diff --git a/.github/ISSUE_TEMPLATE/bug_report.yml b/.github/ISSUE_TEMPLATE/bug_report.yml
new file mode 100644
index 0000000..94d3246
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/bug_report.yml
@@ -0,0 +1,72 @@
+---
+name: Bug report
+description: Create a report to help us improve
+labels: ["bug"]
+assignees: [""]
+body:
+ - type: markdown
+ attributes:
+ value: |
+ Found a bug?
+
+ Please checkout our [Slack Community](https://slack.cloudposse.com)
+ or visit our [Slack Archive](https://archive.sweetops.com/).
+
+ [](https://slack.cloudposse.com)
+
+ - type: textarea
+ id: concise-description
+ attributes:
+ label: Describe the Bug
+ description: A clear and concise description of what the bug is.
+ placeholder: What is the bug about?
+ validations:
+ required: true
+
+ - type: textarea
+ id: expected
+ attributes:
+ label: Expected Behavior
+ description: A clear and concise description of what you expected.
+ placeholder: What happened?
+ validations:
+ required: true
+
+ - type: textarea
+ id: reproduction-steps
+ attributes:
+ label: Steps to Reproduce
+ description: Steps to reproduce the behavior.
+ placeholder: How do we reproduce it?
+ validations:
+ required: true
+
+ - type: textarea
+ id: screenshots
+ attributes:
+ label: Screenshots
+ description: If applicable, add screenshots or logs to help explain.
+ validations:
+ required: false
+
+ - type: textarea
+ id: environment
+ attributes:
+ label: Environment
+ description: Anything that will help us triage the bug.
+ placeholder: |
+ - OS: [e.g. Linux, OSX, WSL, etc]
+ - Version [e.g. 10.15]
+ - Module version
+ - Terraform version
+ validations:
+ required: false
+
+ - type: textarea
+ id: additional
+ attributes:
+ label: Additional Context
+ description: |
+ Add any other context about the problem here.
+ validations:
+ required: false
diff --git a/.github/ISSUE_TEMPLATE/feature_request.yml b/.github/ISSUE_TEMPLATE/feature_request.yml
new file mode 100644
index 0000000..7b86672
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/feature_request.yml
@@ -0,0 +1,71 @@
+---
+name: Feature Request
+description: Suggest an idea for this project
+labels: ["feature request"]
+assignees: [""]
+body:
+ - type: markdown
+ attributes:
+ value: |
+ Have a question?
+
+ Please checkout our [Slack Community](https://slack.cloudposse.com)
+ or visit our [Slack Archive](https://archive.sweetops.com/).
+
+ [](https://slack.cloudposse.com)
+
+ - type: textarea
+ id: concise-description
+ attributes:
+ label: Describe the Feature
+ description: A clear and concise description of what the feature is.
+ placeholder: What is the feature about?
+ validations:
+ required: true
+
+ - type: textarea
+ id: expected
+ attributes:
+ label: Expected Behavior
+ description: A clear and concise description of what you expected.
+ placeholder: What happened?
+ validations:
+ required: true
+
+ - type: textarea
+ id: use-case
+ attributes:
+ label: Use Case
+ description: |
+ Is your feature request related to a problem/challenge you are trying
+ to solve?
+
+ Please provide some additional context of why this feature or
+ capability will be valuable.
+ validations:
+ required: true
+
+ - type: textarea
+ id: ideal-solution
+ attributes:
+ label: Describe Ideal Solution
+ description: A clear and concise description of what you want to happen.
+ validations:
+ required: true
+
+ - type: textarea
+ id: alternatives-considered
+ attributes:
+ label: Alternatives Considered
+ description: Explain alternative solutions or features considered.
+ validations:
+ required: false
+
+ - type: textarea
+ id: additional
+ attributes:
+ label: Additional Context
+ description: |
+ Add any other context about the problem here.
+ validations:
+ required: false
diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md
index 4b8f32d..8944933 100644
--- a/.github/PULL_REQUEST_TEMPLATE.md
+++ b/.github/PULL_REQUEST_TEMPLATE.md
@@ -1,13 +1,21 @@
## what
-* Describe high-level what changed as a result of these commits (i.e. in plain-english, what do these changes mean?)
