diff --git a/.claude/TERRAFORM_MODULE_REQUIREMENTS.md b/.claude/TERRAFORM_MODULE_REQUIREMENTS.md new file mode 100644 index 0000000..14bfba3 --- /dev/null +++ b/.claude/TERRAFORM_MODULE_REQUIREMENTS.md @@ -0,0 +1,197 @@ +# InfraHouse Terraform Module Requirements + +This document defines the standards and requirements for all InfraHouse Terraform modules to ensure professional, +well-documented, and maintainable infrastructure code. + +## Goal + +Provide comprehensive, professional documentation and tooling for all InfraHouse Terraform modules. + +## Essential Components for Each Terraform Module Repository + +### 1. README.md Structure + +**Header Section:** +- Module name and tagline +- Comprehensive badge row + +**Badges to include:** +- **Terraform Registry**: `[![Registry](https://img.shields.io/badge/terraform-registry-623CE4?logo=terraform)](registry url)` +- **Latest Release**: `[![GitHub release](https://img.shields.io/github/v/release/infrahouse/repo-name)](release url)` +- **License**: `[![License](https://img.shields.io/github/license/infrahouse/repo-name)](LICENSE)` +- **Documentation**: `[![Docs](https://img.shields.io/badge/docs-github.io-blue)](https://infrahouse.github.io/repo-name/)` +- **Security**: `[![Security](https://github.com/infrahouse/repo-name/actions/workflows/vuln-scanner-pr.yml/badge.svg)](workflow url)` +- **AWS Service Badge(s)**: Link to relevant AWS service(s) the module uses (e.g., Lambda, ECS, RDS). Use shields.io badges with AWS service logos. +- **Contact/Services**: `[![Need Help?](https://img.shields.io/badge/Need%20Help%3F-Contact%20Us-0066CC)](https://infrahouse.com/contact)` - Call to action for professional services + +**Content Sections:** +1. Brief description (what it does, why it exists) +2. **Why This Module?** (differentiation from alternatives) +3. **Features** (bullet list) +4. **Quick Start** (minimal working example) +5. **Documentation** (links to GitHub Pages sections) +6. **Requirements** (Terraform version, providers) +7. **Usage** (terraform-docs auto-generated section between `` and ``) +8. **Examples** (link to examples/) +9. **Contributing** (link to CONTRIBUTING.md) +10. **License** (link to LICENSE) + +### 2. Documentation (GitHub Pages) + +**Required Pages:** +- `index.md` - Overview, features, quick start +- `getting-started.md` - Prerequisites, first deployment +- `architecture.md` - How it works, diagrams +- `configuration.md` - All variables explained +- `examples.md` - Common use cases +- `troubleshooting.md` - Common issues +- `changelog.md` - Or link to CHANGELOG.md + +**Optional but Recommended:** +- `comparison.md` - vs alternatives +- `security.md` - Security considerations +- `monitoring.md` - Observability setup +- `upgrading.md` - Migration guides + +### 3. Repository Files + +**Must Have:** +- `README.md` +- `LICENSE` (Apache 2.0 recommended for patent protection and enterprise adoption) +- `CHANGELOG.md` (auto-generated with git-cliff) +- `CODING_STANDARD.md` (or link to central one) +- `.terraform-docs.yml` +- `mkdocs.yml` +- `.pre-commit-config.yaml` (if using pre-commit framework) +- `.github/workflows/release.yml` (auto-create GitHub Releases from tags) +- `examples/` directory with working examples + +**Should Have:** +- `CONTRIBUTING.md` (contribution guidelines) +- `SECURITY.md` (security policy, how to report vulnerabilities) +- `CODEOWNERS` (auto-assign reviewers) +- `.github/ISSUE_TEMPLATE/` (bug report, feature request) +- `.github/PULL_REQUEST_TEMPLATE.md` + +### 4. Testing & Quality + +- Working examples in `examples/` that can be tested +- `tests/` directory with pytest-based integration tests + - Uses pytest-infrahouse fixtures + - Uses infrahouse-core for validation + - Tests against multiple AWS provider versions + - Makefile targets: `test-keep`/`test-clean` (for development), `test` (for CI) +- Pre-commit hooks (terraform fmt, terraform-docs, tflint) +- Automated CI/CD with terraform validate and plan +- Security scanning (OSV, checkov, tfsec) + +### 5. Release Automation + +**GitHub Release Workflow** (`.github/workflows/release.yml`): +- Automatically creates GitHub Releases when tags are pushed +- Includes CHANGELOG.md