From c6e9dfe48cb198152d391e189e6efeeb9b4684cc Mon Sep 17 00:00:00 2001 From: Igor Rodionov Date: Thu, 16 Feb 2023 21:01:39 +0300 Subject: [PATCH 01/12] Update go.sum terratest version `0.31.4` (#151) * Update go.sum * Auto Format * Update go.sum * Update go.sum * Update go.sum * Fix versions --------- Co-authored-by: cloudpossebot <11232728+cloudpossebot@users.noreply.github.com> --- .github/ISSUE_TEMPLATE/bug_report.yml | 72 ++++++++++++++++++ .github/ISSUE_TEMPLATE/feature_request.yml | 71 +++++++++++++++++ .github/PULL_REQUEST_TEMPLATE.md | 22 ++++-- .github/auto-release.yml | 1 - .github/renovate.json | 2 +- .github/workflows/auto-context.yml | 4 +- .github/workflows/auto-format.yml | 10 +-- .github/workflows/auto-readme.yml | 4 +- .github/workflows/auto-release.yml | 4 +- .github/workflows/chatops.yml | 4 +- .github/workflows/validate-codeowners.yml | 3 +- README.md | 5 +- test/src/go.sum | 88 +++++++++++++++++----- 13 files changed, 245 insertions(+), 45 deletions(-) create mode 100644 .github/ISSUE_TEMPLATE/bug_report.yml create mode 100644 .github/ISSUE_TEMPLATE/feature_request.yml diff --git a/.github/ISSUE_TEMPLATE/bug_report.yml b/.github/ISSUE_TEMPLATE/bug_report.yml new file mode 100644 index 0000000..94d3246 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug_report.yml @@ -0,0 +1,72 @@ +--- +name: Bug report +description: Create a report to help us improve +labels: ["bug"] +assignees: [""] +body: + - type: markdown + attributes: + value: | + Found a bug? + + Please checkout our [Slack Community](https://slack.cloudposse.com) + or visit our [Slack Archive](https://archive.sweetops.com/). + + [![Slack Community](https://slack.cloudposse.com/badge.svg)](https://slack.cloudposse.com) + + - type: textarea + id: concise-description + attributes: + label: Describe the Bug + description: A clear and concise description of what the bug is. + placeholder: What is the bug about? + validations: + required: true + + - type: textarea + id: expected + attributes: + label: Expected Behavior + description: A clear and concise description of what you expected. + placeholder: What happened? + validations: + required: true + + - type: textarea + id: reproduction-steps + attributes: + label: Steps to Reproduce + description: Steps to reproduce the behavior. + placeholder: How do we reproduce it? + validations: + required: true + + - type: textarea + id: screenshots + attributes: + label: Screenshots + description: If applicable, add screenshots or logs to help explain. + validations: + required: false + + - type: textarea + id: environment + attributes: + label: Environment + description: Anything that will help us triage the bug. + placeholder: | + - OS: [e.g. Linux, OSX, WSL, etc] + - Version [e.g. 10.15] + - Module version + - Terraform version + validations: + required: false + + - type: textarea + id: additional + attributes: + label: Additional Context + description: | + Add any other context about the problem here. + validations: + required: false diff --git a/.github/ISSUE_TEMPLATE/feature_request.yml b/.github/ISSUE_TEMPLATE/feature_request.yml new file mode 100644 index 0000000..7b86672 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/feature_request.yml @@ -0,0 +1,71 @@ +--- +name: Feature Request +description: Suggest an idea for this project +labels: ["feature request"] +assignees: [""] +body: + - type: markdown + attributes: + value: | + Have a question? + + Please checkout our [Slack Community](https://slack.cloudposse.com) + or visit our [Slack Archive](https://archive.sweetops.com/). + + [![Slack Community](https://slack.cloudposse.com/badge.svg)](https://slack.cloudposse.com) + + - type: textarea + id: concise-description + attributes: + label: Describe the Feature + description: A clear and concise description of what the feature is. + placeholder: What is the feature about? + validations: + required: true + + - type: textarea + id: expected + attributes: + label: Expected Behavior + description: A clear and concise description of what you expected. + placeholder: What happened? + validations: + required: true + + - type: textarea + id: use-case + attributes: + label: Use Case + description: | + Is your feature request related to a problem/challenge you are trying + to solve? + + Please provide some additional context of why this feature or + capability will be valuable. + validations: + required: true + + - type: textarea + id: ideal-solution + attributes: + label: Describe Ideal Solution + description: A clear and concise description of what you want to happen. + validations: + required: true + + - type: textarea + id: alternatives-considered + attributes: + label: Alternatives Considered + description: Explain alternative solutions or features considered. + validations: + required: false + + - type: textarea + id: additional + attributes: + label: Additional Context + description: | + Add any other context about the problem here. + validations: + required: false diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md index 4b8f32d..8944933 100644 --- a/.github/PULL_REQUEST_TEMPLATE.md +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -1,13 +1,21 @@ ## what -* Describe high-level what changed as a result of these commits (i.e. in plain-english, what do these changes mean?) -* Use bullet points to be concise and to the point. + + ## why -* Provide the justifications for the changes (e.g. business case). -* Describe why these changes were made (e.g. why do these commits fix the problem?) -* Use bullet points to be concise and to the point. + + ## references -* Link to any supporting github issues or helpful documentation to add some context (e.g. stackoverflow). -* Use `closes #123`, if this PR closes a GitHub issue `#123` + diff --git a/.github/auto-release.yml b/.github/auto-release.yml index b45efb7..17cd39c 100644 --- a/.github/auto-release.yml +++ b/.github/auto-release.yml @@ -17,7 +17,6 @@ version-resolver: - 'bugfix' - 'bug' - 'hotfix' - - 'no-release' default: 'minor' categories: diff --git a/.github/renovate.json b/.github/renovate.json index ae4f0aa..a780298 100644 --- a/.github/renovate.json +++ b/.github/renovate.json @@ -4,9 +4,9 @@ ":preserveSemverRanges" ], "labels": ["auto-update"], + "dependencyDashboardAutoclose": true, "enabledManagers": ["terraform"], "terraform": { "ignorePaths": ["**/context.tf", "examples/**"] } } - diff --git a/.github/workflows/auto-context.yml b/.github/workflows/auto-context.yml index 665833a..831e7fa 100644 --- a/.github/workflows/auto-context.yml +++ b/.github/workflows/auto-context.yml @@ -27,7 +27,7 @@ jobs: make init make github/init/context.tf make readme/build - echo "::set-output name=create_pull_request::true" + echo "create_pull_request=true" >> "$GITHUB_OUTPUT" fi else echo "This module has not yet been updated to support the context.tf pattern! Please update in order to support automatic updates." @@ -37,7 +37,7 @@ jobs: if: steps.update.outputs.create_pull_request == 'true' uses: cloudposse/actions/github/create-pull-request@0.30.0 with: - token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }} + token: ${{ secrets.REPO_ACCESS_TOKEN }} committer: 'cloudpossebot <11232728+cloudpossebot@users.noreply.github.com>' author: 'cloudpossebot <11232728+cloudpossebot@users.noreply.github.com>' commit-message: Update context.tf from origin source diff --git a/.github/workflows/auto-format.yml b/.github/workflows/auto-format.yml index c600d60..b8c2064 100644 --- a/.github/workflows/auto-format.yml +++ b/.github/workflows/auto-format.yml @@ -19,7 +19,7 @@ jobs: if: github.event.pull_request.state == 'open' name: Privileged Checkout with: - token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }} + token: ${{ secrets.REPO_ACCESS_TOKEN }} repository: ${{ github.event.pull_request.head.repo.full_name }} # Check out the PR commit, not the merge commit # Use `ref` instead of `sha` to enable pushing back to `ref` @@ -30,7 +30,7 @@ jobs: if: github.event.pull_request.state == 'open' shell: bash env: - GITHUB_TOKEN: "${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }}" + GITHUB_TOKEN: "${{ secrets.REPO_ACCESS_TOKEN }}" run: make BUILD_HARNESS_PATH=/build-harness PACKAGES_PREFER_HOST=true -f /build-harness/templates/Makefile.build-harness pr/auto-format/host # Commit changes (if any) to the PR branch @@ -54,10 +54,10 @@ jobs: [[ $SENDER == "cloudpossebot" ]] || git push # Set status to fail, because the push should trigger another status check, # and we use success to indicate the checks are finished. - printf "::set-output name=%s::%s\n" "changed" "true" + echo "changed=true" >> "$GITHUB_OUTPUT" exit 1 else - printf "::set-output name=%s::%s\n" "changed" "false" + echo "changed=false" >> "$GITHUB_OUTPUT" echo "No changes detected" fi @@ -75,7 +75,7 @@ jobs: contains(' 37929162 29139614 11232728 ', format(' {0} ', github.event.pull_request.user.id)) && steps.commit.outputs.changed == 'false' && github.event.pull_request.state == 'open' with: - token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }} + token: ${{ secrets.REPO_ACCESS_TOKEN }} repository: cloudposse/actions event-type: test-command client-payload: |- diff --git a/.github/workflows/auto-readme.yml b/.github/workflows/auto-readme.yml index 6f25b8d..b2db520 100644 --- a/.github/workflows/auto-readme.yml +++ b/.github/workflows/auto-readme.yml @@ -29,7 +29,7 @@ jobs: GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" run: | default_branch=$(gh repo view --json defaultBranchRef --jq .defaultBranchRef.name) - printf "::set-output name=defaultBranch::%s\n" "${default_branch}" + echo "defaultBranch=${default_branch}" >> "$GITHUB_OUTPUT" printf "defaultBranchRef.name=%s\n" "${default_branch}" - name: Update readme @@ -52,7 +52,7 @@ jobs: # If a PR of the auto-update/readme branch is open, this action will just update it, not create a new PR. uses: cloudposse/actions/github/create-pull-request@0.30.0 with: - token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }} + token: ${{ secrets.REPO_ACCESS_TOKEN }} commit-message: Update README.md and docs title: Update README.md and docs body: |- diff --git a/.github/workflows/auto-release.yml b/.github/workflows/auto-release.yml index 3a38fae..17d6cab 100644 --- a/.github/workflows/auto-release.yml +++ b/.github/workflows/auto-release.yml @@ -15,7 +15,7 @@ jobs: - uses: actions-ecosystem/action-get-merged-pull-request@v1 id: get-merged-pull-request with: - github_token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }} + github_token: ${{ secrets.REPO_ACCESS_TOKEN }} # Drafts your next Release notes as Pull Requests are merged into "main" - uses: release-drafter/release-drafter@v5 with: @@ -23,4 +23,4 @@ jobs: prerelease: false config-name: auto-release.yml env: - GITHUB_TOKEN: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }} + GITHUB_TOKEN: ${{ secrets.REPO_ACCESS_TOKEN }} diff --git a/.github/workflows/chatops.yml b/.github/workflows/chatops.yml index 23f96d8..0f64574 100644 --- a/.github/workflows/chatops.yml +++ b/.github/workflows/chatops.yml @@ -11,7 +11,7 @@ jobs: - name: "Handle common commands" uses: cloudposse/actions/github/slash-command-dispatch@0.30.0 with: - token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }} + token: ${{ secrets.REPO_ACCESS_TOKEN }} reaction-token: ${{ secrets.GITHUB_TOKEN }} repository: cloudposse/actions commands: rebuild-readme, terraform-fmt @@ -26,7 +26,7 @@ jobs: - name: "Run tests" uses: cloudposse/actions/github/slash-command-dispatch@0.30.0 with: - token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }} + token: ${{ secrets.REPO_ACCESS_TOKEN }} reaction-token: ${{ secrets.GITHUB_TOKEN }} repository: cloudposse/actions commands: test diff --git a/.github/workflows/validate-codeowners.yml b/.github/workflows/validate-codeowners.yml index 70f829e..b3f7c32 100644 --- a/.github/workflows/validate-codeowners.yml +++ b/.github/workflows/validate-codeowners.yml @@ -10,6 +10,7 @@ jobs: steps: - name: "Checkout source code at current commit" uses: actions/checkout@v2 + # Leave pinned at 0.7.1 until https://github.com/mszostok/codeowners-validator/issues/173 is resolved - uses: mszostok/codeowners-validator@v0.7.1 if: github.event.pull_request.head.repo.full_name == github.repository name: "Full check of CODEOWNERS" @@ -20,7 +21,7 @@ jobs: checks: "syntax,owners,duppatterns" owner_checker_allow_unowned_patterns: "false" # GitHub access token is required only if the `owners` check is enabled - github_access_token: "${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }}" + github_access_token: "${{ secrets.REPO_ACCESS_TOKEN }}" - uses: mszostok/codeowners-validator@v0.7.1 if: github.event.pull_request.head.repo.full_name != github.repository name: "Syntax check of CODEOWNERS" diff --git a/README.md b/README.md index 6b74f49..fad67f4 100644 --- a/README.md +++ b/README.md @@ -390,7 +390,7 @@ In general, PRs are welcome. We follow the typical "fork-and-pull" Git workflow. ## Copyright -Copyright © 2017-2022 [Cloud Posse, LLC](https://cpco.io/copyright) +Copyright © 2017-2023 [Cloud Posse, LLC](https://cpco.io/copyright) @@ -465,7 +465,7 @@ Check out [our other projects][github], [follow us on twitter][twitter], [apply [![README Footer][readme_footer_img]][readme_footer_link] [![Beacon][beacon]][website] - + [logo]: https://cloudposse.com/logo-300x69.svg [docs]: https://cpco.io/docs?utm_source=github&utm_medium=readme&utm_campaign=cloudposse/terraform-aws-elasticsearch&utm_content=docs [website]: https://cpco.io/homepage?utm_source=github&utm_medium=readme&utm_campaign=cloudposse/terraform-aws-elasticsearch&utm_content=website @@ -496,3 +496,4 @@ Check out [our other projects][github], [follow us on twitter][twitter], [apply [share_googleplus]: https://plus.google.com/share?url=https://github.com/cloudposse/terraform-aws-elasticsearch [share_email]: mailto:?subject=terraform-aws-elasticsearch&body=https://github.com/cloudposse/terraform-aws-elasticsearch [beacon]: https://ga-beacon.cloudposse.com/UA-76589703-4/cloudposse/terraform-aws-elasticsearch?pixel&cs=github&cm=readme&an=terraform-aws-elasticsearch + diff --git a/test/src/go.sum b/test/src/go.sum index 7bc5cfc..1f0af10 100644 --- a/test/src/go.sum +++ b/test/src/go.sum @@ -18,11 +18,13 @@ github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78/go.mod h1:LmzpDX github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= github.com/Azure/go-autorest/autorest v0.9.0/go.mod h1:xyHB1BMZT0cuDHU7I0+g046+BFDTQ8rEZB0s4Yfa6bI= github.com/Azure/go-autorest/autorest v0.9.3/go.mod h1:GsRuLYvwzLjjjRoWEIyMUaYq8GNUx2nRB378IPt/1p0= +github.com/Azure/go-autorest/autorest v0.9.6/go.mod h1:/FALq9T/kS7b5J5qsQ+RSTUdAmGFqi0vUdVNNx8q630= github.com/Azure/go-autorest/autorest v0.11.0/go.mod h1:JFgpikqFJ/MleTTxwepExTKnFUKKszPS8UavbQYUMuw= github.com/Azure/go-autorest/autorest v0.11.5/go.mod h1:foo3aIXRQ90zFve3r0QiDsrjGDUwWhKl0ZOQy1CT14k= github.com/Azure/go-autorest/autorest/adal v0.5.0/go.mod h1:8Z9fGy2MpX0PvDjB1pEgQTmVqjGhiHBW7RJJEciWzS0= github.com/Azure/go-autorest/autorest/adal v0.8.0/go.mod h1:Z6vX6WXXuyieHAXwMj0S6HY6e6wcHn37qQMBQlvY3lc= github.com/Azure/go-autorest/autorest/adal v0.8.1/go.mod h1:ZjhuQClTqx435SRJ2iMlOxPYt3d2C/T/7TiQCVZSn3Q= +github.com/Azure/go-autorest/autorest/adal v0.8.2/go.mod h1:ZjhuQClTqx435SRJ2iMlOxPYt3d2C/T/7TiQCVZSn3Q= github.com/Azure/go-autorest/autorest/adal v0.9.0/go.mod h1:/c022QCutn2P7uY+/oQWWNcK9YU+MH96NgK+jErpbcg= github.com/Azure/go-autorest/autorest/adal v0.9.2/go.mod h1:/3SMAM86bP6wC9Ev35peQDUeqFZBMH07vvUOmg4z/fE= github.com/Azure/go-autorest/autorest/azure/auth v0.5.1/go.mod h1:ea90/jvmnAwDrSooLH4sRIehEPtG/EPUXavDh31MnA4= @@ -62,6 +64,7 @@ github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24 github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= github.com/blang/semver v3.5.0+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= +github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc h1:biVzkmvwrH8WK8raXaxBx6fRVTlJILwEwQGL1I/ByEI= github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= @@ -112,9 +115,11 @@ github.com/emicklei/go-restful v2.9.5+incompatible/go.mod h1:otzb+WCGbkyDHkqmQmT github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= github.com/evanphx/json-patch v4.2.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= +github.com/evanphx/json-patch v4.9.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= github.com/fatih/color v1.9.0/go.mod h1:eQcE1qtQxscV5RaZvpXrrb8Drkc3/DdQ+uUYCNjL+zU= github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= +github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= github.com/ghodss/yaml v0.0.0-20150909031657-73d445a93680/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/go-errors/errors v1.0.1/go.mod h1:f4zRHt4oKfwPJE5k8C9vpYG+aDHdBFUsgrm6/TyX73Q= @@ -123,6 +128,7 @@ github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2 github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas= +github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= github.com/go-openapi/jsonpointer v0.0.0-20160704185906-46af16f9f7b1/go.mod h1:+35s3my2LFTysnkMfxsJBAMHj/DoqoB9knIWoYG/Vk0= github.com/go-openapi/jsonpointer v0.19.2/go.mod h1:3akKfEdA7DF1sugOqz1dVQHBcuDBPKZGEoHC/NkiQRg= github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= @@ -151,6 +157,14 @@ github.com/golang/protobuf v0.0.0-20161109072736-4bd1920723d7/go.mod h1:6lQm79b+ github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= +github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= +github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= +github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= +github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= +github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= +github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= +github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= @@ -167,13 +181,13 @@ github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OI github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= github.com/google/uuid v1.0.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/uuid v1.1.1 h1:Gkbcsh/GbpXz7lPftLA3P6TYMwjCLYm83jiFQZF/3gY= github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= github.com/googleapis/gnostic v0.0.0-20170729233727-0c5108395e2d/go.mod h1:sJBsCZ4ayReDTBIg8b9dl28c5xFWyhBTVRp3pOg5EKY= -github.com/googleapis/gnostic v0.1.0/go.mod h1:sJBsCZ4ayReDTBIg8b9dl28c5xFWyhBTVRp3pOg5EKY= github.com/googleapis/gnostic v0.2.2/go.mod h1:sJBsCZ4ayReDTBIg8b9dl28c5xFWyhBTVRp3pOg5EKY= -github.com/googleapis/gnostic v0.3.1/go.mod h1:on+2t9HRStVgn95RSsFWFz+6Q0Snyqv1awfrALZdbtU= +github.com/googleapis/gnostic v0.4.1/go.mod h1:LRhVm6pbyptWbWbuZ38d1eyptfvIytN3ir6b65WBswg= github.com/gophercloud/gophercloud v0.1.0/go.mod h1:vxM41WHh5uqHVBMZHzuwNOHh8XEoIEcSTewFxm1c5g8= github.com/gorilla/mux v1.7.3/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs= github.com/gorilla/websocket v0.0.0-20170926233335-4201258b820c/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= @@ -183,8 +197,8 @@ github.com/grpc-ecosystem/go-grpc-middleware v1.0.1-0.20190118093823-f849b5445de github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk= github.com/grpc-ecosystem/grpc-gateway v1.9.5/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY= github.com/gruntwork-io/gruntwork-cli v0.7.0/go.mod h1:jp6Z7NcLF2avpY8v71fBx6hds9eOFPELSuD/VPv7w00= -github.com/gruntwork-io/terratest v0.30.0 h1:1USVQG4Rg7Fp5WLuTjgU6kt+o7GM0ZcllYcsKXGv7nI= -github.com/gruntwork-io/terratest v0.30.0/go.mod h1:7dNmTD2zDKUEVqfmvcUU5c9mZi+986mcXNzhzqPYPg8= +github.com/gruntwork-io/terratest v0.31.4 h1:wChHuyhxp5J+Jz26DWuUJiAZpZvkyUQRfrkazYcDbdk= +github.com/gruntwork-io/terratest v0.31.4/go.mod h1:EEgJie28gX/4AD71IFqgMj6e99KP5mi81hEtzmDjxTo= github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.5.3/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4= @@ -194,6 +208,8 @@ github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1: github.com/imdario/mergo v0.3.5/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= github.com/imdario/mergo v0.3.7/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= +github.com/jinzhu/copier v0.0.0-20190924061706-b57f9002281a h1:zPPuIq2jAWWPTrGt70eK/BSch+gFAGrNzecsoENgu2o= +github.com/jinzhu/copier v0.0.0-20190924061706-b57f9002281a/go.mod h1:yL958EeXv8Ylng6IfnvG4oflryUi3vgA3xPs9hmII1s= github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= github.com/joefitzgerald/rainbow-reporter v0.1.0/go.mod h1:481CNgqmVHQZzdIbN52CupLJyoVwB10FQ/IQlF1pdL8= github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo= @@ -201,6 +217,7 @@ github.com/json-iterator/go v0.0.0-20180612202835-f2b4162afba3/go.mod h1:+SdeFBv github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= github.com/json-iterator/go v1.1.8/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= +github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= @@ -210,8 +227,9 @@ github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+o github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= -github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= +github.com/kr/pretty v0.2.0 h1:s5hAObm+yFO5uHYt5dYjxi2rXrsnmRpJx4OYvIWUaQs= +github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/pty v1.1.5/go.mod h1:9r2w37qlBe7rQ6e1fg1S/9xpWHSnaqNdHD3WcMdbPDA= github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= @@ -231,6 +249,7 @@ github.com/mattn/go-zglob v0.0.1/go.mod h1:9fxibJccNxU2cnpIKLRRFA7zX7qhkJIQWBb44 github.com/mattn/go-zglob v0.0.2-0.20190814121620-e3c945676326/go.mod h1:9fxibJccNxU2cnpIKLRRFA7zX7qhkJIQWBb449FYHOo= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= github.com/maxbrunsfeld/counterfeiter/v6 v6.2.2/go.mod h1:eD9eIE7cdwcMi9rYluz88Jz2VyhSmden33/aXg4oVIY= +github.com/miekg/dns v1.1.31/go.mod h1:KNUDUusw/aVsxyTYZM1oqvCicbwhgbNgztCETuNZ7xM= github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= @@ -259,11 +278,12 @@ github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/9 github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pkg/errors v0.9.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v0.0.0-20151028094244-d8ed2627bdf0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/pquerna/cachecontrol v0.0.0-20171018203845-0dec1b30a021/go.mod h1:prYjPmNq4d1NPVmpShWobRqXY3q7Vp+80DqgxxUrUIA= +github.com/pquerna/otp v1.2.0 h1:/A3+Jn+cagqayeR3iHs/L62m5ue7710D35zl1zJ1kok= github.com/pquerna/otp v1.2.0/go.mod h1:dkJfzwRKNiegxyNb54X/3fLwhCynbMspSyWKnvi1AEg= github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo= @@ -300,11 +320,15 @@ github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An github.com/spf13/viper v1.3.2/go.mod h1:ZiWeW+zYFKm7srdB9IoDzzZXaJaI5eL9QjNiN/DMA2s= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.2.0 h1:Hbg2NidpLE8veEBkEZTL3CvlkUIVzuU9jDplZO54c48= github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE= github.com/stretchr/testify v0.0.0-20151208002404-e3a8ff8ce365/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= +github.com/stretchr/testify v1.3.0 h1:TivCn/peBQ7UY8ooIcPgZFpTNSz0Q2U6UrFlUfqbe0Q= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= +github.com/stretchr/testify v1.5.1 h1:nOGnQDM7FYENwehXlg/kFVnos3rEvtKTjRvOWSzb6H4= +github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= github.com/stretchr/testify v1.6.1 h1:hDPOHmpOpP40lSULcqw7IrRb/u7w6RpDC9399XyoNd0= github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/tmc/grpc-websocket-proxy v0.0.0-20170815181823-89b8d40f7ca8/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= @@ -334,7 +358,6 @@ golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8U golang.org/x/crypto v0.0.0-20190820162420-60c769a6c586/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20191206172530-e9b2fee46413/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20200220183623-bac4c82f6975/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9 h1:psW17arqaxU48Z5kZ0CQnkZWQJsqcURM6tKiBApRjXI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= @@ -376,9 +399,12 @@ golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLL golang.org/x/net v0.0.0-20190628185345-da137c7871d7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190813141303-74dc4d7220e7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20190923162816-aa69164e4478/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20191004110552-13f9640d40b9/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553 h1:efeOvDhwQ29Dj3SdAV/MJf8oukgn+8D8WgaCaRMchF8= golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20200707034311-ab3426394381 h1:VXak5I6aEWmAXeQjA+QSZzlgNrpq9mjcfDemuexIKsU= +golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -410,20 +436,25 @@ golang.org/x/sys v0.0.0-20190616124812-15dcb6c0061f/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190626221950-04f50cda93cb/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190924154521-2837fb4f24fe/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191010194322-b09406accb47/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191022100944-742c48ecaeb7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200107162124-548cf772de50 h1:YvQ10rzcqWXLlJZ3XCUoO25savxmscf4+SC+ZqiCHhA= -golang.org/x/sys v0.0.0-20200107162124-548cf772de50/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200622214017-ed371f2e16b4 h1:5/PjkGUjvEU5Gl6BxmvKRPpqo2uNMv4rcHBMwzk/st8= +golang.org/x/sys v0.0.0-20200622214017-ed371f2e16b4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/text v0.0.0-20160726164857-2910a502d2bf/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= +golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20181011042414-1f849cf54d09/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= @@ -448,6 +479,7 @@ golang.org/x/tools v0.0.0-20190920225731-5eefd052ad72/go.mod h1:b+2E5dAYhXwXZwtn golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191205215504-7b8c8591a921/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191216052735-49a3e744a425/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20191227053925-7b8e75db28f4/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200113040837-eac381796e91/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -476,7 +508,7 @@ google.golang.org/genproto v0.0.0-20190801165951-fa694d86fc64/go.mod h1:DMBHOl98 google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= google.golang.org/genproto v0.0.0-20190911173649-1774047e7e51/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8= google.golang.org/genproto v0.0.0-20191230161307-f3c370f40bfb/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20200108215221-bd8f9a0ef82f/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= @@ -484,10 +516,22 @@ google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyac google.golang.org/grpc v1.23.1/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= google.golang.org/grpc v1.24.0/go.mod h1:XDChyiUovWa60DnaeDeZmSW86xtLtjtZbwvSiRnRtcA= google.golang.org/grpc v1.26.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= +google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= +google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= +google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= +google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= +google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= +google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= +google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo= +gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/cheggaaa/pb.v1 v1.0.25/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= @@ -500,8 +544,10 @@ gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWD gopkg.in/warnings.v0 v0.1.1/go.mod h1:jksf8JmL6Qr/oQM2OXTHunEvvTAsrWBLb6OOjuVWRNI= gopkg.in/yaml.v2 v2.0.0-20170812160011-eb3733d160e7/go.mod h1:JAlM8MvJe8wmxCU4Bli9HhUf9+ttbYbLASfIpnQbh74= gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= @@ -512,26 +558,29 @@ honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWh honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= k8s.io/api v0.17.0/go.mod h1:npsyOePkeP0CPwyGfXDHxvypiYMJxBWAMpQxCaJ4ZxI= -k8s.io/api v0.18.3/go.mod h1:UOaMwERbqJMfeeeHc8XJKawj4P9TgDRnViIqqBeH2QA= +k8s.io/api v0.19.3/go.mod h1:VF+5FT1B74Pw3KxMdKyinLo+zynBaMBiAfGMuldcNDs= k8s.io/apimachinery v0.17.0/go.mod h1:b9qmWdKlLuU9EBh+06BtLcSf/Mu89rWL33naRxs1uZg= -k8s.io/apimachinery v0.18.3/go.mod h1:OaXp26zu/5J7p0f92ASynJa1pZo06YlV9fG7BoWbCko= +k8s.io/apimachinery v0.19.3/go.mod h1:DnPGDnARWFvYa3pMHgSxtbZb7gpzzAZ1pTfaUNDVlmA= k8s.io/apiserver v0.17.0/go.mod h1:ABM+9x/prjINN6iiffRVNCBR2Wk7uY4z+EtEGZD48cg= k8s.io/client-go v0.17.0/go.mod h1:TYgR6EUHs6k45hb6KWjVD6jFZvJV4gHDikv/It0xz+k= -k8s.io/client-go v0.18.3/go.mod h1:4a/dpQEvzAhT1BbuWW09qvIaGw6Gbu1gZYiQZIi1DMw= +k8s.io/client-go v0.19.3/go.mod h1:+eEMktZM+MG0KO+PTkci8xnbCZHvj9TqR6Q1XDUIJOM= k8s.io/cloud-provider v0.17.0/go.mod h1:Ze4c3w2C0bRsjkBUoHpFi+qWe3ob1wI2/7cUn+YQIDE= k8s.io/code-generator v0.0.0-20191121015212-c4c8f8345c7e/go.mod h1:DVmfPQgxQENqDIzVR2ddLXMH34qeszkKSdH/N+s+38s= k8s.io/component-base v0.17.0/go.mod h1:rKuRAokNMY2nn2A6LP/MiwpoaMRHpfRnrPaUJJj1Yoc= k8s.io/csi-translation-lib v0.17.0/go.mod h1:HEF7MEz7pOLJCnxabi45IPkhSsE/KmxPQksuCrHKWls= k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= k8s.io/gengo v0.0.0-20190822140433-26a664648505/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= +k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= k8s.io/klog v0.3.0/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= k8s.io/klog v1.0.0/go.mod h1:4Bi6QPql/J/LkTDqv7R/cd3hPo4k2DG6Ptcz060Ez5I= +k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= +k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= k8s.io/kube-openapi v0.0.0-20191107075043-30be4d16710a/go.mod h1:1TqjTSzOxsLGIKfj0lK8EeCP7K1iUG65v09OM0/WG5E= -k8s.io/kube-openapi v0.0.0-20200410145947-61e04a5be9a6/go.mod h1:GRQhZsXIAJ1xR0C9bd8UpWHZ5plfAS9fzPjJuQ6JL3E= +k8s.io/kube-openapi v0.0.0-20200805222855-6aeccd4b50c6/go.mod h1:UuqjUnNftUyPE5H64/qeyjQoUZhGpeFDVdxjTeEVN2o= k8s.io/legacy-cloud-providers v0.17.0/go.mod h1:DdzaepJ3RtRy+e5YhNtrCYwlgyK87j/5+Yfp0L9Syp8= k8s.io/utils v0.0.0-20191114184206-e782cd3c129f/go.mod h1:sZAwmy6armz5eXlNoLmJcl4F1QuKu7sr+mFQ0byX7Ew= -k8s.io/utils v0.0.0-20200324210504-a9aa75ae1b89/go.mod h1:sZAwmy6armz5eXlNoLmJcl4F1QuKu7sr+mFQ0byX7Ew= +k8s.io/utils v0.0.0-20200729134348-d5654de09c73/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= modernc.org/cc v1.0.0/go.mod h1:1Sk4//wdnYJiUIxnW8ddKpaOJCF37yAdqYnkxUpaYxw= modernc.org/golex v1.0.0/go.mod h1:b/QX9oBD/LhixY6NDh+IdGv17hgB+51fET1i2kPSmvk= modernc.org/mathutil v1.0.0/go.mod h1:wU0vUrJsVWBZ4P6e7xtFJEhFSNsfRLJ8H458uRjg03k= @@ -540,7 +589,6 @@ modernc.org/xc v1.0.0/go.mod h1:mRNCo0bvLjGhHO9WsyuKVU4q0ceiDDDoEeWDJHrNx8I= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= sigs.k8s.io/structured-merge-diff v0.0.0-20190525122527-15d366b2352e/go.mod h1:wWxsB5ozmmv/SG7nM11ayaAW51xMvak/t1r0CSlcokI= sigs.k8s.io/structured-merge-diff v1.0.1-0.20191108220359-b1b620dd3f06/go.mod h1:/ULNhyfzRopfcjskuui0cTITekDduZ7ycKN3oUT9R18= -sigs.k8s.io/structured-merge-diff/v3 v3.0.0-20200116222232-67a7b8c61874/go.mod h1:PlARxl6Hbt/+BC80dRLi1qAmnMqwqDg62YvvVkZjemw= -sigs.k8s.io/structured-merge-diff/v3 v3.0.0/go.mod h1:PlARxl6Hbt/+BC80dRLi1qAmnMqwqDg62YvvVkZjemw= +sigs.k8s.io/structured-merge-diff/v4 v4.0.1/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o= sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc= From 7f83b65e1a0fc9bde8702433655a6806c39d0c2b Mon Sep 17 00:00:00 2001 From: Dmitry Chepurovskiy Date: Fri, 17 Feb 2023 15:13:39 +0200 Subject: [PATCH 02/12] Added AutoTune support (#149) * Added AutoTune support * Auto Format * Update variables.tf Co-authored-by: Igor Rodionov * Update variables.tf Co-authored-by: Igor Rodionov * Update variables.tf Co-authored-by: Igor Rodionov * Auto Format * Rework auto_tune variables to single object * Try to fix variables.tf lint * Auto Format * Update variables.tf Co-authored-by: Igor Rodionov * Update variables.tf Co-authored-by: Igor Rodionov --------- Co-authored-by: cloudpossebot <11232728+cloudpossebot@users.noreply.github.com> Co-authored-by: Igor Rodionov --- README.md | 1 + docs/terraform.md | 1 + main.tf | 19 ++++++++++++++++++- variables.tf | 42 ++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 62 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index fad67f4..470edc0 100644 --- a/README.md +++ b/README.md @@ -214,6 +214,7 @@ Available targets: | [advanced\_security\_options\_master\_user\_password](#input\_advanced\_security\_options\_master\_user\_password) | Master user password (applicable if advanced\_security\_options\_internal\_user\_database\_enabled set to true) | `string` | `""` | no | | [allowed\_cidr\_blocks](#input\_allowed\_cidr\_blocks) | List of CIDR blocks to be allowed to connect to the cluster | `list(string)` | `[]` | no | | [attributes](#input\_attributes) | ID element. Additional attributes (e.g. `workers` or `cluster`) to add to `id`,
in the order they appear in the list. New attributes are appended to the
end of the list. The elements of the list are joined by the `delimiter`
and treated as a single ID element. | `list(string)` | `[]` | no | +| [auto\_tune](#input\_auto\_tune) | This object represents the auto\_tune configuration. It contains the following filed:
- enabled - Whether to enable autotune.
- rollback\_on\_disable - Whether to roll back to default Auto-Tune settings when disabling Auto-Tune.
- starting\_time - Date and time at which to start the Auto-Tune maintenance schedule in RFC3339 format. Time should be in the future.
- cron\_schedule - A cron expression specifying the recurrence pattern for an Auto-Tune maintenance schedule.
- duration - Autotune maintanance window duration time in hours. | 
object({
    enabled             = bool
    rollback_on_disable = string
    starting_time       = string
    cron_schedule       = string
    duration            = number
  })
| 
{
  "cron_schedule": null,
  "duration": null,
  "enabled": false,
  "rollback_on_disable": "NO_ROLLBACK",
  "starting_time": null
}
| no | | [automated\_snapshot\_start\_hour](#input\_automated\_snapshot\_start\_hour) | Hour at which automated snapshots are taken, in UTC | `number` | `0` | no | | [availability\_zone\_count](#input\_availability\_zone\_count) | Number of Availability Zones for the domain to use. | `number` | `2` | no | | [aws\_ec2\_service\_name](#input\_aws\_ec2\_service\_name) | AWS EC2 Service Name | `list(string)` | 
[
  "ec2.amazonaws.com"
]
| no | diff --git a/docs/terraform.md b/docs/terraform.md index 9d0849a..9b98443 100644 --- a/docs/terraform.md +++ b/docs/terraform.md @@ -51,6 +51,7 @@ | [advanced\_security\_options\_master\_user\_password](#input\_advanced\_security\_options\_master\_user\_password) | Master user password (applicable if advanced\_security\_options\_internal\_user\_database\_enabled set to true) | `string` | `""` | no | | [allowed\_cidr\_blocks](#input\_allowed\_cidr\_blocks) | List of CIDR blocks to be allowed to connect to the cluster | `list(string)` | `[]` | no | | [attributes](#input\_attributes) | ID element. Additional attributes (e.g. `workers` or `cluster`) to add to `id`,
in the order they appear in the list. New attributes are appended to the
end of the list. The elements of the list are joined by the `delimiter`
and treated as a single ID element. | `list(string)` | `[]` | no | +| [auto\_tune](#input\_auto\_tune) | This object represents the auto\_tune configuration. It contains the following filed:
- enabled - Whether to enable autotune.
- rollback\_on\_disable - Whether to roll back to default Auto-Tune settings when disabling Auto-Tune.
- starting\_time - Date and time at which to start the Auto-Tune maintenance schedule in RFC3339 format. Time should be in the future.
- cron\_schedule - A cron expression specifying the recurrence pattern for an Auto-Tune maintenance schedule.