-* Use bullet points to be concise and to the point.
+
+
## why
-* Provide the justifications for the changes (e.g. business case).
-* Describe why these changes were made (e.g. why do these commits fix the problem?)
-* Use bullet points to be concise and to the point.
+
+
## references
-* Link to any supporting github issues or helpful documentation to add some context (e.g. stackoverflow).
-* Use `closes #123`, if this PR closes a GitHub issue `#123`
+
diff --git a/.github/auto-release.yml b/.github/auto-release.yml
index b45efb7..cc9bf05 100644
--- a/.github/auto-release.yml
+++ b/.github/auto-release.yml
@@ -17,8 +17,8 @@ version-resolver:
- 'bugfix'
- 'bug'
- 'hotfix'
- - 'no-release'
default: 'minor'
+filter-by-commitish: true
categories:
- title: '🚀 Enhancements'
diff --git a/.github/mergify.yml b/.github/mergify.yml
index ef15545..148d85c 100644
--- a/.github/mergify.yml
+++ b/.github/mergify.yml
@@ -4,13 +4,17 @@ pull_request_rules:
- name: "approve automated PRs that have passed checks"
conditions:
- "author~=^(cloudpossebot|renovate\\[bot\\])$"
- - "base=master"
- "-closed"
- "head~=^(auto-update|renovate)/.*"
- "check-success=test/bats"
- "check-success=test/readme"
- "check-success=test/terratest"
- "check-success=validate-codeowners"
+ - or:
+ - "base=master"
+ - "base=main"
+ - "base~=^release/v\\d{1,2}$"
+
actions:
review:
type: "APPROVE"
@@ -20,7 +24,6 @@ pull_request_rules:
- name: "merge automated PRs when approved and tests pass"
conditions:
- "author~=^(cloudpossebot|renovate\\[bot\\])$"
- - "base=master"
- "-closed"
- "head~=^(auto-update|renovate)/.*"
- "check-success=test/bats"
@@ -30,6 +33,11 @@ pull_request_rules:
- "#approved-reviews-by>=1"
- "#changes-requested-reviews-by=0"
- "#commented-reviews-by=0"
+ - or:
+ - "base=master"
+ - "base=main"
+ - "base~=^release/v\\d{1,2}$"
+
actions:
merge:
method: "squash"
@@ -50,7 +58,10 @@ pull_request_rules:
- name: "remove outdated reviews"
conditions:
- - "base=master"
+ - or:
+ - "base=master"
+ - "base=main"
+ - "base~=^release/v\\d{1,2}$"
actions:
dismiss_reviews:
changes_requested: true
diff --git a/.github/renovate.json b/.github/renovate.json
index a780298..909df09 100644
--- a/.github/renovate.json
+++ b/.github/renovate.json
@@ -1,12 +1,14 @@
{
"extends": [
"config:base",
- ":preserveSemverRanges"
+ ":preserveSemverRanges",
+ ":rebaseStalePrs"
],
+ "baseBranches": ["main"],
"labels": ["auto-update"],
"dependencyDashboardAutoclose": true,
"enabledManagers": ["terraform"],
"terraform": {
- "ignorePaths": ["**/context.tf", "examples/**"]
+ "ignorePaths": ["**/context.tf"]
}
}
diff --git a/.github/workflows/feature-branch-chatops.yml b/.github/workflows/feature-branch-chatops.yml
new file mode 100644
index 0000000..9abfc61
--- /dev/null
+++ b/.github/workflows/feature-branch-chatops.yml
@@ -0,0 +1,16 @@
+---
+name: feature-branch-chatops
+on:
+ issue_comment:
+ types: [created]
+
+permissions:
+ pull-requests: write
+ id-token: write
+ contents: write
+
+jobs:
+ terraform-module:
+ uses: cloudposse/github-actions-workflows-terraform-module/.github/workflows/feature-branch-chatops.yml@main
+ secrets:
+ github_access_token: ${{ secrets.REPO_ACCESS_TOKEN }}
diff --git a/.github/workflows/feature-branch.yml b/.github/workflows/feature-branch.yml
new file mode 100644
index 0000000..8faa955
--- /dev/null
+++ b/.github/workflows/feature-branch.yml
@@ -0,0 +1,19 @@
+---
+name: feature-branch
+on:
+ pull_request:
+ branches:
+ - main
+ - release/**
+ types: [opened, synchronize, reopened, labeled, unlabeled]
+
+permissions:
+ pull-requests: write
+ id-token: write
+ contents: write
