Skip to content

Commit 65ace4b

Browse files
benhxyBen Hu
benhxy
and
Ben Hu
authored
Allow default workload identity pool name pattern (#15342)
Co-authored-by: Ben Hu <[email protected]>
1 parent be3e073 commit 65ace4b

File tree

2 files changed

+7
-1
lines changed

2 files changed

+7
-1
lines changed

mmv1/templates/terraform/constants/iam_workload_identity_pool.go.tmpl

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,5 @@
11
const workloadIdentityPoolIdRegexp = `^[0-9a-z-]+$`
2+
const defaultWorkloadIdentityPoolIdSuffix = ".svc.id.goog"
23

34
func ValidateWorkloadIdentityPoolId(v interface{}, k string) (ws []string, errors []error) {
45
value := v.(string)
@@ -8,9 +9,13 @@ func ValidateWorkloadIdentityPoolId(v interface{}, k string) (ws []string, error
89
"%q (%q) can not start with \"gcp-\"", k, value))
910
}
1011

12+
if strings.HasSuffix(value, defaultWorkloadIdentityPoolIdSuffix) {
13+
value = strings.TrimRight(value, defaultWorkloadIdentityPoolIdSuffix)
14+
}
15+
1116
if !regexp.MustCompile(workloadIdentityPoolIdRegexp).MatchString(value) {
1217
errors = append(errors, fmt.Errorf(
13-
"%q must contain only lowercase letters (a-z), numbers (0-9), or dashes (-)", k))
18+
"%q must contain only lowercase letters (a-z), numbers (0-9), or dashes (-), or end in '.svc.id.goog'", k))
1419
}
1520

1621
if len(value) < 4 {

mmv1/third_party/terraform/services/iambeta/resource_iam_workload_identity_pool_id_test.go

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,7 @@ func TestValidateIAMBetaWorkloadIdentityPoolId(t *testing.T) {
1616
{TestName: "short", Value: "foos"},
1717
{TestName: "long", Value: "12345678901234567890123456789012"},
1818
{TestName: "has a hyphen", Value: "foo-bar"},
19+
{TestName: "default pool format", Value: "foo-bar.svc.id.goog"},
1920

2021
// With errors
2122
{TestName: "empty", Value: "", ExpectError: true},

0 commit comments

Comments
 (0)