Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Terraform 0.14 upgrade #18

Merged
merged 12 commits into from
Dec 11, 2020
Prev Previous commit
Next Next commit
terraform 0.14 upgrade
Nuru committed Dec 10, 2020
commit 59af300fbf69dd1315f3fec5168b53aaecd767cf
9 changes: 6 additions & 3 deletions .github/CODEOWNERS
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
# Use this file to define individuals or teams that are responsible for code in a repository.
# Read more: <https://help.github.com/articles/about-codeowners/>
#
# Order is important: the last matching pattern takes the most precedence
# Order is important: the last matching pattern has the highest precedence

# These owners will be the default owners for everything
* @cloudposse/engineering @cloudposse/contributors
@@ -13,8 +13,11 @@
# Cloud Posse must review any changes to GitHub actions
.github/* @cloudposse/engineering

# Cloud Posse must review any changes to standard context definition
**/context.tf @cloudposse/engineering @cloudposse/merge-bots
# Cloud Posse must review any changes to standard context definition,
# but some changes can be rubber-stamped.
**/context.tf @cloudposse/engineering @cloudposse/approvers
README.md @cloudposse/engineering @cloudposse/contributors @cloudposse/approvers
docs/*.md @cloudposse/engineering @cloudposse/contributors @cloudposse/approvers

# Cloud Posse Admins must review all changes to CODEOWNERS or the mergify configuration
.github/mergify.yml @cloudposse/admins
43 changes: 22 additions & 21 deletions .github/auto-release.yml
Original file line number Diff line number Diff line change
@@ -4,34 +4,35 @@ version-template: '$MAJOR.$MINOR.$PATCH'
version-resolver:
major:
labels:
- 'major'
- 'major'
minor:
labels:
- 'minor'
- 'enhancement'
- 'minor'
- 'enhancement'
patch:
labels:
- 'auto-update'
- 'patch'
- 'fix'
- 'bugfix'
- 'bug'
- 'hotfix'
- 'auto-update'
- 'patch'
- 'fix'
- 'bugfix'
- 'bug'
- 'hotfix'
default: 'minor'

categories:
- title: '🚀 Enhancements'
labels:
- 'enhancement'
- title: '🐛 Bug Fixes'
labels:
- 'fix'
- 'bugfix'
- 'bug'
- 'hotfix'
- title: '🤖 Automatic Update'
labels:
- 'auto-update'
- title: '🚀 Enhancements'
labels:
- 'enhancement'
- 'patch'
- title: '🐛 Bug Fixes'
labels:
- 'fix'
- 'bugfix'
- 'bug'
- 'hotfix'
- title: '🤖 Automatic Updates'
labels:
- 'auto-update'

change-template: |
<details>
93 changes: 47 additions & 46 deletions .github/mergify.yml
Original file line number Diff line number Diff line change
@@ -1,51 +1,52 @@
pull_request_rules:
- name: "approve automated PRs that have passed checks"
conditions:
- "check-success~=test/bats"
- "check-success~=test/readme"
- "check-success~=test/terratest"
- "base=master"
- "author=cloudpossebot"
- "head~=auto-update/.*"
actions:
review:
type: "APPROVE"
message: "We've automatically approved this PR because the checks from the automated Pull Request have passed."
- name: "approve automated PRs that have passed checks"
conditions:
- "check-success~=test/bats"
- "check-success~=test/readme"
- "check-success~=test/terratest"
- "base=master"
- "author=cloudpossebot"
- "head~=auto-update/.*"
actions:
review:
type: "APPROVE"
bot_account: "cloudposse-mergebot"
message: "We've automatically approved this PR because the checks from the automated Pull Request have passed."

- name: "merge automated PRs when approved and tests pass"
conditions:
- "check-success~=test/bats"
- "check-success~=test/readme"
- "check-success~=test/terratest"
- "base=master"
- "head~=auto-update/.*"
- "#approved-reviews-by>=1"
- "#changes-requested-reviews-by=0"
- "#commented-reviews-by=0"
- "base=master"
- "author=cloudpossebot"
actions:
merge:
method: "squash"
- name: "merge automated PRs when approved and tests pass"
conditions:
- "check-success~=test/bats"
- "check-success~=test/readme"
- "check-success~=test/terratest"
- "base=master"
- "head~=auto-update/.*"
- "#approved-reviews-by>=1"
- "#changes-requested-reviews-by=0"
- "#commented-reviews-by=0"
- "base=master"
- "author=cloudpossebot"
actions:
merge:
method: "squash"

- name: "delete the head branch after merge"
conditions:
- "merged"
actions:
delete_head_branch: {}
- name: "delete the head branch after merge"
conditions:
- "merged"
actions:
delete_head_branch: {}