+
+jobs:
+ terraform-module:
+ uses: cloudposse/github-actions-workflows-terraform-module/.github/workflows/feature-branch.yml@main
+ secrets:
+ github_access_token: ${{ secrets.REPO_ACCESS_TOKEN }}
diff --git a/.github/workflows/release-branch.yml b/.github/workflows/release-branch.yml
new file mode 100644
index 0000000..b30901e
--- /dev/null
+++ b/.github/workflows/release-branch.yml
@@ -0,0 +1,23 @@
+---
+name: release-branch
+on:
+ push:
+ branches:
+ - main
+ - release/**
+ paths-ignore:
+ - '.github/**'
+ - 'docs/**'
+ - 'examples/**'
+ - 'test/**'
+ - 'README.*'
+
+permissions:
+ contents: write
+ id-token: write
+
+jobs:
+ terraform-module:
+ uses: cloudposse/github-actions-workflows-terraform-module/.github/workflows/release-branch.yml@main
+ secrets:
+ github_access_token: ${{ secrets.REPO_ACCESS_TOKEN }}
diff --git a/.github/workflows/release-published.yml b/.github/workflows/release-published.yml
new file mode 100644
index 0000000..b31232b
--- /dev/null
+++ b/.github/workflows/release-published.yml
@@ -0,0 +1,14 @@
+---
+name: release-published
+on:
+ release:
+ types:
+ - published
+
+permissions:
+ contents: write
+ id-token: write
+
+jobs:
+ terraform-module:
+ uses: cloudposse/github-actions-workflows-terraform-module/.github/workflows/release-published.yml@main
diff --git a/.github/workflows/scheduled.yml b/.github/workflows/scheduled.yml
new file mode 100644
index 0000000..163be0b
--- /dev/null
+++ b/.github/workflows/scheduled.yml
@@ -0,0 +1,17 @@
+---
+name: scheduled
+on:
+ workflow_dispatch: { } # Allows manually trigger this workflow
+ schedule:
+ - cron: "0 3 * * *"
+
+permissions:
+ pull-requests: write
+ id-token: write
+ contents: write
+
+jobs:
+ scheduled:
+ uses: cloudposse/github-actions-workflows-terraform-module/.github/workflows/scheduled.yml@main
+ secrets:
+ github_access_token: ${{ secrets.REPO_ACCESS_TOKEN }}
diff --git a/README.md b/README.md
index 1956b86..e9273a6 100644
--- a/README.md
+++ b/README.md
@@ -88,10 +88,6 @@ We highly recommend that in your code you pin the version to the exact version y
using so that your infrastructure remains stable, and update versions in a
systematic way so that they do not catch you by surprise.
-Also, because of a bug in the Terraform registry ([hashicorp/terraform#21417](https://github.com/hashicorp/terraform/issues/21417)),
-the registry shows many of our inputs as required when in fact they are optional.
-The table below correctly indicates which inputs are required.
-
For a complete example, see [examples/complete](examples/complete).
@@ -221,6 +217,7 @@ Available targets:
| [requirements\_s3\_path](#input\_requirements\_s3\_path) | The relative path to the requirements.txt file on your Amazon S3 storage bucket. For example, requirements.txt. If a relative path is provided in the request, then requirements\_s3\_object\_version is required | `string` | `null` | no |
| [scheduler\_logs\_enabled](#input\_scheduler\_logs\_enabled) | Enabling or disabling the collection of logs for the schedulers | `bool` | `false` | no |
| [scheduler\_logs\_level](#input\_scheduler\_logs\_level) | Schedulers logging level. Valid values: CRITICAL, ERROR, WARNING, INFO, DEBUG | `string` | `"INFO"` | no |
+| [schedulers](#input\_schedulers) | The number of schedulers that you want to run in your environment. v2.0.2 and above accepts 2 - 5, default 2. v1.10.12 accepts 1 | `string` | `null` | no |
| [security\_group\_create\_before\_destroy](#input\_security\_group\_create\_before\_destroy) | Set `true` to enable Terraform `create_before_destroy` behavior on the created security group.
