chore(deps): update dependency prettier to v2.8.4 #163

renovate · 2023-02-18T14:33:58Z

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
prettier (source)	`2.8.3` -> `2.8.4`

Review

Updates have been tested and work
If updates are AWS related, versions match the infrastructure (e.g. Lambda runtime, database, etc.)

Release Notes

prettier/prettier

`v2.8.4`

Compare Source

diff

Fix leading comments in mapped types with `readonly` (#13427 by @thorn0, @sosukesuzuki)

// Input
type Type = {
  // comment
  readonly [key in Foo];
};

// Prettier 2.8.3
type Type = {
  readonly // comment
  [key in Foo];
};

// Prettier 2.8.4
type Type = {
  // comment
  readonly [key in Foo];
};

Group params in opening block statements (#14067 by @jamescdavis)

This is a follow-up to #13930 to establish wrapping consistency between opening block statements and else blocks by
grouping params in opening blocks. This causes params to break to a new line together and not be split across lines
unless the length of params exceeds the print width. This also updates the else block wrapping to behave exactly the
same as opening blocks.

{{! Input }}
{{#block param param param param param param param param param param as |blockParam|}}
  Hello
{{else block param param param param param param param param param param as |blockParam|}}
  There
{{/block}}

{{! Prettier 2.8.3 }}
{{#block
  param
  param
  param
  param
  param
  param
  param
  param
  param
  param
  as |blockParam|
}}
  Hello
{{else block param
param
param
param
param
param
param
param
param
param}}
  There
{{/block}}

{{! Prettier 2.8.4 }}
{{#block
  param param param param param param param param param param
  as |blockParam|
}}
  Hello
{{else block
  param param param param param param param param param param
  as |blockParam|
}}
  There
{{/block}}

Ignore files in `.sl/` (#14206 by @bolinfest)

In Sapling SCM, .sl/ is the folder where it stores its state, analogous to .git/ in Git. It should be ignored in Prettier like the other SCM folders.

Recognize `@satisfies` in Closure-style type casts (#14262 by @fisker)

// Input
const a = /** @&#8203;satisfies {Record<string, string>} */ ({hello: 1337});
const b = /** @&#8203;type {Record<string, string>} */ ({hello: 1337});

// Prettier 2.8.3
const a = /** @&#8203;satisfies {Record<string, string>} */ { hello: 1337 };
const b = /** @&#8203;type {Record<string, string>} */ ({ hello: 1337 });

// Prettier 2.8.4
const a = /** @&#8203;satisfies {Record<string, string>} */ ({hello: 1337});
const b = /** @&#8203;type {Record<string, string>} */ ({hello: 1337});

Fix parens in inferred function return types with `extends` (#14279 by @fisker)

// Input
type Foo<T> = T extends ((a) => a is infer R extends string) ? R : never;

// Prettier 2.8.3 (First format)
type Foo<T> = T extends (a) => a is infer R extends string ? R : never;

// Prettier 2.8.3 (Second format)
SyntaxError: '?' expected. 

// Prettier 2.8.4
type Foo<T> = T extends ((a) => a is infer R extends string) ? R : never;

Configuration

📅 Schedule: Branch creation - "every weekend" in timezone America/Montreal, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

github-actions · 2023-02-21T16:39:19Z

Test skip-plan

✅ Terraform Format: success

github-actions · 2023-02-21T16:39:20Z

Test invalid

❌ Terraform Format: failed
❌ Terraform Plan: failed
❌ Conftest: failed

🧹 Format: run terraform fmt to fix the following:

invalid.tf

Show plan

Warning: Duplicate required provider

  on invalid.tf line 11:
  11: resource "random_id" "id" {

Provider "registry.terraform.io/hashicorp/random" was implicitly required via
resource "random_id.id", but listed in required_providers as "test". Either
the local name in required_providers must match the resource name, or the
"test" provider must be assigned within the resource block.

Error: Missing required argument

  on invalid.tf line 11, in resource "random_id" "id":
  11: resource "random_id" "id" {

The argument "byte_length" is required, but no definition was found.

Error: Unsupported argument

  on invalid.tf line 12, in resource "random_id" "id":
  12:     muffin = "blueberry"

An argument named "muffin" is not expected here.

github-actions · 2023-02-21T16:39:26Z

Test changes

✅ Terraform Format: success
✅ Terraform Plan: success
✅ Conftest: success

Plan: 1 to add, 0 to change, 0 to destroy

Show summary

CHANGE	NAME
add	`random_id.id`

Show plan

Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # random_id.id will be created
  + resource "random_id" "id" {
      + b64_std     = (known after apply)
      + b64_url     = (known after apply)
      + byte_length = 8
      + dec         = (known after apply)
      + hex         = (known after apply)
      + id          = (known after apply)
    }

Plan: 1 to add, 0 to change, 0 to destroy.

Changes to Outputs:
  + id = (known after apply)

Warning: Duplicate required provider

  on changes.tf line 11:
  11: resource "random_id" "id" {

Provider "registry.terraform.io/hashicorp/random" was implicitly required via
resource "random_id.id", but listed in required_providers as "test". Either
the local name in required_providers must match the resource name, or the
"test" provider must be assigned within the resource block.

─────────────────────────────────────────────────────────────────────────────

Saved the plan to: plan.tfplan

To perform exactly these actions, run the following command to apply:
    terraform apply "plan.tfplan"

Show Conftest results

18 tests, 18 passed, 0 warnings, 0 failures, 0 exceptions

github-actions · 2023-02-21T16:39:29Z

Test format-error

❌ Terraform Format: failed
✅ Terraform Plan: success
✅ Conftest: success

🧹 Format: run terraform fmt to fix the following:

format-error.tf

Plan: 1 to add, 0 to change, 0 to destroy

Show summary

CHANGE	NAME
add	`random_id.id`

Show plan

Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # random_id.id will be created
  + resource "random_id" "id" {
      + b64_std     = (known after apply)
      + b64_url     = (known after apply)
      + byte_length = 8
      + dec         = (known after apply)
      + hex         = (known after apply)
      + id          = (known after apply)
    }

Plan: 1 to add, 0 to change, 0 to destroy.

Warning: Duplicate required provider

  on format-error.tf line 11:
  11: resource "random_id" "id" {

Provider "registry.terraform.io/hashicorp/random" was implicitly required via
resource "random_id.id", but listed in required_providers as "test". Either
the local name in required_providers must match the resource name, or the
"test" provider must be assigned within the resource block.

─────────────────────────────────────────────────────────────────────────────

Saved the plan to: plan.tfplan

To perform exactly these actions, run the following command to apply:
    terraform apply "plan.tfplan"