content in release notes +- Enables the "Latest Release" badge in README + +```yaml +name: Create Release +on: + push: + tags: + - 'v*' + +jobs: + release: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Create Release + uses: softprops/action-gh-release@v1 + with: + body_path: CHANGELOG.md + generate_release_notes: true +``` + +**Release Process** (via Makefile targets): +```makefile +release-patch: + git-cliff --tag $(shell bumpversion --dry-run --list patch | grep new_version | cut -d= -f2) -o CHANGELOG.md + bumpversion patch + git push && git push --tags + # GitHub Actions workflow automatically creates the release +``` + +### 6. GitHub Repository Settings + +- GitHub Pages enabled (already automated!) +- Topics/tags (terraform, aws, infrastructure, etc.) +- About section with description and website link +- Social media card image (optional but nice) +- Discussions enabled (for community Q&A) +- Issues with templates +- Branch protection with required reviews + +### 7. Updates to CODING_STANDARD.md + +Proposed additions: + +```markdown +* **README.md (required):** + - Header with module name and description + - Badge row with: + - Terraform Registry link + - Latest release version + - License + - Documentation (GitHub Pages link) + - Security scanning status + - Relevant AWS service badge + - "Why This Module?" section (differentiation) + - Features list + - Quick Start example + - Documentation links (to GitHub Pages) + - terraform-docs markers: `` and `` + - Links to Contributing and License + +* **GitHub Pages Documentation (required for terraform_module):** + - Deployed via .github/workflows/docs.yml + - Built with MkDocs (Material theme) + - Minimum pages: index, getting-started, configuration + - Architecture diagrams where applicable + - Working examples with explanations + +* **Repository Files (required):** + - LICENSE file (Apache 2.0 recommended) + - CHANGELOG.md (auto-generated via git-cliff) + - SECURITY.md (security policy) + - CONTRIBUTING.md (contribution guidelines) + - .github/workflows/release.yml (auto-create releases from tags) + - examples/ directory with working examples + +* **Repository Configuration:** + - GitHub Pages enabled and deployed + - Topics/tags set (terraform, aws, relevant services) + - About section filled with website link + - Issue and PR templates configured +``` + +## Reference Implementation + +See [terraform-aws-actions-runner](https://github.com/infrahouse/terraform-aws-actions-runner) as the reference implementation: +- [Published Documentation](https://infrahouse.github.io/terraform-aws-actions-runner/) +- [Repository Page](https://github.com/infrahouse/terraform-aws-actions-runner) +## Implementation Plan + +1. Enable GitHub Pages for all terraform_module repos (✅ automated via repos.tf) +2. Deploy docs.yml workflow to all modules (✅ automated) +3. Create baseline docs/index.md and mkdocs.yml where missing (✅ automated) +4. Deploy release.yml workflow to all modules (automate GitHub Release creation) +5. Create GitHub Project to track documentation completion +6. For each module: + - Update README.md with badges and structure + - Create comprehensive GitHub Pages documentation + - Add missing repository files (SECURITY.md, CONTRIBUTING.md, etc.) + - Set up proper GitHub repository settings + - Ensure working examples exist + - Verify release automation works diff --git a/.claude/create-documentation-project.sh b/.claude/create-documentation-project.sh new file mode 100644 index 0000000..371cbbf --- /dev/null +++ b/.claude/create-documentation-project.sh @@ -0,0 +1,229 @@ +#!