Skip to content

Commit

Permalink
Merge pull request #6 from xoap-io/dev
Browse files Browse the repository at this point in the history
Added features set for synchronisation
  • Loading branch information
bbrauneck authored Mar 29, 2022
2 parents 1cdc4bd + 7efd883 commit aaae5cf
Show file tree
Hide file tree
Showing 12 changed files with 197 additions and 62 deletions.
2 changes: 0 additions & 2 deletions .github/config.yml

This file was deleted.

12 changes: 12 additions & 0 deletions .github/workflows/commit-message-validator.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
name: Commit linter
on:
pull_request:
branches: [main, master]
jobs:
commitlint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
- uses: wagoid/commitlint-github-action@v4
6 changes: 2 additions & 4 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,8 @@ override.tf.json
# Ignore CLI configuration files
.terraformrc
terraform.rc
.terraform.lock.hcl
.terraform

# MacOS General
.DS_Store
Expand Down Expand Up @@ -369,10 +371,6 @@ node_modules/
*.dsw
*.dsp

# Visual Studio 6 technical files
*.ncb
*.aps

# Visual Studio LightSwitch build output
**/*.HTMLClient/GeneratedArtifacts
**/*.DesktopClient/GeneratedArtifacts
Expand Down
10 changes: 7 additions & 3 deletions .pre-commit-config.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -34,16 +34,20 @@ repos:
- repo: https://github.com/antonbabenko/pre-commit-terraform
rev: v1.62.0
hooks:
- id: terraform_validate
- id: terraform_fmt
- id: terraform_tflint
- id: terraform_tfsec
- id: checkov
args:
- --args=--enable-plugin=aws
- id: terraform_docs
args:
- --hook-config=--path-to-file=README.md
- --hook-config=--add-to-existing-file=true
- --hook-config=--create-file-if-not-exist=true
- id: terraform_tfsec
- repo: https://github.com/Checkmarx/kics
rev: v1.5.4
hooks:
- id: kics
- repo: https://github.com/sirosen/check-jsonschema
rev: 0.13.0
hooks:
Expand Down
22 changes: 0 additions & 22 deletions .terraform.lock.hcl

This file was deleted.

68 changes: 51 additions & 17 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,18 +1,17 @@
# TERRAFORM-MODULE-TEMPLATE

[![Maintained](https://img.shields.io/badge/Maintained%20by-XOAP-success)](https://xoap.io)
[![Terraform](https://img.shields.io/badge/Terraform-%3E%3D1.0.0-blue)](https://terraform.io)
[![Terraform](https://img.shields.io/badge/Terraform-%3E%3D1.1.6-blue)](https://terraform.io)
[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)

- [Table of Contents](#table-of-contents)
- [Introduction](#introduction)
- [Guidelines](#guidelines)
- [Requirements](#requirements)
- [Providers](#providers)
- [Modules](#modules)
- [Resources](#resources)
- [Inputs](#inputs)
- [Outputs](#outputs)
# Table of Contents

- [Introduction](#introduction)
- [Guidelines](#guidelines)
- [Requirements](#requirements)
- [Providers](#providers)
- [Modules](#modules)
- [Resources](#resources)
- [Inputs](#inputs)
- [Outputs](#outputs)

---

Expand Down Expand Up @@ -61,6 +60,43 @@ Naming Conventions for Terraform resources must be used.

---

## Usage

### Installation

For the first ime using this template necessary tools need to be installed.
A script for PowerShell Core is provided under ./build/init.ps1

This script will install following dependencies:

- [pre-commit](https://github.com/pre-commit/pre-commit)
- [terraform-docs](https://github.com/terraform-docs/terraform-docs)
- [tflint](https://github.com/terraform-linters/tflint)
- [tfsec](https://github.com/aquasecurity/tfsec)
- [checkov](https://github.com/bridgecrewio/checkov)
- [terrascan](https://github.com/accurics/terrascan)
- [kics](https://github.com/Checkmarx/kics)

This script configures:

- global git template under ~/.git-template
- global pre-commit hooks for prepare-commit-msg and commit-msg under ~/.git-template/hooks
- github actions:
- linting and checks for pull requests from dev to master/main
- automatic tagging and release creation on pushes to master/main
- dependabot updates

It currently supports the automated installation for macOS. Support for Windows and Linux will be available soon.

### Synchronisation

We provided a script under ./build/sync_template.ps1 to fetch the latest changes from this template repository.
Please be aware that this is mainly a copy operation which means all your current changes have to be committed first and after running the script you have to merge this changes into your codebase.

### Configuration

---

<!-- prettier-ignore-start -->
<!-- markdownlint-disable -->
<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
Expand All @@ -69,7 +105,7 @@ Naming Conventions for Terraform resources must be used.
| Name | Version |
|------|---------|
| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >=1.1.6 |
| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 4.2.0 |
| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 4.5.0 |

## Providers

Expand All @@ -87,13 +123,11 @@ No resources.

| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| <a name="input_context"></a> [context](#input\_context) | Default context for naming and tagging purpose | <pre>object({<br> organization = string<br> environment = string<br> account = string<br> product = string<br> tags = map(string)<br> })</pre> | n/a | yes |
| <a name="input_tags"></a> [tags](#input\_tags) | A list of Variables | `map(string)` | `{}` | no |

