tfctl 1.4.0 → 1.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3a7ca446d4435cb6780d2b8018e89c8f7b981a247d249ff3fe8083b94edd66ac
-  data.tar.gz: bc7f96ea1cb77fb6366453f4e268e55be5c398e939002f382223c94e09bccbf0
+  metadata.gz: 6a629291d80ced92fb46ec555c3eb0023b5b28defd031e457719f76a30bf9127
+  data.tar.gz: 2be23cc36e785f7fdae92c3717a7808b070549737682ecc26b02779b9cdc6489
 SHA512:
-  metadata.gz: 777d4fd03430d1d54bcf822f3f4087c7e0c55374d69167487057201ef20132abe5de5c2b949cfa33aa1d48c346a9e0cd819db8193af5a8803dacb7d3988e526e
-  data.tar.gz: 5cc2a820f7930d930efc43c8eab98e9b825e6d1cf48390ca929f01b4136cdbd33509978a31e16f5f4956c458e007bc6dc759e86ee9305b4f14d21c77f267d8ab
+  metadata.gz: 1a032960fc4809364bbe28cb85210713bc777b22d18c0041748c300c1e0a25fd01b4eb06bc242bfb880af10f3215c0776916ff32d80a40244d850eedaf514708
+  data.tar.gz: fb9337a42296df0fc17afe77f75cdb5a94c0d1569f94094d8b39d54e1e1b3beab1ba50976cafdebe90cacec5daac8e492ff610be2dd2f206ecbe0bb39f396e3c

data/.bundle/config

@@ -1,3 +1,4 @@
 ---
 BUNDLE_PATH: "vendor/bundle"
 BUNDLE_BIN: "vendor/bin"
+BUNDLE_WITH: "developement"

data/.github/workflows/linter.yml

@@ -1,6 +1,9 @@
 name: Linting
 
-on: [push]
+on:
+  push:
+  pull_request:
+    branches: [ master ]
 
 jobs:
   lint:

data/.github/workflows/release.yml

@@ -27,11 +27,10 @@ jobs:
         env:
           GEM_HOST_API_KEY: "${{secrets.RUBYGEMS_AUTH_TOKEN}}"
       - name: Release on GitHub
-        uses: actions/create-release@v1
-        env:
-          GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
+        uses: ncipollo/release-action@v1
         with:
+          body: 'See [CHANGELOG](https://github.com/scalefactory/tfctl/blob/master/CHANGELOG.adoc) for details.'
+          token: "${{ secrets.GITHUB_TOKEN }}"
           draft: false
           prerelease: false
-          release_name: 'Release ${{ github.ref }}'
-          tag_name: '${{ github.ref }}'
+          artifacts: pkg/*.gem

data/CHANGELOG.adoc

@@ -1,5 +1,13 @@
 = Changelog
 
+== 1.5.0
+
+ * feat: support for setting default tags at AWS provider level.  (Thanks @patrickli)
+   For details see: https://www.hashicorp.com/blog/default-tags-in-the-terraform-aws-provider
+ * feat: new `tf_state_prefix` config parameter. (Thanks @patrickli)
+   Allows setting an path prefix for state files stored in S3.
+ * feat: print version number in output log
+
 == 1.4.0
 
  * feat: support yaml anchors and aliases in configuration file.

data/README.adoc

@@ -20,7 +20,8 @@ endif::[]
 
 = tfctl
 
-image:https://travis-ci.com/scalefactory/tfctl.svg?branch=master["Build Status", link="https://travis-ci.com/scalefactory/tfctl"]
+image:https://github.com/scalefactory/tfctl/actions/workflows/linter.yml/badge.svg["Linter", link="https://github.com/scalefactory/tfctl/actions/workflows/linter.yml"]
+image:https://github.com/scalefactory/tfctl/actions/workflows/test.yml/badge.svg["Tests", link="https://github.com/scalefactory/tfctl/actions/workflows/test.yml"]
 image:https://badge.fury.io/rb/tfctl.svg["Gem Version", link="https://badge.fury.io/rb/tfctl"]
 image:https://img.shields.io/badge/terraform-0.12-blue.svg["Terraform 0.12", link="https://img.shields.io/badge/terraform-0.12-blue"]
 

data/RELEASING.adoc

@@ -6,8 +6,14 @@ releasing a new gem version.
 == Process
 
 * Smoke test in SF test accounts: https://github.com/scalefactory/tfctl-test
-* Bump version in `lib/tfctl/version.rb`
-* Update `CHANGELOG.adoc`
-* Commit
-* Create a new GitHub release and version tag using format: vX.X.X
-* TravisCI will build and release the gem automatically: https://travis-ci.org/github/scalefactory/tfctl
+* Bump version in `lib/tfctl/version.rb`.
+* Update `CHANGELOG.adoc`.
+* Commit.
+* Tag the release using format: vX.X.X and push the tag.
+
+----
+git tag vX.X.X
+git push origin vX.X.X
+----
+
+* GitHub actions will build and release the gem and create a GitHub release automatically.

