From 8b77902f57bfa916925097328d1420ee5b17a060 Mon Sep 17 00:00:00 2001
From: Kevin Mahoney <716806+kevcube@users.noreply.github.com>
Date: Wed, 2 Mar 2022 13:09:54 -0500
Subject: [PATCH 1/5] rm unused template provider
---
examples/complete/versions.tf | 4 ----
versions.tf | 4 ----
2 files changed, 8 deletions(-)
diff --git a/examples/complete/versions.tf b/examples/complete/versions.tf
index 5240dea..83de0be 100644
--- a/examples/complete/versions.tf
+++ b/examples/complete/versions.tf
@@ -6,10 +6,6 @@ terraform {
source = "hashicorp/aws"
version = ">= 2.0"
}
- template = {
- source = "hashicorp/template"
- version = ">= 2.0"
- }
local = {
source = "hashicorp/local"
version = ">= 1.2"
diff --git a/versions.tf b/versions.tf
index 5ffa722..962a6d6 100644
--- a/versions.tf
+++ b/versions.tf
@@ -6,10 +6,6 @@ terraform {
source = "hashicorp/aws"
version = ">= 2.0"
}
- template = {
- source = "hashicorp/template"
- version = ">= 2.0"
- }
local = {
source = "hashicorp/local"
version = ">= 1.2"
From 973e547d5e05bea8bc7a52e2ac8168c993d37eb0 Mon Sep 17 00:00:00 2001
From: cloudpossebot <11232728+cloudpossebot@users.noreply.github.com>
Date: Wed, 2 Mar 2022 18:10:26 +0000
Subject: [PATCH 2/5] Auto Format
---
.github/CODEOWNERS | 4 +-
.github/auto-release.yml | 3 +-
.github/mergify.yml | 7 +++
.github/workflows/auto-context.yml | 2 +-
.github/workflows/auto-format.yml | 6 ++-
.github/workflows/auto-readme.yml | 55 +++++++++++++++++++++++
.github/workflows/auto-release.yml | 25 +++++++----
.github/workflows/chatops.yml | 4 +-
.github/workflows/validate-codeowners.yml | 8 +++-
README.md | 3 +-
docs/terraform.md | 1 -
11 files changed, 96 insertions(+), 22 deletions(-)
create mode 100644 .github/workflows/auto-readme.yml
diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
index 2537f2f..6f64b5a 100644
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -15,8 +15,8 @@
# Cloud Posse must review any changes to standard context definition,
# but some changes can be rubber-stamped.
-**/*.tf @cloudposse/engineering @cloudposse/approvers
-README.yaml @cloudposse/engineering @cloudposse/approvers
+**/*.tf @cloudposse/engineering @cloudposse/contributors @cloudposse/approvers
+README.yaml @cloudposse/engineering @cloudposse/contributors @cloudposse/approvers
README.md @cloudposse/engineering @cloudposse/contributors @cloudposse/approvers
docs/*.md @cloudposse/engineering @cloudposse/contributors @cloudposse/approvers
diff --git a/.github/auto-release.yml b/.github/auto-release.yml
index c78a4d8..b45efb7 100644
--- a/.github/auto-release.yml
+++ b/.github/auto-release.yml
@@ -17,6 +17,7 @@ version-resolver:
- 'bugfix'
- 'bug'
- 'hotfix'
+ - 'no-release'
default: 'minor'
categories:
@@ -46,7 +47,7 @@ template: |
replacers:
# Remove irrelevant information from Renovate bot
-- search: '/---\s+^#.*Renovate configuration(?:.|\n)*?This PR has been generated .*/gm'
+- search: '/(?<=---\s)\s*^#.*(Renovate configuration|Configuration)(?:.|\n)*?This PR has been generated .*/gm'
replace: ''
# Remove Renovate bot banner image
- search: '/\[!\[[^\]]*Renovate\][^\]]*\](\([^)]*\))?\s*\n+/gm'
diff --git a/.github/mergify.yml b/.github/mergify.yml
index b010656..ef15545 100644
--- a/.github/mergify.yml
+++ b/.github/mergify.yml
@@ -56,3 +56,10 @@ pull_request_rules:
changes_requested: true
approved: true
message: "This Pull Request has been updated, so we're dismissing all reviews."