Show Conftest results

18 tests, 18 passed, 0 warnings, 0 failures, 0 exceptions

github-actions · 2023-02-21T16:39:36Z

Test conftest-deny

✅ Terraform Format: success
✅ Terraform Plan: success
❌ Conftest: failed

Plan: 49 to add, 0 to change, 0 to destroy

Show summary

CHANGE	NAME
add	`module.rds.aws_cloudwatch_log_group.proxy`
	`module.rds.aws_db_proxy.proxy`
	`module.rds.aws_db_proxy_default_target_group.this`
	`module.rds.aws_db_proxy_target.target`
	`module.rds.aws_db_subnet_group.rds`
	`module.rds.aws_iam_policy.read_connection_string`
	`module.rds.aws_iam_role.rds_proxy`
	`module.rds.aws_iam_role_policy_attachment.read_connection_string`
	`module.rds.aws_rds_cluster.cluster`
	`module.rds.aws_rds_cluster_instance.instances[0]`
	`module.rds.aws_rds_cluster_instance.instances[1]`
	`module.rds.aws_rds_cluster_instance.instances[2]`
	`module.rds.aws_secretsmanager_secret.connection_string`
	`module.rds.aws_secretsmanager_secret.proxy_connection_string`
	`module.rds.aws_secretsmanager_secret_version.connection_string`
	`module.rds.aws_secretsmanager_secret_version.proxy_connection_string`
	`module.rds.aws_security_group.rds_proxy`
	`module.rds.random_string.random`
	`module.vpc.aws_default_network_acl.default`
	`module.vpc.aws_default_route_table.default`
	`module.vpc.aws_default_security_group.default`
	`module.vpc.aws_internet_gateway.gw`
	`module.vpc.aws_nat_gateway.nat_gw[0]`
	`module.vpc.aws_nat_gateway.nat_gw[1]`
	`module.vpc.aws_nat_gateway.nat_gw[2]`
	`module.vpc.aws_network_acl.main`
	`module.vpc.aws_network_acl_rule.block_rdp[0]`
	`module.vpc.aws_network_acl_rule.block_ssh[0]`
	`module.vpc.aws_route.private_nat_gateway[0]`
	`module.vpc.aws_route.private_nat_gateway[1]`
	`module.vpc.aws_route.private_nat_gateway[2]`
	`module.vpc.aws_route.public_internet_gateway`
	`module.vpc.aws_route_table.private[0]`
	`module.vpc.aws_route_table.private[1]`
	`module.vpc.aws_route_table.private[2]`
	`module.vpc.aws_route_table.public`
	`module.vpc.aws_route_table_association.private[0]`
	`module.vpc.aws_route_table_association.private[1]`
	`module.vpc.aws_route_table_association.private[2]`
	`module.vpc.aws_route_table_association.public[0]`
	`module.vpc.aws_route_table_association.public[1]`
	`module.vpc.aws_route_table_association.public[2]`
	`module.vpc.aws_subnet.private[0]`
	`module.vpc.aws_subnet.private[1]`
	`module.vpc.aws_subnet.private[2]`
	`module.vpc.aws_subnet.public[0]`
	`module.vpc.aws_subnet.public[1]`
	`module.vpc.aws_subnet.public[2]`
	`module.vpc.aws_vpc.main`

✂ Warning: plan has been truncated! See the full plan in the logs.

Show plan

Resource actions are indicated with the following symbols:
  + create
 <= read (data resources)

Terraform will perform the following actions:

  # module.rds.data.aws_iam_policy_document.read_connection_string will be read during apply
  # (config refers to values not yet known)
 <= data "aws_iam_policy_document" "read_connection_string" {
      + id   = (known after apply)
      + json = (known after apply)

      + statement {
          + actions   = [
              + "secretsmanager:DescribeSecret",
              + "secretsmanager:GetResourcePolicy",
              + "secretsmanager:GetSecretValue",
              + "secretsmanager:ListSecretVersionIds",
            ]
          + effect    = "Allow"
          + resources = [
              + (known after apply),
            ]
          + sid       = "0"
        }
      + statement {
          + actions   = [
              + "secretsmanager:ListSecrets",
            ]
          + effect    = "Allow"
          + resources = [
              + "*",
            ]
          + sid       = "1"
        }
      + statement {
          + actions   = [
              + "kms:Decrypt",
            ]
          + effect    = "Allow"
          + resources = [
              + "*",
            ]
          + sid       = "2"

          + condition {
              + test     = "StringEquals"
              + values   = [
                  + "secretsmanager.ca-central-1.amazonaws.com",
                ]
              + variable = "kms:ViaService"
            }
        }
    }

  # module.rds.aws_cloudwatch_log_group.proxy will be created
  + resource "aws_cloudwatch_log_group" "proxy" {
      + arn               = (known after apply)
      + id                = (known after apply)
      + name              = "/aws/rds/proxy/test-rds-proxy"
      + name_prefix       = (known after apply)
      + retention_in_days = 14
      + skip_destroy      = false
      + tags              = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds_proxy_logs"
          + "Terraform"  = "true"
        }
      + tags_all          = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds_proxy_logs"
          + "Terraform"  = "true"
        }
    }

  # module.rds.aws_db_proxy.proxy will be created
  + resource "aws_db_proxy" "proxy" {
      + arn                    = (known after apply)
      + debug_logging          = false
      + endpoint               = (known after apply)
      + engine_family          = "POSTGRESQL"
      + id                     = (known after apply)
      + idle_client_timeout    = 1800
      + name                   = "test-rds-proxy"
      + require_tls            = true
      + role_arn               = (known after apply)
      + tags                   = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-rds-proxy"
          + "Terraform"  = "true"
        }
      + tags_all               = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-rds-proxy"
          + "Terraform"  = "true"
        }
      + vpc_security_group_ids = (known after apply)
      + vpc_subnet_ids         = (known after apply)

      + auth {
          + auth_scheme               = "SECRETS"
          + client_password_auth_type = (known after apply)
          + description               = "The database connection string"
          + iam_auth                  = "DISABLED"
          + secret_arn                = (known after apply)
        }
    }

  # module.rds.aws_db_proxy_default_target_group.this will be created
  + resource "aws_db_proxy_default_target_group" "this" {
      + arn           = (known after apply)
      + db_proxy_name = "test-rds-proxy"
      + id            = (known after apply)
      + name          = (known after apply)

      + connection_pool_config {
          + connection_borrow_timeout    = (known after apply)
          + init_query                   = (known after apply)
          + max_connections_percent      = (known after apply)
          + max_idle_connections_percent = (known after apply)
          + session_pinning_filters      = (known after apply)
        }
    }

  # module.rds.aws_db_proxy_target.target will be created
  + resource "aws_db_proxy_target" "target" {
      + db_cluster_identifier = (known after apply)
      + db_proxy_name         = "test-rds-proxy"
      + endpoint              = (known after apply)
      + id                    = (known after apply)
      + port                  = (known after apply)
      + rds_resource_id       = (known after apply)
      + target_arn            = (known after apply)
      + target_group_name     = (known after apply)
      + tracked_cluster_id    = (known after apply)
      + type                  = (known after apply)
    }

  # module.rds.aws_db_subnet_group.rds will be created
  + resource "aws_db_subnet_group" "rds" {
      + arn                     = (known after apply)
      + description             = "Managed by Terraform"
      + id                      = (known after apply)
      + name                    = "test-rds-subnet-group"
      + name_prefix             = (known after apply)
      + subnet_ids              = (known after apply)
      + supported_network_types = (known after apply)
      + tags                    = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-subnet-group"
          + "Terraform"  = "true"
        }
      + tags_all                = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-subnet-group"
          + "Terraform"  = "true"
        }
    }

  # module.rds.aws_iam_policy.read_connection_string will be created
  + resource "aws_iam_policy" "read_connection_string" {
      + arn       = (known after apply)
      + id        = (known after apply)
      + name      = "test-rdsReadConnectionString"
      + path      = "/"
      + policy    = (known after apply)
      + policy_id = (known after apply)
      + tags      = {
          + "CostCentre" = "cal"
          + "Terraform"  = "true"
        }
      + tags_all  = {
          + "CostCentre" = "cal"
          + "Terraform"  = "true"
        }
    }