/bin/bash +# Script to create GitHub Project for Terraform Module Documentation Initiative +# Run this script from a terminal with gh CLI installed and authenticated + +set -ex + +ORG="infrahouse" +PROJECT_TITLE="Terraform Module Documentation Initiative" +PROJECT_DESC="Track documentation completion for all InfraHouse Terraform modules" + +echo "Creating GitHub Project..." +PROJECT_DATA=$(gh project create \ + --owner "$ORG" \ + --title "$PROJECT_TITLE" \ + --format json) + +PROJECT_URL=$(echo "$PROJECT_DATA" | jq -r '.url') +PROJECT_NUMBER=$(echo "$PROJECT_DATA" | jq -r '.number') + +echo "✅ Project created: $PROJECT_URL" +echo "Project Number: $PROJECT_NUMBER" + +echo "" +echo "Creating custom fields..." + +# Create Tier field +gh project field-create "$PROJECT_NUMBER" \ + --owner "$ORG" \ + --name "Tier" \ + --data-type "SINGLE_SELECT" \ + --single-select-options "Tier 1,Tier 2,Tier 3" + +# Create completion tracking fields +gh project field-create "$PROJECT_NUMBER" \ + --owner "$ORG" \ + --name "README Updated" \ + --data-type "SINGLE_SELECT" \ + --single-select-options "✅ Done,❌ Not Done,🚧 In Progress" + +gh project field-create "$PROJECT_NUMBER" \ + --owner "$ORG" \ + --name "Docs Pages" \ + --data-type "SINGLE_SELECT" \ + --single-select-options "✅ Done,❌ Not Done,🚧 In Progress" + +gh project field-create "$PROJECT_NUMBER" \ + --owner "$ORG" \ + --name "Repository Files" \ + --data-type "SINGLE_SELECT" \ + --single-select-options "✅ Done,❌ Not Done,🚧 In Progress" + +gh project field-create "$PROJECT_NUMBER" \ + --owner "$ORG" \ + --name "Release Workflow" \ + --data-type "SINGLE_SELECT" \ + --single-select-options "✅ Done,❌ Not Done,🚧 In Progress" + +gh project field-create "$PROJECT_NUMBER" \ + --owner "$ORG" \ + --name "GitHub Settings" \ + --data-type "SINGLE_SELECT" \ + --single-select-options "✅ Done,❌ Not Done,🚧 In Progress" + +echo "✅ Custom fields created" + +echo "" +echo "Adding automation tasks..." + +# Create issues in infrahouse8/github-control repo and add to project +CONTROL_REPO="infrahouse8/github-control" + +echo " Creating automation task issues..." +ISSUE1=$(gh issue create --repo "$CONTROL_REPO" \ + --title "🤖 Deploy release.yml workflow to all terraform_module repos" \ + --body "Automate deployment of .github/workflows/release.yml to all modules" \ + | grep -oP 'https://[^\s]+') + +ISSUE2=$(gh issue create --repo "$CONTROL_REPO" \ + --title "🤖 Create SECURITY.md template" \ + --body "Create template file in modules/plain-repo/files/SECURITY.md" \ + | grep -oP 'https://[^\s]+') + +ISSUE3=$(gh issue create --repo "$CONTROL_REPO" \ + --title "🤖 Create CONTRIBUTING.md template" \ + --body "Create template file in modules/plain-repo/files/CONTRIBUTING.md" \ + | grep -oP 'https://[^\s]+') + +ISSUE4=$(gh issue create --repo "$CONTROL_REPO" \ + --title "🤖 Create README badge template" \ + --body "Create README_TEMPLATE.md with badge placeholders" \ + | grep -oP 'https://[^\s]+') + +echo " Adding issues to project..." +gh project item-add "$PROJECT_NUMBER" --owner "$ORG" --url "$ISSUE1" +gh project item-add "$PROJECT_NUMBER" --owner "$ORG" --url "$ISSUE2" +gh project item-add "$PROJECT_NUMBER" --owner "$ORG" --url "$ISSUE3" +gh project item-add "$PROJECT_NUMBER" --owner "$ORG" --url "$ISSUE4" + +echo "✅ Automation tasks added" + +echo "" +echo "Adding Tier 1 modules (high priority)..." + +# Tier 1: Most important/commonly used modules +TIER1_MODULES=( + "terraform-aws-actions-runner:Module that deploys self-hosted GitHub Actions runner." + "terraform-aws-ecs:Module that runs service in ECS" + "terraform-aws-lambda-monitored:Terraform module for deploying AWS Lambda functions with built-in CloudWatch monitoring" + "terraform-aws-website-pod:Module that creates an autoscaling group with an ALB and SSL certificate for a website." + "terraform-aws-key:Module that creates an encryption key in KMS." + "terraform-aws-s3-bucket:Terraform module for an ISO27001 compliant S3 bucket." + "terraform-aws-secret:Terraform module for a secret with owner/writer/reader roles." + "terraform-aws-github-role:Module that creates a role for a GitHub Action worker." + "terraform-aws-instance-profile:Module bundles AWS resources to create an instance profile." + "terraform-aws-state-bucket:Module that creates an S3 bucket for a Terraform state." +) + +for item in "${TIER1_MODULES[@]}"; do + IFS=':' read -r name desc <<< "$item" + echo " Adding $name..." + # Create draft items using GraphQL API + gh api graphql -f query=' + mutation($projectId: ID!, $title: String!) { + addProjectV2DraftIssue(input: {projectId: $projectId, title: $title}) { + projectItem { + id + } + } + }' -f projectId="$(gh api graphql -f query='query($org: String!, $number: Int!) { organization(login: $org) { projectV2(number: $number) { id } } }' -f org="$ORG" -F number="$PROJECT_NUMBER" --jq '.data.organization.projectV2.id')" -f title="$name" > /dev/null +done + +echo "✅ Tier 1 modules added" + +echo "" +echo "Adding Tier 2 modules (medium priority)..." + +# Tier 2: Important but not critical path +TIER2_MODULES=( + "terraform-aws-aerospike:Module that deploys Aerospike cluster." + "terraform-aws-bookstack:Module that deploys BookStack." + "terraform-aws-ci-cd:Module that creates roles, state bucket, and dynamodb table for Terraform CI/CD." + "terraform-aws-cloudcraft-role:Module that creates a role for CloudCraft scanner." + "terraform-aws-cloud-init:Module that creates a cloud init configuration for an InfraHouse EC2 instance." + "terraform-aws-cost-alert:Module that creates a alert for AWS cost per period." + "terraform-aws-ecr:Module that creates a container registry (AWS ECR service)." + "terraform-aws-elasticsearch:Module that deploys an Elasticsearch cluster" + "terraform-aws-kibana:Module that deploys Kibana" + "terraform-aws-gh-identity-provider:Module that configures GitHub OpenID connector." + "terraform-aws-gha-admin:Module for two roles to manage AWS with GitHub actions." + "terraform-aws-github-backup:Module to provision infrahouse-github-backup GitHub App." + "terraform-aws-github-backup-configuration:Module that configures infrahouse-github-backup GitHub App client." + "terraform-aws-guardduty-configuration:Module that configures GuardDuty and email notifications." + "terraform-aws-iso27001:Module configures ISO 27001 compliance for AWS." + "terraform-aws-jumphost:Module that creates a jumphost." + "terraform-aws-openvpn:Terraform module that deploys OpenVPN server." + "terraform-aws-pmm-ecs:Terraform module for deploying Percona Monitoring and Management (PMM) server" + "terraform-aws-pypiserver:Terraform module that deploys a private PyPI server." + "terraform-aws-registry:Terraform module that deploys a private Terraform registry." + "terraform-aws-secret-policy:Terraform module that creates AWS secret permissions policy." + "terraform-aws-service-network:Terraform service network module." + "terraform-aws-sqs-pod:Terraform module deploys an SQS queue with autoscaling group as a consumer." + "terraform-aws-sqs-ecs:Terraform module deploys an SQS queue with ECS service as a consumer." + "terraform-aws-state-manager:Module creates an IAM role that can manage a Terraform state." + "terraform-aws-tcp-pod:Module that creates an autoscaling group with an NLB for a TCP based services." + "terraform-aws-teleport:Module deploys a single node Teleport cluster." + "terraform-aws-terraformer:Module that deploys an instances allowed to manage Terraform root modules." + "terraform-aws-update-dns:Module creates a lambda that manages DNS A records for instances in an autoscaling group." +) + +for item in "${TIER2_MODULES[@]}"; do + IFS=':' read -r name desc <<< "$item" + echo " Adding $name..." + # Create draft items using GraphQL API + gh api graphql -f query=' + mutation($projectId: ID!, $title: String!) { + addProjectV2DraftIssue(input: {projectId: $projectId, title: $title}) { + projectItem { + id + } + } + }' -f projectId="$(gh api graphql -f query='query($org: String!, $number: Int!) { organization(login: $org) { projectV2(number: $number) { id } } }' -f org="$ORG" -F number="$PROJECT_NUMBER" --jq '.data.organization.projectV2.id')" -f title="$name" > /dev/null +done + +echo "✅ Tier 2 modules added" + +echo "" +echo "Adding Tier 3 modules (lower priority)..." + +# Tier 3: Less commonly used or specialized +TIER3_MODULES=( + "terraform-aws-debian-repo:Module that creates a Debian repository backed by S3 and fronted by CloudFront." + "terraform-aws-dms:Module for deploying AWS Data Migration Service" + "terraform-aws-emrserverless:Module for deploying EMR serverless" + "terraform-aws-http-redirect:Module creates an HTTP redirect server." + "terraform-aws-postfix:Terraform module that deploys Postfix as a MX server." + "terraform-aws-tags-override:Module to override tags list for ECS" + "terraform-aws-teleport-agent:Module deploys roles and other resources on an account joining Teleport cluster." + "terraform-aws-truststore:Module that creates a trust