@k2works/claude-code-booster 3.6.1 → 3.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (713) hide show
  1. package/LICENSE +21 -21
  2. package/README.md +42 -42
  3. package/bin/claude-code-booster +90 -90
  4. package/lib/assets/.claude/README.md +258 -239
  5. package/lib/assets/.claude/agent-memory/xp-programmer/MEMORY.md +6 -0
  6. package/lib/assets/.claude/agent-memory/xp-programmer/project_cargo_tracker.md +11 -0
  7. package/lib/assets/.claude/agent-memory/xp-programmer/project_ddd_patterns.md +27 -0
  8. package/lib/assets/.claude/agent-memory/xp-programmer/project_us07_route_assignment.md +19 -0
  9. package/lib/assets/.claude/scripts/generate-inception-deck.mjs +911 -911
  10. package/lib/assets/.claude/settings.json +11 -11
  11. package/lib/assets/.claude/skills/ai-agent-guidelines/SKILL.md +111 -111
  12. package/lib/assets/.claude/skills/analyzing-architecture/SKILL.md +83 -83
  13. package/lib/assets/.claude/skills/analyzing-business/SKILL.md +95 -95
  14. package/lib/assets/.claude/skills/analyzing-data-model/SKILL.md +77 -77
  15. package/lib/assets/.claude/skills/analyzing-domain-model/SKILL.md +117 -117
  16. package/lib/assets/.claude/skills/analyzing-inception-deck/SKILL.md +84 -84
  17. package/lib/assets/.claude/skills/analyzing-non-functional/SKILL.md +95 -95
  18. package/lib/assets/.claude/skills/analyzing-operation/SKILL.md +95 -95
  19. package/lib/assets/.claude/skills/analyzing-requirements/SKILL.md +91 -91
  20. package/lib/assets/.claude/skills/analyzing-tech-stack/SKILL.md +101 -101
  21. package/lib/assets/.claude/skills/analyzing-test-strategy/SKILL.md +89 -89
  22. package/lib/assets/.claude/skills/analyzing-ui-design/SKILL.md +80 -80
  23. package/lib/assets/.claude/skills/analyzing-usecases/SKILL.md +72 -72
  24. package/lib/assets/.claude/skills/creating-adr/SKILL.md +113 -113
  25. package/lib/assets/.claude/skills/developing-backend/SKILL.md +100 -100
  26. package/lib/assets/.claude/skills/developing-frontend/SKILL.md +93 -93
  27. package/lib/assets/.claude/skills/developing-release/SKILL.md +120 -120
  28. package/lib/assets/.claude/skills/generating-bmc/SKILL.md +97 -0
  29. package/lib/assets/.claude/skills/generating-slides/SKILL.md +94 -94
  30. package/lib/assets/.claude/skills/git-commit/SKILL.md +81 -81
  31. package/lib/assets/.claude/skills/killing-processes/SKILL.md +44 -44
  32. package/lib/assets/.claude/skills/operating-backup/SKILL.md +59 -59
  33. package/lib/assets/.claude/skills/operating-cicd/SKILL.md +54 -54
  34. package/lib/assets/.claude/skills/operating-deploy/SKILL.md +67 -67
  35. package/lib/assets/.claude/skills/operating-docs/SKILL.md +219 -219
  36. package/lib/assets/.claude/skills/operating-provision/SKILL.md +77 -77
  37. package/lib/assets/.claude/skills/operating-setup/SKILL.md +63 -63
  38. package/lib/assets/.claude/skills/orchestrating-analysis/SKILL.md +104 -104
  39. package/lib/assets/.claude/skills/orchestrating-development/SKILL.md +162 -162
  40. package/lib/assets/.claude/skills/orchestrating-operation/SKILL.md +158 -158
  41. package/lib/assets/.claude/skills/orchestrating-project/SKILL.md +144 -144
  42. package/lib/assets/.claude/skills/planning-releases/SKILL.md +119 -119
  43. package/lib/assets/.claude/skills/syncing-github-project/SKILL.md +151 -151
  44. package/lib/assets/.claude/skills/tracking-progress/SKILL.md +91 -91
  45. package/lib/assets/.claude/skills/validating-iteration-plan/SKILL.md +215 -215
  46. package/lib/assets/.devcontainer/devcontainer.json +34 -34
  47. package/lib/assets/.env.example +17 -17
  48. package/lib/assets/.gitattributes +4 -4
  49. package/lib/assets/.github/workflows/docker-publish.yml +77 -77
  50. package/lib/assets/.github/workflows/mkdocs.yml +39 -39
  51. package/lib/assets/AGENTS.md +94 -94
  52. package/lib/assets/CLAUDE.md +1 -0
  53. package/lib/assets/README.md +254 -254
  54. package/lib/assets/docker-compose.yml +33 -33
  55. package/lib/assets/docs/adr/index.md +10 -10
  56. package/lib/assets/docs/article/functional-desgin-ppp/all/01-immutability-and-data-transformation.md +475 -475
  57. package/lib/assets/docs/article/functional-desgin-ppp/all/02-function-composition.md +519 -519
  58. package/lib/assets/docs/article/functional-desgin-ppp/all/03-polymorphism.md +537 -537
  59. package/lib/assets/docs/article/functional-desgin-ppp/all/04-data-validation.md +300 -300
  60. package/lib/assets/docs/article/functional-desgin-ppp/all/05-property-based-testing.md +320 -320
  61. package/lib/assets/docs/article/functional-desgin-ppp/all/06-tdd-and-functional.md +498 -498
  62. package/lib/assets/docs/article/functional-desgin-ppp/all/07-composite-pattern.md +298 -298
  63. package/lib/assets/docs/article/functional-desgin-ppp/all/08-decorator-pattern.md +291 -291
  64. package/lib/assets/docs/article/functional-desgin-ppp/all/09-adapter-pattern.md +336 -336
  65. package/lib/assets/docs/article/functional-desgin-ppp/all/10-strategy-pattern.md +303 -303
  66. package/lib/assets/docs/article/functional-desgin-ppp/all/11-command-pattern.md +286 -286
  67. package/lib/assets/docs/article/functional-desgin-ppp/all/12-visitor-pattern.md +322 -322
  68. package/lib/assets/docs/article/functional-desgin-ppp/all/13-abstract-factory-pattern.md +319 -319
  69. package/lib/assets/docs/article/functional-desgin-ppp/all/14-abstract-server-pattern.md +365 -365
  70. package/lib/assets/docs/article/functional-desgin-ppp/all/15-gossiping-bus-drivers.md +156 -156
  71. package/lib/assets/docs/article/functional-desgin-ppp/all/16-payroll-system.md +178 -178
  72. package/lib/assets/docs/article/functional-desgin-ppp/all/17-video-rental-system.md +312 -312
  73. package/lib/assets/docs/article/functional-desgin-ppp/all/18-concurrency-system.md +287 -287
  74. package/lib/assets/docs/article/functional-desgin-ppp/all/19-wa-tor-simulation.md +286 -286
  75. package/lib/assets/docs/article/functional-desgin-ppp/all/20-pattern-interactions.md +274 -274
  76. package/lib/assets/docs/article/functional-desgin-ppp/all/21-best-practices.md +294 -294
  77. package/lib/assets/docs/article/functional-desgin-ppp/all/22-oo-to-fp-migration.md +337 -337
  78. package/lib/assets/docs/article/functional-desgin-ppp/all/index.md +388 -388
  79. package/lib/assets/docs/article/functional-desgin-ppp/clojure/01-immutability-and-data-transformation.md +273 -273
  80. package/lib/assets/docs/article/functional-desgin-ppp/clojure/02-function-composition.md +380 -380
  81. package/lib/assets/docs/article/functional-desgin-ppp/clojure/03-polymorphism.md +384 -384
  82. package/lib/assets/docs/article/functional-desgin-ppp/clojure/04-clojure-spec.md +350 -350
  83. package/lib/assets/docs/article/functional-desgin-ppp/clojure/05-property-based-testing.md +352 -352
  84. package/lib/assets/docs/article/functional-desgin-ppp/clojure/06-tdd-in-functional.md +383 -383
  85. package/lib/assets/docs/article/functional-desgin-ppp/clojure/07-composite-pattern.md +529 -529
  86. package/lib/assets/docs/article/functional-desgin-ppp/clojure/08-decorator-pattern.md +395 -395
  87. package/lib/assets/docs/article/functional-desgin-ppp/clojure/09-adapter-pattern.md +399 -399
  88. package/lib/assets/docs/article/functional-desgin-ppp/clojure/10-strategy-pattern.md +485 -485
  89. package/lib/assets/docs/article/functional-desgin-ppp/clojure/11-command-pattern.md +566 -566
  90. package/lib/assets/docs/article/functional-desgin-ppp/clojure/12-visitor-pattern.md +567 -567
  91. package/lib/assets/docs/article/functional-desgin-ppp/clojure/13-abstract-factory-pattern.md +475 -475
  92. package/lib/assets/docs/article/functional-desgin-ppp/clojure/14-abstract-server-pattern.md +462 -462
  93. package/lib/assets/docs/article/functional-desgin-ppp/clojure/15-gossiping-bus-drivers.md +325 -325
  94. package/lib/assets/docs/article/functional-desgin-ppp/clojure/16-payroll-system.md +401 -401
  95. package/lib/assets/docs/article/functional-desgin-ppp/clojure/17-video-rental-system.md +450 -450
  96. package/lib/assets/docs/article/functional-desgin-ppp/clojure/18-concurrency-system.md +475 -475
  97. package/lib/assets/docs/article/functional-desgin-ppp/clojure/19-wator-simulation.md +739 -739
  98. package/lib/assets/docs/article/functional-desgin-ppp/clojure/20-pattern-interactions.md +567 -567
  99. package/lib/assets/docs/article/functional-desgin-ppp/clojure/21-best-practices.md +518 -518
  100. package/lib/assets/docs/article/functional-desgin-ppp/clojure/22-oo-to-fp-migration.md +532 -532
  101. package/lib/assets/docs/article/functional-desgin-ppp/clojure/index.md +241 -241
  102. package/lib/assets/docs/article/functional-desgin-ppp/elixir/01-immutability-and-data-transformation.md +383 -383
  103. package/lib/assets/docs/article/functional-desgin-ppp/elixir/02-function-composition.md +374 -374
  104. package/lib/assets/docs/article/functional-desgin-ppp/elixir/03-polymorphism.md +375 -375
  105. package/lib/assets/docs/article/functional-desgin-ppp/elixir/04-data-validation.md +195 -195
  106. package/lib/assets/docs/article/functional-desgin-ppp/elixir/05-property-based-testing.md +268 -268
  107. package/lib/assets/docs/article/functional-desgin-ppp/elixir/06-tdd-and-fp.md +294 -294
  108. package/lib/assets/docs/article/functional-desgin-ppp/elixir/07-effects-and-pure-functions.md +164 -164
  109. package/lib/assets/docs/article/functional-desgin-ppp/elixir/08-error-handling-strategies.md +168 -168
  110. package/lib/assets/docs/article/functional-desgin-ppp/elixir/09-io-and-external-systems.md +254 -254
  111. package/lib/assets/docs/article/functional-desgin-ppp/elixir/10-concurrency-patterns.md +269 -269
  112. package/lib/assets/docs/article/functional-desgin-ppp/elixir/11-command-pattern.md +148 -148
  113. package/lib/assets/docs/article/functional-desgin-ppp/elixir/12-visitor-pattern.md +176 -176
  114. package/lib/assets/docs/article/functional-desgin-ppp/elixir/13-abstract-factory-pattern.md +604 -604
  115. package/lib/assets/docs/article/functional-desgin-ppp/elixir/14-abstract-server-pattern.md +729 -729
  116. package/lib/assets/docs/article/functional-desgin-ppp/elixir/15-gossiping-bus-drivers.md +291 -291
  117. package/lib/assets/docs/article/functional-desgin-ppp/elixir/16-payroll-system.md +420 -420
  118. package/lib/assets/docs/article/functional-desgin-ppp/elixir/17-video-rental-system.md +319 -319
  119. package/lib/assets/docs/article/functional-desgin-ppp/elixir/18-concurrency-system.md +466 -466
  120. package/lib/assets/docs/article/functional-desgin-ppp/elixir/19-wator-simulation.md +523 -523
  121. package/lib/assets/docs/article/functional-desgin-ppp/elixir/20-pattern-interactions.md +287 -287
  122. package/lib/assets/docs/article/functional-desgin-ppp/elixir/21-best-practices.md +340 -340
  123. package/lib/assets/docs/article/functional-desgin-ppp/elixir/22-oo-to-fp-migration.md +395 -395
  124. package/lib/assets/docs/article/functional-desgin-ppp/elixir/index.md +248 -248
  125. package/lib/assets/docs/article/functional-desgin-ppp/fsharp/01-immutability-and-data-transformation.md +384 -384
  126. package/lib/assets/docs/article/functional-desgin-ppp/fsharp/02-function-composition.md +452 -452
  127. package/lib/assets/docs/article/functional-desgin-ppp/fsharp/03-polymorphism.md +495 -495
  128. package/lib/assets/docs/article/functional-desgin-ppp/fsharp/04-data-validation.md +416 -416
  129. package/lib/assets/docs/article/functional-desgin-ppp/fsharp/05-property-based-testing.md +382 -382
  130. package/lib/assets/docs/article/functional-desgin-ppp/fsharp/06-tdd-functional.md +687 -687
  131. package/lib/assets/docs/article/functional-desgin-ppp/fsharp/07-composite-pattern.md +442 -442
  132. package/lib/assets/docs/article/functional-desgin-ppp/fsharp/08-decorator-pattern.md +479 -479
  133. package/lib/assets/docs/article/functional-desgin-ppp/fsharp/09-adapter-pattern.md +479 -479
  134. package/lib/assets/docs/article/functional-desgin-ppp/fsharp/10-strategy-pattern.md +427 -427
  135. package/lib/assets/docs/article/functional-desgin-ppp/fsharp/11-command-pattern.md +428 -428
  136. package/lib/assets/docs/article/functional-desgin-ppp/fsharp/12-visitor-pattern.md +339 -339
  137. package/lib/assets/docs/article/functional-desgin-ppp/fsharp/13-abstract-factory-pattern.md +309 -309
  138. package/lib/assets/docs/article/functional-desgin-ppp/fsharp/14-abstract-server-pattern.md +596 -596
  139. package/lib/assets/docs/article/functional-desgin-ppp/fsharp/15-gossiping-bus-drivers.md +355 -355
  140. package/lib/assets/docs/article/functional-desgin-ppp/fsharp/16-payroll-system.md +350 -350
  141. package/lib/assets/docs/article/functional-desgin-ppp/fsharp/17-video-rental-system.md +414 -414
  142. package/lib/assets/docs/article/functional-desgin-ppp/fsharp/18-concurrency-system.md +367 -367
  143. package/lib/assets/docs/article/functional-desgin-ppp/fsharp/19-wator-simulation.md +403 -403
  144. package/lib/assets/docs/article/functional-desgin-ppp/fsharp/20-pattern-interactions.md +291 -291
  145. package/lib/assets/docs/article/functional-desgin-ppp/fsharp/21-best-practices.md +324 -324
  146. package/lib/assets/docs/article/functional-desgin-ppp/fsharp/22-oo-to-fp-migration.md +332 -332
  147. package/lib/assets/docs/article/functional-desgin-ppp/fsharp/index.md +274 -274
  148. package/lib/assets/docs/article/functional-desgin-ppp/haskell/01-immutability-and-data-transformation.md +298 -298
  149. package/lib/assets/docs/article/functional-desgin-ppp/haskell/02-function-composition.md +304 -304
  150. package/lib/assets/docs/article/functional-desgin-ppp/haskell/03-polymorphism.md +362 -362
  151. package/lib/assets/docs/article/functional-desgin-ppp/haskell/04-data-validation.md +257 -257
  152. package/lib/assets/docs/article/functional-desgin-ppp/haskell/05-property-based-testing.md +254 -254
  153. package/lib/assets/docs/article/functional-desgin-ppp/haskell/06-tdd-functional.md +283 -283
  154. package/lib/assets/docs/article/functional-desgin-ppp/haskell/07-composite-pattern.md +395 -395
  155. package/lib/assets/docs/article/functional-desgin-ppp/haskell/08-decorator-pattern.md +319 -319
  156. package/lib/assets/docs/article/functional-desgin-ppp/haskell/09-adapter-pattern.md +382 -382
  157. package/lib/assets/docs/article/functional-desgin-ppp/haskell/10-strategy-pattern.md +287 -287
  158. package/lib/assets/docs/article/functional-desgin-ppp/haskell/11-command-pattern.md +303 -303
  159. package/lib/assets/docs/article/functional-desgin-ppp/haskell/12-visitor-pattern.md +326 -326
  160. package/lib/assets/docs/article/functional-desgin-ppp/haskell/13-abstract-factory-pattern.md +332 -332
  161. package/lib/assets/docs/article/functional-desgin-ppp/haskell/14-abstract-server-pattern.md +379 -379
  162. package/lib/assets/docs/article/functional-desgin-ppp/haskell/15-gossiping-bus-drivers.md +177 -177
  163. package/lib/assets/docs/article/functional-desgin-ppp/haskell/16-payroll-system.md +219 -219
  164. package/lib/assets/docs/article/functional-desgin-ppp/haskell/17-video-rental-system.md +244 -244
  165. package/lib/assets/docs/article/functional-desgin-ppp/haskell/18-concurrency-system.md +363 -363
  166. package/lib/assets/docs/article/functional-desgin-ppp/haskell/19-wator-simulation.md +438 -438
  167. package/lib/assets/docs/article/functional-desgin-ppp/haskell/20-pattern-interactions.md +325 -325
  168. package/lib/assets/docs/article/functional-desgin-ppp/haskell/21-best-practices.md +403 -403
  169. package/lib/assets/docs/article/functional-desgin-ppp/haskell/22-oo-to-fp-migration.md +469 -469
  170. package/lib/assets/docs/article/functional-desgin-ppp/haskell/index.md +174 -174
  171. package/lib/assets/docs/article/functional-desgin-ppp/index.md +90 -90
  172. package/lib/assets/docs/article/functional-desgin-ppp/rust/01-immutability-and-data-transformation.md +450 -450
  173. package/lib/assets/docs/article/functional-desgin-ppp/rust/02-function-composition.md +463 -463
  174. package/lib/assets/docs/article/functional-desgin-ppp/rust/03-polymorphism.md +425 -425
  175. package/lib/assets/docs/article/functional-desgin-ppp/rust/04-data-validation.md +273 -273
  176. package/lib/assets/docs/article/functional-desgin-ppp/rust/05-property-based-testing.md +247 -247
  177. package/lib/assets/docs/article/functional-desgin-ppp/rust/06-tdd-and-functional.md +841 -841
  178. package/lib/assets/docs/article/functional-desgin-ppp/rust/07-composite-pattern.md +384 -384
  179. package/lib/assets/docs/article/functional-desgin-ppp/rust/08-decorator-pattern.md +383 -383
  180. package/lib/assets/docs/article/functional-desgin-ppp/rust/09-adapter-pattern.md +339 -339
  181. package/lib/assets/docs/article/functional-desgin-ppp/rust/10-strategy-pattern.md +331 -331
  182. package/lib/assets/docs/article/functional-desgin-ppp/rust/11-command-pattern.md +356 -356
  183. package/lib/assets/docs/article/functional-desgin-ppp/rust/12-visitor-pattern.md +379 -379
  184. package/lib/assets/docs/article/functional-desgin-ppp/rust/13-abstract-factory-pattern.md +361 -361
  185. package/lib/assets/docs/article/functional-desgin-ppp/rust/14-abstract-server-pattern.md +392 -392
  186. package/lib/assets/docs/article/functional-desgin-ppp/rust/15-gossiping-bus-drivers.md +300 -300
  187. package/lib/assets/docs/article/functional-desgin-ppp/rust/16-payroll-system.md +297 -297
  188. package/lib/assets/docs/article/functional-desgin-ppp/rust/17-video-rental-system.md +304 -304
  189. package/lib/assets/docs/article/functional-desgin-ppp/rust/18-concurrency-system.md +315 -315
  190. package/lib/assets/docs/article/functional-desgin-ppp/rust/19-wator-simulation.md +311 -311
  191. package/lib/assets/docs/article/functional-desgin-ppp/rust/20-pattern-interactions.md +304 -304
  192. package/lib/assets/docs/article/functional-desgin-ppp/rust/21-best-practices.md +336 -336
  193. package/lib/assets/docs/article/functional-desgin-ppp/rust/22-oo-to-fp-migration.md +349 -349
  194. package/lib/assets/docs/article/functional-desgin-ppp/rust/index.md +243 -243
  195. package/lib/assets/docs/article/functional-desgin-ppp/scala/01-immutability-and-data-transformation.md +328 -328
  196. package/lib/assets/docs/article/functional-desgin-ppp/scala/02-function-composition.md +348 -348
  197. package/lib/assets/docs/article/functional-desgin-ppp/scala/03-polymorphism.md +357 -357
  198. package/lib/assets/docs/article/functional-desgin-ppp/scala/04-data-validation.md +364 -364
  199. package/lib/assets/docs/article/functional-desgin-ppp/scala/05-property-based-testing.md +515 -515
  200. package/lib/assets/docs/article/functional-desgin-ppp/scala/06-tdd-functional.md +557 -557
  201. package/lib/assets/docs/article/functional-desgin-ppp/scala/07-composite-pattern.md +363 -363
  202. package/lib/assets/docs/article/functional-desgin-ppp/scala/08-decorator-pattern.md +327 -327
  203. package/lib/assets/docs/article/functional-desgin-ppp/scala/09-adapter-pattern.md +517 -517
  204. package/lib/assets/docs/article/functional-desgin-ppp/scala/10-strategy-pattern.md +441 -441
  205. package/lib/assets/docs/article/functional-desgin-ppp/scala/11-command-pattern.md +407 -407
  206. package/lib/assets/docs/article/functional-desgin-ppp/scala/12-visitor-pattern.md +379 -379
  207. package/lib/assets/docs/article/functional-desgin-ppp/scala/13-abstract-factory-pattern.md +398 -398
  208. package/lib/assets/docs/article/functional-desgin-ppp/scala/14-abstract-server-pattern.md +476 -476
  209. package/lib/assets/docs/article/functional-desgin-ppp/scala/15-gossiping-bus-drivers.md +391 -391
  210. package/lib/assets/docs/article/functional-desgin-ppp/scala/16-payroll-system.md +342 -342
  211. package/lib/assets/docs/article/functional-desgin-ppp/scala/17-video-rental-system.md +324 -324
  212. package/lib/assets/docs/article/functional-desgin-ppp/scala/18-concurrency-system.md +730 -730
  213. package/lib/assets/docs/article/functional-desgin-ppp/scala/19-wator-simulation.md +624 -624
  214. package/lib/assets/docs/article/functional-desgin-ppp/scala/20-pattern-interactions.md +512 -512
  215. package/lib/assets/docs/article/functional-desgin-ppp/scala/21-best-practices.md +433 -433
  216. package/lib/assets/docs/article/functional-desgin-ppp/scala/22-oo-to-fp-migration.md +688 -688
  217. package/lib/assets/docs/article/functional-desgin-ppp/scala/index.md +243 -243
  218. package/lib/assets/docs/article/getting-start-tdd/clojure/01-todo-list-and-first-test.md +166 -166
  219. package/lib/assets/docs/article/getting-start-tdd/clojure/02-fake-it-and-triangulation.md +162 -162
  220. package/lib/assets/docs/article/getting-start-tdd/clojure/03-obvious-implementation-and-refactoring.md +135 -135
  221. package/lib/assets/docs/article/getting-start-tdd/clojure/04-version-control-and-conventional-commits.md +88 -88
  222. package/lib/assets/docs/article/getting-start-tdd/clojure/05-package-management-and-static-analysis.md +299 -299
  223. package/lib/assets/docs/article/getting-start-tdd/clojure/06-task-runner-and-ci-cd.md +241 -241
  224. package/lib/assets/docs/article/getting-start-tdd/clojure/07-protocols-and-records.md +131 -131
  225. package/lib/assets/docs/article/getting-start-tdd/clojure/08-multimethods-and-design-patterns.md +130 -130
  226. package/lib/assets/docs/article/getting-start-tdd/clojure/09-namespaces-and-module-design.md +127 -127
  227. package/lib/assets/docs/article/getting-start-tdd/clojure/10-higher-order-functions-and-composition.md +114 -114
  228. package/lib/assets/docs/article/getting-start-tdd/clojure/11-persistent-data-and-pipeline.md +138 -138
  229. package/lib/assets/docs/article/getting-start-tdd/clojure/12-error-handling-and-spec.md +161 -161