  # module.rds.aws_iam_role.rds_proxy will be created
  + resource "aws_iam_role" "rds_proxy" {
      + arn                   = (known after apply)
      + assume_role_policy    = jsonencode(
            {
              + Statement = [
                  + {
                      + Action    = "sts:AssumeRole"
                      + Effect    = "Allow"
                      + Principal = {
                          + Service = "rds.amazonaws.com"
                        }
                      + Sid       = "RDSAssume"
                    },
                ]
              + Version   = "2012-10-17"
            }
        )
      + create_date           = (known after apply)
      + force_detach_policies = false
      + id                    = (known after apply)
      + managed_policy_arns   = (known after apply)
      + max_session_duration  = 3600
      + name                  = "test-rds_rds_proxy"
      + name_prefix           = (known after apply)
      + path                  = "/"
      + tags                  = {
          + "CostCentre" = "cal"
          + "Terraform"  = "true"
        }
      + tags_all              = {
          + "CostCentre" = "cal"
          + "Terraform"  = "true"
        }
      + unique_id             = (known after apply)

      + inline_policy {
          + name   = (known after apply)
          + policy = (known after apply)
        }
    }

  # module.rds.aws_iam_role_policy_attachment.read_connection_string will be created
  + resource "aws_iam_role_policy_attachment" "read_connection_string" {
      + id         = (known after apply)
      + policy_arn = (known after apply)
      + role       = "test-rds_rds_proxy"
    }

  # module.rds.aws_rds_cluster.cluster will be created
  + resource "aws_rds_cluster" "cluster" {
      + allocated_storage               = (known after apply)
      + allow_major_version_upgrade     = false
      + apply_immediately               = false
      + arn                             = (known after apply)
      + availability_zones              = (known after apply)
      + backup_retention_period         = 7
      + cluster_identifier              = "test-rds-cluster"
      + cluster_identifier_prefix       = (known after apply)
      + cluster_members                 = (known after apply)
      + cluster_resource_id             = (known after apply)
      + copy_tags_to_snapshot           = false
      + database_name                   = "foo"
      + db_cluster_parameter_group_name = (known after apply)
      + db_subnet_group_name            = "test-rds-subnet-group"
      + deletion_protection             = true
      + enable_global_write_forwarding  = false
      + enable_http_endpoint            = false
      + endpoint                        = (known after apply)
      + engine                          = "aurora-postgresql"
      + engine_mode                     = "provisioned"
      + engine_version                  = "13.3"
      + engine_version_actual           = (known after apply)
      + final_snapshot_identifier       = (known after apply)
      + hosted_zone_id                  = (known after apply)
      + iam_roles                       = (known after apply)
      + id                              = (known after apply)
      + kms_key_id                      = (known after apply)
      + master_password                 = (sensitive value)
      + master_username                 = "cal"
      + network_type                    = (known after apply)
      + port                            = (known after apply)
      + preferred_backup_window         = "07:00-09:00"
      + preferred_maintenance_window    = (known after apply)
      + reader_endpoint                 = (known after apply)
      + skip_final_snapshot             = false
      + storage_encrypted               = true
      + tags                            = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-cluster"
          + "Terraform"  = "true"
        }
      + tags_all                        = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-cluster"
          + "Terraform"  = "true"
        }
      + vpc_security_group_ids          = (known after apply)
    }

  # module.rds.aws_rds_cluster_instance.instances[0] will be created
  + resource "aws_rds_cluster_instance" "instances" {
      + apply_immediately                     = (known after apply)
      + arn                                   = (known after apply)
      + auto_minor_version_upgrade            = true
      + availability_zone                     = (known after apply)
      + ca_cert_identifier                    = (known after apply)
      + cluster_identifier                    = (known after apply)
      + copy_tags_to_snapshot                 = false
      + db_parameter_group_name               = (known after apply)
      + db_subnet_group_name                  = "test-rds-subnet-group"
      + dbi_resource_id                       = (known after apply)
      + endpoint                              = (known after apply)
      + engine                                = "aurora-postgresql"
      + engine_version                        = "13.3"
      + engine_version_actual                 = (known after apply)
      + id                                    = (known after apply)
      + identifier                            = "test-rds-instance-0"
      + identifier_prefix                     = (known after apply)
      + instance_class                        = "db.t3.medium"
      + kms_key_id                            = (known after apply)
      + monitoring_interval                   = 0
      + monitoring_role_arn                   = (known after apply)
      + network_type                          = (known after apply)
      + performance_insights_enabled          = true
      + performance_insights_kms_key_id       = (known after apply)
      + performance_insights_retention_period = (known after apply)
      + port                                  = (known after apply)
      + preferred_backup_window               = (known after apply)
      + preferred_maintenance_window          = (known after apply)
      + promotion_tier                        = 0
      + publicly_accessible                   = false
      + storage_encrypted                     = (known after apply)
      + tags                                  = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-instance-0"
          + "Terraform"  = "true"
        }
      + tags_all                              = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-instance-0"
          + "Terraform"  = "true"
        }
      + writer                                = (known after apply)
    }

  # module.rds.aws_rds_cluster_instance.instances[1] will be created
  + resource "aws_rds_cluster_instance" "instances" {
      + apply_immediately                     = (known after apply)
      + arn                                   = (known after apply)
      + auto_minor_version_upgrade            = true
      + availability_zone                     = (known after apply)
      + ca_cert_identifier                    = (known after apply)
      + cluster_identifier                    = (known after apply)
      + copy_tags_to_snapshot                 = false
      + db_parameter_group_name               = (known after apply)
      + db_subnet_group_name                  = "test-rds-subnet-group"
      + dbi_resource_id                       = (known after apply)
      + endpoint                              = (known after apply)
      + engine                                = "aurora-postgresql"
      + engine_version                        = "13.3"
      + engine_version_actual                 = (known after apply)
      + id                                    = (known after apply)
      + identifier                            = "test-rds-instance-1"
      + identifier_prefix                     = (known after apply)
      + instance_class                        = "db.t3.medium"
      + kms_key_id                            = (known after apply)
      + monitoring_interval                   = 0
      + monitoring_role_arn                   = (known after apply)
      + network_type                          = (known after apply)
      + performance_insights_enabled          = true
      + performance_insights_kms_key_id       = (known after apply)
      + performance_insights_retention_period = (known after apply)
      + port                                  = (known after apply)
      + preferred_backup_window               = (known after apply)
      + preferred_maintenance_window          = (known after apply)
      + promotion_tier                        = 0
      + publicly_accessible                   = false
      + storage_encrypted                     = (known after apply)
      + tags                                  = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-instance-1"
          + "Terraform"  = "true"
        }
      + tags_all                              = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-instance-1"
          + "Terraform"  = "true"
        }
      + writer                                = (known after apply)
    }

  # module.rds.aws_rds_cluster_instance.instances[2] will be created
  + resource "aws_rds_cluster_instance" "instances" {
      + apply_immediately                     = (known after apply)
      + arn                                   = (known after apply)
      + auto_minor_version_upgrade            = true
      + availability_zone                     = (known after apply)
      + ca_cert_identifier                    = (known after apply)
      + cluster_identifier                    = (known after apply)
      + copy_tags_to_snapshot                 = false
      + db_parameter_group_name               = (known after apply)
      + db_subnet_group_name                  = "test-rds-subnet-group"
      + dbi_resource_id                       = (known after apply)
      + endpoint                              = (known after apply)
      + engine                                = "aurora-postgresql"
      + engine_version                        = "13.3"
      + engine_version_actual                 = (known after apply)
      + id                                    = (known after apply)
      + identifier                            = "test-rds-instance-2"
      + identifier_prefix                     = (known after apply)
      + instance_class                        = "db.t3.medium"
      + kms_key_id                            = (known after apply)
      + monitoring_interval                   = 0
      + monitoring_role_arn                   = (known after apply)
      + network_type                          = (known after apply)
      + performance_insights_enabled          = true
      + performance_insights_kms_key_id       = (known after apply)
      + performance_insights_retention_period = (known after apply)
      + port                                  = (known after apply)
      + preferred_backup_window               = (known after apply)
      + preferred_maintenance_window          = (known after apply)
      + promotion_tier                        = 0
      + publicly_accessible                   = false
      + storage_encrypted                     = (known after apply)
      + tags                                  = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-instance-2"
          + "Terraform"  = "true"
        }
      + tags_all                              = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-instance-2"
          + "Terraform"  = "true"
        }
      + writer                                = (known after apply)
    }

