Skip to content

Latest commit

 

History

History
112 lines (74 loc) · 3.71 KB

File metadata and controls

112 lines (74 loc) · 3.71 KB

Creating modules for Terraform

This repository contains code for an application that is published using the Application Builder Platform (ABP).

Module Standards

For best practices and information on developing with Terraform, see the I&A Module Standards

Contributing Code

In order to contibute code to this repository, you must submit a Pull Request. To do so, you must fork this repostiory, make your changes in your forked version and submit a Pull Request.

Writing Documentation

‼️ Do not manually update README.md.

README.md is automatically generated by pulling in content from other files. For instructions, including a fill-in-the-blank content template, see Create readmes for Terraform-based Partner Solutions.

Checks and Validation

Pull Requests (PRs) submitted against this repository undergo a series of static and functional checks.

❗ Note: Failures during funtional or static checks will prevent a pull request from being accepted.

It is a best practice to perform these checks locally prior to submitting a pull request.

Customizing static and functional test

Details about the static and functional test can be found at ./project_automation/{test-name}/entrypoint.sh. TIPS: do not modify the ./project_automation/{test-name}/entrypoint.sh, instead use the helper script located at .config/{test-name}/

Checks Performed

  • TFLint
  • tfsec
  • Markdown Lint
  • Checkov
  • Terratest

‼️ The readme.md file will be created after all checks have completed successfuly, it is recommended that you install terraform-docs locally in order to preview your readme.md file prior to publication.

Install the required tools

Prerequisites:

Performing Checks manually

Preparation

terraform init
terraform validate

Checks

tflint

tflint --init --config ${PROJECT_PATH}/.config/.tflint.hcl
tflint --force --config ${PROJECT_PATH}/.config/.tflint.hcl

tfsec

tfsec . --config-file ${PROJECT_PATH}/.config/.tfsec.yml

Markdown Lint

mdl --config ${PROJECT_PATH}/.config/.mdlrc .header.md examples/*/.header.md

Checkov

checkov --config-file ${PROJECT_PATH}/.config/.checkov.yml

Terratest

Include tests to validate your examples/<> root modules, at a minimum. This can be accomplished with usually only slight modifications to the boilerplate test provided in this template

# from the root of the repository
cd test
go mod init github.com/aws-ia/terraform-project-ephemeral
go mod tidy
go install github.com/gruntwork-io/terratest/test-modules/terraform
go test -timeout 45m

Documentation

terraform-docs

# from the root of the repository
terraform-docs --config ${PROJECT_PATH}/.config/.terraform-docs.yaml --lockfile=false ./