diff --git a/.terraform/plugin_path b/.terraform/plugin_path new file mode 100644 index 0000000..abdcee2 --- /dev/null +++ b/.terraform/plugin_path @@ -0,0 +1,3 @@ +[ + "/usr/local/lib/custom-terraform-plugins" +] \ No newline at end of file diff --git a/Makefile b/Makefile index b8ece9f..d72d3ce 100644 --- a/Makefile +++ b/Makefile @@ -35,22 +35,30 @@ tf-bucket: echo Create terraform state bucket \"$(BUCKET_NAME)\"...; \ aws s3api create-bucket --bucket $(BUCKET_NAME) --acl private --region eu-central-1 --create-bucket-configuration LocationConstraint=eu-central-1 &&\ aws s3api put-bucket-versioning --bucket $(BUCKET_NAME) --versioning-configuration Status=Enabled &&\ - aws s3api put-public-access-block --bucket $(BUCKET_NAME) --public-access-block-configuration BlockPublicAcls=true,IgnorePublicAcls=true,BlockPublicPolicy=true,RestrictPublicBuckets=true; \ + aws s3api put-public-access-block --bucket $(BUCKET_NAME) --public-access-block-configuration BlockPublicAcls=true,IgnorePublicAcls=true,BlockPublicPolicy=true,RestrictPublicBuckets=true &&\ + echo Creating and uploading initial terraform state file...; \ + cd ./terraform &&\ + terraform init &&\ + terraform state push "./.terraform/terraform.tfstate";\ + echo Initial terraform state file uploaded successfully.; \ fi tf-init: tf-bucket cd ./terraform && \ - terraform init -input=false -plugin-dir=/usr/local/lib/custom-terraform-plugins + terraform init + terraform providers mirror /usr/local/lib/custom-terraform-plugins && \ + terraform init -plugin-dir=/usr/local/lib/custom-terraform-plugins -input=false plan: tf-init build-lambda asset_hash $(eval PLAN=$(shell mktemp)) + cd ./terraform && \ terraform plan -input=false \ - -var 'signature_secret="$(SIGNATURE_SECRET)"' \ - -var 'build_version="$(BUILD_VERSION)"' \ - -var 'appname="$(APP_NAME)"' \ - -var 'domainsuffix="$(DOMAIN_SUFFIX)"' \ - -var 'asset_hash="$(ASSET_HASH)"' \ + -var 'signature_secret=$(SIGNATURE_SECRET)' \ + -var 'build_version=$(BUILD_VERSION)' \ + -var 'appname=$(APP_NAME)' \ + -var 'domainsuffix=$(DOMAIN_SUFFIX)' \ + -var 'asset_hash=$(ASSET_HASH)' \ -out=$(PLAN) apply: plan diff --git a/README.md b/README.md index f9128fd..2cd8dd5 100644 --- a/README.md +++ b/README.md @@ -294,4 +294,3 @@ Thanks to the following projects for inspiration * [Starting an Open Source Project](https://opensource.guide/starting-a-project/) * [README template](https://gist.github.com/PurpleBooth/109311bb0361f32d87a2) * [CONTRIBUTING template](https://github.com/nayafia/contributing-template/blob/master/CONTRIBUTING-template.md) - diff --git a/buildcontainer/Dockerfile b/buildcontainer/Dockerfile index b23a512..07934d3 100644 --- a/buildcontainer/Dockerfile +++ b/buildcontainer/Dockerfile @@ -9,8 +9,8 @@ RUN apt-get update && \ # go ENV GOPATH /go ENV PATH $GOPATH/bin:/usr/local/go/bin:$PATH -ENV GOLANG_VERSION 1.13.4 -ENV GOLANG_CHECKSUM 692d17071736f74be04a72a06dab9cac1cd759377bd85316e52b2227604c004c +ENV GOLANG_VERSION 1.18.3 +ENV GOLANG_CHECKSUM 956f8507b302ab0bb747613695cdae10af99bbd39a90cae522b7c0302cc27245 RUN curl -fsSL https://storage.googleapis.com/golang/go${GOLANG_VERSION}.linux-amd64.tar.gz -o golang.tar.gz && \ echo "${GOLANG_CHECKSUM} golang.tar.gz" | sha256sum -c - && \ tar -C /usr/local -xzf golang.tar.gz && \ @@ -19,11 +19,11 @@ RUN curl -fsSL https://storage.googleapis.com/golang/go${GOLANG_VERSION}.linux-a GOOS=windows GOARCH=amd64 go install -v std # go-junit-report https://github.com/jstemmer/go-junit-report -RUN go get -u github.com/jstemmer/go-junit-report +RUN go install github.com/jstemmer/go-junit-report@latest # terraform -ENV TERRAFORM_VERSION 0.11.13 -ENV TERRAFORM_CHECKSUM 5925cd4d81e7d8f42a0054df2aafd66e2ab7408dbed2bd748f0022cfe592f8d2 +ENV TERRAFORM_VERSION 1.2.3 +ENV TERRAFORM_CHECKSUM 728b6fbcb288ad1b7b6590585410a98d3b7e05efe4601ef776c37e15e9a83a96 RUN curl -fsSL https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_linux_amd64.zip -o terraform.zip && \ echo "${TERRAFORM_CHECKSUM} terraform.zip" | sha256sum -c - && \ unzip terraform.zip -d /usr/local/bin && chmod +x /usr/local/bin/terraform ; rm terraform.zip @@ -43,15 +43,15 @@ RUN curl -fsSL https://releases.hashicorp.com/terraform-provider-template/${TERR unzip terraform_template_plugin.zip -d /usr/local/lib/custom-terraform-plugins ; rm terraform_template_plugin.zip # terraform null provider plugin -ENV TERRAFORM_NULL_PLUGIN_VERSION 2.1.1 -ENV TERRAFORM_NULL_PLUGIN_CHECKSUM 5b29f6a87f4dae4dc295a43f499182221333dbe474fcf724b8ea98fd38cfb3e6 +ENV TERRAFORM_NULL_PLUGIN_VERSION 3.1.1 +ENV TERRAFORM_NULL_PLUGIN_CHECKSUM 976bbaf268cb497400fd5b3c774d218f3933271864345f18deebe4dcbfcd6afa RUN curl -fsSL https://releases.hashicorp.com/terraform-provider-null/${TERRAFORM_NULL_PLUGIN_VERSION}/terraform-provider-null_${TERRAFORM_NULL_PLUGIN_VERSION}_linux_amd64.zip -o terraform_null_plugin.zip && \ echo "${TERRAFORM_NULL_PLUGIN_CHECKSUM} terraform_null_plugin.zip" | sha256sum -c - && \ unzip terraform_null_plugin.zip -d /usr/local/lib/custom-terraform-plugins ; rm terraform_null_plugin.zip # terraform aws provider plugin -ENV TERRAFORM_AWS_PLUGIN_VERSION 2.23.0 -ENV TERRAFORM_AWS_PLUGIN_CHECKSUM 8076270dfd8d31edc8aa7092f68d3d97c03104b8e47f8e2399d8688b43476d5e +ENV TERRAFORM_AWS_PLUGIN_VERSION 4.19.0 +ENV TERRAFORM_AWS_PLUGIN_CHECKSUM 9bb3919bd6d94fb22025540f0c1db5eceec8927bd71b8fbdcd295609c999065f RUN curl -fsSL https://releases.hashicorp.com/terraform-provider-aws/${TERRAFORM_AWS_PLUGIN_VERSION}/terraform-provider-aws_${TERRAFORM_AWS_PLUGIN_VERSION}_linux_amd64.zip -o terraform_aws_plugin.zip && \ echo "${TERRAFORM_AWS_PLUGIN_CHECKSUM} terraform_aws_plugin.zip" | sha256sum -c - && \ unzip terraform_aws_plugin.zip -d /usr/local/lib/custom-terraform-plugins ; rm terraform_aws_plugin.zip @@ -63,4 +63,5 @@ RUN curl https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip -o awscliv2.zi rm awscliv2.zip && rm -rf ./aws WORKDIR /build + ENTRYPOINT [ "/usr/bin/make" ] diff --git a/domain/plugins/conf/config.go b/domain/plugins/conf/config.go index 9802b9b..6876a78 100644 --- a/domain/plugins/conf/config.go +++ b/domain/plugins/conf/config.go @@ -4,8 +4,9 @@ package conf import ( "context" "encoding/base64" - "github.com/d-velop/dvelop-sdk-go/log" "os" + + "github.com/d-velop/dvelop-sdk-go/log" ) const AppName = "acme-apptemplatego" diff --git a/domain/plugins/gui/templates/templatefs_generate.go b/domain/plugins/gui/templates/templatefs_generate.go index 215457c..2608f6e 100644 --- a/domain/plugins/gui/templates/templatefs_generate.go +++ b/domain/plugins/gui/templates/templatefs_generate.go @@ -1,4 +1,4 @@ -// +build ignore +//go:build exclude // Command to generate an in memory version of the Templatefilesystem // cf. https://github.com/shurcooL/vfsgen diff --git a/go.mod b/go.mod index 97dce5c..9ee34f5 100644 --- a/go.mod +++ b/go.mod @@ -1,16 +1,23 @@ module github.com/d-velop/dvelop-app-template-go require ( - github.com/d-velop/dvelop-sdk-go/contentnegotiation v0.0.0-20191113150508-0c1d447d5696 - github.com/d-velop/dvelop-sdk-go/idp v0.0.0-20191113150508-0c1d447d5696 - github.com/d-velop/dvelop-sdk-go/log v0.0.0-20191113150508-0c1d447d5696 - github.com/d-velop/dvelop-sdk-go/requestid v0.0.0-20191113150508-0c1d447d5696 - github.com/d-velop/dvelop-sdk-go/requestlog v0.0.0-20191113150508-0c1d447d5696 - github.com/d-velop/dvelop-sdk-go/tenant v0.0.0-20191113150508-0c1d447d5696 - github.com/justinas/alice v0.0.0-20171023064455-03f45bd4b7da + github.com/d-velop/dvelop-sdk-go/contentnegotiation v0.0.0-20220420084038-aa8114534460 + github.com/d-velop/dvelop-sdk-go/idp v0.0.0-20220420084038-aa8114534460 + github.com/d-velop/dvelop-sdk-go/lambda v0.0.0-20220420084038-aa8114534460 + github.com/d-velop/dvelop-sdk-go/log v0.0.0-20220420084038-aa8114534460 + github.com/d-velop/dvelop-sdk-go/requestid v0.0.0-20220420084038-aa8114534460 + github.com/d-velop/dvelop-sdk-go/requestlog v0.0.0-20220420084038-aa8114534460 + github.com/d-velop/dvelop-sdk-go/tenant v0.0.0-20220420084038-aa8114534460 + github.com/justinas/alice v1.2.0 github.com/satori/go.uuid v1.2.1-0.20181028125025-b2ce2384e17b - github.com/shurcooL/httpfs v0.0.0-20171119174359-809beceb2371 - github.com/shurcooL/vfsgen v0.0.0-20181020040650-a97a25d856ca // indirect + github.com/shurcooL/httpfs v0.0.0-20190707220628-8d4bc4ba7749 + github.com/shurcooL/vfsgen v0.0.0-20200824052919-0d455de96546 ) -go 1.13 +require ( + github.com/aws/aws-lambda-go v1.33.0 // indirect + github.com/patrickmn/go-cache v2.1.0+incompatible // indirect + golang.org/x/tools v0.1.11 // indirect +) + +go 1.18 diff --git a/go.sum b/go.sum index b864466..ddaea00 100644 --- a/go.sum +++ b/go.sum @@ -1,87 +1,47 @@ -github.com/aws/aws-lambda-go v1.8.0 h1:YMCzi9FP7MNVVj9AkGpYyaqh/mvFOjhqiDtnNlWtKTg= -github.com/aws/aws-lambda-go v1.8.0/go.mod h1:zUsUQhAUjYzR8AuduJPCfhBuKWUaDbQiPOG+ouzmE1A= -github.com/d-velop/dvelop-sdk-go v0.0.0-20191107075108-483e363b4ba6 h1:OKb3o9zxisqdQJCXTXPaX+QTegiIemeaysZykI+Oq/4= -github.com/d-velop/dvelop-sdk-go v0.0.0-20191107085044-56b79e6224e9 h1:UTVif1zGHnqoELYubTbQKPfzBE3Qrn4PFV46Cehc+sw= -github.com/d-velop/dvelop-sdk-go v0.0.0-20191108163019-c53e0293d7dc h1:Khe0P0CGFnpiGiY7pngoWTLZACz7Bemd5YQJRcObKBc= -github.com/d-velop/dvelop-sdk-go v0.0.0-20191113150508-0c1d447d5696 h1:Mp1N9eb9gdEuDTnyKNC2eeZvedG+OBjU204CkStAIZw= -github.com/d-velop/dvelop-sdk-go/contentnegotiation v0.0.0-20181220074725-b377df504a0e h1:2NSCL0VHLIilATJVBtNul6W351oTO6/8lXHb11A4nTA= -github.com/d-velop/dvelop-sdk-go/contentnegotiation v0.0.0-20181220074725-b377df504a0e/go.mod h1:eRISj8VauYGjgWCPtsvWqVyG/dbbbxjYkU/gCnTEbeg= -github.com/d-velop/dvelop-sdk-go/contentnegotiation v0.0.0-20191107075108-483e363b4ba6 h1:E0MrQmcheaMH23AOp3cQYzJ1LQL6Ctb33osKYpTzlKI= -github.com/d-velop/dvelop-sdk-go/contentnegotiation v0.0.0-20191107075108-483e363b4ba6/go.mod h1:siqr3lWF1fkZLwPyYGhcm+4XlWqsnEIb5I+Od0b4efY= -github.com/d-velop/dvelop-sdk-go/contentnegotiation