  # module.rds.aws_secretsmanager_secret.connection_string will be created
  + resource "aws_secretsmanager_secret" "connection_string" {
      + arn                            = (known after apply)
      + force_overwrite_replica_secret = false
      + id                             = (known after apply)
      + name                           = (known after apply)
      + name_prefix                    = (known after apply)
      + policy                         = (known after apply)
      + recovery_window_in_days        = 30
      + rotation_enabled               = (known after apply)
      + rotation_lambda_arn            = (known after apply)
      + tags                           = {
          + "CostCentre" = "cal"
          + "Terraform"  = "true"
        }
      + tags_all                       = {
          + "CostCentre" = "cal"
          + "Terraform"  = "true"
        }

      + replica {
          + kms_key_id         = (known after apply)
          + last_accessed_date = (known after apply)
          + region             = (known after apply)
          + status             = (known after apply)
          + status_message     = (known after apply)
        }

      + rotation_rules {
          + automatically_after_days = (known after apply)
        }
    }

  # module.rds.aws_secretsmanager_secret.proxy_connection_string will be created
  + resource "aws_secretsmanager_secret" "proxy_connection_string" {
      + arn                            = (known after apply)
      + force_overwrite_replica_secret = false
      + id                             = (known after apply)
      + name                           = (known after apply)
      + name_prefix                    = (known after apply)
      + policy                         = (known after apply)
      + recovery_window_in_days        = 30
      + rotation_enabled               = (known after apply)
      + rotation_lambda_arn            = (known after apply)
      + tags                           = {
          + "CostCentre" = "cal"
          + "Terraform"  = "true"
        }
      + tags_all                       = {
          + "CostCentre" = "cal"
          + "Terraform"  = "true"
        }

      + replica {
          + kms_key_id         = (known after apply)
          + last_accessed_date = (known after apply)
          + region             = (known after apply)
          + status             = (known after apply)
          + status_message     = (known after apply)
        }

      + rotation_rules {
          + automatically_after_days = (known after apply)
        }
    }

  # module.rds.aws_secretsmanager_secret_version.connection_string will be created
  + resource "aws_secretsmanager_secret_version" "connection_string" {
      + arn            = (known after apply)
      + id             = (known after apply)
      + secret_id      = (known after apply)
      + secret_string  = (sensitive value)
      + version_id     = (known after apply)
      + version_stages = (known after apply)
    }

  # module.rds.aws_secretsmanager_secret_version.proxy_connection_string will be created
  + resource "aws_secretsmanager_secret_version" "proxy_connection_string" {
      + arn            = (known after apply)
      + id             = (known after apply)
      + secret_id      = (known after apply)
      + secret_string  = (sensitive value)
      + version_id     = (known after apply)
      + version_stages = (known after apply)
    }

  # module.rds.aws_security_group.rds_proxy will be created
  + resource "aws_security_group" "rds_proxy" {
      + arn                    = (known after apply)
      + description            = "The Security group that allows communication between the proxy and the database"
      + egress                 = [
          + {
              + cidr_blocks      = []
              + description      = ""
              + from_port        = 5432
              + ipv6_cidr_blocks = []
              + prefix_list_ids  = []
              + protocol         = "tcp"
              + security_groups  = []
              + self             = true
              + to_port          = 5432
            },
        ]
      + id                     = (known after apply)
      + ingress                = [
          + {
              + cidr_blocks      = []
              + description      = ""
              + from_port        = 5432
              + ipv6_cidr_blocks = []
              + prefix_list_ids  = []
              + protocol         = "tcp"
              + security_groups  = []
              + self             = true
              + to_port          = 5432
            },
        ]
      + name                   = "test-rds_rds_proxy_sg"
      + name_prefix            = (known after apply)
      + owner_id               = (known after apply)
      + revoke_rules_on_delete = false
      + tags                   = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds_rds_proxy_sg"
          + "Terraform"  = "true"
        }
      + tags_all               = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds_rds_proxy_sg"
          + "Terraform"  = "true"
        }
      + vpc_id                 = (known after apply)
    }

  # module.rds.random_string.random will be created
  + resource "random_string" "random" {
      + id          = (known after apply)
      + length      = 6
      + lower       = true
      + min_lower   = 0
      + min_numeric = 0
      + min_special = 0
      + min_upper   = 0
      + number      = true
      + numeric     = true
      + result      = (known after apply)
      + special     = false
      + upper       = false
    }

  # module.vpc.aws_default_network_acl.default will be created
  + resource "aws_default_network_acl" "default" {
      + arn                    = (known after apply)
      + default_network_acl_id = (known after apply)
      + id                     = (known after apply)
      + owner_id               = (known after apply)
      + tags                   = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc_default_nacl"
          + "Terraform"  = "true"
        }
      + tags_all               = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc_default_nacl"
          + "Terraform"  = "true"
        }
      + vpc_id                 = (known after apply)
    }

  # module.vpc.aws_default_route_table.default will be created
  + resource "aws_default_route_table" "default" {
      + arn                    = (known after apply)
      + default_route_table_id = (known after apply)
      + id                     = (known after apply)
      + owner_id               = (known after apply)
      + route                  = []
      + tags                   = {
          + "CostCentre" = "cal"
          + "Terraform"  = "true"
          + "name"       = "vpc_default_route_table"
        }
      + tags_all               = {
          + "CostCentre" = "cal"
          + "Terraform"  = "true"
          + "name"       = "vpc_default_route_table"
        }
      + vpc_id                 = (known after apply)
    }

  # module.vpc.aws_default_security_group.default will be created
  + resource "aws_default_security_group" "default" {
      + arn                    = (known after apply)
      + description            = (known after apply)
      + egress                 = (known after apply)
      + id                     = (known after apply)
      + ingress                = (known after apply)
      + name                   = (known after apply)
      + name_prefix            = (known after apply)
      + owner_id               = (known after apply)
      + revoke_rules_on_delete = false
      + tags                   = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc_default_sg"
          + "Terraform"  = "true"
        }
      + tags_all               = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc_default_sg"
          + "Terraform"  = "true"
        }
      + vpc_id                 = (known after apply)
    }

  # module.vpc.aws_internet_gateway.gw will be created
  + resource "aws_internet_gateway" "gw" {
      + arn      = (known after apply)
      + id       = (known after apply)
      + owner_id = (known after apply)
      + tags     = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc_internet_gateway"
          + "Terraform"  = "true"
        }
      + tags_all = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc_internet_gateway"
          + "Terraform"  = "true"
        }
      + vpc_id   = (known after apply)
    }

  # module.vpc.aws_nat_gateway.nat_gw[0] will be created
  + resource "aws_nat_gateway" "nat_gw" {
      + connectivity_type    = "private"
      + id                   = (known after apply)
      + network_interface_id = (known after apply)
      + private_ip           = (known after apply)
      + public_ip            = (known after apply)
      + subnet_id            = (known after apply)
      + tags                 = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc-natgw-0"
          + "Terraform"  = "true"
        }
      + tags_all             = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc-natgw-0"
          + "Terraform"  = "true"
        }
    }

  # module.vpc.aws_nat_gateway.nat_gw[1] will be created
  + resource "aws_nat_gateway" "nat_gw" {
      + connectivity_type    = "private"
      + id                   = (known after apply)
      + network_interface_id = (known after apply)
      + private_ip           = (known after apply)
      + public_ip            = (known after apply)
      + subnet_id            = (known after apply)
      + tags                 = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc-natgw-1"
          + "Terraform"  = "true"
        }
      + tags_all             = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc-natgw-1"
          + "Terraform"  = "true"
        }
    }