  230. package/lib/assets/docs/article/getting-start-tdd/clojure/index.md +65 -65
  231. package/lib/assets/docs/article/getting-start-tdd/csharp/chapter01.md +232 -232
  232. package/lib/assets/docs/article/getting-start-tdd/csharp/chapter02.md +244 -244
  233. package/lib/assets/docs/article/getting-start-tdd/csharp/chapter03.md +202 -202
  234. package/lib/assets/docs/article/getting-start-tdd/csharp/chapter04.md +92 -92
  235. package/lib/assets/docs/article/getting-start-tdd/csharp/chapter05.md +256 -256
  236. package/lib/assets/docs/article/getting-start-tdd/csharp/chapter06.md +195 -195
  237. package/lib/assets/docs/article/getting-start-tdd/csharp/chapter07.md +214 -214
  238. package/lib/assets/docs/article/getting-start-tdd/csharp/chapter08.md +249 -249
  239. package/lib/assets/docs/article/getting-start-tdd/csharp/chapter09.md +174 -174
  240. package/lib/assets/docs/article/getting-start-tdd/csharp/chapter10.md +166 -166
  241. package/lib/assets/docs/article/getting-start-tdd/csharp/chapter11.md +192 -192
  242. package/lib/assets/docs/article/getting-start-tdd/csharp/chapter12.md +211 -211
  243. package/lib/assets/docs/article/getting-start-tdd/csharp/index.md +83 -83
  244. package/lib/assets/docs/article/getting-start-tdd/elixir/01-todo-list-and-first-test.md +87 -87
  245. package/lib/assets/docs/article/getting-start-tdd/elixir/02-fake-it-and-triangulation.md +95 -95
  246. package/lib/assets/docs/article/getting-start-tdd/elixir/03-obvious-implementation-and-refactoring.md +109 -109
  247. package/lib/assets/docs/article/getting-start-tdd/elixir/04-version-control-and-conventional-commits.md +96 -96
  248. package/lib/assets/docs/article/getting-start-tdd/elixir/05-package-management-and-static-analysis.md +88 -88
  249. package/lib/assets/docs/article/getting-start-tdd/elixir/06-task-runner-and-ci-cd.md +71 -71
  250. package/lib/assets/docs/article/getting-start-tdd/elixir/07-structs-and-protocols.md +110 -110
  251. package/lib/assets/docs/article/getting-start-tdd/elixir/08-pattern-matching-and-guards.md +108 -108
  252. package/lib/assets/docs/article/getting-start-tdd/elixir/09-module-design-and-behaviours.md +104 -104
  253. package/lib/assets/docs/article/getting-start-tdd/elixir/10-higher-order-functions-and-pipeline.md +178 -178
  254. package/lib/assets/docs/article/getting-start-tdd/elixir/11-stream-and-lazy-evaluation.md +142 -142
  255. package/lib/assets/docs/article/getting-start-tdd/elixir/12-error-handling-and-with.md +145 -145
  256. package/lib/assets/docs/article/getting-start-tdd/elixir/index.md +35 -35
  257. package/lib/assets/docs/article/getting-start-tdd/fsharp/chapter01.md +202 -202
  258. package/lib/assets/docs/article/getting-start-tdd/fsharp/chapter02.md +246 -246
  259. package/lib/assets/docs/article/getting-start-tdd/fsharp/chapter03.md +218 -218
  260. package/lib/assets/docs/article/getting-start-tdd/fsharp/chapter04.md +179 -179
  261. package/lib/assets/docs/article/getting-start-tdd/fsharp/chapter05.md +267 -267
  262. package/lib/assets/docs/article/getting-start-tdd/fsharp/chapter06.md +190 -190
  263. package/lib/assets/docs/article/getting-start-tdd/fsharp/chapter07.md +161 -161
  264. package/lib/assets/docs/article/getting-start-tdd/fsharp/chapter08.md +175 -175
  265. package/lib/assets/docs/article/getting-start-tdd/fsharp/chapter09.md +222 -222
  266. package/lib/assets/docs/article/getting-start-tdd/fsharp/chapter10.md +189 -189
  267. package/lib/assets/docs/article/getting-start-tdd/fsharp/chapter11.md +212 -212
  268. package/lib/assets/docs/article/getting-start-tdd/fsharp/chapter12.md +215 -215
  269. package/lib/assets/docs/article/getting-start-tdd/fsharp/index.md +71 -71
  270. package/lib/assets/docs/article/getting-start-tdd/go/01-todo-list-and-first-test.md +213 -213
  271. package/lib/assets/docs/article/getting-start-tdd/go/02-fake-it-and-triangulation.md +302 -302
  272. package/lib/assets/docs/article/getting-start-tdd/go/03-obvious-implementation-and-refactoring.md +339 -339
  273. package/lib/assets/docs/article/getting-start-tdd/go/04-version-control-and-conventional-commits.md +112 -112
  274. package/lib/assets/docs/article/getting-start-tdd/go/05-package-management-and-static-analysis.md +272 -272
  275. package/lib/assets/docs/article/getting-start-tdd/go/06-task-runner-and-ci-cd.md +233 -233
  276. package/lib/assets/docs/article/getting-start-tdd/go/07-encapsulation-and-polymorphism.md +394 -394
  277. package/lib/assets/docs/article/getting-start-tdd/go/08-design-patterns.md +422 -422
  278. package/lib/assets/docs/article/getting-start-tdd/go/09-solid-principles-and-module-design.md +400 -400
  279. package/lib/assets/docs/article/getting-start-tdd/go/10-higher-order-functions-and-composition.md +226 -226
  280. package/lib/assets/docs/article/getting-start-tdd/go/11-immutable-data-and-pipeline.md +296 -296
  281. package/lib/assets/docs/article/getting-start-tdd/go/12-error-handling-and-type-safety.md +411 -411
  282. package/lib/assets/docs/article/getting-start-tdd/go/index.md +83 -83
  283. package/lib/assets/docs/article/getting-start-tdd/haskell/01-todo-list-and-first-test.md +279 -279
  284. package/lib/assets/docs/article/getting-start-tdd/haskell/02-fake-it-and-triangulation.md +337 -337
  285. package/lib/assets/docs/article/getting-start-tdd/haskell/03-obvious-implementation-and-refactoring.md +257 -257
  286. package/lib/assets/docs/article/getting-start-tdd/haskell/04-version-control-and-conventional-commits.md +182 -182
  287. package/lib/assets/docs/article/getting-start-tdd/haskell/05-package-management-and-static-analysis.md +313 -313
  288. package/lib/assets/docs/article/getting-start-tdd/haskell/06-task-runner-and-ci-cd.md +309 -309
  289. package/lib/assets/docs/article/getting-start-tdd/haskell/07-algebraic-data-types-and-type-classes.md +412 -412
  290. package/lib/assets/docs/article/getting-start-tdd/haskell/08-pattern-matching-and-guards.md +390 -390
  291. package/lib/assets/docs/article/getting-start-tdd/haskell/09-module-design-and-smart-constructors.md +461 -461
  292. package/lib/assets/docs/article/getting-start-tdd/haskell/10-higher-order-functions-and-currying.md +434 -434
  293. package/lib/assets/docs/article/getting-start-tdd/haskell/11-function-composition-and-point-free.md +392 -392
  294. package/lib/assets/docs/article/getting-start-tdd/haskell/12-monad-and-error-handling.md +631 -631
  295. package/lib/assets/docs/article/getting-start-tdd/haskell/index.md +49 -49
  296. package/lib/assets/docs/article/getting-start-tdd/index.md +93 -93
  297. package/lib/assets/docs/article/getting-start-tdd/integration/01-language-overview.md +375 -375
  298. package/lib/assets/docs/article/getting-start-tdd/integration/02-test-framework-comparison.md +349 -349
  299. package/lib/assets/docs/article/getting-start-tdd/integration/03-tdd-pattern-comparison.md +445 -445
  300. package/lib/assets/docs/article/getting-start-tdd/integration/04-type-system-comparison.md +409 -409
  301. package/lib/assets/docs/article/getting-start-tdd/integration/05-dev-environment-comparison.md +330 -330
  302. package/lib/assets/docs/article/getting-start-tdd/integration/06-learning-roadmap.md +290 -290
  303. package/lib/assets/docs/article/getting-start-tdd/integration/index.md +69 -69
  304. package/lib/assets/docs/article/getting-start-tdd/java/01-todo-list-and-first-test.md +234 -234
  305. package/lib/assets/docs/article/getting-start-tdd/java/02-fake-it-and-triangulation.md +261 -261
  306. package/lib/assets/docs/article/getting-start-tdd/java/03-obvious-implementation-and-refactoring.md +185 -185
  307. package/lib/assets/docs/article/getting-start-tdd/java/04-version-control-and-conventional-commits.md +115 -115
  308. package/lib/assets/docs/article/getting-start-tdd/java/05-package-management-and-static-analysis.md +382 -382
  309. package/lib/assets/docs/article/getting-start-tdd/java/06-task-runner-and-ci-cd.md +272 -272
  310. package/lib/assets/docs/article/getting-start-tdd/java/07-encapsulation-and-polymorphism.md +626 -626
  311. package/lib/assets/docs/article/getting-start-tdd/java/08-design-patterns.md +393 -393
  312. package/lib/assets/docs/article/getting-start-tdd/java/09-solid-principles-and-module-design.md +310 -310
  313. package/lib/assets/docs/article/getting-start-tdd/java/10-higher-order-functions-and-composition.md +188 -188
  314. package/lib/assets/docs/article/getting-start-tdd/java/11-immutable-data-and-pipeline.md +167 -167
  315. package/lib/assets/docs/article/getting-start-tdd/java/12-error-handling-and-type-safety.md +205 -205
  316. package/lib/assets/docs/article/getting-start-tdd/java/index.md +61 -61
  317. package/lib/assets/docs/article/getting-start-tdd/node/01-todo-list-and-first-test.md +244 -244
  318. package/lib/assets/docs/article/getting-start-tdd/node/02-fake-it-and-triangulation.md +262 -262
  319. package/lib/assets/docs/article/getting-start-tdd/node/03-obvious-implementation-and-refactoring.md +169 -169
  320. package/lib/assets/docs/article/getting-start-tdd/node/04-version-control-and-conventional-commits.md +112 -112
  321. package/lib/assets/docs/article/getting-start-tdd/node/05-package-management-and-static-analysis.md +314 -314
  322. package/lib/assets/docs/article/getting-start-tdd/node/06-task-runner-and-ci-cd.md +235 -235
  323. package/lib/assets/docs/article/getting-start-tdd/node/07-encapsulation-and-polymorphism.md +327 -327
  324. package/lib/assets/docs/article/getting-start-tdd/node/08-design-patterns.md +322 -322
  325. package/lib/assets/docs/article/getting-start-tdd/node/09-solid-principles-and-module-design.md +285 -285
  326. package/lib/assets/docs/article/getting-start-tdd/node/10-higher-order-functions-and-composition.md +199 -199
  327. package/lib/assets/docs/article/getting-start-tdd/node/11-immutable-data-and-pipeline.md +207 -207
  328. package/lib/assets/docs/article/getting-start-tdd/node/12-error-handling-and-type-safety.md +295 -295
  329. package/lib/assets/docs/article/getting-start-tdd/node/index.md +56 -56
  330. package/lib/assets/docs/article/getting-start-tdd/php/01-todo-list-and-first-test.md +259 -259
  331. package/lib/assets/docs/article/getting-start-tdd/php/02-fake-it-and-triangulation.md +200 -200
  332. package/lib/assets/docs/article/getting-start-tdd/php/03-obvious-implementation-and-refactoring.md +248 -248
  333. package/lib/assets/docs/article/getting-start-tdd/php/04-version-control-and-conventional-commits.md +141 -141
  334. package/lib/assets/docs/article/getting-start-tdd/php/05-package-management-and-static-analysis.md +410 -410
  335. package/lib/assets/docs/article/getting-start-tdd/php/06-task-runner-and-ci-cd.md +321 -321
  336. package/lib/assets/docs/article/getting-start-tdd/php/07-encapsulation-and-polymorphism.md +372 -372
  337. package/lib/assets/docs/article/getting-start-tdd/php/08-design-patterns.md +453 -453
  338. package/lib/assets/docs/article/getting-start-tdd/php/09-solid-principles-and-module-design.md +460 -460
  339. package/lib/assets/docs/article/getting-start-tdd/php/10-higher-order-functions-and-composition.md +182 -182
  340. package/lib/assets/docs/article/getting-start-tdd/php/11-immutable-data-and-pipeline.md +266 -266
  341. package/lib/assets/docs/article/getting-start-tdd/php/12-error-handling-and-type-safety.md +308 -308
  342. package/lib/assets/docs/article/getting-start-tdd/php/index.md +84 -84
  343. package/lib/assets/docs/article/getting-start-tdd/python/01-todo-list-and-first-test.md +201 -201
  344. package/lib/assets/docs/article/getting-start-tdd/python/02-fake-it-and-triangulation.md +247 -247
  345. package/lib/assets/docs/article/getting-start-tdd/python/03-obvious-implementation-and-refactoring.md +199 -199
  346. package/lib/assets/docs/article/getting-start-tdd/python/04-version-control-and-conventional-commits.md +87 -87
  347. package/lib/assets/docs/article/getting-start-tdd/python/05-package-management-and-static-analysis.md +274 -274
  348. package/lib/assets/docs/article/getting-start-tdd/python/06-task-runner-and-ci-cd.md +190 -190
  349. package/lib/assets/docs/article/getting-start-tdd/python/07-encapsulation-and-polymorphism.md +208 -208
  350. package/lib/assets/docs/article/getting-start-tdd/python/08-design-patterns.md +172 -172
  351. package/lib/assets/docs/article/getting-start-tdd/python/09-solid-principles-and-module-design.md +130 -130
  352. package/lib/assets/docs/article/getting-start-tdd/python/10-higher-order-functions-and-composition.md +122 -122
  353. package/lib/assets/docs/article/getting-start-tdd/python/11-immutable-data-and-pipeline.md +116 -116
  354. package/lib/assets/docs/article/getting-start-tdd/python/12-error-handling-and-type-safety.md +126 -126
  355. package/lib/assets/docs/article/getting-start-tdd/python/index.md +55 -55
  356. package/lib/assets/docs/article/getting-start-tdd/ruby/01-todo-list-and-first-test.md +231 -231
  357. package/lib/assets/docs/article/getting-start-tdd/ruby/02-fake-it-and-triangulation.md +238 -238
  358. package/lib/assets/docs/article/getting-start-tdd/ruby/03-obvious-implementation-and-refactoring.md +228 -228
  359. package/lib/assets/docs/article/getting-start-tdd/ruby/04-version-control-and-conventional-commits.md +112 -112
  360. package/lib/assets/docs/article/getting-start-tdd/ruby/05-package-management-and-static-analysis.md +287 -287
  361. package/lib/assets/docs/article/getting-start-tdd/ruby/06-task-runner-and-ci-cd.md +248 -248
  362. package/lib/assets/docs/article/getting-start-tdd/ruby/07-encapsulation-and-polymorphism.md +279 -279
  363. package/lib/assets/docs/article/getting-start-tdd/ruby/08-design-patterns.md +329 -329
  364. package/lib/assets/docs/article/getting-start-tdd/ruby/09-solid-principles-and-module-design.md +196 -196
  365. package/lib/assets/docs/article/getting-start-tdd/ruby/10-higher-order-functions-and-composition.md +175 -175
  366. package/lib/assets/docs/article/getting-start-tdd/ruby/11-immutable-data-and-pipeline.md +237 -237
  367. package/lib/assets/docs/article/getting-start-tdd/ruby/12-error-handling-and-type-safety.md +398 -398
  368. package/lib/assets/docs/article/getting-start-tdd/ruby/index.md +83 -83
  369. package/lib/assets/docs/article/getting-start-tdd/rust/01-todo-list-and-first-test.md +211 -211
  370. package/lib/assets/docs/article/getting-start-tdd/rust/02-fake-it-and-triangulation.md +264 -264
  371. package/lib/assets/docs/article/getting-start-tdd/rust/03-obvious-implementation-and-refactoring.md +233 -233
  372. package/lib/assets/docs/article/getting-start-tdd/rust/04-version-control-and-conventional-commits.md +92 -92
  373. package/lib/assets/docs/article/getting-start-tdd/rust/05-package-management-and-static-analysis.md +212 -212
  374. package/lib/assets/docs/article/getting-start-tdd/rust/06-task-runner-and-ci-cd.md +164 -164
  375. package/lib/assets/docs/article/getting-start-tdd/rust/07-encapsulation-and-polymorphism.md +142 -142
  376. package/lib/assets/docs/article/getting-start-tdd/rust/08-design-patterns.md +145 -145
  377. package/lib/assets/docs/article/getting-start-tdd/rust/09-solid-principles-and-module-design.md +110 -110
  378. package/lib/assets/docs/article/getting-start-tdd/rust/10-higher-order-functions-and-composition.md +94 -94
  379. package/lib/assets/docs/article/getting-start-tdd/rust/11-immutable-data-and-pipeline.md +105 -105
  380. package/lib/assets/docs/article/getting-start-tdd/rust/12-error-handling-and-type-safety.md +112 -112
  381. package/lib/assets/docs/article/getting-start-tdd/rust/index.md +83 -83
  382. package/lib/assets/docs/article/getting-start-tdd/scala/01-todo-list-and-first-test.md +111 -111
  383. package/lib/assets/docs/article/getting-start-tdd/scala/02-fake-it-and-triangulation.md +107 -107
  384. package/lib/assets/docs/article/getting-start-tdd/scala/03-obvious-implementation-and-refactoring.md +99 -99
  385. package/lib/assets/docs/article/getting-start-tdd/scala/04-version-control-and-conventional-commits.md +123 -123
  386. package/lib/assets/docs/article/getting-start-tdd/scala/05-package-management-and-static-analysis.md +196 -196
  387. package/lib/assets/docs/article/getting-start-tdd/scala/06-task-runner-and-ci-cd.md +186 -186
  388. package/lib/assets/docs/article/getting-start-tdd/scala/07-case-classes-and-traits.md +139 -139
  389. package/lib/assets/docs/article/getting-start-tdd/scala/08-pattern-matching-and-sealed-traits.md +106 -106
  390. package/lib/assets/docs/article/getting-start-tdd/scala/09-packages-and-module-design.md +75 -75
  391. package/lib/assets/docs/article/getting-start-tdd/scala/10-higher-order-functions-and-composition.md +104 -104
  392. package/lib/assets/docs/article/getting-start-tdd/scala/11-collections-and-lazy-evaluation.md +94 -94
  393. package/lib/assets/docs/article/getting-start-tdd/scala/12-error-handling-and-type-safety.md +92 -92
  394. package/lib/assets/docs/article/getting-start-tdd/scala/index.md +65 -65
  395. package/lib/assets/docs/article/grokking-concurrency/all/index.md +404 -404
  396. package/lib/assets/docs/article/grokking-concurrency/all/part-1-ch02-sequential.md +554 -554
  397. package/lib/assets/docs/article/grokking-concurrency/all/part-2-ch04-05-threads.md +469 -469
  398. package/lib/assets/docs/article/grokking-concurrency/all/part-3-ch06-multitasking.md +520 -520
  399. package/lib/assets/docs/article/grokking-concurrency/all/part-4-ch07-parallel-patterns.md +420 -420
  400. package/lib/assets/docs/article/grokking-concurrency/all/part-5-ch08-09-synchronization.md +510 -510
  401. package/lib/assets/docs/article/grokking-concurrency/all/part-6-ch10-11-nonblocking-io.md +435 -435
  402. package/lib/assets/docs/article/grokking-concurrency/all/part-7-ch12-async.md +465 -465
  403. package/lib/assets/docs/article/grokking-concurrency/all/part-8-ch13-mapreduce.md +377 -377
  404. package/lib/assets/docs/article/grokking-concurrency/clojure/index.md +116 -116
  405. package/lib/assets/docs/article/grokking-concurrency/clojure/part-1.md +108 -108
  406. package/lib/assets/docs/article/grokking-concurrency/clojure/part-2.md +101 -101
  407. package/lib/assets/docs/article/grokking-concurrency/clojure/part-3.md +122 -122
  408. package/lib/assets/docs/article/grokking-concurrency/clojure/part-4.md +123 -123
  409. package/lib/assets/docs/article/grokking-concurrency/clojure/part-5.md +118 -118
  410. package/lib/assets/docs/article/grokking-concurrency/clojure/part-6.md +89 -89
  411. package/lib/assets/docs/article/grokking-concurrency/clojure/part-7.md +100 -100
  412. package/lib/assets/docs/article/grokking-concurrency/clojure/part-8.md +120 -120
  413. package/lib/assets/docs/article/grokking-concurrency/csharp/index.md +101 -101
  414. package/lib/assets/docs/article/grokking-concurrency/csharp/part-1.md +97 -97
  415. package/lib/assets/docs/article/grokking-concurrency/csharp/part-2.md +123 -123
  416. package/lib/assets/docs/article/grokking-concurrency/csharp/part-3.md +101 -101
  417. package/lib/assets/docs/article/grokking-concurrency/csharp/part-4.md +112 -112
  418. package/lib/assets/docs/article/grokking-concurrency/csharp/part-5.md +99 -99
  419. package/lib/assets/docs/article/grokking-concurrency/csharp/part-6.md +61 -61
  420. package/lib/assets/docs/article/grokking-concurrency/csharp/part-7.md +84 -84
  421. package/lib/assets/docs/article/grokking-concurrency/csharp/part-8.md +92 -92
  422. package/lib/assets/docs/article/grokking-concurrency/fsharp/index.md +65 -65
  423. package/lib/assets/docs/article/grokking-concurrency/fsharp/part-1.md +80 -80
  424. package/lib/assets/docs/article/grokking-concurrency/fsharp/part-2.md +103 -103
  425. package/lib/assets/docs/article/grokking-concurrency/fsharp/part-3.md +94 -94
  426. package/lib/assets/docs/article/grokking-concurrency/fsharp/part-4.md +110 -110
  427. package/lib/assets/docs/article/grokking-concurrency/fsharp/part-5.md +104 -104
  428. package/lib/assets/docs/article/grokking-concurrency/fsharp/part-6.md +93 -93
  429. package/lib/assets/docs/article/grokking-concurrency/fsharp/part-7.md +121 -121
  430. package/lib/assets/docs/article/grokking-concurrency/fsharp/part-8.md +107 -107
  431. package/lib/assets/docs/article/grokking-concurrency/haskell/index.md +248 -248
  432. package/lib/assets/docs/article/grokking-concurrency/haskell/part-1.md +96 -96
  433. package/lib/assets/docs/article/grokking-concurrency/haskell/part-2.md +96 -96
  434. package/lib/assets/docs/article/grokking-concurrency/haskell/part-3.md +91 -91
  435. package/lib/assets/docs/article/grokking-concurrency/haskell/part-4.md +106 -106
  436. package/lib/assets/docs/article/grokking-concurrency/haskell/part-5.md +99 -99
  437. package/lib/assets/docs/article/grokking-concurrency/haskell/part-6.md +95 -95
  438. package/lib/assets/docs/article/grokking-concurrency/haskell/part-7.md +111 -111
  439. package/lib/assets/docs/article/grokking-concurrency/haskell/part-8.md +118 -118
  440. package/lib/assets/docs/article/grokking-concurrency/index.md +66 -66
  441. package/lib/assets/docs/article/grokking-concurrency/java/index.md +102 -102
  442. package/lib/assets/docs/article/grokking-concurrency/java/part-1.md +308 -308
  443. package/lib/assets/docs/article/grokking-concurrency/java/part-2.md +334 -334
  444. package/lib/assets/docs/article/grokking-concurrency/java/part-3.md +221 -221
  445. package/lib/assets/docs/article/grokking-concurrency/java/part-4.md +213 -213
  446. package/lib/assets/docs/article/grokking-concurrency/java/part-5.md +112 -112
  447. package/lib/assets/docs/article/grokking-concurrency/java/part-6.md +69 -69
  448. package/lib/assets/docs/article/grokking-concurrency/java/part-7.md +101 -101