v0.0.0-20191107085044-56b79e6224e9 h1:0fqyMwD440TELE7dUhwfIUef1vOT6eK5EHlLtCIJ9Qw= -github.com/d-velop/dvelop-sdk-go/contentnegotiation v0.0.0-20191107085044-56b79e6224e9/go.mod h1:siqr3lWF1fkZLwPyYGhcm+4XlWqsnEIb5I+Od0b4efY= -github.com/d-velop/dvelop-sdk-go/contentnegotiation v0.0.0-20191108163019-c53e0293d7dc h1:BMVYJpVbo4FpYF8MUn0g4lXsUtI5pSIkmlEwg28vf8Y= -github.com/d-velop/dvelop-sdk-go/contentnegotiation v0.0.0-20191108163019-c53e0293d7dc/go.mod h1:siqr3lWF1fkZLwPyYGhcm+4XlWqsnEIb5I+Od0b4efY= -github.com/d-velop/dvelop-sdk-go/contentnegotiation v0.0.0-20191113150508-0c1d447d5696 h1:KFRyT74ZaBc36co7Fk5QFQZW8PW1HIdVI86GY1IEkjA= -github.com/d-velop/dvelop-sdk-go/contentnegotiation v0.0.0-20191113150508-0c1d447d5696/go.mod h1:siqr3lWF1fkZLwPyYGhcm+4XlWqsnEIb5I+Od0b4efY= -github.com/d-velop/dvelop-sdk-go/idp v0.0.0-20190124101707-3866f3fdcaff h1:4kCBw/6sCti89Ieze9mfT1Vo0DcLP5VJYG3ZdYA+4ok= -github.com/d-velop/dvelop-sdk-go/idp v0.0.0-20190124101707-3866f3fdcaff/go.mod h1:5QIi4aF/LsVOQ3vwcnKX9OdICQhdeaGlBmP5Bg+3ZyE= -github.com/d-velop/dvelop-sdk-go/idp v0.0.0-20190131133641-6dc0569413a4 h1:NvdIS0aLcskfNcQfV++avL4cYl9pzIHWSnhCSrJjdmI= -github.com/d-velop/dvelop-sdk-go/idp v0.0.0-20190131133641-6dc0569413a4/go.mod h1:5QIi4aF/LsVOQ3vwcnKX9OdICQhdeaGlBmP5Bg+3ZyE= -github.com/d-velop/dvelop-sdk-go/idp v0.0.0-20191107075108-483e363b4ba6 h1:IWsFsNU7KNuJJy8s5GGqYWsHLK6ksSXUNj11EwxKc9M= -github.com/d-velop/dvelop-sdk-go/idp v0.0.0-20191107075108-483e363b4ba6/go.mod h1:hYIgGr4cfeFcwoiDLD42ObuELPlvBB1gB/io39efWvY= -github.com/d-velop/dvelop-sdk-go/idp v0.0.0-20191107085044-56b79e6224e9 h1:+6Cq5LqmFuskSLaRu8cagr8W8LpnBzQjp/NnCZROqro= -github.com/d-velop/dvelop-sdk-go/idp v0.0.0-20191107085044-56b79e6224e9/go.mod h1:hYIgGr4cfeFcwoiDLD42ObuELPlvBB1gB/io39efWvY= -github.com/d-velop/dvelop-sdk-go/idp v0.0.0-20191108163019-c53e0293d7dc h1:PoXGkXIDhqoGw9J4lHYYJCeJ7yMJWPWPxuqZ9D8WrrM= -github.com/d-velop/dvelop-sdk-go/idp v0.0.0-20191108163019-c53e0293d7dc/go.mod h1:tdtjosPO8VAqJcg+EsK82c4YR0Giq+iRGV4hEIS4Dsg= -github.com/d-velop/dvelop-sdk-go/idp v0.0.0-20191113150508-0c1d447d5696 h1:ulp3smVd20AGgLq/metXQw03qsbAHLUUeCaCS/pc0Ec= -github.com/d-velop/dvelop-sdk-go/idp v0.0.0-20191113150508-0c1d447d5696/go.mod h1:tdtjosPO8VAqJcg+EsK82c4YR0Giq+iRGV4hEIS4Dsg= -github.com/d-velop/dvelop-sdk-go/lambda v0.0.0-20181220074725-b377df504a0e h1:ZS3bfM6xlYiK3C9+mOK+6FiYC5DALy7TqXFQz3DcC3g= -github.com/d-velop/dvelop-sdk-go/lambda v0.0.0-20181220074725-b377df504a0e/go.mod h1:g83TtS3HBXx+yd6r40Lb2rWAV65Xx0vCBP4H+b2lnB0= -github.com/d-velop/dvelop-sdk-go/lambda v0.0.0-20191107075108-483e363b4ba6 h1:ayo7xN8SdDzKtFIM6N1WtPJ4KcZgN47cNwkosUgSDqY= -github.com/d-velop/dvelop-sdk-go/lambda v0.0.0-20191107075108-483e363b4ba6/go.mod h1:N+XEBdu8nZNEW09dMbWqAtUetluyXejX5Z6EUVfesfg= -github.com/d-velop/dvelop-sdk-go/lambda v0.0.0-20191107085044-56b79e6224e9 h1:PMzxfjGHsTMiUn0TS/p49fg4yNL8yiMJQKTnH8ShOx8= -github.com/d-velop/dvelop-sdk-go/lambda v0.0.0-20191107085044-56b79e6224e9/go.mod h1:N+XEBdu8nZNEW09dMbWqAtUetluyXejX5Z6EUVfesfg= -github.com/d-velop/dvelop-sdk-go/log v0.0.0-20181220074725-b377df504a0e h1:Cb+amkkDuVfVtvV1CcLUXX/cNCxrgOxf5n+ky1JQVMY= -github.com/d-velop/dvelop-sdk-go/log v0.0.0-20181220074725-b377df504a0e/go.mod h1:x9iWHuId9n6HYwaYm7o57nRX4GQt8/CHnUheHZlByi0= -github.com/d-velop/dvelop-sdk-go/log v0.0.0-20191107075108-483e363b4ba6 h1:bCT8EEULllq7JAW3fcWv9QZCdUZo+tv9ysArzOtlVIw= -github.com/d-velop/dvelop-sdk-go/log v0.0.0-20191107075108-483e363b4ba6/go.mod h1:SAb14GKvscMkBXYLVHrqywqlUzogrL1DoYfiA8QBWqw= -github.com/d-velop/dvelop-sdk-go/log v0.0.0-20191107085044-56b79e6224e9 h1:D5AiSfkUaGVKzKx1HBPdDe1uyXiphNpSbhgaP1oPwrg= -github.com/d-velop/dvelop-sdk-go/log v0.0.0-20191107085044-56b79e6224e9/go.mod h1:SAb14GKvscMkBXYLVHrqywqlUzogrL1DoYfiA8QBWqw= -github.com/d-velop/dvelop-sdk-go/log v0.0.0-20191108163019-c53e0293d7dc h1:kYt/JZrg+QybJxjKtmeymxalft1NteUOqb4X4v/D0ss= -github.com/d-velop/dvelop-sdk-go/log v0.0.0-20191108163019-c53e0293d7dc/go.mod h1:SAb14GKvscMkBXYLVHrqywqlUzogrL1DoYfiA8QBWqw= -github.com/d-velop/dvelop-sdk-go/log v0.0.0-20191113150508-0c1d447d5696 h1:mQ6bTJsia+GL38dg3IlbbwqxW9aCWbFGVQ0CJg8DP4o= -github.com/d-velop/dvelop-sdk-go/log v0.0.0-20191113150508-0c1d447d5696/go.mod h1:SAb14GKvscMkBXYLVHrqywqlUzogrL1DoYfiA8QBWqw= -github.com/d-velop/dvelop-sdk-go/requestid v0.0.0-20181220074725-b377df504a0e h1:eakpqJvDYOlgiutbg9ZLrSAW9cK4A6YnyjrrvHOmr6g= -github.com/d-velop/dvelop-sdk-go/requestid v0.0.0-20181220074725-b377df504a0e/go.mod h1:jiovSyiq+ZjYjOsz1VTT0XR72yw07xMRYDLyZXX1w9k= -github.com/d-velop/dvelop-sdk-go/requestid v0.0.0-20191107075108-483e363b4ba6 h1:Ve6DP9dEtT7lv1lm9oYq/Z6YWecgZOxz/EDCx19FUFg= -github.com/d-velop/dvelop-sdk-go/requestid v0.0.0-20191107075108-483e363b4ba6/go.mod h1:2VF207teJDk0FX8LXVqwiVPGua2RHJ0wPlIOHgaMSs0= -github.com/d-velop/dvelop-sdk-go/requestid v0.0.0-20191107085044-56b79e6224e9 h1:LF0FUXCv+P8BiJr+3RZI7J6mQWF0+9gOxI9+MDtYaHI= -github.com/d-velop/dvelop-sdk-go/requestid