From 26febb9098c9358c892db6d3fcd53494acefe3ce Mon Sep 17 00:00:00 2001 From: yoshutch Date: Wed, 24 Jun 2020 14:36:24 -0600 Subject: [PATCH 01/26] trying out a file pattern instead of passing in the json string directly --- .github/workflows/test.yml | 22 +- __tests__/test-plan.json | 7689 ++++++++++++++++++++++++++++++++++++ action.yml | 4 +- dist/index.js | 8 +- src/main.ts | 5 +- 5 files changed, 7703 insertions(+), 25 deletions(-) create mode 100644 __tests__/test-plan.json diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 398076c..3e32f74 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -22,24 +22,4 @@ jobs: - uses: ./ with: github_token: ${{ secrets.GITHUB_TOKEN }} - terraform_plan_json: | - { - "resource_changes": [ - { - "address": "module.app.module.database.aws_db_instance.database", - "type": "aws_db_instance", - "name": "database", - "change": { - "actions": ["delete"] - } - }, - { - "address": "module.app.aws_security_group_rule.db_access", - "type": "aws_security_group_rule", - "name": "db_access", - "change": { - "actions": ["delete", "create"] - } - } - ] - } \ No newline at end of file + terraform_plan_json_file: __tests__/test-plan.json \ No newline at end of file diff --git a/__tests__/test-plan.json b/__tests__/test-plan.json new file mode 100644 index 0000000..5009419 --- /dev/null +++ b/__tests__/test-plan.json @@ -0,0 +1,7689 @@ +{ + "format_version": "0.1", + "terraform_version": "0.12.26", + "variables": { + "image_tag": { + "value": "new_timestamp" + } + }, + "planned_values": { + "outputs": { + "codedeploy_app_name": { + "sensitive": false, + "value": "fake_app-dev-codedeploy" + }, + "codedeploy_appspec_json_file": { + "sensitive": false, + "value": "/home/runner/work/fake_app/fake_app/terraform-iac/dev/app/appspec.json" + }, + "codedeploy_deployment_group_name": { + "sensitive": false, + "value": "fake_app-dev-deployment-group" + } + }, + "*******_module": { + "child_modules": [ + { + "resources": [ + { + "address": "module.app.aws_security_group_rule.db_access", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "db_access", + "provider_name": "aws", + "schema_version": 2, + "values": { + "cidr_blocks": [], + "description": "", + "from_port": 3306, + "id": "sgrule-012341234", + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_group_id": "sg-0fake1d", + "self": false, + "source_security_group_id": "sg-0fake1d", + "to_port": 3306, + "type": "ingress" + } + } + ], + "address": "module.app", + "child_modules": [ + { + "resources": [ + { + "address": "module.app.module.database.aws_db_instance.database", + "mode": "managed", + "type": "aws_db_instance", + "name": "database", + "provider_name": "aws", + "schema_version": 1, + "values": { + "address": "fake_app-dev-db.0fake1d.us-west-2.rds.amazonaws.com", + "allocated_storage": 32, + "allow_major_version_upgrade": null, + "apply_immediately": null, + "arn": "arn:aws:rds:us-west-2:***:db:fake_app-dev-db", + "auto_minor_version_upgrade": true, + "availability_zone": "us-west-2b", + "backup_retention_period": 7, + "backup_window": "07:01-07:31", + "ca_cert_identifier": "rds-ca-2019", + "character_set_name": null, + "copy_tags_to_snapshot": true, + "db_subnet_group_name": "oit-oregon-dev-db-subnet-group", + "delete_automated_backups": true, + "deletion_protection": true, + "domain": "", + "domain_iam_role_name": "", + "enabled_cloudwatch_logs_exports": [ + "error", + "general", + "slowquery" + ], + "endpoint": "fake_app-dev-db.0fake1d.us-west-2.rds.amazonaws.com:3306", + "engine": "mysql", + "engine_version": "8.0.11", + "final_snapshot_identifier": "fake_app-dev-db-final-snapshot", + "hosted_zone_id": "ZFAKE1D", + "iam_database_authentication_enabled": false, + "id": "fake_app-dev-db", + "identifier": "fake_app-dev-db", + "identifier_prefix": null, + "instance_class": "db.t2.small", + "iops": 0, + "kms_key_id": "arn:aws:kms:us-west-2:***:key/cfake1d", + "license_model": "general-public-license", + "maintenance_window": "thu:11:33-thu:12:03", + "max_allocated_storage": 0, + "monitoring_interval": 0, + "monitoring_role_arn": "", + "multi_az": false, + "name": "deleteme2dev", + "option_group_name": "default:mysql-8-0", + "parameter_group_name": "default.mysql8.0", + "password": "*******", + "performance_insights_enabled": false, + "performance_insights_kms_key_id": "", + "performance_insights_retention_period": 0, + "port": 3306, + "publicly_accessible": false, + "replicas": [], + "replicate_source_db": "", + "resource_id": "db-FAKE1D", + "s3_import": [], + "security_group_names": [], + "skip_final_snapshot": true, + "snapshot_identifier": null, + "status": "available", + "storage_encrypted": true, + "storage_type": "gp2", + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "timeouts": null, + "timezone": "", + "username": "*******", + "vpc_security_group_ids": [ + "sg-0fake1d" + ] + } + }, + { + "address": "module.app.module.database.aws_security_group.db_security_group", + "mode": "managed", + "type": "aws_security_group", + "name": "db_security_group", + "provider_name": "aws", + "schema_version": 1, + "values": { + "arn": "arn:aws:ec2:us-west-2:***:security-group/sg-0fake1d", + "description": "Security group for fake_app-dev-db RDS instance", + "egress": [], + "id": "sg-0fake1d", + "ingress": [ + { + "cidr_blocks": [], + "description": "", + "from_port": 3306, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [ + "sg-0fake1d" + ], + "self": false, + "to_port": 3306 + } + ], + "name": "fake_app-dev-db-db_sg", + "name_prefix": null, + "owner_id": "***", + "revoke_rules_on_delete": false, + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "timeouts": null, + "vpc_id": "vpc-0fake1d" + } + }, + { + "address": "module.app.module.database.aws_ssm_parameter.master_password", + "mode": "managed", + "type": "aws_ssm_parameter", + "name": "master_password", + "provider_name": "aws", + "schema_version": 0, + "values": { + "allowed_pattern": "", + "arn": "arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_password", + "description": "fake_app-dev-db Database master password", + "id": "/fake_app-dev-db/master_password", + "key_id": "alias/aws/ssm", + "name": "/fake_app-dev-db/master_password", + "overwrite": null, + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "tier": "Standard", + "type": "SecureString", + "value": "*******", + "version": 1 + } + }, + { + "address": "module.app.module.database.aws_ssm_parameter.master_username", + "mode": "managed", + "type": "aws_ssm_parameter", + "name": "master_username", + "provider_name": "aws", + "schema_version": 0, + "values": { + "allowed_pattern": "", + "arn": "arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_username", + "description": "fake_app-dev-db Database master username", + "id": "/fake_app-dev-db/master_username", + "key_id": "", + "name": "/fake_app-dev-db/master_username", + "overwrite": null, + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "tier": "Standard", + "type": "String", + "value": "*******", + "version": 1 + } + }, + { + "address": "module.app.module.database.random_password.default[0]", + "mode": "managed", + "type": "random_password", + "name": "default", + "index": 0, + "provider_name": "random", + "schema_version": 0, + "values": { + "id": "none", + "keepers": { + "recreate_password": "false" + }, + "length": 32, + "lower": true, + "min_lower": 0, + "min_numeric": 0, + "min_special": 0, + "min_upper": 0, + "number": true, + "override_special": null, + "result": "*******", + "special": false, + "upper": true + } + } + ], + "address": "module.app.module.database" + }, + { + "resources": [ + { + "address": "module.app.module.fargate.aws_alb.alb", + "mode": "managed", + "type": "aws_alb", + "name": "alb", + "provider_name": "aws", + "schema_version": 0, + "values": { + "access_logs": [ + { + "bucket": "", + "enabled": false, + "prefix": "" + } + ], + "arn": "arn:aws:elasticloadbalancing:us-west-2:***:loadbalancer/app/fake_app-dev-alb/fake1d", + "arn_suffix": "app/fake_app-dev-alb/fake1d", + "dns_name": "fake_app-dev-alb-1234567890.us-west-2.elb.amazonaws.com", + "drop_invalid_header_fields": false, + "enable_cross_zone_load_balancing": null, + "enable_deletion_protection": false, + "enable_http2": true, + "id": "arn:aws:elasticloadbalancing:us-west-2:***:loadbalancer/app/fake_app-dev-alb/fake1d", + "idle_timeout": 60, + "internal": false, + "ip_address_type": "ipv4", + "load_balancer_type": "application", + "name": "fake_app-dev-alb", + "name_prefix": null, + "security_groups": [ + "sg-0fake1d" + ], + "subnet_mapping": [ + { + "allocation_id": "", + "subnet_id": "subnet-0fake1d" + }, + { + "allocation_id": "", + "subnet_id": "subnet-0fake1d" + } + ], + "subnets": [ + "subnet-0fake1d", + "subnet-0fake1d" + ], + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "timeouts": null, + "vpc_id": "vpc-0fake1d", + "zone_id": "FAKE123" + } + }, + { + "address": "module.app.module.fargate.aws_alb_listener.http_to_https", + "mode": "managed", + "type": "aws_alb_listener", + "name": "http_to_https", + "provider_name": "aws", + "schema_version": 0, + "values": { + "arn": "arn:aws:elasticloadbalancing:us-west-2:***:listener/app/fake_app-dev-alb/fake1d/0fake1d", + "certificate_arn": null, + "default_action": [ + { + "authenticate_cognito": [], + "authenticate_oidc": [], + "fixed_response": [], + "forward": [], + "order": 1, + "redirect": [ + { + "host": "#{host}", + "path": "/#{path}", + "port": "443", + "protocol": "HTTPS", + "query": "#{query}", + "status_code": "HTTP_301" + } + ], + "target_group_arn": "", + "type": "redirect" + } + ], + "id": "arn:aws:elasticloadbalancing:us-west-2:***:listener/app/fake_app-dev-alb/fake1d/0fake1d", + "load_balancer_arn": "arn:aws:elasticloadbalancing:us-west-2:***:loadbalancer/app/fake_app-dev-alb/fake1d", + "port": 80, + "protocol": "HTTP", + "ssl_policy": "", + "timeouts": null + } + }, + { + "address": "module.app.module.fargate.aws_alb_listener.https", + "mode": "managed", + "type": "aws_alb_listener", + "name": "https", + "provider_name": "aws", + "schema_version": 0, + "values": { + "arn": "arn:aws:elasticloadbalancing:us-west-2:***:listener/app/fake_app-dev-alb/fake1d/0fake1d", + "certificate_arn": "arn:aws:acm:us-west-2:***:certificate/0fake1d", + "default_action": [ + { + "authenticate_cognito": [], + "authenticate_oidc": [], + "fixed_response": [], + "forward": [], + "order": 1, + "redirect": [], + "target_group_arn": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgb/0fake1d", + "type": "forward" + } + ], + "id": "arn:aws:elasticloadbalancing:us-west-2:***:listener/app/fake_app-dev-alb/fake1d/0fake1d", + "load_balancer_arn": "arn:aws:elasticloadbalancing:us-west-2:***:loadbalancer/app/fake_app-dev-alb/fake1d", + "port": 443, + "protocol": "HTTPS", + "ssl_policy": "ELBSecurityPolicy-2016-08", + "timeouts": null + } + }, + { + "address": "module.app.module.fargate.aws_alb_target_group.blue", + "mode": "managed", + "type": "aws_alb_target_group", + "name": "blue", + "provider_name": "aws", + "schema_version": 0, + "values": { + "arn": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgb/0fake1d", + "arn_suffix": "targetgroup/fake_app-dev-tgb/0fake1d", + "deregistration_delay": 60, + "health_check": [ + { + "enabled": true, + "healthy_threshold": 3, + "interval": 30, + "matcher": "200", + "path": "/health", + "port": "traffic-port", + "protocol": "HTTP", + "timeout": 5, + "unhealthy_threshold": 3 + } + ], + "id": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgb/0fake1d", + "lambda_multi_value_headers_enabled": false, + "load_balancing_algorithm_type": "least_outstanding_requests", + "name": "fake_app-dev-tgb", + "name_prefix": null, + "port": 8080, + "protocol": "HTTP", + "proxy_protocol_v2": false, + "slow_start": 0, + "stickiness": [ + { + "cookie_duration": 86400, + "enabled": false, + "type": "lb_cookie" + } + ], + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "target_type": "ip", + "vpc_id": "vpc-0fake1d" + } + }, + { + "address": "module.app.module.fargate.aws_alb_target_group.green", + "mode": "managed", + "type": "aws_alb_target_group", + "name": "green", + "provider_name": "aws", + "schema_version": 0, + "values": { + "arn": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgg/0fake1d", + "arn_suffix": "targetgroup/fake_app-dev-tgg/0fake1d", + "deregistration_delay": 60, + "health_check": [ + { + "enabled": true, + "healthy_threshold": 3, + "interval": 30, + "matcher": "200", + "path": "/health", + "port": "traffic-port", + "protocol": "HTTP", + "timeout": 5, + "unhealthy_threshold": 3 + } + ], + "id": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgg/0fake1d", + "lambda_multi_value_headers_enabled": false, + "load_balancing_algorithm_type": "least_outstanding_requests", + "name": "fake_app-dev-tgg", + "name_prefix": null, + "port": 8080, + "protocol": "HTTP", + "proxy_protocol_v2": false, + "slow_start": 0, + "stickiness": [ + { + "cookie_duration": 86400, + "enabled": false, + "type": "lb_cookie" + } + ], + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "target_type": "ip", + "vpc_id": "vpc-0fake1d" + } + }, + { + "address": "module.app.module.fargate.aws_cloudwatch_log_group.container_log_group", + "mode": "managed", + "type": "aws_cloudwatch_log_group", + "name": "container_log_group", + "provider_name": "aws", + "schema_version": 0, + "values": { + "arn": "arn:aws:logs:us-west-2:***:log-group:fargate/fake_app-dev:*", + "id": "fargate/fake_app-dev", + "kms_key_id": "", + "name": "fargate/fake_app-dev", + "name_prefix": null, + "retention_in_days": 7, + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + } + } + }, + { + "address": "module.app.module.fargate.aws_codedeploy_app.app", + "mode": "managed", + "type": "aws_codedeploy_app", + "name": "app", + "provider_name": "aws", + "schema_version": 0, + "values": { + "compute_platform": "ECS", + "id": "fake1d:fake_app-dev-codedeploy", + "name": "fake_app-dev-codedeploy", + "unique_id": null + } + }, + { + "address": "module.app.module.fargate.aws_codedeploy_deployment_group.deploymentgroup", + "mode": "managed", + "type": "aws_codedeploy_deployment_group", + "name": "deploymentgroup", + "provider_name": "aws", + "schema_version": 0, + "values": { + "alarm_configuration": [], + "app_name": "fake_app-dev-codedeploy", + "auto_rollback_configuration": [ + { + "enabled": true, + "events": [ + "DEPLOYMENT_FAILURE" + ] + } + ], + "autoscaling_groups": [], + "blue_green_deployment_config": [ + { + "deployment_ready_option": [ + { + "action_on_timeout": "CONTINUE_DEPLOYMENT", + "wait_time_in_minutes": 0 + } + ], + "green_fleet_provisioning_option": [], + "terminate_blue_instances_on_deployment_success": [ + { + "action": "TERMINATE", + "termination_wait_time_in_minutes": 1 + } + ] + } + ], + "deployment_config_name": "CodeDeployDefault.ECSAllAtOnce", + "deployment_group_name": "fake_app-dev-deployment-group", + "deployment_style": [ + { + "deployment_option": "WITH_TRAFFIC_CONTROL", + "deployment_type": "BLUE_GREEN" + } + ], + "ec2_tag_filter": [], + "ec2_tag_set": [], + "ecs_service": [ + { + "cluster_name": "fake_app-dev", + "service_name": "fake_app-dev" + } + ], + "id": "fake1d", + "load_balancer_info": [ + { + "elb_info": [], + "target_group_info": [], + "target_group_pair_info": [ + { + "prod_traffic_route": [ + { + "listener_arns": [ + "arn:aws:elasticloadbalancing:us-west-2:***:listener/app/fake_app-dev-alb/fake1d/0fake1d" + ] + } + ], + "target_group": [ + { + "name": "fake_app-dev-tgb" + }, + { + "name": "fake_app-dev-tgg" + } + ], + "test_traffic_route": [ + { + "listener_arns": null + } + ] + } + ] + } + ], + "on_premises_instance_tag_filter": [], + "service_role_arn": "arn:aws:iam::***:role/PowerBuilder", + "trigger_configuration": [] + } + }, + { + "address": "module.app.module.fargate.aws_ecs_cluster.cluster", + "mode": "managed", + "type": "aws_ecs_cluster", + "name": "cluster", + "provider_name": "aws", + "schema_version": 0, + "values": { + "arn": "arn:aws:ecs:us-west-2:***:cluster/fake_app-dev", + "capacity_providers": [], + "default_capacity_provider_strategy": [], + "id": "arn:aws:ecs:us-west-2:***:cluster/fake_app-dev", + "name": "fake_app-dev", + "setting": [ + { + "name": "containerInsights", + "value": "enabled" + } + ], + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + } + } + }, + { + "address": "module.app.module.fargate.aws_ecs_service.service", + "mode": "managed", + "type": "aws_ecs_service", + "name": "service", + "provider_name": "aws", + "schema_version": 0, + "values": { + "capacity_provider_strategy": [], + "cluster": "arn:aws:ecs:us-west-2:***:cluster/fake_app-dev", + "deployment_controller": [ + { + "type": "CODE_DEPLOY" + } + ], + "deployment_maximum_percent": 200, + "deployment_minimum_healthy_percent": 100, + "desired_count": 1, + "enable_ecs_managed_tags": false, + "force_new_deployment": null, + "health_check_grace_period_seconds": 0, + "iam_role": "aws-service-role", + "id": "arn:aws:ecs:us-west-2:***:service/fake_app-dev/fake_app-dev", + "launch_type": "FARGATE", + "load_balancer": [ + { + "container_name": "main", + "container_port": 8080, + "elb_name": "", + "target_group_arn": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgb/0fake1d" + } + ], + "name": "fake_app-dev", + "network_configuration": [ + { + "assign_public_ip": true, + "security_groups": [ + "sg-0fake1d" + ], + "subnets": [ + "subnet-0fake1d", + "subnet-0fake1d" + ] + } + ], + "ordered_placement_strategy": [], + "placement_constraints": [], + "placement_strategy": [], + "platform_version": "1.4.0", + "propagate_tags": "NONE", + "scheduling_strategy": "REPLICA", + "service_registries": [], + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "task_definition": "arn:aws:ecs:us-west-2:***:task-definition/fake_app-dev-def:5" + } + }, + { + "address": "module.app.module.fargate.aws_ecs_task_definition.task_def", + "mode": "managed", + "type": "aws_ecs_task_definition", + "name": "task_def", + "provider_name": "aws", + "schema_version": 1, + "values": { + "container_definitions": "[{\"environment\":[{\"name\":\"ENV\",\"value\":\"dev\"},{\"name\":\"db_url\",\"value\":\"jdbc:mysql://fake_app-dev-db.0fake1d.us-west-2.rds.amazonaws.com:3306/deleteme2dev\"}],\"essential\":true,\"image\":\"***.dkr.ecr.us-west-2.amazonaws.com/fake_app-dev:new_timestamp\",\"logConfiguration\":{\"logDriver\":\"awslogs\",\"options\":{\"awslogs-group\":\"fargate/fake_app-dev\",\"awslogs-region\":\"us-west-2\",\"awslogs-stream-prefix\":\"fake_app-dev\"}},\"mountPoints\":[],\"name\":\"main\",\"portMappings\":[{\"containerPort\":8080,\"hostPort\":8080,\"protocol\":\"tcp\"}],\"privileged\":false,\"secrets\":[{\"name\":\"db_password\",\"valueFrom\":\"arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_password\"},{\"name\":\"db_username\",\"valueFrom\":\"arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_username\"}],\"volumesFrom\":[]}]", + "cpu": "256", + "execution_role_arn": "arn:aws:iam::***:role/fake_app-dev-taskExecutionRole", + "family": "fake_app-dev-def", + "inference_accelerator": [], + "ipc_mode": null, + "memory": "512", + "network_mode": "awsvpc", + "pid_mode": null, + "placement_constraints": [], + "proxy_configuration": [], + "requires_compatibilities": [ + "FARGATE" + ], + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "task_role_arn": "arn:aws:iam::***:role/fake_app-dev-taskRole", + "volume": [] + } + }, + { + "address": "module.app.module.fargate.aws_iam_policy.secrets_access[0]", + "mode": "managed", + "type": "aws_iam_policy", + "name": "secrets_access", + "index": 0, + "provider_name": "aws", + "schema_version": 0, + "values": { + "arn": "arn:aws:iam::***:policy/fake_app-dev_secrets_access", + "description": "", + "id": "arn:aws:iam::***:policy/fake_app-dev_secrets_access", + "name": "fake_app-dev_secrets_access", + "name_prefix": null, + "path": "/", + "policy": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ssm:GetParemetersByPath\",\n \"ssm:GetParameters\",\n \"ssm:GetParameter\"\n ],\n \"Resource\": [\n \"arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_username\",\n \"arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_password\"\n ]\n }\n ]\n}" + } + }, + { + "address": "module.app.module.fargate.aws_iam_role.task_execution_role", + "mode": "managed", + "type": "aws_iam_role", + "name": "task_execution_role", + "provider_name": "aws", + "schema_version": 0, + "values": { + "arn": "arn:aws:iam::***:role/fake_app-dev-taskExecutionRole", + "assume_role_policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"ecs-tasks.amazonaws.com\"},\"Action\":\"sts:AssumeRole\"}]}", + "create_date": "2020-06-17T14:59:29Z", + "description": "", + "force_detach_policies": false, + "id": "fake_app-dev-taskExecutionRole", + "max_session_duration": 3600, + "name": "fake_app-dev-taskExecutionRole", + "name_prefix": null, + "path": "/", + "permissions_boundary": "arn:aws:iam::***:policy/iamRolePermissionBoundary", + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "unique_id": "AROAQKWMX5RQFY26MWWWF" + } + }, + { + "address": "module.app.module.fargate.aws_iam_role.task_role", + "mode": "managed", + "type": "aws_iam_role", + "name": "task_role", + "provider_name": "aws", + "schema_version": 0, + "values": { + "arn": "arn:aws:iam::***:role/fake_app-dev-taskRole", + "assume_role_policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"ecs-tasks.amazonaws.com\"},\"Action\":\"sts:AssumeRole\"}]}", + "create_date": "2020-06-17T14:59:29Z", + "description": "", + "force_detach_policies": false, + "id": "fake_app-dev-taskRole", + "max_session_duration": 3600, + "name": "fake_app-dev-taskRole", + "name_prefix": null, + "path": "/", + "permissions_boundary": "arn:aws:iam::***:policy/iamRolePermissionBoundary", + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "unique_id": "FAKE1D" + } + }, + { + "address": "module.app.module.fargate.aws_iam_role_policy_attachment.secret_task_policy_attach[0]", + "mode": "managed", + "type": "aws_iam_role_policy_attachment", + "name": "secret_task_policy_attach", + "index": 0, + "provider_name": "aws", + "schema_version": 0, + "values": { + "id": "fake_app-dev-taskRole-0FAKE1D", + "policy_arn": "arn:aws:iam::***:policy/fake_app-dev_secrets_access", + "role": "fake_app-dev-taskRole" + } + }, + { + "address": "module.app.module.fargate.aws_iam_role_policy_attachment.secrets_policy_attach[0]", + "mode": "managed", + "type": "aws_iam_role_policy_attachment", + "name": "secrets_policy_attach", + "index": 0, + "provider_name": "aws", + "schema_version": 0, + "values": { + "id": "fake_app-dev-taskExecutionRole-0FAKE1D", + "policy_arn": "arn:aws:iam::***:policy/fake_app-dev_secrets_access", + "role": "fake_app-dev-taskExecutionRole" + } + }, + { + "address": "module.app.module.fargate.aws_iam_role_policy_attachment.task_execution_policy_attach", + "mode": "managed", + "type": "aws_iam_role_policy_attachment", + "name": "task_execution_policy_attach", + "provider_name": "aws", + "schema_version": 0, + "values": { + "id": "fake_app-dev-taskExecutionRole-0FAKE1D", + "policy_arn": "arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy", + "role": "fake_app-dev-taskExecutionRole" + } + }, + { + "address": "module.app.module.fargate.aws_route53_record.a_record", + "mode": "managed", + "type": "aws_route53_record", + "name": "a_record", + "provider_name": "aws", + "schema_version": 2, + "values": { + "alias": [ + { + "evaluate_target_health": true, + "name": "fake_app-dev-alb-1234567890.us-west-2.elb.amazonaws.com", + "zone_id": "FAKE123" + } + ], + "allow_overwrite": null, + "failover_routing_policy": [], + "fqdn": "fake_app-dev.fake_domain.amazon.byu.edu", + "geolocation_routing_policy": [], + "health_check_id": "", + "id": "Z0FAKE1D_fake_app-dev.fake_domain.amazon.byu.edu._A", + "latency_routing_policy": [], + "multivalue_answer_routing_policy": null, + "name": "fake_app-dev.fake_domain.amazon.byu.edu", + "records": [], + "set_identifier": "", + "ttl": 0, + "type": "A", + "weighted_routing_policy": [], + "zone_id": "Z0FAKE1D" + } + }, + { + "address": "module.app.module.fargate.aws_route53_record.aaaa_record", + "mode": "managed", + "type": "aws_route53_record", + "name": "aaaa_record", + "provider_name": "aws", + "schema_version": 2, + "values": { + "alias": [ + { + "evaluate_target_health": true, + "name": "fake_app-dev-alb-1234567890.us-west-2.elb.amazonaws.com", + "zone_id": "FAKE123" + } + ], + "allow_overwrite": null, + "failover_routing_policy": [], + "fqdn": "fake_app-dev.fake_domain.amazon.byu.edu", + "geolocation_routing_policy": [], + "health_check_id": "", + "id": "Z0FAKE1D_fake_app-dev.fake_domain.amazon.byu.edu._AAAA", + "latency_routing_policy": [], + "multivalue_answer_routing_policy": null, + "name": "fake_app-dev.fake_domain.amazon.byu.edu", + "records": [], + "set_identifier": "", + "ttl": 0, + "type": "AAAA", + "weighted_routing_policy": [], + "zone_id": "Z0FAKE1D" + } + }, + { + "address": "module.app.module.fargate.aws_security_group.alb-sg", + "mode": "managed", + "type": "aws_security_group", + "name": "alb-sg", + "provider_name": "aws", + "schema_version": 1, + "values": { + "arn": "arn:aws:ec2:us-west-2:***:security-group/sg-0fake1d", + "description": "Controls access to the fake_app-dev-alb", + "egress": [ + { + "cidr_blocks": [ + "0.0.0.0/0" + ], + "description": "", + "from_port": 0, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "-1", + "security_groups": [], + "self": false, + "to_port": 0 + } + ], + "id": "sg-0fake1d", + "ingress": [ + { + "cidr_blocks": [ + "0.0.0.0/0" + ], + "description": "", + "from_port": 443, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [], + "self": false, + "to_port": 443 + }, + { + "cidr_blocks": [ + "0.0.0.0/0" + ], + "description": "", + "from_port": 80, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [], + "self": false, + "to_port": 80 + } + ], + "name": "fake_app-dev-alb-sg", + "name_prefix": null, + "owner_id": "***", + "revoke_rules_on_delete": false, + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "timeouts": null, + "vpc_id": "vpc-0fake1d" + } + }, + { + "address": "module.app.module.fargate.aws_security_group.fargate_service_sg", + "mode": "managed", + "type": "aws_security_group", + "name": "fargate_service_sg", + "provider_name": "aws", + "schema_version": 1, + "values": { + "arn": "arn:aws:ec2:us-west-2:***:security-group/sg-0fake1d", + "description": "Controls access to the Fargate Service", + "egress": [ + { + "cidr_blocks": [ + "0.0.0.0/0" + ], + "description": "", + "from_port": 0, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "-1", + "security_groups": [], + "self": false, + "to_port": 0 + } + ], + "id": "sg-0fake1d", + "ingress": [ + { + "cidr_blocks": [], + "description": "", + "from_port": 0, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [ + "sg-0fake1d" + ], + "self": false, + "to_port": 65535 + } + ], + "name": "fake_app-dev-fargate-sg", + "name_prefix": null, + "owner_id": "***", + "revoke_rules_on_delete": false, + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "timeouts": null, + "vpc_id": "vpc-0fake1d" + } + }, + { + "address": "module.app.module.fargate.local_file.appspec_json", + "mode": "managed", + "type": "local_file", + "name": "appspec_json", + "provider_name": "local", + "schema_version": 0, + "values": { + "content_base64": null, + "directory_permission": "0777", + "file_permission": "0777", + "filename": "/home/runner/work/fake_app/fake_app/terraform-iac/dev/app/appspec.json", + "sensitive_content": null + } + } + ], + "address": "module.app.module.fargate" + } + ] + } + ] + } + }, + "resource_changes": [ + { + "address": "module.app.aws_security_group_rule.db_access", + "module_address": "module.app", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "db_access", + "provider_name": "aws", + "change": { + "actions": [ + "no-op" + ], + "before": { + "cidr_blocks": [], + "description": "", + "from_port": 3306, + "id": "sgrule-012341234", + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_group_id": "sg-0fake1d", + "self": false, + "source_security_group_id": "sg-0fake1d", + "to_port": 3306, + "type": "ingress" + }, + "after": { + "cidr_blocks": [], + "description": "", + "from_port": 3306, + "id": "sgrule-012341234", + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_group_id": "sg-0fake1d", + "self": false, + "source_security_group_id": "sg-0fake1d", + "to_port": 3306, + "type": "ingress" + }, + "after_unknown": {} + } + }, + { + "address": "module.app.module.database.aws_db_instance.database", + "module_address": "module.app.module.database", + "mode": "managed", + "type": "aws_db_instance", + "name": "database", + "provider_name": "aws", + "change": { + "actions": [ + "no-op" + ], + "before": { + "address": "fake_app-dev-db.0fake1d.us-west-2.rds.amazonaws.com", + "allocated_storage": 32, + "allow_major_version_upgrade": null, + "apply_immediately": null, + "arn": "arn:aws:rds:us-west-2:***:db:fake_app-dev-db", + "auto_minor_version_upgrade": true, + "availability_zone": "us-west-2b", + "backup_retention_period": 7, + "backup_window": "07:01-07:31", + "ca_cert_identifier": "rds-ca-2019", + "character_set_name": null, + "copy_tags_to_snapshot": true, + "db_subnet_group_name": "oit-oregon-dev-db-subnet-group", + "delete_automated_backups": true, + "deletion_protection": true, + "domain": "", + "domain_iam_role_name": "", + "enabled_cloudwatch_logs_exports": [ + "error", + "general", + "slowquery" + ], + "endpoint": "fake_app-dev-db.0fake1d.us-west-2.rds.amazonaws.com:3306", + "engine": "mysql", + "engine_version": "8.0.11", + "final_snapshot_identifier": "fake_app-dev-db-final-snapshot", + "hosted_zone_id": "ZFAKE1D", + "iam_database_authentication_enabled": false, + "id": "fake_app-dev-db", + "identifier": "fake_app-dev-db", + "identifier_prefix": null, + "instance_class": "db.t2.small", + "iops": 0, + "kms_key_id": "arn:aws:kms:us-west-2:***:key/cfake1d", + "license_model": "general-public-license", + "maintenance_window": "thu:11:33-thu:12:03", + "max_allocated_storage": 0, + "monitoring_interval": 0, + "monitoring_role_arn": "", + "multi_az": false, + "name": "deleteme2dev", + "option_group_name": "default:mysql-8-0", + "parameter_group_name": "default.mysql8.0", + "password": "*******", + "performance_insights_enabled": false, + "performance_insights_kms_key_id": "", + "performance_insights_retention_period": 0, + "port": 3306, + "publicly_accessible": false, + "replicas": [], + "replicate_source_db": "", + "resource_id": "db-FAKE1D", + "s3_import": [], + "security_group_names": [], + "skip_final_snapshot": true, + "snapshot_identifier": null, + "status": "available", + "storage_encrypted": true, + "storage_type": "gp2", + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "timeouts": null, + "timezone": "", + "username": "*******", + "vpc_security_group_ids": [ + "sg-0fake1d" + ] + }, + "after": { + "address": "fake_app-dev-db.0fake1d.us-west-2.rds.amazonaws.com", + "allocated_storage": 32, + "allow_major_version_upgrade": null, + "apply_immediately": null, + "arn": "arn:aws:rds:us-west-2:***:db:fake_app-dev-db", + "auto_minor_version_upgrade": true, + "availability_zone": "us-west-2b", + "backup_retention_period": 7, + "backup_window": "07:01-07:31", + "ca_cert_identifier": "rds-ca-2019", + "character_set_name": null, + "copy_tags_to_snapshot": true, + "db_subnet_group_name": "oit-oregon-dev-db-subnet-group", + "delete_automated_backups": true, + "deletion_protection": true, + "domain": "", + "domain_iam_role_name": "", + "enabled_cloudwatch_logs_exports": [ + "error", + "general", + "slowquery" + ], + "endpoint": "fake_app-dev-db.0fake1d.us-west-2.rds.amazonaws.com:3306", + "engine": "mysql", + "engine_version": "8.0.11", + "final_snapshot_identifier": "fake_app-dev-db-final-snapshot", + "hosted_zone_id": "ZFAKE1D", + "iam_database_authentication_enabled": false, + "id": "fake_app-dev-db", + "identifier": "fake_app-dev-db", + "identifier_prefix": null, + "instance_class": "db.t2.small", + "iops": 0, + "kms_key_id": "arn:aws:kms:us-west-2:***:key/cfake1d", + "license_model": "general-public-license", + "maintenance_window": "thu:11:33-thu:12:03", + "max_allocated_storage": 0, + "monitoring_interval": 0, + "monitoring_role_arn": "", + "multi_az": false, + "name": "deleteme2dev", + "option_group_name": "default:mysql-8-0", + "parameter_group_name": "default.mysql8.0", + "password": "*******", + "performance_insights_enabled": false, + "performance_insights_kms_key_id": "", + "performance_insights_retention_period": 0, + "port": 3306, + "publicly_accessible": false, + "replicas": [], + "replicate_source_db": "", + "resource_id": "db-FAKE1D", + "s3_import": [], + "security_group_names": [], + "skip_final_snapshot": true, + "snapshot_identifier": null, + "status": "available", + "storage_encrypted": true, + "storage_type": "gp2", + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "timeouts": null, + "timezone": "", + "username": "*******", + "vpc_security_group_ids": [ + "sg-0fake1d" + ] + }, + "after_unknown": {} + } + }, + { + "address": "module.app.module.database.aws_security_group.db_security_group", + "module_address": "module.app.module.database", + "mode": "managed", + "type": "aws_security_group", + "name": "db_security_group", + "provider_name": "aws", + "change": { + "actions": [ + "no-op" + ], + "before": { + "arn": "arn:aws:ec2:us-west-2:***:security-group/sg-0fake1d", + "description": "Security group for fake_app-dev-db RDS instance", + "egress": [], + "id": "sg-0fake1d", + "ingress": [ + { + "cidr_blocks": [], + "description": "", + "from_port": 3306, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [ + "sg-0fake1d" + ], + "self": false, + "to_port": 3306 + } + ], + "name": "fake_app-dev-db-db_sg", + "name_prefix": null, + "owner_id": "***", + "revoke_rules_on_delete": false, + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "timeouts": null, + "vpc_id": "vpc-0fake1d" + }, + "after": { + "arn": "arn:aws:ec2:us-west-2:***:security-group/sg-0fake1d", + "description": "Security group for fake_app-dev-db RDS instance", + "egress": [], + "id": "sg-0fake1d", + "ingress": [ + { + "cidr_blocks": [], + "description": "", + "from_port": 3306, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [ + "sg-0fake1d" + ], + "self": false, + "to_port": 3306 + } + ], + "name": "fake_app-dev-db-db_sg", + "name_prefix": null, + "owner_id": "***", + "revoke_rules_on_delete": false, + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "timeouts": null, + "vpc_id": "vpc-0fake1d" + }, + "after_unknown": {} + } + }, + { + "address": "module.app.module.database.aws_ssm_parameter.master_password", + "module_address": "module.app.module.database", + "mode": "managed", + "type": "aws_ssm_parameter", + "name": "master_password", + "provider_name": "aws", + "change": { + "actions": [ + "no-op" + ], + "before": { + "allowed_pattern": "", + "arn": "arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_password", + "description": "fake_app-dev-db Database master password", + "id": "/fake_app-dev-db/master_password", + "key_id": "alias/aws/ssm", + "name": "/fake_app-dev-db/master_password", + "overwrite": null, + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "tier": "Standard", + "type": "SecureString", + "value": "*******", + "version": 1 + }, + "after": { + "allowed_pattern": "", + "arn": "arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_password", + "description": "fake_app-dev-db Database master password", + "id": "/fake_app-dev-db/master_password", + "key_id": "alias/aws/ssm", + "name": "/fake_app-dev-db/master_password", + "overwrite": null, + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "tier": "Standard", + "type": "SecureString", + "value": "*******", + "version": 1 + }, + "after_unknown": {} + } + }, + { + "address": "module.app.module.database.aws_ssm_parameter.master_username", + "module_address": "module.app.module.database", + "mode": "managed", + "type": "aws_ssm_parameter", + "name": "master_username", + "provider_name": "aws", + "change": { + "actions": [ + "no-op" + ], + "before": { + "allowed_pattern": "", + "arn": "arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_username", + "description": "fake_app-dev-db Database master username", + "id": "/fake_app-dev-db/master_username", + "key_id": "", + "name": "/fake_app-dev-db/master_username", + "overwrite": null, + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "tier": "Standard", + "type": "String", + "value": "*******", + "version": 1 + }, + "after": { + "allowed_pattern": "", + "arn": "arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_username", + "description": "fake_app-dev-db Database master username", + "id": "/fake_app-dev-db/master_username", + "key_id": "", + "name": "/fake_app-dev-db/master_username", + "overwrite": null, + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "tier": "Standard", + "type": "String", + "value": "*******", + "version": 1 + }, + "after_unknown": {} + } + }, + { + "address": "module.app.module.database.random_password.default[0]", + "module_address": "module.app.module.database", + "mode": "managed", + "type": "random_password", + "name": "default", + "index": 0, + "provider_name": "random", + "change": { + "actions": [ + "no-op" + ], + "before": { + "id": "none", + "keepers": { + "recreate_password": "false" + }, + "length": 32, + "lower": true, + "min_lower": 0, + "min_numeric": 0, + "min_special": 0, + "min_upper": 0, + "number": true, + "override_special": null, + "result": "*******", + "special": false, + "upper": true + }, + "after": { + "id": "none", + "keepers": { + "recreate_password": "false" + }, + "length": 32, + "lower": true, + "min_lower": 0, + "min_numeric": 0, + "min_special": 0, + "min_upper": 0, + "number": true, + "override_special": null, + "result": "*******", + "special": false, + "upper": true + }, + "after_unknown": {} + } + }, + { + "address": "module.app.module.fargate.aws_alb.alb", + "module_address": "module.app.module.fargate", + "mode": "managed", + "type": "aws_alb", + "name": "alb", + "provider_name": "aws", + "change": { + "actions": [ + "no-op" + ], + "before": { + "access_logs": [ + { + "bucket": "", + "enabled": false, + "prefix": "" + } + ], + "arn": "arn:aws:elasticloadbalancing:us-west-2:***:loadbalancer/app/fake_app-dev-alb/fake1d", + "arn_suffix": "app/fake_app-dev-alb/fake1d", + "dns_name": "fake_app-dev-alb-1234567890.us-west-2.elb.amazonaws.com", + "drop_invalid_header_fields": false, + "enable_cross_zone_load_balancing": null, + "enable_deletion_protection": false, + "enable_http2": true, + "id": "arn:aws:elasticloadbalancing:us-west-2:***:loadbalancer/app/fake_app-dev-alb/fake1d", + "idle_timeout": 60, + "internal": false, + "ip_address_type": "ipv4", + "load_balancer_type": "application", + "name": "fake_app-dev-alb", + "name_prefix": null, + "security_groups": [ + "sg-0fake1d" + ], + "subnet_mapping": [ + { + "allocation_id": "", + "subnet_id": "subnet-0fake1d" + }, + { + "allocation_id": "", + "subnet_id": "subnet-0fake1d" + } + ], + "subnets": [ + "subnet-0fake1d", + "subnet-0fake1d" + ], + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "timeouts": null, + "vpc_id": "vpc-0fake1d", + "zone_id": "FAKE123" + }, + "after": { + "access_logs": [ + { + "bucket": "", + "enabled": false, + "prefix": "" + } + ], + "arn": "arn:aws:elasticloadbalancing:us-west-2:***:loadbalancer/app/fake_app-dev-alb/fake1d", + "arn_suffix": "app/fake_app-dev-alb/fake1d", + "dns_name": "fake_app-dev-alb-1234567890.us-west-2.elb.amazonaws.com", + "drop_invalid_header_fields": false, + "enable_cross_zone_load_balancing": null, + "enable_deletion_protection": false, + "enable_http2": true, + "id": "arn:aws:elasticloadbalancing:us-west-2:***:loadbalancer/app/fake_app-dev-alb/fake1d", + "idle_timeout": 60, + "internal": false, + "ip_address_type": "ipv4", + "load_balancer_type": "application", + "name": "fake_app-dev-alb", + "name_prefix": null, + "security_groups": [ + "sg-0fake1d" + ], + "subnet_mapping": [ + { + "allocation_id": "", + "subnet_id": "subnet-0fake1d" + }, + { + "allocation_id": "", + "subnet_id": "subnet-0fake1d" + } + ], + "subnets": [ + "subnet-0fake1d", + "subnet-0fake1d" + ], + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "timeouts": null, + "vpc_id": "vpc-0fake1d", + "zone_id": "FAKE123" + }, + "after_unknown": {} + } + }, + { + "address": "module.app.module.fargate.aws_alb_listener.http_to_https", + "module_address": "module.app.module.fargate", + "mode": "managed", + "type": "aws_alb_listener", + "name": "http_to_https", + "provider_name": "aws", + "change": { + "actions": [ + "no-op" + ], + "before": { + "arn": "arn:aws:elasticloadbalancing:us-west-2:***:listener/app/fake_app-dev-alb/fake1d/0fake1d", + "certificate_arn": null, + "default_action": [ + { + "authenticate_cognito": [], + "authenticate_oidc": [], + "fixed_response": [], + "forward": [], + "order": 1, + "redirect": [ + { + "host": "#{host}", + "path": "/#{path}", + "port": "443", + "protocol": "HTTPS", + "query": "#{query}", + "status_code": "HTTP_301" + } + ], + "target_group_arn": "", + "type": "redirect" + } + ], + "id": "arn:aws:elasticloadbalancing:us-west-2:***:listener/app/fake_app-dev-alb/fake1d/0fake1d", + "load_balancer_arn": "arn:aws:elasticloadbalancing:us-west-2:***:loadbalancer/app/fake_app-dev-alb/fake1d", + "port": 80, + "protocol": "HTTP", + "ssl_policy": "", + "timeouts": null + }, + "after": { + "arn": "arn:aws:elasticloadbalancing:us-west-2:***:listener/app/fake_app-dev-alb/fake1d/0fake1d", + "certificate_arn": null, + "default_action": [ + { + "authenticate_cognito": [], + "authenticate_oidc": [], + "fixed_response": [], + "forward": [], + "order": 1, + "redirect": [ + { + "host": "#{host}", + "path": "/#{path}", + "port": "443", + "protocol": "HTTPS", + "query": "#{query}", + "status_code": "HTTP_301" + } + ], + "target_group_arn": "", + "type": "redirect" + } + ], + "id": "arn:aws:elasticloadbalancing:us-west-2:***:listener/app/fake_app-dev-alb/fake1d/0fake1d", + "load_balancer_arn": "arn:aws:elasticloadbalancing:us-west-2:***:loadbalancer/app/fake_app-dev-alb/fake1d", + "port": 80, + "protocol": "HTTP", + "ssl_policy": "", + "timeouts": null + }, + "after_unknown": {} + } + }, + { + "address": "module.app.module.fargate.aws_alb_listener.https", + "module_address": "module.app.module.fargate", + "mode": "managed", + "type": "aws_alb_listener", + "name": "https", + "provider_name": "aws", + "change": { + "actions": [ + "no-op" + ], + "before": { + "arn": "arn:aws:elasticloadbalancing:us-west-2:***:listener/app/fake_app-dev-alb/fake1d/0fake1d", + "certificate_arn": "arn:aws:acm:us-west-2:***:certificate/0fake1d", + "default_action": [ + { + "authenticate_cognito": [], + "authenticate_oidc": [], + "fixed_response": [], + "forward": [], + "order": 1, + "redirect": [], + "target_group_arn": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgb/0fake1d", + "type": "forward" + } + ], + "id": "arn:aws:elasticloadbalancing:us-west-2:***:listener/app/fake_app-dev-alb/fake1d/0fake1d", + "load_balancer_arn": "arn:aws:elasticloadbalancing:us-west-2:***:loadbalancer/app/fake_app-dev-alb/fake1d", + "port": 443, + "protocol": "HTTPS", + "ssl_policy": "ELBSecurityPolicy-2016-08", + "timeouts": null + }, + "after": { + "arn": "arn:aws:elasticloadbalancing:us-west-2:***:listener/app/fake_app-dev-alb/fake1d/0fake1d", + "certificate_arn": "arn:aws:acm:us-west-2:***:certificate/0fake1d", + "default_action": [ + { + "authenticate_cognito": [], + "authenticate_oidc": [], + "fixed_response": [], + "forward": [], + "order": 1, + "redirect": [], + "target_group_arn": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgb/0fake1d", + "type": "forward" + } + ], + "id": "arn:aws:elasticloadbalancing:us-west-2:***:listener/app/fake_app-dev-alb/fake1d/0fake1d", + "load_balancer_arn": "arn:aws:elasticloadbalancing:us-west-2:***:loadbalancer/app/fake_app-dev-alb/fake1d", + "port": 443, + "protocol": "HTTPS", + "ssl_policy": "ELBSecurityPolicy-2016-08", + "timeouts": null + }, + "after_unknown": {} + } + }, + { + "address": "module.app.module.fargate.aws_alb_target_group.blue", + "module_address": "module.app.module.fargate", + "mode": "managed", + "type": "aws_alb_target_group", + "name": "blue", + "provider_name": "aws", + "change": { + "actions": [ + "no-op" + ], + "before": { + "arn": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgb/0fake1d", + "arn_suffix": "targetgroup/fake_app-dev-tgb/0fake1d", + "deregistration_delay": 60, + "health_check": [ + { + "enabled": true, + "healthy_threshold": 3, + "interval": 30, + "matcher": "200", + "path": "/health", + "port": "traffic-port", + "protocol": "HTTP", + "timeout": 5, + "unhealthy_threshold": 3 + } + ], + "id": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgb/0fake1d", + "lambda_multi_value_headers_enabled": false, + "load_balancing_algorithm_type": "least_outstanding_requests", + "name": "fake_app-dev-tgb", + "name_prefix": null, + "port": 8080, + "protocol": "HTTP", + "proxy_protocol_v2": false, + "slow_start": 0, + "stickiness": [ + { + "cookie_duration": 86400, + "enabled": false, + "type": "lb_cookie" + } + ], + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "target_type": "ip", + "vpc_id": "vpc-0fake1d" + }, + "after": { + "arn": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgb/0fake1d", + "arn_suffix": "targetgroup/fake_app-dev-tgb/0fake1d", + "deregistration_delay": 60, + "health_check": [ + { + "enabled": true, + "healthy_threshold": 3, + "interval": 30, + "matcher": "200", + "path": "/health", + "port": "traffic-port", + "protocol": "HTTP", + "timeout": 5, + "unhealthy_threshold": 3 + } + ], + "id": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgb/0fake1d", + "lambda_multi_value_headers_enabled": false, + "load_balancing_algorithm_type": "least_outstanding_requests", + "name": "fake_app-dev-tgb", + "name_prefix": null, + "port": 8080, + "protocol": "HTTP", + "proxy_protocol_v2": false, + "slow_start": 0, + "stickiness": [ + { + "cookie_duration": 86400, + "enabled": false, + "type": "lb_cookie" + } + ], + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "target_type": "ip", + "vpc_id": "vpc-0fake1d" + }, + "after_unknown": {} + } + }, + { + "address": "module.app.module.fargate.aws_alb_target_group.green", + "module_address": "module.app.module.fargate", + "mode": "managed", + "type": "aws_alb_target_group", + "name": "green", + "provider_name": "aws", + "change": { + "actions": [ + "no-op" + ], + "before": { + "arn": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgg/0fake1d", + "arn_suffix": "targetgroup/fake_app-dev-tgg/0fake1d", + "deregistration_delay": 60, + "health_check": [ + { + "enabled": true, + "healthy_threshold": 3, + "interval": 30, + "matcher": "200", + "path": "/health", + "port": "traffic-port", + "protocol": "HTTP", + "timeout": 5, + "unhealthy_threshold": 3 + } + ], + "id": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgg/0fake1d", + "lambda_multi_value_headers_enabled": false, + "load_balancing_algorithm_type": "least_outstanding_requests", + "name": "fake_app-dev-tgg", + "name_prefix": null, + "port": 8080, + "protocol": "HTTP", + "proxy_protocol_v2": false, + "slow_start": 0, + "stickiness": [ + { + "cookie_duration": 86400, + "enabled": false, + "type": "lb_cookie" + } + ], + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "target_type": "ip", + "vpc_id": "vpc-0fake1d" + }, + "after": { + "arn": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgg/0fake1d", + "arn_suffix": "targetgroup/fake_app-dev-tgg/0fake1d", + "deregistration_delay": 60, + "health_check": [ + { + "enabled": true, + "healthy_threshold": 3, + "interval": 30, + "matcher": "200", + "path": "/health", + "port": "traffic-port", + "protocol": "HTTP", + "timeout": 5, + "unhealthy_threshold": 3 + } + ], + "id": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgg/0fake1d", + "lambda_multi_value_headers_enabled": false, + "load_balancing_algorithm_type": "least_outstanding_requests", + "name": "fake_app-dev-tgg", + "name_prefix": null, + "port": 8080, + "protocol": "HTTP", + "proxy_protocol_v2": false, + "slow_start": 0, + "stickiness": [ + { + "cookie_duration": 86400, + "enabled": false, + "type": "lb_cookie" + } + ], + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "target_type": "ip", + "vpc_id": "vpc-0fake1d" + }, + "after_unknown": {} + } + }, + { + "address": "module.app.module.fargate.aws_cloudwatch_log_group.container_log_group", + "module_address": "module.app.module.fargate", + "mode": "managed", + "type": "aws_cloudwatch_log_group", + "name": "container_log_group", + "provider_name": "aws", + "change": { + "actions": [ + "no-op" + ], + "before": { + "arn": "arn:aws:logs:us-west-2:***:log-group:fargate/fake_app-dev:*", + "id": "fargate/fake_app-dev", + "kms_key_id": "", + "name": "fargate/fake_app-dev", + "name_prefix": null, + "retention_in_days": 7, + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + } + }, + "after": { + "arn": "arn:aws:logs:us-west-2:***:log-group:fargate/fake_app-dev:*", + "id": "fargate/fake_app-dev", + "kms_key_id": "", + "name": "fargate/fake_app-dev", + "name_prefix": null, + "retention_in_days": 7, + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + } + }, + "after_unknown": {} + } + }, + { + "address": "module.app.module.fargate.aws_codedeploy_app.app", + "module_address": "module.app.module.fargate", + "mode": "managed", + "type": "aws_codedeploy_app", + "name": "app", + "provider_name": "aws", + "change": { + "actions": [ + "no-op" + ], + "before": { + "compute_platform": "ECS", + "id": "fake1d:fake_app-dev-codedeploy", + "name": "fake_app-dev-codedeploy", + "unique_id": null + }, + "after": { + "compute_platform": "ECS", + "id": "fake1d:fake_app-dev-codedeploy", + "name": "fake_app-dev-codedeploy", + "unique_id": null + }, + "after_unknown": {} + } + }, + { + "address": "module.app.module.fargate.aws_codedeploy_deployment_group.deploymentgroup", + "module_address": "module.app.module.fargate", + "mode": "managed", + "type": "aws_codedeploy_deployment_group", + "name": "deploymentgroup", + "provider_name": "aws", + "change": { + "actions": [ + "update" + ], + "before": { + "alarm_configuration": [], + "app_name": "fake_app-dev-codedeploy", + "auto_rollback_configuration": [ + { + "enabled": true, + "events": [ + "DEPLOYMENT_FAILURE" + ] + } + ], + "autoscaling_groups": [], + "blue_green_deployment_config": [ + { + "deployment_ready_option": [ + { + "action_on_timeout": "CONTINUE_DEPLOYMENT", + "wait_time_in_minutes": 0 + } + ], + "green_fleet_provisioning_option": [], + "terminate_blue_instances_on_deployment_success": [ + { + "action": "TERMINATE", + "termination_wait_time_in_minutes": 1 + } + ] + } + ], + "deployment_config_name": "CodeDeployDefault.ECSAllAtOnce", + "deployment_group_name": "fake_app-dev-deployment-group", + "deployment_style": [ + { + "deployment_option": "WITH_TRAFFIC_CONTROL", + "deployment_type": "BLUE_GREEN" + } + ], + "ec2_tag_filter": [], + "ec2_tag_set": [], + "ecs_service": [ + { + "cluster_name": "fake_app-dev", + "service_name": "fake_app-dev" + } + ], + "id": "fake1d", + "load_balancer_info": [ + { + "elb_info": [], + "target_group_info": [], + "target_group_pair_info": [ + { + "prod_traffic_route": [ + { + "listener_arns": [ + "arn:aws:elasticloadbalancing:us-west-2:***:listener/app/fake_app-dev-alb/fake1d/0fake1d" + ] + } + ], + "target_group": [ + { + "name": "fake_app-dev-tgb" + }, + { + "name": "fake_app-dev-tgg" + } + ], + "test_traffic_route": [] + } + ] + } + ], + "on_premises_instance_tag_filter": [], + "service_role_arn": "arn:aws:iam::***:role/PowerBuilder", + "trigger_configuration": [] + }, + "after": { + "alarm_configuration": [], + "app_name": "fake_app-dev-codedeploy", + "auto_rollback_configuration": [ + { + "enabled": true, + "events": [ + "DEPLOYMENT_FAILURE" + ] + } + ], + "autoscaling_groups": [], + "blue_green_deployment_config": [ + { + "deployment_ready_option": [ + { + "action_on_timeout": "CONTINUE_DEPLOYMENT", + "wait_time_in_minutes": 0 + } + ], + "green_fleet_provisioning_option": [], + "terminate_blue_instances_on_deployment_success": [ + { + "action": "TERMINATE", + "termination_wait_time_in_minutes": 1 + } + ] + } + ], + "deployment_config_name": "CodeDeployDefault.ECSAllAtOnce", + "deployment_group_name": "fake_app-dev-deployment-group", + "deployment_style": [ + { + "deployment_option": "WITH_TRAFFIC_CONTROL", + "deployment_type": "BLUE_GREEN" + } + ], + "ec2_tag_filter": [], + "ec2_tag_set": [], + "ecs_service": [ + { + "cluster_name": "fake_app-dev", + "service_name": "fake_app-dev" + } + ], + "id": "fake1d", + "load_balancer_info": [ + { + "elb_info": [], + "target_group_info": [], + "target_group_pair_info": [ + { + "prod_traffic_route": [ + { + "listener_arns": [ + "arn:aws:elasticloadbalancing:us-west-2:***:listener/app/fake_app-dev-alb/fake1d/0fake1d" + ] + } + ], + "target_group": [ + { + "name": "fake_app-dev-tgb" + }, + { + "name": "fake_app-dev-tgg" + } + ], + "test_traffic_route": [ + { + "listener_arns": null + } + ] + } + ] + } + ], + "on_premises_instance_tag_filter": [], + "service_role_arn": "arn:aws:iam::***:role/PowerBuilder", + "trigger_configuration": [] + }, + "after_unknown": {} + } + }, + { + "address": "module.app.module.fargate.aws_ecs_cluster.cluster", + "module_address": "module.app.module.fargate", + "mode": "managed", + "type": "aws_ecs_cluster", + "name": "cluster", + "provider_name": "aws", + "change": { + "actions": [ + "no-op" + ], + "before": { + "arn": "arn:aws:ecs:us-west-2:***:cluster/fake_app-dev", + "capacity_providers": [], + "default_capacity_provider_strategy": [], + "id": "arn:aws:ecs:us-west-2:***:cluster/fake_app-dev", + "name": "fake_app-dev", + "setting": [ + { + "name": "containerInsights", + "value": "enabled" + } + ], + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + } + }, + "after": { + "arn": "arn:aws:ecs:us-west-2:***:cluster/fake_app-dev", + "capacity_providers": [], + "default_capacity_provider_strategy": [], + "id": "arn:aws:ecs:us-west-2:***:cluster/fake_app-dev", + "name": "fake_app-dev", + "setting": [ + { + "name": "containerInsights", + "value": "enabled" + } + ], + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + } + }, + "after_unknown": {} + } + }, + { + "address": "module.app.module.fargate.aws_ecs_service.service", + "module_address": "module.app.module.fargate", + "mode": "managed", + "type": "aws_ecs_service", + "name": "service", + "provider_name": "aws", + "change": { + "actions": [ + "no-op" + ], + "before": { + "capacity_provider_strategy": [], + "cluster": "arn:aws:ecs:us-west-2:***:cluster/fake_app-dev", + "deployment_controller": [ + { + "type": "CODE_DEPLOY" + } + ], + "deployment_maximum_percent": 200, + "deployment_minimum_healthy_percent": 100, + "desired_count": 1, + "enable_ecs_managed_tags": false, + "force_new_deployment": null, + "health_check_grace_period_seconds": 0, + "iam_role": "aws-service-role", + "id": "arn:aws:ecs:us-west-2:***:service/fake_app-dev/fake_app-dev", + "launch_type": "FARGATE", + "load_balancer": [ + { + "container_name": "main", + "container_port": 8080, + "elb_name": "", + "target_group_arn": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgb/0fake1d" + } + ], + "name": "fake_app-dev", + "network_configuration": [ + { + "assign_public_ip": true, + "security_groups": [ + "sg-0fake1d" + ], + "subnets": [ + "subnet-0fake1d", + "subnet-0fake1d" + ] + } + ], + "ordered_placement_strategy": [], + "placement_constraints": [], + "placement_strategy": [], + "platform_version": "1.4.0", + "propagate_tags": "NONE", + "scheduling_strategy": "REPLICA", + "service_registries": [], + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "task_definition": "arn:aws:ecs:us-west-2:***:task-definition/fake_app-dev-def:5" + }, + "after": { + "capacity_provider_strategy": [], + "cluster": "arn:aws:ecs:us-west-2:***:cluster/fake_app-dev", + "deployment_controller": [ + { + "type": "CODE_DEPLOY" + } + ], + "deployment_maximum_percent": 200, + "deployment_minimum_healthy_percent": 100, + "desired_count": 1, + "enable_ecs_managed_tags": false, + "force_new_deployment": null, + "health_check_grace_period_seconds": 0, + "iam_role": "aws-service-role", + "id": "arn:aws:ecs:us-west-2:***:service/fake_app-dev/fake_app-dev", + "launch_type": "FARGATE", + "load_balancer": [ + { + "container_name": "main", + "container_port": 8080, + "elb_name": "", + "target_group_arn": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgb/0fake1d" + } + ], + "name": "fake_app-dev", + "network_configuration": [ + { + "assign_public_ip": true, + "security_groups": [ + "sg-0fake1d" + ], + "subnets": [ + "subnet-0fake1d", + "subnet-0fake1d" + ] + } + ], + "ordered_placement_strategy": [], + "placement_constraints": [], + "placement_strategy": [], + "platform_version": "1.4.0", + "propagate_tags": "NONE", + "scheduling_strategy": "REPLICA", + "service_registries": [], + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "task_definition": "arn:aws:ecs:us-west-2:***:task-definition/fake_app-dev-def:5" + }, + "after_unknown": {} + } + }, + { + "address": "module.app.module.fargate.aws_ecs_task_definition.task_def", + "module_address": "module.app.module.fargate", + "mode": "managed", + "type": "aws_ecs_task_definition", + "name": "task_def", + "provider_name": "aws", + "change": { + "actions": [ + "delete", + "create" + ], + "before": { + "arn": "arn:aws:ecs:us-west-2:***:task-definition/fake_app-dev-def:5", + "container_definitions": "[{\"cpu\":0,\"environment\":[{\"name\":\"ENV\",\"value\":\"dev\"},{\"name\":\"db_url\",\"value\":\"jdbc:mysql://fake_app-dev-db.0fake1d.us-west-2.rds.amazonaws.com:3306/deleteme2dev\"}],\"essential\":true,\"image\":\"***.dkr.ecr.us-west-2.amazonaws.com/fake_app-dev:2020-06-17_17-43-10\",\"logConfiguration\":{\"logDriver\":\"awslogs\",\"options\":{\"awslogs-group\":\"fargate/fake_app-dev\",\"awslogs-region\":\"us-west-2\",\"awslogs-stream-prefix\":\"fake_app-dev\"}},\"mountPoints\":[],\"name\":\"main\",\"portMappings\":[{\"containerPort\":8080,\"hostPort\":8080,\"protocol\":\"tcp\"}],\"privileged\":false,\"secrets\":[{\"name\":\"db_password\",\"valueFrom\":\"arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_password\"},{\"name\":\"db_username\",\"valueFrom\":\"arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_username\"}],\"volumesFrom\":[]}]", + "cpu": "256", + "execution_role_arn": "arn:aws:iam::***:role/fake_app-dev-taskExecutionRole", + "family": "fake_app-dev-def", + "id": "fake_app-dev-def", + "inference_accelerator": [], + "ipc_mode": "", + "memory": "512", + "network_mode": "awsvpc", + "pid_mode": "", + "placement_constraints": [], + "proxy_configuration": [], + "requires_compatibilities": [ + "FARGATE" + ], + "revision": 5, + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "task_role_arn": "arn:aws:iam::***:role/fake_app-dev-taskRole", + "volume": [] + }, + "after": { + "container_definitions": "[{\"environment\":[{\"name\":\"ENV\",\"value\":\"dev\"},{\"name\":\"db_url\",\"value\":\"jdbc:mysql://fake_app-dev-db.0fake1d.us-west-2.rds.amazonaws.com:3306/deleteme2dev\"}],\"essential\":true,\"image\":\"***.dkr.ecr.us-west-2.amazonaws.com/fake_app-dev:new_timestamp\",\"logConfiguration\":{\"logDriver\":\"awslogs\",\"options\":{\"awslogs-group\":\"fargate/fake_app-dev\",\"awslogs-region\":\"us-west-2\",\"awslogs-stream-prefix\":\"fake_app-dev\"}},\"mountPoints\":[],\"name\":\"main\",\"portMappings\":[{\"containerPort\":8080,\"hostPort\":8080,\"protocol\":\"tcp\"}],\"privileged\":false,\"secrets\":[{\"name\":\"db_password\",\"valueFrom\":\"arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_password\"},{\"name\":\"db_username\",\"valueFrom\":\"arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_username\"}],\"volumesFrom\":[]}]", + "cpu": "256", + "execution_role_arn": "arn:aws:iam::***:role/fake_app-dev-taskExecutionRole", + "family": "fake_app-dev-def", + "inference_accelerator": [], + "ipc_mode": null, + "memory": "512", + "network_mode": "awsvpc", + "pid_mode": null, + "placement_constraints": [], + "proxy_configuration": [], + "requires_compatibilities": [ + "FARGATE" + ], + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "task_role_arn": "arn:aws:iam::***:role/fake_app-dev-taskRole", + "volume": [] + }, + "after_unknown": { + "arn": true, + "id": true, + "inference_accelerator": [], + "placement_constraints": [], + "proxy_configuration": [], + "requires_compatibilities": [ + false + ], + "revision": true, + "tags": {}, + "volume": [] + } + } + }, + { + "address": "module.app.module.fargate.aws_iam_policy.secrets_access[0]", + "module_address": "module.app.module.fargate", + "mode": "managed", + "type": "aws_iam_policy", + "name": "secrets_access", + "index": 0, + "provider_name": "aws", + "change": { + "actions": [ + "no-op" + ], + "before": { + "arn": "arn:aws:iam::***:policy/fake_app-dev_secrets_access", + "description": "", + "id": "arn:aws:iam::***:policy/fake_app-dev_secrets_access", + "name": "fake_app-dev_secrets_access", + "name_prefix": null, + "path": "/", + "policy": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ssm:GetParemetersByPath\",\n \"ssm:GetParameters\",\n \"ssm:GetParameter\"\n ],\n \"Resource\": [\n \"arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_username\",\n \"arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_password\"\n ]\n }\n ]\n}" + }, + "after": { + "arn": "arn:aws:iam::***:policy/fake_app-dev_secrets_access", + "description": "", + "id": "arn:aws:iam::***:policy/fake_app-dev_secrets_access", + "name": "fake_app-dev_secrets_access", + "name_prefix": null, + "path": "/", + "policy": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ssm:GetParemetersByPath\",\n \"ssm:GetParameters\",\n \"ssm:GetParameter\"\n ],\n \"Resource\": [\n \"arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_username\",\n \"arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_password\"\n ]\n }\n ]\n}" + }, + "after_unknown": {} + } + }, + { + "address": "module.app.module.fargate.aws_iam_role.task_execution_role", + "module_address": "module.app.module.fargate", + "mode": "managed", + "type": "aws_iam_role", + "name": "task_execution_role", + "provider_name": "aws", + "change": { + "actions": [ + "no-op" + ], + "before": { + "arn": "arn:aws:iam::***:role/fake_app-dev-taskExecutionRole", + "assume_role_policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"ecs-tasks.amazonaws.com\"},\"Action\":\"sts:AssumeRole\"}]}", + "create_date": "2020-06-17T14:59:29Z", + "description": "", + "force_detach_policies": false, + "id": "fake_app-dev-taskExecutionRole", + "max_session_duration": 3600, + "name": "fake_app-dev-taskExecutionRole", + "name_prefix": null, + "path": "/", + "permissions_boundary": "arn:aws:iam::***:policy/iamRolePermissionBoundary", + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "unique_id": "AROAQKWMX5RQFY26MWWWF" + }, + "after": { + "arn": "arn:aws:iam::***:role/fake_app-dev-taskExecutionRole", + "assume_role_policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"ecs-tasks.amazonaws.com\"},\"Action\":\"sts:AssumeRole\"}]}", + "create_date": "2020-06-17T14:59:29Z", + "description": "", + "force_detach_policies": false, + "id": "fake_app-dev-taskExecutionRole", + "max_session_duration": 3600, + "name": "fake_app-dev-taskExecutionRole", + "name_prefix": null, + "path": "/", + "permissions_boundary": "arn:aws:iam::***:policy/iamRolePermissionBoundary", + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "unique_id": "AROAQKWMX5RQFY26MWWWF" + }, + "after_unknown": {} + } + }, + { + "address": "module.app.module.fargate.aws_iam_role.task_role", + "module_address": "module.app.module.fargate", + "mode": "managed", + "type": "aws_iam_role", + "name": "task_role", + "provider_name": "aws", + "change": { + "actions": [ + "no-op" + ], + "before": { + "arn": "arn:aws:iam::***:role/fake_app-dev-taskRole", + "assume_role_policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"ecs-tasks.amazonaws.com\"},\"Action\":\"sts:AssumeRole\"}]}", + "create_date": "2020-06-17T14:59:29Z", + "description": "", + "force_detach_policies": false, + "id": "fake_app-dev-taskRole", + "max_session_duration": 3600, + "name": "fake_app-dev-taskRole", + "name_prefix": null, + "path": "/", + "permissions_boundary": "arn:aws:iam::***:policy/iamRolePermissionBoundary", + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "unique_id": "FAKE1D" + }, + "after": { + "arn": "arn:aws:iam::***:role/fake_app-dev-taskRole", + "assume_role_policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"ecs-tasks.amazonaws.com\"},\"Action\":\"sts:AssumeRole\"}]}", + "create_date": "2020-06-17T14:59:29Z", + "description": "", + "force_detach_policies": false, + "id": "fake_app-dev-taskRole", + "max_session_duration": 3600, + "name": "fake_app-dev-taskRole", + "name_prefix": null, + "path": "/", + "permissions_boundary": "arn:aws:iam::***:policy/iamRolePermissionBoundary", + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "unique_id": "FAKE1D" + }, + "after_unknown": {} + } + }, + { + "address": "module.app.module.fargate.aws_iam_role_policy_attachment.secret_task_policy_attach[0]", + "module_address": "module.app.module.fargate", + "mode": "managed", + "type": "aws_iam_role_policy_attachment", + "name": "secret_task_policy_attach", + "index": 0, + "provider_name": "aws", + "change": { + "actions": [ + "no-op" + ], + "before": { + "id": "fake_app-dev-taskRole-0FAKE1D", + "policy_arn": "arn:aws:iam::***:policy/fake_app-dev_secrets_access", + "role": "fake_app-dev-taskRole" + }, + "after": { + "id": "fake_app-dev-taskRole-0FAKE1D", + "policy_arn": "arn:aws:iam::***:policy/fake_app-dev_secrets_access", + "role": "fake_app-dev-taskRole" + }, + "after_unknown": {} + } + }, + { + "address": "module.app.module.fargate.aws_iam_role_policy_attachment.secrets_policy_attach[0]", + "module_address": "module.app.module.fargate", + "mode": "managed", + "type": "aws_iam_role_policy_attachment", + "name": "secrets_policy_attach", + "index": 0, + "provider_name": "aws", + "change": { + "actions": [ + "no-op" + ], + "before": { + "id": "fake_app-dev-taskExecutionRole-0FAKE1D", + "policy_arn": "arn:aws:iam::***:policy/fake_app-dev_secrets_access", + "role": "fake_app-dev-taskExecutionRole" + }, + "after": { + "id": "fake_app-dev-taskExecutionRole-0FAKE1D", + "policy_arn": "arn:aws:iam::***:policy/fake_app-dev_secrets_access", + "role": "fake_app-dev-taskExecutionRole" + }, + "after_unknown": {} + } + }, + { + "address": "module.app.module.fargate.aws_iam_role_policy_attachment.task_execution_policy_attach", + "module_address": "module.app.module.fargate", + "mode": "managed", + "type": "aws_iam_role_policy_attachment", + "name": "task_execution_policy_attach", + "provider_name": "aws", + "change": { + "actions": [ + "no-op" + ], + "before": { + "id": "fake_app-dev-taskExecutionRole-0FAKE1D", + "policy_arn": "arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy", + "role": "fake_app-dev-taskExecutionRole" + }, + "after": { + "id": "fake_app-dev-taskExecutionRole-0FAKE1D", + "policy_arn": "arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy", + "role": "fake_app-dev-taskExecutionRole" + }, + "after_unknown": {} + } + }, + { + "address": "module.app.module.fargate.aws_route53_record.a_record", + "module_address": "module.app.module.fargate", + "mode": "managed", + "type": "aws_route53_record", + "name": "a_record", + "provider_name": "aws", + "change": { + "actions": [ + "no-op" + ], + "before": { + "alias": [ + { + "evaluate_target_health": true, + "name": "fake_app-dev-alb-1234567890.us-west-2.elb.amazonaws.com", + "zone_id": "FAKE123" + } + ], + "allow_overwrite": null, + "failover_routing_policy": [], + "fqdn": "fake_app-dev.fake_domain.amazon.byu.edu", + "geolocation_routing_policy": [], + "health_check_id": "", + "id": "Z0FAKE1D_fake_app-dev.fake_domain.amazon.byu.edu._A", + "latency_routing_policy": [], + "multivalue_answer_routing_policy": null, + "name": "fake_app-dev.fake_domain.amazon.byu.edu", + "records": [], + "set_identifier": "", + "ttl": 0, + "type": "A", + "weighted_routing_policy": [], + "zone_id": "Z0FAKE1D" + }, + "after": { + "alias": [ + { + "evaluate_target_health": true, + "name": "fake_app-dev-alb-1234567890.us-west-2.elb.amazonaws.com", + "zone_id": "FAKE123" + } + ], + "allow_overwrite": null, + "failover_routing_policy": [], + "fqdn": "fake_app-dev.fake_domain.amazon.byu.edu", + "geolocation_routing_policy": [], + "health_check_id": "", + "id": "Z0FAKE1D_fake_app-dev.fake_domain.amazon.byu.edu._A", + "latency_routing_policy": [], + "multivalue_answer_routing_policy": null, + "name": "fake_app-dev.fake_domain.amazon.byu.edu", + "records": [], + "set_identifier": "", + "ttl": 0, + "type": "A", + "weighted_routing_policy": [], + "zone_id": "Z0FAKE1D" + }, + "after_unknown": {} + } + }, + { + "address": "module.app.module.fargate.aws_route53_record.aaaa_record", + "module_address": "module.app.module.fargate", + "mode": "managed", + "type": "aws_route53_record", + "name": "aaaa_record", + "provider_name": "aws", + "change": { + "actions": [ + "no-op" + ], + "before": { + "alias": [ + { + "evaluate_target_health": true, + "name": "fake_app-dev-alb-1234567890.us-west-2.elb.amazonaws.com", + "zone_id": "FAKE123" + } + ], + "allow_overwrite": null, + "failover_routing_policy": [], + "fqdn": "fake_app-dev.fake_domain.amazon.byu.edu", + "geolocation_routing_policy": [], + "health_check_id": "", + "id": "Z0FAKE1D_fake_app-dev.fake_domain.amazon.byu.edu._AAAA", + "latency_routing_policy": [], + "multivalue_answer_routing_policy": null, + "name": "fake_app-dev.fake_domain.amazon.byu.edu", + "records": [], + "set_identifier": "", + "ttl": 0, + "type": "AAAA", + "weighted_routing_policy": [], + "zone_id": "Z0FAKE1D" + }, + "after": { + "alias": [ + { + "evaluate_target_health": true, + "name": "fake_app-dev-alb-1234567890.us-west-2.elb.amazonaws.com", + "zone_id": "FAKE123" + } + ], + "allow_overwrite": null, + "failover_routing_policy": [], + "fqdn": "fake_app-dev.fake_domain.amazon.byu.edu", + "geolocation_routing_policy": [], + "health_check_id": "", + "id": "Z0FAKE1D_fake_app-dev.fake_domain.amazon.byu.edu._AAAA", + "latency_routing_policy": [], + "multivalue_answer_routing_policy": null, + "name": "fake_app-dev.fake_domain.amazon.byu.edu", + "records": [], + "set_identifier": "", + "ttl": 0, + "type": "AAAA", + "weighted_routing_policy": [], + "zone_id": "Z0FAKE1D" + }, + "after_unknown": {} + } + }, + { + "address": "module.app.module.fargate.aws_security_group.alb-sg", + "module_address": "module.app.module.fargate", + "mode": "managed", + "type": "aws_security_group", + "name": "alb-sg", + "provider_name": "aws", + "change": { + "actions": [ + "no-op" + ], + "before": { + "arn": "arn:aws:ec2:us-west-2:***:security-group/sg-0fake1d", + "description": "Controls access to the fake_app-dev-alb", + "egress": [ + { + "cidr_blocks": [ + "0.0.0.0/0" + ], + "description": "", + "from_port": 0, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "-1", + "security_groups": [], + "self": false, + "to_port": 0 + } + ], + "id": "sg-0fake1d", + "ingress": [ + { + "cidr_blocks": [ + "0.0.0.0/0" + ], + "description": "", + "from_port": 443, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [], + "self": false, + "to_port": 443 + }, + { + "cidr_blocks": [ + "0.0.0.0/0" + ], + "description": "", + "from_port": 80, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [], + "self": false, + "to_port": 80 + } + ], + "name": "fake_app-dev-alb-sg", + "name_prefix": null, + "owner_id": "***", + "revoke_rules_on_delete": false, + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "timeouts": null, + "vpc_id": "vpc-0fake1d" + }, + "after": { + "arn": "arn:aws:ec2:us-west-2:***:security-group/sg-0fake1d", + "description": "Controls access to the fake_app-dev-alb", + "egress": [ + { + "cidr_blocks": [ + "0.0.0.0/0" + ], + "description": "", + "from_port": 0, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "-1", + "security_groups": [], + "self": false, + "to_port": 0 + } + ], + "id": "sg-0fake1d", + "ingress": [ + { + "cidr_blocks": [ + "0.0.0.0/0" + ], + "description": "", + "from_port": 443, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [], + "self": false, + "to_port": 443 + }, + { + "cidr_blocks": [ + "0.0.0.0/0" + ], + "description": "", + "from_port": 80, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [], + "self": false, + "to_port": 80 + } + ], + "name": "fake_app-dev-alb-sg", + "name_prefix": null, + "owner_id": "***", + "revoke_rules_on_delete": false, + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "timeouts": null, + "vpc_id": "vpc-0fake1d" + }, + "after_unknown": {} + } + }, + { + "address": "module.app.module.fargate.aws_security_group.fargate_service_sg", + "module_address": "module.app.module.fargate", + "mode": "managed", + "type": "aws_security_group", + "name": "fargate_service_sg", + "provider_name": "aws", + "change": { + "actions": [ + "no-op" + ], + "before": { + "arn": "arn:aws:ec2:us-west-2:***:security-group/sg-0fake1d", + "description": "Controls access to the Fargate Service", + "egress": [ + { + "cidr_blocks": [ + "0.0.0.0/0" + ], + "description": "", + "from_port": 0, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "-1", + "security_groups": [], + "self": false, + "to_port": 0 + } + ], + "id": "sg-0fake1d", + "ingress": [ + { + "cidr_blocks": [], + "description": "", + "from_port": 0, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [ + "sg-0fake1d" + ], + "self": false, + "to_port": 65535 + } + ], + "name": "fake_app-dev-fargate-sg", + "name_prefix": null, + "owner_id": "***", + "revoke_rules_on_delete": false, + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "timeouts": null, + "vpc_id": "vpc-0fake1d" + }, + "after": { + "arn": "arn:aws:ec2:us-west-2:***:security-group/sg-0fake1d", + "description": "Controls access to the Fargate Service", + "egress": [ + { + "cidr_blocks": [ + "0.0.0.0/0" + ], + "description": "", + "from_port": 0, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "-1", + "security_groups": [], + "self": false, + "to_port": 0 + } + ], + "id": "sg-0fake1d", + "ingress": [ + { + "cidr_blocks": [], + "description": "", + "from_port": 0, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [ + "sg-0fake1d" + ], + "self": false, + "to_port": 65535 + } + ], + "name": "fake_app-dev-fargate-sg", + "name_prefix": null, + "owner_id": "***", + "revoke_rules_on_delete": false, + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "timeouts": null, + "vpc_id": "vpc-0fake1d" + }, + "after_unknown": {} + } + }, + { + "address": "module.app.module.fargate.local_file.appspec_json", + "module_address": "module.app.module.fargate", + "mode": "managed", + "type": "local_file", + "name": "appspec_json", + "provider_name": "local", + "change": { + "actions": [ + "create" + ], + "before": null, + "after": { + "content_base64": null, + "directory_permission": "0777", + "file_permission": "0777", + "filename": "/home/runner/work/fake_app/fake_app/terraform-iac/dev/app/appspec.json", + "sensitive_content": null + }, + "after_unknown": { + "content": true, + "id": true + } + } + } + ], + "output_changes": { + "codedeploy_app_name": { + "actions": [ + "create" + ], + "before": null, + "after": "fake_app-dev-codedeploy", + "after_unknown": false + }, + "codedeploy_appspec_json_file": { + "actions": [ + "create" + ], + "before": null, + "after": "/home/runner/work/fake_app/fake_app/terraform-iac/dev/app/appspec.json", + "after_unknown": false + }, + "codedeploy_deployment_group_name": { + "actions": [ + "create" + ], + "before": null, + "after": "fake_app-dev-deployment-group", + "after_unknown": false + } + }, + "prior_state": { + "format_version": "0.1", + "terraform_version": "0.12.26", + "values": { + "outputs": { + "codedeploy_app_name": { + "sensitive": false, + "value": "fake_app-dev-codedeploy" + }, + "codedeploy_deployment_group_name": { + "sensitive": false, + "value": "fake_app-dev-deployment-group" + } + }, + "*******_module": { + "child_modules": [ + { + "resources": [ + { + "address": "aws_security_group_rule.db_access", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "db_access", + "provider_name": "aws", + "schema_version": 2, + "values": { + "cidr_blocks": [], + "description": "", + "from_port": 3306, + "id": "sgrule-012341234", + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_group_id": "sg-0fake1d", + "self": false, + "source_security_group_id": "sg-0fake1d", + "to_port": 3306, + "type": "ingress" + }, + "depends_on": [ + "module.app.module.database.aws_security_group.db_security_group", + "module.app.module.fargate.aws_security_group.alb-sg", + "module.app.module.fargate.aws_security_group.fargate_service_sg" + ] + }, + { + "address": "data.aws_ecr_repository.ecr_repo", + "mode": "data", + "type": "aws_ecr_repository", + "name": "ecr_repo", + "provider_name": "aws", + "schema_version": 0, + "values": { + "arn": "arn:aws:ecr:us-west-2:***:repository/fake_app-dev", + "id": "fake_app-dev", + "name": "fake_app-dev", + "registry_id": "***", + "repository_url": "***.dkr.ecr.us-west-2.amazonaws.com/fake_app-dev", + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + } + } + } + ], + "address": "module.app", + "child_modules": [ + { + "resources": [ + { + "address": "data.aws_acm_certificate.cert", + "mode": "data", + "type": "aws_acm_certificate", + "name": "cert", + "index": 0, + "provider_name": "aws", + "schema_version": 0, + "values": { + "arn": "arn:aws:acm:us-west-2:***:certificate/0fake1d", + "domain": "fake_domain.amazon.byu.edu", + "id": "2020-06-24 19:40:11.645734343 +0000 UTC", + "key_types": null, + "most_recent": false, + "statuses": null, + "tags": { + "IAC": "Terraform" + }, + "types": null + } + }, + { + "address": "data.aws_acm_certificate.virginia", + "mode": "data", + "type": "aws_acm_certificate", + "name": "virginia", + "index": 0, + "provider_name": "aws.virginia", + "schema_version": 0, + "values": { + "arn": "arn:aws:acm:us-east-1:***:certificate/bfdbbdd8-2245-4b87-9bdb-a6f36dee03f0", + "domain": "fake_domain.amazon.byu.edu", + "id": "2020-06-24 19:40:11.087617241 +0000 UTC", + "key_types": null, + "most_recent": false, + "statuses": null, + "tags": { + "IAC": "Terraform" + }, + "types": null + } + }, + { + "address": "data.aws_iam_account_alias.current", + "mode": "data", + "type": "aws_iam_account_alias", + "name": "current", + "provider_name": "aws", + "schema_version": 0, + "values": { + "account_alias": "fake_domain", + "id": "2020-06-24 19:40:09.518373467 +0000 UTC" + } + }, + { + "address": "data.aws_iam_policy.role_permission_boundary", + "mode": "data", + "type": "aws_iam_policy", + "name": "role_permission_boundary", + "index": 0, + "provider_name": "aws", + "schema_version": 0, + "values": { + "arn": "arn:aws:iam::***:policy/iamRolePermissionBoundary", + "description": "Role Permission Boundary Policy - Managed by Terraform", + "id": "arn:aws:iam::***:policy/iamRolePermissionBoundary", + "name": "iamRolePermissionBoundary", + "path": "/", + "policy": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"AccountAdminPolicy\",\n \"Effect\": \"Allow\",\n \"NotAction\": \"iam:*\",\n \"Resource\": \"*\"\n },\n {\n \"Sid\": \"DenyPassUnsafeRoles\",\n \"Effect\": \"Deny\",\n \"Action\": [\n \"iam:PassRole\"\n ],\n \"Resource\": [\n \"arn:aws:iam::***:role/OrganizationAccountAccessRole\",\n \"arn:aws:iam::***:role/Admin\",\n \"arn:aws:iam::***:role/PowerUser\",\n \"arn:aws:iam::***:role/PowerBuilder\",\n \"arn:aws:iam::***:role/ReadOnly\",\n \"arn:aws:iam::***:role/HawaiiPowerUser\",\n \"arn:aws:iam::***:role/HawaiiReadOnly\"\n\t ]\n },\n {\n \"Sid\": \"AllowSomeIAM\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"iam:PassRole\",\n \t\"iam:ListServerCertificates\",\n \t\"iam:GetServerCertificate\",\n \t\"iam:GetRole\",\n \t\"iam:GetRolePolicy\",\n \t\"iam:CreateServiceLinkedRole\"\n ], \n \"Resource\": \"*\"\n },\n {\n \"Sid\": \"ProtectACSResources\",\n \"Effect\": \"Deny\",\n \"Action\": \"*\",\n \"Resource\": [\n \"arn:aws:s3:::cloudtrail-***\",\n \"arn:aws:s3:::aws-acs-***\",\n \"arn:aws:cloudtrail:us-west-2:***:trail/aws-acs-logs-cloudtrail\",\n \"arn:aws:dynamodb:us-west-2:***:table/aws-acs-***\"\n ]\n },\n {\n \"Sid\": \"ProtectACSParameters\",\n \"Effect\": \"Deny\",\n \"Action\": [\n \"ssm:DeleteParameter\",\n \"ssm:DeleteParameters\",\n \"ssm:PutParameter\"\n ],\n \"Resource\": [\n \"arn:aws:ssm:us-west-2:***:parameter/acs/*\",\n \"arn:aws:ssm:us-east-1:***:parameter/acs/*\"\n ]\n },\n {\n \"Sid\": \"BlockOddRegions\",\n \"Effect\": \"Deny\",\n \"Action\": \"*\",\n \"Resource\": \"*\",\n \"Condition\": {\n \"StringNotEquals\": {\n \"aws:RequestedRegion\": [\n \"us-west-2\",\n \"us-east-1\"\n ]\n }\n }\n },\n {\n \"Sid\": \"NoNewVPCs\",\n \"Effect\": \"Deny\",\n \"Action\": [\n \"ec2:CreateVpc\",\n \"ec2:CreateDefaultVpc\",\n \"account:EnableRegion\",\n \"account:DisableRegion\"\n ],\n \"Resource\": \"*\"\n }\n ]\n}\n" + } + }, + { + "address": "data.aws_iam_policy.user_permission_boundary", + "mode": "data", + "type": "aws_iam_policy", + "name": "user_permission_boundary", + "index": 0, + "provider_name": "aws", + "schema_version": 0, + "values": { + "arn": "arn:aws:iam::***:policy/iamUserPermissionBoundary", + "description": "User Permission Boundary Policy - Managed by Terraform", + "id": "arn:aws:iam::***:policy/iamUserPermissionBoundary", + "name": "iamUserPermissionBoundary", + "path": "/", + "policy": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"AccountAdminPolicy\",\n \"Effect\": \"Allow\",\n \"NotAction\": \"iam:*\",\n \"Resource\": \"*\"\n },\n {\n \"Sid\": \"DenyPassUnsafeRoles\",\n \"Effect\": \"Deny\",\n \"Action\": [\n \"iam:PassRole\"\n ],\n \"Resource\": [\n \"arn:aws:iam::***:role/OrganizationAccountAccessRole\",\n \"arn:aws:iam::***:role/Admin\",\n \"arn:aws:iam::***:role/PowerUser\",\n \"arn:aws:iam::***:role/PowerBuilder\",\n \"arn:aws:iam::***:role/ReadOnly\",\n \"arn:aws:iam::***:role/HawaiiPowerUser\",\n \"arn:aws:iam::***:role/HawaiiReadOnly\"\n\t ]\n },\n {\n \"Sid\": \"AllowSomeIAM\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"iam:PassRole\",\n \t\"iam:ListServerCertificates\",\n \t\"iam:GetServerCertificate\",\n \t\"iam:GetRole\",\n \t\"iam:GetRolePolicy\",\n \t\"iam:CreateServiceLinkedRole\"\n ], \n \"Resource\": \"*\"\n },\n {\n \"Sid\": \"ProtectACSResources\",\n \"Effect\": \"Deny\",\n \"Action\": \"*\",\n \"Resource\": [\n \"arn:aws:s3:::cloudtrail-***\",\n \"arn:aws:s3:::aws-acs-***\",\n \"arn:aws:cloudtrail:us-west-2:***:trail/aws-acs-logs-cloudtrail\",\n \"arn:aws:dynamodb:us-west-2:***:table/aws-acs-***\"\n ]\n },\n {\n \"Sid\": \"ProtectACSParameters\",\n \"Effect\": \"Deny\",\n \"Action\": [\n \"ssm:DeleteParameter\",\n \"ssm:DeleteParameters\",\n \"ssm:PutParameter\"\n ],\n \"Resource\": [\n \"arn:aws:ssm:us-west-2:***:parameter/acs/*\",\n \"arn:aws:ssm:us-east-1:***:parameter/acs/*\"\n ]\n },\n {\n \"Sid\": \"BlockOddRegions\",\n \"Effect\": \"Deny\",\n \"Action\": \"*\",\n \"Resource\": \"*\",\n \"Condition\": {\n \"StringNotEquals\": {\n \"aws:RequestedRegion\": [\n \"us-west-2\",\n \"us-east-1\"\n ]\n }\n }\n },\n {\n \"Sid\": \"NoNewVPCs\",\n \"Effect\": \"Deny\",\n \"Action\": [\n \"ec2:CreateVpc\",\n \"ec2:CreateDefaultVpc\"\n ],\n \"Resource\": \"*\"\n },\n {\n \"Sid\": \"LimitUserRights\",\n \"Effect\": \"Deny\",\n \"Action\": [\n \"sts:AssumeRole\",\n \"ec2:RunInstances\",\n \"autoscaling:CreateAutoScalingGroup\",\n \"account:EnableRegion\",\n \"account:DisableRegion\"\n ],\n \"Resource\": \"*\"\n }\n ]\n}\n" + } + }, + { + "address": "data.aws_iam_role.power_builder", + "mode": "data", + "type": "aws_iam_role", + "name": "power_builder", + "provider_name": "aws", + "schema_version": 0, + "values": { + "arn": "arn:aws:iam::***:role/PowerBuilder", + "assume_role_policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"codebuild.amazonaws.com\",\"events.amazonaws.com\",\"edgelambda.amazonaws.com\",\"codedeploy.amazonaws.com\",\"lambda.amazonaws.com\"]},\"Action\":\"sts:AssumeRole\"}]}", + "assume_role_policy_document": null, + "create_date": "2019-10-18T19:28:27Z", + "description": "PowerBuilderPolicy and PowerPolicy - Managed by Terraform", + "id": "PowerBuilder", + "max_session_duration": 32400, + "name": "PowerBuilder", + "path": "/", + "permissions_boundary": "", + "role_id": null, + "role_name": null, + "tags": {}, + "unique_id": "AROAQKWMX5RQBRYXAHQVY" + } + }, + { + "address": "data.aws_iam_role.power_user", + "mode": "data", + "type": "aws_iam_role", + "name": "power_user", + "provider_name": "aws", + "schema_version": 0, + "values": { + "arn": "arn:aws:iam::***:role/PowerUser", + "assume_role_policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Federated\":\"arn:aws:iam::***:saml-provider/ADFS\"},\"Action\":\"sts:AssumeRoleWithSAML\",\"Condition\":{\"StringEquals\":{\"SAML:aud\":\"https://signin.aws.amazon.com/saml\"}}}]}", + "assume_role_policy_document": null, + "create_date": "2019-10-18T19:28:27Z", + "description": "PowerUserPolicy and PowerPolicy - Managed by Terraform", + "id": "PowerUser", + "max_session_duration": 32400, + "name": "PowerUser", + "path": "/", + "permissions_boundary": "", + "role_id": null, + "role_name": null, + "tags": {}, + "unique_id": "AROAQKWMX5RQFWZGDCD3I" + } + }, + { + "address": "data.aws_iam_role.read_only", + "mode": "data", + "type": "aws_iam_role", + "name": "read_only", + "provider_name": "aws", + "schema_version": 0, + "values": { + "arn": "arn:aws:iam::***:role/ReadOnly", + "assume_role_policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Federated\":\"arn:aws:iam::***:saml-provider/ADFS\"},\"Action\":\"sts:AssumeRoleWithSAML\",\"Condition\":{\"StringEquals\":{\"SAML:aud\":\"https://signin.aws.amazon.com/saml\"}}}]}", + "assume_role_policy_document": null, + "create_date": "2019-10-18T19:28:27Z", + "description": "ReadOnly and ReadOnlyDenies - Managed by Terraform", + "id": "ReadOnly", + "max_session_duration": 32400, + "name": "ReadOnly", + "path": "/", + "permissions_boundary": "", + "role_id": null, + "role_name": null, + "tags": {}, + "unique_id": "AROAQKWMX5RQIZFBVRSAE" + } + }, + { + "address": "data.aws_region.current", + "mode": "data", + "type": "aws_region", + "name": "current", + "provider_name": "aws", + "schema_version": 0, + "values": { + "current": null, + "description": "US West (Oregon)", + "endpoint": "ec2.us-west-2.amazonaws.com", + "id": "us-west-2", + "name": "us-west-2" + } + }, + { + "address": "data.aws_route53_zone.zone", + "mode": "data", + "type": "aws_route53_zone", + "name": "zone", + "index": 0, + "provider_name": "aws", + "schema_version": 0, + "values": { + "caller_reference": "terraform-20191018192825296800000001", + "comment": "Managed by Terraform", + "id": "Z0FAKE1D", + "linked_service_description": null, + "linked_service_principal": null, + "name": "fake_domain.amazon.byu.edu.", + "name_servers": [ + "ns-1069.awsdns-05.org", + "ns-1594.awsdns-07.co.uk", + "ns-190.awsdns-23.com", + "ns-890.awsdns-47.net" + ], + "private_zone": false, + "resource_record_set_count": 17, + "tags": { + "IAC": "Terraform", + "env": "dev", + "repo": "https://github.com/byu-oit/aws-acs" + }, + "vpc_id": null, + "zone_id": "Z0FAKE1D" + } + }, + { + "address": "data.aws_security_group.oracle", + "mode": "data", + "type": "aws_security_group", + "name": "oracle", + "index": 0, + "provider_name": "aws", + "schema_version": 0, + "values": { + "arn": "arn:aws:ec2:us-west-2:***:security-group/sg-0b4eb66efead1d1e1", + "description": "Used to connect to ORACLE Xinetd Server in Platform Account - Managed by Terraform", + "filter": null, + "id": "sg-0b4eb66efead1d1e1", + "name": "vpn_oregon_dev_xinetd", + "tags": { + "IAC": "Terraform", + "Name": "ORACLE/CMAN Xinetd Security Group" + }, + "vpc_id": "vpc-07016e8396cc0d094" + } + }, + { + "address": "data.aws_security_group.rds", + "mode": "data", + "type": "aws_security_group", + "name": "rds", + "provider_name": "aws", + "schema_version": 0, + "values": { + "arn": "arn:aws:ec2:us-west-2:***:security-group/sg-000968b3647ca2fad", + "description": "Security Group for RDS - Managed by Terraform", + "filter": [ + { + "name": "group-name", + "values": [ + "*rds_security_group*" + ] + }, + { + "name": "vpc-id", + "values": [ + "vpc-0fake1d" + ] + } + ], + "id": "sg-000968b3647ca2fad", + "name": "rds_security_group_oit_oregon_dev", + "tags": { + "IAC": "Terraform", + "Name": "RDS Security Group - OIT Oregon Dev" + }, + "vpc_id": "vpc-0fake1d" + } + }, + { + "address": "data.aws_security_group.ssh_rdp", + "mode": "data", + "type": "aws_security_group", + "name": "ssh_rdp", + "provider_name": "aws", + "schema_version": 0, + "values": { + "arn": "arn:aws:ec2:us-west-2:***:security-group/sg-02a5b89b0eef89932", + "description": "Security Group for SSH/RDP - Managed by Terraform", + "filter": [ + { + "name": "group-name", + "values": [ + "*ssh_rdp*" + ] + }, + { + "name": "vpc-id", + "values": [ + "vpc-0fake1d" + ] + } + ], + "id": "sg-02a5b89b0eef89932", + "name": "ssh_rdp_sg_oit_oregon_dev", + "tags": { + "IAC": "Terraform", + "Name": "SSH/RDP from BYU" + }, + "vpc_id": "vpc-0fake1d" + } + }, + { + "address": "data.aws_ssm_parameter.acs_parameters", + "mode": "data", + "type": "aws_ssm_parameter", + "name": "acs_parameters", + "provider_name": "aws", + "schema_version": 0, + "values": { + "arn": "arn:aws:ssm:us-west-2:***:parameter/acsParameters", + "id": "acsParameters", + "name": "acsParameters", + "type": "String", + "value": "{\"/acs/acm/zone-cert-arn\": \"arn:aws:acm:us-west-2:***:certificate/0fake1d\", \"/acs/acm/zone-cert-id\": \"arn:aws:acm:us-west-2:***:certificate/0fake1d\", \"/acs/dns/zone-id\": \"Z0FAKE1D\", \"/acs/dns/zone-name\": \"fake_domain.amazon.byu.edu.\", \"/acs/git/token\": \"27c8476d8a501f2f4f789ece25e5418b2bad46c0\", \"/acs/iam/iamRolePermissionBoundary\": \"arn:aws:iam::***:policy/iamRolePermissionBoundary\", \"/acs/iam/iamUserPermissionBoundary\": \"arn:aws:iam::***:policy/iamUserPermissionBoundary\", \"/acs/vpc/oit-oregon-dev\": \"vpc-0fake1d\", \"/acs/vpc/oit-oregon-dev-data-a\": \"subnet-0f4cb0342b0732de1\", \"/acs/vpc/oit-oregon-dev-data-b\": \"subnet-083fda44af54ef47a\", \"/acs/vpc/oit-oregon-dev-private-b\": \"subnet-0fake1d\", \"/acs/vpc/sshrdp_sg\": \"ssh_rdp_sg_oit_oregon_dev\", \"/acs/vpc/vpc-name\": \"oit-oregon-dev\", \"/acs/vpc/vpn-oit-oregon-dev-data-b\": \"subnet-098f9ec9e3cd13db8\", \"/acs/vpc/vpn-oit-oregon-dev-private-b\": \"subnet-0069c0ca4522027f5\", \"/acs/vpc/xinetd-sg-id\": \"sg-0b4eb66efead1d1e1\", \"/acs/vpc/oit-oregon-dev-public-a\": \"subnet-0fake1d\", \"/acs/vpc/oit-oregon-dev-public-b\": \"subnet-0fake1d\", \"/acs/vpc/rds_sg\": \"rds_security_group_oit_oregon_dev\", \"/acs/vpc/rds_vpn_sg\": \"rds_security_group_vpn_oit_oregon_dev\", \"/acs/vpc/sshrdp_vpn_sg\": \"ssh_rdp_sg_vpn_oit_oregon_dev\", \"/acs/vpc/vpn-oit-oregon-dev\": \"vpc-07016e8396cc0d094\", \"/acs/vpc/vpn-oit-oregon-dev-data-a\": \"subnet-04ef6dfe521d80527\", \"/acs/vpc/vpn-oit-oregon-dev-private-a\": \"subnet-04e5fcbaff98d47d4\", \"/acs/vpc/vpn-oit-oregon-dev-public-a\": \"subnet-0940eb9b3c9f477db\", \"/acs/vpc/vpn-oit-oregon-dev-public-b\": \"subnet-0db85a6e19afc78a9\", \"/acs/vpc/oit-oregon-dev-private-a\": \"subnet-0fake1d\", \"/acs/vpc/vpn-vpc-name\": \"vpn-oit-oregon-dev\"}", + "version": 126331, + "with_decryption": true + } + }, + { + "address": "data.aws_subnet.data_a", + "mode": "data", + "type": "aws_subnet", + "name": "data_a", + "index": 0, + "provider_name": "aws", + "schema_version": 0, + "values": { + "arn": "arn:aws:ec2:us-west-2:867441714531:subnet/subnet-0f4cb0342b0732de1", + "assign_ipv6_address_on_creation": false, + "availability_zone": "us-west-2b", + "availability_zone_id": "usw2-az1", + "cidr_block": "172.17.192.0/19", + "default_for_az": false, + "filter": null, + "id": "subnet-0f4cb0342b0732de1", + "ipv6_cidr_block": null, + "ipv6_cidr_block_association_id": null, + "map_public_ip_on_launch": false, + "outpost_arn": "", + "owner_id": "867441714531", + "state": "available", + "tags": { + "Name": "oit-oregon-dev-data-a" + }, + "vpc_id": "vpc-0fake1d" + } + }, + { + "address": "data.aws_subnet.data_b", + "mode": "data", + "type": "aws_subnet", + "name": "data_b", + "index": 0, + "provider_name": "aws", + "schema_version": 0, + "values": { + "arn": "arn:aws:ec2:us-west-2:867441714531:subnet/subnet-083fda44af54ef47a", + "assign_ipv6_address_on_creation": false, + "availability_zone": "us-west-2a", + "availability_zone_id": "usw2-az2", + "cidr_block": "172.17.224.0/19", + "default_for_az": false, + "filter": null, + "id": "subnet-083fda44af54ef47a", + "ipv6_cidr_block": null, + "ipv6_cidr_block_association_id": null, + "map_public_ip_on_launch": false, + "outpost_arn": "", + "owner_id": "867441714531", + "state": "available", + "tags": { + "Name": "oit-oregon-dev-data-b" + }, + "vpc_id": "vpc-0fake1d" + } + }, + { + "address": "data.aws_subnet.private_a", + "mode": "data", + "type": "aws_subnet", + "name": "private_a", + "index": 0, + "provider_name": "aws", + "schema_version": 0, + "values": { + "arn": "arn:aws:ec2:us-west-2:867441714531:subnet/subnet-0fake1d", + "assign_ipv6_address_on_creation": false, + "availability_zone": "us-west-2b", + "availability_zone_id": "usw2-az1", + "cidr_block": "172.17.64.0/18", + "default_for_az": false, + "filter": null, + "id": "subnet-0fake1d", + "ipv6_cidr_block": null, + "ipv6_cidr_block_association_id": null, + "map_public_ip_on_launch": false, + "outpost_arn": "", + "owner_id": "867441714531", + "state": "available", + "tags": { + "Name": "oit-oregon-dev-private-a" + }, + "vpc_id": "vpc-0fake1d" + } + }, + { + "address": "data.aws_subnet.private_b", + "mode": "data", + "type": "aws_subnet", + "name": "private_b", + "index": 0, + "provider_name": "aws", + "schema_version": 0, + "values": { + "arn": "arn:aws:ec2:us-west-2:867441714531:subnet/subnet-0fake1d", + "assign_ipv6_address_on_creation": false, + "availability_zone": "us-west-2a", + "availability_zone_id": "usw2-az2", + "cidr_block": "172.17.128.0/18", + "default_for_az": false, + "filter": null, + "id": "subnet-0fake1d", + "ipv6_cidr_block": null, + "ipv6_cidr_block_association_id": null, + "map_public_ip_on_launch": false, + "outpost_arn": "", + "owner_id": "867441714531", + "state": "available", + "tags": { + "Name": "oit-oregon-dev-private-b" + }, + "vpc_id": "vpc-0fake1d" + } + }, + { + "address": "data.aws_subnet.public_a", + "mode": "data", + "type": "aws_subnet", + "name": "public_a", + "index": 0, + "provider_name": "aws", + "schema_version": 0, + "values": { + "arn": "arn:aws:ec2:us-west-2:867441714531:subnet/subnet-0fake1d", + "assign_ipv6_address_on_creation": false, + "availability_zone": "us-west-2b", + "availability_zone_id": "usw2-az1", + "cidr_block": "172.17.0.0/19", + "default_for_az": false, + "filter": null, + "id": "subnet-0fake1d", + "ipv6_cidr_block": null, + "ipv6_cidr_block_association_id": null, + "map_public_ip_on_launch": true, + "outpost_arn": "", + "owner_id": "867441714531", + "state": "available", + "tags": { + "Name": "oit-oregon-dev-public-a" + }, + "vpc_id": "vpc-0fake1d" + } + }, + { + "address": "data.aws_subnet.public_b", + "mode": "data", + "type": "aws_subnet", + "name": "public_b", + "index": 0, + "provider_name": "aws", + "schema_version": 0, + "values": { + "arn": "arn:aws:ec2:us-west-2:867441714531:subnet/subnet-0fake1d", + "assign_ipv6_address_on_creation": false, + "availability_zone": "us-west-2a", + "availability_zone_id": "usw2-az2", + "cidr_block": "172.17.32.0/19", + "default_for_az": false, + "filter": null, + "id": "subnet-0fake1d", + "ipv6_cidr_block": null, + "ipv6_cidr_block_association_id": null, + "map_public_ip_on_launch": true, + "outpost_arn": "", + "owner_id": "867441714531", + "state": "available", + "tags": { + "Name": "oit-oregon-dev-public-b" + }, + "vpc_id": "vpc-0fake1d" + } + }, + { + "address": "data.aws_vpc.vpc", + "mode": "data", + "type": "aws_vpc", + "name": "vpc", + "provider_name": "aws", + "schema_version": 0, + "values": { + "arn": "arn:aws:ec2:us-west-2:***:vpc/vpc-0fake1d", + "cidr_block": "172.17.0.0/16", + "cidr_block_associations": [ + { + "association_id": "vpc-cidr-assoc-0b5bc60464f6096ad", + "cidr_block": "172.17.0.0/16", + "state": "associated" + } + ], + "default": false, + "dhcp_options_id": "dopt-fa2e9d82", + "enable_dns_hostnames": true, + "enable_dns_support": true, + "filter": null, + "id": "vpc-0fake1d", + "instance_tenancy": "default", + "ipv6_association_id": null, + "ipv6_cidr_block": null, + "main_route_table_id": "rtb-0055fed2722008648", + "owner_id": "867441714531", + "state": "available", + "tags": { + "Name": "oit-oregon-dev" + } + } + } + ], + "address": "module.app.module.acs" + }, + { + "resources": [ + { + "address": "aws_alb.alb", + "mode": "managed", + "type": "aws_alb", + "name": "alb", + "provider_name": "aws", + "schema_version": 0, + "values": { + "access_logs": [ + { + "bucket": "", + "enabled": false, + "prefix": "" + } + ], + "arn": "arn:aws:elasticloadbalancing:us-west-2:***:loadbalancer/app/fake_app-dev-alb/fake1d", + "arn_suffix": "app/fake_app-dev-alb/fake1d", + "dns_name": "fake_app-dev-alb-1234567890.us-west-2.elb.amazonaws.com", + "drop_invalid_header_fields": false, + "enable_cross_zone_load_balancing": null, + "enable_deletion_protection": false, + "enable_http2": true, + "id": "arn:aws:elasticloadbalancing:us-west-2:***:loadbalancer/app/fake_app-dev-alb/fake1d", + "idle_timeout": 60, + "internal": false, + "ip_address_type": "ipv4", + "load_balancer_type": "application", + "name": "fake_app-dev-alb", + "name_prefix": null, + "security_groups": [ + "sg-0fake1d" + ], + "subnet_mapping": [ + { + "allocation_id": "", + "subnet_id": "subnet-0fake1d" + }, + { + "allocation_id": "", + "subnet_id": "subnet-0fake1d" + } + ], + "subnets": [ + "subnet-0fake1d", + "subnet-0fake1d" + ], + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "timeouts": null, + "vpc_id": "vpc-0fake1d", + "zone_id": "FAKE123" + }, + "depends_on": [ + "module.app.module.fargate.aws_security_group.alb-sg" + ] + }, + { + "address": "aws_alb_listener.http_to_https", + "mode": "managed", + "type": "aws_alb_listener", + "name": "http_to_https", + "provider_name": "aws", + "schema_version": 0, + "values": { + "arn": "arn:aws:elasticloadbalancing:us-west-2:***:listener/app/fake_app-dev-alb/fake1d/0fake1d", + "certificate_arn": null, + "default_action": [ + { + "authenticate_cognito": [], + "authenticate_oidc": [], + "fixed_response": [], + "forward": [], + "order": 1, + "redirect": [ + { + "host": "#{host}", + "path": "/#{path}", + "port": "443", + "protocol": "HTTPS", + "query": "#{query}", + "status_code": "HTTP_301" + } + ], + "target_group_arn": "", + "type": "redirect" + } + ], + "id": "arn:aws:elasticloadbalancing:us-west-2:***:listener/app/fake_app-dev-alb/fake1d/0fake1d", + "load_balancer_arn": "arn:aws:elasticloadbalancing:us-west-2:***:loadbalancer/app/fake_app-dev-alb/fake1d", + "port": 80, + "protocol": "HTTP", + "ssl_policy": "", + "timeouts": null + }, + "depends_on": [ + "module.app.module.fargate.aws_alb.alb", + "module.app.module.fargate.aws_alb_listener.https", + "module.app.module.fargate.aws_alb_target_group.blue", + "module.app.module.fargate.aws_alb_target_group.green", + "module.app.module.fargate.aws_security_group.alb-sg" + ] + }, + { + "address": "aws_alb_listener.https", + "mode": "managed", + "type": "aws_alb_listener", + "name": "https", + "provider_name": "aws", + "schema_version": 0, + "values": { + "arn": "arn:aws:elasticloadbalancing:us-west-2:***:listener/app/fake_app-dev-alb/fake1d/0fake1d", + "certificate_arn": "arn:aws:acm:us-west-2:***:certificate/0fake1d", + "default_action": [ + { + "authenticate_cognito": [], + "authenticate_oidc": [], + "fixed_response": [], + "forward": [], + "order": 1, + "redirect": [], + "target_group_arn": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgb/0fake1d", + "type": "forward" + } + ], + "id": "arn:aws:elasticloadbalancing:us-west-2:***:listener/app/fake_app-dev-alb/fake1d/0fake1d", + "load_balancer_arn": "arn:aws:elasticloadbalancing:us-west-2:***:loadbalancer/app/fake_app-dev-alb/fake1d", + "port": 443, + "protocol": "HTTPS", + "ssl_policy": "ELBSecurityPolicy-2016-08", + "timeouts": null + }, + "depends_on": [ + "module.app.module.fargate.aws_alb.alb", + "module.app.module.fargate.aws_alb_target_group.blue", + "module.app.module.fargate.aws_alb_target_group.green", + "module.app.module.fargate.aws_security_group.alb-sg" + ] + }, + { + "address": "aws_alb_target_group.blue", + "mode": "managed", + "type": "aws_alb_target_group", + "name": "blue", + "provider_name": "aws", + "schema_version": 0, + "values": { + "arn": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgb/0fake1d", + "arn_suffix": "targetgroup/fake_app-dev-tgb/0fake1d", + "deregistration_delay": 60, + "health_check": [ + { + "enabled": true, + "healthy_threshold": 3, + "interval": 30, + "matcher": "200", + "path": "/health", + "port": "traffic-port", + "protocol": "HTTP", + "timeout": 5, + "unhealthy_threshold": 3 + } + ], + "id": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgb/0fake1d", + "lambda_multi_value_headers_enabled": false, + "load_balancing_algorithm_type": "least_outstanding_requests", + "name": "fake_app-dev-tgb", + "name_prefix": null, + "port": 8080, + "protocol": "HTTP", + "proxy_protocol_v2": false, + "slow_start": 0, + "stickiness": [ + { + "cookie_duration": 86400, + "enabled": false, + "type": "lb_cookie" + } + ], + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "target_type": "ip", + "vpc_id": "vpc-0fake1d" + }, + "depends_on": [ + "module.app.module.fargate.aws_alb.alb", + "module.app.module.fargate.aws_security_group.alb-sg" + ] + }, + { + "address": "aws_alb_target_group.green", + "mode": "managed", + "type": "aws_alb_target_group", + "name": "green", + "provider_name": "aws", + "schema_version": 0, + "values": { + "arn": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgg/0fake1d", + "arn_suffix": "targetgroup/fake_app-dev-tgg/0fake1d", + "deregistration_delay": 60, + "health_check": [ + { + "enabled": true, + "healthy_threshold": 3, + "interval": 30, + "matcher": "200", + "path": "/health", + "port": "traffic-port", + "protocol": "HTTP", + "timeout": 5, + "unhealthy_threshold": 3 + } + ], + "id": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgg/0fake1d", + "lambda_multi_value_headers_enabled": false, + "load_balancing_algorithm_type": "least_outstanding_requests", + "name": "fake_app-dev-tgg", + "name_prefix": null, + "port": 8080, + "protocol": "HTTP", + "proxy_protocol_v2": false, + "slow_start": 0, + "stickiness": [ + { + "cookie_duration": 86400, + "enabled": false, + "type": "lb_cookie" + } + ], + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "target_type": "ip", + "vpc_id": "vpc-0fake1d" + }, + "depends_on": [ + "module.app.module.fargate.aws_alb.alb", + "module.app.module.fargate.aws_security_group.alb-sg" + ] + }, + { + "address": "aws_cloudwatch_log_group.container_log_group", + "mode": "managed", + "type": "aws_cloudwatch_log_group", + "name": "container_log_group", + "provider_name": "aws", + "schema_version": 0, + "values": { + "arn": "arn:aws:logs:us-west-2:***:log-group:fargate/fake_app-dev:*", + "id": "fargate/fake_app-dev", + "kms_key_id": "", + "name": "fargate/fake_app-dev", + "name_prefix": null, + "retention_in_days": 7, + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + } + } + }, + { + "address": "aws_codedeploy_app.app", + "mode": "managed", + "type": "aws_codedeploy_app", + "name": "app", + "provider_name": "aws", + "schema_version": 0, + "values": { + "compute_platform": "ECS", + "id": "fake1d:fake_app-dev-codedeploy", + "name": "fake_app-dev-codedeploy", + "unique_id": null + } + }, + { + "address": "aws_codedeploy_deployment_group.deploymentgroup", + "mode": "managed", + "type": "aws_codedeploy_deployment_group", + "name": "deploymentgroup", + "provider_name": "aws", + "schema_version": 0, + "values": { + "alarm_configuration": [], + "app_name": "fake_app-dev-codedeploy", + "auto_rollback_configuration": [ + { + "enabled": true, + "events": [ + "DEPLOYMENT_FAILURE" + ] + } + ], + "autoscaling_groups": [], + "blue_green_deployment_config": [ + { + "deployment_ready_option": [ + { + "action_on_timeout": "CONTINUE_DEPLOYMENT", + "wait_time_in_minutes": 0 + } + ], + "green_fleet_provisioning_option": [], + "terminate_blue_instances_on_deployment_success": [ + { + "action": "TERMINATE", + "termination_wait_time_in_minutes": 1 + } + ] + } + ], + "deployment_config_name": "CodeDeployDefault.ECSAllAtOnce", + "deployment_group_name": "fake_app-dev-deployment-group", + "deployment_style": [ + { + "deployment_option": "WITH_TRAFFIC_CONTROL", + "deployment_type": "BLUE_GREEN" + } + ], + "ec2_tag_filter": [], + "ec2_tag_set": [], + "ecs_service": [ + { + "cluster_name": "fake_app-dev", + "service_name": "fake_app-dev" + } + ], + "id": "fake1d", + "load_balancer_info": [ + { + "elb_info": [], + "target_group_info": [], + "target_group_pair_info": [ + { + "prod_traffic_route": [ + { + "listener_arns": [ + "arn:aws:elasticloadbalancing:us-west-2:***:listener/app/fake_app-dev-alb/fake1d/0fake1d" + ] + } + ], + "target_group": [ + { + "name": "fake_app-dev-tgb" + }, + { + "name": "fake_app-dev-tgg" + } + ], + "test_traffic_route": [] + } + ] + } + ], + "on_premises_instance_tag_filter": [], + "service_role_arn": "arn:aws:iam::***:role/PowerBuilder", + "trigger_configuration": [] + }, + "depends_on": [ + "module.app.module.fargate.aws_alb_listener.https", + "module.app.module.fargate.aws_alb_listener.test_listener", + "module.app.module.fargate.aws_alb_target_group.blue", + "module.app.module.fargate.aws_alb_target_group.green", + "module.app.module.fargate.aws_codedeploy_app.app", + "module.app.module.fargate.aws_ecs_cluster.cluster", + "module.app.module.fargate.aws_ecs_service.service" + ] + }, + { + "address": "aws_ecs_cluster.cluster", + "mode": "managed", + "type": "aws_ecs_cluster", + "name": "cluster", + "provider_name": "aws", + "schema_version": 0, + "values": { + "arn": "arn:aws:ecs:us-west-2:***:cluster/fake_app-dev", + "capacity_providers": [], + "default_capacity_provider_strategy": [], + "id": "arn:aws:ecs:us-west-2:***:cluster/fake_app-dev", + "name": "fake_app-dev", + "setting": [ + { + "name": "containerInsights", + "value": "enabled" + } + ], + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + } + } + }, + { + "address": "aws_ecs_service.service", + "mode": "managed", + "type": "aws_ecs_service", + "name": "service", + "provider_name": "aws", + "schema_version": 0, + "values": { + "capacity_provider_strategy": [], + "cluster": "arn:aws:ecs:us-west-2:***:cluster/fake_app-dev", + "deployment_controller": [ + { + "type": "CODE_DEPLOY" + } + ], + "deployment_maximum_percent": 200, + "deployment_minimum_healthy_percent": 100, + "desired_count": 1, + "enable_ecs_managed_tags": false, + "force_new_deployment": null, + "health_check_grace_period_seconds": 0, + "iam_role": "aws-service-role", + "id": "arn:aws:ecs:us-west-2:***:service/fake_app-dev/fake_app-dev", + "launch_type": "FARGATE", + "load_balancer": [ + { + "container_name": "main", + "container_port": 8080, + "elb_name": "", + "target_group_arn": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgb/0fake1d" + } + ], + "name": "fake_app-dev", + "network_configuration": [ + { + "assign_public_ip": true, + "security_groups": [ + "sg-0fake1d" + ], + "subnets": [ + "subnet-0fake1d", + "subnet-0fake1d" + ] + } + ], + "ordered_placement_strategy": [], + "placement_constraints": [], + "placement_strategy": [], + "platform_version": "1.4.0", + "propagate_tags": "NONE", + "scheduling_strategy": "REPLICA", + "service_registries": [], + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "task_definition": "arn:aws:ecs:us-west-2:***:task-definition/fake_app-dev-def:5" + }, + "depends_on": [ + "module.app.module.database.aws_db_instance.database", + "module.app.module.database.aws_security_group.db_security_group", + "module.app.module.database.aws_ssm_parameter.master_password", + "module.app.module.database.aws_ssm_parameter.master_username", + "module.app.module.database.random_password.default", + "module.app.module.fargate.aws_alb.alb", + "module.app.module.fargate.aws_alb_target_group.blue", + "module.app.module.fargate.aws_ecs_cluster.cluster", + "module.app.module.fargate.aws_ecs_task_definition.task_def", + "module.app.module.fargate.aws_iam_role.task_execution_role", + "module.app.module.fargate.aws_iam_role.task_role", + "module.app.module.fargate.aws_security_group.alb-sg", + "module.app.module.fargate.aws_security_group.fargate_service_sg" + ] + }, + { + "address": "aws_ecs_task_definition.task_def", + "mode": "managed", + "type": "aws_ecs_task_definition", + "name": "task_def", + "provider_name": "aws", + "schema_version": 1, + "values": { + "arn": "arn:aws:ecs:us-west-2:***:task-definition/fake_app-dev-def:5", + "container_definitions": "[{\"cpu\":0,\"environment\":[{\"name\":\"ENV\",\"value\":\"dev\"},{\"name\":\"db_url\",\"value\":\"jdbc:mysql://fake_app-dev-db.0fake1d.us-west-2.rds.amazonaws.com:3306/deleteme2dev\"}],\"essential\":true,\"image\":\"***.dkr.ecr.us-west-2.amazonaws.com/fake_app-dev:2020-06-17_17-43-10\",\"logConfiguration\":{\"logDriver\":\"awslogs\",\"options\":{\"awslogs-group\":\"fargate/fake_app-dev\",\"awslogs-region\":\"us-west-2\",\"awslogs-stream-prefix\":\"fake_app-dev\"}},\"mountPoints\":[],\"name\":\"main\",\"portMappings\":[{\"containerPort\":8080,\"hostPort\":8080,\"protocol\":\"tcp\"}],\"privileged\":false,\"secrets\":[{\"name\":\"db_password\",\"valueFrom\":\"arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_password\"},{\"name\":\"db_username\",\"valueFrom\":\"arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_username\"}],\"volumesFrom\":[]}]", + "cpu": "256", + "execution_role_arn": "arn:aws:iam::***:role/fake_app-dev-taskExecutionRole", + "family": "fake_app-dev-def", + "id": "fake_app-dev-def", + "inference_accelerator": [], + "ipc_mode": "", + "memory": "512", + "network_mode": "awsvpc", + "pid_mode": "", + "placement_constraints": [], + "proxy_configuration": [], + "requires_compatibilities": [ + "FARGATE" + ], + "revision": 5, + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "task_role_arn": "arn:aws:iam::***:role/fake_app-dev-taskRole", + "volume": [] + }, + "depends_on": [ + "module.app.module.database.aws_db_instance.database", + "module.app.module.database.aws_ssm_parameter.master_password", + "module.app.module.database.aws_ssm_parameter.master_username", + "module.app.module.fargate.aws_iam_role.task_execution_role", + "module.app.module.fargate.aws_iam_role.task_role" + ] + }, + { + "address": "aws_iam_policy.secrets_access", + "mode": "managed", + "type": "aws_iam_policy", + "name": "secrets_access", + "index": 0, + "provider_name": "aws", + "schema_version": 0, + "values": { + "arn": "arn:aws:iam::***:policy/fake_app-dev_secrets_access", + "description": "", + "id": "arn:aws:iam::***:policy/fake_app-dev_secrets_access", + "name": "fake_app-dev_secrets_access", + "name_prefix": null, + "path": "/", + "policy": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ssm:GetParemetersByPath\",\n \"ssm:GetParameters\",\n \"ssm:GetParameter\"\n ],\n \"Resource\": [\n \"arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_username\",\n \"arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_password\"\n ]\n }\n ]\n}" + }, + "depends_on": [ + "module.app.module.database.aws_db_instance.database", + "module.app.module.database.aws_security_group.db_security_group", + "module.app.module.database.aws_ssm_parameter.master_password", + "module.app.module.database.aws_ssm_parameter.master_username", + "module.app.module.database.random_password.default" + ] + }, + { + "address": "aws_iam_role.task_execution_role", + "mode": "managed", + "type": "aws_iam_role", + "name": "task_execution_role", + "provider_name": "aws", + "schema_version": 0, + "values": { + "arn": "arn:aws:iam::***:role/fake_app-dev-taskExecutionRole", + "assume_role_policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"ecs-tasks.amazonaws.com\"},\"Action\":\"sts:AssumeRole\"}]}", + "create_date": "2020-06-17T14:59:29Z", + "description": "", + "force_detach_policies": false, + "id": "fake_app-dev-taskExecutionRole", + "max_session_duration": 3600, + "name": "fake_app-dev-taskExecutionRole", + "name_prefix": null, + "path": "/", + "permissions_boundary": "arn:aws:iam::***:policy/iamRolePermissionBoundary", + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "unique_id": "AROAQKWMX5RQFY26MWWWF" + } + }, + { + "address": "aws_iam_role.task_role", + "mode": "managed", + "type": "aws_iam_role", + "name": "task_role", + "provider_name": "aws", + "schema_version": 0, + "values": { + "arn": "arn:aws:iam::***:role/fake_app-dev-taskRole", + "assume_role_policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"ecs-tasks.amazonaws.com\"},\"Action\":\"sts:AssumeRole\"}]}", + "create_date": "2020-06-17T14:59:29Z", + "description": "", + "force_detach_policies": false, + "id": "fake_app-dev-taskRole", + "max_session_duration": 3600, + "name": "fake_app-dev-taskRole", + "name_prefix": null, + "path": "/", + "permissions_boundary": "arn:aws:iam::***:policy/iamRolePermissionBoundary", + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "unique_id": "FAKE1D" + } + }, + { + "address": "aws_iam_role_policy_attachment.secret_task_policy_attach", + "mode": "managed", + "type": "aws_iam_role_policy_attachment", + "name": "secret_task_policy_attach", + "index": 0, + "provider_name": "aws", + "schema_version": 0, + "values": { + "id": "fake_app-dev-taskRole-0FAKE1D", + "policy_arn": "arn:aws:iam::***:policy/fake_app-dev_secrets_access", + "role": "fake_app-dev-taskRole" + }, + "depends_on": [ + "module.app.module.database.aws_db_instance.database", + "module.app.module.database.aws_security_group.db_security_group", + "module.app.module.database.aws_ssm_parameter.master_password", + "module.app.module.database.aws_ssm_parameter.master_username", + "module.app.module.database.random_password.default", + "module.app.module.fargate.aws_iam_policy.secrets_access", + "module.app.module.fargate.aws_iam_role.task_role" + ] + }, + { + "address": "aws_iam_role_policy_attachment.secrets_policy_attach", + "mode": "managed", + "type": "aws_iam_role_policy_attachment", + "name": "secrets_policy_attach", + "index": 0, + "provider_name": "aws", + "schema_version": 0, + "values": { + "id": "fake_app-dev-taskExecutionRole-0FAKE1D", + "policy_arn": "arn:aws:iam::***:policy/fake_app-dev_secrets_access", + "role": "fake_app-dev-taskExecutionRole" + }, + "depends_on": [ + "module.app.module.database.aws_db_instance.database", + "module.app.module.database.aws_security_group.db_security_group", + "module.app.module.database.aws_ssm_parameter.master_password", + "module.app.module.database.aws_ssm_parameter.master_username", + "module.app.module.database.random_password.default", + "module.app.module.fargate.aws_iam_policy.secrets_access", + "module.app.module.fargate.aws_iam_role.task_execution_role" + ] + }, + { + "address": "aws_iam_role_policy_attachment.task_execution_policy_attach", + "mode": "managed", + "type": "aws_iam_role_policy_attachment", + "name": "task_execution_policy_attach", + "provider_name": "aws", + "schema_version": 0, + "values": { + "id": "fake_app-dev-taskExecutionRole-0FAKE1D", + "policy_arn": "arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy", + "role": "fake_app-dev-taskExecutionRole" + }, + "depends_on": [ + "module.app.module.fargate.aws_iam_role.task_execution_role" + ] + }, + { + "address": "aws_route53_record.a_record", + "mode": "managed", + "type": "aws_route53_record", + "name": "a_record", + "provider_name": "aws", + "schema_version": 2, + "values": { + "alias": [ + { + "evaluate_target_health": true, + "name": "fake_app-dev-alb-1234567890.us-west-2.elb.amazonaws.com", + "zone_id": "FAKE123" + } + ], + "allow_overwrite": null, + "failover_routing_policy": [], + "fqdn": "fake_app-dev.fake_domain.amazon.byu.edu", + "geolocation_routing_policy": [], + "health_check_id": "", + "id": "Z0FAKE1D_fake_app-dev.fake_domain.amazon.byu.edu._A", + "latency_routing_policy": [], + "multivalue_answer_routing_policy": null, + "name": "fake_app-dev.fake_domain.amazon.byu.edu", + "records": [], + "set_identifier": "", + "ttl": 0, + "type": "A", + "weighted_routing_policy": [], + "zone_id": "Z0FAKE1D" + }, + "depends_on": [ + "module.app.module.fargate.aws_alb.alb", + "module.app.module.fargate.aws_security_group.alb-sg" + ] + }, + { + "address": "aws_route53_record.aaaa_record", + "mode": "managed", + "type": "aws_route53_record", + "name": "aaaa_record", + "provider_name": "aws", + "schema_version": 2, + "values": { + "alias": [ + { + "evaluate_target_health": true, + "name": "fake_app-dev-alb-1234567890.us-west-2.elb.amazonaws.com", + "zone_id": "FAKE123" + } + ], + "allow_overwrite": null, + "failover_routing_policy": [], + "fqdn": "fake_app-dev.fake_domain.amazon.byu.edu", + "geolocation_routing_policy": [], + "health_check_id": "", + "id": "Z0FAKE1D_fake_app-dev.fake_domain.amazon.byu.edu._AAAA", + "latency_routing_policy": [], + "multivalue_answer_routing_policy": null, + "name": "fake_app-dev.fake_domain.amazon.byu.edu", + "records": [], + "set_identifier": "", + "ttl": 0, + "type": "AAAA", + "weighted_routing_policy": [], + "zone_id": "Z0FAKE1D" + }, + "depends_on": [ + "module.app.module.fargate.aws_alb.alb", + "module.app.module.fargate.aws_security_group.alb-sg" + ] + }, + { + "address": "aws_security_group.alb-sg", + "mode": "managed", + "type": "aws_security_group", + "name": "alb-sg", + "provider_name": "aws", + "schema_version": 1, + "values": { + "arn": "arn:aws:ec2:us-west-2:***:security-group/sg-0fake1d", + "description": "Controls access to the fake_app-dev-alb", + "egress": [ + { + "cidr_blocks": [ + "0.0.0.0/0" + ], + "description": "", + "from_port": 0, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "-1", + "security_groups": [], + "self": false, + "to_port": 0 + } + ], + "id": "sg-0fake1d", + "ingress": [ + { + "cidr_blocks": [ + "0.0.0.0/0" + ], + "description": "", + "from_port": 443, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [], + "self": false, + "to_port": 443 + }, + { + "cidr_blocks": [ + "0.0.0.0/0" + ], + "description": "", + "from_port": 80, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [], + "self": false, + "to_port": 80 + } + ], + "name": "fake_app-dev-alb-sg", + "name_prefix": null, + "owner_id": "***", + "revoke_rules_on_delete": false, + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "timeouts": null, + "vpc_id": "vpc-0fake1d" + } + }, + { + "address": "aws_security_group.fargate_service_sg", + "mode": "managed", + "type": "aws_security_group", + "name": "fargate_service_sg", + "provider_name": "aws", + "schema_version": 1, + "values": { + "arn": "arn:aws:ec2:us-west-2:***:security-group/sg-0fake1d", + "description": "Controls access to the Fargate Service", + "egress": [ + { + "cidr_blocks": [ + "0.0.0.0/0" + ], + "description": "", + "from_port": 0, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "-1", + "security_groups": [], + "self": false, + "to_port": 0 + } + ], + "id": "sg-0fake1d", + "ingress": [ + { + "cidr_blocks": [], + "description": "", + "from_port": 0, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [ + "sg-0fake1d" + ], + "self": false, + "to_port": 65535 + } + ], + "name": "fake_app-dev-fargate-sg", + "name_prefix": null, + "owner_id": "***", + "revoke_rules_on_delete": false, + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "timeouts": null, + "vpc_id": "vpc-0fake1d" + }, + "depends_on": [ + "module.app.module.fargate.aws_security_group.alb-sg" + ] + }, + { + "address": "data.aws_caller_identity.current", + "mode": "data", + "type": "aws_caller_identity", + "name": "current", + "provider_name": "aws", + "schema_version": 0, + "values": { + "account_id": "***", + "arn": "arn:aws:iam::***:user/GitHub-Actions", + "id": "2020-06-24 19:40:09.549125511 +0000 UTC", + "user_id": "AIDAQKWMX5RQAORNHGM6C" + } + }, + { + "address": "data.aws_iam_policy_document.secrets_access", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "secrets_access", + "index": 0, + "provider_name": "aws", + "schema_version": 0, + "values": { + "id": "1265143845", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ssm:GetParemetersByPath\",\n \"ssm:GetParameters\",\n \"ssm:GetParameter\"\n ],\n \"Resource\": [\n \"arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_username\",\n \"arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_password\"\n ]\n }\n ]\n}", + "override_json": null, + "policy_id": null, + "source_json": null, + "statement": [ + { + "actions": [ + "ssm:GetParameter", + "ssm:GetParameters", + "ssm:GetParemetersByPath" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [], + "resources": [ + "arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_password", + "arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_username" + ], + "sid": "" + } + ], + "version": "2012-10-17" + } + }, + { + "address": "data.aws_iam_policy_document.task_execution_policy", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "task_execution_policy", + "provider_name": "aws", + "schema_version": 0, + "values": { + "id": "320642683", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"ecs-tasks.amazonaws.com\"\n }\n }\n ]\n}", + "override_json": null, + "policy_id": null, + "source_json": null, + "statement": [ + { + "actions": [ + "sts:AssumeRole" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [ + { + "identifiers": [ + "ecs-tasks.amazonaws.com" + ], + "type": "Service" + } + ], + "resources": [], + "sid": "" + } + ], + "version": "2012-10-17" + } + }, + { + "address": "data.aws_iam_policy_document.task_policy", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "task_policy", + "provider_name": "aws", + "schema_version": 0, + "values": { + "id": "320642683", + "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"ecs-tasks.amazonaws.com\"\n }\n }\n ]\n}", + "override_json": null, + "policy_id": null, + "source_json": null, + "statement": [ + { + "actions": [ + "sts:AssumeRole" + ], + "condition": [], + "effect": "Allow", + "not_actions": [], + "not_principals": [], + "not_resources": [], + "principals": [ + { + "identifiers": [ + "ecs-tasks.amazonaws.com" + ], + "type": "Service" + } + ], + "resources": [], + "sid": "" + } + ], + "version": "2012-10-17" + } + }, + { + "address": "data.aws_region.current", + "mode": "data", + "type": "aws_region", + "name": "current", + "provider_name": "aws", + "schema_version": 0, + "values": { + "current": null, + "description": "US West (Oregon)", + "endpoint": "ec2.us-west-2.amazonaws.com", + "id": "us-west-2", + "name": "us-west-2" + } + } + ], + "address": "module.app.module.fargate" + }, + { + "resources": [ + { + "address": "aws_db_instance.database", + "mode": "managed", + "type": "aws_db_instance", + "name": "database", + "provider_name": "aws", + "schema_version": 1, + "values": { + "address": "fake_app-dev-db.0fake1d.us-west-2.rds.amazonaws.com", + "allocated_storage": 32, + "allow_major_version_upgrade": null, + "apply_immediately": null, + "arn": "arn:aws:rds:us-west-2:***:db:fake_app-dev-db", + "auto_minor_version_upgrade": true, + "availability_zone": "us-west-2b", + "backup_retention_period": 7, + "backup_window": "07:01-07:31", + "ca_cert_identifier": "rds-ca-2019", + "character_set_name": null, + "copy_tags_to_snapshot": true, + "db_subnet_group_name": "oit-oregon-dev-db-subnet-group", + "delete_automated_backups": true, + "deletion_protection": true, + "domain": "", + "domain_iam_role_name": "", + "enabled_cloudwatch_logs_exports": [ + "error", + "general", + "slowquery" + ], + "endpoint": "fake_app-dev-db.0fake1d.us-west-2.rds.amazonaws.com:3306", + "engine": "mysql", + "engine_version": "8.0.11", + "final_snapshot_identifier": "fake_app-dev-db-final-snapshot", + "hosted_zone_id": "ZFAKE1D", + "iam_database_authentication_enabled": false, + "id": "fake_app-dev-db", + "identifier": "fake_app-dev-db", + "identifier_prefix": null, + "instance_class": "db.t2.small", + "iops": 0, + "kms_key_id": "arn:aws:kms:us-west-2:***:key/cfake1d", + "license_model": "general-public-license", + "maintenance_window": "thu:11:33-thu:12:03", + "max_allocated_storage": 0, + "monitoring_interval": 0, + "monitoring_role_arn": "", + "multi_az": false, + "name": "deleteme2dev", + "option_group_name": "default:mysql-8-0", + "parameter_group_name": "default.mysql8.0", + "password": "*******", + "performance_insights_enabled": false, + "performance_insights_kms_key_id": "", + "performance_insights_retention_period": 0, + "port": 3306, + "publicly_accessible": false, + "replicas": [], + "replicate_source_db": "", + "resource_id": "db-FAKE1D", + "s3_import": [], + "security_group_names": [], + "skip_final_snapshot": true, + "snapshot_identifier": null, + "status": "available", + "storage_encrypted": true, + "storage_type": "gp2", + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "timeouts": null, + "timezone": "", + "username": "*******", + "vpc_security_group_ids": [ + "sg-0fake1d" + ] + }, + "depends_on": [ + "module.app.module.database.aws_security_group.db_security_group", + "module.app.module.database.aws_ssm_parameter.master_password", + "module.app.module.database.aws_ssm_parameter.master_username", + "module.app.module.database.random_password.default" + ] + }, + { + "address": "aws_security_group.db_security_group", + "mode": "managed", + "type": "aws_security_group", + "name": "db_security_group", + "provider_name": "aws", + "schema_version": 1, + "values": { + "arn": "arn:aws:ec2:us-west-2:***:security-group/sg-0fake1d", + "description": "Security group for fake_app-dev-db RDS instance", + "egress": [], + "id": "sg-0fake1d", + "ingress": [ + { + "cidr_blocks": [], + "description": "", + "from_port": 3306, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [ + "sg-0fake1d" + ], + "self": false, + "to_port": 3306 + } + ], + "name": "fake_app-dev-db-db_sg", + "name_prefix": null, + "owner_id": "***", + "revoke_rules_on_delete": false, + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "timeouts": null, + "vpc_id": "vpc-0fake1d" + } + }, + { + "address": "aws_ssm_parameter.master_password", + "mode": "managed", + "type": "aws_ssm_parameter", + "name": "master_password", + "provider_name": "aws", + "schema_version": 0, + "values": { + "allowed_pattern": "", + "arn": "arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_password", + "description": "fake_app-dev-db Database master password", + "id": "/fake_app-dev-db/master_password", + "key_id": "alias/aws/ssm", + "name": "/fake_app-dev-db/master_password", + "overwrite": null, + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "tier": "Standard", + "type": "SecureString", + "value": "*******", + "version": 1 + }, + "depends_on": [ + "module.app.module.database.random_password.default" + ] + }, + { + "address": "aws_ssm_parameter.master_username", + "mode": "managed", + "type": "aws_ssm_parameter", + "name": "master_username", + "provider_name": "aws", + "schema_version": 0, + "values": { + "allowed_pattern": "", + "arn": "arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_username", + "description": "fake_app-dev-db Database master username", + "id": "/fake_app-dev-db/master_username", + "key_id": "", + "name": "/fake_app-dev-db/master_username", + "overwrite": null, + "tags": { + "app": "fake_app-dev", + "data-sensitivity": "confidential", + "repo": "https://github.com/byu-oit/fake_app", + "team": "FAKE_TEAM" + }, + "tier": "Standard", + "type": "String", + "value": "*****", + "version": 1 + } + }, + { + "address": "random_password.default", + "mode": "managed", + "type": "random_password", + "name": "default", + "index": 0, + "provider_name": "random", + "schema_version": 0, + "values": { + "id": "none", + "keepers": { + "recreate_password": "false" + }, + "length": 32, + "lower": true, + "min_lower": 0, + "min_numeric": 0, + "min_special": 0, + "min_upper": 0, + "number": true, + "override_special": null, + "result": "*******", + "special": false, + "upper": true + } + } + ], + "address": "module.app.module.database" + } + ] + } + ] + } + } + }, + "configuration": { + "provider_config": { + "app.acs:aws.virginia": { + "name": "aws", + "alias": "virginia", + "module_address": "app.acs", + "expressions": { + "region": { + "constant_value": "us-east-1" + } + } + }, + "aws": { + "name": "aws", + "version_constraint": "~\u003e 2.42", + "expressions": { + "region": { + "constant_value": "us-west-2" + } + } + } + }, + "*******_module": { + "outputs": { + "codedeploy_app_name": { + "expression": { + "references": [ + "module.app.codedeploy_app_name" + ] + } + }, + "codedeploy_appspec_json_file": { + "expression": { + "references": [ + "module.app.codedeploy_appspec_json_file" + ] + } + }, + "codedeploy_deployment_group_name": { + "expression": { + "references": [ + "module.app.codedeploy_deployment_group_name" + ] + } + } + }, + "module_calls": { + "app": { + "source": "../../modules/app", + "expressions": { + "app_name": { + "constant_value": "fake_app" + }, + "autoscaling_config": { + "constant_value": null + }, + "codedeploy_termination_wait_time": { + "constant_value": 1 + }, + "db_allocated_storage": { + "constant_value": 32 + }, + "db_instance_class": { + "constant_value": "db.t2.small" + }, + "env": { + "constant_value": "dev" + }, + "image_tag": { + "references": [ + "var.image_tag" + ] + } + }, + "module": { + "outputs": { + "codedeploy_app_name": { + "expression": { + "references": [ + "module.fargate.codedeploy_deployment_group" + ] + } + }, + "codedeploy_appspec_json_file": { + "expression": { + "references": [ + "module.fargate.codedeploy_appspec_json_file" + ] + } + }, + "codedeploy_deployment_group_name": { + "expression": { + "references": [ + "module.fargate.codedeploy_deployment_group" + ] + } + } + }, + "resources": [ + { + "address": "aws_security_group_rule.db_access", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "db_access", + "provider_config_key": "app:aws", + "expressions": { + "from_port": { + "constant_value": 3306 + }, + "protocol": { + "constant_value": "tcp" + }, + "security_group_id": { + "references": [ + "module.database.security_group" + ] + }, + "source_security_group_id": { + "references": [ + "module.fargate.fargate_service_security_group" + ] + }, + "to_port": { + "constant_value": 3306 + }, + "type": { + "constant_value": "ingress" + } + }, + "schema_version": 2 + }, + { + "address": "data.aws_ecr_repository.ecr_repo", + "mode": "data", + "type": "aws_ecr_repository", + "name": "ecr_repo", + "provider_config_key": "app:aws", + "expressions": { + "name": { + "references": [ + "local.app_name" + ] + } + }, + "schema_version": 0 + } + ], + "module_calls": { + "acs": { + "source": "github.com/byu-oit/terraform-aws-acs-info.git?ref=v2.0.0", + "module": { + "outputs": { + "certificate": { + "expression": { + "references": [ + "local.zone_id", + "data.aws_acm_certificate.cert[0]" + ] + } + }, + "certificate_virginia": { + "expression": { + "references": [ + "local.zone_id", + "data.aws_acm_certificate.virginia[0]" + ] + } + }, + "data_subnet_ids": { + "expression": { + "references": [ + "local.data_a_subnet_id", + "data.aws_subnet.data_a[0]", + "data.aws_subnet.data_b[0]" + ] + } + }, + "data_subnets": { + "expression": { + "references": [ + "local.data_a_subnet_id", + "data.aws_subnet.data_a[0]", + "data.aws_subnet.data_b[0]" + ] + } + }, + "db_subnet_group_name": { + "expression": { + "references": [ + "local.vpc_name" + ] + } + }, + "github_token": { + "expression": { + "references": [ + "local.github_token" + ] + } + }, + "oracle_security_group": { + "expression": { + "references": [ + "local.oracle_security_group_id", + "data.aws_security_group.oracle[0]" + ] + } + }, + "power_builder_role": { + "expression": { + "references": [ + "data.aws_iam_role.power_builder" + ] + } + }, + "power_user_role": { + "expression": { + "references": [ + "data.aws_iam_role.power_user" + ] + } + }, + "private_subnet_ids": { + "expression": { + "references": [ + "local.private_a_subnet_id", + "data.aws_subnet.private_a[0]", + "data.aws_subnet.private_b[0]" + ] + } + }, + "private_subnets": { + "expression": { + "references": [ + "local.private_a_subnet_id", + "data.aws_subnet.private_a[0]", + "data.aws_subnet.private_b[0]" + ] + } + }, + "public_subnet_ids": { + "expression": { + "references": [ + "local.public_a_subnet_id", + "data.aws_subnet.public_a[0]", + "data.aws_subnet.public_b[0]" + ] + } + }, + "public_subnets": { + "expression": { + "references": [ + "local.public_a_subnet_id", + "data.aws_subnet.public_a[0]", + "data.aws_subnet.public_b[0]" + ] + } + }, + "rds_security_group": { + "expression": { + "references": [ + "data.aws_security_group.rds" + ] + } + }, + "role_permissions_boundary": { + "expression": { + "references": [ + "local.role_permission_boundary_arn", + "data.aws_iam_policy.role_permission_boundary[0]" + ] + } + }, + "route53_zone": { + "expression": { + "references": [ + "local.zone_id", + "data.aws_route53_zone.zone[0]" + ] + } + }, + "ssh_rdp_security_group": { + "expression": { + "references": [ + "data.aws_security_group.ssh_rdp" + ] + } + }, + "user_permissions_boundary": { + "expression": { + "references": [ + "local.user_permission_boundary_arn", + "data.aws_iam_policy.user_permission_boundary[0]" + ] + } + }, + "vpc": { + "expression": { + "references": [ + "data.aws_vpc.vpc" + ] + } + } + }, + "resources": [ + { + "address": "data.aws_acm_certificate.cert", + "mode": "data", + "type": "aws_acm_certificate", + "name": "cert", + "provider_config_key": "acs:aws", + "expressions": { + "domain": { + "references": [ + "data.aws_route53_zone.zone[0]" + ] + } + }, + "schema_version": 0, + "count_expression": { + "references": [ + "local.zone_id" + ] + } + }, + { + "address": "data.aws_acm_certificate.virginia", + "mode": "data", + "type": "aws_acm_certificate", + "name": "virginia", + "provider_config_key": "acs:aws.virginia", + "expressions": { + "domain": { + "references": [ + "data.aws_route53_zone.zone[0]" + ] + } + }, + "schema_version": 0, + "count_expression": { + "references": [ + "local.zone_id" + ] + } + }, + { + "address": "data.aws_iam_account_alias.current", + "mode": "data", + "type": "aws_iam_account_alias", + "name": "current", + "provider_config_key": "acs:aws", + "schema_version": 0 + }, + { + "address": "data.aws_iam_policy.role_permission_boundary", + "mode": "data", + "type": "aws_iam_policy", + "name": "role_permission_boundary", + "provider_config_key": "acs:aws", + "expressions": { + "arn": { + "references": [ + "local.role_permission_boundary_arn" + ] + } + }, + "schema_version": 0, + "count_expression": { + "references": [ + "local.role_permission_boundary_arn" + ] + } + }, + { + "address": "data.aws_iam_policy.user_permission_boundary", + "mode": "data", + "type": "aws_iam_policy", + "name": "user_permission_boundary", + "provider_config_key": "acs:aws", + "expressions": { + "arn": { + "references": [ + "local.user_permission_boundary_arn" + ] + } + }, + "schema_version": 0, + "count_expression": { + "references": [ + "local.user_permission_boundary_arn" + ] + } + }, + { + "address": "data.aws_iam_role.power_builder", + "mode": "data", + "type": "aws_iam_role", + "name": "power_builder", + "provider_config_key": "acs:aws", + "expressions": { + "name": { + "constant_value": "PowerBuilder" + } + }, + "schema_version": 0 + }, + { + "address": "data.aws_iam_role.power_user", + "mode": "data", + "type": "aws_iam_role", + "name": "power_user", + "provider_config_key": "acs:aws", + "expressions": { + "name": { + "constant_value": "PowerUser" + } + }, + "schema_version": 0 + }, + { + "address": "data.aws_iam_role.read_only", + "mode": "data", + "type": "aws_iam_role", + "name": "read_only", + "provider_config_key": "acs:aws", + "expressions": { + "name": { + "constant_value": "ReadOnly" + } + }, + "schema_version": 0 + }, + { + "address": "data.aws_region.current", + "mode": "data", + "type": "aws_region", + "name": "current", + "provider_config_key": "acs:aws", + "schema_version": 0 + }, + { + "address": "data.aws_route53_zone.zone", + "mode": "data", + "type": "aws_route53_zone", + "name": "zone", + "provider_config_key": "acs:aws", + "expressions": { + "zone_id": { + "references": [ + "local.zone_id" + ] + } + }, + "schema_version": 0, + "count_expression": { + "references": [ + "local.zone_id" + ] + } + }, + { + "address": "data.aws_security_group.oracle", + "mode": "data", + "type": "aws_security_group", + "name": "oracle", + "provider_config_key": "acs:aws", + "expressions": { + "id": { + "references": [ + "local.oracle_security_group_id" + ] + } + }, + "schema_version": 0, + "count_expression": { + "references": [ + "local.oracle_security_group_id" + ] + } + }, + { + "address": "data.aws_security_group.rds", + "mode": "data", + "type": "aws_security_group", + "name": "rds", + "provider_config_key": "acs:aws", + "expressions": { + "filter": [ + { + "name": { + "constant_value": "vpc-id" + }, + "values": { + "references": [ + "data.aws_vpc.vpc" + ] + } + }, + { + "name": { + "constant_value": "group-name" + }, + "values": { + "constant_value": [ + "*rds_security_group*" + ] + } + } + ] + }, + "schema_version": 0 + }, + { + "address": "data.aws_security_group.ssh_rdp", + "mode": "data", + "type": "aws_security_group", + "name": "ssh_rdp", + "provider_config_key": "acs:aws", + "expressions": { + "filter": [ + { + "name": { + "constant_value": "vpc-id" + }, + "values": { + "references": [ + "data.aws_vpc.vpc" + ] + } + }, + { + "name": { + "constant_value": "group-name" + }, + "values": { + "constant_value": [ + "*ssh_rdp*" + ] + } + } + ] + }, + "schema_version": 0 + }, + { + "address": "data.aws_ssm_parameter.acs_parameters", + "mode": "data", + "type": "aws_ssm_parameter", + "name": "acs_parameters", + "provider_config_key": "acs:aws", + "expressions": { + "name": { + "constant_value": "acsParameters" + } + }, + "schema_version": 0 + }, + { + "address": "data.aws_subnet.data_a", + "mode": "data", + "type": "aws_subnet", + "name": "data_a", + "provider_config_key": "acs:aws", + "expressions": { + "id": { + "references": [ + "local.data_a_subnet_id" + ] + } + }, + "schema_version": 0, + "count_expression": { + "references": [ + "local.data_a_subnet_id" + ] + } + }, + { + "address": "data.aws_subnet.data_b", + "mode": "data", + "type": "aws_subnet", + "name": "data_b", + "provider_config_key": "acs:aws", + "expressions": { + "id": { + "references": [ + "local.data_b_subnet_id" + ] + } + }, + "schema_version": 0, + "count_expression": { + "references": [ + "local.data_b_subnet_id" + ] + } + }, + { + "address": "data.aws_subnet.private_a", + "mode": "data", + "type": "aws_subnet", + "name": "private_a", + "provider_config_key": "acs:aws", + "expressions": { + "id": { + "references": [ + "local.private_a_subnet_id" + ] + } + }, + "schema_version": 0, + "count_expression": { + "references": [ + "local.private_a_subnet_id" + ] + } + }, + { + "address": "data.aws_subnet.private_b", + "mode": "data", + "type": "aws_subnet", + "name": "private_b", + "provider_config_key": "acs:aws", + "expressions": { + "id": { + "references": [ + "local.private_b_subnet_id" + ] + } + }, + "schema_version": 0, + "count_expression": { + "references": [ + "local.private_b_subnet_id" + ] + } + }, + { + "address": "data.aws_subnet.public_a", + "mode": "data", + "type": "aws_subnet", + "name": "public_a", + "provider_config_key": "acs:aws", + "expressions": { + "id": { + "references": [ + "local.public_a_subnet_id" + ] + } + }, + "schema_version": 0, + "count_expression": { + "references": [ + "local.public_a_subnet_id" + ] + } + }, + { + "address": "data.aws_subnet.public_b", + "mode": "data", + "type": "aws_subnet", + "name": "public_b", + "provider_config_key": "acs:aws", + "expressions": { + "id": { + "references": [ + "local.public_b_subnet_id" + ] + } + }, + "schema_version": 0, + "count_expression": { + "references": [ + "local.public_b_subnet_id" + ] + } + }, + { + "address": "data.aws_vpc.vpc", + "mode": "data", + "type": "aws_vpc", + "name": "vpc", + "provider_config_key": "acs:aws", + "expressions": { + "tags": { + "references": [ + "local.vpc_name" + ] + } + }, + "schema_version": 0 + } + ], + "variables": { + "vpc_vpn_to_campus": { + "default": false, + "description": "Retrieve VPC info for the VPC that has VPN access to campus (defaults to false)." + } + } + } + }, + "database": { + "source": "github.com/byu-oit/terraform-aws-rds?ref=v0.3.0", + "expressions": { + "allocated_storage": { + "references": [ + "var.db_allocated_storage" + ] + }, + "cloudwatch_logs_exports": { + "constant_value": [ + "error", + "general", + "slowquery" + ] + }, + "db_name": { + "references": [ + "local.app_name" + ] + }, + "deletion_protection": { + "constant_value": true + }, + "engine": { + "constant_value": "mysql" + }, + "engine_version": { + "constant_value": "8.0" + }, + "identifier": { + "references": [ + "local.app_name" + ] + }, + "instance_class": { + "references": [ + "var.db_instance_class" + ] + }, + "master_username": { + "constant_value": "*******" + }, + "skip_final_snapshot": { + "constant_value": true + }, + "storage_encrypted": { + "constant_value": true + }, + "subnet_group_name": { + "references": [ + "module.acs.db_subnet_group_name" + ] + }, + "subnet_ids": { + "references": [ + "module.acs.data_subnet_ids" + ] + }, + "tags": { + "references": [ + "local.default_tags" + ] + }, + "vpc_id": { + "references": [ + "module.acs.vpc" + ] + } + }, + "module": { + "outputs": { + "instance": { + "expression": { + "references": [ + "aws_db_instance.database" + ] + } + }, + "master_password_parameter": { + "sensitive": true, + "expression": { + "references": [ + "aws_ssm_parameter.master_password" + ] + } + }, + "master_username_parameter": { + "expression": { + "references": [ + "aws_ssm_parameter.master_username" + ] + } + }, + "security_group": { + "expression": { + "references": [ + "aws_security_group.db_security_group" + ] + } + } + }, + "resources": [ + { + "address": "aws_db_instance.database", + "mode": "managed", + "type": "aws_db_instance", + "name": "database", + "provider_config_key": "database:aws", + "expressions": { + "allocated_storage": { + "references": [ + "var.allocated_storage" + ] + }, + "backup_retention_period": { + "references": [ + "var.backup_retention_period" + ] + }, + "backup_window": { + "references": [ + "var.backup_window" + ] + }, + "copy_tags_to_snapshot": { + "constant_value": true + }, + "db_subnet_group_name": { + "references": [ + "var.subnet_group_name" + ] + }, + "deletion_protection": { + "references": [ + "var.deletion_protection" + ] + }, + "enabled_cloudwatch_logs_exports": { + "references": [ + "var.cloudwatch_logs_exports" + ] + }, + "engine": { + "references": [ + "var.engine" + ] + }, + "engine_version": { + "references": [ + "var.engine_version" + ] + }, + "final_snapshot_identifier": { + "references": [ + "var.identifier" + ] + }, + "identifier": { + "references": [ + "var.identifier" + ] + }, + "instance_class": { + "references": [ + "var.instance_class" + ] + }, + "maintenance_window": { + "references": [ + "var.maintenance_window" + ] + }, + "name": { + "references": [ + "var.db_name" + ] + }, + "password": { + "references": [ + "var.master_password", + "var.master_password", + "aws_ssm_parameter.master_password" + ] + }, + "skip_final_snapshot": { + "references": [ + "var.skip_final_snapshot" + ] + }, + "storage_encrypted": { + "references": [ + "var.storage_encrypted" + ] + }, + "storage_type": { + "references": [ + "var.storage_type" + ] + }, + "tags": { + "references": [ + "var.tags" + ] + }, + "username": { + "references": [ + "var.master_username", + "var.master_username", + "aws_ssm_parameter.master_username" + ] + }, + "vpc_security_group_ids": { + "references": [ + "aws_security_group.db_security_group" + ] + } + }, + "schema_version": 1 + }, + { + "address": "aws_security_group.db_security_group", + "mode": "managed", + "type": "aws_security_group", + "name": "db_security_group", + "provider_config_key": "database:aws", + "expressions": { + "description": { + "references": [ + "var.identifier" + ] + }, + "name": { + "references": [ + "var.identifier" + ] + }, + "tags": { + "references": [ + "var.tags" + ] + }, + "vpc_id": { + "references": [ + "var.vpc_id" + ] + } + }, + "schema_version": 1 + }, + { + "address": "aws_ssm_parameter.master_password", + "mode": "managed", + "type": "aws_ssm_parameter", + "name": "master_password", + "provider_config_key": "database:aws", + "expressions": { + "description": { + "references": [ + "var.identifier" + ] + }, + "name": { + "references": [ + "var.identifier" + ] + }, + "tags": { + "references": [ + "var.tags" + ] + }, + "type": { + "constant_value": "SecureString" + }, + "value": { + "references": [ + "var.master_password", + "var.master_password", + "random_password.default[0]" + ] + } + }, + "schema_version": 0 + }, + { + "address": "aws_ssm_parameter.master_username", + "mode": "managed", + "type": "aws_ssm_parameter", + "name": "master_username", + "provider_config_key": "database:aws", + "expressions": { + "description": { + "references": [ + "var.identifier" + ] + }, + "name": { + "references": [ + "var.identifier" + ] + }, + "tags": { + "references": [ + "var.tags" + ] + }, + "type": { + "constant_value": "String" + }, + "value": { + "references": [ + "var.master_username", + "var.master_username", + "var.identifier" + ] + } + }, + "schema_version": 0 + }, + { + "address": "random_password.default", + "mode": "managed", + "type": "random_password", + "name": "default", + "provider_config_key": "database:random", + "expressions": { + "keepers": { + "constant_value": { + "recreate_password": false + } + }, + "length": { + "constant_value": 32 + }, + "special": { + "constant_value": false + } + }, + "schema_version": 0, + "count_expression": { + "references": [ + "var.master_password" + ] + } + } + ], + "variables": { + "allocated_storage": { + "default": 32, + "description": "The amount of storage to be allocated for the database" + }, + "backup_retention_period": { + "default": 7, + "description": "The days to retain backups for. Must be between 0 and 35. Must be greater than 0 if the database is used as a source for a Read Replica." + }, + "backup_window": { + "default": "07:01-07:31", + "description": "The daily time range (in UTC) during which automated backups are created if they are enabled. Example: \"09:46-10:16\". Must not overlap with maintenance_window." + }, + "cloudwatch_logs_exports": { + "default": [ + "audit", + "error", + "general", + "slowquery" + ], + "description": "List of log types to enable for exporting to CloudWatch logs. Each engine has different valid values. Defaults to mysql ['audit', 'error', 'general', 'slowquery']" + }, + "db_name": { + "default": null, + "description": "The name for a database to be created in the RDS instance." + }, + "deletion_protection": { + "default": true, + "description": "If the DB instance should have deletion protection enabled. The database can't be deleted when this value is set to true. The default is true" + }, + "engine": { + "description": "The engine to be used for the database" + }, + "engine_version": { + "description": "The engine version to use." + }, + "identifier": { + "description": "Identifier for the DB Instance" + }, + "instance_class": { + "default": "db.t2.small", + "description": "The instance type to use for the database" + }, + "maintenance_window": { + "default": null, + "description": "The window to perform maintenance in. Syntax: \"ddd:hh24:mi-ddd:hh24:mi\". Eg: \"Mon:00:00-Mon:03:00\"." + }, + "master_password": { + "default": null, + "description": "Password for the master username" + }, + "master_username": { + "default": null, + "description": "Master username for the database instance." + }, + "skip_final_snapshot": { + "default": false, + "description": "If true, skips final snapshot on destroy." + }, + "storage_encrypted": { + "default": true, + "description": "Specifies whether the DB instance is encrypted. Defaults to true." + }, + "storage_type": { + "default": "gp2", + "description": "Storage type for the database. 'standard' (magnetic) or 'gp2' (general purpose SSD). Defaults to gp2" + }, + "subnet_group_name": { + "description": "Subnet group name" + }, + "subnet_ids": { + "description": "A list of VPC subnet IDs to put the RDS instance on." + }, + "tags": { + "default": {}, + "description": "A map of AWS Tags to attach to each resource created" + }, + "vpc_id": { + "description": "VPC ID to put the RDS instance on." + } + } + } + }, + "fargate": { + "source": "github.com/byu-oit/terraform-aws-fargate-api?ref=v2.1.0", + "expressions": { + "app_name": { + "references": [ + "local.app_name" + ] + }, + "autoscaling_config": { + "references": [ + "var.autoscaling_config" + ] + }, + "codedeploy_service_role_arn": { + "references": [ + "module.acs.power_builder_role" + ] + }, + "codedeploy_termination_wait_time": { + "references": [ + "var.codedeploy_termination_wait_time" + ] + }, + "container_port": { + "constant_value": 8080 + }, + "health_check_path": { + "constant_value": "/health" + }, + "hosted_zone": { + "references": [ + "module.acs.route53_zone" + ] + }, + "https_certificate_arn": { + "references": [ + "module.acs.certificate" + ] + }, + "primary_container_definition": { + "references": [ + "data.aws_ecr_repository.ecr_repo", + "var.image_tag", + "var.env", + "module.database.instance", + "module.database.instance", + "module.database.master_username_parameter", + "module.database.master_password_parameter" + ] + }, + "private_subnet_ids": { + "references": [ + "module.acs.private_subnet_ids" + ] + }, + "public_subnet_ids": { + "references": [ + "module.acs.public_subnet_ids" + ] + }, + "role_permissions_boundary_arn": { + "references": [ + "module.acs.role_permissions_boundary" + ] + }, + "tags": { + "references": [ + "local.default_tags" + ] + }, + "vpc_id": { + "references": [ + "module.acs.vpc" + ] + } + }, + "module": { + "outputs": { + "alb": { + "expression": { + "references": [ + "aws_alb.alb" + ] + } + }, + "alb_security_group": { + "expression": { + "references": [ + "aws_security_group.alb-sg" + ] + } + }, + "autoscaling_step_down_policy": { + "expression": { + "references": [ + "var.autoscaling_config", + "aws_appautoscaling_policy.down" + ] + } + }, + "autoscaling_step_up_policy": { + "expression": { + "references": [ + "var.autoscaling_config", + "aws_appautoscaling_policy.up" + ] + } + }, + "cloudwatch_log_group": { + "expression": { + "references": [ + "aws_cloudwatch_log_group.container_log_group" + ] + } + }, + "codedeploy_appspec_json_file": { + "expression": { + "references": [ + "local_file.appspec_json" + ] + } + }, + "codedeploy_deployment_group": { + "expression": { + "references": [ + "aws_codedeploy_deployment_group.deploymentgroup" + ] + } + }, + "dns_record": { + "expression": { + "references": [ + "aws_route53_record.a_record" + ] + } + }, + "fargate_service": { + "expression": { + "references": [ + "aws_ecs_service.service" + ] + } + }, + "fargate_service_security_group": { + "expression": { + "references": [ + "aws_security_group.fargate_service_sg" + ] + } + }, + "task_definition": { + "expression": { + "references": [ + "aws_ecs_task_definition.task_def" + ] + } + } + }, + "resources": [ + { + "address": "aws_alb.alb", + "mode": "managed", + "type": "aws_alb", + "name": "alb", + "provider_config_key": "fargate:aws", + "expressions": { + "name": { + "references": [ + "local.alb_name" + ] + }, + "security_groups": { + "references": [ + "aws_security_group.alb-sg" + ] + }, + "subnets": { + "references": [ + "var.public_subnet_ids" + ] + }, + "tags": { + "references": [ + "var.tags" + ] + } + }, + "schema_version": 0 + }, + { + "address": "aws_alb_listener.http_to_https", + "mode": "managed", + "type": "aws_alb_listener", + "name": "http_to_https", + "provider_config_key": "fargate:aws", + "expressions": { + "default_action": [ + { + "redirect": [ + { + "port": { + "references": [ + "aws_alb_listener.https" + ] + }, + "protocol": { + "references": [ + "aws_alb_listener.https" + ] + }, + "status_code": { + "constant_value": "HTTP_301" + } + } + ], + "type": { + "constant_value": "redirect" + } + } + ], + "load_balancer_arn": { + "references": [ + "aws_alb.alb" + ] + }, + "port": { + "constant_value": 80 + }, + "protocol": { + "constant_value": "HTTP" + } + }, + "schema_version": 0 + }, + { + "address": "aws_alb_listener.https", + "mode": "managed", + "type": "aws_alb_listener", + "name": "https", + "provider_config_key": "fargate:aws", + "expressions": { + "certificate_arn": { + "references": [ + "var.https_certificate_arn" + ] + }, + "default_action": [ + { + "target_group_arn": { + "references": [ + "aws_alb_target_group.blue" + ] + }, + "type": { + "constant_value": "forward" + } + } + ], + "load_balancer_arn": { + "references": [ + "aws_alb.alb" + ] + }, + "port": { + "constant_value": 443 + }, + "protocol": { + "constant_value": "HTTPS" + } + }, + "schema_version": 0, + "depends_on": [ + "aws_alb_target_group.blue", + "aws_alb_target_group.green" + ] + }, + { + "address": "aws_alb_listener.test_listener", + "mode": "managed", + "type": "aws_alb_listener", + "name": "test_listener", + "provider_config_key": "fargate:aws", + "expressions": { + "certificate_arn": { + "references": [ + "var.https_certificate_arn" + ] + }, + "default_action": [ + { + "target_group_arn": { + "references": [ + "aws_alb_target_group.blue" + ] + }, + "type": { + "constant_value": "forward" + } + } + ], + "load_balancer_arn": { + "references": [ + "aws_alb.alb" + ] + }, + "port": { + "references": [ + "var.codedeploy_test_listener_port" + ] + }, + "protocol": { + "constant_value": "HTTPS" + } + }, + "schema_version": 0, + "count_expression": { + "references": [ + "var.codedeploy_test_listener_port" + ] + }, + "depends_on": [ + "aws_alb_target_group.blue", + "aws_alb_target_group.green" + ] + }, + { + "address": "aws_alb_target_group.blue", + "mode": "managed", + "type": "aws_alb_target_group", + "name": "blue", + "provider_config_key": "fargate:aws", + "expressions": { + "deregistration_delay": { + "references": [ + "var.target_group_deregistration_delay" + ] + }, + "health_check": [ + { + "healthy_threshold": { + "references": [ + "var.health_check_healthy_threshold" + ] + }, + "interval": { + "references": [ + "var.health_check_interval" + ] + }, + "path": { + "references": [ + "var.health_check_path" + ] + }, + "timeout": { + "references": [ + "var.health_check_timeout" + ] + }, + "unhealthy_threshold": { + "references": [ + "var.health_check_unhealthy_threshold" + ] + } + } + ], + "load_balancing_algorithm_type": { + "constant_value": "least_outstanding_requests" + }, + "name": { + "references": [ + "var.app_name" + ] + }, + "port": { + "references": [ + "var.container_port" + ] + }, + "protocol": { + "constant_value": "HTTP" + }, + "tags": { + "references": [ + "var.tags" + ] + }, + "target_type": { + "constant_value": "ip" + }, + "vpc_id": { + "references": [ + "var.vpc_id" + ] + } + }, + "schema_version": 0, + "depends_on": [ + "aws_alb.alb" + ] + }, + { + "address": "aws_alb_target_group.green", + "mode": "managed", + "type": "aws_alb_target_group", + "name": "green", + "provider_config_key": "fargate:aws", + "expressions": { + "deregistration_delay": { + "references": [ + "var.target_group_deregistration_delay" + ] + }, + "health_check": [ + { + "healthy_threshold": { + "references": [ + "var.health_check_healthy_threshold" + ] + }, + "interval": { + "references": [ + "var.health_check_interval" + ] + }, + "path": { + "references": [ + "var.health_check_path" + ] + }, + "timeout": { + "references": [ + "var.health_check_timeout" + ] + }, + "unhealthy_threshold": { + "references": [ + "var.health_check_unhealthy_threshold" + ] + } + } + ], + "load_balancing_algorithm_type": { + "constant_value": "least_outstanding_requests" + }, + "name": { + "references": [ + "var.app_name" + ] + }, + "port": { + "references": [ + "var.container_port" + ] + }, + "protocol": { + "constant_value": "HTTP" + }, + "tags": { + "references": [ + "var.tags" + ] + }, + "target_type": { + "constant_value": "ip" + }, + "vpc_id": { + "references": [ + "var.vpc_id" + ] + } + }, + "schema_version": 0, + "depends_on": [ + "aws_alb.alb" + ] + }, + { + "address": "aws_appautoscaling_policy.down", + "mode": "managed", + "type": "aws_appautoscaling_policy", + "name": "down", + "provider_config_key": "fargate:aws", + "expressions": { + "name": { + "references": [ + "var.app_name" + ] + }, + "resource_id": { + "references": [ + "aws_appautoscaling_target.default[0]" + ] + }, + "scalable_dimension": { + "references": [ + "aws_appautoscaling_target.default[0]" + ] + }, + "service_namespace": { + "references": [ + "aws_appautoscaling_target.default[0]" + ] + }, + "step_scaling_policy_configuration": [ + { + "adjustment_type": { + "constant_value": "ChangeInCapacity" + }, + "cooldown": { + "constant_value": 300 + }, + "metric_aggregation_type": { + "constant_value": "Average" + }, + "step_adjustment": [ + { + "metric_interval_upper_bound": { + "constant_value": 0 + }, + "scaling_adjustment": { + "constant_value": -1 + } + } + ] + } + ] + }, + "schema_version": 0, + "count_expression": { + "references": [ + "var.autoscaling_config" + ] + } + }, + { + "address": "aws_appautoscaling_policy.up", + "mode": "managed", + "type": "aws_appautoscaling_policy", + "name": "up", + "provider_config_key": "fargate:aws", + "expressions": { + "name": { + "references": [ + "var.app_name" + ] + }, + "resource_id": { + "references": [ + "aws_appautoscaling_target.default[0]" + ] + }, + "scalable_dimension": { + "references": [ + "aws_appautoscaling_target.default[0]" + ] + }, + "service_namespace": { + "references": [ + "aws_appautoscaling_target.default[0]" + ] + }, + "step_scaling_policy_configuration": [ + { + "adjustment_type": { + "constant_value": "ChangeInCapacity" + }, + "cooldown": { + "constant_value": 300 + }, + "metric_aggregation_type": { + "constant_value": "Average" + }, + "step_adjustment": [ + { + "metric_interval_lower_bound": { + "constant_value": 0 + }, + "scaling_adjustment": { + "constant_value": 1 + } + } + ] + } + ] + }, + "schema_version": 0, + "count_expression": { + "references": [ + "var.autoscaling_config" + ] + } + }, + { + "address": "aws_appautoscaling_target.default", + "mode": "managed", + "type": "aws_appautoscaling_target", + "name": "default", + "provider_config_key": "fargate:aws", + "expressions": { + "max_capacity": { + "references": [ + "var.autoscaling_config" + ] + }, + "min_capacity": { + "references": [ + "var.autoscaling_config" + ] + }, + "resource_id": { + "references": [ + "aws_ecs_cluster.cluster", + "aws_ecs_service.service" + ] + }, + "scalable_dimension": { + "constant_value": "ecs:service:DesiredCount" + }, + "service_namespace": { + "constant_value": "ecs" + } + }, + "schema_version": 0, + "count_expression": { + "references": [ + "var.autoscaling_config" + ] + } + }, + { + "address": "aws_cloudwatch_log_group.container_log_group", + "mode": "managed", + "type": "aws_cloudwatch_log_group", + "name": "container_log_group", + "provider_config_key": "fargate:aws", + "expressions": { + "name": { + "references": [ + "local.cloudwatch_log_group_name" + ] + }, + "retention_in_days": { + "references": [ + "var.log_retention_in_days" + ] + }, + "tags": { + "references": [ + "var.tags" + ] + } + }, + "schema_version": 0 + }, + { + "address": "aws_cloudwatch_metric_alarm.down", + "mode": "managed", + "type": "aws_cloudwatch_metric_alarm", + "name": "down", + "provider_config_key": "fargate:aws", + "expressions": { + "alarm_actions": { + "references": [ + "aws_appautoscaling_policy.down[0]" + ] + }, + "alarm_name": { + "references": [ + "var.app_name" + ] + }, + "comparison_operator": { + "constant_value": "LessThanThreshold" + }, + "dimensions": { + "references": [ + "aws_ecs_cluster.cluster", + "aws_ecs_service.service" + ] + }, + "evaluation_periods": { + "constant_value": 5 + }, + "metric_name": { + "constant_value": "CPUUtilization" + }, + "namespace": { + "constant_value": "AWS/ECS" + }, + "period": { + "constant_value": 300 + }, + "statistic": { + "constant_value": "Average" + }, + "tags": { + "references": [ + "var.tags" + ] + }, + "threshold": { + "constant_value": 25 + } + }, + "schema_version": 1, + "count_expression": { + "references": [ + "var.autoscaling_config" + ] + } + }, + { + "address": "aws_cloudwatch_metric_alarm.up", + "mode": "managed", + "type": "aws_cloudwatch_metric_alarm", + "name": "up", + "provider_config_key": "fargate:aws", + "expressions": { + "alarm_actions": { + "references": [ + "aws_appautoscaling_policy.up[0]" + ] + }, + "alarm_name": { + "references": [ + "var.app_name" + ] + }, + "comparison_operator": { + "constant_value": "GreaterThanThreshold" + }, + "dimensions": { + "references": [ + "aws_ecs_cluster.cluster", + "aws_ecs_service.service" + ] + }, + "evaluation_periods": { + "constant_value": 5 + }, + "metric_name": { + "constant_value": "CPUUtilization" + }, + "namespace": { + "constant_value": "AWS/ECS" + }, + "period": { + "constant_value": 300 + }, + "statistic": { + "constant_value": "Average" + }, + "tags": { + "references": [ + "var.tags" + ] + }, + "threshold": { + "constant_value": 75 + } + }, + "schema_version": 1, + "count_expression": { + "references": [ + "var.autoscaling_config" + ] + } + }, + { + "address": "aws_codedeploy_app.app", + "mode": "managed", + "type": "aws_codedeploy_app", + "name": "app", + "provider_config_key": "fargate:aws", + "expressions": { + "compute_platform": { + "constant_value": "ECS" + }, + "name": { + "references": [ + "var.app_name" + ] + } + }, + "schema_version": 0 + }, + { + "address": "aws_codedeploy_deployment_group.deploymentgroup", + "mode": "managed", + "type": "aws_codedeploy_deployment_group", + "name": "deploymentgroup", + "provider_config_key": "fargate:aws", + "expressions": { + "app_name": { + "references": [ + "aws_codedeploy_app.app" + ] + }, + "auto_rollback_configuration": [ + { + "enabled": { + "constant_value": true + }, + "events": { + "constant_value": [ + "DEPLOYMENT_FAILURE" + ] + } + } + ], + "blue_green_deployment_config": [ + { + "deployment_ready_option": [ + { + "action_on_timeout": { + "constant_value": "CONTINUE_DEPLOYMENT" + } + } + ], + "terminate_blue_instances_on_deployment_success": [ + { + "action": { + "constant_value": "TERMINATE" + }, + "termination_wait_time_in_minutes": { + "references": [ + "var.codedeploy_termination_wait_time" + ] + } + } + ] + } + ], + "deployment_config_name": { + "constant_value": "CodeDeployDefault.ECSAllAtOnce" + }, + "deployment_group_name": { + "references": [ + "var.app_name" + ] + }, + "deployment_style": [ + { + "deployment_option": { + "constant_value": "WITH_TRAFFIC_CONTROL" + }, + "deployment_type": { + "constant_value": "BLUE_GREEN" + } + } + ], + "ecs_service": [ + { + "cluster_name": { + "references": [ + "aws_ecs_cluster.cluster" + ] + }, + "service_name": { + "references": [ + "aws_ecs_service.service" + ] + } + } + ], + "load_balancer_info": [ + { + "target_group_pair_info": [ + { + "prod_traffic_route": [ + { + "listener_arns": { + "references": [ + "aws_alb_listener.https" + ] + } + } + ], + "target_group": [ + { + "name": { + "references": [ + "aws_alb_target_group.blue" + ] + } + }, + { + "name": { + "references": [ + "aws_alb_target_group.green" + ] + } + } + ], + "test_traffic_route": [ + { + "listener_arns": { + "references": [ + "var.codedeploy_test_listener_port", + "aws_alb_listener.test_listener[0]" + ] + } + } + ] + } + ] + } + ], + "service_role_arn": { + "references": [ + "var.codedeploy_service_role_arn" + ] + } + }, + "schema_version": 0 + }, + { + "address": "aws_ecs_cluster.cluster", + "mode": "managed", + "type": "aws_ecs_cluster", + "name": "cluster", + "provider_config_key": "fargate:aws", + "expressions": { + "name": { + "references": [ + "var.app_name" + ] + }, + "tags": { + "references": [ + "var.tags" + ] + } + }, + "schema_version": 0 + }, + { + "address": "aws_ecs_service.service", + "mode": "managed", + "type": "aws_ecs_service", + "name": "service", + "provider_config_key": "fargate:aws", + "expressions": { + "cluster": { + "references": [ + "aws_ecs_cluster.cluster" + ] + }, + "deployment_controller": [ + { + "type": { + "constant_value": "CODE_DEPLOY" + } + } + ], + "desired_count": { + "references": [ + "var.autoscaling_config", + "var.autoscaling_config" + ] + }, + "health_check_grace_period_seconds": { + "references": [ + "var.health_check_grace_period" + ] + }, + "launch_type": { + "constant_value": "FARGATE" + }, + "load_balancer": [ + { + "container_name": { + "references": [ + "var.primary_container_definition" + ] + }, + "container_port": { + "references": [ + "var.container_port" + ] + }, + "target_group_arn": { + "references": [ + "aws_alb_target_group.blue" + ] + } + } + ], + "name": { + "references": [ + "local.service_name" + ] + }, + "network_configuration": [ + { + "assign_public_ip": { + "constant_value": true + }, + "security_groups": { + "references": [ + "aws_security_group.fargate_service_sg", + "var.security_groups" + ] + }, + "subnets": { + "references": [ + "var.private_subnet_ids" + ] + } + } + ], + "platform_version": { + "constant_value": "1.4.0" + }, + "tags": { + "references": [ + "var.tags" + ] + }, + "task_definition": { + "references": [ + "aws_ecs_task_definition.task_def" + ] + } + }, + "schema_version": 0 + }, + { + "address": "aws_ecs_task_definition.task_def", + "mode": "managed", + "type": "aws_ecs_task_definition", + "name": "task_def", + "provider_config_key": "fargate:aws", + "expressions": { + "container_definitions": { + "references": [ + "local.container_definitions" + ] + }, + "cpu": { + "references": [ + "var.task_cpu" + ] + }, + "execution_role_arn": { + "references": [ + "aws_iam_role.task_execution_role" + ] + }, + "family": { + "references": [ + "var.app_name" + ] + }, + "memory": { + "references": [ + "var.task_memory" + ] + }, + "network_mode": { + "constant_value": "awsvpc" + }, + "requires_compatibilities": { + "constant_value": [ + "FARGATE" + ] + }, + "tags": { + "references": [ + "var.tags" + ] + }, + "task_role_arn": { + "references": [ + "aws_iam_role.task_role" + ] + } + }, + "schema_version": 1 + }, + { + "address": "aws_iam_policy.secrets_access", + "mode": "managed", + "type": "aws_iam_policy", + "name": "secrets_access", + "provider_config_key": "fargate:aws", + "expressions": { + "name": { + "references": [ + "var.app_name" + ] + }, + "policy": { + "references": [ + "data.aws_iam_policy_document.secrets_access[0]" + ] + } + }, + "schema_version": 0, + "count_expression": { + "references": [ + "local.has_secrets" + ] + } + }, + { + "address": "aws_iam_role.task_execution_role", + "mode": "managed", + "type": "aws_iam_role", + "name": "task_execution_role", + "provider_config_key": "fargate:aws", + "expressions": { + "assume_role_policy": { + "references": [ + "data.aws_iam_policy_document.task_execution_policy" + ] + }, + "name": { + "references": [ + "var.app_name" + ] + }, + "permissions_boundary": { + "references": [ + "var.role_permissions_boundary_arn" + ] + }, + "tags": { + "references": [ + "var.tags" + ] + } + }, + "schema_version": 0 + }, + { + "address": "aws_iam_role.task_role", + "mode": "managed", + "type": "aws_iam_role", + "name": "task_role", + "provider_config_key": "fargate:aws", + "expressions": { + "assume_role_policy": { + "references": [ + "data.aws_iam_policy_document.task_policy" + ] + }, + "name": { + "references": [ + "var.app_name" + ] + }, + "permissions_boundary": { + "references": [ + "var.role_permissions_boundary_arn" + ] + }, + "tags": { + "references": [ + "var.tags" + ] + } + }, + "schema_version": 0 + }, + { + "address": "aws_iam_role_policy_attachment.secret_task_policy_attach", + "mode": "managed", + "type": "aws_iam_role_policy_attachment", + "name": "secret_task_policy_attach", + "provider_config_key": "fargate:aws", + "expressions": { + "policy_arn": { + "references": [ + "aws_iam_policy.secrets_access[0]" + ] + }, + "role": { + "references": [ + "aws_iam_role.task_role" + ] + } + }, + "schema_version": 0, + "count_expression": { + "references": [ + "local.has_secrets" + ] + } + }, + { + "address": "aws_iam_role_policy_attachment.secrets_policy_attach", + "mode": "managed", + "type": "aws_iam_role_policy_attachment", + "name": "secrets_policy_attach", + "provider_config_key": "fargate:aws", + "expressions": { + "policy_arn": { + "references": [ + "aws_iam_policy.secrets_access[0]" + ] + }, + "role": { + "references": [ + "aws_iam_role.task_execution_role" + ] + } + }, + "schema_version": 0, + "count_expression": { + "references": [ + "local.has_secrets" + ] + } + }, + { + "address": "aws_iam_role_policy_attachment.task_execution_policy_attach", + "mode": "managed", + "type": "aws_iam_role_policy_attachment", + "name": "task_execution_policy_attach", + "provider_config_key": "fargate:aws", + "expressions": { + "policy_arn": { + "constant_value": "arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy" + }, + "role": { + "references": [ + "aws_iam_role.task_execution_role" + ] + } + }, + "schema_version": 0 + }, + { + "address": "aws_iam_role_policy_attachment.task_policy_attach", + "mode": "managed", + "type": "aws_iam_role_policy_attachment", + "name": "task_policy_attach", + "provider_config_key": "fargate:aws", + "expressions": { + "policy_arn": { + "references": [ + "var.task_policies", + "count.index" + ] + }, + "role": { + "references": [ + "aws_iam_role.task_role" + ] + } + }, + "schema_version": 0, + "count_expression": { + "references": [ + "var.task_policies" + ] + } + }, + { + "address": "aws_route53_record.a_record", + "mode": "managed", + "type": "aws_route53_record", + "name": "a_record", + "provider_config_key": "fargate:aws", + "expressions": { + "alias": [ + { + "evaluate_target_health": { + "constant_value": true + }, + "name": { + "references": [ + "aws_alb.alb" + ] + }, + "zone_id": { + "references": [ + "aws_alb.alb" + ] + } + } + ], + "name": { + "references": [ + "local.app_domain_url" + ] + }, + "type": { + "constant_value": "A" + }, + "zone_id": { + "references": [ + "var.hosted_zone" + ] + } + }, + "schema_version": 2 + }, + { + "address": "aws_route53_record.aaaa_record", + "mode": "managed", + "type": "aws_route53_record", + "name": "aaaa_record", + "provider_config_key": "fargate:aws", + "expressions": { + "alias": [ + { + "evaluate_target_health": { + "constant_value": true + }, + "name": { + "references": [ + "aws_alb.alb" + ] + }, + "zone_id": { + "references": [ + "aws_alb.alb" + ] + } + } + ], + "name": { + "references": [ + "local.app_domain_url" + ] + }, + "type": { + "constant_value": "AAAA" + }, + "zone_id": { + "references": [ + "var.hosted_zone" + ] + } + }, + "schema_version": 2 + }, + { + "address": "aws_security_group.alb-sg", + "mode": "managed", + "type": "aws_security_group", + "name": "alb-sg", + "provider_config_key": "fargate:aws", + "expressions": { + "description": { + "references": [ + "local.alb_name" + ] + }, + "name": { + "references": [ + "local.alb_name" + ] + }, + "tags": { + "references": [ + "var.tags" + ] + }, + "vpc_id": { + "references": [ + "var.vpc_id" + ] + } + }, + "schema_version": 1 + }, + { + "address": "aws_security_group.fargate_service_sg", + "mode": "managed", + "type": "aws_security_group", + "name": "fargate_service_sg", + "provider_config_key": "fargate:aws", + "expressions": { + "description": { + "constant_value": "Controls access to the Fargate Service" + }, + "name": { + "references": [ + "var.app_name" + ] + }, + "tags": { + "references": [ + "var.tags" + ] + }, + "vpc_id": { + "references": [ + "var.vpc_id" + ] + } + }, + "schema_version": 1 + }, + { + "address": "local_file.appspec_json", + "mode": "managed", + "type": "local_file", + "name": "appspec_json", + "provider_config_key": "fargate:local", + "expressions": { + "content": { + "references": [ + "aws_ecs_task_definition.task_def", + "var.primary_container_definition", + "var.container_port", + "local.hooks" + ] + }, + "filename": { + "references": [ + "path.cwd" + ] + } + }, + "schema_version": 0 + }, + { + "address": "data.aws_caller_identity.current", + "mode": "data", + "type": "aws_caller_identity", + "name": "current", + "provider_config_key": "fargate:aws", + "schema_version": 0 + }, + { + "address": "data.aws_iam_policy_document.secrets_access", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "secrets_access", + "provider_config_key": "fargate:aws", + "expressions": { + "statement": [ + { + "actions": { + "constant_value": [ + "ssm:GetParameters", + "ssm:GetParameter", + "ssm:GetParemetersByPath" + ] + }, + "effect": { + "constant_value": "Allow" + }, + "resources": { + "references": [ + "local.secrets_arns" + ] + } + } + ], + "version": { + "constant_value": "2012-10-17" + } + }, + "schema_version": 0, + "count_expression": { + "references": [ + "local.has_secrets" + ] + } + }, + { + "address": "data.aws_iam_policy_document.task_execution_policy", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "task_execution_policy", + "provider_config_key": "fargate:aws", + "expressions": { + "statement": [ + { + "actions": { + "constant_value": [ + "sts:AssumeRole" + ] + }, + "effect": { + "constant_value": "Allow" + }, + "principals": [ + { + "identifiers": { + "constant_value": [ + "ecs-tasks.amazonaws.com" + ] + }, + "type": { + "constant_value": "Service" + } + } + ] + } + ], + "version": { + "constant_value": "2012-10-17" + } + }, + "schema_version": 0 + }, + { + "address": "data.aws_iam_policy_document.task_policy", + "mode": "data", + "type": "aws_iam_policy_document", + "name": "task_policy", + "provider_config_key": "fargate:aws", + "expressions": { + "statement": [ + { + "actions": { + "constant_value": [ + "sts:AssumeRole" + ] + }, + "effect": { + "constant_value": "Allow" + }, + "principals": [ + { + "identifiers": { + "constant_value": [ + "ecs-tasks.amazonaws.com" + ] + }, + "type": { + "constant_value": "Service" + } + } + ] + } + ], + "version": { + "constant_value": "2012-10-17" + } + }, + "schema_version": 0 + }, + { + "address": "data.aws_region.current", + "mode": "data", + "type": "aws_region", + "name": "current", + "provider_config_key": "fargate:aws", + "schema_version": 0 + } + ], + "variables": { + "app_name": { + "description": "Application name to name your Fargate API and other resources. Must be \u003c= 24 characters." + }, + "autoscaling_config": { + "description": "Configuration for default autoscaling policies and alarms. Set to null if you want to set up your own autoscaling policies and alarms." + }, + "codedeploy_lifecycle_hooks": { + "default": null, + "description": "Define Lambda Functions for CodeDeploy lifecycle event hooks. Or set this variable to null to not have any lifecycle hooks invoked. Defaults to null" + }, + "codedeploy_service_role_arn": { + "description": "ARN of the IAM Role for the CodeDeploy to use to initiate new deployments. (usually the PowerBuilder Role)" + }, + "codedeploy_termination_wait_time": { + "default": 15, + "description": "The number of minutes to wait after a successful blue/green deployment before terminating instances from the original environment. Defaults to 15" + }, + "codedeploy_test_listener_port": { + "default": null, + "description": "The port for a codedeploy test listener. If provided CodeDeploy will use this port for test traffic on the new replacement set during the blue-green deployment process before shifting production traffic to the replacement set. Defaults to null" + }, + "container_port": { + "description": "The port the primary docker container is listening on" + }, + "extra_container_definitions": { + "default": [], + "description": "A list of extra container definitions. Defaults to []" + }, + "health_check_grace_period": { + "default": 0, + "description": "Health check grace period in seconds. Defaults to 0." + }, + "health_check_healthy_threshold": { + "default": 3, + "description": "Health check healthy threshold; number of consecutive health checks required before considering target as healthy. Defaults to 3." + }, + "health_check_interval": { + "default": 30, + "description": "Health check interval; amount of time, in seconds, between health checks of an individual target. Defaults to 30." + }, + "health_check_path": { + "default": "/", + "description": "Health check path for the image. Defaults to \"/\"." + }, + "health_check_timeout": { + "default": 5, + "description": "Health check timeout; amount of time, in seconds, during which no response means a failed health check. Defaults to 5." + }, + "health_check_unhealthy_threshold": { + "default": 3, + "description": "Health check unhealthy threshold; number of consecutive failed health checks required before considering target as unhealthy. Defaults to 3." + }, + "hosted_zone": { + "description": "Hosted Zone object to redirect to ALB. (Can pass in the aws_hosted_zone object). A and AAAA records created in this hosted zone." + }, + "https_certificate_arn": { + "description": "ARN of the HTTPS certificate of the hosted zone/domain." + }, + "log_retention_in_days": { + "default": 7, + "description": "CloudWatch log group retention in days. Defaults to 7." + }, + "primary_container_definition": { + "description": "The primary container definition for your application. This one will be the only container that receives traffic from the ALB, so make sure the 'ports' field contains the same port as the 'image_port'" + }, + "private_subnet_ids": { + "description": "List of subnet IDs for the fargate service." + }, + "public_subnet_ids": { + "description": "List of subnet IDs for the ALB." + }, + "role_permissions_boundary_arn": { + "description": "ARN of the IAM Role permissions boundary to place on each IAM role created." + }, + "security_groups": { + "default": [], + "description": "List of extra security group IDs to attach to the fargate task." + }, + "tags": { + "default": {}, + "description": "A map of AWS Tags to attach to each resource created" + }, + "target_group_deregistration_delay": { + "default": 60, + "description": "Deregistration delay in seconds for ALB target groups. Defaults to 60 seconds." + }, + "task_cpu": { + "default": 256, + "description": "CPU for the task definition. Defaults to 256." + }, + "task_memory": { + "default": 512, + "description": "Memory for the task definition. Defaults to 512." + }, + "task_policies": { + "default": [], + "description": "List of IAM Policy ARNs to attach to the task execution policy." + }, + "vpc_id": { + "description": "VPC ID to deploy ECS fargate service." + } + } + } + } + }, + "variables": { + "app_name": {}, + "autoscaling_config": {}, + "codedeploy_termination_wait_time": {}, + "db_allocated_storage": {}, + "db_instance_class": {}, + "env": {}, + "image_tag": { + "description": "Docker image tag, tags need to be immutable. Usually a timestamp set by the CICD pipeline." + } + } + } + } + }, + "variables": { + "image_tag": { + "description": "Docker image tag, tags need to be immutable. Usually a timestamp set by the CICD pipeline." + } + } + } + } +} diff --git a/action.yml b/action.yml index a9879b8..e00eaff 100644 --- a/action.yml +++ b/action.yml @@ -5,9 +5,9 @@ inputs: github_token: required: true description: 'github token' - terraform_plan_json: + terraform_plan_json_file: required: true - description: JSON of the terraform plan + description: JSON file of the terraform plan runs: using: 'node12' main: 'dist/index.js' diff --git a/dist/index.js b/dist/index.js index 59fd97f..3ac4822 100644 --- a/dist/index.js +++ b/dist/index.js @@ -936,9 +936,13 @@ var __importStar = (this && this.__importStar) || function (mod) { __setModuleDefault(result, mod); return result; }; +var __importDefault = (this && this.__importDefault) || function (mod) { + return (mod && mod.__esModule) ? mod : { "default": mod }; +}; Object.defineProperty(exports, "__esModule", { value: true }); const core = __importStar(__webpack_require__(470)); const github = __importStar(__webpack_require__(469)); +const fs_1 = __importDefault(__webpack_require__(747)); const types_1 = __webpack_require__(251); const commentPrefix = '## Terraform Plan:'; async function run() { @@ -950,7 +954,9 @@ async function run() { return; } core.debug('got pull request'); - const terraformPlan = JSON.parse(core.getInput('terraform_plan_json')); + const jsonFileName = core.getInput('terraform_plan_json_file'); + const json = fs_1.default.readFileSync(jsonFileName, 'utf8'); + const terraformPlan = JSON.parse(json); const token = core.getInput('github_token'); const runId = parseInt(process.env['GITHUB_RUN_ID'] || '-1'); const commenter = new PlanCommenter(token, runId, pr); diff --git a/src/main.ts b/src/main.ts index 89d14cc..3552726 100644 --- a/src/main.ts +++ b/src/main.ts @@ -1,5 +1,6 @@ import * as core from '@actions/core' import * as github from '@actions/github' +import fs from 'fs' import {GitHub} from '@actions/github/lib/utils' import {Action, PullRequest, TerraformPlan} from './types' @@ -16,7 +17,9 @@ async function run(): Promise { } core.debug('got pull request') - const terraformPlan: TerraformPlan = JSON.parse(core.getInput('terraform_plan_json')) + const jsonFileName = core.getInput('terraform_plan_json_file') + const json = fs.readFileSync(jsonFileName, 'utf8') + const terraformPlan: TerraformPlan = JSON.parse(json) const token = core.getInput('github_token') const runId = parseInt(process.env['GITHUB_RUN_ID'] || '-1') From 948c0eaf6b3d7d4a52a86a878bfeaeacdc55c237 Mon Sep 17 00:00:00 2001 From: yoshutch Date: Wed, 24 Jun 2020 14:45:36 -0600 Subject: [PATCH 02/26] debugging --- dist/index.js | 3 +++ src/main.ts | 3 +++ 2 files changed, 6 insertions(+) diff --git a/dist/index.js b/dist/index.js index 3ac4822..bd9356b 100644 --- a/dist/index.js +++ b/dist/index.js @@ -955,8 +955,11 @@ async function run() { } core.debug('got pull request'); const jsonFileName = core.getInput('terraform_plan_json_file'); + core.debug(`got fileName: ${jsonFileName}`); const json = fs_1.default.readFileSync(jsonFileName, 'utf8'); + core.debug(`got json:\n${json}`); const terraformPlan = JSON.parse(json); + core.debug('parsed json'); const token = core.getInput('github_token'); const runId = parseInt(process.env['GITHUB_RUN_ID'] || '-1'); const commenter = new PlanCommenter(token, runId, pr); diff --git a/src/main.ts b/src/main.ts index 3552726..09b7fd5 100644 --- a/src/main.ts +++ b/src/main.ts @@ -18,8 +18,11 @@ async function run(): Promise { core.debug('got pull request') const jsonFileName = core.getInput('terraform_plan_json_file') + core.debug(`got fileName: ${jsonFileName}`) const json = fs.readFileSync(jsonFileName, 'utf8') + core.debug(`got json:\n${json}`) const terraformPlan: TerraformPlan = JSON.parse(json) + core.debug('parsed json') const token = core.getInput('github_token') const runId = parseInt(process.env['GITHUB_RUN_ID'] || '-1') From 2856820e22a8a264a77cdfd5fc8055625269d03f Mon Sep 17 00:00:00 2001 From: yoshutch Date: Wed, 24 Jun 2020 16:31:15 -0600 Subject: [PATCH 03/26] redacted more info from test-plan.json --- __tests__/test-plan.json | 64 ++++++++++++++++++++-------------------- 1 file changed, 32 insertions(+), 32 deletions(-) diff --git a/__tests__/test-plan.json b/__tests__/test-plan.json index 5009419..f9e589d 100644 --- a/__tests__/test-plan.json +++ b/__tests__/test-plan.json @@ -3154,7 +3154,7 @@ "provider_name": "aws.virginia", "schema_version": 0, "values": { - "arn": "arn:aws:acm:us-east-1:***:certificate/bfdbbdd8-2245-4b87-9bdb-a6f36dee03f0", + "arn": "arn:aws:acm:us-east-1:***:certificate/0fake1d", "domain": "fake_domain.amazon.byu.edu", "id": "2020-06-24 19:40:11.087617241 +0000 UTC", "key_types": null, @@ -3233,7 +3233,7 @@ "role_id": null, "role_name": null, "tags": {}, - "unique_id": "AROAQKWMX5RQBRYXAHQVY" + "unique_id": "0fake1d" } }, { @@ -3257,7 +3257,7 @@ "role_id": null, "role_name": null, "tags": {}, - "unique_id": "AROAQKWMX5RQFWZGDCD3I" + "unique_id": "0fake1d" } }, { @@ -3281,7 +3281,7 @@ "role_id": null, "role_name": null, "tags": {}, - "unique_id": "AROAQKWMX5RQIZFBVRSAE" + "unique_id": "0fake1d" } }, { @@ -3308,17 +3308,17 @@ "provider_name": "aws", "schema_version": 0, "values": { - "caller_reference": "terraform-20191018192825296800000001", + "caller_reference": "terraform-0fake1d", "comment": "Managed by Terraform", "id": "Z0FAKE1D", "linked_service_description": null, "linked_service_principal": null, "name": "fake_domain.amazon.byu.edu.", "name_servers": [ - "ns-1069.awsdns-05.org", - "ns-1594.awsdns-07.co.uk", - "ns-190.awsdns-23.com", - "ns-890.awsdns-47.net" + "fake.org", + "fake.co.uk", + "fake.com", + "fake.net" ], "private_zone": false, "resource_record_set_count": 17, @@ -3340,16 +3340,16 @@ "provider_name": "aws", "schema_version": 0, "values": { - "arn": "arn:aws:ec2:us-west-2:***:security-group/sg-0b4eb66efead1d1e1", + "arn": "arn:aws:ec2:us-west-2:***:security-group/sg-0fake1d", "description": "Used to connect to ORACLE Xinetd Server in Platform Account - Managed by Terraform", "filter": null, - "id": "sg-0b4eb66efead1d1e1", + "id": "sg-0fake1d", "name": "vpn_oregon_dev_xinetd", "tags": { "IAC": "Terraform", "Name": "ORACLE/CMAN Xinetd Security Group" }, - "vpc_id": "vpc-07016e8396cc0d094" + "vpc_id": "vpc-0fake1d" } }, { @@ -3360,7 +3360,7 @@ "provider_name": "aws", "schema_version": 0, "values": { - "arn": "arn:aws:ec2:us-west-2:***:security-group/sg-000968b3647ca2fad", + "arn": "arn:aws:ec2:us-west-2:***:security-group/sg-0fake1d", "description": "Security Group for RDS - Managed by Terraform", "filter": [ { @@ -3376,7 +3376,7 @@ ] } ], - "id": "sg-000968b3647ca2fad", + "id": "sg-0fake1d", "name": "rds_security_group_oit_oregon_dev", "tags": { "IAC": "Terraform", @@ -3393,7 +3393,7 @@ "provider_name": "aws", "schema_version": 0, "values": { - "arn": "arn:aws:ec2:us-west-2:***:security-group/sg-02a5b89b0eef89932", + "arn": "arn:aws:ec2:us-west-2:***:security-group/sg-0fake1d", "description": "Security Group for SSH/RDP - Managed by Terraform", "filter": [ { @@ -3409,7 +3409,7 @@ ] } ], - "id": "sg-02a5b89b0eef89932", + "id": "sg-0fake1d", "name": "ssh_rdp_sg_oit_oregon_dev", "tags": { "IAC": "Terraform", @@ -3430,7 +3430,7 @@ "id": "acsParameters", "name": "acsParameters", "type": "String", - "value": "{\"/acs/acm/zone-cert-arn\": \"arn:aws:acm:us-west-2:***:certificate/0fake1d\", \"/acs/acm/zone-cert-id\": \"arn:aws:acm:us-west-2:***:certificate/0fake1d\", \"/acs/dns/zone-id\": \"Z0FAKE1D\", \"/acs/dns/zone-name\": \"fake_domain.amazon.byu.edu.