fix: update github action and readme and terraform version (#20)

* fix: update github action and readme and terraform version * fix: update terraform version
clouddrove · Oct 13, 2023 · 163ddce · 163ddce
1 parent 2bab8c3
commit 163ddce
Show file tree

Hide file tree

Showing 19 changed files with 130 additions and 92 deletions.
diff --git a/.editorconfig b/.editorconfig
@@ -0,0 +1,30 @@
+# EditorConfig is awesome: http://EditorConfig.org
+# Uses editorconfig to maintain consistent coding styles
+
+# top-most EditorConfig file
+root = true
+
+# Unix-style newlines with a newline ending every file
+[*]
+charset = utf-8
+end_of_line = lf
+indent_size = 2
+indent_style = space
+insert_final_newline = true
+max_line_length = 80
+trim_trailing_whitespace = true
+
+[*.{tf,tfvars}]
+indent_size = 2
+indent_style = space
+
+[*.md]
+max_line_length = 0
+trim_trailing_whitespace = false
+
+[Makefile]
+tab_width = 2
+indent_style = tab
+
+[COMMIT_EDITMSG]
+max_line_length = 0
diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
@@ -0,0 +1,2 @@
+# These owners will be the default owners for everything in the repo.
+*    @anmolnagpal @clouddrove/approvers @clouddrove-ci
diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md
@@ -0,0 +1,12 @@
+## what
+* Describe high-level what changed as a result of these commits (i.e. in plain-english, what do these changes mean?)
+* Use bullet points to be concise and to the point.
+
+## why
+* Provide the justifications for the changes (e.g. business case).
+* Describe why these changes were made (e.g. why do these commits fix the problem?)
+* Use bullet points to be concise and to the point.
+
+## references
+* Link to any supporting jira issues or helpful documentation to add some context (e.g. stackoverflow).
+* Use `closes #123`, if this PR closes a Jira issue `#123`
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -5,6 +5,17 @@
 
 version: 2
 updates:
+
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"
+    open-pull-requests-limit: 3
+    assignees:
+      - "clouddrove-ci"
+    reviewers:
+      - "approvers"
+
   - package-ecosystem: "terraform" # See documentation for possible values
     directory: "/" # Location of package manifests
     schedule:
@@ -15,13 +26,18 @@ updates:
     # Add reviewer
     reviewers:
       - "approvers"
+    # Allow up to 3 open pull requests for pip dependencies
+    open-pull-requests-limit: 3
+
   - package-ecosystem: "terraform" # See documentation for possible values
-    directory: "_example/complete/" # Location of package manifests
+    directory: "/_example/complete" # Location of package manifests
     schedule:
       interval: "weekly"
     # Add assignees
     assignees:
       - "clouddrove-ci"
     # Add reviewer
     reviewers:
-      - "approvers"
+      - "approvers"
+    # Allow up to 3 open pull requests for pip dependencies
+    open-pull-requests-limit: 3
diff --git a/.github/workflows/auto_assignee.yml b/.github/workflows/auto_assignee.yml
@@ -5,8 +5,8 @@ on:
   workflow_dispatch:
 jobs:
   assignee:
-    uses: clouddrove/github-shared-workflows/.github/workflows/auto_assignee.yml@master
+    uses: clouddrove/github-shared-workflows/.github/workflows/auto_assignee.yml@1.0.6
     secrets:
       GITHUB: ${{ secrets.GITHUB }}
     with:
-      assignees: 'clouddrove-ci'
+      assignees: 'clouddrove-ci'
diff --git a/.github/workflows/changelog.yml b/.github/workflows/changelog.yml
@@ -7,7 +7,7 @@ on:
   workflow_dispatch:
 jobs:
   changelog:
-    uses: clouddrove/github-shared-workflows/.github/workflows/changelog.yml@master
+    uses: clouddrove/github-shared-workflows/.github/workflows/changelog.yml@1.0.6
     secrets: inherit
     with:
-      branch: 'master'
+      branch: 'master'
diff --git a/.github/workflows/readme.yml b/.github/workflows/readme.yml
@@ -17,14 +17,13 @@ jobs:
           python-version: '3.x'
 
       - name: 'create readme'
-        uses: 'clouddrove/github-actions@v9.0.2'
+        uses: 'clouddrove/github-actions@9.0.3'
         with:
           actions_subcommand: 'readme'
           github_token: '${{ secrets.GITHUB }}'
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
-
       - name: 'pre-commit check errors'
         uses: pre-commit/[email protected]
         continue-on-error: true
@@ -34,7 +33,7 @@ jobs:
         continue-on-error: true
 
