chore: bring the repository inline with the templates

Author: gambol99

.commitlintrc.yaml

@@ -0,0 +1,19 @@
+---
+rules:
+  body-leading-blank: [1, always]
+  body-max-line-length: [2, always, 100]
+  footer-leading-blank: [1, always]
+  footer-max-line-length: [2, always, 100]
+  header-max-length: [2, always, 100]
+  subject-case:
+    - 2
+    - never
+    - [sentence-case, start-case, pascal-case, upper-case]
+  subject-empty: [2, never]
+  subject-full-stop: [2, never, "."]
+  type-case: [2, always, lower-case]
+  type-empty: [2, never]
+  type-enum:
+    - 2
+    - always
+    - [build, chore, ci, docs, feat, fix, perf, refactor, revert, style, test]

.gitignore

@@ -30,3 +30,15 @@ terraform.rc
 .DS_Store
 todo.md
 
+# Ignore vim swap files 
+*.swp 
+*.swo 
+
+# Ignore meld diff files 
+*.orig 
+*.backup 
+*.rej 
+
+# Ignore lambda zip files and build directories
+*.zip 
+builds/

.terraform-docs.yaml .terraform-docs.yml.terraform-docs.yaml renamed to .terraform-docs.yml

@@ -1,4 +1,3 @@
-formatter: markdown
 #header-from: .header.md
 settings:
   anchor: true
@@ -12,10 +11,18 @@ settings:
   type: true
   lockfile: false
 
-sort:
-  enabled: true
-  by: required
+formatter: "markdown table"
 
 output:
   file: README.md
   mode: inject
+
+sections:
+  show:
+    - providers
+    - inputs
+    - outputs
+
+sort:
+  enabled: true
+  by: required

.tflint.hcl

@@ -1,12 +1,18 @@
 plugin "aws" {
   enabled = true
-  version = "0.30.0"
+  version = "0.34.0"
   source  = "github.com/terraform-linters/tflint-ruleset-aws"
 }
 
+plugin "terraform" {
+  enabled = true
+  version = "0.9.1"
+  source  = "github.com/terraform-linters/tflint-ruleset-terraform"
+}
+
 config {
-  module = true
-  force  = false
+  call_module_type = "local"
+  force            = false
 }
 
 rule "terraform_required_providers" {

Makefile

@@ -1,6 +1,4 @@
 #
-# Copyright (C) 2024  Appvia Ltd <[email protected]>
-#  
 # This program is free software; you can redistribute it and/or
 # modify it under the terms of the GNU General Public License
 # as published by the Free Software Foundation; either version 2
@@ -14,92 +12,154 @@
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 #
-AUTHOR_EMAIL[email protected]
-
-.PHONY: all security lint format documentation documentation-examples validate-all validate validate-examples init
+.PHONY: all security lint format documentation documentation-examples validate-all validate validate-examples init examples tests
 
 default: all
 
 all: 
 	$(MAKE) init
 	$(MAKE) validate
+	$(MAKE) tests
+	$(MAKE) lint
+	$(MAKE) security
+	$(MAKE) format
+	$(MAKE) documentation
+
+examples:
+	$(MAKE) validate-examples
+	$(MAKE) tests
+	$(MAKE) lint-examples
 	$(MAKE) lint
 	$(MAKE) security
 	$(MAKE) format
 	$(MAKE) documentation
 
 documentation: 
 	@echo "--> Generating documentation"
-	@terraform-docs markdown table --output-file ${PWD}/README.md --output-mode inject .
+	@terraform-docs .
+	$(MAKE) documentation-modules
 	$(MAKE) documentation-examples
 
+documentation-modules:
+	@echo "--> Generating documentation for modules"
+	@find . -type d -regex '.*/modules/[a-za-z\-_$$]*' -not -path '*.terraform*' 2>/dev/null | while read -r dir; do \
+		echo "--> Generating documentation for module: $$dir"; \
+		terraform-docs $$dir; \
+	done;
+
 documentation-examples:
-	@echo "--> Generating documentation examples"
-	@find examples -type d -mindepth 1 -maxdepth 1 -exec terraform-docs markdown table --output-file README.md --output-mode inject {} \;
+	@echo "--> Generating documentation for examples"
+	@find . -type d -path '*/examples/*' -not -path '*.terraform*' 2>/dev/null| while read -r dir; do \
+		echo "--> Generating documentation for example: $$dir"; \
+		terraform-docs $$dir; \
+	done;
+
+upgrade-terraform-providers:
+	@printf "%s Upgrading Terraform providers for %-24s" "-->" "."
+	@terraform init -upgrade >/dev/null && echo "[OK]" || echo "[FAILED]"
+	@$(MAKE) upgrade-terraform-example-providers
+
+upgrade-terraform-example-providers:
+	@if [ -d examples ]; then \
+		find examples -type d -mindepth 1 -maxdepth 1 2>/dev/null | while read -r dir; do \
+			printf "%s Upgrading Terraform providers for %-24s" "-->" "$$dir"; \
+			terraform -chdir=$$dir init -upgrade >/dev/null && echo "[OK]" || echo "[FAILED]"; \
+		done; \
+	fi
 