- duration - Autotune maintanance window duration time in hours. | 
object({
    enabled             = bool
    rollback_on_disable = string
    starting_time       = string
    cron_schedule       = string
    duration            = number
  })
| 
{
  "cron_schedule": null,
  "duration": null,
  "enabled": false,
  "rollback_on_disable": "NO_ROLLBACK",
  "starting_time": null
}
| no | | [automated\_snapshot\_start\_hour](#input\_automated\_snapshot\_start\_hour) | Hour at which automated snapshots are taken, in UTC | `number` | `0` | no | | [availability\_zone\_count](#input\_availability\_zone\_count) | Number of Availability Zones for the domain to use. | `number` | `2` | no | | [aws\_ec2\_service\_name](#input\_aws\_ec2\_service\_name) | AWS EC2 Service Name | `list(string)` | 
[
  "ec2.amazonaws.com"
]
| no | diff --git a/main.tf b/main.tf index f1aa688..45957c5 100644 --- a/main.tf +++ b/main.tf @@ -159,6 +159,23 @@ resource "aws_elasticsearch_domain" "default" { } } + dynamic "auto_tune_options" { + for_each = var.auto_tune.enabled ? [true] : [] + content { + desired_state = "ENABLED" + rollback_on_disable = var.auto_tune.rollback_on_disable + maintenance_schedule { + # Required until https://github.com/hashicorp/terraform-provider-aws/issues/22239 would be resolved + start_at = var.auto_tune.starting_time == null ? timeadd(timestamp(), "1h") : var.auto_tune.starting_time + duration { + value = var.auto_tune.duration + unit = "HOURS" + } + cron_expression_for_recurrence = var.auto_tune_cron_schedule + } + } + } + node_to_node_encryption { enabled = var.node_to_node_encryption_enabled } @@ -296,4 +313,4 @@ module "kibana_hostname" { records = [join("", aws_elasticsearch_domain.default.*.endpoint)] context = module.this.context -} +} \ No newline at end of file diff --git a/variables.tf b/variables.tf index b1dc74d..88dc3ee 100644 --- a/variables.tf +++ b/variables.tf @@ -363,3 +363,45 @@ variable "custom_endpoint_certificate_arn" { description = "ACM certificate ARN for custom endpoint." default = "" } + +variable "auto_tune" { + type = object({ + enabled = bool + rollback_on_disable = string + starting_time = string + cron_schedule = string + duration = number + }) + + default = { + enabled = false + rollback_on_disable = "NO_ROLLBACK" + starting_time = null + cron_schedule = null + duration = null + } + + description = <<-EOT + This object represents the auto_tune configuration. It contains the following filed: + - enabled - Whether to enable autotune. + - rollback_on_disable - Whether to roll back to default Auto-Tune settings when disabling Auto-Tune. + - starting_time - Date and time at which to start the Auto-Tune maintenance schedule in RFC3339 format. Time should be in the future. + - cron_schedule - A cron expression specifying the recurrence pattern for an Auto-Tune maintenance schedule. + - duration - Autotune maintanance window duration time in hours. + EOT + + validation { + condition = var.auto_tune.enabled == false || var.auto_tune.cron_schedule != null + error_message = "Variable auto_tune.cron_schedule should be set if var.auto_tune.enabled == true." + } + + validation { + condition = var.auto_tune.enabled == false || var.auto_tune.duration != null + error_message = "Variable auto_tune.duration should be set if var.auto_tune.enabled == true." + } + + validation { + condition = contains(["DEFAULT_ROLLBACK", "NO_ROLLBACK"], var.auto_tune.rollback_on_disable) + error_message = "Variable auto_tune.rollback_on_disable valid values: DEFAULT_ROLLBACK or NO_ROLLBACK." + } +} \ No newline at end of file From dcd0c480e5af05ac1615ee899f8f1328148d0902 Mon Sep 17 00:00:00 2001 From: Dmitry Chepurovskiy Date: Fri, 17 Feb 2023 20:00:48 +0200 Subject: [PATCH 03/12] Support ebs_throughput to enable using of gp3 (#150) * Support ebs_throughput to enable using of gp3 * Auto Format --------- Co-authored-by: cloudpossebot <11232728+cloudpossebot@users.noreply.github.com> --- README.md | 1 + docs/terraform.md | 1 + main.tf | 1 + variables.tf | 6 ++++++ 4 files changed, 9 insertions(+) diff --git a/README.md b/README.md index 470edc0..df157cc 100644 --- a/README.md +++ b/README.md @@ -237,6 +237,7 @@ Available targets: | [domain\_endpoint\_options\_tls\_security\_policy](#input\_domain\_endpoint\_options\_tls\_security\_policy) | The name of the TLS security policy that needs to be applied to the HTTPS endpoint | `string` | `"Policy-Min-TLS-1-0-2019-07"` | no | | [domain\_hostname\_enabled](#input\_domain\_hostname\_enabled) | Explicit flag to enable creating a DNS hostname for ES. If `true`, then `var.dns_zone_id` is required. | `bool` | `false` | no | | [ebs\_iops](#input\_ebs\_iops) | The baseline input/output (I/O) performance of EBS volumes attached to data nodes. Applicable only for the Provisioned IOPS EBS volume type | `number` | `0` | no | +| [ebs\_throughput](#input\_ebs\_throughput) | Specifies the throughput (in MiB/s) of the EBS volumes attached to data nodes. Applicable only for the gp3 volume type. Valid values are between 125 and 1000. | `number` | `null` | no | | [ebs\_volume\_size](#input\_ebs\_volume\_size) | EBS volumes for data storage in GB | `number` | `0` | no | | [ebs\_volume\_type](#input\_ebs\_volume\_type) | Storage type of EBS volumes | `string` | `"gp2"` | no | | [elasticsearch\_subdomain\_name](#input\_elasticsearch\_subdomain\_name) | The name of the subdomain for Elasticsearch in the DNS zone (\_e.g.\_ `elasticsearch`, `ui`, `ui-es`, `search-ui`) | `string` | `""` | no | diff --git a/docs/terraform.md b/docs/terraform.md index 9b98443..58f68b0 100644 --- a/docs/terraform.md +++ b/docs/terraform.md @@ -74,6 +74,7 @@ | [domain\_endpoint\_options\_tls\_security\_policy](#input\_domain\_endpoint\_options\_tls\_security\_policy) | The name of the TLS security policy that needs to be applied to the HTTPS endpoint | `string` | `"Policy-Min-TLS-1-0-2019-07"` | no | | [domain\_hostname\_enabled](#input\_domain\_hostname\_enabled) | Explicit flag to enable creating a DNS hostname for ES. If `true`, then `var.dns_zone_id` is required. | `bool` | `false` | no | | [ebs\_iops](#input\_ebs\_iops) | The baseline input/output (I/O) performance of EBS volumes attached to data nodes. Applicable only for the Provisioned IOPS EBS volume type | `number` | `0` | no | +| [ebs\_throughput](#input\_ebs\_throughput) | Specifies the throughput (in MiB/s) of the EBS volumes attached to data nodes. Applicable only for the gp3 volume type. Valid values are between 125 and 1000. | `number` | `null` | no | | [ebs\_volume\_size](#input\_ebs\_volume\_size) | EBS volumes for data storage in GB | `number` | `0` | no | | [ebs\_volume\_type](#input\_ebs\_volume\_type) | Storage type of EBS volumes | `string` | `"gp2"` | no | | [elasticsearch\_subdomain\_name](#input\_elasticsearch\_subdomain\_name) | The name of the subdomain for Elasticsearch in the DNS zone (\_e.g.\_ `elasticsearch`, `ui`, `ui-es`, `search-ui`) | `string` | `""` | no | diff --git a/main.tf b/main.tf index 45957c5..20c0529 100644 --- a/main.tf +++ b/main.tf @@ -125,6 +125,7 @@ resource "aws_elasticsearch_domain" "default" { volume_size = var.ebs_volume_size volume_type = var.ebs_volume_type iops = var.ebs_iops + throughput = var.ebs_throughput } encrypt_at_rest { diff --git a/variables.tf b/variables.tf index 88dc3ee..64022d2 100644 --- a/variables.tf +++ b/variables.tf @@ -141,6 +141,12 @@ variable "ebs_iops" { description = "The baseline input/output (I/O) performance of EBS volumes attached to data nodes. Applicable only for the Provisioned IOPS EBS volume type" } +variable "ebs_throughput" { + type = number + default = null + description = "Specifies the throughput (in MiB/s) of the EBS volumes attached to data nodes. Applicable only for the gp3 volume type. Valid values are between 125 and 1000." +} + variable "encrypt_at_rest_enabled" { type = bool default = true From 4becd77bcc8a0634b9b4b4fcf1029e5624d20c6c Mon Sep 17 00:00:00 2001 From: Dmitry Chepurovskiy Date: Sat, 18 Feb 2023 11:12:34 +0200 Subject: [PATCH 04/12] Add cold storage support (#148) * Add cold storage support * Auto Format * Try to fix cloud_storage error for Elasticsearch version prior 7.9 * Auto Format --------- Co-authored-by: cloudpossebot <11232728+cloudpossebot@users.noreply.github.com> Co-authored-by: Igor Rodionov --- README.md | 1 + docs/terraform.md | 1 + main.tf | 7 +++++++ variables.tf | 9 ++++++++- 4 files changed, 17 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index df157cc..ee07cfc 100644 --- a/README.md +++ b/README.md @@ -222,6 +222,7 @@ Available targets: | [cognito\_iam\_role\_arn](#input\_cognito\_iam\_role\_arn) | ARN of the IAM role that has the AmazonESCognitoAccess policy attached | `string` | `""` | no | | [cognito\_identity\_pool\_id](#input\_cognito\_identity\_pool\_id) | The ID of the Cognito Identity Pool to use | `string` | `""` | no | | [cognito\_user\_pool\_id](#input\_cognito\_user\_pool\_id) | The ID of the Cognito User Pool to use | `string` | `""` | no | +| [cold\_storage\_enabled](#input\_cold\_storage\_enabled) | Enables cold storage support. | `bool` | `false` | no | | [context](#input\_context) | Single object for setting entire context at once.
See description of individual variables for details.
Leave string and numeric variables as `null` to use default value.
Individual variable settings (non-null) override settings in context object,
except for attributes, tags, and additional\_tag\_map, which are merged. | `any` | 
{
  "additional_tag_map": {},
  "attributes": [],
  "delimiter": null,
  "descriptor_formats": {},
  "enabled": true,
  "environment": null,
  "id_length_limit": null,
  "label_key_case": null,
  "label_order": [],
  "label_value_case": null,
  "labels_as_tags": [
    "unset"
  ],
  "name": null,
  "namespace": null,
  "regex_replace_chars": null,
  "stage": null,
  "tags": {},
  "tenant": null
}
| no | | [create\_iam\_service\_linked\_role](#input\_create\_iam\_service\_linked\_role) | Whether to create `AWSServiceRoleForAmazonElasticsearchService` service-linked role. Set it to `false` if you already have an ElasticSearch cluster created in the AWS account and AWSServiceRoleForAmazonElasticsearchService already exists. See https://github.com/terraform-providers/terraform-provider-aws/issues/5218 for more info | `bool` | `true` | no | | [custom\_endpoint](#input\_custom\_endpoint) | Fully qualified domain for custom endpoint. | `string` | `""` | no | diff --git a/docs/terraform.md b/docs/terraform.md index 58f68b0..e6493fd 100644 --- a/docs/terraform.md +++ b/docs/terraform.md @@ -59,6 +59,7 @@ | [cognito\_iam\_role\_arn](#input\_cognito\_iam\_role\_arn) | ARN of the IAM role that has the AmazonESCognitoAccess policy attached | `string` | `""` | no | | [cognito\_identity\_pool\_id](#input\_cognito\_identity\_pool\_id) | The ID of the Cognito Identity Pool to use | `string` | `""` | no | | [cognito\_user\_pool\_id](#input\_cognito\_user\_pool\_id) | The ID of the Cognito User Pool to use | `string` | `""` | no | +| [cold\_storage\_enabled](#input\_cold\_storage\_enabled) | Enables cold storage support. | `bool` | `false` | no | | [context](#input\_context) | Single object for setting entire context at once.
See description of individual variables for details.
Leave string and numeric variables as `null` to use default value.
Individual variable settings (non-null) override settings in context object,
except for attributes, tags, and additional\_tag\_map, which are merged. | `any` | 
{
  "additional_tag_map": {},
  "attributes": [],
  "delimiter": null,
  "descriptor_formats": {},
  "enabled": true,
  "environment": null,
  "id_length_limit": null,
  "label_key_case": null,
  "label_order": [],
  "label_value_case": null,
  "labels_as_tags": [
    "unset"
  ],
  "name": null,
  "namespace": null,
  "regex_replace_chars": null,
  "stage": null,
  "tags": {},
  "tenant": null
}
| no | | [create\_iam\_service\_linked\_role](#input\_create\_iam\_service\_linked\_role) | Whether to create `AWSServiceRoleForAmazonElasticsearchService` service-linked role. Set it to `false` if you already have an ElasticSearch cluster created in the AWS account and AWSServiceRoleForAmazonElasticsearchService already exists. See https://github.com/terraform-providers/terraform-provider-aws/issues/5218 for more info | `bool` | `true` | no | | [custom\_endpoint](#input\_custom\_endpoint) | Fully qualified domain for custom endpoint. | `string` | `""` | no | diff --git a/main.tf b/main.tf index 20c0529..03cb7e7 100644 --- a/main.tf +++ b/main.tf @@ -158,6 +158,13 @@ resource "aws_elasticsearch_domain" "default" { availability_zone_count = var.availability_zone_count } } + + dynamic "cold_storage_options" { + for_each = var.cold_storage_enabled ? [true] : [] + content { + enabled = var.cold_storage_enabled + } + } } dynamic "auto_tune_options" { diff --git a/variables.tf b/variables.tf index 64022d2..3230799 100644 --- a/variables.tf +++ b/variables.tf @@ -370,6 +370,12 @@ variable "custom_endpoint_certificate_arn" { default = "" } +variable "cold_storage_enabled" { + type = bool + description = "Enables cold storage support." + default = false +} + variable "auto_tune" { type = object({ enabled = bool @@ -410,4 +416,5 @@ variable "auto_tune" { condition = contains(["DEFAULT_ROLLBACK", "NO_ROLLBACK"], var.auto_tune.rollback_on_disable) error_message = "Variable auto_tune.rollback_on_disable valid values: DEFAULT_ROLLBACK or NO_ROLLBACK." } -} \ No newline at end of file +} + From ce75e529a06286be911af9b20e4a3753c37e56a3 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 23 Feb 2023 16:50:04 +0600 Subject: [PATCH 05/12] chore(deps): update terraform cloudposse/route53-cluster-hostname/aws to v0.12.3 (#152) * chore(deps): update terraform cloudposse/route53-cluster-hostname/aws to v0.12.3 * Auto Format --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: cloudpossebot <11232728+cloudpossebot@users.noreply.github.com> Co-authored-by: Igor Rodionov --- README.md | 4 ++-- docs/terraform.md | 4 ++-- main.tf | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index ee07cfc..cb11286 100644 --- a/README.md +++ b/README.md @@ -180,8 +180,8 @@ Available targets: | Name | Source | Version | |------|--------|---------| -| [domain\_hostname](#module\_domain\_hostname) | cloudposse/route53-cluster-hostname/aws | 0.12.2 | -| [kibana\_hostname](#module\_kibana\_hostname) | cloudposse/route53-cluster-hostname/aws | 0.12.2 | +| [domain\_hostname](#module\_domain\_hostname) | cloudposse/route53-cluster-hostname/aws | 0.12.3 | +| [kibana\_hostname](#module\_kibana\_hostname) | cloudposse/route53-cluster-hostname/aws | 0.12.3 | | [kibana\_label](#module\_kibana\_label) | cloudposse/label/null | 0.25.0 | | [this](#module\_this) | cloudposse/label/null | 0.25.0 | | [user\_label](#module\_user\_label) | cloudposse/label/null | 0.25.0 | diff --git a/docs/terraform.md b/docs/terraform.md index e6493fd..61a5812 100644 --- a/docs/terraform.md +++ b/docs/terraform.md @@ -17,8 +17,8 @@ | Name | Source | Version | |------|--------|---------| -| [domain\_hostname](#module\_domain\_hostname) | cloudposse/route53-cluster-hostname/aws | 0.12.2 | -| [kibana\_hostname](#module\_kibana\_hostname) | cloudposse/route53-cluster-hostname/aws | 0.12.2 | +| [domain\_hostname](#module\_domain\_hostname) | cloudposse/route53-cluster-hostname/aws | 0.12.3 | +| [kibana\_hostname](#module\_kibana\_hostname) | cloudposse/route53-cluster-hostname/aws | 0.12.3 | | [kibana\_label](#module\_kibana\_label) | cloudposse/label/null | 0.25.0 | | [this](#module\_this) | cloudposse/label/null | 0.25.0 | | [user\_label](#module\_user\_label) | cloudposse/label/null | 0.25.0 | diff --git a/main.tf b/main.tf index 03cb7e7..6ccadb2 100644 --- a/main.tf +++ b/main.tf @@ -296,7 +296,7 @@ resource "aws_elasticsearch_domain_policy" "default" { module "domain_hostname" { source = "cloudposse/route53-cluster-hostname/aws" - version = "0.12.2" + version = "0.12.3" enabled = module.this.enabled && var.domain_hostname_enabled dns_name = var.elasticsearch_subdomain_name == "" ? module.this.id : var.elasticsearch_subdomain_name @@ -309,7 +309,7 @@ module "domain_hostname" { module "kibana_hostname" { source = "cloudposse/route53-cluster-hostname/aws" - version = "0.12.2" + version = "0.12.3" enabled = module.this.enabled && var.kibana_hostname_enabled dns_name = var.kibana_subdomain_name == "" ? module.kibana_label.id : var.kibana_subdomain_name From 43eda697994f9d1807315864d90cc9ede889af9f Mon Sep 17 00:00:00 2001 From: Jakub Andrzejewski Date: Thu, 23 Feb 2023 11:51:02 +0100 Subject: [PATCH 06/12] Update README: change zone_awareness_enabled to bool (#142) * Update README: change zone_awareness_enabled to bool In the example use zone_awareness_enabled is passed to the module as string, when bool is expected. * Auto Format --------- Co-authored-by: cloudpossebot <11232728+cloudpossebot@users.noreply.github.com> Co-authored-by: Igor Rodionov --- README.md | 2 +- README.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index cb11286..4a3582d 100644 --- a/README.md +++ b/README.md @@ -120,7 +120,7 @@ module "elasticsearch" { security_groups = ["sg-XXXXXXXXX", "sg-YYYYYYYY"] vpc_id = "vpc-XXXXXXXXX" subnet_ids = ["subnet-XXXXXXXXX", "subnet-YYYYYYYY"] - zone_awareness_enabled = "true" + zone_awareness_enabled = true elasticsearch_version = "6.5" instance_type = "t2.small.elasticsearch" instance_count = 4 diff --git a/README.yaml b/README.yaml index e466e5e..3b68167 100644 --- a/README.yaml +++ b/README.yaml @@ -67,7 +67,7 @@ usage: |- security_groups = ["sg-XXXXXXXXX", "sg-YYYYYYYY"] vpc_id = "vpc-XXXXXXXXX" subnet_ids = ["subnet-XXXXXXXXX", "subnet-YYYYYYYY"] - zone_awareness_enabled = "true" + zone_awareness_enabled = true elasticsearch_version = "6.5" instance_type = "t2.small.elasticsearch" instance_count = 4 From 6cf06ed567b25ca2af871fa03f33132110f5f182 Mon Sep 17 00:00:00 2001 From: Brandon Gottlob <3633212+bgottlob@users.noreply.github.com> Date: Thu, 23 Feb 2023 06:39:38 -0500 Subject: [PATCH 07/12] Add option to apply security groups to domain (#134) * Add option to apply security groups to domain Resolves #62. * Auto Format * Auto Format --------- Co-authored-by: cloudpossebot <11232728+cloudpossebot@users.noreply.github.com> Co-authored-by: Igor Rodionov --- README.md | 3 ++- docs/terraform.md | 3 ++- main.tf | 10 +++++----- variables.tf | 8 +++++++- 4 files changed, 16 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index 4a3582d..9261c0e 100644 --- a/README.md +++ b/README.md @@ -225,6 +225,7 @@ Available targets: | [cold\_storage\_enabled](#input\_cold\_storage\_enabled) | Enables cold storage support. | `bool` | `false` | no | | [context](#input\_context) | Single object for setting entire context at once.
