Convert to TF 0.12. Add tests. Add Codefresh test pipeline (#26)

* Convert to TF 0.12. Add tests. Add Codefresh test pipeline * Convert to TF 0.12. Add tests. Add Codefresh test pipeline * Convert to TF 0.12. Add tests. Add Codefresh test pipeline
cloudposse · Jun 26, 2019 · b8fb2cc · b8fb2cc
1 parent 396f80e
commit b8fb2cc
Show file tree

Hide file tree

Showing 22 changed files with 566 additions and 123 deletions.
diff --git a/.travis.yml b/.travis.yml
diff --git a/LICENSE b/LICENSE
@@ -186,7 +186,7 @@
       same "printed page" as the copyright notice for easier
       identification within third-party archives.
 
-   Copyright 2017-2018 Cloud Posse, LLC
+   Copyright 2017-2019 Cloud Posse, LLC
 
    Licensed under the Apache License, Version 2.0 (the "License");
    you may not use this file except in compliance with the License.

diff --git a/README.md b/README.md
@@ -3,7 +3,7 @@
 
 [![Cloud Posse][logo]](https://cpco.io/homepage)
 
-# terraform-aws-cloudtrail [![Build Status](https://travis-ci.org/cloudposse/terraform-aws-cloudtrail.svg?branch=master)](https://travis-ci.org/cloudposse/terraform-aws-cloudtrail) [![Latest Release](https://img.shields.io/github/release/cloudposse/terraform-aws-cloudtrail.svg)](https://travis-ci.org/cloudposse/terraform-aws-cloudtrail/releases) [![Slack Community](https://slack.cloudposse.com/badge.svg)](https://slack.cloudposse.com)
+# terraform-aws-cloudtrail [![Codefresh Build Status](https://g.codefresh.io/api/badges/pipeline/cloudposse/terraform-modules%2Fterraform-aws-cloudtrail?type=cf-1)](https://g.codefresh.io/public/accounts/cloudposse/pipelines/5d128233c6e335c15aa1317c) [![Latest Release](https://img.shields.io/github/release/cloudposse/terraform-aws-cloudtrail.svg)](https://travis-ci.org/cloudposse/terraform-aws-cloudtrail/releases) [![Slack Community](https://slack.cloudposse.com/badge.svg)](https://slack.cloudposse.com)
 
