tf-starter 1.0.0

package/tf_starter/templates/aws/environments/main.tf.j2

@@ -0,0 +1,85 @@
+# ---------------------------------------------------------------------------------------------------------------------
+# ENVIRONMENT: {{ environment | upper }}
+# Project: {{ project_name }}
+# Generated by tf-starter
+# ---------------------------------------------------------------------------------------------------------------------
+
+module "{{ project_name | replace('-', '_') }}" {
+  source = "../../"
+
+  environment = "{{ environment }}"
+  region      = "{{ region }}"
+
+  # ----- Network -----
+  vpc_cidr             = var.vpc_cidr
+  public_subnet_cidrs  = var.public_subnet_cidrs
+  private_subnet_cidrs = var.private_subnet_cidrs
+  availability_zones   = var.availability_zones
+
+  {% if "compute" in services %}
+  # ----- Compute -----
+  {% if environment == "prod" %}
+  instance_type    = "t3.large"
+  asg_min_size     = 2
+  asg_max_size     = 8
+  asg_desired_capacity = 4
+  {% elif environment == "staging" %}
+  instance_type    = "t3.medium"
+  asg_min_size     = 1
+  asg_max_size     = 4
+  asg_desired_capacity = 2
+  {% else %}
+  instance_type    = "t3.small"
+  asg_min_size     = 1
+  asg_max_size     = 2
+  asg_desired_capacity = 1
+  {% endif %}
+  {% endif %}
+
+  {% if "database" in services %}
+  # ----- Database -----
+  {% if environment == "prod" %}
+  db_instance_class    = "db.r6g.large"
+  db_allocated_storage = 100
+  {% elif environment == "staging" %}
+  db_instance_class    = "db.t3.medium"
+  db_allocated_storage = 50
+  {% else %}
+  db_instance_class    = "db.t3.micro"
+  db_allocated_storage = 20
+  {% endif %}
+  db_name     = "{{ project_name | replace('-', '_') }}_{{ environment }}"
+  db_username = var.db_username
+  {% endif %}
+
+  {% if "kubernetes" in services %}
+  # ----- Kubernetes -----
+  {% if environment == "prod" %}
+  eks_node_instance_type = "t3.xlarge"
+  eks_node_desired_size  = 3
+  eks_node_min_size      = 2
+  eks_node_max_size      = 10
+  {% else %}
+  eks_node_instance_type = "t3.large"
+  eks_node_desired_size  = 2
+  eks_node_min_size      = 1
+  eks_node_max_size      = 5
+  {% endif %}
+  {% endif %}
+
+  {% if "monitoring" in services %}
+  # ----- Monitoring -----
+  alarm_email = var.alarm_email
+  {% endif %}
+
+  {% if "messaging" in services %}
+  # ----- Messaging -----
+  sqs_message_retention  = var.sqs_message_retention
+  sqs_visibility_timeout = var.sqs_visibility_timeout
+  {% endif %}
+
+  {% if "storage" in services %}
+  # ----- Storage -----
+  s3_enable_versioning = var.s3_enable_versioning
+  {% endif %}
+}