store with a generated CA certificate." +) + +for item in "${TIER3_MODULES[@]}"; do + IFS=':' read -r name desc <<< "$item" + echo " Adding $name..." + # Create draft items using GraphQL API + gh api graphql -f query=' + mutation($projectId: ID!, $title: String!) { + addProjectV2DraftIssue(input: {projectId: $projectId, title: $title}) { + projectItem { + id + } + } + }' -f projectId="$(gh api graphql -f query='query($org: String!, $number: Int!) { organization(login: $org) { projectV2(number: $number) { id } } }' -f org="$ORG" -F number="$PROJECT_NUMBER" --jq '.data.organization.projectV2.id')" -f title="$name" > /dev/null +done + +echo "✅ Tier 3 modules added" + +echo "" +echo "==========================================" +echo "✅ Project setup complete!" +echo "==========================================" +echo "" +echo "Project URL: $PROJECT_URL" +echo "" +echo "Next steps:" +echo "1. Visit the project and review the items" +echo "2. Adjust tier assignments as needed" +echo "3. Start with automation tasks" +echo "4. Begin documenting Tier 1 modules" +echo "" diff --git a/modules/plain-repo/files/CODING_STANDARD.md b/modules/plain-repo/files/CODING_STANDARD.md index 4ef6c60..843148c 100644 --- a/modules/plain-repo/files/CODING_STANDARD.md +++ b/modules/plain-repo/files/CODING_STANDARD.md @@ -292,14 +292,24 @@ This document defines coding standards for InfraHouse projects. * **README.md (required):** - Must include terraform-docs markers: `` and `` - Pre-commit hook uses terraform-docs to auto-generate documentation - - Must have badges: - - Terraform Registry URL - - License - - CD status - - Relevant documentation (e.g., `[![AWS Lambda](https://img.shields.io/badge/AWS-Lambda-orange?logo=awslambda)] - (https://aws.amazon.com/lambda/)`) - - Module description - - Usage examples + - **Required badges** (in this order): + - Terraform Registry: `[![Registry](https://img.shields.io/badge/terraform-registry-623CE4?logo=terraform)](registry-url)` + - Latest Release: `[![GitHub release](https://img.shields.io/github/v/release/infrahouse/repo-name)](release-url)` + - License: `[![License](https://img.shields.io/github/license/infrahouse/repo-name)](LICENSE)` + - Documentation: `[![Docs](https://img.shields.io/badge/docs-github.io-blue)](https://infrahouse.github.io/repo-name/)` + - Security: `[![Security](https://github.com/infrahouse/repo-name/actions/workflows/vuln-scanner-pr.yml/badge.svg)](workflow-url)` + - AWS Service Badge(s): Link to relevant AWS service(s) the module uses + - Contact: `[![Need Help?](https://img.shields.io/badge/Need%20Help%3F-Contact%20Us-0066CC)](https://infrahouse.com/contact)` + - **Required sections:** + 1. Brief description (what it does, why it exists) + 2. Features (bullet list) + 3. Quick Start (minimal working example) + 4. Documentation (links to GitHub Pages) + 5. Requirements (Terraform version, providers) + 6. Usage (terraform-docs auto-generated) + 7. Examples (link to examples/) + 8. Contributing (link to CONTRIBUTING.md) + 9. License (link to LICENSE) * **examples/ directory:** - Desired but optional - Provide working examples when included @@ -307,6 +317,58 @@ This document defines coding standards for InfraHouse projects. - `.terraform-docs.yml` is managed by github-control - README.md uses centrally-managed configuration +### GitHub Pages Documentation (terraform_module) +* **Deployment:** Automated via `.github/workflows/docs.yml` (managed by github-control) +* **Built with:** MkDocs with Material theme +* **Required pages:** + - `docs/index.md` - Overview, features, quick start + - `docs/getting-started.md` - Prerequisites, first deployment + - `docs/configuration.md` - All variables explained with examples +* **Recommended pages:** + - `docs/architecture.md` - How it works, diagrams + - `docs/examples.md` - Common use cases with explanations + - `docs/troubleshooting.md` - Common issues and solutions + - `docs/changelog.md` - Or link to CHANGELOG.md +* **Optional pages:** + - `docs/comparison.md` - vs alternatives + - `docs/security.md` - Security considerations + - `docs/monitoring.md` - Observability setup + - `docs/upgrading.md` - Migration guides between versions + +### Repository