Security group updates (#43)

cloudposse · Feb 10, 2022 · 92be854 · 92be854
1 parent f2de73a
commit 92be854
Show file tree

Hide file tree

Showing 16 changed files with 1,400 additions and 307 deletions.
diff --git a/.github/workflows/auto-readme.yml b/.github/workflows/auto-readme.yml
@@ -0,0 +1,55 @@
+name: "auto-readme"
+on:
+  schedule:
+  # Example of job definition:
+  # .---------------- minute (0 - 59)
+  # |  .------------- hour (0 - 23)
+  # |  |  .---------- day of month (1 - 31)
+  # |  |  |  .------- month (1 - 12) OR jan,feb,mar,apr ...
+  # |  |  |  |  .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
+  # |  |  |  |  |
+  # *  *  *  *  * user-name command to be executed
+
+  # Update README.md nightly at 4am UTC
+  - cron:  '0 4 * * *'
+
+jobs:
+  update:
+    if: github.event_name == 'schedule'
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v2
+
+    - name: Update readme
+      shell: bash
+      id: update
+      env:
+        GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
+      run: |
+        make init
+        make readme/build
+        # Ignore changes if they are only whitespace
+        git diff --ignore-all-space --ignore-blank-lines --quiet README.md && { git restore README.md; echo Ignoring whitespace-only changes in README; }
+
+    - name: Create Pull Request
+      # This action will not create or change a pull request if there are no changes to make.
+      # If a PR of the auto-update/readme branch is open, this action will just update it, not create a new PR.
+      uses: cloudposse/actions/github/create-pull-request@0.30.0
+      with:
+        token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }}
+        commit-message: Update README.md and docs
+        title: Update README.md and docs
+        body: |-
+          ## what
+          This is an auto-generated PR that updates the README.md and docs
+
+          ## why
+          To have most recent changes of README.md and doc from origin templates
+
+        branch: auto-update/readme
+        base: main
+        delete-branch: true
+        labels: |
+          auto-update
+          no-release
+          readme
diff --git a/.github/workflows/validate-codeowners.yml b/.github/workflows/validate-codeowners.yml
@@ -10,7 +10,7 @@ jobs:
     steps:
     - name: "Checkout source code at current commit"
       uses: actions/checkout@v2
-    - uses: mszostok/codeowners-validator@v0.5.0
+    - uses: mszostok/codeowners-validator@v0.6.0
       if: github.event.pull_request.head.repo.full_name == github.repository
       name: "Full check of CODEOWNERS"
       with:
@@ -20,7 +20,7 @@ jobs:
         checks: "syntax,owners,duppatterns"
         # GitHub access token is required only if the `owners` check is enabled
         github_access_token: "${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }}"
-    - uses: mszostok/codeowners-validator@v0.5.0
+    - uses: mszostok/codeowners-validator@v0.6.0
       if: github.event.pull_request.head.repo.full_name != github.repository
       name: "Syntax check of CODEOWNERS"
       with:

diff --git a/README.md b/README.md
diff --git a/README.yaml b/README.yaml
@@ -53,34 +53,45 @@ usage: |2-
       region = var.region
     }
 
-    module "vpc" {
-      source     = "git::https://github.com/cloudposse/terraform-aws-vpc.git?ref=tags/0.8.1"
+    module "this" {
+      source  = "cloudposse/label/null"
+      # Cloud Posse recommends pinning every module to a specific version
+      # version = "x.x.x"
       namespace  = var.namespace
       stage      = var.stage
       name       = var.name
+    }
+
+    module "vpc" {
+      source = "cloudposse/vpc/aws"
+      # Cloud Posse recommends pinning every module to a specific version
+      # version = "x.x.x"
+
       cidr_block = "172.16.0.0/16"
+
+      context = module.this.context
     }
 
     module "subnets" {
-      source               = "git::https://github.com/cloudposse/terraform-aws-dynamic-subnets.git?ref=tags/0.18.1"
+      source = "cloudposse/dynamic-subnets/aws"
+      # Cloud Posse recommends pinning every module to a specific version
+      # version = "x.x.x"
+
       availability_zones   = var.availability_zones
-      namespace            = var.namespace
-      stage                = var.stage
-      name                 = var.name
       vpc_id               = module.vpc.vpc_id
       igw_id               = module.vpc.igw_id
       cidr_block           = module.vpc.vpc_cidr_block
-      nat_gateway_enabled  = false
+      nat_gateway_enabled  = true
       nat_instance_enabled = false
+
+      context = module.this.context
     }
 
     module "memcached" {
       source = "cloudposse/elasticache-memcached/aws"
       # Cloud Posse recommends pinning every module to a specific version
       # version = "x.x.x"
-      namespace               = var.namespace
-      stage                   = var.stage
-      name                    = var.name
+
       availability_zones      = var.availability_zones
       vpc_id                  = module.vpc.vpc_id
       allowed_security_groups = [module.vpc.vpc_default_security_group_id]
@@ -90,10 +101,14 @@ usage: |2-
       engine_version          = var.engine_version
       apply_immediately       = true
       zone_id                 = var.zone_id
+
+      elasticache_parameter_group_family = var.elasticache_parameter_group_family
+
+      context = module.this.context
     }
   ```
 examples: |-
-  Review the [complete example](examples/simple) to see how to use this module.
+  Review the [complete example](examples/complete) to see how to use this module.
 include:
   - "docs/targets.md"
   - "docs/terraform.md"
@@ -105,3 +120,5 @@ contributors:
     github: "aknysh"
   - name: "Erik Osterman"
     github: "osterman"
+  - name: "Dan Meyers"
+    github: "danjbh"