We only recommend setting this `false` if you are upgrading this module and need to keep
the existing security group from being replaced.
Note that changing this value will always cause the security group to be replaced. | `bool` | `true` | no |
| [security\_group\_create\_timeout](#input\_security\_group\_create\_timeout) | How long to wait for the security group to be created. | `string` | `"10m"` | no |
| [security\_group\_delete\_timeout](#input\_security\_group\_delete\_timeout) | How long to retry on `DependencyViolation` errors during security group deletion from
lingering ENIs left by certain AWS services such as Elastic Load Balancing. | `string` | `"15m"` | no |
@@ -228,6 +225,8 @@ Available targets:
| [security\_group\_name](#input\_security\_group\_name) | The name to assign to the created security group. Must be unique within the VPC.
If not provided, will be derived from the `null-label.context` passed in.
If `create_before_destroy` is true, will be used as a name prefix. | `list(string)` | `[]` | no |
| [source\_bucket\_arn](#input\_source\_bucket\_arn) | If `create_s3_bucket` is `false` then set this to the Amazon Resource Name (ARN) of your Amazon S3 storage bucket. | `string` | `null` | no |
| [stage](#input\_stage) | ID element. Usually used to indicate role, e.g. 'prod', 'staging', 'source', 'build', 'test', 'deploy', 'release' | `string` | `null` | no |
+| [startup\_script\_s3\_object\_version](#input\_startup\_script\_s3\_object\_version) | The version of the startup shell script you want to use. You must specify the version ID that Amazon S3 assigns to the file every time you update the script. | `string` | `null` | no |
+| [startup\_script\_s3\_path](#input\_startup\_script\_s3\_path) | The relative path to the script hosted in your bucket. The script runs as your environment starts before starting the Apache Airflow process. | `string` | `null` | no |
| [subnet\_ids](#input\_subnet\_ids) | The private subnet IDs in which the environment should be created. MWAA requires two subnets | `list(string)` | n/a | yes |
| [tags](#input\_tags) | Additional tags (e.g. `{'BusinessUnit': 'XYZ'}`).
Neither the tag keys nor the tag values will be modified by this module. | `map(string)` | `{}` | no |
| [task\_logs\_enabled](#input\_task\_logs\_enabled) | Enabling or disabling the collection of logs for DAG tasks | `bool` | `false` | no |
@@ -358,7 +357,7 @@ In general, PRs are welcome. We follow the typical "fork-and-pull" Git workflow.