See description of individual variables for details.
Leave string and numeric variables as `null` to use default value.
Individual variable settings (non-null) override settings in context object,
except for attributes, tags, and additional\_tag\_map, which are merged. | `any` | 
{
  "additional_tag_map": {},
  "attributes": [],
  "delimiter": null,
  "descriptor_formats": {},
  "enabled": true,
  "environment": null,
  "id_length_limit": null,
  "label_key_case": null,
  "label_order": [],
  "label_value_case": null,
  "labels_as_tags": [
    "unset"
  ],
  "name": null,
  "namespace": null,
  "regex_replace_chars": null,
  "stage": null,
  "tags": {},
  "tenant": null
}
| no | | [create\_iam\_service\_linked\_role](#input\_create\_iam\_service\_linked\_role) | Whether to create `AWSServiceRoleForAmazonElasticsearchService` service-linked role. Set it to `false` if you already have an ElasticSearch cluster created in the AWS account and AWSServiceRoleForAmazonElasticsearchService already exists. See https://github.com/terraform-providers/terraform-provider-aws/issues/5218 for more info | `bool` | `true` | no | +| [create\_security\_group](#input\_create\_security\_group) | Whether to create a dedicated security group for the Elasticsearch domain. Set it to `false` if you already have security groups that you want to attach to the domain and specify them in the `security_groups` variable. | `bool` | `true` | no | | [custom\_endpoint](#input\_custom\_endpoint) | Fully qualified domain for custom endpoint. | `string` | `""` | no | | [custom\_endpoint\_certificate\_arn](#input\_custom\_endpoint\_certificate\_arn) | ACM certificate ARN for custom endpoint. | `string` | `""` | no | | [custom\_endpoint\_enabled](#input\_custom\_endpoint\_enabled) | Whether to enable custom endpoint for the Elasticsearch domain. | `bool` | `false` | no | @@ -275,7 +276,7 @@ Available targets: | [namespace](#input\_namespace) | ID element. Usually an abbreviation of your organization name, e.g. 'eg' or 'cp', to help ensure generated IDs are globally unique | `string` | `null` | no | | [node\_to\_node\_encryption\_enabled](#input\_node\_to\_node\_encryption\_enabled) | Whether to enable node-to-node encryption | `bool` | `false` | no | | [regex\_replace\_chars](#input\_regex\_replace\_chars) | Terraform regular expression (regex) string.
Characters matching the regex will be removed from the ID elements.
If not set, `"/[^a-zA-Z0-9-]/"` is used to remove all characters other than hyphens, letters and digits. | `string` | `null` | no | -| [security\_groups](#input\_security\_groups) | List of security group IDs to be allowed to connect to the cluster | `list(string)` | `[]` | no | +| [security\_groups](#input\_security\_groups) | List of security group IDs to be allowed to connect to the cluster or the security group IDs to apply to the cluster when the `create_security_group` variable is set to false. | `list(string)` | `[]` | no | | [stage](#input\_stage) | ID element. Usually used to indicate role, e.g. 'prod', 'staging', 'source', 'build', 'test', 'deploy', 'release' | `string` | `null` | no | | [subnet\_ids](#input\_subnet\_ids) | VPC Subnet IDs | `list(string)` | `[]` | no | | [tags](#input\_tags) | Additional tags (e.g. `{'BusinessUnit': 'XYZ'}`).
Neither the tag keys nor the tag values will be modified by this module. | `map(string)` | `{}` | no | diff --git a/docs/terraform.md b/docs/terraform.md index 61a5812..1af9dd7 100644 --- a/docs/terraform.md +++ b/docs/terraform.md @@ -62,6 +62,7 @@ | [cold\_storage\_enabled](#input\_cold\_storage\_enabled) | Enables cold storage support. | `bool` | `false` | no | | [context](#input\_context) | Single object for setting entire context at once.
See description of individual variables for details.
Leave string and numeric variables as `null` to use default value.
Individual variable settings (non-null) override settings in context object,
except for attributes, tags, and additional\_tag\_map, which are merged. | `any` | 
{
  "additional_tag_map": {},
  "attributes": [],
  "delimiter": null,
  "descriptor_formats": {},
  "enabled": true,
  "environment": null,
  "id_length_limit": null,
  "label_key_case": null,
  "label_order": [],
  "label_value_case": null,
  "labels_as_tags": [
    "unset"
  ],
  "name": null,
  "namespace": null,
  "regex_replace_chars": null,
  "stage": null,
  "tags": {},
  "tenant": null
}
| no | | [create\_iam\_service\_linked\_role](#input\_create\_iam\_service\_linked\_role) | Whether to create `AWSServiceRoleForAmazonElasticsearchService` service-linked role. Set it to `false` if you already have an ElasticSearch cluster created in the AWS account and AWSServiceRoleForAmazonElasticsearchService already exists. See https://github.com/terraform-providers/terraform-provider-aws/issues/5218 for more info | `bool` | `true` | no | +| [create\_security\_group](#input\_create\_security\_group) | Whether to create a dedicated security group for the Elasticsearch domain. Set it to `false` if you already have security groups that you want to attach to the domain and specify them in the `security_groups` variable. | `bool` | `true` | no | | [custom\_endpoint](#input\_custom\_endpoint) | Fully qualified domain for custom endpoint. | `string` | `""` | no | | [custom\_endpoint\_certificate\_arn](#input\_custom\_endpoint\_certificate\_arn) | ACM certificate ARN for custom endpoint. | `string` | `""` | no | | [custom\_endpoint\_enabled](#input\_custom\_endpoint\_enabled) | Whether to enable custom endpoint for the Elasticsearch domain. | `bool` | `false` | no | @@ -112,7 +113,7 @@ | [namespace](#input\_namespace) | ID element. Usually an abbreviation of your organization name, e.g. 'eg' or 'cp', to help ensure generated IDs are globally unique | `string` | `null` | no | | [node\_to\_node\_encryption\_enabled](#input\_node\_to\_node\_encryption\_enabled) | Whether to enable node-to-node encryption | `bool` | `false` | no | | [regex\_replace\_chars](#input\_regex\_replace\_chars) | Terraform regular expression (regex) string.
Characters matching the regex will be removed from the ID elements.
If not set, `"/[^a-zA-Z0-9-]/"` is used to remove all characters other than hyphens, letters and digits. | `string` | `null` | no | -| [security\_groups](#input\_security\_groups) | List of security group IDs to be allowed to connect to the cluster | `list(string)` | `[]` | no | +| [security\_groups](#input\_security\_groups) | List of security group IDs to be allowed to connect to the cluster or the security group IDs to apply to the cluster when the `create_security_group` variable is set to false. | `list(string)` | `[]` | no | | [stage](#input\_stage) | ID element. Usually used to indicate role, e.g. 'prod', 'staging', 'source', 'build', 'test', 'deploy', 'release' | `string` | `null` | no | | [subnet\_ids](#input\_subnet\_ids) | VPC Subnet IDs | `list(string)` | `[]` | no | | [tags](#input\_tags) | Additional tags (e.g. `{'BusinessUnit': 'XYZ'}`).