  # module.vpc.aws_nat_gateway.nat_gw[2] will be created
  + resource "aws_nat_gateway" "nat_gw" {
      + connectivity_type    = "private"
      + id                   = (known after apply)
      + network_interface_id = (known after apply)
      + private_ip           = (known after apply)
      + public_ip            = (known after apply)
      + subnet_id            = (known after apply)
      + tags                 = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc-natgw-2"
          + "Terraform"  = "true"
        }
      + tags_all             = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc-natgw-2"
          + "Terraform"  = "true"
        }
    }

  # module.vpc.aws_network_acl.main will be created
  + resource "aws_network_acl" "main" {
      + arn        = (known after apply)
      + egress     = (known after apply)
      + id         = (known after apply)
      + ingress    = (known after apply)
      + owner_id   = (known after apply)
      + subnet_ids = (known after apply)
      + tags       = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc_main_nacl"
          + "Terraform"  = "true"
        }
      + tags_all   = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc_main_nacl"
          + "Terraform"  = "true"
        }
      + vpc_id     = (known after apply)
    }

  # module.vpc.aws_network_acl_rule.block_rdp[0] will be created
  + resource "aws_network_acl_rule" "block_rdp" {
      + cidr_block     = "10.0.0.0/16"
      + egress         = false
      + from_port      = 3389
      + id             = (known after apply)
      + network_acl_id = (known after apply)
      + protocol       = "tcp"
      + rule_action    = "deny"
      + rule_number    = 51
      + to_port        = 3389
    }

  # module.vpc.aws_network_acl_rule.block_ssh[0] will be created
  + resource...

Show Conftest results

FAIL - plan.json - main - Postgresql main password > 8 characters: ["module.rds.aws_rds_cluster.cluster"]

18 tests, 17 passed, 0 warnings, 1 failure, 0 exceptions

github-actions · 2023-02-21T16:39:38Z

Test truncate-plan

✅ Terraform Format: success
✅ Terraform Plan: success
✅ Conftest: success

Plan: 49 to add, 0 to change, 0 to destroy

Show summary

CHANGE	NAME
add	`module.rds.aws_cloudwatch_log_group.proxy`
	`module.rds.aws_db_proxy.proxy`
	`module.rds.aws_db_proxy_default_target_group.this`
	`module.rds.aws_db_proxy_target.target`
	`module.rds.aws_db_subnet_group.rds`
	`module.rds.aws_iam_policy.read_connection_string`
	`module.rds.aws_iam_role.rds_proxy`
	`module.rds.aws_iam_role_policy_attachment.read_connection_string`
	`module.rds.aws_rds_cluster.cluster`
	`module.rds.aws_rds_cluster_instance.instances[0]`
	`module.rds.aws_rds_cluster_instance.instances[1]`
	`module.rds.aws_rds_cluster_instance.instances[2]`
	`module.rds.aws_secretsmanager_secret.connection_string`
	`module.rds.aws_secretsmanager_secret.proxy_connection_string`
	`module.rds.aws_secretsmanager_secret_version.connection_string`
	`module.rds.aws_secretsmanager_secret_version.proxy_connection_string`
	`module.rds.aws_security_group.rds_proxy`
	`module.rds.random_string.random`
	`module.vpc.aws_default_network_acl.default`
	`module.vpc.aws_default_route_table.default`
	`module.vpc.aws_default_security_group.default`
	`module.vpc.aws_internet_gateway.gw`
	`module.vpc.aws_nat_gateway.nat_gw[0]`
	`module.vpc.aws_nat_gateway.nat_gw[1]`
	`module.vpc.aws_nat_gateway.nat_gw[2]`
	`module.vpc.aws_network_acl.main`
	`module.vpc.aws_network_acl_rule.block_rdp[0]`
	`module.vpc.aws_network_acl_rule.block_ssh[0]`
	`module.vpc.aws_route.private_nat_gateway[0]`
	`module.vpc.aws_route.private_nat_gateway[1]`
	`module.vpc.aws_route.private_nat_gateway[2]`
	`module.vpc.aws_route.public_internet_gateway`
	`module.vpc.aws_route_table.private[0]`
	`module.vpc.aws_route_table.private[1]`
	`module.vpc.aws_route_table.private[2]`
	`module.vpc.aws_route_table.public`
	`module.vpc.aws_route_table_association.private[0]`
	`module.vpc.aws_route_table_association.private[1]`
	`module.vpc.aws_route_table_association.private[2]`
	`module.vpc.aws_route_table_association.public[0]`
	`module.vpc.aws_route_table_association.public[1]`
	`module.vpc.aws_route_table_association.public[2]`
	`module.vpc.aws_subnet.private[0]`
	`module.vpc.aws_subnet.private[1]`
	`module.vpc.aws_subnet.private[2]`
	`module.vpc.aws_subnet.public[0]`
	`module.vpc.aws_subnet.public[1]`
	`module.vpc.aws_subnet.public[2]`
	`module.vpc.aws_vpc.main`

✂ Warning: plan has been truncated! See the full plan in the logs.

Show plan

Resource actions are indicated with the following symbols:
  + create
 <= read (data resources)

Terraform will perform the following actions:

  # module.rds.data.aws_iam_policy_document.read_connection_string will be read during apply
  # (config refers to values not yet known)
 <= data "aws_iam_policy_document" "read_connection_string" {
      + id   = (known after apply)
      + json = (known after apply)

      + statement {
          + actions   = [
              + "secretsmanager:DescribeSecret",
              + "secretsmanager:GetResourcePolicy",
              + "secretsmanager:GetSecretValue",
              + "secretsmanager:ListSecretVersionIds",
            ]
          + effect    = "Allow"
          + resources = [
              + (known after apply),
            ]
          + sid       = "0"
        }
      + statement {
          + actions   = [
              + "secretsmanager:ListSecrets",
            ]
          + effect    = "Allow"
          + resources = [
              + "*",
            ]
          + sid       = "1"
        }
      + statement {
          + actions   = [
              + "kms:Decrypt",
            ]
          + effect    = "Allow"
          + resources = [
              + "*",
            ]
          + sid       = "2"

          + condition {
              + test     = "StringEquals"
              + values   = [
                  + "secretsmanager.ca-central-1.amazonaws.com",
                ]
              + variable = "kms:ViaService"
            }
        }
    }

  # module.rds.aws_cloudwatch_log_group.proxy will be created
  + resource "aws_cloudwatch_log_group" "proxy" {
      + arn               = (known after apply)
      + id                = (known after apply)
      + name              = "/aws/rds/proxy/test-rds-proxy"
      + name_prefix       = (known after apply)
      + retention_in_days = 14
      + skip_destroy      = false
      + tags              = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds_proxy_logs"
          + "Terraform"  = "true"
        }
      + tags_all          = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds_proxy_logs"
          + "Terraform"  = "true"
        }
    }

  # module.rds.aws_db_proxy.proxy will be created
  + resource "aws_db_proxy" "proxy" {
      + arn                    = (known after apply)
      + debug_logging          = false
      + endpoint               = (known after apply)
      + engine_family          = "POSTGRESQL"
      + id                     = (known after apply)
      + idle_client_timeout    = 1800
      + name                   = "test-rds-proxy"
      + require_tls            = true
      + role_arn               = (known after apply)
      + tags                   = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-rds-proxy"
          + "Terraform"  = "true"
        }
      + tags_all               = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-rds-proxy"
          + "Terraform"  = "true"
        }
      + vpc_security_group_ids = (known after apply)
      + vpc_subnet_ids         = (known after apply)