package/tf_starter/templates/aws/environments/terraform.tfvars.j2

@@ -0,0 +1,52 @@
+# ---------------------------------------------------------------------------------------------------------------------
+# ENVIRONMENT TFVARS: {{ environment | upper }}
+# Project: {{ project_name }}
+#
+# ### MUST EDIT THIS ###
+# Update these values for your {{ environment }} environment.
+# ---------------------------------------------------------------------------------------------------------------------
+
+vpc_cidr             = "10.0.0.0/16"
+public_subnet_cidrs  = ["10.0.1.0/24", "10.0.2.0/24"]
+private_subnet_cidrs = ["10.0.10.0/24", "10.0.11.0/24"]
+availability_zones   = ["{{ region }}a", "{{ region }}b"]
+
+{% if "lambda" in services %}
+lambda_function_name = "app"
+lambda_runtime       = "python3.12"
+lambda_handler       = "index.handler"
+lambda_timeout       = {% if environment == "prod" %}60{% else %}30{% endif %}
+
+lambda_memory_size   = {% if environment == "prod" %}512{% else %}256{% endif %}
+
+lambda_deploy_in_vpc = {{ (environment == "prod") | tf_bool }}
+{% endif %}
+
+{% if "apigateway" in services %}
+apigw_endpoint_type      = "REGIONAL"
+apigw_throttle_burst_limit = {% if environment == "prod" %}500{% else %}100{% endif %}
+
+apigw_throttle_rate_limit  = {% if environment == "prod" %}200{% else %}50{% endif %}
+
+apigw_enable_cors          = true
+{% endif %}
+
+{% if "database" in services %}
+### MUST EDIT THIS ###
+db_username = "dbadmin"
+{% endif %}
+
+{% if "monitoring" in services %}
+### MUST EDIT THIS ###
+alarm_email = "alerts@example.com"
+{% endif %}
+
+{% if "messaging" in services %}
+sqs_message_retention  = {% if environment == "prod" %}1209600{% else %}345600{% endif %}
+
+sqs_visibility_timeout = 30
+{% endif %}
+
+{% if "storage" in services %}
+s3_enable_versioning = {{ (environment == "prod") | tf_bool }}
+{% endif %}

package/tf_starter/templates/aws/environments/variables.tf.j2

@@ -0,0 +1,127 @@
+# ---------------------------------------------------------------------------------------------------------------------
+# ENVIRONMENT VARIABLES: {{ environment | upper }}
+# Project: {{ project_name }}
+# Generated by tf-starter
+# ---------------------------------------------------------------------------------------------------------------------
+
+variable "vpc_cidr" {
+  description = "CIDR block for the VPC"
+  type        = string
+}
+
+variable "public_subnet_cidrs" {
+  description = "CIDR blocks for public subnets"
+  type        = list(string)
+}
+
+variable "private_subnet_cidrs" {
+  description = "CIDR blocks for private subnets"
+  type        = list(string)
+}
+
+variable "availability_zones" {
+  description = "Availability zones"
+  type        = list(string)
+}
+
+{% if "lambda" in services %}
+variable "lambda_function_name" {
+  description = "Short name for the Lambda function"
+  type        = string
+  default     = "app"
+}
+
+variable "lambda_runtime" {
+  description = "Lambda runtime"
+  type        = string
+  default     = "python3.12"
+}
+
+variable "lambda_handler" {
+  description = "Lambda handler"
+  type        = string
+  default     = "index.handler"
+}
+
+variable "lambda_timeout" {
+  description = "Lambda timeout in seconds"
+  type        = number
+  default     = 30
+}
+
+variable "lambda_memory_size" {
+  description = "Lambda memory in MB"
+  type        = number
+  default     = 256
+}
+
+variable "lambda_deploy_in_vpc" {
+  description = "Deploy Lambda in VPC"
+  type        = bool
+  default     = false
+}
+{% endif %}
+
+{% if "apigateway" in services %}
+variable "apigw_endpoint_type" {
+  description = "API Gateway endpoint type"
+  type        = string
+  default     = "REGIONAL"
+}
+
+variable "apigw_throttle_burst_limit" {
+  description = "API Gateway throttle burst limit"
+  type        = number
+  default     = 100
+}
+
+variable "apigw_throttle_rate_limit" {
+  description = "API Gateway throttle rate limit"
+  type        = number
+  default     = 50
+}
+
+variable "apigw_enable_cors" {
+  description = "Enable CORS on the API"
+  type        = bool
+  default     = true
+}
+{% endif %}
+
+{% if "database" in services %}
+variable "db_username" {
+  description = "Database master username"
+  type        = string
+  sensitive   = true
+}
+{% endif %}
+
+{% if "monitoring" in services %}
+variable "alarm_email" {
+  description = "Email for alarm notifications"
+  type        = string
+  default     = ""
+}
+{% endif %}
+
+{% if "messaging" in services %}
+variable "sqs_message_retention" {
+  description = "SQS message retention in seconds"
+  type        = number
+  default     = 345600
+}
+
+variable "sqs_visibility_timeout" {
+  description = "SQS visibility timeout in seconds"
+  type        = number
+  default     = 30
+}
+{% endif %}
+
+{% if "storage" in services %}
+variable "s3_enable_versioning" {
+  description = "Enable S3 bucket versioning"
+  type        = bool
+  default     = true
+}
+{% endif %}