- name: "ask to resolve conflict"
conditions:
- "conflict"
actions:
comment:
message: "This pull request is now in conflicts. Could you fix it @{{author}}? 🙏"
- name: "ask to resolve conflict"
conditions:
- "conflict"
actions:
comment:
message: "This pull request is now in conflict. Could you fix it @{{author}}? 🙏"

- name: "remove outdated reviews"
conditions:
- "base=master"
actions:
dismiss_reviews:
changes_requested: true
approved: true
message: "This Pull Request has been updated, so we're dismissing all reviews."
- name: "remove outdated reviews"
conditions:
- "base=master"
actions:
dismiss_reviews:
changes_requested: true
approved: true
message: "This Pull Request has been updated, so we're dismissing all reviews."
78 changes: 39 additions & 39 deletions .github/workflows/auto-context.yml
Original file line number Diff line number Diff line change
@@ -1,54 +1,54 @@
name: "auto-context"
on:
schedule:
# Update context.tf nightly
- cron: '0 3 * * *'
# Update context.tf nightly
- cron: '0 3 * * *'

jobs:
update:
if: github.event_name == 'schedule'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions/checkout@v2

- name: Update context.tf
shell: bash
id: update
env:
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
run: |
if [[ -f context.tf ]]; then
echo "Discovered existing context.tf! Fetching most recent version to see if there is an update."
curl -o context.tf -fsSL https://raw.githubusercontent.com/cloudposse/terraform-null-label/master/exports/context.tf
if git diff --no-patch --exit-code context.tf; then
echo "No changes detected! Exiting the job..."
else
echo "context.tf file was updated. Need to rebuild README.md."
make init
make readme/build
echo "::set-output name=create_pull_request=true"
fi
- name: Update context.tf
shell: bash
id: update
env:
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
run: |
if [[ -f context.tf ]]; then
echo "Discovered existing context.tf! Fetching most recent version to see if there is an update."
curl -o context.tf -fsSL https://raw.githubusercontent.com/cloudposse/terraform-null-label/master/exports/context.tf
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should this call the context target from the build-harness?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Given that this is run 200 times nightly, I want to keep it light and not require build-harness. I will call build-harness if context.tf changes.

if git diff --no-patch --exit-code context.tf; then
echo "No changes detected! Exiting the job..."
else
echo "This module has not yet been updated to support the context.tf pattern! Please update in order to support automatic updates."
echo "context.tf file was updated. Need to rebuild README.md."
make init
make readme/build
echo "::set-output name=create_pull_request=true"
fi
else
echo "This module has not yet been updated to support the context.tf pattern! Please update in order to support automatic updates."
fi
- name: Create Pull Request
if: {{ steps.update.outputs.create_pull_request == 'true' }}
uses: cloudposse/actions/github/create-pull-request@0.20.0
with:
token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }}
commit-message: Update context.tf from origin source
title: Update context.tf
body: |-
## what
This is an auto-generated PR that updates the `context.tf` file to the latest version from `cloudposse/terraform-null-label`
- name: Create Pull Request
if: {{ steps.update.outputs.create_pull_request == 'true' }}
uses: cloudposse/actions/github/create-pull-request@0.20.0
with:
token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }}
commit-message: Update context.tf from origin source
title: Update context.tf
body: |-
## what
This is an auto-generated PR that updates the `context.tf` file to the latest version from `cloudposse/terraform-null-label`
## why
To support all the features of the `context` interface.
## why
To support all the features of the `context` interface.
branch: auto-update/context.tf
base: master
delete-branch: true
labels: |
auto-update
context
branch: auto-update/context.tf
base: master
delete-branch: true
labels: |
auto-update
context
56 changes: 28 additions & 28 deletions .github/workflows/auto-readme.yml
Original file line number Diff line number Diff line change
@@ -1,41 +1,41 @@
name: "auto-readme"
on:
schedule:
# Update README.md nightly
- cron: '0 4 * * *'
# Update README.md nightly
- cron: '0 4 * * *'

jobs:
update:
if: github.event_name == 'schedule'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions/checkout@v2

- name: Update readme
shell: bash
id: update
env:
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
run: |
make init
make readme/build
- name: Update readme
shell: bash
id: update
env:
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
run: |
make init
make readme/build
- name: Create Pull Request
uses: cloudposse/actions/github/create-pull-request@0.20.0
with:
token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }}
commit-message: Update README.md and docs
title: Update README.md and docs
body: |-
## what
This is an auto-generated PR that updates the README.md and docs
- name: Create Pull Request
uses: cloudposse/actions/github/create-pull-request@0.20.0
with:
token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }}
commit-message: Update README.md and docs
title: Update README.md and docs
body: |-
## what
This is an auto-generated PR that updates the README.md and docs
## why
To have most recent changes of README.md and doc from origin templates
## why
To have most recent changes of README.md and doc from origin templates
branch: auto-update/readme
base: master
delete-branch: true
labels: |
auto-update
readme
branch: auto-update/readme
base: master
delete-branch: true
labels: |
auto-update
readme
59 changes: 17 additions & 42 deletions .github/workflows/auto-release.yml
Original file line number Diff line number Diff line change
@@ -1,44 +1,19 @@
name-template: 'v$RESOLVED_VERSION'
tag-template: '$RESOLVED_VERSION'
version-template: '$MAJOR.$MINOR.$PATCH'
version-resolver:
major:
labels:
- 'major'
minor:
labels:
- 'minor'
- 'enhancement'
patch:
labels:
- 'auto-update'
- 'patch'
- 'fix'
- 'bugfix'
- 'bug'
- 'hotfix'
default: 'minor'
name: auto-release

