chore: GKE alias and make required providers optional (#1516)

Author: PengyuanZhao

lwgenerate/gcp/gcp.go

@@ -417,12 +417,12 @@ func (args *GenerateGcpTfConfigurationArgs) Generate() (string, error) {
 	}
 
 	// Create blocks
-	requiredProviders, err := createRequiredProviders()
+	requiredProviders, err := createRequiredProviders(false)
 	if err != nil {
 		return "", errors.Wrap(err, "failed to generate required providers")
 	}
 
-	gcpProvider, err := createGcpProvider(args.ServiceAccountCredentials, args.GcpProjectId, args.Regions)
+	gcpProvider, err := createGcpProvider(args.ServiceAccountCredentials, args.GcpProjectId, args.Regions, "")
 	if err != nil {
 		return "", errors.Wrap(err, "failed to generate gcp provider")
 	}
@@ -461,7 +461,10 @@ func (args *GenerateGcpTfConfigurationArgs) Generate() (string, error) {
 	return hclBlocks, nil
 }
 
-func createRequiredProviders() (*hclwrite.Block, error) {
+func createRequiredProviders(useExistingRequiredProviders bool) (*hclwrite.Block, error) {
+	if useExistingRequiredProviders {
+		return nil, nil
+	}
 	return lwgenerate.CreateRequiredProviders(
 		lwgenerate.NewRequiredProvider(
 			"lacework",
@@ -485,6 +488,7 @@ func createGcpProvider(
 	serviceAccountCredentials string,
 	projectId string,
 	regionsArg []string,
+	alias string,
 ) ([]*hclwrite.Block, error) {
 	blocks := []*hclwrite.Block{}
 
@@ -504,6 +508,10 @@ func createGcpProvider(
 			attrs["project"] = projectId
 		}
 
+		if alias != "" {
+			attrs["alias"] = alias
+		}
+
 		if region != "" {
 			attrs["alias"] = region
 			attrs["region"] = region

lwgenerate/gcp/gke.go

@@ -9,19 +9,21 @@ import (
 )
 
 type GenerateGkeTfConfigurationArgs struct {
-	ExistingServiceAccount    *ServiceAccount
-	ExistingSinkName          string
-	IntegrationName           string
-	Labels                    map[string]string
-	LaceworkProfile           string
-	OrganizationId            string
-	OrganizationIntegration   bool
-	Prefix                    string
-	ProjectId                 string
-	PubSubSubscriptionLabels  map[string]string
-	PubSubTopicLabels         map[string]string
-	ServiceAccountCredentials string
-	WaitTime                  string
+	UseExistingRequiredProviders bool
+	GcpProviderAlias             string
+	ExistingServiceAccount       *ServiceAccount
+	ExistingSinkName             string
+	IntegrationName              string
+	Labels                       map[string]string
+	LaceworkProfile              string
+	OrganizationId               string
+	OrganizationIntegration      bool
+	Prefix                       string
+	ProjectId                    string
+	PubSubSubscriptionLabels     map[string]string
+	PubSubTopicLabels            map[string]string
+	ServiceAccountCredentials    string
+	WaitTime                     string
 }
 
 type Modifier func(c *GenerateGkeTfConfigurationArgs)
@@ -31,12 +33,17 @@ func (args *GenerateGkeTfConfigurationArgs) Generate() (string, error) {
 		return "", errors.Wrap(err, "invalid inputs")
 	}
 
-	requiredProviders, err := createRequiredProviders()
+	requiredProviders, err := createRequiredProviders(args.UseExistingRequiredProviders)
 	if err != nil {
 		return "", errors.Wrap(err, "failed to generate required providers")
 	}
 
-	gcpProvider, err := createGcpProvider(args.ServiceAccountCredentials, args.ProjectId, []string{})
+	gcpProvider, err := createGcpProvider(
+		args.ServiceAccountCredentials,
+		args.ProjectId,
+		[]string{},
+		args.GcpProviderAlias,
+	)
 	if err != nil {
 		return "", errors.Wrap(err, "failed to generate gcp provider")
 	}
@@ -93,6 +100,18 @@ func NewGkeTerraform(mods ...Modifier) *GenerateGkeTfConfigurationArgs {
 	return config
 }
 
+func WithGkeExistingRequiredProviders() Modifier {
+	return func(c *GenerateGkeTfConfigurationArgs) {
+		c.UseExistingRequiredProviders = true
+	}
+}
+
+func WithGkeGcpProviderAlias(alias string) Modifier {
+	return func(c *GenerateGkeTfConfigurationArgs) {
+		c.GcpProviderAlias = alias
+	}
+}
+
 func WithGkeExistingServiceAccount(serviceAccount *ServiceAccount) Modifier {
 	return func(c *GenerateGkeTfConfigurationArgs) {
 		c.ExistingServiceAccount = serviceAccount
@@ -207,10 +226,23 @@ func createGKEAuditLog(args *GenerateGkeTfConfigurationArgs) (*hclwrite.Block, e
 		attributes["wait_time"] = args.WaitTime
 	}
 
+	moduleDetails := []lwgenerate.HclModuleModifier{
+		lwgenerate.HclModuleWithAttributes(attributes),
+		lwgenerate.HclModuleWithVersion(lwgenerate.GcpGKEAuditLogVersion),
+	}
+
+	if args.GcpProviderAlias != "" {
+		moduleDetails = append(
+			moduleDetails,
+			lwgenerate.HclModuleWithProviderDetails(
+				map[string]string{"google": fmt.Sprintf("google.%s", args.GcpProviderAlias)},
+			),
+		)
+	}
+
 	return lwgenerate.NewModule(
 		fmt.Sprintf("gcp_%s_level_gke_audit_log", level),
 		lwgenerate.GcpGKEAuditLogSource,
-		lwgenerate.HclModuleWithAttributes(attributes),
-		lwgenerate.HclModuleWithVersion(lwgenerate.GcpGKEAuditLogVersion),
+		moduleDetails...,
 	).ToBlock()
 }

lwgenerate/gcp/gke_test.go

@@ -109,6 +109,29 @@ func TestGenerateGKETfConfigurationArgs_Generate(t *testing.T) {
 }
 `),
 		},
+		{
+			"TestGeneration GKE Audit Log using alias and existing required providers ",
+			gcp.NewGkeTerraform(
+				gcp.WithGkeGcpProviderAlias("gke"),
+				gcp.WithGkeExistingRequiredProviders(),
+				gcp.WithGkeProjectId("project1"),
+			),
+			`provider "google" {
+  alias   = "gke"
+  project = "project1"
+}
+
+module "gcp_project_level_gke_audit_log" {
+  source           = "lacework/gke-audit-log/gcp"
+  version          = "~> 0.3"
+  integration_type = "PROJECT"
+
+  providers = {
+    google = google.gke
+  }
+}
+`,
+		},
 	}
 
 	for _, tc := range tests {