v0.0.0-20191107085044-56b79e6224e9/go.mod h1:2VF207teJDk0FX8LXVqwiVPGua2RHJ0wPlIOHgaMSs0= -github.com/d-velop/dvelop-sdk-go/requestid v0.0.0-20191108163019-c53e0293d7dc h1:BgbgLYx78im3gnI65+yKLRELx99fQ1Z1WpupaXHQQa8= -github.com/d-velop/dvelop-sdk-go/requestid v0.0.0-20191108163019-c53e0293d7dc/go.mod h1:2VF207teJDk0FX8LXVqwiVPGua2RHJ0wPlIOHgaMSs0= -github.com/d-velop/dvelop-sdk-go/requestid v0.0.0-20191113150508-0c1d447d5696 h1:gkzcdsV3jBPK9NqFE/atCeRMoX3u+pWKr9wCFcbwtGw= -github.com/d-velop/dvelop-sdk-go/requestid v0.0.0-20191113150508-0c1d447d5696/go.mod h1:2VF207teJDk0FX8LXVqwiVPGua2RHJ0wPlIOHgaMSs0= -github.com/d-velop/dvelop-sdk-go/requestlog v0.0.0-20181220074725-b377df504a0e h1:4kNDr24l8I0vgSuZwBIIEAQAdPKYbNb21D1F7yqUDT4= -github.com/d-velop/dvelop-sdk-go/requestlog v0.0.0-20181220074725-b377df504a0e/go.mod h1:TWy+RRJNBCTSnuP87WBE1K0H8ytuWH4ygpnL+GDTrvg= -github.com/d-velop/dvelop-sdk-go/requestlog v0.0.0-20191107075108-483e363b4ba6 h1:zuomOt3hlrATRBDyJzVrikVr3KzIRVc8ZZWz2PqRufM= -github.com/d-velop/dvelop-sdk-go/requestlog v0.0.0-20191107075108-483e363b4ba6/go.mod h1:YwzXZ7Nh3brVnmQ37nZm3u1w+7YEH6jcZ5cyuYtwLzE= -github.com/d-velop/dvelop-sdk-go/requestlog v0.0.0-20191107085044-56b79e6224e9 h1:+G2e1d1GNxpJZWIDifM5hNgiyi8vBMz7iqzGVR1TS30= -github.com/d-velop/dvelop-sdk-go/requestlog v0.0.0-20191107085044-56b79e6224e9/go.mod h1:YwzXZ7Nh3brVnmQ37nZm3u1w+7YEH6jcZ5cyuYtwLzE= -github.com/d-velop/dvelop-sdk-go/requestlog v0.0.0-20191108163019-c53e0293d7dc h1:zh/Q7/qbYBskJcYYAF60KzyyKzNuNfzFBgSBOxEhYnk= -github.com/d-velop/dvelop-sdk-go/requestlog v0.0.0-20191108163019-c53e0293d7dc/go.mod h1:YwzXZ7Nh3brVnmQ37nZm3u1w+7YEH6jcZ5cyuYtwLzE= -github.com/d-velop/dvelop-sdk-go/requestlog v0.0.0-20191113150508-0c1d447d5696 h1:j/biT7gWAibCO8kV34mfz31oDwqGQnyBkzlW1manlmA= -github.com/d-velop/dvelop-sdk-go/requestlog v0.0.0-20191113150508-0c1d447d5696/go.mod h1:YwzXZ7Nh3brVnmQ37nZm3u1w+7YEH6jcZ5cyuYtwLzE= -github.com/d-velop/dvelop-sdk-go/tenant v0.0.0-20181220074725-b377df504a0e h1:TdHte0IHKQrhyj9s1Odz2nM+WCxckB+YlAqZBzqJ89k= -github.com/d-velop/dvelop-sdk-go/tenant v0.0.0-20181220074725-b377df504a0e/go.mod h1:cG8QRBW1gufkeNNH2PPx5cp8Gdnr5eaqWJt931c4Ipo= -github.com/d-velop/dvelop-sdk-go/tenant v0.0.0-20190124101707-3866f3fdcaff h1:5ef2RIxlSz9du0p3lYLuK2t5CftzD16hk182WHHpQpY= -github.com/d-velop/dvelop-sdk-go/tenant v0.0.0-20190124101707-3866f3fdcaff/go.mod h1:cG8QRBW1gufkeNNH2PPx5cp8Gdnr5eaqWJt931c4Ipo= -github.com/d-velop/dvelop-sdk-go/tenant v0.0.0-20191107075108-483e363b4ba6 h1:/UGbQ5oo2Uj2RP/RyY/QyILh/fdGfYbgzo4aEsaYvTU= -github.com/d-velop/dvelop-sdk-go/tenant v0.0.0-20191107075108-483e363b4ba6/go.mod h1:KIBwkM3Td/vgbgLD5wWPXf0BM+Tv9gVOdvRP5dfWZ8w= -github.com/d-velop/dvelop-sdk-go/tenant v0.0.0-20191107085044-56b79e6224e9 h1:XmZCR/zyeUSqJIZ+Yim7NNt2C406OLvpJUxgS9HY34w= -github.com/d-velop/dvelop-sdk-go/tenant v0.0.0-20191107085044-56b79e6224e9/go.mod h1:KIBwkM3Td/vgbgLD5wWPXf0BM+Tv9gVOdvRP5dfWZ8w= -github.com/d-velop/dvelop-sdk-go/tenant v0.0.0-20191108163019-c53e0293d7dc h1:I9KJBvDVzmOoaub9HOzlf23/ubsHtaKoQHCJBfxDvI4= -github.com/d-velop/dvelop-sdk-go/tenant v0.0.0-20191108163019-c53e0293d7dc/go.mod h1:KIBwkM3Td/vgbgLD5wWPXf0BM+Tv9gVOdvRP5dfWZ8w= -github.com/d-velop/dvelop-sdk-go/tenant v0.0.0-20191113150508-0c1d447d5696 h1:anIsX+gPQ7f0IYVScG82Zw04I3kF3TD+WzCDgcj6INM= -github.com/d-velop/dvelop-sdk-go/tenant v0.0.0-20191113150508-0c1d447d5696/go.mod h1:KIBwkM3Td/vgbgLD5wWPXf0BM+Tv9gVOdvRP5dfWZ8w= +github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/aws/aws-lambda-go v1.17.0/go.mod h1:FEwgPLE6+8wcGBTe5cJN3JWurd1Ztm9zN4jsXsjzKKw= +github.com/aws/aws-lambda-go v1.33.0 h1:n4kw3zie82vPpLLN58ahlYHBz9k8QeK2svQep+jGnB8= +github.com/aws/aws-lambda-go v1.33.0/go.mod h1:jwFe2KmMsHmffA1X2R09hH6lFzJQxzI8qK17ewzbQMM= +github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= +github.com/d-velop/dvelop-sdk-go/contentnegotiation v0.0.0-20220420084038-aa8114534460 h1:2TwRxnW98NNmn90wLUZg0KMTm/KMLV/lv0Ou9AG/emM= +github.com/d-velop/dvelop-sdk-go/contentnegotiation v0.0.0-20220420084038-aa8114534460/go.mod h1:siqr3lWF1fkZLwPyYGhcm+4XlWqsnEIb5I+Od0b4efY= +github.com/d-velop/dvelop-sdk-go/idp v0.0.0-20220420084038-aa8114534460 h1:N5gYV9dFvZMFGrtb0VfrwaU7lXTD3bGaBwPy6Go2MCw= +github.com/d-velop/dvelop-sdk-go/idp v0.0.0-20220420084038-aa8114534460/go.mod h1:tdtjosPO8VAqJcg+EsK82c4YR0Giq+iRGV4hEIS4Dsg= +github.com/d-velop/dvelop-sdk-go/lambda v0.0.0-20220420084038-aa8114534460 h1:o9Se3hM8OjEad/aCk1qfsO4qWNNDJNILcdB1/rwZpZs= +github.com/d-velop/dvelop-sdk-go/lambda v0.0.0-20220420084038-aa8114534460/go.mod h1:/GFOm3KjeaYhfbrVOTxcRByVrMVsRQtgDP8DQat9fvs= +github.com/d-velop/dvelop-sdk-go/log v0.0.0-20220420084038-aa8114534460 h1:m3H3x4KMxp3XCVSensR/6iYXHQ30GhYeKlD3IzRc3zo= +github.com/d-velop/dvelop-sdk-go/log v0.0.0-20220420084038-aa8114534460/go.mod h1:SAb14GKvscMkBXYLVHrqywqlUzogrL1DoYfiA8QBWqw= +github.com/d-velop/dvelop-sdk-go/requestid