diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS new file mode 100644 index 0000000..bed3c96 --- /dev/null +++ b/.github/CODEOWNERS @@ -0,0 +1,14 @@ +# Use this file to define individuals or teams that are responsible for code in a repository. +# Read more: +# +# Order is important: the last matching pattern takes the most precedence + +# These owners will be the default owners for everything +* @cloudposse/engineering @cloudposse/contributors + +# Cloud Posse must review any changes to Makefiles +**/Makefile @cloudposse/engineering +**/Makefile.* @cloudposse/engineering + +# Cloud Posse must review any changes to GitHub actions +.github/* @cloudposse/engineering diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md new file mode 100644 index 0000000..f3df96b --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -0,0 +1,37 @@ +--- +name: Bug report +about: Create a report to help us improve +title: '' +labels: 'bug' +assignees: '' + +--- + +Found a bug? Maybe our [Slack Community](https://slack.cloudposse.com) can help. + +[![Slack Community](https://slack.cloudposse.com/badge.svg)](https://slack.cloudposse.com) + +## Describe the Bug +A clear and concise description of what the bug is. + +## Expected Behavior +A clear and concise description of what you expected to happen. + +## Steps to Reproduce +Steps to reproduce the behavior: +1. Go to '...' +2. Run '....' +3. Enter '....' +4. See error + +## Screenshots +If applicable, add screenshots or logs to help explain your problem. + +## Environment (please complete the following information): + +Anything that will help us triage the bug will help. Here are some ideas: + - OS: [e.g. Linux, OSX, WSL, etc] + - Version [e.g. 10.15] + +## Additional Context +Add any other context about the problem here. \ No newline at end of file diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml new file mode 100644 index 0000000..76ae6d6 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/config.yml @@ -0,0 +1,18 @@ +blank_issues_enabled: false + +contact_links: + + - name: Community Slack Team + url: https://cloudposse.com/slack/ + about: |- + Please ask and answer questions here. + + - name: Office Hours + url: https://cloudposse.com/office-hours/ + about: |- + Join us every Wednesday for FREE Office Hours (lunch & learn). + + - name: DevOps Accelerator Program + url: https://cloudposse.com/accelerate/ + about: |- + Own your infrastructure in record time. We build it. You drive it. diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md new file mode 100644 index 0000000..39a8686 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/feature_request.md @@ -0,0 +1,36 @@ +--- +name: Feature Request +about: Suggest an idea for this project +title: '' +labels: 'feature request' +assignees: '' + +--- + +Have a question? Please checkout our [Slack Community](https://slack.cloudposse.com) or visit our [Slack Archive](https://archive.sweetops.com/). + +[![Slack Community](https://slack.cloudposse.com/badge.svg)](https://slack.cloudposse.com) + +## Describe the Feature + +A clear and concise description of what the bug is. + +## Expected Behavior + +A clear and concise description of what you expected to happen. + +## Use Case + +Is your feature request related to a problem/challenge you are trying to solve? Please provide some additional context of why this feature or capability will be valuable. + +## Describe Ideal Solution + +A clear and concise description of what you want to happen. If you don't know, that's okay. + +## Alternatives Considered + +Explain what alternative solutions or features you've considered. + +## Additional Context + +Add any other context or screenshots about the feature request here. diff --git a/.github/ISSUE_TEMPLATE/question.md b/.github/ISSUE_TEMPLATE/question.md new file mode 100644 index 0000000..e69de29 diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md new file mode 100644 index 0000000..4b8f32d --- /dev/null +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -0,0 +1,13 @@ +## what +* Describe high-level what changed as a result of these commits (i.e. in plain-english, what do these changes mean?) +* Use bullet points to be concise and to the point. + +## why +* Provide the justifications for the changes (e.g. business case). +* Describe why these changes were made (e.g. why do these commits fix the problem?) +* Use bullet points to be concise and to the point. + +## references +* Link to any supporting github issues or helpful documentation to add some context (e.g. stackoverflow). +* Use `closes #123`, if this PR closes a GitHub issue `#123` + diff --git a/.github/workflows/chatops.yml b/.github/workflows/chatops.yml new file mode 100644 index 0000000..a6bb11b --- /dev/null +++ b/.github/workflows/chatops.yml @@ -0,0 +1,37 @@ +name: chatops +on: + issue_comment: + types: [created] + +jobs: + default: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - name: "Handle common commands" + uses: cloudposse/actions/github/slash-command-dispatch@0.15.0 + with: + token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }} + reaction-token: ${{ secrets.GITHUB_TOKEN }} + repository: cloudposse/actions + commands: rebuild-readme, terraform-fmt + permission: none + issue-type: pull-request + + test: + runs-on: ubuntu-latest + steps: + - name: "Checkout commit" + uses: actions/checkout@v2 + - name: "Run tests" + uses: cloudposse/actions/github/slash-command-dispatch@0.15.0 + with: + token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }} + reaction-token: ${{ secrets.GITHUB_TOKEN }} + repository: cloudposse/actions + commands: test + permission: none + issue-type: pull-request + reactions: false + + diff --git a/README.md b/README.md index 0bd29aa..b034489 100644 --- a/README.md +++ b/README.md @@ -44,7 +44,7 @@ # terraform-aws-vpc-peering-multi-account - [![Codefresh Build Status](https://g.codefresh.io/api/badges/pipeline/cloudposse/terraform-modules%2Fterraform-aws-vpc-peering-multi-account?type=cf-1)](https://g.codefresh.io/public/accounts/cloudposse/pipelines/5e9f4c44c2b7b0abe4c11f63) [![Latest Release](https://img.shields.io/github/release/cloudposse/terraform-aws-vpc-peering-multi-account.svg)](https://github.com/cloudposse/terraform-aws-vpc-peering-multi-account/releases/latest) [![Slack Community](https://slack.cloudposse.com/badge.svg)](https://slack.cloudposse.com) + [![Latest Release](https://img.shields.io/github/release/cloudposse/terraform-aws-vpc-peering-multi-account.svg)](https://github.com/cloudposse/terraform-aws-vpc-peering-multi-account/releases/latest) [![Slack Community](https://slack.cloudposse.com/badge.svg)](https://slack.cloudposse.com) Terraform module to create a peering connection between any two VPCs existing in different AWS accounts. @@ -308,6 +308,53 @@ Available targets: lint Lint terraform code ``` +## Requirements + +| Name | Version | +|------|---------| +| terraform | >= 0.12 | +| aws | ~> 2.0 | +| null | ~> 2.0 | + +## Providers + +| Name | Version | +|------|---------| +| aws.accepter | ~> 2.0 | +| aws.requester | ~> 2.0 | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| accepter\_allow\_remote\_vpc\_dns\_resolution | Allow accepter VPC to resolve public DNS hostnames to private IP addresses when queried from instances in the requester VPC | `bool` | `true` | no | +| accepter\_aws\_assume\_role\_arn | Accepter AWS Assume Role ARN | `string` | n/a | yes | +| accepter\_region | Accepter AWS region | `string` | n/a | yes | +| accepter\_vpc\_id | Accepter VPC ID filter | `string` | `""` | no | +| accepter\_vpc\_tags | Accepter VPC Tags filter | `map(string)` | `{}` | no | +| attributes | Additional attributes (e.g. `a` or `b`) | `list(string)` | `[]` | no | +| auto\_accept | Automatically accept the peering | `bool` | `true` | no | +| delimiter | Delimiter to be used between `namespace`, `stage`, `name`, and `attributes` | `string` | `"-"` | no | +| enabled | Set to false to prevent the module from creating or accessing any resources | `bool` | `true` | no | +| name | Name (e.g. `app` or `cluster`) | `string` | n/a | yes | +| namespace | Namespace (e.g. `eg` or `cp`) | `string` | n/a | yes | +| requester\_allow\_remote\_vpc\_dns\_resolution | Allow requester VPC to resolve public DNS hostnames to private IP addresses when queried from instances in the accepter VPC | `bool` | `true` | no | +| requester\_aws\_assume\_role\_arn | Requester AWS Assume Role ARN | `string` | n/a | yes | +| requester\_region | Requester AWS region | `string` | n/a | yes | +| requester\_vpc\_id | Requester VPC ID filter | `string` | `""` | no | +| requester\_vpc\_tags | Requester VPC Tags filter | `map(string)` | `{}` | no | +| stage | Stage (e.g. `prod`, `dev`, `staging`) | `string` | n/a | yes | +| tags | Additional tags (e.g. `{"BusinessUnit" = "XYZ"`) | `map(string)` | `{}` | no | + +## Outputs + +| Name | Description | +|------|-------------| +| accepter\_accept\_status | Accepter VPC peering connection request status | +| accepter\_connection\_id | Accepter VPC peering connection ID | +| requester\_accept\_status | Requester VPC peering connection request status | +| requester\_connection\_id | Requester VPC peering connection ID | + diff --git a/README.yaml b/README.yaml index 6c4e334..4d59aa6 100644 --- a/README.yaml +++ b/README.yaml @@ -1,4 +1,3 @@ ---- # # This is the canonical configuration for the `README.md` # Run `make readme` to rebuild the `README.md` @@ -6,7 +5,6 @@ # Name of this project name: terraform-aws-vpc-peering-multi-account - # Tags of this project tags: - aws @@ -19,32 +17,24 @@ tags: - vpn - multi-account - multi-provider - # Categories of this project categories: - terraform-modules/networking - # Logo for this project #logo: docs/logo.png # License of this project license: "APACHE2" - # Canonical GitHub repo github_repo: cloudposse/terraform-aws-vpc-peering-multi-account - # Badges to display badges: - - name: "Codefresh Build Status" - image: "https://g.codefresh.io/api/badges/pipeline/cloudposse/terraform-modules%2Fterraform-aws-vpc-peering-multi-account?type=cf-1" - url: "https://g.codefresh.io/public/accounts/cloudposse/pipelines/5e9f4c44c2b7b0abe4c11f63" - name: "Latest Release" image: "https://img.shields.io/github/release/cloudposse/terraform-aws-vpc-peering-multi-account.svg" url: "https://github.com/cloudposse/terraform-aws-vpc-peering-multi-account/releases/latest" - name: "Slack Community" image: "https://slack.cloudposse.com/badge.svg" url: "https://slack.cloudposse.com" - related: - name: "terraform-aws-vpc" description: "Terraform Module that defines a VPC with public/private subnets across multiple AZs with Internet Gateways" @@ -55,8 +45,6 @@ related: - name: "terraform-aws-kops-vpc-peering" description: "Terraform module to create a peering connection between a backing services VPC and a VPC created by Kops" url: "https://github.com/cloudposse/terraform-aws-kops-vpc-peering" - - # Short description of this project description: |- Terraform module to create a peering connection between any two VPCs existing in different AWS accounts. @@ -64,9 +52,8 @@ description: |- This module supports performing this action from a 3rd account (e.g. a "root" account) by specifying the roles to assume for each member account. **IMPORTANT:** AWS allows a multi-account VPC Peering Connection to be deleted from either the requester's or accepter's side. However, Terraform only allows the VPC Peering Connection to be deleted from the requester's side by removing the corresponding `aws_vpc_peering_connection` resource from your configuration. [Read more about this](https://www.terraform.io/docs/providers/aws/r/vpc_peering_accepter.html) on Terraform's documentation portal. - # How to use this project -usage: |- +usage: |2- **IMPORTANT:** Do not pin to `master` because there may be breaking changes between releases. Instead pin to the release tag (e.g. `?ref=tags/x.y.z`) of one of our [latest releases](https://github.com/cloudposse/terraform-aws-vpc-peering-multi-account/releases). @@ -261,21 +248,17 @@ usage: |- where `YYYYYYYY` is the accepter AWS account ID. For more information on IAM policies and permissions for VPC peering, see [Creating and managing VPC peering connections](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_IAM.html#vpcpeeringiam). - references: - name: "What is VPC Peering?" description: "VPC peering connection is a networking connection between two VPCs that enables you to route traffic between them using private IPv4 addresses or IPv6 addresses." url: "https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-peering.html" - screenshots: - name: "vpc-peering" description: "VPC Peering Connection in the AWS Web Console" url: "images/vpc-peering.png" - include: - "docs/targets.md" - "docs/terraform.md" - # Contributors to this project contributors: - name: "Andriy Knysh" diff --git a/codefresh/test.yml b/codefresh/test.yml deleted file mode 100644 index 420143a..0000000 --- a/codefresh/test.yml +++ /dev/null @@ -1,73 +0,0 @@ -version: '1.0' -steps: - wait: - title: Wait - stage: Prepare - image: 'codefresh/cli:latest' - commands: - - >- - codefresh get builds --pipeline=${{CF_REPO_NAME}} --status running - --limit 1000 -o json | jq --arg id ${{CF_BUILD_ID}} -ser - 'flatten|.