style: tofu fmt the two files my multi-env change reformatted
All checks were successful
Helm Charts / Detect changed charts (pull_request) Successful in 39s
Helm Charts / Detect changed charts (push) Successful in 42s
Helm Charts / Library charts tool (push) Has been skipped
Helm Charts / Library charts tool (pull_request) Has been skipped
Helm Charts / Application charts pgcat (push) Has been skipped
Helm Charts / Application charts pgcat (pull_request) Has been skipped
All checks were successful
Helm Charts / Detect changed charts (pull_request) Successful in 39s
Helm Charts / Detect changed charts (push) Successful in 42s
Helm Charts / Library charts tool (push) Has been skipped
Helm Charts / Library charts tool (pull_request) Has been skipped
Helm Charts / Application charts pgcat (push) Has been skipped
Helm Charts / Application charts pgcat (pull_request) Has been skipped
Whitespace-only. `tofu fmt` realigned two spots that my Phase A edits
shifted:
- app_roles/main.tf: the REASSIGN revocation-statement trailing comment
re-aligned after the GRANT line gained ${local.owner_role}
- variables.tf: the applications object keys re-aligned after adding the
longer `envs` key
The two pre-existing unformatted files (factory_auth.tf, terraform.tfvars)
are left as-is — they were already unformatted on origin/main and are
outside this PR's scope.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -35,7 +35,7 @@ resource "vault_database_secret_backend_role" "role" {
|
|||||||
"GRANT ${local.owner_role} TO \"{{name}}\";",
|
"GRANT ${local.owner_role} TO \"{{name}}\";",
|
||||||
]
|
]
|
||||||
revocation_statements = [
|
revocation_statements = [
|
||||||
"REASSIGN OWNED BY \"{{name}}\" TO ${local.owner_role};", # reassign must be executed in the database where the reassgined objects are - TODO (one connection per database/app)
|
"REASSIGN OWNED BY \"{{name}}\" TO ${local.owner_role};", # reassign must be executed in the database where the reassgined objects are - TODO (one connection per database/app)
|
||||||
"REVOKE ALL ON DATABASE ${local.database} FROM \"{{name}}\";", # should we drop the role ? -> YES after fixing reassign
|
"REVOKE ALL ON DATABASE ${local.database} FROM \"{{name}}\";", # should we drop the role ? -> YES after fixing reassign
|
||||||
]
|
]
|
||||||
renew_statements = []
|
renew_statements = []
|
||||||
|
|||||||
@@ -11,9 +11,9 @@ variable "POSTGRES_CREDENTIALS_EDITOR_PASSWORD" {
|
|||||||
}
|
}
|
||||||
variable "applications" {
|
variable "applications" {
|
||||||
type = set(object({
|
type = set(object({
|
||||||
name = string
|
name = string
|
||||||
policies = optional(list(string), [])
|
policies = optional(list(string), [])
|
||||||
service_account_names = optional(list(string), [])
|
service_account_names = optional(list(string), [])
|
||||||
service_account_namespaces = optional(list(string), [])
|
service_account_namespaces = optional(list(string), [])
|
||||||
# Multi-env extension: list of envs this app deploys to. Defaults to ["prod"] for
|
# Multi-env extension: list of envs this app deploys to. Defaults to ["prod"] for
|
||||||
# every existing app — backwards compatible by the elision rule. Non-prod envs
|
# every existing app — backwards compatible by the elision rule. Non-prod envs
|
||||||
|
|||||||
Reference in New Issue
Block a user