From e2ca1081b41cab268a2b530470abad5ceac38841 Mon Sep 17 00:00:00 2001 From: JoshuaLicense Date: Mon, 11 Mar 2024 13:34:12 +0000 Subject: [PATCH] docs: generate Terraform docs (#31) --- .lintstagedrc.mjs | 4 +- infra/terraform/modules/account/README.md | 14 ++++-- infra/terraform/modules/github/README.md | 44 ++++++++++++++++++ .../terraform/modules/remote-state/README.md | 46 +++++++++++++++++++ 4 files changed, 103 insertions(+), 5 deletions(-) create mode 100644 infra/terraform/modules/github/README.md create mode 100644 infra/terraform/modules/remote-state/README.md diff --git a/.lintstagedrc.mjs b/.lintstagedrc.mjs index 950a02a19b..0e97d9a419 100644 --- a/.lintstagedrc.mjs +++ b/.lintstagedrc.mjs @@ -16,12 +16,12 @@ const generateTerraformDocs = (filenames) => { return [ ...modules.map((module) => `terraform-docs markdown --output-file ${module}/README.md ${module}`), - "git add terraform/modules/**/README.md", + "git add infra/terraform/modules/**/README.md", ]; }; export default { "*": ["prettier --ignore-unknown --write"], "*.{tf,tfvars}": ["terraform fmt"], - "terraform/modules/**/*": generateTerraformDocs, + "infra/terraform/modules/**/*": generateTerraformDocs, }; diff --git a/infra/terraform/modules/account/README.md b/infra/terraform/modules/account/README.md index ef2fa69ec6..eda12b7682 100644 --- a/infra/terraform/modules/account/README.md +++ b/infra/terraform/modules/account/README.md @@ -1,4 +1,5 @@ + ## Requirements No requirements. @@ -9,7 +10,9 @@ No providers. ## Modules -No modules. +| Name | Source | Version | +| ----------------------------------------------------- | -------------------- | ------- | +| [github](#module_github) | ../../modules/github | n/a | ## Resources @@ -17,9 +20,14 @@ No resources. ## Inputs -No inputs. +| Name | Description | Type | Default | Required | +| --------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------- | ------------- | ------- | :------: | +| [create_github_resources](#input_create_github_resources) | Whether to create the GitHub resources. | `bool` | `true` | no | +| [github_oidc_readonly_role_policies](#input_github_oidc_readonly_role_policies) | The map of policies to attach to the OIDC readonly role. | `map(string)` | `{}` | no | +| [github_oidc_role_policies](#input_github_oidc_role_policies) | A map of policy names to policy ARNs to attach to the OIDC role. | `map(string)` | `{}` | no | ## Outputs No outputs. - \ No newline at end of file + + diff --git a/infra/terraform/modules/github/README.md b/infra/terraform/modules/github/README.md new file mode 100644 index 0000000000..16eed40832 --- /dev/null +++ b/infra/terraform/modules/github/README.md @@ -0,0 +1,44 @@ + + +## Requirements + +| Name | Version | +| ------------------------------------------------------------------------ | -------- | +| [terraform](#requirement_terraform) | >= 1.0 | +| [aws](#requirement_aws) | >= 5.0.0 | + +## Providers + +No providers. + +## Modules + +| Name | Source | Version | +| -------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------- | ------- | +| [iam_github_oidc_provider](#module_iam_github_oidc_provider) | terraform-aws-modules/iam/aws//modules/iam-github-oidc-provider | ~> 5.24 | +| [iam_github_oidc_readonly_role](#module_iam_github_oidc_readonly_role) | terraform-aws-modules/iam/aws//modules/iam-github-oidc-role | ~> 5.24 | +| [iam_github_oidc_role](#module_iam_github_oidc_role) | terraform-aws-modules/iam/aws//modules/iam-github-oidc-role | ~> 5.24 | + +## Resources + +No resources. + +## Inputs + +| Name | Description | Type | Default | Required | +| --------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------- | -------------- | ------- | :------: | +| [create_oidc_provider](#input_create_oidc_provider) | Whether to create an OIDC provider. | `bool` | `true` | no | +| [create_oidc_readonly_role](#input_create_oidc_readonly_role) | Whether to create a readonly OIDC role. This is useful for pull requests. | `bool` | `true` | no | +| [create_oidc_role](#input_create_oidc_role) | Whether to create an OIDC role. | `bool` | `true` | no | +| [oidc_readonly_role_policies](#input_oidc_readonly_role_policies) | The map of policies to attach to the OIDC readonly role. | `map(string)` | `{}` | no | +| [oidc_role_permissions_boundary_arn](#input_oidc_role_permissions_boundary_arn) | The ARN of the permissions boundary to use for the role. | `string` | `null` | no | +| [oidc_role_policies](#input_oidc_role_policies) | The map of policies to attach to the OIDC role. | `map(string)` | `{}` | no | +| [repositories](#input_repositories) | The list of repositories to add to the OIDC role. | `list(string)` | n/a | yes | + +## Outputs + +| Name | Description | +| -------------------------------------------------------------------------- | ------------------------------- | +| [oidc_role_arn](#output_oidc_role_arn) | The ARN of the GitHub OIDC role | + + diff --git a/infra/terraform/modules/remote-state/README.md b/infra/terraform/modules/remote-state/README.md new file mode 100644 index 0000000000..1ea27d4def --- /dev/null +++ b/infra/terraform/modules/remote-state/README.md @@ -0,0 +1,46 @@ + +## Requirements + +| Name | Version | +|------|---------| +| [terraform](#requirement\_terraform) | >= 1.0 | +| [aws](#requirement\_aws) | >= 5.6.0 | + +## Providers + +| Name | Version | +|------|---------| +| [aws](#provider\_aws) | >= 5.6.0 | + +## Modules + +| Name | Source | Version | +|------|--------|---------| +| [dynamodb\_state\_lock\_policy](#module\_dynamodb\_state\_lock\_policy) | terraform-aws-modules/iam/aws//modules/iam-policy | ~> 5.28 | +| [dynamodb\_table](#module\_dynamodb\_table) | terraform-aws-modules/dynamodb-table/aws | ~> 4.0 | +| [s3](#module\_s3) | terraform-aws-modules/s3-bucket/aws | ~> 4.0 | +| [s3\_state\_policy](#module\_s3\_state\_policy) | terraform-aws-modules/iam/aws//modules/iam-policy | ~> 5.28 | + +## Resources + +| Name | Type | +|------|------| +| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [create\_bucket](#input\_create\_bucket) | Whether to create a state bucket or not. | `bool` | `true` | no | +| [create\_bucket\_policy](#input\_create\_bucket\_policy) | Whether to create a policy for the S3 bucket or not. | `bool` | `true` | no | +| [create\_dynamodb\_policy](#input\_create\_dynamodb\_policy) | Whether to create a policy for the DynamoDB table or not. | `bool` | `true` | no | +| [environment](#input\_environment) | The environment in which the resources are deployed. This is used to create a unique name for the resources. | `string` | `null` | no | +| [identifier](#input\_identifier) | The identifier of the resources. This is used to create a unique name for the resources. | `string` | n/a | yes | + +## Outputs + +| Name | Description | +|------|-------------| +| [dynamodb\_state\_lock\_policy\_arn](#output\_dynamodb\_state\_lock\_policy\_arn) | The ARN of the IAM policy that allows DynamoDB access for state locking | +| [s3\_state\_policy\_arn](#output\_s3\_state\_policy\_arn) | The ARN of the IAM policy that allows S3 access for state locking | +