+
+- name: "close Pull Requests without files changed"
+ conditions:
+ - "#files=0"
+ actions:
+ close:
+ message: "This pull request has been automatically closed by Mergify because there are no longer any changes."
diff --git a/.github/workflows/auto-context.yml b/.github/workflows/auto-context.yml
index ab979e0..665833a 100644
--- a/.github/workflows/auto-context.yml
+++ b/.github/workflows/auto-context.yml
@@ -35,7 +35,7 @@ jobs:
- name: Create Pull Request
if: steps.update.outputs.create_pull_request == 'true'
- uses: cloudposse/actions/github/create-pull-request@0.22.0
+ uses: cloudposse/actions/github/create-pull-request@0.30.0
with:
token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }}
committer: 'cloudpossebot <11232728+cloudpossebot@users.noreply.github.com>'
diff --git a/.github/workflows/auto-format.yml b/.github/workflows/auto-format.yml
index 990abed..c600d60 100644
--- a/.github/workflows/auto-format.yml
+++ b/.github/workflows/auto-format.yml
@@ -6,7 +6,7 @@ on:
jobs:
auto-format:
runs-on: ubuntu-latest
- container: cloudposse/build-harness:slim-latest
+ container: cloudposse/build-harness:latest
steps:
# Checkout the pull request branch
# "An action in a workflow run can’t trigger a new workflow run. For example, if an action pushes code using
@@ -29,6 +29,8 @@ jobs:
- name: Auto Format
if: github.event.pull_request.state == 'open'
shell: bash
+ env:
+ GITHUB_TOKEN: "${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }}"
run: make BUILD_HARNESS_PATH=/build-harness PACKAGES_PREFER_HOST=true -f /build-harness/templates/Makefile.build-harness pr/auto-format/host
# Commit changes (if any) to the PR branch
@@ -60,7 +62,7 @@ jobs:
fi
- name: Auto Test
- uses: cloudposse/actions/github/repository-dispatch@0.22.0
+ uses: cloudposse/actions/github/repository-dispatch@0.30.0
# match users by ID because logins (user names) are inconsistent,
# for example in the REST API Renovate Bot is `renovate[bot]` but
# in GraphQL it is just `renovate`, plus there is a non-bot
diff --git a/.github/workflows/auto-readme.yml b/.github/workflows/auto-readme.yml
new file mode 100644
index 0000000..03232cd
--- /dev/null
+++ b/.github/workflows/auto-readme.yml
@@ -0,0 +1,55 @@
+name: "auto-readme"
+on:
+ schedule:
+ # Example of job definition:
+ # .---------------- minute (0 - 59)
+ # | .------------- hour (0 - 23)
+ # | | .---------- day of month (1 - 31)
+ # | | | .------- month (1 - 12) OR jan,feb,mar,apr ...
+ # | | | | .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
+ # | | | | |
+ # * * * * * user-name command to be executed
+
+ # Update README.md nightly at 4am UTC
+ - cron: '0 4 * * *'
+
+jobs:
+ update:
+ if: github.event_name == 'schedule'
+ runs-on: ubuntu-latest
+ steps:
+ - uses: actions/checkout@v2
+
+ - name: Update readme
+ shell: bash
+ id: update
+ env:
+ GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
+ run: |
+ make init
+ make readme/build
+ # Ignore changes if they are only whitespace
+ git diff --ignore-all-space --ignore-blank-lines --quiet README.md && { git restore README.md; echo Ignoring whitespace-only changes in README; }
+
+ - name: Create Pull Request
+ # This action will not create or change a pull request if there are no changes to make.
+ # If a PR of the auto-update/readme branch is open, this action will just update it, not create a new PR.
+ uses: cloudposse/actions/github/create-pull-request@0.30.0
+ with:
+ token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }}
+ commit-message: Update README.md and docs
+ title: Update README.md and docs
+ body: |-
+ ## what
+ This is an auto-generated PR that updates the README.md and docs
+
+ ## why
+ To have most recent changes of README.md and doc from origin templates
+
+ branch: auto-update/readme
+ base: main
+ delete-branch: true
+ labels: |
+ auto-update
+ no-release
+ readme
diff --git a/.github/workflows/auto-release.yml b/.github/workflows/auto-release.yml
index 3f48017..3a38fae 100644
--- a/.github/workflows/auto-release.yml
+++ b/.github/workflows/auto-release.yml
@@ -3,17 +3,24 @@ name: auto-release
on:
push:
branches:
- - master
+ - main
+ - master
+ - production
jobs:
publish:
runs-on: ubuntu-latest
steps:
- # Drafts your next Release notes as Pull Requests are merged into "master"
- - uses: release-drafter/release-drafter@v5
- with:
- publish: true
- prerelease: false
- config-name: auto-release.yml
- env:
- GITHUB_TOKEN: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }}