## Copyrights
-Copyright © 2022-2022 [Cloud Posse, LLC](https://cloudposse.com)
+Copyright © 2022-2023 [Cloud Posse, LLC](https://cloudposse.com)
@@ -429,7 +428,7 @@ Check out [our other projects][github], [follow us on twitter][twitter], [apply
[![README Footer][readme_footer_img]][readme_footer_link]
[![Beacon][beacon]][website]
-
+
[logo]: https://cloudposse.com/logo-300x69.svg
[docs]: https://cpco.io/docs?utm_source=github&utm_medium=readme&utm_campaign=cloudposse/terraform-aws-mwaa&utm_content=docs
[website]: https://cpco.io/homepage?utm_source=github&utm_medium=readme&utm_campaign=cloudposse/terraform-aws-mwaa&utm_content=website
@@ -460,3 +459,4 @@ Check out [our other projects][github], [follow us on twitter][twitter], [apply
[share_googleplus]: https://plus.google.com/share?url=https://github.com/cloudposse/terraform-aws-mwaa
[share_email]: mailto:?subject=terraform-aws-mwaa&body=https://github.com/cloudposse/terraform-aws-mwaa
[beacon]: https://ga-beacon.cloudposse.com/UA-76589703-4/cloudposse/terraform-aws-mwaa?pixel&cs=github&cm=readme&an=terraform-aws-mwaa
+
diff --git a/docs/terraform.md b/docs/terraform.md
index 44596c8..20d1f64 100644
--- a/docs/terraform.md
+++ b/docs/terraform.md
@@ -77,6 +77,7 @@
| [requirements\_s3\_path](#input\_requirements\_s3\_path) | The relative path to the requirements.txt file on your Amazon S3 storage bucket. For example, requirements.txt. If a relative path is provided in the request, then requirements\_s3\_object\_version is required | `string` | `null` | no |
| [scheduler\_logs\_enabled](#input\_scheduler\_logs\_enabled) | Enabling or disabling the collection of logs for the schedulers | `bool` | `false` | no |
| [scheduler\_logs\_level](#input\_scheduler\_logs\_level) | Schedulers logging level. Valid values: CRITICAL, ERROR, WARNING, INFO, DEBUG | `string` | `"INFO"` | no |
+| [schedulers](#input\_schedulers) | The number of schedulers that you want to run in your environment. v2.0.2 and above accepts 2 - 5, default 2. v1.10.12 accepts 1 | `string` | `null` | no |
| [security\_group\_create\_before\_destroy](#input\_security\_group\_create\_before\_destroy) | Set `true` to enable Terraform `create_before_destroy` behavior on the created security group.
We only recommend setting this `false` if you are upgrading this module and need to keep
the existing security group from being replaced.
Note that changing this value will always cause the security group to be replaced. | `bool` | `true` | no |
| [security\_group\_create\_timeout](#input\_security\_group\_create\_timeout) | How long to wait for the security group to be created. | `string` | `"10m"` | no |
| [security\_group\_delete\_timeout](#input\_security\_group\_delete\_timeout) | How long to retry on `DependencyViolation` errors during security group deletion from
lingering ENIs left by certain AWS services such as Elastic Load Balancing. | `string` | `"15m"` | no |
@@ -84,6 +85,8 @@
| [security\_group\_name](#input\_security\_group\_name) | The name to assign to the created security group. Must be unique within the VPC.
If not provided, will be derived from the `null-label.context` passed in.
If `create_before_destroy` is true, will be used as a name prefix. | `list(string)` | `[]` | no |
| [source\_bucket\_arn](#input\_source\_bucket\_arn) | If `create_s3_bucket` is `false` then set this to the Amazon Resource Name (ARN) of your Amazon S3 storage bucket. | `string` | `null` | no |
| [stage](#input\_stage) | ID element. Usually used to indicate role, e.g. 'prod', 'staging', 'source', 'build', 'test', 'deploy', 'release' | `string` | `null` | no |
+| [startup\_script\_s3\_object\_version](#input\_startup\_script\_s3\_object\_version) | The version of the startup shell script you want to use. You must specify the version ID that Amazon S3 assigns to the file every time you update the script. | `string` | `null` | no |
+| [startup\_script\_s3\_path](#input\_startup\_script\_s3\_path) | The relative path to the script hosted in your bucket. The script runs as your environment starts before starting the Apache Airflow process. | `string` | `null` | no |
| [subnet\_ids](#input\_subnet\_ids) | The private subnet IDs in which the environment should be created. MWAA requires two subnets | `list(string)` | n/a | yes |
| [tags](#input\_tags) | Additional tags (e.g. `{'BusinessUnit': 'XYZ'}`).
