diff --git a/.github/renovate.json b/.github/renovate.json
index b61ed24..909df09 100644
--- a/.github/renovate.json
+++ b/.github/renovate.json
@@ -1,13 +1,14 @@
{
"extends": [
"config:base",
- ":preserveSemverRanges"
+ ":preserveSemverRanges",
+ ":rebaseStalePrs"
],
- "baseBranches": ["main", "master", "/^release\\/v\\d{1,2}$/"],
+ "baseBranches": ["main"],
"labels": ["auto-update"],
"dependencyDashboardAutoclose": true,
"enabledManagers": ["terraform"],
"terraform": {
- "ignorePaths": ["**/context.tf", "examples/**"]
+ "ignorePaths": ["**/context.tf"]
}
}
diff --git a/.github/workflows/auto-context.yml b/.github/workflows/auto-context.yml
deleted file mode 100644
index e439b60..0000000
--- a/.github/workflows/auto-context.yml
+++ /dev/null
@@ -1,67 +0,0 @@
-name: "auto-context"
-on:
- schedule:
- # Update context.tf nightly
- - cron: '0 3 * * *'
-
-jobs:
- update:
- if: github.event_name == 'schedule'
- runs-on: ubuntu-latest
- steps:
- - uses: actions/checkout@v2
-
- - name: Find default branch name
- id: defaultBranch
- shell: bash
- env:
- GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
- run: |
- default_branch=$(gh repo view --json defaultBranchRef --jq .defaultBranchRef.name)
- echo "defaultBranch=${default_branch}" >> "$GITHUB_OUTPUT"
- printf "defaultBranchRef.name=%s\n" "${default_branch}"
-
- - name: Update context.tf
- shell: bash
- id: update
- env:
- GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
- run: |
- if [[ -f context.tf ]]; then
- echo "Discovered existing context.tf! Fetching most recent version to see if there is an update."
- curl -o context.tf -fsSL https://raw.githubusercontent.com/cloudposse/terraform-null-label/master/exports/context.tf
- if git diff --no-patch --exit-code context.tf; then
- echo "No changes detected! Exiting the job..."
- else
- echo "context.tf file has changed. Update examples and rebuild README.md."
- make init
- make github/init/context.tf
- make readme/build
- echo "create_pull_request=true" >> "$GITHUB_OUTPUT"
- fi
- else
- echo "This module has not yet been updated to support the context.tf pattern! Please update in order to support automatic updates."
- fi
-
- - name: Create Pull Request
- if: steps.update.outputs.create_pull_request == 'true'
- uses: cloudposse/actions/github/create-pull-request@0.30.0
- with:
- token: ${{ secrets.REPO_ACCESS_TOKEN }}
- committer: 'cloudpossebot <11232728+cloudpossebot@users.noreply.github.com>'
- author: 'cloudpossebot <11232728+cloudpossebot@users.noreply.github.com>'
- commit-message: Update context.tf from origin source
- title: Update context.tf
- body: |-
- ## what
- This is an auto-generated PR that updates the `context.tf` file to the latest version from `cloudposse/terraform-null-label`
-
- ## why
- To support all the features of the `context` interface.
-
- branch: auto-update/context.tf
- base: ${{ steps.defaultBranch.outputs.defaultBranch }}
- delete-branch: true
- labels: |
- auto-update
- context
diff --git a/.github/workflows/auto-format.yml b/.github/workflows/auto-format.yml
deleted file mode 100644
index b8c2064..0000000
--- a/.github/workflows/auto-format.yml
+++ /dev/null
@@ -1,88 +0,0 @@
-name: Auto Format
-on:
- pull_request_target:
- types: [opened, synchronize]
-
-jobs:
- auto-format:
- runs-on: ubuntu-latest
- container: cloudposse/build-harness:latest
- steps:
- # Checkout the pull request branch
- # "An action in a workflow run can’t trigger a new workflow run. For example, if an action pushes code using
- # the repository’s GITHUB_TOKEN, a new workflow will not run even when the repository contains
- # a workflow configured to run when push events occur."
- # However, using a personal access token will cause events to be triggered.
