From a24659d1b2a98b3efb5b0f4c22b31b1ebe81d964 Mon Sep 17 00:00:00 2001 From: anmolnagpal Date: Wed, 22 Feb 2023 18:10:37 +0530 Subject: [PATCH 01/29] use terraform letast version --- README.yaml | 6 +++--- _example/memcached/example.tf | 6 +++--- _example/memcached/versions.tf | 6 +++--- _example/redis-cluster/example.tf | 6 +++--- _example/redis-cluster/versions.tf | 6 +++--- _example/redis/example.tf | 6 +++--- _example/redis/versions.tf | 6 +++--- main.tf | 2 +- 8 files changed, 22 insertions(+), 22 deletions(-) diff --git a/README.yaml b/README.yaml index 4a218da..3c91073 100644 --- a/README.yaml +++ b/README.yaml @@ -45,7 +45,7 @@ usage : |- ```hcl module "redis" { source = "clouddrove/elasticache/aws - version = "1.0.1" + version = "1.3.0" name = "redis" environment = "test" label_order = ["environment", "name"] @@ -66,7 +66,7 @@ usage : |- ```hcl module "redis-cluster" { source = "clouddrove/elasticache/aws - version = "1.0.1" + version = "1.3.0" name = "cluster" environment = "test" label_order = ["environment","name"] @@ -89,7 +89,7 @@ usage : |- ```hcl module "memcached" { source = "clouddrove/elasticache/aws - version = "1.0.1" + version = "1.3.0" name = "memcached" environment = "test" label_order = ["environment", "name"] diff --git a/_example/memcached/example.tf b/_example/memcached/example.tf index 135c7d8..1832fc8 100644 --- a/_example/memcached/example.tf +++ b/_example/memcached/example.tf @@ -4,7 +4,7 @@ provider "aws" { module "vpc" { source = "clouddrove/vpc/aws" - version = "0.15.1" + version = "1.3.0" name = "vpc" environment = "test" @@ -16,7 +16,7 @@ module "vpc" { module "subnets" { source = "clouddrove/subnet/aws" - version = "0.15.3" + version = "1.3.0" name = "subnets" environment = "test" @@ -32,7 +32,7 @@ module "subnets" { module "memcached-sg" { source = "clouddrove/security-group/aws" - version = "1.0.1" + version = "1.3.0" name = "memcached-sg" environment = "test" diff --git a/_example/memcached/versions.tf b/_example/memcached/versions.tf index 59b550f..cbc6f9c 100644 --- a/_example/memcached/versions.tf +++ b/_example/memcached/versions.tf @@ -1,11 +1,11 @@ # Terraform version terraform { - required_version = ">= 0.14.11" + required_version = ">= 1.3.6" required_providers { aws = { source = "hashicorp/aws" - version = ">= 3.1.15" + version = ">= 4.48.0" } } -} +} \ No newline at end of file diff --git a/_example/redis-cluster/example.tf b/_example/redis-cluster/example.tf index 3abc1de..3eb5035 100644 --- a/_example/redis-cluster/example.tf +++ b/_example/redis-cluster/example.tf @@ -4,7 +4,7 @@ provider "aws" { module "vpc" { source = "clouddrove/vpc/aws" - version = "0.15.1" + version = "1.3.0" name = "vpc" environment = "test" @@ -15,7 +15,7 @@ module "vpc" { module "subnets" { source = "clouddrove/subnet/aws" - version = "0.15.3" + version = "1.3.0" name = "subnets" environment = "test" @@ -30,7 +30,7 @@ module "subnets" { module "redis-sg" { source = "clouddrove/security-group/aws" - version = "1.0.1" + version = "1.3.0" name = "redis-sg" environment = "test" diff --git a/_example/redis-cluster/versions.tf b/_example/redis-cluster/versions.tf index 59b550f..cbc6f9c 100644 --- a/_example/redis-cluster/versions.tf +++ b/_example/redis-cluster/versions.tf @@ -1,11 +1,11 @@ # Terraform version terraform { - required_version = ">= 0.14.11" + required_version = ">= 1.3.6" required_providers { aws = { source = "hashicorp/aws" - version = ">= 3.1.15" + version = ">= 4.48.0" } } -} +} \ No newline at end of file diff --git a/_example/redis/example.tf b/_example/redis/example.tf index d0dc358..7f01d62 100644 --- a/_example/redis/example.tf +++ b/_example/redis/example.tf @@ -4,7 +4,7 @@ provider "aws" { module "vpc" { source = "clouddrove/vpc/aws" - version = "0.15.1" + version = "1.3.0" name = "vpc" environment = "test" @@ -14,7 +14,7 @@ module "vpc" { module "subnets" { source = "clouddrove/subnet/aws" - version = "0.15.3" + version = "1.3.0" name = "subnets" environment = "test" @@ -30,7 +30,7 @@ module "subnets" { module "redis-sg" { source = "clouddrove/security-group/aws" - version = "1.0.1" + version = "1.3.0" name = "redis-sg" environment = "test" diff --git a/_example/redis/versions.tf b/_example/redis/versions.tf index 59b550f..cbc6f9c 100644 --- a/_example/redis/versions.tf +++ b/_example/redis/versions.tf @@ -1,11 +1,11 @@ # Terraform version terraform { - required_version = ">= 0.14.11" + required_version = ">= 1.3.6" required_providers { aws = { source = "hashicorp/aws" - version = ">= 3.1.15" + version = ">= 4.48.0" } } -} +} \ No newline at end of file diff --git a/main.tf b/main.tf index 83dfb38..7ff51a8 100644 --- a/main.tf +++ b/main.tf @@ -9,7 +9,7 @@ # naming convention. module "labels" { source = "clouddrove/labels/aws" - version = "0.15.0" + version = "1.3.0" enabled = var.enable name = var.name From 4deff9a2302f62ab70a02f2981edf087860ff074 Mon Sep 17 00:00:00 2001 From: anmolnagpal Date: Wed, 22 Feb 2023 18:17:55 +0530 Subject: [PATCH 02/29] use terraform letast version --- _example/memcached/example.tf | 1 + _example/redis-cluster/example.tf | 1 + _example/redis/example.tf | 6 ++++-- main.tf | 1 + variables.tf | 6 ++++++ 5 files changed, 13 insertions(+), 2 deletions(-) diff --git a/_example/memcached/example.tf b/_example/memcached/example.tf index 1832fc8..704261f 100644 --- a/_example/memcached/example.tf +++ b/_example/memcached/example.tf @@ -51,6 +51,7 @@ module "memcached" { label_order = ["name", "environment"] cluster_enabled = true + multi_az_enabled = false engine = "memcached" engine_version = "1.5.10" family = "memcached1.5" diff --git a/_example/redis-cluster/example.tf b/_example/redis-cluster/example.tf index 3eb5035..a921714 100644 --- a/_example/redis-cluster/example.tf +++ b/_example/redis-cluster/example.tf @@ -59,6 +59,7 @@ module "redis-cluster" { availability_zones = ["eu-west-1a", "eu-west-1b"] auto_minor_version_upgrade = true replicas_per_node_group = 2 + multi_az_enabled = false num_node_groups = 1 automatic_failover_enabled = true extra_tags = { diff --git a/_example/redis/example.tf b/_example/redis/example.tf index 7f01d62..c7d4288 100644 --- a/_example/redis/example.tf +++ b/_example/redis/example.tf @@ -57,8 +57,10 @@ module "redis" { security_group_ids = [module.redis-sg.security_group_ids] availability_zones = ["eu-west-1a", "eu-west-1b"] auto_minor_version_upgrade = true - number_cache_clusters = 2 - retention_in_days = 0 + multi_az_enabled = false + + number_cache_clusters = 2 + retention_in_days = 0 log_delivery_configuration = [ { diff --git a/main.tf b/main.tf