initial commit

Author: IA Automator

.checkov.yml

@@ -0,0 +1,16 @@
+download-external-modules: False
+evaluate-variables: true
+file:
+- 'tf.json'
+framework:
+- terraform_plan
+skip-check:
+- CKV2_GCP*
+- CKV_AZURE*
+- CKV2_AZURE*
+repo-root-for-plan-enrichment:
+- '.'
+summary-position: bottom
+output: 'cli'
+compact: True
+quiet: True

.copier-answers.yml

@@ -0,0 +1,6 @@
+# This file is auto-generated, changes will be overwritten
+_commit: v0.0.8
+_src_path: /task/d8054634-017f-11ee-b538-a6e0baabaef0/projecttype
+starting_version: v0.0.0
+version_file: VERSION
+

.gitignore

@@ -0,0 +1,42 @@
+build/
+plan.out
+plan.out.json
+
+# Local .terraform directories
+**/.terraform/*
+
+# .tfstate files
+*.tfstate
+*.tfstate.*
+
+# Crash log files
+crash.log
+
+# Exclude all .tfvars files, which are likely to contain sentitive data, such as
+# password, private keys, and other secrets. These should not be part of version 
+# control as they are data points which are potentially sensitive and subject 
+# to change depending on the environment.
+#
+*.tfvars
+
+# Ignore override files as they are usually used to override resources locally and so
+# are not checked in
+override.tf
+override.tf.json
+*_override.tf
+*_override.tf.json
+
+# Include override files you do wish to add to version control using negated pattern
+#
+# !example_override.tf
+
+# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
+# example: *tfplan*
+
+# Ignore CLI configuration files
+.terraformrc
+terraform.rc
+.terraform.lock.hcl
+
+go.mod
+go.sum

.header.md

@@ -0,0 +1,7 @@
+# Terraform Module Project
+
+:no_entry_sign: Do not edit this readme.md file. To learn how to change this content and work with this repository, refer to CONTRIBUTING.md
+
+## Readme Content
+
+This file will contain any instructional information about this module.

.mdlrc

@@ -0,0 +1,5 @@
+# Ignoring the following rules
+# MD007 Unordered list indentation
+# MD013 Line length
+# MD029 Ordered list item prefix
+rules "~MD007", "~MD013", "~MD029"

.pre-commit-config.yaml

@@ -0,0 +1,17 @@
+---
+fail_fast: false
+minimum_pre_commit_version: "2.6.0"
+repos:
+  -
+    repo: https://github.com/terraform-docs/terraform-docs
+    # To update run:
+    # pre-commit autoupdate --freeze
+    rev: 212db41760d7fc45d736d5eb94a483d0d2a12049  # frozen: v0.16.0
+    hooks:
+      - id: terraform-docs-go
+        args: 
+          - "--config=.terraform-docs.yaml"
+          - "--lockfile=false"
+          - "--recursive"
+          - "--recursive-path=examples/"
+          - "./"

.project_automation/deprecation/entrypoint.sh

@@ -0,0 +1,6 @@
+#!/bin/bash -ex
+
+## NOTE: paths may differ when running in a managed task. To ensure behavior is consistent between
+# managed and local tasks always use these variables for the project and project type path
+PROJECT_PATH=${BASE_PATH}/project
+PROJECT_TYPE_PATH=${BASE_PATH}/projecttype

.project_automation/deprovision/entrypoint.sh

@@ -0,0 +1,6 @@
+#!/bin/bash -ex
+
+## NOTE: paths may differ when running in a managed task. To ensure behavior is consistent between
+# managed and local tasks always use these variables for the project and project type path
+PROJECT_PATH=${BASE_PATH}/project
+PROJECT_TYPE_PATH=${BASE_PATH}/projecttype

.project_automation/functional_tests/Dockerfile

@@ -0,0 +1,14 @@
+FROM public.ecr.aws/codebuild/amazonlinux2-x86_64-standard:4.0
+ENV TERRAFORM_VERSION=1.4.2
+ENV GO_VERSION=1.20.2
+RUN cd /tmp && \
+    wget https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_linux_amd64.zip && \
+    unzip terraform_${TERRAFORM_VERSION}_linux_amd64.zip -d /usr/local/bin && chmod 755 /usr/local/bin/terraform
+
+RUN curl -s https://raw.githubusercontent.com/aquasecurity/tfsec/master/scripts/install_linux.sh | bash
+
+RUN cd /tmp && \
+    wget https://go.dev/dl/go${GO_VERSION}.linux-amd64.tar.gz && \
+    tar -C /usr/local/bin -xzf go${GO_VERSION}.linux-amd64.tar.gz && chmod 755 /usr/local/bin/go
+
+RUN pip3 install checkov

.project_automation/functional_tests/entrypoint.sh

@@ -0,0 +1,28 @@
+#!/bin/bash -e
+
+## NOTE: paths may differ when running in a managed task. To ensure behavior is consistent between
+# managed and local tasks always use these variables for the project and project type path
+PROJECT_PATH=${BASE_PATH}/project
+PROJECT_TYPE_PATH=${BASE_PATH}/projecttype
+
+echo "Starting Functional Tests"
+
+cd ${PROJECT_PATH}
+
+#********** Checkov Analysis *************
+echo "Running Checkov Analysis"
+terraform init
+terraform plan -out tf.plan
+terraform show -json tf.plan  > tf.json 
+checkov 
+
+#********** Terratest execution **********
+echo "Running Terratest"
+cd test
+rm -f go.mod
+go mod init github.com/aws-ia/terraform-project-ephemeral
+go mod tidy
+go install github.com/gruntwork-io/terratest/modules/terraform
+go test -timeout 45m
+
+echo "End of Functional Tests"