/backup
+  - name: mssql
+    location: modules/mssql
+  - name: mysql
+    location: modules/mysql
+  - name: postgresql
+    location: modules/postgresql
+  - name: private_service_access
+    location: modules/private_service_access
+  - name: restore
+    location: modules/restore
+  - name: safer_mysql
+    location: modules/safer_mysql
+  examples:
+  - name: mssql-public
+    location: examples/mssql-public
+  - name: mysql-backup-create-service-account
+    location: examples/mysql-backup-create-service-account
+  - name: mysql-ha
+    location: examples/mysql-ha
+  - name: mysql-private
+    location: examples/mysql-private
+  - name: mysql-public
+    location: examples/mysql-public
+  - name: postgresql-backup-provided-service-account
+    location: examples/postgresql-backup-provided-service-account
+  - name: postgresql-ha
+    location: examples/postgresql-ha
+  - name: postgresql-public
+    location: examples/postgresql-public
+  - name: postgresql-public-iam
+    location: examples/postgresql-public-iam
+  roles:
+  - level: Project
+    roles:
+    - roles/cloudsql.admin
+    - roles/compute.networkAdmin
+    - roles/iam.serviceAccountAdmin
+    - roles/resourcemanager.projectIamAdmin
+    - roles/storage.admin
+    - roles/workflows.admin
+    - roles/cloudscheduler.admin
+    - roles/iam.serviceAccountUser
+  services:
+  - cloudresourcemanager.googleapis.com
+  - compute.googleapis.com
+  - servicenetworking.googleapis.com
+  - sqladmin.googleapis.com
+  - iam.googleapis.com
+  - workflows.googleapis.com
+  - cloudscheduler.googleapis.com

modules/backup/README.md

@@ -74,7 +74,7 @@ fetch workflows.googleapis.com/Workflow
 |------|-------------|
 | backup\_workflow\_name | The name for internal backup workflow |
 | export\_workflow\_name | The name for export workflow |
-| region | n/a |
+| region | The region for running the scheduler and workflow |
 | service\_account | The service account email running the scheduler and workflow |
 
 <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->

modules/backup/metadata.yaml

@@ -0,0 +1,142 @@
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: blueprints.cloud.google.com/v1alpha1
+kind: BlueprintMetadata
+metadata:
+  name: terraform-google-sql-db
+  annotations:
+    config.kubernetes.io/local-config: "true"
+spec:
+  title: GCP CloudSQL Backup
+  source:
+    repo: https://github.com/terraform-google-modules/terraform-google-sql-db
+    sourceType: git
+  actuationTool:
+    type: Terraform
+    version: '>= 0.13'
+  examples:
+  - name: mssql-public
+    location: examples/mssql-public
+  - name: mysql-backup-create-service-account
+    location: examples/mysql-backup-create-service-account
+  - name: mysql-ha
+    location: examples/mysql-ha
+  - name: mysql-private
+    location: examples/mysql-private
+  - name: mysql-public
+    location: examples/mysql-public
+  - name: postgresql-backup-provided-service-account
+    location: examples/postgresql-backup-provided-service-account
+  - name: postgresql-ha
+    location: examples/postgresql-ha
+  - name: postgresql-public
+    location: examples/postgresql-public
+  - name: postgresql-public-iam
+    location: examples/postgresql-public-iam
+  variables:
+  - name: backup_retention_time
+    description: The number of days backups should be kept
+    type: number
+    default: 30
+    required: false
+  - name: backup_schedule
+    description: The cron schedule to execute the internal backup
+    type: string
+    default: 45 2 * * *
+    required: false
+  - name: compress_export
+    description: Whether or not to compress the export when storing in the bucket; Only valid for MySQL and PostgreSQL
+    type: bool
+    default: true
+    required: false
+  - name: enable_export_backup
+    description: Weather to create exports to GCS Buckets with this module
+    type: bool
+    default: true
+    required: false
+  - name: enable_internal_backup
+    description: Wether to create internal backups with this module
+    type: bool
+    default: true
+    required: false
+  - name: export_databases
+    description: The list of databases that should be exported - if is an empty set all databases will be exported
+    type: set(string)
+    default: []
+    required: false
+  - name: export_schedule
+    description: The cron schedule to execute the export to GCS
+    type: string
+    default: 15 3 * * *
+    required: false
+  - name: export_uri
+    description: The bucket and path uri for exporting to GCS
+    type: string
+    required: true
+  - name: project_id
+    description: The project ID
+    type: string
+    required: true
+  - name: region
+    description: The region where to run the workflow
+    type: string
+    default: us-central1
+    required: false
+  - name: scheduler_timezone
+    description: The Timezone in which the Scheduler Jobs are triggered
+    type: string
+    default: Etc/GMT
+    required: false
+  - name: service_account
+    description: The service account to use for running the workflow and triggering the workflow by Cloud Scheduler - If empty or null a service account will be created. If you have provided a service account you need to grant the Cloud SQL Admin and the Workflows Invoker role to that
+    type: string
+    required: false
+  - name: sql_instance
+    description: The name of the SQL instance to backup
+    type: string
+    required: true
+  - name: unique_suffix
+    description: Unique suffix to add to scheduler jobs and workflows names.
+    type: string
+    default: ""
+    required: false
+  outputs:
+  - name: backup_workflow_name
+    description: The name for internal backup workflow
+  - name: export_workflow_name
+    description: The name for export workflow
+  - name: region
+    description: The region for running the scheduler and workflow
+  - name: service_account
+    description: The service account email running the scheduler and workflow
+  roles:
+  - level: Project
+    roles:
+    - roles/cloudsql.admin
+    - roles/compute.networkAdmin
+    - roles/iam.serviceAccountAdmin
+    - roles/resourcemanager.projectIamAdmin
+    - roles/storage.admin
+    - roles/workflows.admin
+    - roles/cloudscheduler.admin
+    - roles/iam.serviceAccountUser
+  services:
+  - cloudresourcemanager.googleapis.com
+  - compute.googleapis.com
+  - servicenetworking.googleapis.com
+  - sqladmin.googleapis.com
+  - iam.googleapis.com
+  - workflows.googleapis.com
+  - cloudscheduler.googleapis.com

modules/backup/outputs.tf

@@ -30,5 +30,6 @@ output "service_account" {
 }
 
 output "region" {
-  value = var.region
+  description = "The region for running the scheduler and workflow"
+  value       = var.region
 }

modules/backup/variables.tf

@@ -44,16 +44,19 @@ variable "backup_retention_time" {
 
 variable "scheduler_timezone" {
   description = "The Timezone in which the Scheduler Jobs are triggered"
+  type        = string
   default     = "Etc/GMT"
 }
 
 variable "backup_schedule" {
   description = "The cron schedule to execute the internal backup"
+  type        = string
   default     = "45 2 * * *"
 }
 
 variable "export_schedule" {
   description = "The cron schedule to execute the export to GCS"
+  type        = string
   default     = "15 3 * * *"
 }