Convert to TF 0.12. Add tests. Add Codefresh test pipeline (#6)

* Convert to TF 0.12. Add tests. Add Codefresh test pipeline

* Convert to TF 0.12. Add tests. Add Codefresh test pipeline

* Convert to TF 0.12. Add tests. Add Codefresh test pipeline

README.md

@@ -3,7 +3,7 @@
 
 [![Cloud Posse][logo]](https://cpco.io/homepage)
 
-# terraform-aws-ssm-tls-ssh-key-pair [![Build Status](https://travis-ci.org/cloudposse/terraform-aws-ssm-tls-ssh-key-pair.svg?branch=master)](https://travis-ci.org/cloudposse/terraform-aws-ssm-tls-ssh-key-pair) [![Latest Release](https://img.shields.io/github/release/cloudposse/terraform-aws-ssm-tls-ssh-key-pair.svg)](https://github.com/cloudposse/terraform-aws-ssm-tls-ssh-key-pair/releases/latest) [![Slack Community](https://slack.cloudposse.com/badge.svg)](https://slack.cloudposse.com)
+# terraform-aws-ssm-tls-ssh-key-pair [![Codefresh Build Status](https://g.codefresh.io/api/badges/pipeline/cloudposse/terraform-modules%2Fterraform-aws-ssm-tls-ssh-key-pair?type=cf-1)](https://g.codefresh.io/public/accounts/cloudposse/pipelines/5d1ba83195dc307c009861ce) [![Latest Release](https://img.shields.io/github/release/cloudposse/terraform-aws-ssm-tls-ssh-key-pair.svg)](https://github.com/cloudposse/terraform-aws-ssm-tls-ssh-key-pair/releases/latest) [![Slack Community](https://slack.cloudposse.com/badge.svg)](https://slack.cloudposse.com)
 
 
 Terraform module that provisions an SSH TLS key pair and writes it to SSM Parameter Store.
@@ -44,6 +44,11 @@ We literally have [*hundreds of terraform modules*][terraform_modules] that are
 
