diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
index 07b38d2..ceb4644 100644
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -1,7 +1,7 @@
# Use this file to define individuals or teams that are responsible for code in a repository.
# Read more:
#
-# Order is important: the last matching pattern takes the most precedence
+# Order is important: the last matching pattern has the highest precedence
# These owners will be the default owners for everything
* @cloudposse/engineering @cloudposse/contributors
@@ -13,5 +13,12 @@
# Cloud Posse must review any changes to GitHub actions
.github/* @cloudposse/engineering
-# Cloud Posse must review any changes to standard context definition
-**/context.tf @cloudposse/engineering
+# Cloud Posse must review any changes to standard context definition,
+# but some changes can be rubber-stamped.
+**/context.tf @cloudposse/engineering @cloudposse/approvers
+README.md @cloudposse/engineering @cloudposse/contributors @cloudposse/approvers
+docs/*.md @cloudposse/engineering @cloudposse/contributors @cloudposse/approvers
+
+# Cloud Posse Admins must review all changes to CODEOWNERS or the mergify configuration
+.github/mergify.yml @cloudposse/admins
+.github/CODEOWNERS @cloudposse/admins
diff --git a/.github/auto-release.yml b/.github/auto-release.yml
index 2836185..18a1ca6 100644
--- a/.github/auto-release.yml
+++ b/.github/auto-release.yml
@@ -4,30 +4,35 @@ version-template: '$MAJOR.$MINOR.$PATCH'
version-resolver:
major:
labels:
- - 'major'
+ - 'major'
minor:
labels:
- - 'minor'
- - 'enhancement'
+ - 'minor'
+ - 'enhancement'
patch:
labels:
- - 'patch'
- - 'fix'
- - 'bugfix'
- - 'bug'
- - 'hotfix'
+ - 'auto-update'
+ - 'patch'
+ - 'fix'
+ - 'bugfix'
+ - 'bug'
+ - 'hotfix'
default: 'minor'
categories:
- - title: '🚀 Enhancements'
- labels:
- - 'enhancement'
- - title: '🐛 Bug Fixes'
- labels:
- - 'fix'
- - 'bugfix'
- - 'bug'
- - 'hotfix'
+- title: '🚀 Enhancements'
+ labels:
+ - 'enhancement'
+ - 'patch'
+- title: '🐛 Bug Fixes'
+ labels:
+ - 'fix'
+ - 'bugfix'
+ - 'bug'
+ - 'hotfix'
+- title: '🤖 Automatic Updates'
+ labels:
+ - 'auto-update'
change-template: |
diff --git a/.github/mergify.yml b/.github/mergify.yml
new file mode 100644
index 0000000..485982f
--- /dev/null
+++ b/.github/mergify.yml
@@ -0,0 +1,52 @@
+pull_request_rules:
+- name: "approve automated PRs that have passed checks"
+ conditions:
+ - "check-success~=test/bats"
+ - "check-success~=test/readme"
+ - "check-success~=test/terratest"
+ - "base=master"
+ - "author=cloudpossebot"
+ - "head~=auto-update/.*"
+ actions:
+ review:
+ type: "APPROVE"
+ bot_account: "cloudposse-mergebot"
+ message: "We've automatically approved this PR because the checks from the automated Pull Request have passed."
+
+- name: "merge automated PRs when approved and tests pass"
+ conditions:
+ - "check-success~=test/bats"
+ - "check-success~=test/readme"
+ - "check-success~=test/terratest"
+ - "base=master"
+ - "head~=auto-update/.*"
+ - "#approved-reviews-by>=1"
+ - "#changes-requested-reviews-by=0"
+ - "#commented-reviews-by=0"
+ - "base=master"
+ - "author=cloudpossebot"
+ actions:
+ merge:
+ method: "squash"
+
+- name: "delete the head branch after merge"
+ conditions:
+ - "merged"
+ actions:
+ delete_head_branch: {}
+
+- name: "ask to resolve conflict"
+ conditions:
+ - "conflict"
+ actions:
+ comment:
+ message: "This pull request is now in conflict. Could you fix it @{{author}}? 🙏"
+
+- name: "remove outdated reviews"
+ conditions:
+ - "base=master"
+ actions:
+ dismiss_reviews:
+ changes_requested: true
+ approved: true
+ message: "This Pull Request has been updated, so we're dismissing all reviews."
diff --git a/.github/workflows/auto-context.yml b/.github/workflows/auto-context.yml
new file mode 100644
index 0000000..739a3c9
--- /dev/null
+++ b/.github/workflows/auto-context.yml
@@ -0,0 +1,55 @@
+name: "auto-context"
+on:
+ schedule:
+ # Update context.tf nightly
+ - cron: '0 3 * * *'
+
+jobs:
+ update:
+ if: github.event_name == 'schedule'
+ runs-on: ubuntu-latest
+ steps:
+ - uses: actions/checkout@v2
+
+ - name: Update context.tf
+ shell: bash
+ id: update
+ env:
+ GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
+ run: |
+ if [[ -f context.tf ]]; then
+ echo "Discovered existing context.tf! Fetching most recent version to see if there is an update."