       - name: 'push readme'
-        uses: 'clouddrove/github-actions@v9.0.2'
+        uses: 'clouddrove/github-actions@9.0.3'
         continue-on-error: true
         with:
           actions_subcommand: 'push'
@@ -50,4 +49,4 @@ jobs:
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # required
           SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_TERRAFORM }} # required
-        if: always()
+        if: always()
diff --git a/.github/workflows/tf-checks.yml b/.github/workflows/tf-checks.yml
@@ -5,7 +5,7 @@ on:
   pull_request:
   workflow_dispatch:
 jobs:
-  tf-checks-complete-example:
-    uses: clouddrove/github-shared-workflows/.github/workflows/tf-checks.yml@master
+  complete-example:
+    uses: clouddrove/github-shared-workflows/.github/workflows/tf-checks.yml@1.0.6
     with:
       working_directory: './_example/complete/'
diff --git a/.github/workflows/tflint.yml b/.github/workflows/tflint.yml
@@ -6,6 +6,6 @@ on:
   workflow_dispatch:
 jobs:
   tf-lint:
-    uses: clouddrove/github-shared-workflows/.github/workflows/tf-lint.yml@master
+    uses: clouddrove/github-shared-workflows/.github/workflows/tf-lint.yml@1.0.6
     secrets:
-      GITHUB: ${{ secrets.GITHUB }}
+      GITHUB: ${{ secrets.GITHUB }}
diff --git a/.github/workflows/tfsec.yml b/.github/workflows/tfsec.yml
@@ -5,7 +5,7 @@ on:
   workflow_dispatch:
 jobs:
   tfsec:
-    uses: clouddrove/github-shared-workflows/.github/workflows/tfsec.yml@master
+    uses: clouddrove/github-shared-workflows/.github/workflows/tfsec.yml@1.0.6
     secrets: inherit
     with:
-      working_directory: '.'
+      working_directory: '.'
diff --git a/README.yaml b/README.yaml
@@ -15,21 +15,18 @@ github_repo: clouddrove/terraform-aws-iam-role
 
 # Badges to display
 badges:
-  - name: "Terraform"
-    image: "https://img.shields.io/badge/Terraform-v1.1.7-green"
-    url: "https://www.terraform.io"
-  - name: "Licence"
-    image: "https://img.shields.io/badge/License-APACHE-blue.svg"
-    url: "LICENSE.md"
+  - name: "Latest Release"
+    image: "https://img.shields.io/github/release/clouddrove/terraform-aws-iam-role.svg"
+    url: "https://github.com/clouddrove/terraform-aws-iam-role/releases/latest"
   - name: "tfsec"
     image: "https://github.com/clouddrove/terraform-aws-iam-role/actions/workflows/tfsec.yml/badge.svg"
     url: "https://github.com/clouddrove/terraform-aws-iam-role/actions/workflows/tfsec.yml"
-  - name: "static-checks"
-    image: "https://github.com/clouddrove/terraform-aws-iam-role/actions/workflows/terraform.yml/badge.svg"
-    url: "https://github.com/clouddrove/terraform-aws-iam-role/actions/workflows/terraform.yml"
+  - name: "Licence"
+    image: "https://img.shields.io/badge/License-APACHE-blue.svg"
+    url: "LICENSE.md"
 
 prerequesties:
-  - name: Terraform 1.5.4
+  - name: Terraform 1.5.6
     url: https://learn.hashicorp.com/terraform/getting-started/install.html
 
