fix: Resolve pre-commit issues (#3)

.github/workflows/pre-commit.yml

@@ -56,12 +56,19 @@ jobs:
         with:
           directory: ${{ matrix.directory }}
 
+      - name: Install Terrascan
+        run: |
+          curl -L https://github.com/tenable/terrascan/releases/download/v1.19.1/terrascan_1.19.1_Linux_x86_64.tar.gz -o terrascan.tar.gz
+          tar -xzf terrascan.tar.gz terrascan
+          sudo mv terrascan /usr/local/bin/
+
       - name: Pre-commit Terraform ${{ steps.minMax.outputs.minVersion }}
         uses: clowdhaus/terraform-composite-actions/pre-commit@v1.9.0
         with:
           terraform-version: ${{ steps.minMax.outputs.minVersion }}
           tflint-version: ${{ env.TFLINT_VERSION }}
           terraform-docs-version: ${{ env.TERRAFORM_DOCS_VERSION }}
+          args: "--all-files --color always --show-diff-on-failure"
 
   preCommitMaxVersion:
     name: Max TF pre-commit
@@ -78,9 +85,16 @@ jobs:
         id: minMax
         uses: clowdhaus/terraform-min-max@v1.3.1
 
+      - name: Install Terrascan
+        run: |
+          curl -L https://github.com/tenable/terrascan/releases/download/v1.19.1/terrascan_1.19.1_Linux_x86_64.tar.gz -o terrascan.tar.gz
+          tar -xzf terrascan.tar.gz terrascan
+          sudo mv terrascan /usr/local/bin/
+
       - name: Pre-commit Terraform ${{ steps.minMax.outputs.maxVersion }}
         uses: clowdhaus/terraform-composite-actions/pre-commit@v1.9.0
         with:
           terraform-version: ${{ steps.minMax.outputs.maxVersion }}
           tflint-version: ${{ env.TFLINT_VERSION }}
           terraform-docs-version: ${{ env.TERRAFORM_DOCS_VERSION }}
+          args: "--all-files --color always --show-diff-on-failure"

.pre-commit-config.yaml

@@ -51,9 +51,12 @@ repos:
           --download-external-modules,"true",
           --quiet,
           --soft-fail,
+          --skip-check, "CKV_OCI_4,CKV_OCI_5"
         ]
 -   repo: https://github.com/tenable/terrascan
     rev: v1.19.1
     hooks:
       - id: terraform-pre-commit
         args: [ '-i terraform' ]
+        files: ^.*\.tf$
+        exclude: ^\.github/.*  # Exclude the .github directory

LICENSE

@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2022 Sebastian Czech
+Copyright (c) 2024 Sebastian Czech
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

