From c10ac968b10b794bd8c4a908add24b63a1503ab2 Mon Sep 17 00:00:00 2001 From: Max Lobur Date: Fri, 9 Jun 2023 18:39:00 +0300 Subject: [PATCH] Support AWS Provider V5 --- .github/workflows/release-branch.yml | 1 + .github/workflows/release-published.yml | 2 +- README.md | 2 +- docs/terraform.md | 2 +- examples/complete/main.tf | 18 +++++++------- examples/complete/versions.tf | 2 +- .../with_cognito_authentication/versions.tf | 2 +- .../versions.tf | 2 +- examples/without_authentication/versions.tf | 2 +- main.tf | 24 +++++++++---------- versions.tf | 2 +- 11 files changed, 31 insertions(+), 28 deletions(-) diff --git a/.github/workflows/release-branch.yml b/.github/workflows/release-branch.yml index 3f8fe62..b30901e 100644 --- a/.github/workflows/release-branch.yml +++ b/.github/workflows/release-branch.yml @@ -10,6 +10,7 @@ on: - 'docs/**' - 'examples/**' - 'test/**' + - 'README.*' permissions: contents: write diff --git a/.github/workflows/release-published.yml b/.github/workflows/release-published.yml index f86352b..b31232b 100644 --- a/.github/workflows/release-published.yml +++ b/.github/workflows/release-published.yml @@ -11,4 +11,4 @@ permissions: jobs: terraform-module: - uses: cloudposse/github-actions-workflows-terraform-module/.github/workflows/release.yml@main + uses: cloudposse/github-actions-workflows-terraform-module/.github/workflows/release-published.yml@main diff --git a/README.md b/README.md index 20994d4..1f699e4 100644 --- a/README.md +++ b/README.md @@ -424,7 +424,7 @@ Available targets: | Name | Version | |------|---------| -| [terraform](#requirement\_terraform) | >= 0.13.0 | +| [terraform](#requirement\_terraform) | >= 1.0 | | [aws](#requirement\_aws) | >= 2.0 | | [random](#requirement\_random) | >= 2.0 | diff --git a/docs/terraform.md b/docs/terraform.md index 3e686fe..a076d57 100644 --- a/docs/terraform.md +++ b/docs/terraform.md @@ -3,7 +3,7 @@ | Name | Version | |------|---------| -| [terraform](#requirement\_terraform) | >= 0.13.0 | +| [terraform](#requirement\_terraform) | >= 1.0 | | [aws](#requirement\_aws) | >= 2.0 | | [random](#requirement\_random) | >= 2.0 | diff --git a/examples/complete/main.tf b/examples/complete/main.tf index 7ac5d61..8a6570b 100644 --- a/examples/complete/main.tf +++ b/examples/complete/main.tf @@ -3,21 +3,23 @@ provider "aws" { } module "vpc" { - source = "cloudposse/vpc/aws" - version = "0.18.1" - cidr_block = var.vpc_cidr_block + source = "cloudposse/vpc/aws" + version = "2.1.0" + + ipv4_primary_cidr_block = var.vpc_cidr_block context = module.this.context } module "subnets" { - source = "cloudposse/dynamic-subnets/aws" - version = "0.33.0" + source = "cloudposse/dynamic-subnets/aws" + version = "2.3.0" + availability_zones = var.availability_zones vpc_id = module.vpc.vpc_id - igw_id = module.vpc.igw_id - cidr_block = module.vpc.vpc_cidr_block - nat_gateway_enabled = true + igw_id = [module.vpc.igw_id] + ipv4_cidr_block = [module.vpc.vpc_cidr_block] + nat_gateway_enabled = false nat_instance_enabled = false context = module.this.context diff --git a/examples/complete/versions.tf b/examples/complete/versions.tf index 5947f14..7f2777f 100644 --- a/examples/complete/versions.tf +++ b/examples/complete/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 0.12.26" + required_version = ">= 1.0" required_providers { aws = { diff --git a/examples/with_cognito_authentication/versions.tf b/examples/with_cognito_authentication/versions.tf index 5947f14..7f2777f 100644 --- a/examples/with_cognito_authentication/versions.tf +++ b/examples/with_cognito_authentication/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 0.12.26" + required_version = ">= 1.0" required_providers { aws = { diff --git a/examples/with_google_oidc_authentication/versions.tf