Neither the tag keys nor the tag values will be modified by this module. | `map(string)` | `{}` | no | diff --git a/main.tf b/main.tf index 6ccadb2..381dd07 100644 --- a/main.tf +++ b/main.tf @@ -17,7 +17,7 @@ module "kibana_label" { } resource "aws_security_group" "default" { - count = module.this.enabled && var.vpc_enabled ? 1 : 0 + count = module.this.enabled && var.vpc_enabled && var.create_security_group ? 1 : 0 vpc_id = var.vpc_id name = module.this.id description = "Allow inbound traffic from Security Groups and CIDRs. Allow all outbound traffic" @@ -29,7 +29,7 @@ resource "aws_security_group" "default" { } resource "aws_security_group_rule" "ingress_security_groups" { - count = module.this.enabled && var.vpc_enabled ? length(var.security_groups) : 0 + count = module.this.enabled && var.vpc_enabled && var.create_security_group ? length(var.security_groups) : 0 description = "Allow inbound traffic from Security Groups" type = "ingress" from_port = var.ingress_port_range_start @@ -40,7 +40,7 @@ resource "aws_security_group_rule" "ingress_security_groups" { } resource "aws_security_group_rule" "ingress_cidr_blocks" { - count = module.this.enabled && var.vpc_enabled && length(var.allowed_cidr_blocks) > 0 ? 1 : 0 + count = module.this.enabled && var.vpc_enabled && var.create_security_group && length(var.allowed_cidr_blocks) > 0 ? 1 : 0 description = "Allow inbound traffic from CIDR blocks" type = "ingress" from_port = var.ingress_port_range_start @@ -51,7 +51,7 @@ resource "aws_security_group_rule" "ingress_cidr_blocks" { } resource "aws_security_group_rule" "egress" { - count = module.this.enabled && var.vpc_enabled ? 1 : 0 + count = module.this.enabled && var.vpc_enabled && var.create_security_group ? 1 : 0 description = "Allow all egress traffic" type = "egress" from_port = 0 @@ -192,7 +192,7 @@ resource "aws_elasticsearch_domain" "default" { for_each = var.vpc_enabled ? [true] : [] content { - security_group_ids = [join("", aws_security_group.default.*.id)] + security_group_ids = var.create_security_group ? [join("", aws_security_group.default.*.id)] : var.security_groups subnet_ids = var.subnet_ids } } diff --git a/variables.tf b/variables.tf index 3230799..4830134 100644 --- a/variables.tf +++ b/variables.tf @@ -1,7 +1,13 @@ variable "security_groups" { type = list(string) default = [] - description = "List of security group IDs to be allowed to connect to the cluster" + description = "List of security group IDs to be allowed to connect to the cluster or the security group IDs to apply to the cluster when the `create_security_group` variable is set to false." +} + +variable "create_security_group" { + type = bool + default = true + description = "Whether to create a dedicated security group for the Elasticsearch domain. Set it to `false` if you already have security groups that you want to attach to the domain and specify them in the `security_groups` variable." } variable "ingress_port_range_start" { From dda8ef4b6a2151d682ef7cf52a8ce4b8c58d52ab Mon Sep 17 00:00:00 2001 From: Francisco Andrade <45626988+franciscoandrade-unit@users.noreply.github.com> Date: Thu, 23 Feb 2023 11:41:34 +0000 Subject: [PATCH 08/12] fix(elasticsearch): fix #143 bug to allow the deployment with 0 master nodes (#145) * fix(elasticsearch): fix #143 bug to allow the deployment with 0 master nodes * Auto Format --------- Co-authored-by: cloudpossebot <11232728+cloudpossebot@users.noreply.github.com> Co-authored-by: Igor Rodionov --- main.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/main.tf b/main.tf index 381dd07..71fa7b0 100644 --- a/main.tf +++ b/main.tf @@ -145,8 +145,8 @@ resource "aws_elasticsearch_domain" "default" { instance_count = var.instance_count instance_type = var.instance_type dedicated_master_enabled = var.dedicated_master_enabled - dedicated_master_count = var.dedicated_master_count - dedicated_master_type = var.dedicated_master_type + dedicated_master_count = var.dedicated_master_enabled ? var.dedicated_master_count : null + dedicated_master_type = var.dedicated_master_enabled ? var.dedicated_master_type : null zone_awareness_enabled = var.zone_awareness_enabled warm_enabled = var.warm_enabled warm_count = var.warm_enabled ? var.warm_count : null From 5b260aee68a1ff7ff605f00b8817fbdcd16b9c97 Mon Sep 17 00:00:00 2001 From: "M. Essam" <5047289+mohamed-essam@users.noreply.github.com> Date: Thu, 11 May 2023 19:50:25 +0300 Subject: [PATCH 09/12] Add var.create_elasticsearch_user_role (#161) * Add var.create_elasticsearch_user_role * Update README.md * Modify count condition for assume_role resource * Use splat expression for default policy document * Run make github/init --- .github/mergify.yml | 17 ++++++++++++++--- .github/renovate.json | 1 + .github/workflows/auto-context.yml | 12 +++++++++++- README.md | 1 + docs/terraform.md | 1 + main.tf | 6 +++--- variables.tf | 6 ++++++ 7 files changed, 37 insertions(+), 7 deletions(-) diff --git a/.github/mergify.yml b/.github/mergify.yml index ef15545..148d85c 100644 --- a/.github/mergify.yml +++ b/.github/mergify.yml @@ -4,13 +4,17 @@ pull_request_rules: - name: "approve automated PRs that have passed checks" conditions: - "author~=^(cloudpossebot|renovate\\[bot\\])$" - - "base=master" - "-closed" - "head~=^(auto-update|renovate)/.*" - "check-success=test/bats" - "check-success=test/readme" - "check-success=test/terratest" - "check-success=validate-codeowners" + - or: + - "base=master" + - "base=main" + - "base~=^release/v\\d{1,2}$" + actions: review: type: "APPROVE" @@ -20,7 +24,6 @@ pull_request_rules: - name: "merge automated PRs when approved and tests pass" conditions: - "author~=^(cloudpossebot|renovate\\[bot\\])$" - - "base=master" - "-closed" - "head~=^(auto-update|renovate)/.*" - "check-success=test/bats" @@ -30,6 +33,11 @@ pull_request_rules: - "#approved-reviews-by>=1" - "#changes-requested-reviews-by=0" - "#commented-reviews-by=0" + - or: + - "base=master" + - "base=main" + - "base~=^release/v\\d{1,2}$" + actions: merge: method: "squash" @@ -50,7 +58,10 @@ pull_request_rules: - name: "remove outdated reviews" conditions: - - "base=master" + - or: + - "base=master" + - "base=main" + - "base~=^release/v\\d{1,2}$" actions: dismiss_reviews: changes_requested: true diff --git a/.github/renovate.json b/.github/renovate.json index a780298..b61ed24 100644 --- a/.github/renovate.json +++ b/.github/renovate.json @@ -3,6 +3,7 @@ "config:base", ":preserveSemverRanges" ], + "baseBranches": ["main", "master", "/^release\\/v\\d{1,2}$/"], "labels": ["auto-update"], "dependencyDashboardAutoclose": true, "enabledManagers": ["terraform"], diff --git a/.github/workflows/auto-context.yml b/.github/workflows/auto-context.yml index 831e7fa..e439b60 100644 --- a/.github/workflows/auto-context.yml +++ b/.github/workflows/auto-context.yml @@ -11,6 +11,16 @@ jobs: steps: - uses: actions/checkout@v2 + - name: Find default branch name + id: defaultBranch + shell: bash + env: + GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" + run: | + default_branch=$(gh repo view --json defaultBranchRef --jq .defaultBranchRef.name) + echo "defaultBranch=${default_branch}" >> "$GITHUB_OUTPUT" + printf "defaultBranchRef.name=%s\n" "${default_branch}" + - name: Update context.tf shell: bash id: update @@ -50,7 +60,7 @@ jobs: To support all the features of the `context` interface. branch: auto-update/context.tf - base: master + base: ${{ steps.defaultBranch.outputs.defaultBranch }} delete-branch: true labels: | auto-update diff --git a/README.md b/README.md index 9261c0e..6fcd46f 100644 --- a/README.md +++ b/README.md @@ -224,6 +224,7 @@ Available targets: | [cognito\_user\_pool\_id](#input\_cognito\_user\_pool\_id) | The ID of the Cognito User Pool to use | `string` | `""` | no | | [cold\_storage\_enabled](#input\_cold\_storage\_enabled) | Enables cold storage support. | `bool` | `false` | no | | [context](#input\_context) | Single object for setting entire context at once.
See description of individual variables for details.
Leave string and numeric variables as `null` to use default value.
Individual variable settings (non-null) override settings in context object,
except for attributes, tags, and additional\_tag\_map, which are merged. | `any` | 
{
  "additional_tag_map": {},
  "attributes": [],
  "delimiter": null,
  "descriptor_formats": {},
  "enabled": true,
  "environment": null,
  "id_length_limit": null,
  "label_key_case": null,
  "label_order": [],
  "label_value_case": null,
  "labels_as_tags": [
    "unset"
  ],
  "name": null,
  "namespace": null,
  "regex_replace_chars": null,
  "stage": null,
  "tags": {},
  "tenant": null
}
| no | +| [create\_elasticsearch\_user\_role](#input\_create\_elasticsearch\_user\_role) | Whether to create an IAM role for Users/EC2 to assume to access the Elasticsearch domain. Set it to `false` if you already manage access through other means. | `bool` | `true` | no | | [create\_iam\_service\_linked\_role](#input\_create\_iam\_service\_linked\_role) | Whether to create `AWSServiceRoleForAmazonElasticsearchService` service-linked role. Set it to `false` if you already have an ElasticSearch cluster created in the AWS account and AWSServiceRoleForAmazonElasticsearchService already exists. See https://github.com/terraform-providers/terraform-provider-aws/issues/5218 for more info | `bool` | `true` | no | | [create\_security\_group](#input\_create\_security\_group) | Whether to create a dedicated security group for the Elasticsearch domain. Set it to `false` if you already have security groups that you want to attach to the domain and specify them in the `security_groups` variable. | `bool` | `true` | no | | [custom\_endpoint](#input\_custom\_endpoint) | Fully qualified domain for custom endpoint. | `string` | `""` | no | diff --git a/docs/terraform.md b/docs/terraform.md index 1af9dd7..8562fdf 100644 --- a/docs/terraform.md +++ b/docs/terraform.md @@ -61,6 +61,7 @@ | [cognito\_user\_pool\_id](#input\_cognito\_user\_pool\_id) | The ID of the Cognito User Pool to use | `string` | `""` | no | | [cold\_storage\_enabled](#input\_cold\_storage\_enabled) | Enables cold storage support. | `bool` | `false` | no | | [context](#input\_context) | Single object for setting entire context at once.
See description of individual variables for details.
Leave string and numeric variables as `null` to use default value.
Individual variable settings (non-null) override settings in context object,
except for attributes, tags, and additional\_tag\_map, which are merged. | `any` | 
{
  "additional_tag_map": {},
  "attributes": [],
  "delimiter": null,
  "descriptor_formats": {},
  "enabled": true,
  "environment": null,
  "id_length_limit": null,
  "label_key_case": null,
  "label_order": [],
  "label_value_case": null,
  "labels_as_tags": [
    "unset"
  ],
  "name": null,
  "namespace": null,
  "regex_replace_chars": null,
  "stage": null,
  "tags": {},
  "tenant": null
}
| no | +| [create\_elasticsearch\_user\_role](#input\_create\_elasticsearch\_user\_role) | Whether to create an IAM role for Users/EC2 to assume to access the Elasticsearch domain. Set it to `false` if you already manage access through other means. | `bool` | `true` | no | | [create\_iam\_service\_linked\_role](#input\_create\_iam\_service\_linked\_role) | Whether to create `AWSServiceRoleForAmazonElasticsearchService` service-linked role. Set it to `false` if you already have an ElasticSearch cluster created in the AWS account and AWSServiceRoleForAmazonElasticsearchService already exists. See https://github.com/terraform-providers/terraform-provider-aws/issues/5218 for more info | `bool` | `true` | no | | [create\_security\_group](#input\_create\_security\_group) | Whether to create a dedicated security group for the Elasticsearch domain. Set it to `false` if you already have security groups that you want to attach to the domain and specify them in the `security_groups` variable. | `bool` | `true` | no | | [custom\_endpoint](#input\_custom\_endpoint) | Fully qualified domain for custom endpoint. | `string` | `""` | no | diff --git a/main.tf b/main.tf index 71fa7b0..bbdfe3e 100644 --- a/main.tf +++ b/main.tf @@ -70,7 +70,7 @@ resource "aws_iam_service_linked_role" "default" { # Role that pods can assume for access to elasticsearch and kibana resource "aws_iam_role" "elasticsearch_user" { - count = module.this.enabled && (length(var.iam_authorizing_role_arns) > 0 || length(var.iam_role_arns) > 0) ? 1 : 0 + count = module.this.enabled && var.create_elasticsearch_user_role && (length(var.iam_authorizing_role_arns) > 0 || length(var.iam_role_arns) > 0) ? 1 : 0 name = module.user_label.id assume_role_policy = join("", data.aws_iam_policy_document.assume_role.*.json) description = "IAM Role to assume to access the Elasticsearch ${module.this.id} cluster" @@ -82,7 +82,7 @@ resource "aws_iam_role" "elasticsearch_user" { } data "aws_iam_policy_document" "assume_role" { - count = module.this.enabled && (length(var.iam_authorizing_role_arns) > 0 || length(var.iam_role_arns) > 0) ? 1 : 0 + count = module.this.enabled && var.create_elasticsearch_user_role && (length(var.iam_authorizing_role_arns) > 0 || length(var.iam_role_arns) > 0) ? 1 : 0 statement { actions = [ @@ -255,7 +255,7 @@ data "aws_iam_policy_document" "default" { principals { type = "AWS" - identifiers = distinct(compact(concat(var.iam_role_arns, aws_iam_role.elasticsearch_user.