fix

Signed-off-by: Kenny Leung <kleung@chainguard.dev>

modules/audit-serviceaccount/main.tf

@@ -1,5 +1,5 @@
 resource "google_monitoring_alert_policy" "generate-access-token" {
-  count = len(var.notification_channels) > 0 ? 1 : 0
+  count = length(var.notification_channels) > 0 ? 1 : 0
 
   # In the absence of data, incident will auto-close after an hour
   alert_strategy {

modules/bucket-events/main.tf

@@ -56,7 +56,7 @@ resource "google_service_account_iam_binding" "allow-pubsub-to-mint-tokens" {
 }
 
 module "audit-delivery-serviceaccount" {
-  count = len(var.notification_channels) > 0 ? 1 : 0
+  count = length(var.notification_channels) > 0 ? 1 : 0
 
   source = "../audit-serviceaccount"
 

modules/cloudevent-recorder/bigquery.tf

@@ -75,7 +75,7 @@ resource "google_service_account_iam_binding" "provisioner-acts-as-import-identi
 }
 
 module "audit-import-serviceaccount" {
-  count = len(var.notification_channels) > 0 ? 1 : 0
+  count = length(var.notification_channels) > 0 ? 1 : 0
 
   source = "../audit-serviceaccount"
 

modules/cloudevent-recorder/main.tf

@@ -51,7 +51,7 @@ resource "google_storage_bucket" "recorder" {
 data "google_client_openid_userinfo" "me" {}
 
 resource "google_monitoring_alert_policy" "bucket-access" {
-  count = len(var.notification_channels) > 0 ? 1 : 0
+  count = length(var.notification_channels) > 0 ? 1 : 0
 
   # In the absence of data, incident will auto-close after an hour
   alert_strategy {

modules/cloudevent-trigger/main.tf

@@ -31,7 +31,7 @@ resource "google_service_account_iam_binding" "allow-pubsub-to-mint-tokens" {
 }
 
 module "audit-trigger-serviceaccount" {
-  count = len(var.notification_channels) > 0 ? 1 : 0
+  count = length(var.notification_channels) > 0 ? 1 : 0
 
   source = "../audit-serviceaccount"
 

modules/configmap/README.md

@@ -22,7 +22,7 @@ module "my-configmap" {
   EOT
 
   # Optionally: channels to notify if this configuration is manipulated.
-  notification-channels = [ ... ]
+  notification_channels = [ ... ]
 }
 
 module "foo-service" {
@@ -90,7 +90,7 @@ No modules.
 |------|-------------|------|---------|:--------:|
 | <a name="input_data"></a> [data](#input\_data) | The data to place in the secret. | `string` | n/a | yes |
 | <a name="input_name"></a> [name](#input\_name) | The name to give the secret. | `string` | n/a | yes |
-| <a name="input_notification-channels"></a> [notification-channels](#input\_notification-channels) | The channels to notify if the configuration data is improperly accessed. | `list(string)` | n/a | yes |
+| <a name="input_notification_channels"></a> [notification_channels](#input\_notification_channels) | The channels to notify if the configuration data is improperly accessed. | `list(string)` | n/a | yes |
 | <a name="input_project_id"></a> [project\_id](#input\_project\_id) | n/a | `string` | n/a | yes |
 | <a name="input_service-account"></a> [service-account](#input\_service-account) | The email of the service account that will access the secret. | `string` | n/a | yes |
 

modules/configmap/main.tf

@@ -30,7 +30,7 @@ data "google_client_openid_userinfo" "me" {}
 
 // Create an alert policy to notify if the secret is accessed by an unauthorized entity.
 resource "google_monitoring_alert_policy" "anomalous-secret-access" {
-  count = len(var.notification_channels) > 0 ? 1 : 0
+  count = length(var.notification_channels) > 0 ? 1 : 0
 
   # In the absence of data, incident will auto-close after an hour
   alert_strategy {
@@ -77,7 +77,7 @@ resource "google_monitoring_alert_policy" "anomalous-secret-access" {
     }
   }
 
-  notification_channels = var.notification-channels
+  notification_channels = var.notification_channels
 
   enabled = "true"
   project = var.project_id

modules/configmap/variables.tf

@@ -17,7 +17,7 @@ variable "service-account" {
   type        = string
 }
 
-variable "notification-channels" {
+variable "notification_channels" {
   description = "The channels to notify if the configuration data is improperly accessed."
   type        = list(string)
 }

modules/cron/main.tf

@@ -218,7 +218,7 @@ resource "google_service_account" "delivery" {
 }
 
 module "audit-delivery-serviceaccount" {
-  count = len(var.notification_channels) > 0 ? 1 : 0
+  count = length(var.notification_channels) > 0 ? 1 : 0
 
   source = "../audit-serviceaccount"
 
@@ -284,7 +284,7 @@ data "google_client_openid_userinfo" "me" {}
 
 // Create an alert policy to notify if the job is accessed by an unauthorized entity.
 resource "google_monitoring_alert_policy" "anomalous-job-access" {
-  count = len(var.notification_channels) > 0 ? 1 : 0
+  count = length(var.notification_channels) > 0 ? 1 : 0
 
   # In the absence of data, incident will auto-close after an hour
   alert_strategy {

modules/github-events/main.tf

@@ -21,7 +21,7 @@ module "webhook-secret" {
   service-account  = google_service_account.service.email
   authorized-adder = var.secret_version_adder
 