README.md

@@ -29,3 +29,78 @@ vi terraform.tfvars
 ```bash
 terraform apply
 ```
+
+<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.3.0 |
+| <a name="requirement_oci"></a> [oci](#requirement\_oci) | ~> 6.7.0 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_oci"></a> [oci](#provider\_oci) | ~> 6.7.0 |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [oci_core_default_route_table.k8s_vcn_route_table](https://registry.terraform.io/providers/hashicorp/oci/latest/docs/resources/core_default_route_table) | resource |
+| [oci_core_default_security_list.k8s_vcn_security_list](https://registry.terraform.io/providers/hashicorp/oci/latest/docs/resources/core_default_security_list) | resource |
+| [oci_core_instance.k8s_node](https://registry.terraform.io/providers/hashicorp/oci/latest/docs/resources/core_instance) | resource |
+| [oci_core_internet_gateway.k8s_internet_gateway](https://registry.terraform.io/providers/hashicorp/oci/latest/docs/resources/core_internet_gateway) | resource |
+| [oci_core_subnet.k8s_subnet](https://registry.terraform.io/providers/hashicorp/oci/latest/docs/resources/core_subnet) | resource |
+| [oci_core_vcn.k8s_vcn](https://registry.terraform.io/providers/hashicorp/oci/latest/docs/resources/core_vcn) | resource |
+| [oci_network_load_balancer_backend.k8s_backend](https://registry.terraform.io/providers/hashicorp/oci/latest/docs/resources/network_load_balancer_backend) | resource |
+| [oci_network_load_balancer_backend.nginx_http_backend](https://registry.terraform.io/providers/hashicorp/oci/latest/docs/resources/network_load_balancer_backend) | resource |
+| [oci_network_load_balancer_backend_set.k8s_backend_set](https://registry.terraform.io/providers/hashicorp/oci/latest/docs/resources/network_load_balancer_backend_set) | resource |
+| [oci_network_load_balancer_backend_set.nginx_http_backend_set](https://registry.terraform.io/providers/hashicorp/oci/latest/docs/resources/network_load_balancer_backend_set) | resource |
+| [oci_network_load_balancer_listener.k8s_listener](https://registry.terraform.io/providers/hashicorp/oci/latest/docs/resources/network_load_balancer_listener) | resource |
+| [oci_network_load_balancer_listener.nginx_http_listener](https://registry.terraform.io/providers/hashicorp/oci/latest/docs/resources/network_load_balancer_listener) | resource |
+| [oci_network_load_balancer_network_load_balancer.k8s_network_load_balancer](https://registry.terraform.io/providers/hashicorp/oci/latest/docs/resources/network_load_balancer_network_load_balancer) | resource |
+| [oci_core_images.oci_ubuntu_images](https://registry.terraform.io/providers/hashicorp/oci/latest/docs/data-sources/core_images) | data source |
+| [oci_identity_availability_domains.ads](https://registry.terraform.io/providers/hashicorp/oci/latest/docs/data-sources/identity_availability_domains) | data source |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_availability_domains"></a> [availability\_domains](#input\_availability\_domains) | Availability domains in which instances are going to be created | `list(number)` | <pre>[<br>  0,<br>  1,<br>  2,<br>  0<br>]</pre> | no |
+| <a name="input_compartment_id"></a> [compartment\_id](#input\_compartment\_id) | Compartment ID | `string` | n/a | yes |
+| <a name="input_egress_security_rules"></a> [egress\_security\_rules](#input\_egress\_security\_rules) | Egress security rules | `list(map(string))` | `[]` | no |
+| <a name="input_id_rsa_pub"></a> [id\_rsa\_pub](#input\_id\_rsa\_pub) | SSH public key | `string` | n/a | yes |
+| <a name="input_ingress_security_rules"></a> [ingress\_security\_rules](#input\_ingress\_security\_rules) | Ingress security rules | `list(map(string))` | `[]` | no |
+| <a name="input_instance_count"></a> [instance\_count](#input\_instance\_count) | Number of instances to create | `number` | `4` | no |
+| <a name="input_instance_shape"></a> [instance\_shape](#input\_instance\_shape) | Shape of instance | `string` | `"VM.Standard.E2.1.Micro"` | no |
+| <a name="input_my_public_ip"></a> [my\_public\_ip](#input\_my\_public\_ip) | My public IP address | `string` | n/a | yes |
+| <a name="input_subnet_cidr_block"></a> [subnet\_cidr\_block](#input\_subnet\_cidr\_block) | Subnet CIDR | `string` | `"172.16.0.0/24"` | no |
+| <a name="input_vcn_cidr_block"></a> [vcn\_cidr\_block](#input\_vcn\_cidr\_block) | VCN CIDR | `string` | `"172.16.0.0/20"` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_availability_domain"></a> [availability\_domain](#output\_availability\_domain) | availability domain |
+| <a name="output_compute_instances"></a> [compute\_instances](#output\_compute\_instances) | Names and IPs of created instances |
+| <a name="output_compute_instances_public_ip"></a> [compute\_instances\_public\_ip](#output\_compute\_instances\_public\_ip) | Public IPs of created nodes |
+| <a name="output_lb_id"></a> [lb\_id](#output\_lb\_id) | ID of LB |
+| <a name="output_lb_public_ip"></a> [lb\_public\_ip](#output\_lb\_public\_ip) | Public IPs of LB |
+| <a name="output_oci_ubuntu_images"></a> [oci\_ubuntu\_images](#output\_oci\_ubuntu\_images) | List of possible Ubuntu images |
+| <a name="output_subnet_cidr"></a> [subnet\_cidr](#output\_subnet\_cidr) | CIDR block of the core subnet |
+| <a name="output_subnet_id"></a> [subnet\_id](#output\_subnet\_id) | ID of the core subnet |
+| <a name="output_subnet_state"></a> [subnet\_state](#output\_subnet\_state) | The state of the subnet |
+| <a name="output_vcn_cidr"></a> [vcn\_cidr](#output\_vcn\_cidr) | CIDR block of the core VCN |
+| <a name="output_vcn_id"></a> [vcn\_id](#output\_vcn\_id) | ID of the core VCN |
+| <a name="output_vcn_state"></a> [vcn\_state](#output\_vcn\_state) | the state of the VCN |
+<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
+
+## License
+
+MIT Licensed. See [LICENSE](LICENSE).