+ curl -o context.tf -fsSL https://raw.githubusercontent.com/cloudposse/terraform-null-label/master/exports/context.tf
+ if git diff --no-patch --exit-code context.tf; then
+ echo "No changes detected! Exiting the job..."
+ else
+ echo "context.tf file has changed. Update examples and rebuild README.md."
+ make init
+ make github/init/context.tf
+ make readme/build
+ echo "::set-output name=create_pull_request=true"
+ fi
+ else
+ echo "This module has not yet been updated to support the context.tf pattern! Please update in order to support automatic updates."
+ fi
+
+ - name: Create Pull Request
+ if: {{ steps.update.outputs.create_pull_request == 'true' }}
+ uses: cloudposse/actions/github/create-pull-request@0.22.0
+ with:
+ token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }}
+ commit-message: Update context.tf from origin source
+ title: Update context.tf
+ body: |-
+ ## what
+ This is an auto-generated PR that updates the `context.tf` file to the latest version from `cloudposse/terraform-null-label`
+
+ ## why
+ To support all the features of the `context` interface.
+
+ branch: auto-update/context.tf
+ base: master
+ delete-branch: true
+ labels: |
+ auto-update
+ context
diff --git a/.github/workflows/auto-readme.yml b/.github/workflows/auto-readme.yml
new file mode 100644
index 0000000..6229e60
--- /dev/null
+++ b/.github/workflows/auto-readme.yml
@@ -0,0 +1,41 @@
+name: "auto-readme"
+on:
+ schedule:
+ # Update README.md nightly
+ - cron: '0 4 * * *'
+
+jobs:
+ update:
+ if: github.event_name == 'schedule'
+ runs-on: ubuntu-latest
+ steps:
+ - uses: actions/checkout@v2
+
+ - name: Update readme
+ shell: bash
+ id: update
+ env:
+ GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
+ run: |
+ make init
+ make readme/build
+
+ - name: Create Pull Request
+ uses: cloudposse/actions/github/create-pull-request@0.20.0
+ with:
+ token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }}
+ commit-message: Update README.md and docs
+ title: Update README.md and docs
+ body: |-
+ ## what
+ This is an auto-generated PR that updates the README.md and docs
+
+ ## why
+ To have most recent changes of README.md and doc from origin templates
+
+ branch: auto-update/readme
+ base: master
+ delete-branch: true
+ labels: |
+ auto-update
+ readme
diff --git a/.github/workflows/chatops.yml b/.github/workflows/chatops.yml
index 0d94310..4ddc067 100644
--- a/.github/workflows/chatops.yml
+++ b/.github/workflows/chatops.yml
@@ -9,7 +9,7 @@ jobs:
steps:
- uses: actions/checkout@v2
- name: "Handle common commands"
- uses: cloudposse/actions/github/slash-command-dispatch@0.16.0
+ uses: cloudposse/actions/github/slash-command-dispatch@0.22.0
with:
token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }}
reaction-token: ${{ secrets.GITHUB_TOKEN }}
@@ -24,7 +24,7 @@ jobs:
- name: "Checkout commit"
uses: actions/checkout@v2
- name: "Run tests"
- uses: cloudposse/actions/github/slash-command-dispatch@0.16.0
+ uses: cloudposse/actions/github/slash-command-dispatch@0.22.0
with:
token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }}
reaction-token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/validate-codeowners.yml b/.github/workflows/validate-codeowners.yml
new file mode 100644
index 0000000..8044289
--- /dev/null
+++ b/.github/workflows/validate-codeowners.yml
@@ -0,0 +1,18 @@
+name: Validate Codeowners
+on:
+ pull_request:
+
+jobs:
+ validate-codeowners:
+ runs-on: ubuntu-latest
+ steps:
+ - name: "Checkout source code at current commit"
+ uses: actions/checkout@v2
+ - uses: mszostok/codeowners-validator@v0.5.0
+ with:
+ # For now, remove "files" check to allow CODEOWNERS to specify non-existent
+ # files so we can use the same CODEOWNERS file for Terraform and non-Terraform repos
+ # checks: "files,syntax,owners,duppatterns"
+ checks: "syntax,owners,duppatterns"
+ # GitHub access token is required only if the `owners` check is enabled
+ github_access_token: "${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }}"
diff --git a/README.md b/README.md
index b2439dd..72271c8 100644
--- a/README.md
+++ b/README.md
@@ -1,4 +1,6 @@
+
# terraform-aws-datadog-integration [](https://github.com/cloudposse/terraform-aws-datadog-integration/releases/latest) [](https://slack.cloudposse.com)
+
[![README Header][readme_header_img]][readme_header_link]
@@ -62,8 +64,15 @@ We literally have [*hundreds of terraform modules*][terraform_modules] that are
## Usage
-**IMPORTANT:** The `master` branch is used in `source` just as an example. In your code, do not pin to `master` because there may be breaking changes between releases.