  449. package/lib/assets/docs/article/grokking-concurrency/java/part-8.md +101 -101
  450. package/lib/assets/docs/article/grokking-concurrency/python/index.md +313 -313
  451. package/lib/assets/docs/article/grokking-concurrency/python/part-1.md +239 -239
  452. package/lib/assets/docs/article/grokking-concurrency/python/part-2.md +418 -418
  453. package/lib/assets/docs/article/grokking-concurrency/python/part-3.md +227 -227
  454. package/lib/assets/docs/article/grokking-concurrency/python/part-4.md +299 -299
  455. package/lib/assets/docs/article/grokking-concurrency/python/part-5.md +315 -315
  456. package/lib/assets/docs/article/grokking-concurrency/python/part-6.md +297 -297
  457. package/lib/assets/docs/article/grokking-concurrency/python/part-7.md +314 -314
  458. package/lib/assets/docs/article/grokking-concurrency/python/part-8.md +360 -360
  459. package/lib/assets/docs/article/grokking-concurrency/rust/index.md +270 -270
  460. package/lib/assets/docs/article/grokking-concurrency/rust/part-1.md +108 -108
  461. package/lib/assets/docs/article/grokking-concurrency/rust/part-2.md +120 -120
  462. package/lib/assets/docs/article/grokking-concurrency/rust/part-3.md +126 -126
  463. package/lib/assets/docs/article/grokking-concurrency/rust/part-4.md +175 -175
  464. package/lib/assets/docs/article/grokking-concurrency/rust/part-5.md +158 -158
  465. package/lib/assets/docs/article/grokking-concurrency/rust/part-6.md +94 -94
  466. package/lib/assets/docs/article/grokking-concurrency/rust/part-7.md +133 -133
  467. package/lib/assets/docs/article/grokking-concurrency/rust/part-8.md +155 -155
  468. package/lib/assets/docs/article/grokking-concurrency/scala/index.md +69 -69
  469. package/lib/assets/docs/article/grokking-concurrency/scala/part-1.md +78 -78
  470. package/lib/assets/docs/article/grokking-concurrency/scala/part-2.md +112 -112
  471. package/lib/assets/docs/article/grokking-concurrency/scala/part-3.md +93 -93
  472. package/lib/assets/docs/article/grokking-concurrency/scala/part-4.md +110 -110
  473. package/lib/assets/docs/article/grokking-concurrency/scala/part-5.md +119 -119
  474. package/lib/assets/docs/article/grokking-concurrency/scala/part-6.md +83 -83
  475. package/lib/assets/docs/article/grokking-concurrency/scala/part-7.md +131 -131
  476. package/lib/assets/docs/article/grokking-concurrency/scala/part-8.md +129 -129
  477. package/lib/assets/docs/article/grokkingfp/all/index.md +368 -368
  478. package/lib/assets/docs/article/grokkingfp/all/part-1-ch01-fp-introduction.md +530 -530
  479. package/lib/assets/docs/article/grokkingfp/all/part-1-ch02-pure-functions.md +923 -923
  480. package/lib/assets/docs/article/grokkingfp/all/part-2-ch03-immutable-data.md +1128 -1128
  481. package/lib/assets/docs/article/grokkingfp/all/part-2-ch04-higher-order-functions.md +1104 -1104
  482. package/lib/assets/docs/article/grokkingfp/all/part-2-ch05-flatmap.md +1026 -1026
  483. package/lib/assets/docs/article/grokkingfp/all/part-3-ch06-option.md +785 -785
  484. package/lib/assets/docs/article/grokkingfp/all/part-3-ch07-either-adt.md +871 -871
  485. package/lib/assets/docs/article/grokkingfp/all/part-4-ch08-io-monad.md +972 -972
  486. package/lib/assets/docs/article/grokkingfp/all/part-4-ch09-streams.md +926 -926
  487. package/lib/assets/docs/article/grokkingfp/all/part-5-ch10-concurrency.md +870 -870
  488. package/lib/assets/docs/article/grokkingfp/all/part-6-ch11-application.md +715 -715
  489. package/lib/assets/docs/article/grokkingfp/all/part-6-ch12-testing.md +626 -626
  490. package/lib/assets/docs/article/grokkingfp/all/writing-plan.md +712 -712
  491. package/lib/assets/docs/article/grokkingfp/clojure/index.md +276 -276
  492. package/lib/assets/docs/article/grokkingfp/clojure/part-1.md +667 -667
  493. package/lib/assets/docs/article/grokkingfp/clojure/part-2.md +643 -643
  494. package/lib/assets/docs/article/grokkingfp/clojure/part-3.md +620 -620
  495. package/lib/assets/docs/article/grokkingfp/clojure/part-4.md +697 -697
  496. package/lib/assets/docs/article/grokkingfp/clojure/part-5.md +751 -751
  497. package/lib/assets/docs/article/grokkingfp/clojure/part-6.md +721 -721
  498. package/lib/assets/docs/article/grokkingfp/csharp/index.md +246 -246
  499. package/lib/assets/docs/article/grokkingfp/csharp/part-1.md +811 -811
  500. package/lib/assets/docs/article/grokkingfp/csharp/part-2.md +971 -971
  501. package/lib/assets/docs/article/grokkingfp/csharp/part-3.md +981 -981
  502. package/lib/assets/docs/article/grokkingfp/csharp/part-4.md +949 -949
  503. package/lib/assets/docs/article/grokkingfp/csharp/part-5.md +947 -947
  504. package/lib/assets/docs/article/grokkingfp/csharp/part-6.md +739 -739
  505. package/lib/assets/docs/article/grokkingfp/elixir/index.md +203 -203
  506. package/lib/assets/docs/article/grokkingfp/elixir/part-1.md +712 -712
  507. package/lib/assets/docs/article/grokkingfp/elixir/part-2.md +838 -838
  508. package/lib/assets/docs/article/grokkingfp/elixir/part-3.md +985 -985
  509. package/lib/assets/docs/article/grokkingfp/elixir/part-4.md +974 -974
  510. package/lib/assets/docs/article/grokkingfp/elixir/part-5.md +1286 -1286
  511. package/lib/assets/docs/article/grokkingfp/elixir/part-6.md +1049 -1049
  512. package/lib/assets/docs/article/grokkingfp/fsharp/index.md +210 -210
  513. package/lib/assets/docs/article/grokkingfp/fsharp/part-1.md +714 -714
  514. package/lib/assets/docs/article/grokkingfp/fsharp/part-2.md +961 -961
  515. package/lib/assets/docs/article/grokkingfp/fsharp/part-3.md +972 -972
  516. package/lib/assets/docs/article/grokkingfp/fsharp/part-4.md +832 -832
  517. package/lib/assets/docs/article/grokkingfp/fsharp/part-5.md +911 -911
  518. package/lib/assets/docs/article/grokkingfp/fsharp/part-6.md +922 -922
  519. package/lib/assets/docs/article/grokkingfp/haskell/index.md +234 -234
  520. package/lib/assets/docs/article/grokkingfp/haskell/part-1.md +591 -591
  521. package/lib/assets/docs/article/grokkingfp/haskell/part-2.md +866 -866
  522. package/lib/assets/docs/article/grokkingfp/haskell/part-3.md +915 -915
  523. package/lib/assets/docs/article/grokkingfp/haskell/part-4.md +878 -878
  524. package/lib/assets/docs/article/grokkingfp/haskell/part-5.md +845 -845
  525. package/lib/assets/docs/article/grokkingfp/haskell/part-6.md +844 -844
  526. package/lib/assets/docs/article/grokkingfp/index.md +143 -143
  527. package/lib/assets/docs/article/grokkingfp/java/index.md +211 -211
  528. package/lib/assets/docs/article/grokkingfp/java/part-1.md +648 -648
  529. package/lib/assets/docs/article/grokkingfp/java/part-2.md +675 -675
  530. package/lib/assets/docs/article/grokkingfp/java/part-3.md +672 -672
  531. package/lib/assets/docs/article/grokkingfp/java/part-4.md +771 -771
  532. package/lib/assets/docs/article/grokkingfp/java/part-5.md +959 -959
  533. package/lib/assets/docs/article/grokkingfp/java/part-6.md +1328 -1328
  534. package/lib/assets/docs/article/grokkingfp/python/index.md +258 -258
  535. package/lib/assets/docs/article/grokkingfp/python/part-1.md +443 -443
  536. package/lib/assets/docs/article/grokkingfp/python/part-2.md +958 -958
  537. package/lib/assets/docs/article/grokkingfp/python/part-3.md +1004 -1004
  538. package/lib/assets/docs/article/grokkingfp/python/part-4.md +765 -765
  539. package/lib/assets/docs/article/grokkingfp/python/part-5.md +747 -747
  540. package/lib/assets/docs/article/grokkingfp/python/part-6.md +861 -861
  541. package/lib/assets/docs/article/grokkingfp/ruby/index.md +330 -330
  542. package/lib/assets/docs/article/grokkingfp/ruby/part-1.md +755 -755
  543. package/lib/assets/docs/article/grokkingfp/ruby/part-2.md +938 -938
  544. package/lib/assets/docs/article/grokkingfp/ruby/part-3.md +946 -946
  545. package/lib/assets/docs/article/grokkingfp/ruby/part-4.md +921 -921
  546. package/lib/assets/docs/article/grokkingfp/ruby/part-5.md +908 -908
  547. package/lib/assets/docs/article/grokkingfp/ruby/part-6.md +1412 -1412
  548. package/lib/assets/docs/article/grokkingfp/rust/index.md +242 -242
  549. package/lib/assets/docs/article/grokkingfp/rust/part-1.md +634 -634
  550. package/lib/assets/docs/article/grokkingfp/rust/part-2.md +1060 -1060
  551. package/lib/assets/docs/article/grokkingfp/rust/part-3.md +994 -994
  552. package/lib/assets/docs/article/grokkingfp/rust/part-4.md +573 -573
  553. package/lib/assets/docs/article/grokkingfp/rust/part-5.md +705 -705
  554. package/lib/assets/docs/article/grokkingfp/rust/part-6.md +508 -508
  555. package/lib/assets/docs/article/grokkingfp/scala/index.md +171 -171
  556. package/lib/assets/docs/article/grokkingfp/scala/part-1.md +543 -543
  557. package/lib/assets/docs/article/grokkingfp/scala/part-2.md +946 -946
  558. package/lib/assets/docs/article/grokkingfp/scala/part-3.md +919 -919
  559. package/lib/assets/docs/article/grokkingfp/scala/part-4.md +742 -742
  560. package/lib/assets/docs/article/grokkingfp/scala/part-5.md +722 -722
  561. package/lib/assets/docs/article/grokkingfp/scala/part-6.md +867 -867
  562. package/lib/assets/docs/article/grokkingfp/typescript/index.md +273 -273
  563. package/lib/assets/docs/article/grokkingfp/typescript/part-1.md +561 -561
  564. package/lib/assets/docs/article/grokkingfp/typescript/part-2.md +1129 -1129
  565. package/lib/assets/docs/article/grokkingfp/typescript/part-3.md +842 -842
  566. package/lib/assets/docs/article/grokkingfp/typescript/part-4.md +1087 -1087
  567. package/lib/assets/docs/article/grokkingfp/typescript/part-5.md +717 -717
  568. package/lib/assets/docs/article/grokkingfp/typescript/part-6.md +982 -982
  569. package/lib/assets/docs/article/practical-database-design/index.md +121 -121
  570. package/lib/assets/docs/article/practical-database-design/part1/chapter01.md +288 -288
  571. package/lib/assets/docs/article/practical-database-design/part1/chapter02.md +518 -518
  572. package/lib/assets/docs/article/practical-database-design/part1/chapter03.md +557 -557
  573. package/lib/assets/docs/article/practical-database-design/part2/chapter04.md +924 -924
  574. package/lib/assets/docs/article/practical-database-design/part2/chapter05.md +1627 -1627
  575. package/lib/assets/docs/article/practical-database-design/part2/chapter06.md +2716 -2716
  576. package/lib/assets/docs/article/practical-database-design/part2/chapter07.md +2082 -2082
  577. package/lib/assets/docs/article/practical-database-design/part2/chapter08.md +2105 -2105
  578. package/lib/assets/docs/article/practical-database-design/part2/chapter09.md +2031 -2031
  579. package/lib/assets/docs/article/practical-database-design/part2/chapter10.md +1387 -1387
  580. package/lib/assets/docs/article/practical-database-design/part2/chapter11.md +1677 -1677
  581. package/lib/assets/docs/article/practical-database-design/part2/chapter12.md +1417 -1417
  582. package/lib/assets/docs/article/practical-database-design/part2/chapter13.md +1434 -1434
  583. package/lib/assets/docs/article/practical-database-design/part3/chapter14.md +667 -667
  584. package/lib/assets/docs/article/practical-database-design/part3/chapter15.md +1625 -1625
  585. package/lib/assets/docs/article/practical-database-design/part3/chapter16.md +1915 -1915
  586. package/lib/assets/docs/article/practical-database-design/part3/chapter17.md +1708 -1708
  587. package/lib/assets/docs/article/practical-database-design/part3/chapter18.md +2095 -2095
  588. package/lib/assets/docs/article/practical-database-design/part3/chapter19.md +1123 -1123
  589. package/lib/assets/docs/article/practical-database-design/part3/chapter20.md +1031 -1031
  590. package/lib/assets/docs/article/practical-database-design/part3/chapter21.md +1382 -1382
  591. package/lib/assets/docs/article/practical-database-design/part3-orm/chapter14-orm.md +991 -991
  592. package/lib/assets/docs/article/practical-database-design/part3-orm/chapter15-orm.md +1300 -1300
  593. package/lib/assets/docs/article/practical-database-design/part3-orm/chapter16-orm.md +1166 -1166
  594. package/lib/assets/docs/article/practical-database-design/part3-orm/chapter17-orm.md +1584 -1584
  595. package/lib/assets/docs/article/practical-database-design/part3-orm/chapter18-orm.md +1183 -1183
  596. package/lib/assets/docs/article/practical-database-design/part3-orm/chapter19-orm.md +1016 -1016
  597. package/lib/assets/docs/article/practical-database-design/part3-orm/chapter20-orm.md +1753 -1753
  598. package/lib/assets/docs/article/practical-database-design/part3-orm/chapter21-orm.md +1447 -1447
  599. package/lib/assets/docs/article/practical-database-design/part3-orm/chapter22-orm.md +1878 -1878
  600. package/lib/assets/docs/article/practical-database-design/part4/chapter22.md +965 -965
  601. package/lib/assets/docs/article/practical-database-design/part4/chapter23.md +2069 -2069
  602. package/lib/assets/docs/article/practical-database-design/part4/chapter24.md +2439 -2439
  603. package/lib/assets/docs/article/practical-database-design/part4/chapter25.md +3661 -3661
  604. package/lib/assets/docs/article/practical-database-design/part4/chapter26.md +2916 -2916
  605. package/lib/assets/docs/article/practical-database-design/part4/chapter27.md +3105 -3105
  606. package/lib/assets/docs/article/practical-database-design/part4/chapter28.md +2697 -2697
  607. package/lib/assets/docs/article/practical-database-design/part4/chapter29.md +2544 -2544
  608. package/lib/assets/docs/article/practical-database-design/part4/chapter30.md +2180 -2180
  609. package/lib/assets/docs/article/practical-database-design/part4/chapter31.md +1192 -1192
  610. package/lib/assets/docs/article/practical-database-design/part4/chapter32.md +2101 -2101
  611. package/lib/assets/docs/article/practical-database-design/part5/chapter33.md +1032 -1032
  612. package/lib/assets/docs/article/practical-database-design/part5/chapter34.md +1609 -1609
  613. package/lib/assets/docs/article/practical-database-design/part5/chapter35.md +1453 -1453
  614. package/lib/assets/docs/article/practical-database-design/part5/chapter36.md +1292 -1292
  615. package/lib/assets/docs/article/practical-database-design/part5/chapter37.md +1470 -1470
  616. package/lib/assets/docs/article/practical-database-design/part5/chapter38.md +1698 -1698
  617. package/lib/assets/docs/article/practical-database-design/part5/chapter39.md +2334 -2334
  618. package/lib/assets/docs/article/practical-database-design/study/study2-1.md +1693 -1693
  619. package/lib/assets/docs/article/practical-database-design/study/study2-2.md +1347 -1347
  620. package/lib/assets/docs/article/practical-database-design/study/study2-3.md +2044 -2044
  621. package/lib/assets/docs/article/practical-database-design/study/study2-4.md +2229 -2229
  622. package/lib/assets/docs/article/practical-database-design/study/study2-5.md +2418 -2418
  623. package/lib/assets/docs/article/practical-database-design/study/study3-1.md +2205 -2205
  624. package/lib/assets/docs/article/practical-database-design/study/study3-2.md +2221 -2221
  625. package/lib/assets/docs/article/practical-database-design/study/study3-3.md +2253 -2253
  626. package/lib/assets/docs/article/practical-database-design/study/study3-4.md +2106 -2106
  627. package/lib/assets/docs/article/practical-database-design/study/study3-5.md +2507 -2507
  628. package/lib/assets/docs/article/practical-database-design/study/study4-1.md +2587 -2587
  629. package/lib/assets/docs/article/practical-database-design/study/study4-2.md +2075 -2075
  630. package/lib/assets/docs/article/practical-database-design/study/study4-3.md +1805 -1805
  631. package/lib/assets/docs/article/practical-database-design/study/study4-4.md +1895 -1895
  632. package/lib/assets/docs/article/practical-database-design/study/study4-5.md +2878 -2878
  633. package/lib/assets/docs/assets/css/extra.css +29 -29
  634. package/lib/assets/docs/assets/js/extra.js +44 -44
  635. package/lib/assets/docs/development/index.md +39 -39
  636. package/lib/assets/docs/operation/index.md +11 -11
  637. package/lib/assets/docs/reference/CodexCLIMCP/343/202/242/343/203/227/343/203/252/343/202/261/343/203/274/343/202/267/343/203/247/343/203/263/351/226/213/347/231/272/343/203/225/343/203/255/343/203/274.md +532 -532
  638. package/lib/assets/docs/reference/CodexCLIMCP/343/202/265/343/203/274/343/203/220/343/203/274/350/250/255/345/256/232/346/211/213/351/240/206.md +341 -341
  639. package/lib/assets/docs/reference/Java/343/202/242/343/203/227/343/203/252/343/202/261/343/203/274/343/202/267/343/203/247/343/203/263/347/222/260/345/242/203/346/247/213/347/257/211/343/202/254/343/202/244/343/203/211.md +581 -581
  640. package/lib/assets/docs/reference/SonarQube/343/203/255/343/203/274/343/202/253/343/203/253/347/222/260/345/242/203/343/202/273/343/203/203/343/203/210/343/202/242/343/203/203/343/203/227/346/211/213/351/240/206/346/233/270.md +642 -642
  641. package/lib/assets/docs/reference/TypeScript/343/202/242/343/203/227/343/203/252/343/202/261/343/203/274/343/202/267/343/203/247/343/203/263/347/222/260/345/242/203/346/247/213/347/257/211/343/202/254/343/202/244/343/203/211.md +465 -465
  642. package/lib/assets/docs/reference/UI/350/250/255/350/250/210/343/202/254/343/202/244/343/203/211.md +450 -450
  643. package/lib/assets/docs/reference/images/Ansoff.drawio.svg +3 -3
  644. package/lib/assets/docs/reference/images/BrandBasicStrategy.drawio.svg +3 -3
  645. package/lib/assets/docs/reference/images/BrandCategorization.drawio.svg +3 -3
  646. package/lib/assets/docs/reference/images/BrandRecurutementStrategy.drawio.svg +3 -3
  647. package/lib/assets/docs/reference/images/BrandValue.drawio.svg +3 -3
  648. package/lib/assets/docs/reference/images/BusinessActivitiy.svg +3 -3
  649. package/lib/assets/docs/reference/images/HRM.drawio.svg +3 -3
  650. package/lib/assets/docs/reference/images/MarketingStructure.drawio.svg +3 -3
  651. package/lib/assets/docs/reference/images/OrganizationElemnts.svg +3 -3
  652. package/lib/assets/docs/reference/images/PPM.drawio.svg +3 -3
  653. package/lib/assets/docs/reference/images/PositioningMap.drawio.svg +3 -3
  654. package/lib/assets/docs/reference/images/ProductLayer.drawio.svg +3 -3
  655. package/lib/assets/docs/reference/images/ProductMix.drawio.svg +3 -3
  656. package/lib/assets/docs/reference/images/SWOT.drawio.svg +3 -3
  657. package/lib/assets/docs/reference/images/TargetMarket.drawio.svg +3 -3
  658. package/lib/assets/docs/reference/images/ThreeGenericStrategies.drawio.svg +3 -3
  659. package/lib/assets/docs/reference/images/VRIO.drawio.svg +3 -3
  660. package/lib/assets/docs/reference/images/ValueChain.drawio.svg +3 -3
  661. package/lib/assets/docs/reference/index.md +52 -52
  662. package/lib/assets/docs/reference//343/202/210/343/201/204/343/202/275/343/203/225/343/203/210/343/202/246/343/202/247/343/202/242/343/201/250/343/201/257.md +250 -250
  663. package/lib/assets/docs/reference//343/202/242/343/203/274/343/202/255/343/203/206/343/202/257/343/203/201/343/203/243/350/250/255/350/250/210/343/202/254/343/202/244/343/203/211.md +2216 -2216
  664. package/lib/assets/docs/reference//343/202/244/343/203/263/343/203/225/343/203/251/350/250/255/350/250/210/343/202/254/343/202/244/343/203/211.md +1878 -1878
  665. package/lib/assets/docs/reference//343/202/250/343/202/257/343/202/271/343/203/210/343/203/252/343/203/274/343/203/240/343/203/227/343/203/255/343/202/260/343/203/251/343/203/237/343/203/263/343/202/260.md +550 -550
  666. package/lib/assets/docs/reference//343/202/263/343/203/274/343/203/207/343/202/243/343/203/263/343/202/260/343/201/250/343/203/206/343/202/271/343/203/210/343/202/254/343/202/244/343/203/211.md +705 -705
  667. package/lib/assets/docs/reference//343/203/206/343/202/271/343/203/210/346/210/246/347/225/245/343/202/254/343/202/244/343/203/211.md +1313 -1313
  668. package/lib/assets/docs/reference//343/203/207/343/203/274/343/202/277/343/203/242/343/203/207/343/203/253/350/250/255/350/250/210/343/202/254/343/202/244/343/203/211.md +311 -311
  669. package/lib/assets/docs/reference//343/203/211/343/203/241/343/202/244/343/203/263/343/203/242/343/203/207/343/203/253/350/250/255/350/250/210/343/202/254/343/202/244/343/203/211.md +599 -599
  670. package/lib/assets/docs/reference//343/203/223/343/202/270/343/203/215/343/202/271/343/202/242/343/203/274/343/202/255/343/203/206/343/202/257/343/203/201/343/203/243/345/210/206/346/236/220/343/202/254/343/202/244/343/203/211.md +528 -528
  671. package/lib/assets/docs/reference//343/203/246/343/203/274/343/202/271/343/202/261/343/203/274/343/202/271/344/275/234/346/210/220/343/202/254/343/202/244/343/203/211.md +689 -689
  672. package/lib/assets/docs/reference//343/203/252/343/203/252/343/203/274/343/202/271/343/202/254/343/202/244/343/203/211.md +461 -461
  673. package/lib/assets/docs/reference//343/203/252/343/203/252/343/203/274/343/202/271/343/203/273/343/202/244/343/203/206/343/203/254/343/203/274/343/202/267/343/203/247/343/203/263/350/250/210/347/224/273/343/202/254/343/202/244/343/203/211.md +580 -580
  674. package/lib/assets/docs/reference//343/203/255/343/202/270/343/202/253/343/203/253/343/202/267/343/203/263/343/202/255/343/203/263/343/202/260.md +1367 -1367
  675. package/lib/assets/docs/reference//344/274/201/346/245/255/347/265/214/345/226/266/350/253/226.md +2637 -2637
  676. package/lib/assets/docs/reference//347/222/260/345/242/203/345/244/211/346/225/260/347/256/241/347/220/206/343/202/254/343/202/244/343/203/211.md +665 -665
  677. package/lib/assets/docs/reference//350/246/201/344/273/266/345/256/232/347/276/251/343/202/254/343/202/244/343/203/211.md +1248 -1248
  678. package/lib/assets/docs/reference//350/250/200/350/252/236/345/210/245/351/226/213/347/231/272/343/202/254/343/202/244/343/203/211.md +518 -518