package/tf_starter/templates/aws/github/terraform.yml.j2

@@ -0,0 +1,133 @@
+# ---------------------------------------------------------------------------------------------------------------------
+# GitHub Actions — Terraform CI/CD
+# Project: {{ project_name }}
+# Generated by tf-starter
+# ---------------------------------------------------------------------------------------------------------------------
+
+name: "Terraform"
+
+on:
+  push:
+    branches:
+      - main
+      - develop
+  pull_request:
+    branches:
+      - main
+
+permissions:
+  contents: read
+  pull-requests: write
+
+env:
+  TF_LOG: INFO
+  {% if provider == "aws" %}
+  AWS_REGION: {{ region }}
+  {% elif provider == "gcp" %}
+  GCP_REGION: {{ region }}
+  {% elif provider == "azure" %}
+  ARM_LOCATION: {{ region }}
+  {% endif %}
+
+jobs:
+  terraform-fmt:
+    name: "Terraform Format"
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup Terraform
+        uses: hashicorp/setup-terraform@v3
+        with:
+          terraform_version: "1.6.0"
+
+      - name: Terraform Format Check
+        run: terraform fmt -check -recursive -diff
+
+  terraform-validate:
+    name: "Terraform Validate"
+    runs-on: ubuntu-latest
+    needs: terraform-fmt
+    strategy:
+      matrix:
+        environment: {{ environments | tf_list }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup Terraform
+        uses: hashicorp/setup-terraform@v3
+        with:
+          terraform_version: "1.6.0"
+
+      - name: Terraform Init
+        working-directory: environments/${{ '{{' }} matrix.environment {{ '}}' }}
+        run: terraform init -backend=false
+
+      - name: Terraform Validate
+        working-directory: environments/${{ '{{' }} matrix.environment {{ '}}' }}
+        run: terraform validate
+
+  terraform-lint:
+    name: "TFLint"
+    runs-on: ubuntu-latest
+    needs: terraform-fmt
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup TFLint
+        uses: terraform-linters/setup-tflint@v4
+        with:
+          tflint_version: latest
+
+      - name: Init TFLint
+        run: tflint --init
+
+      - name: Run TFLint
+        run: tflint --recursive --format compact
+
+  terraform-plan:
+    name: "Terraform Plan"
+    runs-on: ubuntu-latest
+    needs: [terraform-validate, terraform-lint]
+    if: github.event_name == 'pull_request'
+    strategy:
+      matrix:
+        environment: {{ environments | tf_list }}
+    {% if provider == "aws" %}
+    env:
+      ### MUST EDIT THIS ###
+      # Configure AWS credentials via GitHub Secrets
+      AWS_ACCESS_KEY_ID: ${{ '{{' }} secrets.AWS_ACCESS_KEY_ID {{ '}}' }}
+      AWS_SECRET_ACCESS_KEY: ${{ '{{' }} secrets.AWS_SECRET_ACCESS_KEY {{ '}}' }}
+    {% elif provider == "gcp" %}
+    env:
+      ### MUST EDIT THIS ###
+      GOOGLE_CREDENTIALS: ${{ '{{' }} secrets.GCP_CREDENTIALS {{ '}}' }}
+    {% elif provider == "azure" %}
+    env:
+      ### MUST EDIT THIS ###
+      ARM_CLIENT_ID: ${{ '{{' }} secrets.ARM_CLIENT_ID {{ '}}' }}
+      ARM_CLIENT_SECRET: ${{ '{{' }} secrets.ARM_CLIENT_SECRET {{ '}}' }}
+      ARM_SUBSCRIPTION_ID: ${{ '{{' }} secrets.ARM_SUBSCRIPTION_ID {{ '}}' }}
+      ARM_TENANT_ID: ${{ '{{' }} secrets.ARM_TENANT_ID {{ '}}' }}
+    {% endif %}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup Terraform
+        uses: hashicorp/setup-terraform@v3
+        with:
+          terraform_version: "1.6.0"
+
+      - name: Terraform Init
+        working-directory: environments/${{ '{{' }} matrix.environment {{ '}}' }}
+        run: terraform init
+
+      - name: Terraform Plan
+        working-directory: environments/${{ '{{' }} matrix.environment {{ '}}' }}
+        run: terraform plan -var-file=terraform.tfvars -no-color
+        continue-on-error: true

