From 169f231adb3c380cd4c2a3523f703a030827f24a Mon Sep 17 00:00:00 2001 From: Vedant Pareek Date: Thu, 21 Sep 2023 13:19:12 +0530 Subject: [PATCH 1/4] Added support for tagging and versioning --- efs.tf | 1 + iam-sa.tf | 6 +----- variables.tf | 5 ----- versions.tf | 9 +++++++++ 4 files changed, 11 insertions(+), 10 deletions(-) create mode 100644 versions.tf diff --git a/efs.tf b/efs.tf index 77e6881..602a61a 100644 --- a/efs.tf +++ b/efs.tf @@ -2,6 +2,7 @@ resource "aws_iam_policy" "efs" { name_prefix = "${var.cluster_name}-access-to-efs" description = "EFS Access policy for cluster" policy = data.aws_iam_policy_document.efs.json + tags = local.tags } # https://github.com/kubernetes-sigs/aws-efs-csi-driver/blob/master/docs/iam-policy-example.json data "aws_iam_policy_document" "efs" { diff --git a/iam-sa.tf b/iam-sa.tf index 897732b..3f875bb 100644 --- a/iam-sa.tf +++ b/iam-sa.tf @@ -1,9 +1,4 @@ # From https://github.com/terraform-aws-modules/terraform-aws-eks/blob/master/examples/irsa/irsa.tf - -data "aws_eks_cluster" "cluster" { - name = var.cluster_name -} - module "iam_assumable_role_admin" { source = "terraform-aws-modules/iam/aws//modules/iam-assumable-role-with-oidc" version = "5.27.0" @@ -18,4 +13,5 @@ module "iam_assumable_role_admin" { role_policy_arns = [ aws_iam_policy.efs.arn ] + tags = local.tags } \ No newline at end of file diff --git a/variables.tf b/variables.tf index 770cc88..8e0153d 100644 --- a/variables.tf +++ b/variables.tf @@ -63,9 +63,4 @@ variable "tags" { type = map(string) default = {} description = "AWS Tags common to all the resources created" -} - -variable "account_name" { - description = "AWS Account Name" - type = string } \ No newline at end of file diff --git a/versions.tf b/versions.tf new file mode 100644 index 0000000..2de879c --- /dev/null +++ b/versions.tf @@ -0,0 +1,9 @@ +terraform { + required_version = ">= 1.4" + required_providers { + aws = { + source = "hashicorp/aws" + version = "5.17.0" + } + } +} \ No newline at end of file From 52f05ddc2dcb4f5de937c223783a5c29fd4318d9 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Thu, 21 Sep 2023 07:49:56 +0000 Subject: [PATCH 2/4] terraform-docs: automated action --- README.md | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 0ca3756..97daef0 100644 --- a/README.md +++ b/README.md @@ -4,13 +4,16 @@ Truefoundry AWS EFS Module ## Requirements -No requirements. +| Name | Version | +|------|---------| +| [terraform](#requirement\_terraform) | >= 1.4 | +| [aws](#requirement\_aws) | 5.17.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | n/a | +| [aws](#provider\_aws) | 5.17.0 | ## Modules @@ -23,15 +26,13 @@ No requirements. | Name | Type | |------|------| -| [aws_iam_policy.efs](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource | -| [aws_eks_cluster.cluster](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/eks_cluster) | data source | -| [aws_iam_policy_document.efs](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | +| [aws_iam_policy.efs](https://registry.terraform.io/providers/hashicorp/aws/5.17.0/docs/resources/iam_policy) | resource | +| [aws_iam_policy_document.efs](https://registry.terraform.io/providers/hashicorp/aws/5.17.0/docs/data-sources/iam_policy_document) | data source | ## Inputs | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| -| [account\_name](#input\_account\_name) | AWS Account Name | `string` | n/a | yes | | [azs](#input\_azs) | Availability Zones | `list(string)` | n/a | yes | | [cluster\_name](#input\_cluster\_name) | EKS Cluster Name | `string` | n/a | yes | | [cluster\_oidc\_issuer\_url](#input\_cluster\_oidc\_issuer\_url) | The oidc url of the eks cluster | `string` | n/a | yes | From cd75372d119351a308566bc4e457eb56537ade09 Mon Sep 17 00:00:00 2001 From: Vedant Pareek Date: Thu, 21 Sep 2023 13:20:09 +0530 Subject: [PATCH 3/4] terraform fmt --- efs.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/efs.tf b/efs.tf index 602a61a..32460b6 100644 --- a/efs.tf +++ b/efs.tf @@ -2,7 +2,7 @@ resource "aws_iam_policy" "efs" { name_prefix = "${var.cluster_name}-access-to-efs" description = "EFS Access policy for cluster" policy = data.aws_iam_policy_document.efs.json - tags = local.tags + tags = local.tags } # https://github.com/kubernetes-sigs/aws-efs-csi-driver/blob/master/docs/iam-policy-example.json data "aws_iam_policy_document" "efs" { From 201112ad3299b029662ce5239c0b29e56fc409d9 Mon Sep 17 00:00:00 2001 From: Vedant Pareek Date: Thu, 21 Sep 2023 13:22:30 +0530 Subject: [PATCH 4/4] Added tflinter --- .github/workflows/tflint.yaml | 40 +++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) create mode 100644 .github/workflows/tflint.yaml diff --git a/.github/workflows/tflint.yaml b/.github/workflows/tflint.yaml new file mode 100644 index 0000000..42620cf --- /dev/null +++ b/.github/workflows/tflint.yaml @@ -0,0 +1,40 @@ +name: Lint +on: + pull_request: + branches: + - main + +jobs: + tflint: + runs-on: ${{ matrix.os }} + + strategy: + matrix: + os: [ubuntu-latest, macos-latest, windows-latest] + + steps: + - uses: actions/checkout@v3 + name: Checkout source code + + - uses: actions/cache@v3 + name: Cache plugin dir + with: + path: ~/.tflint.d/plugins + key: ${{ matrix.os }}-tflint-${{ hashFiles('.tflint.hcl') }} + + - uses: terraform-linters/setup-tflint@v3 + name: Setup TFLint + with: + tflint_version: v0.47.0 + + - name: Show version + run: tflint --version + + - name: Init TFLint + run: tflint --init + env: + # https://github.com/terraform-linters/tflint/blob/master/docs/user-guide/plugins.md#avoiding-rate-limiting + GITHUB_TOKEN: ${{ github.token }} + + - name: Run TFLint + run: tflint --minimum-failure-severity=error -f compact \ No newline at end of file