osinfra-io · brettcurtis · Nov 15, 2024 · Nov 14, 2024
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -29,9 +29,11 @@ repos:
       - id: terraform_docs
 
   - repo: https://github.com/bridgecrewio/checkov.git
-    rev: 3.2.276
+    rev: 3.2.296
     hooks:
       - id: checkov
         verbose: true
         args:
+          - --skip-check
+          - "CKV_TF_1"
           - --quiet
diff --git a/README.md b/README.md
@@ -84,9 +84,15 @@ terraform test
 
 | Name | Version |
 |------|---------|
-| google | 6.8.0 |
+| google | 6.11.1 |
 | random | 3.6.3 |
 
+### Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| helpers | github.com/osinfra-io/terraform-core-helpers//child | v0.1.2 |
+
 ### Resources
 
 | Name | Type |
@@ -118,7 +124,6 @@ terraform test
 | cis\_2\_2\_logging\_sink\_project\_id | The CIS 2.2 logging sink project ID | `string` | `""` | no |
 | deletion\_policy | The deletion policy for the project | `string` | `"PREVENT"` | no |
 | description | A short description representing the system, or service you're building in the project for example: `tools` (for a tooling project), `logging` (for a logging project), `services` (for a services project) | `string` | n/a | yes |
-| environment | The environment for example: `sandbox`, `non-production`, `production` | `string` | n/a | yes |
 | folder\_id | The numeric ID of the folder this project should be created under. Only one of `org_id` or `folder_id` may be specified | `string` | n/a | yes |
 | key\_ring\_location | The location of the key ring to create | `string` | `"us"` | no |
 | labels | A map of key/value pairs to assign to the resources being created | `map(string)` | `{}` | no |

diff --git a/helpers.tf b/helpers.tf
@@ -0,0 +1,6 @@
+# Terraform Core Child Module Helpers (osinfra.io)
+# https://github.com/osinfra-io/terraform-core-helpers
+
+module "helpers" {
+  source = "github.com/osinfra-io/terraform-core-helpers//child?ref=v0.1.2"
+}
diff --git a/locals.tf b/locals.tf
@@ -2,7 +2,7 @@
 # https://www.terraform.io/language/values/locals
 
 locals {
-  base_project_id = "${var.prefix}-${var.description}-${local.env}"
+  base_project_id = "${var.prefix}-${var.description}-${module.helpers.env}"
 
   # This map is used to create the GCP-CIS v1.3.0 logging metrics and alarms (2.4 - 2.11). It is recommended that metric filters and alarms be established for
   # the following resources.
@@ -76,14 +76,6 @@ locals {
   cis_2_2_logging_sink_project_id     = var.cis_2_2_logging_sink_project_id == "" ? google_project.this.project_id : var.cis_2_2_logging_sink_project_id
   cis_2_2_logging_sink_storage_bucket = var.cis_2_2_logging_sink_project_id == "" ? "logging.googleapis.com/${google_logging_project_bucket_config.cis_2_2_logging_sink[0].name}" : "logging.googleapis.com/projects/${var.cis_2_2_logging_sink_project_id}/locations/${var.key_ring_location}/buckets/cis-2-2-logging-sink"
 
-  env_map = {
-    "sandbox"        = "sb"
-    "non-production" = "nonprod"
-    "production"     = "prod"
-  }
-
-  env = lookup(local.env_map, var.environment, "none")
-
   monitoring_notification_channels = {
     "budget" = {
       description   = "Budget notification channel created by the terraform-google-project child module"
@@ -105,7 +97,7 @@ locals {
     var.prefix,
     var.description,
     random_id.this[0].hex,
-    local.env,
+    module.helpers.env,
   ) : local.base_project_id
 
   # Concat Function

diff --git a/tests/fixtures/default/locals.tf b/tests/fixtures/default/locals.tf
diff --git a/tests/fixtures/default/main.tf b/tests/fixtures/default/main.tf
@@ -11,10 +11,13 @@ module "test" {
 
   cis_2_2_logging_sink_project_id = var.cis_2_2_logging_sink_project_id
   description                     = "mock"
-  environment                     = var.environment
   folder_id                       = "0000000000000"
-  labels                          = local.labels
-  prefix                          = "mock"
+
+  labels = {
+    "mock-key" = "mock-value"
+  }
+
+  prefix = "mock"
 
   services = [
     "mock.googleapis.com"

diff --git a/tests/fixtures/default/variables.tf b/tests/fixtures/default/variables.tf
@@ -4,7 +4,3 @@
 variable "cis_2_2_logging_sink_project_id" {
   type = string
 }
-
-variable "environment" {
-  type = string
-}
diff --git a/tests/fixtures/logging/locals.tf b/tests/fixtures/logging/locals.tf
diff --git a/tests/fixtures/logging/main.tf b/tests/fixtures/logging/main.tf
@@ -11,8 +11,11 @@ module "test" {
 
   cis_2_2_logging_bucket_locked = false
   description                   = "mock"
-  environment                   = var.environment
   folder_id                     = "0000000000000"
-  labels                        = local.labels
-  prefix                        = "mock"
+
+  labels = {
+    "mock-key" = "mock-value"
+  }
+
+  prefix = "mock"
 }
diff --git a/tests/fixtures/logging/variables.tf b/tests/fixtures/logging/variables.tf
diff --git a/variables.tf b/variables.tf
@@ -36,16 +36,6 @@ variable "description" {
   type        = string
 }
 
-variable "environment" {
-  description = "The environment for example: `sandbox`, `non-production`, `production`"
-  type        = string
-
-  validation {
-    condition     = contains(["sandbox", "non-production", "production"], var.environment)
-    error_message = "Environment must be one of: sandbox, non-production, production."
-  }
-}
-
 variable "folder_id" {
   description = "The numeric ID of the folder this project should be created under. Only one of `org_id` or `folder_id` may be specified"
   type        = string