 
 Terraform module to provision an AWS [CloudTrail](https://aws.amazon.com/cloudtrail/).
@@ -59,13 +59,13 @@ Instead pin to the release tag (e.g. `?ref=tags/x.y.z`) of one of our [latest re
 ```hcl
 module "cloudtrail" {
   source                        = "git::https://github.com/cloudposse/terraform-aws-cloudtrail.git?ref=master"
-  namespace                     = "cp"
+  namespace                     = "eg"
   stage                         = "dev"
   name                          = "cluster"
-  enable_log_file_validation    = "true"
-  include_global_service_events = "true"
-  is_multi_region_trail         = "false"
-  enable_logging                = "true"
+  enable_log_file_validation    = true
+  include_global_service_events = true
+  is_multi_region_trail         = false
+  enable_logging                = true
   s3_bucket_name                = "my-cloudtrail-logs-bucket"
 }
 ```
@@ -77,19 +77,19 @@ It creates an S3 bucket and an IAM policy to allow CloudTrail logs.
 ```hcl
 module "cloudtrail" {
   source                        = "git::https://github.com/cloudposse/terraform-aws-cloudtrail.git?ref=master"
-  namespace                     = "cp"
+  namespace                     = "eg"
   stage                         = "dev"
   name                          = "cluster"
-  enable_log_file_validation    = "true"
-  include_global_service_events = "true"
-  is_multi_region_trail         = "false"
-  enable_logging                = "true"
-  s3_bucket_name                = "${module.cloudtrail_s3_bucket.bucket_id}"
+  enable_log_file_validation    = true
+  include_global_service_events = true
+  is_multi_region_trail         = false
+  enable_logging                = true
+  s3_bucket_name                = module.cloudtrail_s3_bucket.bucket_id
 }
 
 module "cloudtrail_s3_bucket" {
   source    = "git::https://github.com/cloudposse/terraform-aws-cloudtrail-s3-bucket.git?ref=master"
-  namespace = "cp"
+  namespace = "eg"
   stage     = "dev"
   name      = "cluster"
   region    = "us-east-1"
@@ -117,23 +117,23 @@ Available targets:
 
 | Name | Description | Type | Default | Required |
 |------|-------------|:----:|:-----:|:-----:|
-| attributes | Additional attributes (e.g. `logs`) | list | `<list>` | no |
+| attributes | Additional attributes (e.g. `logs`) | list(string) | `<list>` | no |
 | cloud_watch_logs_group_arn | Specifies a log group name using an Amazon Resource Name (ARN), that represents the log group to which CloudTrail logs will be delivered | string | `` | no |
 | cloud_watch_logs_role_arn | Specifies the role for the CloudWatch Logs endpoint to assume to write to a user’s log group | string | `` | no |
 | delimiter | Delimiter to be used between `namespace`, `stage`, `name` and `attributes` | string | `-` | no |
-| enable_log_file_validation | Specifies whether log file integrity validation is enabled. Creates signed digest for validated contents of logs | string | `true` | no |
-| enable_logging | Enable logging for the trail | string | `true` | no |
-| enabled | If true, deploy the resources for the module | string | `true` | no |
-| event_selector | Specifies an event selector for enabling data event logging, It needs to be a list of map values. See: https://www.terraform.io/docs/providers/aws/r/cloudtrail.html for details on this map variable | list | `<list>` | no |
-| include_global_service_events | Specifies whether the trail is publishing events from global services such as IAM to the log files | string | `false` | no |
-| is_multi_region_trail | Specifies whether the trail is created in the current region or in all regions | string | `false` | no |
-| is_organization_trail | The trail is an AWS Organizations trail | string | `false` | no |
+| enable_log_file_validation | Specifies whether log file integrity validation is enabled. Creates signed digest for validated contents of logs | bool | `true` | no |
+| enable_logging | Enable logging for the trail | bool | `true` | no |
+| enabled | If true, deploy the resources for the module | bool | `true` | no |
+| event_selector | Specifies an event selector for enabling data event logging. See: https://www.terraform.io/docs/providers/aws/r/cloudtrail.html for details on this variable | object | `<list>` | no |
+| include_global_service_events | Specifies whether the trail is publishing events from global services such as IAM to the log files | bool | `false` | no |
+| is_multi_region_trail | Specifies whether the trail is created in the current region or in all regions | bool | `false` | no |