  679. package/lib/assets/docs/reference//351/201/213/345/226/266/347/256/241/347/220/206.md +1482 -1482
  680. package/lib/assets/docs/reference//351/201/213/347/224/250/343/202/271/343/202/257/343/203/252/343/203/227/343/203/210/344/275/234/346/210/220/343/202/254/343/202/244/343/203/211.md +421 -421
  681. package/lib/assets/docs/reference//351/201/213/347/224/250/350/246/201/344/273/266/345/256/232/347/276/251/343/202/254/343/202/244/343/203/211.md +392 -392
  682. package/lib/assets/docs/reference//351/226/213/347/231/272/343/202/254/343/202/244/343/203/211.md +299 -299
  683. package/lib/assets/docs/reference//351/235/236/346/251/237/350/203/275/350/246/201/344/273/266/345/256/232/347/276/251/343/202/254/343/202/244/343/203/211.md +1236 -1236
  684. package/lib/assets/docs/review/index.md +5 -5
  685. package/lib/assets/docs/strategy/index.md +1 -1
  686. package/lib/assets/docs/template/ADR.md +30 -30
  687. package/lib/assets/docs/template/AWS/343/202/271/343/203/206/343/203/274/343/202/270/343/203/263/343/202/260/347/222/260/345/242/203/343/202/273/343/203/203/343/203/210/343/202/242/343/203/203/343/203/227/346/211/213/351/240/206/346/233/270.md +1366 -1366
  688. package/lib/assets/docs/template/AWS/343/203/227/343/203/255/343/203/200/343/202/257/343/202/267/343/203/247/343/203/263/347/222/260/345/242/203/343/202/273/343/203/203/343/203/210/343/202/242/343/203/203/343/203/227/346/211/213/351/240/206/346/233/270.md +634 -634
  689. package/lib/assets/docs/template/README.md +50 -50
  690. package/lib/assets/docs/template/index.md +23 -23
  691. package/lib/assets/docs/template//343/201/276/343/201/232/343/201/223/343/202/214/343/202/222/350/252/255/343/202/202/343/201/206/343/203/252/343/202/271/343/203/210.md +12 -12
  692. package/lib/assets/docs/template//343/202/242/343/203/227/343/203/252/343/202/261/343/203/274/343/202/267/343/203/247/343/203/263/351/226/213/347/231/272/347/222/260/345/242/203/343/202/273/343/203/203/343/203/210/343/202/242/343/203/203/343/203/227/346/211/213/351/240/206/346/233/270.md +547 -547
  693. package/lib/assets/docs/template//343/202/244/343/203/206/343/203/254/343/203/274/343/202/267/343/203/247/343/203/263/345/256/214/344/272/206/345/240/261/345/221/212/346/233/270.md +58 -58
  694. package/lib/assets/docs/template//343/202/244/343/203/263/343/202/273/343/203/227/343/202/267/343/203/247/343/203/263/343/203/207/343/203/203/343/202/255.md +13 -13
  695. package/lib/assets/docs/template//343/203/223/343/202/270/343/203/215/343/202/271/343/202/242/343/203/274/343/202/255/343/203/206/343/202/257/343/203/201/343/203/243.md +379 -379
  696. package/lib/assets/docs/template//344/274/201/346/245/255/345/210/206/346/236/220.md +573 -573
  697. package/lib/assets/docs/template//345/256/214/345/205/250/345/275/242/345/274/217/343/201/256/343/203/246/343/203/274/343/202/271/343/202/261/343/203/274/343/202/271.md +69 -69
  698. package/lib/assets/docs/template//350/246/201/344/273/266/345/256/232/347/276/251.md +669 -669
  699. package/lib/assets/docs/template//350/250/255/350/250/210.md +173 -173
  700. package/lib/assets/docs/template//351/226/213/347/231/272/347/222/260/345/242/203/343/202/273/343/203/203/343/203/210/343/202/242/343/203/203/343/203/227/346/211/213/351/240/206/346/233/270.md +688 -688
  701. package/lib/assets/gulpfile.js +25 -25
  702. package/lib/assets/mkdocs.yml +136 -136
  703. package/lib/assets/ops/docker/mkdoc/Dockerfile +19 -19
  704. package/lib/assets/ops/scripts/journal.js +180 -180
  705. package/lib/assets/ops/scripts/mkdocs.js +82 -82
  706. package/lib/assets/ops/scripts/release.js +431 -431
  707. package/lib/assets/ops/scripts/sonar_local.js +726 -726
  708. package/lib/assets/ops/scripts/ssh.js +190 -190
  709. package/lib/assets/ops/scripts/vault.js +299 -299
  710. package/lib/assets/package-lock.json +1653 -1653
  711. package/lib/assets/package.json +40 -40
  712. package/lib/gulpfile.js +37 -37
  713. package/package.json +41 -41
package/lib/assets/docs/reference//343/202/244/343/203/263/343/203/225/343/203/251/350/250/255/350/250/210/343/202/254/343/202/244/343/203/211.md CHANGED
@@ -1,1879 +1,1879 @@
1
- # インフラ設計ガイド
2
-
3
- ## 1. 概要
4
-
5
- ### 1.1 目的
6
-
7
- Infrastructure as Code (IaC) によるインフラストラクチャの設計・構築・管理における規律とベストプラクティスを定義する。
8
-
9
- ### 1.2 対象システム
10
-
11
- - システム名: 会議室予約システム
12
- - クラウド基盤: AWS
13
- - IaC ツール: Terraform
14
- - アーキテクチャ: ヘキサゴナルアーキテクチャ
15
-
16
- ### 1.3 基本原則
17
-
18
- ```plantuml
19
- @startuml "IaC原則"
20
- title Infrastructure as Code 基本原則
21
-
22
- rectangle "コード化" as code
23
- rectangle "バージョン管理" as version
24
- rectangle "自動化" as automation
25
- rectangle "再現性" as reproducible
26
- rectangle "モジュール性" as modularity
27
- rectangle "テスト" as testing
28
-
29
- code --> version : すべてのインフラを\nコードで定義
30
- version --> automation : 変更履歴を\n追跡・管理
31
- automation --> reproducible : 手動作業を\n排除
32
- reproducible --> modularity : 同じ環境を\n何度でも構築
33
- modularity --> testing : 再利用可能な\nコンポーネント化
34
- testing --> code : 品質保証と\n継続的改善
35
-
36
- @enduml
37
- ```
38
-
39
- ## 2. プロジェクト構造
40
-
41
- ### 2.1 ディレクトリ構造
42
-
43
- ```plantuml
44
- @startuml "プロジェクト構造"
45
- folder "terraform" as terraform {
46
- folder "modules" as modules {
47
- folder "networking" as networking
48
- folder "compute" as compute
49
- folder "database" as database
50
- folder "security" as security
51
- folder "monitoring" as monitoring
52
- }
53
- folder "environments" as environments {
54
- folder "global" as global
55
- folder "dev" as dev
56
- folder "stage" as stage
57
- folder "prod" as prod
58
- }
59
- folder "examples" as examples
60
- folder "test" as test
61
- }
62
-
63
- modules --> networking : VPC、Subnet、\nRoute Table
64
- modules --> compute : EC2、ASG、ALB
65
- modules --> database : RDS、DynamoDB
66
- modules --> security : IAM、Security Groups
67
- modules --> monitoring : CloudWatch、SNS
68
-
69
- environments --> global : 共通変数・設定
70
- environments --> dev : 開発環境
71
- environments --> stage : ステージング環境
72
- environments --> prod : 本番環境
73
-
74
- @enduml
75
- ```
76
-
77
- ### 2.2 命名規則
78
-
79
- #### 2.2.1 リソース命名
80
-
81
- ```yaml
82
- 命名パターン: "{project}-{environment}-{service}-{resource}"
83
-
84
- 例:
85
- - VPC: "meeting-room-prod-vpc"
86
- - Subnet: "meeting-room-prod-public-subnet-1a"
87
- - Security Group: "meeting-room-prod-web-sg"
88
- - RDS: "meeting-room-prod-postgres-primary"
89
- - ALB: "meeting-room-prod-app-alb"
90
- ```
91
-
92
- #### 2.2.2 Terraform ファイル命名
93
-
94
- ```yaml
95
- 標準ファイル構成:
96
- - main.tf: メインの構成定義
97
- - variables.tf: 入力変数定義
98
- - outputs.tf: 出力値定義
99
- - versions.tf: プロバイダーバージョン指定
100
- - locals.tf: ローカル変数定義 (必要に応じて)
101
- - data.tf: データソース定義 (必要に応じて)
102
- ```
103
-
104
- ## 3. モジュール設計
105
-
106
- ### 3.1 モジュール化の原則
107
-
108
- ```plantuml
109
- @startuml "モジュール設計原則"
110
- rectangle "単一責任" as single_responsibility {
111
- note right : 1つのモジュールは\n1つの責任を持つ
112
- }
113
-
114
- rectangle "再利用性" as reusability {
115
- note right : 複数の環境・プロジェクトで\n利用可能
116
- }
117
-
118
- rectangle "構成可能性" as configurability {
119
- note right : 変数により動作を\nカスタマイズ可能
120
- }
121
-
122
- rectangle "テスト容易性" as testability {
123
- note right : 独立してテスト\nできる設計
124
- }
125
-
126
- single_responsibility --> reusability
127
- reusability --> configurability
128
- configurability --> testability
129
- testability --> single_responsibility
130
-
131
- @enduml
132
- ```
133
-
134
- ### 3.2 会議室予約システム モジュール構成
135
-
136
- #### 3.2.1 ネットワークモジュール
137
-
138
- ```terraform
139
- # modules/networking/vpc/main.tf
140
- resource "aws_vpc" "main" {
141
- cidr_block = var.vpc_cidr
142
- enable_dns_hostnames = true
143
- enable_dns_support = true
144
-
145
- tags = merge(var.tags, {
146
- Name = "${var.name_prefix}-vpc"
147
- })
148
- }
149
-
150
- resource "aws_subnet" "public" {
151
- count = length(var.public_subnet_cidrs)
152
-
153
- vpc_id = aws_vpc.main.id
154
- cidr_block = var.public_subnet_cidrs[count.index]
155
- availability_zone = var.availability_zones[count.index]
156
- map_public_ip_on_launch = true
157
-
158
- tags = merge(var.tags, {
159
- Name = "${var.name_prefix}-public-subnet-${count.index + 1}"
160
- Type = "Public"
161
- })
162
- }
163
-
164
- resource "aws_subnet" "private" {
165
- count = length(var.private_subnet_cidrs)
166
-
167
- vpc_id = aws_vpc.main.id
168
- cidr_block = var.private_subnet_cidrs[count.index]
169
- availability_zone = var.availability_zones[count.index]
170
-
171
- tags = merge(var.tags, {
172
- Name = "${var.name_prefix}-private-subnet-${count.index + 1}"
173
- Type = "Private"
174
- })
175
- }
176
-
177
- resource "aws_internet_gateway" "main" {
178
- vpc_id = aws_vpc.main.id
179
-
180
- tags = merge(var.tags, {
181
- Name = "${var.name_prefix}-igw"
182
- })
183
- }
184
-
185
- resource "aws_nat_gateway" "main" {
186
- count = var.enable_nat_gateway ? length(aws_subnet.public) : 0
187
-
188
- allocation_id = aws_eip.nat[count.index].id
189
- subnet_id = aws_subnet.public[count.index].id
190
-
191
- tags = merge(var.tags, {
192
- Name = "${var.name_prefix}-nat-gw-${count.index + 1}"
193
- })
194
-
195
- depends_on = [aws_internet_gateway.main]
196
- }
197
-
198
- resource "aws_eip" "nat" {
199
- count = var.enable_nat_gateway ? length(aws_subnet.public) : 0
200
-
201
- domain = "vpc"
202
-
203
- tags = merge(var.tags, {
204
- Name = "${var.name_prefix}-nat-eip-${count.index + 1}"
205
- })
206
-
207
- depends_on = [aws_internet_gateway.main]
208
- }
209
- ```
210
-
211
- #### 3.2.2 コンピュートモジュール
212
-
213
- ```terraform
214
- # modules/compute/web-app/main.tf
215
- resource "aws_launch_template" "main" {
216
- name_prefix = "${var.name_prefix}-lt"
217
- image_id = var.ami_id
218
- instance_type = var.instance_type
219
- key_name = var.key_name
220
-
221
- vpc_security_group_ids = [aws_security_group.web.id]
222
-
223
- user_data = base64encode(templatefile("${path.module}/user_data.sh", {
224
- database_url = var.database_url
225
- app_version = var.app_version
226
- environment = var.environment
227
- }))
228
-
229
- tag_specifications {
230
- resource_type = "instance"
231
- tags = merge(var.tags, {
232
- Name = "${var.name_prefix}-instance"
233
- })
234
- }
235
-
236
- lifecycle {
237
- create_before_destroy = true
238
- precondition {
239
- condition = contains(["t3.micro", "t3.small", "t3.medium"], var.instance_type)
240
- error_message = "Instance type must be t3.micro, t3.small, or t3.medium for cost optimization."
241
- }
242
- }
243
- }
244
-
245
- resource "aws_autoscaling_group" "main" {
246
- name = "${var.name_prefix}-asg"
247
- vpc_zone_identifier = var.subnet_ids
248
- target_group_arns = [aws_lb_target_group.main.arn]
249
- health_check_type = "ELB"
250
- health_check_grace_period = 300
251
-
252
- min_size = var.min_size
253
- max_size = var.max_size
254
- desired_capacity = var.desired_capacity
255
-
256
- launch_template {
257
- id = aws_launch_template.main.id
258
- version = "$Latest"
259
- }
260
-
261
- instance_refresh {
262
- strategy = "Rolling"
263
- preferences {
264
- min_healthy_percentage = 50
265
- instance_warmup = 300
266
- }
267
- }
268
-
269
- tag {
270
- key = "Name"
271
- value = "${var.name_prefix}-asg"
272
- propagate_at_launch = false
273
- }
274
-
275
- dynamic "tag" {
276
- for_each = var.tags
277
- content {
278
- key = tag.key
279
- value = tag.value
280
- propagate_at_launch = true
281
- }
282
- }
283
-
284
- lifecycle {
285
- create_before_destroy = true
286
- postcondition {
287
- condition = length(self.availability_zones) > 1
288
- error_message = "Auto Scaling Group must span multiple AZs for high availability."
289
- }
290
- }
291
- }
292
-
293
- resource "aws_lb" "main" {
294
- name = "${var.name_prefix}-alb"
295
- internal = false
296
- load_balancer_type = "application"
297
- security_groups = [aws_security_group.alb.id]
298
- subnets = var.subnet_ids
299
-
300
- enable_deletion_protection = var.environment == "prod" ? true : false
301
-
302
- tags = merge(var.tags, {
303
- Name = "${var.name_prefix}-alb"
304
- })
305
- }
306
-
307
- resource "aws_lb_target_group" "main" {
308
- name = "${var.name_prefix}-tg"
309
- port = 8080
310
- protocol = "HTTP"
311
- vpc_id = var.vpc_id
312
-
313
- health_check {
314
- enabled = true
315
- healthy_threshold = 2
316
- unhealthy_threshold = 2
317
- timeout = 5
318
- interval = 30
319
- path = "/health"
320
- matcher = "200"
321
- port = "traffic-port"
322
- protocol = "HTTP"
323
- }
324
-
325
- tags = merge(var.tags, {
326
- Name = "${var.name_prefix}-tg"
327
- })
328
- }
329
-
330
- resource "aws_lb_listener" "main" {
331
- load_balancer_arn = aws_lb.main.arn
332
- port = "80"
333
- protocol = "HTTP"
334
-
335
- default_action {
336
- type = "forward"
337
- target_group_arn = aws_lb_target_group.main.arn
338
- }
339
- }
340
- ```
341
-
342
- #### 3.2.3 データベースモジュール
343
-
344
- ```terraform
345
- # modules/database/postgresql/main.tf
346
- resource "aws_db_subnet_group" "main" {
347
- name = "${var.name_prefix}-db-subnet-group"
348
- subnet_ids = var.subnet_ids
349
-
350
- tags = merge(var.tags, {
351
- Name = "${var.name_prefix}-db-subnet-group"
352
- })
353
- }
354
-
355
- resource "aws_db_parameter_group" "main" {
356
- family = "postgres15"
357
- name = "${var.name_prefix}-db-params"
358
-
359
- parameter {
360
- name = "log_statement"
361
- value = "all"
362
- }
363
-
364
- parameter {
365
- name = "log_min_duration_statement"
366
- value = "1000"
367
- }
368
-
369
- tags = merge(var.tags, {
370
- Name = "${var.name_prefix}-db-params"
371
- })
372
- }
373
-
374
- resource "aws_db_instance" "main" {
375
- identifier = "${var.name_prefix}-db"
376
-
377
- allocated_storage = var.allocated_storage
378
- max_allocated_storage = var.max_allocated_storage
379
- storage_type = "gp3"
380
- storage_encrypted = true
381
-
382
- engine = "postgres"
383
- engine_version = "15.4"
384
- instance_class = var.instance_class
385
-
386
- db_name = var.database_name
387
- username = var.database_username
388
- password = var.database_password
389
-
390
- db_subnet_group_name = aws_db_subnet_group.main.name
391
- vpc_security_group_ids = [aws_security_group.database.id]
392
- parameter_group_name = aws_db_parameter_group.main.name
393
-
394
- backup_retention_period = var.backup_retention_period
395
- backup_window = var.backup_window
396
- maintenance_window = var.maintenance_window
397
-
398
- skip_final_snapshot = var.environment != "prod"
399
- final_snapshot_identifier = var.environment == "prod" ? "${var.name_prefix}-db-final-snapshot" : null
400
-
401
- deletion_protection = var.environment == "prod" ? true : false
402
-
403
- performance_insights_enabled = var.environment == "prod" ? true : false
404
- monitoring_interval = var.environment == "prod" ? 60 : 0
405
-
406
- tags = merge(var.tags, {
407
- Name = "${var.name_prefix}-db"
408
- })
409
-
410
- lifecycle {
411
- prevent_destroy = false
412
- precondition {
413
- condition = var.allocated_storage >= 20
414
- error_message = "Database must have at least 20GB of storage."
415
- }
416
- }
417
- }
418
-
419
- resource "aws_db_instance" "replica" {
420
- count = var.create_replica ? 1 : 0
421
-
422
- identifier = "${var.name_prefix}-db-replica"
423
-
424
- replicate_source_db = aws_db_instance.main.identifier
425
- instance_class = var.replica_instance_class
426
-
427
- skip_final_snapshot = true
428
- deletion_protection = false
429
-
430
- tags = merge(var.tags, {
431
- Name = "${var.name_prefix}-db-replica"
432
- })
433
- }
434
- ```
435
-
436
- ### 3.3 入力検証とセキュリティ
437
-
438
- ```terraform
439
- # modules/compute/web-app/variables.tf
440
- variable "instance_type" {
441
- description = "EC2 instance type"
442
- type = string
443
-
444
- validation {
445
- condition = contains([
446
- "t3.micro", "t3.small", "t3.medium", "t3.large",
447
- "m5.large", "m5.xlarge", "m5.2xlarge"
448
- ], var.instance_type)
449
- error_message = "Instance type must be a supported type for this application."
450
- }
451
- }
452
-
453
- variable "min_size" {
454
- description = "Minimum number of instances in ASG"
455
- type = number
456
-
457
- validation {
458
- condition = var.min_size > 0
459
- error_message = "Minimum size must be greater than 0 to avoid outages."
460
- }
461
-
462
- validation {
463
- condition = var.min_size <= 10
464
- error_message = "Minimum size must be 10 or fewer for cost control."
465
- }
466
- }
467
-
468
- variable "environment" {
469
- description = "Environment name"
470
- type = string
471
-
472
- validation {
473
- condition = contains(["dev", "stage", "prod"], var.environment)
474
- error_message = "Environment must be one of: dev, stage, prod."
475
- }
476
- }
477
-
478
- variable "vpc_cidr" {
479
- description = "CIDR block for VPC"
480
- type = string
481
-
482
- validation {
483
- condition = can(cidrhost(var.vpc_cidr, 0))
484
- error_message = "VPC CIDR must be a valid CIDR block."
485
- }
486
- }
487
- ```
488
-
489
- ## 4. 環境管理
490
-
491
- ### 4.1 環境分離戦略
492
-
493
- ```plantuml
494
- @startuml "環境分離"
495
- rectangle "Global" as global {
496
- rectangle "共通変数" as common_vars
497
- rectangle "グローバルリソース" as global_resources
498
- rectangle "IAM ポリシー" as iam_policies
499
- }
500
-
501
- rectangle "Development" as dev {
502
- rectangle "単一AZ" as dev_az
503
- rectangle "小規模インスタンス" as dev_instance
504
- rectangle "開発用DB" as dev_db
505
- }
506
-
507
- rectangle "Staging" as stage {
508
- rectangle "マルチAZ" as stage_az
509
- rectangle "本番相当" as stage_instance
510
- rectangle "本番データのコピー" as stage_db
511
- }
512
-
513
- rectangle "Production" as prod {
514
- rectangle "マルチAZ + 冗長化" as prod_az
515
- rectangle "高性能インスタンス" as prod_instance
516
- rectangle "レプリカ + バックアップ" as prod_db
517
- }
518
-
519
- global --> dev : 共通設定継承
520
- global --> stage : 共通設定継承
521
- global --> prod : 共通設定継承
522
-
523
- @enduml
524
- ```
525
-
526
- ### 4.2 グローバル変数管理
527
-
528
- ```terraform
529
- # environments/global/variables.tf
530
- locals {
531
- project_name = "meeting-room"
532
-
533
- common_tags = {
534
- Project = local.project_name
535
- ManagedBy = "terraform"
536
- Owner = "platform-team"
537
- Repository = "meeting-room-infrastructure"
538
- }
539
-
540
- environments = {
541
- dev = {
542
- name = "dev"
543
- instance_type = "t3.micro"
544
- min_size = 1
545
- max_size = 2
546
- desired_capacity = 1
547
- db_instance_class = "db.t3.micro"
548
- backup_retention = 7
549
- multi_az = false
550
- create_replica = false
551
- }
552
-
553
- stage = {
554
- name = "stage"
555
- instance_type = "t3.small"
556
- min_size = 2
557
- max_size = 4
558
- desired_capacity = 2
559
- db_instance_class = "db.t3.small"
560
- backup_retention = 7
561
- multi_az = true
562
- create_replica = false
563
- }
564
-
565
- prod = {
566
- name = "prod"
567
- instance_type = "t3.medium"
568
- min_size = 2
569
- max_size = 8
570
- desired_capacity = 4
571
- db_instance_class = "db.r6g.large"
572
- backup_retention = 30
573
- multi_az = true
574
- create_replica = true
575
- }
576
- }
577
-
578
- vpc_configs = {
579
- dev = {
580
- vpc_cidr = "10.0.0.0/16"
581
- public_subnet_cidrs = ["10.0.1.0/24", "10.0.2.0/24"]
582
- private_subnet_cidrs = ["10.0.3.0/24", "10.0.4.0/24"]
583
- availability_zones = ["ap-northeast-1a", "ap-northeast-1c"]
584
- }
585
-
586
- stage = {
587
- vpc_cidr = "10.1.0.0/16"
588
- public_subnet_cidrs = ["10.1.1.0/24", "10.1.2.0/24"]
589
- private_subnet_cidrs = ["10.1.3.0/24", "10.1.4.0/24"]
590
- availability_zones = ["ap-northeast-1a", "ap-northeast-1c"]
591
- }
592
-
593
- prod = {
594
- vpc_cidr = "10.2.0.0/16"
595
- public_subnet_cidrs = ["10.2.1.0/24", "10.2.2.0/24"]
596
- private_subnet_cidrs = ["10.2.3.0/24", "10.2.4.0/24"]
597
- availability_zones = ["ap-northeast-1a", "ap-northeast-1c"]
598
- }
599
- }
600
- }
601
-
602
- output "project_config" {
603
- value = {
604
- name = local.project_name
605
- tags = local.common_tags
606
- environments = local.environments
607
- vpc_configs = local.vpc_configs
608
- }
609
- }
610
- ```
611
-
612
- ### 4.3 環境固有の構成
613
-
614
- ```terraform
615
- # environments/prod/main.tf
616
- terraform {
617
- required_version = ">= 1.0"
618
-
619
- backend "s3" {
620
- bucket = "meeting-room-terraform-state"
621
- key = "prod/terraform.tfstate"
622
- region = "ap-northeast-1"
623
- dynamodb_table = "meeting-room-terraform-locks"
624
- encrypt = true
625
- }
626
-
627
- required_providers {
628
- aws = {
629
- source = "hashicorp/aws"
630
- version = "~> 5.0"
631
- }
632
- }
633
- }
634
-
635
- provider "aws" {
636
- region = "ap-northeast-1"
637
-
638
- default_tags {
639
- tags = local.common_tags
640
- }
641
- }
642
-
643
- # グローバル設定の読み込み
644
- data "terraform_remote_state" "global" {
645
- backend = "s3"
646
-
647
- config = {
648
- bucket = "meeting-room-terraform-state"
649
- key = "global/terraform.tfstate"
650
- region = "ap-northeast-1"
651
- }
652
- }
653
-
654
- locals {
655
- environment = "prod"
656
- global_config = data.terraform_remote_state.global.outputs.project_config
657
- env_config = local.global_config.environments[local.environment]
658
- vpc_config = local.global_config.vpc_configs[local.environment]
659
- common_tags = merge(local.global_config.tags, {
660
- Environment = local.environment
661
- })
662
- name_prefix = "${local.global_config.name}-${local.environment}"
663
- }
664
-
665
- # ネットワークモジュール
666
- module "vpc" {
667
- source = "../../modules/networking/vpc"
668
-
669
- name_prefix = local.name_prefix
670
-
671
- vpc_cidr = local.vpc_config.vpc_cidr
672
- public_subnet_cidrs = local.vpc_config.public_subnet_cidrs
673
- private_subnet_cidrs = local.vpc_config.private_subnet_cidrs
674
- availability_zones = local.vpc_config.availability_zones
675
-
676
- enable_nat_gateway = true
677
-
678
- tags = local.common_tags
679
- }
680
-
681
- # データベースモジュール
682
- module "database" {
683
- source = "../../modules/database/postgresql"
