may whitespace aid not hinder comprehension

casperdcl · casperdcl · commit 802da6a0ceaf · 2022-03-17T00:57:49.000Z
diff --git a/docs/guides/permissions/aws/main.tf b/docs/guides/permissions/aws/main.tf
@@ -15,11 +15,9 @@ provider "aws" {
 resource "aws_iam_user" "task" {
   name = "task"
 }
-
 resource "aws_iam_access_key" "task" {
   user = aws_iam_user.task.name
 }
-
 resource "aws_iam_user_policy" "task" {
   name   = aws_iam_user.task.name
   user   = aws_iam_user.task.name
@@ -77,7 +75,6 @@ data "aws_iam_policy_document" "task" {
 output "aws_access_key_id" {
   value = aws_iam_access_key.task.id
 }
-
 output "aws_secret_access_key" {
   value     = aws_iam_access_key.task.secret
   sensitive = true
diff --git a/docs/guides/permissions/az/main.tf b/docs/guides/permissions/az/main.tf
@@ -6,30 +6,25 @@ terraform {
 }
 
 provider "azuread" {}
-
 provider "azurerm" {
   features {}
 }
 
 data "azuread_client_config" "current" {}
-
 data "azurerm_subscription" "current" {}
 
 resource "azuread_application" "task" {
   display_name = "task"
   owners       = [data.azuread_client_config.current.object_id]
 }
-
 resource "azuread_application_password" "task" {
   application_object_id = azuread_application.task.object_id
 }
-
 resource "azuread_service_principal" "task" {
   application_id               = azuread_application.task.application_id
   app_role_assignment_required = false
   owners                       = [data.azuread_client_config.current.object_id]
 }
-
 resource "azurerm_role_definition" "task" {
   name  = azuread_application.task.display_name
   scope = data.azurerm_subscription.current.id
@@ -88,7 +83,6 @@ resource "azurerm_role_definition" "task" {
     ]
   }
 }
-
 resource "azurerm_role_assignment" "task" {
   name               = azurerm_role_definition.task.name
   principal_id       = azuread_service_principal.task.object_id
@@ -99,15 +93,12 @@ resource "azurerm_role_assignment" "task" {
 output "azure_subscription_id" {
   value = basename(data.azurerm_subscription.current.id)
 }
-
 output "azure_tenant_id" {
   value = data.azurerm_subscription.current.tenant_id
 }
-
 output "azure_client_id" {
   value = azuread_application.task.application_id
 }
-
 output "azure_client_secret" {
   value     = azuread_application_password.task.value
   sensitive = true
diff --git a/docs/guides/permissions/gcp/main.tf b/docs/guides/permissions/gcp/main.tf
@@ -17,17 +17,14 @@ data "google_project" "current" {}
 resource "google_service_account" "task" {
   account_id = "task-service-account"
 }
-
 resource "google_service_account_key" "task" {
   service_account_id = google_service_account.task.email
 }
-
 resource "google_project_iam_binding" "task" {
   project = data.google_project.current.project_id
   role    = "projects/${data.google_project.current.project_id}/roles/${google_project_iam_custom_role.task.role_id}"
   members = ["serviceAccount:${google_service_account.task.email}"]
 }
-
 resource "google_project_iam_custom_role" "task" {
   role_id = replace("${google_service_account.task.account_id}-role", "-", "_")
   title   = replace("${google_service_account.task.account_id}-role", "-", "_")
diff --git a/docs/guides/permissions/k8s/kubeconfig.sh b/docs/guides/permissions/k8s/kubeconfig.sh
@@ -1,21 +1,9 @@
 #!/bin/bash
 set -euxo pipefail
-SERVER="$(
-  kubectl config view --raw --flatten --output \
-    jsonpath='{.clusters[0].cluster.server}'
-)"
-AUTHORITY="$(
-  kubectl config view --raw --flatten --output \
-    jsonpath='{.clusters[0].cluster.certificate-authority-data}'
-)"
-SECRET="$(
-  kubectl get serviceaccount task --output \
-    jsonpath="{.secrets[0].name}"
-)"
-TOKEN="$(
-  kubectl get secret "$SECRET" --output \
-    jsonpath="{.data.token}" | base64 --decode
-)"
+SERVER="$(kubectl config view --raw --flatten --output jsonpath='{.clusters[0].cluster.server}')"
+AUTHORITY="$(kubectl config view --raw --flatten --output jsonpath='{.clusters[0].cluster.certificate-authority-data}')"
+SECRET="$(kubectl get serviceaccount task --output jsonpath="{.secrets[0].name}")"
+TOKEN="$(kubectl get secret "$SECRET" --output jsonpath="{.data.token}" | base64 --decode)"
 export KUBECONFIG="$(mktemp)"
 {
   kubectl config set-cluster cluster --server="https://$SERVER"
@@ -24,4 +12,5 @@ export KUBECONFIG="$(mktemp)"
   kubectl config set-context cluster --cluster=cluster --user=task
   kubectl config use-context cluster
 } >/dev/null
-cat "$KUBECONFIG" && rm "$KUBECONFIG"
+cat "$KUBECONFIG"
+rm "$KUBECONFIG"

