Merge pull request #24 from aws-ia/ephemeral_project-updates

Updates from project type

.checkov.yml → .config/.checkov.yml

@@ -1,5 +1,5 @@
-download-external-modules: False
-evaluate-variables: true
+download-external-modules: True
+evaluate-variables: True
 file:
 - 'tf.json'
 framework:

.config/.tfsec.yml

@@ -0,0 +1,3 @@
+{
+  "minimum_severity": "MEDIUM"
+}

.copier-answers.yml

@@ -1,6 +1,6 @@
 # This file is auto-generated, changes will be overwritten
-_commit: v0.0.8
-_src_path: /task/d8054634-017f-11ee-b538-a6e0baabaef0/projecttype
+_commit: v0.1.1
+_src_path: /task/d1f87790-0b99-11ee-8c8f-b23aa8435a4f/projecttype
 starting_version: v0.0.0
 version_file: VERSION
 

.pre-commit-config.yaml

@@ -10,7 +10,7 @@ repos:
     hooks:
       - id: terraform-docs-go
         args: 
-          - "--config=.terraform-docs.yaml"
+          - "--config=.config/.terraform-docs.yaml"
           - "--lockfile=false"
           - "--recursive"
           - "--recursive-path=examples/"

.project_automation/functional_tests/entrypoint.sh

@@ -16,7 +16,7 @@ echo "Running Checkov Analysis"
 terraform init
 terraform plan -out tf.plan
 terraform show -json tf.plan  > tf.json 
-checkov --download-external-modules true
+checkov --config-file ${PROJECT_PATH}/.config/.checkov.yml
 
 #********** Terratest execution **********
 echo "Running Terratest"

.project_automation/publication/entrypoint.sh

@@ -4,7 +4,6 @@
 # managed and local tasks always use these variables for the project and project type path
 PROJECT_PATH=${BASE_PATH}/project
 PROJECT_TYPE_PATH=${BASE_PATH}/projecttype
-git config --global --add safe.directory ${PROJECT_PATH}
 
 echo "[STAGE: Publication]"
 VERSION=$(cat VERSION)

.project_automation/static_tests/entrypoint.sh

@@ -4,7 +4,6 @@
 # managed and local tasks always use these variables for the project and project type path
 PROJECT_PATH=${BASE_PATH}/project
 PROJECT_TYPE_PATH=${BASE_PATH}/projecttype
-git config --global --add safe.directory ${PROJECT_PATH}
 
 echo "Starting Static Tests"
 
@@ -14,35 +13,43 @@ terraform validate
 
 #********** tflint ********************
 echo 'Starting tflint'
-tflint --init
-MYLINT=$(tflint --force)
+tflint --init --config ${PROJECT_PATH}/.config/.tflint.hcl
+MYLINT=$(tflint --force --config ${PROJECT_PATH}/.config/.tflint.hcl)
 if [ -z "$MYLINT" ]
 then
     echo "Success - tflint found no linting issues!"
 else
-    echo "Failure - tflint found linting issues!" 
+    echo "Failure - tflint found linting issues!"
     echo "$MYLINT"
     exit 1
 fi
 #********** tfsec *********************
-# tfsec will report to the console with success or Failure
-# therefore there is no need to provide such conditional stetements
 echo 'Starting tfsec'
-tfsec .
+MYTFSEC=$(tfsec . --config-file ${PROJECT_PATH}/.config/.tfsec.yml || true)
+if [[ $MYTFSEC == *"No problems detected!"* ]];
+then
+    echo "Success - tfsec found no security issues!"
+    echo "$MYTFSEC"
+else
+    echo "Failure - tfsec found security issues!"
+    echo "$MYTFSEC"
+    exit 1
+fi
+
 #********** Markdown Lint **************
 echo 'Starting markdown lint'
-MYMDL=$(mdl .header.md || true)
+MYMDL=$(mdl --config ${PROJECT_PATH}/.config/.mdlrc .header.md examples/*/.header.md || true)
 if [ -z "$MYMDL" ]
 then
     echo "Success - markdown lint found no linting issues!"
 else
-    echo "Failure - markdown lint found linting issues!" 
+    echo "Failure - markdown lint found linting issues!"
     echo "$MYMDL"
     exit 1
 fi
 #********** Terraform Docs *************
 echo 'Starting terraform-docs'
-TDOCS="$(terraform-docs --lockfile=false ./)"
+TDOCS="$(terraform-docs --config ${PROJECT_PATH}/.config/.terraform-docs.yaml --lockfile=false ./)"
 git add -N README.md
 GDIFF="$(git diff --compact-summary)"
 if [ -z "$GDIFF" ]
@@ -53,4 +60,4 @@ else
     exit 1
 fi
 #***************************************
-echo "End of Static Tests"
+echo "End of Static Tests"