      + auth {
          + auth_scheme               = "SECRETS"
          + client_password_auth_type = (known after apply)
          + description               = "The database connection string"
          + iam_auth                  = "DISABLED"
          + secret_arn                = (known after apply)
        }
    }

  # module.rds.aws_db_proxy_default_target_group.this will be created
  + resource "aws_db_proxy_default_target_group" "this" {
      + arn           = (known after apply)
      + db_proxy_name = "test-rds-proxy"
      + id            = (known after apply)
      + name          = (known after apply)

      + connection_pool_config {
          + connection_borrow_timeout    = (known after apply)
          + init_query                   = (known after apply)
          + max_connections_percent      = (known after apply)
          + max_idle_connections_percent = (known after apply)
          + session_pinning_filters      = (known after apply)
        }
    }

  # module.rds.aws_db_proxy_target.target will be created
  + resource "aws_db_proxy_target" "target" {
      + db_cluster_identifier = (known after apply)
      + db_proxy_name         = "test-rds-proxy"
      + endpoint              = (known after apply)
      + id                    = (known after apply)
      + port                  = (known after apply)
      + rds_resource_id       = (known after apply)
      + target_arn            = (known after apply)
      + target_group_name     = (known after apply)
      + tracked_cluster_id    = (known after apply)
      + type                  = (known after apply)
    }

  # module.rds.aws_db_subnet_group.rds will be created
  + resource "aws_db_subnet_group" "rds" {
      + arn                     = (known after apply)
      + description             = "Managed by Terraform"
      + id                      = (known after apply)
      + name                    = "test-rds-subnet-group"
      + name_prefix             = (known after apply)
      + subnet_ids              = (known after apply)
      + supported_network_types = (known after apply)
      + tags                    = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-subnet-group"
          + "Terraform"  = "true"
        }
      + tags_all                = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-subnet-group"
          + "Terraform"  = "true"
        }
    }

  # module.rds.aws_iam_policy.read_connection_string will be created
  + resource "aws_iam_policy" "read_connection_string" {
      + arn       = (known after apply)
      + id        = (known after apply)
      + name      = "test-rdsReadConnectionString"
      + path      = "/"
      + policy    = (known after apply)
      + policy_id = (known after apply)
      + tags      = {
          + "CostCentre" = "cal"
          + "Terraform"  = "true"
        }
      + tags_all  = {
          + "CostCentre" = "cal"
          + "Terraform"  = "true"
        }
    }

  # module.rds.aws_iam_role.rds_proxy will be created
  + resource "aws_iam_role" "rds_proxy" {
      + arn                   = (known after apply)
      + assume_role_policy    = jsonencode(
            {
              + Statement = [
                  + {
                      + Action    = "sts:AssumeRole"
                      + Effect    = "Allow"
                      + Principal = {
                          + Service = "rds.amazonaws.com"
                        }
                      + Sid       = "RDSAssume"
                    },
                ]
              + Version   = "2012-10-17"
            }
        )
      + create_date           = (known after apply)
      + force_detach_policies = false
      + id                    = (known after apply)
      + managed_policy_arns   = (known after apply)
      + max_session_duration  = 3600
      + name                  = "test-rds_rds_proxy"
      + name_prefix           = (known after apply)
      + path                  = "/"
      + tags                  = {
          + "CostCentre" = "cal"
          + "Terraform"  = "true"
        }
      + tags_all              = {
          + "CostCentre" = "cal"
          + "Terraform"  = "true"
        }
      + unique_id             = (known after apply)

      + inline_policy {
          + name   = (known after apply)
          + policy = (known after apply)
        }
    }

  # module.rds.aws_iam_role_policy_attachment.read_connection_string will be created
  + resource "aws_iam_role_policy_attachment" "read_connection_string" {
      + id         = (known after apply)
      + policy_arn = (known after apply)
      + role       = "test-rds_rds_proxy"
    }

  # module.rds.aws_rds_cluster.cluster will be created
  + resource "aws_rds_cluster" "cluster" {
      + allocated_storage               = (known after apply)
      + allow_major_version_upgrade     = false
      + apply_immediately               = false
      + arn                             = (known after apply)
      + availability_zones              = (known after apply)
      + backup_retention_period         = 7
      + cluster_identifier              = "test-rds-cluster"
      + cluster_identifier_prefix       = (known after apply)
      + cluster_members                 = (known after apply)
      + cluster_resource_id             = (known after apply)
      + copy_tags_to_snapshot           = false
      + database_name                   = "foo"
      + db_cluster_parameter_group_name = (known after apply)
      + db_subnet_group_name            = "test-rds-subnet-group"
      + deletion_protection             = true
      + enable_global_write_forwarding  = false
      + enable_http_endpoint            = false
      + endpoint                        = (known after apply)
      + engine                          = "aurora-postgresql"
      + engine_mode                     = "provisioned"
      + engine_version                  = "14.5"
      + engine_version_actual           = (known after apply)
      + final_snapshot_identifier       = (known after apply)
      + hosted_zone_id                  = (known after apply)
      + iam_roles                       = (known after apply)
      + id                              = (known after apply)
      + kms_key_id                      = (known after apply)
      + master_password                 = (sensitive value)
      + master_username                 = "probably"
      + network_type                    = (known after apply)
      + port                            = (known after apply)
      + preferred_backup_window         = "07:00-09:00"
      + preferred_maintenance_window    = (known after apply)
      + reader_endpoint                 = (known after apply)
      + skip_final_snapshot             = false
      + storage_encrypted               = true
      + tags                            = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-cluster"
          + "Terraform"  = "true"
        }
      + tags_all                        = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-cluster"
          + "Terraform"  = "true"
        }
      + vpc_security_group_ids          = (known after apply)
    }

  # module.rds.aws_rds_cluster_instance.instances[0] will be created
  + resource "aws_rds_cluster_instance" "instances" {
      + apply_immediately                     = (known after apply)
      + arn                                   = (known after apply)
      + auto_minor_version_upgrade            = true
      + availability_zone                     = (known after apply)
      + ca_cert_identifier                    = (known after apply)
      + cluster_identifier                    = (known after apply)
      + copy_tags_to_snapshot                 = false
      + db_parameter_group_name               = (known after apply)
      + db_subnet_group_name                  = "test-rds-subnet-group"
      + dbi_resource_id                       = (known after apply)
      + endpoint                              = (known after apply)
      + engine                                = "aurora-postgresql"
      + engine_version                        = "14.5"
      + engine_version_actual                 = (known after apply)
      + id                                    = (known after apply)
      + identifier                            = "test-rds-instance-0"
      + identifier_prefix                     = (known after apply)
      + instance_class                        = "db.t3.medium"
      + kms_key_id                            = (known after apply)
      + monitoring_interval                   = 0
      + monitoring_role_arn                   = (known after apply)
      + network_type                          = (known after apply)
      + performance_insights_enabled          = true
      + performance_insights_kms_key_id       = (known after apply)
      + performance_insights_retention_period = (known after apply)
      + port                                  = (known after apply)
      + preferred_backup_window               = (known after apply)
      + preferred_maintenance_window          = (known after apply)
      + promotion_tier                        = 0
      + publicly_accessible                   = false
      + storage_encrypted                     = (known after apply)
      + tags                                  = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-instance-0"
          + "Terraform"  = "true"
        }
      + tags_all                              = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-instance-0"
          + "Terraform"  = "true"
        }
      + writer                                = (known after apply)
    }

