public/terraform-provider-google
0
0
Fork 0
mirror of https://github.com/letic/terraform-provider-google.git synced 2024-10-01 16:21:06 +00:00
Code Issues Projects Releases Wiki Activity

Allow compute/app engine default service account ids in regex (#1390)

Browse Source
This commit is contained in:
emily 2018-04-26 15:46:56 -07:00 committed by GitHub
parent 31a5c9d93c
commit 204a5f9078
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 20 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
google/validation.go
View File

@ -20,6 +20,10 @@ const (
RFC1035NameTemplate = "[a-z](?:[-a-z0-9]{%d,%d}[a-z0-9])"
CloudIoTIdRegex = "^[a-zA-Z][-a-zA-Z0-9._+~%]{2,254}$"
// Format of default Compute service accounts created by Google
// ${PROJECT_ID}-compute@developer.gserviceaccount.com where PROJECT_ID is an int64 (max 20 digits)
ComputeServiceAccountNameRegex = "[0-9]{1,20}-compute@developer.gserviceaccount.com"
)
var (
@ -29,8 +33,20 @@ var (
// 4 and 28 since the first and last character are excluded.
ServiceAccountNameRegex = fmt.Sprintf(RFC1035NameTemplate, 4, 28)
ProjectNameInDNSFormRegex = "[-a-z0-9\\.]{1,63}"
ServiceAccountLinkRegex = "projects/" + ProjectRegex + "/serviceAccounts/" + ServiceAccountNameRegex + "@" + ProjectNameInDNSFormRegex + "\\.iam\\.gserviceaccount\\.com$"
ServiceAccountLinkRegexPrefix = "projects/" + ProjectRegex + "/serviceAccounts/"
PossibleServiceAccountNames = []string{
AppEngineServiceAccountNameRegex,
ComputeServiceAccountNameRegex,
CreatedServiceAccountNameRegex,
}
ServiceAccountLinkRegex = ServiceAccountLinkRegexPrefix + "(" + strings.Join(PossibleServiceAccountNames, "|") + ")"
// Format of service accounts created through the API
CreatedServiceAccountNameRegex = fmt.Sprintf(RFC1035NameTemplate, 4, 28) + "@" + ProjectNameInDNSFormRegex + "\\.iam\\.gserviceaccount\\.com$"
ProjectNameInDNSFormRegex = "[-a-z0-9\\.]{1,63}"
// Format of default App Engine service accounts created by Google
AppEngineServiceAccountNameRegex = ProjectRegex + "@appspot.gserviceaccount.com"
)
var rfc1918Networks = []string{

2
google/validation_test.go
View File

@ -117,6 +117,8 @@ func TestValidateServiceAccountLink(t *testing.T) {
{TestName: "valid with dash", Value: "projects/my-project/serviceAccounts/svcacct@my-project.iam.gserviceaccount.com"},
{TestName: "valid with colon", Value: "projects/my:project/serviceAccounts/svcacct@project.my.iam.gserviceaccount.com"},
{TestName: "valid with dot and colon", Value: "projects/my.thing:project/serviceAccounts/svcacct@project.my.thing.iam.gserviceaccount.com"},
{TestName: "valid with compute default service account", Value: "projects/my-project/serviceAccounts/123456-compute@developer.gserviceaccount.com"},
{TestName: "valid with app engine default service account", Value: "projects/my-project/serviceAccounts/my-project@appspot.gserviceaccount.com"},
// Errors
{TestName: "multiple colons", Value: "projects/my:project:thing/serviceAccounts/svcacct@thing.project.my.iam.gserviceaccount.com", ExpectError: true},