Merge pull request #2 from SCT-Engineering/mcmCluster

lints and updates
SCT-Engineering · Aug 22, 2024 · 0c0a0b1 · 0c0a0b1
2 parents 333ab13 + 60208fc
commit 0c0a0b1
Show file tree

Hide file tree

Showing 15 changed files with 358 additions and 32 deletions.
diff --git a/.cz.yaml b/.cz.yaml
@@ -0,0 +1,8 @@
+---
+commitizen:
+  major_version_zero: true
+  name: cz_gitmoji
+  tag_format: $version
+  update_changelog_on_bump: true
+  version_provider: scm
+  version_scheme: semver2
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -0,0 +1,11 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+
+version: 2
+updates:
+  - package-ecosystem: "terraform" # See documentation for possible values
+    directory: "/" # Location of package manifests
+    schedule:
+      interval: "daily"
diff --git a/.gitignore b/.gitignore
@@ -1,5 +1,6 @@
 # Local .terraform directories
 **/.terraform/*
+**/.terragrunt-cache/*
 
 # terraform lock file.
 **/.terraform.lock.hcl
@@ -35,6 +36,3 @@ override.tf.json
 # Ignore CLI configuration files
 .terraformrc
 terraform.rc
-
-# It's a module, shouldn't have a providers.tf
-provider*.tf
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -0,0 +1,111 @@
+repos:
+- repo: https://github.com/pre-commit/pre-commit-hooks
+  rev: v4.6.0
+  hooks:
+    # Git style
+    - id: check-added-large-files
+    - id: check-merge-conflict
+    - id: check-vcs-permalinks
+    - id: forbid-new-submodules
+    - id: no-commit-to-branch
+    - id: check-byte-order-marker
+    - id: check-case-conflict
+    - id: check-json
+    - id: check-merge-conflict
+    - id: check-symlinks
+    - id: check-vcs-permalinks
+    - id: check-toml
+    - id: check-xml
+    - id: detect-private-key
+    - id: requirements-txt-fixer
+    - id: sort-simple-yaml
+
+    # Common errors
+    - id: end-of-file-fixer
+    - id: trailing-whitespace
+      args: [--markdown-linebreak-ext=md]
+      exclude: CHANGELOG.md
+    - id: check-yaml
+    - id: check-merge-conflict
+    - id: check-executables-have-shebangs
+
+    # Cross platform
+    - id: check-case-conflict
+    - id: mixed-line-ending
+      args: [--fix=lf]
+
+    # Security
+    - id: detect-aws-credentials
+      args: ['--allow-missing-credentials']
+    - id: detect-private-key
+
+# JSON5 Linter
+- repo: https://github.com/pre-commit/mirrors-prettier
+  rev: v4.0.0-alpha.8
+  hooks:
+  - id: prettier
+    # https://prettier.io/docs/en/options.html#parser
+    files: '.json5$'
+
+# Terraform Hooks
+- repo: https://github.com/antonbabenko/pre-commit-terraform
+  rev: v1.92.2 # Get the latest from: https://github.com/antonbabenko/pre-commit-terraform/releases
+  hooks:
+    - id: terraform_fmt
+      args:
+        - --hook-config=--parallelism-ci-cpu-cores=2
+    - id: terraform_docs
+      args:
+        - --hook-config=--parallelism-ci-cpu-cores=2
+    - id: terraform_tflint
+      name: Terraform validate with tflint
+      description: Validates all Terraform configuration files with TFLint.
+      require_serial: true
+      entry: hooks/terraform_tflint.sh
+      language: script
+      files: (\.tf|\.tfvars)$
+      exclude: \.(terraform/.*|terragrunt-cache)$
+      args:
+        - --hook-config=--parallelism-ci-cpu-cores=2
+    - id: terragrunt_fmt
+      name: Terragrunt fmt
+      description: Rewrites all Terragrunt configuration files to a canonical format.
+      entry: hooks/terragrunt_fmt.sh
+      language: script
+      files: (\.hcl)$
+      exclude: \.(terraform/.*|terragrunt-cache)$
+      args:
+        - --hook-config=--parallelism-ci-cpu-cores=2
+    # Will require dependency mocks
+    # - id: terragrunt_validate
+    #   name: Terragrunt validate
+    #   description: Validates all Terragrunt configuration files.
+    #   entry: hooks/terragrunt_validate.sh