index 7ff51a8..f94e81b 100644 --- a/main.tf +++ b/main.tf @@ -60,6 +60,7 @@ resource "aws_elasticache_replication_group" "default" { snapshot_retention_limit = var.snapshot_retention_limit apply_immediately = var.apply_immediately availability_zones = slice(var.availability_zones, 0, var.number_cache_clusters) + multi_az_enabled = var.multi_az_enabled number_cache_clusters = var.number_cache_clusters auto_minor_version_upgrade = var.auto_minor_version_upgrade maintenance_window = var.maintenance_window diff --git a/variables.tf b/variables.tf index 2f72e7a..48876e1 100644 --- a/variables.tf +++ b/variables.tf @@ -148,6 +148,12 @@ variable "availability_zones" { description = "A list of EC2 availability zones in which the replication group's cache clusters will be created. The order of the availability zones in the list is not important." } +variable "multi_az_enabled" { + type = bool + default = false + description = "Specify if multi-AZ should be enabled for this Redis instance." +} + variable "number_cache_clusters" { type = string default = "" From 58a32775d71981f51a96e457831094d2d07e989f Mon Sep 17 00:00:00 2001 From: anmolnagpal Date: Wed, 22 Feb 2023 18:19:45 +0530 Subject: [PATCH 03/29] use terraform letast version --- _example/memcached/example.tf | 1 - _example/redis-cluster/example.tf | 1 - 2 files changed, 2 deletions(-) diff --git a/_example/memcached/example.tf b/_example/memcached/example.tf index 704261f..1832fc8 100644 --- a/_example/memcached/example.tf +++ b/_example/memcached/example.tf @@ -51,7 +51,6 @@ module "memcached" { label_order = ["name", "environment"] cluster_enabled = true - multi_az_enabled = false engine = "memcached" engine_version = "1.5.10" family = "memcached1.5" diff --git a/_example/redis-cluster/example.tf b/_example/redis-cluster/example.tf index a921714..3eb5035 100644 --- a/_example/redis-cluster/example.tf +++ b/_example/redis-cluster/example.tf @@ -59,7 +59,6 @@ module "redis-cluster" { availability_zones = ["eu-west-1a", "eu-west-1b"] auto_minor_version_upgrade = true replicas_per_node_group = 2 - multi_az_enabled = false num_node_groups = 1 automatic_failover_enabled = true extra_tags = { From bff3733cb7400d7c99c422e961018e8f177d53fb Mon Sep 17 00:00:00 2001 From: anmolnagpal Date: Wed, 22 Feb 2023 18:27:45 +0530 Subject: [PATCH 04/29] use terraform letast version --- .github/workflows/terraform.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml index 08e6832..1414d81 100644 --- a/.github/workflows/terraform.yml +++ b/.github/workflows/terraform.yml @@ -83,4 +83,4 @@ jobs: terraform_version: ${{ needs.versionExtract.outputs.maxVersion }} - name: Check Terraform format changes - run: terraform fmt --recursive + run: terraform fmt --recursive \ No newline at end of file From aee3178075fb74571fa9686629720db6c5cf10bc Mon Sep 17 00:00:00 2001 From: anmolnagpal Date: Wed, 22 Feb 2023 18:30:01 +0530 Subject: [PATCH 05/29] use terraform letast version --- .github/workflows/terraform.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml index 1414d81..2ef41f1 100644 --- a/.github/workflows/terraform.yml +++ b/.github/workflows/terraform.yml @@ -61,7 +61,6 @@ jobs: - name: tflint uses: reviewdog/action-tflint@master with: - tflint_version: v0.29.0 github_token: ${{ secrets.GITHUB }} working_directory: ${{ matrix.directory }} fail_on_error: 'true' From e6485f02056dc50c904f549421d8f1955080120c Mon Sep 17 00:00:00 2001 From: anmolnagpal Date: Wed, 22 Feb 2023 18:34:19 +0530 Subject: [PATCH 06/29] use terraform letast version --- _example/redis/versions.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/_example/redis/versions.tf b/_example/redis/versions.tf index cbc6f9c..00f24b9 100644 --- a/_example/redis/versions.tf +++ b/_example/redis/versions.tf @@ -1,6 +1,6 @@ # Terraform version terraform { - required_version = ">= 1.3.6" + required_version = ">= 1.3.9" required_providers { aws = { From c85b326ba526959c80b82481567554583277afe6 Mon Sep 17 00:00:00 2001 From: anmolnagpal Date: Wed, 22 Feb 2023 18:38:15 +0530 Subject: [PATCH 07/29] use terraform letast version --- _example/memcached/versions.tf | 6 +++--- _example/redis-cluster/versions.tf | 6 +++--- _example/redis/versions.tf | 6 +++--- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/_example/memcached/versions.tf b/_example/memcached/versions.tf index cbc6f9c..59b550f 100644 --- a/_example/memcached/versions.tf +++ b/_example/memcached/versions.tf @@ -1,11 +1,11 @@ # Terraform version terraform { - required_version = ">= 1.3.6" + required_version = ">= 0.14.11" required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.48.0" + version = ">= 3.1.15" } } -} \ No newline at end of file +} diff --git a/_example/redis-cluster/versions.tf b/_example/redis-cluster/versions.tf index cbc6f9c..59b550f 100644 --- a/_example/redis-cluster/versions.tf +++ b/_example/redis-cluster/versions.tf @@ -1,11 +1,11 @@ # Terraform version terraform { - required_version = ">= 1.3.6" + required_version = ">= 0.14.11" required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.48.0" + version = ">= 3.1.15" } } -} \ No newline at end of file +} diff --git a/_example/redis/versions.tf b/_example/redis/versions.tf index 00f24b9..59b550f 100644 --- a/_example/redis/versions.tf +++ b/_example/redis/versions.tf @@ -1,11 +1,11 @@ # Terraform version terraform { - required_version = ">= 1.3.9" + required_version = ">= 0.14.11" required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.48.0" + version = ">= 3.1.15" } } -} \ No newline at end of file +} From 4e567bab73190392dd18e9db08e8512d8081b85d Mon Sep 17 00:00:00 2001 From: anmolnagpal Date: Wed, 22 Feb 2023 18:40:10 +0530 Subject: [PATCH 08/29] use terraform letast version --- .github/workflows/terraform.yml | 1 + _example/memcached/versions.tf | 6 +++--- _example/redis-cluster/versions.tf | 6 +++--- _example/redis/versions.tf | 6 +++--- 4 files changed, 10 insertions(+), 9 deletions(-) diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml index 2ef41f1..1414d81 100644 --- a/.github/workflows/terraform.yml +++ b/.github/workflows/terraform.yml @@ -61,6 +61,7 @@ jobs: - name: tflint uses: reviewdog/action-tflint@master with: + tflint_version: v0.29.0 github_token: ${{ secrets.GITHUB }} working_directory: ${{ matrix.directory }} fail_on_error: 'true' diff --git a/_example/memcached/versions.tf b/_example/memcached/versions.tf index 59b550f..cbc6f9c 100644 --- a/_example/memcached/versions.tf +++ b/_example/memcached/versions.tf @@ -1,11 +1,11 @@ # Terraform version terraform { - required_version = ">= 0.14.11" + required_version = ">= 1.3.6" required_providers { aws = { source = "hashicorp/aws" - version = ">= 3.1.15" + version = ">= 4.48.0" } } -} +} \ No newline at end of file diff --git a/_example/redis-cluster/versions.tf b/_example/redis-cluster/versions.tf index 59b550f..cbc6f9c 100644 --- a/_example/redis-cluster/versions.tf +++ b/_example/redis-cluster/versions.tf @@ -1,11 +1,11 @@ # Terraform version terraform { - required_version = ">= 0.14.11" + required_version = ">= 1.3.6" required_providers { aws = { source = "hashicorp/aws" - version = ">= 3.1.15" + version = ">= 4.48.0" } } -} +} \ No newline at end of file diff --git a/_example/redis/versions.tf b/_example/redis/versions.tf index 59b550f..cbc6f9c 100644 --- a/_example/redis/versions.tf +++ b/_example/redis/versions.tf @@ -1,11 +1,11 @@ # Terraform version terraform { - required_version = ">= 0.14.11" + required_version = ">= 1.3.6" required_providers { aws = { source = "hashicorp/aws" - version = ">= 3.1.15" + version = ">= 4.48.0" } } -} +} \ No newline at end of file From d8e2b1e259c34305d59778832dae182f677546ab Mon Sep 17 00:00:00 2001 From: anmolnagpal Date: Wed, 22 Feb 2023 18:43:47 +0530 Subject: [PATCH 09/29] use terraform letast version --- _test/redis-cluster/go.mod | 2 +- _test/redis/go.mod | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/_test/redis-cluster/go.mod b/_test/redis-cluster/go.mod index 0f40fcc..615e3a3 100644 --- a/_test/redis-cluster/go.mod +++ b/_test/redis-cluster/go.mod @@ -3,6 +3,6 @@ module github.com/clouddrove/terraform-aws-elasticache/_example/redis-cluster go 1.13 require ( - github.com/gruntwork-io/terratest v0.30.6 + github.com/gruntwork-io/terratest v1.3.6 github.com/stretchr/testify v1.6.1 ) diff --git a/_test/redis/go.mod b/_test/redis/go.mod index 7c7dedc..a100ff2 100644 --- a/_test/redis/go.mod +++ b/_test/redis/go.mod @@ -3,6 +3,6 @@ module github.com/clouddrove/terraform-aws-elasticache/_example/redis go 1.13 require ( - github.com/gruntwork-io/terratest v0.30.6 + github.com/gruntwork-io/terratest v1.3.6 github.com/stretchr/testify v1.6.1 ) From b1dd81eb0e23068233e604512677ada691008ff2 Mon Sep 17 00:00:00 2001 From: anmolnagpal Date: Wed, 22 Feb 2023 18:51:52 +0530 Subject: [PATCH 10/29] use terraform letast version --- .github/workflows/tfsec.yml | 2 +- _test/redis-cluster/go.mod | 2 +- _test/redis/go.mod | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/tfsec.yml b/.github/workflows/tfsec.yml index e3d4a36..9ab7fe0 100644 --- a/.github/workflows/tfsec.yml +++ b/.github/workflows/tfsec.yml @@ -38,4 +38,4 @@ jobs: tfsec_actions_working_dir: ./_example/ tfsec_actions_comment: true tfsec_output_format: sarif - continue-on-error: true + continue-on-error: true \ No newline at end of file diff --git a/_test/redis-cluster/go.mod b/_test/redis-cluster/go.mod index 615e3a3..0f40fcc 100644 --- a/_test/redis-cluster/go.mod +++ b/_test/redis-cluster/go.mod @@ -3,6 +3,6 @@ module github.com/clouddrove/terraform-aws-elasticache/_example/redis-cluster go 1.13 require ( - github.com/gruntwork-io/terratest v1.3.6 + github.com/gruntwork-io/terratest v0.30.6 github.com/stretchr/testify v1.6.1 ) diff --git a/_test/redis/go.mod b/_test/redis/go.mod index a100ff2..7c7dedc 100644 --- a/_test/redis/go.mod +++ b/_test/redis/go.mod @@ -3,6 +3,6 @@ module github.com/clouddrove/terraform-aws-elasticache/_example/redis go 1.13 require ( - github.com/gruntwork-io/terratest v1.3.6 + github.com/gruntwork-io/terratest v0.30.6 github.com/stretchr/testify v1.6.1 ) From 5e6931ccffa631a5f14509209deb2025fc9b0db9 Mon Sep 17 00:00:00 2001 From: anmolnagpal Date: Thu, 23 Feb 2023 15:53:20 +0530 Subject: [PATCH 11/29] use terraform letast version --- .github/workflows/tfsec.yml | 30 +++++++++++++++--------------- _example/memcached/versions.tf | 2 +- 2 files changed, 16 insertions(+), 16 deletions(-) diff --git a/.github/workflows/tfsec.yml b/.github/workflows/tfsec.yml index 9ab7fe0..3e0de3f 100644 --- a/.github/workflows/tfsec.yml +++ b/.github/workflows/tfsec.yml @@ -24,18 +24,18 @@ jobs: # Path to SARIF file relative to the root of the repository sarif_file: tfsec.sarif - - name: tfsec commenter for PR - uses: tfsec/tfsec-pr-commenter-action@main - with: - GITHUB_TOKEN: ${{ secrets.GITHUB}} - working_directory: ./_example/ - - - name: 'Terraform security scan Advanced' - uses: triat/terraform-security-scan@v3.0.3 - if: github.event_name == 'pull_request' - env: - GITHUB_TOKEN: ${{ secrets.GITHUB}} - tfsec_actions_working_dir: ./_example/ - tfsec_actions_comment: true - tfsec_output_format: sarif - continue-on-error: true \ No newline at end of file +# - name: tfsec commenter for PR +# uses: tfsec/tfsec-pr-commenter-action@main +# with: +# GITHUB_TOKEN: ${{ secrets.GITHUB}} +# working_directory: ./_example/ +# +# - name: 'Terraform security scan Advanced' +# uses: triat/terraform-security-scan@v3.0.3 +# if: github.event_name == 'pull_request' +# env: +# GITHUB_TOKEN: ${{ secrets.GITHUB}} +# tfsec_actions_working_dir: ./_example/ +# tfsec_actions_comment: true +# tfsec_output_format: sarif +# continue-on-error: true \ No newline at end of file diff --git a/_example/memcached/versions.tf b/_example/memcached/versions.tf index cbc6f9c..87b6d15 100644 --- a/_example/memcached/versions.tf +++ b/_example/memcached/versions.tf @@ -8,4 +8,4 @@ terraform { version = ">= 4.48.0" } } -} \ No newline at end of file +} From a3dce28b4eb3bc944748001656328fa0cb9d58d8 Mon Sep 17 00:00:00 2001 From: anmolnagpal Date: Thu, 23 Feb 2023 15:56:52 +0530 Subject: [PATCH 12/29] use terraform letast version --- _example/memcached/versions.tf | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/_example/memcached/versions.tf b/_example/memcached/versions.tf index 87b6d15..43b7154 100644 --- a/_example/memcached/versions.tf +++ b/_example/memcached/versions.tf @@ -1,11 +1,11 @@ -# Terraform version -terraform { - required_version = ">= 1.3.6" - - required_providers { - aws = { - source = "hashicorp/aws" - version = ">= 4.48.0" - } - } -} +## Terraform version +#terraform { +# required_version = ">= 1.3.6" +# +# required_providers { +# aws = { +# source = "hashicorp/aws" +# version = ">= 4.48.0" +# } +# } +#} \ No newline at end of file From 94043583930d292199a427d1877d6d91b83d7bac Mon Sep 17 00:00:00 2001 From: anmolnagpal Date: Thu, 23 Feb 2023 15:59:12 +0530 Subject: [PATCH 13/29] use terraform letast version --- .github/workflows/terratest.yml | 104 ++++++++++++++++---------------- _example/memcached/versions.tf | 22 +++---- 2 files changed, 63 insertions(+), 63 deletions(-) diff --git a/.github/workflows/terratest.yml