\", \"/acs/git/token\": \"27c8476d8a501f2f4f789ece25e5418b2bad46c0\", \"/acs/iam/iamRolePermissionBoundary\": \"arn:aws:iam::***:policy/iamRolePermissionBoundary\", \"/acs/iam/iamUserPermissionBoundary\": \"arn:aws:iam::***:policy/iamUserPermissionBoundary\", \"/acs/vpc/oit-oregon-dev\": \"vpc-0fake1d\", \"/acs/vpc/oit-oregon-dev-data-a\": \"subnet-0f4cb0342b0732de1\", \"/acs/vpc/oit-oregon-dev-data-b\": \"subnet-083fda44af54ef47a\", \"/acs/vpc/oit-oregon-dev-private-b\": \"subnet-0fake1d\", \"/acs/vpc/sshrdp_sg\": \"ssh_rdp_sg_oit_oregon_dev\", \"/acs/vpc/vpc-name\": \"oit-oregon-dev\", \"/acs/vpc/vpn-oit-oregon-dev-data-b\": \"subnet-098f9ec9e3cd13db8\", \"/acs/vpc/vpn-oit-oregon-dev-private-b\": \"subnet-0069c0ca4522027f5\", \"/acs/vpc/xinetd-sg-id\": \"sg-0b4eb66efead1d1e1\", \"/acs/vpc/oit-oregon-dev-public-a\": \"subnet-0fake1d\", \"/acs/vpc/oit-oregon-dev-public-b\": \"subnet-0fake1d\", \"/acs/vpc/rds_sg\": \"rds_security_group_oit_oregon_dev\", \"/acs/vpc/rds_vpn_sg\": \"rds_security_group_vpn_oit_oregon_dev\", \"/acs/vpc/sshrdp_vpn_sg\": \"ssh_rdp_sg_vpn_oit_oregon_dev\", \"/acs/vpc/vpn-oit-oregon-dev\": \"vpc-07016e8396cc0d094\", \"/acs/vpc/vpn-oit-oregon-dev-data-a\": \"subnet-04ef6dfe521d80527\", \"/acs/vpc/vpn-oit-oregon-dev-private-a\": \"subnet-04e5fcbaff98d47d4\", \"/acs/vpc/vpn-oit-oregon-dev-public-a\": \"subnet-0940eb9b3c9f477db\", \"/acs/vpc/vpn-oit-oregon-dev-public-b\": \"subnet-0db85a6e19afc78a9\", \"/acs/vpc/oit-oregon-dev-private-a\": \"subnet-0fake1d\", \"/acs/vpc/vpn-vpc-name\": \"vpn-oit-oregon-dev\"}", + "value": "{\"/acs/acm/zone-cert-arn\": \"arn:aws:acm:us-west-2:***:certificate/0fake1d\", \"/acs/acm/zone-cert-id\": \"arn:aws:acm:us-west-2:***:certificate/0fake1d\", \"/acs/dns/zone-id\": \"Z0FAKE1D\", \"/acs/dns/zone-name\": \"fake_domain.amazon.byu.edu.\", \"/acs/git/token\": \"faketoken\", \"/acs/iam/iamRolePermissionBoundary\": \"arn:aws:iam::***:policy/iamRolePermissionBoundary\", \"/acs/iam/iamUserPermissionBoundary\": \"arn:aws:iam::***:policy/iamUserPermissionBoundary\", \"/acs/vpc/oit-oregon-dev\": \"vpc-0fake1d\", \"/acs/vpc/oit-oregon-dev-data-a\": \"subnet-0f4cb0342b0732de1\", \"/acs/vpc/oit-oregon-dev-data-b\": \"subnet-083fda44af54ef47a\", \"/acs/vpc/oit-oregon-dev-private-b\": \"subnet-0fake1d\", \"/acs/vpc/sshrdp_sg\": \"ssh_rdp_sg_oit_oregon_dev\", \"/acs/vpc/vpc-name\": \"oit-oregon-dev\", \"/acs/vpc/vpn-oit-oregon-dev-data-b\": \"subnet-098f9ec9e3cd13db8\", \"/acs/vpc/vpn-oit-oregon-dev-private-b\": \"subnet-0069c0ca4522027f5\", \"/acs/vpc/xinetd-sg-id\": \"sg-0fake1d\", \"/acs/vpc/oit-oregon-dev-public-a\": \"subnet-0fake1d\", \"/acs/vpc/oit-oregon-dev-public-b\": \"subnet-0fake1d\", \"/acs/vpc/rds_sg\": \"rds_security_group_oit_oregon_dev\", \"/acs/vpc/rds_vpn_sg\": \"rds_security_group_vpn_oit_oregon_dev\", \"/acs/vpc/sshrdp_vpn_sg\": \"ssh_rdp_sg_vpn_oit_oregon_dev\", \"/acs/vpc/vpn-oit-oregon-dev\": \"vpc-0fake1d\", \"/acs/vpc/vpn-oit-oregon-dev-data-a\": \"subnet-04ef6dfe521d80527\", \"/acs/vpc/vpn-oit-oregon-dev-private-a\": \"subnet-04e5fcbaff98d47d4\", \"/acs/vpc/vpn-oit-oregon-dev-public-a\": \"subnet-0940eb9b3c9f477db\", \"/acs/vpc/vpn-oit-oregon-dev-public-b\": \"subnet-0db85a6e19afc78a9\", \"/acs/vpc/oit-oregon-dev-private-a\": \"subnet-0fake1d\", \"/acs/vpc/vpn-vpc-name\": \"vpn-oit-oregon-dev\"}", "version": 126331, "with_decryption": true } @@ -3444,7 +3444,7 @@ "provider_name": "aws", "schema_version": 0, "values": { - "arn": "arn:aws:ec2:us-west-2:867441714531:subnet/subnet-0f4cb0342b0732de1", + "arn": "arn:aws:ec2:us-west-2:1234:subnet/subnet-0f4cb0342b0732de1", "assign_ipv6_address_on_creation": false, "availability_zone": "us-west-2b", "availability_zone_id": "usw2-az1", @@ -3456,7 +3456,7 @@ "ipv6_cidr_block_association_id": null, "map_public_ip_on_launch": false, "outpost_arn": "", - "owner_id": "867441714531", + "owner_id": "1234", "state": "available", "tags": { "Name": "oit-oregon-dev-data-a" @@ -3473,7 +3473,7 @@ "provider_name": "aws", "schema_version": 0, "values": { - "arn": "arn:aws:ec2:us-west-2:867441714531:subnet/subnet-083fda44af54ef47a", + "arn": "arn:aws:ec2:us-west-2:1234:subnet/subnet-083fda44af54ef47a", "assign_ipv6_address_on_creation": false, "availability_zone": "us-west-2a", "availability_zone_id": "usw2-az2", @@ -3485,7 +3485,7 @@ "ipv6_cidr_block_association_id": null, "map_public_ip_on_launch": false, "outpost_arn": "", - "owner_id": "867441714531", + "owner_id": "1234", "state": "available", "tags": { "Name": "oit-oregon-dev-data-b" @@ -3502,7 +3502,7 @@ "provider_name": "aws", "schema_version": 0, "values": { - "arn": "arn:aws:ec2:us-west-2:867441714531:subnet/subnet-0fake1d", + "arn": "arn:aws:ec2:us-west-2:1234:subnet/subnet-0fake1d", "assign_ipv6_address_on_creation": false, "availability_zone": "us-west-2b", "availability_zone_id": "usw2-az1", @@ -3514,7 +3514,7 @@ "ipv6_cidr_block_association_id": null, "map_public_ip_on_launch": false, "outpost_arn": "", - "owner_id": "867441714531", + "owner_id": "1234", "state": "available", "tags": { "Name": "oit-oregon-dev-private-a" @@ -3531,7 +3531,7 @@ "provider_name": "aws", "schema_version": 0, "values": { - "arn": "arn:aws:ec2:us-west-2:867441714531:subnet/subnet-0fake1d", + "arn": "arn:aws:ec2:us-west-2:1234:subnet/subnet-0fake1d", "assign_ipv6_address_on_creation": false, "availability_zone": "us-west-2a", "availability_zone_id": "usw2-az2", @@ -3543,7 +3543,7 @@ "ipv6_cidr_block_association_id": null, "map_public_ip_on_launch": false, "outpost_arn": "", - "owner_id": "867441714531", + "owner_id": "1234", "state": "available", "tags": { "Name": "oit-oregon-dev-private-b" @@ -3560,7 +3560,7 @@ "provider_name": "aws", "schema_version": 0, "values": { - "arn": "arn:aws:ec2:us-west-2:867441714531:subnet/subnet-0fake1d", + "arn": "arn:aws:ec2:us-west-2:1234:subnet/subnet-0fake1d", "assign_ipv6_address_on_creation": false, "availability_zone": "us-west-2b", "availability_zone_id": "usw2-az1", @@ -3572,7 +3572,7 @@ "ipv6_cidr_block_association_id": null, "map_public_ip_on_launch": true, "outpost_arn": "", - "owner_id": "867441714531", + "owner_id": "1234", "state": "available", "tags": { "Name": "oit-oregon-dev-public-a" @@ -3589,7 +3589,7 @@ "provider_name": "aws", "schema_version": 0, "values": { - "arn": "arn:aws:ec2:us-west-2:867441714531:subnet/subnet-0fake1d", + "arn": "arn:aws:ec2:us-west-2:1234:subnet/subnet-0fake1d", "assign_ipv6_address_on_creation": false, "availability_zone": "us-west-2a", "availability_zone_id": "usw2-az2", @@ -3601,7 +3601,7 @@ "ipv6_cidr_block_association_id": null, "map_public_ip_on_launch": true, "outpost_arn": "", - "owner_id": "867441714531", + "owner_id": "1234", "state": "available", "tags": { "Name": "oit-oregon-dev-public-b" @@ -3621,7 +3621,7 @@ "cidr_block": "172.17.0.0/16", "cidr_block_associations": [ { - "association_id": "vpc-cidr-assoc-0b5bc60464f6096ad", + "association_id": "vpc-cidr-assoc-0face1d", "cidr_block": "172.17.0.0/16", "state": "associated" } @@ -3635,8 +3635,8 @@ "instance_tenancy": "default", "ipv6_association_id": null, "ipv6_cidr_block": null, - "main_route_table_id": "rtb-0055fed2722008648", - "owner_id": "867441714531", + "main_route_table_id": "rtb-0face1d", + "owner_id": "1234", "state": "available", "tags": { "Name": "oit-oregon-dev" From f93a8ca00689a3bcf270fa297cb9788920fcc0f8 Mon Sep 17 00:00:00 2001 From: yoshutch Date: Wed, 24 Jun 2020 17:05:06 -0600 Subject: [PATCH 04/26] r --- __tests__/test-plan.json | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/__tests__/test-plan.json b/__tests__/test-plan.json index f9e589d..fbb3cdc 100644 --- a/__tests__/test-plan.json +++ b/__tests__/test-plan.json @@ -772,7 +772,7 @@ "repo": "https://github.com/byu-oit/fake_app", "team": "FAKE_TEAM" }, - "unique_id": "AROAQKWMX5RQFY26MWWWF" + "unique_id": "FAKE" } }, { @@ -2482,7 +2482,7 @@ "repo": "https://github.com/byu-oit/fake_app", "team": "FAKE_TEAM" }, - "unique_id": "AROAQKWMX5RQFY26MWWWF" + "unique_id": "FAKE" }, "after": { "arn": "arn:aws:iam::***:role/fake_app-dev-taskExecutionRole", @@ -2502,7 +2502,7 @@ "repo": "https://github.com/byu-oit/fake_app", "team": "FAKE_TEAM" }, - "unique_id": "AROAQKWMX5RQFY26MWWWF" + "unique_id": "FAKE" }, "after_unknown": {} } @@ -3430,7 +3430,7 @@ "id": "acsParameters", "name": "acsParameters", "type": "String", - "value": "{\"/acs/acm/zone-cert-arn\": \"arn:aws:acm:us-west-2:***:certificate/0fake1d\", \"/acs/acm/zone-cert-id\": \"arn:aws:acm:us-west-2:***:certificate/0fake1d\", \"/acs/dns/zone-id\": \"Z0FAKE1D\", \"/acs/dns/zone-name\": \"fake_domain.amazon.byu.edu.\", \"/acs/git/token\": \"faketoken\", \"/acs/iam/iamRolePermissionBoundary\": \"arn:aws:iam::***:policy/iamRolePermissionBoundary\", \"/acs/iam/iamUserPermissionBoundary\": \"arn:aws:iam::***:policy/iamUserPermissionBoundary\", \"/acs/vpc/oit-oregon-dev\": \"vpc-0fake1d\", \"/acs/vpc/oit-oregon-dev-data-a\": \"subnet-0f4cb0342b0732de1\", \"/acs/vpc/oit-oregon-dev-data-b\": \"subnet-083fda44af54ef47a\", \"/acs/vpc/oit-oregon-dev-private-b\": \"subnet-0fake1d\", \"/acs/vpc/sshrdp_sg\": \"ssh_rdp_sg_oit_oregon_dev\", \"/acs/vpc/vpc-name\": \"oit-oregon-dev\", \"/acs/vpc/vpn-oit-oregon-dev-data-b\": \"subnet-098f9ec9e3cd13db8\", \"/acs/vpc/vpn-oit-oregon-dev-private-b\": \"subnet-0069c0ca4522027f5\", \"/acs/vpc/xinetd-sg-id\": \"sg-0fake1d\", \"/acs/vpc/oit-oregon-dev-public-a\": \"subnet-0fake1d\", \"/acs/vpc/oit-oregon-dev-public-b\": \"subnet-0fake1d\", \"/acs/vpc/rds_sg\": \"rds_security_group_oit_oregon_dev\", \"/acs/vpc/rds_vpn_sg\": \"rds_security_group_vpn_oit_oregon_dev\", \"/acs/vpc/sshrdp_vpn_sg\": \"ssh_rdp_sg_vpn_oit_oregon_dev\", \"/acs/vpc/vpn-oit-oregon-dev\": \"vpc-0fake1d\", \"/acs/vpc/vpn-oit-oregon-dev-data-a\": \"subnet-04ef6dfe521d80527\", \"/acs/vpc/vpn-oit-oregon-dev-private-a\": \"subnet-04e5fcbaff98d47d4\", \"/acs/vpc/vpn-oit-oregon-dev-public-a\": \"subnet-0940eb9b3c9f477db\", \"/acs/vpc/vpn-oit-oregon-dev-public-b\": \"subnet-0db85a6e19afc78a9\", \"/acs/vpc/oit-oregon-dev-private-a\": \"subnet-0fake1d\", \"/acs/vpc/vpn-vpc-name\": \"vpn-oit-oregon-dev\"}", + "value": "{\"/acs/acm/zone-cert-arn\": \"arn:aws:acm:us-west-2:***:certificate/0fake1d\", \"/acs/acm/zone-cert-id\": \"arn:aws:acm:us-west-2:***:certificate/0fake1d\", \"/acs/dns/zone-id\": \"Z0FAKE1D\", \"/acs/dns/zone-name\": \"fake_domain.amazon.byu.edu.\", \"/acs/git/token\": \"faketoken\", \"/acs/iam/iamRolePermissionBoundary\": \"arn:aws:iam::***:policy/iamRolePermissionBoundary\", \"/acs/iam/iamUserPermissionBoundary\": \"arn:aws:iam::***:policy/iamUserPermissionBoundary\", \"/acs/vpc/oit-oregon-dev\": \"vpc-0fake1d\", \"/acs/vpc/oit-oregon-dev-data-a\": \"subnet-0fake1d\", \"/acs/vpc/oit-oregon-dev-data-b\": \"subnet-0fake1d\", \"/acs/vpc/oit-oregon-dev-private-b\": \"subnet-0fake1d\", \"/acs/vpc/sshrdp_sg\": \"ssh_rdp_sg_oit_oregon_dev\", \"/acs/vpc/vpc-name\": \"oit-oregon-dev\", \"/acs/vpc/vpn-oit-oregon-dev-data-b\": \"subnet-098f9ec9e3cd13db8\", \"/acs/vpc/vpn-oit-oregon-dev-private-b\": \"subnet-0069c0ca4522027f5\", \"/acs/vpc/xinetd-sg-id\": \"sg-0fake1d\", \"/acs/vpc/oit-oregon-dev-public-a\": \"subnet-0fake1d\", \"/acs/vpc/oit-oregon-dev-public-b\": \"subnet-0fake1d\", \"/acs/vpc/rds_sg\": \"rds_security_group_oit_oregon_dev\", \"/acs/vpc/rds_vpn_sg\": \"rds_security_group_vpn_oit_oregon_dev\", \"/acs/vpc/sshrdp_vpn_sg\": \"ssh_rdp_sg_vpn_oit_oregon_dev\", \"/acs/vpc/vpn-oit-oregon-dev\": \"vpc-0fake1d\", \"/acs/vpc/vpn-oit-oregon-dev-data-a\": \"subnet-04ef6dfe521d80527\", \"/acs/vpc/vpn-oit-oregon-dev-private-a\": \"subnet-04e5fcbaff98d47d4\", \"/acs/vpc/vpn-oit-oregon-dev-public-a\": \"subnet-0940eb9b3c9f477db\", \"/acs/vpc/vpn-oit-oregon-dev-public-b\": \"subnet-0db85a6e19afc78a9\", \"/acs/vpc/oit-oregon-dev-private-a\": \"subnet-0fake1d\", \"/acs/vpc/vpn-vpc-name\": \"vpn-oit-oregon-dev\"}", "version": 126331, "with_decryption": true } @@ -3444,14 +3444,14 @@ "provider_name": "aws", "schema_version": 0, "values": { - "arn": "arn:aws:ec2:us-west-2:1234:subnet/subnet-0f4cb0342b0732de1", + "arn": "arn:aws:ec2:us-west-2:1234:subnet/subnet-0fake1d", "assign_ipv6_address_on_creation": false, "availability_zone": "us-west-2b", "availability_zone_id": "usw2-az1", "cidr_block": "172.17.192.0/19", "default_for_az": false, "filter": null, - "id": "subnet-0f4cb0342b0732de1", + "id": "subnet-0fake1d", "ipv6_cidr_block": null, "ipv6_cidr_block_association_id": null, "map_public_ip_on_launch": false, @@ -3473,14 +3473,14 @@ "provider_name": "aws", "schema_version": 0, "values": { - "arn": "arn:aws:ec2:us-west-2:1234:subnet/subnet-083fda44af54ef47a", + "arn": "arn:aws:ec2:us-west-2:1234:subnet/subnet-0fake1d", "assign_ipv6_address_on_creation": false, "availability_zone": "us-west-2a", "availability_zone_id": "usw2-az2", "cidr_block": "172.17.224.0/19", "default_for_az": false, "filter": null, - "id": "subnet-083fda44af54ef47a", + "id": "subnet-0fake1d", "ipv6_cidr_block": null, "ipv6_cidr_block_association_id": null, "map_public_ip_on_launch": false, @@ -3621,13 +3621,13 @@ "cidr_block": "172.17.0.0/16", "cidr_block_associations": [ { - "association_id": "vpc-cidr-assoc-0face1d", + "association_id": "vpc-cidr-assoc-0fake1d", "cidr_block": "172.17.0.0/16", "state": "associated" } ], "default": false, - "dhcp_options_id": "dopt-fa2e9d82", + "dhcp_options_id": "dopt-0fake1d", "enable_dns_hostnames": true, "enable_dns_support": true, "filter": null, @@ -3635,7 +3635,7 @@ "instance_tenancy": "default", "ipv6_association_id": null, "ipv6_cidr_block": null, - "main_route_table_id": "rtb-0face1d", + "main_route_table_id": "rtb-0fake1d", "owner_id": "1234", "state": "available", "tags": { @@ -4222,7 +4222,7 @@ "repo": "https://github.com/byu-oit/fake_app", "team": "FAKE_TEAM" }, - "unique_id": "AROAQKWMX5RQFY26MWWWF" + "unique_id": "FAKE" } }, { @@ -4524,7 +4524,7 @@ "account_id": "***", "arn": "arn:aws:iam::***:user/GitHub-Actions", "id": "2020-06-24 19:40:09.549125511 +0000 UTC", - "user_id": "AIDAQKWMX5RQAORNHGM6C" + "user_id": "FAKE" } }, { @@ -4536,7 +4536,7 @@ "provider_name": "aws", "schema_version": 0, "values": { - "id": "1265143845", + "id": "1234567890", "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ssm:GetParemetersByPath\",\n \"ssm:GetParameters\",\n \"ssm:GetParameter\"\n ],\n \"Resource\": [\n \"arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_username\",\n \"arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_password\"\n ]\n }\n ]\n}", "override_json": null, "policy_id": null, @@ -4572,7 +4572,7 @@ "provider_name": "aws", "schema_version": 0, "values": { - "id": "320642683", + "id": "1234567890", "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"ecs-tasks.amazonaws.com\"\n }\n }\n ]\n}", "override_json": null, "policy_id": null, @@ -4610,7 +4610,7 @@ "provider_name": "aws", "schema_version": 0, "values": { - "id": "320642683", + "id": "1234567890", "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"ecs-tasks.amazonaws.com\"\n }\n }\n ]\n}", "override_json": null, "policy_id": null, From 5e7b9178ebb53b0d02592a6ef7d1c79f6535f1e1 Mon Sep 17 00:00:00 2001 From: yoshutch Date: Wed, 24 Jun 2020 17:46:36 -0600 Subject: [PATCH 05/26] updated README.md --- README.md | 15 ++++++++++++--- dist/index.js | 6 ++---- src/main.ts | 6 ++---- 3 files changed, 16 insertions(+), 11 deletions(-) diff --git a/README.md b/README.md index e70525d..b24c008 100644 --- a/README.md +++ b/README.md @@ -19,17 +19,26 @@ jobs: runs-on: ubuntu-latest steps: # ... + - name: Terraform Setup + uses: hashicorp/setup-terraform@v1 + with: + terraform_version: ${{ env.tf_version }} + terraform_wrapper: false + # terraform init + # terraform plan - name: Terraform Plan JSON id: json_plan - run: terraform show -json plan + run: terraform show -json plan > plan.json - name: Comment Terraform Plan uses: byu-oit/github-action-tf-plan-comment@v1 with: github_token: ${{ secrets.GITHUB_TOKEN }} - terraform_plan_json: ${{ steps.json_plan.outputs.stdout }} + terraform_plan_json_file: plan.json ``` -**Note:** make sure you run your `terraform show-json plan` in the same working directory as the `terraform plan` step, and make sure you +**Note:** make sure you run your `terraform show-json plan` in the same working directory as the `terraform plan` step, and make sure you. +Also the setup-terraform action by default puts a wrapper around the stdout of commands, so trying to use `terraform show -json > plan.json` will save more than just the json output to the json file. +We disable the wrapper in this example so that you can pipe the output to a file. This action will create a comment on your PR like: diff --git a/dist/index.js b/dist/index.js index bd9356b..aa3acd2 100644 --- a/dist/index.js +++ b/dist/index.js @@ -955,9 +955,7 @@ async function run() { } core.debug('got pull request'); const jsonFileName = core.getInput('terraform_plan_json_file'); - core.debug(`got fileName: ${jsonFileName}`); const json = fs_1.default.readFileSync(jsonFileName, 'utf8'); - core.debug(`got json:\n${json}`); const terraformPlan = JSON.parse(json); core.debug('parsed json'); const token = core.getInput('github_token'); @@ -1016,9 +1014,9 @@ class PlanCommenter { const toReplace = []; const toUpdate = []; for (const resourceChange of terraformPlan.resource_changes) { - core.debug(`resource: ${JSON.stringify(resourceChange)}`); const actions = resourceChange.change.actions; const resourceName = `${resourceChange.type} - ${resourceChange.name}`; + core.debug(`resource: ${resourceName}, actions: ${actions}`); if (actions.length === 1 && actions.includes(types_1.Action.create)) { toCreate.push(resourceName); } @@ -1033,7 +1031,7 @@ class PlanCommenter { else if (actions.length === 1 && actions.includes(types_1.Action.update)) { toUpdate.push(resourceName); } - else { + else if (!actions.includes(types_1.Action['no-op'])) { core.debug(`Not found? ${actions}`); } } diff --git a/src/main.ts b/src/main.ts index 09b7fd5..adcb872 100644 --- a/src/main.ts +++ b/src/main.ts @@ -18,9 +18,7 @@ async function run(): Promise { core.debug('got pull request') const jsonFileName = core.getInput('terraform_plan_json_file') - core.debug(`got fileName: ${jsonFileName}`) const json = fs.readFileSync(jsonFileName, 'utf8') - core.debug(`got json:\n${json}`) const terraformPlan: TerraformPlan = JSON.parse(json) core.debug('parsed json') const token = core.getInput('github_token') @@ -84,9 +82,9 @@ class PlanCommenter { const toReplace = [] const toUpdate = [] for (const resourceChange of terraformPlan.resource_changes) { - core.debug(`resource: ${JSON.stringify(resourceChange)}`) const actions = resourceChange.change.actions const resourceName = `${resourceChange.type} - ${resourceChange.name}` + core.debug(`resource: ${resourceName}, actions: ${actions}`) if (actions.length === 1 && actions.includes(Action.create)) { toCreate.push(resourceName) } else if (actions.length === 1 && actions.includes(Action.delete)) { @@ -99,7 +97,7 @@ class PlanCommenter { toReplace.push(resourceName) } else if (actions.length === 1 && actions.includes(Action.update)) { toUpdate.push(resourceName) - } else { + } else if (!actions.includes(Action['no-op'])) { core.debug(`Not found? ${actions}`) } } From e53f035fa2356913da55fb43b899e0fe0ce04758 Mon Sep 17 00:00:00 2001 From: yoshutch Date: Thu, 25 Jun 2020 15:58:49 -0600 Subject: [PATCH 06/26] trying out passing in tf plan instead of json of plan --- .github/workflows/test.yml | 11 +- .gitignore | 6 +- __tests__/test-plan.json | 7689 ------------------------------------ __tests__/test.tf | 10 + action.yml | 4 +- dist/index.js | 1362 ++++++- package.json | 1 + src/main.ts | 16 +- yarn.lock | 12 + 9 files changed, 1315 insertions(+), 7796 deletions(-) delete mode 100644 __tests__/test-plan.json create mode 100644 __tests__/test.tf diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 3e32f74..42cbe2e 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -17,9 +17,18 @@ jobs: test: # make sure the action works on a clean machine without building only on PRs if: ${{ github.event_name == 'pull_request' }} runs-on: ubuntu-latest + env: + tf_version: 0.12.27 steps: - uses: actions/checkout@v1 + - uses: hashicorp/setup-terraform@v1 + with: + terraform_version: ${{ env.tf_version }} + - run: terraform init + working-directory: __tests__ + - run: terraform plan -out test-plan.tfplan + working-directory: __tests__ - uses: ./ with: github_token: ${{ secrets.GITHUB_TOKEN }} - terraform_plan_json_file: __tests__/test-plan.json \ No newline at end of file + terraform_plan_json_file: __tests__/test-plan.tfplan \ No newline at end of file diff --git a/.gitignore b/.gitignore index c46a03a..cc63d61 100644 --- a/.gitignore +++ b/.gitignore @@ -99,4 +99,8 @@ __tests__/runner/* lib/**/* .idea -*.iml \ No newline at end of file +*.iml + +!__tests__/main.test.ts +!__tests__/test.tf +__tests__/ diff --git a/__tests__/test-plan.json b/__tests__/test-plan.json deleted file mode 100644 index fbb3cdc..0000000 --- a/__tests__/test-plan.json +++ /dev/null @@ -1,7689 +0,0 @@ -{ - "format_version": "0.1", - "terraform_version": "0.12.26", - "variables": { - "image_tag": { - "value": "new_timestamp" - } - }, - "planned_values": { - "outputs": { - "codedeploy_app_name": { - "sensitive": false, - "value": "fake_app-dev-codedeploy" - }, - "codedeploy_appspec_json_file": { - "sensitive": false, - "value": "/home/runner/work/fake_app/fake_app/terraform-iac/dev/app/appspec.json" - }, - "codedeploy_deployment_group_name": { - "sensitive": false, - "value": "fake_app-dev-deployment-group" - } - }, - "*******_module": { - "child_modules": [ - { - "resources": [ - { - "address": "module.app.aws_security_group_rule.db_access", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "db_access", - "provider_name": "aws", - "schema_version": 2, - "values": { - "cidr_blocks": [], - "description": "", - "from_port": 3306, - "id": "sgrule-012341234", - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "tcp", - "security_group_id": "sg-0fake1d", - "self": false, - "source_security_group_id": "sg-0fake1d", - "to_port": 3306, - "type": "ingress" - } - } - ], - "address": "module.app", - "child_modules": [ - { - "resources": [ - { - "address": "module.app.module.database.aws_db_instance.database", - "mode": "managed", - "type": "aws_db_instance", - "name": "database", - "provider_name": "aws", - "schema_version": 1, - "values": { - "address": "fake_app-dev-db.0fake1d.us-west-2.rds.amazonaws.com", - "allocated_storage": 32, - "allow_major_version_upgrade": null, - "apply_immediately": null, - "arn": "arn:aws:rds:us-west-2:***:db:fake_app-dev-db", - "auto_minor_version_upgrade": true, - "availability_zone": "us-west-2b", - "backup_retention_period": 7, - "backup_window": "07:01-07:31", - "ca_cert_identifier": "rds-ca-2019", - "character_set_name": null, - "copy_tags_to_snapshot": true, - "db_subnet_group_name": "oit-oregon-dev-db-subnet-group", - "delete_automated_backups": true, - "deletion_protection": true, - "domain": "", - "domain_iam_role_name": "", - "enabled_cloudwatch_logs_exports": [ - "error", - "general", - "slowquery" - ], - "endpoint": "fake_app-dev-db.0fake1d.us-west-2.rds.amazonaws.com:3306", - "engine": "mysql", - "engine_version": "8.0.11", - "final_snapshot_identifier": "fake_app-dev-db-final-snapshot", - "hosted_zone_id": "ZFAKE1D", - "iam_database_authentication_enabled": false, - "id": "fake_app-dev-db", - "identifier": "fake_app-dev-db", - "identifier_prefix": null, - "instance_class": "db.t2.small", - "iops": 0, - "kms_key_id": "arn:aws:kms:us-west-2:***:key/cfake1d", - "license_model": "general-public-license", - "maintenance_window": "thu:11:33-thu:12:03", - "max_allocated_storage": 0, - "monitoring_interval": 0, - "monitoring_role_arn": "", - "multi_az": false, - "name": "deleteme2dev", - "option_group_name": "default:mysql-8-0", - "parameter_group_name": "default.mysql8.0", - "password": "*******", - "performance_insights_enabled": false, - "performance_insights_kms_key_id": "", - "performance_insights_retention_period": 0, - "port": 3306, - "publicly_accessible": false, - "replicas": [], - "replicate_source_db": "", - "resource_id": "db-FAKE1D", - "s3_import": [], - "security_group_names": [], - "skip_final_snapshot": true, - "snapshot_identifier": null, - "status": "available", - "storage_encrypted": true, - "storage_type": "gp2", - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "timeouts": null, - "timezone": "", - "username": "*******", - "vpc_security_group_ids": [ - "sg-0fake1d" - ] - } - }, - { - "address": "module.app.module.database.aws_security_group.db_security_group", - "mode": "managed", - "type": "aws_security_group", - "name": "db_security_group", - "provider_name": "aws", - "schema_version": 1, - "values": { - "arn": "arn:aws:ec2:us-west-2:***:security-group/sg-0fake1d", - "description": "Security group for fake_app-dev-db RDS instance", - "egress": [], - "id": "sg-0fake1d", - "ingress": [ - { - "cidr_blocks": [], - "description": "", - "from_port": 3306, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "tcp", - "security_groups": [ - "sg-0fake1d" - ], - "self": false, - "to_port": 3306 - } - ], - "name": "fake_app-dev-db-db_sg", - "name_prefix": null, - "owner_id": "***", - "revoke_rules_on_delete": false, - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "timeouts": null, - "vpc_id": "vpc-0fake1d" - } - }, - { - "address": "module.app.module.database.aws_ssm_parameter.master_password", - "mode": "managed", - "type": "aws_ssm_parameter", - "name": "master_password", - "provider_name": "aws", - "schema_version": 0, - "values": { - "allowed_pattern": "", - "arn": "arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_password", - "description": "fake_app-dev-db Database master password", - "id": "/fake_app-dev-db/master_password", - "key_id": "alias/aws/ssm", - "name": "/fake_app-dev-db/master_password", - "overwrite": null, - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "tier": "Standard", - "type": "SecureString", - "value": "*******", - "version": 1 - } - }, - { - "address": "module.app.module.database.aws_ssm_parameter.master_username", - "mode": "managed", - "type": "aws_ssm_parameter", - "name": "master_username", - "provider_name": "aws", - "schema_version": 0, - "values": { - "allowed_pattern": "", - "arn": "arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_username", - "description": "fake_app-dev-db Database master username", - "id": "/fake_app-dev-db/master_username", - "key_id": "", - "name": "/fake_app-dev-db/master_username", - "overwrite": null, - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "tier": "Standard", - "type": "String", - "value": "*******", - "version": 1 - } - }, - { - "address": "module.app.module.database.random_password.default[0]", - "mode": "managed", - "type": "random_password", - "name": "default", - "index": 0, - "provider_name": "random", - "schema_version": 0, - "values": { - "id": "none", - "keepers": { - "recreate_password": "false" - }, - "length": 32, - "lower": true, - "min_lower": 0, - "min_numeric": 0, - "min_special": 0, - "min_upper": 0, - "number": true, - "override_special": null, - "result": "*******", - "special": false, - "upper": true - } - } - ], - "address": "module.app.module.database" - }, - { - "resources": [ - { - "address": "module.app.module.fargate.aws_alb.alb", - "mode": "managed", - "type": "aws_alb", - "name": "alb", - "provider_name": "aws", - "schema_version": 0, - "values": { - "access_logs": [ - { - "bucket": "", - "enabled": false, - "prefix": "" - } - ], - "arn": "arn:aws:elasticloadbalancing:us-west-2:***:loadbalancer/app/fake_app-dev-alb/fake1d", - "arn_suffix": "app/fake_app-dev-alb/fake1d", - "dns_name": "fake_app-dev-alb-1234567890.us-west-2.elb.amazonaws.com", - "drop_invalid_header_fields": false, - "enable_cross_zone_load_balancing": null, - "enable_deletion_protection": false, - "enable_http2": true, - "id": "arn:aws:elasticloadbalancing:us-west-2:***:loadbalancer/app/fake_app-dev-alb/fake1d", - "idle_timeout": 60, - "internal": false, - "ip_address_type": "ipv4", - "load_balancer_type": "application", - "name": "fake_app-dev-alb", - "name_prefix": null, - "security_groups": [ - "sg-0fake1d" - ], - "subnet_mapping": [ - { - "allocation_id": "", - "subnet_id": "subnet-0fake1d" - }, - { - "allocation_id": "", - "subnet_id": "subnet-0fake1d" - } - ], - "subnets": [ - "subnet-0fake1d", - "subnet-0fake1d" - ], - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "timeouts": null, - "vpc_id": "vpc-0fake1d", - "zone_id": "FAKE123" - } - }, - { - "address": "module.app.module.fargate.aws_alb_listener.http_to_https", - "mode": "managed", - "type": "aws_alb_listener", - "name": "http_to_https", - "provider_name": "aws", - "schema_version": 0, - "values": { - "arn": "arn:aws:elasticloadbalancing:us-west-2:***:listener/app/fake_app-dev-alb/fake1d/0fake1d", - "certificate_arn": null, - "default_action": [ - { - "authenticate_cognito": [], - "authenticate_oidc": [], - "fixed_response": [], - "forward": [], - "order": 1, - "redirect": [ - { - "host": "#{host}", - "path": "/#{path}", - "port": "443", - "protocol": "HTTPS", - "query": "#{query}", - "status_code": "HTTP_301" - } - ], - "target_group_arn": "", - "type": "redirect" - } - ], - "id": "arn:aws:elasticloadbalancing:us-west-2:***:listener/app/fake_app-dev-alb/fake1d/0fake1d", - "load_balancer_arn": "arn:aws:elasticloadbalancing:us-west-2:***:loadbalancer/app/fake_app-dev-alb/fake1d", - "port": 80, - "protocol": "HTTP", - "ssl_policy": "", - "timeouts": null - } - }, - { - "address": "module.app.module.fargate.aws_alb_listener.https", - "mode": "managed", - "type": "aws_alb_listener", - "name": "https", - "provider_name": "aws", - "schema_version": 0, - "values": { - "arn": "arn:aws:elasticloadbalancing:us-west-2:***:listener/app/fake_app-dev-alb/fake1d/0fake1d", - "certificate_arn": "arn:aws:acm:us-west-2:***:certificate/0fake1d", - "default_action": [ - { - "authenticate_cognito": [], - "authenticate_oidc": [], - "fixed_response": [], - "forward": [], - "order": 1, - "redirect": [], - "target_group_arn": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgb/0fake1d", - "type": "forward" - } - ], - "id": "arn:aws:elasticloadbalancing:us-west-2:***:listener/app/fake_app-dev-alb/fake1d/0fake1d", - "load_balancer_arn": "arn:aws:elasticloadbalancing:us-west-2:***:loadbalancer/app/fake_app-dev-alb/fake1d", - "port": 443, - "protocol": "HTTPS", - "ssl_policy": "ELBSecurityPolicy-2016-08", - "timeouts": null - } - }, - { - "address": "module.app.module.fargate.aws_alb_target_group.blue", - "mode": "managed", - "type": "aws_alb_target_group", - "name": "blue", - "provider_name": "aws", - "schema_version": 0, - "values": { - "arn": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgb/0fake1d", - "arn_suffix": "targetgroup/fake_app-dev-tgb/0fake1d", - "deregistration_delay": 60, - "health_check": [ - { - "enabled": true, - "healthy_threshold": 3, - "interval": 30, - "matcher": "200", - "path": "/health", - "port": "traffic-port", - "protocol": "HTTP", - "timeout": 5, - "unhealthy_threshold": 3 - } - ], - "id": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgb/0fake1d", - "lambda_multi_value_headers_enabled": false, - "load_balancing_algorithm_type": "least_outstanding_requests", - "name": "fake_app-dev-tgb", - "name_prefix": null, - "port": 8080, - "protocol": "HTTP", - "proxy_protocol_v2": false, - "slow_start": 0, - "stickiness": [ - { - "cookie_duration": 86400, - "enabled": false, - "type": "lb_cookie" - } - ], - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "target_type": "ip", - "vpc_id": "vpc-0fake1d" - } - }, - { - "address": "module.app.module.fargate.aws_alb_target_group.green", - "mode": "managed", - "type": "aws_alb_target_group", - "name": "green", - "provider_name": "aws", - "schema_version": 0, - "values": { - "arn": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgg/0fake1d", - "arn_suffix": "targetgroup/fake_app-dev-tgg/0fake1d", - "deregistration_delay": 60, - "health_check": [ - { - "enabled": true, - "healthy_threshold": 3, - "interval": 30, - "matcher": "200", - "path": "/health", - "port": "traffic-port", - "protocol": "HTTP", - "timeout": 5, - "unhealthy_threshold": 3 - } - ], - "id": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgg/0fake1d", - "lambda_multi_value_headers_enabled": false, - "load_balancing_algorithm_type": "least_outstanding_requests", - "name": "fake_app-dev-tgg", - "name_prefix": null, - "port": 8080, - "protocol": "HTTP", - "proxy_protocol_v2": false, - "slow_start": 0, - "stickiness": [ - { - "cookie_duration": 86400, - "enabled": false, - "type": "lb_cookie" - } - ], - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "target_type": "ip", - "vpc_id": "vpc-0fake1d" - } - }, - { - "address": "module.app.module.fargate.aws_cloudwatch_log_group.container_log_group", - "mode": "managed", - "type": "aws_cloudwatch_log_group", - "name": "container_log_group", - "provider_name": "aws", - "schema_version": 0, - "values": { - "arn": "arn:aws:logs:us-west-2:***:log-group:fargate/fake_app-dev:*", - "id": "fargate/fake_app-dev", - "kms_key_id": "", - "name": "fargate/fake_app-dev", - "name_prefix": null, - "retention_in_days": 7, - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - } - } - }, - { - "address": "module.app.module.fargate.aws_codedeploy_app.app", - "mode": "managed", - "type": "aws_codedeploy_app", - "name": "app", - "provider_name": "aws", - "schema_version": 0, - "values": { - "compute_platform": "ECS", - "id": "fake1d:fake_app-dev-codedeploy", - "name": "fake_app-dev-codedeploy", - "unique_id": null - } - }, - { - "address": "module.app.module.fargate.aws_codedeploy_deployment_group.deploymentgroup", - "mode": "managed", - "type": "aws_codedeploy_deployment_group", - "name": "deploymentgroup", - "provider_name": "aws", - "schema_version": 0, - "values": { - "alarm_configuration": [], - "app_name": "fake_app-dev-codedeploy", - "auto_rollback_configuration": [ - { - "enabled": true, - "events": [ - "DEPLOYMENT_FAILURE" - ] - } - ], - "autoscaling_groups": [], - "blue_green_deployment_config": [ - { - "deployment_ready_option": [ - { - "action_on_timeout": "CONTINUE_DEPLOYMENT", - "wait_time_in_minutes": 0 - } - ], - "green_fleet_provisioning_option": [], - "terminate_blue_instances_on_deployment_success": [ - { - "action": "TERMINATE", - "termination_wait_time_in_minutes": 1 - } - ] - } - ], - "deployment_config_name": "CodeDeployDefault.ECSAllAtOnce", - "deployment_group_name": "fake_app-dev-deployment-group", - "deployment_style": [ - { - "deployment_option": "WITH_TRAFFIC_CONTROL", - "deployment_type": "BLUE_GREEN" - } - ], - "ec2_tag_filter": [], - "ec2_tag_set": [], - "ecs_service": [ - { - "cluster_name": "fake_app-dev", - "service_name": "fake_app-dev" - } - ], - "id": "fake1d", - "load_balancer_info": [ - { - "elb_info": [], - "target_group_info": [], - "target_group_pair_info": [ - { - "prod_traffic_route": [ - { - "listener_arns": [ - "arn:aws:elasticloadbalancing:us-west-2:***:listener/app/fake_app-dev-alb/fake1d/0fake1d" - ] - } - ], - "target_group": [ - { - "name": "fake_app-dev-tgb" - }, - { - "name": "fake_app-dev-tgg" - } - ], - "test_traffic_route": [ - { - "listener_arns": null - } - ] - } - ] - } - ], - "on_premises_instance_tag_filter": [], - "service_role_arn": "arn:aws:iam::***:role/PowerBuilder", - "trigger_configuration": [] - } - }, - { - "address": "module.app.module.fargate.aws_ecs_cluster.cluster", - "mode": "managed", - "type": "aws_ecs_cluster", - "name": "cluster", - "provider_name": "aws", - "schema_version": 0, - "values": { - "arn": "arn:aws:ecs:us-west-2:***:cluster/fake_app-dev", - "capacity_providers": [], - "default_capacity_provider_strategy": [], - "id": "arn:aws:ecs:us-west-2:***:cluster/fake_app-dev", - "name": "fake_app-dev", - "setting": [ - { - "name": "containerInsights", - "value": "enabled" - } - ], - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - } - } - }, - { - "address": "module.app.module.fargate.aws_ecs_service.service", - "mode": "managed", - "type": "aws_ecs_service", - "name": "service", - "provider_name": "aws", - "schema_version": 0, - "values": { - "capacity_provider_strategy": [], - "cluster": "arn:aws:ecs:us-west-2:***:cluster/fake_app-dev", - "deployment_controller": [ - { - "type": "CODE_DEPLOY" - } - ], - "deployment_maximum_percent": 200, - "deployment_minimum_healthy_percent": 100, - "desired_count": 1, - "enable_ecs_managed_tags": false, - "force_new_deployment": null, - "health_check_grace_period_seconds": 0, - "iam_role": "aws-service-role", - "id": "arn:aws:ecs:us-west-2:***:service/fake_app-dev/fake_app-dev", - "launch_type": "FARGATE", - "load_balancer": [ - { - "container_name": "main", - "container_port": 8080, - "elb_name": "", - "target_group_arn": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgb/0fake1d" - } - ], - "name": "fake_app-dev", - "network_configuration": [ - { - "assign_public_ip": true, - "security_groups": [ - "sg-0fake1d" - ], - "subnets": [ - "subnet-0fake1d", - "subnet-0fake1d" - ] - } - ], - "ordered_placement_strategy": [], - "placement_constraints": [], - "placement_strategy": [], - "platform_version": "1.4.0", - "propagate_tags": "NONE", - "scheduling_strategy": "REPLICA", - "service_registries": [], - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "task_definition": "arn:aws:ecs:us-west-2:***:task-definition/fake_app-dev-def:5" - } - }, - { - "address": "module.app.module.fargate.aws_ecs_task_definition.task_def", - "mode": "managed", - "type": "aws_ecs_task_definition", - "name": "task_def", - "provider_name": "aws", - "schema_version": 1, - "values": { - "container_definitions": "[{\"environment\":[{\"name\":\"ENV\",\"value\":\"dev\"},{\"name\":\"db_url\",\"value\":\"jdbc:mysql://fake_app-dev-db.0fake1d.us-west-2.rds.amazonaws.com:3306/deleteme2dev\"}],\"essential\":true,\"image\":\"***.dkr.ecr.us-west-2.amazonaws.com/fake_app-dev:new_timestamp\",\"logConfiguration\":{\"logDriver\":\"awslogs\",\"options\":{\"awslogs-group\":\"fargate/fake_app-dev\",\"awslogs-region\":\"us-west-2\",\"awslogs-stream-prefix\":\"fake_app-dev\"}},\"mountPoints\":[],\"name\":\"main\",\"portMappings\":[{\"containerPort\":8080,\"hostPort\":8080,\"protocol\":\"tcp\"}],\"privileged\":false,\"secrets\":[{\"name\":\"db_password\",\"valueFrom\":\"arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_password\"},{\"name\":\"db_username\",\"valueFrom\":\"arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_username\"}],\"volumesFrom\":[]}]", - "cpu": "256", - "execution_role_arn": "arn:aws:iam::***:role/fake_app-dev-taskExecutionRole", - "family": "fake_app-dev-def", - "inference_accelerator": [], - "ipc_mode": null, - "memory": "512", - "network_mode": "awsvpc", - "pid_mode": null, - "placement_constraints": [], - "proxy_configuration": [], - "requires_compatibilities": [ - "FARGATE" - ], - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "task_role_arn": "arn:aws:iam::***:role/fake_app-dev-taskRole", - "volume": [] - } - }, - { - "address": "module.app.module.fargate.aws_iam_policy.secrets_access[0]", - "mode": "managed", - "type": "aws_iam_policy", - "name": "secrets_access", - "index": 0, - "provider_name": "aws", - "schema_version": 0, - "values": { - "arn": "arn:aws:iam::***:policy/fake_app-dev_secrets_access", - "description": "", - "id": "arn:aws:iam::***:policy/fake_app-dev_secrets_access", - "name": "fake_app-dev_secrets_access", - "name_prefix": null, - "path": "/", - "policy": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ssm:GetParemetersByPath\",\n \"ssm:GetParameters\",\n \"ssm:GetParameter\"\n ],\n \"Resource\": [\n \"arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_username\",\n \"arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_password\"\n ]\n }\n ]\n}" - } - }, - { - "address": "module.app.module.fargate.aws_iam_role.task_execution_role", - "mode": "managed", - "type": "aws_iam_role", - "name": "task_execution_role", - "provider_name": "aws", - "schema_version": 0, - "values": { - "arn": "arn:aws:iam::***:role/fake_app-dev-taskExecutionRole", - "assume_role_policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"ecs-tasks.amazonaws.com\"},\"Action\":\"sts:AssumeRole\"}]}", - "create_date": "2020-06-17T14:59:29Z", - "description": "", - "force_detach_policies": false, - "id": "fake_app-dev-taskExecutionRole", - "max_session_duration": 3600, - "name": "fake_app-dev-taskExecutionRole", - "name_prefix": null, - "path": "/", - "permissions_boundary": "arn:aws:iam::***:policy/iamRolePermissionBoundary", - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "unique_id": "FAKE" - } - }, - { - "address": "module.app.module.fargate.aws_iam_role.task_role", - "mode": "managed", - "type": "aws_iam_role", - "name": "task_role", - "provider_name": "aws", - "schema_version": 0, - "values": { - "arn": "arn:aws:iam::***:role/fake_app-dev-taskRole", - "assume_role_policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"ecs-tasks.amazonaws.com\"},\"Action\":\"sts:AssumeRole\"}]}", - "create_date": "2020-06-17T14:59:29Z", - "description": "", - "force_detach_policies": false, - "id": "fake_app-dev-taskRole", - "max_session_duration": 3600, - "name": "fake_app-dev-taskRole", - "name_prefix": null, - "path": "/", - "permissions_boundary": "arn:aws:iam::***:policy/iamRolePermissionBoundary", - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "unique_id": "FAKE1D" - } - }, - { - "address": "module.app.module.fargate.aws_iam_role_policy_attachment.secret_task_policy_attach[0]", - "mode": "managed", - "type": "aws_iam_role_policy_attachment", - "name": "secret_task_policy_attach", - "index": 0, - "provider_name": "aws", - "schema_version": 0, - "values": { - "id": "fake_app-dev-taskRole-0FAKE1D", - "policy_arn": "arn:aws:iam::***:policy/fake_app-dev_secrets_access", - "role": "fake_app-dev-taskRole" - } - }, - { - "address": "module.app.module.fargate.aws_iam_role_policy_attachment.secrets_policy_attach[0]", - "mode": "managed", - "type": "aws_iam_role_policy_attachment", - "name": "secrets_policy_attach", - "index": 0, - "provider_name": "aws", - "schema_version": 0, - "values": { - "id": "fake_app-dev-taskExecutionRole-0FAKE1D", - "policy_arn": "arn:aws:iam::***:policy/fake_app-dev_secrets_access", - "role": "fake_app-dev-taskExecutionRole" - } - }, - { - "address": "module.app.module.fargate.aws_iam_role_policy_attachment.task_execution_policy_attach", - "mode": "managed", - "type": "aws_iam_role_policy_attachment", - "name": "task_execution_policy_attach", - "provider_name": "aws", - "schema_version": 0, - "values": { - "id": "fake_app-dev-taskExecutionRole-0FAKE1D", - "policy_arn": "arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy", - "role": "fake_app-dev-taskExecutionRole" - } - }, - { - "address": "module.app.module.fargate.aws_route53_record.a_record", - "mode": "managed", - "type": "aws_route53_record", - "name": "a_record", - "provider_name": "aws", - "schema_version": 2, - "values": { - "alias": [ - { - "evaluate_target_health": true, - "name": "fake_app-dev-alb-1234567890.us-west-2.elb.amazonaws.com", - "zone_id": "FAKE123" - } - ], - "allow_overwrite": null, - "failover_routing_policy": [], - "fqdn": "fake_app-dev.fake_domain.amazon.byu.edu", - "geolocation_routing_policy": [], - "health_check_id": "", - "id": "Z0FAKE1D_fake_app-dev.fake_domain.amazon.byu.edu._A", - "latency_routing_policy": [], - "multivalue_answer_routing_policy": null, - "name": "fake_app-dev.fake_domain.amazon.byu.edu", - "records": [], - "set_identifier": "", - "ttl": 0, - "type": "A", - "weighted_routing_policy": [], - "zone_id": "Z0FAKE1D" - } - }, - { - "address": "module.app.module.fargate.aws_route53_record.aaaa_record", - "mode": "managed", - "type": "aws_route53_record", - "name": "aaaa_record", - "provider_name": "aws", - "schema_version": 2, - "values": { - "alias": [ - { - "evaluate_target_health": true, - "name": "fake_app-dev-alb-1234567890.us-west-2.elb.amazonaws.com", - "zone_id": "FAKE123" - } - ], - "allow_overwrite": null, - "failover_routing_policy": [], - "fqdn": "fake_app-dev.fake_domain.amazon.byu.edu", - "geolocation_routing_policy": [], - "health_check_id": "", - "id": "Z0FAKE1D_fake_app-dev.fake_domain.amazon.byu.edu._AAAA", - "latency_routing_policy": [], - "multivalue_answer_routing_policy": null, - "name": "fake_app-dev.fake_domain.amazon.byu.edu", - "records": [], - "set_identifier": "", - "ttl": 0, - "type": "AAAA", - "weighted_routing_policy": [], - "zone_id": "Z0FAKE1D" - } - }, - { - "address": "module.app.module.fargate.aws_security_group.alb-sg", - "mode": "managed", - "type": "aws_security_group", - "name": "alb-sg", - "provider_name": "aws", - "schema_version": 1, - "values": { - "arn": "arn:aws:ec2:us-west-2:***:security-group/sg-0fake1d", - "description": "Controls access to the fake_app-dev-alb", - "egress": [ - { - "cidr_blocks": [ - "0.0.0.0/0" - ], - "description": "", - "from_port": 0, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "-1", - "security_groups": [], - "self": false, - "to_port": 0 - } - ], - "id": "sg-0fake1d", - "ingress": [ - { - "cidr_blocks": [ - "0.0.0.0/0" - ], - "description": "", - "from_port": 443, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "tcp", - "security_groups": [], - "self": false, - "to_port": 443 - }, - { - "cidr_blocks": [ - "0.0.0.0/0" - ], - "description": "", - "from_port": 80, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "tcp", - "security_groups": [], - "self": false, - "to_port": 80 - } - ], - "name": "fake_app-dev-alb-sg", - "name_prefix": null, - "owner_id": "***", - "revoke_rules_on_delete": false, - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "timeouts": null, - "vpc_id": "vpc-0fake1d" - } - }, - { - "address": "module.app.module.fargate.aws_security_group.fargate_service_sg", - "mode": "managed", - "type": "aws_security_group", - "name": "fargate_service_sg", - "provider_name": "aws", - "schema_version": 1, - "values": { - "arn": "arn:aws:ec2:us-west-2:***:security-group/sg-0fake1d", - "description": "Controls access to the Fargate Service", - "egress": [ - { - "cidr_blocks": [ - "0.0.0.0/0" - ], - "description": "", - "from_port": 0, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "-1", - "security_groups": [], - "self": false, - "to_port": 0 - } - ], - "id": "sg-0fake1d", - "ingress": [ - { - "cidr_blocks": [], - "description": "", - "from_port": 0, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "tcp", - "security_groups": [ - "sg-0fake1d" - ], - "self": false, - "to_port": 65535 - } - ], - "name": "fake_app-dev-fargate-sg", - "name_prefix": null, - "owner_id": "***", - "revoke_rules_on_delete": false, - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "timeouts": null, - "vpc_id": "vpc-0fake1d" - } - }, - { - "address": "module.app.module.fargate.local_file.appspec_json", - "mode": "managed", - "type": "local_file", - "name": "appspec_json", - "provider_name": "local", - "schema_version": 0, - "values": { - "content_base64": null, - "directory_permission": "0777", - "file_permission": "0777", - "filename": "/home/runner/work/fake_app/fake_app/terraform-iac/dev/app/appspec.json", - "sensitive_content": null - } - } - ], - "address": "module.app.module.fargate" - } - ] - } - ] - } - }, - "resource_changes": [ - { - "address": "module.app.aws_security_group_rule.db_access", - "module_address": "module.app", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "db_access", - "provider_name": "aws", - "change": { - "actions": [ - "no-op" - ], - "before": { - "cidr_blocks": [], - "description": "", - "from_port": 3306, - "id": "sgrule-012341234", - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "tcp", - "security_group_id": "sg-0fake1d", - "self": false, - "source_security_group_id": "sg-0fake1d", - "to_port": 3306, - "type": "ingress" - }, - "after": { - "cidr_blocks": [], - "description": "", - "from_port": 3306, - "id": "sgrule-012341234", - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "tcp", - "security_group_id": "sg-0fake1d", - "self": false, - "source_security_group_id": "sg-0fake1d", - "to_port": 3306, - "type": "ingress" - }, - "after_unknown": {} - } - }, - { - "address": "module.app.module.database.aws_db_instance.database", - "module_address": "module.app.module.database", - "mode": "managed", - "type": "aws_db_instance", - "name": "database", - "provider_name": "aws", - "change": { - "actions": [ - "no-op" - ], - "before": { - "address": "fake_app-dev-db.0fake1d.us-west-2.rds.amazonaws.com", - "allocated_storage": 32, - "allow_major_version_upgrade": null, - "apply_immediately": null, - "arn": "arn:aws:rds:us-west-2:***:db:fake_app-dev-db", - "auto_minor_version_upgrade": true, - "availability_zone": "us-west-2b", - "backup_retention_period": 7, - "backup_window": "07:01-07:31", - "ca_cert_identifier": "rds-ca-2019", - "character_set_name": null, - "copy_tags_to_snapshot": true, - "db_subnet_group_name": "oit-oregon-dev-db-subnet-group", - "delete_automated_backups": true, - "deletion_protection": true, - "domain": "", - "domain_iam_role_name": "", - "enabled_cloudwatch_logs_exports": [ - "error", - "general", - "slowquery" - ], - "endpoint": "fake_app-dev-db.0fake1d.us-west-2.rds.amazonaws.com:3306", - "engine": "mysql", - "engine_version": "8.0.11", - "final_snapshot_identifier": "fake_app-dev-db-final-snapshot", - "hosted_zone_id": "ZFAKE1D", - "iam_database_authentication_enabled": false, - "id": "fake_app-dev-db", - "identifier": "fake_app-dev-db", - "identifier_prefix": null, - "instance_class": "db.t2.small", - "iops": 0, - "kms_key_id": "arn:aws:kms:us-west-2:***:key/cfake1d", - "license_model": "general-public-license", - "maintenance_window": "thu:11:33-thu:12:03", - "max_allocated_storage": 0, - "monitoring_interval": 0, - "monitoring_role_arn": "", - "multi_az": false, - "name": "deleteme2dev", - "option_group_name": "default:mysql-8-0", - "parameter_group_name": "default.mysql8.0", - "password": "*******", - "performance_insights_enabled": false, - "performance_insights_kms_key_id": "", - "performance_insights_retention_period": 0, - "port": 3306, - "publicly_accessible": false, - "replicas": [], - "replicate_source_db": "", - "resource_id": "db-FAKE1D", - "s3_import": [], - "security_group_names": [], - "skip_final_snapshot": true, - "snapshot_identifier": null, - "status": "available", - "storage_encrypted": true, - "storage_type": "gp2", - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "timeouts": null, - "timezone": "", - "username": "*******", - "vpc_security_group_ids": [ - "sg-0fake1d" - ] - }, - "after": { - "address": "fake_app-dev-db.0fake1d.us-west-2.rds.amazonaws.com", - "allocated_storage": 32, - "allow_major_version_upgrade": null, - "apply_immediately": null, - "arn": "arn:aws:rds:us-west-2:***:db:fake_app-dev-db", - "auto_minor_version_upgrade": true, - "availability_zone": "us-west-2b", - "backup_retention_period": 7, - "backup_window": "07:01-07:31", - "ca_cert_identifier": "rds-ca-2019", - "character_set_name": null, - "copy_tags_to_snapshot": true, - "db_subnet_group_name": "oit-oregon-dev-db-subnet-group", - "delete_automated_backups": true, - "deletion_protection": true, - "domain": "", - "domain_iam_role_name": "", - "enabled_cloudwatch_logs_exports": [ - "error", - "general", - "slowquery" - ], - "endpoint": "fake_app-dev-db.0fake1d.us-west-2.rds.amazonaws.com:3306", - "engine": "mysql", - "engine_version": "8.0.11", - "final_snapshot_identifier": "fake_app-dev-db-final-snapshot", - "hosted_zone_id": "ZFAKE1D", - "iam_database_authentication_enabled": false, - "id": "fake_app-dev-db", - "identifier": "fake_app-dev-db", - "identifier_prefix": null, - "instance_class": "db.t2.small", - "iops": 0, - "kms_key_id": "arn:aws:kms:us-west-2:***:key/cfake1d", - "license_model": "general-public-license", - "maintenance_window": "thu:11:33-thu:12:03", - "max_allocated_storage": 0, - "monitoring_interval": 0, - "monitoring_role_arn": "", - "multi_az": false, - "name": "deleteme2dev", - "option_group_name": "default:mysql-8-0", - "parameter_group_name": "default.mysql8.0", - "password": "*******", - "performance_insights_enabled": false, - "performance_insights_kms_key_id": "", - "performance_insights_retention_period": 0, - "port": 3306, - "publicly_accessible": false, - "replicas": [], - "replicate_source_db": "", - "resource_id": "db-FAKE1D", - "s3_import": [], - "security_group_names": [], - "skip_final_snapshot": true, - "snapshot_identifier": null, - "status": "available", - "storage_encrypted": true, - "storage_type": "gp2", - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "timeouts": null, - "timezone": "", - "username": "*******", - "vpc_security_group_ids": [ - "sg-0fake1d" - ] - }, - "after_unknown": {} - } - }, - { - "address": "module.app.module.database.aws_security_group.db_security_group", - "module_address": "module.app.module.database", - "mode": "managed", - "type": "aws_security_group", - "name": "db_security_group", - "provider_name": "aws", - "change": { - "actions": [ - "no-op" - ], - "before": { - "arn": "arn:aws:ec2:us-west-2:***:security-group/sg-0fake1d", - "description": "Security group for fake_app-dev-db RDS instance", - "egress": [], - "id": "sg-0fake1d", - "ingress": [ - { - "cidr_blocks": [], - "description": "", - "from_port": 3306, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "tcp", - "security_groups": [ - "sg-0fake1d" - ], - "self": false, - "to_port": 3306 - } - ], - "name": "fake_app-dev-db-db_sg", - "name_prefix": null, - "owner_id": "***", - "revoke_rules_on_delete": false, - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "timeouts": null, - "vpc_id": "vpc-0fake1d" - }, - "after": { - "arn": "arn:aws:ec2:us-west-2:***:security-group/sg-0fake1d", - "description": "Security group for fake_app-dev-db RDS instance", - "egress": [], - "id": "sg-0fake1d", - "ingress": [ - { - "cidr_blocks": [], - "description": "", - "from_port": 3306, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "tcp", - "security_groups": [ - "sg-0fake1d" - ], - "self": false, - "to_port": 3306 - } - ], - "name": "fake_app-dev-db-db_sg", - "name_prefix": null, - "owner_id": "***", - "revoke_rules_on_delete": false, - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "timeouts": null, - "vpc_id": "vpc-0fake1d" - }, - "after_unknown": {} - } - }, - { - "address": "module.app.module.database.aws_ssm_parameter.master_password", - "module_address": "module.app.module.database", - "mode": "managed", - "type": "aws_ssm_parameter", - "name": "master_password", - "provider_name": "aws", - "change": { - "actions": [ - "no-op" - ], - "before": { - "allowed_pattern": "", - "arn": "arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_password", - "description": "fake_app-dev-db Database master password", - "id": "/fake_app-dev-db/master_password", - "key_id": "alias/aws/ssm", - "name": "/fake_app-dev-db/master_password", - "overwrite": null, - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "tier": "Standard", - "type": "SecureString", - "value": "*******", - "version": 1 - }, - "after": { - "allowed_pattern": "", - "arn": "arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_password", - "description": "fake_app-dev-db Database master password", - "id": "/fake_app-dev-db/master_password", - "key_id": "alias/aws/ssm", - "name": "/fake_app-dev-db/master_password", - "overwrite": null, - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "tier": "Standard", - "type": "SecureString", - "value": "*******", - "version": 1 - }, - "after_unknown": {} - } - }, - { - "address": "module.app.module.database.aws_ssm_parameter.master_username", - "module_address": "module.app.module.database", - "mode": "managed", - "type": "aws_ssm_parameter", - "name": "master_username", - "provider_name": "aws", - "change": { - "actions": [ - "no-op" - ], - "before": { - "allowed_pattern": "", - "arn": "arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_username", - "description": "fake_app-dev-db Database master username", - "id": "/fake_app-dev-db/master_username", - "key_id": "", - "name": "/fake_app-dev-db/master_username", - "overwrite": null, - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "tier": "Standard", - "type": "String", - "value": "*******", - "version": 1 - }, - "after": { - "allowed_pattern": "", - "arn": "arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_username", - "description": "fake_app-dev-db Database master username", - "id": "/fake_app-dev-db/master_username", - "key_id": "", - "name": "/fake_app-dev-db/master_username", - "overwrite": null, - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "tier": "Standard", - "type": "String", - "value": "*******", - "version": 1 - }, - "after_unknown": {} - } - }, - { - "address": "module.app.module.database.random_password.default[0]", - "module_address": "module.app.module.database", - "mode": "managed", - "type": "random_password", - "name": "default", - "index": 0, - "provider_name": "random", - "change": { - "actions": [ - "no-op" - ], - "before": { - "id": "none", - "keepers": { - "recreate_password": "false" - }, - "length": 32, - "lower": true, - "min_lower": 0, - "min_numeric": 0, - "min_special": 0, - "min_upper": 0, - "number": true, - "override_special": null, - "result": "*******", - "special": false, - "upper": true - }, - "after": { - "id": "none", - "keepers": { - "recreate_password": "false" - }, - "length": 32, - "lower": true, - "min_lower": 0, - "min_numeric": 0, - "min_special": 0, - "min_upper": 0, - "number": true, - "override_special": null, - "result": "*******", - "special": false, - "upper": true - }, - "after_unknown": {} - } - }, - { - "address": "module.app.module.fargate.aws_alb.alb", - "module_address": "module.app.module.fargate", - "mode": "managed", - "type": "aws_alb", - "name": "alb", - "provider_name": "aws", - "change": { - "actions": [ - "no-op" - ], - "before": { - "access_logs": [ - { - "bucket": "", - "enabled": false, - "prefix": "" - } - ], - "arn": "arn:aws:elasticloadbalancing:us-west-2:***:loadbalancer/app/fake_app-dev-alb/fake1d", - "arn_suffix": "app/fake_app-dev-alb/fake1d", - "dns_name": "fake_app-dev-alb-1234567890.us-west-2.elb.amazonaws.com", - "drop_invalid_header_fields": false, - "enable_cross_zone_load_balancing": null, - "enable_deletion_protection": false, - "enable_http2": true, - "id": "arn:aws:elasticloadbalancing:us-west-2:***:loadbalancer/app/fake_app-dev-alb/fake1d", - "idle_timeout": 60, - "internal": false, - "ip_address_type": "ipv4", - "load_balancer_type": "application", - "name": "fake_app-dev-alb", - "name_prefix": null, - "security_groups": [ - "sg-0fake1d" - ], - "subnet_mapping": [ - { - "allocation_id": "", - "subnet_id": "subnet-0fake1d" - }, - { - "allocation_id": "", - "subnet_id": "subnet-0fake1d" - } - ], - "subnets": [ - "subnet-0fake1d", - "subnet-0fake1d" - ], - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "timeouts": null, - "vpc_id": "vpc-0fake1d", - "zone_id": "FAKE123" - }, - "after": { - "access_logs": [ - { - "bucket": "", - "enabled": false, - "prefix": "" - } - ], - "arn": "arn:aws:elasticloadbalancing:us-west-2:***:loadbalancer/app/fake_app-dev-alb/fake1d", - "arn_suffix": "app/fake_app-dev-alb/fake1d", - "dns_name": "fake_app-dev-alb-1234567890.us-west-2.elb.amazonaws.com", - "drop_invalid_header_fields": false, - "enable_cross_zone_load_balancing": null, - "enable_deletion_protection": false, - "enable_http2": true, - "id": "arn:aws:elasticloadbalancing:us-west-2:***:loadbalancer/app/fake_app-dev-alb/fake1d", - "idle_timeout": 60, - "internal": false, - "ip_address_type": "ipv4", - "load_balancer_type": "application", - "name": "fake_app-dev-alb", - "name_prefix": null, - "security_groups": [ - "sg-0fake1d" - ], - "subnet_mapping": [ - { - "allocation_id": "", - "subnet_id": "subnet-0fake1d" - }, - { - "allocation_id": "", - "subnet_id": "subnet-0fake1d" - } - ], - "subnets": [ - "subnet-0fake1d", - "subnet-0fake1d" - ], - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "timeouts": null, - "vpc_id": "vpc-0fake1d", - "zone_id": "FAKE123" - }, - "after_unknown": {} - } - }, - { - "address": "module.app.module.fargate.aws_alb_listener.http_to_https", - "module_address": "module.app.module.fargate", - "mode": "managed", - "type": "aws_alb_listener", - "name": "http_to_https", - "provider_name": "aws", - "change": { - "actions": [ - "no-op" - ], - "before": { - "arn": "arn:aws:elasticloadbalancing:us-west-2:***:listener/app/fake_app-dev-alb/fake1d/0fake1d", - "certificate_arn": null, - "default_action": [ - { - "authenticate_cognito": [], - "authenticate_oidc": [], - "fixed_response": [], - "forward": [], - "order": 1, - "redirect": [ - { - "host": "#{host}", - "path": "/#{path}", - "port": "443", - "protocol": "HTTPS", - "query": "#{query}", - "status_code": "HTTP_301" - } - ], - "target_group_arn": "", - "type": "redirect" - } - ], - "id": "arn:aws:elasticloadbalancing:us-west-2:***:listener/app/fake_app-dev-alb/fake1d/0fake1d", - "load_balancer_arn": "arn:aws:elasticloadbalancing:us-west-2:***:loadbalancer/app/fake_app-dev-alb/fake1d", - "port": 80, - "protocol": "HTTP", - "ssl_policy": "", - "timeouts": null - }, - "after": { - "arn": "arn:aws:elasticloadbalancing:us-west-2:***:listener/app/fake_app-dev-alb/fake1d/0fake1d", - "certificate_arn": null, - "default_action": [ - { - "authenticate_cognito": [], - "authenticate_oidc": [], - "fixed_response": [], - "forward": [], - "order": 1, - "redirect": [ - { - "host": "#{host}", - "path": "/#{path}", - "port": "443", - "protocol": "HTTPS", - "query": "#{query}", - "status_code": "HTTP_301" - } - ], - "target_group_arn": "", - "type": "redirect" - } - ], - "id": "arn:aws:elasticloadbalancing:us-west-2:***:listener/app/fake_app-dev-alb/fake1d/0fake1d", - "load_balancer_arn": "arn:aws:elasticloadbalancing:us-west-2:***:loadbalancer/app/fake_app-dev-alb/fake1d", - "port": 80, - "protocol": "HTTP", - "ssl_policy": "", - "timeouts": null - }, - "after_unknown": {} - } - }, - { - "address": "module.app.module.fargate.aws_alb_listener.https", - "module_address": "module.app.module.fargate", - "mode": "managed", - "type": "aws_alb_listener", - "name": "https", - "provider_name": "aws", - "change": { - "actions": [ - "no-op" - ], - "before": { - "arn": "arn:aws:elasticloadbalancing:us-west-2:***:listener/app/fake_app-dev-alb/fake1d/0fake1d", - "certificate_arn": "arn:aws:acm:us-west-2:***:certificate/0fake1d", - "default_action": [ - { - "authenticate_cognito": [], - "authenticate_oidc": [], - "fixed_response": [], - "forward": [], - "order": 1, - "redirect": [], - "target_group_arn": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgb/0fake1d", - "type": "forward" - } - ], - "id": "arn:aws:elasticloadbalancing:us-west-2:***:listener/app/fake_app-dev-alb/fake1d/0fake1d", - "load_balancer_arn": "arn:aws:elasticloadbalancing:us-west-2:***:loadbalancer/app/fake_app-dev-alb/fake1d", - "port": 443, - "protocol": "HTTPS", - "ssl_policy": "ELBSecurityPolicy-2016-08", - "timeouts": null - }, - "after": { - "arn": "arn:aws:elasticloadbalancing:us-west-2:***:listener/app/fake_app-dev-alb/fake1d/0fake1d", - "certificate_arn": "arn:aws:acm:us-west-2:***:certificate/0fake1d", - "default_action": [ - { - "authenticate_cognito": [], - "authenticate_oidc": [], - "fixed_response": [], - "forward": [], - "order": 1, - "redirect": [], - "target_group_arn": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgb/0fake1d", - "type": "forward" - } - ], - "id": "arn:aws:elasticloadbalancing:us-west-2:***:listener/app/fake_app-dev-alb/fake1d/0fake1d", - "load_balancer_arn": "arn:aws:elasticloadbalancing:us-west-2:***:loadbalancer/app/fake_app-dev-alb/fake1d", - "port": 443, - "protocol": "HTTPS", - "ssl_policy": "ELBSecurityPolicy-2016-08", - "timeouts": null - }, - "after_unknown": {} - } - }, - { - "address": "module.app.module.fargate.aws_alb_target_group.blue", - "module_address": "module.app.module.fargate", - "mode": "managed", - "type": "aws_alb_target_group", - "name": "blue", - "provider_name": "aws", - "change": { - "actions": [ - "no-op" - ], - "before": { - "arn": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgb/0fake1d", - "arn_suffix": "targetgroup/fake_app-dev-tgb/0fake1d", - "deregistration_delay": 60, - "health_check": [ - { - "enabled": true, - "healthy_threshold": 3, - "interval": 30, - "matcher": "200", - "path": "/health", - "port": "traffic-port", - "protocol": "HTTP", - "timeout": 5, - "unhealthy_threshold": 3 - } - ], - "id": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgb/0fake1d", - "lambda_multi_value_headers_enabled": false, - "load_balancing_algorithm_type": "least_outstanding_requests", - "name": "fake_app-dev-tgb", - "name_prefix": null, - "port": 8080, - "protocol": "HTTP", - "proxy_protocol_v2": false, - "slow_start": 0, - "stickiness": [ - { - "cookie_duration": 86400, - "enabled": false, - "type": "lb_cookie" - } - ], - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "target_type": "ip", - "vpc_id": "vpc-0fake1d" - }, - "after": { - "arn": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgb/0fake1d", - "arn_suffix": "targetgroup/fake_app-dev-tgb/0fake1d", - "deregistration_delay": 60, - "health_check": [ - { - "enabled": true, - "healthy_threshold": 3, - "interval": 30, - "matcher": "200", - "path": "/health", - "port": "traffic-port", - "protocol": "HTTP", - "timeout": 5, - "unhealthy_threshold": 3 - } - ], - "id": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgb/0fake1d", - "lambda_multi_value_headers_enabled": false, - "load_balancing_algorithm_type": "least_outstanding_requests", - "name": "fake_app-dev-tgb", - "name_prefix": null, - "port": 8080, - "protocol": "HTTP", - "proxy_protocol_v2": false, - "slow_start": 0, - "stickiness": [ - { - "cookie_duration": 86400, - "enabled": false, - "type": "lb_cookie" - } - ], - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "target_type": "ip", - "vpc_id": "vpc-0fake1d" - }, - "after_unknown": {} - } - }, - { - "address": "module.app.module.fargate.aws_alb_target_group.green", - "module_address": "module.app.module.fargate", - "mode": "managed", - "type": "aws_alb_target_group", - "name": "green", - "provider_name": "aws", - "change": { - "actions": [ - "no-op" - ], - "before": { - "arn": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgg/0fake1d", - "arn_suffix": "targetgroup/fake_app-dev-tgg/0fake1d", - "deregistration_delay": 60, - "health_check": [ - { - "enabled": true, - "healthy_threshold": 3, - "interval": 30, - "matcher": "200", - "path": "/health", - "port": "traffic-port", - "protocol": "HTTP", - "timeout": 5, - "unhealthy_threshold": 3 - } - ], - "id": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgg/0fake1d", - "lambda_multi_value_headers_enabled": false, - "load_balancing_algorithm_type": "least_outstanding_requests", - "name": "fake_app-dev-tgg", - "name_prefix": null, - "port": 8080, - "protocol": "HTTP", - "proxy_protocol_v2": false, - "slow_start": 0, - "stickiness": [ - { - "cookie_duration": 86400, - "enabled": false, - "type": "lb_cookie" - } - ], - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "target_type": "ip", - "vpc_id": "vpc-0fake1d" - }, - "after": { - "arn": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgg/0fake1d", - "arn_suffix": "targetgroup/fake_app-dev-tgg/0fake1d", - "deregistration_delay": 60, - "health_check": [ - { - "enabled": true, - "healthy_threshold": 3, - "interval": 30, - "matcher": "200", - "path": "/health", - "port": "traffic-port", - "protocol": "HTTP", - "timeout": 5, - "unhealthy_threshold": 3 - } - ], - "id": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgg/0fake1d", - "lambda_multi_value_headers_enabled": false, - "load_balancing_algorithm_type": "least_outstanding_requests", - "name": "fake_app-dev-tgg", - "name_prefix": null, - "port": 8080, - "protocol": "HTTP", - "proxy_protocol_v2": false, - "slow_start": 0, - "stickiness": [ - { - "cookie_duration": 86400, - "enabled": false, - "type": "lb_cookie" - } - ], - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "target_type": "ip", - "vpc_id": "vpc-0fake1d" - }, - "after_unknown": {} - } - }, - { - "address": "module.app.module.fargate.aws_cloudwatch_log_group.container_log_group", - "module_address": "module.app.module.fargate", - "mode": "managed", - "type": "aws_cloudwatch_log_group", - "name": "container_log_group", - "provider_name": "aws", - "change": { - "actions": [ - "no-op" - ], - "before": { - "arn": "arn:aws:logs:us-west-2:***:log-group:fargate/fake_app-dev:*", - "id": "fargate/fake_app-dev", - "kms_key_id": "", - "name": "fargate/fake_app-dev", - "name_prefix": null, - "retention_in_days": 7, - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - } - }, - "after": { - "arn": "arn:aws:logs:us-west-2:***:log-group:fargate/fake_app-dev:*", - "id": "fargate/fake_app-dev", - "kms_key_id": "", - "name": "fargate/fake_app-dev", - "name_prefix": null, - "retention_in_days": 7, - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - } - }, - "after_unknown": {} - } - }, - { - "address": "module.app.module.fargate.aws_codedeploy_app.app", - "module_address": "module.app.module.fargate", - "mode": "managed", - "type": "aws_codedeploy_app", - "name": "app", - "provider_name": "aws", - "change": { - "actions": [ - "no-op" - ], - "before": { - "compute_platform": "ECS", - "id": "fake1d:fake_app-dev-codedeploy", - "name": "fake_app-dev-codedeploy", - "unique_id": null - }, - "after": { - "compute_platform": "ECS", - "id": "fake1d:fake_app-dev-codedeploy", - "name": "fake_app-dev-codedeploy", - "unique_id": null - }, - "after_unknown": {} - } - }, - { - "address": "module.app.module.fargate.aws_codedeploy_deployment_group.deploymentgroup", - "module_address": "module.app.module.fargate", - "mode": "managed", - "type": "aws_codedeploy_deployment_group", - "name": "deploymentgroup", - "provider_name": "aws", - "change": { - "actions": [ - "update" - ], - "before": { - "alarm_configuration": [], - "app_name": "fake_app-dev-codedeploy", - "auto_rollback_configuration": [ - { - "enabled": true, - "events": [ - "DEPLOYMENT_FAILURE" - ] - } - ], - "autoscaling_groups": [], - "blue_green_deployment_config": [ - { - "deployment_ready_option": [ - { - "action_on_timeout": "CONTINUE_DEPLOYMENT", - "wait_time_in_minutes": 0 - } - ], - "green_fleet_provisioning_option": [], - "terminate_blue_instances_on_deployment_success": [ - { - "action": "TERMINATE", - "termination_wait_time_in_minutes": 1 - } - ] - } - ], - "deployment_config_name": "CodeDeployDefault.ECSAllAtOnce", - "deployment_group_name": "fake_app-dev-deployment-group", - "deployment_style": [ - { - "deployment_option": "WITH_TRAFFIC_CONTROL", - "deployment_type": "BLUE_GREEN" - } - ], - "ec2_tag_filter": [], - "ec2_tag_set": [], - "ecs_service": [ - { - "cluster_name": "fake_app-dev", - "service_name": "fake_app-dev" - } - ], - "id": "fake1d", - "load_balancer_info": [ - { - "elb_info": [], - "target_group_info": [], - "target_group_pair_info": [ - { - "prod_traffic_route": [ - { - "listener_arns": [ - "arn:aws:elasticloadbalancing:us-west-2:***:listener/app/fake_app-dev-alb/fake1d/0fake1d" - ] - } - ], - "target_group": [ - { - "name": "fake_app-dev-tgb" - }, - { - "name": "fake_app-dev-tgg" - } - ], - "test_traffic_route": [] - } - ] - } - ], - "on_premises_instance_tag_filter": [], - "service_role_arn": "arn:aws:iam::***:role/PowerBuilder", - "trigger_configuration": [] - }, - "after": { - "alarm_configuration": [], - "app_name": "fake_app-dev-codedeploy", - "auto_rollback_configuration": [ - { - "enabled": true, - "events": [ - "DEPLOYMENT_FAILURE" - ] - } - ], - "autoscaling_groups": [], - "blue_green_deployment_config": [ - { - "deployment_ready_option": [ - { - "action_on_timeout": "CONTINUE_DEPLOYMENT", - "wait_time_in_minutes": 0 - } - ], - "green_fleet_provisioning_option": [], - "terminate_blue_instances_on_deployment_success": [ - { - "action": "TERMINATE", - "termination_wait_time_in_minutes": 1 - } - ] - } - ], - "deployment_config_name": "CodeDeployDefault.ECSAllAtOnce", - "deployment_group_name": "fake_app-dev-deployment-group", - "deployment_style": [ - { - "deployment_option": "WITH_TRAFFIC_CONTROL", - "deployment_type": "BLUE_GREEN" - } - ], - "ec2_tag_filter": [], - "ec2_tag_set": [], - "ecs_service": [ - { - "cluster_name": "fake_app-dev", - "service_name": "fake_app-dev" - } - ], - "id": "fake1d", - "load_balancer_info": [ - { - "elb_info": [], - "target_group_info": [], - "target_group_pair_info": [ - { - "prod_traffic_route": [ - { - "listener_arns": [ - "arn:aws:elasticloadbalancing:us-west-2:***:listener/app/fake_app-dev-alb/fake1d/0fake1d" - ] - } - ], - "target_group": [ - { - "name": "fake_app-dev-tgb" - }, - { - "name": "fake_app-dev-tgg" - } - ], - "test_traffic_route": [ - { - "listener_arns": null - } - ] - } - ] - } - ], - "on_premises_instance_tag_filter": [], - "service_role_arn": "arn:aws:iam::***:role/PowerBuilder", - "trigger_configuration": [] - }, - "after_unknown": {} - } - }, - { - "address": "module.app.module.fargate.aws_ecs_cluster.cluster", - "module_address": "module.app.module.fargate", - "mode": "managed", - "type": "aws_ecs_cluster", - "name": "cluster", - "provider_name": "aws", - "change": { - "actions": [ - "no-op" - ], - "before": { - "arn": "arn:aws:ecs:us-west-2:***:cluster/fake_app-dev", - "capacity_providers": [], - "default_capacity_provider_strategy": [], - "id": "arn:aws:ecs:us-west-2:***:cluster/fake_app-dev", - "name": "fake_app-dev", - "setting": [ - { - "name": "containerInsights", - "value": "enabled" - } - ], - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - } - }, - "after": { - "arn": "arn:aws:ecs:us-west-2:***:cluster/fake_app-dev", - "capacity_providers": [], - "default_capacity_provider_strategy": [], - "id": "arn:aws:ecs:us-west-2:***:cluster/fake_app-dev", - "name": "fake_app-dev", - "setting": [ - { - "name": "containerInsights", - "value": "enabled" - } - ], - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - } - }, - "after_unknown": {} - } - }, - { - "address": "module.app.module.fargate.aws_ecs_service.service", - "module_address": "module.app.module.fargate", - "mode": "managed", - "type": "aws_ecs_service", - "name": "service", - "provider_name": "aws", - "change": { - "actions": [ - "no-op" - ], - "before": { - "capacity_provider_strategy": [], - "cluster": "arn:aws:ecs:us-west-2:***:cluster/fake_app-dev", - "deployment_controller": [ - { - "type": "CODE_DEPLOY" - } - ], - "deployment_maximum_percent": 200, - "deployment_minimum_healthy_percent": 100, - "desired_count": 1, - "enable_ecs_managed_tags": false, - "force_new_deployment": null, - "health_check_grace_period_seconds": 0, - "iam_role": "aws-service-role", - "id": "arn:aws:ecs:us-west-2:***:service/fake_app-dev/fake_app-dev", - "launch_type": "FARGATE", - "load_balancer": [ - { - "container_name": "main", - "container_port": 8080, - "elb_name": "", - "target_group_arn": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgb/0fake1d" - } - ], - "name": "fake_app-dev", - "network_configuration": [ - { - "assign_public_ip": true, - "security_groups": [ - "sg-0fake1d" - ], - "subnets": [ - "subnet-0fake1d", - "subnet-0fake1d" - ] - } - ], - "ordered_placement_strategy": [], - "placement_constraints": [], - "placement_strategy": [], - "platform_version": "1.4.0", - "propagate_tags": "NONE", - "scheduling_strategy": "REPLICA", - "service_registries": [], - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "task_definition": "arn:aws:ecs:us-west-2:***:task-definition/fake_app-dev-def:5" - }, - "after": { - "capacity_provider_strategy": [], - "cluster": "arn:aws:ecs:us-west-2:***:cluster/fake_app-dev", - "deployment_controller": [ - { - "type": "CODE_DEPLOY" - } - ], - "deployment_maximum_percent": 200, - "deployment_minimum_healthy_percent": 100, - "desired_count": 1, - "enable_ecs_managed_tags": false, - "force_new_deployment": null, - "health_check_grace_period_seconds": 0, - "iam_role": "aws-service-role", - "id": "arn:aws:ecs:us-west-2:***:service/fake_app-dev/fake_app-dev", - "launch_type": "FARGATE", - "load_balancer": [ - { - "container_name": "main", - "container_port": 8080, - "elb_name": "", - "target_group_arn": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgb/0fake1d" - } - ], - "name": "fake_app-dev", - "network_configuration": [ - { - "assign_public_ip": true, - "security_groups": [ - "sg-0fake1d" - ], - "subnets": [ - "subnet-0fake1d", - "subnet-0fake1d" - ] - } - ], - "ordered_placement_strategy": [], - "placement_constraints": [], - "placement_strategy": [], - "platform_version": "1.4.0", - "propagate_tags": "NONE", - "scheduling_strategy": "REPLICA", - "service_registries": [], - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "task_definition": "arn:aws:ecs:us-west-2:***:task-definition/fake_app-dev-def:5" - }, - "after_unknown": {} - } - }, - { - "address": "module.app.module.fargate.aws_ecs_task_definition.task_def", - "module_address": "module.app.module.fargate", - "mode": "managed", - "type": "aws_ecs_task_definition", - "name": "task_def", - "provider_name": "aws", - "change": { - "actions": [ - "delete", - "create" - ], - "before": { - "arn": "arn:aws:ecs:us-west-2:***:task-definition/fake_app-dev-def:5", - "container_definitions": "[{\"cpu\":0,\"environment\":[{\"name\":\"ENV\",\"value\":\"dev\"},{\"name\":\"db_url\",\"value\":\"jdbc:mysql://fake_app-dev-db.0fake1d.us-west-2.rds.amazonaws.com:3306/deleteme2dev\"}],\"essential\":true,\"image\":\"***.dkr.ecr.us-west-2.amazonaws.com/fake_app-dev:2020-06-17_17-43-10\",\"logConfiguration\":{\"logDriver\":\"awslogs\",\"options\":{\"awslogs-group\":\"fargate/fake_app-dev\",\"awslogs-region\":\"us-west-2\",\"awslogs-stream-prefix\":\"fake_app-dev\"}},\"mountPoints\":[],\"name\":\"main\",\"portMappings\":[{\"containerPort\":8080,\"hostPort\":8080,\"protocol\":\"tcp\"}],\"privileged\":false,\"secrets\":[{\"name\":\"db_password\",\"valueFrom\":\"arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_password\"},{\"name\":\"db_username\",\"valueFrom\":\"arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_username\"}],\"volumesFrom\":[]}]", - "cpu": "256", - "execution_role_arn": "arn:aws:iam::***:role/fake_app-dev-taskExecutionRole", - "family": "fake_app-dev-def", - "id": "fake_app-dev-def", - "inference_accelerator": [], - "ipc_mode": "", - "memory": "512", - "network_mode": "awsvpc", - "pid_mode": "", - "placement_constraints": [], - "proxy_configuration": [], - "requires_compatibilities": [ - "FARGATE" - ], - "revision": 5, - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "task_role_arn": "arn:aws:iam::***:role/fake_app-dev-taskRole", - "volume": [] - }, - "after": { - "container_definitions": "[{\"environment\":[{\"name\":\"ENV\",\"value\":\"dev\"},{\"name\":\"db_url\",\"value\":\"jdbc:mysql://fake_app-dev-db.0fake1d.us-west-2.rds.amazonaws.com:3306/deleteme2dev\"}],\"essential\":true,\"image\":\"***.dkr.ecr.us-west-2.amazonaws.com/fake_app-dev:new_timestamp\",\"logConfiguration\":{\"logDriver\":\"awslogs\",\"options\":{\"awslogs-group\":\"fargate/fake_app-dev\",\"awslogs-region\":\"us-west-2\",\"awslogs-stream-prefix\":\"fake_app-dev\"}},\"mountPoints\":[],\"name\":\"main\",\"portMappings\":[{\"containerPort\":8080,\"hostPort\":8080,\"protocol\":\"tcp\"}],\"privileged\":false,\"secrets\":[{\"name\":\"db_password\",\"valueFrom\":\"arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_password\"},{\"name\":\"db_username\",\"valueFrom\":\"arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_username\"}],\"volumesFrom\":[]}]", - "cpu": "256", - "execution_role_arn": "arn:aws:iam::***:role/fake_app-dev-taskExecutionRole", - "family": "fake_app-dev-def", - "inference_accelerator": [], - "ipc_mode": null, - "memory": "512", - "network_mode": "awsvpc", - "pid_mode": null, - "placement_constraints": [], - "proxy_configuration": [], - "requires_compatibilities": [ - "FARGATE" - ], - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "task_role_arn": "arn:aws:iam::***:role/fake_app-dev-taskRole", - "volume": [] - }, - "after_unknown": { - "arn": true, - "id": true, - "inference_accelerator": [], - "placement_constraints": [], - "proxy_configuration": [], - "requires_compatibilities": [ - false - ], - "revision": true, - "tags": {}, - "volume": [] - } - } - }, - { - "address": "module.app.module.fargate.aws_iam_policy.secrets_access[0]", - "module_address": "module.app.module.fargate", - "mode": "managed", - "type": "aws_iam_policy", - "name": "secrets_access", - "index": 0, - "provider_name": "aws", - "change": { - "actions": [ - "no-op" - ], - "before": { - "arn": "arn:aws:iam::***:policy/fake_app-dev_secrets_access", - "description": "", - "id": "arn:aws:iam::***:policy/fake_app-dev_secrets_access", - "name": "fake_app-dev_secrets_access", - "name_prefix": null, - "path": "/", - "policy": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ssm:GetParemetersByPath\",\n \"ssm:GetParameters\",\n \"ssm:GetParameter\"\n ],\n \"Resource\": [\n \"arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_username\",\n \"arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_password\"\n ]\n }\n ]\n}" - }, - "after": { - "arn": "arn:aws:iam::***:policy/fake_app-dev_secrets_access", - "description": "", - "id": "arn:aws:iam::***:policy/fake_app-dev_secrets_access", - "name": "fake_app-dev_secrets_access", - "name_prefix": null, - "path": "/", - "policy": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ssm:GetParemetersByPath\",\n \"ssm:GetParameters\",\n \"ssm:GetParameter\"\n ],\n \"Resource\": [\n \"arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_username\",\n \"arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_password\"\n ]\n }\n ]\n}" - }, - "after_unknown": {} - } - }, - { - "address": "module.app.module.fargate.aws_iam_role.task_execution_role", - "module_address": "module.app.module.fargate", - "mode": "managed", - "type": "aws_iam_role", - "name": "task_execution_role", - "provider_name": "aws", - "change": { - "actions": [ - "no-op" - ], - "before": { - "arn": "arn:aws:iam::***:role/fake_app-dev-taskExecutionRole", - "assume_role_policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"ecs-tasks.amazonaws.com\"},\"Action\":\"sts:AssumeRole\"}]}", - "create_date": "2020-06-17T14:59:29Z", - "description": "", - "force_detach_policies": false, - "id": "fake_app-dev-taskExecutionRole", - "max_session_duration": 3600, - "name": "fake_app-dev-taskExecutionRole", - "name_prefix": null, - "path": "/", - "permissions_boundary": "arn:aws:iam::***:policy/iamRolePermissionBoundary", - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "unique_id": "FAKE" - }, - "after": { - "arn": "arn:aws:iam::***:role/fake_app-dev-taskExecutionRole", - "assume_role_policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"ecs-tasks.amazonaws.com\"},\"Action\":\"sts:AssumeRole\"}]}", - "create_date": "2020-06-17T14:59:29Z", - "description": "", - "force_detach_policies": false, - "id": "fake_app-dev-taskExecutionRole", - "max_session_duration": 3600, - "name": "fake_app-dev-taskExecutionRole", - "name_prefix": null, - "path": "/", - "permissions_boundary": "arn:aws:iam::***:policy/iamRolePermissionBoundary", - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "unique_id": "FAKE" - }, - "after_unknown": {} - } - }, - { - "address": "module.app.module.fargate.aws_iam_role.task_role", - "module_address": "module.app.module.fargate", - "mode": "managed", - "type": "aws_iam_role", - "name": "task_role", - "provider_name": "aws", - "change": { - "actions": [ - "no-op" - ], - "before": { - "arn": "arn:aws:iam::***:role/fake_app-dev-taskRole", - "assume_role_policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"ecs-tasks.amazonaws.com\"},\"Action\":\"sts:AssumeRole\"}]}", - "create_date": "2020-06-17T14:59:29Z", - "description": "", - "force_detach_policies": false, - "id": "fake_app-dev-taskRole", - "max_session_duration": 3600, - "name": "fake_app-dev-taskRole", - "name_prefix": null, - "path": "/", - "permissions_boundary": "arn:aws:iam::***:policy/iamRolePermissionBoundary", - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "unique_id": "FAKE1D" - }, - "after": { - "arn": "arn:aws:iam::***:role/fake_app-dev-taskRole", - "assume_role_policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"ecs-tasks.amazonaws.com\"},\"Action\":\"sts:AssumeRole\"}]}", - "create_date": "2020-06-17T14:59:29Z", - "description": "", - "force_detach_policies": false, - "id": "fake_app-dev-taskRole", - "max_session_duration": 3600, - "name": "fake_app-dev-taskRole", - "name_prefix": null, - "path": "/", - "permissions_boundary": "arn:aws:iam::***:policy/iamRolePermissionBoundary", - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "unique_id": "FAKE1D" - }, - "after_unknown": {} - } - }, - { - "address": "module.app.module.fargate.aws_iam_role_policy_attachment.secret_task_policy_attach[0]", - "module_address": "module.app.module.fargate", - "mode": "managed", - "type": "aws_iam_role_policy_attachment", - "name": "secret_task_policy_attach", - "index": 0, - "provider_name": "aws", - "change": { - "actions": [ - "no-op" - ], - "before": { - "id": "fake_app-dev-taskRole-0FAKE1D", - "policy_arn": "arn:aws:iam::***:policy/fake_app-dev_secrets_access", - "role": "fake_app-dev-taskRole" - }, - "after": { - "id": "fake_app-dev-taskRole-0FAKE1D", - "policy_arn": "arn:aws:iam::***:policy/fake_app-dev_secrets_access", - "role": "fake_app-dev-taskRole" - }, - "after_unknown": {} - } - }, - { - "address": "module.app.module.fargate.aws_iam_role_policy_attachment.secrets_policy_attach[0]", - "module_address": "module.app.module.fargate", - "mode": "managed", - "type": "aws_iam_role_policy_attachment", - "name": "secrets_policy_attach", - "index": 0, - "provider_name": "aws", - "change": { - "actions": [ - "no-op" - ], - "before": { - "id": "fake_app-dev-taskExecutionRole-0FAKE1D", - "policy_arn": "arn:aws:iam::***:policy/fake_app-dev_secrets_access", - "role": "fake_app-dev-taskExecutionRole" - }, - "after": { - "id": "fake_app-dev-taskExecutionRole-0FAKE1D", - "policy_arn": "arn:aws:iam::***:policy/fake_app-dev_secrets_access", - "role": "fake_app-dev-taskExecutionRole" - }, - "after_unknown": {} - } - }, - { - "address": "module.app.module.fargate.aws_iam_role_policy_attachment.task_execution_policy_attach", - "module_address": "module.app.module.fargate", - "mode": "managed", - "type": "aws_iam_role_policy_attachment", - "name": "task_execution_policy_attach", - "provider_name": "aws", - "change": { - "actions": [ - "no-op" - ], - "before": { - "id": "fake_app-dev-taskExecutionRole-0FAKE1D", - "policy_arn": "arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy", - "role": "fake_app-dev-taskExecutionRole" - }, - "after": { - "id": "fake_app-dev-taskExecutionRole-0FAKE1D", - "policy_arn": "arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy", - "role": "fake_app-dev-taskExecutionRole" - }, - "after_unknown": {} - } - }, - { - "address": "module.app.module.fargate.aws_route53_record.a_record", - "module_address": "module.app.module.fargate", - "mode": "managed", - "type": "aws_route53_record", - "name": "a_record", - "provider_name": "aws", - "change": { - "actions": [ - "no-op" - ], - "before": { - "alias": [ - { - "evaluate_target_health": true, - "name": "fake_app-dev-alb-1234567890.us-west-2.elb.amazonaws.com", - "zone_id": "FAKE123" - } - ], - "allow_overwrite": null, - "failover_routing_policy": [], - "fqdn": "fake_app-dev.fake_domain.amazon.byu.edu", - "geolocation_routing_policy": [], - "health_check_id": "", - "id": "Z0FAKE1D_fake_app-dev.fake_domain.amazon.byu.edu._A", - "latency_routing_policy": [], - "multivalue_answer_routing_policy": null, - "name": "fake_app-dev.fake_domain.amazon.byu.edu", - "records": [], - "set_identifier": "", - "ttl": 0, - "type": "A", - "weighted_routing_policy": [], - "zone_id": "Z0FAKE1D" - }, - "after": { - "alias": [ - { - "evaluate_target_health": true, - "name": "fake_app-dev-alb-1234567890.us-west-2.elb.amazonaws.com", - "zone_id": "FAKE123" - } - ], - "allow_overwrite": null, - "failover_routing_policy": [], - "fqdn": "fake_app-dev.fake_domain.amazon.byu.edu", - "geolocation_routing_policy": [], - "health_check_id": "", - "id": "Z0FAKE1D_fake_app-dev.fake_domain.amazon.byu.edu._A", - "latency_routing_policy": [], - "multivalue_answer_routing_policy": null, - "name": "fake_app-dev.fake_domain.amazon.byu.edu", - "records": [], - "set_identifier": "", - "ttl": 0, - "type": "A", - "weighted_routing_policy": [], - "zone_id": "Z0FAKE1D" - }, - "after_unknown": {} - } - }, - { - "address": "module.app.module.fargate.aws_route53_record.aaaa_record", - "module_address": "module.app.module.fargate", - "mode": "managed", - "type": "aws_route53_record", - "name": "aaaa_record", - "provider_name": "aws", - "change": { - "actions": [ - "no-op" - ], - "before": { - "alias": [ - { - "evaluate_target_health": true, - "name": "fake_app-dev-alb-1234567890.us-west-2.elb.amazonaws.com", - "zone_id": "FAKE123" - } - ], - "allow_overwrite": null, - "failover_routing_policy": [], - "fqdn": "fake_app-dev.fake_domain.amazon.byu.edu", - "geolocation_routing_policy": [], - "health_check_id": "", - "id": "Z0FAKE1D_fake_app-dev.fake_domain.amazon.byu.edu._AAAA", - "latency_routing_policy": [], - "multivalue_answer_routing_policy": null, - "name": "fake_app-dev.fake_domain.amazon.byu.edu", - "records": [], - "set_identifier": "", - "ttl": 0, - "type": "AAAA", - "weighted_routing_policy": [], - "zone_id": "Z0FAKE1D" - }, - "after": { - "alias": [ - { - "evaluate_target_health": true, - "name": "fake_app-dev-alb-1234567890.us-west-2.elb.amazonaws.com", - "zone_id": "FAKE123" - } - ], - "allow_overwrite": null, - "failover_routing_policy": [], - "fqdn": "fake_app-dev.fake_domain.amazon.byu.edu", - "geolocation_routing_policy": [], - "health_check_id": "", - "id": "Z0FAKE1D_fake_app-dev.fake_domain.amazon.byu.edu._AAAA", - "latency_routing_policy": [], - "multivalue_answer_routing_policy": null, - "name": "fake_app-dev.fake_domain.amazon.byu.edu", - "records": [], - "set_identifier": "", - "ttl": 0, - "type": "AAAA", - "weighted_routing_policy": [], - "zone_id": "Z0FAKE1D" - }, - "after_unknown": {} - } - }, - { - "address": "module.app.module.fargate.aws_security_group.alb-sg", - "module_address": "module.app.module.fargate", - "mode": "managed", - "type": "aws_security_group", - "name": "alb-sg", - "provider_name": "aws", - "change": { - "actions": [ - "no-op" - ], - "before": { - "arn": "arn:aws:ec2:us-west-2:***:security-group/sg-0fake1d", - "description": "Controls access to the fake_app-dev-alb", - "egress": [ - { - "cidr_blocks": [ - "0.0.0.0/0" - ], - "description": "", - "from_port": 0, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "-1", - "security_groups": [], - "self": false, - "to_port": 0 - } - ], - "id": "sg-0fake1d", - "ingress": [ - { - "cidr_blocks": [ - "0.0.0.0/0" - ], - "description": "", - "from_port": 443, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "tcp", - "security_groups": [], - "self": false, - "to_port": 443 - }, - { - "cidr_blocks": [ - "0.0.0.0/0" - ], - "description": "", - "from_port": 80, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "tcp", - "security_groups": [], - "self": false, - "to_port": 80 - } - ], - "name": "fake_app-dev-alb-sg", - "name_prefix": null, - "owner_id": "***", - "revoke_rules_on_delete": false, - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "timeouts": null, - "vpc_id": "vpc-0fake1d" - }, - "after": { - "arn": "arn:aws:ec2:us-west-2:***:security-group/sg-0fake1d", - "description": "Controls access to the fake_app-dev-alb", - "egress": [ - { - "cidr_blocks": [ - "0.0.0.0/0" - ], - "description": "", - "from_port": 0, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "-1", - "security_groups": [], - "self": false, - "to_port": 0 - } - ], - "id": "sg-0fake1d", - "ingress": [ - { - "cidr_blocks": [ - "0.0.0.0/0" - ], - "description": "", - "from_port": 443, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "tcp", - "security_groups": [], - "self": false, - "to_port": 443 - }, - { - "cidr_blocks": [ - "0.0.0.0/0" - ], - "description": "", - "from_port": 80, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "tcp", - "security_groups": [], - "self": false, - "to_port": 80 - } - ], - "name": "fake_app-dev-alb-sg", - "name_prefix": null, - "owner_id": "***", - "revoke_rules_on_delete": false, - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "timeouts": null, - "vpc_id": "vpc-0fake1d" - }, - "after_unknown": {} - } - }, - { - "address": "module.app.module.fargate.aws_security_group.fargate_service_sg", - "module_address": "module.app.module.fargate", - "mode": "managed", - "type": "aws_security_group", - "name": "fargate_service_sg", - "provider_name": "aws", - "change": { - "actions": [ - "no-op" - ], - "before": { - "arn": "arn:aws:ec2:us-west-2:***:security-group/sg-0fake1d", - "description": "Controls access to the Fargate Service", - "egress": [ - { - "cidr_blocks": [ - "0.0.0.0/0" - ], - "description": "", - "from_port": 0, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "-1", - "security_groups": [], - "self": false, - "to_port": 0 - } - ], - "id": "sg-0fake1d", - "ingress": [ - { - "cidr_blocks": [], - "description": "", - "from_port": 0, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "tcp", - "security_groups": [ - "sg-0fake1d" - ], - "self": false, - "to_port": 65535 - } - ], - "name": "fake_app-dev-fargate-sg", - "name_prefix": null, - "owner_id": "***", - "revoke_rules_on_delete": false, - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "timeouts": null, - "vpc_id": "vpc-0fake1d" - }, - "after": { - "arn": "arn:aws:ec2:us-west-2:***:security-group/sg-0fake1d", - "description": "Controls access to the Fargate Service", - "egress": [ - { - "cidr_blocks": [ - "0.0.0.0/0" - ], - "description": "", - "from_port": 0, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "-1", - "security_groups": [], - "self": false, - "to_port": 0 - } - ], - "id": "sg-0fake1d", - "ingress": [ - { - "cidr_blocks": [], - "description": "", - "from_port": 0, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "tcp", - "security_groups": [ - "sg-0fake1d" - ], - "self": false, - "to_port": 65535 - } - ], - "name": "fake_app-dev-fargate-sg", - "name_prefix": null, - "owner_id": "***", - "revoke_rules_on_delete": false, - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "timeouts": null, - "vpc_id": "vpc-0fake1d" - }, - "after_unknown": {} - } - }, - { - "address": "module.app.module.fargate.local_file.appspec_json", - "module_address": "module.app.module.fargate", - "mode": "managed", - "type": "local_file", - "name": "appspec_json", - "provider_name": "local", - "change": { - "actions": [ - "create" - ], - "before": null, - "after": { - "content_base64": null, - "directory_permission": "0777", - "file_permission": "0777", - "filename": "/home/runner/work/fake_app/fake_app/terraform-iac/dev/app/appspec.json", - "sensitive_content": null - }, - "after_unknown": { - "content": true, - "id": true - } - } - } - ], - "output_changes": { - "codedeploy_app_name": { - "actions": [ - "create" - ], - "before": null, - "after": "fake_app-dev-codedeploy", - "after_unknown": false - }, - "codedeploy_appspec_json_file": { - "actions": [ - "create" - ], - "before": null, - "after": "/home/runner/work/fake_app/fake_app/terraform-iac/dev/app/appspec.json", - "after_unknown": false - }, - "codedeploy_deployment_group_name": { - "actions": [ - "create" - ], - "before": null, - "after": "fake_app-dev-deployment-group", - "after_unknown": false - } - }, - "prior_state": { - "format_version": "0.1", - "terraform_version": "0.12.26", - "values": { - "outputs": { - "codedeploy_app_name": { - "sensitive": false, - "value": "fake_app-dev-codedeploy" - }, - "codedeploy_deployment_group_name": { - "sensitive": false, - "value": "fake_app-dev-deployment-group" - } - }, - "*******_module": { - "child_modules": [ - { - "resources": [ - { - "address": "aws_security_group_rule.db_access", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "db_access", - "provider_name": "aws", - "schema_version": 2, - "values": { - "cidr_blocks": [], - "description": "", - "from_port": 3306, - "id": "sgrule-012341234", - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "tcp", - "security_group_id": "sg-0fake1d", - "self": false, - "source_security_group_id": "sg-0fake1d", - "to_port": 3306, - "type": "ingress" - }, - "depends_on": [ - "module.app.module.database.aws_security_group.db_security_group", - "module.app.module.fargate.aws_security_group.alb-sg", - "module.app.module.fargate.aws_security_group.fargate_service_sg" - ] - }, - { - "address": "data.aws_ecr_repository.ecr_repo", - "mode": "data", - "type": "aws_ecr_repository", - "name": "ecr_repo", - "provider_name": "aws", - "schema_version": 0, - "values": { - "arn": "arn:aws:ecr:us-west-2:***:repository/fake_app-dev", - "id": "fake_app-dev", - "name": "fake_app-dev", - "registry_id": "***", - "repository_url": "***.dkr.ecr.us-west-2.amazonaws.com/fake_app-dev", - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - } - } - } - ], - "address": "module.app", - "child_modules": [ - { - "resources": [ - { - "address": "data.aws_acm_certificate.cert", - "mode": "data", - "type": "aws_acm_certificate", - "name": "cert", - "index": 0, - "provider_name": "aws", - "schema_version": 0, - "values": { - "arn": "arn:aws:acm:us-west-2:***:certificate/0fake1d", - "domain": "fake_domain.amazon.byu.edu", - "id": "2020-06-24 19:40:11.645734343 +0000 UTC", - "key_types": null, - "most_recent": false, - "statuses": null, - "tags": { - "IAC": "Terraform" - }, - "types": null - } - }, - { - "address": "data.aws_acm_certificate.virginia", - "mode": "data", - "type": "aws_acm_certificate", - "name": "virginia", - "index": 0, - "provider_name": "aws.virginia", - "schema_version": 0, - "values": { - "arn": "arn:aws:acm:us-east-1:***:certificate/0fake1d", - "domain": "fake_domain.amazon.byu.edu", - "id": "2020-06-24 19:40:11.087617241 +0000 UTC", - "key_types": null, - "most_recent": false, - "statuses": null, - "tags": { - "IAC": "Terraform" - }, - "types": null - } - }, - { - "address": "data.aws_iam_account_alias.current", - "mode": "data", - "type": "aws_iam_account_alias", - "name": "current", - "provider_name": "aws", - "schema_version": 0, - "values": { - "account_alias": "fake_domain", - "id": "2020-06-24 19:40:09.518373467 +0000 UTC" - } - }, - { - "address": "data.aws_iam_policy.role_permission_boundary", - "mode": "data", - "type": "aws_iam_policy", - "name": "role_permission_boundary", - "index": 0, - "provider_name": "aws", - "schema_version": 0, - "values": { - "arn": "arn:aws:iam::***:policy/iamRolePermissionBoundary", - "description": "Role Permission Boundary Policy - Managed by Terraform", - "id": "arn:aws:iam::***:policy/iamRolePermissionBoundary", - "name": "iamRolePermissionBoundary", - "path": "/", - "policy": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"AccountAdminPolicy\",\n \"Effect\": \"Allow\",\n \"NotAction\": \"iam:*\",\n \"Resource\": \"*\"\n },\n {\n \"Sid\": \"DenyPassUnsafeRoles\",\n \"Effect\": \"Deny\",\n \"Action\": [\n \"iam:PassRole\"\n ],\n \"Resource\": [\n \"arn:aws:iam::***:role/OrganizationAccountAccessRole\",\n \"arn:aws:iam::***:role/Admin\",\n \"arn:aws:iam::***:role/PowerUser\",\n \"arn:aws:iam::***:role/PowerBuilder\",\n \"arn:aws:iam::***:role/ReadOnly\",\n \"arn:aws:iam::***:role/HawaiiPowerUser\",\n \"arn:aws:iam::***:role/HawaiiReadOnly\"\n\t ]\n },\n {\n \"Sid\": \"AllowSomeIAM\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"iam:PassRole\",\n \t\"iam:ListServerCertificates\",\n \t\"iam:GetServerCertificate\",\n \t\"iam:GetRole\",\n \t\"iam:GetRolePolicy\",\n \t\"iam:CreateServiceLinkedRole\"\n ], \n \"Resource\": \"*\"\n },\n {\n \"Sid\": \"ProtectACSResources\",\n \"Effect\": \"Deny\",\n \"Action\": \"*\",\n \"Resource\": [\n \"arn:aws:s3:::cloudtrail-***\",\n \"arn:aws:s3:::aws-acs-***\",\n \"arn:aws:cloudtrail:us-west-2:***:trail/aws-acs-logs-cloudtrail\",\n \"arn:aws:dynamodb:us-west-2:***:table/aws-acs-***\"\n ]\n },\n {\n \"Sid\": \"ProtectACSParameters\",\n \"Effect\": \"Deny\",\n \"Action\": [\n \"ssm:DeleteParameter\",\n \"ssm:DeleteParameters\",\n \"ssm:PutParameter\"\n ],\n \"Resource\": [\n \"arn:aws:ssm:us-west-2:***:parameter/acs/*\",\n \"arn:aws:ssm:us-east-1:***:parameter/acs/*\"\n ]\n },\n {\n \"Sid\": \"BlockOddRegions\",\n \"Effect\": \"Deny\",\n \"Action\": \"*\",\n \"Resource\": \"*\",\n \"Condition\": {\n \"StringNotEquals\": {\n \"aws:RequestedRegion\": [\n \"us-west-2\",\n \"us-east-1\"\n ]\n }\n }\n },\n {\n \"Sid\": \"NoNewVPCs\",\n \"Effect\": \"Deny\",\n \"Action\": [\n \"ec2:CreateVpc\",\n \"ec2:CreateDefaultVpc\",\n \"account:EnableRegion\",\n \"account:DisableRegion\"\n ],\n \"Resource\": \"*\"\n }\n ]\n}\n" - } - }, - { - "address": "data.aws_iam_policy.user_permission_boundary", - "mode": "data", - "type": "aws_iam_policy", - "name": "user_permission_boundary", - "index": 0, - "provider_name": "aws", - "schema_version": 0, - "values": { - "arn": "arn:aws:iam::***:policy/iamUserPermissionBoundary", - "description": "User Permission Boundary Policy - Managed by Terraform", - "id": "arn:aws:iam::***:policy/iamUserPermissionBoundary", - "name": "iamUserPermissionBoundary", - "path": "/", - "policy": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"AccountAdminPolicy\",\n \"Effect\": \"Allow\",\n \"NotAction\": \"iam:*\",\n \"Resource\": \"*\"\n },\n {\n \"Sid\": \"DenyPassUnsafeRoles\",\n \"Effect\": \"Deny\",\n \"Action\": [\n \"iam:PassRole\"\n ],\n \"Resource\": [\n \"arn:aws:iam::***:role/OrganizationAccountAccessRole\",\n \"arn:aws:iam::***:role/Admin\",\n \"arn:aws:iam::***:role/PowerUser\",\n \"arn:aws:iam::***:role/PowerBuilder\",\n \"arn:aws:iam::***:role/ReadOnly\",\n \"arn:aws:iam::***:role/HawaiiPowerUser\",\n \"arn:aws:iam::***:role/HawaiiReadOnly\"\n\t ]\n },\n {\n \"Sid\": \"AllowSomeIAM\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"iam:PassRole\",\n \t\"iam:ListServerCertificates\",\n \t\"iam:GetServerCertificate\",\n \t\"iam:GetRole\",\n \t\"iam:GetRolePolicy\",\n \t\"iam:CreateServiceLinkedRole\"\n ], \n \"Resource\": \"*\"\n },\n {\n \"Sid\": \"ProtectACSResources\",\n \"Effect\": \"Deny\",\n \"Action\": \"*\",\n \"Resource\": [\n \"arn:aws:s3:::cloudtrail-***\",\n \"arn:aws:s3:::aws-acs-***\",\n \"arn:aws:cloudtrail:us-west-2:***:trail/aws-acs-logs-cloudtrail\",\n \"arn:aws:dynamodb:us-west-2:***:table/aws-acs-***\"\n ]\n },\n {\n \"Sid\": \"ProtectACSParameters\",\n \"Effect\": \"Deny\",\n \"Action\": [\n \"ssm:DeleteParameter\",\n \"ssm:DeleteParameters\",\n \"ssm:PutParameter\"\n ],\n \"Resource\": [\n \"arn:aws:ssm:us-west-2:***:parameter/acs/*\",\n \"arn:aws:ssm:us-east-1:***:parameter/acs/*\"\n ]\n },\n {\n \"Sid\": \"BlockOddRegions\",\n \"Effect\": \"Deny\",\n \"Action\": \"*\",\n \"Resource\": \"*\",\n \"Condition\": {\n \"StringNotEquals\": {\n \"aws:RequestedRegion\": [\n \"us-west-2\",\n \"us-east-1\"\n ]\n }\n }\n },\n {\n \"Sid\": \"NoNewVPCs\",\n \"Effect\": \"Deny\",\n \"Action\": [\n \"ec2:CreateVpc\",\n \"ec2:CreateDefaultVpc\"\n ],\n \"Resource\": \"*\"\n },\n {\n \"Sid\": \"LimitUserRights\",\n \"Effect\": \"Deny\",\n \"Action\": [\n \"sts:AssumeRole\",\n \"ec2:RunInstances\",\n \"autoscaling:CreateAutoScalingGroup\",\n \"account:EnableRegion\",\n \"account:DisableRegion\"\n ],\n \"Resource\": \"*\"\n }\n ]\n}\n" - } - }, - { - "address": "data.aws_iam_role.power_builder", - "mode": "data", - "type": "aws_iam_role", - "name": "power_builder", - "provider_name": "aws", - "schema_version": 0, - "values": { - "arn": "arn:aws:iam::***:role/PowerBuilder", - "assume_role_policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"codebuild.amazonaws.com\",\"events.amazonaws.com\",\"edgelambda.amazonaws.com\",\"codedeploy.amazonaws.com\",\"lambda.amazonaws.com\"]},\"Action\":\"sts:AssumeRole\"}]}", - "assume_role_policy_document": null, - "create_date": "2019-10-18T19:28:27Z", - "description": "PowerBuilderPolicy and PowerPolicy - Managed by Terraform", - "id": "PowerBuilder", - "max_session_duration": 32400, - "name": "PowerBuilder", - "path": "/", - "permissions_boundary": "", - "role_id": null, - "role_name": null, - "tags": {}, - "unique_id": "0fake1d" - } - }, - { - "address": "data.aws_iam_role.power_user", - "mode": "data", - "type": "aws_iam_role", - "name": "power_user", - "provider_name": "aws", - "schema_version": 0, - "values": { - "arn": "arn:aws:iam::***:role/PowerUser", - "assume_role_policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Federated\":\"arn:aws:iam::***:saml-provider/ADFS\"},\"Action\":\"sts:AssumeRoleWithSAML\",\"Condition\":{\"StringEquals\":{\"SAML:aud\":\"https://signin.aws.amazon.com/saml\"}}}]}", - "assume_role_policy_document": null, - "create_date": "2019-10-18T19:28:27Z", - "description": "PowerUserPolicy and PowerPolicy - Managed by Terraform", - "id": "PowerUser", - "max_session_duration": 32400, - "name": "PowerUser", - "path": "/", - "permissions_boundary": "", - "role_id": null, - "role_name": null, - "tags": {}, - "unique_id": "0fake1d" - } - }, - { - "address": "data.aws_iam_role.read_only", - "mode": "data", - "type": "aws_iam_role", - "name": "read_only", - "provider_name": "aws", - "schema_version": 0, - "values": { - "arn": "arn:aws:iam::***:role/ReadOnly", - "assume_role_policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Federated\":\"arn:aws:iam::***:saml-provider/ADFS\"},\"Action\":\"sts:AssumeRoleWithSAML\",\"Condition\":{\"StringEquals\":{\"SAML:aud\":\"https://signin.aws.amazon.com/saml\"}}}]}", - "assume_role_policy_document": null, - "create_date": "2019-10-18T19:28:27Z", - "description": "ReadOnly and ReadOnlyDenies - Managed by Terraform", - "id": "ReadOnly", - "max_session_duration": 32400, - "name": "ReadOnly", - "path": "/", - "permissions_boundary": "", - "role_id": null, - "role_name": null, - "tags": {}, - "unique_id": "0fake1d" - } - }, - { - "address": "data.aws_region.current", - "mode": "data", - "type": "aws_region", - "name": "current", - "provider_name": "aws", - "schema_version": 0, - "values": { - "current": null, - "description": "US West (Oregon)", - "endpoint": "ec2.us-west-2.amazonaws.com", - "id": "us-west-2", - "name": "us-west-2" - } - }, - { - "address": "data.aws_route53_zone.zone", - "mode": "data", - "type": "aws_route53_zone", - "name": "zone", - "index": 0, - "provider_name": "aws", - "schema_version": 0, - "values": { - "caller_reference": "terraform-0fake1d", - "comment": "Managed by Terraform", - "id": "Z0FAKE1D", - "linked_service_description": null, - "linked_service_principal": null, - "name": "fake_domain.amazon.byu.edu.", - "name_servers": [ - "fake.org", - "fake.co.uk", - "fake.com", - "fake.net" - ], - "private_zone": false, - "resource_record_set_count": 17, - "tags": { - "IAC": "Terraform", - "env": "dev", - "repo": "https://github.com/byu-oit/aws-acs" - }, - "vpc_id": null, - "zone_id": "Z0FAKE1D" - } - }, - { - "address": "data.aws_security_group.oracle", - "mode": "data", - "type": "aws_security_group", - "name": "oracle", - "index": 0, - "provider_name": "aws", - "schema_version": 0, - "values": { - "arn": "arn:aws:ec2:us-west-2:***:security-group/sg-0fake1d", - "description": "Used to connect to ORACLE Xinetd Server in Platform Account - Managed by Terraform", - "filter": null, - "id": "sg-0fake1d", - "name": "vpn_oregon_dev_xinetd", - "tags": { - "IAC": "Terraform", - "Name": "ORACLE/CMAN Xinetd Security Group" - }, - "vpc_id": "vpc-0fake1d" - } - }, - { - "address": "data.aws_security_group.rds", - "mode": "data", - "type": "aws_security_group", - "name": "rds", - "provider_name": "aws", - "schema_version": 0, - "values": { - "arn": "arn:aws:ec2:us-west-2:***:security-group/sg-0fake1d", - "description": "Security Group for RDS - Managed by Terraform", - "filter": [ - { - "name": "group-name", - "values": [ - "*rds_security_group*" - ] - }, - { - "name": "vpc-id", - "values": [ - "vpc-0fake1d" - ] - } - ], - "id": "sg-0fake1d", - "name": "rds_security_group_oit_oregon_dev", - "tags": { - "IAC": "Terraform", - "Name": "RDS Security Group - OIT Oregon Dev" - }, - "vpc_id": "vpc-0fake1d" - } - }, - { - "address": "data.aws_security_group.ssh_rdp", - "mode": "data", - "type": "aws_security_group", - "name": "ssh_rdp", - "provider_name": "aws", - "schema_version": 0, - "values": { - "arn": "arn:aws:ec2:us-west-2:***:security-group/sg-0fake1d", - "description": "Security Group for SSH/RDP - Managed by Terraform", - "filter": [ - { - "name": "group-name", - "values": [ - "*ssh_rdp*" - ] - }, - { - "name": "vpc-id", - "values": [ - "vpc-0fake1d" - ] - } - ], - "id": "sg-0fake1d", - "name": "ssh_rdp_sg_oit_oregon_dev", - "tags": { - "IAC": "Terraform", - "Name": "SSH/RDP from BYU" - }, - "vpc_id": "vpc-0fake1d" - } - }, - { - "address": "data.aws_ssm_parameter.acs_parameters", - "mode": "data", - "type": "aws_ssm_parameter", - "name": "acs_parameters", - "provider_name": "aws", - "schema_version": 0, - "values": { - "arn": "arn:aws:ssm:us-west-2:***:parameter/acsParameters", - "id": "acsParameters", - "name": "acsParameters", - "type": "String", - "value": "{\"/acs/acm/zone-cert-arn\": \"arn:aws:acm:us-west-2:***:certificate/0fake1d\", \"/acs/acm/zone-cert-id\": \"arn:aws:acm:us-west-2:***:certificate/0fake1d\", \"/acs/dns/zone-id\": \"Z0FAKE1D\", \"/acs/dns/zone-name\": \"fake_domain.amazon.byu.edu.\", \"/acs/git/token\": \"faketoken\", \"/acs/iam/iamRolePermissionBoundary\": \"arn:aws:iam::***:policy/iamRolePermissionBoundary\", \"/acs/iam/iamUserPermissionBoundary\": \"arn:aws:iam::***:policy/iamUserPermissionBoundary\", \"/acs/vpc/oit-oregon-dev\": \"vpc-0fake1d\", \"/acs/vpc/oit-oregon-dev-data-a\": \"subnet-0fake1d\", \"/acs/vpc/oit-oregon-dev-data-b\": \"subnet-0fake1d\", \"/acs/vpc/oit-oregon-dev-private-b\": \"subnet-0fake1d\", \"/acs/vpc/sshrdp_sg\": \"ssh_rdp_sg_oit_oregon_dev\", \"/acs/vpc/vpc-name\": \"oit-oregon-dev\", \"/acs/vpc/vpn-oit-oregon-dev-data-b\": \"subnet-098f9ec9e3cd13db8\", \"/acs/vpc/vpn-oit-oregon-dev-private-b\": \"subnet-0069c0ca4522027f5\", \"/acs/vpc/xinetd-sg-id\": \"sg-0fake1d\", \"/acs/vpc/oit-oregon-dev-public-a\": \"subnet-0fake1d\", \"/acs/vpc/oit-oregon-dev-public-b\": \"subnet-0fake1d\", \"/acs/vpc/rds_sg\": \"rds_security_group_oit_oregon_dev\", \"/acs/vpc/rds_vpn_sg\": \"rds_security_group_vpn_oit_oregon_dev\", \"/acs/vpc/sshrdp_vpn_sg\": \"ssh_rdp_sg_vpn_oit_oregon_dev\", \"/acs/vpc/vpn-oit-oregon-dev\": \"vpc-0fake1d\", \"/acs/vpc/vpn-oit-oregon-dev-data-a\": \"subnet-04ef6dfe521d80527\", \"/acs/vpc/vpn-oit-oregon-dev-private-a\": \"subnet-04e5fcbaff98d47d4\", \"/acs/vpc/vpn-oit-oregon-dev-public-a\": \"subnet-0940eb9b3c9f477db\", \"/acs/vpc/vpn-oit-oregon-dev-public-b\": \"subnet-0db85a6e19afc78a9\", \"/acs/vpc/oit-oregon-dev-private-a\": \"subnet-0fake1d\", \"/acs/vpc/vpn-vpc-name\": \"vpn-oit-oregon-dev\"}", - "version": 126331, - "with_decryption": true - } - }, - { - "address": "data.aws_subnet.data_a", - "mode": "data", - "type": "aws_subnet", - "name": "data_a", - "index": 0, - "provider_name": "aws", - "schema_version": 0, - "values": { - "arn": "arn:aws:ec2:us-west-2:1234:subnet/subnet-0fake1d", - "assign_ipv6_address_on_creation": false, - "availability_zone": "us-west-2b", - "availability_zone_id": "usw2-az1", - "cidr_block": "172.17.192.0/19", - "default_for_az": false, - "filter": null, - "id": "subnet-0fake1d", - "ipv6_cidr_block": null, - "ipv6_cidr_block_association_id": null, - "map_public_ip_on_launch": false, - "outpost_arn": "", - "owner_id": "1234", - "state": "available", - "tags": { - "Name": "oit-oregon-dev-data-a" - }, - "vpc_id": "vpc-0fake1d" - } - }, - { - "address": "data.aws_subnet.data_b", - "mode": "data", - "type": "aws_subnet", - "name": "data_b", - "index": 0, - "provider_name": "aws", - "schema_version": 0, - "values": { - "arn": "arn:aws:ec2:us-west-2:1234:subnet/subnet-0fake1d", - "assign_ipv6_address_on_creation": false, - "availability_zone": "us-west-2a", - "availability_zone_id": "usw2-az2", - "cidr_block": "172.17.224.0/19", - "default_for_az": false, - "filter": null, - "id": "subnet-0fake1d", - "ipv6_cidr_block": null, - "ipv6_cidr_block_association_id": null, - "map_public_ip_on_launch": false, - "outpost_arn": "", - "owner_id": "1234", - "state": "available", - "tags": { - "Name": "oit-oregon-dev-data-b" - }, - "vpc_id": "vpc-0fake1d" - } - }, - { - "address": "data.aws_subnet.private_a", - "mode": "data", - "type": "aws_subnet", - "name": "private_a", - "index": 0, - "provider_name": "aws", - "schema_version": 0, - "values": { - "arn": "arn:aws:ec2:us-west-2:1234:subnet/subnet-0fake1d", - "assign_ipv6_address_on_creation": false, - "availability_zone": "us-west-2b", - "availability_zone_id": "usw2-az1", - "cidr_block": "172.17.64.0/18", - "default_for_az": false, - "filter": null, - "id": "subnet-0fake1d", - "ipv6_cidr_block": null, - "ipv6_cidr_block_association_id": null, - "map_public_ip_on_launch": false, - "outpost_arn": "", - "owner_id": "1234", - "state": "available", - "tags": { - "Name": "oit-oregon-dev-private-a" - }, - "vpc_id": "vpc-0fake1d" - } - }, - { - "address": "data.aws_subnet.private_b", - "mode": "data", - "type": "aws_subnet", - "name": "private_b", - "index": 0, - "provider_name": "aws", - "schema_version": 0, - "values": { - "arn": "arn:aws:ec2:us-west-2:1234:subnet/subnet-0fake1d", - "assign_ipv6_address_on_creation": false, - "availability_zone": "us-west-2a", - "availability_zone_id": "usw2-az2", - "cidr_block": "172.17.128.0/18", - "default_for_az": false, - "filter": null, - "id": "subnet-0fake1d", - "ipv6_cidr_block": null, - "ipv6_cidr_block_association_id": null, - "map_public_ip_on_launch": false, - "outpost_arn": "", - "owner_id": "1234", - "state": "available", - "tags": { - "Name": "oit-oregon-dev-private-b" - }, - "vpc_id": "vpc-0fake1d" - } - }, - { - "address": "data.aws_subnet.public_a", - "mode": "data", - "type": "aws_subnet", - "name": "public_a", - "index": 0, - "provider_name": "aws", - "schema_version": 0, - "values": { - "arn": "arn:aws:ec2:us-west-2:1234:subnet/subnet-0fake1d", - "assign_ipv6_address_on_creation": false, - "availability_zone": "us-west-2b", - "availability_zone_id": "usw2-az1", - "cidr_block": "172.17.0.0/19", - "default_for_az": false, - "filter": null, - "id": "subnet-0fake1d", - "ipv6_cidr_block": null, - "ipv6_cidr_block_association_id": null, - "map_public_ip_on_launch": true, - "outpost_arn": "", - "owner_id": "1234", - "state": "available", - "tags": { - "Name": "oit-oregon-dev-public-a" - }, - "vpc_id": "vpc-0fake1d" - } - }, - { - "address": "data.aws_subnet.public_b", - "mode": "data", - "type": "aws_subnet", - "name": "public_b", - "index": 0, - "provider_name": "aws", - "schema_version": 0, - "values": { - "arn": "arn:aws:ec2:us-west-2:1234:subnet/subnet-0fake1d", - "assign_ipv6_address_on_creation": false, - "availability_zone": "us-west-2a", - "availability_zone_id": "usw2-az2", - "cidr_block": "172.17.32.0/19", - "default_for_az": false, - "filter": null, - "id": "subnet-0fake1d", - "ipv6_cidr_block": null, - "ipv6_cidr_block_association_id": null, - "map_public_ip_on_launch": true, - "outpost_arn": "", - "owner_id": "1234", - "state": "available", - "tags": { - "Name": "oit-oregon-dev-public-b" - }, - "vpc_id": "vpc-0fake1d" - } - }, - { - "address": "data.aws_vpc.vpc", - "mode": "data", - "type": "aws_vpc", - "name": "vpc", - "provider_name": "aws", - "schema_version": 0, - "values": { - "arn": "arn:aws:ec2:us-west-2:***:vpc/vpc-0fake1d", - "cidr_block": "172.17.0.0/16", - "cidr_block_associations": [ - { - "association_id": "vpc-cidr-assoc-0fake1d", - "cidr_block": "172.17.0.0/16", - "state": "associated" - } - ], - "default": false, - "dhcp_options_id": "dopt-0fake1d", - "enable_dns_hostnames": true, - "enable_dns_support": true, - "filter": null, - "id": "vpc-0fake1d", - "instance_tenancy": "default", - "ipv6_association_id": null, - "ipv6_cidr_block": null, - "main_route_table_id": "rtb-0fake1d", - "owner_id": "1234", - "state": "available", - "tags": { - "Name": "oit-oregon-dev" - } - } - } - ], - "address": "module.app.module.acs" - }, - { - "resources": [ - { - "address": "aws_alb.alb", - "mode": "managed", - "type": "aws_alb", - "name": "alb", - "provider_name": "aws", - "schema_version": 0, - "values": { - "access_logs": [ - { - "bucket": "", - "enabled": false, - "prefix": "" - } - ], - "arn": "arn:aws:elasticloadbalancing:us-west-2:***:loadbalancer/app/fake_app-dev-alb/fake1d", - "arn_suffix": "app/fake_app-dev-alb/fake1d", - "dns_name": "fake_app-dev-alb-1234567890.us-west-2.elb.amazonaws.com", - "drop_invalid_header_fields": false, - "enable_cross_zone_load_balancing": null, - "enable_deletion_protection": false, - "enable_http2": true, - "id": "arn:aws:elasticloadbalancing:us-west-2:***:loadbalancer/app/fake_app-dev-alb/fake1d", - "idle_timeout": 60, - "internal": false, - "ip_address_type": "ipv4", - "load_balancer_type": "application", - "name": "fake_app-dev-alb", - "name_prefix": null, - "security_groups": [ - "sg-0fake1d" - ], - "subnet_mapping": [ - { - "allocation_id": "", - "subnet_id": "subnet-0fake1d" - }, - { - "allocation_id": "", - "subnet_id": "subnet-0fake1d" - } - ], - "subnets": [ - "subnet-0fake1d", - "subnet-0fake1d" - ], - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "timeouts": null, - "vpc_id": "vpc-0fake1d", - "zone_id": "FAKE123" - }, - "depends_on": [ - "module.app.module.fargate.aws_security_group.alb-sg" - ] - }, - { - "address": "aws_alb_listener.http_to_https", - "mode": "managed", - "type": "aws_alb_listener", - "name": "http_to_https", - "provider_name": "aws", - "schema_version": 0, - "values": { - "arn": "arn:aws:elasticloadbalancing:us-west-2:***:listener/app/fake_app-dev-alb/fake1d/0fake1d", - "certificate_arn": null, - "default_action": [ - { - "authenticate_cognito": [], - "authenticate_oidc": [], - "fixed_response": [], - "forward": [], - "order": 1, - "redirect": [ - { - "host": "#{host}", - "path": "/#{path}", - "port": "443", - "protocol": "HTTPS", - "query": "#{query}", - "status_code": "HTTP_301" - } - ], - "target_group_arn": "", - "type": "redirect" - } - ], - "id": "arn:aws:elasticloadbalancing:us-west-2:***:listener/app/fake_app-dev-alb/fake1d/0fake1d", - "load_balancer_arn": "arn:aws:elasticloadbalancing:us-west-2:***:loadbalancer/app/fake_app-dev-alb/fake1d", - "port": 80, - "protocol": "HTTP", - "ssl_policy": "", - "timeouts": null - }, - "depends_on": [ - "module.app.module.fargate.aws_alb.alb", - "module.app.module.fargate.aws_alb_listener.https", - "module.app.module.fargate.aws_alb_target_group.blue", - "module.app.module.fargate.aws_alb_target_group.green", - "module.app.module.fargate.aws_security_group.alb-sg" - ] - }, - { - "address": "aws_alb_listener.https", - "mode": "managed", - "type": "aws_alb_listener", - "name": "https", - "provider_name": "aws", - "schema_version": 0, - "values": { - "arn": "arn:aws:elasticloadbalancing:us-west-2:***:listener/app/fake_app-dev-alb/fake1d/0fake1d", - "certificate_arn": "arn:aws:acm:us-west-2:***:certificate/0fake1d", - "default_action": [ - { - "authenticate_cognito": [], - "authenticate_oidc": [], - "fixed_response": [], - "forward": [], - "order": 1, - "redirect": [], - "target_group_arn": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgb/0fake1d", - "type": "forward" - } - ], - "id": "arn:aws:elasticloadbalancing:us-west-2:***:listener/app/fake_app-dev-alb/fake1d/0fake1d", - "load_balancer_arn": "arn:aws:elasticloadbalancing:us-west-2:***:loadbalancer/app/fake_app-dev-alb/fake1d", - "port": 443, - "protocol": "HTTPS", - "ssl_policy": "ELBSecurityPolicy-2016-08", - "timeouts": null - }, - "depends_on": [ - "module.app.module.fargate.aws_alb.alb", - "module.app.module.fargate.aws_alb_target_group.blue", - "module.app.module.fargate.aws_alb_target_group.green", - "module.app.module.fargate.aws_security_group.alb-sg" - ] - }, - { - "address": "aws_alb_target_group.blue", - "mode": "managed", - "type": "aws_alb_target_group", - "name": "blue", - "provider_name": "aws", - "schema_version": 