v0.0.0-20220420084038-aa8114534460 h1:7uAk7s47nC8aRj4PGKq5NiV9bPCr0b64j03xIvon2sg= +github.com/d-velop/dvelop-sdk-go/requestid v0.0.0-20220420084038-aa8114534460/go.mod h1:2VF207teJDk0FX8LXVqwiVPGua2RHJ0wPlIOHgaMSs0= +github.com/d-velop/dvelop-sdk-go/requestlog v0.0.0-20220420084038-aa8114534460 h1:ru0CSHtpdASpLNGRPoo8wWBv8ACOUaUR8ktGSwc6dBU= +github.com/d-velop/dvelop-sdk-go/requestlog v0.0.0-20220420084038-aa8114534460/go.mod h1:YwzXZ7Nh3brVnmQ37nZm3u1w+7YEH6jcZ5cyuYtwLzE= +github.com/d-velop/dvelop-sdk-go/tenant v0.0.0-20220420084038-aa8114534460 h1:XTDg3o973BJwF6h5+zsb5t5MCudCBPjGDhl2LgZr6Eo= +github.com/d-velop/dvelop-sdk-go/tenant v0.0.0-20220420084038-aa8114534460/go.mod h1:KIBwkM3Td/vgbgLD5wWPXf0BM+Tv9gVOdvRP5dfWZ8w= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= +github.com/google/go-cmp v0.3.1 h1:Xye71clBPdm5HgqGwUkwhbynsUJZhDbS20FvLhQ2izg= github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= -github.com/justinas/alice v0.0.0-20171023064455-03f45bd4b7da h1:5y58+OCjoHCYB8182mpf/dEsq0vwTKPOo4zGfH0xW9A= -github.com/justinas/alice v0.0.0-20171023064455-03f45bd4b7da/go.mod h1:oLH0CmIaxCGXD67VKGR5AacGXZSMznlmeqM8RzPrcY8= +github.com/justinas/alice v1.2.0 h1:+MHSA/vccVCF4Uq37S42jwlkvI2Xzl7zTPCN5BnZNVo= +github.com/justinas/alice v1.2.0/go.mod h1:fN5HRH/reO/zrUflLfTN43t3vXvKzvZIENsNEe7i7qA= github.com/patrickmn/go-cache v2.1.0+incompatible h1:HRMgzkcYKYpi3C8ajMPV8OFXaaRUnok+kx1WdO15EQc= github.com/patrickmn/go-cache v2.1.0+incompatible/go.mod h1:3Qf8kWWT7OJRJbdiICTKqZju1ZixQ/KpMGzzAfe6+WQ= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/satori/go.uuid v1.2.1-0.20181028125025-b2ce2384e17b h1:gQZ0qzfKHQIybLANtM3mBXNUtOfsCFXeTsnBqCsx1KM= github.com/satori/go.uuid v1.2.1-0.20181028125025-b2ce2384e17b/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0= -github.com/shurcooL/httpfs v0.0.0-20171119174359-809beceb2371 h1:SWV2fHctRpRrp49VXJ6UZja7gU9QLHwRpIPBN89SKEo= -github.com/shurcooL/httpfs v0.0.0-20171119174359-809beceb2371/go.mod h1:ZY1cvUeJuFPAdZ/B6v7RHavJWZn2YPVFQ1OSXhCGOkg= -github.com/shurcooL/vfsgen v0.0.0-20181020040650-a97a25d856ca h1:3fECS8atRjByijiI8yYiuwLwQ2ZxXobW7ua/8GRB3pI= -github.com/shurcooL/vfsgen v0.0.0-20181020040650-a97a25d856ca/go.mod h1:TrYk7fJVaAttu97ZZKrO9UbRa8izdowaMIZcxYMbVaw= +github.com/shurcooL/httpfs v0.0.0-20190707220628-8d4bc4ba7749 h1:bUGsEnyNbVPw06Bs80sCeARAlK8lhwqGyi6UT8ymuGk= +github.com/shurcooL/httpfs v0.0.0-20190707220628-8d4bc4ba7749/go.mod h1:ZY1cvUeJuFPAdZ/B6v7RHavJWZn2YPVFQ1OSXhCGOkg= +github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= +github.com/shurcooL/vfsgen v0.0.0-20200824052919-0d455de96546 h1:pXY9qYc/MP5zdvqWEUH6SjNiu7VhSjuVFTFiTcphaLU= +github.com/shurcooL/vfsgen v0.0.0-20200824052919-0d455de96546/go.mod h1:TrYk7fJVaAttu97ZZKrO9UbRa8izdowaMIZcxYMbVaw= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= +github.com/stretchr/testify v1.7.2 h1:4jaiDzPyXQvSd7D0EjG45355tLlV3VOECpq10pLC+8s= +github.com/urfave/cli/v2 v2.1.1/go.mod h1:SE9GqnLQmjVa0iPEY0f1w3ygNIYcIJ0OKPMoW2caLfQ= +golang.org/x/tools v0.1.11 h1:loJ25fNOEhSXfHrpoGj91eCUThwdNX6u24rO1xnNteY= +golang.org/x/tools v0.1.11/go.mod h1:SgwaegtQh8clINPpECJMqnxLv9I09HLqnW3RMqW0CA4= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= diff --git a/terraform/.terraform.lock.hcl b/terraform/.terraform.lock.hcl new file mode 100644 index 0000000..9a37c32 --- /dev/null +++ b/terraform/.terraform.lock.hcl @@ -0,0 +1,22 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/hashicorp/aws" { + version = "4.23.0" + constraints = "~> 4.0" + hashes = [ + "h1:JDJLmKK61GLw8gHQtCzmvlwPNZIu46/M5uBg/TDlBa0=", + "zh:17adbedc9a80afc571a8de7b9bfccbe2359e2b3ce1fffd02b456d92248ec9294", + "zh:23d8956b031d78466de82a3d2bbe8c76cc58482c931af311580b8eaef4e6a38f", + "zh:343fe19e9a9f3021e26f4af68ff7f4828582070f986b6e5e5b23d89df5514643", + "zh:6b8ff83d884b161939b90a18a4da43dd464c4b984f54b5f537b2870ce6bd94bc", + "zh:7777d614d5e9d589ad5508eecf4c6d8f47d50fcbaf5d40fa7921064240a6b440", + "zh:82f4578861a6fd0cde9a04a1926920bd72d993d524e5b34d7738d4eff3634c44", + "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", + "zh:a08fefc153bbe0586389e814979cf7185c50fcddbb2082725991ed02742e7d1e", + "zh:ae789c0e7cb777d98934387f8888090ccb2d8973ef10e5ece541e8b624e1fb00", + "zh:b4608aab78b4dbb32c629595797107fc5a84d1b8f0682f183793d13837f0ecf0", + "zh:ed2c791c2354764b565f9ba4be7fc845c619c1a32cefadd3154a5665b312ab00", + "zh:f94ac0072a8545eebabf417bc0acbdc77c31c006ad8760834ee8ee5cdb64e743", + ] +} diff --git a/terraform/backend.tf b/terraform/backend.tf index 216406c..9265034 100644 --- a/terraform/backend.tf +++ b/terraform/backend.tf @@ -17,19 +17,19 @@ terraform { data "terraform_remote_state" "app" { backend = "s3" - config { + config = { # bucket names must be globally unique across all AWS customers # so we choose a combination of company prefix ('acme') # and purpose (terraform) and appname (apptemplatego) bucket = "acme-apptemplatego-terraform" key = "state" - # variables can't