b/examples/with_google_oidc_authentication/versions.tf index 5947f14..7f2777f 100644 --- a/examples/with_google_oidc_authentication/versions.tf +++ b/examples/with_google_oidc_authentication/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 0.12.26" + required_version = ">= 1.0" required_providers { aws = { diff --git a/examples/without_authentication/versions.tf b/examples/without_authentication/versions.tf index 5947f14..7f2777f 100644 --- a/examples/without_authentication/versions.tf +++ b/examples/without_authentication/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 0.12.26" + required_version = ">= 1.0" required_providers { aws = { diff --git a/main.tf b/main.tf index 0954ea6..bad48ac 100644 --- a/main.tf +++ b/main.tf @@ -22,17 +22,17 @@ locals { hostname = var.hostname != "" ? var.hostname : local.default_hostname atlantis_webhook_url = format(var.atlantis_webhook_format, local.hostname) atlantis_url = format(var.atlantis_url_format, local.hostname) - atlantis_gh_webhook_secret = var.atlantis_gh_webhook_secret != "" ? var.atlantis_gh_webhook_secret : join("", random_string.atlantis_gh_webhook_secret.*.result) - default_hostname = join("", aws_route53_record.default.*.fqdn) + atlantis_gh_webhook_secret = var.atlantis_gh_webhook_secret != "" ? var.atlantis_gh_webhook_secret : join("", random_string.atlantis_gh_webhook_secret[*].result) + default_hostname = join("", aws_route53_record.default[*].fqdn) kms_key_id = var.kms_key_id != "" ? var.kms_key_id : format("alias/%s-%s-chamber", module.this.namespace, module.this.stage) } # GitHub tokens locals { - github_oauth_token = var.github_oauth_token != "" ? var.github_oauth_token : join("", data.aws_ssm_parameter.atlantis_gh_token.*.value) + github_oauth_token = var.github_oauth_token != "" ? var.github_oauth_token : join("", data.aws_ssm_parameter.atlantis_gh_token[*].value) github_oauth_token_ssm_name = var.github_oauth_token_ssm_name != "" ? var.github_oauth_token_ssm_name : format(var.chamber_format, var.chamber_service, "atlantis_gh_token") - github_webhooks_token = var.github_webhooks_token != "" ? var.github_webhooks_token : join("", data.aws_ssm_parameter.github_webhooks_token.*.value) + github_webhooks_token = var.github_webhooks_token != "" ? var.github_webhooks_token : join("", data.aws_ssm_parameter.github_webhooks_token[*].value) github_webhooks_token_ssm_name = var.github_webhooks_token_ssm_name != "" ? var.github_webhooks_token_ssm_name : format(var.chamber_format, var.chamber_service, "github_webhooks_token") } @@ -239,7 +239,7 @@ resource "aws_ssm_parameter" "atlantis_gh_team_whitelist" { resource "aws_ssm_parameter" "atlantis_gh_webhook_secret" { count = local.enabled ? 1 : 0 description = "Atlantis GitHub webhook secret" - key_id = join("", data.aws_kms_key.chamber_kms_key.*.id) + key_id = join("", data.aws_kms_key.chamber_kms_key[*].id) name = format(var.chamber_format, var.chamber_service, "atlantis_gh_webhook_secret") overwrite = var.overwrite_ssm_parameter type = "SecureString" @@ -300,7 +300,7 @@ resource "aws_ssm_parameter" "atlantis_wake_word" { resource "aws_ssm_parameter" "atlantis_gh_token" { count = local.enabled && var.github_oauth_token != "" ? 1 : 0 description = "Atlantis GitHub OAuth token" - key_id = join("", data.aws_kms_key.chamber_kms_key.*.id) + key_id = join("", data.aws_kms_key.chamber_kms_key[*].id) name = local.github_oauth_token_ssm_name overwrite = var.overwrite_ssm_parameter type = "SecureString" @@ -311,7 +311,7 @@ resource "aws_ssm_parameter" "atlantis_gh_token" { resource "aws_ssm_parameter" "github_webhooks_token" { count = local.enabled && var.github_webhooks_token != "" ? 1 : 0 description = "GitHub OAuth token with permission to create webhooks" - key_id = join("", data.aws_kms_key.chamber_kms_key.