+ # Get PR from merged commit to master
+ - uses: actions-ecosystem/action-get-merged-pull-request@v1
+ id: get-merged-pull-request
+ with:
+ github_token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }}
+ # Drafts your next Release notes as Pull Requests are merged into "main"
+ - uses: release-drafter/release-drafter@v5
+ with:
+ publish: ${{ !contains(steps.get-merged-pull-request.outputs.labels, 'no-release') }}
+ prerelease: false
+ config-name: auto-release.yml
+ env:
+ GITHUB_TOKEN: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }}
diff --git a/.github/workflows/chatops.yml b/.github/workflows/chatops.yml
index 4ddc067..23f96d8 100644
--- a/.github/workflows/chatops.yml
+++ b/.github/workflows/chatops.yml
@@ -9,7 +9,7 @@ jobs:
steps:
- uses: actions/checkout@v2
- name: "Handle common commands"
- uses: cloudposse/actions/github/slash-command-dispatch@0.22.0
+ uses: cloudposse/actions/github/slash-command-dispatch@0.30.0
with:
token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }}
reaction-token: ${{ secrets.GITHUB_TOKEN }}
@@ -24,7 +24,7 @@ jobs:
- name: "Checkout commit"
uses: actions/checkout@v2
- name: "Run tests"
- uses: cloudposse/actions/github/slash-command-dispatch@0.22.0
+ uses: cloudposse/actions/github/slash-command-dispatch@0.30.0
with:
token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }}
reaction-token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/validate-codeowners.yml b/.github/workflows/validate-codeowners.yml
index 386eb28..70f829e 100644
--- a/.github/workflows/validate-codeowners.yml
+++ b/.github/workflows/validate-codeowners.yml
@@ -1,5 +1,7 @@
name: Validate Codeowners
on:
+ workflow_dispatch:
+
pull_request:
jobs:
@@ -8,7 +10,7 @@ jobs:
steps:
- name: "Checkout source code at current commit"
uses: actions/checkout@v2
- - uses: mszostok/codeowners-validator@v0.5.0
+ - uses: mszostok/codeowners-validator@v0.7.1
if: github.event.pull_request.head.repo.full_name == github.repository
name: "Full check of CODEOWNERS"
with:
@@ -16,10 +18,12 @@ jobs:
# files so we can use the same CODEOWNERS file for Terraform and non-Terraform repos
# checks: "files,syntax,owners,duppatterns"
checks: "syntax,owners,duppatterns"
+ owner_checker_allow_unowned_patterns: "false"
# GitHub access token is required only if the `owners` check is enabled
github_access_token: "${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }}"
- - uses: mszostok/codeowners-validator@v0.5.0
+ - uses: mszostok/codeowners-validator@v0.7.1
if: github.event.pull_request.head.repo.full_name != github.repository
name: "Syntax check of CODEOWNERS"
with:
checks: "syntax,duppatterns"
+ owner_checker_allow_unowned_patterns: "false"
diff --git a/README.md b/README.md
index c61abdc..1d7249d 100644
--- a/README.md
+++ b/README.md
@@ -212,7 +212,6 @@ Available targets:
| [local](#requirement\_local) | >= 1.2 |
| [null](#requirement\_null) | >= 2.0 |
| [random](#requirement\_random) | >= 2.1 |
-| [template](#requirement\_template) | >= 2.0 |
## Providers
@@ -438,7 +437,7 @@ In general, PRs are welcome. We follow the typical "fork-and-pull" Git workflow.
## Copyright
-Copyright © 2017-2021 [Cloud Posse, LLC](https://cpco.io/copyright)
+Copyright © 2017-2022 [Cloud Posse, LLC](https://cpco.io/copyright)
diff --git a/docs/terraform.md b/docs/terraform.md
index 139d18e..83f4d16 100644
--- a/docs/terraform.md
+++ b/docs/terraform.md
@@ -8,7 +8,6 @@
| [local](#requirement\_local) | >= 1.2 |
| [null](#requirement\_null) | >= 2.0 |
| [random](#requirement\_random) | >= 2.1 |
-| [template](#requirement\_template) | >= 2.0 |
## Providers
From 0cbfcab720626f621b792d258d336926452812ac Mon Sep 17 00:00:00 2001
From: Kevin Mahoney <716806+kevcube@users.noreply.github.com>
Date: Thu, 3 Mar 2022 12:39:39 -0500
Subject: [PATCH 3/5] use s3 bucket module
---
main.tf | 15 +++++++++------
1 file changed, 9 insertions(+), 6 deletions(-)
diff --git a/main.tf b/main.tf
index aafa3dd..4c11e3f 100644
--- a/main.tf
+++ b/main.tf
@@ -6,9 +6,12 @@ module "codepipeline_label" {
context = module.this.context
}
-resource "aws_s3_bucket" "default" {
+module "artifact_store_bucket" {
+ source = "cloudposse/s3-bucket/aws"
+ version = "0.49.0"
+
count = module.this.enabled ? 1 : 0
- bucket = module.codepipeline_label.id
+ bucket_name = module.codepipeline_label.id
acl = "private"
force_destroy = var.s3_bucket_force_destroy
tags = module.codepipeline_label.tags
@@ -114,8 +117,8 @@ data "aws_iam_policy_document" "s3" {
]
resources = [
- join("", aws_s3_bucket.default.*.arn),
