From 4ab21f9aaeb3ba67f2fbd7fa828167b2bd1ee08c Mon Sep 17 00:00:00 2001 From: Gabe Cook Date: Wed, 8 Nov 2023 02:42:02 -0600 Subject: [PATCH] chore(terraform): Remove Terraform [skip ci] --- .pre-commit-config.yaml | 6 - terraform/.gitignore | 2 - terraform/.terraform.lock.hcl | 38 ------- terraform/README.md | 47 -------- terraform/acm_certificate.tf | 21 ---- terraform/mnemonic_ninja_dev.tf | 24 ---- terraform/mnemonic_ninja_prod.tf | 25 ----- terraform/modules/mnemonic-ninja/README.md | 50 --------- .../modules/mnemonic-ninja/cloudfront.tf | 104 ------------------ terraform/modules/mnemonic-ninja/iam.tf | 67 ----------- terraform/modules/mnemonic-ninja/inputs.tf | 24 ---- terraform/modules/mnemonic-ninja/s3.tf | 45 -------- terraform/providers.tf | 24 ---- 13 files changed, 477 deletions(-) delete mode 100644 terraform/.gitignore delete mode 100644 terraform/.terraform.lock.hcl delete mode 100644 terraform/README.md delete mode 100644 terraform/acm_certificate.tf delete mode 100644 terraform/mnemonic_ninja_dev.tf delete mode 100644 terraform/mnemonic_ninja_prod.tf delete mode 100644 terraform/modules/mnemonic-ninja/README.md delete mode 100644 terraform/modules/mnemonic-ninja/cloudfront.tf delete mode 100644 terraform/modules/mnemonic-ninja/iam.tf delete mode 100644 terraform/modules/mnemonic-ninja/inputs.tf delete mode 100644 terraform/modules/mnemonic-ninja/s3.tf delete mode 100644 terraform/providers.tf diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 7abc1a31..43ba6bd0 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -18,9 +18,3 @@ repos: types_or: [javascript, vue] args: - --fix - - - repo: https://github.com/antonbabenko/pre-commit-terraform - rev: v1.83.4 - hooks: - - id: terraform_fmt - - id: terraform_docs diff --git a/terraform/.gitignore b/terraform/.gitignore deleted file mode 100644 index 4dd7ebfa..00000000 --- a/terraform/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -.terraform -terraform.tfstate* diff --git a/terraform/.terraform.lock.hcl b/terraform/.terraform.lock.hcl deleted file mode 100644 index 98265ebc..00000000 --- a/terraform/.terraform.lock.hcl +++ /dev/null @@ -1,38 +0,0 @@ -# This file is maintained automatically by "terraform init". -# Manual edits may be lost in future updates. - -provider "registry.terraform.io/hashicorp/aws" { - version = "5.4.0" - constraints = "5.4.0" - hashes = [ - "h1:1Djpqeus5NLW5rES1EIuF3qbhjl0s3s5HkQBl2RS5qc=", - "h1:4eGsUS3r5eApQc19t8woc6d+sQLaOBaCSaK5GyGcWf0=", - "h1:D7ZvMVItvG+jFEB1fr5AN+OVSUblsM5HpoAI1dV2lFk=", - "h1:Jol4lNIzMrREQzUBSveCLX0iQLy7dm0OF+IYY2GKrhY=", - "h1:M253zF5zbQ4Lit8LjatPunVeC95M7uNAnZ/E4Rhi6eg=", - "h1:M5UQKw4GJyfUl1NuBK3uGpsxX5KxINlkj6kyncs2eWQ=", - "h1:MACq2O9HPinKeERMLDE21mU5kVu+6PzZkgD/4tC2hDM=", - "h1:MQkrLSSqWpTOK2Fk/1whMF9lKAb7QhbUSK2ivmo93qY=", - "h1:NarTxtK1uruAkUvGwIyjgDRjcqisqLNGjWcMPjZFvlk=", - "h1:Od6CRLggiQtBGkuaOR4hDiEiCTxrYS8aI1oOmOCPmAg=", - "h1:V2yz+EYWnLU/fWdsk8UX7oFuAKTBLTHDdLKB6NG7th0=", - "h1:cBneXENKHfGMMqBnP2PjRvEGSw86vOnZdc+KwG54Uj0=", - "h1:m9NZtCXWhGKmGq60WJFmXApG8sF06RnSmzUFFGZmL1o=", - "h1:ny1YPz2LiHTasDVNh6/HEvh1c9+TN/ftgAHh84bmy1E=", - "zh:1db5f81089216831bb0fdff9ddc3772efa133397c66ec276bc75b96eec06e23f", - "zh:26fe5fdf399192b5724d21854fbec650c158f8ee9eb1dc52a50f7da0f2bc07ac", - "zh:2946d9e333b1efe01588ee9f9771169fd3c3a4a7cb78ed8f91e8b3efd1a73850", - "zh:36ed69e8d3029332c8a52a70940f714fd579b9fd95