diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml new file mode 100644 index 0000000..a67ca90 --- /dev/null +++ b/.github/workflows/terraform.yml @@ -0,0 +1,115 @@ +name: 'Terraform GitHub Actions' +on: + - pull_request + +jobs: + terraform: + name: 'Terraform' + runs-on: ubuntu-latest + steps: + + - name: 'Checkout' + uses: actions/checkout@master + + - name: 'Terraform Format' + uses: clouddrove/github-actions@v2.0 + with: + actions_subcommand: 'fmt' + + - name: 'Terraform Init for default-s3' + uses: clouddrove/github-actions@v2.0 + with: + actions_subcommand: 'init' + tf_actions_working_dir: ./_example/default-s3 + + - name: 'Terraform Init for encryption-s3' + uses: clouddrove/github-actions@v2.0 + with: + actions_subcommand: 'init' + tf_actions_working_dir: ./_example/encryption-s3 + + - name: 'Terraform Init for logging-s3' + uses: clouddrove/github-actions@v2.0 + with: + actions_subcommand: 'init' + tf_actions_working_dir: ./_example/logging-s3 + + - name: 'Terraform Init For website-s3' + uses: clouddrove/github-actions@v2.0 + with: + actions_subcommand: 'init' + tf_actions_working_dir: ./_example/website-s3 + + - name: Configure AWS Credentials + uses: clouddrove/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: us-east-2 + + - name: 'Terraform Plan For default-s3' + uses: clouddrove/github-actions@v2.0 + with: + actions_subcommand: 'plan' + tf_actions_working_dir: ./_example/default-s3 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: 'Terraform Plan for encryption-s3' + uses: clouddrove/github-actions@v2.0 + with: + actions_subcommand: 'plan' + tf_actions_working_dir: ./_example/encryption-s3 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: 'Terraform Plan for logging-s3' + uses: clouddrove/github-actions@v2.0 + with: + actions_subcommand: 'plan' + tf_actions_working_dir: ./_example/logging-s3 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: 'Terraform Plan For website-s3' + uses: clouddrove/github-actions@v2.0 + with: + actions_subcommand: 'plan' + tf_actions_working_dir: ./_example/website-s3 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: 'Terratest for default-s3' + uses: clouddrove/github-actions@v2.0 + with: + actions_subcommand: 'terratest' + tf_actions_working_dir: ./_test/default-s3 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: 'Terratest for encryption-s3' + uses: clouddrove/github-actions@v2.0 + with: + actions_subcommand: 'terratest' + tf_actions_working_dir: ./_test/encryption-s3 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: 'Terratest for website-s3' + uses: clouddrove/github-actions@v2.0 + with: + actions_subcommand: 'terratest' + tf_actions_working_dir: ./_test/website-s3 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: 'Slack Notification' + uses: clouddrove/action-slack@v2 + with: + status: ${{ job.status }} + fields: repo,author + author_name: 'Clouddrove' + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # required + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} # required + if: always() \ No newline at end of file diff --git a/README.md b/README.md index 6be1bd8..4749f63 100644 --- a/README.md +++ b/README.md @@ -70,12 +70,12 @@ Here are some examples of how you can use this module in your inventory structur ### Basic Bucket ```hcl module "s3_bucket" { - source = "https://github.com/clouddrove/terraform-aws-s3?ref=tags/0.12.2" + source = "https://github.com/clouddrove/terraform-aws-s3?ref=tags/0.12.3" name = "secure-bucket" region = "eu-west-1" application = "clouddrove" environment = "test" - label_order = ["environment", "name", "application"] + label_order = ["environment", "application", "name"] versioning = true acl = "private" bucket_enabled = true @@ -84,12 +84,12 @@ module "s3_bucket" { ### Encryption Bucket ```hcl module "s3_bucket" { - source = "https://github.com/clouddrove/terraform-aws-s3?ref=tags/0.12.2" + source = "https://github.com/clouddrove/terraform-aws-s3?ref=tags/0.12.3" name = "encryption-bucket" region = "eu-west-1" application = "clouddrove" environment = "test" - label_order = ["environment", "name", "application"] + label_order = ["environment", "application", "name"] versioning = true acl = "private" encryption_enabled = true @@ -99,12 +99,12 @@ module "s3_bucket" { ### Logging Bucket ```hcl module "s3_bucket" { - source = "https://github.com/clouddrove/terraform-aws-s3?ref=tags/0.12.2" + source = "https://github.com/clouddrove/terraform-aws-s3?ref=tags/0.12.3" name = "logging-bucket" region = "eu-west-1" application = "clouddrove" environment = "test" - label_order = ["environment", "name", "application"] + label_order = ["environment", "application", "name"] versioning = true acl = "private" bucket_logging_enabled = true @@ -115,12 +115,12 @@ module "s3_bucket" { ### Website Host Bucket ```hcl module "s3_bucket" { - source = "https://github.com/clouddrove/terraform-aws-s3?ref=tags/0.12.2" + source = "https://github.com/clouddrove/terraform-aws-s3?ref=tags/0.12.3" name = "website-bucket" region = "eu-west-1" application = "clouddrove" environment = "test" - label_order = ["environment", "name", "application"] + label_order = ["environment", "application", "name"] versioning = true acl = "private" website_hosting_bucket = true diff --git a/README.yaml b/README.yaml index 1128ae6..c16d22f 100644 --- a/README.yaml +++ b/README.yaml @@ -36,12 +36,12 @@ usage : |- ### Basic Bucket ```hcl module "s3_bucket" { - source = "https://github.com/clouddrove/terraform-aws-s3?ref=tags/0.12.2" + source = "https://github.com/clouddrove/terraform-aws-s3?ref=tags/0.12.3" name = "secure-bucket" region = "eu-west-1" application = "clouddrove" environment = "test" - label_order = ["environment", "name", "application"] + label_order = ["environment", "application", "name"] versioning = true acl = "private" bucket_enabled = true @@ -50,12 +50,12 @@ usage : |- ### Encryption Bucket ```hcl module "s3_bucket" { - source = "https://github.com/clouddrove/terraform-aws-s3?ref=tags/0.12.2" + source = "https://github.com/clouddrove/terraform-aws-s3?ref=tags/0.12.3" name = "encryption-bucket" region = "eu-west-1" application = "clouddrove" environment = "test" - label_order = ["environment", "name", "application"] + label_order = ["environment", "application", "name"] versioning = true acl = "private" encryption_enabled = true @@ -65,12 +65,12 @@ usage : |- ### Logging Bucket ```hcl module "s3_bucket" { - source = "https://github.com/clouddrove/terraform-aws-s3?ref=tags/0.12.2" + source = "https://github.com/clouddrove/terraform-aws-s3?ref=tags/0.12.3" name = "logging-bucket" region = "eu-west-1" application = "clouddrove" environment = "test" - label_order = ["environment", "name", "application"] + label_order = ["environment", "application", "name"] versioning = true acl = "private" bucket_logging_enabled = true @@ -81,12 +81,12 @@ usage : |- ### Website Host Bucket ```hcl module "s3_bucket" { - source = "https://github.com/clouddrove/terraform-aws-s3?ref=tags/0.12.2" + source = "https://github.com/clouddrove/terraform-aws-s3?ref=tags/0.12.3" name = "website-bucket" region = "eu-west-1" application = "clouddrove" environment = "test" - label_order = ["environment", "name", "application"] + label_order = ["environment", "application", "name"] versioning = true acl = "private" website_hosting_bucket = true diff --git a/_example/default-s3/example.tf b/_example/default-s3/example.tf index 2ad606e..128722f 100644 --- a/_example/default-s3/example.tf +++ b/_example/default-s3/example.tf @@ -3,12 +3,12 @@ provider "aws" { } module "s3_bucket" { - source = "git::https://github.com/clouddrove/terraform-aws-s3.git?ref=tags/0.12.2" + source = "./../../" name = "secure-bucket" application = "clouddrove" environment = "test" - label_order = ["environment", "name", "application"] + label_order = ["environment", "application", "name"] region = "eu-west-1" versioning = true diff --git a/_example/encryption-s3/example.tf b/_example/encryption-s3/example.tf index 06e9ec1..b309714 100644 --- a/_example/encryption-s3/example.tf +++ b/_example/encryption-s3/example.tf @@ -3,12 +3,12 @@ provider "aws" { } module "s3_bucket" { - source = "git::https://github.com/clouddrove/terraform-aws-s3.git?ref=tags/0.12.2" + source = "./../../" name = "encryption-bucket" application = "clouddrove" environment = "test" - label_order = ["environment", "name", "application"] + label_order = ["environment", "application", "name"] region = "eu-west-1" versioning = true diff --git a/_example/logging-s3/example.tf b/_example/logging-s3/example.tf index f6dbc58..a0b94ca 100644 --- a/_example/logging-s3/example.tf +++ b/_example/logging-s3/example.tf @@ -3,12 +3,12 @@ provider "aws" { } module "s3_bucket" { - source = "git::https://github.com/clouddrove/terraform-aws-s3.git?ref=tags/0.12.2" + source = "./../../" name = "logging-bucket" application = "clouddrove" environment = "test" - label_order = ["environment", "name", "application"] + label_order = ["environment", "application", "name"] region = "eu-west-1" versioning = true diff --git a/_example/website-s3/example.tf b/_example/website-s3/example.tf index 478a9ce..c43cb51 100644 --- a/_example/website-s3/example.tf +++ b/_example/website-s3/example.tf @@ -3,12 +3,12 @@ provider "aws" { } module "s3_bucket" { - source = "git::https://github.com/clouddrove/terraform-aws-s3.git?ref=tags/0.12.2" + source = "./../../" name = "website-bucket" application = "clouddrove" environment = "test" - label_order = ["environment", "name", "application"] + label_order = ["environment", "application", "name"] region = "eu-west-1" versioning = true @@ -34,6 +34,6 @@ data "aws_iam_policy_document" "default" { identifiers = ["*"] } actions = ["s3:GetObject"] - resources = ["arn:aws:s3:::test-website-bucket-clouddrove/*"] + resources = ["arn:aws:s3:::test-clouddrove-website-bucket/*"] } } \ No newline at end of file diff --git a/_test/default-s3/s3_test.go b/_test/default-s3/s3_test.go index 3384c26..71bc74b 100644 --- a/_test/default-s3/s3_test.go +++ b/_test/default-s3/s3_test.go @@ -30,6 +30,6 @@ func Test(t *testing.T) { Tags := terraform.OutputMap(t, terraformOptions, "tags") // Verify we're getting back the outputs we expect - assert.Equal(t, "test-secure-bucket-clouddrove", s3BucketId) - assert.Equal(t, "test-secure-bucket-clouddrove", Tags["Name"]) + assert.Equal(t, "test-clouddrove-secure-bucket", s3BucketId) + assert.Equal(t, "test-clouddrove-secure-bucket", Tags["Name"]) } \ No newline at end of file diff --git a/_test/encryption-s3/s3_test.go b/_test/encryption-s3/s3_test.go index 23ff832..3780ece 100644 --- a/_test/encryption-s3/s3_test.go +++ b/_test/encryption-s3/s3_test.go @@ -30,6 +30,6 @@ func Test(t *testing.T) { Tags := terraform.OutputMap(t, terraformOptions, "tags") // Verify we're getting back the outputs we expect - assert.Equal(t, "test-encryption-bucket-clouddrove", s3BucketId) - assert.Equal(t, "test-encryption-bucket-clouddrove", Tags["Name"]) + assert.Equal(t, "test-clouddrove-encryption-bucket", s3BucketId) + assert.Equal(t, "test-clouddrove-encryption-bucket", Tags["Name"]) } \ No newline at end of file diff --git a/_test/logging-s3/s3_test.go b/_test/logging-s3/s3_test.go index 81bed6a..d4051bd 100644 --- a/_test/logging-s3/s3_test.go +++ b/_test/logging-s3/s3_test.go @@ -30,6 +30,6 @@ func Test(t *testing.T) { Tags := terraform.OutputMap(t, terraformOptions, "tags") // Verify we're getting back the outputs we expect - assert.Equal(t, "test-logging-bucket-clouddrove", s3BucketId) - assert.Equal(t, "test-logging-bucket-clouddrove", Tags["Name"]) + assert.Equal(t, "test-clouddrove-logging-bucket", s3BucketId) + assert.Equal(t, "test-clouddrove-logging-bucket", Tags["Name"]) } \ No newline at end of file diff --git a/_test/website-s3/s3_test.go b/_test/website-s3/s3_test.go index 2214f00..1d22b8b 100644 --- a/_test/website-s3/s3_test.go +++ b/_test/website-s3/s3_test.go @@ -30,6 +30,6 @@ func Test(t *testing.T) { Tags := terraform.OutputMap(t, terraformOptions, "tags") // Verify we're getting back the outputs we expect - assert.Equal(t, "test-website-bucket-clouddrove", s3BucketId) - assert.Equal(t, "test-website-bucket-clouddrove", Tags["Name"]) + assert.Equal(t, "test-clouddrove-website-bucket", s3BucketId) + assert.Equal(t, "test-clouddrove-website-bucket", Tags["Name"]) } \ No newline at end of file diff --git a/outputs.tf b/outputs.tf index 4de7f21..b846c56 100644 --- a/outputs.tf +++ b/outputs.tf @@ -2,19 +2,19 @@ # Description : Terraform module to create default S3 bucket with logging and encryption # type specific features. output "id" { - value = var.bucket_enabled ? join("", aws_s3_bucket.s3_default.*.id) : (var.website_hosting_bucket ? join("", aws_s3_bucket.s3_website.*.id) : (var.bucket_logging_enabled ? join("", aws_s3_bucket.s3_logging.*.id) : join("", aws_s3_bucket.s3_encryption.*.id))) + value = var.bucket_enabled ? join("", aws_s3_bucket.s3_default.*.id) : (var.website_hosting_bucket ? join("", aws_s3_bucket.s3_website.*.id) : (var.bucket_logging_enabled ? join("", aws_s3_bucket.s3_logging.*.id) : join("", aws_s3_bucket.s3_encryption.*.id))) description = "The ID of the s3 bucket." } output "arn" { - value = var.bucket_enabled ? join("", aws_s3_bucket.s3_default.*.arn) : (var.website_hosting_bucket ? join("", aws_s3_bucket.s3_website.*.arn) : (var.bucket_logging_enabled ? join("", aws_s3_bucket.s3_logging.*.arn) : join("", aws_s3_bucket.s3_encryption.*.arn))) + value = var.bucket_enabled ? join("", aws_s3_bucket.s3_default.*.arn) : (var.website_hosting_bucket ? join("", aws_s3_bucket.s3_website.*.arn) : (var.bucket_logging_enabled ? join("", aws_s3_bucket.s3_logging.*.arn) : join("", aws_s3_bucket.s3_encryption.*.arn))) description = "The ARN of the s3 bucket." } output "bucket_domain_name" { - value = var.bucket_enabled ? join("", aws_s3_bucket.s3_default.*.bucket_domain_name) : (var.website_hosting_bucket ? join("", aws_s3_bucket.s3_website.*.bucket_domain_name) : (var.bucket_logging_enabled ? join("", aws_s3_bucket.s3_logging.*.bucket_domain_name) : join("", aws_s3_bucket.s3_encryption.*.bucket_domain_name))) + value = var.bucket_enabled ? join("", aws_s3_bucket.s3_default.*.bucket_domain_name) : (var.website_hosting_bucket ? join("", aws_s3_bucket.s3_website.*.bucket_domain_name) : (var.bucket_logging_enabled ? join("", aws_s3_bucket.s3_logging.*.bucket_domain_name) : join("", aws_s3_bucket.s3_encryption.*.bucket_domain_name))) description = "The Domain of the s3 bucket." }