Neither the tag keys nor the tag values will be modified by this module. | `map(string)` | `{}` | no |
| [task\_logs\_enabled](#input\_task\_logs\_enabled) | Enabling or disabling the collection of logs for DAG tasks | `bool` | `false` | no |
diff --git a/examples/complete/main.tf b/examples/complete/main.tf
index 624afc4..a4f9a03 100644
--- a/examples/complete/main.tf
+++ b/examples/complete/main.tf
@@ -1,6 +1,6 @@
module "vpc" {
source = "cloudposse/vpc/aws"
- version = "0.28.1"
+ version = "2.1.0"
cidr_block = "172.16.0.0/16"
@@ -9,7 +9,7 @@ module "vpc" {
module "subnets" {
source = "cloudposse/dynamic-subnets/aws"
- version = "0.39.8"
+ version = "2.1.0"
availability_zones = var.availability_zones
vpc_id = module.vpc.vpc_id
diff --git a/examples/minimal/main.tf b/examples/minimal/main.tf
index 54356bf..1b90ad1 100644
--- a/examples/minimal/main.tf
+++ b/examples/minimal/main.tf
@@ -1,6 +1,6 @@
module "vpc" {
source = "cloudposse/vpc/aws"
- version = "0.28.1"
+ version = "2.1.0"
cidr_block = "172.16.0.0/16"
@@ -9,7 +9,7 @@ module "vpc" {
module "subnets" {
source = "cloudposse/dynamic-subnets/aws"
- version = "0.39.8"
+ version = "2.1.0"
availability_zones = var.availability_zones
vpc_id = module.vpc.vpc_id
diff --git a/main.tf b/main.tf
index 51cb348..70c67df 100644
--- a/main.tf
+++ b/main.tf
@@ -211,22 +211,25 @@ module "mwaa_iam_role" {
resource "aws_mwaa_environment" "default" {
count = local.enabled ? 1 : 0
- name = module.this.id
- airflow_configuration_options = var.airflow_configuration_options
- airflow_version = var.airflow_version
- dag_s3_path = var.dag_s3_path
- environment_class = var.environment_class
- kms_key = var.kms_key
- max_workers = var.max_workers
- min_workers = var.min_workers
- plugins_s3_object_version = var.plugins_s3_object_version
- plugins_s3_path = var.plugins_s3_path
- requirements_s3_object_version = var.requirements_s3_object_version
- requirements_s3_path = var.requirements_s3_path
- webserver_access_mode = var.webserver_access_mode
- weekly_maintenance_window_start = var.weekly_maintenance_window_start
- source_bucket_arn = local.s3_bucket_arn
- execution_role_arn = local.execution_role_arn
+ name = module.this.id
+ airflow_configuration_options = var.airflow_configuration_options
+ airflow_version = var.airflow_version
+ dag_s3_path = var.dag_s3_path
+ environment_class = var.environment_class
+ kms_key = var.kms_key
+ max_workers = var.max_workers
+ min_workers = var.min_workers
+ plugins_s3_object_version = var.plugins_s3_object_version
+ plugins_s3_path = var.plugins_s3_path
+ requirements_s3_object_version = var.requirements_s3_object_version
+ requirements_s3_path = var.requirements_s3_path
+ startup_script_s3_object_version = var.startup_script_s3_object_version
+ startup_script_s3_path = var.startup_script_s3_path
+ webserver_access_mode = var.webserver_access_mode
+ weekly_maintenance_window_start = var.weekly_maintenance_window_start
+ schedulers = var.schedulers
+ source_bucket_arn = local.s3_bucket_arn
+ execution_role_arn = local.execution_role_arn
logging_configuration {
dag_processing_logs {
diff --git a/variables.tf b/variables.tf
index cb52d4e..aac4af0 100644
--- a/variables.tf
+++ b/variables.tf
@@ -169,3 +169,21 @@ variable "subnet_ids" {
type = list(string)
description = "The private subnet IDs in which the environment should be created. MWAA requires two subnets"
}
+
+variable "startup_script_s3_path" {
+ type = string
+ description = "The relative path to the script hosted in your bucket. The script runs as your environment starts before starting the Apache Airflow process."
+ default = null
+}
+
+variable "startup_script_s3_object_version" {
+ type = string
+ description = "The version of the startup shell script you want to use. You must specify the version ID that Amazon S3 assigns to the file every time you update the script."
+ default = null
+}
+
+variable "schedulers" {
+ type = string
+ description = "The number of schedulers that you want to run in your environment. v2.0.2 and above accepts 2 - 5, default 2. v1.10.12 accepts 1"
+ default = null
+}