From a440ef97b7ed268042f6305a1c3acb86553fd895 Mon Sep 17 00:00:00 2001 From: Conjugato Date: Fri, 26 May 2023 12:59:52 +1000 Subject: [PATCH] base files added --- CONTRIBUTING.md | 42 ++++++++++++++++++++++++ PULL_REQUEST_TEMPLATE.md | 23 +++++++++++++ README.md | 39 ++++++++++++++++++---- examples/main.tf | 28 ++++++++++++++++ examples/provider.tf | 12 +++++++ tests/.keep | 0 variables.tf | 71 ++++++++++++++++++++++++++++------------ 7 files changed, 188 insertions(+), 27 deletions(-) create mode 100644 CONTRIBUTING.md create mode 100644 PULL_REQUEST_TEMPLATE.md create mode 100644 examples/main.tf create mode 100644 examples/provider.tf create mode 100644 tests/.keep diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 0000000..c4b3815 --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,42 @@ +# Contributing + +This guide outlines how you can contribute. + +## How to Contribute + +1. Fork the repository and clone it to your local machine. +2. Create a new branch for your contribution: + +```shell + git checkout -b my-contribution +``` + +3. Make your changes, following the coding conventions and best practices. +4. Write tests to ensure the correctness of your changes. +5. Commit your changes: + +```shell +git commit -m "Add my contribution" +``` + +6. Push your changes to be reviewed + +```shell +git push origin my-contribution +``` + +7. Open a pull request from your forked repository to the main project repository. +8. Provide a descriptive title and detailed description of your changes in the pull request. +9. Be responsive to any feedback or requests for modifications to your contribution. +10. Once approved, your contribution will be merged into the main project repository. + +## Coding Conventions + +Please follow these coding conventions to maintain a consistent and readable codebase: + +* Use meaningful variable and function names. +* Write clear and concise comments. +* Follow the established indentation style. +* Use appropriate spacing and line breaks for readability. +* Keep the codebase clean and free from unnecessary or commented-out code. +* Write comprehensive tests for your code. \ No newline at end of file diff --git a/PULL_REQUEST_TEMPLATE.md b/PULL_REQUEST_TEMPLATE.md new file mode 100644 index 0000000..e2f3f4d --- /dev/null +++ b/PULL_REQUEST_TEMPLATE.md @@ -0,0 +1,23 @@ +## Pull Request Description + +Please provide a brief description of your pull request. Explain the changes you made and why they are necessary. + +## Related Issue(s) + +If your pull request is related to any existing issue(s), mention them here and provide the link(s). + +## Proposed Changes + +List the changes made in your pull request. Be as detailed as possible. + +## Checklist + +- [ ] I have tested my changes thoroughly. +- [ ] I have added/updated relevant documentation. +- [ ] My code follows the established coding conventions. +- [ ] I have added necessary tests and ensured existing tests pass. +- [ ] I have reviewed my changes and confirmed they are correct and ready for merging. + +## Additional Information + +Provide any additional information or context that might be helpful for the reviewers. diff --git a/README.md b/README.md index 9d61515..15e9da6 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,16 @@ # Terraform Module: cloud-storage-monitoring -Basic module to monitor object count in buckets. + +[![License](https://img.shields.io/badge/license-MIT-blue.svg)](https://opensource.org/licenses/MIT) + +This Terraform module creates a bucket monitoring solution to periodically query specified bucket paths and return the total object count. If an object count for a given subfolder is greater than the threshold specified in the module a log will be created that is picked up by an alert policy. + +## Features + +- Creates a build trigger for each bucket that executes a script +- Creates a scheduler task for each bucket to trigger the build trigger +- Creates a single alert policy to watch for logs generated by the build trigger + +## Usage ```terraform module "cloud_storage_monitor" { @@ -7,20 +18,36 @@ module "cloud_storage_monitor" { name = "storage-monitor-v1" bucket_paths = [ - "/some/folder", + "my-bucket-a/some/folder", + "my-bucket-b/some/folder", ] cron_schedule = "*/30 * * * *" cron_time_zone = "Australia/Melbourne" region = "us-east1" threshold = "1000" timeout = "7200s" - service_account = data.google_compute_default_service_account.default.email + service_account = "" notification_channels = [ # Add notification channel ids here ] } +``` + +## Inputs + +| Name | Description | Type | Default | Required | +|-------------------------|---------------------------------------------------------|--------|-------------|----------| +| name | Service name | string | - | yes | +| bucket_paths | List of CIDR blocks for public subnets | list | - | yes | +| cron_schedule | Cron schedule (e.g. */10 * * * *, every 10m ) | string | - | yes | +| cron_timezone | Cron time zone (e.g. Australia/Melbourne) | string | - | yes | +| region | GCP Region (e.g. us-east1) global not supported | string | - | yes | +| threshold | Threshold limit before log is created | string | - | yes | +| timeout | Time limit before script closes | string | - | yes | +| service_account | Service acount email | string | - | yes | +| notification_channels | Notification channel IDs | list | - | yes | + -data "google_compute_default_service_account" "default" {} +## License -data "google_project" "current" {} -``` \ No newline at end of file +This module is licensed under the [MIT License](LICENSE). \ No newline at end of file diff --git a/examples/main.tf b/examples/main.tf new file mode 100644 index 0000000..ba9308c --- /dev/null +++ b/examples/main.tf @@ -0,0 +1,28 @@ +module "cloud_storage_monitor" { + source = "./modules/cloud-storage-monitoring" + + name = "storage-monitor-v1" + bucket_paths = [ + "my-bucket-a/some/folder", + "my-bucket-b/path/to/folder", + "my-bucket-c", + ] + cron_schedule = "*/30 * * * *" + cron_time_zone = "Australia/Melbourne" + region = "us-east1" + threshold = "1000" + timeout = "7200s" + service_account = "" + notification_channels = [ + google_monitoring_notification_channel.email.id + ] +} + +resource "google_monitoring_notification_channel" "email" { + display_name = "Test Notification Channel" + type = "email" + labels = { + email_address = "fake_email@blahblah.com" + } + force_delete = false +} \ No newline at end of file diff --git a/examples/provider.tf b/examples/provider.tf new file mode 100644 index 0000000..b0b0205 --- /dev/null +++ b/examples/provider.tf @@ -0,0 +1,12 @@ +terraform { + required_providers { + google = { + source = "hashicorp/google" + version = "4.66.0" + } + } +} + +provider "google" { + # Configuration options +} \ No newline at end of file diff --git a/tests/.keep b/tests/.keep new file mode 100644 index 0000000..e69de29 diff --git a/variables.tf b/variables.tf index 7405228..555d1b8 100644 --- a/variables.tf +++ b/variables.tf @@ -1,8 +1,3 @@ -variable "name" { - type = string - description = "service name" -} - variable "bucket_paths" { type = list(string) description = "list of bucket paths" @@ -13,16 +8,6 @@ variable "bucket_paths" { } } -variable "cron_schedule" { - type = string - description = "cron schedule (e.g. * * * * *)" -} - -variable "cron_time_zone" { - type = string - description = "cron time zone (e.g. Australia/Melbourne)" -} - variable "region" { type = string description = "deployment region (e.g. asia-east1, us-east1)" @@ -36,23 +21,67 @@ variable "region" { } } +variable "notification_channels" { + type = list(string) + description = "notication channel ids (['projects/[PROJECT_ID]/notificationChannels/[CHANNEL_ID]'])" +} + +variable "name" { + type = string + description = "service name" + + validation { + condition = can(regex("^[_a-zA-Z0-9-]+$", var.name)) + error_message = "Invalid value for 'name'. Only alphanumeric characters, underscores, and hyphens are allowed." + } +} + +variable "cron_schedule" { + type = string + description = "cron schedule (e.g. * * * * *)" + + validation { + condition = can(regex("^[*\\/0-9,-]+$", var.cron_schedule)) + error_message = "Invalid value for 'cron_schedule'. Must be a valid cron schedule pattern." + } +} + +variable "cron_time_zone" { + type = string + description = "cron time zone (e.g. Australia/Melbourne)" + + validation { + condition = can(regex("^[a-zA-Z_]+\\/[a-zA-Z_]+$", var.cron_time_zone)) + error_message = "Invalid value for 'cron_time_zone'. Must be a valid time zone pattern (e.g., /)." + } +} + variable "threshold" { type = string description = "object threshold before log is created" + + validation { + condition = can(regex("^\\d+$", var.threshold)) + error_message = "Invalid value for 'threshold'. Must be a string number." + } } variable "timeout" { type = string description = "timeout before build fails (e.g. 300s, 7200s)" + + validation { + condition = can(regex("^\\d+s$", var.timeout)) + error_message = "Invalid value for 'timeout'. Must be a number followed by 's' (e.g., '1000s')." + } } variable "service_account" { type = string description = "service account email" -} - -variable "notification_channels" { - type = list(string) - description = "notication channel ids (['projects/[PROJECT_ID]/notificationChannels/[CHANNEL_ID]'])" -} + validation { + condition = can(regex("^[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\\.[A-Za-z]{2,}$", var.service_account)) + error_message = "Invalid value for 'service_account'. Must be a valid email address." + } +} \ No newline at end of file