categories:
- title: '🚀 Enhancements'
labels:
- 'enhancement'
- title: '🐛 Bug Fixes'
labels:
- 'fix'
- 'bugfix'
- 'bug'
- 'hotfix'
- title: '🤖 Automatic Update'
labels:
- 'auto-update'
on:
push:
branches:
- master

change-template: |
<details>
<summary>$TITLE @$AUTHOR (#$NUMBER)</summary>
$BODY
</details>
template: |
$CHANGES
jobs:
semver:
runs-on: ubuntu-latest
steps:
# Drafts your next Release notes as Pull Requests are merged into "master"
- uses: release-drafter/release-drafter@v5
with:
publish: true
prerelease: false
config-name: auto-release.yml
env:
GITHUB_TOKEN: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }}
4 changes: 2 additions & 2 deletions .github/workflows/chatops.yml
Original file line number Diff line number Diff line change
@@ -9,7 +9,7 @@ jobs:
steps:
- uses: actions/checkout@v2
- name: "Handle common commands"
uses: cloudposse/actions/github/slash-command-dispatch@0.16.0
uses: cloudposse/actions/github/slash-command-dispatch@0.22.0
with:
token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }}
reaction-token: ${{ secrets.GITHUB_TOKEN }}
@@ -24,7 +24,7 @@ jobs:
- name: "Checkout commit"
uses: actions/checkout@v2
- name: "Run tests"
uses: cloudposse/actions/github/slash-command-dispatch@0.16.0
uses: cloudposse/actions/github/slash-command-dispatch@0.22.0
with:
token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }}
reaction-token: ${{ secrets.GITHUB_TOKEN }}
21 changes: 21 additions & 0 deletions .github/workflows/validate-codeowners.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
name: Validate Codeowners
on:
pull_request:
paths:
- '**/CODEOWNERS'
- '.github/workflows/validate-codeowners.yml'

jobs:
validate-codeowners:
runs-on: ubuntu-latest
steps:
- name: "Checkout source code at current commit"
uses: actions/checkout@v2
- uses: mszostok/codeowners-validator@v0.5.0
with:
# For now, remove "files" check to allow CODEOWNERS to specify non-existent
# files so we can use the same CODEOWNERS file for Terraform and non-Terraform repos
# checks: "files,syntax,owners,duppatterns"
checks: "syntax,owners,duppatterns"
# GitHub access token is required only if the `owners` check is enabled
github_access_token: "${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }}"
2 changes: 1 addition & 1 deletion README.md
Original file line number Diff line number Diff line change
@@ -70,7 +70,7 @@ We highly recommend that in your code you pin the version to the exact version y
using so that your infrastructure remains stable, and update versions in a
systematic way so that they do not catch you by surprise.

Also, because of a bug in the Terraform registry (hashicorp/terraform#21417),
Also, because of a bug in the Terraform registry ([hashicorp/terraform#21417](https://github.com/hashicorp/terraform/issues/21417)),
the registry shows many of our inputs as required when in fact they are optional.
The table below correctly indicates which inputs are required.

4 changes: 3 additions & 1 deletion context.tf
Original file line number Diff line number Diff line change
@@ -18,8 +18,10 @@
# will be null, and `module.this.delimiter` will be `-` (hyphen).
#


module "this" {
source = "git::https://github.com/cloudposse/terraform-null-label.git?ref=tags/0.19.2"
source = "cloudposse/label/null"
version = "0.22.0" // requires Terraform >= 0.12.26

enabled = var.enabled
namespace = var.namespace
4 changes: 3 additions & 1 deletion examples/complete/context.tf
Original file line number Diff line number Diff line change
@@ -18,8 +18,10 @@
# will be null, and `module.this.delimiter` will be `-` (hyphen).
#


module "this" {
source = "git::https://github.com/cloudposse/terraform-null-label.git?ref=tags/0.19.2"
source = "cloudposse/label/null"
version = "0.22.0" // requires Terraform >= 0.12.26

enabled = var.enabled
namespace = var.namespace