 ## Usage
 
+
+**IMPORTANT:** The `master` branch is used in `source` just as an example. In your code, do not pin to `master` because there may be breaking changes between releases.
+Instead pin to the release tag (e.g. `?ref=tags/x.y.z`) of one of our [latest releases](https://github.com/cloudposse/terraform-aws-ssm-tls-ssh-key-pair/releases).
+
+
 ```hcl
 module "ssm_tls_ssh_key_pair" {
   source               = "git::https://github.com/cloudposse/terraform-aws-ssm-tls-ssh-key-pair.git?ref=master"
@@ -74,28 +79,29 @@ Available targets:
 
 | Name | Description | Type | Default | Required |
 |------|-------------|:----:|:-----:|:-----:|
-| attributes | Additional attributes (e.g. `1`) | list | `<list>` | no |
+| attributes | Additional attributes (e.g. `1`) | list(string) | `<list>` | no |
 | delimiter | Delimiter to be used between `namespace`, `stage`, `name` and `attributes` | string | `-` | no |
 | ecdsa_curve | When ssh_key_algorithm is 'ECDSA', the name of the elliptic curve to use. May be any one of 'P256', 'P384' or P521' | string | `P256` | no |
-| enabled | Whether to create the resources. Set to `false` to prevent the module from creating any resources | string | `true` | no |
+| enabled | Whether to create the resources. Set to `false` to prevent the module from creating any resources | bool | `true` | no |
 | kms_key_id | KMS Key ID used for encryption | string | `` | no |
 | name | Application or solution name (e.g. `app`) | string | - | yes |
-| namespace | Namespace (e.g. `eg` or `cp`) | string | - | yes |
-| overwrite_ssm_parameter | Whether to overwrite an existing SSM parameter | string | `true` | no |
-| rsa_bits | When ssh_key_algorithm is 'RSA', the size of the generated RSA key in bits | string | `4096` | no |
+| namespace | Namespace (e.g. `eg` or `cp`) | string | `` | no |
+| overwrite_ssm_parameter | Whether to overwrite an existing SSM parameter | bool | `true` | no |
+| rsa_bits | When ssh_key_algorithm is 'RSA', the size of the generated RSA key in bits | number | `4096` | no |
 | ssh_key_algorithm | SSH key algorithm to use. Currently-supported values are 'RSA' and 'ECDSA' | string | `RSA` | no |
 | ssh_private_key_name | SSM Parameter name of the SSH private key | string | `` | no |
 | ssh_public_key_name | SSM Parameter name of the SSH public key | string | `` | no |
 | ssm_path_format | SSM path format | string | `/%s/%s` | no |
 | ssm_path_prefix | The SSM parameter path prefix (e.g. /$ssm_path_prefix/$key_name) | string | `ssh_keys` | no |
-| stage | Stage (e.g. `prod`, `dev`, `staging`) | string | - | yes |
-| tags | Additional tags (e.g. map(`BusinessUnit`,`XYZ`) | map | `<map>` | no |
+| stage | Stage (e.g. `prod`, `dev`, `staging`) | string | `` | no |
+| tags | Additional tags (e.g. map(`BusinessUnit`,`XYZ`) | map(string) | `<map>` | no |
 
 ## Outputs
 
 | Name | Description |
 |------|-------------|
-| public_key | Contents of the generated public key |
+| key_name | Name of SSH key |
+| public_key | Content of the generated public key |
 
 
 
@@ -233,13 +239,15 @@ Check out [our other projects][github], [follow us on twitter][twitter], [apply
 
 ### Contributors
 
-|  [![Erik Osterman][osterman_avatar]][osterman_homepage]<br/>[Erik Osterman][osterman_homepage] | [![Josh Myers][joshmyers_avatar]][joshmyers_homepage]<br/>[Josh Myers][joshmyers_homepage] |
-|---|---|
+|  [![Erik Osterman][osterman_avatar]][osterman_homepage]<br/>[Erik Osterman][osterman_homepage] | [![Josh Myers][joshmyers_avatar]][joshmyers_homepage]<br/>[Josh Myers][joshmyers_homepage] | [![Andriy Knysh][aknysh_avatar]][aknysh_homepage]<br/>[Andriy Knysh][aknysh_homepage] |
+|---|---|---|
 
   [osterman_homepage]: https://github.com/osterman
   [osterman_avatar]: https://github.com/osterman.png?size=150
   [joshmyers_homepage]: https://github.com/joshmyers
   [joshmyers_avatar]: https://github.com/joshmyers.png?size=150
+  [aknysh_homepage]: https://github.com/aknysh
+  [aknysh_avatar]: https://github.com/aknysh.png?size=150
 
 
 

README.yaml

@@ -18,9 +18,9 @@ github_repo: cloudposse/terraform-aws-ssm-tls-ssh-key-pair
 
 # Badges to display
 badges:
-  - name: "Build Status"
-    image: "https://travis-ci.org/cloudposse/terraform-aws-ssm-tls-ssh-key-pair.svg?branch=master"
-    url: "https://travis-ci.org/cloudposse/terraform-aws-ssm-tls-ssh-key-pair"
+  - name: "Codefresh Build Status"