0, - "values": { - "arn": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgb/0fake1d", - "arn_suffix": "targetgroup/fake_app-dev-tgb/0fake1d", - "deregistration_delay": 60, - "health_check": [ - { - "enabled": true, - "healthy_threshold": 3, - "interval": 30, - "matcher": "200", - "path": "/health", - "port": "traffic-port", - "protocol": "HTTP", - "timeout": 5, - "unhealthy_threshold": 3 - } - ], - "id": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgb/0fake1d", - "lambda_multi_value_headers_enabled": false, - "load_balancing_algorithm_type": "least_outstanding_requests", - "name": "fake_app-dev-tgb", - "name_prefix": null, - "port": 8080, - "protocol": "HTTP", - "proxy_protocol_v2": false, - "slow_start": 0, - "stickiness": [ - { - "cookie_duration": 86400, - "enabled": false, - "type": "lb_cookie" - } - ], - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "target_type": "ip", - "vpc_id": "vpc-0fake1d" - }, - "depends_on": [ - "module.app.module.fargate.aws_alb.alb", - "module.app.module.fargate.aws_security_group.alb-sg" - ] - }, - { - "address": "aws_alb_target_group.green", - "mode": "managed", - "type": "aws_alb_target_group", - "name": "green", - "provider_name": "aws", - "schema_version": 0, - "values": { - "arn": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgg/0fake1d", - "arn_suffix": "targetgroup/fake_app-dev-tgg/0fake1d", - "deregistration_delay": 60, - "health_check": [ - { - "enabled": true, - "healthy_threshold": 3, - "interval": 30, - "matcher": "200", - "path": "/health", - "port": "traffic-port", - "protocol": "HTTP", - "timeout": 5, - "unhealthy_threshold": 3 - } - ], - "id": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgg/0fake1d", - "lambda_multi_value_headers_enabled": false, - "load_balancing_algorithm_type": "least_outstanding_requests", - "name": "fake_app-dev-tgg", - "name_prefix": null, - "port": 8080, - "protocol": "HTTP", - "proxy_protocol_v2": false, - "slow_start": 0, - "stickiness": [ - { - "cookie_duration": 86400, - "enabled": false, - "type": "lb_cookie" - } - ], - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "target_type": "ip", - "vpc_id": "vpc-0fake1d" - }, - "depends_on": [ - "module.app.module.fargate.aws_alb.alb", - "module.app.module.fargate.aws_security_group.alb-sg" - ] - }, - { - "address": "aws_cloudwatch_log_group.container_log_group", - "mode": "managed", - "type": "aws_cloudwatch_log_group", - "name": "container_log_group", - "provider_name": "aws", - "schema_version": 0, - "values": { - "arn": "arn:aws:logs:us-west-2:***:log-group:fargate/fake_app-dev:*", - "id": "fargate/fake_app-dev", - "kms_key_id": "", - "name": "fargate/fake_app-dev", - "name_prefix": null, - "retention_in_days": 7, - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - } - } - }, - { - "address": "aws_codedeploy_app.app", - "mode": "managed", - "type": "aws_codedeploy_app", - "name": "app", - "provider_name": "aws", - "schema_version": 0, - "values": { - "compute_platform": "ECS", - "id": "fake1d:fake_app-dev-codedeploy", - "name": "fake_app-dev-codedeploy", - "unique_id": null - } - }, - { - "address": "aws_codedeploy_deployment_group.deploymentgroup", - "mode": "managed", - "type": "aws_codedeploy_deployment_group", - "name": "deploymentgroup", - "provider_name": "aws", - "schema_version": 0, - "values": { - "alarm_configuration": [], - "app_name": "fake_app-dev-codedeploy", - "auto_rollback_configuration": [ - { - "enabled": true, - "events": [ - "DEPLOYMENT_FAILURE" - ] - } - ], - "autoscaling_groups": [], - "blue_green_deployment_config": [ - { - "deployment_ready_option": [ - { - "action_on_timeout": "CONTINUE_DEPLOYMENT", - "wait_time_in_minutes": 0 - } - ], - "green_fleet_provisioning_option": [], - "terminate_blue_instances_on_deployment_success": [ - { - "action": "TERMINATE", - "termination_wait_time_in_minutes": 1 - } - ] - } - ], - "deployment_config_name": "CodeDeployDefault.ECSAllAtOnce", - "deployment_group_name": "fake_app-dev-deployment-group", - "deployment_style": [ - { - "deployment_option": "WITH_TRAFFIC_CONTROL", - "deployment_type": "BLUE_GREEN" - } - ], - "ec2_tag_filter": [], - "ec2_tag_set": [], - "ecs_service": [ - { - "cluster_name": "fake_app-dev", - "service_name": "fake_app-dev" - } - ], - "id": "fake1d", - "load_balancer_info": [ - { - "elb_info": [], - "target_group_info": [], - "target_group_pair_info": [ - { - "prod_traffic_route": [ - { - "listener_arns": [ - "arn:aws:elasticloadbalancing:us-west-2:***:listener/app/fake_app-dev-alb/fake1d/0fake1d" - ] - } - ], - "target_group": [ - { - "name": "fake_app-dev-tgb" - }, - { - "name": "fake_app-dev-tgg" - } - ], - "test_traffic_route": [] - } - ] - } - ], - "on_premises_instance_tag_filter": [], - "service_role_arn": "arn:aws:iam::***:role/PowerBuilder", - "trigger_configuration": [] - }, - "depends_on": [ - "module.app.module.fargate.aws_alb_listener.https", - "module.app.module.fargate.aws_alb_listener.test_listener", - "module.app.module.fargate.aws_alb_target_group.blue", - "module.app.module.fargate.aws_alb_target_group.green", - "module.app.module.fargate.aws_codedeploy_app.app", - "module.app.module.fargate.aws_ecs_cluster.cluster", - "module.app.module.fargate.aws_ecs_service.service" - ] - }, - { - "address": "aws_ecs_cluster.cluster", - "mode": "managed", - "type": "aws_ecs_cluster", - "name": "cluster", - "provider_name": "aws", - "schema_version": 0, - "values": { - "arn": "arn:aws:ecs:us-west-2:***:cluster/fake_app-dev", - "capacity_providers": [], - "default_capacity_provider_strategy": [], - "id": "arn:aws:ecs:us-west-2:***:cluster/fake_app-dev", - "name": "fake_app-dev", - "setting": [ - { - "name": "containerInsights", - "value": "enabled" - } - ], - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - } - } - }, - { - "address": "aws_ecs_service.service", - "mode": "managed", - "type": "aws_ecs_service", - "name": "service", - "provider_name": "aws", - "schema_version": 0, - "values": { - "capacity_provider_strategy": [], - "cluster": "arn:aws:ecs:us-west-2:***:cluster/fake_app-dev", - "deployment_controller": [ - { - "type": "CODE_DEPLOY" - } - ], - "deployment_maximum_percent": 200, - "deployment_minimum_healthy_percent": 100, - "desired_count": 1, - "enable_ecs_managed_tags": false, - "force_new_deployment": null, - "health_check_grace_period_seconds": 0, - "iam_role": "aws-service-role", - "id": "arn:aws:ecs:us-west-2:***:service/fake_app-dev/fake_app-dev", - "launch_type": "FARGATE", - "load_balancer": [ - { - "container_name": "main", - "container_port": 8080, - "elb_name": "", - "target_group_arn": "arn:aws:elasticloadbalancing:us-west-2:***:targetgroup/fake_app-dev-tgb/0fake1d" - } - ], - "name": "fake_app-dev", - "network_configuration": [ - { - "assign_public_ip": true, - "security_groups": [ - "sg-0fake1d" - ], - "subnets": [ - "subnet-0fake1d", - "subnet-0fake1d" - ] - } - ], - "ordered_placement_strategy": [], - "placement_constraints": [], - "placement_strategy": [], - "platform_version": "1.4.0", - "propagate_tags": "NONE", - "scheduling_strategy": "REPLICA", - "service_registries": [], - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "task_definition": "arn:aws:ecs:us-west-2:***:task-definition/fake_app-dev-def:5" - }, - "depends_on": [ - "module.app.module.database.aws_db_instance.database", - "module.app.module.database.aws_security_group.db_security_group", - "module.app.module.database.aws_ssm_parameter.master_password", - "module.app.module.database.aws_ssm_parameter.master_username", - "module.app.module.database.random_password.default", - "module.app.module.fargate.aws_alb.alb", - "module.app.module.fargate.aws_alb_target_group.blue", - "module.app.module.fargate.aws_ecs_cluster.cluster", - "module.app.module.fargate.aws_ecs_task_definition.task_def", - "module.app.module.fargate.aws_iam_role.task_execution_role", - "module.app.module.fargate.aws_iam_role.task_role", - "module.app.module.fargate.aws_security_group.alb-sg", - "module.app.module.fargate.aws_security_group.fargate_service_sg" - ] - }, - { - "address": "aws_ecs_task_definition.task_def", - "mode": "managed", - "type": "aws_ecs_task_definition", - "name": "task_def", - "provider_name": "aws", - "schema_version": 1, - "values": { - "arn": "arn:aws:ecs:us-west-2:***:task-definition/fake_app-dev-def:5", - "container_definitions": "[{\"cpu\":0,\"environment\":[{\"name\":\"ENV\",\"value\":\"dev\"},{\"name\":\"db_url\",\"value\":\"jdbc:mysql://fake_app-dev-db.0fake1d.us-west-2.rds.amazonaws.com:3306/deleteme2dev\"}],\"essential\":true,\"image\":\"***.dkr.ecr.us-west-2.amazonaws.com/fake_app-dev:2020-06-17_17-43-10\",\"logConfiguration\":{\"logDriver\":\"awslogs\",\"options\":{\"awslogs-group\":\"fargate/fake_app-dev\",\"awslogs-region\":\"us-west-2\",\"awslogs-stream-prefix\":\"fake_app-dev\"}},\"mountPoints\":[],\"name\":\"main\",\"portMappings\":[{\"containerPort\":8080,\"hostPort\":8080,\"protocol\":\"tcp\"}],\"privileged\":false,\"secrets\":[{\"name\":\"db_password\",\"valueFrom\":\"arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_password\"},{\"name\":\"db_username\",\"valueFrom\":\"arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_username\"}],\"volumesFrom\":[]}]", - "cpu": "256", - "execution_role_arn": "arn:aws:iam::***:role/fake_app-dev-taskExecutionRole", - "family": "fake_app-dev-def", - "id": "fake_app-dev-def", - "inference_accelerator": [], - "ipc_mode": "", - "memory": "512", - "network_mode": "awsvpc", - "pid_mode": "", - "placement_constraints": [], - "proxy_configuration": [], - "requires_compatibilities": [ - "FARGATE" - ], - "revision": 5, - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "task_role_arn": "arn:aws:iam::***:role/fake_app-dev-taskRole", - "volume": [] - }, - "depends_on": [ - "module.app.module.database.aws_db_instance.database", - "module.app.module.database.aws_ssm_parameter.master_password", - "module.app.module.database.aws_ssm_parameter.master_username", - "module.app.module.fargate.aws_iam_role.task_execution_role", - "module.app.module.fargate.aws_iam_role.task_role" - ] - }, - { - "address": "aws_iam_policy.secrets_access", - "mode": "managed", - "type": "aws_iam_policy", - "name": "secrets_access", - "index": 0, - "provider_name": "aws", - "schema_version": 0, - "values": { - "arn": "arn:aws:iam::***:policy/fake_app-dev_secrets_access", - "description": "", - "id": "arn:aws:iam::***:policy/fake_app-dev_secrets_access", - "name": "fake_app-dev_secrets_access", - "name_prefix": null, - "path": "/", - "policy": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ssm:GetParemetersByPath\",\n \"ssm:GetParameters\",\n \"ssm:GetParameter\"\n ],\n \"Resource\": [\n \"arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_username\",\n \"arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_password\"\n ]\n }\n ]\n}" - }, - "depends_on": [ - "module.app.module.database.aws_db_instance.database", - "module.app.module.database.aws_security_group.db_security_group", - "module.app.module.database.aws_ssm_parameter.master_password", - "module.app.module.database.aws_ssm_parameter.master_username", - "module.app.module.database.random_password.default" - ] - }, - { - "address": "aws_iam_role.task_execution_role", - "mode": "managed", - "type": "aws_iam_role", - "name": "task_execution_role", - "provider_name": "aws", - "schema_version": 0, - "values": { - "arn": "arn:aws:iam::***:role/fake_app-dev-taskExecutionRole", - "assume_role_policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"ecs-tasks.amazonaws.com\"},\"Action\":\"sts:AssumeRole\"}]}", - "create_date": "2020-06-17T14:59:29Z", - "description": "", - "force_detach_policies": false, - "id": "fake_app-dev-taskExecutionRole", - "max_session_duration": 3600, - "name": "fake_app-dev-taskExecutionRole", - "name_prefix": null, - "path": "/", - "permissions_boundary": "arn:aws:iam::***:policy/iamRolePermissionBoundary", - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "unique_id": "FAKE" - } - }, - { - "address": "aws_iam_role.task_role", - "mode": "managed", - "type": "aws_iam_role", - "name": "task_role", - "provider_name": "aws", - "schema_version": 0, - "values": { - "arn": "arn:aws:iam::***:role/fake_app-dev-taskRole", - "assume_role_policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"ecs-tasks.amazonaws.com\"},\"Action\":\"sts:AssumeRole\"}]}", - "create_date": "2020-06-17T14:59:29Z", - "description": "", - "force_detach_policies": false, - "id": "fake_app-dev-taskRole", - "max_session_duration": 3600, - "name": "fake_app-dev-taskRole", - "name_prefix": null, - "path": "/", - "permissions_boundary": "arn:aws:iam::***:policy/iamRolePermissionBoundary", - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "unique_id": "FAKE1D" - } - }, - { - "address": "aws_iam_role_policy_attachment.secret_task_policy_attach", - "mode": "managed", - "type": "aws_iam_role_policy_attachment", - "name": "secret_task_policy_attach", - "index": 0, - "provider_name": "aws", - "schema_version": 0, - "values": { - "id": "fake_app-dev-taskRole-0FAKE1D", - "policy_arn": "arn:aws:iam::***:policy/fake_app-dev_secrets_access", - "role": "fake_app-dev-taskRole" - }, - "depends_on": [ - "module.app.module.database.aws_db_instance.database", - "module.app.module.database.aws_security_group.db_security_group", - "module.app.module.database.aws_ssm_parameter.master_password", - "module.app.module.database.aws_ssm_parameter.master_username", - "module.app.module.database.random_password.default", - "module.app.module.fargate.aws_iam_policy.secrets_access", - "module.app.module.fargate.aws_iam_role.task_role" - ] - }, - { - "address": "aws_iam_role_policy_attachment.secrets_policy_attach", - "mode": "managed", - "type": "aws_iam_role_policy_attachment", - "name": "secrets_policy_attach", - "index": 0, - "provider_name": "aws", - "schema_version": 0, - "values": { - "id": "fake_app-dev-taskExecutionRole-0FAKE1D", - "policy_arn": "arn:aws:iam::***:policy/fake_app-dev_secrets_access", - "role": "fake_app-dev-taskExecutionRole" - }, - "depends_on": [ - "module.app.module.database.aws_db_instance.database", - "module.app.module.database.aws_security_group.db_security_group", - "module.app.module.database.aws_ssm_parameter.master_password", - "module.app.module.database.aws_ssm_parameter.master_username", - "module.app.module.database.random_password.default", - "module.app.module.fargate.aws_iam_policy.secrets_access", - "module.app.module.fargate.aws_iam_role.task_execution_role" - ] - }, - { - "address": "aws_iam_role_policy_attachment.task_execution_policy_attach", - "mode": "managed", - "type": "aws_iam_role_policy_attachment", - "name": "task_execution_policy_attach", - "provider_name": "aws", - "schema_version": 0, - "values": { - "id": "fake_app-dev-taskExecutionRole-0FAKE1D", - "policy_arn": "arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy", - "role": "fake_app-dev-taskExecutionRole" - }, - "depends_on": [ - "module.app.module.fargate.aws_iam_role.task_execution_role" - ] - }, - { - "address": "aws_route53_record.a_record", - "mode": "managed", - "type": "aws_route53_record", - "name": "a_record", - "provider_name": "aws", - "schema_version": 2, - "values": { - "alias": [ - { - "evaluate_target_health": true, - "name": "fake_app-dev-alb-1234567890.us-west-2.elb.amazonaws.com", - "zone_id": "FAKE123" - } - ], - "allow_overwrite": null, - "failover_routing_policy": [], - "fqdn": "fake_app-dev.fake_domain.amazon.byu.edu", - "geolocation_routing_policy": [], - "health_check_id": "", - "id": "Z0FAKE1D_fake_app-dev.fake_domain.amazon.byu.edu._A", - "latency_routing_policy": [], - "multivalue_answer_routing_policy": null, - "name": "fake_app-dev.fake_domain.amazon.byu.edu", - "records": [], - "set_identifier": "", - "ttl": 0, - "type": "A", - "weighted_routing_policy": [], - "zone_id": "Z0FAKE1D" - }, - "depends_on": [ - "module.app.module.fargate.aws_alb.alb", - "module.app.module.fargate.aws_security_group.alb-sg" - ] - }, - { - "address": "aws_route53_record.aaaa_record", - "mode": "managed", - "type": "aws_route53_record", - "name": "aaaa_record", - "provider_name": "aws", - "schema_version": 2, - "values": { - "alias": [ - { - "evaluate_target_health": true, - "name": "fake_app-dev-alb-1234567890.us-west-2.elb.amazonaws.com", - "zone_id": "FAKE123" - } - ], - "allow_overwrite": null, - "failover_routing_policy": [], - "fqdn": "fake_app-dev.fake_domain.amazon.byu.edu", - "geolocation_routing_policy": [], - "health_check_id": "", - "id": "Z0FAKE1D_fake_app-dev.fake_domain.amazon.byu.edu._AAAA", - "latency_routing_policy": [], - "multivalue_answer_routing_policy": null, - "name": "fake_app-dev.fake_domain.amazon.byu.edu", - "records": [], - "set_identifier": "", - "ttl": 0, - "type": "AAAA", - "weighted_routing_policy": [], - "zone_id": "Z0FAKE1D" - }, - "depends_on": [ - "module.app.module.fargate.aws_alb.alb", - "module.app.module.fargate.aws_security_group.alb-sg" - ] - }, - { - "address": "aws_security_group.alb-sg", - "mode": "managed", - "type": "aws_security_group", - "name": "alb-sg", - "provider_name": "aws", - "schema_version": 1, - "values": { - "arn": "arn:aws:ec2:us-west-2:***:security-group/sg-0fake1d", - "description": "Controls access to the fake_app-dev-alb", - "egress": [ - { - "cidr_blocks": [ - "0.0.0.0/0" - ], - "description": "", - "from_port": 0, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "-1", - "security_groups": [], - "self": false, - "to_port": 0 - } - ], - "id": "sg-0fake1d", - "ingress": [ - { - "cidr_blocks": [ - "0.0.0.0/0" - ], - "description": "", - "from_port": 443, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "tcp", - "security_groups": [], - "self": false, - "to_port": 443 - }, - { - "cidr_blocks": [ - "0.0.0.0/0" - ], - "description": "", - "from_port": 80, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "tcp", - "security_groups": [], - "self": false, - "to_port": 80 - } - ], - "name": "fake_app-dev-alb-sg", - "name_prefix": null, - "owner_id": "***", - "revoke_rules_on_delete": false, - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "timeouts": null, - "vpc_id": "vpc-0fake1d" - } - }, - { - "address": "aws_security_group.fargate_service_sg", - "mode": "managed", - "type": "aws_security_group", - "name": "fargate_service_sg", - "provider_name": "aws", - "schema_version": 1, - "values": { - "arn": "arn:aws:ec2:us-west-2:***:security-group/sg-0fake1d", - "description": "Controls access to the Fargate Service", - "egress": [ - { - "cidr_blocks": [ - "0.0.0.0/0" - ], - "description": "", - "from_port": 0, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "-1", - "security_groups": [], - "self": false, - "to_port": 0 - } - ], - "id": "sg-0fake1d", - "ingress": [ - { - "cidr_blocks": [], - "description": "", - "from_port": 0, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "tcp", - "security_groups": [ - "sg-0fake1d" - ], - "self": false, - "to_port": 65535 - } - ], - "name": "fake_app-dev-fargate-sg", - "name_prefix": null, - "owner_id": "***", - "revoke_rules_on_delete": false, - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "timeouts": null, - "vpc_id": "vpc-0fake1d" - }, - "depends_on": [ - "module.app.module.fargate.aws_security_group.alb-sg" - ] - }, - { - "address": "data.aws_caller_identity.current", - "mode": "data", - "type": "aws_caller_identity", - "name": "current", - "provider_name": "aws", - "schema_version": 0, - "values": { - "account_id": "***", - "arn": "arn:aws:iam::***:user/GitHub-Actions", - "id": "2020-06-24 19:40:09.549125511 +0000 UTC", - "user_id": "FAKE" - } - }, - { - "address": "data.aws_iam_policy_document.secrets_access", - "mode": "data", - "type": "aws_iam_policy_document", - "name": "secrets_access", - "index": 0, - "provider_name": "aws", - "schema_version": 0, - "values": { - "id": "1234567890", - "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ssm:GetParemetersByPath\",\n \"ssm:GetParameters\",\n \"ssm:GetParameter\"\n ],\n \"Resource\": [\n \"arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_username\",\n \"arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_password\"\n ]\n }\n ]\n}", - "override_json": null, - "policy_id": null, - "source_json": null, - "statement": [ - { - "actions": [ - "ssm:GetParameter", - "ssm:GetParameters", - "ssm:GetParemetersByPath" - ], - "condition": [], - "effect": "Allow", - "not_actions": [], - "not_principals": [], - "not_resources": [], - "principals": [], - "resources": [ - "arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_password", - "arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_username" - ], - "sid": "" - } - ], - "version": "2012-10-17" - } - }, - { - "address": "data.aws_iam_policy_document.task_execution_policy", - "mode": "data", - "type": "aws_iam_policy_document", - "name": "task_execution_policy", - "provider_name": "aws", - "schema_version": 0, - "values": { - "id": "1234567890", - "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"ecs-tasks.amazonaws.com\"\n }\n }\n ]\n}", - "override_json": null, - "policy_id": null, - "source_json": null, - "statement": [ - { - "actions": [ - "sts:AssumeRole" - ], - "condition": [], - "effect": "Allow", - "not_actions": [], - "not_principals": [], - "not_resources": [], - "principals": [ - { - "identifiers": [ - "ecs-tasks.amazonaws.com" - ], - "type": "Service" - } - ], - "resources": [], - "sid": "" - } - ], - "version": "2012-10-17" - } - }, - { - "address": "data.aws_iam_policy_document.task_policy", - "mode": "data", - "type": "aws_iam_policy_document", - "name": "task_policy", - "provider_name": "aws", - "schema_version": 0, - "values": { - "id": "1234567890", - "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"ecs-tasks.amazonaws.com\"\n }\n }\n ]\n}", - "override_json": null, - "policy_id": null, - "source_json": null, - "statement": [ - { - "actions": [ - "sts:AssumeRole" - ], - "condition": [], - "effect": "Allow", - "not_actions": [], - "not_principals": [], - "not_resources": [], - "principals": [ - { - "identifiers": [ - "ecs-tasks.amazonaws.com" - ], - "type": "Service" - } - ], - "resources": [], - "sid": "" - } - ], - "version": "2012-10-17" - } - }, - { - "address": "data.aws_region.current", - "mode": "data", - "type": "aws_region", - "name": "current", - "provider_name": "aws", - "schema_version": 0, - "values": { - "current": null, - "description": "US West (Oregon)", - "endpoint": "ec2.us-west-2.amazonaws.com", - "id": "us-west-2", - "name": "us-west-2" - } - } - ], - "address": "module.app.module.fargate" - }, - { - "resources": [ - { - "address": "aws_db_instance.database", - "mode": "managed", - "type": "aws_db_instance", - "name": "database", - "provider_name": "aws", - "schema_version": 1, - "values": { - "address": "fake_app-dev-db.0fake1d.us-west-2.rds.amazonaws.com", - "allocated_storage": 32, - "allow_major_version_upgrade": null, - "apply_immediately": null, - "arn": "arn:aws:rds:us-west-2:***:db:fake_app-dev-db", - "auto_minor_version_upgrade": true, - "availability_zone": "us-west-2b", - "backup_retention_period": 7, - "backup_window": "07:01-07:31", - "ca_cert_identifier": "rds-ca-2019", - "character_set_name": null, - "copy_tags_to_snapshot": true, - "db_subnet_group_name": "oit-oregon-dev-db-subnet-group", - "delete_automated_backups": true, - "deletion_protection": true, - "domain": "", - "domain_iam_role_name": "", - "enabled_cloudwatch_logs_exports": [ - "error", - "general", - "slowquery" - ], - "endpoint": "fake_app-dev-db.0fake1d.us-west-2.rds.amazonaws.com:3306", - "engine": "mysql", - "engine_version": "8.0.11", - "final_snapshot_identifier": "fake_app-dev-db-final-snapshot", - "hosted_zone_id": "ZFAKE1D", - "iam_database_authentication_enabled": false, - "id": "fake_app-dev-db", - "identifier": "fake_app-dev-db", - "identifier_prefix": null, - "instance_class": "db.t2.small", - "iops": 0, - "kms_key_id": "arn:aws:kms:us-west-2:***:key/cfake1d", - "license_model": "general-public-license", - "maintenance_window": "thu:11:33-thu:12:03", - "max_allocated_storage": 0, - "monitoring_interval": 0, - "monitoring_role_arn": "", - "multi_az": false, - "name": "deleteme2dev", - "option_group_name": "default:mysql-8-0", - "parameter_group_name": "default.mysql8.0", - "password": "*******", - "performance_insights_enabled": false, - "performance_insights_kms_key_id": "", - "performance_insights_retention_period": 0, - "port": 3306, - "publicly_accessible": false, - "replicas": [], - "replicate_source_db": "", - "resource_id": "db-FAKE1D", - "s3_import": [], - "security_group_names": [], - "skip_final_snapshot": true, - "snapshot_identifier": null, - "status": "available", - "storage_encrypted": true, - "storage_type": "gp2", - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "timeouts": null, - "timezone": "", - "username": "*******", - "vpc_security_group_ids": [ - "sg-0fake1d" - ] - }, - "depends_on": [ - "module.app.module.database.aws_security_group.db_security_group", - "module.app.module.database.aws_ssm_parameter.master_password", - "module.app.module.database.aws_ssm_parameter.master_username", - "module.app.module.database.random_password.default" - ] - }, - { - "address": "aws_security_group.db_security_group", - "mode": "managed", - "type": "aws_security_group", - "name": "db_security_group", - "provider_name": "aws", - "schema_version": 1, - "values": { - "arn": "arn:aws:ec2:us-west-2:***:security-group/sg-0fake1d", - "description": "Security group for fake_app-dev-db RDS instance", - "egress": [], - "id": "sg-0fake1d", - "ingress": [ - { - "cidr_blocks": [], - "description": "", - "from_port": 3306, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "tcp", - "security_groups": [ - "sg-0fake1d" - ], - "self": false, - "to_port": 3306 - } - ], - "name": "fake_app-dev-db-db_sg", - "name_prefix": null, - "owner_id": "***", - "revoke_rules_on_delete": false, - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "timeouts": null, - "vpc_id": "vpc-0fake1d" - } - }, - { - "address": "aws_ssm_parameter.master_password", - "mode": "managed", - "type": "aws_ssm_parameter", - "name": "master_password", - "provider_name": "aws", - "schema_version": 0, - "values": { - "allowed_pattern": "", - "arn": "arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_password", - "description": "fake_app-dev-db Database master password", - "id": "/fake_app-dev-db/master_password", - "key_id": "alias/aws/ssm", - "name": "/fake_app-dev-db/master_password", - "overwrite": null, - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "tier": "Standard", - "type": "SecureString", - "value": "*******", - "version": 1 - }, - "depends_on": [ - "module.app.module.database.random_password.default" - ] - }, - { - "address": "aws_ssm_parameter.master_username", - "mode": "managed", - "type": "aws_ssm_parameter", - "name": "master_username", - "provider_name": "aws", - "schema_version": 0, - "values": { - "allowed_pattern": "", - "arn": "arn:aws:ssm:us-west-2:***:parameter/fake_app-dev-db/master_username", - "description": "fake_app-dev-db Database master username", - "id": "/fake_app-dev-db/master_username", - "key_id": "", - "name": "/fake_app-dev-db/master_username", - "overwrite": null, - "tags": { - "app": "fake_app-dev", - "data-sensitivity": "confidential", - "repo": "https://github.com/byu-oit/fake_app", - "team": "FAKE_TEAM" - }, - "tier": "Standard", - "type": "String", - "value": "*****", - "version": 1 - } - }, - { - "address": "random_password.default", - "mode": "managed", - "type": "random_password", - "name": "default", - "index": 0, - "provider_name": "random", - "schema_version": 0, - "values": { - "id": "none", - "keepers": { - "recreate_password": "false" - }, - "length": 32, - "lower": true, - "min_lower": 0, - "min_numeric": 0, - "min_special": 0, - "min_upper": 0, - "number": true, - "override_special": null, - "result": "*******", - "special": false, - "upper": true - } - } - ], - "address": "module.app.module.database" - } - ] - } - ] - } - } - }, - "configuration": { - "provider_config": { - "app.acs:aws.virginia": { - "name": "aws", - "alias": "virginia", - "module_address": "app.acs", - "expressions": { - "region": { - "constant_value": "us-east-1" - } - } - }, - "aws": { - "name": "aws", - "version_constraint": "~\u003e 2.42", - "expressions": { - "region": { - "constant_value": "us-west-2" - } - } - } - }, - "*******_module": { - "outputs": { - "codedeploy_app_name": { - "expression": { - "references": [ - "module.app.codedeploy_app_name" - ] - } - }, - "codedeploy_appspec_json_file": { - "expression": { - "references": [ - "module.app.codedeploy_appspec_json_file" - ] - } - }, - "codedeploy_deployment_group_name": { - "expression": { - "references": [ - "module.app.codedeploy_deployment_group_name" - ] - } - } - }, - "module_calls": { - "app": { - "source": "../../modules/app", - "expressions": { - "app_name": { - "constant_value": "fake_app" - }, - "autoscaling_config": { - "constant_value": null - }, - "codedeploy_termination_wait_time": { - "constant_value": 1 - }, - "db_allocated_storage": { - "constant_value": 32 - }, - "db_instance_class": { - "constant_value": "db.t2.small" - }, - "env": { - "constant_value": "dev" - }, - "image_tag": { - "references": [ - "var.image_tag" - ] - } - }, - "module": { - "outputs": { - "codedeploy_app_name": { - "expression": { - "references": [ - "module.fargate.codedeploy_deployment_group" - ] - } - }, - "codedeploy_appspec_json_file": { - "expression": { - "references": [ - "module.fargate.codedeploy_appspec_json_file" - ] - } - }, - "codedeploy_deployment_group_name": { - "expression": { - "references": [ - "module.fargate.codedeploy_deployment_group" - ] - } - } - }, - "resources": [ - { - "address": "aws_security_group_rule.db_access", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "db_access", - "provider_config_key": "app:aws", - "expressions": { - "from_port": { - "constant_value": 3306 - }, - "protocol": { - "constant_value": "tcp" - }, - "security_group_id": { - "references": [ - "module.database.security_group" - ] - }, - "source_security_group_id": { - "references": [ - "module.fargate.fargate_service_security_group" - ] - }, - "to_port": { - "constant_value": 3306 - }, - "type": { - "constant_value": "ingress" - } - }, - "schema_version": 2 - }, - { - "address": "data.aws_ecr_repository.ecr_repo", - "mode": "data", - "type": "aws_ecr_repository", - "name": "ecr_repo", - "provider_config_key": "app:aws", - "expressions": { - "name": { - "references": [ - "local.app_name" - ] - } - }, - "schema_version": 0 - } - ], - "module_calls": { - "acs": { - "source": "github.com/byu-oit/terraform-aws-acs-info.git?ref=v2.0.0", - "module": { - "outputs": { - "certificate": { - "expression": { - "references": [ - "local.zone_id", - "data.aws_acm_certificate.cert[0]" - ] - } - }, - "certificate_virginia": { - "expression": { - "references": [ - "local.zone_id", - "data.aws_acm_certificate.virginia[0]" - ] - } - }, - "data_subnet_ids": { - "expression": { - "references": [ - "local.data_a_subnet_id", - "data.aws_subnet.data_a[0]", - "data.aws_subnet.data_b[0]" - ] - } - }, - "data_subnets": { - "expression": { - "references": [ - "local.data_a_subnet_id", - "data.aws_subnet.data_a[0]", - "data.aws_subnet.data_b[0]" - ] - } - }, - "db_subnet_group_name": { - "expression": { - "references": [ - "local.vpc_name" - ] - } - }, - "github_token": { - "expression": { - "references": [ - "local.github_token" - ] - } - }, - "oracle_security_group": { - "expression": { - "references": [ - "local.oracle_security_group_id", - "data.aws_security_group.oracle[0]" - ] - } - }, - "power_builder_role": { - "expression": { - "references": [ - "data.aws_iam_role.power_builder" - ] - } - }, - "power_user_role": { - "expression": { - "references": [ - "data.aws_iam_role.power_user" - ] - } - }, - "private_subnet_ids": { - "expression": { - "references": [ - "local.private_a_subnet_id", - "data.aws_subnet.private_a[0]", - "data.aws_subnet.private_b[0]" - ] - } - }, - "private_subnets": { - "expression": { - "references": [ - "local.private_a_subnet_id", - "data.aws_subnet.private_a[0]", - "data.aws_subnet.private_b[0]" - ] - } - }, - "public_subnet_ids": { - "expression": { - "references": [ - "local.public_a_subnet_id", - "data.aws_subnet.public_a[0]", - "data.aws_subnet.public_b[0]" - ] - } - }, - "public_subnets": { - "expression": { - "references": [ - "local.public_a_subnet_id", - "data.aws_subnet.public_a[0]", - "data.aws_subnet.public_b[0]" - ] - } - }, - "rds_security_group": { - "expression": { - "references": [ - "data.aws_security_group.rds" - ] - } - }, - "role_permissions_boundary": { - "expression": { - "references": [ - "local.role_permission_boundary_arn", - "data.aws_iam_policy.role_permission_boundary[0]" - ] - } - }, - "route53_zone": { - "expression": { - "references": [ - "local.zone_id", - "data.aws_route53_zone.zone[0]" - ] - } - }, - "ssh_rdp_security_group": { - "expression": { - "references": [ - "data.aws_security_group.ssh_rdp" - ] - } - }, - "user_permissions_boundary": { - "expression": { - "references": [ - "local.user_permission_boundary_arn", - "data.aws_iam_policy.user_permission_boundary[0]" - ] - } - }, - "vpc": { - "expression": { - "references": [ - "data.aws_vpc.vpc" - ] - } - } - }, - "resources": [ - { - "address": "data.aws_acm_certificate.cert", - "mode": "data", - "type": "aws_acm_certificate", - "name": "cert", - "provider_config_key": "acs:aws", - "expressions": { - "domain": { - "references": [ - "data.aws_route53_zone.zone[0]" - ] - } - }, - "schema_version": 0, - "count_expression": { - "references": [ - "local.zone_id" - ] - } - }, - { - "address": "data.aws_acm_certificate.virginia", - "mode": "data", - "type": "aws_acm_certificate", - "name": "virginia", - "provider_config_key": "acs:aws.virginia", - "expressions": { - "domain": { - "references": [ - "data.aws_route53_zone.zone[0]" - ] - } - }, - "schema_version": 0, - "count_expression": { - "references": [ - "local.zone_id" - ] - } - }, - { - "address": "data.aws_iam_account_alias.current", - "mode": "data", - "type": "aws_iam_account_alias", - "name": "current", - "provider_config_key": "acs:aws", - "schema_version": 0 - }, - { - "address": "data.aws_iam_policy.role_permission_boundary", - "mode": "data", - "type": "aws_iam_policy", - "name": "role_permission_boundary", - "provider_config_key": "acs:aws", - "expressions": { - "arn": { - "references": [ - "local.role_permission_boundary_arn" - ] - } - }, - "schema_version": 0, - "count_expression": { - "references": [ - "local.role_permission_boundary_arn" - ] - } - }, - { - "address": "data.aws_iam_policy.user_permission_boundary", - "mode": "data", - "type": "aws_iam_policy", - "name": "user_permission_boundary", - "provider_config_key": "acs:aws", - "expressions": { - "arn": { - "references": [ - "local.user_permission_boundary_arn" - ] - } - }, - "schema_version": 0, - "count_expression": { - "references": [ - "local.user_permission_boundary_arn" - ] - } - }, - { - "address": "data.aws_iam_role.power_builder", - "mode": "data", - "type": "aws_iam_role", - "name": "power_builder", - "provider_config_key": "acs:aws", - "expressions": { - "name": { - "constant_value": "PowerBuilder" - } - }, - "schema_version": 0 - }, - { - "address": "data.aws_iam_role.power_user", - "mode": "data", - "type": "aws_iam_role", - "name": "power_user", - "provider_config_key": "acs:aws", - "expressions": { - "name": { - "constant_value": "PowerUser" - } - }, - "schema_version": 0 - }, - { - "address": "data.aws_iam_role.read_only", - "mode": "data", - "type": "aws_iam_role", - "name": "read_only", - "provider_config_key": "acs:aws", - "expressions": { - "name": { - "constant_value": "ReadOnly" - } - }, - "schema_version": 0 - }, - { - "address": "data.aws_region.current", - "mode": "data", - "type": "aws_region", - "name": "current", - "provider_config_key": "acs:aws", - "schema_version": 0 - }, - { - "address": "data.aws_route53_zone.zone", - "mode": "data", - "type": "aws_route53_zone", - "name": "zone", - "provider_config_key": "acs:aws", - "expressions": { - "zone_id": { - "references": [ - "local.zone_id" - ] - } - }, - "schema_version": 0, - "count_expression": { - "references": [ - "local.zone_id" - ] - } - }, - { - "address": "data.aws_security_group.oracle", - "mode": "data", - "type": "aws_security_group", - "name": "oracle", - "provider_config_key": "acs:aws", - "expressions": { - "id": { - "references": [ - "local.oracle_security_group_id" - ] - } - }, - "schema_version": 0, - "count_expression": { - "references": [ - "local.oracle_security_group_id" - ] - } - }, - { - "address": "data.aws_security_group.rds", - "mode": "data", - "type": "aws_security_group", - "name": "rds", - "provider_config_key": "acs:aws", - "expressions": { - "filter": [ - { - "name": { - "constant_value": "vpc-id" - }, - "values": { - "references": [ - "data.aws_vpc.vpc" - ] - } - }, - { - "name": { - "constant_value": "group-name" - }, - "values": { - "constant_value": [ - "*rds_security_group*" - ] - } - } - ] - }, - "schema_version": 0 - }, - { - "address": "data.aws_security_group.ssh_rdp", - "mode": "data", - "type": "aws_security_group", - "name": "ssh_rdp", - "provider_config_key": "acs:aws", - "expressions": { - "filter": [ - { - "name": { - "constant_value": "vpc-id" - }, - "values": { - "references": [ - "data.aws_vpc.vpc" - ] - } - }, - { - "name": { - "constant_value": "group-name" - }, - "values": { - "constant_value": [ - "*ssh_rdp*" - ] - } - } - ] - }, - "schema_version": 0 - }, - { - "address": "data.aws_ssm_parameter.acs_parameters", - "mode": "data", - "type": "aws_ssm_parameter", - "name": "acs_parameters", - "provider_config_key": "acs:aws", - "expressions": { - "name": { - "constant_value": "acsParameters" - } - }, - "schema_version": 0 - }, - { - "address": "data.aws_subnet.data_a", - "mode": "data", - "type": "aws_subnet", - "name": "data_a", - "provider_config_key": "acs:aws", - "expressions": { - "id": { - "references": [ - "local.data_a_subnet_id" - ] - } - }, - "schema_version": 0, - "count_expression": { - "references": [ - "local.data_a_subnet_id" - ] - } - }, - { - "address": "data.aws_subnet.data_b", - "mode": "data", - "type": "aws_subnet", - "name": "data_b", - "provider_config_key": "acs:aws", - "expressions": { - "id": { - "references": [ - "local.data_b_subnet_id" - ] - } - }, - "schema_version": 0, - "count_expression": { - "references": [ - "local.data_b_subnet_id" - ] - } - }, - { - "address": "data.aws_subnet.private_a", - "mode": "data", - "type": "aws_subnet", - "name": "private_a", - "provider_config_key": "acs:aws", - "expressions": { - "id": { - "references": [ - "local.private_a_subnet_id" - ] - } - }, - "schema_version": 0, - "count_expression": { - "references": [ - "local.private_a_subnet_id" - ] - } - }, - { - "address": "data.aws_subnet.private_b", - "mode": "data", - "type": "aws_subnet", - "name": "private_b", - "provider_config_key": "acs:aws", - "expressions": { - "id": { - "references": [ - "local.private_b_subnet_id" - ] - } - }, - "schema_version": 0, - "count_expression": { - "references": [ - "local.private_b_subnet_id" - ] - } - }, - { - "address": "data.aws_subnet.public_a", - "mode": "data", - "type": "aws_subnet", - "name": "public_a", - "provider_config_key": "acs:aws", - "expressions": { - "id": { - "references": [ - "local.public_a_subnet_id" - ] - } - }, - "schema_version": 0, - "count_expression": { - "references": [ - "local.public_a_subnet_id" - ] - } - }, - { - "address": "data.aws_subnet.public_b", - "mode": "data", - "type": "aws_subnet", - "name": "public_b", - "provider_config_key": "acs:aws", - "expressions": { - "id": { - "references": [ - "local.public_b_subnet_id" - ] - } - }, - "schema_version": 0, - "count_expression": { - "references": [ - "local.public_b_subnet_id" - ] - } - }, - { - "address": "data.aws_vpc.vpc", - "mode": "data", - "type": "aws_vpc", - "name": "vpc", - "provider_config_key": "acs:aws", - "expressions": { - "tags": { - "references": [ - "local.vpc_name" - ] - } - }, - "schema_version": 0 - } - ], - "variables": { - "vpc_vpn_to_campus": { - "default": false, - "description": "Retrieve VPC info for the VPC that has VPN access to campus (defaults to false)." - } - } - } - }, - "database": { - "source": "github.com/byu-oit/terraform-aws-rds?ref=v0.3.0", - "expressions": { - "allocated_storage": { - "references": [ - "var.db_allocated_storage" - ] - }, - "cloudwatch_logs_exports": { - "constant_value": [ - "error", - "general", - "slowquery" - ] - }, - "db_name": { - "references": [ - "local.app_name" - ] - }, - "deletion_protection": { - "constant_value": true - }, - "engine": { - "constant_value": "mysql" - }, - "engine_version": { - "constant_value": "8.0" - }, - "identifier": { - "references": [ - "local.app_name" - ] - }, - "instance_class": { - "references": [ - "var.db_instance_class" - ] - }, - "master_username": { - "constant_value": "*******" - }, - "skip_final_snapshot": { - "constant_value": true - }, - "storage_encrypted": { - "constant_value": true - }, - "subnet_group_name": { - "references": [ - "module.acs.db_subnet_group_name" - ] - }, - "subnet_ids": { - "references": [ - "module.acs.data_subnet_ids" - ] - }, - "tags": { - "references": [ - "local.default_tags" - ] - }, - "vpc_id": { - "references": [ - "module.acs.vpc" - ] - } - }, - "module": { - "outputs": { - "instance": { - "expression": { - "references": [ - "aws_db_instance.database" - ] - } - }, - "master_password_parameter": { - "sensitive": true, - "expression": { - "references": [ - "aws_ssm_parameter.master_password" - ] - } - }, - "master_username_parameter": { - "expression": { - "references": [ - "aws_ssm_parameter.master_username" - ] - } - }, - "security_group": { - "expression": { - "references": [ - "aws_security_group.db_security_group" - ] - } - } - }, - "resources": [ - { - "address": "aws_db_instance.database", - "mode": "managed", - "type": "aws_db_instance", - "name": "database", - "provider_config_key": "database:aws", - "expressions": { - "allocated_storage": { - "references": [ - "var.allocated_storage" - ] - }, - "backup_retention_period": { - "references": [ - "var.backup_retention_period" - ] - }, - "backup_window": { - "references": [ - "var.backup_window" - ] - }, - "copy_tags_to_snapshot": { - "constant_value": true - }, - "db_subnet_group_name": { - "references": [ - "var.subnet_group_name" - ] - }, - "deletion_protection": { - "references": [ - "var.deletion_protection" - ] - }, - "enabled_cloudwatch_logs_exports": { - "references": [ - "var.cloudwatch_logs_exports" - ] - }, - "engine": { - "references": [ - "var.engine" - ] - }, - "engine_version": { - "references": [ - "var.engine_version" - ] - }, - "final_snapshot_identifier": { - "references": [ - "var.identifier" - ] - }, - "identifier": { - "references": [ - "var.identifier" - ] - }, - "instance_class": { - "references": [ - "var.instance_class" - ] - }, - "maintenance_window": { - "references": [ - "var.maintenance_window" - ] - }, - "name": { - "references": [ - "var.db_name" - ] - }, - "password": { - "references": [ - "var.master_password", - "var.master_password", - "aws_ssm_parameter.master_password" - ] - }, - "skip_final_snapshot": { - "references": [ - "var.skip_final_snapshot" - ] - }, - "storage_encrypted": { - "references": [ - "var.storage_encrypted" - ] - }, - "storage_type": { - "references": [ - "var.storage_type" - ] - }, - "tags": { - "references": [ - "var.tags" - ] - }, - "username": { - "references": [ - "var.master_username", - "var.master_username", - "aws_ssm_parameter.master_username" - ] - }, - "vpc_security_group_ids": { - "references": [ - "aws_security_group.db_security_group" - ] - } - }, - "schema_version": 1 - }, - { - "address": "aws_security_group.db_security_group", - "mode": "managed", - "type": "aws_security_group", - "name": "db_security_group", - "provider_config_key": "database:aws", - "expressions": { - "description": { - "references": [ - "var.identifier" - ] - }, - "name": { - "references": [ - "var.identifier" - ] - }, - "tags": { - "references": [ - "var.tags" - ] - }, - "vpc_id": { - "references": [ - "var.vpc_id" - ] - } - }, - "schema_version": 1 - }, - { - "address": "aws_ssm_parameter.master_password", - "mode": "managed", - "type": "aws_ssm_parameter", - "name": "master_password", - "provider_config_key": "database:aws", - "expressions": { - "description": { - "references": [ - "var.identifier" - ] - }, - "name": { - "references": [ - "var.identifier" - ] - }, - "tags": { - "references": [ - "var.tags" - ] - }, - "type": { - "constant_value": "SecureString" - }, - "value": { - "references": [ - "var.master_password", - "var.master_password", - "random_password.default[0]" - ] - } - }, - "schema_version": 0 - }, - { - "address": "aws_ssm_parameter.master_username", - "mode": "managed", - "type": "aws_ssm_parameter", - "name": "master_username", - "provider_config_key": "database:aws", - "expressions": { - "description": { - "references": [ - "var.identifier" - ] - }, - "name": { - "references": [ - "var.identifier" - ] - }, - "tags": { - "references": [ - "var.tags" - ] - }, - "type": { - "constant_value": "String" - }, - "value": { - "references": [ - "var.master_username", - "var.master_username", - "var.identifier" - ] - } - }, - "schema_version": 0 - }, - { - "address": "random_password.default", - "mode": "managed", - "type": "random_password", - "name": "default", - "provider_config_key": "database:random", - "expressions": { - "keepers": { - "constant_value": { - "recreate_password": false - } - }, - "length": { - "constant_value": 32 - }, - "special": { - "constant_value": false - } - }, - "schema_version": 0, - "count_expression": { - "references": [ - "var.master_password" - ] - } - } - ], - "variables": { - "allocated_storage": { - "default": 32, - "description": "The amount of storage to be allocated for the database" - }, - "backup_retention_period": { - "default": 7, - "description": "The days to retain backups for. Must be between 0 and 35. Must be greater than 0 if the database is used as a source for a Read Replica." - }, - "backup_window": { - "default": "07:01-07:31", - "description": "The daily time range (in UTC) during which automated backups are created if they are enabled. Example: \"09:46-10:16\". Must not overlap with maintenance_window." - }, - "cloudwatch_logs_exports": { - "default": [ - "audit", - "error", - "general", - "slowquery" - ], - "description": "List of log types to enable for exporting to CloudWatch logs. Each engine has different valid values. Defaults to mysql ['audit', 'error', 'general', 'slowquery']" - }, - "db_name": { - "default": null, - "description": "The name for a database to be created in the RDS instance." - }, - "deletion_protection": { - "default": true, - "description": "If the DB instance should have deletion protection enabled. The database can't be deleted when this value is set to true. The default is true" - }, - "engine": { - "description": "The engine to be used for the database" - }, - "engine_version": { - "description": "The engine version to use." - }, - "identifier": { - "description": "Identifier for the DB Instance" - }, - "instance_class": { - "default": "db.t2.small", - "description": "The instance type to use for the database" - }, - "maintenance_window": { - "default": null, - "description": "The window to perform maintenance in. Syntax: \"ddd:hh24:mi-ddd:hh24:mi\". Eg: \"Mon:00:00-Mon:03:00\"." - }, - "master_password": { - "default": null, - "description": "Password for the master username" - }, - "master_username": { - "default": null, - "description": "Master username for the database instance." - }, - "skip_final_snapshot": { - "default": false, - "description": "If true, skips final snapshot on destroy." - }, - "storage_encrypted": { - "default": true, - "description": "Specifies whether the DB instance is encrypted. Defaults to true." - }, - "storage_type": { - "default": "gp2", - "description": "Storage type for the database. 'standard' (magnetic) or 'gp2' (general purpose SSD). Defaults to gp2" - }, - "subnet_group_name": { - "description": "Subnet group name" - }, - "subnet_ids": { - "description": "A list of VPC subnet IDs to put the RDS instance on." - }, - "tags": { - "default": {}, - "description": "A map of AWS Tags to attach to each resource created" - }, - "vpc_id": { - "description": "VPC ID to put the RDS instance on." - } - } - } - }, - "fargate": { - "source": "github.com/byu-oit/terraform-aws-fargate-api?ref=v2.1.0", - "expressions": { - "app_name": { - "references": [ - "local.app_name" - ] - }, - "autoscaling_config": { - "references": [ - "var.autoscaling_config" - ] - }, - "codedeploy_service_role_arn": { - "references": [ - "module.acs.power_builder_role" - ] - }, - "codedeploy_termination_wait_time": { - "references": [ - "var.codedeploy_termination_wait_time" - ] - }, - "container_port": { - "constant_value": 8080 - }, - "health_check_path": { - "constant_value": "/health" - }, - "hosted_zone": { - "references": [ - "module.acs.route53_zone" - ] - }, - "https_certificate_arn": { - "references": [ - "module.acs.certificate" - ] - }, - "primary_container_definition": { - "references": [ - "data.aws_ecr_repository.ecr_repo", - "var.image_tag", - "var.env", - "module.database.instance", - "module.database.instance", - "module.database.master_username_parameter", - "module.database.master_password_parameter" - ] - }, - "private_subnet_ids": { - "references": [ - "module.acs.private_subnet_ids" - ] - }, - "public_subnet_ids": { - "references": [ - "module.acs.public_subnet_ids" - ] - }, - "role_permissions_boundary_arn": { - "references": [ - "module.acs.role_permissions_boundary" - ] - }, - "tags": { - "references": [ - "local.default_tags" - ] - }, - "vpc_id": { - "references": [ - "module.acs.vpc" - ] - } - }, - "module": { - "outputs": { - "alb": { - "expression": { - "references": [ - "aws_alb.alb" - ] - } - }, - "alb_security_group": { - "expression": { - "references": [ - "aws_security_group.alb-sg" - ] - } - }, - "autoscaling_step_down_policy": { - "expression": { - "references": [ - "var.autoscaling_config", - "aws_appautoscaling_policy.down" - ] - } - }, - "autoscaling_step_up_policy": { - "expression": { - "references": [ - "var.autoscaling_config", - "aws_appautoscaling_policy.up" - ] - } - }, - "cloudwatch_log_group": { - "expression": { - "references": [ - "aws_cloudwatch_log_group.container_log_group" - ] - } - }, - "codedeploy_appspec_json_file": { - "expression": { - "references": [ - "local_file.appspec_json" - ] - } - }, - "codedeploy_deployment_group": { - "expression": { - "references": [ - "aws_codedeploy_deployment_group.deploymentgroup" - ] - } - }, - "dns_record": { - "expression": { - "references": [ - "aws_route53_record.a_record" - ] - } - }, - "fargate_service": { - "expression": { - "references": [ - "aws_ecs_service.service" - ] - } - }, - "fargate_service_security_group": { - "expression": { - "references": [ - "aws_security_group.fargate_service_sg" - ] - } - }, - "task_definition": { - "expression": { - "references": [ - "aws_ecs_task_definition.task_def" - ] - } - } - }, - "resources": [ - { - "address": "aws_alb.alb", - "mode": "managed", - "type": "aws_alb", - "name": "alb", - "provider_config_key": "fargate:aws", - "expressions": { - "name": { - "references": [ - "local.alb_name" - ] - }, - "security_groups": { - "references": [ - "aws_security_group.alb-sg" - ] - }, - "subnets": { - "references": [ - "var.public_subnet_ids" - ] - }, - "tags": { - "references": [ - "var.tags" - ] - } - }, - "schema_version": 0 - }, - { - "address": "aws_alb_listener.http_to_https", - "mode": "managed", - "type": "aws_alb_listener", - "name": "http_to_https", - "provider_config_key": "fargate:aws", - "expressions": { - "default_action": [ - { - "redirect": [ - { - "port": { - "references": [ - "aws_alb_listener.https" - ] - }, - "protocol": { - "references": [ - "aws_alb_listener.https" - ] - }, - "status_code": { - "constant_value": "HTTP_301" - } - } - ], - "type": { - "constant_value": "redirect" - } - } - ], - "load_balancer_arn": { - "references": [ - "aws_alb.alb" - ] - }, - "port": { - "constant_value": 80 - }, - "protocol": { - "constant_value": "HTTP" - } - }, - "schema_version": 0 - }, - { - "address": "aws_alb_listener.https", - "mode": "managed", - "type": "aws_alb_listener", - "name": "https", - "provider_config_key": "fargate:aws", - "expressions": { - "certificate_arn": { - "references": [ - "var.https_certificate_arn" - ] - }, - "default_action": [ - { - "target_group_arn": { - "references": [ - "aws_alb_target_group.blue" - ] - }, - "type": { - "constant_value": "forward" - } - } - ], - "load_balancer_arn": { - "references": [ - "aws_alb.alb" - ] - }, - "port": { - "constant_value": 443 - }, - "protocol": { - "constant_value": "HTTPS" - } - }, - "schema_version": 0, - "depends_on": [ - "aws_alb_target_group.blue", - "aws_alb_target_group.green" - ] - }, - { - "address": "aws_alb_listener.test_listener", - "mode": "managed", - "type": "aws_alb_listener", - "name": "test_listener", - "provider_config_key": "fargate:aws", - "expressions": { - "certificate_arn": { - "references": [ - "var.https_certificate_arn" - ] - }, - "default_action": [ - { - "target_group_arn": { - "references": [ - "aws_alb_target_group.blue" - ] - }, - "type": { - "constant_value": "forward" - } - } - ], - "load_balancer_arn": { - "references": [ - "aws_alb.alb" - ] - }, - "port": { - "references": [ - "var.codedeploy_test_listener_port" - ] - }, - "protocol": { - "constant_value": "HTTPS" - } - }, - "schema_version": 0, - "count_expression": { - "references": [ - "var.codedeploy_test_listener_port" - ] - }, - "depends_on": [ - "aws_alb_target_group.blue", - "aws_alb_target_group.green" - ] - }, - { - "address": "aws_alb_target_group.blue", - "mode": "managed", - "type": "aws_alb_target_group", - "name": "blue", - "provider_config_key": "fargate:aws", - "expressions": { - "deregistration_delay": { - "references": [ - "var.target_group_deregistration_delay" - ] - }, - "health_check": [ - { - "healthy_threshold": { - "references": [ - "var.health_check_healthy_threshold" - ] - }, - "interval": { - "references": [ - "var.health_check_interval" - ] - }, - "path": { - "references": [ - "var.health_check_path" - ] - }, - "timeout": { - "references": [ - "var.health_check_timeout" - ] - }, - "unhealthy_threshold": { - "references": [ - "var.health_check_unhealthy_threshold" - ] - } - } - ], - "load_balancing_algorithm_type": { - "constant_value": "least_outstanding_requests" - }, - "name": { - "references": [ - "var.app_name" - ] - }, - "port": { - "references": [ - "var.container_port" - ] - }, - "protocol": { - "constant_value": "HTTP" - }, - "tags": { - "references": [ - "var.tags" - ] - }, - "target_type": { - "constant_value": "ip" - }, - "vpc_id": { - "references": [ - "var.vpc_id" - ] - } - }, - "schema_version": 0, - "depends_on": [ - "aws_alb.alb" - ] - }, - { - "address": "aws_alb_target_group.green", - "mode": "managed", - "type": "aws_alb_target_group", - "name": "green", - "provider_config_key": "fargate:aws", - "expressions": { - "deregistration_delay": { - "references": [ - "var.target_group_deregistration_delay" - ] - }, - "health_check": [ - { - "healthy_threshold": { - "references": [ - "var.health_check_healthy_threshold" - ] - }, - "interval": { - "references": [ - "var.health_check_interval" - ] - }, - "path": { - "references": [ - "var.health_check_path" - ] - }, - "timeout": { - "references": [ - "var.health_check_timeout" - ] - }, - "unhealthy_threshold": { - "references": [ - "var.health_check_unhealthy_threshold" - ] - } - } - ], - "load_balancing_algorithm_type": { - "constant_value": "least_outstanding_requests" - }, - "name": { - "references": [ - "var.app_name" - ] - }, - "port": { - "references": [ - "var.container_port" - ] - }, - "protocol": { - "constant_value": "HTTP" - }, - "tags": { - "references": [ - "var.tags" - ] - }, - "target_type": { - "constant_value": "ip" - }, - "vpc_id": { - "references": [ - "var.vpc_id" - ] - } - }, - "schema_version": 0, - "depends_on": [ - "aws_alb.alb" - ] - }, - { - "address": "aws_appautoscaling_policy.down", - "mode": "managed", - "type": "aws_appautoscaling_policy", - "name": "down", - "provider_config_key": "fargate:aws", - "expressions": { - "name": { - "references": [ - "var.app_name" - ] - }, - "resource_id": { - "references": [ - "aws_appautoscaling_target.default[0]" - ] - }, - "scalable_dimension": { - "references": [ - "aws_appautoscaling_target.default[0]" - ] - }, - "service_namespace": { - "references": [ - "aws_appautoscaling_target.default[0]" - ] - }, - "step_scaling_policy_configuration": [ - { - "adjustment_type": { - "constant_value": "ChangeInCapacity" - }, - "cooldown": { - "constant_value": 300 - }, - "metric_aggregation_type": { - "constant_value": "Average" - }, - "step_adjustment": [ - { - "metric_interval_upper_bound": { - "constant_value": 0 - }, - "scaling_adjustment": { - "constant_value": -1 - } - } - ] - } - ] - }, - "schema_version": 0, - "count_expression": { - "references": [ - "var.autoscaling_config" - ] - } - }, - { - "address": "aws_appautoscaling_policy.up", - "mode": "managed", - "type": "aws_appautoscaling_policy", - "name": "up", - "provider_config_key": "fargate:aws", - "expressions": { - "name": { - "references": [ - "var.app_name" - ] - }, - "resource_id": { - "references": [ - "aws_appautoscaling_target.default[0]" - ] - }, - "scalable_dimension": { - "references": [ - "aws_appautoscaling_target.default[0]" - ] - }, - "service_namespace": { - "references": [ - "aws_appautoscaling_target.default[0]" - ] - }, - "step_scaling_policy_configuration": [ - { - "adjustment_type": { - "constant_value": "ChangeInCapacity" - }, - "cooldown": { - "constant_value": 300 - }, - "metric_aggregation_type": { - "constant_value": "Average" - }, - "step_adjustment": [ - { - "metric_interval_lower_bound": { - "constant_value": 0 - }, - "scaling_adjustment": { - "constant_value": 1 - } - } - ] - } - ] - }, - "schema_version": 0, - "count_expression": { - "references": [ - "var.autoscaling_config" - ] - } - }, - { - "address": "aws_appautoscaling_target.default", - "mode": "managed", - "type": "aws_appautoscaling_target", - "name": "default", - "provider_config_key": "fargate:aws", - "expressions": { - "max_capacity": { - "references": [ - "var.autoscaling_config" - ] - }, - "min_capacity": { - "references": [ - "var.autoscaling_config" - ] - }, - "resource_id": { - "references": [ - "aws_ecs_cluster.cluster", - "aws_ecs_service.service" - ] - }, - "scalable_dimension": { - "constant_value": "ecs:service:DesiredCount" - }, - "service_namespace": { - "constant_value": "ecs" - } - }, - "schema_version": 0, - "count_expression": { - "references": [ - "var.autoscaling_config" - ] - } - }, - { - "address": "aws_cloudwatch_log_group.container_log_group", - "mode": "managed", - "type": "aws_cloudwatch_log_group", - "name": "container_log_group", - "provider_config_key": "fargate:aws", - "expressions": { - "name": { - "references": [ - "local.cloudwatch_log_group_name" - ] - }, - "retention_in_days": { - "references": [ - "var.log_retention_in_days" - ] - }, - "tags": { - "references": [ - "var.tags" - ] - } - }, - "schema_version": 0 - }, - { - "address": "aws_cloudwatch_metric_alarm.down", - "mode": "managed", - "type": "aws_cloudwatch_metric_alarm", - "name": "down", - "provider_config_key": "fargate:aws", - "expressions": { - "alarm_actions": { - "references": [ - "aws_appautoscaling_policy.down[0]" - ] - }, - "alarm_name": { - "references": [ - "var.app_name" - ] - }, - "comparison_operator": { - "constant_value": "LessThanThreshold" - }, - "dimensions": { - "references": [ - "aws_ecs_cluster.cluster", - "aws_ecs_service.service" - ] - }, - "evaluation_periods": { - "constant_value": 5 - }, - "metric_name": { - "constant_value": "CPUUtilization" - }, - "namespace": { - "constant_value": "AWS/ECS" - }, - "period": { - "constant_value": 300 - }, - "statistic": { - "constant_value": "Average" - }, - "tags": { - "references": [ - "var.tags" - ] - }, - "threshold": { - "constant_value": 25 - } - }, - "schema_version": 1, - "count_expression": { - "references": [ - "var.autoscaling_config" - ] - } - }, - { - "address": "aws_cloudwatch_metric_alarm.up", - "mode": "managed", - "type": "aws_cloudwatch_metric_alarm", - "name": "up", - "provider_config_key": "fargate:aws", - "expressions": { - "alarm_actions": { - "references": [ - "aws_appautoscaling_policy.up[0]" - ] - }, - "alarm_name": { - "references": [ - "var.app_name" - ] - }, - "comparison_operator": { - "constant_value": "GreaterThanThreshold" - }, - "dimensions": { - "references": [ - "aws_ecs_cluster.cluster", - "aws_ecs_service.service" - ] - }, - "evaluation_periods": { - "constant_value": 5 - }, - "metric_name": { - "constant_value": "CPUUtilization" - }, - "namespace": { - "constant_value": "AWS/ECS" - }, - "period": { - "constant_value": 300 - }, - "statistic": { - "constant_value": "Average" - }, - "tags": { - "references": [ - "var.tags" - ] - }, - "threshold": { - "constant_value": 75 - } - }, - "schema_version": 1, - "count_expression": { - "references": [ - "var.autoscaling_config" - ] - } - }, - { - "address": "aws_codedeploy_app.app", - "mode": "managed", - "type": "aws_codedeploy_app", - "name": "app", - "provider_config_key": "fargate:aws", - "expressions": { - "compute_platform": { - "constant_value": "ECS" - }, - "name": { - "references": [ - "var.app_name" - ] - } - }, - "schema_version": 0 - }, - { - "address": "aws_codedeploy_deployment_group.deploymentgroup", - "mode": "managed", - "type": "aws_codedeploy_deployment_group", - "name": "deploymentgroup", - "provider_config_key": "fargate:aws", - "expressions": { - "app_name": { - "references": [ - "aws_codedeploy_app.app" - ] - }, - "auto_rollback_configuration": [ - { - "enabled": { - "constant_value": true - }, - "events": { - "constant_value": [ - "DEPLOYMENT_FAILURE" - ] - } - } - ], - "blue_green_deployment_config": [ - { - "deployment_ready_option": [ - { - "action_on_timeout": { - "constant_value": "CONTINUE_DEPLOYMENT" - } - } - ], - "terminate_blue_instances_on_deployment_success": [ - { - "action": { - "constant_value": "TERMINATE" - }, - "termination_wait_time_in_minutes": { - "references": [ - "var.codedeploy_termination_wait_time" - ] - } - } - ] - } - ], - "deployment_config_name": { - "constant_value": "CodeDeployDefault.ECSAllAtOnce" - }, - "deployment_group_name": { - "references": [ - "var.app_name" - ] - }, - "deployment_style": [ - { - "deployment_option": { - "constant_value": "WITH_TRAFFIC_CONTROL" - }, - "deployment_type": { - "constant_value": "BLUE_GREEN" - } - } - ], - "ecs_service": [ - { - "cluster_name": { - "references": [ - "aws_ecs_cluster.cluster" - ] - }, - "service_name": { - "references": [ - "aws_ecs_service.service" - ] - } - } - ], - "load_balancer_info": [ - { - "target_group_pair_info": [ - { - "prod_traffic_route": [ - { - "listener_arns": { - "references": [ - "aws_alb_listener.https" - ] - } - } - ], - "target_group": [ - { - "name": { - "references": [ - "aws_alb_target_group.blue" - ] - } - }, - { - "name": { - "references": [ - "aws_alb_target_group.green" - ] - } - } - ], - "test_traffic_route": [ - { - "listener_arns": { - "references": [ - "var.codedeploy_test_listener_port", - "aws_alb_listener.test_listener[0]" - ] - } - } - ] - } - ] - } - ], - "service_role_arn": { - "references": [ - "var.codedeploy_service_role_arn" - ] - } - }, - "schema_version": 0 - }, - { - "address": "aws_ecs_cluster.cluster", - "mode": "managed", - "type": "aws_ecs_cluster", - "name": "cluster", - "provider_config_key": "fargate:aws", - "expressions": { - "name": { - "references": [ - "var.app_name" - ] - }, - "tags": { - "references": [ - "var.tags" - ] - } - }, - "schema_version": 0 - }, - { - "address": "aws_ecs_service.service", - "mode": "managed", - "type": "aws_ecs_service", - "name": "service", - "provider_config_key": "fargate:aws", - "expressions": { - "cluster": { - "references": [ - "aws_ecs_cluster.cluster" - ] - }, - "deployment_controller": [ - { - "type": { - "constant_value": "CODE_DEPLOY" - } - } - ], - "desired_count": { - "references": [ - "var.autoscaling_config", - "var.autoscaling_config" - ] - }, - "health_check_grace_period_seconds": { - "references": [ - "var.health_check_grace_period" - ] - }, - "launch_type": { - "constant_value": "FARGATE" - }, - "load_balancer": [ - { - "container_name": { - "references": [ - "var.primary_container_definition" - ] - }, - "container_port": { - "references": [ - "var.container_port" - ] - }, - "target_group_arn": { - "references": [ - "aws_alb_target_group.blue" - ] - } - } - ], - "name": { - "references": [ - "local.service_name" - ] - }, - "network_configuration": [ - { - "assign_public_ip": { - "constant_value": true - }, - "security_groups": { - "references": [ - "aws_security_group.fargate_service_sg", - "var.security_groups" - ] - }, - "subnets": { - "references": [ - "var.private_subnet_ids" - ] - } - } - ], - "platform_version": { - "constant_value": "1.4.0" - }, - "tags": { - "references": [ - "var.tags" - ] - }, - "task_definition": { - "references": [ - "aws_ecs_task_definition.task_def" - ] - } - }, - "schema_version": 0 - }, - { - "address": "aws_ecs_task_definition.task_def", - "mode": "managed", - "type": "aws_ecs_task_definition", - "name": "task_def", - "provider_config_key": "fargate:aws", - "expressions": { - "container_definitions": { - "references": [ - "local.container_definitions" - ] - }, - "cpu": { - "references": [ - "var.task_cpu" - ] - }, - "execution_role_arn": { - "references": [ - "aws_iam_role.task_execution_role" - ] - }, - "family": { - "references": [ - "var.app_name" - ] - }, - "memory": { - "references": [ - "var.task_memory" - ] - }, - "network_mode": { - "constant_value": "awsvpc" - }, - "requires_compatibilities": { - "constant_value": [ - "FARGATE" - ] - }, - "tags": { - "references": [ - "var.tags" - ] - }, - "task_role_arn": { - "references": [ - "aws_iam_role.task_role" - ] - } - }, - "schema_version": 1 - }, - { - "address": "aws_iam_policy.secrets_access", - "mode": "managed", - "type": "aws_iam_policy", - "name": "secrets_access", - "provider_config_key": "fargate:aws", - "expressions": { - "name": { - "references": [ - "var.app_name" - ] - }, - "policy": { - "references": [ - "data.aws_iam_policy_document.secrets_access[0]" - ] - } - }, - "schema_version": 0, - "count_expression": { - "references": [ - "local.has_secrets" - ] - } - }, - { - "address": "aws_iam_role.task_execution_role", - "mode": "managed", - "type": "aws_iam_role", - "name": "task_execution_role", - "provider_config_key": "fargate:aws", - "expressions": { - "assume_role_policy": { - "references": [ - "data.aws_iam_policy_document.task_execution_policy" - ] - }, - "name": { - "references": [ - "var.app_name" - ] - }, - "permissions_boundary": { - "references": [ - "var.role_permissions_boundary_arn" - ] - }, - "tags": { - "references": [ - "var.tags" - ] - } - }, - "schema_version": 0 - }, - { - "address": "aws_iam_role.task_role", - "mode": "managed", - "type": "aws_iam_role", - "name": "task_role", - "provider_config_key": "fargate:aws", - "expressions": { - "assume_role_policy": { - "references": [ - "data.aws_iam_policy_document.task_policy" - ] - }, - "name": { - "references": [ - "var.app_name" - ] - }, - "permissions_boundary": { - "references": [ - "var.role_permissions_boundary_arn" - ] - }, - "tags": { - "references": [ - "var.tags" - ] - } - }, - "schema_version": 0 - }, - { - "address": "aws_iam_role_policy_attachment.secret_task_policy_attach", - "mode": "managed", - "type": "aws_iam_role_policy_attachment", - "name": "secret_task_policy_attach", - "provider_config_key": "fargate:aws", - "expressions": { - "policy_arn": { - "references": [ - "aws_iam_policy.secrets_access[0]" - ] - }, - "role": { - "references": [ - "aws_iam_role.task_role" - ] - } - }, - "schema_version": 0, - "count_expression": { - "references": [ - "local.has_secrets" - ] - } - }, - { - "address": "aws_iam_role_policy_attachment.secrets_policy_attach", - "mode": "managed", - "type": "aws_iam_role_policy_attachment", - "name": "secrets_policy_attach", - "provider_config_key": "fargate:aws", - "expressions": { - "policy_arn": { - "references": [ - "aws_iam_policy.secrets_access[0]" - ] - }, - "role": { - "references": [ - "aws_iam_role.task_execution_role" - ] - } - }, - "schema_version": 0, - "count_expression": { - "references": [ - "local.has_secrets" - ] - } - }, - { - "address": "aws_iam_role_policy_attachment.task_execution_policy_attach", - "mode": "managed", - "type": "aws_iam_role_policy_attachment", - "name": "task_execution_policy_attach", - "provider_config_key": "fargate:aws", - "expressions": { - "policy_arn": { - "constant_value": "arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy" - }, - "role": { - "references": [ - "aws_iam_role.task_execution_role" - ] - } - }, - "schema_version": 0 - }, - { - "address": "aws_iam_role_policy_attachment.task_policy_attach", - "mode": "managed", - "type": "aws_iam_role_policy_attachment", - "name": "task_policy_attach", - "provider_config_key": "fargate:aws", - "expressions": { - "policy_arn": { - "references": [ - "var.task_policies", - "count.index" - ] - }, - "role": { - "references": [ - "aws_iam_role.task_role" - ] - } - }, - "schema_version": 0, - "count_expression": { - "references": [ - "var.task_policies" - ] - } - }, - { - "address": "aws_route53_record.a_record", - "mode": "managed", - "type": "aws_route53_record", - "name": "a_record", - "provider_config_key": "fargate:aws", - "expressions": { - "alias": [ - { - "evaluate_target_health": { - "constant_value": true - }, - "name": { - "references": [ - "aws_alb.alb" - ] - }, - "zone_id": { - "references": [ - "aws_alb.alb" - ] - } - } - ], - "name": { - "references": [ - "local.app_domain_url" - ] - }, - "type": { - "constant_value": "A" - }, - "zone_id": { - "references": [ - "var.hosted_zone" - ] - } - }, - "schema_version": 2 - }, - { - "address": "aws_route53_record.aaaa_record", - "mode": "managed", - "type": "aws_route53_record", - "name": "aaaa_record", - "provider_config_key": "fargate:aws", - "expressions": { - "alias": [ - { - "evaluate_target_health": { - "constant_value": true - }, - "name": { - "references": [ - "aws_alb.alb" - ] - }, - "zone_id": { - "references": [ - "aws_alb.alb" - ] - } - } - ], - "name": { - "references": [ - "local.app_domain_url" - ] - }, - "type": { - "constant_value": "AAAA" - }, - "zone_id": { - "references": [ - "var.hosted_zone" - ] - } - }, - "schema_version": 2 - }, - { - "address": "aws_security_group.alb-sg", - "mode": "managed", - "type": "aws_security_group", - "name": "alb-sg", - "provider_config_key": "fargate:aws", - "expressions": { - "description": { - "references": [ - "local.alb_name" - ] - }, - "name": { - "references": [ - "local.alb_name" - ] - }, - "tags": { - "references": [ - "var.tags" - ] - }, - "vpc_id": { - "references": [ - "var.vpc_id" - ] - } - }, - "schema_version": 1 - }, - { - "address": "aws_security_group.fargate_service_sg", - "mode": "managed", - "type": "aws_security_group", - "name": "fargate_service_sg", - "provider_config_key": "fargate:aws", - "expressions": { - "description": { - "constant_value": "Controls access to the Fargate Service" - }, - "name": { - "references": [ - "var.app_name" - ] - }, - "tags": { - "references": [ - "var.tags" - ] - }, - "vpc_id": { - "references": [ - "var.vpc_id" - ] - } - }, - "schema_version": 1 - }, - { - "address": "local_file.appspec_json", - "mode": "managed", - "type": "local_file", - "name": "appspec_json", - "provider_config_key": "fargate:local", - "expressions": { - "content": { - "references": [ - "aws_ecs_task_definition.task_def", - "var.primary_container_definition", - "var.container_port", - "local.hooks" - ] - }, - "filename": { - "references": [ - "path.cwd" - ] - } - }, - "schema_version": 0 - }, - { - "address": "data.aws_caller_identity.current", - "mode": "data", - "type": "aws_caller_identity", - "name": "current", - "provider_config_key": "fargate:aws", - "schema_version": 0 - }, - { - "address": "data.aws_iam_policy_document.secrets_access", - "mode": "data", - "type": "aws_iam_policy_document", - "name": "secrets_access", - "provider_config_key": "fargate:aws", - "expressions": { - "statement": [ - { - "actions": { - "constant_value": [ - "ssm:GetParameters", - "ssm:GetParameter", - "ssm:GetParemetersByPath" - ] - }, - "effect": { - "constant_value": "Allow" - }, - "resources": { - "references": [ - "local.secrets_arns" - ] - } - } - ], - "version": { - "constant_value": "2012-10-17" - } - }, - "schema_version": 0, - "count_expression": { - "references": [ - "local.has_secrets" - ] - } - }, - { - "address": "data.aws_iam_policy_document.task_execution_policy", - "mode": "data", - "type": "aws_iam_policy_document", - "name": "task_execution_policy", - "provider_config_key": "fargate:aws", - "expressions": { - "statement": [ - { - "actions": { - "constant_value": [ - "sts:AssumeRole" - ] - }, - "effect": { - "constant_value": "Allow" - }, - "principals": [ - { - "identifiers": { - "constant_value": [ - "ecs-tasks.amazonaws.com" - ] - }, - "type": { - "constant_value": "Service" - } - } - ] - } - ], - "version": { - "constant_value": "2012-10-17" - } - }, - "schema_version": 0 - }, - { - "address": "data.aws_iam_policy_document.task_policy", - "mode": "data", - "type": "aws_iam_policy_document", - "name": "task_policy", - "provider_config_key": "fargate:aws", - "expressions": { - "statement": [ - { - "actions": { - "constant_value": [ - "sts:AssumeRole" - ] - }, - "effect": { - "constant_value": "Allow" - }, - "principals": [ - { - "identifiers": { - "constant_value": [ - "ecs-tasks.amazonaws.com" - ] - }, - "type": { - "constant_value": "Service" - } - } - ] - } - ], - "version": { - "constant_value": "2012-10-17" - } - }, - "schema_version": 0 - }, - { - "address": "data.aws_region.current", - "mode": "data", - "type": "aws_region", - "name": "current", - "provider_config_key": "fargate:aws", - "schema_version": 0 - } - ], - "variables": { - "app_name": { - "description": "Application name to name your Fargate API and other resources. Must be \u003c= 24 characters." - }, - "autoscaling_config": { - "description": "Configuration for default autoscaling policies and alarms. Set to null if you want to set up your own autoscaling policies and alarms." - }, - "codedeploy_lifecycle_hooks": { - "default": null, - "description": "Define Lambda Functions for CodeDeploy lifecycle event hooks. Or set this variable to null to not have any lifecycle hooks invoked. Defaults to null" - }, - "codedeploy_service_role_arn": { - "description": "ARN of the IAM Role for the CodeDeploy to use to initiate new deployments. (usually the PowerBuilder Role)" - }, - "codedeploy_termination_wait_time": { - "default": 15, - "description": "The number of minutes to wait after a successful blue/green deployment before terminating instances from the original environment. Defaults to 15" - }, - "codedeploy_test_listener_port": { - "default": null, - "description": "The port for a codedeploy test listener. If provided CodeDeploy will use this port for test traffic on the new replacement set during the blue-green deployment process before shifting production traffic to the replacement set. Defaults to null" - }, - "container_port": { - "description": "The port the primary docker container is listening on" - }, - "extra_container_definitions": { - "default": [], - "description": "A list of extra container definitions. Defaults to []" - }, - "health_check_grace_period": { - "default": 0, - "description": "Health check grace period in seconds. Defaults to 0." - }, - "health_check_healthy_threshold": { - "default": 3, - "description": "Health check healthy threshold; number of consecutive health checks required before considering target as healthy. Defaults to 3." - }, - "health_check_interval": { - "default": 30, - "description": "Health check interval; amount of time, in seconds, between health checks of an individual target. Defaults to 30." - }, - "health_check_path": { - "default": "/", - "description": "Health check path for the image. Defaults to \"/\"." - }, - "health_check_timeout": { - "default": 5, - "description": "Health check timeout; amount of time, in seconds, during which no response means a failed health check. Defaults to 5." - }, - "health_check_unhealthy_threshold": { - "default": 3, - "description": "Health check unhealthy threshold; number of consecutive failed health checks required before considering target as unhealthy. Defaults to 3." - }, - "hosted_zone": { - "description": "Hosted Zone object to redirect to ALB. (Can pass in the aws_hosted_zone object). A and AAAA records created in this hosted zone." - }, - "https_certificate_arn": { - "description": "ARN of the HTTPS certificate of the hosted zone/domain." - }, - "log_retention_in_days": { - "default": 7, - "description": "CloudWatch log group retention in days. Defaults to 7." - }, - "primary_container_definition": { - "description": "The primary container definition for your application. This one will be the only container that receives traffic from the ALB, so make sure the 'ports' field contains the same port as the 'image_port'" - }, - "private_subnet_ids": { - "description": "List of subnet IDs for the fargate service." - }, - "public_subnet_ids": { - "description": "List of subnet IDs for the ALB." - }, - "role_permissions_boundary_arn": { - "description": "ARN of the IAM Role permissions boundary to place on each IAM role created." - }, - "security_groups": { - "default": [], - "description": "List of extra security group IDs to attach to the fargate task." - }, - "tags": { - "default": {}, - "description": "A map of AWS Tags to attach to each resource created" - }, - "target_group_deregistration_delay": { - "default": 60, - "description": "Deregistration delay in seconds for ALB target groups. Defaults to 60 seconds." - }, - "task_cpu": { - "default": 256, - "description": "CPU for the task definition. Defaults to 256." - }, - "task_memory": { - "default": 512, - "description": "Memory for the task definition. Defaults to 512." - }, - "task_policies": { - "default": [], - "description": "List of IAM Policy ARNs to attach to the task execution policy." - }, - "vpc_id": { - "description": "VPC ID to deploy ECS fargate service." - } - } - } - } - }, - "variables": { - "app_name": {}, - "autoscaling_config": {}, - "codedeploy_termination_wait_time": {}, - "db_allocated_storage": {}, - "db_instance_class": {}, - "env": {}, - "image_tag": { - "description": "Docker image tag, tags need to be immutable. Usually a timestamp set by the CICD pipeline." - } - } - } - } - }, - "variables": { - "image_tag": { - "description": "Docker image tag, tags need to be immutable. Usually a timestamp set by the CICD pipeline." - } - } - } - } -} diff --git a/__tests__/test.tf b/__tests__/test.tf new file mode 100644 index 0000000..9c6eb92 --- /dev/null +++ b/__tests__/test.tf @@ -0,0 +1,10 @@ +resource "local_file" "fake_file" { + filename = "test.txt" + content = "Hello ${random_pet.name.id}" +} + +resource "random_pet" "name"{ + keepers = { + uuid = uuid() + } +} diff --git a/action.yml b/action.yml index e00eaff..74afb42 100644 --- a/action.yml +++ b/action.yml @@ -5,9 +5,9 @@ inputs: github_token: required: true description: 'github token' - terraform_plan_json_file: + terraform_plan_file: required: true - description: JSON file of the terraform plan + description: File name of the terraform plan runs: using: 'node12' main: 'dist/index.js' diff --git a/dist/index.js b/dist/index.js index aa3acd2..c78727a 100644 --- a/dist/index.js +++ b/dist/index.js @@ -43,6 +43,303 @@ module.exports = /************************************************************************/ /******/ ({ +/***/ 1: +/***/ (function(__unusedmodule, exports, __webpack_require__) { + +"use strict"; + +var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { + function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } + return new (P || (P = Promise))(function (resolve, reject) { + function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } + function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } + function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } + step((generator = generator.apply(thisArg, _arguments || [])).next()); + }); +}; +Object.defineProperty(exports, "__esModule", { value: true }); +const childProcess = __webpack_require__(129); +const path = __webpack_require__(622); +const util_1 = __webpack_require__(669); +const ioUtil = __webpack_require__(672); +const exec = util_1.promisify(childProcess.exec); +/** + * Copies a file or folder. + * Based off of shelljs - https://github.com/shelljs/shelljs/blob/9237f66c52e5daa40458f94f9565e18e8132f5a6/src/cp.js + * + * @param source source path + * @param dest destination path + * @param options optional. See CopyOptions. + */ +function cp(source, dest, options = {}) { + return __awaiter(this, void 0, void 0, function* () { + const { force, recursive } = readCopyOptions(options); + const destStat = (yield ioUtil.exists(dest)) ? yield ioUtil.stat(dest) : null; + // Dest is an existing file, but not forcing + if (destStat && destStat.isFile() && !force) { + return; + } + // If dest is an existing directory, should copy inside. + const newDest = destStat && destStat.isDirectory() + ? path.join(dest, path.basename(source)) + : dest; + if (!(yield ioUtil.exists(source))) { + throw new Error(`no such file or directory: ${source}`); + } + const sourceStat = yield ioUtil.stat(source); + if (sourceStat.isDirectory()) { + if (!recursive) { + throw new Error(`Failed to copy. ${source} is a directory, but tried to copy without recursive flag.`); + } + else { + yield cpDirRecursive(source, newDest, 0, force); + } + } + else { + if (path.relative(source, newDest) === '') { + // a file cannot be copied to itself + throw new Error(`'${newDest}' and '${source}' are the same file`); + } + yield copyFile(source, newDest, force); + } + }); +} +exports.cp = cp; +/** + * Moves a path. + * + * @param source source path + * @param dest destination path + * @param options optional. See MoveOptions. + */ +function mv(source, dest, options = {}) { + return __awaiter(this, void 0, void 0, function* () { + if (yield ioUtil.exists(dest)) { + let destExists = true; + if (yield ioUtil.isDirectory(dest)) { + // If dest is directory copy src into dest + dest = path.join(dest, path.basename(source)); + destExists = yield ioUtil.exists(dest); + } + if (destExists) { + if (options.force == null || options.force) { + yield rmRF(dest); + } + else { + throw new Error('Destination already exists'); + } + } + } + yield mkdirP(path.dirname(dest)); + yield ioUtil.rename(source, dest); + }); +} +exports.mv = mv; +/** + * Remove a path recursively with force + * + * @param inputPath path to remove + */ +function rmRF(inputPath) { + return __awaiter(this, void 0, void 0, function* () { + if (ioUtil.IS_WINDOWS) { + // Node doesn't provide a delete operation, only an unlink function. This means that if the file is being used by another + // program (e.g. antivirus), it won't be deleted. To address this, we shell out the work to rd/del. + try { + if (yield ioUtil.isDirectory(inputPath, true)) { + yield exec(`rd /s /q "${inputPath}"`); + } + else { + yield exec(`del /f /a "${inputPath}"`); + } + } + catch (err) { + // if you try to delete a file that doesn't exist, desired result is achieved + // other errors are valid + if (err.code !== 'ENOENT') + throw err; + } + // Shelling out fails to remove a symlink folder with missing source, this unlink catches that + try { + yield ioUtil.unlink(inputPath); + } + catch (err) { + // if you try to delete a file that doesn't exist, desired result is achieved + // other errors are valid + if (err.code !== 'ENOENT') + throw err; + } + } + else { + let isDir = false; + try { + isDir = yield ioUtil.isDirectory(inputPath); + } + catch (err) { + // if you try to delete a file that doesn't exist, desired result is achieved + // other errors are valid + if (err.code !== 'ENOENT') + throw err; + return; + } + if (isDir) { + yield exec(`rm -rf "${inputPath}"`); + } + else { + yield ioUtil.unlink(inputPath); + } + } + }); +} +exports.rmRF = rmRF; +/** + * Make a directory. Creates the full path with folders in between + * Will throw if it fails + * + * @param fsPath path to create + * @returns Promise + */ +function mkdirP(fsPath) { + return __awaiter(this, void 0, void 0, function* () { + yield ioUtil.mkdirP(fsPath); + }); +} +exports.mkdirP = mkdirP; +/** + * Returns path of a tool had the tool actually been invoked. Resolves via paths. + * If you check and the tool does not exist, it will throw. + * + * @param tool name of the tool + * @param check whether to check if tool exists + * @returns Promise path to tool + */ +function which(tool, check) { + return __awaiter(this, void 0, void 0, function* () { + if (!tool) { + throw new Error("parameter 'tool' is required"); + } + // recursive when check=true + if (check) { + const result = yield which(tool, false); + if (!result) { + if (ioUtil.IS_WINDOWS) { + throw new Error(`Unable to locate executable file: ${tool}. Please verify either the file path exists or the file can be found within a directory specified by the PATH environment variable. Also verify the file has a valid extension for an executable file.`); + } + else { + throw new Error(`Unable to locate executable file: ${tool}. Please verify either the file path exists or the file can be found within a directory specified by the PATH environment variable. Also check the file mode to verify the file is executable.`); + } + } + } + try { + // build the list of extensions to try + const extensions = []; + if (ioUtil.IS_WINDOWS && process.env.PATHEXT) { + for (const extension of process.env.PATHEXT.split(path.delimiter)) { + if (extension) { + extensions.push(extension); + } + } + } + // if it's rooted, return it if exists. otherwise return empty. + if (ioUtil.isRooted(tool)) { + const filePath = yield ioUtil.tryGetExecutablePath(tool, extensions); + if (filePath) { + return filePath; + } + return ''; + } + // if any path separators, return empty + if (tool.includes('/') || (ioUtil.IS_WINDOWS && tool.includes('\\'))) { + return ''; + } + // build the list of directories + // + // Note, technically "where" checks the current directory on Windows. From a toolkit perspective, + // it feels like we should not do this. Checking the current directory seems like more of a use + // case of a shell, and the which() function exposed by the toolkit should strive for consistency + // across platforms. + const directories = []; + if (process.env.PATH) { + for (const p of process.env.PATH.split(path.delimiter)) { + if (p) { + directories.push(p); + } + } + } + // return the first match + for (const directory of directories) { + const filePath = yield ioUtil.tryGetExecutablePath(directory + path.sep + tool, extensions); + if (filePath) { + return filePath; + } + } + return ''; + } + catch (err) { + throw new Error(`which failed with message ${err.message}`); + } + }); +} +exports.which = which; +function readCopyOptions(options) { + const force = options.force == null ? true : options.force; + const recursive = Boolean(options.recursive); + return { force, recursive }; +} +function cpDirRecursive(sourceDir, destDir, currentDepth, force) { + return __awaiter(this, void 0, void 0, function* () { + // Ensure there is not a run away recursive copy + if (currentDepth >= 255) + return; + currentDepth++; + yield mkdirP(destDir); + const files = yield ioUtil.readdir(sourceDir); + for (const fileName of files) { + const srcFile = `${sourceDir}/${fileName}`; + const destFile = `${destDir}/${fileName}`; + const srcFileStat = yield ioUtil.lstat(srcFile); + if (srcFileStat.isDirectory()) { + // Recurse + yield cpDirRecursive(srcFile, destFile, currentDepth, force); + } + else { + yield copyFile(srcFile, destFile, force); + } + } + // Change the mode for the newly created directory + yield ioUtil.chmod(destDir, (yield ioUtil.stat(sourceDir)).mode); + }); +} +// Buffered file copy +function copyFile(srcFile, destFile, force) { + return __awaiter(this, void 0, void 0, function* () { + if ((yield ioUtil.lstat(srcFile)).isSymbolicLink()) { + // unlink/re-link it + try { + yield ioUtil.lstat(destFile); + yield ioUtil.unlink(destFile); + } + catch (e) { + // Try to override file permission + if (e.code === 'EPERM') { + yield ioUtil.chmod(destFile, '0666'); + yield ioUtil.unlink(destFile); + } + // other errors = it doesn't exist, no work to do + } + // Copy over symlink + const symlinkFull = yield ioUtil.readlink(srcFile); + yield ioUtil.symlink(symlinkFull, destFile, ioUtil.IS_WINDOWS ? 'junction' : null); + } + else if (!(yield ioUtil.exists(destFile)) || force) { + yield ioUtil.copyFile(srcFile, destFile); + } + }); +} +//# sourceMappingURL=io.js.map + +/***/ }), + /***/ 2: /***/ (function(module, __unusedexports, __webpack_require__) { @@ -98,103 +395,609 @@ module.exports = osName; /***/ }), /***/ 9: -/***/ (function(module, __unusedexports, __webpack_require__) { - -var once = __webpack_require__(969); - -var noop = function() {}; +/***/ (function(__unusedmodule, exports, __webpack_require__) { -var isRequest = function(stream) { - return stream.setHeader && typeof stream.abort === 'function'; -}; +"use strict"; -var isChildProcess = function(stream) { - return stream.stdio && Array.isArray(stream.stdio) && stream.stdio.length === 3 +var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { + function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } + return new (P || (P = Promise))(function (resolve, reject) { + function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } + function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } + function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } + step((generator = generator.apply(thisArg, _arguments || [])).next()); + }); }; - -var eos = function(stream, opts, callback) { - if (typeof opts === 'function') return eos(stream, null, opts); - if (!opts) opts = {}; - - callback = once(callback || noop); - - var ws = stream._writableState; - var rs = stream._readableState; - var readable = opts.readable || (opts.readable !== false && stream.readable); - var writable = opts.writable || (opts.writable !== false && stream.writable); - var cancelled = false; - - var onlegacyfinish = function() { - if (!stream.writable) onfinish(); - }; - - var onfinish = function() { - writable = false; - if (!readable) callback.call(stream); - }; - - var onend = function() { - readable = false; - if (!writable) callback.call(stream); - }; - - var onexit = function(exitCode) { - callback.call(stream, exitCode ? new Error('exited with error code: ' + exitCode) : null); - }; - - var onerror = function(err) { - callback.call(stream, err); - }; - - var onclose = function() { - process.nextTick(onclosenexttick); - }; - - var onclosenexttick = function() { - if (cancelled) return; - if (readable && !(rs && (rs.ended && !rs.destroyed))) return callback.call(stream, new Error('premature close')); - if (writable && !(ws && (ws.ended && !ws.destroyed))) return callback.call(stream, new Error('premature close')); - }; - - var onrequest = function() { - stream.req.on('finish', onfinish); - }; - - if (isRequest(stream)) { - stream.on('complete', onfinish); - stream.on('abort', onclose); - if (stream.req) onrequest(); - else stream.on('request', onrequest); - } else if (writable && !ws) { // legacy streams - stream.on('end', onlegacyfinish); - stream.on('close', onlegacyfinish); - } - - if (isChildProcess(stream)) stream.on('exit', onexit); - - stream.on('end', onend); - stream.on('finish', onfinish); - if (opts.error !== false) stream.on('error', onerror); - stream.on('close', onclose); - - return function() { - cancelled = true; - stream.removeListener('complete', onfinish); - stream.removeListener('abort', onclose); - stream.removeListener('request', onrequest); - if (stream.req) stream.req.removeListener('finish', onfinish); - stream.removeListener('end', onlegacyfinish); - stream.removeListener('close', onlegacyfinish); - stream.removeListener('finish', onfinish); - stream.removeListener('exit', onexit); - stream.removeListener('end', onend); - stream.removeListener('error', onerror); - stream.removeListener('close', onclose); - }; +var __importStar = (this && this.__importStar) || function (mod) { + if (mod && mod.__esModule) return mod; + var result = {}; + if (mod != null) for (var k in mod) if (Object.hasOwnProperty.call(mod, k)) result[k] = mod[k]; + result["default"] = mod; + return result; }; - -module.exports = eos; - +Object.defineProperty(exports, "__esModule", { value: true }); +const os = __importStar(__webpack_require__(87)); +const events = __importStar(__webpack_require__(614)); +const child = __importStar(__webpack_require__(129)); +const path = __importStar(__webpack_require__(622)); +const io = __importStar(__webpack_require__(1)); +const ioUtil = __importStar(__webpack_require__(672)); +/* eslint-disable @typescript-eslint/unbound-method */ +const IS_WINDOWS = process.platform === 'win32'; +/* + * Class for running command line tools. Handles quoting and arg parsing in a platform agnostic way. + */ +class ToolRunner extends events.EventEmitter { + constructor(toolPath, args, options) { + super(); + if (!toolPath) { + throw new Error("Parameter 'toolPath' cannot be null or empty."); + } + this.toolPath = toolPath; + this.args = args || []; + this.options = options || {}; + } + _debug(message) { + if (this.options.listeners && this.options.listeners.debug) { + this.options.listeners.debug(message); + } + } + _getCommandString(options, noPrefix) { + const toolPath = this._getSpawnFileName(); + const args = this._getSpawnArgs(options); + let cmd = noPrefix ? '' : '[command]'; // omit prefix when piped to a second tool + if (IS_WINDOWS) { + // Windows + cmd file + if (this._isCmdFile()) { + cmd += toolPath; + for (const a of args) { + cmd += ` ${a}`; + } + } + // Windows + verbatim + else if (options.windowsVerbatimArguments) { + cmd += `"${toolPath}"`; + for (const a of args) { + cmd += ` ${a}`; + } + } + // Windows (regular) + else { + cmd += this._windowsQuoteCmdArg(toolPath); + for (const a of args) { + cmd += ` ${this._windowsQuoteCmdArg(a)}`; + } + } + } + else { + // OSX/Linux - this can likely be improved with some form of quoting. + // creating processes on Unix is fundamentally different than Windows. + // on Unix, execvp() takes an arg array. + cmd += toolPath; + for (const a of args) { + cmd += ` ${a}`; + } + } + return cmd; + } + _processLineBuffer(data, strBuffer, onLine) { + try { + let s = strBuffer + data.toString(); + let n = s.indexOf(os.EOL); + while (n > -1) { + const line = s.substring(0, n); + onLine(line); + // the rest of the string ... + s = s.substring(n + os.EOL.length); + n = s.indexOf(os.EOL); + } + strBuffer = s; + } + catch (err) { + // streaming lines to console is best effort. Don't fail a build. + this._debug(`error processing line. Failed with error ${err}`); + } + } + _getSpawnFileName() { + if (IS_WINDOWS) { + if (this._isCmdFile()) { + return process.env['COMSPEC'] || 'cmd.exe'; + } + } + return this.toolPath; + } + _getSpawnArgs(options) { + if (IS_WINDOWS) { + if (this._isCmdFile()) { + let argline = `/D /S /C "${this._windowsQuoteCmdArg(this.toolPath)}`; + for (const a of this.args) { + argline += ' '; + argline += options.windowsVerbatimArguments + ? a + : this._windowsQuoteCmdArg(a); + } + argline += '"'; + return [argline]; + } + } + return this.args; + } + _endsWith(str, end) { + return str.endsWith(end); + } + _isCmdFile() { + const upperToolPath = this.toolPath.toUpperCase(); + return (this._endsWith(upperToolPath, '.CMD') || + this._endsWith(upperToolPath, '.BAT')); + } + _windowsQuoteCmdArg(arg) { + // for .exe, apply the normal quoting rules that libuv applies + if (!this._isCmdFile()) { + return this._uvQuoteCmdArg(arg); + } + // otherwise apply quoting rules specific to the cmd.exe command line parser. + // the libuv rules are generic and are not designed specifically for cmd.exe + // command line parser. + // + // for a detailed description of the cmd.exe command line parser, refer to + // http://stackoverflow.com/questions/4094699/how-does-the-windows-command-interpreter-cmd-exe-parse-scripts/7970912#7970912 + // need quotes for empty arg + if (!arg) { + return '""'; + } + // determine whether the arg needs to be quoted + const cmdSpecialChars = [ + ' ', + '\t', + '&', + '(', + ')', + '[', + ']', + '{', + '}', + '^', + '=', + ';', + '!', + "'", + '+', + ',', + '`', + '~', + '|', + '<', + '>', + '"' + ]; + let needsQuotes = false; + for (const char of arg) { + if (cmdSpecialChars.some(x => x === char)) { + needsQuotes = true; + break; + } + } + // short-circuit if quotes not needed + if (!needsQuotes) { + return arg; + } + // the following quoting rules are very similar to the rules that by libuv applies. + // + // 1) wrap the string in quotes + // + // 2) double-up quotes - i.e. " => "" + // + // this is different from the libuv quoting rules. libuv replaces " with \", which unfortunately + // doesn't work well with a cmd.exe command line. + // + // note, replacing " with "" also works well if the arg is passed to a downstream .NET console app. + // for example, the command line: + // foo.exe "myarg:""my val""" + // is parsed by a .NET console app into an arg array: + // [ "myarg:\"my val\"" ] + // which is the same end result when applying libuv quoting rules. although the actual + // command line from libuv quoting rules would look like: + // foo.exe "myarg:\"my val\"" + // + // 3) double-up slashes that precede a quote, + // e.g. hello \world => "hello \world" + // hello\"world => "hello\\""world" + // hello\\"world => "hello\\\\""world" + // hello world\ => "hello world\\" + // + // technically this is not required for a cmd.exe command line, or the batch argument parser. + // the reasons for including this as a .cmd quoting rule are: + // + // a) this is optimized for the scenario where the argument is passed from the .cmd file to an + // external program. many programs (e.g. .NET console apps) rely on the slash-doubling rule. + // + // b) it's what we've been doing previously (by deferring to node default behavior) and we + // haven't heard any complaints about that aspect. + // + // note, a weakness of the quoting rules chosen here, is that % is not escaped. in fact, % cannot be + // escaped when used on the command line directly - even though within a .cmd file % can be escaped + // by using %%. + // + // the saving grace is, on the command line, %var% is left as-is if var is not defined. this contrasts + // the line parsing rules within a .cmd file, where if var is not defined it is replaced with nothing. + // + // one option that was explored was replacing % with ^% - i.e. %var% => ^%var^%. this hack would + // often work, since it is unlikely that var^ would exist, and the ^ character is removed when the + // variable is used. the problem, however, is that ^ is not removed when %* is used to pass the args + // to an external program. + // + // an unexplored potential solution for the % escaping problem, is to create a wrapper .cmd file. + // % can be escaped within a .cmd file. + let reverse = '"'; + let quoteHit = true; + for (let i = arg.length; i > 0; i--) { + // walk the string in reverse + reverse += arg[i - 1]; + if (quoteHit && arg[i - 1] === '\\') { + reverse += '\\'; // double the slash + } + else if (arg[i - 1] === '"') { + quoteHit = true; + reverse += '"'; // double the quote + } + else { + quoteHit = false; + } + } + reverse += '"'; + return reverse + .split('') + .reverse() + .join(''); + } + _uvQuoteCmdArg(arg) { + // Tool runner wraps child_process.spawn() and needs to apply the same quoting as + // Node in certain cases where the undocumented spawn option windowsVerbatimArguments + // is used. + // + // Since this function is a port of quote_cmd_arg from Node 4.x (technically, lib UV, + // see https://github.com/nodejs/node/blob/v4.x/deps/uv/src/win/process.c for details), + // pasting copyright notice from Node within this function: + // + // Copyright Joyent, Inc. and other Node contributors. All rights reserved. + // + // Permission is hereby granted, free of charge, to any person obtaining a copy + // of this software and associated documentation files (the "Software"), to + // deal in the Software without restriction, including without limitation the + // rights to use, copy, modify, merge, publish, distribute, sublicense, and/or + // sell copies of the Software, and to permit persons to whom the Software is + // furnished to do so, subject to the following conditions: + // + // The above copyright notice and this permission notice shall be included in + // all copies or substantial portions of the Software. + // + // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + // IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + // FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + // AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + // LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + // FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS + // IN THE SOFTWARE. + if (!arg) { + // Need double quotation for empty argument + return '""'; + } + if (!arg.includes(' ') && !arg.includes('\t') && !arg.includes('"')) { + // No quotation needed + return arg; + } + if (!arg.includes('"') && !arg.includes('\\')) { + // No embedded double quotes or backslashes, so I can just wrap + // quote marks around the whole thing. + return `"${arg}"`; + } + // Expected input/output: + // input : hello"world + // output: "hello\"world" + // input : hello""world + // output: "hello\"\"world" + // input : hello\world + // output: hello\world + // input : hello\\world + // output: hello\\world + // input : hello\"world + // output: "hello\\\"world" + // input : hello\\"world + // output: "hello\\\\\"world" + // input : hello world\ + // output: "hello world\\" - note the comment in libuv actually reads "hello world\" + // but it appears the comment is wrong, it should be "hello world\\" + let reverse = '"'; + let quoteHit = true; + for (let i = arg.length; i > 0; i--) { + // walk the string in reverse + reverse += arg[i - 1]; + if (quoteHit && arg[i - 1] === '\\') { + reverse += '\\'; + } + else if (arg[i - 1] === '"') { + quoteHit = true; + reverse += '\\'; + } + else { + quoteHit = false; + } + } + reverse += '"'; + return reverse + .split('') + .reverse() + .join(''); + } + _cloneExecOptions(options) { + options = options || {}; + const result = { + cwd: options.cwd || process.cwd(), + env: options.env || process.env, + silent: options.silent || false, + windowsVerbatimArguments: options.windowsVerbatimArguments || false, + failOnStdErr: options.failOnStdErr || false, + ignoreReturnCode: options.ignoreReturnCode || false, + delay: options.delay || 10000 + }; + result.outStream = options.outStream || process.stdout; + result.errStream = options.errStream || process.stderr; + return result; + } + _getSpawnOptions(options, toolPath) { + options = options || {}; + const result = {}; + result.cwd = options.cwd; + result.env = options.env; + result['windowsVerbatimArguments'] = + options.windowsVerbatimArguments || this._isCmdFile(); + if (options.windowsVerbatimArguments) { + result.argv0 = `"${toolPath}"`; + } + return result; + } + /** + * Exec a tool. + * Output will be streamed to the live console. + * Returns promise with return code + * + * @param tool path to tool to exec + * @param options optional exec options. See ExecOptions + * @returns number + */ + exec() { + return __awaiter(this, void 0, void 0, function* () { + // root the tool path if it is unrooted and contains relative pathing + if (!ioUtil.isRooted(this.toolPath) && + (this.toolPath.includes('/') || + (IS_WINDOWS && this.toolPath.includes('\\')))) { + // prefer options.cwd if it is specified, however options.cwd may also need to be rooted + this.toolPath = path.resolve(process.cwd(), this.options.cwd || process.cwd(), this.toolPath); + } + // if the tool is only a file name, then resolve it from the PATH + // otherwise verify it exists (add extension on Windows if necessary) + this.toolPath = yield io.which(this.toolPath, true); + return new Promise((resolve, reject) => { + this._debug(`exec tool: ${this.toolPath}`); + this._debug('arguments:'); + for (const arg of this.args) { + this._debug(` ${arg}`); + } + const optionsNonNull = this._cloneExecOptions(this.options); + if (!optionsNonNull.silent && optionsNonNull.outStream) { + optionsNonNull.outStream.write(this._getCommandString(optionsNonNull) + os.EOL); + } + const state = new ExecState(optionsNonNull, this.toolPath); + state.on('debug', (message) => { + this._debug(message); + }); + const fileName = this._getSpawnFileName(); + const cp = child.spawn(fileName, this._getSpawnArgs(optionsNonNull), this._getSpawnOptions(this.options, fileName)); + const stdbuffer = ''; + if (cp.stdout) { + cp.stdout.on('data', (data) => { + if (this.options.listeners && this.options.listeners.stdout) { + this.options.listeners.stdout(data); + } + if (!optionsNonNull.silent && optionsNonNull.outStream) { + optionsNonNull.outStream.write(data); + } + this._processLineBuffer(data, stdbuffer, (line) => { + if (this.options.listeners && this.options.listeners.stdline) { + this.options.listeners.stdline(line); + } + }); + }); + } + const errbuffer = ''; + if (cp.stderr) { + cp.stderr.on('data', (data) => { + state.processStderr = true; + if (this.options.listeners && this.options.listeners.stderr) { + this.options.listeners.stderr(data); + } + if (!optionsNonNull.silent && + optionsNonNull.errStream && + optionsNonNull.outStream) { + const s = optionsNonNull.failOnStdErr + ? optionsNonNull.errStream + : optionsNonNull.outStream; + s.write(data); + } + this._processLineBuffer(data, errbuffer, (line) => { + if (this.options.listeners && this.options.listeners.errline) { + this.options.listeners.errline(line); + } + }); + }); + } + cp.on('error', (err) => { + state.processError = err.message; + state.processExited = true; + state.processClosed = true; + state.CheckComplete(); + }); + cp.on('exit', (code) => { + state.processExitCode = code; + state.processExited = true; + this._debug(`Exit code ${code} received from tool '${this.toolPath}'`); + state.CheckComplete(); + }); + cp.on('close', (code) => { + state.processExitCode = code; + state.processExited = true; + state.processClosed = true; + this._debug(`STDIO streams have closed for tool '${this.toolPath}'`); + state.CheckComplete(); + }); + state.on('done', (error, exitCode) => { + if (stdbuffer.length > 0) { + this.emit('stdline', stdbuffer); + } + if (errbuffer.length > 0) { + this.emit('errline', errbuffer); + } + cp.removeAllListeners(); + if (error) { + reject(error); + } + else { + resolve(exitCode); + } + }); + if (this.options.input) { + if (!cp.stdin) { + throw new Error('child process missing stdin'); + } + cp.stdin.end(this.options.input); + } + }); + }); + } +} +exports.ToolRunner = ToolRunner; +/** + * Convert an arg string to an array of args. Handles escaping + * + * @param argString string of arguments + * @returns string[] array of arguments + */ +function argStringToArray(argString) { + const args = []; + let inQuotes = false; + let escaped = false; + let arg = ''; + function append(c) { + // we only escape double quotes. + if (escaped && c !== '"') { + arg += '\\'; + } + arg += c; + escaped = false; + } + for (let i = 0; i < argString.length; i++) { + const c = argString.charAt(i); + if (c === '"') { + if (!escaped) { + inQuotes = !inQuotes; + } + else { + append(c); + } + continue; + } + if (c === '\\' && escaped) { + append(c); + continue; + } + if (c === '\\' && inQuotes) { + escaped = true; + continue; + } + if (c === ' ' && !inQuotes) { + if (arg.length > 0) { + args.push(arg); + arg = ''; + } + continue; + } + append(c); + } + if (arg.length > 0) { + args.push(arg.trim()); + } + return args; +} +exports.argStringToArray = argStringToArray; +class ExecState extends events.EventEmitter { + constructor(options, toolPath) { + super(); + this.processClosed = false; // tracks whether the process has exited and stdio is closed + this.processError = ''; + this.processExitCode = 0; + this.processExited = false; // tracks whether the process has exited + this.processStderr = false; // tracks whether stderr was written to + this.delay = 10000; // 10 seconds + this.done = false; + this.timeout = null; + if (!toolPath) { + throw new Error('toolPath must not be empty'); + } + this.options = options; + this.toolPath = toolPath; + if (options.delay) { + this.delay = options.delay; + } + } + CheckComplete() { + if (this.done) { + return; + } + if (this.processClosed) { + this._setResult(); + } + else if (this.processExited) { + this.timeout = setTimeout(ExecState.HandleTimeout, this.delay, this); + } + } + _debug(message) { + this.emit('debug', message); + } + _setResult() { + // determine whether there is an error + let error; + if (this.processExited) { + if (this.processError) { + error = new Error(`There was an error when attempting to execute the process '${this.toolPath}'. This may indicate the process failed to start. Error: ${this.processError}`); + } + else if (this.processExitCode !== 0 && !this.options.ignoreReturnCode) { + error = new Error(`The process '${this.toolPath}' failed with exit code ${this.processExitCode}`); + } + else if (this.processStderr && this.options.failOnStdErr) { + error = new Error(`The process '${this.toolPath}' failed because one or more lines were written to the STDERR stream`); + } + } + // clear the timeout + if (this.timeout) { + clearTimeout(this.timeout); + this.timeout = null; + } + this.done = true; + this.emit('done', error, this.processExitCode); + } + static HandleTimeout(state) { + if (state.done) { + return; + } + if (!state.processClosed && state.processExited) { + const message = `The STDIO streams did not close within ${state.delay / + 1000} seconds of the exit event from process '${state.toolPath}'. This may indicate a child process inherited the STDIO streams and has not yet exited.`; + state._debug(message); + } + state._setResult(); + } +} +//# sourceMappingURL=toolrunner.js.map /***/ }), @@ -936,13 +1739,10 @@ var __importStar = (this && this.__importStar) || function (mod) { __setModuleDefault(result, mod); return result; }; -var __importDefault = (this && this.__importDefault) || function (mod) { - return (mod && mod.__esModule) ? mod : { "default": mod }; -}; Object.defineProperty(exports, "__esModule", { value: true }); const core = __importStar(__webpack_require__(470)); +const exec = __importStar(__webpack_require__(986)); const github = __importStar(__webpack_require__(469)); -const fs_1 = __importDefault(__webpack_require__(747)); const types_1 = __webpack_require__(251); const commentPrefix = '## Terraform Plan:'; async function run() { @@ -954,8 +1754,16 @@ async function run() { return; } core.debug('got pull request'); - const jsonFileName = core.getInput('terraform_plan_json_file'); - const json = fs_1.default.readFileSync(jsonFileName, 'utf8'); + const planFileName = core.getInput('terraform_plan_file'); + let json = ''; + const options = { + listeners: { + stdout: (data) => { + json += data.toString('utf8'); + } + } + }; + await exec.exec('terraform', ['show', '-json', planFileName], options); const terraformPlan = JSON.parse(json); core.debug('parsed json'); const token = core.getInput('github_token'); @@ -3797,7 +4605,7 @@ exports.Octokit = Octokit; /***/ (function(module, __unusedexports, __webpack_require__) { var once = __webpack_require__(969) -var eos = __webpack_require__(9) +var eos = __webpack_require__(562) var fs = __webpack_require__(747) // we only need fs to get the ReadStream and WriteStream prototypes var noop = function () {} @@ -6746,6 +7554,107 @@ function isPlainObject(o) { module.exports = isPlainObject; +/***/ }), + +/***/ 562: +/***/ (function(module, __unusedexports, __webpack_require__) { + +var once = __webpack_require__(969); + +var noop = function() {}; + +var isRequest = function(stream) { + return stream.setHeader && typeof stream.abort === 'function'; +}; + +var isChildProcess = function(stream) { + return stream.stdio && Array.isArray(stream.stdio) && stream.stdio.length === 3 +}; + +var eos = function(stream, opts, callback) { + if (typeof opts === 'function') return eos(stream, null, opts); + if (!opts) opts = {}; + + callback = once(callback || noop); + + var ws = stream._writableState; + var rs = stream._readableState; + var readable = opts.readable || (opts.readable !== false && stream.readable); + var writable = opts.writable || (opts.writable !== false && stream.writable); + var cancelled = false; + + var onlegacyfinish = function() { + if (!stream.writable) onfinish(); + }; + + var onfinish = function() { + writable = false; + if (!readable) callback.call(stream); + }; + + var onend = function() { + readable = false; + if (!writable) callback.call(stream); + }; + + var onexit = function(exitCode) { + callback.call(stream, exitCode ? new Error('exited with error code: ' + exitCode) : null); + }; + + var onerror = function(err) { + callback.call(stream, err); + }; + + var onclose = function() { + process.nextTick(onclosenexttick); + }; + + var onclosenexttick = function() { + if (cancelled) return; + if (readable && !(rs && (rs.ended && !rs.destroyed))) return callback.call(stream, new Error('premature close')); + if (writable && !(ws && (ws.ended && !ws.destroyed))) return callback.call(stream, new Error('premature close')); + }; + + var onrequest = function() { + stream.req.on('finish', onfinish); + }; + + if (isRequest(stream)) { + stream.on('complete', onfinish); + stream.on('abort', onclose); + if (stream.req) onrequest(); + else stream.on('request', onrequest); + } else if (writable && !ws) { // legacy streams + stream.on('end', onlegacyfinish); + stream.on('close', onlegacyfinish); + } + + if (isChildProcess(stream)) stream.on('exit', onexit); + + stream.on('end', onend); + stream.on('finish', onfinish); + if (opts.error !== false) stream.on('error', onerror); + stream.on('close', onclose); + + return function() { + cancelled = true; + stream.removeListener('complete', onfinish); + stream.removeListener('abort', onclose); + stream.removeListener('request', onrequest); + if (stream.req) stream.req.removeListener('finish', onfinish); + stream.removeListener('end', onlegacyfinish); + stream.removeListener('close', onlegacyfinish); + stream.removeListener('finish', onfinish); + stream.removeListener('exit', onexit); + stream.removeListener('end', onend); + stream.removeListener('error', onerror); + stream.removeListener('close', onclose); + }; +}; + +module.exports = eos; + + /***/ }), /***/ 568: @@ -7079,6 +7988,208 @@ module.exports = require("util"); /***/ }), +/***/ 672: +/***/ (function(__unusedmodule, exports, __webpack_require__) { + +"use strict"; + +var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { + function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } + return new (P || (P = Promise))(function (resolve, reject) { + function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } + function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } + function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } + step((generator = generator.apply(thisArg, _arguments || [])).next()); + }); +}; +var _a; +Object.defineProperty(exports, "__esModule", { value: true }); +const assert_1 = __webpack_require__(357); +const fs = __webpack_require__(747); +const path = __webpack_require__(622); +_a = fs.promises, exports.chmod = _a.chmod, exports.copyFile = _a.copyFile, exports.lstat = _a.lstat, exports.mkdir = _a.mkdir, exports.readdir = _a.readdir, exports.readlink = _a.readlink, exports.rename = _a.rename, exports.rmdir = _a.rmdir, exports.stat = _a.stat, exports.symlink = _a.symlink, exports.unlink = _a.unlink; +exports.IS_WINDOWS = process.platform === 'win32'; +function exists(fsPath) { + return __awaiter(this, void 0, void 0, function* () { + try { + yield exports.stat(fsPath); + } + catch (err) { + if (err.code === 'ENOENT') { + return false; + } + throw err; + } + return true; + }); +} +exports.exists = exists; +function isDirectory(fsPath, useStat = false) { + return __awaiter(this, void 0, void 0, function* () { + const stats = useStat ? yield exports.stat(fsPath) : yield exports.lstat(fsPath); + return stats.isDirectory(); + }); +} +exports.isDirectory = isDirectory; +/** + * On OSX/Linux, true if path starts with '/'. On Windows, true for paths like: + * \, \hello, \\hello\share, C:, and C:\hello (and corresponding alternate separator cases). + */ +function isRooted(p) { + p = normalizeSeparators(p); + if (!p) { + throw new Error('isRooted() parameter "p" cannot be empty'); + } + if (exports.IS_WINDOWS) { + return (p.startsWith('\\') || /^[A-Z]:/i.test(p) // e.g. \ or \hello or \\hello + ); // e.g. C: or C:\hello + } + return p.startsWith('/'); +} +exports.isRooted = isRooted; +/** + * Recursively create a directory at `fsPath`. + * + * This implementation is optimistic, meaning it attempts to create the full + * path first, and backs up the path stack from there. + * + * @param fsPath The path to create + * @param maxDepth The maximum recursion depth + * @param depth The current recursion depth + */ +function mkdirP(fsPath, maxDepth = 1000, depth = 1) { + return __awaiter(this, void 0, void 0, function* () { + assert_1.ok(fsPath, 'a path argument must be provided'); + fsPath = path.resolve(fsPath); + if (depth >= maxDepth) + return exports.mkdir(fsPath); + try { + yield exports.mkdir(fsPath); + return; + } + catch (err) { + switch (err.code) { + case 'ENOENT': { + yield mkdirP(path.dirname(fsPath), maxDepth, depth + 1); + yield exports.mkdir(fsPath); + return; + } + default: { + let stats; + try { + stats = yield exports.stat(fsPath); + } + catch (err2) { + throw err; + } + if (!stats.isDirectory()) + throw err; + } + } + } + }); +} +exports.mkdirP = mkdirP; +/** + * Best effort attempt to determine whether a file exists and is executable. + * @param filePath file path to check + * @param extensions additional file extensions to try + * @return if file exists and is executable, returns the file path. otherwise empty string. + */ +function tryGetExecutablePath(filePath, extensions) { + return __awaiter(this, void 0, void 0, function* () { + let stats = undefined; + try { + // test file exists + stats = yield exports.stat(filePath); + } + catch (err) { + if (err.code !== 'ENOENT') { + // eslint-disable-next-line no-console + console.log(`Unexpected error attempting to determine if executable file exists '${filePath}': ${err}`); + } + } + if (stats && stats.isFile()) { + if (exports.IS_WINDOWS) { + // on Windows, test for valid extension + const upperExt = path.extname(filePath).toUpperCase(); + if (extensions.some(validExt => validExt.toUpperCase() === upperExt)) { + return filePath; + } + } + else { + if (isUnixExecutable(stats)) { + return filePath; + } + } + } + // try each extension + const originalFilePath = filePath; + for (const extension of extensions) { + filePath = originalFilePath + extension; + stats = undefined; + try { + stats = yield exports.stat(filePath); + } + catch (err) { + if (err.code !== 'ENOENT') { + // eslint-disable-next-line no-console + console.log(`Unexpected error attempting to determine if executable file exists '${filePath}': ${err}`); + } + } + if (stats && stats.isFile()) { + if (exports.IS_WINDOWS) { + // preserve the case of the actual file (since an extension was appended) + try { + const directory = path.dirname(filePath); + const upperName = path.basename(filePath).toUpperCase(); + for (const actualName of yield exports.readdir(directory)) { + if (upperName === actualName.toUpperCase()) { + filePath = path.join(directory, actualName); + break; + } + } + } + catch (err) { + // eslint-disable-next-line no-console + console.log(`Unexpected error attempting to determine the actual case of the file '${filePath}': ${err}`); + } + return filePath; + } + else { + if (isUnixExecutable(stats)) { + return filePath; + } + } + } + } + return ''; + }); +} +exports.tryGetExecutablePath = tryGetExecutablePath; +function normalizeSeparators(p) { + p = p || ''; + if (exports.IS_WINDOWS) { + // convert slashes on Windows + p = p.replace(/\//g, '\\'); + // remove redundant slashes + return p.replace(/\\\\+/g, '\\'); + } + // remove redundant slashes + return p.replace(/\/\/+/g, '/'); +} +// on Mac/Linux, test the execute bit +// R W X R W X R W X +// 256 128 64 32 16 8 4 2 1 +function isUnixExecutable(stats) { + return ((stats.mode & 1) > 0 || + ((stats.mode & 8) > 0 && stats.gid === process.getgid()) || + ((stats.mode & 64) > 0 && stats.uid === process.getuid())); +} +//# sourceMappingURL=io-util.js.map + +/***/ }), + /***/ 692: /***/ (function(__unusedmodule, exports) { @@ -10219,6 +11330,57 @@ function onceStrict (fn) { } +/***/ }), + +/***/ 986: +/***/ (function(__unusedmodule, exports, __webpack_require__) { + +"use strict"; + +var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { + function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } + return new (P || (P = Promise))(function (resolve, reject) { + function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } + function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } + function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } + step((generator = generator.apply(thisArg, _arguments || [])).next()); + }); +}; +var __importStar = (this && this.__importStar) || function (mod) { + if (mod && mod.__esModule) return mod; + var result = {}; + if (mod != null) for (var k in mod) if (Object.hasOwnProperty.call(mod, k)) result[k] = mod[k]; + result["default"] = mod; + return result; +}; +Object.defineProperty(exports, "__esModule", { value: true }); +const tr = __importStar(__webpack_require__(9)); +/** + * Exec a command. + * Output will be streamed to the live console. + * Returns promise with return code + * + * @param commandLine command to execute (can include additional args). Must be correctly escaped. + * @param args optional arguments for tool. Escaping is handled by the lib. + * @param options optional exec options. See ExecOptions + * @returns Promise exit code + */ +function exec(commandLine, args, options) { + return __awaiter(this, void 0, void 0, function* () { + const commandArgs = tr.argStringToArray(commandLine); + if (commandArgs.length === 0) { + throw new Error(`Parameter 'commandLine' cannot be null or empty.