be used region = "eu-central-1" } - defaults { + defaults = { source_code_hash = "0" build_version = "0" } } + diff --git a/terraform/main.tf b/terraform/main.tf index 74ce1e1..704aaf6 100644 --- a/terraform/main.tf +++ b/terraform/main.tf @@ -2,7 +2,7 @@ locals { assets_bucket_name = "${var.appname}-assets" lambda_file = "../dist/lambda.zip" - source_code_hash = "${base64sha256(file("${local.lambda_file}"))}" + source_code_hash = filebase64sha256(local.lambda_file) # Unfortunately there is a bug in terraform which leads to the destruction of existing resources if # the element order of lists and maps changes cf. https://github.com/hashicorp/terraform/issues/16210 @@ -16,18 +16,18 @@ locals { } // to avoid unnecessary lambda function deployments the build version env var is only changed if the lambda function code has been changed - build_version = "${local.source_code_hash != data.terraform_remote_state.app.source_code_hash ? var.build_version : data.terraform_remote_state.app.build_version}" + build_version = local.source_code_hash != data.terraform_remote_state.app.outputs.source_code_hash ? var.build_version : data.terraform_remote_state.app.outputs.build_version } module "serverless_lambda_app" { - source = "modules/serverless_lambda_app" - stages = "${local.stages}" - appname = "${var.appname}" - lambda_file = "${local.lambda_file}" - source_code_hash = "${local.source_code_hash}" + source = "./modules/serverless_lambda_app" + stages = local.stages + appname = var.appname + lambda_file = local.lambda_file + source_code_hash = local.source_code_hash lambda_handler = "lambda" lambda_runtime = "go1.x" - assets_bucket_name = "${local.assets_bucket_name}" + assets_bucket_name = local.assets_bucket_name # Which rights should the lambda function have. # Terraform user must have appropriate rights to attach these policies! @@ -37,14 +37,13 @@ module "serverless_lambda_app" { ] lambda_environment_vars = { - SIGNATURE_SECRET = "${var.signature_secret}" - BUILD_VERSION = "${local.build_version}" - + SIGNATURE_SECRET = var.signature_secret + BUILD_VERSION = local.build_version # change to ASSET_BASE_PATH = "https://${module.asset_cdn.dns_name}/${var.asset_hash}" if asset_cdn is enabled ASSET_BASE_PATH = "https://${local.assets_bucket_name}.s3.amazonaws.com/${var.asset_hash}" } - aws_region = "${var.aws_region}" + aws_region = var.aws_region } # Uncomment if you want to use cloudfront (a CDN) to deliver your assets OR custom domain names for your API endpoints. @@ -60,7 +59,6 @@ output "nameserver" { value = "${aws_route53_zone.hosted_zone.name_servers}" } */ - # Uncomment if you want to use cloudfront (a CDN) to deliver your assets. # IMPORTANT: # - This module requires a working dns resolution for your hosted zone because @@ -75,7 +73,6 @@ module "asset_cdn" { origin_domain_name = "${module.serverless_lambda_app.assets_bucket_domain_name}" } */ - # Uncomment if you want to use custom domain names for your API endpoints. # cf. https://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-custom-domains.html # IMPORTANT: diff --git a/terraform/modules/api_custom_domain/main.tf b/terraform/modules/api_custom_domain/main.tf index d39139c..71bc4bf 100644 --- a/terraform/modules/api_custom_domain/main.tf +++ b/terraform/modules/api_custom_domain/main.tf @@ -1,16 +1,16 @@ # cf. https://www.terraform.io/docs/providers/aws/d/route53_zone.html data "aws_route53_zone" "hosted_zone" { - zone_id = "${var.hosted_zone_id}" + zone_id = var.hosted_zone_id } locals { // cf. https://github.com/terraform-providers/terraform-provider-aws/issues/241#issuecomment-438744460 - hosted_zone_name = "${replace(data.aws_route53_zone.hosted_zone.name, "/[.]$/", "")}" + hosted_zone_name = replace(data.aws_route53_zone.hosted_zone.name, "/[.]$/", "") } # cf. https://www.terraform.io/docs/providers/aws/r/acm_certificate.html resource "aws_acm_certificate" "cert" { - domain_name = "${local.hosted_zone_name}" + domain_name = local.hosted_zone_name subject_alternative_names = ["*.${local.hosted_zone_name}"] validation_method = "DNS" @@ -21,65 +21,61 @@ resource "aws_acm_certificate" "cert" { # cf. https://www.terraform.io/docs/providers/aws/r/acm_certificate_validation.html resource "aws_acm_certificate_validation" "cert" { - certificate_arn = "${aws_acm_certificate.cert.arn}" + certificate_arn = aws_acm_certificate.cert.arn - validation_record_fqdns = [ - "${aws_route53_record.cert_name_validation.fqdn}", - "${aws_route53_record.cert_alt_name_validation.fqdn}", - ] + validation_record_fqdns = [for record in aws_route53_record.cert_name_validation : record.fqdn] } # cf. https://www.terraform.io/docs/providers/aws/r/acm_certificate_validation.html resource "aws_route53_record" "cert_name_validation" { + + for_each = { + for dvo in aws_acm_certificate.cert.domain_validation_options : dvo.domain_name => { + name = dvo.resource_record_name + record = dvo.resource_record_value + type = dvo.resource_record_type + } + } + allow_overwrite = true - name = "${aws_acm_certificate.cert.domain_validation_options.0.resource_record_name}" - type = "${aws_acm_certificate.cert.domain_validation_options.0.resource_record_type}" - zone_id = "${var.hosted_zone_id}" - records = ["${aws_acm_certificate.cert.domain_validation_options.0.resource_record_value}"] - ttl = 60 -} - -# cf. https://www.terraform.io/docs/providers/aws/r/acm_certificate_validation.html -resource "aws_route53_record" "cert_alt_name_validation" { - allow_overwrite = true - name = "${aws_acm_certificate.cert.domain_validation_options.1.resource_record_name}" - type = "${aws_acm_certificate.cert.domain_validation_options.1.resource_record_type}" + name = each.value.name + type = each.value.type zone_id = "${var.hosted_zone_id}" - records = ["${aws_acm_certificate.cert.domain_validation_options.1.resource_record_value}"] + records = [each.value.record] ttl = 60 } # cf. https://www.terraform.io/docs/providers/aws/r/api_gateway_domain_name.html resource "aws_api_gateway_domain_name" "stage" { - count = "${length(var.stages)}" + count = length(var.stages) # By convention the 'prod' stage is mapped to the name of the provided hosted zone without the prefix 'prod' domain_name = "${var.stages[count.index] != "prod" ? format("%s.", var.stages[count.index]) : "" }${local.hosted_zone_name}" - regional_certificate_arn = "${aws_acm_certificate_validation.cert.certificate_arn}" + regional_certificate_arn = aws_acm_certificate_validation.cert.certificate_arn endpoint_configuration { - types = "${var.aws_api_gateway_rest_api_endpoint_configuration_types}" + types = var.aws_api_gateway_rest_api_endpoint_configuration_types } } # cf. https://www.terraform.io/docs/providers/aws/r/api_gateway_base_path_mapping.html resource "aws_api_gateway_base_path_mapping" "stage" { - count = "${length(var.stages)}" - api_id = "${var.aws_api_gateway_rest_api_id}" - stage_name = "${var.stages[count.index]}" - domain_name = "${element(aws_api_gateway_domain_name.stage.*.domain_name,count.index)}" + count = length(var.stages) + api_id = var.aws_api_gateway_rest_api_id + stage_name = var.stages[count.index] + domain_name = element(aws_api_gateway_domain_name.stage.*.domain_name,count.index) } # cf. https://www.terraform.io/docs/providers/aws/r/api_gateway_domain_name.html resource "aws_route53_record" "stage" { - count = "${length(var.stages)}" - zone_id = "${var.hosted_zone_id}" - name = "${element(aws_api_gateway_domain_name.stage.*.domain_name,count.index)}" + count = length(var.stages) + zone_id = var.hosted_zone_id + name = element(aws_api_gateway_domain_name.stage.*.domain_name,count.index) type = "A" alias { - name = "${element(aws_api_gateway_domain_name.stage.*.regional_domain_name,count.index)}" - zone_id = "${element(aws_api_gateway_domain_name.stage.*.regional_zone_id,count.index)}" + name = element(aws_api_gateway_domain_name.stage.*.regional_domain_name,count.index) + zone_id = element(aws_api_gateway_domain_name.stage.*.regional_zone_id,count.index) evaluate_target_health = false } } diff --git a/terraform/modules/api_custom_domain/variables.tf b/terraform/modules/api_custom_domain/variables.tf index 8a0159b..c3b116c 100644 --- a/terraform/modules/api_custom_domain/variables.tf +++ b/terraform/modules/api_custom_domain/variables.tf @@ -7,11 +7,11 @@ variable "aws_api_gateway_rest_api_id" { } variable "aws_api_gateway_rest_api_endpoint_configuration_types" { - type = "list" + type = list(string) description = "A list of endpoint types. cf. https://www.terraform.io/docs/providers/aws/r/api_gateway_domain_name.html#endpoint_configuration-1" } variable "stages" { - type = "list" + type = list(string) description = "Stages for which custom domain names should be created. By convention the 'prod' stage is mapped to the name of the provided hosted zone without the prefix 'prod'" } \ No newline at end of file diff --git a/terraform/modules/cloudfront_distribution/main.tf b/terraform/modules/cloudfront_distribution/main.tf index 325413d..ac57e53 100644 --- a/terraform/modules/cloudfront_distribution/main.tf +++ b/terraform/modules/cloudfront_distribution/main.tf @@ -2,26 +2,25 @@ # cf. https://docs.aws.amazon.com/acm/latest/userguide/acm-regions.html provider "aws" { alias = "virginia" - version = "~> 2.0" region = "us-east-1" } # cf. https://www.terraform.io/docs/providers/aws/d/route53_zone.html data "aws_route53_zone" "hosted_zone" { - zone_id = "${var.hosted_zone_id}" + zone_id = var.hosted_zone_id } locals { // cf. https://github.com/terraform-providers/terraform-provider-aws/issues/241#issuecomment-438744460 - hosted_zone_name = "${replace(data.aws_route53_zone.hosted_zone.name, "/[.]$/", "")}" + hosted_zone_name = replace(data.aws_route53_zone.hosted_zone.name, "/[.]$/", "") } # cf. https://www.terraform.io/docs/providers/aws/r/acm_certificate.html resource "aws_acm_certificate" "cert" { - domain_name = "${local.hosted_zone_name}" + domain_name = local.hosted_zone_name subject_alternative_names = ["*.