fix: example scripts & formatting (#2)

* fix: example scripts & formatting * Trigger build * fix: updated examples * fix: restoring existing-service-account-gar example
lacework · Nov 3, 2021 · 0daab76 · 0daab76
1 parent 3ae843b
commit 0daab76
Show file tree

Hide file tree

Showing 7 changed files with 31 additions and 29 deletions.
diff --git a/examples/configure-lacework-gar-integration/README.md b/examples/configure-lacework-gar-integration/README.md
@@ -8,10 +8,11 @@ The fields required for this example are:
 |------|-------------|------|
 | `lacework_integration_name` | Set this to whatever you would like the integration to be named. | `string` |
 | `registry_domain` | The GAR domain, which specifies the location where you store the images. Defaults to us-docker.pkg.dev| `string` |
-| `limit_by_tag` | An image tag to limit the assessment of images with matching tag. If you specify limit_by_tag and limit_by_label limits, they function as an AND. Supported field input are mytext\*mytext, mytext, mytext\*, or mytext. Only one \* wildcard is supported. Defaults to \*. | `string` |
+| `limit_by_tags` | An image tag to limit the assessment of images with matching tag. If you specify limit_by_tag and limit_by_label limits, they function as an AND. Supported field input are mytext\*mytext, mytext, mytext\*, or mytext. Only one \* wildcard is supported. Defaults to \*. | `string` |
 | `limit_by_label` | An image label to limit the assessment of images with matching label. If you specify limit_by_tag and limit_by_label limits, they function as an AND. Supported field input are mytext\*mytext, mytext, mytext\*, or mytext. Only one \* wildcard is supported. Defaults to \*. | `string` |
-| `limit_by_repos` | A comma-separated list of repositories to assess. This should be defined as a string. (without spaces recommended) | `string` |
+| `limit_by_repositories` | A comma-separated list of repositories to assess. This should be defined as a string. (without spaces recommended) | `string` |
 | `limit_num_imgs` | The maximum number of newest container images to assess per repository. Must be one of 5, 10, or 15. Defaults to 5. | `string` |
+|`non_os_packages` | Whether or not Lacework should scan container images for additional application librarys beyond OS packages | `boolean`|
 
 
 Create a `main.tf` with the following code:
@@ -21,16 +22,15 @@ provider "google" {}
 
 provider "lacework" {}
 
-module "lacework_svc_account" {
-  source  = "lacework/gar/gcp"
-  version = "~> 1.0"
-  
+module "lacework_gar" {
+
   lacework_integration_name = "Example GAR integration"
   registry_domain           = "us-docker.pkg.dev"
-  limit_by_tag              = "example*"
-  limit_by_label            = "example*"
-  limit_by_repos            = "foo,bar"
+  limit_by_tags             = ["example*"]
+  limit_by_label            = ["example*"]
+  limit_by_repositories     = ["foo","bar"]
   limit_num_imgs            = "10"
+  non_os_packages           = true
 }
 ```
 

diff --git a/examples/configure-lacework-gar-integration/main.tf b/examples/configure-lacework-gar-integration/main.tf
@@ -1,4 +1,5 @@
-provider "google" {}
+provider "google" {
+}
 
 provider "lacework" {}
 
@@ -8,8 +9,9 @@ module "lacework_gar" {
   # configure the Lacework Artifact Registry integration
   lacework_integration_name = "Example GAR integration"
   registry_domain           = "us-docker.pkg.dev"
-  limit_by_tag              = "example*"
-  limit_by_label            = "example*"
-  limit_by_repos            = "foo,bar"
+  limit_by_tags             = ["example*"]
+  limit_by_label            = ["example*"]
+  limit_by_repositories     = ["foo","bar"]
   limit_num_imgs            = "10"
+  non_os_package_support    = true
 }
diff --git a/examples/default/README.md b/examples/default/README.md
@@ -16,8 +16,8 @@ provider "lacework" {}
 provider "google" {}
 
 module "lacework_gar" {
-  source  = "lacework/gar/gcp"
-  version = "~> 1.0"
+  source    = "lacework/gar/gcp"
+  version   = "~> 0.1"
 }
 ```
 

diff --git a/examples/environment-variables-gar/README.md b/examples/environment-variables-gar/README.md
@@ -38,9 +38,9 @@ provider "google" {}
 provider "lacework" {}
 
 module "lacework_gar" {
-  source  = "lacework/gar/gcp"
-  version = "~> 1.0"
+  source    = "lacework/gar/gcp"
+  version   = "~> 0.1"
 }
 ```
 
-For detailed information on integrating Lacework with Google Container Registry see [Integrate Google Container Registry](https://support.lacework.com/hc/en-us/articles/360047770014-Integrate-Google-Container-Registry)
+For detailed information on integrating Lacework with Google Artifact Registry see [Integrate Google Artifact Registry](https://support.lacework.com/hc/en-us/articles/1500009169561-Integrate-Google-Artifact-Registry)
diff --git a/examples/existing-service-account-gar/README.md b/examples/existing-service-account-gar/README.md
@@ -32,9 +32,9 @@ provider "google" {}
 
 provider "lacework" {}
 
-module "lacework_svc_account" {
+module "lacework_gar" {
   source  = "lacework/gar/gcp"
-  version = "~> 1.0"
+  version = "~> 0.1"
 
   use_existing_service_account = true
   service_account_name         = "my-service-account"

diff --git a/main.tf b/main.tf
@@ -76,7 +76,7 @@ resource "lacework_integration_gar" "default" {
     value = values(var.limit_by_label)
   }
   */
-  non_os_package_support = var.non_os_package_support  
+  non_os_package_support = var.non_os_package_support
 
   depends_on = [time_sleep.wait_time]
 }

diff --git a/variables.tf b/variables.tf
@@ -1,7 +1,7 @@
 variable "required_gar_apis" {
   type = map(any)
   default = {
-    resourcemanager   = "cloudresourcemanager.googleapis.com"
+    resourcemanager  = "cloudresourcemanager.googleapis.com"
     artifactregistry = "artifactregistry.googleapis.com"
   }
 }
@@ -55,22 +55,22 @@ variable "registry_domain" {
 }
 
 variable "limit_by_tags" {
-  type    = list(any)
-  default = []
+  type        = list(any)
+  default     = []
   description = "An image tag to limit the assessment of images with matching tag. If you specify limit_by_tag and limit_by_label limits, they function as an AND. Supported field input are mytext*mytext, mytext, mytext*, or mytext. Only one * wildcard is supported. Defaults to empty."
 }
 
 variable "limit_by_label" {
-  type    = list(any)
+  type = list(any)
   default = [{
     "" = ""
   }]
   description = "An image label to limit the assessment of images with matching label. If you specify limit_by_tag and limit_by_label limits, they function as an AND.  Input is \"key\" = \"value\". Defaults to empty."
 }
 
 variable "limit_by_repositories" {
-  type    = list(any)
-  default = []
+  type        = list(any)
+  default     = []
   description = "A comma-separated list of repositories to assess.  Defaults to empty (will assess all repositories in the registry)."
 }
 
@@ -81,7 +81,7 @@ variable "limit_num_imgs" {
 }
 
 variable "non_os_package_support" {
-  type = bool
-  default = true
+  type        = bool
+  default     = true
   description = "Whether or not the integration should check non-os packages in the container for vulnerabilities.  Defaults to true"
 }