*.id) + key_id = join("", data.aws_kms_key.chamber_kms_key[*].id) name = local.github_webhooks_token_ssm_name overwrite = var.overwrite_ssm_parameter type = "SecureString" @@ -370,7 +370,7 @@ resource "aws_iam_role_policy_attachment" "default" { } locals { - authentication_cognito_user_pool_arn = var.authentication_cognito_user_pool_arn != "" ? var.authentication_cognito_user_pool_arn : join("", data.aws_ssm_parameter.atlantis_cognito_user_pool_arn.*.value) + authentication_cognito_user_pool_arn = var.authentication_cognito_user_pool_arn != "" ? var.authentication_cognito_user_pool_arn : join("", data.aws_ssm_parameter.atlantis_cognito_user_pool_arn[*].value) authentication_cognito_user_pool_arn_ssm_name = var.authentication_cognito_user_pool_arn_ssm_name != "" ? var.authentication_cognito_user_pool_arn_ssm_name : format( var.chamber_format, @@ -378,7 +378,7 @@ locals { "atlantis_cognito_user_pool_arn" ) - authentication_cognito_user_pool_client_id = var.authentication_cognito_user_pool_client_id != "" ? var.authentication_cognito_user_pool_client_id : join("", data.aws_ssm_parameter.atlantis_cognito_user_pool_client_id.*.value) + authentication_cognito_user_pool_client_id = var.authentication_cognito_user_pool_client_id != "" ? var.authentication_cognito_user_pool_client_id : join("", data.aws_ssm_parameter.atlantis_cognito_user_pool_client_id[*].value) authentication_cognito_user_pool_client_id_ssm_name = var.authentication_cognito_user_pool_client_id_ssm_name != "" ? var.authentication_cognito_user_pool_client_id_ssm_name : format( var.chamber_format, @@ -386,7 +386,7 @@ locals { "atlantis_cognito_user_pool_client_id" ) - authentication_cognito_user_pool_domain = var.authentication_cognito_user_pool_domain != "" ? var.authentication_cognito_user_pool_domain : join("", data.aws_ssm_parameter.atlantis_cognito_user_pool_domain.*.value) + authentication_cognito_user_pool_domain = var.authentication_cognito_user_pool_domain != "" ? var.authentication_cognito_user_pool_domain : join("", data.aws_ssm_parameter.atlantis_cognito_user_pool_domain[*].value) authentication_cognito_user_pool_domain_ssm_name = var.authentication_cognito_user_pool_domain_ssm_name != "" ? var.authentication_cognito_user_pool_domain_ssm_name : format( var.chamber_format, @@ -394,7 +394,7 @@ locals { "atlantis_cognito_user_pool_domain" ) - authentication_oidc_client_id = var.authentication_oidc_client_id != "" ? var.authentication_oidc_client_id : join("", data.aws_ssm_parameter.atlantis_oidc_client_id.*.value) + authentication_oidc_client_id = var.authentication_oidc_client_id != "" ? var.authentication_oidc_client_id : join("", data.aws_ssm_parameter.atlantis_oidc_client_id[*].value) authentication_oidc_client_id_ssm_name = var.authentication_oidc_client_id_ssm_name != "" ? var.authentication_oidc_client_id_ssm_name : format( var.chamber_format, @@ -402,7 +402,7 @@ locals { "atlantis_oidc_client_id" ) - authentication_oidc_client_secret = var.authentication_oidc_client_secret != "" ? var.authentication_oidc_client_secret : join("", data.aws_ssm_parameter.atlantis_oidc_client_secret.*.value) + authentication_oidc_client_secret = var.authentication_oidc_client_secret != "" ? var.authentication_oidc_client_secret : join("", data.aws_ssm_parameter.atlantis_oidc_client_secret[*].value) authentication_oidc_client_secret_ssm_name = var.authentication_oidc_client_secret_ssm_name != "" ? var.authentication_oidc_client_secret_ssm_name : format( var.chamber_format, diff --git a/versions.tf b/versions.tf index 739a73c..bae2b4b 100644 --- a/versions.tf +++ b/versions.tf @@ -1,5 +1,5 @@ terraform { - required_version = ">= 0.13.0" + required_version = ">= 1.0" required_providers { aws = {