b/.github/workflows/terratest.yml index 96e8b5c..c420586 100644 --- a/.github/workflows/terratest.yml +++ b/.github/workflows/terratest.yml @@ -1,52 +1,52 @@ -name: 'Terratest GitHub Actions' -on: - pull_request: - branches: - - master - types: [labeled] - -jobs: - terraform: - name: 'Terraform' - runs-on: ubuntu-latest - steps: - - - name: 'Checkout' - uses: actions/checkout@master - - - name: Configure AWS Credentials - uses: clouddrove/configure-aws-credentials@v1 - with: - aws-access-key-id: ${{ secrets.TEST_AWS_ACCESS_KEY }} - aws-secret-access-key: ${{ secrets.TEST_AWS_ACCESS_SECRET_KEY }} - aws-region: us-east-2 - - - - name: 'Terratest for redis' - if: ${{ github.event.label.name == 'terratest' }} - uses: 'clouddrove/github-actions@v9.0.2' - with: - actions_subcommand: 'terratest' - tf_actions_working_dir: '_test/redis' - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - - name: 'Terratest for redis-cluster' - if: ${{ github.event.label.name == 'terratest' }} - uses: 'clouddrove/github-actions@v9.0.2' - with: - actions_subcommand: 'terratest' - tf_actions_working_dir: '_test/redis-cluster' - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - - name: 'Slack Notification' - uses: clouddrove/action-slack@v2 - with: - status: ${{ job.status }} - fields: repo,author - author_name: 'CloudDrove' - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # required - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_TERRAFORM }} # required - if: always() +#name: 'Terratest GitHub Actions' +#on: +# pull_request: +# branches: +# - master +# types: [labeled] +# +#jobs: +# terraform: +# name: 'Terraform' +# runs-on: ubuntu-latest +# steps: +# +# - name: 'Checkout' +# uses: actions/checkout@master +# +# - name: Configure AWS Credentials +# uses: clouddrove/configure-aws-credentials@v1 +# with: +# aws-access-key-id: ${{ secrets.TEST_AWS_ACCESS_KEY }} +# aws-secret-access-key: ${{ secrets.TEST_AWS_ACCESS_SECRET_KEY }} +# aws-region: us-east-2 +# +# +# - name: 'Terratest for redis' +# if: ${{ github.event.label.name == 'terratest' }} +# uses: 'clouddrove/github-actions@v9.0.2' +# with: +# actions_subcommand: 'terratest' +# tf_actions_working_dir: '_test/redis' +# env: +# GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} +# +# - name: 'Terratest for redis-cluster' +# if: ${{ github.event.label.name == 'terratest' }} +# uses: 'clouddrove/github-actions@v9.0.2' +# with: +# actions_subcommand: 'terratest' +# tf_actions_working_dir: '_test/redis-cluster' +# env: +# GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} +# +# - name: 'Slack Notification' +# uses: clouddrove/action-slack@v2 +# with: +# status: ${{ job.status }} +# fields: repo,author +# author_name: 'CloudDrove' +# env: +# GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # required +# SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_TERRAFORM }} # required +# if: always() diff --git a/_example/memcached/versions.tf b/_example/memcached/versions.tf index 43b7154..cbc6f9c 100644 --- a/_example/memcached/versions.tf +++ b/_example/memcached/versions.tf @@ -1,11 +1,11 @@ -## Terraform version -#terraform { -# required_version = ">= 1.3.6" -# -# required_providers { -# aws = { -# source = "hashicorp/aws" -# version = ">= 4.48.0" -# } -# } -#} \ No newline at end of file +# Terraform version +terraform { + required_version = ">= 1.3.6" + + required_providers { + aws = { + source = "hashicorp/aws" + version = ">= 4.48.0" + } + } +} \ No newline at end of file From d64dbc6529007c4abdd7f7676d7b8c8ed05c8195 Mon Sep 17 00:00:00 2001 From: anmolnagpal Date: Thu, 23 Feb 2023 16:01:55 +0530 Subject: [PATCH 14/29] use terraform letast version --- .github/workflows/terraform.yml | 2 +- .github/workflows/terratest.yml | 104 ++++++++++++++++---------------- .github/workflows/tfsec.yml | 30 ++++----- 3 files changed, 68 insertions(+), 68 deletions(-) diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml index 1414d81..22fc328 100644 --- a/.github/workflows/terraform.yml +++ b/.github/workflows/terraform.yml @@ -61,7 +61,7 @@ jobs: - name: tflint uses: reviewdog/action-tflint@master with: - tflint_version: v0.29.0 +# tflint_version: v0.29.0 github_token: ${{ secrets.GITHUB }} working_directory: ${{ matrix.directory }} fail_on_error: 'true' diff --git a/.github/workflows/terratest.yml b/.github/workflows/terratest.yml index c420586..96e8b5c 100644 --- a/.github/workflows/terratest.yml +++ b/.github/workflows/terratest.yml @@ -1,52 +1,52 @@ -#name: 'Terratest GitHub Actions' -#on: -# pull_request: -# branches: -# - master -# types: [labeled] -# -#jobs: -# terraform: -# name: 'Terraform' -# runs-on: ubuntu-latest -# steps: -# -# - name: 'Checkout' -# uses: actions/checkout@master -# -# - name: Configure AWS Credentials -# uses: clouddrove/configure-aws-credentials@v1 -# with: -# aws-access-key-id: ${{ secrets.TEST_AWS_ACCESS_KEY }} -# aws-secret-access-key: ${{ secrets.TEST_AWS_ACCESS_SECRET_KEY }} -# aws-region: us-east-2 -# -# -# - name: 'Terratest for redis' -# if: ${{ github.event.label.name == 'terratest' }} -# uses: 'clouddrove/github-actions@v9.0.2' -# with: -# actions_subcommand: 'terratest' -# tf_actions_working_dir: '_test/redis' -# env: -# GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} -# -# - name: 'Terratest for redis-cluster' -# if: ${{ github.event.label.name == 'terratest' }} -# uses: 'clouddrove/github-actions@v9.0.2' -# with: -# actions_subcommand: 'terratest' -# tf_actions_working_dir: '_test/redis-cluster' -# env: -# GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} -# -# - name: 'Slack Notification' -# uses: clouddrove/action-slack@v2 -# with: -# status: ${{ job.status }} -# fields: repo,author -# author_name: 'CloudDrove' -# env: -# GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # required -# SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_TERRAFORM }} # required -# if: always() +name: 'Terratest GitHub Actions' +on: + pull_request: + branches: + - master + types: [labeled] + +jobs: + terraform: + name: 'Terraform' + runs-on: ubuntu-latest + steps: + + - name: 'Checkout' + uses: actions/checkout@master + + - name: Configure AWS Credentials + uses: clouddrove/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.TEST_AWS_ACCESS_KEY }} + aws-secret-access-key: ${{ secrets.TEST_AWS_ACCESS_SECRET_KEY }} + aws-region: us-east-2 + + + - name: 'Terratest for redis' + if: ${{ github.event.label.name == 'terratest' }} + uses: 'clouddrove/github-actions@v9.0.2' + with: + actions_subcommand: 'terratest' + tf_actions_working_dir: '_test/redis' + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: 'Terratest for redis-cluster' + if: ${{ github.event.label.name == 'terratest' }} + uses: 'clouddrove/github-actions@v9.0.2' + with: + actions_subcommand: 'terratest' + tf_actions_working_dir: '_test/redis-cluster' + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: 'Slack Notification' + uses: clouddrove/action-slack@v2 + with: + status: ${{ job.status }} + fields: repo,author + author_name: 'CloudDrove' + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # required + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_TERRAFORM }} # required + if: always() diff --git a/.github/workflows/tfsec.yml b/.github/workflows/tfsec.yml index 3e0de3f..9ab7fe0 100644 --- a/.github/workflows/tfsec.yml +++ b/.github/workflows/tfsec.yml @@ -24,18 +24,18 @@ jobs: # Path to SARIF file relative to the root of the repository sarif_file: tfsec.sarif -# - name: tfsec commenter for PR -# uses: tfsec/tfsec-pr-commenter-action@main -# with: -# GITHUB_TOKEN: ${{ secrets.GITHUB}} -# working_directory: ./_example/ -# -# - name: 'Terraform security scan Advanced' -# uses: triat/terraform-security-scan@v3.0.3 -# if: github.event_name == 'pull_request' -# env: -# GITHUB_TOKEN: ${{ secrets.GITHUB}} -# tfsec_actions_working_dir: ./_example/ -# tfsec_actions_comment: true -# tfsec_output_format: sarif -# continue-on-error: true \ No newline at end of file + - name: tfsec commenter for PR + uses: tfsec/tfsec-pr-commenter-action@main + with: + GITHUB_TOKEN: ${{ secrets.GITHUB}} + working_directory: ./_example/ + + - name: 'Terraform security scan Advanced' + uses: triat/terraform-security-scan@v3.0.3 + if: github.event_name == 'pull_request' + env: + GITHUB_TOKEN: ${{ secrets.GITHUB}} + tfsec_actions_working_dir: ./_example/ + tfsec_actions_comment: true + tfsec_output_format: sarif + continue-on-error: true \ No newline at end of file From 586a80838250355a549aec87a74e14f38e6f9665 Mon Sep 17 00:00:00 2001 From: anmolnagpal Date: Thu, 23 Feb 2023 16:05:17 +0530 Subject: [PATCH 15/29] use terraform letast version --- .github/workflows/terraform.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml index 22fc328..1414d81 100644 --- a/.github/workflows/terraform.yml +++ b/.github/workflows/terraform.yml @@ -61,7 +61,7 @@ jobs: - name: tflint uses: reviewdog/action-tflint@master with: -# tflint_version: v0.29.0 + tflint_version: v0.29.0 github_token: ${{ secrets.GITHUB }} working_directory: ${{ matrix.directory }} fail_on_error: 'true' From 304dd4a837b4de70a06ba7252c8e6da6e4ff8ba0 Mon Sep 17 00:00:00 2001 From: anmolnagpal Date: Thu, 23 Feb 2023 16:12:33 +0530 Subject: [PATCH 16/29] use terraform letast version --- _example/memcached/example.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/_example/memcached/example.tf b/_example/memcached/example.tf index 1832fc8..ee7fd39 100644 --- a/_example/memcached/example.tf +++ b/_example/memcached/example.tf @@ -54,7 +54,7 @@ module "memcached" { engine = "memcached" engine_version = "1.5.10" family = "memcached1.5" - parameter_group_name = "default.memcached1.5" + parameter_group_name = ["default.memcached1.5"] az_mode = "cross-az" port = 11211 node_type = "cache.t2.micro" From c005e631d8eefdbf6ff98b1568541326c271f646 Mon Sep 17 00:00:00 2001 From: anmolnagpal Date: Thu, 23 Feb 2023 16:14:52 +0530 Subject: [PATCH 17/29] use terraform letast version --- _example/memcached/example.tf | 2 +- variables.tf | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/_example/memcached/example.tf b/_example/memcached/example.tf index ee7fd39..1832fc8 100644 --- a/_example/memcached/example.tf +++ b/_example/memcached/example.tf @@ -54,7 +54,7 @@ module "memcached" { engine = "memcached" engine_version = "1.5.10" family = "memcached1.5" - parameter_group_name = ["default.memcached1.5"] + parameter_group_name = "default.memcached1.5" az_mode = "cross-az" port = 11211 node_type = "cache.t2.micro" diff --git a/variables.tf b/variables.tf index 48876e1..afad737 100644 --- a/variables.tf +++ b/variables.tf @@ -238,7 +238,7 @@ variable "kms_key_id" { variable "parameter_group_name" { type = string - default = "default.redis5.0" + default = "default.memcached1.5" description = "The name of the parameter group to associate with this replication group. If this argument is omitted, the default cache parameter group for the specified engine is used." } From f800dbbd46dcc21a922e27ecb887968799546c91 Mon Sep 17 00:00:00 2001 From: anmolnagpal Date: Thu, 4 May 2023 20:17:01 +0530 Subject: [PATCH 18/29] use terraform letast version --- .github/workflows/readme.yml | 10 +++++----- .github/workflows/terraform.yml | 7 ++----- .github/workflows/terratest.yml | 28 ++++++++-------------------- 3 files changed, 15 insertions(+), 30 deletions(-) diff --git a/.github/workflows/readme.yml b/.github/workflows/readme.yml index 466fb56..af9a54c 100644 --- a/.github/workflows/readme.yml +++ b/.github/workflows/readme.yml @@ -10,9 +10,9 @@ jobs: runs-on: ubuntu-latest steps: - name: 'Checkout' - uses: actions/checkout@v2.3.4 + uses: actions/checkout@master - - name: "Set up Python 3.7" + - name: 'Set up Python 3.7' uses: actions/setup-python@v2 with: python-version: '3.x' @@ -26,11 +26,11 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN}} - - name: "pre-commit check errors" + - name: 'pre-commit check errors' uses: pre-commit/action@v2.0.0 continue-on-error: true - - name: "pre-commit fix errors" + - name: 'pre-commit fix erros' uses: pre-commit/action@v2.0.0 continue-on-error: true @@ -51,4 +51,4 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # required SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_TERRAFORM }} # required - if: always() + if: always() \ No newline at end of file diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml index 1414d81..3fdb409 100644 --- a/.github/workflows/terraform.yml +++ b/.github/workflows/terraform.yml @@ -31,9 +31,7 @@ jobs: - ${{ needs.versionExtract.outputs.minVersion }} - ${{ needs.versionExtract.outputs.maxVersion }} directory: - - _example/memcached - - _example/redis - - _example/redis-cluster + - _example/ steps: - name: Checkout @@ -57,7 +55,6 @@ jobs: terraform init terraform validate terraform plan -input=false -no-color - - name: tflint uses: reviewdog/action-tflint@master with: @@ -83,4 +80,4 @@ jobs: terraform_version: ${{ needs.versionExtract.outputs.maxVersion }} - name: Check Terraform format changes - run: terraform fmt --recursive \ No newline at end of file + run: terraform fmt --recursive diff --git a/.github/workflows/terratest.yml b/.github/workflows/terratest.yml