Merge pull request #29 from clouddrove/feat/identos-issue-239

feat: added Replica-Key and Replica-External-Key(CMK)
clouddrove · Aug 11, 2023 · 8ee2464 · 8ee2464
2 parents 0b1ba7c + bb380b0
commit 8ee2464
Show file tree

Hide file tree

Showing 20 changed files with 615 additions and 222 deletions.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -2,9 +2,18 @@
 # package ecosystems to update and where the package manifests are located.
 # Please see the documentation for all configuration options:
 # https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
-
 version: 2
 updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"
+    open-pull-requests-limit: 3
+    assignees:
+      - "clouddrove-ci"
+    reviewers:
+      - "approvers"
+
   - package-ecosystem: "terraform" # See documentation for possible values
     directory: "/" # Location of package manifests
     schedule:
@@ -15,13 +24,57 @@ updates:
     # Add reviewer
     reviewers:
       - "approvers"
+    # Allow up to 3 open pull requests for pip dependencies
+    open-pull-requests-limit: 3
+
+  - package-ecosystem: "terraform" # See documentation for possible values
+    directory: "/_example/complete" # Location of package manifests
+    schedule:
+      interval: "weekly"
+    # Add assignees
+    assignees:
+      - "clouddrove-ci"
+    # Add reviewer
+    reviewers:
+      - "approvers"
+    # Allow up to 3 open pull requests for pip dependencies
+    open-pull-requests-limit: 3
+
   - package-ecosystem: "terraform" # See documentation for possible values
-    directory: "_example/" # Location of package manifests
+    directory: "/_example/external_key" # Location of package manifests
     schedule:
       interval: "weekly"
     # Add assignees
     assignees:
       - "clouddrove-ci"
     # Add reviewer
     reviewers:
-      - "approvers"
+      - "approvers"
+    # Allow up to 3 open pull requests for pip dependencies
+    open-pull-requests-limit: 3
+
+  - package-ecosystem: "terraform" # See documentation for possible values
+    directory: "/_example/external_replica_key" # Location of package manifests
+    schedule:
+      interval: "weekly"
+    # Add assignees
+    assignees:
+      - "clouddrove-ci"
+    # Add reviewer
+    reviewers:
+      - "approvers"
+    # Allow up to 3 open pull requests for pip dependencies
+    open-pull-requests-limit: 3
+
+  - package-ecosystem: "terraform" # See documentation for possible values
+    directory: "/_example/replica_key" # Location of package manifests
+    schedule:
+      interval: "weekly"
+    # Add assignees
+    assignees:
+      - "clouddrove-ci"
+    # Add reviewer
+    reviewers:
+      - "approvers"
+    # Allow up to 3 open pull requests for pip dependencies
+    open-pull-requests-limit: 3
diff --git a/.github/workflows/auto_assignee.yml b/.github/workflows/auto_assignee.yml
@@ -0,0 +1,14 @@
+name: Auto Assign PRs
+
+on:
+  pull_request:
+    types: [opened, reopened]
+
+  workflow_dispatch:
+jobs:
+  assignee:
+    uses: clouddrove/github-shared-workflows/.github/workflows/auto_assignee.yml@master
+    secrets:
+      GITHUB: ${{ secrets.GITHUB }}
+    with:
+      assignees: 'clouddrove-ci'
diff --git a/.github/workflows/readme.yml b/.github/workflows/readme.yml
@@ -10,28 +10,27 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: 'Checkout'
-        uses: actions/checkout@v2.3.4
+        uses: actions/checkout@master
 
-      - name: Set up Python 3.7.
-        uses: actions/setup-python@v2
+      - name: 'Set up Python 3.7'
+        uses: actions/setup-python@v4
         with:
           python-version: '3.x'
 
