Merge pull request #4 from clouddrove/0.14

Upgrade module with Terraform 0.14
clouddrove · Apr 8, 2021 · 979e6f9 · 979e6f9
2 parents 361e5de + 85f3cd0
commit 979e6f9
Show file tree

Hide file tree

Showing 18 changed files with 177 additions and 77 deletions.
diff --git a/.github/workflows/readme.yml b/.github/workflows/readme.yml
@@ -12,30 +12,30 @@ jobs:
       - name: 'Checkout'
         uses: actions/checkout@master
 
-      - name: Set up Python 3.7.
+      - name: 'Set up Python 3.7'
         uses: actions/setup-python@v2
         with:
           python-version: '3.x'
 
       - name: 'create readme'
-        uses: 'clouddrove/github-actions@v4.0'
+        uses: 'clouddrove/github-actions@v6.0'
         with:
           actions_subcommand: 'readme'
           github_token: '${{ secrets.GITHUB}}'
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN}}
 
 
-      - name: pre-commit check errors
+      - name: 'pre-commit check errors'
         uses: pre-commit/action@v2.0.0
         continue-on-error: true
 
-      - name: pre-commit fix erros
+      - name: 'pre-commit fix erros'
         uses: pre-commit/action@v2.0.0
         continue-on-error: true
 
       - name: 'push readme'
-        uses: 'clouddrove/github-actions@v4.0'
+        uses: 'clouddrove/github-actions@v6.0'
         continue-on-error: true
         with:
           actions_subcommand: 'push'
@@ -51,4 +51,4 @@ jobs:
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # required
           SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_TERRAFORM }} # required
-        if: always()
+        if: always()
diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml
@@ -5,51 +5,66 @@ on:
       - master
 
 jobs:
-  terraform:
-    name: 'Terraform'
+  fmt:
+    name: 'terraform fmt'
     runs-on: ubuntu-latest
     steps:
       - name: 'Checkout'
-        uses: actions/checkout@master
+        uses: actions/checkout@v2.3.4
 
-      - name: Configure AWS Credentials
+      - name: 'Terraform Format'
+        uses: 'clouddrove/github-actions@v6.0'
+        with:
+          actions_subcommand: 'fmt'
+
+  validate:
+    name: 'terraform validate'
+    runs-on: ubuntu-latest
+    steps:
+      - name: 'Checkout'
+        uses: actions/checkout@v2.3.4
+
+      - name: 'Configure AWS Credentials'
         uses: clouddrove/configure-aws-credentials@v1
         with:
           aws-access-key-id: ${{ secrets.TEST_AWS_ACCESS_KEY }}
           aws-secret-access-key: ${{ secrets.TEST_AWS_ACCESS_SECRET_KEY }}
           aws-region: us-east-2
 
-
-      - name: 'Terraform Format'
-        uses: 'clouddrove/github-actions@v4.0'
-        with:
-          actions_subcommand: 'fmt'
-
       - name: 'Terraform init'
-        uses: 'clouddrove/github-actions@v4.0'
+        uses: 'clouddrove/github-actions@v6.0'
         with:
           actions_subcommand: 'init'
           tf_actions_working_dir: ./_example
 
       - name: 'Terraform validate'
-        uses: 'clouddrove/github-actions@v4.0'
+        uses: 'clouddrove/github-actions@v6.0'
         with:
           actions_subcommand: 'validate'
           tf_actions_working_dir: ./_example
 
-      - name: 'Terraform plan'
-        uses: 'clouddrove/github-actions@v4.0'
+  plan:
+    name: 'terraform plan'
+    runs-on: ubuntu-latest
+    steps:
+      - name: 'Checkout'
+        uses: actions/checkout@v2.3.4
+
+      - name: 'Terraform init'
+        uses: 'clouddrove/github-actions@v6.0'
         with:
-          actions_subcommand: 'plan'
+          actions_subcommand: 'init'
           tf_actions_working_dir: ./_example
 
-      - name: 'Slack Notification'
-        uses: clouddrove/action-slack@v2
+      - name: 'Configure AWS Credentials'
+        uses: clouddrove/configure-aws-credentials@v1
         with:
-          status: ${{ job.status }}
-          fields: repo,author
-          author_name: 'CloudDrove'
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # required
-          SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_TERRAFORM }} # required
-        if: always()
+          aws-access-key-id: ${{ secrets.TEST_AWS_ACCESS_KEY }}
+          aws-secret-access-key: ${{ secrets.TEST_AWS_ACCESS_SECRET_KEY }}
+          aws-region: us-east-2
+
+      - name: 'Terraform plan'
+        uses: 'clouddrove/github-actions@v6.0'
+        with:
+          actions_subcommand: 'plan'
+          tf_actions_working_dir: ./_example
diff --git a/.gitignore b/.gitignore
@@ -4,4 +4,5 @@
 .terraform
 .idea
 *.iml
-*.zip
+*.zip
+*.terraform.lock.hcl
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -1,13 +1,19 @@
 repos:
-  - repo: git://github.com/antonbabenko/pre-commit-terraform
-    rev: v1.43.0
+
+  - repo: https://github.com/gruntwork-io/pre-commit
+    rev: v0.1.12 # Get the latest from: https://github.com/gruntwork-io/pre-commit/releases
     hooks:
-    - id: terraform_fmt
+      - id: terraform-fmt
 