+    #   language: script
+    #   files: (\.hcl)$
+    #   exclude: \.(terraform/.*|terragrunt-cache)$
+    #   args:
+    #     - --hook-config=--parallelism-ci-cpu-cores=2
+    # - id: terragrunt_validate_inputs
+    #   name: Terragrunt validate inputs
+    #   description: Validates Terragrunt unused and undefined inputs.
+    #   entry: hooks/terragrunt_validate_inputs.sh
+    #   language: script
+    #   files: (\.hcl)$
+    #   exclude: \.(terraform/.*|terragrunt-cache)$
+    #   args:
+    #     - --hook-config=--parallelism-ci-cpu-cores=2
+    # - id: terragrunt_providers_lock
+    #   name: Terragrunt providers lock
+    #   description: Updates provider signatures in dependency lock files using terragrunt.
+    #   entry: hooks/terragrunt_providers_lock.sh
+    #   language: script
+    #   files: (terragrunt|\.terraform\.lock)\.hcl$
+    #   exclude: \.(terraform/.*|terragrunt-cache)$
+    #   args:
+    #     - --hook-config=--parallelism-ci-cpu-cores=2
+
+- repo: https://github.com/ljnsn/cz-conventional-gitmoji
+  rev: v0.3.3
+  hooks:
+    - id: conventional-gitmoji
diff --git a/.releaserc.json b/.releaserc.json
@@ -0,0 +1,36 @@
+{
+  "branches": [
+    "main",
+    "master"
+  ],
+  "ci": false,
+  "plugins": [
+    "@semantic-release/commit-analyzer",
+    "@semantic-release/release-notes-generator",
+    [
+      "@semantic-release/github",
+      {
+        "successComment":
+        "This ${issue.pull_request ? 'PR is included' : 'issue has been resolved'} in version ${nextRelease.version} :tada:",
+        "labels": false,
+        "releasedLabels": false
+      }
+    ],
+    [
+      "@semantic-release/changelog",
+      {
+        "changelogFile": "CHANGELOG.md",
+        "changelogTitle": "# Changelog\n\nAll notable changes to this project will be documented in this file."
+      }
+    ],
+    [
+      "@semantic-release/git",
+      {
+        "assets": [
+          "CHANGELOG.md"
+        ],
+        "message": "chore(release): version ${nextRelease.version} [skip ci]\n\n${nextRelease.notes}"
+      }
+    ]
+  ]
+}
diff --git a/.terraform-docs.yml b/.terraform-docs.yml
@@ -0,0 +1,44 @@
+formatter: markdown table
+
+header-from: main.tf
+footer-from: ""
+
+sections:
+##  hide: []
+  show:
+    - data-sources
+    - header
+    - footer
+    - inputs
+    - modules
+    - outputs
+    - providers
+    - requirements
+    - resources
+
+output:
+  file: README.md
+  mode: inject
+  template: |-
+    <!-- BEGIN_TF_DOCS -->
+    {{ .Content }}
+    <!-- END_TF_DOCS -->
+
+output-values:
+  enabled: false
+  from: ""
+
+sort:
+  enabled: true
+  by: name
+
+settings:
+  anchor: true
+  color: true
+  default: true
+  description: true
+  escape: true
+  indent: 2
+  required: true
+  sensitive: true
+  type: true
diff --git a/.tflint.hcl b/.tflint.hcl
@@ -0,0 +1,21 @@
+config {
+  module              = true
+  force               = false
+  disabled_by_default = false
+}
+
+rule "aws_instance_invalid_type" {
+  enabled = true
+}
+
+plugin "aws" {
+  enabled = true
+  version = "0.32.0"
+  source  = "github.com/terraform-linters/tflint-ruleset-aws"
+}
+
+plugin "terraform" {
+  enabled = true
+  version = "0.9.0"
+  source  = "github.com/terraform-linters/tflint-ruleset-terraform"
+}
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -0,0 +1,15 @@
+## Unreleased
+
+### 🎨🏗️ Style & Architecture
+
+- **repo**: install repo features pre-commit and commitizen
+
+# CHANGELOG
+* 0.0.2 -- 2024-07-30
+  - update images module
+  - formatting
+  - fix for tags
+* 0.0.1 -- 2024-07-22
+  - updated version.tf to 0.0.1
+  - included module.images in depends on helm charts
+  - created changelog
diff --git a/README.md b/README.md
@@ -6,3 +6,75 @@ to loki.
 * Requires additional Node HD space - 40GB is not enough.
 
