From 8f134cde035287edc74e6f6dc1b19df63ba04f47 Mon Sep 17 00:00:00 2001
From: briskt <3172830+briskt@users.noreply.github.com>
Date: Mon, 11 Nov 2024 16:21:14 +0800
Subject: [PATCH 1/5] use shared workflow

---
 .github/workflows/terraform.yml | 40 ++++++---------------------------
 1 file changed, 7 insertions(+), 33 deletions(-)

diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml
index c6fb94b..a688fa7 100644
--- a/.github/workflows/terraform.yml
+++ b/.github/workflows/terraform.yml
@@ -1,38 +1,12 @@
-# This workflow installs the latest version of Terraform CLI. On pull request events, this workflow will run
-# `terraform init`, `terraform fmt`, and `terraform plan`.
-#
-# Documentation for `hashicorp/setup-terraform` is located here: https://github.com/hashicorp/setup-terraform
-
-name: 'Terraform'
+name: Terraform
 
 on:
   push:
-    branches: ["**"]
+    branches: [ '**' ]
 
 jobs:
-  terraform:
-    name: 'Terraform'
-    runs-on: ubuntu-latest
-
-    steps:
-    # Checkout the repository to the GitHub Actions runner
-    - name: Checkout
-      uses: actions/checkout@v4
-
-    # Install the latest version of Terraform CLI
-    - name: Setup Terraform
-      uses: hashicorp/setup-terraform@v3
-      with:
-        terraform_version: "<1.6.0" # only use open source version of Terraform
-
-    # Checks that all Terraform configuration files adhere to a canonical format
-    - name: Terraform Format
-      run: terraform fmt -check -diff -recursive
-
-    # Initialize a new or existing Terraform working directory by creating initial files, loading any remote state, downloading modules, etc.
-    - name: Terraform Init
-      run: terraform init -backend=false
-
-    # Validate the files, referring only to the configuration and not accessing any remote services
-    - name: Terraform Validate
-      run: terraform validate
+  build:
+    uses: silinternational/workflows/.github/workflows/terraform.yml@main
+    with:
+      # validate with the earliest version allowed by required_version in versions.tf
+      terraform-version: '~> 1.1'

From 061d09706e209dea80269f7a030b5cb10fe9f142 Mon Sep 17 00:00:00 2001
From: briskt <3172830+briskt@users.noreply.github.com>
Date: Mon, 11 Nov 2024 16:21:42 +0800
Subject: [PATCH 2/5] remove unused code

---
 main.tf | 1 -
 1 file changed, 1 deletion(-)

diff --git a/main.tf b/main.tf
index 7b0b4e6..6981c75 100644
--- a/main.tf
+++ b/main.tf
@@ -8,7 +8,6 @@ locals {
   create_cd_user         = !local.is_multiregion || local.is_multiregion_primary
   mysql_database         = "session"
   mysql_user             = "root"
-  name_tag_suffix        = "${var.app_name}-${var.customer}-${local.app_environment}"
   tags = {
     managed_by        = "terraform"
     workspace         = terraform.workspace

From a4040b21f92c0eb86c2ca3668571be3bc8cdf63a Mon Sep 17 00:00:00 2001
From: briskt <3172830+briskt@users.noreply.github.com>
Date: Mon, 11 Nov 2024 16:22:04 +0800
Subject: [PATCH 3/5] bump Terraform version to account for 'cloud' block

---
 versions.tf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/versions.tf b/versions.tf
index 3a86e55..7ffed99 100644
--- a/versions.tf
+++ b/versions.tf
@@ -1,6 +1,6 @@
 
 terraform {
-  required_version = ">= 0.14"
+  required_version = ">= 1.1"
   required_providers {
     aws = {
       version = ">= 4.0.0, < 6.0.0"

From 65bfb12f5b67e5d80fa62c64ed8e347e82c53dd0 Mon Sep 17 00:00:00 2001
From: briskt <3172830+briskt@users.noreply.github.com>
Date: Mon, 11 Nov 2024 16:23:29 +0800
Subject: [PATCH 4/5] add variable to control AWS Backup retention

---
 main.tf | 4 +++-
 vars.tf | 6 ++++++
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/main.tf b/main.tf
index 6981c75..db84bad 100644
--- a/main.tf
+++ b/main.tf
@@ -202,7 +202,7 @@ module "aws_backup" {
   count = var.enable_aws_backup ? 1 : 0
 
   source  = "silinternational/backup/aws"
-  version = "0.2.0"
+  version = "0.2.2"
 
   app_name = "${var.app_name}-${var.aws_region}"
   app_env  = var.app_env
@@ -214,4 +214,6 @@ module "aws_backup" {
   notification_events    = var.aws_backup_notification_events
   sns_topic_name         = "${local.app_name_and_env}-backup-vault-events"
   sns_email_subscription = var.backup_sns_email
+  cold_storage_after     = 0
+  delete_after           = var.delete_recovery_point_after_days
 }
diff --git a/vars.tf b/vars.tf
index dd556b1..99edd8d 100644
--- a/vars.tf
+++ b/vars.tf
@@ -248,3 +248,9 @@ variable "backup_sns_email" {
   type        = string
   default     = ""
 }
+
+variable "delete_recovery_point_after_days" {
+  description = "Number of days after which AWS Backup recovery points are deleted"
+  type        = number
+  default     = 30
+}

From 5219cc29074571def23db65dbd8aa5df9e173d6d Mon Sep 17 00:00:00 2001
From: briskt <3172830+briskt@users.noreply.github.com>
Date: Tue, 12 Nov 2024 08:48:12 +0800
Subject: [PATCH 5/5] use flexible version number on backup module

---
 main.tf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/main.tf b/main.tf
index db84bad..55cebaa 100644
--- a/main.tf
+++ b/main.tf
@@ -202,7 +202,7 @@ module "aws_backup" {
   count = var.enable_aws_backup ? 1 : 0
 
   source  = "silinternational/backup/aws"
-  version = "0.2.2"
+  version = "~> 0.2.2"
 
   app_name = "${var.app_name}-${var.aws_region}"
   app_env  = var.app_env