From ec2b0da82a2a6610bfac6b693c43b12a5ac9c9ae Mon Sep 17 00:00:00 2001 From: Dave Arnold Date: Tue, 29 Apr 2025 10:10:21 -0700 Subject: [PATCH] Update README.md with repository structure and configuration details; enhance main.tf and variables.tf comments; add .terraform.lock.hcl and terraform.tfstate files for state management --- .terraform.lock.hcl | 24 ++++++ .tflog | 74 +++++++++++++++++++ README.md | 49 +++++++++++- main.tf | 5 ++ .../hashicorp/aws/5.96.0/darwin_amd64 | 1 + terraform_data_dirs/default/terraform.tfstate | 19 +++++ variables.tf | 38 ++-------- 7 files changed, 179 insertions(+), 31 deletions(-) create mode 100644 .terraform.lock.hcl create mode 120000 terraform_data_dirs/default/providers/registry.terraform.io/hashicorp/aws/5.96.0/darwin_amd64 create mode 100644 terraform_data_dirs/default/terraform.tfstate diff --git a/.terraform.lock.hcl b/.terraform.lock.hcl new file mode 100644 index 0000000..9111efd --- /dev/null +++ b/.terraform.lock.hcl @@ -0,0 +1,24 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/hashicorp/aws" { + version = "5.96.0" + hashes = [ + "h1:pZojaCQ2mzdq9Jh8cuQg6al7rhxdf8NQTOK7mUrywwg=", + "zh:3f7e734abb9d647c851f5cb987837d7c073c9cbf1f520a031027d827f93d3b68", + "zh:5ca9400360a803a11cf432ca203be9f09da8fff9c96110a83c9029102b18c9d5", + "zh:5d421f475d467af182a527b7a61d50105dc63394316edf1c775ef736f84b941c", + "zh:68f2328e7f3e7666835d6815b39b46b08954a91204f82a6f648c928a0b09a744", + "zh:6a4170e7e2764df2968d1df65efebda55273dfc36dc6741207afb5e4b7e85448", + "zh:73f2a15bee21f7c92a071e2520216d0a40041aca52c0f6682e540da8ffcfada4", + "zh:9843d6973aedfd4cbaafd7110420d0c4c1d7ef4a2eeff508294c3adcc3613145", + "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", + "zh:9d1abd6be717c42f2a6257ee227d3e9548c31f01c976ed7b32b2745a63659a67", + "zh:a70d642e323021d54a92f0daa81d096cb5067cb99ce116047a42eb1cb1d579a0", + "zh:b9a2b293208d5a0449275fae463319e0998c841e0bcd4014594a49ba54bb70d6", + "zh:ce0b0eb7ac24ff58c20efcb526c3f792a95be3617c795b45bbeea9f302903ae7", + "zh:dbbf98b3cd8003833c472bdb89321c17a9bbdc1b785e7e3d75f8af924ee5a0e4", + "zh:df86cf9311a4be8bb4a251196650653f97e01fbf5fe72deecc8f28a35a5352ae", + "zh:f92992881afd9339f3e539fcd90cfc1e9ed1356b5e760bbcc804314c3cd6837f", + ] +} diff --git a/.tflog b/.tflog index ded52c5..b0ec1ef 100644 --- a/.tflog +++ b/.tflog @@ -89,3 +89,77 @@ 2025-04-17T01:21:26.795-0700 [TRACE] statemgr.Filesystem: read nil snapshot 2025-04-17T01:21:26.795-0700 [TRACE] backend/local: populating backendrun.LocalRun for current working directory 2025-04-17T01:21:26.807-0700 [TRACE] Config.VerifyDependencySelections: provider registry.terraform.io/hashicorp/aws has no lock file entry to satisfy "" +2025-04-29T09:32:02.115-0700 [INFO] Terraform version: 1.10.5 +2025-04-29T09:32:02.116-0700 [DEBUG] using github.com/hashicorp/go-tfe v1.70.0 +2025-04-29T09:32:02.116-0700 [DEBUG] using github.com/hashicorp/hcl/v2 v2.23.0 +2025-04-29T09:32:02.116-0700 [DEBUG] using github.com/hashicorp/terraform-svchost v0.1.1 +2025-04-29T09:32:02.116-0700 [DEBUG] using github.com/zclconf/go-cty v1.16.2 +2025-04-29T09:32:02.116-0700 [INFO] Go runtime version: go1.23.3 +2025-04-29T09:32:02.116-0700 [INFO] CLI args: []string{"/usr/local/Cellar/tfenv/1.0.2/versions/1.10.5/terraform", "providers", "schema", "-json", "-no-color"} +2025-04-29T09:32:02.116-0700 [TRACE] Stdout is not a terminal +2025-04-29T09:32:02.116-0700 [TRACE] Stderr is not a terminal +2025-04-29T09:32:02.116-0700 [TRACE] Stdin is not a terminal +2025-04-29T09:32:02.116-0700 [DEBUG] Attempting to open CLI config file: /Users/darnold/.terraformrc +2025-04-29T09:32:02.116-0700 [INFO] Loading CLI configuration from /Users/darnold/.terraformrc +2025-04-29T09:32:02.116-0700 [INFO] Loading CLI configuration from /Users/darnold/.terraform.d/credentials.tfrc.json +2025-04-29T09:32:02.116-0700 [DEBUG] checking for credentials in "/Users/darnold/.terraform.d/plugins" +2025-04-29T09:32:02.116-0700 [DEBUG] checking for credentials in "/Users/darnold/.terraform.d/plugins/darwin_amd64" +2025-04-29T09:32:02.116-0700 [DEBUG] Using modified User-Agent: HashiCorp Terraform/1.10.5 (+https://www.terraform.io) HashiCorp-terraform-exec/0.21.0 +2025-04-29T09:32:02.116-0700 [DEBUG] ignoring non-existing provider search directory terraform.d/plugins +2025-04-29T09:32:02.116-0700 [DEBUG] will search for provider plugins in /Users/darnold/.terraform.d/plugins +2025-04-29T09:32:02.117-0700 [WARN] local provider path "/Users/darnold/.terraform.d/plugins/HappyPathway/openai/0.1.0" contains invalid type "0.1.0"; ignoring +2025-04-29T09:32:02.117-0700 [WARN] local provider path "/Users/darnold/.terraform.d/plugins/HappyPathway/openai/0.1.0/darwin_amd64" contains invalid type "0.1.0"; ignoring +2025-04-29T09:32:02.117-0700 [WARN] local provider path "/Users/darnold/.terraform.d/plugins/HappyPathway/openai/0.1.0/darwin_amd64/terraform-provider-openai" contains invalid type "0.1.0"; ignoring +2025-04-29T09:32:02.117-0700 [WARN] local provider path "/Users/darnold/.terraform.d/plugins/darnold/gigrack/0.1.0" contains invalid type "0.1.0"; ignoring +2025-04-29T09:32:02.117-0700 [WARN] local provider path "/Users/darnold/.terraform.d/plugins/darnold/gigrack/0.1.0/darwin_amd64" contains invalid type "0.1.0"; ignoring +2025-04-29T09:32:02.117-0700 [WARN] local provider path "/Users/darnold/.terraform.d/plugins/darnold/gigrack/0.1.0/darwin_amd64/terraform-provider-gigrack" contains invalid type "0.1.0"; ignoring +2025-04-29T09:32:02.117-0700 [WARN] Provider plugin search ignored symlink /Users/darnold/.terraform.d/plugins/darwin_amd64/terraform-provider-configstash: only the base directory /Users/darnold/.terraform.d/plugins may be a symlink +2025-04-29T09:32:02.117-0700 [TRACE] getproviders.SearchLocalDirectory: found hashicorp.com/edu/hashicups v0.3.1 for darwin_amd64 at /Users/darnold/.terraform.d/plugins/hashicorp.com/edu/hashicups/0.3.1/darwin_amd64 +2025-04-29T09:32:02.117-0700 [TRACE] getproviders.SearchLocalDirectory: found registry.terraform.io/darnold/gigrack v0.1.0 for darwin_amd64 at /Users/darnold/.terraform.d/plugins/registry.terraform.io/darnold/gigrack/0.1.0/darwin_amd64 +2025-04-29T09:32:02.118-0700 [WARN] ignoring local provider path "/Users/darnold/.terraform.d/plugins/registry.terraform.io/darnold/openai/3b6fef8/darwin_amd64" with invalid version "3b6fef8": invalid characters "b6fef8" +2025-04-29T09:32:02.118-0700 [WARN] ignoring local provider path "/Users/darnold/.terraform.d/plugins/registry.terraform.io/darnold/openai/70f25a4/darwin_amd64" with invalid version "70f25a4": invalid characters "f25a4" +2025-04-29T09:32:02.118-0700 [TRACE] getproviders.SearchLocalDirectory: found registry.terraform.io/happypathway/openai v5.0.0 for darwin_amd64 at /Users/darnold/.terraform.d/plugins/registry.terraform.io/happypathway/openai/5.0.0/darwin_amd64 +2025-04-29T09:32:02.118-0700 [DEBUG] ignoring non-existing provider search directory /Users/darnold/Library/Application Support/io.terraform/plugins +2025-04-29T09:32:02.118-0700 [DEBUG] ignoring non-existing provider search directory /Library/Application Support/io.terraform/plugins +2025-04-29T09:32:02.120-0700 [INFO] Checkpoint disabled. Not running. +2025-04-29T09:32:02.122-0700 [INFO] CLI command args: []string{"providers", "schema", "-json", "-no-color"} +2025-04-29T09:32:02.122-0700 [DEBUG] Using modified User-Agent: Terraform/1.10.5 HashiCorp-terraform-exec/0.21.0 +2025-04-29T09:32:02.122-0700 [DEBUG] Using modified User-Agent: HashiCorp Terraform/1.10.5 (+https://www.terraform.io) HashiCorp-terraform-exec/0.21.0 +2025-04-29T09:32:02.123-0700 [TRACE] Meta.Backend: BackendOpts.Config not set, so using settings loaded from backend.tf:2,3-16 +2025-04-29T09:32:02.123-0700 [TRACE] Meta.Backend: built configuration for "gcs" backend with hash value 3602047810 +2025-04-29T09:32:02.123-0700 [TRACE] Meta.Backend: backend has not previously been initialized in this working directory +2025-04-29T09:32:02.123-0700 [TRACE] Meta.Backend: moving from default local state only to "gcs" backend +2025-04-29T09:36:48.710-0700 [INFO] Terraform version: 1.10.5 +2025-04-29T09:36:48.711-0700 [DEBUG] using github.com/hashicorp/go-tfe v1.70.0 +2025-04-29T09:36:48.711-0700 [DEBUG] using github.com/hashicorp/hcl/v2 v2.23.0 +2025-04-29T09:36:48.711-0700 [DEBUG] using github.com/hashicorp/terraform-svchost v0.1.1 +2025-04-29T09:36:48.711-0700 [DEBUG] using github.com/zclconf/go-cty v1.16.2 +2025-04-29T09:36:48.711-0700 [INFO] Go runtime version: go1.23.3 +2025-04-29T09:36:48.711-0700 [INFO] CLI args: []string{"/usr/local/Cellar/tfenv/1.0.2/versions/1.10.5/terraform", "version", "-json"} +2025-04-29T09:36:48.711-0700 [TRACE] Stdout is not a terminal +2025-04-29T09:36:48.711-0700 [TRACE] Stderr is not a terminal +2025-04-29T09:36:48.711-0700 [TRACE] Stdin is not a terminal +2025-04-29T09:36:48.711-0700 [DEBUG] Attempting to open CLI config file: /Users/darnold/.terraformrc +2025-04-29T09:36:48.711-0700 [INFO] Loading CLI configuration from /Users/darnold/.terraformrc +2025-04-29T09:36:48.711-0700 [INFO] Loading CLI configuration from /Users/darnold/.terraform.d/credentials.tfrc.json +2025-04-29T09:36:48.711-0700 [DEBUG] checking for credentials in "/Users/darnold/.terraform.d/plugins" +2025-04-29T09:36:48.711-0700 [DEBUG] checking for credentials in "/Users/darnold/.terraform.d/plugins/darwin_amd64" +2025-04-29T09:36:48.711-0700 [DEBUG] Using modified User-Agent: HashiCorp Terraform/1.10.5 (+https://www.terraform.io) HashiCorp-terraform-exec/0.21.0 +2025-04-29T09:36:48.711-0700 [DEBUG] ignoring non-existing provider search directory terraform.d/plugins +2025-04-29T09:36:48.711-0700 [DEBUG] will search for provider plugins in /Users/darnold/.terraform.d/plugins +2025-04-29T09:36:48.711-0700 [WARN] local provider path "/Users/darnold/.terraform.d/plugins/HappyPathway/openai/0.1.0" contains invalid type "0.1.0"; ignoring +2025-04-29T09:36:48.711-0700 [WARN] local provider path "/Users/darnold/.terraform.d/plugins/HappyPathway/openai/0.1.0/darwin_amd64" contains invalid type "0.1.0"; ignoring +2025-04-29T09:36:48.711-0700 [WARN] local provider path "/Users/darnold/.terraform.d/plugins/HappyPathway/openai/0.1.0/darwin_amd64/terraform-provider-openai" contains invalid type "0.1.0"; ignoring +2025-04-29T09:36:48.711-0700 [WARN] local provider path "/Users/darnold/.terraform.d/plugins/darnold/gigrack/0.1.0" contains invalid type "0.1.0"; ignoring +2025-04-29T09:36:48.711-0700 [WARN] local provider path "/Users/darnold/.terraform.d/plugins/darnold/gigrack/0.1.0/darwin_amd64" contains invalid type "0.1.0"; ignoring +2025-04-29T09:36:48.711-0700 [WARN] local provider path "/Users/darnold/.terraform.d/plugins/darnold/gigrack/0.1.0/darwin_amd64/terraform-provider-gigrack" contains invalid type "0.1.0"; ignoring +2025-04-29T09:36:48.711-0700 [WARN] Provider plugin search ignored symlink /Users/darnold/.terraform.d/plugins/darwin_amd64/terraform-provider-configstash: only the base directory /Users/darnold/.terraform.d/plugins may be a symlink +2025-04-29T09:36:48.712-0700 [TRACE] getproviders.SearchLocalDirectory: found hashicorp.com/edu/hashicups v0.3.1 for darwin_amd64 at /Users/darnold/.terraform.d/plugins/hashicorp.com/edu/hashicups/0.3.1/darwin_amd64 +2025-04-29T09:36:48.712-0700 [TRACE] getproviders.SearchLocalDirectory: found registry.terraform.io/darnold/gigrack v0.1.0 for darwin_amd64 at /Users/darnold/.terraform.d/plugins/registry.terraform.io/darnold/gigrack/0.1.0/darwin_amd64 +2025-04-29T09:36:48.712-0700 [WARN] ignoring local provider path "/Users/darnold/.terraform.d/plugins/registry.terraform.io/darnold/openai/3b6fef8/darwin_amd64" with invalid version "3b6fef8": invalid characters "b6fef8" +2025-04-29T09:36:48.712-0700 [WARN] ignoring local provider path "/Users/darnold/.terraform.d/plugins/registry.terraform.io/darnold/openai/70f25a4/darwin_amd64" with invalid version "70f25a4": invalid characters "f25a4" +2025-04-29T09:36:48.712-0700 [TRACE] getproviders.SearchLocalDirectory: found registry.terraform.io/happypathway/openai v5.0.0 for darwin_amd64 at /Users/darnold/.terraform.d/plugins/registry.terraform.io/happypathway/openai/5.0.0/darwin_amd64 +2025-04-29T09:36:48.712-0700 [DEBUG] ignoring non-existing provider search directory /Users/darnold/Library/Application Support/io.terraform/plugins +2025-04-29T09:36:48.712-0700 [DEBUG] ignoring non-existing provider search directory /Library/Application Support/io.terraform/plugins +2025-04-29T09:36:48.715-0700 [INFO] Checkpoint disabled. Not running. +2025-04-29T09:36:48.716-0700 [INFO] CLI command args: []string{"version", "-json"} diff --git a/README.md b/README.md index 77d33a5..4f5b5df 100644 --- a/README.md +++ b/README.md @@ -9,11 +9,26 @@ with custom configurations from your template. ## Architecture -- AWS Lambda container image built with Packer and stored in ECR +- AWS Lambda container image built with Packer and stored in ECR - Infrastructure managed with Terraform - Automated CI/CD using GitHub Actions - Secret management using AWS Systems Manager Parameter Store +## Repository Structure + +This project is split into two repositories: + +1. **template-automation-lambda** (this repository) + - Contains the Lambda function source code + - Builds the container image with Packer + - Publishes the image to ECR + +2. **terraform-aws-template-automation** + - Terraform module that deploys the Lambda infrastructure + - Creates and configures all required AWS resources + - Manages GitHub-specific configuration via SSM parameters + - Handles permissions, API Gateway, and other infrastructure + ## Prerequisites - AWS credentials with appropriate permissions @@ -23,6 +38,38 @@ with custom configurations from your template. - Packer - Python 3.11+ +## Configuration + +### Lambda Configuration + +The Lambda function gets its configuration from SSM Parameter Store with the following parameters: + +- `/template-automation/GITHUB_API` - GitHub API URL +- `/template-automation/GITHUB_ORG_NAME` - GitHub organization name +- `/template-automation/TEMPLATE_REPO_NAME` - Name of the template repository +- `/template-automation/TEMPLATE_CONFIG_FILE` - Name of the config file (default: config.json) +- `/template-automation/GITHUB_COMMIT_AUTHOR_NAME` - Name for commit author +- `/template-automation/GITHUB_COMMIT_AUTHOR_EMAIL` - Email for commit author +- `/template-automation/TEMPLATE_TOPICS` - Comma-separated list of