feat: Add name_scheme.uppercase flag, bump submodules, bump CI configuration, improve dependencies

.pre-commit-config.yaml

@@ -1,26 +1,26 @@
 repos:
   - repo: https://github.com/gruntwork-io/pre-commit
     # When updating, also check if tflint version in pre-commit workflow can be updated.
-    rev: "v0.1.23" # Get the latest from: https://github.com/gruntwork-io/pre-commit/releases
+    rev: "v0.1.25" # Get the latest from: https://github.com/gruntwork-io/pre-commit/releases
     hooks:
       - id: terraform-validate # It should be the first step as it runs terraform init required by tflint
       - id: terraform-fmt
       - id: tflint
 
   - repo: https://github.com/terraform-docs/terraform-docs
-    rev: "v0.18.0" # Get the latest from: https://github.com/terraform-docs/terraform-docs/releases
+    rev: "v0.19.0" # Get the latest from: https://github.com/terraform-docs/terraform-docs/releases
     hooks:
       - id: terraform-docs-go
         args: ["."]
 
   - repo: https://github.com/bridgecrewio/checkov.git
-    rev: "3.2.192" # Get the latest from: https://github.com/bridgecrewio/checkov/releases
+    rev: "3.2.350" # Get the latest from: https://github.com/bridgecrewio/checkov/releases
     hooks:
       - id: checkov
         args: [--skip-check, "CKV_TF_1"] # Terraform module sources do not use a git url with a commit hash revision
 
   - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: "v4.6.0" # Get the latest from: https://github.com/pre-commit/pre-commit-hooks/releases
+    rev: "v5.0.0" # Get the latest from: https://github.com/pre-commit/pre-commit-hooks/releases
     hooks:
       - id: check-merge-conflict
         args: ["--assume-in-merge"]

examples/complete/main.tf

@@ -35,6 +35,9 @@ module "database" {
       stages = {
         example = {
           comment = "my example stage"
+          name_scheme = {
+            uppercase = false
+          }
         }
       }
       roles = {
@@ -43,6 +46,9 @@ module "database" {
         }
         readonly = {
           granted_to_roles = [snowflake_account_role.dev_role.name]
+          name_scheme = {
+            uppercase = false
+          }
         }
       }
     }
@@ -74,5 +80,14 @@ module "project_database" {
     extra_values = {
       project = "project"
     }
+    uppercase = false
   }
+
+
+  comment                     = "test database"
+  data_retention_time_in_days = 1
+  is_transient                = false
+
+  create_default_roles     = true
+  database_ownership_grant = snowflake_account_role.admin_role.name
 }

examples/simple/README.md

@@ -41,7 +41,7 @@ No providers.
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.3 |
-| <a name="requirement_snowflake"></a> [snowflake](#requirement\_snowflake) | ~> 0.95 |
+| <a name="requirement_snowflake"></a> [snowflake](#requirement\_snowflake) | >= 0.95 |
 
 ## Resources
 

examples/simple/versions.tf

@@ -3,7 +3,7 @@ terraform {
   required_providers {
     snowflake = {
       source  = "Snowflake-Labs/snowflake"
-      version = "~> 0.95"
+      version = ">= 0.95"
     }
   }
 }

locals.tf

@@ -7,6 +7,7 @@ locals {
     extra_values = {
       database = var.name
     }
+    uppercase = var.name_scheme.uppercase
   }
 
   #This needs to be the same as an object in roles variable

main.tf

@@ -12,7 +12,7 @@ data "context_label" "this" {
 }
 
 resource "snowflake_database" "this" {
-  name         = data.context_label.this.rendered
+  name         = var.name_scheme.uppercase ? upper(data.context_label.this.rendered) : data.context_label.this.rendered
   is_transient = var.is_transient
   comment      = var.comment
 
@@ -43,7 +43,7 @@ module "snowflake_default_role" {
   for_each = local.default_roles
 
   source  = "getindata/database-role/snowflake"
-  version = "2.0.1"
+  version = "2.1.0"
 
   database_name     = snowflake_database.this.name
   context_templates = var.context_templates
@@ -67,7 +67,7 @@ module "snowflake_custom_role" {
   for_each = local.custom_roles
 
   source  = "getindata/database-role/snowflake"
-  version = "2.0.1"
+  version = "2.1.0"
 
   database_name     = snowflake_database.this.name
   context_templates = var.context_templates
@@ -91,12 +91,13 @@ module "snowflake_schema" {
   for_each = var.schemas
 
   source  = "getindata/schema/snowflake"
-  version = "3.0.0"
+  version = "3.1.0"
 
   context_templates = var.context_templates
 
   name = each.key
   name_scheme = merge({
+    uppercase = var.name_scheme.uppercase
     extra_values = {
       database = var.name
     } },
@@ -137,7 +138,7 @@ resource "snowflake_grant_ownership" "database_ownership" {
   count = var.database_ownership_grant != null ? 1 : 0
 
   account_role_name   = var.database_ownership_grant
-  outbound_privileges = "REVOKE"
+  outbound_privileges = "COPY"
   on {
     object_type = "DATABASE"
     object_name = snowflake_database.this.name

variables.tf

@@ -126,6 +126,7 @@ variable "roles" {
       context_template_name = optional(string)
       replace_chars_regex   = optional(string)
       extra_labels          = optional(map(string))
+      uppercase             = optional(bool)
     }))
     comment              = optional(string)
     role_ownership_grant = optional(string)
@@ -167,6 +168,7 @@ variable "schemas" {
       context_template_name = optional(string)
       replace_chars_regex   = optional(string)
       extra_labels          = optional(map(string))
+      uppercase             = optional(bool)
     }))
     skip_schema_creation                          = optional(bool, false)
     comment                                       = optional(string, null)
@@ -197,6 +199,7 @@ variable "schemas" {
         context_template_name = optional(string)
         replace_chars_regex   = optional(string)
         extra_labels          = optional(map(string))
+        uppercase             = optional(bool)
       }))
       aws_external_id      = optional(string)
       comment              = optional(string)
@@ -216,6 +219,7 @@ variable "schemas" {
           context_template_name = optional(string)
           replace_chars_regex   = optional(string)
           extra_labels          = optional(map(string))
+          uppercase             = optional(bool)
         }))
         with_grant_option         = optional(bool)
         granted_to_roles          = optional(list(string))
@@ -232,6 +236,7 @@ variable "schemas" {
         context_template_name = optional(string)
         replace_chars_regex   = optional(string)
         extra_labels          = optional(map(string))
+        uppercase             = optional(bool)
       }))
       comment                   = optional(string)
       granted_to_roles          = optional(list(string))
@@ -275,13 +280,15 @@ variable "name_scheme" {
     - `context_template_name` - name of the context template used to create the name
     - `replace_chars_regex` - regex to use for replacing characters in property-values created by the provider - any characters that match the regex will be removed from the name
     - `extra_values` - map of extra label-value pairs, used to create a name
+    - `uppercase` - convert name to uppercase
   EOT
   type = object({
     properties            = optional(list(string), ["environment", "name"])
     delimiter             = optional(string, "_")
     context_template_name = optional(string, "snowflake-database")
     replace_chars_regex   = optional(string, "[^a-zA-Z0-9_]")
     extra_values          = optional(map(string))
+    uppercase             = optional(bool, true)
   })
   default = {}
 }

versions.tf

@@ -3,7 +3,7 @@ terraform {
   required_providers {
     snowflake = {
       source  = "Snowflake-Labs/snowflake"
-      version = "~> 0.95"
+      version = ">= 0.95"
     }
     context = {
       source  = "cloudposse/context"