data/bin/tfctl

@@ -138,7 +138,7 @@ begin
     log_level = options[:debug] ? Logger::DEBUG : Logger::INFO
     log = Tfctl::Logger.new(log_level)
 
-    log.info 'tfctl running'
+    log.info "tfctl #{Tfctl::VERSION} running"
 
     config_name = File.basename(options[:config_file]).chomp('.yaml')
     config_name = 'default' if config_name == 'tfctl'

data/examples/control_tower/tfctl.yaml

@@ -13,6 +13,7 @@
 #
 
 tf_state_bucket: 'CHANGEME'
+# tf_state_prefix: ''
 tf_state_dynamodb_table: 'terraform-lock'
 tf_state_region: 'eu-west-1'
 # Role for accessing state resources
@@ -22,6 +23,7 @@ aws_provider_version: '>= 2.14'
 # Role used by tfctl to retrieve data from AWS Organizations
 # Has to be set up in the primary org account
 tfctl_role_arn: 'arn:aws:iam::PRIMARY_ACCOUNT_ID:role/TfctlRole'
+# default_tags: {}
 
 #
 # Data

data/lib/tfctl/generator.rb

@@ -16,6 +16,7 @@ module Tfctl
 
         def make(account:, config:)
             target_dir = "#{PROJECT_ROOT}/.tfctl/#{config[:config_name]}/#{account[:name]}"
+            tf_state_prefix = config.fetch(:tf_state_prefix, '').delete_suffix('/')
             tf_version = config.fetch(:tf_required_version, '>= 0.12.29')
             aws_provider_version = config.fetch(:aws_provider_version, '>= 2.14')
 
@@ -33,7 +34,7 @@ module Tfctl
                     'backend'            => {
                         's3' => {
                             'bucket'         => config[:tf_state_bucket],
-                            'key'            => "#{account[:name]}/tfstate",
+                            'key'            => [tf_state_prefix, account[:name], 'tfstate'].join('/').delete_prefix('/'),
                             'region'         => config[:tf_state_region],
                             'role_arn'       => config[:tf_state_role_arn],
                             'dynamodb_table' => config[:tf_state_dynamodb_table],
@@ -47,10 +48,13 @@ module Tfctl
             provider_block = {
                 'provider' => {
                     'aws' => {
-                        'region'      => account[:region],
-                        'assume_role' => {
+                        'region'       => account[:region],
+                        'assume_role'  => {
                             'role_arn' => "arn:aws:iam::#{account[:id]}:role/#{account[:tf_execution_role]}",
                         },
+                        'default_tags' => {
+                            'tags' => config.fetch(:default_tags, {}),
+                        },
                     },
                 },
             }

data/lib/tfctl/schema.rb

@@ -34,6 +34,7 @@ module Tfctl
                     'type'       => 'object',
                     'properties' => {
                         'tf_state_bucket'         => { 'type' => 'string' },
+                        'tf_state_prefix'         => { 'type' => 'string' },
                         'tf_state_role_arn'       => {
                             'type'    => 'string',
                             'pattern' => iam_arn_pattern,
@@ -48,6 +49,7 @@ module Tfctl
                         },
                         'data'                    => { 'type' => 'object' },
                         'exclude_accounts'        => { 'type' => 'array' },
+                        'default_tags'            => { 'type' => 'object' },
                         'organization_root'       => org_schema,
                         'organization_units'      => org_schema,
                         'account_overrides'       => org_schema,

data/lib/tfctl/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Tfctl
-    VERSION = '1.4.0'
+    VERSION = '1.5.0'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: tfctl
 version: !ruby/object:Gem::Version
-  version: 1.4.0
+  version: 1.5.0
 platform: ruby
 authors:
 - Andrew Wasilczuk
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-06-23 00:00:00.000000000 Z
+date: 2021-06-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-organizations