Files +* **Must have:** + - `README.md` - Module documentation (see above) + - `LICENSE` - Apache 2.0 (recommended for patent protection and enterprise adoption) + - `CHANGELOG.md` - Auto-generated with git-cliff + - `.terraform-docs.yml` - Managed by github-control + - `mkdocs.yml` - MkDocs configuration (managed by github-control) + - `cliff.toml` - git-cliff configuration (managed by github-control) + - `.github/workflows/release.yml` - Auto-create GitHub Releases from tags (managed by github-control) + - `examples/` directory - Working examples +* **Should have:** + - `CONTRIBUTING.md` - Contribution guidelines + - `SECURITY.md` - Security policy, how to report vulnerabilities + - `CODEOWNERS` - Auto-assign reviewers + - `.github/ISSUE_TEMPLATE/` - Bug report, feature request templates + - `.github/PULL_REQUEST_TEMPLATE.md` - PR template + +### Release Automation +* **Automated via `.github/workflows/release.yml`** (managed by github-control) +* **Trigger:** Push of version tags (e.g., `0.1.0`, `v1.0.0`) +* **Process:** + 1. git-cliff generates changelog for the release + 2. GitHub Release is created automatically with release notes + 3. "Latest Release" badge in README reflects the new version +* **Manual release process** (via Makefile targets): + ```makefile + release-patch: + git-cliff --tag $(shell bumpversion --dry-run --list patch | grep new_version | cut -d= -f2) -o CHANGELOG.md + bumpversion patch + git push && git push --tags + # GitHub Actions workflow automatically creates the release + ``` +* **Available targets:** `release-patch`, `release-minor`, `release-major` + ### Resource Organization * **`count` vs `for_each`:** - Use `count` for simple create/don't create scenarios (e.g., `count = var.enable_feature ? 1 : 0`) diff --git a/modules/plain-repo/files/release.yml b/modules/plain-repo/files/release.yml new file mode 100644 index 0000000..e19ae22 --- /dev/null +++ b/modules/plain-repo/files/release.yml @@ -0,0 +1,42 @@ +# This file is managed by Terraform in github-control repository +# Do not edit this file, all changes will be overwritten +# If you need to change this file, create a pull request in +# https://github.com/infrahouse8/github-control +--- +name: Release + +on: # yamllint disable-line rule:truthy + push: + tags: + - 'v[0-9]*' + - '[0-9]*' + +permissions: + contents: write + +jobs: + release: + name: Create Release + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v5 + with: + fetch-depth: 0 # Fetch all history and tags for changelog generation + + - name: Generate changelog for this release + id: git-cliff + uses: orhun/git-cliff-action@v4 + with: + config: cliff.toml + args: --current --strip header + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: Create GitHub Release + uses: softprops/action-gh-release@v2 + with: + body: ${{ steps.git-cliff.outputs.content }} + make_latest: true + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/modules/plain-repo/files/renovate.json b/modules/plain-repo/files/renovate.json index a7a1537..3abc98a 100644 --- a/modules/plain-repo/files/renovate.json +++ b/modules/plain-repo/files/renovate.json @@ -14,7 +14,8 @@ ".github/workflows/vuln-scanner-pr-private.yml", ".github/workflows/vuln-scanner-pr.yml", ".github/workflows/terraform-review.yml", - ".github/workflows/docs.yml" + ".github/workflows/docs.yml", + ".github/workflows/release.yml" ], "enabled": false } diff --git a/modules/plain-repo/repos-files.tf b/modules/plain-repo/repos-files.tf index 9650c3b..0ba1dbc 100755 --- a/modules/plain-repo/repos-files.tf +++ b/modules/plain-repo/repos-files.tf @@ -133,6 +133,18 @@ resource "github_repository_file" "docs_workflow" { overwrite_on_create = true } +resource "github_repository_file" "release_workflow" { + count = var.repo_type == "terraform_module" ? 1 : 0 + depends_on = [ + github_repository_ruleset.main + ] + repository = github_repository.repo.name + file = "./.github/workflows/release.yml" + content = file("${path.module}/files/release.yml") + commit_message = "Add release.yml workflow" + overwrite_on_create = true +} + resource "github_repository_file" "docs_index" { count = var.repo_type == "terraform_module" ? 1 : 0 depends_on = [