- # We need that to ensure a status gets posted after the auto-format commit.
- # We also want to trigger tests if the auto-format made no changes.
- - uses: actions/checkout@v2
- if: github.event.pull_request.state == 'open'
- name: Privileged Checkout
- with:
- token: ${{ secrets.REPO_ACCESS_TOKEN }}
- repository: ${{ github.event.pull_request.head.repo.full_name }}
- # Check out the PR commit, not the merge commit
- # Use `ref` instead of `sha` to enable pushing back to `ref`
- ref: ${{ github.event.pull_request.head.ref }}
-
- # Do all the formatting stuff
- - name: Auto Format
- if: github.event.pull_request.state == 'open'
- shell: bash
- env:
- GITHUB_TOKEN: "${{ secrets.REPO_ACCESS_TOKEN }}"
- run: make BUILD_HARNESS_PATH=/build-harness PACKAGES_PREFER_HOST=true -f /build-harness/templates/Makefile.build-harness pr/auto-format/host
-
- # Commit changes (if any) to the PR branch
- - name: Commit changes to the PR branch
- if: github.event.pull_request.state == 'open'
- shell: bash
- id: commit
- env:
- SENDER: ${{ github.event.sender.login }}
- run: |
- set -x
- output=$(git diff --name-only)
-
- if [ -n "$output" ]; then
- echo "Changes detected. Pushing to the PR branch"
- git config --global user.name 'cloudpossebot'
- git config --global user.email '11232728+cloudpossebot@users.noreply.github.com'
- git add -A
- git commit -m "Auto Format"
- # Prevent looping by not pushing changes in response to changes from cloudpossebot
- [[ $SENDER == "cloudpossebot" ]] || git push
- # Set status to fail, because the push should trigger another status check,
- # and we use success to indicate the checks are finished.
- echo "changed=true" >> "$GITHUB_OUTPUT"
- exit 1
- else
- echo "changed=false" >> "$GITHUB_OUTPUT"
- echo "No changes detected"
- fi
-
- - name: Auto Test
- uses: cloudposse/actions/github/repository-dispatch@0.30.0
- # match users by ID because logins (user names) are inconsistent,
- # for example in the REST API Renovate Bot is `renovate[bot]` but
- # in GraphQL it is just `renovate`, plus there is a non-bot
- # user `renovate` with ID 1832810.
- # Mergify bot: 37929162
- # Renovate bot: 29139614
- # Cloudpossebot: 11232728
- # Need to use space separators to prevent "21" from matching "112144"
- if: >
- contains(' 37929162 29139614 11232728 ', format(' {0} ', github.event.pull_request.user.id))
- && steps.commit.outputs.changed == 'false' && github.event.pull_request.state == 'open'
- with:
- token: ${{ secrets.REPO_ACCESS_TOKEN }}
- repository: cloudposse/actions
- event-type: test-command
- client-payload: |-
- { "slash_command":{"args": {"unnamed": {"all": "all", "arg1": "all"}}},
- "pull_request": ${{ toJSON(github.event.pull_request) }},
- "github":{"payload":{"repository": ${{ toJSON(github.event.repository) }},
- "comment": {"id": ""}
- }
- }
- }
diff --git a/.github/workflows/auto-readme.yml b/.github/workflows/auto-readme.yml
deleted file mode 100644
index b2db520..0000000
--- a/.github/workflows/auto-readme.yml
+++ /dev/null
@@ -1,71 +0,0 @@
-name: "auto-readme"
-on:
- workflow_dispatch:
-
- schedule:
- # Example of job definition:
- # .---------------- minute (0 - 59)
- # | .------------- hour (0 - 23)
- # | | .---------- day of month (1 - 31)
- # | | | .------- month (1 - 12) OR jan,feb,mar,apr ...
