Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Properly handle enabled = false #45

Merged
merged 3 commits into from
Mar 24, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
72 changes: 72 additions & 0 deletions .github/ISSUE_TEMPLATE/bug_report.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,72 @@
---
name: Bug report
description: Create a report to help us improve
labels: ["bug"]
assignees: [""]
body:
- type: markdown
attributes:
value: |
Found a bug?

Please checkout our [Slack Community](https://slack.cloudposse.com)
or visit our [Slack Archive](https://archive.sweetops.com/).

[![Slack Community](https://slack.cloudposse.com/badge.svg)](https://slack.cloudposse.com)

- type: textarea
id: concise-description
attributes:
label: Describe the Bug
description: A clear and concise description of what the bug is.
placeholder: What is the bug about?
validations:
required: true

- type: textarea
id: expected
attributes:
label: Expected Behavior
description: A clear and concise description of what you expected.
placeholder: What happened?
validations:
required: true

- type: textarea
id: reproduction-steps
attributes:
label: Steps to Reproduce
description: Steps to reproduce the behavior.
placeholder: How do we reproduce it?
validations:
required: true

- type: textarea
id: screenshots
attributes:
label: Screenshots
description: If applicable, add screenshots or logs to help explain.
validations:
required: false

- type: textarea
id: environment
attributes:
label: Environment
description: Anything that will help us triage the bug.
placeholder: |
- OS: [e.g. Linux, OSX, WSL, etc]
- Version [e.g. 10.15]
- Module version
- Terraform version
validations:
required: false

- type: textarea
id: additional
attributes:
label: Additional Context
description: |
Add any other context about the problem here.
validations:
required: false
71 changes: 71 additions & 0 deletions .github/ISSUE_TEMPLATE/feature_request.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,71 @@
---
name: Feature Request
description: Suggest an idea for this project
labels: ["feature request"]
assignees: [""]
body:
- type: markdown
attributes:
value: |
Have a question?

Please checkout our [Slack Community](https://slack.cloudposse.com)
or visit our [Slack Archive](https://archive.sweetops.com/).

[![Slack Community](https://slack.cloudposse.com/badge.svg)](https://slack.cloudposse.com)

- type: textarea
id: concise-description
attributes:
label: Describe the Feature
description: A clear and concise description of what the feature is.
placeholder: What is the feature about?
validations:
required: true

- type: textarea
id: expected
attributes:
label: Expected Behavior
description: A clear and concise description of what you expected.
placeholder: What happened?
validations:
required: true

- type: textarea
id: use-case
attributes:
label: Use Case
description: |
Is your feature request related to a problem/challenge you are trying
to solve?

Please provide some additional context of why this feature or
capability will be valuable.
validations:
required: true

- type: textarea
id: ideal-solution
attributes:
label: Describe Ideal Solution
description: A clear and concise description of what you want to happen.
validations:
required: true

- type: textarea
id: alternatives-considered
attributes:
label: Alternatives Considered
description: Explain alternative solutions or features considered.
validations:
required: false

- type: textarea
id: additional
attributes:
label: Additional Context
description: |
Add any other context about the problem here.
validations:
required: false
22 changes: 15 additions & 7 deletions .github/PULL_REQUEST_TEMPLATE.md
Original file line number Diff line number Diff line change
@@ -1,13 +1,21 @@
## what
* Describe high-level what changed as a result of these commits (i.e. in plain-english, what do these changes mean?)
* Use bullet points to be concise and to the point.

<!--
- Describe high-level what changed as a result of these commits (i.e. in plain-english, what do these changes mean?)
- Use bullet points to be concise and to the point.
-->

## why
* Provide the justifications for the changes (e.g. business case).
* Describe why these changes were made (e.g. why do these commits fix the problem?)
* Use bullet points to be concise and to the point.

<!--
- Provide the justifications for the changes (e.g. business case).
- Describe why these changes were made (e.g. why do these commits fix the problem?)
- Use bullet points to be concise and to the point.
-->

## references
* Link to any supporting github issues or helpful documentation to add some context (e.g. stackoverflow).
* Use `closes #123`, if this PR closes a GitHub issue `#123`