  # module.rds.aws_rds_cluster_instance.instances[1] will be created
  + resource "aws_rds_cluster_instance" "instances" {
      + apply_immediately                     = (known after apply)
      + arn                                   = (known after apply)
      + auto_minor_version_upgrade            = true
      + availability_zone                     = (known after apply)
      + ca_cert_identifier                    = (known after apply)
      + cluster_identifier                    = (known after apply)
      + copy_tags_to_snapshot                 = false
      + db_parameter_group_name               = (known after apply)
      + db_subnet_group_name                  = "test-rds-subnet-group"
      + dbi_resource_id                       = (known after apply)
      + endpoint                              = (known after apply)
      + engine                                = "aurora-postgresql"
      + engine_version                        = "14.5"
      + engine_version_actual                 = (known after apply)
      + id                                    = (known after apply)
      + identifier                            = "test-rds-instance-1"
      + identifier_prefix                     = (known after apply)
      + instance_class                        = "db.t3.medium"
      + kms_key_id                            = (known after apply)
      + monitoring_interval                   = 0
      + monitoring_role_arn                   = (known after apply)
      + network_type                          = (known after apply)
      + performance_insights_enabled          = true
      + performance_insights_kms_key_id       = (known after apply)
      + performance_insights_retention_period = (known after apply)
      + port                                  = (known after apply)
      + preferred_backup_window               = (known after apply)
      + preferred_maintenance_window          = (known after apply)
      + promotion_tier                        = 0
      + publicly_accessible                   = false
      + storage_encrypted                     = (known after apply)
      + tags                                  = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-instance-1"
          + "Terraform"  = "true"
        }
      + tags_all                              = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-instance-1"
          + "Terraform"  = "true"
        }
      + writer                                = (known after apply)
    }

  # module.rds.aws_rds_cluster_instance.instances[2] will be created
  + resource "aws_rds_cluster_instance" "instances" {
      + apply_immediately                     = (known after apply)
      + arn                                   = (known after apply)
      + auto_minor_version_upgrade            = true
      + availability_zone                     = (known after apply)
      + ca_cert_identifier                    = (known after apply)
      + cluster_identifier                    = (known after apply)
      + copy_tags_to_snapshot                 = false
      + db_parameter_group_name               = (known after apply)
      + db_subnet_group_name                  = "test-rds-subnet-group"
      + dbi_resource_id                       = (known after apply)
      + endpoint                              = (known after apply)
      + engine                                = "aurora-postgresql"
      + engine_version                        = "14.5"
      + engine_version_actual                 = (known after apply)
      + id                                    = (known after apply)
      + identifier                            = "test-rds-instance-2"
      + identifier_prefix                     = (known after apply)
      + instance_class                        = "db.t3.medium"
      + kms_key_id                            = (known after apply)
      + monitoring_interval                   = 0
      + monitoring_role_arn                   = (known after apply)
      + network_type                          = (known after apply)
      + performance_insights_enabled          = true
      + performance_insights_kms_key_id       = (known after apply)
      + performance_insights_retention_period = (known after apply)
      + port                                  = (known after apply)
      + preferred_backup_window               = (known after apply)
      + preferred_maintenance_window          = (known after apply)
      + promotion_tier                        = 0
      + publicly_accessible                   = false
      + storage_encrypted                     = (known after apply)
      + tags                                  = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-instance-2"
          + "Terraform"  = "true"
        }
      + tags_all                              = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds-instance-2"
          + "Terraform"  = "true"
        }
      + writer                                = (known after apply)
    }

  # module.rds.aws_secretsmanager_secret.connection_string will be created
  + resource "aws_secretsmanager_secret" "connection_string" {
      + arn                            = (known after apply)
      + force_overwrite_replica_secret = false
      + id                             = (known after apply)
      + name                           = (known after apply)
      + name_prefix                    = (known after apply)
      + policy                         = (known after apply)
      + recovery_window_in_days        = 30
      + rotation_enabled               = (known after apply)
      + rotation_lambda_arn            = (known after apply)
      + tags                           = {
          + "CostCentre" = "cal"
          + "Terraform"  = "true"
        }
      + tags_all                       = {
          + "CostCentre" = "cal"
          + "Terraform"  = "true"
        }

      + replica {
          + kms_key_id         = (known after apply)
          + last_accessed_date = (known after apply)
          + region             = (known after apply)
          + status             = (known after apply)
          + status_message     = (known after apply)
        }

      + rotation_rules {
          + automatically_after_days = (known after apply)
        }
    }

  # module.rds.aws_secretsmanager_secret.proxy_connection_string will be created
  + resource "aws_secretsmanager_secret" "proxy_connection_string" {
      + arn                            = (known after apply)
      + force_overwrite_replica_secret = false
      + id                             = (known after apply)
      + name                           = (known after apply)
      + name_prefix                    = (known after apply)
      + policy                         = (known after apply)
      + recovery_window_in_days        = 30
      + rotation_enabled               = (known after apply)
      + rotation_lambda_arn            = (known after apply)
      + tags                           = {
          + "CostCentre" = "cal"
          + "Terraform"  = "true"
        }
      + tags_all                       = {
          + "CostCentre" = "cal"
          + "Terraform"  = "true"
        }

      + replica {
          + kms_key_id         = (known after apply)
          + last_accessed_date = (known after apply)
          + region             = (known after apply)
          + status             = (known after apply)
          + status_message     = (known after apply)
        }

      + rotation_rules {
          + automatically_after_days = (known after apply)
        }
    }

  # module.rds.aws_secretsmanager_secret_version.connection_string will be created
  + resource "aws_secretsmanager_secret_version" "connection_string" {
      + arn            = (known after apply)
      + id             = (known after apply)
      + secret_id      = (known after apply)
      + secret_string  = (sensitive value)
      + version_id     = (known after apply)
      + version_stages = (known after apply)
    }

  # module.rds.aws_secretsmanager_secret_version.proxy_connection_string will be created
  + resource "aws_secretsmanager_secret_version" "proxy_connection_string" {
      + arn            = (known after apply)
      + id             = (known after apply)
      + secret_id      = (known after apply)
      + secret_string  = (sensitive value)
      + version_id     = (known after apply)
      + version_stages = (known after apply)
    }

  # module.rds.aws_security_group.rds_proxy will be created
  + resource "aws_security_group" "rds_proxy" {
      + arn                    = (known after apply)
      + description            = "The Security group that allows communication between the proxy and the database"
      + egress                 = [
          + {
              + cidr_blocks      = []
              + description      = ""
              + from_port        = 5432
              + ipv6_cidr_blocks = []
              + prefix_list_ids  = []
              + protocol         = "tcp"
              + security_groups  = []
              + self             = true
              + to_port          = 5432
            },
        ]
      + id                     = (known after apply)
      + ingress                = [
          + {
              + cidr_blocks      = []
              + description      = ""
              + from_port        = 5432
              + ipv6_cidr_blocks = []
              + prefix_list_ids  = []
              + protocol         = "tcp"
              + security_groups  = []
              + self             = true
              + to_port          = 5432
            },
        ]
      + name                   = "test-rds_rds_proxy_sg"
      + name_prefix            = (known after apply)
      + owner_id               = (known after apply)
      + revoke_rules_on_delete = false
      + tags                   = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds_rds_proxy_sg"
          + "Terraform"  = "true"
        }
      + tags_all               = {
          + "CostCentre" = "cal"
          + "Name"       = "test-rds_rds_proxy_sg"
          + "Terraform"  = "true"
        }
      + vpc_id                 = (known after apply)
    }

  # module.rds.random_string.random will be created
  + resource "random_string" "random" {
      + id          = (known after apply)
      + length      = 6
      + lower       = true
      + min_lower   = 0
      + min_numeric = 0
      + min_special = 0
      + min_upper   = 0
      + number      = true
      + numeric     = true
      + result      = (known after apply)
      + special     = false
      + upper       = false
    }