+| is_organization_trail | The trail is an AWS Organizations trail | bool | `false` | no |
 | kms_key_id | Specifies the KMS key ARN to use to encrypt the logs delivered by CloudTrail | string | `` | no |
 | name | Name  (e.g. `app` or `cluster`) | string | - | yes |
-| namespace | Namespace (e.g. `cp` or `cloudposse`) | string | - | yes |
+| namespace | Namespace (e.g. `cp` or `cloudposse`) | string | `` | no |
 | s3_bucket_name | S3 bucket name for CloudTrail logs | string | - | yes |
-| stage | Stage (e.g. `prod`, `dev`, `staging`) | string | - | yes |
-| tags | Additional tags (e.g. map('BusinessUnit`,`XYZ`) | map | `<map>` | no |
+| stage | Stage (e.g. `prod`, `dev`, `staging`) | string | `` | no |
+| tags | Additional tags (e.g. map('BusinessUnit`,`XYZ`) | map(string) | `<map>` | no |
 
 ## Outputs
 
@@ -280,9 +280,11 @@ Check out [our other projects][github], [follow us on twitter][twitter], [apply
 
 ### Contributors
 
-|  [![Andriy Knysh][aknysh_avatar]][aknysh_homepage]<br/>[Andriy Knysh][aknysh_homepage] | [![Sergey Vasilyev][s2504s_avatar]][s2504s_homepage]<br/>[Sergey Vasilyev][s2504s_homepage] | [![Valeriy][drama17_avatar]][drama17_homepage]<br/>[Valeriy][drama17_homepage] | [![Jamie Nelson][Jamie-BitFlight_avatar]][Jamie-BitFlight_homepage]<br/>[Jamie Nelson][Jamie-BitFlight_homepage] |
-|---|---|---|---|
+|  [![Erik Osterman][osterman_avatar]][osterman_homepage]<br/>[Erik Osterman][osterman_homepage] | [![Andriy Knysh][aknysh_avatar]][aknysh_homepage]<br/>[Andriy Knysh][aknysh_homepage] | [![Sergey Vasilyev][s2504s_avatar]][s2504s_homepage]<br/>[Sergey Vasilyev][s2504s_homepage] | [![Valeriy][drama17_avatar]][drama17_homepage]<br/>[Valeriy][drama17_homepage] | [![Jamie Nelson][Jamie-BitFlight_avatar]][Jamie-BitFlight_homepage]<br/>[Jamie Nelson][Jamie-BitFlight_homepage] |
+|---|---|---|---|---|
 
+  [osterman_homepage]: https://github.com/osterman
+  [osterman_avatar]: https://github.com/osterman.png?size=150
   [aknysh_homepage]: https://github.com/aknysh
   [aknysh_avatar]: https://github.com/aknysh.png?size=150
   [s2504s_homepage]: https://github.com/s2504s

diff --git a/README.yaml b/README.yaml
@@ -18,9 +18,9 @@ github_repo: cloudposse/terraform-aws-cloudtrail
 
 # Badges to display
 badges:
-  - name: "Build Status"
-    image: "https://travis-ci.org/cloudposse/terraform-aws-cloudtrail.svg?branch=master"
-    url: "https://travis-ci.org/cloudposse/terraform-aws-cloudtrail"
+  - name: "Codefresh Build Status"
+    image: "https://g.codefresh.io/api/badges/pipeline/cloudposse/terraform-modules%2Fterraform-aws-cloudtrail?type=cf-1"
+    url: "https://g.codefresh.io/public/accounts/cloudposse/pipelines/5d128233c6e335c15aa1317c"
   - name: "Latest Release"
     image: "https://img.shields.io/github/release/cloudposse/terraform-aws-cloudtrail.svg"
     url: "https://travis-ci.org/cloudposse/terraform-aws-cloudtrail/releases"
@@ -57,13 +57,13 @@ usage: |-
   ```hcl
   module "cloudtrail" {
     source                        = "git::https://github.com/cloudposse/terraform-aws-cloudtrail.git?ref=master"
-    namespace                     = "cp"
+    namespace                     = "eg"
     stage                         = "dev"
     name                          = "cluster"
-    enable_log_file_validation    = "true"
-    include_global_service_events = "true"
-    is_multi_region_trail         = "false"
-    enable_logging                = "true"
+    enable_log_file_validation    = true
+    include_global_service_events = true
+    is_multi_region_trail         = false
+    enable_logging                = true
     s3_bucket_name                = "my-cloudtrail-logs-bucket"
   }
   ```
@@ -75,19 +75,19 @@ usage: |-
   ```hcl
   module "cloudtrail" {
     source                        = "git::https://github.com/cloudposse/terraform-aws-cloudtrail.git?ref=master"
-    namespace                     = "cp"
+    namespace                     = "eg"
     stage                         = "dev"
     name                          = "cluster"
-    enable_log_file_validation    = "true"
-    include_global_service_events = "true"
-    is_multi_region_trail         = "false"
-    enable_logging                = "true"
-    s3_bucket_name                = "${module.cloudtrail_s3_bucket.bucket_id}"
+    enable_log_file_validation    = true
+    include_global_service_events = true
+    is_multi_region_trail         = false
+    enable_logging                = true
+    s3_bucket_name                = module.cloudtrail_s3_bucket.bucket_id
   }
 