*.arn))) + identifiers = distinct(compact(concat(var.iam_role_arns, aws_iam_role.elasticsearch_user[*].arn))) } } diff --git a/variables.tf b/variables.tf index 4830134..54b00d5 100644 --- a/variables.tf +++ b/variables.tf @@ -10,6 +10,12 @@ variable "create_security_group" { description = "Whether to create a dedicated security group for the Elasticsearch domain. Set it to `false` if you already have security groups that you want to attach to the domain and specify them in the `security_groups` variable." } +variable "create_elasticsearch_user_role" { + type = bool + default = true + description = "Whether to create an IAM role for Users/EC2 to assume to access the Elasticsearch domain. Set it to `false` if you already manage access through other means." +} + variable "ingress_port_range_start" { type = number default = 0 From 4b99cf623b631456326c66ee4c2c1808f2582e36 Mon Sep 17 00:00:00 2001 From: Max Lobur Date: Wed, 17 May 2023 15:31:40 +0300 Subject: [PATCH 10/12] Sync github (#163) * Sync github * Auto Format --------- Co-authored-by: cloudpossebot <11232728+cloudpossebot@users.noreply.github.com> --- .github/auto-release.yml | 1 + .github/workflows/auto-context.yml | 67 --------------- .github/workflows/auto-format.yml | 88 -------------------- .github/workflows/auto-readme.yml | 71 ---------------- .github/workflows/auto-release.yml | 26 ------ .github/workflows/chatops.yml | 37 -------- .github/workflows/feature-branch-chatops.yml | 16 ++++ .github/workflows/feature-branch.yml | 19 +++++ .github/workflows/release-branch.yml | 22 +++++ .github/workflows/release-published.yml | 14 ++++ .github/workflows/scheduled.yml | 17 ++++ .github/workflows/validate-codeowners.yml | 30 ------- 12 files changed, 89 insertions(+), 319 deletions(-) delete mode 100644 .github/workflows/auto-context.yml delete mode 100644 .github/workflows/auto-format.yml delete mode 100644 .github/workflows/auto-readme.yml delete mode 100644 .github/workflows/auto-release.yml delete mode 100644 .github/workflows/chatops.yml create mode 100644 .github/workflows/feature-branch-chatops.yml create mode 100644 .github/workflows/feature-branch.yml create mode 100644 .github/workflows/release-branch.yml create mode 100644 .github/workflows/release-published.yml create mode 100644 .github/workflows/scheduled.yml delete mode 100644 .github/workflows/validate-codeowners.yml diff --git a/.github/auto-release.yml b/.github/auto-release.yml index 17cd39c..cc9bf05 100644 --- a/.github/auto-release.yml +++ b/.github/auto-release.yml @@ -18,6 +18,7 @@ version-resolver: - 'bug' - 'hotfix' default: 'minor' +filter-by-commitish: true categories: - title: '🚀 Enhancements' diff --git a/.github/workflows/auto-context.yml b/.github/workflows/auto-context.yml deleted file mode 100644 index e439b60..0000000 --- a/.github/workflows/auto-context.yml +++ /dev/null @@ -1,67 +0,0 @@ -name: "auto-context" -on: - schedule: - # Update context.tf nightly - - cron: '0 3 * * *' - -jobs: - update: - if: github.event_name == 'schedule' - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - - name: Find default branch name - id: defaultBranch - shell: bash - env: - GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" - run: | - default_branch=$(gh repo view --json defaultBranchRef --jq .defaultBranchRef.name) - echo "defaultBranch=${default_branch}" >> "$GITHUB_OUTPUT" - printf "defaultBranchRef.name=%s\n" "${default_branch}" - - - name: Update context.tf - shell: bash - id: update - env: - GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" - run: | - if [[ -f context.tf ]]; then - echo "Discovered existing context.tf! Fetching most recent version to see if there is an update." - curl -o context.tf -fsSL https://raw.githubusercontent.com/cloudposse/terraform-null-label/master/exports/context.tf - if git diff --no-patch --exit-code context.tf; then - echo "No changes detected! Exiting the job..." - else - echo "context.tf file has changed. Update examples and rebuild README.md." - make init - make github/init/context.tf - make readme/build - echo "create_pull_request=true" >> "$GITHUB_OUTPUT" - fi - else - echo "This module has not yet been updated to support the context.tf pattern! Please update in order to support automatic updates." - fi - - - name: Create Pull Request - if: steps.update.outputs.create_pull_request == 'true' - uses: cloudposse/actions/github/create-pull-request@0.30.0 - with: - token: ${{ secrets.REPO_ACCESS_TOKEN }} - committer: 'cloudpossebot <11232728+cloudpossebot@users.noreply.github.com>' - author: 'cloudpossebot <11232728+cloudpossebot@users.noreply.github.com>' - commit-message: Update context.tf from origin source - title: Update context.tf - body: |- - ## what - This is an auto-generated PR that updates the `context.tf` file to the latest version from `cloudposse/terraform-null-label` - - ## why - To support all the features of the `context` interface. - - branch: auto-update/context.tf - base: ${{ steps.defaultBranch.outputs.defaultBranch }} - delete-branch: true - labels: | - auto-update - context diff --git a/.github/workflows/auto-format.yml b/.github/workflows/auto-format.yml deleted file mode 100644 index b8c2064..0000000 --- a/.github/workflows/auto-format.yml +++ /dev/null @@ -1,88 +0,0 @@ -name: Auto Format -on: - pull_request_target: - types: [opened, synchronize] - -jobs: - auto-format: - runs-on: ubuntu-latest - container: cloudposse/build-harness:latest - steps: - # Checkout the pull request branch - # "An action in a workflow run can’t trigger a new workflow run. For example, if an action pushes code using - # the repository’s GITHUB_TOKEN, a new workflow will not run even when the repository contains - # a workflow configured to run when push events occur." - # However, using a personal access token will cause events to be triggered. - # We need that to ensure a status gets posted after the auto-format commit. - # We also want to trigger tests if the auto-format made no changes. - - uses: actions/checkout@v2 - if: github.event.pull_request.state == 'open' - name: Privileged Checkout - with: - token: ${{ secrets.REPO_ACCESS_TOKEN }} - repository: ${{ github.event.pull_request.head.repo.full_name }} - # Check out the PR commit, not the merge commit - # Use `ref` instead of `sha` to enable pushing back to `ref` - ref: ${{ github.event.pull_request.head.ref }} - - # Do all the formatting stuff - - name: Auto Format - if: github.event.pull_request.state == 'open' - shell: bash - env: - GITHUB_TOKEN: "${{ secrets.REPO_ACCESS_TOKEN }}" - run: make BUILD_HARNESS_PATH=/build-harness PACKAGES_PREFER_HOST=true -f /build-harness/templates/Makefile.build-harness pr/auto-format/host - - # Commit changes (if any) to the PR branch - - name: Commit changes to the PR branch - if: github.event.pull_request.state == 'open' - shell: bash - id: commit - env: - SENDER: ${{ github.event.sender.login }} - run: | - set -x - output=$(git diff --name-only) - - if [ -n "$output" ]; then - echo "Changes detected. Pushing to the PR branch" - git config --global user.name 'cloudpossebot' - git config --global user.email '11232728+cloudpossebot@users.noreply.github.com' - git add -A - git commit -m "Auto Format" - # Prevent looping by not pushing changes in response to changes from cloudpossebot - [[ $SENDER == "cloudpossebot" ]] || git push - # Set status to fail, because the push should trigger another status check, - # and we use success to indicate the checks are finished. - echo "changed=true" >> "$GITHUB_OUTPUT" - exit 1 - else - echo "changed=false" >> "$GITHUB_OUTPUT" - echo "No changes detected" - fi - - - name: Auto Test - uses: cloudposse/actions/github/repository-dispatch@0.30.0 - # match users by ID because logins (user names) are inconsistent, - # for example in the REST API Renovate Bot is `renovate[bot]` but - # in GraphQL it is just `renovate`, plus there is a non-bot - # user `renovate` with ID 1832810. - # Mergify bot: 37929162 - # Renovate bot: 29139614 - # Cloudpossebot: 11232728 - # Need to use space separators to prevent "21" from matching "112144" - if: > - contains(' 37929162 29139614 11232728 ', format(' {0} ', github.event.pull_request.user.id)) - && steps.commit.outputs.changed == 'false' && github.event.pull_request.state == 'open' - with: - token: ${{ secrets.REPO_ACCESS_TOKEN }} - repository: cloudposse/actions - event-type: test-command - client-payload: |- - { "slash_command":{"args": {"unnamed": {"all": "all", "arg1": "all"}}}, - "pull_request": ${{ toJSON(github.event.pull_request) }}, - "github":{"payload":{"repository": ${{ toJSON(github.event.repository) }}, - "comment": {"id": ""} - } - } - } diff --git a/.github/workflows/auto-readme.yml b/.github/workflows/auto-readme.yml deleted file mode 100644 index b2db520..0000000 --- a/.github/workflows/auto-readme.yml +++ /dev/null @@ -1,71 +0,0 @@ -name: "auto-readme" -on: - workflow_dispatch: - - schedule: - # Example of job definition: - # .---------------- minute (0 - 59) - # | .------------- hour (0 - 23) - # | | .---------- day of month (1 - 31) - # | | | .------- month (1 - 12) OR jan,feb,mar,apr ... - # | | | | .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat - # | | | | | - # * * * * * user-name command to be executed - - # Update README.md nightly at 4am UTC - - cron: '0 4 * * *' - -jobs: - update: - if: github.event_name == 'schedule' || github.event_name == 'workflow_dispatch' - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - - name: Find default branch name - id: defaultBranch - shell: bash - env: - GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" - run: | - default_branch=$(gh repo view --json defaultBranchRef --jq .defaultBranchRef.name) - echo "defaultBranch=${default_branch}" >> "$GITHUB_OUTPUT" - printf "defaultBranchRef.name=%s\n" "${default_branch}" - - - name: Update readme - shell: bash - id: update - env: - GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" - DEF: "${{ steps.defaultBranch.outputs.defaultBranch }}" - run: | - make init - make readme/build - # Ignore changes if they are only whitespace - if ! git diff --quiet README.md && git diff --ignore-all-space --ignore-blank-lines --quiet README.md; then - git restore README.md - echo Ignoring whitespace-only changes in README - fi - - - name: Create Pull Request - # This action will not create or change a pull request if there are no changes to make. - # If a PR of the auto-update/readme branch is open, this action will just update it, not create a new PR. - uses: cloudposse/actions/github/create-pull-request@0.30.0 - with: - token: ${{ secrets.REPO_ACCESS_TOKEN }} - commit-message: Update README.md and docs - title: Update README.md and docs - body: |- - ## what - This is an auto-generated PR that updates the README.md and docs - - ## why - To have most recent changes of README.md and doc from origin templates - - branch: auto-update/readme - base: ${{ steps.defaultBranch.outputs.defaultBranch }} - delete-branch: true - labels: | - auto-update - no-release - readme diff --git a/.github/workflows/auto-release.yml b/.github/workflows/auto-release.yml deleted file mode 100644 index 17d6cab..0000000 --- a/.github/workflows/auto-release.yml +++ /dev/null @@ -1,26 +0,0 @@ -name: auto-release - -on: - push: - branches: - - main - - master - - production - -jobs: - publish: - runs-on: ubuntu-latest - steps: - # Get PR from merged commit to master - - uses: actions-ecosystem/action-get-merged-pull-request@v1 - id: get-merged-pull-request - with: - github_token: ${{ secrets.REPO_ACCESS_TOKEN }} - # Drafts your next Release notes as Pull Requests are merged into "main" - - uses: release-drafter/release-drafter@v5 - with: - publish: ${{ !contains(steps.get-merged-pull-request.outputs.labels, 'no-release') }} - prerelease: false - config-name: auto-release.yml - env: - GITHUB_TOKEN: ${{ secrets.REPO_ACCESS_TOKEN }} diff --git a/.github/workflows/chatops.yml b/.github/workflows/chatops.yml deleted file mode 100644 index 0f64574..0000000 --- a/.github/workflows/chatops.yml +++ /dev/null @@ -1,37 +0,0 @@ -name: chatops -on: - issue_comment: - types: [created] - -jobs: - default: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - name: "Handle common commands" - uses: cloudposse/actions/github/slash-command-dispatch@0.30.0 - with: - token: ${{ secrets.REPO_ACCESS_TOKEN }} - reaction-token: ${{ secrets.GITHUB_TOKEN }} - repository: cloudposse/actions - commands: rebuild-readme, terraform-fmt - permission: triage - issue-type: pull-request - - test: - runs-on: ubuntu-latest - steps: - - name: "Checkout commit" - uses: actions/checkout@v2 - - name: "Run tests" - uses: cloudposse/actions/github/slash-command-dispatch@0.30.0 - with: - token: ${{ secrets.REPO_ACCESS_TOKEN }} - reaction-token: ${{ secrets.GITHUB_TOKEN }} - repository: cloudposse/actions - commands: test - permission: triage - issue-type: pull-request - reactions: false - - diff --git a/.github/workflows/feature-branch-chatops.yml b/.github/workflows/feature-branch-chatops.yml new file mode 100644 index 0000000..9abfc61 --- /dev/null +++ b/.github/workflows/feature-branch-chatops.yml @@ -0,0 +1,16 @@ +--- +name: feature-branch-chatops +on: + issue_comment: + types: [created] + +permissions: + pull-requests: write + id-token: write + contents: write + +jobs: + terraform-module: + uses: cloudposse/github-actions-workflows-terraform-module/.github/workflows/feature-branch-chatops.yml@main + secrets: + github_access_token: ${{ secrets.REPO_ACCESS_TOKEN }} diff --git a/.github/workflows/feature-branch.yml b/.github/workflows/feature-branch.yml new file mode 100644 index 0000000..8faa955 --- /dev/null +++ b/.github/workflows/feature-branch.yml @@ -0,0 +1,19 @@ +--- +name: feature-branch +on: + pull_request: + branches: + - main + - release/** + types: [opened, synchronize, reopened, labeled, unlabeled] + +permissions: + pull-requests: write + id-token: write + contents: write + +jobs: + terraform-module: + uses: cloudposse/github-actions-workflows-terraform-module/.github/workflows/feature-branch.yml@main + secrets: + github_access_token: ${{ secrets.REPO_ACCESS_TOKEN }} diff --git a/.github/workflows/release-branch.yml b/.github/workflows/release-branch.yml new file mode 100644 index 0000000..3f8fe62 --- /dev/null +++ b/.github/workflows/release-branch.yml @@ -0,0 +1,22 @@ +--- +name: release-branch +on: + push: + branches: + - main + - release/** + paths-ignore: + - '.github/**' + - 'docs/**' + - 'examples/**' + - 'test/**' + +permissions: + contents: write + id-token: write + +jobs: + terraform-module: + uses: cloudposse/github-actions-workflows-terraform-module/.github/workflows/release-branch.yml@main + secrets: + github_access_token: ${{ secrets.REPO_ACCESS_TOKEN }} diff --git a/.github/workflows/release-published.yml b/.github/workflows/release-published.yml new file mode 100644 index 0000000..f86352b --- /dev/null +++ b/.github/workflows/release-published.yml @@ -0,0 +1,14 @@ +--- +name: release-published +on: + release: + types: + - published + +permissions: + contents: write + id-token: write + +jobs: + terraform-module: + uses: cloudposse/github-actions-workflows-terraform-module/.github/workflows/release.yml@main diff --git a/.github/workflows/scheduled.yml b/.github/workflows/scheduled.yml new file mode 100644 index 0000000..163be0b --- /dev/null +++ b/.github/workflows/scheduled.yml @@ -0,0 +1,17 @@ +--- +name: scheduled +on: + workflow_dispatch: { } # Allows manually trigger this workflow + schedule: + - cron: "0 3 * * *" + +permissions: + pull-requests: write + id-token: write + contents: write + +jobs: + scheduled: + uses: cloudposse/github-actions-workflows-terraform-module/.github/workflows/scheduled.yml@main + secrets: + github_access_token: ${{ secrets.REPO_ACCESS_TOKEN }} diff --git a/.github/workflows/validate-codeowners.yml b/.github/workflows/validate-codeowners.yml deleted file mode 100644 index b3f7c32..0000000 --- a/.github/workflows/validate-codeowners.yml +++ /dev/null @@ -1,30 +0,0 @@ -name: Validate Codeowners -on: - workflow_dispatch: - - pull_request: - -jobs: - validate-codeowners: - runs-on: ubuntu-latest - steps: - - name: "Checkout source code at current commit" - uses: actions/checkout@v2 - # Leave pinned at 0.7.1 until https://github.com/mszostok/codeowners-validator/issues/173 is resolved - - uses: mszostok/codeowners-validator@v0.7.1 - if: github.event.pull_request.head.repo.full_name == github.repository - name: "Full check of CODEOWNERS" - with: - # For now, remove "files" check to allow CODEOWNERS to specify non-existent - # files so we can use the same CODEOWNERS file for Terraform and non-Terraform repos - # checks: "files,syntax,owners,duppatterns" - checks: "syntax,owners,duppatterns" - owner_checker_allow_unowned_patterns: "false" - # GitHub access token is required only if the `owners` check is enabled - github_access_token: "${{ secrets.REPO_ACCESS_TOKEN }}" - - uses: mszostok/codeowners-validator@v0.7.1 - if: github.event.pull_request.head.repo.full_name != github.repository - name: "Syntax check of CODEOWNERS" - with: - checks: "syntax,duppatterns" - owner_checker_allow_unowned_patterns: "false" From 102fe02f2d7f8f00dc28a9a199203fea6d3c10f9 Mon Sep 17 00:00:00 2001 From: Max Lobur Date: Mon, 16 Oct 2023 21:42:32 +0300 Subject: [PATCH 11/12] Support AWS Provider V5 (#167) * Support AWS Provider V5 * Support AWS Provider V5 * updates --- .github/renovate.json | 7 ++++--- .github/workflows/release-branch.yml | 1 + .github/workflows/release-published.yml | 2 +- README.md | 6 +----- docs/terraform.md | 2 +- examples/basic/versions.tf | 10 ++++++++++ examples/complete/main.tf | 10 +++++----- examples/complete/versions.tf | 2 +- examples/docs/versions.tf | 10 ++++++++++ examples/non_vpc/versions.tf | 10 ++++++++++ main.tf | 26 ++++++++++++------------- outputs.tf | 16 +++++++-------- versions.tf | 2 +- 13 files changed, 66 insertions(+), 38 deletions(-) create mode 100644 examples/basic/versions.tf create mode 100644 examples/docs/versions.tf create mode 100644 examples/non_vpc/versions.tf diff --git a/.github/renovate.json b/.github/renovate.json index b61ed24..909df09 100644 --- a/.github/renovate.json +++ b/.github/renovate.json @@ -1,13 +1,14 @@ { "extends": [ "config:base", - ":preserveSemverRanges" + ":preserveSemverRanges", + ":rebaseStalePrs" ], - "baseBranches": ["main", "master", "/^release\\/v\\d{1,2}$/"], + "baseBranches": ["main"], "labels": ["auto-update"], "dependencyDashboardAutoclose": true, "enabledManagers": ["terraform"], "terraform": { - "ignorePaths": ["**/context.tf", "examples/**"] + "ignorePaths": ["**/context.tf"] } } diff --git a/.github/workflows/release-branch.yml b/.github/workflows/release-branch.yml index 3f8fe62..b30901e 100644 --- a/.github/workflows/release-branch.yml +++ b/.github/workflows/release-branch.yml @@ -10,6 +10,7 @@ on: - 'docs/**' - 'examples/**' - 'test/**' + - 'README.*' permissions: contents: write diff --git a/.github/workflows/release-published.yml b/.github/workflows/release-published.yml index f86352b..b31232b 100644 --- a/.github/workflows/release-published.yml +++ b/.github/workflows/release-published.yml @@ -11,4 +11,4 @@ permissions: jobs: terraform-module: - uses: cloudposse/github-actions-workflows-terraform-module/.github/workflows/release.yml@main + uses: cloudposse/github-actions-workflows-terraform-module/.github/workflows/release-published.yml@main diff --git a/README.md b/README.md index 6fcd46f..66d27b3 100644 --- a/README.md +++ b/README.md @@ -102,10 +102,6 @@ We highly recommend that in your code you pin the version to the exact version y using so that your infrastructure remains stable, and update versions in a systematic way so that they do not catch you by surprise. -Also, because of a bug in the Terraform registry ([hashicorp/terraform#21417](https://github.com/hashicorp/terraform/issues/21417)), -the registry shows many of our inputs as required when in fact they are optional. -The table below correctly indicates which inputs are required. - ```hcl @@ -166,7 +162,7 @@ Available targets: | Name | Version | |------|---------| -| [terraform](#requirement\_terraform) | >= 0.13.0 | +| [terraform](#requirement\_terraform) | >= 1.3 | | [aws](#requirement\_aws) | >= 3.35.0 | | [null](#requirement\_null) | >= 2.0 | diff --git a/docs/terraform.md b/docs/terraform.md index 8562fdf..6df0fdc 100644 --- a/docs/terraform.md +++ b/docs/terraform.md @@ -3,7 +3,7 @@ | Name | Version | |------|---------| -| [terraform](#requirement\_terraform) | >= 0.13.0 | +| [terraform](#requirement\_terraform) | >= 1.3 | | [aws](#requirement\_aws) | >= 3.35.0 | | [null](#requirement\_null) | >= 2.0 | diff --git a/examples/basic/versions.tf b/examples/basic/versions.tf new file mode 100644 index 0000000..fe97db9 --- /dev/null +++ b/examples/basic/versions.tf @@ -0,0 +1,10 @@ +terraform { + required_version = ">= 1.3" + + required_providers { + aws = { + source = "hashicorp/aws" + version = ">= 4.0" + } + } +} diff --git a/examples/complete/main.tf b/examples/complete/main.tf index b29360b..38cdaaa 100644 --- a/examples/complete/main.tf +++ b/examples/complete/main.tf @@ -4,21 +4,21 @@ provider "aws" { module "vpc" { source = "cloudposse/vpc/aws" - version = "0.18.2" + version = "2.1.0" - cidr_block = "172.16.0.0/16" + ipv4_primary_cidr_block = "172.16.0.0/16" context = module.this.context } module "subnets" { source = "cloudposse/dynamic-subnets/aws" - version = "0.34.0" + version = "2.4.1" availability_zones = var.availability_zones vpc_id = module.vpc.vpc_id - igw_id = module.vpc.igw_id - cidr_block = module.vpc.vpc_cidr_block + igw_id = [module.vpc.igw_id] + ipv4_cidr_block = [module.vpc.vpc_cidr_block] nat_gateway_enabled = false nat_instance_enabled = false diff --git a/examples/complete/versions.tf b/examples/complete/versions.tf index 971ae24..e74ac36 100644 --- a/examples/complete/versions.tf +++ b/examples/complete/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 0.13.0" + required_version = ">= 1.3" required_providers { aws = { diff --git a/examples/docs/versions.tf b/examples/docs/versions.tf new file mode 100644 index 0000000..fe97db9 --- /dev/null +++ b/examples/docs/versions.tf @@ -0,0 +1,10 @@ +terraform { + required_version = ">= 1.3" + + required_providers { + aws = { + source = "hashicorp/aws" + version = ">= 4.0" + } + } +} diff --git a/examples/non_vpc/versions.tf b/examples/non_vpc/versions.tf new file mode 100644 index 0000000..fe97db9 --- /dev/null +++ b/examples/non_vpc/versions.tf @@ -0,0 +1,10 @@ +terraform { + required_version = ">= 1.3" + + required_providers { + aws = { + source = "hashicorp/aws" + version = ">= 4.0" + } + } +} diff --git a/main.tf b/main.tf index bbdfe3e..a11580e 100644 --- a/main.tf +++ b/main.tf @@ -36,7 +36,7 @@ resource "aws_security_group_rule" "ingress_security_groups" { to_port = var.ingress_port_range_end protocol = "tcp" source_security_group_id = var.security_groups[count.index] - security_group_id = join("", aws_security_group.default.*.id) + security_group_id = join("", aws_security_group.default[*].id) } resource "aws_security_group_rule" "ingress_cidr_blocks" { @@ -47,7 +47,7 @@ resource "aws_security_group_rule" "ingress_cidr_blocks" { to_port = var.ingress_port_range_end protocol = "tcp" cidr_blocks = var.allowed_cidr_blocks - security_group_id = join("", aws_security_group.default.*.id) + security_group_id = join("", aws_security_group.default[*].id) } resource "aws_security_group_rule" "egress" { @@ -58,7 +58,7 @@ resource "aws_security_group_rule" "egress" { to_port = 65535 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] - security_group_id = join("", aws_security_group.default.*.id) + security_group_id = join("", aws_security_group.default[*].id) } # https://github.com/terraform-providers/terraform-provider-aws/issues/5218 @@ -72,7 +72,7 @@ resource "aws_iam_service_linked_role" "default" { resource "aws_iam_role" "elasticsearch_user" { count = module.this.enabled && var.create_elasticsearch_user_role && (length(var.iam_authorizing_role_arns) > 0 || length(var.iam_role_arns) > 0) ? 1 : 0 name = module.user_label.id - assume_role_policy = join("", data.aws_iam_policy_document.assume_role.*.json) + assume_role_policy = join("", data.aws_iam_policy_document.assume_role[*].json) description = "IAM Role to assume to access the Elasticsearch ${module.this.id} cluster" tags = module.user_label.tags @@ -192,7 +192,7 @@ resource "aws_elasticsearch_domain" "default" { for_each = var.vpc_enabled ? [true] : [] content { - security_group_ids = var.create_security_group ? [join("", aws_security_group.default.*.id)] : var.security_groups + security_group_ids = var.create_security_group ? [join("", aws_security_group.default[*].id)] : var.security_groups subnet_ids = var.subnet_ids } } @@ -249,8 +249,8 @@ data "aws_iam_policy_document" "default" { actions = distinct(compact(var.iam_actions)) resources = [ - join("", aws_elasticsearch_domain.default.*.arn), - "${join("", aws_elasticsearch_domain.default.*.arn)}/*" + join("", aws_elasticsearch_domain.default[*].arn), + "${join("", aws_elasticsearch_domain.default[*].arn)}/*" ] principals { @@ -263,15 +263,15 @@ data "aws_iam_policy_document" "default" { # https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-ac.html#es-ac-types-ip # https://aws.amazon.com/premiumsupport/knowledge-center/anonymous-not-authorized-elasticsearch/ dynamic "statement" { - for_each = length(var.allowed_cidr_blocks) > 0 && ! var.vpc_enabled ? [true] : [] + for_each = length(var.allowed_cidr_blocks) > 0 && !var.vpc_enabled ? [true] : [] content { effect = "Allow" actions = distinct(compact(var.iam_actions)) resources = [ - join("", aws_elasticsearch_domain.default.*.arn), - "${join("", aws_elasticsearch_domain.default.*.arn)}/*" + join("", aws_elasticsearch_domain.default[*].arn), + "${join("", aws_elasticsearch_domain.default[*].arn)}/*" ] principals { @@ -291,7 +291,7 @@ data "aws_iam_policy_document" "default" { resource "aws_elasticsearch_domain_policy" "default" { count = module.this.enabled && (length(var.iam_authorizing_role_arns) > 0 || length(var.iam_role_arns) > 0) ? 1 : 0 domain_name = module.this.id - access_policies = join("", data.aws_iam_policy_document.default.*.json) + access_policies = join("", data.aws_iam_policy_document.default[*].json) } module "domain_hostname" { @@ -302,7 +302,7 @@ module "domain_hostname" { dns_name = var.elasticsearch_subdomain_name == "" ? module.this.id : var.elasticsearch_subdomain_name ttl = 60 zone_id = var.dns_zone_id - records = [join("", aws_elasticsearch_domain.default.*.endpoint)] + records = [join("", aws_elasticsearch_domain.default[*].endpoint)] context = module.this.context } @@ -318,7 +318,7 @@ module "kibana_hostname" { # Note: kibana_endpoint is not just a domain name, it includes a path component, # and as such is not suitable for a DNS record. The plain endpoint is the # hostname portion and should be used for DNS. - records = [join("", aws_elasticsearch_domain.default.*.endpoint)] + records = [join("", aws_elasticsearch_domain.default[*].endpoint)] context = module.this.context } \ No newline at end of file diff --git a/outputs.tf b/outputs.tf index f48ca86..5a379d7 100644 --- a/outputs.tf +++ b/outputs.tf @@ -1,30 +1,30 @@ output "security_group_id" { - value = join("", aws_security_group.default.*.id) + value = join("", aws_security_group.default[*].id) description = "Security Group ID to control access to the Elasticsearch domain" } output "domain_arn" { - value = join("", aws_elasticsearch_domain.default.*.arn) + value = join("", aws_elasticsearch_domain.default[*].arn) description = "ARN of the Elasticsearch domain" } output "domain_id" { - value = join("", aws_elasticsearch_domain.default.*.domain_id) + value = join("", aws_elasticsearch_domain.default[*].domain_id) description = "Unique identifier for the Elasticsearch domain" } output "domain_name" { - value = join("", aws_elasticsearch_domain.default.*.domain_name) + value = join("", aws_elasticsearch_domain.default[*].domain_name) description = "Name of the Elasticsearch domain" } output "domain_endpoint" { - value = join("", aws_elasticsearch_domain.default.*.endpoint) + value = join("", aws_elasticsearch_domain.default[*].endpoint) description = "Domain-specific endpoint used to submit index, search, and data upload requests" } output "kibana_endpoint" { - value = join("", aws_elasticsearch_domain.default.*.kibana_endpoint) + value = join("", aws_elasticsearch_domain.default[*].kibana_endpoint) description = "Domain-specific endpoint for Kibana without https scheme" } @@ -39,11 +39,11 @@ output "kibana_hostname" { } output "elasticsearch_user_iam_role_name" { - value = join(",", aws_iam_role.elasticsearch_user.*.name) + value = join(",", aws_iam_role.elasticsearch_user[*].name) description = "The name of the IAM role to allow access to Elasticsearch cluster" } output "elasticsearch_user_iam_role_arn" { - value = join(",", aws_iam_role.elasticsearch_user.*.arn) + value = join(",", aws_iam_role.elasticsearch_user[*].arn) description = "The ARN of the IAM role to allow access to Elasticsearch cluster" } diff --git a/versions.tf b/versions.tf index 588d1c7..f365c51 100644 --- a/versions.tf +++ b/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 0.13.0" + required_version = ">= 1.3" required_providers { aws = { From 1285ccd6a096942a1583b817c8a5406b4e7bae7c Mon Sep 17 00:00:00 2001 From: Sherif Abdel-Naby Date: Tue, 17 Oct 2023 00:38:47 +0300 Subject: [PATCH 12/12] Fix Reference to Undeclared Variable (#169) Co-authored-by: Dan Miller --- main.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/main.tf b/main.tf index a11580e..ebf17c8 100644 --- a/main.tf +++ b/main.tf @@ -179,7 +179,7 @@ resource "aws_elasticsearch_domain" "default" { value = var.auto_tune.duration unit = "HOURS" } - cron_expression_for_recurrence = var.auto_tune_cron_schedule + cron_expression_for_recurrence = var.auto_tune.cron_schedule } } } @@ -321,4 +321,4 @@ module "kibana_hostname" { records = [join("", aws_elasticsearch_domain.default[*].endpoint)] context = module.this.context -} \ No newline at end of file +}