index 96e8b5c..868c2d4 100644 --- a/.github/workflows/terratest.yml +++ b/.github/workflows/terratest.yml @@ -6,39 +6,27 @@ on: types: [labeled] jobs: - terraform: - name: 'Terraform' + Terratest: + name: 'terratest' runs-on: ubuntu-latest steps: - name: 'Checkout' - uses: actions/checkout@master + uses: actions/checkout@v2.3.4 - - name: Configure AWS Credentials + - name: 'Configure AWS Credentials' uses: clouddrove/configure-aws-credentials@v1 with: aws-access-key-id: ${{ secrets.TEST_AWS_ACCESS_KEY }} aws-secret-access-key: ${{ secrets.TEST_AWS_ACCESS_SECRET_KEY }} aws-region: us-east-2 - - - name: 'Terratest for redis' - if: ${{ github.event.label.name == 'terratest' }} + - name: 'terratest' uses: 'clouddrove/github-actions@v9.0.2' with: actions_subcommand: 'terratest' - tf_actions_working_dir: '_test/redis' - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - - name: 'Terratest for redis-cluster' - if: ${{ github.event.label.name == 'terratest' }} - uses: 'clouddrove/github-actions@v9.0.2' - with: - actions_subcommand: 'terratest' - tf_actions_working_dir: '_test/redis-cluster' - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + if: ${{ github.event.label.name == 'terratest' }} + tf_actions_working_dir: '_test' - name: 'Slack Notification' uses: clouddrove/action-slack@v2 @@ -49,4 +37,4 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # required SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_TERRAFORM }} # required - if: always() + if: always() \ No newline at end of file From 9f265f1b48834cecfadec60f22d6a7cff951df9b Mon Sep 17 00:00:00 2001 From: anmolnagpal Date: Thu, 4 May 2023 20:24:20 +0530 Subject: [PATCH 19/29] use terraform letast version --- _example/redis/example.tf | 1 - main.tf | 29 ----------------------------- variables.tf | 10 ++-------- 3 files changed, 2 insertions(+), 38 deletions(-) diff --git a/_example/redis/example.tf b/_example/redis/example.tf index 313a9a7..58aa876 100644 --- a/_example/redis/example.tf +++ b/_example/redis/example.tf @@ -62,7 +62,6 @@ module "redis" { number_cache_clusters = 2 retention_in_days = 0 num_cache_clusters = 2 - retention_in_days = 0 log_delivery_configuration = [ { diff --git a/main.tf b/main.tf index 9969e9d..b3108f4 100644 --- a/main.tf +++ b/main.tf @@ -41,34 +41,6 @@ resource "aws_elasticache_subnet_group" "default" { # Module : Elasticache Replication Group # Description : Terraform module which creates standalone instance for Elasticache Redis. resource "aws_elasticache_replication_group" "default" { - count = var.enable && var.replication_enabled ? 1 : 0 - engine = var.engine - replication_group_id = module.labels.id - replication_group_description = module.labels.id - engine_version = var.engine_version - port = var.port - parameter_group_name = var.parameter_group_name - node_type = var.node_type - automatic_failover_enabled = var.automatic_failover_enabled - subnet_group_name = join("", aws_elasticache_subnet_group.default.*.name) - security_group_ids = var.security_group_ids - security_group_names = var.security_group_names - snapshot_arns = var.snapshot_arns - snapshot_name = var.snapshot_name - notification_topic_arn = var.notification_topic_arn - snapshot_window = var.snapshot_window - snapshot_retention_limit = var.snapshot_retention_limit - apply_immediately = var.apply_immediately - availability_zones = slice(var.availability_zones, 0, var.number_cache_clusters) - multi_az_enabled = var.multi_az_enabled - number_cache_clusters = var.number_cache_clusters - auto_minor_version_upgrade = var.auto_minor_version_upgrade - maintenance_window = var.maintenance_window - at_rest_encryption_enabled = var.at_rest_encryption_enabled - transit_encryption_enabled = var.transit_encryption_enabled - auth_token = var.auth_token - kms_key_id = var.kms_key_id - tags = module.labels.tags count = var.enable && var.replication_enabled ? 1 : 0 engine = var.engine replication_group_id = module.labels.id @@ -171,4 +143,3 @@ resource "aws_elasticache_cluster" "default" { tags = module.labels.tags } - diff --git a/variables.tf b/variables.tf index 9a76dd1..d2665b0 100644 --- a/variables.tf +++ b/variables.tf @@ -148,12 +148,6 @@ variable "availability_zones" { description = "A list of EC2 availability zones in which the replication group's cache clusters will be created. The order of the availability zones in the list is not important." } -variable "multi_az_enabled" { - type = bool - default = false - description = "Specify if multi-AZ should be enabled for this Redis instance." -} - variable "num_cache_clusters" { type = string default = "" @@ -238,7 +232,7 @@ variable "kms_key_id" { variable "parameter_group_name" { type = string - default = "default.memcached1.5" + default = "default.redis5.0" description = "The name of the parameter group to associate with this replication group. If this argument is omitted, the default cache parameter group for the specified engine is used." } @@ -252,4 +246,4 @@ variable "retention_in_days" { type = number default = 0 description = "Specifies the number of days you want to retain log events in the specified log group." -} +} \ No newline at end of file From f7d7e10050cdf9a79642a63c8359d3dccc04c9f6 Mon Sep 17 00:00:00 2001 From: anmolnagpal Date: Thu, 4 May 2023 20:45:13 +0530 Subject: [PATCH 20/29] use terraform letast version --- .github/workflows/terraform.yml | 2 +- _example/redis/example.tf | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml index 3fdb409..09c04b1 100644 --- a/.github/workflows/terraform.yml +++ b/.github/workflows/terraform.yml @@ -80,4 +80,4 @@ jobs: terraform_version: ${{ needs.versionExtract.outputs.maxVersion }} - name: Check Terraform format changes - run: terraform fmt --recursive + run: terraform fmt --recursive \ No newline at end of file diff --git a/_example/redis/example.tf b/_example/redis/example.tf index 58aa876..c403d3c 100644 --- a/_example/redis/example.tf +++ b/_example/redis/example.tf @@ -61,7 +61,7 @@ module "redis" { number_cache_clusters = 2 retention_in_days = 0 - num_cache_clusters = 2 + num_cache_clusters = 2 log_delivery_configuration = [ { From 864c083ae74897bb1d5e6d38e89b28afd825ba6f Mon Sep 17 00:00:00 2001 From: anmolnagpal Date: Thu, 4 May 2023 20:49:19 +0530 Subject: [PATCH 21/29] use terraform letast version --- .github/workflows/terraform.