   module "cloudtrail_s3_bucket" {
     source    = "git::https://github.com/cloudposse/terraform-aws-cloudtrail-s3-bucket.git?ref=master"
-    namespace = "cp"
+    namespace = "eg"
     stage     = "dev"
     name      = "cluster"
     region    = "us-east-1"
@@ -102,11 +102,13 @@ include:
 
 # Contributors to this project
 contributors:
+  - name: "Erik Osterman"
+    github: "osterman"
   - name: "Andriy Knysh"
     github: "aknysh"
   - name: "Sergey Vasilyev"
     github: "s2504s"
   - name: "Valeriy"
     github: "drama17"
   - name: "Jamie Nelson"
-    github: "Jamie-BitFlight"
+    github: "Jamie-BitFlight"
diff --git a/codefresh/test.yml b/codefresh/test.yml
@@ -0,0 +1,74 @@
+version: '1.0'
+
+stages:
+  - Prepare
+  - Test
+
+steps:
+  wait:
+    title: Wait
+    stage: Prepare
+    image: codefresh/cli:latest
+    commands:
+      - codefresh get builds --pipeline=${{CF_REPO_NAME}} --status running --limit 1000 -o json | jq --arg id ${{CF_BUILD_ID}} -ser 'flatten|.[-1].id==$id'
+    retry:
+      maxAttempts: 10
+      delay: 20
+      exponentialFactor: 1.1
+
+  main_clone:
+    title: "Clone repository"
+    type: git-clone
+    stage: Prepare
+    description: "Initialize"
+    repo: ${{CF_REPO_OWNER}}/${{CF_REPO_NAME}}
+    git: CF-default
+    revision: ${{CF_REVISION}}
+
+  clean_init:
+    title: Prepare build-harness and test-harness
+    image: ${{TEST_IMAGE}}
+    stage: Prepare
+    commands:
+      - cf_export PATH="/usr/local/terraform/0.12/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+      - make init
+      - git -C build-harness checkout master
+      - make -C test/ clean init TEST_HARNESS_BRANCH=master
+      - make -C test/src clean init
+      - find . -type d -name '.terraform' | xargs rm -rf
+      - find . -type f -name 'terraform.tfstate*' -exec rm -f {} \;
+
+  test:
+    type: "parallel"
+    title: "Run tests"
+    description: "Run all tests in parallel"
+    stage: Test
+    steps:
+      test_readme_lint:
+        title: "Test README.md updated"
+        stage: "Test"
+        image: ${{TEST_IMAGE}}
+        description: Test "readme/lint"
+        commands:
+          - make readme/lint
+
+      test_module:
+        title: Test module with bats
+        image: ${{TEST_IMAGE}}
+        stage: Test
+        commands:
+          - make -C test/ module
+
+      test_examples_complete:
+        title: Test "examples/complete" with bats
+        image: ${{TEST_IMAGE}}
+        stage: Test
+        commands:
+          - make -C test/ examples/complete
+
+      test_examples_complete_terratest:
+        title: Test "examples/complete" with terratest
+        image: ${{TEST_IMAGE}}
+        stage: Test
+        commands:
+          - make -C test/src
diff --git a/docs/terraform.md b/docs/terraform.md
@@ -2,23 +2,23 @@
 