       - name: 'create readme'
         uses: 'clouddrove/github-actions@v9.0.2'
         with:
           actions_subcommand: 'readme'
-          github_token: '${{ secrets.GITHUB}}'
+          github_token: '${{ secrets.GITHUB }}'
         env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN}}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
-
-      - name: pre-commit check errors
-        uses: pre-commit/action@v2.0.0
+      - name: 'pre-commit check errors'
+        uses: pre-commit/action@v3.0.0
         continue-on-error: true
 
-      - name: pre-commit fix erros
-        uses: pre-commit/action@v2.0.0
+      - name: 'pre-commit fix erros'
+        uses: pre-commit/action@v3.0.0
         continue-on-error: true
 
       - name: 'push readme'
@@ -40,7 +39,7 @@ jobs:
         with:
           actions_subcommand: 'push'
         env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN}}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
       - name: 'Slack Notification'
         uses: clouddrove/action-slack@v2
@@ -51,4 +50,4 @@ jobs:
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # required
           SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_TERRAFORM }} # required
-        if: always()
+        if: always()
diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml
diff --git a/.github/workflows/terratest.yml b/.github/workflows/terratest.yml
diff --git a/.github/workflows/tf-checks.yml b/.github/workflows/tf-checks.yml
@@ -0,0 +1,23 @@
+name: tf-checks
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+  workflow_dispatch:
+jobs:
+  complete:
+    uses: clouddrove/github-shared-workflows/.github/workflows/tf-checks.yml@master
+    with:
+      working_directory: './_example/complete/'
+  external_key:
+    uses: clouddrove/github-shared-workflows/.github/workflows/tf-checks.yml@master
+    with:
+      working_directory: './_example/external_key/'
+  external_replica_key:
+    uses: clouddrove/github-shared-workflows/.github/workflows/tf-checks.yml@master
+    with:
+      working_directory: './_example/external_replica_key/'
+  replica_key:
+    uses: clouddrove/github-shared-workflows/.github/workflows/tf-checks.yml@master
+    with:
+      working_directory: './_example/replica_key/'
diff --git a/.github/workflows/tflint.yml b/.github/workflows/tflint.yml
@@ -0,0 +1,11 @@
+name: tf-lint
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+  workflow_dispatch:
+jobs:
+  tflint:
+    uses: clouddrove/test-tfsec/.github/workflows/tflint.yaml@master
+    secrets:
+      GITHUB: ${{ secrets.GITHUB }}
diff --git a/README.yaml b/README.yaml
@@ -15,19 +15,19 @@ github_repo: clouddrove/terraform-aws-kms
 
 # Badges to display
 badges:
-  - name: "Terraform"
-    image: "https://img.shields.io/badge/Terraform-v1.1.7-green"
-    url: "https://www.terraform.io"
+  - name: "Latest Release"
+    image: "https://img.shields.io/github/release/clouddrove/terraform-aws-subnet.svg"
+    url: "https://github.com/clouddrove/terraform-aws-subnet/releases/latest"
+  - name: "tfsec"
+    image: "https://github.com/clouddrove/terraform-aws-subnet/actions/workflows/tfsec.yml/badge.svg"
+    url: "https://github.com/clouddrove/terraform-aws-kms/actions/workflows/tfsec.yml"
   - name: "Licence"
     image: "https://img.shields.io/badge/License-APACHE-blue.svg"
     url: "LICENSE.md"
-  - name: "tfsec"
-    image: "https://github.com/clouddrove/terraform-aws-kms/actions/workflows/tfsec.yml/badge.svg"
-    url: "https://github.com/clouddrove/terraform-aws-kms/actions/workflows/tfsec.yml"
-  - name: "static-checks"
-    image: "https://github.com/clouddrove/terraform-aws-kms/actions/workflows/terraform.yml/badge.svg"
-    url: "https://github.com/clouddrove/terraform-aws-kms/actions/workflows/terraform.yml"
 
+prerequesties:
+  - name: Terraform 1.5.4
+    url: https://learn.hashicorp.com/terraform/getting-started/install.html
 #  description of this project
 description: |-
   This terraform module creates a KMS Customer Master Key (CMK) and its alias.