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml index 09c04b1..d73d44f 100644 --- a/.github/workflows/terraform.yml +++ b/.github/workflows/terraform.yml @@ -55,6 +55,7 @@ jobs: terraform init terraform validate terraform plan -input=false -no-color + - name: tflint uses: reviewdog/action-tflint@master with: From e350d4dce2bc408f177cc64fe1b6f4af6bf8fe76 Mon Sep 17 00:00:00 2001 From: anmolnagpal Date: Thu, 4 May 2023 20:54:21 +0530 Subject: [PATCH 22/29] use terraform letast version --- .github/workflows/terraform.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml index d73d44f..7df5e5e 100644 --- a/.github/workflows/terraform.yml +++ b/.github/workflows/terraform.yml @@ -53,9 +53,10 @@ jobs: run: | cd ${{ matrix.directory }} terraform init - terraform validate +# terraform validate terraform plan -input=false -no-color + - name: tflint uses: reviewdog/action-tflint@master with: From 60a03bc26645e0c1f43a85056e88d37addad34cf Mon Sep 17 00:00:00 2001 From: anmolnagpal Date: Thu, 4 May 2023 20:56:18 +0530 Subject: [PATCH 23/29] use terraform letast version --- .github/workflows/terraform.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml index 7df5e5e..a090ce4 100644 --- a/.github/workflows/terraform.yml +++ b/.github/workflows/terraform.yml @@ -53,7 +53,7 @@ jobs: run: | cd ${{ matrix.directory }} terraform init -# terraform validate + terraform validate terraform plan -input=false -no-color From 86c623c781e7922ba136d51ef8cc79af21b543e0 Mon Sep 17 00:00:00 2001 From: anmolnagpal Date: Thu, 4 May 2023 21:00:02 +0530 Subject: [PATCH 24/29] use terraform letast version --- .github/workflows/terraform.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml index a090ce4..c0fdb13 100644 --- a/.github/workflows/terraform.yml +++ b/.github/workflows/terraform.yml @@ -31,7 +31,9 @@ jobs: - ${{ needs.versionExtract.outputs.minVersion }} - ${{ needs.versionExtract.outputs.maxVersion }} directory: - - _example/ + - _example/memcached + - _example/redis + - _example/redis-cluster steps: - name: Checkout @@ -54,7 +56,6 @@ jobs: cd ${{ matrix.directory }} terraform init terraform validate - terraform plan -input=false -no-color - name: tflint From 30cbb8b9c443d9a36e0514744a69bdd58ec2d97c Mon Sep 17 00:00:00 2001 From: anmolnagpal Date: Thu, 4 May 2023 21:04:39 +0530 Subject: [PATCH 25/29] use terraform letast version --- _example/memcached/example.tf | 2 +- _example/redis/example.tf | 7 ++----- 2 files changed, 3 insertions(+), 6 deletions(-) diff --git a/_example/memcached/example.tf b/_example/memcached/example.tf index 1832fc8..d0a640a 100644 --- a/_example/memcached/example.tf +++ b/_example/memcached/example.tf @@ -65,4 +65,4 @@ module "memcached" { extra_tags = { Application = "CloudDrove" } -} +} \ No newline at end of file diff --git a/_example/redis/example.tf b/_example/redis/example.tf index c403d3c..a4a4181 100644 --- a/_example/redis/example.tf +++ b/_example/redis/example.tf @@ -57,11 +57,8 @@ module "redis" { security_group_ids = [module.redis-sg.security_group_ids] availability_zones = ["eu-west-1a", "eu-west-1b"] auto_minor_version_upgrade = true - multi_az_enabled = false - - number_cache_clusters = 2 - retention_in_days = 0 - num_cache_clusters = 2 + num_cache_clusters = 2 + retention_in_days = 0 log_delivery_configuration = [ { From b123a4e4a1b47d4bcd3edb045c928756204aaf9e Mon Sep 17 00:00:00 2001 From: anmolnagpal Date: Thu, 4 May 2023 21:10:33 +0530 Subject: [PATCH 26/29] use terraform letast version --- .github/workflows/readme.yml | 8 ++++---- .github/workflows/terraform.yml | 9 +++++---- .github/workflows/terratest.yml | 21 +++++++++++++-------- .github/workflows/tfsec.yml | 3 ++- 4 files changed, 24 insertions(+), 17 deletions(-) diff --git a/.github/workflows/readme.yml b/.github/workflows/readme.yml index af9a54c..96936b0 100644 --- a/.github/workflows/readme.yml +++ b/.github/workflows/readme.yml @@ -12,7 +12,7 @@ jobs: - name: 'Checkout' uses: actions/checkout@master - - name: 'Set up Python 3.7' + - name: Set up Python 3.7. uses: actions/setup-python@v2 with: python-version: '3.x' @@ -26,11 +26,11 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN}} - - name: 'pre-commit check errors' + - name: pre-commit check errors uses: pre-commit/action@v2.0.0 continue-on-error: true - - name: 'pre-commit fix erros' + - name: pre-commit fix erros uses: pre-commit/action@v2.0.0 continue-on-error: true @@ -51,4 +51,4 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # required SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_TERRAFORM }} # required - if: always() \ No newline at end of file + if: always() diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml index c0fdb13..48e7383 100644 --- a/.github/workflows/terraform.yml +++ b/.github/workflows/terraform.yml @@ -31,9 +31,10 @@ jobs: - ${{ needs.versionExtract.outputs.minVersion }} - ${{ needs.versionExtract.outputs.maxVersion }} directory: - - _example/memcached - - _example/redis - - _example/redis-cluster + - _example/private-subnet + - _example/public-private-subnet-single-nat-gateway + - _example/public-private-subnet + - _example/public-subnet steps: - name: Checkout @@ -56,7 +57,7 @@ jobs: cd ${{ matrix.directory }} terraform init terraform validate - + - name: tflint uses: reviewdog/action-tflint@master diff --git a/.github/workflows/terratest.yml b/.github/workflows/terratest.yml index 868c2d4..cae58cc 100644 --- a/.github/workflows/terratest.yml +++ b/.github/workflows/terratest.yml @@ -6,27 +6,32 @@ on: types: [labeled] jobs: - Terratest: - name: 'terratest' + terraform: + name: 'Terraform' runs-on: ubuntu-latest steps: - name: 'Checkout' - uses: actions/checkout@v2.3.4 + uses: actions/checkout@master - - name: 'Configure AWS Credentials' + - name: Configure AWS Credentials uses: clouddrove/configure-aws-credentials@v1 with: aws-access-key-id: ${{ secrets.TEST_AWS_ACCESS_KEY }} aws-secret-access-key: ${{ secrets.TEST_AWS_ACCESS_SECRET_KEY }} aws-region: us-east-2 - - name: 'terratest' + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: 'Terratest public-private-subnet' + if: ${{ github.event.label.name == 'terratest' }} uses: 'clouddrove/github-actions@v9.0.2' with: actions_subcommand: 'terratest' - if: ${{ github.event.label.name == 'terratest' }} - tf_actions_working_dir: '_test' + tf_actions_working_dir: '_test/public-subnet' + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: 'Slack Notification' uses: clouddrove/action-slack@v2 @@ -37,4 +42,4 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # required SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_TERRAFORM }} # required - if: always() \ No newline at end of file + if: always() diff --git a/.github/workflows/tfsec.yml b/.github/workflows/tfsec.yml index 9ab7fe0..018a45d 100644 --- a/.github/workflows/tfsec.yml +++ b/.github/workflows/tfsec.yml @@ -30,6 +30,7 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB}} working_directory: ./_example/ + - name: 'Terraform security scan Advanced' uses: triat/terraform-security-scan@v3.0.3 if: github.event_name == 'pull_request' @@ -38,4 +39,4 @@ jobs: tfsec_actions_working_dir: ./_example/ tfsec_actions_comment: true tfsec_output_format: sarif - continue-on-error: true \ No newline at end of file + continue-on-error: true From 4d5485f18052bbfefa8e61a38ee678839c7dad0e Mon Sep 17 00:00:00 2001 From: anmolnagpal Date: Tue, 9 May 2023 19:53:49 +0530 Subject: [PATCH 27/29] fix github action --- .github/workflows/readme.yml | 8 ++++---- .github/workflows/terraform.yml | 7 ++----- .github/workflows/terratest.yml | 21 ++++++++------------- 3 files changed, 14 insertions(+), 22 deletions(-) diff --git a/.github/workflows/readme.yml b/.github/workflows/readme.yml index 96936b0..af9a54c 100644 --- a/.github/workflows/readme.yml +++ b/.github/workflows/readme.yml @@ -12,7 +12,7 @@ jobs: - name: 'Checkout' uses: actions/checkout@master - - name: Set up Python 3.7. + - name: 'Set up Python 3.7' uses: actions/setup-python@v2 with: python-version: '3.x' @@ -26,11 +26,11 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN}} - - name: pre-commit check errors + - name: 'pre-commit check errors' uses: pre-commit/action@v2.0.0 continue-on-error: true - - name: pre-commit fix erros + - name: 'pre-commit fix erros' uses: pre-commit/action@v2.0.0 continue-on-error: true @@ -51,4 +51,4 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # required SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_TERRAFORM }} # required - if: always() + if: always() \ No newline at end of file diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml index 48e7383..d73d44f 100644 --- a/.github/workflows/terraform.yml +++ b/.github/workflows/terraform.yml @@ -31,10 +31,7 @@ jobs: - ${{ needs.versionExtract.outputs.minVersion }} - ${{ needs.versionExtract.outputs.maxVersion }} directory: - - _example/private-subnet - - _example/public-private-subnet-single-nat-gateway - - _example/public-private-subnet - - _example/public-subnet + - _example/ steps: - name: Checkout @@ -57,7 +54,7 @@ jobs: cd ${{ matrix.directory }} terraform init terraform validate - + terraform plan -input=false -no-color - name: tflint uses: reviewdog/action-tflint@master diff --git a/.github/workflows/terratest.yml b/.github/workflows/terratest.yml index cae58cc..868c2d4 100644 --- a/.github/workflows/terratest.yml +++ b/.github/workflows/terratest.yml @@ -6,32 +6,27 @@ on: types: [labeled] jobs: - terraform: - name: 'Terraform' + Terratest: + name: 'terratest' runs-on: ubuntu-latest steps: - name: 'Checkout' - uses: actions/checkout@master + uses: actions/checkout@v2.3.4 - - name: Configure AWS Credentials + - name: 'Configure AWS Credentials' uses: clouddrove/configure-aws-credentials@v1 with: aws-access-key-id: ${{ secrets.TEST_AWS_ACCESS_KEY }} aws-secret-access-key: ${{ secrets.TEST_AWS_ACCESS_SECRET_KEY }} aws-region: us-east-2 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - - name: 'Terratest public-private-subnet' - if: ${{ github.event.label.name == 'terratest' }} + - name: 'terratest' uses: 'clouddrove/github-actions@v9.0.2' with: actions_subcommand: 'terratest' - tf_actions_working_dir: '_test/public-subnet' - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + if: ${{ github.event.label.name == 'terratest' }} + tf_actions_working_dir: '_test' - name: 'Slack Notification' uses: clouddrove/action-slack@v2 @@ -42,4 +37,4 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # required SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_TERRAFORM }} # required - if: always() + if: always() \ No newline at end of file From eb8b5193d4005e9397bb4a1397939973343d7ba7 Mon Sep 17 00:00:00 2001 From: anmolnagpal Date: Tue, 9 May 2023 19:56:35 +0530 Subject: [PATCH 28/29] fix github action --- .github/workflows/tfsec.yml | 43 ++++++------------------------------- variables.tf | 6 ++++++ 2 files changed, 12 insertions(+), 37 deletions(-) diff --git a/.github/workflows/tfsec.yml b/.github/workflows/tfsec.yml index 018a45d..9aaf588 100644 --- a/.github/workflows/tfsec.yml +++ b/.github/workflows/tfsec.yml @@ -1,42 +1,11 @@ name: tfsec +permissions: write-all on: pull_request: - + workflow_dispatch: jobs: tfsec: - name: tfsec sarif report - runs-on: ubuntu-latest - - steps: - - name: Clone repo - uses: actions/checkout@master - - - name: tfsec - uses: aquasecurity/tfsec-sarif-action@v0.1.0 - with: - sarif_file: tfsec.sarif - working_directory: ./_example/ - full_repo_scan: true - - - name: Upload SARIF file - uses: github/codeql-action/upload-sarif@v1 - with: - # Path to SARIF file relative to the root of the repository - sarif_file: tfsec.sarif - - - name: tfsec commenter for PR - uses: tfsec/tfsec-pr-commenter-action@main - with: - GITHUB_TOKEN: ${{ secrets.GITHUB}} - working_directory: ./_example/ - - - - name: 'Terraform security scan Advanced' - uses: triat/terraform-security-scan@v3.0.3 - if: github.event_name == 'pull_request' - env: - GITHUB_TOKEN: ${{ secrets.GITHUB}} - tfsec_actions_working_dir: ./_example/ - tfsec_actions_comment: true - tfsec_output_format: sarif - continue-on-error: true + uses: clouddrove/github-shared-workflows/.github/workflows/tfsec.yml@master + secrets: inherit + with: + working_directory: '.' \ No newline at end of file diff --git a/variables.tf b/variables.tf index d2665b0..e018460 100644 --- a/variables.tf +++ b/variables.tf @@ -246,4 +246,10 @@ variable "retention_in_days" { type = number default = 0 description = "Specifies the number of days you want to retain log events in the specified log group." +} + +variable "multi_az_enabled" { + type = bool + default = false + description = "Specifies whether to enable Multi-AZ Support for the replication group. If true, automatic_failover_enabled must also be enabled. Defaults to false." } \ No newline at end of file From 749a96f0c95965c6d7f3bbbbee5193179deaae10 Mon Sep 17 00:00:00 2001 From: anmolnagpal Date: Tue, 9 May 2023 20:06:19 +0530 Subject: [PATCH 29/29] fix github action --- .github/workflows/terraform.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml index d73d44f..f54666b 100644 --- a/.github/workflows/terraform.yml +++ b/.github/workflows/terraform.yml @@ -31,7 +31,9 @@ jobs: - ${{ needs.versionExtract.outputs.minVersion }} - ${{ needs.versionExtract.outputs.maxVersion }} directory: - - _example/ + - _example/memcached + - _example/redis-cluster + - _example/redis steps: - name: Checkout