examples/basic/README.md

@@ -0,0 +1,29 @@
+<!-- BEGIN_TF_DOCS -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.14.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 3.72.0 |
+| <a name="requirement_awscc"></a> [awscc](#requirement\_awscc) | >= 0.11.0 |
+
+## Providers
+
+No providers.
+
+## Modules
+
+No modules.
+
+## Resources
+
+No resources.
+
+## Inputs
+
+No inputs.
+
+## Outputs
+
+No outputs.
+<!-- END_TF_DOCS -->

examples/basic/main.tf

@@ -0,0 +1,5 @@
+#####################################################################################
+# Terraform module examples are meant to show an _example_ on how to use a module
+# per use-case. The code below should not be copied directly but referenced in order
+# to build your own root module that invokes this module
+#####################################################################################

examples/basic/providers.tf

@@ -0,0 +1,21 @@
+terraform {
+  required_version = ">= 0.14.0"
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 3.72.0"
+    }
+    awscc = {
+      source  = "hashicorp/awscc"
+      version = ">= 0.11.0"
+    }
+  }
+}
+
+provider "awscc" {
+  user_agent = [{
+    product_name    = "terraform-awscc-"
+    product_version = "0.0.1"
+    comment         = "V1/AWS-D69B4015/<github repo id>"
+  }]
+}

examples/service/.header.md

@@ -7,4 +7,4 @@ This example shows how you can use the VPC Lattice module to only create a Servi
 * The HTTPS listener has a *forward* as default action.
 * Three target groups (1 Instance and 2 Lambda types) without targets.
 
-In the `outputs.tf` file, you can see an example on how to obtain the Service Network information (DNS name, Service ID, and Listeners IDs).
+In the `outputs.tf` file, you can see an example on how to obtain the Service Network information (DNS name, Service ID, and Listeners IDs).

examples/service_association/.header.md

@@ -1,3 +1,3 @@
 # Amazon VPC Lattice - Example: Service Associations
 
-This example shows how you can use the VPC Lattice module to create Service Associations to an existing Service Network (created in a separate call of the VPC Lattice module). In the `outputs.tf` file, you can see an example on how to obtain the Services information (ID, DNS name, and Service Association ID).
+This example shows how you can use the VPC Lattice module to create Service Associations to an existing Service Network (created in a separate call of the VPC Lattice module). In the `outputs.tf` file, you can see an example on how to obtain the Services information (ID, DNS name, and Service Association ID).

examples/service_network/.header.md

@@ -1,3 +1,3 @@
 # Amazon VPC Lattice - Example: Service Network creation
 
-This example shows how you can use the VPC Lattice module to only create a Service Network - without other components. In the `outputs.tf` file, you can see an example on how to obtain the Service Network information (ID and ARN).
+This example shows how you can use the VPC Lattice module to only create a Service Network - without other components. In the `outputs.tf` file, you can see an example on how to obtain the Service Network information (ID and ARN).

examples/target_groups/.header.md

@@ -1,3 +1,3 @@
 # Amazon VPC Lattice - Example: Target Groups creation
 
-This example shows how you can use the VPC Lattice module to only create Target Groups and Target associations. In the `outputs.tf` file, you can see an example on how to obtain the Target Group ID.
+This example shows how you can use the VPC Lattice module to only create Target Groups and Target associations. In the `outputs.tf` file, you can see an example on how to obtain the Target Group ID.

examples/vpc_associations/.header.md

@@ -1,3 +1,3 @@
 # Amazon VPC Lattice - Example: VPC associations
 
-This example shows how you can use the VPC Lattice module to create VPC associations to an existing Service Network. Outside the module, the VPC Lattice Service Network and VPCs will be created, and the module will be used only for the VPC association creation. In the `outputs.tf` file, you can see an example on how to obtain the VPC association information (ID).
+This example shows how you can use the VPC Lattice module to create VPC associations to an existing Service Network. Outside the module, the VPC Lattice Service Network and VPCs will be created, and the module will be used only for the VPC association creation. In the `outputs.tf` file, you can see an example on how to obtain the VPC association information (ID).

test/examples_basic_test.go

@@ -0,0 +1,21 @@
+package test
+
+import (
+	"testing"
+
+	"github.com/gruntwork-io/terratest/modules/terraform"
+)
+
+func TestExamplesBasic(t *testing.T) {
+
+	terraformOptions := &terraform.Options{
+		TerraformDir: "../examples/basic",
+		// Vars: map[string]interface{}{
+		// 	"myvar":     "test",
+		// 	"mylistvar": []string{"list_item_1"},
+		// },
+	}
+
+	defer terraform.Destroy(t, terraformOptions)
+	terraform.InitAndApply(t, terraformOptions)
+}