684
-
685
- name_prefix = local.name_prefix
686
-
687
- subnet_ids = module.vpc.private_subnet_ids
688
- vpc_id = module.vpc.vpc_id
689
-
690
- instance_class = local.env_config.db_instance_class
691
- allocated_storage = 100
692
- max_allocated_storage = 1000
693
-
694
- database_name = "meetingroom"
695
- database_username = local.db_credentials.username
696
- database_password = local.db_credentials.password
697
-
698
- backup_retention_period = local.env_config.backup_retention
699
- multi_az = local.env_config.multi_az
700
- create_replica = local.env_config.create_replica
701
-
702
- environment = local.environment
703
- tags = local.common_tags
704
- }
705
-
706
- # Webアプリケーションモジュール
707
- module "web_app" {
708
- source = "../../modules/compute/web-app"
709
-
710
- name_prefix = local.name_prefix
711
-
712
- vpc_id = module.vpc.vpc_id
713
- subnet_ids = module.vpc.public_subnet_ids
714
-
715
- instance_type = local.env_config.instance_type
716
- min_size = local.env_config.min_size
717
- max_size = local.env_config.max_size
718
- desired_capacity = local.env_config.desired_capacity
719
-
720
- database_url = "postgresql://${local.db_credentials.username}:${local.db_credentials.password}@${module.database.endpoint}/meetingroom"
721
- app_version = var.app_version
722
-
723
- environment = local.environment
724
- tags = local.common_tags
725
-
726
- depends_on = [module.database]
727
- }
728
-
729
- # Secrets Managerからのデータベース認証情報取得
730
- data "aws_secretsmanager_secret_version" "db_credentials" {
731
- secret_id = "${local.name_prefix}-db-credentials"
732
- }
733
-
734
- locals {
735
- db_credentials = jsondecode(data.aws_secretsmanager_secret_version.db_credentials.secret_string)
736
- }
737
- ```
738
-
739
- ## 5. セキュリティ設計
740
-
741
- ### 5.1 シークレット管理
742
-
743
- ```terraform
744
- # modules/security/secrets-manager/main.tf
745
- resource "aws_secretsmanager_secret" "db_credentials" {
746
- name = "${var.name_prefix}-db-credentials"
747
- description = "Database credentials for ${var.name_prefix}"
748
-
749
- recovery_window_in_days = var.environment == "prod" ? 30 : 0
750
-
751
- tags = merge(var.tags, {
752
- Name = "${var.name_prefix}-db-credentials"
753
- Type = "Database"
754
- })
755
- }
756
-
757
- resource "aws_secretsmanager_secret_version" "db_credentials" {
758
- secret_id = aws_secretsmanager_secret.db_credentials.id
759
-
760
- secret_string = jsonencode({
761
- username = var.database_username
762
- password = var.database_password
763
- })
764
-
765
- lifecycle {
766
- ignore_changes = [secret_string]
767
- }
768
- }
769
-
770
- # 自動ローテーション(本番環境のみ)
771
- resource "aws_secretsmanager_secret_rotation" "db_credentials" {
772
- count = var.environment == "prod" ? 1 : 0
773
-
774
- secret_id = aws_secretsmanager_secret.db_credentials.id
775
- rotation_lambda_arn = var.rotation_lambda_arn
776
-
777
- rotation_rules {
778
- automatically_after_days = 30
779
- }
780
- }
781
- ```
782
-
783
- ### 5.2 IAM ロール設計
784
-
785
- ```terraform
786
- # modules/security/iam/main.tf
787
- # EC2インスタンス用のIAMロール
788
- resource "aws_iam_role" "ec2_role" {
789
- name = "${var.name_prefix}-ec2-role"
790
-
791
- assume_role_policy = jsonencode({
792
- Version = "2012-10-17"
793
- Statement = [
794
- {
795
- Action = "sts:AssumeRole"
796
- Effect = "Allow"
797
- Principal = {
798
- Service = "ec2.amazonaws.com"
799
- }
800
- }
801
- ]
802
- })
803
-
804
- tags = var.tags
805
- }
806
-
807
- # Secrets Manager読み取り権限
808
- resource "aws_iam_policy" "secrets_manager_policy" {
809
- name = "${var.name_prefix}-secrets-manager-policy"
810
-
811
- policy = jsonencode({
812
- Version = "2012-10-17"
813
- Statement = [
814
- {
815
- Effect = "Allow"
816
- Action = [
817
- "secretsmanager:GetSecretValue",
818
- "secretsmanager:DescribeSecret"
819
- ]
820
- Resource = [
821
- "arn:aws:secretsmanager:${var.region}:${var.account_id}:secret:${var.name_prefix}-db-credentials*"
822
- ]
823
- }
824
- ]
825
- })
826
- }
827
-
828
- resource "aws_iam_role_policy_attachment" "secrets_manager_attachment" {
829
- policy_arn = aws_iam_policy.secrets_manager_policy.arn
830
- role = aws_iam_role.ec2_role.name
831
- }
832
-
833
- # CloudWatch Logs権限
834
- resource "aws_iam_policy" "cloudwatch_logs_policy" {
835
- name = "${var.name_prefix}-cloudwatch-logs-policy"
836
-
837
- policy = jsonencode({
838
- Version = "2012-10-17"
839
- Statement = [
840
- {
841
- Effect = "Allow"
842
- Action = [
843
- "logs:CreateLogGroup",
844
- "logs:CreateLogStream",
845
- "logs:PutLogEvents",
846
- "logs:DescribeLogStreams"
847
- ]
848
- Resource = [
849
- "arn:aws:logs:${var.region}:${var.account_id}:log-group:/aws/ec2/${var.name_prefix}*"
850
- ]
851
- }
852
- ]
853
- })
854
- }
855
-
856
- resource "aws_iam_role_policy_attachment" "cloudwatch_logs_attachment" {
857
- policy_arn = aws_iam_policy.cloudwatch_logs_policy.arn
858
- role = aws_iam_role.ec2_role.name
859
- }
860
-
861
- resource "aws_iam_instance_profile" "ec2_profile" {
862
- name = "${var.name_prefix}-ec2-profile"
863
- role = aws_iam_role.ec2_role.name
864
-
865
- tags = var.tags
866
- }
867
- ```
868
-
869
- ### 5.3 セキュリティグループ設計
870
-
871
- ```terraform
872
- # modules/security/security-groups/main.tf
873
- # ALB用セキュリティグループ
874
- resource "aws_security_group" "alb" {
875
- name_prefix = "${var.name_prefix}-alb-"
876
- vpc_id = var.vpc_id
877
-
878
- ingress {
879
- description = "HTTP"
880
- from_port = 80
881
- to_port = 80
882
- protocol = "tcp"
883
- cidr_blocks = ["0.0.0.0/0"]
884
- }
885
-
886
- ingress {
887
- description = "HTTPS"
888
- from_port = 443
889
- to_port = 443
890
- protocol = "tcp"
891
- cidr_blocks = ["0.0.0.0/0"]
892
- }
893
-
894
- egress {
895
- description = "All outbound"
896
- from_port = 0
897
- to_port = 0
898
- protocol = "-1"
899
- cidr_blocks = ["0.0.0.0/0"]
900
- }
901
-
902
- tags = merge(var.tags, {
903
- Name = "${var.name_prefix}-alb-sg"
904
- Type = "LoadBalancer"
905
- })
906
-
907
- lifecycle {
908
- create_before_destroy = true
909
- }
910
- }
911
-
912
- # Web層用セキュリティグループ
913
- resource "aws_security_group" "web" {
914
- name_prefix = "${var.name_prefix}-web-"
915
- vpc_id = var.vpc_id
916
-
917
- ingress {
918
- description = "HTTP from ALB"
919
- from_port = 8080
920
- to_port = 8080
921
- protocol = "tcp"
922
- security_groups = [aws_security_group.alb.id]
923
- }
924
-
925
- ingress {
926
- description = "SSH"
927
- from_port = 22
928
- to_port = 22
929
- protocol = "tcp"
930
- cidr_blocks = [var.vpc_cidr]
931
- }
932
-
933
- egress {
934
- description = "All outbound"
935
- from_port = 0
936
- to_port = 0
937
- protocol = "-1"
938
- cidr_blocks = ["0.0.0.0/0"]
939
- }
940
-
941
- tags = merge(var.tags, {
942
- Name = "${var.name_prefix}-web-sg"
943
- Type = "WebServer"
944
- })
945
-
946
- lifecycle {
947
- create_before_destroy = true
948
- }
949
- }
950
-
951
- # データベース用セキュリティグループ
952
- resource "aws_security_group" "database" {
953
- name_prefix = "${var.name_prefix}-db-"
954
- vpc_id = var.vpc_id
955
-
956
- ingress {
957
- description = "PostgreSQL from Web"
958
- from_port = 5432
959
- to_port = 5432
960
- protocol = "tcp"
961
- security_groups = [aws_security_group.web.id]
962
- }
963
-
964
- tags = merge(var.tags, {
965
- Name = "${var.name_prefix}-db-sg"
966
- Type = "Database"
967
- })
968
-
969
- lifecycle {
970
- create_before_destroy = true
971
- }
972
- }
973
- ```
974
-
975
- ## 6. 監視・ロギング
976
-
977
- ### 6.1 CloudWatch 監視
978
-
979
- ```terraform
980
- # modules/monitoring/cloudwatch/main.tf
981
- # ALB監視
982
- resource "aws_cloudwatch_metric_alarm" "alb_response_time" {
983
- alarm_name = "${var.name_prefix}-alb-response-time"
984
- comparison_operator = "GreaterThanThreshold"
985
- evaluation_periods = "2"
986
- metric_name = "TargetResponseTime"
987
- namespace = "AWS/ApplicationELB"
988
- period = "300"
989
- statistic = "Average"
990
- threshold = "2.0"
991
- alarm_description = "This metric monitors ALB response time"
992
- alarm_actions = [aws_sns_topic.alerts.arn]
993
-
994
- dimensions = {
995
- LoadBalancer = var.alb_arn_suffix
996
- }
997
-
998
- tags = var.tags
999
- }
1000
-
1001
- resource "aws_cloudwatch_metric_alarm" "alb_healthy_hosts" {
1002
- alarm_name = "${var.name_prefix}-alb-healthy-hosts"
1003
- comparison_operator = "LessThanThreshold"
1004
- evaluation_periods = "2"
1005
- metric_name = "HealthyHostCount"
1006
- namespace = "AWS/ApplicationELB"
1007
- period = "300"
1008
- statistic = "Average"
1009
- threshold = "1"
1010
- alarm_description = "This metric monitors healthy host count"
1011
- alarm_actions = [aws_sns_topic.alerts.arn]
1012
-
1013
- dimensions = {
1014
- TargetGroup = var.target_group_arn_suffix
1015
- LoadBalancer = var.alb_arn_suffix
1016
- }
1017
-
1018
- tags = var.tags
1019
- }
1020
-
1021
- # データベース監視
1022
- resource "aws_cloudwatch_metric_alarm" "database_cpu" {
1023
- alarm_name = "${var.name_prefix}-db-cpu"
1024
- comparison_operator = "GreaterThanThreshold"
1025
- evaluation_periods = "2"
1026
- metric_name = "CPUUtilization"
1027
- namespace = "AWS/RDS"
1028
- period = "300"
1029
- statistic = "Average"
1030
- threshold = "80"
1031
- alarm_description = "This metric monitors database CPU utilization"
1032
- alarm_actions = [aws_sns_topic.alerts.arn]
1033
-
1034
- dimensions = {
1035
- DBInstanceIdentifier = var.db_instance_id
1036
- }
1037
-
1038
- tags = var.tags
1039
- }
1040
-
1041
- resource "aws_cloudwatch_metric_alarm" "database_connections" {
1042
- alarm_name = "${var.name_prefix}-db-connections"
1043
- comparison_operator = "GreaterThanThreshold"
1044
- evaluation_periods = "2"
1045
- metric_name = "DatabaseConnections"
1046
- namespace = "AWS/RDS"
1047
- period = "300"
1048
- statistic = "Average"
1049
- threshold = "80"
1050
- alarm_description = "This metric monitors database connection count"
1051
- alarm_actions = [aws_sns_topic.alerts.arn]
1052
-
1053
- dimensions = {
1054
- DBInstanceIdentifier = var.db_instance_id
1055
- }
1056
-
1057
- tags = var.tags
1058
- }
1059
-
1060
- # SNS通知設定
1061
- resource "aws_sns_topic" "alerts" {
1062
- name = "${var.name_prefix}-alerts"
1063
-
1064
- tags = var.tags
1065
- }
1066
-
1067
- resource "aws_sns_topic_subscription" "email_alerts" {
1068
- count = length(var.alert_email_addresses)
1069
-
1070
- topic_arn = aws_sns_topic.alerts.arn
1071
- protocol = "email"
1072
- endpoint = var.alert_email_addresses[count.index]
1073
- }
1074
-
1075
- # カスタムメトリクス
1076
- resource "aws_cloudwatch_log_group" "app_logs" {
1077
- name = "/aws/ec2/${var.name_prefix}/application"
1078
- retention_in_days = var.log_retention_days
1079
-
1080
- tags = var.tags
1081
- }
1082
-
1083
- resource "aws_cloudwatch_log_group" "access_logs" {
1084
- name = "/aws/ec2/${var.name_prefix}/access"
1085
- retention_in_days = var.log_retention_days
1086
-
1087
- tags = var.tags
1088
- }
1089
- ```
1090
-
1091
- ## 7. テスト戦略
1092
-
1093
- ### 7.1 単体テスト
1094
-
1095
- ```go
1096
- // test/unit/vpc_test.go
1097
- package test
1098
-
1099
- import (
1100
- "testing"
1101
-
1102
- "github.com/gruntwork-io/terratest/modules/terraform"
1103
- "github.com/stretchr/testify/assert"
1104
- )
1105
-
1106
- func TestVPCModule(t *testing.T) {
1107
- t.Parallel()
1108
-
1109
- terraformOptions := terraform.WithDefaultRetryableErrors(t, &terraform.Options{
1110
- TerraformDir: "../modules/networking/vpc",
1111
- Vars: map[string]interface{}{
1112
- "name_prefix": "test-vpc",
1113
- "vpc_cidr": "10.0.0.0/16",
1114
- "public_subnet_cidrs": []string{
1115
- "10.0.1.0/24",
1116
- "10.0.2.0/24",
1117
- },
1118
- "private_subnet_cidrs": []string{
1119
- "10.0.3.0/24",
1120
- "10.0.4.0/24",
1121
- },
1122
- "availability_zones": []string{
1123
- "ap-northeast-1a",
1124
- "ap-northeast-1c",
1125
- },
1126
- "enable_nat_gateway": true,
1127
- "tags": map[string]string{
1128
- "Test": "true",
1129
- "Environment": "test",
1130
- },
1131
- },
1132
- })
1133
-
1134
- defer terraform.Destroy(t, terraformOptions)
1135
- terraform.InitAndApply(t, terraformOptions)
1136
-
1137
- // 出力値の検証
1138
- vpcId := terraform.Output(t, terraformOptions, "vpc_id")
1139
- assert.NotEmpty(t, vpcId, "VPC ID should not be empty")
1140
-
1141
- publicSubnetIds := terraform.OutputList(t, terraformOptions, "public_subnet_ids")
1142
- assert.Len(t, publicSubnetIds, 2, "Should create 2 public subnets")
1143
-
1144
- privateSubnetIds := terraform.OutputList(t, terraformOptions, "private_subnet_ids")
1145
- assert.Len(t, privateSubnetIds, 2, "Should create 2 private subnets")
1146
- }
1147
- ```
1148
-
1149
- ### 7.2 統合テスト
1150
-
1151
- ```go
1152
- // test/integration/full_stack_test.go
1153
- package test
1154
-
1155
- import (
1156
- "fmt"
1157
- "testing"
1158
- "time"
1159
-
1160
- http_helper "github.com/gruntwork-io/terratest/modules/http-helper"
1161
- "github.com/gruntwork-io/terratest/modules/random"
1162
- "github.com/gruntwork-io/terratest/modules/terraform"
1163
- test_structure "github.com/gruntwork-io/terratest/modules/test-structure"
1164
- )
1165
-
1166
- const envDir = "../environments/stage"
1167
-
1168
- func TestFullStackDeployment(t *testing.T) {
1169
- t.Parallel()
1170
-
1171
- // ステージベースのテスト実行
1172
- defer test_structure.RunTestStage(t, "cleanup", func() {
1173
- terraformOptions := test_structure.LoadTerraformOptions(t, envDir)
1174
- terraform.Destroy(t, terraformOptions)
1175
- })
1176
-
1177
- test_structure.RunTestStage(t, "deploy", func() {
1178
- uniqueId := random.UniqueId()
1179
- terraformOptions := &terraform.Options{
1180
- TerraformDir: envDir,
1181
- Vars: map[string]interface{}{
1182
- "app_version": "test-" + uniqueId,
1183
- "integration_test": true,
1184
- "environment_suffix": uniqueId,
1185
- },
1186
- }
1187
-
1188
- test_structure.SaveTerraformOptions(t, envDir, terraformOptions)
1189
- terraform.InitAndApply(t, terraformOptions)
1190
- })
1191
-
1192
- test_structure.RunTestStage(t, "validate", func() {
1193
- terraformOptions := test_structure.LoadTerraformOptions(t, envDir)
1194
-
1195
- // ALB エンドポイントの取得
1196
- albDnsName := terraform.Output(t, terraformOptions, "alb_dns_name")
1197
- url := fmt.Sprintf("http://%s", albDnsName)
1198
-
1199
- // ヘルスチェック
1200
- http_helper.HttpGetWithRetryWithCustomValidation(
1201
- t,
1202
- fmt.Sprintf("%s/health", url),
1203
- nil,
1204
- 30,
1205
- 10*time.Second,
1206
- func(statusCode int, body string) bool {
1207
- return statusCode == 200
1208
- },
1209
- )
1210
-
1211
- // アプリケーション機能テスト
1212
- http_helper.HttpGetWithRetryWithCustomValidation(
1213
- t,
1214
- fmt.Sprintf("%s/api/meeting-rooms", url),
1215
- nil,
1216
- 10,
1217
- 5*time.Second,
1218
- func(statusCode int, body string) bool {
1219
- return statusCode == 200
1220
- },
1221
- )
1222
- })
1223
- }
1224
- ```
1225
-
1226
- ### 7.3 セキュリティテスト
1227
-
1228
- ```go
1229
- // test/security/security_test.go
1230
- package test
1231
-
1232
- import (
1233
- "testing"
1234
-
1235
- "github.com/gruntwork-io/terratest/modules/terraform"
1236
- "github.com/stretchr/testify/assert"
1237
- )
1238
-
1239
- func TestSecurityConfiguration(t *testing.T) {
1240
- t.Parallel()
1241
-
1242
- terraformOptions := terraform.WithDefaultRetryableErrors(t, &terraform.Options{
1243
- TerraformDir: "../environments/prod",
1244
- PlanFilePath: "./tfplan",
1245
- })
1246
-
1247
- // terraform plan の実行
1248
- terraform.InitAndPlan(t, terraformOptions)
1249
- plan := terraform.ShowWithStruct(t, terraformOptions)
1250
-
1251
- // セキュリティ設定の検証
1252
- t.Run("Database encryption", func(t *testing.T) {
1253
- dbInstances := plan.ResourcesByType["aws_db_instance"]
1254
- for _, instance := range dbInstances {
1255
- storageEncrypted := instance.AttributeValues["storage_encrypted"]
1256
- assert.True(t, storageEncrypted.(bool), "Database storage should be encrypted")
1257
- }
1258
- })
1259
-
1260
- t.Run("Security group rules", func(t *testing.T) {
1261
- securityGroups := plan.ResourcesByType["aws_security_group"]
1262
- for _, sg := range securityGroups {
1263
- ingress := sg.AttributeValues["ingress"].([]interface{})
1264
- for _, rule := range ingress {
1265
- ruleMap := rule.(map[string]interface{})
1266
- cidrBlocks := ruleMap["cidr_blocks"].([]interface{})
1267
-
1268
- // 0.0.0.0/0 からのSSH接続を禁止
1269
- if ruleMap["from_port"].(float64) == 22 {
1270
- assert.NotContains(t, cidrBlocks, "0.0.0.0/0",
1271
- "SSH should not be open to the world")
1272
- }
1273
- }
1274
- }
1275
- })
1276
-
1277
- t.Run("Deletion protection", func(t *testing.T) {
1278
- dbInstances := plan.ResourcesByType["aws_db_instance"]
1279
- for _, instance := range dbInstances {
1280
- if instance.AttributeValues["identifier"].(string) == "meeting-room-prod-db" {
1281
- deletionProtection := instance.AttributeValues["deletion_protection"]
1282
- assert.True(t, deletionProtection.(bool),
1283
- "Production database should have deletion protection enabled")
1284
- }
1285
- }
1286
- })
1287
- }
1288
- ```
1289
-
1290
- ## 8. CI/CD 統合
1291
-
1292
- ### 8.1 GitHub Actions ワークフロー
1293
-
1294
- ```yaml
1295
- # .github/workflows/terraform.yml
1296
- name: Terraform Infrastructure
1297
-
1298
- on:
1299
- push:
1300
- branches: [main, develop]
1301
- paths: ['terraform/**']
1302
- pull_request:
1303
- branches: [main]
1304
- paths: ['terraform/**']
1305
-
1306
- env:
1307
- TF_VERSION: 1.5.0
1308
- TF_IN_AUTOMATION: true
1309
-
1310
- permissions:
1311
- id-token: write
1312
- contents: read
1313
- pull-requests: write
1314
-
1315
- jobs:
1316
- validate:
1317
- name: Validate Terraform
1318
- runs-on: ubuntu-latest
1319
-
1320
- steps:
1321
- - name: Checkout
1322
- uses: actions/checkout@v4
1323
-
1324
- - name: Setup Terraform
1325
- uses: hashicorp/setup-terraform@v3
1326
- with:
1327
- terraform_version: ${{ env.TF_VERSION }}
1328
-
1329
- - name: Terraform Format Check
1330
- run: terraform fmt -check -recursive ./terraform/
1331
-
1332
- - name: Terraform Validate
1333
- run: |
1334
- find ./terraform -name "*.tf" -path "*/modules/*" -execdir terraform init -backend=false \;
1335
- find ./terraform -name "*.tf" -path "*/modules/*" -execdir terraform validate \;
1336
-
1337
- plan:
1338
- name: Plan Infrastructure
1339
- runs-on: ubuntu-latest
1340
- if: github.event_name == 'pull_request'
1341
- needs: [validate]
1342
-
1343
- strategy:
1344
- matrix:
1345
- environment: [dev, stage]
1346
-
1347
- steps:
1348
- - name: Checkout
1349
- uses: actions/checkout@v4
1350
-
1351
- - name: Configure AWS credentials
1352
- uses: aws-actions/configure-aws-credentials@v4
1353
- with:
1354
- role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
1355
- role-session-name: terraform-${{ matrix.environment }}
1356
- aws-region: ap-northeast-1
1357
-
1358
- - name: Setup Terraform
1359
- uses: hashicorp/setup-terraform@v3
1360
- with:
1361
- terraform_version: ${{ env.TF_VERSION }}
1362
-
1363
- - name: Terraform Init
1364
- working-directory: ./terraform/environments/${{ matrix.environment }}
1365
- run: terraform init
1366
-
1367
- - name: Terraform Plan
1368
- working-directory: ./terraform/environments/${{ matrix.environment }}
1369
- run: |
1370
- terraform plan -out=tfplan -var="app_version=${{ github.sha }}"
1371
- terraform show -no-color tfplan > plan.txt
1372
-
1373
- - name: Comment PR with Plan
1374
- uses: actions/github-script@v7
1375
- with:
1376
- script: |
1377
- const fs = require('fs');
1378
- const plan = fs.readFileSync('./terraform/environments/${{ matrix.environment }}/plan.txt', 'utf8');
1379
- const truncatedPlan = plan.length > 65000 ? plan.substring(0, 65000) + "\n...truncated" : plan;
1380
-
1381
- github.rest.issues.createComment({
1382
- issue_number: context.issue.number,
1383
- owner: context.repo.owner,
1384
- repo: context.repo.repo,
1385
- body: `## Terraform Plan (${{ matrix.environment }})
1386
-
1387
- \`\`\`
1388
- ${truncatedPlan}
1389
- \`\`\`
1390
- `
1391
- });
1392
-
1393
- deploy-dev:
1394
- name: Deploy to Development
1395
- runs-on: ubuntu-latest
1396
- if: github.ref == 'refs/heads/develop'
1397
- needs: [validate]
1398
- environment: development
1399
-
1400
- steps:
1401
- - name: Checkout
1402
- uses: actions/checkout@v4
1403
-
1404
- - name: Configure AWS credentials
1405
- uses: aws-actions/configure-aws-credentials@v4
1406
- with:
1407
- role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
1408
- role-session-name: terraform-dev
1409
- aws-region: ap-northeast-1
1410
-
1411
- - name: Setup Terraform
1412
- uses: hashicorp/setup-terraform@v3
1413
- with:
1414
- terraform_version: ${{ env.TF_VERSION }}
1415
-
1416
- - name: Terraform Init
1417
- working-directory: ./terraform/environments/dev
1418
- run: terraform init
1419
-
1420
- - name: Terraform Apply
1421
- working-directory: ./terraform/environments/dev
1422
- run: terraform apply -auto-approve -var="app_version=${{ github.sha }}"
1423
-
1424
- deploy-stage:
1425
- name: Deploy to Staging
1426
- runs-on: ubuntu-latest
1427
- if: github.ref == 'refs/heads/main'
1428
- needs: [validate]
1429
- environment: staging
1430
-
1431
- steps:
1432
- - name: Checkout
1433
- uses: actions/checkout@v4
1434
-
1435
- - name: Configure AWS credentials
1436
- uses: aws-actions/configure-aws-credentials@v4
1437
- with:
1438
- role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
1439
- role-session-name: terraform-stage
1440
- aws-region: ap-northeast-1
1441
-
1442
- - name: Setup Terraform
1443
- uses: hashicorp/setup-terraform@v3
1444
- with:
1445
- terraform_version: ${{ env.TF_VERSION }}
1446
-
1447
- - name: Terraform Init
1448
- working-directory: ./terraform/environments/stage
1449
- run: terraform init
1450
-
1451
- - name: Terraform Apply
1452
- working-directory: ./terraform/environments/stage
1453
- run: terraform apply -auto-approve -var="app_version=${{ github.sha }}"
1454
-
1455
- deploy-prod:
1456