 init: 
 	@echo "--> Running terraform init"
 	@terraform init -backend=false
+	@find . -type f -name "*.tf" -not -path '*.terraform*' -exec dirname {} \; | sort -u | while read -r dir; do \
+		echo "--> Running terraform init in $$dir"; \
+		terraform -chdir=$$dir init -backend=false; \
+	done;
 
-security: 
+security: init
 	@echo "--> Running Security checks"
 	@trivy config .
+	$(MAKE) security-modules
 	$(MAKE) security-examples
 
+security-modules:
+	@echo "--> Running Security checks on modules"
+	@find . -type d -regex '.*/modules/[a-zA-Z\-_$$]*' -not -path '*.terraform*' 2>/dev/null | while read -r dir; do \
+		echo "--> Validating $$dir"; \
+	  terraform init -backend=false; \
+		trivy config  --format table --exit-code  1 --severity  CRITICAL,HIGH --ignorefile .trivyignore $$dir; \
+	done; 
+
 security-examples:
 	@echo "--> Running Security checks on examples"
-	@find examples -type d -mindepth 1 -maxdepth 1 | while read -r dir; do \
+	@find . -type d -path '*/examples/*' -not -path '*.terraform*' 2>/dev/null | while read -r dir; do \
 		echo "--> Validating $$dir"; \
-		trivy config $$dir; \
-	done
+	  terraform init -backend=false; \
+		trivy config  --format table --exit-code  1 --severity  CRITICAL,HIGH --ignorefile .trivyignore $$dir; \
+	done;
 
-validate-all:
-	@echo "--> Running all validation checks"
-	$(MAKE) validate
-	$(MAKE) validate-examples
+tests: 
+	@echo "--> Running Terraform Tests" 
+	@terraform test
 
 validate:
 	@echo "--> Running terraform validate"
 	@terraform init -backend=false
 	@terraform validate
+	$(MAKE) validate-modules
 	$(MAKE) validate-examples
+	$(MAKE) validate-commits
+
+validate-modules:
+	@echo "--> Running terraform validate on modules"
+	@find . -type d -regex '.*/modules/[a-zA-Z\-_$$]*' -not -path '*.terraform*' 2>/dev/null | while read -r dir; do \
+		echo "--> Validating Module $$dir"; \
+		terraform -chdir=$$dir init -backend=false; \
+		terraform -chdir=$$dir validate; \
+	done;
 
 validate-examples:
 	@echo "--> Running terraform validate on examples"
-	@find examples -type d -mindepth 1 -maxdepth 1 | while read -r dir; do \
+	@find . -type d -path '*/examples/*' -not -path '*.terraform*' 2>/dev/null | while read -r dir; do \
 		echo "--> Validating $$dir"; \
-		terraform -chdir=$$dir init; \
+		terraform -chdir=$$dir init -backend=false; \
 		terraform -chdir=$$dir validate; \
-	done
+	done; 
+
+validate-commits:
+	@echo "--> Running commitlint against the main branch"
+	@command -v commitlint >/dev/null 2>&1 || { echo "commitlint is not installed. Please install it by running 'npm install -g commitlint'"; exit 1; }
+	@git log --pretty=format:"%s" origin/main..HEAD | commitlint --from=origin/main
 
 lint:
 	@echo "--> Running tflint"
 	@tflint --init 
 	@tflint -f compact
+	$(MAKE) lint-modules
 	$(MAKE) lint-examples
 
+lint-modules:
+	@echo "--> Running tflint on modules"
+	@find . -type d -regex '.*/modules/[a-zA-Z\-_$$]*' -not -path '*.terraform*' 2>/dev/null | while read -r dir; do \
+		echo "--> Linting $$dir"; \
+		tflint --chdir=$$dir --init; \
+		tflint --chdir=$$dir -f compact; \
+	done;
+
 lint-examples:
 	@echo "--> Running tflint on examples"
-	@find examples -type d -mindepth 1 -maxdepth 1 | while read -r dir; do \
+	@find . -type d -path '*/examples/*' -not -path '*.terraform*' 2>/dev/null | while read -r dir; do \
 		echo "--> Linting $$dir"; \
 		tflint --chdir=$$dir --init; \
 		tflint --chdir=$$dir -f compact; \
-	done
+	done; 
 
 format: 
 	@echo "--> Running terraform fmt"
 	@terraform fmt -recursive -write=true
 
 clean:
 	@echo "--> Cleaning up"
-	@find . -type d -name ".terraform" | while read -r dir; do \
+	@find . -type d -name ".terraform" 2>/dev/null | while read -r dir; do \
 		echo "--> Removing $$dir"; \
 		rm -rf $$dir; \
 	done
-
-verify-rules:
-	@echo "Validating the Suricata rules"
-	$(MAKE) verify-duplicates
-
-verify-duplicates:
-	@echo "Validating the Suricata rules for duplicates"