- "${join("", aws_s3_bucket.default.*.arn)}/*"
+ join("", module.artifact_store_bucket.*.bucket_arn),
+ "${join("", module.artifact_store_bucket.*.bucket_arn)}/*"
]
effect = "Allow"
@@ -246,7 +249,7 @@ resource "aws_codepipeline" "default" {
role_arn = join("", aws_iam_role.default.*.arn)
artifact_store {
- location = join("", aws_s3_bucket.default.*.bucket)
+ location = join("", module.artifact_store_bucket.*.bucket_arn)
type = "S3"
}
@@ -328,7 +331,7 @@ resource "aws_codepipeline" "bitbucket" {
role_arn = join("", aws_iam_role.default.*.arn)
artifact_store {
- location = join("", aws_s3_bucket.default.*.bucket)
+ location = join("", module.artifact_store_bucket.*.bucket_arn)
type = "S3"
}
From b9ba06ee9efd44fa71ea3201413f3211c0161d22 Mon Sep 17 00:00:00 2001
From: cloudpossebot <11232728+cloudpossebot@users.noreply.github.com>
Date: Thu, 3 Mar 2022 17:40:13 +0000
Subject: [PATCH 4/5] Auto Format
---
README.md | 2 +-
docs/terraform.md | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/README.md b/README.md
index 1d7249d..a14de34 100644
--- a/README.md
+++ b/README.md
@@ -224,6 +224,7 @@ Available targets:
| Name | Source | Version |
|------|--------|---------|
+| [artifact\_store\_bucket](#module\_artifact\_store\_bucket) | cloudposse/s3-bucket/aws | 0.49.0 |
| [codebuild](#module\_codebuild) | cloudposse/codebuild/aws | 0.37.1 |
| [codebuild\_label](#module\_codebuild\_label) | cloudposse/label/null | 0.25.0 |
| [codepipeline\_assume\_role\_label](#module\_codepipeline\_assume\_role\_label) | cloudposse/label/null | 0.25.0 |
@@ -250,7 +251,6 @@ Available targets:
| [aws_iam_role_policy_attachment.codestar](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
| [aws_iam_role_policy_attachment.default](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
| [aws_iam_role_policy_attachment.s3](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
-| [aws_s3_bucket.default](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket) | resource |
| [random_string.webhook_secret](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/string) | resource |
| [aws_caller_identity.default](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
| [aws_iam_policy_document.assume_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
diff --git a/docs/terraform.md b/docs/terraform.md
index 83f4d16..d0adc31 100644
--- a/docs/terraform.md
+++ b/docs/terraform.md
@@ -20,6 +20,7 @@
| Name | Source | Version |
|------|--------|---------|
+| [artifact\_store\_bucket](#module\_artifact\_store\_bucket) | cloudposse/s3-bucket/aws | 0.49.0 |
| [codebuild](#module\_codebuild) | cloudposse/codebuild/aws | 0.37.1 |
| [codebuild\_label](#module\_codebuild\_label) | cloudposse/label/null | 0.25.0 |
| [codepipeline\_assume\_role\_label](#module\_codepipeline\_assume\_role\_label) | cloudposse/label/null | 0.25.0 |
@@ -46,7 +47,6 @@
| [aws_iam_role_policy_attachment.codestar](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
| [aws_iam_role_policy_attachment.default](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
| [aws_iam_role_policy_attachment.s3](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
-| [aws_s3_bucket.default](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket) | resource |
| [random_string.webhook_secret](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/string) | resource |
| [aws_caller_identity.default](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
| [aws_iam_policy_document.assume_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
From f66c0f9e4bdf0021cc8085074a5a79d2e9c9ac61 Mon Sep 17 00:00:00 2001
From: cloudpossebot <11232728+cloudpossebot@users.noreply.github.com>
Date: Wed, 18 May 2022 15:59:59 +0000
Subject: [PATCH 5/5] Auto Format
---
.github/workflows/auto-readme.yml | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/.github/workflows/auto-readme.yml b/.github/workflows/auto-readme.yml
index d421b24..6f25b8d 100644
--- a/.github/workflows/auto-readme.yml
+++ b/.github/workflows/auto-readme.yml
@@ -22,6 +22,16 @@ jobs:
steps:
- uses: actions/checkout@v2
+ - name: Find default branch name
+ id: defaultBranch
+ shell: bash
+ env:
+ GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
+ run: |
+ default_branch=$(gh repo view --json defaultBranchRef --jq .defaultBranchRef.name)
+ printf "::set-output name=defaultBranch::%s\n" "${default_branch}"
+ printf "defaultBranchRef.name=%s\n" "${default_branch}"
+
- name: Update readme
shell: bash
id: update