+    image: "https://g.codefresh.io/api/badges/pipeline/cloudposse/terraform-modules%2Fterraform-aws-ssm-tls-ssh-key-pair?type=cf-1"
+    url: "https://g.codefresh.io/public/accounts/cloudposse/pipelines/5d1ba83195dc307c009861ce"
   - name: "Latest Release"
     image: "https://img.shields.io/github/release/cloudposse/terraform-aws-ssm-tls-ssh-key-pair.svg"
     url: "https://github.com/cloudposse/terraform-aws-ssm-tls-ssh-key-pair/releases/latest"
@@ -65,3 +65,5 @@ contributors:
     github: "osterman"
   - name: "Josh Myers"
     github: "joshmyers"
+  - name: "Andriy Knysh"
+    github: "aknysh"

codefresh/test.yml

@@ -0,0 +1,74 @@
+version: '1.0'
+
+stages:
+  - Prepare
+  - Test
+
+steps:
+  wait:
+    title: Wait
+    stage: Prepare
+    image: codefresh/cli:latest
+    commands:
+      - codefresh get builds --pipeline=${{CF_REPO_NAME}} --status running --limit 1000 -o json | jq --arg id ${{CF_BUILD_ID}} -ser 'flatten|.[-1].id==$id'
+    retry:
+      maxAttempts: 10
+      delay: 20
+      exponentialFactor: 1.1
+
+  main_clone:
+    title: "Clone repository"
+    type: git-clone
+    stage: Prepare
+    description: "Initialize"
+    repo: ${{CF_REPO_OWNER}}/${{CF_REPO_NAME}}
+    git: CF-default
+    revision: ${{CF_REVISION}}
+
+  clean_init:
+    title: Prepare build-harness and test-harness
+    image: ${{TEST_IMAGE}}
+    stage: Prepare
+    commands:
+      - cf_export PATH="/usr/local/terraform/0.12/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+      - make init
+      - git -C build-harness checkout master
+      - make -C test/ clean init TEST_HARNESS_BRANCH=master
+      - make -C test/src clean init
+      - find . -type d -name '.terraform' | xargs rm -rf
+      - find . -type f -name 'terraform.tfstate*' -exec rm -f {} \;
+
+  test:
+    type: "parallel"
+    title: "Run tests"
+    description: "Run all tests in parallel"
+    stage: Test
+    steps:
+      test_readme_lint:
+        title: "Test README.md updated"
+        stage: "Test"
+        image: ${{TEST_IMAGE}}
+        description: Test "readme/lint"
+        commands:
+          - make readme/lint
+
+      test_module:
+        title: Test module with bats
+        image: ${{TEST_IMAGE}}
+        stage: Test
+        commands:
+          - make -C test/ module
+
+      test_examples_complete:
+        title: Test "examples/complete" with bats
+        image: ${{TEST_IMAGE}}
+        stage: Test
+        commands:
+          - make -C test/ examples/complete
+
+      test_examples_complete_terratest:
+        title: Test "examples/complete" with terratest
+        image: ${{TEST_IMAGE}}
+        stage: Test
+        commands:
+          - make -C test/src

docs/terraform.md

@@ -2,26 +2,27 @@
 
 | Name | Description | Type | Default | Required |
 |------|-------------|:----:|:-----:|:-----:|
-| attributes | Additional attributes (e.g. `1`) | list | `<list>` | no |
+| attributes | Additional attributes (e.g. `1`) | list(string) | `<list>` | no |
 | delimiter | Delimiter to be used between `namespace`, `stage`, `name` and `attributes` | string | `-` | no |
 | ecdsa_curve | When ssh_key_algorithm is 'ECDSA', the name of the elliptic curve to use. May be any one of 'P256', 'P384' or P521' | string | `P256` | no |
-| enabled | Whether to create the resources. Set to `false` to prevent the module from creating any resources | string | `true` | no |
+| enabled | Whether to create the resources. Set to `false` to prevent the module from creating any resources | bool | `true` | no |
 | kms_key_id | KMS Key ID used for encryption | string | `` | no |
 | name | Application or solution name (e.g. `app`) | string | - | yes |
-| namespace | Namespace (e.g. `eg` or `cp`) | string | - | yes |
-| overwrite_ssm_parameter | Whether to overwrite an existing SSM parameter | string | `true` | no |
-| rsa_bits | When ssh_key_algorithm is 'RSA', the size of the generated RSA key in bits | string | `4096` | no |
+| namespace | Namespace (e.g. `eg` or `cp`) | string | `` | no |
+| overwrite_ssm_parameter | Whether to overwrite an existing SSM parameter | bool | `true` | no |
+| rsa_bits | When ssh_key_algorithm is 'RSA', the size of the generated RSA key in bits | number | `4096` | no |
 | ssh_key_algorithm | SSH key algorithm to use. Currently-supported values are 'RSA' and 'ECDSA' | string | `RSA` | no |
 | ssh_private_key_name | SSM Parameter name of the SSH private key | string | `` | no |
 | ssh_public_key_name | SSM Parameter name of the SSH public key | string | `` | no |
