diff --git a/.github/workflows/documentation.yaml b/.github/workflows/documentation.yaml new file mode 100644 index 0000000..f754f72 --- /dev/null +++ b/.github/workflows/documentation.yaml @@ -0,0 +1,20 @@ +name: Render Terraform Docs +on: + workflow_call: + +jobs: + terraform-docs: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + with: + ref: ${{ github.event.pull_request.head.ref }} + + - name: Render terraform docs inside the README.md and push changes back to PR branch + uses: terraform-docs/gh-actions@v1.0.0 + with: + config-file: .terraform-docs.yml + working-dir: . + output-file: MODULE_SPECS.md + output-method: inject + git-push: "true" diff --git a/.github/workflows/pull_request.yaml b/.github/workflows/pull_request.yaml index 7dfbab6..701617e 100644 --- a/.github/workflows/pull_request.yaml +++ b/.github/workflows/pull_request.yaml @@ -5,6 +5,7 @@ jobs: build: + name: Terraform Checks and Plans runs-on: ubuntu-latest steps: - name: Checkout @@ -15,7 +16,7 @@ - name: Terraform Format id: fmt - run: terraform fmt -check + run: terraform fmt -recursive -check continue-on-error: true - name: Terraform Init @@ -95,3 +96,8 @@ body: output }) } + + documentation: + name: Render Terraform Docs + needs: build + uses: ./.github/workflows/documentation.yaml diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml new file mode 100644 index 0000000..c6cb5d6 --- /dev/null +++ b/.github/workflows/release.yaml @@ -0,0 +1,21 @@ +name: Release Terraform Module + +on: + workflow_dispatch: + push: + branches: + - main + +permissions: + contents: write + pull-requests: write + +jobs: + release-please: + runs-on: ubuntu-latest + steps: + - uses: google-github-actions/release-please-action@v3 + with: + release-type: terraform-module + default-branch: main + pull-request-title-pattern: "ci: release ${version}" diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index b406c06..1e2c8a3 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -57,6 +57,10 @@ $ pre-commit install $ pre-commit run ``` -## Documentation +## Commits Convention -TBD. +Please follow +the [Conventional Commits](https://www.conventionalcommits.org/en/v1.0.0/) to +create commit messages. This facilitates the usage of the +[Release Please Action](https://github.com/google-github-actions/release-please-action) +for automated releases of the Terraform module. diff --git a/MODULE_SPECS.md b/MODULE_SPECS.md new file mode 100644 index 0000000..b2e8deb --- /dev/null +++ b/MODULE_SPECS.md @@ -0,0 +1,32 @@ +# Terraform Module Specifications + +This documentation shows the detailed specifications of the IAM bundle +Terraform module. + + +## Providers + +| Name | Version | +|------|---------| +| [juju](#provider\_juju) | 0.8.0 | +## Requirements + +| Name | Version | +|------|---------| +| [terraform](#requirement\_terraform) | >= 1.5.0 | +| [juju](#requirement\_juju) | ~> 0.8.0 | +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [model](#input\_model) | The name of the Juju model to deploy to. | `string` | `"iam-bundle"` | no | +| [cloud](#input\_cloud) | The Juju cloud information. | 
object({
    name   = string
    region = string
  })
| 
{
  "name": "microk8s",
  "region": "localhost"
}
| no | +| [hydra](#input\_hydra) | The configurations of the Hydra application. | 
object({
    units   = optional(number, 1)
    channel = optional(string, "edge")
    series  = optional(string, "jammy")
    trust   = optional(string, true)
    config  = optional(map(string), {})
  })
| `{}` | no | +| [kratos](#input\_kratos) | The configurations of the Kratos application. | 
object({
    units   = optional(number, 1)
    channel = optional(string, "edge")
    series  = optional(string, "jammy")
    trust   = optional(string, true)
    config  = optional(map(string), {})
  })
| `{}` | no | +| [login\_ui](#input\_login\_ui) | The configurations of the Identity Platform Login UI application. | 
object({
    units   = optional(number, 1)
    trust   = optional(bool, true)
    config  = optional(map(string), {})
    channel = optional(string, "edge")
    series  = optional(string, "jammy")
  })
| `{}` | no | +| [idp\_provider\_config](#input\_idp\_provider\_config) | The external Idp provider configurations. | 
object({
    client_id : string
    issuer_url : optional(string)
    provider : string
    provider_id : string
    scope : optional(string, "profile email address phone")
    microsoft_tenant_id : optional(string)
    apple_team_id : optional(string)
    apple_private_key_id : optional(string)
  })
| 
{
  "client_id": "client_id",
  "provider": "generic",
  "provider_id": "provider_id"
}
| no | +| [idp\_provider\_credentials](#input\_idp\_provider\_credentials) | The external Idp provider credentials. | 
object({
    client_secret : string
    apple_private_key : optional(string)
  })
| 
{
  "client_secret": "client_secret"
}
| no | +## Outputs + +No outputs. + diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..5a1b2f5 --- /dev/null +++ b/Makefile @@ -0,0 +1,26 @@ +.PHONY: init fmt validate plan + +## help: Show help messages. +help: + @fgrep -h "##" $(MAKEFILE_LIST) | fgrep -v fgrep | sed -e 's/\\$$//' | sed -e 's/##//' + +## init: Initialize remote S3 backend. +init: + @terraform init + +## fmt: Format the Terraform module to a canonical format and style. +fmt: + @terraform fmt -recursive + +## validate: Check syntactical validation. +validate: + @terraform validate + +## plan: Plan the changes. +plan: verify-var-file-set + @terraform plan -var-files=${VAR_FILE} + +verify-var-file-set: +ifndef VAR_FILE + $(error VAR_FILE is not defined. Please provide VAR_FILE.) +endif diff --git a/README.md b/README.md index a16837c..34fbc05 100644 --- a/README.md +++ b/README.md @@ -55,6 +55,10 @@ $ juju status --relations TBD. +## Terraform Module Specifications + +Please refer to the [doc](./MODULE_SPECS.md) to learn the module specifications. + ## Contributing Please refer to the [doc](./CONTRIBUTING.md) to learn how to make code changes.