repository topics + +### Terraform Module Configuration + +These parameters are managed by the `terraform-aws-template-automation` module. When deploying +the Lambda function using the Terraform module, configure these variables in the module: + +```hcl +module "template_automation" { + source = "github.com/HappyPathway/terraform-aws-template-automation" + + # GitHub configuration + github_api_url = "https://api.github.com" + github_org_name = "your-org" + template_repo_name = "your-template-repo" + + # Other module configuration... +} +``` + ## Local Development 1. Clone this repository: diff --git a/main.tf b/main.tf index 4c63845..3512139 100644 --- a/main.tf +++ b/main.tf @@ -1,3 +1,8 @@ +# +# This Terraform configuration creates only the ECR repository for the container image. +# The Lambda function, API Gateway, IAM roles, and other infrastructure are managed by +# the terraform-aws-template-automation module. + provider "aws" { region = var.aws_region } diff --git a/terraform_data_dirs/default/providers/registry.terraform.io/hashicorp/aws/5.96.0/darwin_amd64 b/terraform_data_dirs/default/providers/registry.terraform.io/hashicorp/aws/5.96.0/darwin_amd64 new file mode 120000 index 0000000..96c0101 --- /dev/null +++ b/terraform_data_dirs/default/providers/registry.terraform.io/hashicorp/aws/5.96.0/darwin_amd64 @@ -0,0 +1 @@ +/Users/darnold/.terraform.d/plugin-cache/registry.terraform.io/hashicorp/aws/5.96.0/darwin_amd64 \ No newline at end of file diff --git a/terraform_data_dirs/default/terraform.tfstate b/terraform_data_dirs/default/terraform.tfstate new file mode 100644 index 0000000..2b8e779 --- /dev/null +++ b/terraform_data_dirs/default/terraform.tfstate @@ -0,0 +1,19 @@ +{ + "version": 3, + "terraform_version": "1.10.5", + "backend": { + "type": "gcs", + "config": { + "access_token": null, + "bucket": "hpw-terraform-state", + "credentials": null, + "encryption_key": null, + "impersonate_service_account": null, + "impersonate_service_account_delegates": null, + "kms_encryption_key": null, + "prefix": "eks-automation-lambda", + "storage_custom_endpoint": null + }, + "hash": 3602047810 + } +} \ No newline at end of file diff --git a/variables.tf b/variables.tf index 28acc55..18e9e79 100644 --- a/variables.tf +++ b/variables.tf @@ -1,3 +1,11 @@ + +# Note: GitHub-specific variables (github_api, github_org_name, template_repo_name, etc.) +# have been moved to the terraform-aws-template-automation module. +# They are now configured as SSM parameters in that module. +# +# This file contains only variables related to the container image and +# ECR repository setup. + variable "aws_region" { description = "AWS region where resources will be created" type = string @@ -16,36 +24,6 @@ variable "environment" { default = "production" } -variable "github_api" { - description = "URL for the GitHub Enterprise API" - type = string - default = "https://github.enterprise.example.com/api/v3" -} - -variable "github_org_name" { - description = "GitHub organization name" - type = string - default = "your-org" -} - -variable "github_token_secret_name" { - description = "AWS SSM parameter name for the GitHub token" - type = string - default = "/github/token" -} - -variable "template_repo_name" { - description = "GitHub repository name for the EKS template" - type = string - default = "template-eks-cluster" -} - -variable "template_file_name" { - description = "Template file name for the EKS configuration" - type = string - default = "eks.hcl.j2" -} - variable "catalog_data" { description = "Configuration for the ECR repository catalog data" type = object({