## Outputs

| Name | Description |
|------|-------------|
| <a name="output_context"></a> [context](#output\_context) | Exported context from input variable |
No outputs.
<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
<!-- markdownlint-disable -->
<!-- prettier-ignore-end -->
78 changes: 78 additions & 0 deletions build/init.ps1
Original file line number Diff line number Diff line change
@@ -0,0 +1,78 @@
$brewPackages = @(
"pre-commit",
"gawk",
"terraform-docs",
"tflint",
"tfsec",
"coreutils",
"checkov",
"terrascan",
"golang",
"Checkmarx/tap/kics"

)
function ReplaceAllStringsInFile($SearchString, $ReplaceString, $FullPathToFile) {
$content = [System.IO.File]::ReadAllText("$FullPathToFile").Replace("$SearchString", "$ReplaceString")
[System.IO.File]::WriteAllText("$FullPathToFile", $content)
}
function SetupPreCommit {
Write-host "Configuring pre-commit..."
$dir = Join-Path $env:HOME ".git-template"
if (Test-Path "$dir") {
Remove-item -Recurse -Force -Path "$dir" -Verbose
}
$globalHooks = Join-path $dir "hooks"
$localHooks = "$PSScriptRoot/../.git/hooks"
if (Test-Path "$localHooks") {
Remove-item -Recurse -Force -Path "$localHooks" -Verbose
}

New-Item -ItemType Directory -Path $dir
git config --global init.templateDir $dir
git config --global core.hooksPath $dir/hooks
pre-commit init-templatedir -t pre-commit $dir
pre-commit init-templatedir -t prepare-commit-msg $dir
pre-commit init-templatedir -t commit-msg $dir

Copy-Item $globalHooks -Destination $localHooks -Recurse -Verbose
}
function InstallMacDependencies {
foreach ($package in $brewPackages) {
Write-Host "Going to check for package $package"
brew install $package
}
}
function FixReadme {
$file = "$PSScriptRoot/../README.md"
$path = Get-Item "$PSScriptRoot/.."
ReplaceAllStringsInFile -SearchString "TERRAFORM-MODULE-TEMPLATE" -ReplaceString $path.Name.ToUpper() -FullPathToFile $file
}

function PrintAdditionalNeededConfig {
Write-Host "Please add following statements to your .bashrc or .zshrc"
Write-host "
Optional:
export GOPATH=`$HOME/dev/go-workspace
export GOROOT=/usr/local/opt/go/libexec
export PATH=`$PATH:`$GOPATH/bin
export PATH=`$PATH:`$GOROOT/bin
Required:
export TF_PLUGIN_CACHE_DIR=~/.terraform-cache
export KICS_QUERIES_PATH=/usr/local/opt/kics/share/kics/assets/queries"
}

if ($IsWindows) {
Write-Error "This script is currently not able to setup windows systems"
exit 1
}
if ($IsLinux) {
Write-Error "This script is currently not able to setup linux systems"
exit 1
}
if ($IsMacOS) {
InstallMacDependencies
PrintAdditionalNeededConfig
}

SetupPreCommit
FixReadme
27 changes: 27 additions & 0 deletions build/sync_template.ps1
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
$protectedFiles = @(
"main.tf",
"outputs.tf"
"variables.tf"
)
$ChangedFiles = $(git status --porcelain | Measure-Object | Select-Object -expand Count)
if ($ChangedFiles -gt 0)
{
Write-Error "Found $ChangedFiles changed files. Please commit or stash them before using this script."
exit 0
}

$tempPath = Join-Path $([system.io.path]::GetTempPath()) "xoap-template"

if(Test-path "$tempPath"){
Write-Host "Removing old temporary files for xoap module template"
Remove-Item "$tempPath" -Recurse -Force -Verbose
}

git clone https://github.com/xoap-io/terraform-module-template.git $tempPath

$templateItems = Get-ChildItem $tempPath -File | Where-Object {$_.Name -notin $protectedFiles}

foreach($item in $templateItems){
$targetPath = $item.FullName.Replace($tempPath, "${PSScriptRoot}/..")
Copy-Item $item.FullName -Destination $targetPath -Force -Verbose
}
15 changes: 15 additions & 0 deletions kics.config
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
exclude-categories:
exclude-paths:
- ".terraform"
- "*/.terraform"
exclude-queries:
- e592a0c5-5bdb-414c-9066-5dba7cdea370 #IAM Access Analyzer Undefined - always disable
fail-on:
- high
- medium
minimal-ui: false
no-color: false
no-progress: true
preview-lines: 3
silent: false
verbose: false
4 changes: 0 additions & 4 deletions outputs.tf
Original file line number Diff line number Diff line change
@@ -1,4 +0,0 @@
output "context" {
value = var.context
description = "Exported context from input variable"
}
13 changes: 4 additions & 9 deletions variables.tf
Original file line number Diff line number Diff line change
@@ -1,10 +1,5 @@
variable "context" {
type = object({
organization = string
environment = string
account = string
product = string
tags = map(string)
})
description = "Default context for naming and tagging purpose"
variable "tags" {
type = map(string)
default = {}
description = "A list of Variables"
}
2 changes: 1 addition & 1 deletion versions.tf
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = ">= 4.2.0"
version = ">= 4.5.0"
}
}
required_version = ">=1.1.6"
Expand Down

0 comments on commit aaae5cf

Please sign in to comment.