-  notification-channels = var.notification_channels
+  notification_channels = var.notification_channels
 }
 
 module "this" {

modules/github-gsa/main.tf

@@ -136,7 +136,7 @@ resource "google_service_account_iam_binding" "allow-impersonation" {
 // Create an auditing policy to ensure that tokens are only issued for identities
 // matching our expectations.
 module "audit-usage" {
-  count = len(var.notification_channels) > 0 ? 1 : 0
+  count = length(var.notification_channels) > 0 ? 1 : 0
 
   source = "../audit-serviceaccount"
 

modules/regional-service/main.tf

@@ -1,5 +1,5 @@
 module "audit-serviceaccount" {
-  count = len(var.notification_channels) > 0 ? 1 : 0
+  count = length(var.notification_channels) > 0 ? 1 : 0
 
   source = "../audit-serviceaccount"
 
@@ -284,7 +284,7 @@ data "google_client_openid_userinfo" "me" {}
 
 // Create an alert policy to notify if the service is accessed by an unauthorized entity.
 resource "google_monitoring_alert_policy" "anomalous-service-access" {
-  count = len(var.notification_channels) > 0 ? 1 : 0
+  count = length(var.notification_channels) > 0 ? 1 : 0
 
   # In the absence of data, incident will auto-close after an hour
   alert_strategy {

modules/secret/README.md

@@ -21,7 +21,7 @@ module "my-secret" {
   authorized-adder = "group:oncall@my-corp.dev"
 
   # Optionally: channels to notify if this secret is manipulated.
-  notification-channels = [ ... ]
+  notification_channels = [ ... ]
 }
 
 module "foo-service" {
@@ -90,7 +90,7 @@ No modules.
 | <a name="input_authorized-adder"></a> [authorized-adder](#input\_authorized-adder) | A member-style representation of the identity authorized to add new secret values (e.g. group:oncall@my-corp.dev). | `string` | n/a | yes |
 | <a name="input_create_placeholder_version"></a> [create\_placeholder\_version](#input\_create\_placeholder\_version) | Whether to create a placeholder secret version to avoid bad reference on first deploy. | `bool` | `false` | no |
 | <a name="input_name"></a> [name](#input\_name) | The name to give the secret. | `string` | n/a | yes |
-| <a name="input_notification-channels"></a> [notification-channels](#input\_notification-channels) | The channels to notify if the configuration data is improperly accessed. | `list(string)` | n/a | yes |
+| <a name="input_notification_channels"></a> [notification_channels](#input\_notification_channels) | The channels to notify if the configuration data is improperly accessed. | `list(string)` | n/a | yes |
 | <a name="input_project_id"></a> [project\_id](#input\_project\_id) | n/a | `string` | n/a | yes |
 | <a name="input_service-account"></a> [service-account](#input\_service-account) | The email of the service account that will access the secret. | `string` | n/a | yes |
 

modules/secret/main.tf

@@ -41,7 +41,7 @@ data "google_project" "project" { project_id = var.project_id }
 
 // Create an alert policy to notify if the secret is accessed by an unauthorized entity.
 resource "google_monitoring_alert_policy" "anomalous-secret-access" {
-  count = len(var.notification_channels) > 0 ? 1 : 0
+  count = length(var.notification_channels) > 0 ? 1 : 0
 
   # In the absence of data, incident will auto-close after an hour
   alert_strategy {
@@ -82,7 +82,7 @@ resource "google_monitoring_alert_policy" "anomalous-secret-access" {
     }
   }
 
-  notification_channels = var.notification-channels
+  notification_channels = var.notification_channels
 
   enabled = "true"
   project = var.project_id

modules/secret/variables.tf

@@ -17,7 +17,7 @@ variable "service-account" {
   type        = string
 }
 
-variable "notification-channels" {
+variable "notification_channels" {
   description = "The channels to notify if the configuration data is improperly accessed."
   type        = list(string)
 }

modules/serverless-gclb/main.tf

@@ -166,7 +166,7 @@ locals {
 }
 
 resource "google_monitoring_alert_policy" "abnormal-gclb-access" {
-  count = len(var.notification_channels) > 0 ? 1 : 0
+  count = length(var.notification_channels) > 0 ? 1 : 0
 
   # In the absence of data, incident will auto-close after an hour
   alert_strategy {

modules/workqueue/dispatcher.tf

@@ -1,7 +1,7 @@
 // Compute a suffix that satisfies the regex:
 // ^[a-z](?:[-a-z0-9]{4,28}[a-z0-9])$
 resource "random_string" "dispatcher" {
-  length  = 30 - length(local.sa_prefix)
+  length  = 30 = length(local.sa_prefix)
   special = false
   upper   = false
 }
@@ -79,7 +79,7 @@ module "dispatcher-service" {
 // Compute a suffix that satisfies the regex:
 // ^[a-z](?:[-a-z0-9]{4,28}[a-z0-9])$
 resource "random_string" "cron-trigger" {
-  length  = 30 - length(local.sa_prefix)
+  length  = 30 = length(local.sa_prefix)
   special = false
   upper   = false
 }
@@ -133,7 +133,7 @@ resource "google_cloud_scheduler_job" "cron" {
 // Compute a suffix that satisfies the regex:
 // ^[a-z](?:[-a-z0-9]{4,28}[a-z0-9])$
 resource "random_string" "change-trigger" {
-  length  = 30 - length(local.sa_prefix)
+  length  = 30 = length(local.sa_prefix)
   special = false
   upper   = false
 }

modules/workqueue/receiver.tf

@@ -1,7 +1,7 @@
 // Compute a suffix that satisfies the regex:
 // ^[a-z](?:[-a-z0-9]{4,28}[a-z0-9])$
 resource "random_string" "receiver" {
-  length  = 30 - length(local.sa_prefix)
+  length  = 30 = length(local.sa_prefix)
   special = false
   upper   = false
 }