Skip to content

fix: add extra validation for kms #371

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Dec 17, 2024
Merged

fix: add extra validation for kms #371

merged 5 commits into from
Dec 17, 2024

Conversation

@jor2
Copy link
Member

@jor2 jor2 commented Dec 17, 2024

Description

add extra validation for kms

Release required?

  • No release
  • Patch release (x.x.X)
  • Minor release (x.X.x)
  • Major release (X.x.x)
Release notes content

add extra validation for kms when creating new kms key and existing kms instance is empty.

Run the pipeline

If the CI pipeline doesn't run when you create the PR, the PR requires a user with GitHub collaborators access to run the pipeline.

Run the CI pipeline when the PR is ready for review and you expect tests to pass. Add a comment to the PR with the following text:

/run pipeline

Checklist for reviewers

  • If relevant, a test for the change is included or updated with this PR.
  • If relevant, documentation for the change is included or updated with this PR.

For mergers

  • Use a conventional commit message to set the release level. Follow the guidelines.
  • Include information that users need to know about the PR in the commit message. The commit message becomes part of the GitHub release notes.
  • Use the Squash and merge option.

@jor2 jor2 self-assigned this Dec 17, 2024
@jor2
Copy link
Member Author

jor2 commented Dec 17, 2024

/run pipeline

ocofaigh
ocofaigh reviewed Dec 17, 2024
View reviewed changes
solutions/standard/main.tf Outdated
# tflint-ignore: terraform_unused_declarations
validate_kms_2 = !var.use_ibm_owned_encryption_key && (var.existing_kms_instance_crn == null && var.existing_kms_key_crn == null) ? tobool("When 'use_ibm_owned_encryption_key' is false, a value is required for either 'existing_kms_instance_crn' (to create a new key), or 'existing_kms_key_crn' to use an existing key.") : true
# tflint-ignore: terraform_unused_declarations
validate_kms_3 = local.create_new_kms_key && var.existing_kms_instance_crn == null ? tobool("If a value is not provided for 'existing_db_instance_crn' or 'existing_kms_key_crn', and 'use_ibm_owned_encryption_key' is not set to true, you must provide a value for 'existing_kms_instance_crn'.") : true
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This seems to overlap with validate_kms_2. I think all we need to do is add update the current logic to check if var.existing_db_instance_crn == null (both validate_kms_1 and validate_kms_2)

@jor2 jor2 requested a review from ocofaigh December 17, 2024 11:56
@jor2
Copy link
Member Author

jor2 commented Dec 17, 2024

/run pipeline

@ocofaigh ocofaigh merged commit 4a1a54f into main Dec 17, 2024
2 checks passed
@ocofaigh ocofaigh deleted the add-validation branch December 17, 2024 14:02
@terraform-ibm-modules-ops
Copy link
Contributor

🎉 This PR is included in version 1.25.4 🎉

The release is available on:

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ocofaigh ocofaigh ocofaigh approved these changes

@daniel-butler-irl daniel-butler-irl Awaiting requested review from daniel-butler-irl daniel-butler-irl is a code owner

@shemau shemau Awaiting requested review from shemau shemau is a code owner

Assignees

@jor2 jor2

Labels

released

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@jor2 @terraform-ibm-modules-ops @ocofaigh