`); + } + // Path to tool to execute should be first arg + const toolPath = commandArgs[0]; + args = commandArgs.slice(1).concat(args || []); + const runner = new tr.ToolRunner(toolPath, args, options); + return runner.exec(); + }); +} +exports.exec = exec; +//# sourceMappingURL=exec.js.map + /***/ }) /******/ }); \ No newline at end of file diff --git a/package.json b/package.json index 7f09212..59ccad9 100644 --- a/package.json +++ b/package.json @@ -26,6 +26,7 @@ "license": "Apache-2.0", "dependencies": { "@actions/core": "^1.2.0", + "@actions/exec": "^1.0.4", "@actions/github": "^3.0.0" }, "devDependencies": { diff --git a/src/main.ts b/src/main.ts index adcb872..b538809 100644 --- a/src/main.ts +++ b/src/main.ts @@ -1,6 +1,6 @@ import * as core from '@actions/core' +import * as exec from '@actions/exec' import * as github from '@actions/github' -import fs from 'fs' import {GitHub} from '@actions/github/lib/utils' import {Action, PullRequest, TerraformPlan} from './types' @@ -17,8 +17,18 @@ async function run(): Promise { } core.debug('got pull request') - const jsonFileName = core.getInput('terraform_plan_json_file') - const json = fs.readFileSync(jsonFileName, 'utf8') + const planFileName = core.getInput('terraform_plan_file') + + let json = '' + const options = { + listeners: { + stdout: (data: Buffer) => { + json += data.toString('utf8') + } + } + } + await exec.exec('terraform', ['show', '-json', planFileName], options) + const terraformPlan: TerraformPlan = JSON.parse(json) core.debug('parsed json') const token = core.getInput('github_token') diff --git a/yarn.lock b/yarn.lock index b897c6c..fefa6c1 100644 --- a/yarn.lock +++ b/yarn.lock @@ -7,6 +7,13 @@ resolved "https://registry.yarnpkg.com/@actions/core/-/core-1.2.4.tgz#96179dbf9f8d951dd74b40a0dbd5c22555d186ab" integrity sha512-YJCEq8BE3CdN8+7HPZ/4DxJjk/OkZV2FFIf+DlZTC/4iBlzYCD5yjRR6eiOS5llO11zbRltIRuKAjMKaWTE6cg== +"@actions/exec@^1.0.4": + version "1.0.4" + resolved "https://registry.yarnpkg.com/@actions/exec/-/exec-1.0.4.tgz#99d75310e62e59fc37d2ee6dcff6d4bffadd3a5d" + integrity sha512-4DPChWow9yc9W3WqEbUj8Nr86xkpyE29ZzWjXucHItclLbEW6jr80Zx4nqv18QL6KK65+cifiQZXvnqgTV6oHw== + dependencies: + "@actions/io" "^1.0.1" + "@actions/github@^3.0.0": version "3.0.0" resolved "https://registry.yarnpkg.com/@actions/github/-/github-3.0.0.tgz#ce1b721a266ad5ac522da0c9c013c999009604bf" @@ -24,6 +31,11 @@ dependencies: tunnel "0.0.6" +"@actions/io@^1.0.1": + version "1.0.2" + resolved "https://registry.yarnpkg.com/@actions/io/-/io-1.0.2.tgz#2f614b6e69ce14d191180451eb38e6576a6e6b27" + integrity sha512-J8KuFqVPr3p6U8W93DOXlXW6zFvrQAJANdS+vw0YhusLIq+bszW8zmK2Fh1C2kDPX8FMvwIl1OUcFgvJoXLbAg== + "@babel/code-frame@^7.0.0", "@babel/code-frame@^7.10.3": version "7.10.3" resolved "https://registry.yarnpkg.com/@babel/code-frame/-/code-frame-7.10.3.tgz#324bcfd8d35cd3d47dae18cde63d752086435e9a" From a38dfc418029b26ee7905da6c96f35efc9dc0316 Mon Sep 17 00:00:00 2001 From: yoshutch Date: Thu, 25 Jun 2020 15:59:54 -0600 Subject: [PATCH 07/26] 2 trying out passing in tf plan instead of json of plan --- .github/workflows/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 42cbe2e..8f99f32 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -31,4 +31,4 @@ jobs: - uses: ./ with: github_token: ${{ secrets.GITHUB_TOKEN }} - terraform_plan_json_file: __tests__/test-plan.tfplan \ No newline at end of file + terraform_plan_file: __tests__/test-plan.tfplan \ No newline at end of file From b0428000fdbb86a81475db97609f9dc1a0c68a16 Mon Sep 17 00:00:00 2001 From: yoshutch Date: Thu, 25 Jun 2020 16:02:08 -0600 Subject: [PATCH 08/26] 3 trying out passing in tf plan instead of json of plan --- .github/workflows/test.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 8f99f32..247a0b1 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -29,6 +29,7 @@ jobs: - run: terraform plan -out test-plan.tfplan working-directory: __tests__ - uses: ./ + working-directory: __tests__ with: github_token: ${{ secrets.GITHUB_TOKEN }} terraform_plan_file: __tests__/test-plan.tfplan \ No newline at end of file From 6fe9417af71be6b8b028fd969d86d1fc7a3c1510 Mon Sep 17 00:00:00 2001 From: yoshutch Date: Thu, 25 Jun 2020 16:07:26 -0600 Subject: [PATCH 09/26] 4 trying out passing in tf plan instead of json of plan --- .github/workflows/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 247a0b1..ed2502d 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -28,8 +28,8 @@ jobs: working-directory: __tests__ - run: terraform plan -out test-plan.tfplan working-directory: __tests__ + - run: cp -r __tests__/.terraform . - uses: ./ - working-directory: __tests__ with: github_token: ${{ secrets.GITHUB_TOKEN }} terraform_plan_file: __tests__/test-plan.tfplan \ No newline at end of file From e15e921d11bbf1a2c4315955e25f6b8918107541 Mon Sep 17 00:00:00 2001 From: yoshutch Date: Thu, 25 Jun 2020 16:13:50 -0600 Subject: [PATCH 10/26] 5 trying out passing in tf plan instead of json of plan --- dist/index.js | 8 ++++++++ src/main.ts | 9 +++++++++ 2 files changed, 17 insertions(+) diff --git a/dist/index.js b/dist/index.js index c78727a..9eb5a2e 100644 --- a/dist/index.js +++ b/dist/index.js @@ -1764,6 +1764,14 @@ async function run() { } }; await exec.exec('terraform', ['show', '-json', planFileName], options); + core.debug('** json **'); + core.debug(json); + core.debug('** end json **'); + const index = json.indexOf('{'); + json = json.substr(index); + core.debug('** substr json **'); + core.debug(json); + core.debug('** end substr json **'); const terraformPlan = JSON.parse(json); core.debug('parsed json'); const token = core.getInput('github_token'); diff --git a/src/main.ts b/src/main.ts index b538809..f231e69 100644 --- a/src/main.ts +++ b/src/main.ts @@ -28,6 +28,15 @@ async function run(): Promise { } } await exec.exec('terraform', ['show', '-json', planFileName], options) + core.debug('** json **') + core.debug(json) + core.debug('** end json **') + + const index = json.indexOf('{') + json = json.substr(index) + core.debug('** substr json **') + core.debug(json) + core.debug('** end substr json **') const terraformPlan: TerraformPlan = JSON.parse(json) core.debug('parsed json') From 8c52af0c56eb131127bc1a28f48aad8b0d23dde0 Mon Sep 17 00:00:00 2001 From: yoshutch Date: Thu, 25 Jun 2020 16:23:34 -0600 Subject: [PATCH 11/26] 6 trying out passing in tf plan instead of json of plan --- dist/index.js | 15 +++++++++------ src/main.ts | 15 +++++++++------ 2 files changed, 18 insertions(+), 12 deletions(-) diff --git a/dist/index.js b/dist/index.js index 9eb5a2e..aac0d97 100644 --- a/dist/index.js +++ b/dist/index.js @@ -1767,12 +1767,15 @@ async function run() { core.debug('** json **'); core.debug(json); core.debug('** end json **'); - const index = json.indexOf('{'); - json = json.substr(index); - core.debug('** substr json **'); - core.debug(json); - core.debug('** end substr json **'); - const terraformPlan = JSON.parse(json); + const match = json.match(/{.*}/); + if (match === null) { + core.error('null match...'); + return; + } + core.debug('** match json **'); + core.debug(match[0]); + core.debug('** end match json **'); + const terraformPlan = JSON.parse(match[0]); core.debug('parsed json'); const token = core.getInput('github_token'); const runId = parseInt(process.env['GITHUB_RUN_ID'] || '-1'); diff --git a/src/main.ts b/src/main.ts index f231e69..51b60ad 100644 --- a/src/main.ts +++ b/src/main.ts @@ -32,13 +32,16 @@ async function run(): Promise { core.debug(json) core.debug('** end json **') - const index = json.indexOf('{') - json = json.substr(index) - core.debug('** substr json **') - core.debug(json) - core.debug('** end substr json **') + const match = json.match(/{.*}/) + if (match === null) { + core.error('null match...') + return + } + core.debug('** match json **') + core.debug(match[0]) + core.debug('** end match json **') - const terraformPlan: TerraformPlan = JSON.parse(json) + const terraformPlan: TerraformPlan = JSON.parse(match[0]) core.debug('parsed json') const token = core.getInput('github_token') const runId = parseInt(process.env['GITHUB_RUN_ID'] || '-1') From ab6db6fddee832e2d341ee8cc81466d8598bdbe3 Mon Sep 17 00:00:00 2001 From: yoshutch Date: Thu, 25 Jun 2020 16:27:02 -0600 Subject: [PATCH 12/26] fixing format of comment if there are multiple resources in each list --- dist/index.js | 5 +++-- src/main.ts | 5 +++-- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/dist/index.js b/dist/index.js index aac0d97..e3c6fdd 100644 --- a/dist/index.js +++ b/dist/index.js @@ -1767,6 +1767,7 @@ async function run() { core.debug('** json **'); core.debug(json); core.debug('** end json **'); + // pull out any extra fluff from terraform wrapper from the hashicorp/setup-terraform action const match = json.match(/{.*}/); if (match === null) { core.error('null match...'); @@ -1877,9 +1878,9 @@ class PlanCommenter { static resourcesToChangeSection(changeType, list) { let str = ''; if (list.length > 0) { - str += `will ${changeType} ${list.length} resource${list.length > 1 ? 's' : ''}: \n`; + str += `will ${changeType} ${list.length} resource${list.length > 1 ? 's' : ''}:`; for (const resource of list) { - str += `- ${resource}`; + str += ` \n * ${resource}`; } str += '\n\n'; } diff --git a/src/main.ts b/src/main.ts index 51b60ad..6511dc8 100644 --- a/src/main.ts +++ b/src/main.ts @@ -32,6 +32,7 @@ async function run(): Promise { core.debug(json) core.debug('** end json **') + // pull out any extra fluff from terraform wrapper from the hashicorp/setup-terraform action const match = json.match(/{.*}/) if (match === null) { core.error('null match...') @@ -150,9 +151,9 @@ class PlanCommenter { private static resourcesToChangeSection(changeType: string, list: string[]): string { let str = '' if (list.length > 0) { - str += `will ${changeType} ${list.length} resource${list.length > 1 ? 's' : ''}: \n` + str += `will ${changeType} ${list.length} resource${list.length > 1 ? 's' : ''}:` for (const resource of list) { - str += `- ${resource}` + str += ` \n * ${resource}` } str += '\n\n' } From f82109dc292369ff9a6ca1ef94f182f274657289 Mon Sep 17 00:00:00 2001 From: yoshutch Date: Thu, 25 Jun 2020 16:39:48 -0600 Subject: [PATCH 13/26] updating code comments, added some error handling --- dist/index.js | 63 +++++++++++++++++++++++++++-------------------- src/main.ts | 68 ++++++++++++++++++++++++++++++--------------------- 2 files changed, 76 insertions(+), 55 deletions(-) diff --git a/dist/index.js b/dist/index.js index e3c6fdd..0991543 100644 --- a/dist/index.js +++ b/dist/index.js @@ -1755,46 +1755,55 @@ async function run() { } core.debug('got pull request'); const planFileName = core.getInput('terraform_plan_file'); - let json = ''; - const options = { - listeners: { - stdout: (data) => { - json += data.toString('utf8'); - } - } - }; - await exec.exec('terraform', ['show', '-json', planFileName], options); - core.debug('** json **'); - core.debug(json); - core.debug('** end json **'); - // pull out any extra fluff from terraform wrapper from the hashicorp/setup-terraform action - const match = json.match(/{.*}/); - if (match === null) { - core.error('null match...'); - return; - } - core.debug('** match json **'); - core.debug(match[0]); - core.debug('** end match json **'); - const terraformPlan = JSON.parse(match[0]); - core.debug('parsed json'); + const json = await jsonFromPlan(planFileName); + const terraformPlan = JSON.parse(json); + core.debug('successfully parsed json'); const token = core.getInput('github_token'); const runId = parseInt(process.env['GITHUB_RUN_ID'] || '-1'); + if (runId === -1) { + core.setFailed('No GITHUB_RUN_ID found'); + return; + } const commenter = new PlanCommenter(token, runId, pr); - await commenter.makePlanComment(terraformPlan); + await commenter.commentWithPlanSummary(terraformPlan); } catch (error) { core.setFailed(error.message); } } +// we need to parse the terraform plan into a json string +async function jsonFromPlan(planFileName) { + let output = ''; + const options = { + listeners: { + stdout: (data) => { + output += data.toString('utf8'); + } + } + }; + await exec.exec('terraform', ['show', '-json', planFileName], options); + // pull out any extra fluff from terraform wrapper from the hashicorp/setup-terraform action + const json = output.match(/{.*}/); + if (json === null) { + core.error('null match...'); + core.debug('** start of output **'); + core.debug(output); + core.debug('** end of output **'); + throw Error("output didn't match with /{.*}/ correctly"); + } + core.debug('** matched json **'); + core.debug(json[0]); + core.debug('** end matched json **'); + return json[0]; +} class PlanCommenter { constructor(token, runId, pr) { this.octokit = github.getOctokit(token); this.runId = runId; this.pr = pr; } - async makePlanComment(terraformPlan) { - const body = await this.planComment(terraformPlan); + async commentWithPlanSummary(terraformPlan) { + const body = await this.planSummaryBody(terraformPlan); // find previous comment if it exists const comments = await this.octokit.issues.listComments({ ...github.context.repo, @@ -1828,7 +1837,7 @@ class PlanCommenter { return createdComment.data.id; } } - async planComment(terraformPlan) { + async planSummaryBody(terraformPlan) { const toCreate = []; const toDelete = []; const toReplace = []; diff --git a/src/main.ts b/src/main.ts index 6511dc8..35beaf1 100644 --- a/src/main.ts +++ b/src/main.ts @@ -19,41 +19,52 @@ async function run(): Promise { const planFileName = core.getInput('terraform_plan_file') - let json = '' - const options = { - listeners: { - stdout: (data: Buffer) => { - json += data.toString('utf8') - } - } - } - await exec.exec('terraform', ['show', '-json', planFileName], options) - core.debug('** json **') - core.debug(json) - core.debug('** end json **') - - // pull out any extra fluff from terraform wrapper from the hashicorp/setup-terraform action - const match = json.match(/{.*}/) - if (match === null) { - core.error('null match...') - return - } - core.debug('** match json **') - core.debug(match[0]) - core.debug('** end match json **') + const json = await jsonFromPlan(planFileName) + const terraformPlan: TerraformPlan = JSON.parse(json) + core.debug('successfully parsed json') - const terraformPlan: TerraformPlan = JSON.parse(match[0]) - core.debug('parsed json') const token = core.getInput('github_token') const runId = parseInt(process.env['GITHUB_RUN_ID'] || '-1') + if (runId === -1) { + core.setFailed('No GITHUB_RUN_ID found') + return + } const commenter = new PlanCommenter(token, runId, pr) - await commenter.makePlanComment(terraformPlan) + await commenter.commentWithPlanSummary(terraformPlan) } catch (error) { core.setFailed(error.message) } } +// we need to parse the terraform plan into a json string +async function jsonFromPlan(planFileName: string): Promise { + let output = '' + const options = { + listeners: { + stdout: (data: Buffer) => { + output += data.toString('utf8') + } + } + } + await exec.exec('terraform', ['show', '-json', planFileName], options) + + // pull out any extra fluff from terraform wrapper from the hashicorp/setup-terraform action + const json = output.match(/{.*}/) + if (json === null) { + core.error('null match...') + core.debug('** start of output **') + core.debug(output) + core.debug('** end of output **') + throw Error("output didn't match with /{.*}/ correctly") + } + core.debug('** matched json **') + core.debug(json[0]) + core.debug('** end matched json **') + + return json[0] +} + class PlanCommenter { octokit: InstanceType runId: number @@ -65,8 +76,8 @@ class PlanCommenter { this.pr = pr } - async makePlanComment(terraformPlan: TerraformPlan): Promise { - const body = await this.planComment(terraformPlan) + async commentWithPlanSummary(terraformPlan: TerraformPlan): Promise { + const body = await this.planSummaryBody(terraformPlan) // find previous comment if it exists const comments = await this.octokit.issues.listComments({ ...github.context.repo, @@ -99,7 +110,8 @@ class PlanCommenter { return createdComment.data.id } } - async planComment(terraformPlan: TerraformPlan): Promise { + + async planSummaryBody(terraformPlan: TerraformPlan): Promise { const toCreate = [] const toDelete = [] const toReplace = [] From 5f4c4a9a8908446cffaf2a56bf5f2683fb8b7e30 Mon Sep 17 00:00:00 2001 From: yoshutch Date: Fri, 26 Jun 2020 08:51:46 -0600 Subject: [PATCH 14/26] added terraform-directory input variable --- .github/workflows/test.yml | 6 +++--- README.md | 11 ++++------- action.yml | 8 ++++++-- dist/index.js | 13 +++++++++---- src/main.ts | 14 ++++++++++---- 5 files changed, 32 insertions(+), 20 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index ed2502d..1a999f7 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -28,8 +28,8 @@ jobs: working-directory: __tests__ - run: terraform plan -out test-plan.tfplan working-directory: __tests__ - - run: cp -r __tests__/.terraform . - uses: ./ with: - github_token: ${{ secrets.GITHUB_TOKEN }} - terraform_plan_file: __tests__/test-plan.tfplan \ No newline at end of file + github-token: ${{ secrets.GITHUB_TOKEN }} + terraform-directory: __tests__ + terraform-plan-file: test-plan.tfplan \ No newline at end of file diff --git a/README.md b/README.md index b24c008..8277f03 100644 --- a/README.md +++ b/README.md @@ -26,14 +26,11 @@ jobs: terraform_wrapper: false # terraform init # terraform plan - - name: Terraform Plan JSON - id: json_plan - run: terraform show -json plan > plan.json - name: Comment Terraform Plan uses: byu-oit/github-action-tf-plan-comment@v1 with: github_token: ${{ secrets.GITHUB_TOKEN }} - terraform_plan_json_file: plan.json + terraform_plan_file: plan.tfplan ``` **Note:** make sure you run your `terraform show-json plan` in the same working directory as the `terraform plan` step, and make sure you. @@ -43,10 +40,10 @@ We disable the wrapper in this example so that you can pipe the output to a file This action will create a comment on your PR like: > ## Terraform Plan: -> will replace (delete then create) 1 resources: +> will **replace (delete then create)** 1 resources: > - aws_security_group_rule - db_access > -> will delete 1 resources: +> will **delete** 1 resources: > - aws_db_instance - database > >[see details](link to the github action workflow) @@ -54,7 +51,7 @@ This action will create a comment on your PR like: ## Inputs * `github_token` - (**required**) pass in the GitHub token to make comments on the PR -* `terraform_plan_json` - (**required**) JSON representation of the terraform plan to be executed +* `terraform_plan_file` - (**required**) Filename of the terraform plan ## Contributing Hopefully this is useful to others at BYU. diff --git a/action.yml b/action.yml index 74afb42..052cb29 100644 --- a/action.yml +++ b/action.yml @@ -2,12 +2,16 @@ name: 'Terraform Plan Comment' description: 'Creates a comment on a pull request with the terraform plan' author: 'Brigham Young University' inputs: - github_token: + github-token: required: true description: 'github token' - terraform_plan_file: + terraform-plan-file: required: true description: File name of the terraform plan + terraform-directory: + required: false + description: Directory of the terraform configuration + default: . runs: using: 'node12' main: 'dist/index.js' diff --git a/dist/index.js b/dist/index.js index 0991543..a9cfe24 100644 --- a/dist/index.js +++ b/dist/index.js @@ -1754,11 +1754,12 @@ async function run() { return; } core.debug('got pull request'); - const planFileName = core.getInput('terraform_plan_file'); - const json = await jsonFromPlan(planFileName); + const planFileName = core.getInput('terraform-plan-file'); + const terraformDir = core.getInput('terraform-directory'); + const json = await jsonFromPlan(terraformDir, planFileName); const terraformPlan = JSON.parse(json); core.debug('successfully parsed json'); - const token = core.getInput('github_token'); + const token = core.getInput('github-token'); const runId = parseInt(process.env['GITHUB_RUN_ID'] || '-1'); if (runId === -1) { core.setFailed('No GITHUB_RUN_ID found'); @@ -1772,10 +1773,14 @@ async function run() { } } // we need to parse the terraform plan into a json string -async function jsonFromPlan(planFileName) { +async function jsonFromPlan(dir, planFileName) { + // we need to cd into the terraform directory before running terraform show + await exec.exec('cd', [dir]); + // run terraform show -json to parse the plan into a json string let output = ''; const options = { listeners: { + // captures the standard output of the terraform show command and appends it to the variable 'output' stdout: (data) => { output += data.toString('utf8'); } diff --git a/src/main.ts b/src/main.ts index 35beaf1..2cdc339 100644 --- a/src/main.ts +++ b/src/main.ts @@ -17,13 +17,14 @@ async function run(): Promise { } core.debug('got pull request') - const planFileName = core.getInput('terraform_plan_file') + const planFileName = core.getInput('terraform-plan-file') + const terraformDir = core.getInput('terraform-directory') - const json = await jsonFromPlan(planFileName) + const json = await jsonFromPlan(terraformDir, planFileName) const terraformPlan: TerraformPlan = JSON.parse(json) core.debug('successfully parsed json') - const token = core.getInput('github_token') + const token = core.getInput('github-token') const runId = parseInt(process.env['GITHUB_RUN_ID'] || '-1') if (runId === -1) { core.setFailed('No GITHUB_RUN_ID found') @@ -38,10 +39,15 @@ async function run(): Promise { } // we need to parse the terraform plan into a json string -async function jsonFromPlan(planFileName: string): Promise { +async function jsonFromPlan(dir: string, planFileName: string): Promise { + // we need to cd into the terraform directory before running terraform show + await exec.exec('cd', [dir]) + + // run terraform show -json to parse the plan into a json string let output = '' const options = { listeners: { + // captures the standard output of the terraform show command and appends it to the variable 'output' stdout: (data: Buffer) => { output += data.toString('utf8') } From 69603a5cd4edfd99d9da7694d31097eb1dfd7e25 Mon Sep 17 00:00:00 2001 From: yoshutch Date: Fri, 26 Jun 2020 09:08:18 -0600 Subject: [PATCH 15/26] action now copies .terraform dir --- README.md | 10 ++++++---- dist/index.js | 11 +++++++++-- package.json | 3 ++- src/main.ts | 12 ++++++++++-- 4 files changed, 27 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 8277f03..ea34eb9 100644 --- a/README.md +++ b/README.md @@ -29,8 +29,9 @@ jobs: - name: Comment Terraform Plan uses: byu-oit/github-action-tf-plan-comment@v1 with: - github_token: ${{ secrets.GITHUB_TOKEN }} - terraform_plan_file: plan.tfplan + github-token: ${{ secrets.GITHUB_TOKEN }} + terraform-directory: terraform-iac/dev/app + terraform-plan-file: plan.tfplan ``` **Note:** make sure you run your `terraform show-json plan` in the same working directory as the `terraform plan` step, and make sure you. @@ -50,8 +51,9 @@ This action will create a comment on your PR like: ## Inputs -* `github_token` - (**required**) pass in the GitHub token to make comments on the PR -* `terraform_plan_file` - (**required**) Filename of the terraform plan +* `github-token` - (**required**) pass in the GitHub token to make comments on the PR +* `terraform-directory` - (optional) the directory of the terraform configuration files (defaults to `.`) +* `terraform-plan-file` - (**required**) Filename of the terraform plan (don't include the full path, just the path from the `terraform-directory`) ## Contributing Hopefully this is useful to others at BYU. diff --git a/dist/index.js b/dist/index.js index a9cfe24..20f14cc 100644 --- a/dist/index.js +++ b/dist/index.js @@ -1743,6 +1743,7 @@ Object.defineProperty(exports, "__esModule", { value: true }); const core = __importStar(__webpack_require__(470)); const exec = __importStar(__webpack_require__(986)); const github = __importStar(__webpack_require__(469)); +const io = __importStar(__webpack_require__(1)); const types_1 = __webpack_require__(251); const commentPrefix = '## Terraform Plan:'; async function run() { @@ -1774,8 +1775,11 @@ async function run() { } // we need to parse the terraform plan into a json string async function jsonFromPlan(dir, planFileName) { - // we need to cd into the terraform directory before running terraform show - await exec.exec('cd', [dir]); + core.debug(`dir after replace: "${dir}"`); + dir = dir.replace(/\/\s*$/, ''); // remove last / character if it exists + core.debug(`dir after replace: "${dir}"`); + // we need to copy the .terraform dir into the working directory in order for terraform show to work + await io.cp(`${dir}/.terraform`, '.', { recursive: true }); // run terraform show -json to parse the plan into a json string let output = ''; const options = { @@ -1787,6 +1791,8 @@ async function jsonFromPlan(dir, planFileName) { } }; await exec.exec('terraform', ['show', '-json', planFileName], options); + // delete .terraform dir after terraform show command to clean up after + const rmDotTerraform = io.rmRF('.terraform'); // pull out any extra fluff from terraform wrapper from the hashicorp/setup-terraform action const json = output.match(/{.*}/); if (json === null) { @@ -1799,6 +1805,7 @@ async function jsonFromPlan(dir, planFileName) { core.debug('** matched json **'); core.debug(json[0]); core.debug('** end matched json **'); + await rmDotTerraform; // finish the removing of the .terraform dir return json[0]; } class PlanCommenter { diff --git a/package.json b/package.json index 59ccad9..d37a4c5 100644 --- a/package.json +++ b/package.json @@ -27,7 +27,8 @@ "dependencies": { "@actions/core": "^1.2.0", "@actions/exec": "^1.0.4", - "@actions/github": "^3.0.0" + "@actions/github": "^3.0.0", + "@actions/io": "^1.0.2" }, "devDependencies": { "@types/jest": "^24.0.23", diff --git a/src/main.ts b/src/main.ts index 2cdc339..c1ef3d5 100644 --- a/src/main.ts +++ b/src/main.ts @@ -1,6 +1,7 @@ import * as core from '@actions/core' import * as exec from '@actions/exec' import * as github from '@actions/github' +import * as io from '@actions/io' import {GitHub} from '@actions/github/lib/utils' import {Action, PullRequest, TerraformPlan} from './types' @@ -40,8 +41,11 @@ async function run(): Promise { // we need to parse the terraform plan into a json string async function jsonFromPlan(dir: string, planFileName: string): Promise { - // we need to cd into the terraform directory before running terraform show - await exec.exec('cd', [dir]) + core.debug(`dir after replace: "${dir}"`) + dir = dir.replace(/\/\s*$/, '') // remove last / character if it exists + core.debug(`dir after replace: "${dir}"`) + // we need to copy the .terraform dir into the working directory in order for terraform show to work + await io.cp(`${dir}/.terraform`, '.', {recursive: true}) // run terraform show -json to parse the plan into a json string let output = '' @@ -55,6 +59,9 @@ async function jsonFromPlan(dir: string, planFileName: string): Promise } await exec.exec('terraform', ['show', '-json', planFileName], options) + // delete .terraform dir after terraform show command to clean up after + const rmDotTerraform = io.rmRF('.terraform') + // pull out any extra fluff from terraform wrapper from the hashicorp/setup-terraform action const json = output.match(/{.*}/) if (json === null) { @@ -68,6 +75,7 @@ async function jsonFromPlan(dir: string, planFileName: string): Promise core.debug(json[0]) core.debug('** end matched json **') + await rmDotTerraform // finish the removing of the .terraform dir return json[0] } From fa0748654a799085adedaf2dbc077dd68e377ccf Mon Sep 17 00:00:00 2001 From: yoshutch Date: Fri, 26 Jun 2020 09:10:40 -0600 Subject: [PATCH 16/26] 2 action now copies .terraform dir --- dist/index.js | 2 +- src/main.ts | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/dist/index.js b/dist/index.js index 20f14cc..d7d8d95 100644 --- a/dist/index.js +++ b/dist/index.js @@ -1790,7 +1790,7 @@ async function jsonFromPlan(dir, planFileName) { } } }; - await exec.exec('terraform', ['show', '-json', planFileName], options); + await exec.exec('terraform', ['show', '-json', `${dir}/${planFileName}`], options); // delete .terraform dir after terraform show command to clean up after const rmDotTerraform = io.rmRF('.terraform'); // pull out any extra fluff from terraform wrapper from the hashicorp/setup-terraform action diff --git a/src/main.ts b/src/main.ts index c1ef3d5..ccfa7be 100644 --- a/src/main.ts +++ b/src/main.ts @@ -57,7 +57,7 @@ async function jsonFromPlan(dir: string, planFileName: string): Promise } } } - await exec.exec('terraform', ['show', '-json', planFileName], options) + await exec.exec('terraform', ['show', '-json', `${dir}/${planFileName}`], options) // delete .terraform dir after terraform show command to clean up after const rmDotTerraform = io.rmRF('.terraform') From 4e3965fbad794daf5ae58fca0129499b02585416 Mon Sep 17 00:00:00 2001 From: yoshutch Date: Fri, 26 Jun 2020 09:35:42 -0600 Subject: [PATCH 17/26] added more workflow tests. updated README --- .github/workflows/test.yml | 47 ++++++++++++++++++++++++++++++++++++-- README.md | 25 +++++++------------- 2 files changed, 53 insertions(+), 19 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 1a999f7..258ef19 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -14,7 +14,9 @@ jobs: - run: | yarn install yarn run all - test: # make sure the action works on a clean machine without building only on PRs + + test-action: # make sure the action works on a clean machine without building (only on PRs) + name: Test normal PR use if: ${{ github.event_name == 'pull_request' }} runs-on: ubuntu-latest env: @@ -32,4 +34,45 @@ jobs: with: github-token: ${{ secrets.GITHUB_TOKEN }} terraform-directory: __tests__ - terraform-plan-file: test-plan.tfplan \ No newline at end of file + terraform-plan-file: test-plan.tfplan + + test-action-without-tf-wrapper: # make sure the action works without the terraform wrapper (only on PRs) + name: Test without TF wrapper + if: ${{ github.event_name == 'pull_request' }} + runs-on: ubuntu-latest + env: + tf_version: 0.12.27 + steps: + - uses: actions/checkout@v1 + - uses: hashicorp/setup-terraform@v1 + with: + terraform_version: ${{ env.tf_version }} + terraform_wrapper: false + - run: terraform init + working-directory: __tests__ + - run: terraform plan -out test-plan.tfplan + working-directory: __tests__ + - uses: ./ + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + terraform-directory: __tests__ + terraform-plan-file: test-plan.tfplan + + test-action-at-root: # make sure the action works with terraform dir as root dir (only on PRs) + name: Test from Root + if: ${{ github.event_name == 'pull_request' }} + runs-on: ubuntu-latest + env: + tf_version: 0.12.27 + steps: + - uses: actions/checkout@v1 + - run: mv __tests__/* . + - uses: hashicorp/setup-terraform@v1 + with: + terraform_version: ${{ env.tf_version }} + - run: terraform init + - run: terraform plan -out test-plan.tfplan + - uses: ./ + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + terraform-plan-file: test-plan.tfplan \ No newline at end of file diff --git a/README.md b/README.md index ea34eb9..b3ab146 100644 --- a/README.md +++ b/README.md @@ -6,9 +6,9 @@ GitHub Action to make a comment on a pull request with the proposed updated terraform plan -This action takes in a JSON representation of your terraform plan and creates a comment on the Pull Request (PR) with basic info about what the plan will create, update, replace, or delete. +This action takes in the terraform plan and creates a comment on the Pull Request (PR) with basic info about what the plan will create, update, replace, or delete. -**Note:** this action does not run terraform plan for you, you must pass in the plan as an input. +**Note:** this action does not run terraform plan for you, you must pass in the plan as an input as well as the directory of the terraform configuration (where the plan and .terraform dir are located after `terraform init`). ## Usage ```yaml @@ -19,25 +19,22 @@ jobs: runs-on: ubuntu-latest steps: # ... - - name: Terraform Setup - uses: hashicorp/setup-terraform@v1 - with: - terraform_version: ${{ env.tf_version }} - terraform_wrapper: false # terraform init # terraform plan - name: Comment Terraform Plan uses: byu-oit/github-action-tf-plan-comment@v1 with: github-token: ${{ secrets.GITHUB_TOKEN }} - terraform-directory: terraform-iac/dev/app + terraform-directory: terraform-iac/dev/app # where your terraform files are terraform-plan-file: plan.tfplan ``` -**Note:** make sure you run your `terraform show-json plan` in the same working directory as the `terraform plan` step, and make sure you. -Also the setup-terraform action by default puts a wrapper around the stdout of commands, so trying to use `terraform show -json > plan.json` will save more than just the json output to the json file. -We disable the wrapper in this example so that you can pipe the output to a file. +## Inputs +* `github-token` - (**required**) pass in the GitHub token to make comments on the PR +* `terraform-directory` - (_optional_) the directory of the terraform configuration files (defaults to `.`) +* `terraform-plan-file` - (**required**) Filename of the terraform plan (don't include the full path, just the path from the `terraform-directory`) +## Output This action will create a comment on your PR like: > ## Terraform Plan: @@ -49,12 +46,6 @@ This action will create a comment on your PR like: > >[see details](link to the github action workflow) - -## Inputs -* `github-token` - (**required**) pass in the GitHub token to make comments on the PR -* `terraform-directory` - (optional) the directory of the terraform configuration files (defaults to `.`) -* `terraform-plan-file` - (**required**) Filename of the terraform plan (don't include the full path, just the path from the `terraform-directory`) - ## Contributing Hopefully this is useful to others at BYU. Feel free to ask me some questions about it, but I make no promises about being able to commit time to support it. From 1ff4c00768c237ed2cf81d71e3b9f23779f91758 Mon Sep 17 00:00:00 2001 From: yoshutch Date: Fri, 26 Jun 2020 09:40:16 -0600 Subject: [PATCH 18/26] rearranged workflows --- .github/workflows/ci.yaml | 16 +++++++ .github/workflows/test.yml | 90 +++++++++++++++++--------------------- 2 files changed, 55 insertions(+), 51 deletions(-) create mode 100644 .github/workflows/ci.yaml diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml new file mode 100644 index 0000000..e0f1f37 --- /dev/null +++ b/.github/workflows/ci.yaml @@ -0,0 +1,16 @@ +name: "build-test" +on: + pull_request: + push: + branches: + - master + - 'releases/*' + +jobs: + build: # make sure build/ci work properly + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v1 + - run: | + yarn install + yarn run all \ No newline at end of file diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 258ef19..df32442 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -1,23 +1,13 @@ name: "build-test" -on: # rebuild any PRs and main branch changes +on: pull_request: - push: branches: - master - 'releases/*' jobs: - build: # make sure build/ci work properly - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v1 - - run: | - yarn install - yarn run all - - test-action: # make sure the action works on a clean machine without building (only on PRs) + test-action: # make sure the action works on a clean machine without building name: Test normal PR use - if: ${{ github.event_name == 'pull_request' }} runs-on: ubuntu-latest env: tf_version: 0.12.27 @@ -36,43 +26,41 @@ jobs: terraform-directory: __tests__ terraform-plan-file: test-plan.tfplan - test-action-without-tf-wrapper: # make sure the action works without the terraform wrapper (only on PRs) - name: Test without TF wrapper - if: ${{ github.event_name == 'pull_request' }} - runs-on: ubuntu-latest - env: - tf_version: 0.12.27 - steps: - - uses: actions/checkout@v1 - - uses: hashicorp/setup-terraform@v1 - with: - terraform_version: ${{ env.tf_version }} - terraform_wrapper: false - - run: terraform init - working-directory: __tests__ - - run: terraform plan -out test-plan.tfplan - working-directory: __tests__ - - uses: ./ - with: - github-token: ${{ secrets.GITHUB_TOKEN }} - terraform-directory: __tests__ - terraform-plan-file: test-plan.tfplan + test-action-without-tf-wrapper: # make sure the action works without the terraform wrapper + name: Test without TF wrapper + runs-on: ubuntu-latest + env: + tf_version: 0.12.27 + steps: + - uses: actions/checkout@v1 + - uses: hashicorp/setup-terraform@v1 + with: + terraform_version: ${{ env.tf_version }} + terraform_wrapper: false + - run: terraform init + working-directory: __tests__ + - run: terraform plan -out test-plan.tfplan + working-directory: __tests__ + - uses: ./ + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + terraform-directory: __tests__ + terraform-plan-file: test-plan.tfplan - test-action-at-root: # make sure the action works with terraform dir as root dir (only on PRs) - name: Test from Root - if: ${{ github.event_name == 'pull_request' }} - runs-on: ubuntu-latest - env: - tf_version: 0.12.27 - steps: - - uses: actions/checkout@v1 - - run: mv __tests__/* . - - uses: hashicorp/setup-terraform@v1 - with: - terraform_version: ${{ env.tf_version }} - - run: terraform init - - run: terraform plan -out test-plan.tfplan - - uses: ./ - with: - github-token: ${{ secrets.GITHUB_TOKEN }} - terraform-plan-file: test-plan.tfplan \ No newline at end of file + test-action-at-root: # make sure the action works with terraform dir as root dir + name: Test from Root + runs-on: ubuntu-latest + env: + tf_version: 0.12.27 + steps: + - uses: actions/checkout@v1 + - run: mv __tests__/* . + - uses: hashicorp/setup-terraform@v1 + with: + terraform_version: ${{ env.tf_version }} + - run: terraform init + - run: terraform plan -out test-plan.tfplan + - uses: ./ + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + terraform-plan-file: test-plan.tfplan \ No newline at end of file From b99b2eb45c021a2f1fbfe94142af6dfa05800bd1 Mon Sep 17 00:00:00 2001 From: yoshutch Date: Fri, 26 Jun 2020 09:41:52 -0600 Subject: [PATCH 19/26] 2 rearranged workflows --- .github/workflows/ci.yaml | 2 +- .github/workflows/test.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index e0f1f37..c16d7a1 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -1,4 +1,4 @@ -name: "build-test" +name: "build" on: pull_request: push: diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index df32442..a66735b 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -1,4 +1,4 @@ -name: "build-test" +name: "test" on: pull_request: branches: From e9909b1c1ca51ac27ee1f1530a159541ef194d4c Mon Sep 17 00:00:00 2001 From: yoshutch Date: Fri, 26 Jun 2020 09:45:58 -0600 Subject: [PATCH 20/26] 3 rearranged workflows --- .github/workflows/ci.yaml | 2 +- .github/workflows/test.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index c16d7a1..adb2255 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -4,7 +4,7 @@ on: push: branches: - master - - 'releases/*' + - 'v*' jobs: build: # make sure build/ci work properly diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index a66735b..8f52911 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -3,7 +3,7 @@ on: pull_request: branches: - master - - 'releases/*' + - 'v*' jobs: test-action: # make sure the action works on a clean machine without building From 939911eb8a81a7f8008b8ad0b71be88d1e82062c Mon Sep 17 00:00:00 2001 From: yoshutch Date: Fri, 26 Jun 2020 09:51:47 -0600 Subject: [PATCH 21/26] fixing root directory case --- dist/index.js | 15 ++++++++++----- src/main.ts | 14 +++++++++----- 2 files changed, 19 insertions(+), 10 deletions(-) diff --git a/dist/index.js b/dist/index.js index d7d8d95..ac4fad0 100644 --- a/dist/index.js +++ b/dist/index.js @@ -1775,11 +1775,16 @@ async function run() { } // we need to parse the terraform plan into a json string async function jsonFromPlan(dir, planFileName) { - core.debug(`dir after replace: "${dir}"`); - dir = dir.replace(/\/\s*$/, ''); // remove last / character if it exists - core.debug(`dir after replace: "${dir}"`); - // we need to copy the .terraform dir into the working directory in order for terraform show to work - await io.cp(`${dir}/.terraform`, '.', { recursive: true }); + if (dir === '.' || dir === process.env['GITHUB_WORKSPACE']) { + core.debug('terraform directory is the root directory, no need to copy .terraform...'); + } + else { + core.debug(`dir after replace: "${dir}"`); + dir = dir.replace(/\/\s*$/, ''); // remove last / character if it exists + core.debug(`dir after replace: "${dir}"`); + // we need to copy the .terraform dir into the working directory in order for terraform show to work + await io.cp(`${dir}/.terraform`, '.', { recursive: true }); + } // run terraform show -json to parse the plan into a json string let output = ''; const options = { diff --git a/src/main.ts b/src/main.ts index ccfa7be..f7fa9f4 100644 --- a/src/main.ts +++ b/src/main.ts @@ -41,11 +41,15 @@ async function run(): Promise { // we need to parse the terraform plan into a json string async function jsonFromPlan(dir: string, planFileName: string): Promise { - core.debug(`dir after replace: "${dir}"`) - dir = dir.replace(/\/\s*$/, '') // remove last / character if it exists - core.debug(`dir after replace: "${dir}"`) - // we need to copy the .terraform dir into the working directory in order for terraform show to work - await io.cp(`${dir}/.terraform`, '.', {recursive: true}) + if (dir === '.' || dir === process.env['GITHUB_WORKSPACE']) { + core.debug('terraform directory is the root directory, no need to copy .terraform...') + } else { + core.debug(`dir after replace: "${dir}"`) + dir = dir.replace(/\/\s*$/, '') // remove last / character if it exists + core.debug(`dir after replace: "${dir}"`) + // we need to copy the .terraform dir into the working directory in order for terraform show to work + await io.cp(`${dir}/.terraform`, '.', {recursive: true}) + } // run terraform show -json to parse the plan into a json string let output = '' From 77285d33cdd35d6038396a2c61ce24d0702e5603 Mon Sep 17 00:00:00 2001 From: yoshutch Date: Fri, 26 Jun 2020 10:59:54 -0600 Subject: [PATCH 22/26] trying to execute `terraform-show` from the working-directory instead of copying .terraform to root --- .github/workflows/test.yml | 4 ++-- README.md | 8 ++++---- action.yml | 2 +- dist/index.js | 19 +++---------------- package.json | 3 +-- src/main.ts | 19 +++---------------- 6 files changed, 14 insertions(+), 41 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 8f52911..0aa3724 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -23,7 +23,7 @@ jobs: - uses: ./ with: github-token: ${{ secrets.GITHUB_TOKEN }} - terraform-directory: __tests__ + working-directory: __tests__ terraform-plan-file: test-plan.tfplan test-action-without-tf-wrapper: # make sure the action works without the terraform wrapper @@ -44,7 +44,7 @@ jobs: - uses: ./ with: github-token: ${{ secrets.GITHUB_TOKEN }} - terraform-directory: __tests__ + working-directory: __tests__ terraform-plan-file: test-plan.tfplan test-action-at-root: # make sure the action works with terraform dir as root dir diff --git a/README.md b/README.md index b3ab146..7086bee 100644 --- a/README.md +++ b/README.md @@ -25,14 +25,14 @@ jobs: uses: byu-oit/github-action-tf-plan-comment@v1 with: github-token: ${{ secrets.GITHUB_TOKEN }} - terraform-directory: terraform-iac/dev/app # where your terraform files are - terraform-plan-file: plan.tfplan + working-directory: terraform-iac/dev/app # where your terraform files are + terraform-plan-file: plan.tfplan # relative to working directory ``` ## Inputs * `github-token` - (**required**) pass in the GitHub token to make comments on the PR -* `terraform-directory` - (_optional_) the directory of the terraform configuration files (defaults to `.`) -* `terraform-plan-file` - (**required**) Filename of the terraform plan (don't include the full path, just the path from the `terraform-directory`) +* `working-directory` - (_optional_) the directory of the terraform configuration files (defaults to `.`) +* `terraform-plan-file` - (**required**) Filename of the terraform plan (relative to `working-directory`) ## Output This action will create a comment on your PR like: diff --git a/action.yml b/action.yml index 052cb29..4cde159 100644 --- a/action.yml +++ b/action.yml @@ -8,7 +8,7 @@ inputs: terraform-plan-file: required: true description: File name of the terraform plan - terraform-directory: + working-directory: required: false description: Directory of the terraform configuration default: . diff --git a/dist/index.js b/dist/index.js index ac4fad0..8cc6a5f 100644 --- a/dist/index.js +++ b/dist/index.js @@ -1743,7 +1743,6 @@ Object.defineProperty(exports, "__esModule", { value: true }); const core = __importStar(__webpack_require__(470)); const exec = __importStar(__webpack_require__(986)); const github = __importStar(__webpack_require__(469)); -const io = __importStar(__webpack_require__(1)); const types_1 = __webpack_require__(251); const commentPrefix = '## Terraform Plan:'; async function run() { @@ -1775,16 +1774,6 @@ async function run() { } // we need to parse the terraform plan into a json string async function jsonFromPlan(dir, planFileName) { - if (dir === '.' || dir === process.env['GITHUB_WORKSPACE']) { - core.debug('terraform directory is the root directory, no need to copy .terraform...'); - } - else { - core.debug(`dir after replace: "${dir}"`); - dir = dir.replace(/\/\s*$/, ''); // remove last / character if it exists - core.debug(`dir after replace: "${dir}"`); - // we need to copy the .terraform dir into the working directory in order for terraform show to work - await io.cp(`${dir}/.terraform`, '.', { recursive: true }); - } // run terraform show -json to parse the plan into a json string let output = ''; const options = { @@ -1792,12 +1781,11 @@ async function jsonFromPlan(dir, planFileName) { // captures the standard output of the terraform show command and appends it to the variable 'output' stdout: (data) => { output += data.toString('utf8'); - } + }, + cwd: dir // execute the command from working directory 'dir' } }; - await exec.exec('terraform', ['show', '-json', `${dir}/${planFileName}`], options); - // delete .terraform dir after terraform show command to clean up after - const rmDotTerraform = io.rmRF('.terraform'); + await exec.exec('terraform', ['show', '-json', planFileName], options); // pull out any extra fluff from terraform wrapper from the hashicorp/setup-terraform action const json = output.match(/{.*}/); if (json === null) { @@ -1810,7 +1798,6 @@ async function jsonFromPlan(dir, planFileName) { core.debug('** matched json **'); core.debug(json[0]); core.debug('** end matched json **'); - await rmDotTerraform; // finish the removing of the .terraform dir return json[0]; } class PlanCommenter { diff --git a/package.json b/package.json index d37a4c5..59ccad9 100644 --- a/package.json +++ b/package.json @@ -27,8 +27,7 @@ "dependencies": { "@actions/core": "^1.2.0", "@actions/exec": "^1.0.4", - "@actions/github": "^3.0.0", - "@actions/io": "^1.0.2" + "@actions/github": "^3.0.0" }, "devDependencies": { "@types/jest": "^24.0.23", diff --git a/src/main.ts b/src/main.ts index f7fa9f4..5e5fd5f 100644 --- a/src/main.ts +++ b/src/main.ts @@ -1,7 +1,6 @@ import * as core from '@actions/core' import * as exec from '@actions/exec' import * as github from '@actions/github' -import * as io from '@actions/io' import {GitHub} from '@actions/github/lib/utils' import {Action, PullRequest, TerraformPlan} from './types' @@ -41,16 +40,6 @@ async function run(): Promise { // we need to parse the terraform plan into a json string async function jsonFromPlan(dir: string, planFileName: string): Promise { - if (dir === '.' || dir === process.env['GITHUB_WORKSPACE']) { - core.debug('terraform directory is the root directory, no need to copy .terraform...') - } else { - core.debug(`dir after replace: "${dir}"`) - dir = dir.replace(/\/\s*$/, '') // remove last / character if it exists - core.debug(`dir after replace: "${dir}"`) - // we need to copy the .terraform dir into the working directory in order for terraform show to work - await io.cp(`${dir}/.terraform`, '.', {recursive: true}) - } - // run terraform show -json to parse the plan into a json string let output = '' const options = { @@ -58,13 +47,12 @@ async function jsonFromPlan(dir: string, planFileName: string): Promise // captures the standard output of the terraform show command and appends it to the variable 'output' stdout: (data: Buffer) => { output += data.toString('utf8') - } + }, + cwd: dir // execute the command from working directory 'dir' } } - await exec.exec('terraform', ['show', '-json', `${dir}/${planFileName}`], options) - // delete .terraform dir after terraform show command to clean up after - const rmDotTerraform = io.rmRF('.terraform') + await exec.exec('terraform', ['show', '-json', planFileName], options) // pull out any extra fluff from terraform wrapper from the hashicorp/setup-terraform action const json = output.match(/{.*}/) @@ -79,7 +67,6 @@ async function jsonFromPlan(dir: string, planFileName: string): Promise core.debug(json[0]) core.debug('** end matched json **') - await rmDotTerraform // finish the removing of the .terraform dir return json[0] } From e86fc8f1e69db34c6cb75ff6676bde3fa011f8e0 Mon Sep 17 00:00:00 2001 From: yoshutch Date: Fri, 26 Jun 2020 11:02:53 -0600 Subject: [PATCH 23/26] cwd option in exec --- dist/index.js | 8 ++++---- src/main.ts | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/dist/index.js b/dist/index.js index 8cc6a5f..a9c47e8 100644 --- a/dist/index.js +++ b/dist/index.js @@ -1778,12 +1778,12 @@ async function jsonFromPlan(dir, planFileName) { let output = ''; const options = { listeners: { - // captures the standard output of the terraform show command and appends it to the variable 'output' stdout: (data) => { + // captures the standard output of the terraform show command and appends it to the variable 'output' output += data.toString('utf8'); - }, - cwd: dir // execute the command from working directory 'dir' - } + } + }, + cwd: dir // execute the command from working directory 'dir' }; await exec.exec('terraform', ['show', '-json', planFileName], options); // pull out any extra fluff from terraform wrapper from the hashicorp/setup-terraform action diff --git a/src/main.ts b/src/main.ts index 5e5fd5f..e1a60ad 100644 --- a/src/main.ts +++ b/src/main.ts @@ -44,12 +44,12 @@ async function jsonFromPlan(dir: string, planFileName: string): Promise let output = '' const options = { listeners: { - // captures the standard output of the terraform show command and appends it to the variable 'output' stdout: (data: Buffer) => { + // captures the standard output of the terraform show command and appends it to the variable 'output' output += data.toString('utf8') - }, - cwd: dir // execute the command from working directory 'dir' - } + } + }, + cwd: dir // execute the command from working directory 'dir' } await exec.exec('terraform', ['show', '-json', planFileName], options) From 13355b8a1481f6ff46974fe571a66ff7530b8095 Mon Sep 17 00:00:00 2001 From: yoshutch Date: Fri, 26 Jun 2020 11:09:26 -0600 Subject: [PATCH 24/26] 2 cwd option in exec --- .github/workflows/test.yml | 2 +- dist/index.js | 1 + src/main.ts | 4 +++- 3 files changed, 5 insertions(+), 2 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 0aa3724..c326c62 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -23,7 +23,7 @@ jobs: - uses: ./ with: github-token: ${{ secrets.GITHUB_TOKEN }} - working-directory: __tests__ + working-directory: __tests__/ terraform-plan-file: test-plan.tfplan test-action-without-tf-wrapper: # make sure the action works without the terraform wrapper diff --git a/dist/index.js b/dist/index.js index a9c47e8..4298902 100644 --- a/dist/index.js +++ b/dist/index.js @@ -1785,6 +1785,7 @@ async function jsonFromPlan(dir, planFileName) { }, cwd: dir // execute the command from working directory 'dir' }; + core.debug(`execOptions: ${JSON.stringify(options)}`); await exec.exec('terraform', ['show', '-json', planFileName], options); // pull out any extra fluff from terraform wrapper from the hashicorp/setup-terraform action const json = output.match(/{.*}/); diff --git a/src/main.ts b/src/main.ts index e1a60ad..a444f00 100644 --- a/src/main.ts +++ b/src/main.ts @@ -3,6 +3,7 @@ import * as exec from '@actions/exec' import * as github from '@actions/github' import {GitHub} from '@actions/github/lib/utils' import {Action, PullRequest, TerraformPlan} from './types' +import {ExecOptions} from '@actions/exec' const commentPrefix = '## Terraform Plan:' @@ -42,7 +43,7 @@ async function run(): Promise { async function jsonFromPlan(dir: string, planFileName: string): Promise { // run terraform show -json to parse the plan into a json string let output = '' - const options = { + const options: ExecOptions = { listeners: { stdout: (data: Buffer) => { // captures the standard output of the terraform show command and appends it to the variable 'output' @@ -52,6 +53,7 @@ async function jsonFromPlan(dir: string, planFileName: string): Promise cwd: dir // execute the command from working directory 'dir' } + core.debug(`execOptions: ${JSON.stringify(options)}`) await exec.exec('terraform', ['show', '-json', planFileName], options) // pull out any extra fluff from terraform wrapper from the hashicorp/setup-terraform action From 01fe42dba3eae6e194572212bc2136eb05e6d726 Mon Sep 17 00:00:00 2001 From: yoshutch Date: Fri, 26 Jun 2020 11:10:58 -0600 Subject: [PATCH 25/26] 3 cwd option in exec --- .github/workflows/test.yml | 2 +- dist/index.js | 2 +- src/main.ts | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index c326c62..0aa3724 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -23,7 +23,7 @@ jobs: - uses: ./ with: github-token: ${{ secrets.GITHUB_TOKEN }} - working-directory: __tests__/ + working-directory: __tests__ terraform-plan-file: test-plan.tfplan test-action-without-tf-wrapper: # make sure the action works without the terraform wrapper diff --git a/dist/index.js b/dist/index.js index 4298902..b0c731f 100644 --- a/dist/index.js +++ b/dist/index.js @@ -1755,7 +1755,7 @@ async function run() { } core.debug('got pull request'); const planFileName = core.getInput('terraform-plan-file'); - const terraformDir = core.getInput('terraform-directory'); + const terraformDir = core.getInput('working-directory'); const json = await jsonFromPlan(terraformDir, planFileName); const terraformPlan = JSON.parse(json); core.debug('successfully parsed json'); diff --git a/src/main.ts b/src/main.ts index a444f00..014df3e 100644 --- a/src/main.ts +++ b/src/main.ts @@ -19,7 +19,7 @@ async function run(): Promise { core.debug('got pull request') const planFileName = core.getInput('terraform-plan-file') - const terraformDir = core.getInput('terraform-directory') + const terraformDir = core.getInput('working-directory') const json = await jsonFromPlan(terraformDir, planFileName) const terraformPlan: TerraformPlan = JSON.parse(json) From 87828a7fa815ee44dd83f355e8e50f172aa8aee9 Mon Sep 17 00:00:00 2001 From: yoshutch Date: Fri, 26 Jun 2020 11:20:57 -0600 Subject: [PATCH 26/26] added extra test (where plan in different dir) and tweaking readme --- .github/workflows/test.yml | 20 ++++++++++++++++++++ README.md | 7 +++---- dist/index.js | 10 +++++----- src/main.ts | 10 +++++----- 4 files changed, 33 insertions(+), 14 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 0aa3724..1211743 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -26,6 +26,26 @@ jobs: working-directory: __tests__ terraform-plan-file: test-plan.tfplan + test-action-plan-in-diff-dir: # make sure the action works with plan in different directory from working dir + name: Test TF plan in different dir + runs-on: ubuntu-latest + env: + tf_version: 0.12.27 + steps: + - uses: actions/checkout@v1 + - uses: hashicorp/setup-terraform@v1 + with: + terraform_version: ${{ env.tf_version }} + - run: terraform init + working-directory: __tests__ + - run: terraform plan -out ../test-plan.tfplan + working-directory: __tests__ + - uses: ./ + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + working-directory: __tests__ + terraform-plan-file: ../test-plan.tfplan + test-action-without-tf-wrapper: # make sure the action works without the terraform wrapper name: Test without TF wrapper runs-on: ubuntu-latest diff --git a/README.md b/README.md index 7086bee..b145091 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,5 @@ -

- typescript-action status -

+![build](https://github.com/byu-oit/github-action-tf-plan-comment/workflows/build/badge.svg) +![test](https://github.com/byu-oit/github-action-tf-plan-comment/workflows/test/badge.svg) # ![BYU logo](https://www.hscripts.com/freeimages/logos/university-logos/byu/byu-logo-clipart-128.gif) github-action-tf-plan-comment @@ -8,7 +7,7 @@ GitHub Action to make a comment on a pull request with the proposed updated terr This action takes in the terraform plan and creates a comment on the Pull Request (PR) with basic info about what the plan will create, update, replace, or delete. -**Note:** this action does not run terraform plan for you, you must pass in the plan as an input as well as the directory of the terraform configuration (where the plan and .terraform dir are located after `terraform init`). +**Note:** this action does not run `terraform plan` for you, you must pass in the plan as an input as well as the directory of the terraform configuration (where the plan and .terraform dir are located after `terraform init`). ## Usage ```yaml diff --git a/dist/index.js b/dist/index.js index b0c731f..9e18cfb 100644 --- a/dist/index.js +++ b/dist/index.js @@ -1755,8 +1755,8 @@ async function run() { } core.debug('got pull request'); const planFileName = core.getInput('terraform-plan-file'); - const terraformDir = core.getInput('working-directory'); - const json = await jsonFromPlan(terraformDir, planFileName); + const workingDir = core.getInput('working-directory'); + const json = await jsonFromPlan(workingDir, planFileName); const terraformPlan = JSON.parse(json); core.debug('successfully parsed json'); const token = core.getInput('github-token'); @@ -1773,7 +1773,7 @@ async function run() { } } // we need to parse the terraform plan into a json string -async function jsonFromPlan(dir, planFileName) { +async function jsonFromPlan(workingDir, planFileName) { // run terraform show -json to parse the plan into a json string let output = ''; const options = { @@ -1783,7 +1783,7 @@ async function jsonFromPlan(dir, planFileName) { output += data.toString('utf8'); } }, - cwd: dir // execute the command from working directory 'dir' + cwd: workingDir // execute the command from working directory 'dir' }; core.debug(`execOptions: ${JSON.stringify(options)}`); await exec.exec('terraform', ['show', '-json', planFileName], options); @@ -1850,7 +1850,7 @@ class PlanCommenter { for (const resourceChange of terraformPlan.resource_changes) { const actions = resourceChange.change.actions; const resourceName = `${resourceChange.type} - ${resourceChange.name}`; - core.debug(`resource: ${resourceName}, actions: ${actions}`); + core.debug(` resource: ${resourceName}, actions: ${actions}`); if (actions.length === 1 && actions.includes(types_1.Action.create)) { toCreate.push(resourceName); } diff --git a/src/main.ts b/src/main.ts index 014df3e..bf835eb 100644 --- a/src/main.ts +++ b/src/main.ts @@ -19,9 +19,9 @@ async function run(): Promise { core.debug('got pull request') const planFileName = core.getInput('terraform-plan-file') - const terraformDir = core.getInput('working-directory') + const workingDir = core.getInput('working-directory') - const json = await jsonFromPlan(terraformDir, planFileName) + const json = await jsonFromPlan(workingDir, planFileName) const terraformPlan: TerraformPlan = JSON.parse(json) core.debug('successfully parsed json') @@ -40,7 +40,7 @@ async function run(): Promise { } // we need to parse the terraform plan into a json string -async function jsonFromPlan(dir: string, planFileName: string): Promise { +async function jsonFromPlan(workingDir: string, planFileName: string): Promise { // run terraform show -json to parse the plan into a json string let output = '' const options: ExecOptions = { @@ -50,7 +50,7 @@ async function jsonFromPlan(dir: string, planFileName: string): Promise output += data.toString('utf8') } }, - cwd: dir // execute the command from working directory 'dir' + cwd: workingDir // execute the command from working directory 'dir' } core.debug(`execOptions: ${JSON.stringify(options)}`) @@ -126,7 +126,7 @@ class PlanCommenter { for (const resourceChange of terraformPlan.resource_changes) { const actions = resourceChange.change.actions const resourceName = `${resourceChange.type} - ${resourceChange.name}` - core.debug(`resource: ${resourceName}, actions: ${actions}`) + core.debug(` resource: ${resourceName}, actions: ${actions}`) if (actions.length === 1 && actions.includes(Action.create)) { toCreate.push(resourceName) } else if (actions.length === 1 && actions.includes(Action.delete)) {