-  - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v3.2.0
+  - repo: git://github.com/pre-commit/pre-commit-hooks
+    rev: v3.4.0 # Use the ref you want to point at
     hooks:
+      - id: end-of-file-fixer
+      - id: trailing-whitespace
+      - id: mixed-line-ending
+      - id: check-byte-order-marker
+      - id: check-executables-have-shebangs
       - id: check-merge-conflict
+      - id: debug-statements
       - id: check-yaml
       - id: check-added-large-files
-      - id: trailing-whitespace
diff --git a/LICENSE b/LICENSE
@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2020 Cloud Drove
+Copyright (c) 2021 Cloud Drove
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

diff --git a/Makefile b/Makefile
@@ -1,3 +1,3 @@
 export GENIE_PATH ?= $(shell 'pwd')/../../../genie
 
-include $(GENIE_PATH)/Makefile
+include $(GENIE_PATH)/Makefile
diff --git a/README.yaml b/README.yaml
@@ -16,7 +16,7 @@ github_repo: clouddrove/terraform-aws-cloudtrail-slack-notification
 # Badges to display
 badges:
   - name: "Terraform"
-    image: "https://img.shields.io/badge/Terraform-v0.13-green"
+    image: "https://img.shields.io/badge/Terraform-v0.14-green"
     url: "https://www.terraform.io"
   - name: "Licence"
     image: "https://img.shields.io/badge/License-MIT-blue.svg"
@@ -37,11 +37,11 @@ usage : |-
   ```hcl
   module "cloudtrail-slack-notification" {
     source      = "clouddrove/cloudtrail-slack-notification/aws"
-    version     = "0.13.0"
+    version     = "0.14.0"
+
     name        = "cloudtrail-slack-notification"
-    application = "clouddrove"
     environment = "test"
-    label_order = ["environment", "name", "application"]
+    label_order = ["name", "environment"]
     enabled     = true
     bucket_arn  = "arn:aws:s3:::security-bucket-log-clouddrove"
     bucket_name = "security-bucket-log-clouddrove"
@@ -52,4 +52,4 @@ usage : |-
       "USER_AGENT"          = "signin.amazonaws.com"
     }
   }
-  ```
+  ```
diff --git a/_example/example.tf b/_example/example.tf
@@ -2,16 +2,30 @@ provider "aws" {
   region = "us-east-1"
 }
 
+module "s3_bucket" {
+
+  source  = "clouddrove/s3/aws"
+  version = "0.14.0"
+
+  name        = "clouddrove-bucket"
+  environment = "test"
+  label_order = ["name", "environment"]
+
+  bucket_enabled = true
+  versioning     = true
+  acl            = "private"
+}
+
 module "cloudtrail-slack-notification" {
   source = "./../"
 
   name        = "cloudtrail-slack-notification"
-  application = "clouddrove"
   environment = "test"
-  label_order = ["environment", "name", "application"]
+  label_order = ["name", "environment"]
+
   enabled     = true
-  bucket_arn  = "arn:aws:s3:::security-bucket-log-cd"
-  bucket_name = "security-bucket-log-cd"
+  bucket_arn  = module.s3_bucket.arn
+  bucket_name = module.s3_bucket.id
   variables = {
     SLACK_WEBHOOK     = "https://hooks.slack.com/services/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"
     SLACK_CHANNEL     = "testing"

diff --git a/_example/outputs.tf b/_example/outputs.tf
@@ -0,0 +1,5 @@
+
+output "tags" {
+  value       = module.cloudtrail-slack-notification.tags
+  description = "A mapping of tags to assign to the resource."
+}
diff --git a/_test/test.go b/_test/test.go
@@ -0,0 +1,32 @@
+// Managed By : CloudDrove
+// Description : This Terratest is used to test the Terraform VPC module.
+// Copyright @ CloudDrove. All Right Reserved.
+package test
+
+import (
+	"testing"
+	"github.com/gruntwork-io/terratest/modules/terraform"
+	"github.com/stretchr/testify/assert"
+)
+
+func Test(t *testing.T) {
+	t.Parallel()
+
+	terraformOptions := &terraform.Options{
+		// Source path of Terraform directory.
+		TerraformDir: "../_example",
+	}
+
+	// This will run 'terraform init' and 'terraform application' and will fail the test if any errors occur
+	terraform.InitAndApply(t, terraformOptions)
+
+	// To clean up any resources that have been created, run 'terraform destroy' towards the end of the test
+	defer terraform.Destroy(t, terraformOptions)
+
+	// To get the value of an output variable, run 'terraform output'
+	Tags := terraform.OutputMap(t, terraformOptions, "tags")
+
+	// Check that we get back the outputs that we expect
+	assert.Equal(t, "cloudtrail-slack-notification-test", Tags["Name"])
+
+}