<!--
- Link to any supporting github issues or helpful documentation to add some context (e.g. stackoverflow).
- Use `closes #123`, if this PR closes a GitHub issue `#123`
-->
4 changes: 2 additions & 2 deletions .github/workflows/auto-context.yml
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ jobs:
make init
make github/init/context.tf
make readme/build
echo "::set-output name=create_pull_request::true"
echo "create_pull_request=true" >> "$GITHUB_OUTPUT"
fi
else
echo "This module has not yet been updated to support the context.tf pattern! Please update in order to support automatic updates."
Expand All @@ -37,7 +37,7 @@ jobs:
if: steps.update.outputs.create_pull_request == 'true'
uses: cloudposse/actions/github/[email protected]
with:
token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }}
token: ${{ secrets.REPO_ACCESS_TOKEN }}
committer: 'cloudpossebot <[email protected]>'
author: 'cloudpossebot <[email protected]>'
commit-message: Update context.tf from origin source
Expand Down
10 changes: 5 additions & 5 deletions .github/workflows/auto-format.yml
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ jobs:
if: github.event.pull_request.state == 'open'
name: Privileged Checkout
with:
token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }}
token: ${{ secrets.REPO_ACCESS_TOKEN }}
repository: ${{ github.event.pull_request.head.repo.full_name }}
# Check out the PR commit, not the merge commit
# Use `ref` instead of `sha` to enable pushing back to `ref`
Expand All @@ -30,7 +30,7 @@ jobs:
if: github.event.pull_request.state == 'open'
shell: bash
env:
GITHUB_TOKEN: "${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }}"
GITHUB_TOKEN: "${{ secrets.REPO_ACCESS_TOKEN }}"
run: make BUILD_HARNESS_PATH=/build-harness PACKAGES_PREFER_HOST=true -f /build-harness/templates/Makefile.build-harness pr/auto-format/host

# Commit changes (if any) to the PR branch
Expand All @@ -54,10 +54,10 @@ jobs:
[[ $SENDER == "cloudpossebot" ]] || git push
# Set status to fail, because the push should trigger another status check,
# and we use success to indicate the checks are finished.
printf "::set-output name=%s::%s\n" "changed" "true"
echo "changed=true" >> "$GITHUB_OUTPUT"
exit 1
else
printf "::set-output name=%s::%s\n" "changed" "false"
echo "changed=false" >> "$GITHUB_OUTPUT"
echo "No changes detected"
fi

Expand All @@ -75,7 +75,7 @@ jobs:
contains(' 37929162 29139614 11232728 ', format(' {0} ', github.event.pull_request.user.id))
&& steps.commit.outputs.changed == 'false' && github.event.pull_request.state == 'open'
with:
token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }}
token: ${{ secrets.REPO_ACCESS_TOKEN }}
repository: cloudposse/actions
event-type: test-command
client-payload: |-
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/auto-readme.yml
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ jobs:
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
run: |
default_branch=$(gh repo view --json defaultBranchRef --jq .defaultBranchRef.name)
printf "::set-output name=defaultBranch::%s\n" "${default_branch}"
echo "defaultBranch=${default_branch}" >> "$GITHUB_OUTPUT"
printf "defaultBranchRef.name=%s\n" "${default_branch}"

- name: Update readme
Expand All @@ -52,7 +52,7 @@ jobs:
# If a PR of the auto-update/readme branch is open, this action will just update it, not create a new PR.
uses: cloudposse/actions/github/[email protected]
with:
token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }}
token: ${{ secrets.REPO_ACCESS_TOKEN }}
commit-message: Update README.md and docs
title: Update README.md and docs
body: |-
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/auto-release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -15,12 +15,12 @@ jobs:
- uses: actions-ecosystem/action-get-merged-pull-request@v1
id: get-merged-pull-request
with:
github_token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }}
github_token: ${{ secrets.REPO_ACCESS_TOKEN }}
# Drafts your next Release notes as Pull Requests are merged into "main"
- uses: release-drafter/release-drafter@v5
with:
publish: ${{ !contains(steps.get-merged-pull-request.outputs.labels, 'no-release') }}
prerelease: false
config-name: auto-release.yml
env:
GITHUB_TOKEN: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }}
GITHUB_TOKEN: ${{ secrets.REPO_ACCESS_TOKEN }}
4 changes: 2 additions & 2 deletions .github/workflows/chatops.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ jobs:
- name: "Handle common commands"
uses: cloudposse/actions/github/[email protected]
with:
token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }}
token: ${{ secrets.REPO_ACCESS_TOKEN }}
reaction-token: ${{ secrets.GITHUB_TOKEN }}
repository: cloudposse/actions
commands: rebuild-readme, terraform-fmt
Expand All @@ -26,7 +26,7 @@ jobs:
- name: "Run tests"
uses: cloudposse/actions/github/[email protected]
with:
token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }}
token: ${{ secrets.REPO_ACCESS_TOKEN }}
reaction-token: ${{ secrets.GITHUB_TOKEN }}
repository: cloudposse/actions
commands: test
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/validate-codeowners.yml
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ jobs:
checks: "syntax,owners,duppatterns"
owner_checker_allow_unowned_patterns: "false"
# GitHub access token is required only if the `owners` check is enabled
github_access_token: "${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }}"
github_access_token: "${{ secrets.REPO_ACCESS_TOKEN }}"
- uses: mszostok/[email protected]
if: github.event.pull_request.head.repo.full_name != github.repository
name: "Syntax check of CODEOWNERS"
Expand Down
2 changes: 1 addition & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -858,7 +858,7 @@ In general, PRs are welcome. We follow the typical "fork-and-pull" Git workflow.