- name: Deploy to Production
1457
- runs-on: ubuntu-latest
1458
- if: github.ref == 'refs/heads/main'
1459
- needs: [deploy-stage]
1460
- environment: production
1461
-
1462
- steps:
1463
- - name: Checkout
1464
- uses: actions/checkout@v4
1465
-
1466
- - name: Configure AWS credentials
1467
- uses: aws-actions/configure-aws-credentials@v4
1468
- with:
1469
- role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
1470
- role-session-name: terraform-prod
1471
- aws-region: ap-northeast-1
1472
-
1473
- - name: Setup Terraform
1474
- uses: hashicorp/setup-terraform@v3
1475
- with:
1476
- terraform_version: ${{ env.TF_VERSION }}
1477
-
1478
- - name: Terraform Init
1479
- working-directory: ./terraform/environments/prod
1480
- run: terraform init
1481
-
1482
- - name: Terraform Plan
1483
- working-directory: ./terraform/environments/prod
1484
- run: terraform plan -out=tfplan -var="app_version=${{ github.sha }}"
1485
-
1486
- - name: Manual Approval Required
1487
- run: |
1488
- echo "Production deployment requires manual approval"
1489
- echo "Review the plan and approve in GitHub Actions"
1490
-
1491
- - name: Terraform Apply
1492
- working-directory: ./terraform/environments/prod
1493
- run: terraform apply tfplan
1494
- ```
1495
-
1496
- ### 8.2 OIDC 設定
1497
-
1498
- ```terraform
1499
- # terraform/iam-oidc/main.tf
1500
- resource "aws_iam_openid_connect_provider" "github" {
1501
- url = "https://token.actions.githubusercontent.com"
1502
-
1503
- client_id_list = [
1504
- "sts.amazonaws.com",
1505
- ]
1506
-
1507
- thumbprint_list = [
1508
- "6938fd4d98bab03faadb97b34396831e3780aea1",
1509
- "1c58a3a8518e8759bf075b76b750d4f2df264fcd"
1510
- ]
1511
-
1512
- tags = {
1513
- Name = "github-actions-oidc"
1514
- ManagedBy = "terraform"
1515
- }
1516
- }
1517
-
1518
- resource "aws_iam_role" "github_actions" {
1519
- name = "github-actions-terraform"
1520
-
1521
- assume_role_policy = jsonencode({
1522
- Version = "2012-10-17"
1523
- Statement = [
1524
- {
1525
- Action = "sts:AssumeRoleWithWebIdentity"
1526
- Effect = "Allow"
1527
- Principal = {
1528
- Federated = aws_iam_openid_connect_provider.github.arn
1529
- }
1530
- Condition = {
1531
- StringEquals = {
1532
- "token.actions.githubusercontent.com:aud" = "sts.amazonaws.com"
1533
- }
1534
- StringLike = {
1535
- "token.actions.githubusercontent.com:sub" = "repo:organization/meeting-room-infrastructure:*"
1536
- }
1537
- }
1538
- }
1539
- ]
1540
- })
1541
-
1542
- tags = {
1543
- Name = "github-actions-terraform"
1544
- ManagedBy = "terraform"
1545
- }
1546
- }
1547
-
1548
- resource "aws_iam_role_policy" "github_actions_terraform" {
1549
- name = "terraform-permissions"
1550
- role = aws_iam_role.github_actions.id
1551
-
1552
- policy = jsonencode({
1553
- Version = "2012-10-17"
1554
- Statement = [
1555
- {
1556
- Effect = "Allow"
1557
- Action = [
1558
- "ec2:*",
1559
- "rds:*",
1560
- "elasticloadbalancing:*",
1561
- "autoscaling:*",
1562
- "iam:*",
1563
- "s3:*",
1564
- "dynamodb:*",
1565
- "secretsmanager:*",
1566
- "logs:*",
1567
- "cloudwatch:*",
1568
- "sns:*"
1569
- ]
1570
- Resource = "*"
1571
- }
1572
- ]
1573
- })
1574
- }
1575
- ```
1576
-
1577
- ## 9. コスト最適化
1578
-
1579
- ### 9.1 リソース最適化
1580
-
1581
- ```terraform
1582
- # modules/cost-optimization/spot-instances/main.tf
1583
- resource "aws_launch_template" "spot" {
1584
- name_prefix = "${var.name_prefix}-spot-"
1585
-
1586
- image_id = var.ami_id
1587
- instance_type = var.instance_type
1588
- key_name = var.key_name
1589
-
1590
- vpc_security_group_ids = var.security_group_ids
1591
-
1592
- instance_market_options {
1593
- market_type = "spot"
1594
- spot_options {
1595
- spot_instance_type = "one-time"
1596
- max_price = var.spot_price
1597
- }
1598
- }
1599
-
1600
- user_data = var.user_data
1601
-
1602
- tag_specifications {
1603
- resource_type = "instance"
1604
- tags = merge(var.tags, {
1605
- Name = "${var.name_prefix}-spot-instance"
1606
- })
1607
- }
1608
-
1609
- lifecycle {
1610
- create_before_destroy = true
1611
- }
1612
- }
1613
-
1614
- resource "aws_autoscaling_group" "spot" {
1615
- name = "${var.name_prefix}-spot-asg"
1616
-
1617
- vpc_zone_identifier = var.subnet_ids
1618
- target_group_arns = var.target_group_arns
1619
- health_check_type = "ELB"
1620
-
1621
- min_size = var.min_size
1622
- max_size = var.max_size
1623
- desired_capacity = var.desired_capacity
1624
-
1625
- mixed_instances_policy {
1626
- launch_template {
1627
- launch_template_specification {
1628
- launch_template_id = aws_launch_template.spot.id
1629
- version = "$Latest"
1630
- }
1631
- }
1632
-
1633
- instances_distribution {
1634
- on_demand_base_capacity = var.on_demand_base_capacity
1635
- on_demand_percentage_above_base_capacity = var.on_demand_percentage
1636
- spot_allocation_strategy = "diversified"
1637
- spot_instance_pools = 4
1638
- }
1639
- }
1640
-
1641
- tag {
1642
- key = "Name"
1643
- value = "${var.name_prefix}-spot-asg"
1644
- propagate_at_launch = false
1645
- }
1646
- }
1647
- ```
1648
-
1649
- ### 9.2 スケジューリングと自動化
1650
-
1651
- ```terraform
1652
- # modules/scheduling/auto-shutdown/main.tf
1653
- resource "aws_lambda_function" "auto_shutdown" {
1654
- filename = "auto_shutdown.zip"
1655
- function_name = "${var.name_prefix}-auto-shutdown"
1656
- role = aws_iam_role.lambda_role.arn
1657
- handler = "lambda_function.lambda_handler"
1658
- runtime = "python3.9"
1659
- timeout = 300
1660
-
1661
- source_code_hash = data.archive_file.auto_shutdown_zip.output_base64sha256
1662
-
1663
- environment {
1664
- variables = {
1665
- ENVIRONMENT = var.environment
1666
- TAG_KEY = "AutoShutdown"
1667
- TAG_VALUE = "enabled"
1668
- }
1669
- }
1670
-
1671
- tags = var.tags
1672
- }
1673
-
1674
- resource "aws_cloudwatch_event_rule" "auto_shutdown_schedule" {
1675
- count = var.environment == "dev" ? 1 : 0
1676
-
1677
- name = "${var.name_prefix}-auto-shutdown"
1678
- description = "Schedule for auto shutdown of development resources"
1679
- schedule_expression = "cron(0 18 ? * MON-FRI *)" # 平日18時
1680
-
1681
- tags = var.tags
1682
- }
1683
-
1684
- resource "aws_cloudwatch_event_target" "lambda_target" {
1685
- count = var.environment == "dev" ? 1 : 0
1686
-
1687
- rule = aws_cloudwatch_event_rule.auto_shutdown_schedule[0].name
1688
- target_id = "AutoShutdownTarget"
1689
- arn = aws_lambda_function.auto_shutdown.arn
1690
- }
1691
-
1692
- resource "aws_lambda_permission" "allow_cloudwatch" {
1693
- count = var.environment == "dev" ? 1 : 0
1694
-
1695
- statement_id = "AllowExecutionFromCloudWatch"
1696
- action = "lambda:InvokeFunction"
1697
- function_name = aws_lambda_function.auto_shutdown.function_name
1698
- principal = "events.amazonaws.com"
1699
- source_arn = aws_cloudwatch_event_rule.auto_shutdown_schedule[0].arn
1700
- }
1701
- ```
1702
-
1703
- ## 10. 災害対策・冗長化
1704
-
1705
- ### 10.1 マルチ AZ 構成
1706
-
1707
- ```plantuml
1708
- @startuml "マルチAZ構成"
1709
- cloud "AWS Cloud" {
1710
- rectangle "Region: ap-northeast-1" as region {
1711
- rectangle "Availability Zone 1a" as az1 {
1712
- node "Web Server 1" as web1
1713
- database "DB Primary" as db1
1714
- }
1715
-
1716
- rectangle "Availability Zone 1c" as az2 {
1717
- node "Web Server 2" as web2
1718
- database "DB Standby" as db2
1719
- }
1720
-
1721
- component "Application Load Balancer" as alb {
1722
- component "Health Check" as hc
1723
- }
1724
-
1725
- storage "S3 Bucket" as s3 {
1726
- folder "Static Assets" as assets
1727
- folder "Backup Data" as backup
1728
- }
1729
- }
1730
- }
1731
-
1732
- alb --> web1
1733
- alb --> web2
1734
- web1 --> db1
1735
- web2 --> db1
1736
- db1 --> db2 : Synchronous\nReplication
1737
- web1 --> s3
1738
- web2 --> s3
1739
-
1740
- note right of alb : トラフィック分散\nヘルスチェック
1741
- note right of db2 : 自動フェイルオーバー\n(Multi-AZ)
1742
-
1743
- @enduml
1744
- ```
1745
-
1746
- ### 10.2 バックアップ戦略
1747
-
1748
- ```terraform
1749
- # modules/backup/automated-backup/main.tf
1750
- resource "aws_backup_vault" "main" {
1751
- name = "${var.name_prefix}-backup-vault"
1752
- kms_key_arn = aws_kms_key.backup.arn
1753
-
1754
- tags = var.tags
1755
- }
1756
-
1757
- resource "aws_kms_key" "backup" {
1758
- description = "KMS key for backup vault encryption"
1759
- deletion_window_in_days = 30
1760
-
1761
- tags = merge(var.tags, {
1762
- Name = "${var.name_prefix}-backup-kms"
1763
- })
1764
- }
1765
-
1766
- resource "aws_backup_plan" "main" {
1767
- name = "${var.name_prefix}-backup-plan"
1768
-
1769
- rule {
1770
- rule_name = "daily_backup"
1771
- target_vault_name = aws_backup_vault.main.name
1772
- schedule = "cron(0 2 ? * * *)" # 毎日午前2時
1773
-
1774
- lifecycle {
1775
- cold_storage_after = 30
1776
- delete_after = 120
1777
- }
1778
-
1779
- recovery_point_tags = merge(var.tags, {
1780
- BackupType = "Daily"
1781
- })
1782
- }
1783
-
1784
- rule {
1785
- rule_name = "weekly_backup"
1786
- target_vault_name = aws_backup_vault.main.name
1787
- schedule = "cron(0 2 ? * SUN *)" # 毎週日曜日午前2時
1788
-
1789
- lifecycle {
1790
- cold_storage_after = 30
1791
- delete_after = 365
1792
- }
1793
-
1794
- recovery_point_tags = merge(var.tags, {
1795
- BackupType = "Weekly"
1796
- })
1797
- }
1798
-
1799
- tags = var.tags
1800
- }
1801
-
1802
- resource "aws_backup_selection" "database" {
1803
- iam_role_arn = aws_iam_role.backup.arn
1804
- name = "${var.name_prefix}-db-backup-selection"
1805
- plan_id = aws_backup_plan.main.id
1806
-
1807
- resources = [
1808
- var.rds_db_instance_arn
1809
- ]
1810
-
1811
- condition {
1812
- string_equals {
1813
- key = "aws:ResourceTag/Environment"
1814
- value = var.environment
1815
- }
1816
- }
1817
- }
1818
- ```
1819
-
1820
- ## 11. まとめ
1821
-
1822
- ### 11.1 ベストプラクティス チェックリスト
1823
-
1824
- ```yaml
1825
- インフラコード品質:
1826
- - [ ] すべてのリソースがコードで定義されている
1827
- - [ ] バージョン管理されている
1828
- - [ ] 適切なコメントとドキュメントがある
1829
- - [ ] 命名規則に従っている
1830
-
1831
- モジュール設計:
1832
- - [ ] 単一責任の原則に従っている
1833
- - [ ] 再利用可能な設計になっている
1834
- - [ ] 入力検証が実装されている
1835
- - [ ] 適切な出力値が定義されている
1836
-
1837
- セキュリティ:
1838
- - [ ] シークレット管理が適切に実装されている
1839
- - [ ] IAM権限が最小権限になっている
1840
- - [ ] セキュリティグループが適切に設定されている
1841
- - [ ] 暗号化が有効になっている
1842
-
1843
- 運用:
1844
- - [ ] 監視・アラートが設定されている
1845
- - [ ] ログ収集が実装されている
1846
- - [ ] バックアップ戦略が定義されている
1847
- - [ ] 災害対策が考慮されている
1848
-
1849
- テスト:
1850
- - [ ] 単体テストが実装されている
1851
- - [ ] 統合テストが実装されている
1852
- - [ ] セキュリティテストが実装されている
1853
- - [ ] CI/CDパイプラインが構築されている
1854
- ```
1855
-
1856
- ### 11.2 継続的改善
1857
-
1858
- ```plantuml
1859
- @startuml "継続的改善サイクル"
1860
- circle "Plan" as plan
1861
- circle "Code" as code
1862
- circle "Build" as build
1863
- circle "Test" as test
1864
- circle "Deploy" as deploy
1865
- circle "Monitor" as monitor
1866
- circle "Learn" as learn
1867
-
1868
- plan --> code : 要件定義\nアーキテクチャ設計
1869
- code --> build : Terraform\nコード作成
1870
- build --> test : 静的解析\n単体テスト
1871
- test --> deploy : 統合テスト\n本番デプロイ
1872
- deploy --> monitor : 監視\nログ収集
1873
- monitor --> learn : 分析\n改善点抽出
1874
- learn --> plan : フィードバック\n次期計画
1875
-
1876
- @enduml
1877
- ```
1878
-
1
+ # インフラ設計ガイド
2
+
3
+ ## 1. 概要
4
+
5
+ ### 1.1 目的
6
+
7
+ Infrastructure as Code (IaC) によるインフラストラクチャの設計・構築・管理における規律とベストプラクティスを定義する。
8
+
9
+ ### 1.2 対象システム
10
+
11
+ - システム名: 会議室予約システム
12
+ - クラウド基盤: AWS
13
+ - IaC ツール: Terraform
14
+ - アーキテクチャ: ヘキサゴナルアーキテクチャ
15
+
16
+ ### 1.3 基本原則
17
+
18
+ ```plantuml
19
+ @startuml "IaC原則"
20
+ title Infrastructure as Code 基本原則
21
+
22
+ rectangle "コード化" as code
23
+ rectangle "バージョン管理" as version
24
+ rectangle "自動化" as automation
25
+ rectangle "再現性" as reproducible
26
+ rectangle "モジュール性" as modularity
27
+ rectangle "テスト" as testing
28
+
29
+ code --> version : すべてのインフラを\nコードで定義
30
+ version --> automation : 変更履歴を\n追跡・管理
31
+ automation --> reproducible : 手動作業を\n排除
32
+ reproducible --> modularity : 同じ環境を\n何度でも構築
33
+ modularity --> testing : 再利用可能な\nコンポーネント化
34
+ testing --> code : 品質保証と\n継続的改善
35
+
36
+ @enduml
37
+ ```
38
+
39
+ ## 2. プロジェクト構造
40
+
41
+ ### 2.1 ディレクトリ構造
42
+
43
+ ```plantuml
44
+ @startuml "プロジェクト構造"
45
+ folder "terraform" as terraform {
46
+ folder "modules" as modules {
47
+ folder "networking" as networking
48
+ folder "compute" as compute
49
+ folder "database" as database
50
+ folder "security" as security
51
+ folder "monitoring" as monitoring
52
+ }
53
+ folder "environments" as environments {
54
+ folder "global" as global
55
+ folder "dev" as dev
56
+ folder "stage" as stage
57
+ folder "prod" as prod
58
+ }
59
+ folder "examples" as examples
60
+ folder "test" as test
61
+ }
62
+
63
+ modules --> networking : VPC、Subnet、\nRoute Table
64
+ modules --> compute : EC2、ASG、ALB
65
+ modules --> database : RDS、DynamoDB
66
+ modules --> security : IAM、Security Groups
67
+ modules --> monitoring : CloudWatch、SNS
68
+
69
+ environments --> global : 共通変数・設定
70
+ environments --> dev : 開発環境
71
+ environments --> stage : ステージング環境
72
+ environments --> prod : 本番環境
73
+
74
+ @enduml
75
+ ```
76
+
77
+ ### 2.2 命名規則
78
+
79
+ #### 2.2.1 リソース命名
80
+
81
+ ```yaml
82
+ 命名パターン: "{project}-{environment}-{service}-{resource}"
83
+
84
+ 例:
85
+ - VPC: "meeting-room-prod-vpc"
86
+ - Subnet: "meeting-room-prod-public-subnet-1a"
87
+ - Security Group: "meeting-room-prod-web-sg"
88
+ - RDS: "meeting-room-prod-postgres-primary"
89
+ - ALB: "meeting-room-prod-app-alb"
90
+ ```
91
+
92
+ #### 2.2.2 Terraform ファイル命名
93
+
94
+ ```yaml
95
+ 標準ファイル構成:
96
+ - main.tf: メインの構成定義
97
+ - variables.tf: 入力変数定義
98
+ - outputs.tf: 出力値定義
99
+ - versions.tf: プロバイダーバージョン指定
100
+ - locals.tf: ローカル変数定義 (必要に応じて)
101
+ - data.tf: データソース定義 (必要に応じて)
102
+ ```
103
+
104
+ ## 3. モジュール設計
105
+
106
+ ### 3.1 モジュール化の原則
107
+
108
+ ```plantuml
109
+ @startuml "モジュール設計原則"
110
+ rectangle "単一責任" as single_responsibility {
111
+ note right : 1つのモジュールは\n1つの責任を持つ
112
+ }
113
+
114
+ rectangle "再利用性" as reusability {
115
+ note right : 複数の環境・プロジェクトで\n利用可能
116
+ }
117
+
118
+ rectangle "構成可能性" as configurability {
119
+ note right : 変数により動作を\nカスタマイズ可能
120
+ }
121
+
122
+ rectangle "テスト容易性" as testability {
123
+ note right : 独立してテスト\nできる設計
124
+ }
125
+
126
+ single_responsibility --> reusability
127
+ reusability --> configurability
128
+ configurability --> testability
129
+ testability --> single_responsibility
130
+
131
+ @enduml
132
+ ```
133
+
134
+ ### 3.2 会議室予約システム モジュール構成
135
+
136
+ #### 3.2.1 ネットワークモジュール
137
+
138
+ ```terraform
139
+ # modules/networking/vpc/main.tf
140
+ resource "aws_vpc" "main" {
141
+ cidr_block = var.vpc_cidr
142
+ enable_dns_hostnames = true
143
+ enable_dns_support = true
144
+
145
+ tags = merge(var.tags, {
146
+ Name = "${var.name_prefix}-vpc"
147
+ })
148
+ }
149
+
150
+ resource "aws_subnet" "public" {
151
+ count = length(var.public_subnet_cidrs)
152
+
153
+ vpc_id = aws_vpc.main.id
154
+ cidr_block = var.public_subnet_cidrs[count.index]
155
+ availability_zone = var.availability_zones[count.index]
156
+ map_public_ip_on_launch = true
157
+
158
+ tags = merge(var.tags, {
159
+ Name = "${var.name_prefix}-public-subnet-${count.index + 1}"
160
+ Type = "Public"
161
+ })
162
+ }
163
+
164
+ resource "aws_subnet" "private" {
165
+ count = length(var.private_subnet_cidrs)
166
+
167
+ vpc_id = aws_vpc.main.id
168
+ cidr_block = var.private_subnet_cidrs[count.index]
169
+ availability_zone = var.availability_zones[count.index]
170
+
171
+ tags = merge(var.tags, {
172
+ Name = "${var.name_prefix}-private-subnet-${count.index + 1}"
173
+ Type = "Private"
174
+ })
175
+ }
176
+
177
+ resource "aws_internet_gateway" "main" {
178
+ vpc_id = aws_vpc.main.id
179
+
180
+ tags = merge(var.tags, {
181
+ Name = "${var.name_prefix}-igw"
182
+ })
183
+ }
184
+
185
+ resource "aws_nat_gateway" "main" {
186
+ count = var.enable_nat_gateway ? length(aws_subnet.public) : 0
187
+
188
+ allocation_id = aws_eip.nat[count.index].id
189
+ subnet_id = aws_subnet.public[count.index].id
190
+
191
+ tags = merge(var.tags, {
192
+ Name = "${var.name_prefix}-nat-gw-${count.index + 1}"
193
+ })
194
+
195
+ depends_on = [aws_internet_gateway.main]
196
+ }
197
+
198
+ resource "aws_eip" "nat" {
199
+ count = var.enable_nat_gateway ? length(aws_subnet.public) : 0
200
+
201
+ domain = "vpc"
202
+
203
+ tags = merge(var.tags, {
204
+ Name = "${var.name_prefix}-nat-eip-${count.index + 1}"
205
+ })
206
+
207
+ depends_on = [aws_internet_gateway.main]
208
+ }
209
+ ```
210
+
211
+ #### 3.2.2 コンピュートモジュール
212
+
213
+ ```terraform
214
+ # modules/compute/web-app/main.tf
215
+ resource "aws_launch_template" "main" {
216
+ name_prefix = "${var.name_prefix}-lt"
217
+ image_id = var.ami_id
218
+ instance_type = var.instance_type
219
+ key_name = var.key_name
220
+
221
+ vpc_security_group_ids = [aws_security_group.web.id]
222
+
223
+ user_data = base64encode(templatefile("${path.module}/user_data.sh", {
224
+ database_url = var.database_url
225
+ app_version = var.app_version
226
+ environment = var.environment
227
+ }))
228
+
229
+ tag_specifications {
230
+ resource_type = "instance"
231
+ tags = merge(var.tags, {
232
+ Name = "${var.name_prefix}-instance"
233
+ })
234
+ }
235
+
236
+ lifecycle {
237
+ create_before_destroy = true
238
+ precondition {
239
+ condition = contains(["t3.micro", "t3.small", "t3.medium"], var.instance_type)
240
+ error_message = "Instance type must be t3.micro, t3.small, or t3.medium for cost optimization."
241
+ }
242
+ }
243
+ }
244
+
245
+ resource "aws_autoscaling_group" "main" {
246
+ name = "${var.name_prefix}-asg"
247
+ vpc_zone_identifier = var.subnet_ids
248
+ target_group_arns = [aws_lb_target_group.main.arn]
249
+ health_check_type = "ELB"
250
+ health_check_grace_period = 300
251
+
252
+ min_size = var.min_size
253
+ max_size = var.max_size
254
+ desired_capacity = var.desired_capacity
255
+
256
+ launch_template {
257
+ id = aws_launch_template.main.id
258
+ version = "$Latest"
259
+ }
260
+
261
+ instance_refresh {
262
+ strategy = "Rolling"
263
+ preferences {
264
+ min_healthy_percentage = 50
265
+ instance_warmup = 300
266
+ }
267
+ }
268
+
269
+ tag {
270
+ key = "Name"
271
+ value = "${var.name_prefix}-asg"
272
+ propagate_at_launch = false
273
+ }
274
+
275
+ dynamic "tag" {
276
+ for_each = var.tags
277
+ content {
278
+ key = tag.key
279
+ value = tag.value
280
+ propagate_at_launch = true
281
+ }
282
+ }
283
+
284
+ lifecycle {
285
+ create_before_destroy = true
286
+ postcondition {
287
+ condition = length(self.availability_zones) > 1
288
+ error_message = "Auto Scaling Group must span multiple AZs for high availability."
289
+ }
290
+ }
291
+ }
292
+
293
+ resource "aws_lb" "main" {
294
+ name = "${var.name_prefix}-alb"
295
+ internal = false
296
+ load_balancer_type = "application"
297
+ security_groups = [aws_security_group.alb.id]
298
+ subnets = var.subnet_ids
299
+
300
+ enable_deletion_protection = var.environment == "prod" ? true : false
301
+
302
+ tags = merge(var.tags, {
303
+ Name = "${var.name_prefix}-alb"
304
+ })
305
+ }
306
+
307
+ resource "aws_lb_target_group" "main" {
308
+ name = "${var.name_prefix}-tg"
309
+ port = 8080
310
+ protocol = "HTTP"
311
+ vpc_id = var.vpc_id
312
+
313
+ health_check {
314
+ enabled = true
315
+ healthy_threshold = 2
316
+ unhealthy_threshold = 2
317
+ timeout = 5
318
+ interval = 30
319
+ path = "/health"
320
+ matcher = "200"
321
+ port = "traffic-port"
322
+ protocol = "HTTP"
323
+ }
324
+
325
+ tags = merge(var.tags, {
326
+ Name = "${var.name_prefix}-tg"
327
+ })
328
+ }
329
+
330
+ resource "aws_lb_listener" "main" {
331
+ load_balancer_arn = aws_lb.main.arn
332
+ port = "80"
333
+ protocol = "HTTP"
334
+
335
+ default_action {
336
+ type = "forward"
337
+ target_group_arn = aws_lb_target_group.main.arn
338
+ }
339
+ }
340
+ ```
341
+
342
+ #### 3.2.3 データベースモジュール
343
+
344
+ ```terraform
345
+ # modules/database/postgresql/main.tf
346
+ resource "aws_db_subnet_group" "main" {
347
+ name = "${var.name_prefix}-db-subnet-group"
348
+ subnet_ids = var.subnet_ids
349
+
350
+ tags = merge(var.tags, {
351
+ Name = "${var.name_prefix}-db-subnet-group"
352
+ })
353
+ }
354
+
355
+ resource "aws_db_parameter_group" "main" {
356
+ family = "postgres15"
357
+ name = "${var.name_prefix}-db-params"
358
+
359
+ parameter {
360
+ name = "log_statement"
361
+ value = "all"
362
+ }
363
+
364
+ parameter {
365
+ name = "log_min_duration_statement"
366
+ value = "1000"
367
+ }
368
+
369
+ tags = merge(var.tags, {
370
+ Name = "${var.name_prefix}-db-params"
371
+ })
372
+ }
373
+
374
+ resource "aws_db_instance" "main" {
375
+ identifier = "${var.name_prefix}-db"
376
+
377
+ allocated_storage = var.allocated_storage
378
+ max_allocated_storage = var.max_allocated_storage
379
+ storage_type = "gp3"
380
+ storage_encrypted = true
381
+
382
+ engine = "postgres"
383
+ engine_version = "15.4"
384
+ instance_class = var.instance_class
385
+
386
+ db_name = var.database_name
387
+ username = var.database_username
388
+ password = var.database_password
389
+
390
+ db_subnet_group_name = aws_db_subnet_group.main.name
391
+ vpc_security_group_ids = [aws_security_group.database.id]
392
+ parameter_group_name = aws_db_parameter_group.main.name
393
+
394
+ backup_retention_period = var.backup_retention_period
395
+ backup_window = var.backup_window
396
+ maintenance_window = var.maintenance_window
397
+
398
+ skip_final_snapshot = var.environment != "prod"
399
+ final_snapshot_identifier = var.environment == "prod" ? "${var.name_prefix}-db-final-snapshot" : null
400
+
401
+ deletion_protection = var.environment == "prod" ? true : false
402
+
403
+ performance_insights_enabled = var.environment == "prod" ? true : false
404
+ monitoring_interval = var.environment == "prod" ? 60 : 0
405
+
406
+ tags = merge(var.tags, {
407
+ Name = "${var.name_prefix}-db"
408
+ })
409
+
410
+ lifecycle {
411
+ prevent_destroy = false
412
+ precondition {
413
+ condition = var.allocated_storage >= 20
414
+ error_message = "Database must have at least 20GB of storage."