diff --git a/main.tf b/main.tf
@@ -1,5 +1,6 @@
-## Managed By : CloudDrove
-## Copyright @ CloudDrove. All Right Reserved.
+# Managed By : CloudDrove
+# Terraform module to create Lambda resource on AWS for sending notification when anything done from console in AWS.
+# Copyright @ CloudDrove. All Right Reserved.
 
 
 resource "null_resource" "main" {
@@ -12,13 +13,13 @@ resource "null_resource" "main" {
 #Module      : Cloudtrail Logs
 #Description : This terraform module is designed to create cloudtrail log.
 module "cloudtrail-slack" {
-  source  = "clouddrove/lambda/aws"
-  version = "0.13.0"
+  source = "git::https://github.com/clouddrove/terraform-aws-lambda.git?ref=tags/0.14.0"
 
   name        = var.name
-  application = var.application
+  repository  = var.repository
   environment = var.environment
   managedby   = var.managedby
+  attributes  = var.attributes
   label_order = var.label_order
   enabled     = var.enabled
 
@@ -55,13 +56,13 @@ module "cloudtrail-slack" {
 }
 
 resource "aws_s3_bucket_notification" "bucket_notification" {
-  count  = var.enabled ? 1 : 0
-  bucket = var.bucket_name
+  count = var.enabled ? 1 : 0
 
+  bucket = var.bucket_name
   lambda_function {
     lambda_function_arn = module.cloudtrail-slack.arn
     events              = ["s3:ObjectCreated:*"]
-    filter_prefix       = ""
-    filter_suffix       = ""
+    filter_prefix       = var.filter_prefix
+    filter_suffix       = var.filter_suffix
   }
 }
diff --git a/outputs.tf b/outputs.tf
@@ -1,6 +1,11 @@
-# Module      : Lambda
-# Description : Terraform module to create Lambda resource on AWS for managing queue.
+#Module      : Cloudtrail Slack Notification
+#Description : Terraform cloudtrail slack notification module outputs.
 output "cloudtrail-slack-arn" {
   value       = module.cloudtrail-slack.arn
   description = "The Amazon Resource Name (ARN) identifying your cloudtrail logs Lambda Function."
-}
+}
+
+output "tags" {
+  value       = module.cloudtrail-slack.tags
+  description = "A mapping of tags to assign to the resource."
+}
diff --git a/slack/build.sh b/slack/build.sh
@@ -9,4 +9,4 @@ mkdir -p packages/
 cd ${WRKDIR}/${LYR_PDS_DIR}/
 ${WRKDIR}/${LYR_PDS_DIR}/build_layer.sh
 zip -r ${WRKDIR}/packages/Python3-slack.zip .
-rm -rf ${WRKDIR}/${LYR_PDS_DIR}/python/
+rm -rf ${WRKDIR}/${LYR_PDS_DIR}/python/
diff --git a/slack/slack/build_layer.sh b/slack/slack/build_layer.sh
@@ -1,4 +1,4 @@
 #!/bin/bash
 export PKG_DIR="python"
 rm -rf ${PKG_DIR} && mkdir -p ${PKG_DIR} && docker run -rm -v $(pwd):/foo lambci/lambda:build-python3.8
-pip install -r requirements.txt --no-deps -t ${PKG_DIR}
+pip install -r requirements.txt --no-deps -t ${PKG_DIR}
diff --git a/slack/slack/requirements.txt b/slack/slack/requirements.txt
@@ -2,4 +2,4 @@ urllib5==5.0.0
 certifi==2020.4.5.1
 chardet==3.0.4
 idna==2.9
-requests==2.23.0
+requests==2.23.0
diff --git a/slack/src/index.py b/slack/src/index.py
@@ -158,7 +158,6 @@ def create_simplified_event(cloudtrail_event):
             user = cloudtrail_event['userIdentity']['arn']
         else:
             user = cloudtrail_event['userIdentity']['userName']
-        accountId = cloudtrail_event['userIdentity']['accountId']
     except KeyError:
         try:
             principalId = cloudtrail_event['userIdentity']['principalId']
@@ -191,6 +190,7 @@ def create_simplified_event(cloudtrail_event):
         sourceIP      = cloudtrail_event['sourceIPAddress']
         event_time  = cloudtrail_event['eventTime']
         region      = cloudtrail_event['awsRegion']
+        accountId = cloudtrail_event['recipientAccountId']
     except KeyError:
         fatal('Parsing error: {}'.format(json.dumps(cloudtrail_event, indent=4)))
 
@@ -287,12 +287,11 @@ def create_slack_payload(json_dict, color='#FF0000', reason='Cloudtrail Event.')
 
     return payload
 
-
 def post_to_slack(payload):
     logger.info('POST-ing payload: {}'.format(json.dumps(payload,indent=4)))
 
     try:
-        req = requests.post(SLACK_WEBHOOK, data=str(payload), timeout=3)
+        req = requests.post(SLACK_WEBHOOK, data=json.dumps(payload), timeout=3)
         logger.info("Message posted to {} using {}".format(payload['channel'], SLACK_WEBHOOK))
     except requests.exceptions.Timeout as e:
         fatal("Server connection failed: {}".format(e))