From 5f5687b7036434ed0fc8592ec43d4858a797fc1b Mon Sep 17 00:00:00 2001 From: Daniele Monti <62102073+Monska85@users.noreply.github.com> Date: Thu, 29 Aug 2024 12:07:41 +0200 Subject: [PATCH] platform/#3101: add cleanup policies management --- CHANGELOG.md | 4 ++++ README.md | 2 +- main.tf | 28 ++++++++++++++++++++++++++++ variables.tf | 17 ++++++++++++++++- 4 files changed, 49 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 9840f40..756ab59 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -20,6 +20,10 @@ Following semver, any non backwards compatible feature implies that the next rel ## [Unreleased] +### Added + +- FEATURE: add the cleanup policies management for the repositories. + ## [0.4.0] - 2024-05-02 [Compare with previous version](https://github.com/sparkfabrik/terraform-google-gcp-artifact-registry/compare/0.3.0...0.4.0) diff --git a/README.md b/README.md index 51bf916..f9d19d1 100644 --- a/README.md +++ b/README.md @@ -31,7 +31,7 @@ This module is provided without any kind of warranty and is GPL3 licensed. | [default\_location](#input\_default\_location) | The default location for the Artifact Registry repositories. | `string` | `"europe-west1"` | no | | [enable\_api](#input\_enable\_api) | Enable the Artifact Registry API. | `bool` | `true` | no | | [project\_id](#input\_project\_id) | The GCP project ID that hosts the Artifact Registry. | `string` | n/a | yes | -| [repositories](#input\_repositories) | List of Artifact Registry repositories to create. |
map(object({
description = string
format = optional(string, "DOCKER")
mode = optional(string, "STANDARD_REPOSITORY")
cleanup_policy_dry_run = optional(bool, true)
docker_immutable_tags = optional(bool, true)
virtual_repository_config = optional(map(object({
repository = string
priority = optional(number, 0)
})), null)
remote_repository_config_docker = optional(object({
description = optional(string, "")
custom_repository_uri = string
disable_upstream_validation = optional(bool, false)
username_password_credentials_username = optional(string, "")
username_password_credentials_password_secret_version = optional(string, "")
}), null)
readers = optional(list(string), [])
writers = optional(list(string), [])
location = optional(string, "")
}))
| n/a | yes | +| [repositories](#input\_repositories) | List of Artifact Registry repositories to create. |
map(object({
description = string
format = optional(string, "DOCKER")
mode = optional(string, "STANDARD_REPOSITORY")
cleanup_policy_dry_run = optional(bool, true)
cleanup_policies = optional(map(object({
action = optional(string, ""),
condition = optional(object({
tag_state = optional(string),
tag_prefixes = optional(list(string)),
version_name_prefixes = optional(list(string)),
package_name_prefixes = optional(list(string)),
older_than = optional(string),
newer_than = optional(string),
}), {}),
most_recent_versions = optional(object({
package_name_prefixes = optional(list(string)),
keep_count = optional(number)
}), {})
})), {})
docker_immutable_tags = optional(bool, true)
virtual_repository_config = optional(map(object({
repository = string
priority = optional(number, 0)
})), null)
remote_repository_config_docker = optional(object({
description = optional(string, "")
custom_repository_uri = string
disable_upstream_validation = optional(bool, false)
username_password_credentials_username = optional(string, "")
username_password_credentials_password_secret_version = optional(string, "")
}), null)
readers = optional(list(string), [])
writers = optional(list(string), [])
location = optional(string, "")
}))
| n/a | yes | ## Outputs diff --git a/main.tf b/main.tf index e48b4f1..9de5388 100644 --- a/main.tf +++ b/main.tf @@ -44,6 +44,34 @@ resource "google_artifact_registry_repository" "repositories" { location = each.value.location != "" ? each.value.location : var.default_location cleanup_policy_dry_run = each.value.cleanup_policy_dry_run + dynamic "cleanup_policies" { + for_each = each.value.cleanup_policies + content { + id = cleanup_policies.key + action = cleanup_policies.value.action + + dynamic "condition" { + for_each = cleanup_policies.value.condition != {} ? [cleanup_policies.value.condition] : [] + content { + tag_state = condition.value.tag_state + tag_prefixes = condition.value.tag_prefixes + version_name_prefixes = condition.value.version_name_prefixes + package_name_prefixes = condition.value.package_name_prefixes + older_than = condition.value.older_than + newer_than = condition.value.newer_than + } + } + + dynamic "most_recent_versions" { + for_each = cleanup_policies.value.most_recent_versions != {} && cleanup_policies.value.most_recent_versions.keep_count != 0 ? [cleanup_policies.value.most_recent_versions] : [] + content { + package_name_prefixes = most_recent_versions.value.package_name_prefixes + keep_count = most_recent_versions.value.keep_count + } + } + } + } + dynamic "virtual_repository_config" { for_each = each.value.mode == "VIRTUAL_REPOSITORY" ? each.value.virtual_repository_config : {} diff --git a/variables.tf b/variables.tf index 97784da..e52f18c 100644 --- a/variables.tf +++ b/variables.tf @@ -23,7 +23,22 @@ variable "repositories" { format = optional(string, "DOCKER") mode = optional(string, "STANDARD_REPOSITORY") cleanup_policy_dry_run = optional(bool, true) - docker_immutable_tags = optional(bool, true) + cleanup_policies = optional(map(object({ + action = optional(string, ""), + condition = optional(object({ + tag_state = optional(string), + tag_prefixes = optional(list(string)), + version_name_prefixes = optional(list(string)), + package_name_prefixes = optional(list(string)), + older_than = optional(string), + newer_than = optional(string), + }), {}), + most_recent_versions = optional(object({ + package_name_prefixes = optional(list(string)), + keep_count = optional(number) + }), {}) + })), {}) + docker_immutable_tags = optional(bool, true) virtual_repository_config = optional(map(object({ repository = string priority = optional(number, 0)