  # module.vpc.aws_default_network_acl.default will be created
  + resource "aws_default_network_acl" "default" {
      + arn                    = (known after apply)
      + default_network_acl_id = (known after apply)
      + id                     = (known after apply)
      + owner_id               = (known after apply)
      + tags                   = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc_default_nacl"
          + "Terraform"  = "true"
        }
      + tags_all               = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc_default_nacl"
          + "Terraform"  = "true"
        }
      + vpc_id                 = (known after apply)
    }

  # module.vpc.aws_default_route_table.default will be created
  + resource "aws_default_route_table" "default" {
      + arn                    = (known after apply)
      + default_route_table_id = (known after apply)
      + id                     = (known after apply)
      + owner_id               = (known after apply)
      + route                  = []
      + tags                   = {
          + "CostCentre" = "cal"
          + "Terraform"  = "true"
          + "name"       = "vpc_default_route_table"
        }
      + tags_all               = {
          + "CostCentre" = "cal"
          + "Terraform"  = "true"
          + "name"       = "vpc_default_route_table"
        }
      + vpc_id                 = (known after apply)
    }

  # module.vpc.aws_default_security_group.default will be created
  + resource "aws_default_security_group" "default" {
      + arn                    = (known after apply)
      + description            = (known after apply)
      + egress                 = (known after apply)
      + id                     = (known after apply)
      + ingress                = (known after apply)
      + name                   = (known after apply)
      + name_prefix            = (known after apply)
      + owner_id               = (known after apply)
      + revoke_rules_on_delete = false
      + tags                   = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc_default_sg"
          + "Terraform"  = "true"
        }
      + tags_all               = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc_default_sg"
          + "Terraform"  = "true"
        }
      + vpc_id                 = (known after apply)
    }

  # module.vpc.aws_internet_gateway.gw will be created
  + resource "aws_internet_gateway" "gw" {
      + arn      = (known after apply)
      + id       = (known after apply)
      + owner_id = (known after apply)
      + tags     = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc_internet_gateway"
          + "Terraform"  = "true"
        }
      + tags_all = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc_internet_gateway"
          + "Terraform"  = "true"
        }
      + vpc_id   = (known after apply)
    }

  # module.vpc.aws_nat_gateway.nat_gw[0] will be created
  + resource "aws_nat_gateway" "nat_gw" {
      + connectivity_type    = "private"
      + id                   = (known after apply)
      + network_interface_id = (known after apply)
      + private_ip           = (known after apply)
      + public_ip            = (known after apply)
      + subnet_id            = (known after apply)
      + tags                 = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc-natgw-0"
          + "Terraform"  = "true"
        }
      + tags_all             = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc-natgw-0"
          + "Terraform"  = "true"
        }
    }

  # module.vpc.aws_nat_gateway.nat_gw[1] will be created
  + resource "aws_nat_gateway" "nat_gw" {
      + connectivity_type    = "private"
      + id                   = (known after apply)
      + network_interface_id = (known after apply)
      + private_ip           = (known after apply)
      + public_ip            = (known after apply)
      + subnet_id            = (known after apply)
      + tags                 = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc-natgw-1"
          + "Terraform"  = "true"
        }
      + tags_all             = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc-natgw-1"
          + "Terraform"  = "true"
        }
    }

  # module.vpc.aws_nat_gateway.nat_gw[2] will be created
  + resource "aws_nat_gateway" "nat_gw" {
      + connectivity_type    = "private"
      + id                   = (known after apply)
      + network_interface_id = (known after apply)
      + private_ip           = (known after apply)
      + public_ip            = (known after apply)
      + subnet_id            = (known after apply)
      + tags                 = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc-natgw-2"
          + "Terraform"  = "true"
        }
      + tags_all             = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc-natgw-2"
          + "Terraform"  = "true"
        }
    }

  # module.vpc.aws_network_acl.main will be created
  + resource "aws_network_acl" "main" {
      + arn        = (known after apply)
      + egress     = (known after apply)
      + id         = (known after apply)
      + ingress    = (known after apply)
      + owner_id   = (known after apply)
      + subnet_ids = (known after apply)
      + tags       = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc_main_nacl"
          + "Terraform"  = "true"
        }
      + tags_all   = {
          + "CostCentre" = "cal"
          + "Name"       = "vpc_main_nacl"
          + "Terraform"  = "true"
        }
      + vpc_id     = (known after apply)
    }

  # module.vpc.aws_network_acl_rule.block_rdp[0] will be created
  + resource "aws_network_acl_rule" "block_rdp" {
      + cidr_block     = "10.0.0.0/16"
      + egress         = false
      + from_port      = 3389
      + id             = (known after apply)
      + network_acl_id = (known after apply)
      + protocol       = "tcp"
      + rule_action    = "deny"
      + rule_number    = 51
      + to_port        = 3389
    }

  # module.vpc.aws_network_acl_rule.block_ssh[0] will be created
  +...

Show Conftest results

18 tests, 18 passed, 0 warnings, 0 failures, 0 exceptions

renovate bot added Dependencies Renovate labels Feb 18, 2023

patheard previously approved these changes Feb 21, 2023

View reviewed changes

renovate bot dismissed patheard’s stale review via 459fcac February 21, 2023 16:36

renovate bot force-pushed the renovate/prettier-packages branch 2 times, most recently from 459fcac to 6bfd28f Compare February 21, 2023 16:36

chore(deps): update dependency prettier to v2.8.4

1f51e17

renovate bot force-pushed the renovate/prettier-packages branch from 6bfd28f to 1f51e17 Compare February 21, 2023 16:39

patheard approved these changes Feb 21, 2023

View reviewed changes

patheard merged commit f6d18df into main Feb 21, 2023

patheard deleted the renovate/prettier-packages branch February 21, 2023 16:42

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): update dependency prettier to v2.8.4 #163

chore(deps): update dependency prettier to v2.8.4 #163

renovate bot commented Feb 18, 2023

github-actions bot commented Feb 21, 2023

github-actions bot commented Feb 21, 2023

github-actions bot commented Feb 21, 2023

github-actions bot commented Feb 21, 2023

github-actions bot commented Feb 21, 2023

github-actions bot commented Feb 21, 2023

chore(deps): update dependency prettier to v2.8.4 #163

chore(deps): update dependency prettier to v2.8.4 #163

Conversation

renovate bot commented Feb 18, 2023

Review

Release Notes

v2.8.4

Fix leading comments in mapped types with readonly (#​13427 by @​thorn0, @​sosukesuzuki)

Group params in opening block statements (#​14067 by @​jamescdavis)

Ignore files in .sl/ (#​14206 by @​bolinfest)

Recognize @satisfies in Closure-style type casts (#​14262 by @​fisker)

Fix parens in inferred function return types with extends (#​14279 by @​fisker)

Configuration

github-actions bot commented Feb 21, 2023

Test skip-plan

github-actions bot commented Feb 21, 2023

Test invalid

github-actions bot commented Feb 21, 2023

Test changes

github-actions bot commented Feb 21, 2023

Test format-error

github-actions bot commented Feb 21, 2023

Test conftest-deny

github-actions bot commented Feb 21, 2023

Test truncate-plan

`v2.8.4`

Fix leading comments in mapped types with `readonly` (#13427 by @thorn0, @sosukesuzuki)

Group params in opening block statements (#14067 by @jamescdavis)

Ignore files in `.sl/` (#14206 by @bolinfest)

Recognize `@satisfies` in Closure-style type casts (#14262 by @fisker)

Fix parens in inferred function return types with `extends` (#14279 by @fisker)