 | ssm_path_format | SSM path format | string | `/%s/%s` | no |
 | ssm_path_prefix | The SSM parameter path prefix (e.g. /$ssm_path_prefix/$key_name) | string | `ssh_keys` | no |
-| stage | Stage (e.g. `prod`, `dev`, `staging`) | string | - | yes |
-| tags | Additional tags (e.g. map(`BusinessUnit`,`XYZ`) | map | `<map>` | no |
+| stage | Stage (e.g. `prod`, `dev`, `staging`) | string | `` | no |
+| tags | Additional tags (e.g. map(`BusinessUnit`,`XYZ`) | map(string) | `<map>` | no |
 
 ## Outputs
 
 | Name | Description |
 |------|-------------|
-| public_key | Contents of the generated public key |
+| key_name | Name of SSH key |
+| public_key | Content of the generated public key |
 

examples/complete/example.tfvars → examples/complete/fixtures.us-west-1.tfvars

@@ -1,6 +1,15 @@
-region = "us-east-1"
+region = "us-west-1"
+
+namespace = "eg"
+
+stage = "test"
+
+name = "ssm-tls-ssh-key-pair"
 
 ssh_public_key_name = "id_rsa.pub"
+
 ssh_private_key_name = "id_rsa"
+
 ssh_key_algorithm = "ECDSA"
+
 ssm_path_prefix = "ssh_keys"

examples/complete/main.tf

@@ -1,17 +1,25 @@
 provider "aws" {
-  region = "${var.region}"
+  region = var.region
+}
+
+module "kms_key" {
+  source                  = "git::https://github.com/cloudposse/terraform-aws-kms-key.git?ref=tags/0.2.0"
+  namespace               = var.namespace
+  stage                   = var.stage
+  name                    = var.name
+  description             = "Test KMS key"
+  deletion_window_in_days = 7
+  enable_key_rotation     = false
 }
 
 module "ssm_tls_ssh_key_pair" {
   source               = "../../"
-  namespace            = "${var.namespace}"
-  stage                = "${var.stage}"
-  name                 = "${var.name}"
-  attributes           = "${var.attributes}"
-  tags                 = "${var.tags}"
-  ssm_path_prefix      = "${var.ssm_path_prefix}"
-  ssh_key_algorithm    = "${var.ssh_key_algorithm}"
-  ssh_private_key_name = "${var.ssh_private_key_name}"
-  ssh_public_key_name  = "${var.ssh_public_key_name}"
-  enabled              = "${var.enabled}"
+  namespace            = var.namespace
+  stage                = var.stage
+  name                 = var.name
+  kms_key_id           = module.kms_key.key_id
+  ssm_path_prefix      = var.ssm_path_prefix
+  ssh_key_algorithm    = var.ssh_key_algorithm
+  ssh_private_key_name = var.ssh_private_key_name
+  ssh_public_key_name  = var.ssh_public_key_name
 }

examples/complete/outputs.tf

@@ -0,0 +1,29 @@
+output "ssh_public_key" {
+  value       = module.ssm_tls_ssh_key_pair.public_key
+  description = "Content of the generated public key"
+}
+
+output "ssh_key_name" {
+  value       = module.ssm_tls_ssh_key_pair.key_name
+  description = "Name of SSH key"
+}
+
+output "kms_key_arn" {
+  value       = module.kms_key.key_arn
+  description = "Key ARN"
+}
+
+output "kms_key_id" {
+  value       = module.kms_key.key_id
+  description = "Key ID"
+}
+
+output "kms_alias_arn" {
+  value       = module.kms_key.alias_arn
+  description = "Alias ARN"
+}
+
+output "kms_alias_name" {
+  value       = module.kms_key.alias_name
+  description = "Alias name"
+}

examples/complete/variables.tf

@@ -1,3 +1,8 @@
+variable "region" {
+  type        = "string"
+  description = "AWS Region"
+}
+
 variable "namespace" {
   type        = "string"
   description = "Namespace (e.g. `eg` or `cp`)"
@@ -13,30 +18,6 @@ variable "name" {
   description = "Application or solution name (e.g. `app`)"
 }
 
-variable "delimiter" {
-  type        = "string"
-  default     = "-"
-  description = "Delimiter to be used between `namespace`, `stage`, `name` and `attributes`"
-}
-
-variable "enabled" {
-  type        = "string"
-  description = "Whether to create the resources. Set to `false` to prevent the module from creating any resources"
-  default     = "true"
-}
-
-variable "attributes" {
-  type        = "list"
-  default     = []
-  description = "Additional attributes (e.g. `1`)"
-}
-
-variable "tags" {
-  type        = "map"
-  default     = {}
-  description = "Additional tags (e.g. map(`BusinessUnit`,`XYZ`)"
-}
-
 variable "ssh_public_key_name" {
   type        = "string"
   description = "SSM Parameter name of the SSH public key"
@@ -56,8 +37,3 @@ variable "ssm_path_prefix" {
   type        = "string"
   description = "The SSM parameter path prefix"
 }
-
-variable "region" {
-  type        = "string"
-  description = "AWS Region"
-}