 | Name | Description | Type | Default | Required |
 |------|-------------|:----:|:-----:|:-----:|
-| attributes | Additional attributes (e.g. `logs`) | list | `<list>` | no |
+| attributes | Additional attributes (e.g. `logs`) | list(string) | `<list>` | no |
 | cloud_watch_logs_group_arn | Specifies a log group name using an Amazon Resource Name (ARN), that represents the log group to which CloudTrail logs will be delivered | string | `` | no |
 | cloud_watch_logs_role_arn | Specifies the role for the CloudWatch Logs endpoint to assume to write to a user’s log group | string | `` | no |
 | delimiter | Delimiter to be used between `namespace`, `stage`, `name` and `attributes` | string | `-` | no |
-| enable_log_file_validation | Specifies whether log file integrity validation is enabled. Creates signed digest for validated contents of logs | string | `true` | no |
-| enable_logging | Enable logging for the trail | string | `true` | no |
-| enabled | If true, deploy the resources for the module | string | `true` | no |
-| event_selector | Specifies an event selector for enabling data event logging, It needs to be a list of map values. See: https://www.terraform.io/docs/providers/aws/r/cloudtrail.html for details on this map variable | list | `<list>` | no |
-| include_global_service_events | Specifies whether the trail is publishing events from global services such as IAM to the log files | string | `false` | no |
-| is_multi_region_trail | Specifies whether the trail is created in the current region or in all regions | string | `false` | no |
-| is_organization_trail | The trail is an AWS Organizations trail | string | `false` | no |
+| enable_log_file_validation | Specifies whether log file integrity validation is enabled. Creates signed digest for validated contents of logs | bool | `true` | no |
+| enable_logging | Enable logging for the trail | bool | `true` | no |
+| enabled | If true, deploy the resources for the module | bool | `true` | no |
+| event_selector | Specifies an event selector for enabling data event logging. See: https://www.terraform.io/docs/providers/aws/r/cloudtrail.html for details on this variable | object | `<list>` | no |
+| include_global_service_events | Specifies whether the trail is publishing events from global services such as IAM to the log files | bool | `false` | no |
+| is_multi_region_trail | Specifies whether the trail is created in the current region or in all regions | bool | `false` | no |
+| is_organization_trail | The trail is an AWS Organizations trail | bool | `false` | no |
 | kms_key_id | Specifies the KMS key ARN to use to encrypt the logs delivered by CloudTrail | string | `` | no |
 | name | Name  (e.g. `app` or `cluster`) | string | - | yes |
-| namespace | Namespace (e.g. `cp` or `cloudposse`) | string | - | yes |
+| namespace | Namespace (e.g. `cp` or `cloudposse`) | string | `` | no |
 | s3_bucket_name | S3 bucket name for CloudTrail logs | string | - | yes |
-| stage | Stage (e.g. `prod`, `dev`, `staging`) | string | - | yes |
-| tags | Additional tags (e.g. map('BusinessUnit`,`XYZ`) | map | `<map>` | no |
+| stage | Stage (e.g. `prod`, `dev`, `staging`) | string | `` | no |
+| tags | Additional tags (e.g. map('BusinessUnit`,`XYZ`) | map(string) | `<map>` | no |
 
 ## Outputs
 

diff --git a/examples/complete/fixtures.us-west-1.tfvars b/examples/complete/fixtures.us-west-1.tfvars
@@ -0,0 +1,17 @@
+region = "us-west-1"
+
+namespace = "eg"
+
+stage = "test"
+
+name = "cloudtrail-test"
+
+enable_log_file_validation = true
+
+is_multi_region_trail = false
+
+include_global_service_events = false
+
+enable_logging = true
+
+is_organization_trail = false
diff --git a/examples/complete/main.tf b/examples/complete/main.tf
@@ -1,19 +1,25 @@
+provider "aws" {
+  region = var.region
+}
+
 module "cloudtrail" {
-  source                        = "git::https://github.com/cloudposse/terraform-aws-cloudtrail.git?ref=master"
-  namespace                     = "cp"
-  stage                         = "dev"
-  name                          = "cluster"
-  enable_logging                = "true"
-  enable_log_file_validation    = "true"
-  include_global_service_events = "true"
-  is_multi_region_trail         = "false"
-  s3_bucket_name                = "${module.cloudtrail_s3_bucket.bucket_id}"
+  source                        = "../../"
+  namespace                     = var.namespace
+  stage                         = var.stage
+  name                          = var.name
+  enable_logging                = var.enable_logging
+  enable_log_file_validation    = var.enable_log_file_validation
+  include_global_service_events = var.include_global_service_events
+  is_multi_region_trail         = var.is_multi_region_trail
+  is_organization_trail         = var.is_organization_trail
+  s3_bucket_name                = module.cloudtrail_s3_bucket.bucket_id
 }
 
 module "cloudtrail_s3_bucket" {
-  source    = "git::https://github.com/cloudposse/terraform-aws-cloudtrail-s3-bucket.git?ref=master"
-  namespace = "cp"
-  stage     = "dev"
-  name      = "cluster"
-  region    = "us-east-1"
+  source        = "git::https://github.com/cloudposse/terraform-aws-cloudtrail-s3-bucket.git?ref=tags/0.4.0"
+  namespace     = var.namespace
+  stage         = var.stage
+  name          = var.name
+  region        = var.region
+  force_destroy = true
 }