f5569cc010ef11162f5bf7", - "zh:46ba5ad1c3a3ef98c346356cfa4bdd9c2501c661c2513bb92f4413f2482fb24b", - "zh:46c10aaa9672b54a14b0e0effdd6ecd9b8a539b3bfe273ac54111e7352a7bb4b", - "zh:47d7f57bcbe4fba2f960ab6c4228c5e9e586be2f233a8baa8962b51a63337179", - "zh:47e41c198439ba1c4d933f808b6f47e518f8f0aae25ca42abcac97f149121e90", - "zh:526c5834de71654ee14039cb973322bf5032cb684a2a113b48fb48a0584f46f3", - "zh:6169316517b95677819ba2904dcea204fb9b55e868348e906af9164104fe7198", - "zh:7c063ef2b8d69a8db7e8bf0dcd45793ede22b259b30464ed114d330df304cdbb", - "zh:87c4f2faca636715a08be3121d26b3354415401eab89349077ca9436a0822c23", - "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", - "zh:b184b8a268f45258edd27d389ca793708f1bc3ee4d6706d154a45e93deaddde1", - "zh:ba1a998cbf4b639fa3e04b9069f0f5a289662457940726a8a51c81df400aa852", - ] -} diff --git a/terraform/README.md b/terraform/README.md deleted file mode 100644 index 81aca554..00000000 --- a/terraform/README.md +++ /dev/null @@ -1,47 +0,0 @@ -# Mnemonic Ninja Terraform - - -## Requirements - -| Name | Version | -|------|---------| -| [aws](#requirement\_aws) | 5.18.1 | - -## Providers - -| Name | Version | -|------|---------| -| [aws](#provider\_aws) | 5.4.0 | -| [aws.us-east-1](#provider\_aws.us-east-1) | 5.4.0 | - -## Modules - -| Name | Source | Version | -|------|--------|---------| -| [dev](#module\_dev) | ./modules/mnemonic-ninja | n/a | -| [prod](#module\_prod) | ./modules/mnemonic-ninja | n/a | - -## Resources - -| Name | Type | -|------|------| -| [aws_acm_certificate.app](https://registry.terraform.io/providers/hashicorp/aws/5.18.1/docs/resources/acm_certificate) | resource | -| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/5.18.1/docs/data-sources/caller_identity) | data source | - -## Inputs - -| Name | Description | Type | Default | Required | -|------|-------------|------|---------|:--------:| -| [dev\_hostname](#input\_dev\_hostname) | Dev hostname | `string` | `"dev.mnemonic.ninja"` | no | -| [prod\_hostname](#input\_prod\_hostname) | Prod hostname | `string` | `"mnemonic.ninja"` | no | - -## Outputs - -| Name | Description | -|------|-------------| -| [cert\_validation\_records](#output\_cert\_validation\_records) | ACM certificate validation DNS records | -| [dev\_cloudfront\_hostname](#output\_dev\_cloudfront\_hostname) | Dev Cloudfront hostname | -| [dev\_hostname](#output\_dev\_hostname) | Dev hostname | -| [prod\_cloudfront\_hostname](#output\_prod\_cloudfront\_hostname) | Prod Cloudfront hostname | -| [prod\_hostname](#output\_prod\_hostname) | Prod hostname | - diff --git a/terraform/acm_certificate.tf b/terraform/acm_certificate.tf deleted file mode 100644 index cd4654e0..00000000 --- a/terraform/acm_certificate.tf +++ /dev/null @@ -1,21 +0,0 @@ -resource "aws_acm_certificate" "app" { - provider = aws.us-east-1 - - domain_name = "mnemonic.ninja" - validation_method = "DNS" - - subject_alternative_names = ["*.mnemonic.ninja"] - - tags = { - app = "mnemonic-ninja" - } - - lifecycle { - create_before_destroy = true - } -} - -output "cert_validation_records" { - value = aws_acm_certificate.app.domain_validation_options - description = "ACM certificate validation DNS records" -} diff --git a/terraform/mnemonic_ninja_dev.tf b/terraform/mnemonic_ninja_dev.tf deleted file mode 100644 index 8d3e5867..00000000 --- a/terraform/mnemonic_ninja_dev.tf +++ /dev/null @@ -1,24 +0,0 @@ -variable "dev_hostname" { - type = string - default = "dev.mnemonic.ninja" - description = "Dev hostname" -} - -module "dev" { - source = "./modules/mnemonic-ninja" - - aws_account_id = data.aws_caller_identity.current.account_id - env = "dev" - hostname = var.dev_hostname - acm_certificate_arn = aws_acm_certificate.app.arn -} - -output "dev_cloudfront_hostname" { - value = module.dev.distribution_hostname - description = "Dev Cloudfront hostname" -} - -output "dev_hostname" { - value = var.dev_hostname - description = "Dev hostname" -} diff --git a/terraform/mnemonic_ninja_prod.tf b/terraform/mnemonic_ninja_prod.tf deleted file mode 100644 index 5ba010a6..00000000 --- a/terraform/mnemonic_ninja_prod.tf +++ /dev/null @@ -1,25 +0,0 @@ -variable "prod_hostname" { - type = string - default = "mnemonic.ninja" - description = "Prod hostname" -} - -module "prod" { - source = "./modules/mnemonic-ninja" - - aws_account_id = data.aws_caller_identity.current.account_id - env = "prod" - hostname = var.prod_hostname - acm_certificate_arn = aws_acm_certificate.app.arn - cloudfront_price_class = "PriceClass_200" -} - -output "prod_cloudfront_hostname" { - value = module.prod.distribution_hostname - description = "Prod Cloudfront hostname" -} - -output "prod_hostname" { - value = var.prod_hostname - description = "Prod hostname" -} diff --git a/terraform/modules/mnemonic-ninja/README.md b/terraform/modules/mnemonic-ninja/README.md deleted file mode 100644 index 54c88999..00000000 --- a/terraform/modules/mnemonic-ninja/README.md +++ /dev/null @@ -1,50 +0,0 @@ -# Mnemonic Ninja App Module - - -## Requirements - -No requirements. - -## Providers - -| Name | Version | -|------|---------| -| [aws](#provider\_aws) | n/a | - -## Modules - -No modules. - -## Resources - -| Name | Type | -|------|------| -| [aws_cloudfront_distribution.app](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution) | resource | -| [aws_cloudfront_origin_access_control.app](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_origin_access_control) | resource | -| [aws_cloudfront_response_headers_policy.security_headers](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_response_headers_policy) | resource | -| [aws_iam_policy.ci](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource | -| [aws_iam_role.ci](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource | -| [aws_iam_role_policy_attachment.ci](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource | -| [aws_s3_bucket.app](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket) | resource | -| [aws_s3_bucket_policy.app](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy) | resource | -| [aws_cloudfront_cache_policy.caching_optimized](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/cloudfront_cache_policy) | data source | -| [aws_iam_policy_document.cloudfront_to_s3](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | -| [aws_iam_policy_document.role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | - -## Inputs - -| Name | Description | Type | Default | Required | -|------|-------------|------|---------|:--------:| -| [acm\_certificate\_arn](#input\_acm\_certificate\_arn) | ACM certificate ARN | `string` | n/a | yes | -| [aws\_account\_id](#input\_aws\_account\_id) | AWS account ID | `string` | n/a | yes | -| [cloudfront\_price\_class](#input\_cloudfront\_price\_class) | n/a | `string` | `"PriceClass_100"` | no | -| [env](#input\_env) | Environment name | `string` | n/a | yes | -| [hostname](#input\_hostname) | Deployment hostname | `string` | n/a | yes | - -## Outputs - -| Name | Description | -|------|-------------| -| [distribution\_hostname](#output\_distribution\_hostname) | Cloudfront distribution hostname | - diff --git a/terraform/modules/mnemonic-ninja/cloudfront.tf b/terraform/modules/mnemonic-ninja/cloudfront.tf deleted file mode 100644 index 7f2a9774..00000000 --- a/terraform/modules/mnemonic-ninja/cloudfront.tf +++ /dev/null @@ -1,104 +0,0 @@ -resource "aws_cloudfront_distribution" "app" { - origin { - domain_name = aws_s3_bucket.app.bucket_regional_domain_name - origin_access_control_id = aws_cloudfront_origin_access_control.app.id - origin_id = aws_s3_bucket.app.id - } - - enabled = "true" - is_ipv6_enabled = "true" - default_root_object = "index.html" - http_version = "http2and3" - aliases = [var.hostname] - - default_cache_behavior { - allowed_methods = ["GET", "HEAD"] - cached_methods = ["GET", "HEAD"] - target_origin_id = aws_s3_bucket.app.id - - cache_policy_id = data.aws_cloudfront_cache_policy.caching_optimized.id - response_headers_policy_id = aws_cloudfront_response_headers_policy.security_headers.id - compress = "true" - viewer_protocol_policy = "redirect-to-https" - } - - price_class = var.cloudfront_price_class - - viewer_certificate { - acm_certificate_arn = var.acm_certificate_arn - minimum_protocol_version = "TLSv1.2_2021" - ssl_support_method = "sni-only" - } - - custom_error_response { - error_caching_min_ttl = "86400" - error_code = "404" - response_code = "200" - response_page_path = "/index.html" - } - - restrictions { - geo_restriction { - restriction_type = "none" - locations = [] - } - } - - tags = { - app = "mnemonic-ninja" - env = var.env - } - - lifecycle { - prevent_destroy = true - } -} - -resource "aws_cloudfront_origin_access_control" "app" { - name = var.hostname - origin_access_control_origin_type = "s3" - signing_behavior = "always" - signing_protocol = "sigv4" -} - -data "aws_cloudfront_cache_policy" "caching_optimized" { - name = "Managed-CachingOptimized" -} - -resource "aws_cloudfront_response_headers_policy" "security_headers" { - name = "mnemonic-ninja-${var.env}" - - security_headers_config { - strict_transport_security { - access_control_max_age_sec = 31536000 - preload = true - include_subdomains = true - override = true - } - - content_type_options { - override = true - } - - frame_options { - frame_option = "SAMEORIGIN" - override = true - } - - xss_protection { - protection = true - mode_block = true - override = true - } - - referrer_policy { - referrer_policy = "strict-origin-when-cross-origin" - override = true - } - } -} - -output "distribution_hostname" { - value = aws_cloudfront_distribution.app.domain_name - description = "Cloudfront distribution hostname" -} diff --git a/terraform/modules/mnemonic-ninja/iam.tf b/terraform/modules/mnemonic-ninja/iam.tf deleted file mode 100644 index cbe57f3b..00000000 --- a/terraform/modules/mnemonic-ninja/iam.tf +++ /dev/null @@ -1,67 +0,0 @@ -resource "aws_iam_policy" "ci" { - name = "mnemonic-ninja-${var.env}-ci" - policy = data.aws_iam_policy_document.policy.json - - tags = { - app = "mnemonic-ninja" - env = var.env - } -} - -resource "aws_iam_role" "ci" { - name = "mnemonic-ninja-${var.env}-ci" - assume_role_policy = data.aws_iam_policy_document.role.json - managed_policy_arns = [aws_iam_policy.ci.arn] - max_session_duration = "3600" -} - -resource "aws_iam_role_policy_attachment" "ci" { - role = aws_iam_role.ci.name - policy_arn = aws_iam_policy.ci.arn -} - -data "aws_iam_policy_document" "policy" { - statement { - actions = [ - "cloudfront:CreateInvalidation", - "s3:GetBucketLocation", - "s3:ListBucket", - "s3:GetObject", - "s3:PutObject", - "s3:DeleteObject", - ] - - resources = [ - aws_s3_bucket.app.arn, - "${aws_s3_bucket.app.arn}/*", - aws_cloudfront_distribution.app.arn, - ] - } -} - -data "aws_iam_policy_document" "role" { - statement { - actions = [ - "sts:AssumeRoleWithWebIdentity", - ] - - condition { - test = "StringEquals" - variable = "token.actions.githubusercontent.com:aud" - values = ["sts.amazonaws.com"] - } - - condition { - test = "StringLike" - variable = "token.actions.githubusercontent.com:sub" - values = ["repo:gabe565/mnemonic-ninja:environment:${var.env}"] - } - - principals { - type = "Federated" - identifiers = [ - "arn:aws:iam::${var.aws_account_id}:oidc-provider/token.actions.githubusercontent.com" - ] - } - } -} diff --git a/terraform/modules/mnemonic-ninja/inputs.tf b/terraform/modules/mnemonic-ninja/inputs.tf deleted file mode 100644 index 6b5c2cf6..00000000 --- a/terraform/modules/mnemonic-ninja/inputs.tf +++ /dev/null @@ -1,24 +0,0 @@ -variable "aws_account_id" { - type = string - description = "AWS account ID" -} - -variable "env" { - type = string - description = "Environment name" -} - -variable "hostname" { - type = string - description = "Deployment hostname" -} - -variable "acm_certificate_arn" { - type = string - description = "ACM certificate ARN" -} - -variable "cloudfront_price_class" { - type = string - default = "PriceClass_100" -} diff --git a/terraform/modules/mnemonic-ninja/s3.tf b/terraform/modules/mnemonic-ninja/s3.tf deleted file mode 100644 index 4ba839b8..00000000 --- a/terraform/modules/mnemonic-ninja/s3.tf +++ /dev/null @@ -1,45 +0,0 @@ -resource "aws_s3_bucket" "app" { - bucket = var.hostname - - tags = { - app = "mnemonic-ninja" - env = var.env - } - - lifecycle { - prevent_destroy = true - } -} - -resource "aws_s3_bucket_policy" "app" { - bucket = aws_s3_bucket.app.id - policy = data.aws_iam_policy_document.cloudfront_to_s3.json -} - -data "aws_iam_policy_document" "cloudfront_to_s3" { - policy_id = "PolicyForCloudFrontPrivateContent" - statement { - sid = "AllowCloudFrontServicePrincipal" - principals { - type = "Service" - identifiers = ["cloudfront.amazonaws.com"] - } - actions = [ - "s3:ListBucket", - "s3:GetObject", - ] - resources = [ - aws_s3_bucket.app.arn, - "${aws_s3_bucket.app.arn}/*", - ] - - condition { - test = "StringEquals" - variable = "AWS:SourceArn" - - values = [ - aws_cloudfront_distribution.app.arn - ] - } - } -} diff --git a/terraform/providers.tf b/terraform/providers.tf deleted file mode 100644 index 0d486e50..00000000 --- a/terraform/providers.tf +++ /dev/null @@ -1,24 +0,0 @@ -terraform { - backend "s3" { - bucket = "gabe565-terraform" - key = "mnemonic_ninja.tfstate" - region = "us-east-2" - } - - required_providers { - aws = { - version = "5.18.1" - } - } -} - -provider "aws" { - alias = "us-east-1" - region = "us-east-1" -} - -provider "aws" { - region = "us-east-2" -} - -data "aws_caller_identity" "current" {}