 # tfmod-loki
+
+
+
+
+
+<!-- BEGIN_TF_DOCS -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.13 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.14.0 |
+| <a name="requirement_helm"></a> [helm](#requirement\_helm) | >= 2.11.0 |
+| <a name="requirement_kubernetes"></a> [kubernetes](#requirement\_kubernetes) | >= 2.23.0 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_aws"></a> [aws](#provider\_aws) | 5.61.0 |
+| <a name="provider_helm"></a> [helm](#provider\_helm) | 2.14.0 |
+| <a name="provider_kubernetes"></a> [kubernetes](#provider\_kubernetes) | 2.31.0 |
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| <a name="module_images"></a> [images](#module\_images) | git@github.e.it.census.gov:terraform-modules/aws-ecr-copy-images.git/ | tf-upgrade |
+| <a name="module_loki_irsa_role"></a> [loki\_irsa\_role](#module\_loki\_irsa\_role) | git@github.it.census.gov:SOA/tfmod-custom-iam-role-for-service-account-eks.git/ | n/a |
+| <a name="module_loki_s3"></a> [loki\_s3](#module\_loki\_s3) | git@github.e.it.census.gov:terraform-modules/aws-s3.git//standard | tf-upgrade |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [helm_release.loki](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource |
+| [kubernetes_namespace.ns](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/namespace) | resource |
+| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
+| [aws_s3_bucket.s3_server_access_logs](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/s3_bucket) | data source |
+| [kubernetes_namespace.existing_ns](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/data-sources/namespace) | data source |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_canary_tag"></a> [canary\_tag](#input\_canary\_tag) | The tag of the grafana/loki-canary image to use. | `string` | `"3.0.0"` | no |
+| <a name="input_cluster_name"></a> [cluster\_name](#input\_cluster\_name) | EKS cluster name name component used through out the EKS cluster describing its purpose (ex: dice-dev) | `string` | n/a | yes |
+| <a name="input_create_namespace"></a> [create\_namespace](#input\_create\_namespace) | Indicates whether the `namespace` needs to be created ('true') or already exists (not `true`) | `string` | `"true"` | no |
+| <a name="input_enterprise_logs_provisioner_tag"></a> [enterprise\_logs\_provisioner\_tag](#input\_enterprise\_logs\_provisioner\_tag) | The version of the grafana/enterprise-logs-provisioner image to use. | `string` | `"v1.7.0"` | no |
+| <a name="input_exporter_tag"></a> [exporter\_tag](#input\_exporter\_tag) | The version of prom/memcached-exporter to use for the gateway. | `string` | `"v0.14.2"` | no |
+| <a name="input_gateway_tag"></a> [gateway\_tag](#input\_gateway\_tag) | The version of nginxinc/nginx-unprivileged to use for the gateway. | `string` | `"1.25.2-alpine"` | no |
+| <a name="input_loki_chart_version"></a> [loki\_chart\_version](#input\_loki\_chart\_version) | Which version of the grafana/loki helm chart to use. | `string` | `"6.6.5"` | no |
+| <a name="input_loki_tag"></a> [loki\_tag](#input\_loki\_tag) | The tag of the loki image to use. | `string` | `"3.0.0"` | no |
+| <a name="input_memcached_tag"></a> [memcached\_tag](#input\_memcached\_tag) | The version of memcached to use for the gateway. | `string` | `"1.6.23-alpine"` | no |
+| <a name="input_namespace"></a> [namespace](#input\_namespace) | The namespace into which grafana will be deployed | `string` | `"loki"` | no |
+| <a name="input_oidc_provider_arn"></a> [oidc\_provider\_arn](#input\_oidc\_provider\_arn) | The ARN in the EKS cluster for the OpenID Connect identity provider. | `string` | n/a | yes |
+| <a name="input_profile"></a> [profile](#input\_profile) | AWS config profile used to upload images into ECR | `string` | `""` | no |
+| <a name="input_region"></a> [region](#input\_region) | The region holding these resources (for the s3 bucket.) | `string` | n/a | yes |
+| <a name="input_rwo_storage_class"></a> [rwo\_storage\_class](#input\_rwo\_storage\_class) | Specify the storage class for read/write/once persistent volumes. | `string` | `"gp3-encrypted"` | no |
+| <a name="input_sidecar_tag"></a> [sidecar\_tag](#input\_sidecar\_tag) | The version of kiwigrid/k8s-sidecar to use for the gateway. | `string` | `"1.24.3"` | no |
+| <a name="input_tag_costallocation"></a> [tag\_costallocation](#input\_tag\_costallocation) | Tag CostAllocation (default) | `string` | `"csvd:infrastructure"` | no |
+| <a name="input_tags"></a> [tags](#input\_tags) | Additional tags to add to resources created in AWS (s3 bucket, ...) | `map(string)` | `{}` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_gateway_internal_endpoint"></a> [gateway\_internal\_endpoint](#output\_gateway\_internal\_endpoint) | The endpoint which can be used inside of the cluster to access loki-gateway. |
+| <a name="output_module_name"></a> [module\_name](#output\_module\_name) | The name of this module. |
+| <a name="output_module_version"></a> [module\_version](#output\_module\_version) | The version of this module. |
+| <a name="output_rwo_storage_class"></a> [rwo\_storage\_class](#output\_rwo\_storage\_class) | Specify the storage class for read/write/once persistent volumes. |
+<!-- END_TF_DOCS -->