README.md

@@ -258,54 +258,12 @@ module "network_inspection_vpc_admin" {
 ```
 
 <!-- BEGIN_TF_DOCS -->
-## Requirements
-
-| Name | Version |
-|------|---------|
-| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | ~> 5.0 |
-
 ## Providers
 
 | Name | Version |
 |------|---------|
 | <a name="provider_aws"></a> [aws](#provider\_aws) | ~> 5.0 |
 
-## Modules
-
-| Name | Source | Version |
-|------|--------|---------|
-| <a name="module_network_firewall"></a> [network\_firewall](#module\_network\_firewall) | aws-ia/networkfirewall/aws | 1.0.1 |
-| <a name="module_vpc"></a> [vpc](#module\_vpc) | appvia/network/aws | 0.3.1 |
-
-## Resources
-
-| Name | Type |
-|------|------|
-| [aws_cloudformation_stack.dashboard](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack) | resource |
-| [aws_cloudwatch_log_group.alert_log](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group) | resource |
-| [aws_cloudwatch_log_group.flow_log](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group) | resource |
-| [aws_ec2_managed_prefix_list.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ec2_managed_prefix_list) | resource |
-| [aws_kms_key.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kms_key) | resource |
-| [aws_networkfirewall_firewall_policy.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/networkfirewall_firewall_policy) | resource |
-| [aws_networkfirewall_rule_group.stateful](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/networkfirewall_rule_group) | resource |
-| [aws_ram_principal_association.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ram_principal_association) | resource |
-| [aws_ram_resource_association.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ram_resource_association) | resource |
-| [aws_ram_resource_share.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ram_resource_share) | resource |
-| [aws_s3_bucket.dashboard](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket) | resource |
-| [aws_s3_bucket_acl.dashboard](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_acl) | resource |
-| [aws_s3_bucket_ownership_controls.dashboard](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_ownership_controls) | resource |
-| [aws_s3_bucket_policy.dashboard](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy) | resource |
-| [aws_s3_bucket_public_access_block.dashboard](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_public_access_block) | resource |
-| [aws_s3_bucket_server_side_encryption_configuration.dashboard](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_server_side_encryption_configuration) | resource |
-| [aws_s3_bucket_versioning.dashboard](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_versioning) | resource |
-| [aws_s3_object.dashboard](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_object) | resource |
-| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
-| [aws_iam_policy_document.dashboard](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
-| [aws_iam_policy_document.logging](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
-| [aws_kms_key.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/kms_key) | data source |
-| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |
-
 ## Inputs
 
 | Name | Description | Type | Default | Required |

examples/existing_no_egress/README.md

@@ -1,27 +1,8 @@
 <!-- BEGIN_TF_DOCS -->
-## Requirements
-
-| Name | Version |
-|------|---------|
-| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0.0 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.0.0 |
-| <a name="requirement_awscc"></a> [awscc](#requirement\_awscc) | >= 0.11.0 |
-
 ## Providers
 
 No providers.
 
-## Modules
-
-| Name | Source | Version |
-|------|--------|---------|
-| <a name="module_inspection"></a> [inspection](#module\_inspection) | ../.. | n/a |
-| <a name="module_vpc"></a> [vpc](#module\_vpc) | appvia/network/aws | 0.2.1 |
-
-## Resources
-
-No resources.
-
 ## Inputs
 
 | Name | Description | Type | Default | Required |

examples/existing_no_egress/rules/README.md

@@ -0,0 +1,13 @@
+<!-- BEGIN_TF_DOCS -->
+## Providers
+
+No providers.
+
+## Inputs
+
+No inputs.
+
+## Outputs
+
+No outputs.
+<!-- END_TF_DOCS -->

examples/existing_no_egress/values/README.md

@@ -0,0 +1,13 @@
+<!-- BEGIN_TF_DOCS -->
+## Providers
+
+No providers.
+
+## Inputs
+
+No inputs.
+
+## Outputs
+
+No outputs.
+<!-- END_TF_DOCS -->