Merge pull request #19 from getindata/feature/add_uppercase_name_flag

feat: Add name_scheme.uppercase flag + bump CI + bump submodules

.pre-commit-config.yaml

@@ -1,26 +1,26 @@
 repos:
   - repo: https://github.com/gruntwork-io/pre-commit
     # When updating, also check if tflint version in pre-commit workflow can be updated.
-    rev: "v0.1.23" # Get the latest from: https://github.com/gruntwork-io/pre-commit/releases
+    rev: "v0.1.25" # Get the latest from: https://github.com/gruntwork-io/pre-commit/releases
     hooks:
       - id: terraform-validate # It should be the first step as it runs terraform init required by tflint
       - id: terraform-fmt
       - id: tflint
 
   - repo: https://github.com/terraform-docs/terraform-docs
-    rev: "v0.18.0" # Get the latest from: https://github.com/terraform-docs/terraform-docs/releases
+    rev: "v0.19.0" # Get the latest from: https://github.com/terraform-docs/terraform-docs/releases
     hooks:
       - id: terraform-docs-go
         args: ["."]
 
   - repo: https://github.com/bridgecrewio/checkov.git
-    rev: "3.2.192" # Get the latest from: https://github.com/bridgecrewio/checkov/releases
+    rev: "3.2.350" # Get the latest from: https://github.com/bridgecrewio/checkov/releases
     hooks:
       - id: checkov
         args: [--skip-check, "CKV_TF_1"] # Terraform module sources do not use a git url with a commit hash revision
 
   - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: "v4.6.0" # Get the latest from: https://github.com/pre-commit/pre-commit-hooks/releases
+    rev: "v5.0.0" # Get the latest from: https://github.com/pre-commit/pre-commit-hooks/releases
     hooks:
       - id: check-merge-conflict
         args: ["--assume-in-merge"]

README.md

@@ -88,8 +88,8 @@ module "snowflake_storage_integration" {
 | <a name="input_create_default_roles"></a> [create\_default\_roles](#input\_create\_default\_roles) | Whether the default roles should be created | `bool` | `false` | no |
 | <a name="input_enabled"></a> [enabled](#input\_enabled) | Whether the storage integration is enabled | `bool` | `true` | no |
 | <a name="input_name"></a> [name](#input\_name) | Name of the resource | `string` | n/a | yes |
-| <a name="input_name_scheme"></a> [name\_scheme](#input\_name\_scheme) | Naming scheme configuration for the resource. This configuration is used to generate names using context provider:<br>    - `properties` - list of properties to use when creating the name - is superseded by `var.context_templates`<br>    - `delimiter` - delimited used to create the name from `properties` - is superseded by `var.context_templates`<br>    - `context_template_name` - name of the context template used to create the name<br>    - `replace_chars_regex` - regex to use for replacing characters in property-values created by the provider - any characters that match the regex will be removed from the name<br>    - `extra_values` - map of extra label-value pairs, used to create a name | <pre>object({<br>    properties            = optional(list(string), ["environment", "name"])<br>    delimiter             = optional(string, "_")<br>    context_template_name = optional(string, "snowflake-warehouse")<br>    replace_chars_regex   = optional(string, "[^a-zA-Z0-9_]")<br>    extra_values          = optional(map(string))<br>  })</pre> | `{}` | no |
-| <a name="input_roles"></a> [roles](#input\_roles) | Roles created in the database scope | <pre>map(object({<br>    name_scheme = optional(object({<br>      properties            = optional(list(string))<br>      delimiter             = optional(string)<br>      context_template_name = optional(string)<br>      replace_chars_regex   = optional(string)<br>      extra_labels          = optional(map(string))<br>    }))<br>    comment              = optional(string)<br>    role_ownership_grant = optional(string)<br>    granted_roles        = optional(list(string))<br>    granted_to_roles     = optional(list(string))<br>    granted_to_users     = optional(list(string))<br>    integration_grants = optional(object({<br>      all_privileges    = optional(bool)<br>      with_grant_option = optional(bool, false)<br>      privileges        = optional(list(string))<br>    }))<br>  }))</pre> | `{}` | no |
+| <a name="input_name_scheme"></a> [name\_scheme](#input\_name\_scheme) | Naming scheme configuration for the resource. This configuration is used to generate names using context provider:<br/>    - `properties` - list of properties to use when creating the name - is superseded by `var.context_templates`<br/>    - `delimiter` - delimited used to create the name from `properties` - is superseded by `var.context_templates`<br/>    - `context_template_name` - name of the context template used to create the name<br/>    - `replace_chars_regex` - regex to use for replacing characters in property-values created by the provider - any characters that match the regex will be removed from the name<br/>    - `extra_values` - map of extra label-value pairs, used to create a name<br/>    - `uppercase` - convert name to uppercase | <pre>object({<br/>    properties            = optional(list(string), ["environment", "name"])<br/>    delimiter             = optional(string, "_")<br/>    context_template_name = optional(string, "snowflake-warehouse")<br/>    replace_chars_regex   = optional(string, "[^a-zA-Z0-9_]")<br/>    extra_values          = optional(map(string))<br/>    uppercase             = optional(bool, true)<br/>  })</pre> | `{}` | no |
+| <a name="input_roles"></a> [roles](#input\_roles) | Roles created in the database scope | <pre>map(object({<br/>    name_scheme = optional(object({<br/>      properties            = optional(list(string))<br/>      delimiter             = optional(string)<br/>      context_template_name = optional(string)<br/>      replace_chars_regex   = optional(string)<br/>      extra_labels          = optional(map(string))<br/>      uppercase             = optional(bool)<br/>    }))<br/>    comment              = optional(string)<br/>    role_ownership_grant = optional(string)<br/>    granted_roles        = optional(list(string))<br/>    granted_to_roles     = optional(list(string))<br/>    granted_to_users     = optional(list(string))<br/>    integration_grants = optional(object({<br/>      all_privileges    = optional(bool)<br/>      with_grant_option = optional(bool, false)<br/>      privileges        = optional(list(string))<br/>    }))<br/>  }))</pre> | `{}` | no |
 | <a name="input_storage_allowed_locations"></a> [storage\_allowed\_locations](#input\_storage\_allowed\_locations) | Explicitly limits external stages that use the integration to reference one or more storage locations | `list(string)` | n/a | yes |
 | <a name="input_storage_aws_object_acl"></a> [storage\_aws\_object\_acl](#input\_storage\_aws\_object\_acl) | Value of "bucket-owner-full-control" enables support for AWS access control lists (ACLs) to grant the bucket owner full control | `string` | `null` | no |
 | <a name="input_storage_aws_role_arn"></a> [storage\_aws\_role\_arn](#input\_storage\_aws\_role\_arn) | AWS Role ARN | `string` | `null` | no |
@@ -102,8 +102,8 @@ module "snowflake_storage_integration" {
 | Name | Source | Version |
 |------|--------|---------|
 | <a name="module_roles_deep_merge"></a> [roles\_deep\_merge](#module\_roles\_deep\_merge) | Invicton-Labs/deepmerge/null | 0.1.5 |
-| <a name="module_snowflake_custom_role"></a> [snowflake\_custom\_role](#module\_snowflake\_custom\_role) | getindata/role/snowflake | 3.0.1 |
-| <a name="module_snowflake_default_role"></a> [snowflake\_default\_role](#module\_snowflake\_default\_role) | getindata/role/snowflake | 3.0.1 |
+| <a name="module_snowflake_custom_role"></a> [snowflake\_custom\_role](#module\_snowflake\_custom\_role) | getindata/role/snowflake | 3.1.0 |
+| <a name="module_snowflake_default_role"></a> [snowflake\_default\_role](#module\_snowflake\_default\_role) | getindata/role/snowflake | 3.1.0 |
 