main.tf

@@ -4,8 +4,8 @@
 
 locals {
   # number_of_availability_domains = length(data.oci_identity_availability_domains.ads.availability_domains)
-  instance_image    = data.oci_core_images.oci_ubuntu_images.images[0].id
-  instance_firmware = data.oci_core_images.oci_ubuntu_images.images[0].launch_options[0].firmware
+  # instance_firmware = data.oci_core_images.oci_ubuntu_images.images[0].launch_options[0].firmware
+  instance_image = data.oci_core_images.oci_ubuntu_images.images[0].id
 }
 
 resource "oci_core_instance" "k8s_node" {

outputs.tf

@@ -19,7 +19,7 @@ output "vcn_id" {
 }
 
 output "subnet_state" {
-  description = "the state of the subnet"
+  description = "The state of the subnet"
   value       = oci_core_subnet.k8s_subnet.state
 }
 
@@ -34,21 +34,21 @@ output "subnet_cidr" {
 }
 
 output "compute_instances_public_ip" {
-  description = "public IPs of created nodes"
-  value       = ["${oci_core_instance.k8s_node.*.public_ip}"]
+  description = "Public IPs of created nodes"
+  value       = [oci_core_instance.k8s_node[*].public_ip]
 }
 
 output "compute_instances" {
+  description = "Names and IPs of created instances"
   value = {
-    name       = oci_core_instance.k8s_node.*.display_name
-    public_ip  = oci_core_instance.k8s_node.*.public_ip
-    private_ip = oci_core_instance.k8s_node.*.private_ip
+    name       = oci_core_instance.k8s_node[*].display_name
+    public_ip  = oci_core_instance.k8s_node[*].public_ip
+    private_ip = oci_core_instance.k8s_node[*].private_ip
   }
-  description = "names and IPs of created instances"
 }
 
 output "lb_public_ip" {
-  description = "public IPs of LB"
+  description = "Public IPs of LB"
   value       = oci_network_load_balancer_network_load_balancer.k8s_network_load_balancer.ip_addresses[0].ip_address
 }
 
@@ -58,11 +58,11 @@ output "lb_id" {
 }
 
 output "oci_ubuntu_images" {
-  description = "list of possible Ubuntu images"
+  description = "List of possible Ubuntu images"
   value = {
-    display_name             = data.oci_core_images.oci_ubuntu_images.images.*.display_name
-    operating_system         = data.oci_core_images.oci_ubuntu_images.images.*.operating_system
-    operating_system_version = data.oci_core_images.oci_ubuntu_images.images.*.operating_system_version
-    id                       = data.oci_core_images.oci_ubuntu_images.images.*.id
+    display_name             = data.oci_core_images.oci_ubuntu_images.images[*].display_name
+    operating_system         = data.oci_core_images.oci_ubuntu_images.images[*].operating_system
+    operating_system_version = data.oci_core_images.oci_ubuntu_images.images[*].operating_system_version
+    id                       = data.oci_core_images.oci_ubuntu_images.images[*].id
   }
 }

variables.tf

@@ -1,14 +1,14 @@
 variable "compartment_id" {
-  description = "compartment ID"
+  description = "Compartment ID"
   type        = string
 }
 
 variable "my_public_ip" {
-  description = "my public IP address"
+  description = "My public IP address"
   type        = string
   validation {
     condition     = can(cidrnetmask(var.my_public_ip))
-    error_message = "Public IP address must be a valid IPv4 CIDR"
+    error_message = "Public IP address must be a valid IPv4 CIDR."
   }
 }
 
@@ -18,13 +18,13 @@ variable "id_rsa_pub" {
 }
 
 variable "vcn_cidr_block" {
-  description = "vcn CIDR"
+  description = "VCN CIDR"
   type        = string
   default     = "172.16.0.0/20"
 }
 
 variable "subnet_cidr_block" {
-  description = "subnet CIDR"
+  description = "Subnet CIDR"
   type        = string
   default     = "172.16.0.0/24"
 }
@@ -37,14 +37,14 @@ variable "subnet_cidr_block" {
 # }
 
 variable "instance_shape" {
-  description = "shape of instance"
+  description = "Shape of instance"
   type        = string
   # default     = "VM.Standard.A1.Flex"
   default = "VM.Standard.E2.1.Micro"
 }
 
 variable "instance_count" {
-  description = "number of instances to create"
+  description = "Number of instances to create"
   type        = number
   default     = 4
 }
@@ -56,16 +56,13 @@ variable "availability_domains" {
 }
 
 variable "egress_security_rules" {
-  type    = list(map(string))
-  default = []
+  description = "Egress security rules"
+  type        = list(map(string))
+  default     = []
 }
 
 variable "ingress_security_rules" {
-  type    = list(map(string))
-  default = []
-}
-
-variable "create_ansible_inventory_vars" {
-  type    = bool
-  default = false
+  description = "Ingress security rules"
+  type        = list(map(string))
+  default     = []
 }