package/tf_starter/templates/aws/misc/Makefile.j2

@@ -0,0 +1,60 @@
+# ---------------------------------------------------------------------------------------------------------------------
+# Makefile for {{ project_name }}
+# Provider: {{ provider | upper }}
+# Generated by tf-starter
+# ---------------------------------------------------------------------------------------------------------------------
+
+.PHONY: init plan apply destroy validate fmt clean help
+
+ENV ?= dev
+TF_DIR = environments/$(ENV)
+
+help: ## Show this help
+	@grep -E '^[a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | sort | \
+		awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-15s\033[0m %s\n", $$1, $$2}'
+
+init: ## Initialize Terraform (ENV=dev|staging|prod)
+	@echo "Initializing Terraform for environment: $(ENV)"
+	cd $(TF_DIR) && terraform init
+
+plan: ## Show execution plan (ENV=dev|staging|prod)
+	@echo "Planning Terraform for environment: $(ENV)"
+	cd $(TF_DIR) && terraform plan -var-file=terraform.tfvars
+
+apply: ## Apply infrastructure changes (ENV=dev|staging|prod)
+	@echo "Applying Terraform for environment: $(ENV)"
+	cd $(TF_DIR) && terraform apply -var-file=terraform.tfvars
+
+destroy: ## Destroy infrastructure (ENV=dev|staging|prod)
+	@echo "WARNING: Destroying infrastructure for environment: $(ENV)"
+	cd $(TF_DIR) && terraform destroy -var-file=terraform.tfvars
+
+validate: ## Validate Terraform configuration
+	@echo "Validating Terraform configuration..."
+	terraform fmt -check -recursive
+	@for dir in environments/*/; do \
+		echo "Validating $$dir..."; \
+		cd $$dir && terraform init -backend=false > /dev/null 2>&1 && terraform validate && cd ../..; \
+	done
+	@echo "All configurations valid."
+
+fmt: ## Format Terraform files
+	@echo "Formatting Terraform files..."
+	terraform fmt -recursive
+	@echo "Done."
+
+clean: ## Remove .terraform directories and lock files
+	@echo "Cleaning Terraform cache..."
+	find . -type d -name ".terraform" -exec rm -rf {} + 2>/dev/null || true
+	find . -name ".terraform.lock.hcl" -delete 2>/dev/null || true
+	@echo "Done."
+
+output: ## Show Terraform outputs (ENV=dev|staging|prod)
+	cd $(TF_DIR) && terraform output
+
+state-list: ## List resources in state (ENV=dev|staging|prod)
+	cd $(TF_DIR) && terraform state list
+
+cost: ## Estimate cost using infracost (requires infracost CLI)
+	@command -v infracost >/dev/null 2>&1 || { echo "infracost not installed"; exit 1; }
+	cd $(TF_DIR) && infracost breakdown --path .