[-1].id==$id' - retry: - maxAttempts: 10 - delay: 20 - exponentialFactor: 1.1 - main_clone: - title: Clone repository - type: git-clone - stage: Prepare - description: Initialize - repo: '${{CF_REPO_OWNER}}/${{CF_REPO_NAME}}' - git: CF-default - revision: '${{CF_REVISION}}' - clean_init: - title: Prepare build-harness and test-harness - image: '${{TEST_IMAGE}}' - stage: Prepare - commands: - - >- - cf_export - PATH="/usr/local/terraform/0.12/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" - - make init - - git -C build-harness checkout master - - make -C test/ clean init TEST_HARNESS_BRANCH=master - - make -C test/src clean init - - find . -type d -name '.terraform' | xargs rm -rf - - 'find . -type f -name ''terraform.tfstate*'' -exec rm -f {} \;' - test: - type: parallel - title: Run tests - description: Run all tests in parallel - stage: Test - steps: - test_readme_lint: - title: Test README.md updated - stage: Test - image: '${{TEST_IMAGE}}' - description: Test "readme/lint" - commands: - - make readme/lint - test_module: - title: Test module with bats - image: '${{TEST_IMAGE}}' - stage: Test - commands: - - make -C test/ module - test_examples_complete: - title: Test "examples/complete" with bats - image: '${{TEST_IMAGE}}' - stage: Test - commands: - - make -C test/ examples/complete - test_examples_complete_terratest: - title: Test "examples/complete" with terratest - image: '${{TEST_IMAGE}}' - stage: Test - commands: - - make -C test/src -stages: - - Prepare - - Test -services: {} -fail_fast: true diff --git a/docs/terraform.md b/docs/terraform.md index e69de29..f7454ae 100644 --- a/docs/terraform.md +++ b/docs/terraform.md @@ -0,0 +1,47 @@ +## Requirements + +| Name | Version | +|------|---------| +| terraform | >= 0.12 | +| aws | ~> 2.0 | +| null | ~> 2.0 | + +## Providers + +| Name | Version | +|------|---------| +| aws.accepter | ~> 2.0 | +| aws.requester | ~> 2.0 | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| accepter\_allow\_remote\_vpc\_dns\_resolution | Allow accepter VPC to resolve public DNS hostnames to private IP addresses when queried from instances in the requester VPC | `bool` | `true` | no | +| accepter\_aws\_assume\_role\_arn | Accepter AWS Assume Role ARN | `string` | n/a | yes | +| accepter\_region | Accepter AWS region | `string` | n/a | yes | +| accepter\_vpc\_id | Accepter VPC ID filter | `string` | `""` | no | +| accepter\_vpc\_tags | Accepter VPC Tags filter | `map(string)` | `{}` | no | +| attributes | Additional attributes (e.g. `a` or `b`) | `list(string)` | `[]` | no | +| auto\_accept | Automatically accept the peering | `bool` | `true` | no | +| delimiter | Delimiter to be used between `namespace`, `stage`, `name`, and `attributes` | `string` | `"-"` | no | +| enabled | Set to false to prevent the module from creating or accessing any resources | `bool` | `true` | no | +| name | Name (e.g. `app` or `cluster`) | `string` | n/a | yes | +| namespace | Namespace (e.g. `eg` or `cp`) | `string` | n/a | yes | +| requester\_allow\_remote\_vpc\_dns\_resolution | Allow requester VPC to resolve public DNS hostnames to private IP addresses when queried from instances in the accepter VPC | `bool` | `true` | no | +| requester\_aws\_assume\_role\_arn | Requester AWS Assume Role ARN | `string` | n/a | yes | +| requester\_region | Requester AWS region | `string` | n/a | yes | +| requester\_vpc\_id | Requester VPC ID filter | `string` | `""` | no | +| requester\_vpc\_tags | Requester VPC Tags filter | `map(string)` | `{}` | no | +| stage | Stage (e.g. `prod`, `dev`, `staging`) | `string` | n/a | yes | +| tags | Additional tags (e.g. `{"BusinessUnit" = "XYZ"`) | `map(string)` | `{}` | no | + +## Outputs + +| Name | Description | +|------|-------------| +| accepter\_accept\_status | Accepter VPC peering connection request status | +| accepter\_connection\_id | Accepter VPC peering connection ID | +| requester\_accept\_status | Requester VPC peering connection request status | +| requester\_connection\_id | Requester VPC peering connection ID | +