- # | | | | .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
- # | | | | |
- # * * * * * user-name command to be executed
-
- # Update README.md nightly at 4am UTC
- - cron: '0 4 * * *'
-
-jobs:
- update:
- if: github.event_name == 'schedule' || github.event_name == 'workflow_dispatch'
- runs-on: ubuntu-latest
- steps:
- - uses: actions/checkout@v2
-
- - name: Find default branch name
- id: defaultBranch
- shell: bash
- env:
- GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
- run: |
- default_branch=$(gh repo view --json defaultBranchRef --jq .defaultBranchRef.name)
- echo "defaultBranch=${default_branch}" >> "$GITHUB_OUTPUT"
- printf "defaultBranchRef.name=%s\n" "${default_branch}"
-
- - name: Update readme
- shell: bash
- id: update
- env:
- GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
- DEF: "${{ steps.defaultBranch.outputs.defaultBranch }}"
- run: |
- make init
- make readme/build
- # Ignore changes if they are only whitespace
- if ! git diff --quiet README.md && git diff --ignore-all-space --ignore-blank-lines --quiet README.md; then
- git restore README.md
- echo Ignoring whitespace-only changes in README
- fi
-
- - name: Create Pull Request
- # This action will not create or change a pull request if there are no changes to make.
- # If a PR of the auto-update/readme branch is open, this action will just update it, not create a new PR.
- uses: cloudposse/actions/github/create-pull-request@0.30.0
- with:
- token: ${{ secrets.REPO_ACCESS_TOKEN }}
- commit-message: Update README.md and docs
- title: Update README.md and docs
- body: |-
- ## what
- This is an auto-generated PR that updates the README.md and docs
-
- ## why
- To have most recent changes of README.md and doc from origin templates
-
- branch: auto-update/readme
- base: ${{ steps.defaultBranch.outputs.defaultBranch }}
- delete-branch: true
- labels: |
- auto-update
- no-release
- readme
diff --git a/.github/workflows/auto-release.yml b/.github/workflows/auto-release.yml
deleted file mode 100644
index 17d6cab..0000000
--- a/.github/workflows/auto-release.yml
+++ /dev/null
@@ -1,26 +0,0 @@
-name: auto-release
-
-on:
- push:
- branches:
- - main
- - master
- - production
-
-jobs:
- publish:
- runs-on: ubuntu-latest
- steps:
- # Get PR from merged commit to master
- - uses: actions-ecosystem/action-get-merged-pull-request@v1
- id: get-merged-pull-request
- with:
- github_token: ${{ secrets.REPO_ACCESS_TOKEN }}
- # Drafts your next Release notes as Pull Requests are merged into "main"
- - uses: release-drafter/release-drafter@v5
- with:
- publish: ${{ !contains(steps.get-merged-pull-request.outputs.labels, 'no-release') }}
- prerelease: false
- config-name: auto-release.yml
- env:
- GITHUB_TOKEN: ${{ secrets.REPO_ACCESS_TOKEN }}
diff --git a/.github/workflows/chatops.yml b/.github/workflows/chatops.yml
deleted file mode 100644
index 0f64574..0000000
--- a/.github/workflows/chatops.yml
+++ /dev/null
@@ -1,37 +0,0 @@
-name: chatops
-on:
- issue_comment:
- types: [created]
-
-jobs:
- default:
- runs-on: ubuntu-latest
- steps:
- - uses: actions/checkout@v2
- - name: "Handle common commands"
- uses: cloudposse/actions/github/slash-command-dispatch@0.30.0
- with:
- token: ${{ secrets.REPO_ACCESS_TOKEN }}
- reaction-token: ${{ secrets.GITHUB_TOKEN }}
- repository: cloudposse/actions
- commands: rebuild-readme, terraform-fmt
- permission: triage
- issue-type: pull-request
-
- test:
- runs-on: ubuntu-latest
- steps:
- - name: "Checkout commit"
- uses: actions/checkout@v2
- - name: "Run tests"
- uses: cloudposse/actions/github/slash-command-dispatch@0.30.0
- with:
- token: ${{ secrets.REPO_ACCESS_TOKEN }}
- reaction-token: ${{ secrets.GITHUB_TOKEN }}
- repository: cloudposse/actions
- commands: test
- permission: triage
- issue-type: pull-request
- reactions: false
-
-
diff --git a/.github/workflows/validate-codeowners.yml b/.github/workflows/validate-codeowners.yml
deleted file mode 100644
index b3f7c32..0000000
--- a/.github/workflows/validate-codeowners.yml
+++ /dev/null
@@ -1,30 +0,0 @@
-name: Validate Codeowners
-on:
- workflow_dispatch:
-
- pull_request:
-
-jobs:
- validate-codeowners:
- runs-on: ubuntu-latest
- steps:
- - name: "Checkout source code at current commit"
- uses: actions/checkout@v2
- # Leave pinned at 0.7.1 until https://github.com/mszostok/codeowners-validator/issues/173 is resolved
- - uses: mszostok/codeowners-validator@v0.7.1
- if: github.event.pull_request.head.repo.full_name == github.repository
- name: "Full check of CODEOWNERS"
- with:
- # For now, remove "files" check to allow CODEOWNERS to specify non-existent
- # files so we can use the same CODEOWNERS file for Terraform and non-Terraform repos
- # checks: "files,syntax,owners,duppatterns"
- checks: "syntax,owners,duppatterns"
- owner_checker_allow_unowned_patterns: "false"
- # GitHub access token is required only if the `owners` check is enabled
- github_access_token: "${{ secrets.REPO_ACCESS_TOKEN }}"
- - uses: mszostok/codeowners-validator@v0.7.1
- if: github.event.pull_request.head.repo.full_name != github.repository
- name: "Syntax check of CODEOWNERS"
- with:
- checks: "syntax,duppatterns"
- owner_checker_allow_unowned_patterns: "false"
diff --git a/README.md b/README.md
index 3cdc398..9a8ca84 100644
--- a/README.md
+++ b/README.md
@@ -175,7 +175,7 @@ Available targets:
| Name | Version |
|------|---------|
-| [terraform](#requirement\_terraform) | >= 1.0.0 |
+| [terraform](#requirement\_terraform) | >= 1.3 |
| [aws](#requirement\_aws) | >= 4.0 |
## Providers
diff --git a/docs/terraform.md b/docs/terraform.md
index c8f3982..8251864 100644
--- a/docs/terraform.md
+++ b/docs/terraform.md
@@ -3,7 +3,7 @@
| Name | Version |
|------|---------|
-| [terraform](#requirement\_terraform) | >= 1.0.0 |
+| [terraform](#requirement\_terraform) | >= 1.3 |
| [aws](#requirement\_aws) | >= 4.0 |
## Providers
diff --git a/examples/complete/main.tf b/examples/complete/main.tf
index 461920d..e0416ee 100644
--- a/examples/complete/main.tf
+++ b/examples/complete/main.tf
@@ -3,22 +3,26 @@ provider "aws" {
}
module "vpc" {
- source = "cloudposse/vpc/aws"
- version = "2.1.0"
+ source = "cloudposse/vpc/aws"
+ version = "2.1.1"
+
ipv4_primary_cidr_block = var.vpc_cidr_block
- context = module.this.context
+
+ context = module.this.context
}
module "subnets" {
- source = "cloudposse/dynamic-subnets/aws"
- version = "2.3.0"
+ source = "cloudposse/dynamic-subnets/aws"
+ version = "2.4.1"
+
availability_zones = var.availability_zones
vpc_id = module.vpc.vpc_id
igw_id = [module.vpc.igw_id]
ipv4_cidr_block = [module.vpc.vpc_cidr_block]
nat_gateway_enabled = false
nat_instance_enabled = false
- context = module.this.context
+
+ context = module.this.context
}
module "alb" {
diff --git a/examples/complete/versions.tf b/examples/complete/versions.tf
index 1c72c84..d38b216 100644
--- a/examples/complete/versions.tf
+++ b/examples/complete/versions.tf
@@ -1,5 +1,5 @@
terraform {
- required_version = ">= 1.0.0"
+ required_version = ">= 1.3"
required_providers {
aws = {
diff --git a/versions.tf b/versions.tf
index 1c72c84..d38b216 100644
--- a/versions.tf
+++ b/versions.tf
@@ -1,5 +1,5 @@
terraform {
- required_version = ">= 1.0.0"
+ required_version = ">= 1.3"
required_providers {
aws = {