-Instead pin to the release tag (e.g. `?ref=tags/x.y.z`) of one of our [latest releases](https://github.com/cloudposse/terraform-aws-datadog-integration/releases).
+**IMPORTANT:** We do not pin modules to versions in our examples because of the
+difficulty of keeping the versions in the documentation in sync with the latest released versions.
+We highly recommend that in your code you pin the version to the exact version you are
+using so that your infrastructure remains stable, and update versions in a
+systematic way so that they do not catch you by surprise.
+
+Also, because of a bug in the Terraform registry ([hashicorp/terraform#21417](https://github.com/hashicorp/terraform/issues/21417)),
+the registry shows many of our inputs as required when in fact they are optional.
+The table below correctly indicates which inputs are required.
@@ -90,7 +99,9 @@ Include this module in your existing terraform code:
```hcl
module "datadog_integration" {
- source = "git::https://github.com/cloudposse/terraform-aws-datadog-integration.git?ref=master"
+ source = "cloudposse/datadog-integration/aws"
+ # Cloud Posse recommends pinning every module to a specific version
+ # version = "x.x.x"
namespace = "eg"
stage = "test"
@@ -319,8 +330,10 @@ Check out [our other projects][github], [follow us on twitter][twitter], [apply
### Contributors
+
| [![Sergey Vasilyev][s2504s_avatar]][s2504s_homepage]
[Sergey Vasilyev][s2504s_homepage] | [![Erik Osterman][osterman_avatar]][osterman_homepage]
[Erik Osterman][osterman_homepage] | [![Andriy Knysh][aknysh_avatar]][aknysh_homepage]
[Andriy Knysh][aknysh_homepage] |
|---|---|---|
+
[s2504s_homepage]: https://github.com/s2504s
[s2504s_avatar]: https://img.cloudposse.com/150x150/https://github.com/s2504s.png
diff --git a/README.yaml b/README.yaml
index 883e3e4..fbcefa1 100644
--- a/README.yaml
+++ b/README.yaml
@@ -78,7 +78,9 @@ usage: |-
```hcl
module "datadog_integration" {
- source = "git::https://github.com/cloudposse/terraform-aws-datadog-integration.git?ref=master"
+ source = "cloudposse/datadog-integration/aws"
+ # Cloud Posse recommends pinning every module to a specific version
+ # version = "x.x.x"
namespace = "eg"
stage = "test"
diff --git a/all.tf b/all.tf
index 125d4c4..fc13c46 100644
--- a/all.tf
+++ b/all.tf
@@ -77,7 +77,8 @@ data "aws_iam_policy_document" "all" {
}
module "all_label" {
- source = "git::https://github.com/cloudposse/terraform-null-label.git?ref=tags/0.19.2"
+ source = "cloudposse/label/null"
+ version = "0.22.0"
attributes = compact(concat(module.this.attributes, ["all"]))
diff --git a/context.tf b/context.tf
index bae0cf1..e5734b7 100644
--- a/context.tf
+++ b/context.tf
@@ -18,8 +18,10 @@
# will be null, and `module.this.delimiter` will be `-` (hyphen).
#
+
module "this" {
- source = "git::https://github.com/cloudposse/terraform-null-label.git?ref=tags/0.19.2"
+ source = "cloudposse/label/null"
+ version = "0.22.0" // requires Terraform >= 0.12.26
enabled = var.enabled
namespace = var.namespace
diff --git a/core.tf b/core.tf
index 6e9926f..f9a6700 100644
--- a/core.tf
+++ b/core.tf
@@ -20,7 +20,8 @@ data "aws_iam_policy_document" "core" {
}
module "core_label" {
- source = "git::https://github.com/cloudposse/terraform-null-label.git?ref=0.19.2"
+ source = "cloudposse/label/null"
+ version = "0.22.0"
attributes = compact(concat(module.this.attributes, ["core"]))
diff --git a/examples/complete/context.tf b/examples/complete/context.tf
index bae0cf1..e5734b7 100644
--- a/examples/complete/context.tf
+++ b/examples/complete/context.tf
@@ -18,8 +18,10 @@
# will be null, and `module.this.delimiter` will be `-` (hyphen).
#
+
module "this" {
- source = "git::https://github.com/cloudposse/terraform-null-label.git?ref=tags/0.19.2"
+ source = "cloudposse/label/null"
+ version = "0.22.0" // requires Terraform >= 0.12.26
enabled = var.enabled
namespace = var.namespace