415
+ }
416
+ }
417
+ }
418
+
419
+ resource "aws_db_instance" "replica" {
420
+ count = var.create_replica ? 1 : 0
421
+
422
+ identifier = "${var.name_prefix}-db-replica"
423
+
424
+ replicate_source_db = aws_db_instance.main.identifier
425
+ instance_class = var.replica_instance_class
426
+
427
+ skip_final_snapshot = true
428
+ deletion_protection = false
429
+
430
+ tags = merge(var.tags, {
431
+ Name = "${var.name_prefix}-db-replica"
432
+ })
433
+ }
434
+ ```
435
+
436
+ ### 3.3 入力検証とセキュリティ
437
+
438
+ ```terraform
439
+ # modules/compute/web-app/variables.tf
440
+ variable "instance_type" {
441
+ description = "EC2 instance type"
442
+ type = string
443
+
444
+ validation {
445
+ condition = contains([
446
+ "t3.micro", "t3.small", "t3.medium", "t3.large",
447
+ "m5.large", "m5.xlarge", "m5.2xlarge"
448
+ ], var.instance_type)
449
+ error_message = "Instance type must be a supported type for this application."
450
+ }
451
+ }
452
+
453
+ variable "min_size" {
454
+ description = "Minimum number of instances in ASG"
455
+ type = number
456
+
457
+ validation {
458
+ condition = var.min_size > 0
459
+ error_message = "Minimum size must be greater than 0 to avoid outages."
460
+ }
461
+
462
+ validation {
463
+ condition = var.min_size <= 10
464
+ error_message = "Minimum size must be 10 or fewer for cost control."
465
+ }
466
+ }
467
+
468
+ variable "environment" {
469
+ description = "Environment name"
470
+ type = string
471
+
472
+ validation {
473
+ condition = contains(["dev", "stage", "prod"], var.environment)
474
+ error_message = "Environment must be one of: dev, stage, prod."
475
+ }
476
+ }
477
+
478
+ variable "vpc_cidr" {
479
+ description = "CIDR block for VPC"
480
+ type = string
481
+
482
+ validation {
483
+ condition = can(cidrhost(var.vpc_cidr, 0))
484
+ error_message = "VPC CIDR must be a valid CIDR block."
485
+ }
486
+ }
487
+ ```
488
+
489
+ ## 4. 環境管理
490
+
491
+ ### 4.1 環境分離戦略
492
+
493
+ ```plantuml
494
+ @startuml "環境分離"
495
+ rectangle "Global" as global {
496
+ rectangle "共通変数" as common_vars
497
+ rectangle "グローバルリソース" as global_resources
498
+ rectangle "IAM ポリシー" as iam_policies
499
+ }
500
+
501
+ rectangle "Development" as dev {
502
+ rectangle "単一AZ" as dev_az
503
+ rectangle "小規模インスタンス" as dev_instance
504
+ rectangle "開発用DB" as dev_db
505
+ }
506
+
507
+ rectangle "Staging" as stage {
508
+ rectangle "マルチAZ" as stage_az
509
+ rectangle "本番相当" as stage_instance
510
+ rectangle "本番データのコピー" as stage_db
511
+ }
512
+
513
+ rectangle "Production" as prod {
514
+ rectangle "マルチAZ + 冗長化" as prod_az
515
+ rectangle "高性能インスタンス" as prod_instance
516
+ rectangle "レプリカ + バックアップ" as prod_db
517
+ }
518
+
519
+ global --> dev : 共通設定継承
520
+ global --> stage : 共通設定継承
521
+ global --> prod : 共通設定継承
522
+
523
+ @enduml
524
+ ```
525
+
526
+ ### 4.2 グローバル変数管理
527
+
528
+ ```terraform
529
+ # environments/global/variables.tf
530
+ locals {
531
+ project_name = "meeting-room"
532
+
533
+ common_tags = {
534
+ Project = local.project_name
535
+ ManagedBy = "terraform"
536
+ Owner = "platform-team"
537
+ Repository = "meeting-room-infrastructure"
538
+ }
539
+
540
+ environments = {
541
+ dev = {
542
+ name = "dev"
543
+ instance_type = "t3.micro"
544
+ min_size = 1
545
+ max_size = 2
546
+ desired_capacity = 1
547
+ db_instance_class = "db.t3.micro"
548
+ backup_retention = 7
549
+ multi_az = false
550
+ create_replica = false
551
+ }
552
+
553
+ stage = {
554
+ name = "stage"
555
+ instance_type = "t3.small"
556
+ min_size = 2
557
+ max_size = 4
558
+ desired_capacity = 2
559
+ db_instance_class = "db.t3.small"
560
+ backup_retention = 7
561
+ multi_az = true
562
+ create_replica = false
563
+ }
564
+
565
+ prod = {
566
+ name = "prod"
567
+ instance_type = "t3.medium"
568
+ min_size = 2
569
+ max_size = 8
570
+ desired_capacity = 4
571
+ db_instance_class = "db.r6g.large"
572
+ backup_retention = 30
573
+ multi_az = true
574
+ create_replica = true
575
+ }
576
+ }
577
+
578
+ vpc_configs = {
579
+ dev = {
580
+ vpc_cidr = "10.0.0.0/16"
581
+ public_subnet_cidrs = ["10.0.1.0/24", "10.0.2.0/24"]
582
+ private_subnet_cidrs = ["10.0.3.0/24", "10.0.4.0/24"]
583
+ availability_zones = ["ap-northeast-1a", "ap-northeast-1c"]
584
+ }
585
+
586
+ stage = {
587
+ vpc_cidr = "10.1.0.0/16"
588
+ public_subnet_cidrs = ["10.1.1.0/24", "10.1.2.0/24"]
589
+ private_subnet_cidrs = ["10.1.3.0/24", "10.1.4.0/24"]
590
+ availability_zones = ["ap-northeast-1a", "ap-northeast-1c"]
591
+ }
592
+
593
+ prod = {
594
+ vpc_cidr = "10.2.0.0/16"
595
+ public_subnet_cidrs = ["10.2.1.0/24", "10.2.2.0/24"]
596
+ private_subnet_cidrs = ["10.2.3.0/24", "10.2.4.0/24"]
597
+ availability_zones = ["ap-northeast-1a", "ap-northeast-1c"]
598
+ }
599
+ }
600
+ }
601
+
602
+ output "project_config" {
603
+ value = {
604
+ name = local.project_name
605
+ tags = local.common_tags
606
+ environments = local.environments
607
+ vpc_configs = local.vpc_configs
608
+ }
609
+ }
610
+ ```
611
+
612
+ ### 4.3 環境固有の構成
613
+
614
+ ```terraform
615
+ # environments/prod/main.tf
616
+ terraform {
617
+ required_version = ">= 1.0"
618
+
619
+ backend "s3" {
620
+ bucket = "meeting-room-terraform-state"
621
+ key = "prod/terraform.tfstate"
622
+ region = "ap-northeast-1"
623
+ dynamodb_table = "meeting-room-terraform-locks"
624
+ encrypt = true
625
+ }
626
+
627
+ required_providers {
628
+ aws = {
629
+ source = "hashicorp/aws"
630
+ version = "~> 5.0"
631
+ }
632
+ }
633
+ }
634
+
635
+ provider "aws" {
636
+ region = "ap-northeast-1"
637
+
638
+ default_tags {
639
+ tags = local.common_tags
640
+ }
641
+ }
642
+
643
+ # グローバル設定の読み込み
644
+ data "terraform_remote_state" "global" {
645
+ backend = "s3"
646
+
647
+ config = {
648
+ bucket = "meeting-room-terraform-state"
649
+ key = "global/terraform.tfstate"
650
+ region = "ap-northeast-1"
651
+ }
652
+ }
653
+
654
+ locals {
655
+ environment = "prod"
656
+ global_config = data.terraform_remote_state.global.outputs.project_config
657
+ env_config = local.global_config.environments[local.environment]
658
+ vpc_config = local.global_config.vpc_configs[local.environment]
659
+ common_tags = merge(local.global_config.tags, {
660
+ Environment = local.environment
661
+ })
662
+ name_prefix = "${local.global_config.name}-${local.environment}"
663
+ }
664
+
665
+ # ネットワークモジュール
666
+ module "vpc" {
667
+ source = "../../modules/networking/vpc"
668
+
669
+ name_prefix = local.name_prefix
670
+
671
+ vpc_cidr = local.vpc_config.vpc_cidr
672
+ public_subnet_cidrs = local.vpc_config.public_subnet_cidrs
673
+ private_subnet_cidrs = local.vpc_config.private_subnet_cidrs
674
+ availability_zones = local.vpc_config.availability_zones
675
+
676
+ enable_nat_gateway = true
677
+
678
+ tags = local.common_tags
679
+ }
680
+
681
+ # データベースモジュール
682
+ module "database" {
683
+ source = "../../modules/database/postgresql"
684
+
685
+ name_prefix = local.name_prefix
686
+
687
+ subnet_ids = module.vpc.private_subnet_ids
688
+ vpc_id = module.vpc.vpc_id
689
+
690
+ instance_class = local.env_config.db_instance_class
691
+ allocated_storage = 100
692
+ max_allocated_storage = 1000
693
+
694
+ database_name = "meetingroom"
695
+ database_username = local.db_credentials.username
696
+ database_password = local.db_credentials.password
697
+
698
+ backup_retention_period = local.env_config.backup_retention
699
+ multi_az = local.env_config.multi_az
700
+ create_replica = local.env_config.create_replica
701
+
702
+ environment = local.environment
703
+ tags = local.common_tags
704
+ }
705
+
706
+ # Webアプリケーションモジュール
707
+ module "web_app" {
708
+ source = "../../modules/compute/web-app"
709
+
710
+ name_prefix = local.name_prefix
711
+
712
+ vpc_id = module.vpc.vpc_id
713
+ subnet_ids = module.vpc.public_subnet_ids
714
+
715
+ instance_type = local.env_config.instance_type
716
+ min_size = local.env_config.min_size
717
+ max_size = local.env_config.max_size
718
+ desired_capacity = local.env_config.desired_capacity
719
+
720
+ database_url = "postgresql://${local.db_credentials.username}:${local.db_credentials.password}@${module.database.endpoint}/meetingroom"
721
+ app_version = var.app_version
722
+
723
+ environment = local.environment
724
+ tags = local.common_tags
725
+
726
+ depends_on = [module.database]
727
+ }
728
+
729
+ # Secrets Managerからのデータベース認証情報取得
730
+ data "aws_secretsmanager_secret_version" "db_credentials" {
731
+ secret_id = "${local.name_prefix}-db-credentials"
732
+ }
733
+
734
+ locals {
735
+ db_credentials = jsondecode(data.aws_secretsmanager_secret_version.db_credentials.secret_string)
736
+ }
737
+ ```
738
+
739
+ ## 5. セキュリティ設計
740
+
741
+ ### 5.1 シークレット管理
742
+
743
+ ```terraform
744
+ # modules/security/secrets-manager/main.tf
745
+ resource "aws_secretsmanager_secret" "db_credentials" {
746
+ name = "${var.name_prefix}-db-credentials"
747
+ description = "Database credentials for ${var.name_prefix}"
748
+
749
+ recovery_window_in_days = var.environment == "prod" ? 30 : 0
750
+
751
+ tags = merge(var.tags, {
752
+ Name = "${var.name_prefix}-db-credentials"
753
+ Type = "Database"
754
+ })
755
+ }
756
+
757
+ resource "aws_secretsmanager_secret_version" "db_credentials" {
758
+ secret_id = aws_secretsmanager_secret.db_credentials.id
759
+
760
+ secret_string = jsonencode({
761
+ username = var.database_username
762
+ password = var.database_password
763
+ })
764
+
765
+ lifecycle {
766
+ ignore_changes = [secret_string]
767
+ }
768
+ }
769
+
770
+ # 自動ローテーション(本番環境のみ)
771
+ resource "aws_secretsmanager_secret_rotation" "db_credentials" {
772
+ count = var.environment == "prod" ? 1 : 0
773
+
774
+ secret_id = aws_secretsmanager_secret.db_credentials.id
775
+ rotation_lambda_arn = var.rotation_lambda_arn
776
+
777
+ rotation_rules {
778
+ automatically_after_days = 30
779
+ }
780
+ }
781
+ ```
782
+
783
+ ### 5.2 IAM ロール設計
784
+
785
+ ```terraform
786
+ # modules/security/iam/main.tf
787
+ # EC2インスタンス用のIAMロール
788
+ resource "aws_iam_role" "ec2_role" {
789
+ name = "${var.name_prefix}-ec2-role"
790
+
791
+ assume_role_policy = jsonencode({
792
+ Version = "2012-10-17"
793
+ Statement = [
794
+ {
795
+ Action = "sts:AssumeRole"
796
+ Effect = "Allow"
797
+ Principal = {
798
+ Service = "ec2.amazonaws.com"
799
+ }
800
+ }
801
+ ]
802
+ })
803
+
804
+ tags = var.tags
805
+ }
806
+
807
+ # Secrets Manager読み取り権限
808
+ resource "aws_iam_policy" "secrets_manager_policy" {
809
+ name = "${var.name_prefix}-secrets-manager-policy"
810
+
811
+ policy = jsonencode({
812
+ Version = "2012-10-17"
813
+ Statement = [
814
+ {
815
+ Effect = "Allow"
816
+ Action = [
817
+ "secretsmanager:GetSecretValue",
818
+ "secretsmanager:DescribeSecret"
819
+ ]
820
+ Resource = [
821
+ "arn:aws:secretsmanager:${var.region}:${var.account_id}:secret:${var.name_prefix}-db-credentials*"
822
+ ]
823
+ }
824
+ ]
825
+ })
826
+ }
827
+
828
+ resource "aws_iam_role_policy_attachment" "secrets_manager_attachment" {
829
+ policy_arn = aws_iam_policy.secrets_manager_policy.arn
830
+ role = aws_iam_role.ec2_role.name
831
+ }
832
+
833
+ # CloudWatch Logs権限
834
+ resource "aws_iam_policy" "cloudwatch_logs_policy" {
835
+ name = "${var.name_prefix}-cloudwatch-logs-policy"
836
+
837
+ policy = jsonencode({
838
+ Version = "2012-10-17"
839
+ Statement = [
840
+ {
841
+ Effect = "Allow"
842
+ Action = [
843
+ "logs:CreateLogGroup",
844
+ "logs:CreateLogStream",
845
+ "logs:PutLogEvents",
846
+ "logs:DescribeLogStreams"
847
+ ]
848
+ Resource = [
849
+ "arn:aws:logs:${var.region}:${var.account_id}:log-group:/aws/ec2/${var.name_prefix}*"
850
+ ]
851
+ }
852
+ ]
853
+ })
854
+ }
855
+
856
+ resource "aws_iam_role_policy_attachment" "cloudwatch_logs_attachment" {
857
+ policy_arn = aws_iam_policy.cloudwatch_logs_policy.arn
858
+ role = aws_iam_role.ec2_role.name
859
+ }
860
+
861
+ resource "aws_iam_instance_profile" "ec2_profile" {
862
+ name = "${var.name_prefix}-ec2-profile"
863
+ role = aws_iam_role.ec2_role.name
864
+
865
+ tags = var.tags
866
+ }
867
+ ```
868
+
869
+ ### 5.3 セキュリティグループ設計
870
+
871
+ ```terraform
872
+ # modules/security/security-groups/main.tf
873
+ # ALB用セキュリティグループ
874
+ resource "aws_security_group" "alb" {
875
+ name_prefix = "${var.name_prefix}-alb-"
876
+ vpc_id = var.vpc_id
877
+
878
+ ingress {
879
+ description = "HTTP"
880
+ from_port = 80
881
+ to_port = 80
882
+ protocol = "tcp"
883
+ cidr_blocks = ["0.0.0.0/0"]
884
+ }
885
+
886
+ ingress {
887
+ description = "HTTPS"
888
+ from_port = 443
889
+ to_port = 443
890
+ protocol = "tcp"
891
+ cidr_blocks = ["0.0.0.0/0"]
892
+ }
893
+
894
+ egress {
895
+ description = "All outbound"
896
+ from_port = 0
897
+ to_port = 0
898
+ protocol = "-1"
899
+ cidr_blocks = ["0.0.0.0/0"]
900
+ }
901
+
902
+ tags = merge(var.tags, {
903
+ Name = "${var.name_prefix}-alb-sg"
904
+ Type = "LoadBalancer"
905
+ })
906
+
907
+ lifecycle {
908
+ create_before_destroy = true
909
+ }
910
+ }
911
+
912
+ # Web層用セキュリティグループ
913
+ resource "aws_security_group" "web" {
914
+ name_prefix = "${var.name_prefix}-web-"
915
+ vpc_id = var.vpc_id
916
+
917
+ ingress {
918
+ description = "HTTP from ALB"
919
+ from_port = 8080
920
+ to_port = 8080
921
+ protocol = "tcp"
922
+ security_groups = [aws_security_group.alb.id]
923
+ }
924
+
925
+ ingress {
926
+ description = "SSH"
927
+ from_port = 22
928
+ to_port = 22
929
+ protocol = "tcp"
930
+ cidr_blocks = [var.vpc_cidr]
931
+ }
932
+
933
+ egress {
934
+ description = "All outbound"
935
+ from_port = 0
936
+ to_port = 0
937
+ protocol = "-1"
938
+ cidr_blocks = ["0.0.0.0/0"]
939
+ }
940
+
941
+ tags = merge(var.tags, {
942
+ Name = "${var.name_prefix}-web-sg"
943
+ Type = "WebServer"
944
+ })
945
+
946
+ lifecycle {
947
+ create_before_destroy = true
948
+ }
949
+ }
950
+
951
+ # データベース用セキュリティグループ
952
+ resource "aws_security_group" "database" {
953
+ name_prefix = "${var.name_prefix}-db-"
954
+ vpc_id = var.vpc_id
955
+
956
+ ingress {
957
+ description = "PostgreSQL from Web"
958
+ from_port = 5432
959
+ to_port = 5432
960
+ protocol = "tcp"
961
+ security_groups = [aws_security_group.web.id]
962
+ }
963
+
964
+ tags = merge(var.tags, {
965
+ Name = "${var.name_prefix}-db-sg"
966
+ Type = "Database"
967
+ })
968
+
969
+ lifecycle {
970
+ create_before_destroy = true
971
+ }
972
+ }
973
+ ```
974
+
975
+ ## 6. 監視・ロギング
976
+
977
+ ### 6.1 CloudWatch 監視
978
+
979
+ ```terraform
980
+ # modules/monitoring/cloudwatch/main.tf
981
+ # ALB監視
982
+ resource "aws_cloudwatch_metric_alarm" "alb_response_time" {
983
+ alarm_name = "${var.name_prefix}-alb-response-time"
984
+ comparison_operator = "GreaterThanThreshold"
985
+ evaluation_periods = "2"
986
+ metric_name = "TargetResponseTime"
987
+ namespace = "AWS/ApplicationELB"
988
+ period = "300"
989
+ statistic = "Average"
990
+ threshold = "2.0"
991
+ alarm_description = "This metric monitors ALB response time"
992
+ alarm_actions = [aws_sns_topic.alerts.arn]
993
+
994
+ dimensions = {
995
+ LoadBalancer = var.alb_arn_suffix
996
+ }
997
+
998
+ tags = var.tags
999
+ }
1000
+
1001
+ resource "aws_cloudwatch_metric_alarm" "alb_healthy_hosts" {
1002
+ alarm_name = "${var.name_prefix}-alb-healthy-hosts"
1003
+ comparison_operator = "LessThanThreshold"
1004
+ evaluation_periods = "2"
1005
+ metric_name = "HealthyHostCount"
1006
+ namespace = "AWS/ApplicationELB"
1007
+ period = "300"
1008
+ statistic = "Average"
1009
+ threshold = "1"
1010
+ alarm_description = "This metric monitors healthy host count"
1011
+ alarm_actions = [aws_sns_topic.alerts.arn]
1012
+
1013
+ dimensions = {
1014
+ TargetGroup = var.target_group_arn_suffix
1015
+ LoadBalancer = var.alb_arn_suffix
1016
+ }
1017
+
1018
+ tags = var.tags
1019
+ }
1020
+
1021
+ # データベース監視
1022
+ resource "aws_cloudwatch_metric_alarm" "database_cpu" {
1023
+ alarm_name = "${var.name_prefix}-db-cpu"
1024
+ comparison_operator = "GreaterThanThreshold"
1025
+ evaluation_periods = "2"
1026
+ metric_name = "CPUUtilization"
1027
+ namespace = "AWS/RDS"
1028
+ period = "300"
1029
+ statistic = "Average"
1030
+ threshold = "80"
1031
+ alarm_description = "This metric monitors database CPU utilization"
1032
+ alarm_actions = [aws_sns_topic.alerts.arn]
1033
+
1034
+ dimensions = {
1035
+ DBInstanceIdentifier = var.db_instance_id
1036
+ }
1037
+
1038
+ tags = var.tags
1039
+ }
1040
+
1041
+ resource "aws_cloudwatch_metric_alarm" "database_connections" {
1042
+ alarm_name = "${var.name_prefix}-db-connections"
1043
+ comparison_operator = "GreaterThanThreshold"
1044
+ evaluation_periods = "2"
1045
+ metric_name = "DatabaseConnections"
1046
+ namespace = "AWS/RDS"
1047
+ period = "300"
1048
+ statistic = "Average"
1049
+ threshold = "80"
1050
+ alarm_description = "This metric monitors database connection count"
1051
+ alarm_actions = [aws_sns_topic.alerts.arn]
1052
+
1053
+ dimensions = {
1054
+ DBInstanceIdentifier = var.db_instance_id
1055
+ }
1056
+
1057
+ tags = var.tags
1058
+ }
1059
+
1060
+ # SNS通知設定
1061
+ resource "aws_sns_topic" "alerts" {
1062
+ name = "${var.name_prefix}-alerts"
1063
+
1064
+ tags = var.tags
1065
+ }
1066
+
1067
+ resource "aws_sns_topic_subscription" "email_alerts" {
1068
+ count = length(var.alert_email_addresses)
1069
+
1070
+ topic_arn = aws_sns_topic.alerts.arn
1071
+ protocol = "email"
1072
+ endpoint = var.alert_email_addresses[count.index]
1073
+ }
1074
+
1075
+ # カスタムメトリクス
1076
+ resource "aws_cloudwatch_log_group" "app_logs" {
1077
+ name = "/aws/ec2/${var.name_prefix}/application"
1078
+ retention_in_days = var.log_retention_days
1079
+
1080
+ tags = var.tags
1081
+ }
1082
+
1083
+ resource "aws_cloudwatch_log_group" "access_logs" {
1084
+ name = "/aws/ec2/${var.name_prefix}/access"
1085
+ retention_in_days = var.log_retention_days
1086
+
1087
+ tags = var.tags
1088
+ }
1089
+ ```
1090
+
1091
+ ## 7. テスト戦略
1092
+
1093
+ ### 7.1 単体テスト
1094
+
1095
+ ```go
1096
+ // test/unit/vpc_test.go
1097
+ package test
1098
+
1099
+ import (
1100
+ "testing"
1101
+
1102
+ "github.com/gruntwork-io/terratest/modules/terraform"
1103
+ "github.com/stretchr/testify/assert"
1104
+ )
1105
+
1106
+ func TestVPCModule(t *testing.T) {
1107
+ t.Parallel()
1108
+
1109
+ terraformOptions := terraform.WithDefaultRetryableErrors(t, &terraform.Options{
1110
+ TerraformDir: "../modules/networking/vpc",
1111
+ Vars: map[string]interface{}{
1112
+ "name_prefix": "test-vpc",
1113
+ "vpc_cidr": "10.0.0.0/16",
1114
+ "public_subnet_cidrs": []string{
1115
+ "10.0.1.0/24",
1116
+ "10.0.2.0/24",
1117
+ },
1118
+ "private_subnet_cidrs": []string{
1119
+ "10.0.3.0/24",
1120
+ "10.0.4.0/24",
1121
+ },
1122
+ "availability_zones": []string{
1123
+ "ap-northeast-1a",
1124
+ "ap-northeast-1c",
1125
+ },
1126
+ "enable_nat_gateway": true,
1127
+ "tags": map[string]string{
1128
+ "Test": "true",
1129
+ "Environment": "test",
1130
+ },
1131
+ },
1132
+ })
1133
+
1134
+ defer terraform.Destroy(t, terraformOptions)
1135
+ terraform.InitAndApply(t, terraformOptions)
1136
+
1137
+ // 出力値の検証
1138
+ vpcId := terraform.Output(t, terraformOptions, "vpc_id")
1139
+ assert.NotEmpty(t, vpcId, "VPC ID should not be empty")
1140
+
1141
+ publicSubnetIds := terraform.OutputList(t, terraformOptions, "public_subnet_ids")
1142
+ assert.Len(t, publicSubnetIds, 2, "Should create 2 public subnets")
1143
+
1144
+ privateSubnetIds := terraform.OutputList(t, terraformOptions, "private_subnet_ids")
1145
+ assert.Len(t, privateSubnetIds, 2, "Should create 2 private subnets")
1146
+ }
1147
+ ```
1148
+
1149
+ ### 7.2 統合テスト
1150
+
1151
+ ```go
1152
+ // test/integration/full_stack_test.go
1153
+ package test
1154
+
1155
+ import (
1156
+ "fmt"
1157
+ "testing"
1158
+ "time"
1159
+
1160
+ http_helper "github.com/gruntwork-io/terratest/modules/http-helper"
1161
+ "github.com/gruntwork-io/terratest/modules/random"
1162
+ "github.com/gruntwork-io/terratest/modules/terraform"
1163
+ test_structure "github.com/gruntwork-io/terratest/modules/test-structure"
1164
+ )
1165
+
1166