${local.hosted_zone_name}"] validation_method = "DNS" - provider = "aws.virginia" + provider = aws.virginia lifecycle { create_before_destroy = true @@ -30,41 +29,37 @@ resource "aws_acm_certificate" "cert" { # cf. https://www.terraform.io/docs/providers/aws/r/acm_certificate_validation.html resource "aws_acm_certificate_validation" "cert" { - certificate_arn = "${aws_acm_certificate.cert.arn}" + certificate_arn = aws_acm_certificate.cert.arn - validation_record_fqdns = [ - "${aws_route53_record.cert_name_validation.fqdn}", - "${aws_route53_record.cert_alt_name_validation.fqdn}", - ] + validation_record_fqdns = [for record in aws_route53_record.cert_name_validation : record.fqdn] - provider = "aws.virginia" + provider = aws.virginia } # cf. https://www.terraform.io/docs/providers/aws/r/acm_certificate_validation.html resource "aws_route53_record" "cert_name_validation" { + + for_each = { + for dvo in aws_acm_certificate.cert.domain_validation_options : dvo.domain_name => { + name = dvo.resource_record_name + record = dvo.resource_record_value + type = dvo.resource_record_type + } + } + allow_overwrite = true - name = "${aws_acm_certificate.cert.domain_validation_options.0.resource_record_name}" - type = "${aws_acm_certificate.cert.domain_validation_options.0.resource_record_type}" - zone_id = "${var.hosted_zone_id}" - records = ["${aws_acm_certificate.cert.domain_validation_options.0.resource_record_value}"] - ttl = 60 -} - -# cf. https://www.terraform.io/docs/providers/aws/r/acm_certificate_validation.html -resource "aws_route53_record" "cert_alt_name_validation" { - allow_overwrite = true - name = "${aws_acm_certificate.cert.domain_validation_options.1.resource_record_name}" - type = "${aws_acm_certificate.cert.domain_validation_options.1.resource_record_type}" - zone_id = "${var.hosted_zone_id}" - records = ["${aws_acm_certificate.cert.domain_validation_options.1.resource_record_value}"] + name = each.value.name + type = each.value.type + zone_id = var.hosted_zone_id + records = [each.value.record] ttl = 60 } # cf. https://www.terraform.io/docs/providers/aws/r/cloudfront_distribution.html resource "aws_cloudfront_distribution" "dist" { origin { - origin_id = "${sha256(var.origin_domain_name)}" - domain_name = "${var.origin_domain_name}" + origin_id = sha256(var.origin_domain_name) + domain_name = var.origin_domain_name } enabled = true @@ -78,7 +73,7 @@ resource "aws_cloudfront_distribution" "dist" { allowed_methods = ["GET", "HEAD"] cached_methods = ["GET", "HEAD"] compress = true - target_origin_id = "${sha256(var.origin_domain_name)}" + target_origin_id = sha256(var.origin_domain_name) forwarded_values { query_string = true @@ -104,7 +99,7 @@ resource "aws_cloudfront_distribution" "dist" { viewer_certificate { minimum_protocol_version = "TLSv1.2_2018" ssl_support_method = "sni-only" - acm_certificate_arn = "${aws_acm_certificate_validation.cert.certificate_arn}" + acm_certificate_arn = aws_acm_certificate_validation.cert.certificate_arn } restrictions { @@ -113,20 +108,20 @@ resource "aws_cloudfront_distribution" "dist" { } } - tags { + tags = { Name = "dist for ${var.origin_domain_name}" Created_By = "Terraform - do not modify in AWS Management Console" } } resource "aws_route53_record" "dist" { - zone_id = "${var.hosted_zone_id}" + zone_id = var.hosted_zone_id name = "${var.custom_subdomain_name}.${local.hosted_zone_name}" type = "A" alias { - name = "${aws_cloudfront_distribution.dist.domain_name}" - zone_id = "${aws_cloudfront_distribution.dist.hosted_zone_id}" + name = aws_cloudfront_distribution.dist.domain_name + zone_id = aws_cloudfront_distribution.dist.hosted_zone_id evaluate_target_health = false } } diff --git a/terraform/modules/cloudfront_distribution/outputs.tf b/terraform/modules/cloudfront_distribution/outputs.tf index 9fc571b..6223d9b 100644 --- a/terraform/modules/cloudfront_distribution/outputs.tf +++ b/terraform/modules/cloudfront_distribution/outputs.tf @@ -1,3 +1,3 @@ output "dns_name" { - value = "${aws_route53_record.dist.name}" + value = aws_route53_record.dist.name } \ No newline at end of file diff --git a/terraform/modules/serverless_lambda_app/main.tf b/terraform/modules/serverless_lambda_app/main.tf index eed63e2..d943775 100644 --- a/terraform/modules/serverless_lambda_app/main.tf +++ b/terraform/modules/serverless_lambda_app/main.tf @@ -1,42 +1,52 @@ #cf. https://www.terraform.io/docs/providers/aws/r/s3_bucket.html resource "aws_s3_bucket" "assets" { - bucket = "${var.assets_bucket_name}" - region = "${var.aws_region}" + bucket = var.assets_bucket_name - # required if webfonts are delivered cf. https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html and https://zinoui.com/blog/cross-domain-fonts - cors_rule { - allowed_methods = ["GET"] - allowed_origins = ["*"] + tags = { + Created_By = "Terraform - do not modify in AWS Management Console" } +} - policy = <