 #  description of this project
@@ -47,21 +44,19 @@ usage: |-
   ### Simple example
   Here is an example of how you can use this module in your inventory structure:
   ```hcl
-        module "iam-role" {
+      module "iam-role" {
         source              = "clouddrove/iam-role/aws"
-        version             = "1.3.0"
-
-        name                = "iam-role"
-        application         = "clouddrove"
-        environment         = "test"
-        label_order         = ["environment", "name"]
-        assume_role_policy  = data.aws_iam_policy_document.default.json
-        managed_policy_arns = 
-        policy_enabled      = true
-        policy              = data.aws_iam_policy_document.iam-policy.json
+        name               = local.name
+        environment        = local.environment
+        assume_role_policy = data.aws_iam_policy_document.default.json
+        policy_enabled     = true
+        policy             = data.aws_iam_policy_document.iam-policy.json
       }
 
-        data "aws_iam_policy_document" "default" {
+      ##-----------------------------------------------------------------------------
+      ## Data block to create IAM policy.
+      ##-----------------------------------------------------------------------------
+      data "aws_iam_policy_document" "default" {
         statement {
         effect  = "Allow"
         actions = ["sts:AssumeRole"]
@@ -72,14 +67,17 @@ usage: |-
         }
       }
 
-        data "aws_iam_policy_document" "iam-policy" {
+      ##-----------------------------------------------------------------------------
+      ## Data block to create IAM policy.
+      ##-----------------------------------------------------------------------------
+      data "aws_iam_policy_document" "iam-policy" {
         statement {
         actions = [
         "ssm:UpdateInstanceInformation",
         "ssmmessages:CreateControlChannel",
         "ssmmessages:CreateDataChannel",
         "ssmmessages:OpenControlChannel",
-        "ssmmessages:OpenDataChannel"    ]
+        "ssmmessages:OpenDataChannel"]
         effect    = "Allow"
         resources = ["*"]
         }

diff --git a/_example/complete/example.tf b/_example/complete/example.tf
@@ -2,13 +2,18 @@ provider "aws" {
   region = "eu-west-1"
 }
 
+locals {
+  name        = "role"
+  environment = "test"
+}
+
 ##----------------------------------------------------------------------------- 
 ## IAM role module call.   
 ##-----------------------------------------------------------------------------
 module "iam-role" {
   source             = "./../../"
-  name               = "iam"
-  environment        = "test"
+  name               = local.name
+  environment        = local.environment
   assume_role_policy = data.aws_iam_policy_document.default.json
   policy_enabled     = true
   policy             = data.aws_iam_policy_document.iam-policy.json

diff --git a/_example/complete/outputs.tf b/_example/complete/outputs.tf
@@ -1,10 +1,10 @@
 output "name" {
-  value       = module.iam-role.*.name
+  value       = module.iam-role.name
   description = "Name of the role."
 }
 
 output "arn" {
-  value       = module.iam-role.*.arn
+  value       = module.iam-role.arn
   description = "The Amazon Resource Name (ARN) specifying the role."
 }
 

diff --git a/_example/complete/versions.tf b/_example/complete/versions.tf
@@ -0,0 +1,11 @@
+# Terraform version
+terraform {
+  required_version = ">= 1.6.1"
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 5.20.1"
+    }
+  }
+}
diff --git a/_test/iam_role_test.go b/_test/iam_role_test.go
diff --git a/main.tf b/main.tf
@@ -1,7 +1,4 @@
-# Managed By : CloudDrove 
-# Copyright @ CloudDrove. All Right Reserved.
-
-##----------------------------------------------------------------------------- 
+##-----------------------------------------------------------------------------
 ## Labels module callled that will be used for naming and tags.   
 ##-----------------------------------------------------------------------------
 module "labels" {
@@ -38,7 +35,7 @@ resource "aws_iam_role" "default" {
 resource "aws_iam_role_policy" "default" {
   count  = var.enabled && var.policy_enabled && var.policy_arn == "" ? 1 : 0
   name   = format("%s-policy", module.labels.id)
-  role   = aws_iam_role.default.*.id[0]
+  role   = aws_iam_role.default[0].id
   policy = var.policy
 }
 
@@ -47,6 +44,6 @@ resource "aws_iam_role_policy" "default" {
 ##-----------------------------------------------------------------------------
 resource "aws_iam_role_policy_attachment" "default" {
   count      = var.enabled && var.policy_enabled && var.policy_arn != "" ? 1 : 0
-  role       = aws_iam_role.default.*.id[0]
+  role       = aws_iam_role.default[0].id
   policy_arn = var.policy_arn
 }
diff --git a/outputs.tf b/outputs.tf
@@ -1,7 +1,7 @@
 # Module      : Iam Role
 # Description : Terraform module to create Iam Role resource on AWS.
 output "arn" {
-  value       = join("", aws_iam_role.default.*.arn)
+  value       = aws_iam_role.default[0].arn
   description = "The Amazon Resource Name (ARN) specifying the role."
 }
 
@@ -11,16 +11,16 @@ output "tags" {
 }
 
 output "name" {
-  value       = join("", aws_iam_role.default.*.name)
+  value       = aws_iam_role.default[0].name
   description = "Name of specifying the role."
 }
 
 output "policy" {
-  value       = join("", aws_iam_role_policy.default.*.policy)
+  value       = aws_iam_role_policy.default[0].policy
   description = "The policy document attached to the role."
 }
 
 output "role" {
-  value       = join("", aws_iam_role_policy.default.*.role)
+  value       = aws_iam_role_policy.default[0].role
   description = "The name of the role associated with the policy."
 }