+ const envDir = "../environments/stage"
1167
+
1168
+ func TestFullStackDeployment(t *testing.T) {
1169
+ t.Parallel()
1170
+
1171
+ // ステージベースのテスト実行
1172
+ defer test_structure.RunTestStage(t, "cleanup", func() {
1173
+ terraformOptions := test_structure.LoadTerraformOptions(t, envDir)
1174
+ terraform.Destroy(t, terraformOptions)
1175
+ })
1176
+
1177
+ test_structure.RunTestStage(t, "deploy", func() {
1178
+ uniqueId := random.UniqueId()
1179
+ terraformOptions := &terraform.Options{
1180
+ TerraformDir: envDir,
1181
+ Vars: map[string]interface{}{
1182
+ "app_version": "test-" + uniqueId,
1183
+ "integration_test": true,
1184
+ "environment_suffix": uniqueId,
1185
+ },
1186
+ }
1187
+
1188
+ test_structure.SaveTerraformOptions(t, envDir, terraformOptions)
1189
+ terraform.InitAndApply(t, terraformOptions)
1190
+ })
1191
+
1192
+ test_structure.RunTestStage(t, "validate", func() {
1193
+ terraformOptions := test_structure.LoadTerraformOptions(t, envDir)
1194
+
1195
+ // ALB エンドポイントの取得
1196
+ albDnsName := terraform.Output(t, terraformOptions, "alb_dns_name")
1197
+ url := fmt.Sprintf("http://%s", albDnsName)
1198
+
1199
+ // ヘルスチェック
1200
+ http_helper.HttpGetWithRetryWithCustomValidation(
1201
+ t,
1202
+ fmt.Sprintf("%s/health", url),
1203
+ nil,
1204
+ 30,
1205
+ 10*time.Second,
1206
+ func(statusCode int, body string) bool {
1207
+ return statusCode == 200
1208
+ },
1209
+ )
1210
+
1211
+ // アプリケーション機能テスト
1212
+ http_helper.HttpGetWithRetryWithCustomValidation(
1213
+ t,
1214
+ fmt.Sprintf("%s/api/meeting-rooms", url),
1215
+ nil,
1216
+ 10,
1217
+ 5*time.Second,
1218
+ func(statusCode int, body string) bool {
1219
+ return statusCode == 200
1220
+ },
1221
+ )
1222
+ })
1223
+ }
1224
+ ```
1225
+
1226
+ ### 7.3 セキュリティテスト
1227
+
1228
+ ```go
1229
+ // test/security/security_test.go
1230
+ package test
1231
+
1232
+ import (
1233
+ "testing"
1234
+
1235
+ "github.com/gruntwork-io/terratest/modules/terraform"
1236
+ "github.com/stretchr/testify/assert"
1237
+ )
1238
+
1239
+ func TestSecurityConfiguration(t *testing.T) {
1240
+ t.Parallel()
1241
+
1242
+ terraformOptions := terraform.WithDefaultRetryableErrors(t, &terraform.Options{
1243
+ TerraformDir: "../environments/prod",
1244
+ PlanFilePath: "./tfplan",
1245
+ })
1246
+
1247
+ // terraform plan の実行
1248
+ terraform.InitAndPlan(t, terraformOptions)
1249
+ plan := terraform.ShowWithStruct(t, terraformOptions)
1250
+
1251
+ // セキュリティ設定の検証
1252
+ t.Run("Database encryption", func(t *testing.T) {
1253
+ dbInstances := plan.ResourcesByType["aws_db_instance"]
1254
+ for _, instance := range dbInstances {
1255
+ storageEncrypted := instance.AttributeValues["storage_encrypted"]
1256
+ assert.True(t, storageEncrypted.(bool), "Database storage should be encrypted")
1257
+ }
1258
+ })
1259
+
1260
+ t.Run("Security group rules", func(t *testing.T) {
1261
+ securityGroups := plan.ResourcesByType["aws_security_group"]
1262
+ for _, sg := range securityGroups {
1263
+ ingress := sg.AttributeValues["ingress"].([]interface{})
1264
+ for _, rule := range ingress {
1265
+ ruleMap := rule.(map[string]interface{})
1266
+ cidrBlocks := ruleMap["cidr_blocks"].([]interface{})
1267
+
1268
+ // 0.0.0.0/0 からのSSH接続を禁止
1269
+ if ruleMap["from_port"].(float64) == 22 {
1270
+ assert.NotContains(t, cidrBlocks, "0.0.0.0/0",
1271
+ "SSH should not be open to the world")
1272
+ }
1273
+ }
1274
+ }
1275
+ })
1276
+
1277
+ t.Run("Deletion protection", func(t *testing.T) {
1278
+ dbInstances := plan.ResourcesByType["aws_db_instance"]
1279
+ for _, instance := range dbInstances {
1280
+ if instance.AttributeValues["identifier"].(string) == "meeting-room-prod-db" {
1281
+ deletionProtection := instance.AttributeValues["deletion_protection"]
1282
+ assert.True(t, deletionProtection.(bool),
1283
+ "Production database should have deletion protection enabled")
1284
+ }
1285
+ }
1286
+ })
1287
+ }
1288
+ ```
1289
+
1290
+ ## 8. CI/CD 統合
1291
+
1292
+ ### 8.1 GitHub Actions ワークフロー
1293
+
1294
+ ```yaml
1295
+ # .github/workflows/terraform.yml
1296
+ name: Terraform Infrastructure
1297
+
1298
+ on:
1299
+ push:
1300
+ branches: [main, develop]
1301
+ paths: ['terraform/**']
1302
+ pull_request:
1303
+ branches: [main]
1304
+ paths: ['terraform/**']
1305
+
1306
+ env:
1307
+ TF_VERSION: 1.5.0
1308
+ TF_IN_AUTOMATION: true
1309
+
1310
+ permissions:
1311
+ id-token: write
1312
+ contents: read
1313
+ pull-requests: write
1314
+
1315
+ jobs:
1316
+ validate:
1317
+ name: Validate Terraform
1318
+ runs-on: ubuntu-latest
1319
+
1320
+ steps:
1321
+ - name: Checkout
1322
+ uses: actions/checkout@v4
1323
+
1324
+ - name: Setup Terraform
1325
+ uses: hashicorp/setup-terraform@v3
1326
+ with:
1327
+ terraform_version: ${{ env.TF_VERSION }}
1328
+
1329
+ - name: Terraform Format Check
1330
+ run: terraform fmt -check -recursive ./terraform/
1331
+
1332
+ - name: Terraform Validate
1333
+ run: |
1334
+ find ./terraform -name "*.tf" -path "*/modules/*" -execdir terraform init -backend=false \;
1335
+ find ./terraform -name "*.tf" -path "*/modules/*" -execdir terraform validate \;
1336
+
1337
+ plan:
1338
+ name: Plan Infrastructure
1339
+ runs-on: ubuntu-latest
1340
+ if: github.event_name == 'pull_request'
1341
+ needs: [validate]
1342
+
1343
+ strategy:
1344
+ matrix:
1345
+ environment: [dev, stage]
1346
+
1347
+ steps:
1348
+ - name: Checkout
1349
+ uses: actions/checkout@v4
1350
+
1351
+ - name: Configure AWS credentials
1352
+ uses: aws-actions/configure-aws-credentials@v4
1353
+ with:
1354
+ role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
1355
+ role-session-name: terraform-${{ matrix.environment }}
1356
+ aws-region: ap-northeast-1
1357
+
1358
+ - name: Setup Terraform
1359
+ uses: hashicorp/setup-terraform@v3
1360
+ with:
1361
+ terraform_version: ${{ env.TF_VERSION }}
1362
+
1363
+ - name: Terraform Init
1364
+ working-directory: ./terraform/environments/${{ matrix.environment }}
1365
+ run: terraform init
1366
+
1367
+ - name: Terraform Plan
1368
+ working-directory: ./terraform/environments/${{ matrix.environment }}
1369
+ run: |
1370
+ terraform plan -out=tfplan -var="app_version=${{ github.sha }}"
1371
+ terraform show -no-color tfplan > plan.txt
1372
+
1373
+ - name: Comment PR with Plan
1374
+ uses: actions/github-script@v7
1375
+ with:
1376
+ script: |
1377
+ const fs = require('fs');
1378
+ const plan = fs.readFileSync('./terraform/environments/${{ matrix.environment }}/plan.txt', 'utf8');
1379
+ const truncatedPlan = plan.length > 65000 ? plan.substring(0, 65000) + "\n...truncated" : plan;
1380
+
1381
+ github.rest.issues.createComment({
1382
+ issue_number: context.issue.number,
1383
+ owner: context.repo.owner,
1384
+ repo: context.repo.repo,
1385
+ body: `## Terraform Plan (${{ matrix.environment }})
1386
+
1387
+ \`\`\`
1388
+ ${truncatedPlan}
1389
+ \`\`\`
1390
+ `
1391
+ });
1392
+
1393
+ deploy-dev:
1394
+ name: Deploy to Development
1395
+ runs-on: ubuntu-latest
1396
+ if: github.ref == 'refs/heads/develop'
1397
+ needs: [validate]
1398
+ environment: development
1399
+
1400
+ steps:
1401
+ - name: Checkout
1402
+ uses: actions/checkout@v4
1403
+
1404
+ - name: Configure AWS credentials
1405
+ uses: aws-actions/configure-aws-credentials@v4
1406
+ with:
1407
+ role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
1408
+ role-session-name: terraform-dev
1409
+ aws-region: ap-northeast-1
1410
+
1411
+ - name: Setup Terraform
1412
+ uses: hashicorp/setup-terraform@v3
1413
+ with:
1414
+ terraform_version: ${{ env.TF_VERSION }}
1415
+
1416
+ - name: Terraform Init
1417
+ working-directory: ./terraform/environments/dev
1418
+ run: terraform init
1419
+
1420
+ - name: Terraform Apply
1421
+ working-directory: ./terraform/environments/dev
1422
+ run: terraform apply -auto-approve -var="app_version=${{ github.sha }}"
1423
+
1424
+ deploy-stage:
1425
+ name: Deploy to Staging
1426
+ runs-on: ubuntu-latest
1427
+ if: github.ref == 'refs/heads/main'
1428
+ needs: [validate]
1429
+ environment: staging
1430
+
1431
+ steps:
1432
+ - name: Checkout
1433
+ uses: actions/checkout@v4
1434
+
1435
+ - name: Configure AWS credentials
1436
+ uses: aws-actions/configure-aws-credentials@v4
1437
+ with:
1438
+ role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
1439
+ role-session-name: terraform-stage
1440
+ aws-region: ap-northeast-1
1441
+
1442
+ - name: Setup Terraform
1443
+ uses: hashicorp/setup-terraform@v3
1444
+ with:
1445
+ terraform_version: ${{ env.TF_VERSION }}
1446
+
1447
+ - name: Terraform Init
1448
+ working-directory: ./terraform/environments/stage
1449
+ run: terraform init
1450
+
1451
+ - name: Terraform Apply
1452
+ working-directory: ./terraform/environments/stage
1453
+ run: terraform apply -auto-approve -var="app_version=${{ github.sha }}"
1454
+
1455
+ deploy-prod:
1456
+ name: Deploy to Production
1457
+ runs-on: ubuntu-latest
1458
+ if: github.ref == 'refs/heads/main'
1459
+ needs: [deploy-stage]
1460
+ environment: production
1461
+
1462
+ steps:
1463
+ - name: Checkout
1464
+ uses: actions/checkout@v4
1465
+
1466
+ - name: Configure AWS credentials
1467
+ uses: aws-actions/configure-aws-credentials@v4
1468
+ with:
1469
+ role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
1470
+ role-session-name: terraform-prod
1471
+ aws-region: ap-northeast-1
1472
+
1473
+ - name: Setup Terraform
1474
+ uses: hashicorp/setup-terraform@v3
1475
+ with:
1476
+ terraform_version: ${{ env.TF_VERSION }}
1477
+
1478
+ - name: Terraform Init
1479
+ working-directory: ./terraform/environments/prod
1480
+ run: terraform init
1481
+
1482
+ - name: Terraform Plan
1483
+ working-directory: ./terraform/environments/prod
1484
+ run: terraform plan -out=tfplan -var="app_version=${{ github.sha }}"
1485
+
1486
+ - name: Manual Approval Required
1487
+ run: |
1488
+ echo "Production deployment requires manual approval"
1489
+ echo "Review the plan and approve in GitHub Actions"
1490
+
1491
+ - name: Terraform Apply
1492
+ working-directory: ./terraform/environments/prod
1493
+ run: terraform apply tfplan
1494
+ ```
1495
+
1496
+ ### 8.2 OIDC 設定
1497
+
1498
+ ```terraform
1499
+ # terraform/iam-oidc/main.tf
1500
+ resource "aws_iam_openid_connect_provider" "github" {
1501
+ url = "https://token.actions.githubusercontent.com"
1502
+
1503
+ client_id_list = [
1504
+ "sts.amazonaws.com",
1505
+ ]
1506
+
1507
+ thumbprint_list = [
1508
+ "6938fd4d98bab03faadb97b34396831e3780aea1",
1509
+ "1c58a3a8518e8759bf075b76b750d4f2df264fcd"
1510
+ ]
1511
+
1512
+ tags = {
1513
+ Name = "github-actions-oidc"
1514
+ ManagedBy = "terraform"
1515
+ }
1516
+ }
1517
+
1518
+ resource "aws_iam_role" "github_actions" {
1519
+ name = "github-actions-terraform"
1520
+
1521
+ assume_role_policy = jsonencode({
1522
+ Version = "2012-10-17"
1523
+ Statement = [
1524
+ {
1525
+ Action = "sts:AssumeRoleWithWebIdentity"
1526
+ Effect = "Allow"
1527
+ Principal = {
1528
+ Federated = aws_iam_openid_connect_provider.github.arn
1529
+ }
1530
+ Condition = {
1531
+ StringEquals = {
1532
+ "token.actions.githubusercontent.com:aud" = "sts.amazonaws.com"
1533
+ }
1534
+ StringLike = {
1535
+ "token.actions.githubusercontent.com:sub" = "repo:organization/meeting-room-infrastructure:*"
1536
+ }
1537
+ }
1538
+ }
1539
+ ]
1540
+ })
1541
+
1542
+ tags = {
1543
+ Name = "github-actions-terraform"
1544
+ ManagedBy = "terraform"
1545
+ }
1546
+ }
1547
+
1548
+ resource "aws_iam_role_policy" "github_actions_terraform" {
1549
+ name = "terraform-permissions"
1550
+ role = aws_iam_role.github_actions.id
1551
+
1552
+ policy = jsonencode({
1553
+ Version = "2012-10-17"
1554
+ Statement = [
1555
+ {
1556
+ Effect = "Allow"
1557
+ Action = [
1558
+ "ec2:*",
1559
+ "rds:*",
1560
+ "elasticloadbalancing:*",
1561
+ "autoscaling:*",
1562
+ "iam:*",
1563
+ "s3:*",
1564
+ "dynamodb:*",
1565
+ "secretsmanager:*",
1566
+ "logs:*",
1567
+ "cloudwatch:*",
1568
+ "sns:*"
1569
+ ]
1570
+ Resource = "*"
1571
+ }
1572
+ ]
1573
+ })
1574
+ }
1575
+ ```
1576
+
1577
+ ## 9. コスト最適化
1578
+
1579
+ ### 9.1 リソース最適化
1580
+
1581
+ ```terraform
1582
+ # modules/cost-optimization/spot-instances/main.tf
1583
+ resource "aws_launch_template" "spot" {
1584
+ name_prefix = "${var.name_prefix}-spot-"
1585
+
1586
+ image_id = var.ami_id
1587
+ instance_type = var.instance_type
1588
+ key_name = var.key_name
1589
+
1590
+ vpc_security_group_ids = var.security_group_ids
1591
+
1592
+ instance_market_options {
1593
+ market_type = "spot"
1594
+ spot_options {
1595
+ spot_instance_type = "one-time"
1596
+ max_price = var.spot_price
1597
+ }
1598
+ }
1599
+
1600
+ user_data = var.user_data
1601
+
1602
+ tag_specifications {
1603
+ resource_type = "instance"
1604
+ tags = merge(var.tags, {
1605
+ Name = "${var.name_prefix}-spot-instance"
1606
+ })
1607
+ }
1608
+
1609
+ lifecycle {
1610
+ create_before_destroy = true
1611
+ }
1612
+ }
1613
+
1614
+ resource "aws_autoscaling_group" "spot" {
1615
+ name = "${var.name_prefix}-spot-asg"
1616
+
1617
+ vpc_zone_identifier = var.subnet_ids
1618
+ target_group_arns = var.target_group_arns
1619
+ health_check_type = "ELB"
1620
+
1621
+ min_size = var.min_size
1622
+ max_size = var.max_size
1623
+ desired_capacity = var.desired_capacity
1624
+
1625
+ mixed_instances_policy {
1626
+ launch_template {
1627
+ launch_template_specification {
1628
+ launch_template_id = aws_launch_template.spot.id
1629
+ version = "$Latest"
1630
+ }
1631
+ }
1632
+
1633
+ instances_distribution {
1634
+ on_demand_base_capacity = var.on_demand_base_capacity
1635
+ on_demand_percentage_above_base_capacity = var.on_demand_percentage
1636
+ spot_allocation_strategy = "diversified"
1637
+ spot_instance_pools = 4
1638
+ }
1639
+ }
1640
+
1641
+ tag {
1642
+ key = "Name"
1643
+ value = "${var.name_prefix}-spot-asg"
1644
+ propagate_at_launch = false
1645
+ }
1646
+ }
1647
+ ```
1648
+
1649
+ ### 9.2 スケジューリングと自動化
1650
+
1651
+ ```terraform
1652
+ # modules/scheduling/auto-shutdown/main.tf
1653
+ resource "aws_lambda_function" "auto_shutdown" {
1654
+ filename = "auto_shutdown.zip"
1655
+ function_name = "${var.name_prefix}-auto-shutdown"
1656
+ role = aws_iam_role.lambda_role.arn
1657
+ handler = "lambda_function.lambda_handler"
1658
+ runtime = "python3.9"
1659
+ timeout = 300
1660
+
1661
+ source_code_hash = data.archive_file.auto_shutdown_zip.output_base64sha256
1662
+
1663
+ environment {
1664
+ variables = {
1665
+ ENVIRONMENT = var.environment
1666
+ TAG_KEY = "AutoShutdown"
1667
+ TAG_VALUE = "enabled"
1668
+ }
1669
+ }
1670
+
1671
+ tags = var.tags
1672
+ }
1673
+
1674
+ resource "aws_cloudwatch_event_rule" "auto_shutdown_schedule" {
1675
+ count = var.environment == "dev" ? 1 : 0
1676
+
1677
+ name = "${var.name_prefix}-auto-shutdown"
1678
+ description = "Schedule for auto shutdown of development resources"
1679
+ schedule_expression = "cron(0 18 ? * MON-FRI *)" # 平日18時
1680
+
1681
+ tags = var.tags
1682
+ }
1683
+
1684
+ resource "aws_cloudwatch_event_target" "lambda_target" {
1685
+ count = var.environment == "dev" ? 1 : 0
1686
+
1687
+ rule = aws_cloudwatch_event_rule.auto_shutdown_schedule[0].name
1688
+ target_id = "AutoShutdownTarget"
1689
+ arn = aws_lambda_function.auto_shutdown.arn
1690
+ }
1691
+
1692
+ resource "aws_lambda_permission" "allow_cloudwatch" {
1693
+ count = var.environment == "dev" ? 1 : 0
1694
+
1695
+ statement_id = "AllowExecutionFromCloudWatch"
1696
+ action = "lambda:InvokeFunction"
1697
+ function_name = aws_lambda_function.auto_shutdown.function_name
1698
+ principal = "events.amazonaws.com"
1699
+ source_arn = aws_cloudwatch_event_rule.auto_shutdown_schedule[0].arn
1700
+ }
1701
+ ```
1702
+
1703
+ ## 10. 災害対策・冗長化
1704
+
1705
+ ### 10.1 マルチ AZ 構成
1706
+
1707
+ ```plantuml
1708
+ @startuml "マルチAZ構成"
1709
+ cloud "AWS Cloud" {
1710
+ rectangle "Region: ap-northeast-1" as region {
1711
+ rectangle "Availability Zone 1a" as az1 {
1712
+ node "Web Server 1" as web1
1713
+ database "DB Primary" as db1
1714
+ }
1715
+
1716
+ rectangle "Availability Zone 1c" as az2 {
1717
+ node "Web Server 2" as web2
1718
+ database "DB Standby" as db2
1719
+ }
1720
+
1721
+ component "Application Load Balancer" as alb {
1722
+ component "Health Check" as hc
1723
+ }
1724
+
1725
+ storage "S3 Bucket" as s3 {
1726
+ folder "Static Assets" as assets
1727
+ folder "Backup Data" as backup
1728
+ }
1729
+ }
1730
+ }
1731
+
1732
+ alb --> web1
1733
+ alb --> web2
1734
+ web1 --> db1
1735
+ web2 --> db1
1736
+ db1 --> db2 : Synchronous\nReplication
1737
+ web1 --> s3
1738
+ web2 --> s3
1739
+
1740
+ note right of alb : トラフィック分散\nヘルスチェック
1741
+ note right of db2 : 自動フェイルオーバー\n(Multi-AZ)
1742
+
1743
+ @enduml
1744
+ ```
1745
+
1746
+ ### 10.2 バックアップ戦略
1747
+
1748
+ ```terraform
1749
+ # modules/backup/automated-backup/main.tf
1750
+ resource "aws_backup_vault" "main" {
1751
+ name = "${var.name_prefix}-backup-vault"
1752
+ kms_key_arn = aws_kms_key.backup.arn
1753
+
1754
+ tags = var.tags
1755
+ }
1756
+
1757
+ resource "aws_kms_key" "backup" {
1758
+ description = "KMS key for backup vault encryption"
1759
+ deletion_window_in_days = 30
1760
+
1761
+ tags = merge(var.tags, {
1762
+ Name = "${var.name_prefix}-backup-kms"
1763
+ })
1764
+ }
1765
+
1766
+ resource "aws_backup_plan" "main" {
1767
+ name = "${var.name_prefix}-backup-plan"
1768
+
1769
+ rule {
1770
+ rule_name = "daily_backup"
1771
+ target_vault_name = aws_backup_vault.main.name
1772
+ schedule = "cron(0 2 ? * * *)" # 毎日午前2時
1773
+
1774
+ lifecycle {
1775
+ cold_storage_after = 30
1776
+ delete_after = 120
1777
+ }
1778
+
1779
+ recovery_point_tags = merge(var.tags, {
1780
+ BackupType = "Daily"
1781
+ })
1782
+ }
1783
+
1784
+ rule {
1785
+ rule_name = "weekly_backup"
1786
+ target_vault_name = aws_backup_vault.main.name
1787
+ schedule = "cron(0 2 ? * SUN *)" # 毎週日曜日午前2時
1788
+
1789
+ lifecycle {
1790
+ cold_storage_after = 30
1791
+ delete_after = 365
1792
+ }
1793
+
1794
+ recovery_point_tags = merge(var.tags, {
1795
+ BackupType = "Weekly"
1796
+ })
1797
+ }
1798
+
1799
+ tags = var.tags
1800
+ }
1801
+
1802
+ resource "aws_backup_selection" "database" {
1803
+ iam_role_arn = aws_iam_role.backup.arn
1804
+ name = "${var.name_prefix}-db-backup-selection"
1805
+ plan_id = aws_backup_plan.main.id
1806
+
1807
+ resources = [
1808
+ var.rds_db_instance_arn
1809
+ ]
1810
+
1811
+ condition {
1812
+ string_equals {
1813
+ key = "aws:ResourceTag/Environment"
1814
+ value = var.environment
1815
+ }
1816
+ }
1817
+ }
1818
+ ```
1819
+
1820
+ ## 11. まとめ
1821
+
1822
+ ### 11.1 ベストプラクティス チェックリスト
1823
+
1824
+ ```yaml
1825
+ インフラコード品質:
1826
+ - [ ] すべてのリソースがコードで定義されている
1827
+ - [ ] バージョン管理されている
1828
+ - [ ] 適切なコメントとドキュメントがある
1829
+ - [ ] 命名規則に従っている
1830
+
1831
+ モジュール設計:
1832
+ - [ ] 単一責任の原則に従っている
1833
+ - [ ] 再利用可能な設計になっている
1834
+ - [ ] 入力検証が実装されている
1835
+ - [ ] 適切な出力値が定義されている
1836
+
1837
+ セキュリティ:
1838
+ - [ ] シークレット管理が適切に実装されている
1839
+ - [ ] IAM権限が最小権限になっている
1840
+ - [ ] セキュリティグループが適切に設定されている
1841
+ - [ ] 暗号化が有効になっている
1842
+
1843
+ 運用:
1844
+ - [ ] 監視・アラートが設定されている
1845
+ - [ ] ログ収集が実装されている
1846
+ - [ ] バックアップ戦略が定義されている
1847
+ - [ ] 災害対策が考慮されている
1848
+
1849
+ テスト:
1850
+ - [ ] 単体テストが実装されている
1851
+ - [ ] 統合テストが実装されている
1852
+ - [ ] セキュリティテストが実装されている
1853
+ - [ ] CI/CDパイプラインが構築されている
1854
+ ```
1855
+
1856
+ ### 11.2 継続的改善
1857
+
1858
+ ```plantuml
1859
+ @startuml "継続的改善サイクル"
1860
+ circle "Plan" as plan
1861
+ circle "Code" as code
1862
+ circle "Build" as build
1863
+ circle "Test" as test
1864
+ circle "Deploy" as deploy
1865
+ circle "Monitor" as monitor
1866
+ circle "Learn" as learn
1867
+
1868
+ plan --> code : 要件定義\nアーキテクチャ設計
1869
+ code --> build : Terraform\nコード作成
1870
+ build --> test : 静的解析\n単体テスト
1871
+ test --> deploy : 統合テスト\n本番デプロイ
1872
+ deploy --> monitor : 監視\nログ収集
1873
+ monitor --> learn : 分析\n改善点抽出
1874
+ learn --> plan : フィードバック\n次期計画
1875
+
1876
+ @enduml
1877
+ ```
1878
+
1879
1879
  このインフラ設計ガイドに従うことで、会議室予約システムの安全で効率的なインフラストラクチャを構築・運用できます。