Original file line number	Diff line number	Diff line change
`@@ -15,11 +15,9 @@ provider "aws" {`
`15`	`15`	`resource "aws_iam_user" "task" {`
`16`	`16`	`name = "task"`
`17`	`17`	`}`
`18`		`-`
`19`	`18`	`resource "aws_iam_access_key" "task" {`
`20`	`19`	`user = aws_iam_user.task.name`
`21`	`20`	`}`
`22`		`-`
`23`	`21`	`resource "aws_iam_user_policy" "task" {`
`24`	`22`	`name = aws_iam_user.task.name`
`25`	`23`	`user = aws_iam_user.task.name`
`@@ -77,7 +75,6 @@ data "aws_iam_policy_document" "task" {`
`77`	`75`	`output "aws_access_key_id" {`
`78`	`76`	`value = aws_iam_access_key.task.id`
`79`	`77`	`}`
`80`		`-`
`81`	`78`	`output "aws_secret_access_key" {`
`82`	`79`	`value = aws_iam_access_key.task.secret`
`83`	`80`	`sensitive = true`
Original file line number	Diff line number	Diff line change
`@@ -6,30 +6,25 @@ terraform {`
`6`	`6`	`}`
`7`	`7`
`8`	`8`	`provider "azuread" {}`
`9`		`-`
`10`	`9`	`provider "azurerm" {`
`11`	`10`	`features {}`
`12`	`11`	`}`
`13`	`12`
`14`	`13`	`data "azuread_client_config" "current" {}`
`15`		`-`
`16`	`14`	`data "azurerm_subscription" "current" {}`
`17`	`15`
`18`	`16`	`resource "azuread_application" "task" {`
`19`	`17`	`display_name = "task"`
`20`	`18`	`owners = [data.azuread_client_config.current.object_id]`
`21`	`19`	`}`
`22`		`-`
`23`	`20`	`resource "azuread_application_password" "task" {`
`24`	`21`	`application_object_id = azuread_application.task.object_id`
`25`	`22`	`}`
`26`		`-`
`27`	`23`	`resource "azuread_service_principal" "task" {`
`28`	`24`	`application_id = azuread_application.task.application_id`
`29`	`25`	`app_role_assignment_required = false`
`30`	`26`	`owners = [data.azuread_client_config.current.object_id]`
`31`	`27`	`}`
`32`		`-`
`33`	`28`	`resource "azurerm_role_definition" "task" {`
`34`	`29`	`name = azuread_application.task.display_name`
`35`	`30`	`scope = data.azurerm_subscription.current.id`
`@@ -88,7 +83,6 @@ resource "azurerm_role_definition" "task" {`
`88`	`83`	`]`
`89`	`84`	`}`
`90`	`85`	`}`
`91`		`-`
`92`	`86`	`resource "azurerm_role_assignment" "task" {`
`93`	`87`	`name = azurerm_role_definition.task.name`
`94`	`88`	`principal_id = azuread_service_principal.task.object_id`
`@@ -99,15 +93,12 @@ resource "azurerm_role_assignment" "task" {`
`99`	`93`	`output "azure_subscription_id" {`
`100`	`94`	`value = basename(data.azurerm_subscription.current.id)`
`101`	`95`	`}`
`102`		`-`
`103`	`96`	`output "azure_tenant_id" {`
`104`	`97`	`value = data.azurerm_subscription.current.tenant_id`
`105`	`98`	`}`
`106`		`-`
`107`	`99`	`output "azure_client_id" {`
`108`	`100`	`value = azuread_application.task.application_id`
`109`	`101`	`}`
`110`		`-`
`111`	`102`	`output "azure_client_secret" {`
`112`	`103`	`value = azuread_application_password.task.value`
`113`	`104`	`sensitive = true`
Original file line number	Diff line number	Diff line change
`@@ -17,17 +17,14 @@ data "google_project" "current" {}`
`17`	`17`	`resource "google_service_account" "task" {`
`18`	`18`	`account_id = "task-service-account"`
`19`	`19`	`}`
`20`		`-`
`21`	`20`	`resource "google_service_account_key" "task" {`
`22`	`21`	`service_account_id = google_service_account.task.email`
`23`	`22`	`}`
`24`		`-`
`25`	`23`	`resource "google_project_iam_binding" "task" {`
`26`	`24`	`project = data.google_project.current.project_id`
`27`	`25`	`role = "projects/${data.google_project.current.project_id}/roles/${google_project_iam_custom_role.task.role_id}"`
`28`	`26`	`members = ["serviceAccount:${google_service_account.task.email}"]`
`29`	`27`	`}`
`30`		`-`
`31`	`28`	`resource "google_project_iam_custom_role" "task" {`
`32`	`29`	`role_id = replace("${google_service_account.task.account_id}-role", "-", "_")`
`33`	`30`	`title = replace("${google_service_account.task.account_id}-role", "-", "_")`