 ## Outputs
 

examples/complete/main.tf

@@ -20,6 +20,9 @@ module "storage_integration" {
   roles = {
     readonly = {
       granted_to_roles = [snowflake_account_role.dev_role.name]
+      name_scheme = {
+        uppercase = false
+      }
     }
   }
 }

locals.tf

@@ -8,6 +8,7 @@ locals {
       prefix              = "sti"
       storage-integration = var.name
     }
+    uppercase = var.name_scheme.uppercase
   }
 
   #This needs to be the same as an object in roles variable

main.tf

@@ -12,7 +12,7 @@ data "context_label" "this" {
 }
 
 resource "snowflake_storage_integration" "this" {
-  name    = data.context_label.this.rendered
+  name    = var.name_scheme.uppercase ? upper(data.context_label.this.rendered) : data.context_label.this.rendered
   comment = var.comment
   enabled = var.enabled
 
@@ -35,7 +35,7 @@ module "snowflake_default_role" {
   for_each = local.default_roles
 
   source  = "getindata/role/snowflake"
-  version = "3.0.1"
+  version = "3.1.0"
 
   context_templates = var.context_templates
 
@@ -64,7 +64,7 @@ module "snowflake_custom_role" {
   for_each = local.custom_roles
 
   source  = "getindata/role/snowflake"
-  version = "3.0.1"
+  version = "3.1.0"
 
   context_templates = var.context_templates
 

variables.tf

@@ -75,6 +75,7 @@ variable "roles" {
       context_template_name = optional(string)
       replace_chars_regex   = optional(string)
       extra_labels          = optional(map(string))
+      uppercase             = optional(bool)
     }))
     comment              = optional(string)
     role_ownership_grant = optional(string)
@@ -98,13 +99,15 @@ variable "name_scheme" {
     - `context_template_name` - name of the context template used to create the name
     - `replace_chars_regex` - regex to use for replacing characters in property-values created by the provider - any characters that match the regex will be removed from the name
     - `extra_values` - map of extra label-value pairs, used to create a name
+    - `uppercase` - convert name to uppercase
   EOT
   type = object({
     properties            = optional(list(string), ["environment", "name"])
     delimiter             = optional(string, "_")
     context_template_name = optional(string, "snowflake-warehouse")
     replace_chars_regex   = optional(string, "[^a-zA-Z0-9_]")
     extra_values          = optional(map(string))
+    uppercase             = optional(bool, true)
   })
   default = {}
 }