## Copyrights

Copyright © 2021-2022 [Cloud Posse, LLC](https://cloudposse.com)
Copyright © 2021-2023 [Cloud Posse, LLC](https://cloudposse.com)



Expand Down
39 changes: 16 additions & 23 deletions examples/complete/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -10,22 +10,24 @@ provider "aws" {

module "vpc" {
source = "cloudposse/vpc/aws"
version = "v1.1.0"
version = "v2.0.0"

cidr_block = "10.0.0.0/24"
ipv4_primary_cidr_block = "10.0.0.0/24"

assign_generated_ipv6_cidr_block = true

context = module.this.context
}

resource "random_integer" "coin" {
max = 2
min = 1
count = local.enabled ? 1 : 0
max = 2
min = 1
}

locals {
coin = [random_integer.coin.result]
enabled = module.this.enabled
coin = local.enabled ? random_integer.coin[0].result : 0
}

module "simple_security_group" {
Expand All @@ -51,11 +53,11 @@ module "new_security_group" {
key = "stable"
# Allow ingress on ports 22 and 80 from created security group, existing security group, and CIDR "10.0.0.0/8"
# The dynamic value for source_security_group_ids breaks Terraform 0.13 but should work in 0.14 or later
source_security_group_ids = [aws_security_group.target.id]
source_security_group_ids = local.enabled ? [aws_security_group.target[0].id] : ["disabled"]
# Either dynamic value for CIDRs breaks Terraform 0.13 but should work in 0.14 or later
# In TF 0.14 and later (through 1.0.x) if the length of the cidr_blocks
# list is not available at plan time, the module breaks.
cidr_blocks = random_integer.coin.result > 1 ? ["10.0.0.0/16"] : ["10.0.0.0/24"]
cidr_blocks = local.coin > 1 ? ["10.0.0.0/16"] : ["10.0.0.0/24"]
ipv6_cidr_blocks = [module.vpc.vpc_ipv6_cidr_block]
prefix_list_ids = []

Expand Down Expand Up @@ -103,7 +105,7 @@ module "new_security_group" {
from_port = 443
to_port = 443
protocol = "tcp"
source_security_group_id = aws_security_group.target.id
source_security_group_id = local.enabled ? aws_security_group.target[0].id : "disabled"
description = "Discrete HTTPS ingress for special SG"
self = null
}],
Expand All @@ -124,6 +126,10 @@ module "new_security_group" {
# Create rules for pre-created security group

resource "aws_security_group" "target" {
#bridgecrew:skip=BC_AWS_NETWORKING_31:Not needed for testing
#bridgecrew:skip=BC_AWS_NETWORKING_51:Not needed for testing
count = local.enabled ? 1 : 0
aknysh marked this conversation as resolved.
Show resolved Hide resolved
aknysh marked this conversation as resolved.
Show resolved Hide resolved

name_prefix = format("%s-%s-", module.this.id, "existing")
vpc_id = module.vpc.vpc_id
tags = module.this.tags
Expand All @@ -134,24 +140,11 @@ module "target_security_group" {

allow_all_egress = true
# create_security_group = false
target_security_group_id = [aws_security_group.target.id]
target_security_group_id = local.enabled ? [aws_security_group.target[0].id] : ["disabled"]
rules = var.rules

security_group_name = [aws_security_group.target.name_prefix]
security_group_name = local.enabled ? [aws_security_group.target[0].name_prefix] : ["disabled"]
vpc_id = module.vpc.vpc_id

context = module.this.context
}

# Disabled module

module "disabled_security_group" {
source = "../.."

vpc_id = module.vpc.vpc_id
target_security_group_id = [aws_security_group.target.id]
rules = var.rules

context = module.this.context
enabled = false
}
Loading