chore: removing the lockfile

.commitlintrc.yaml

@@ -0,0 +1,19 @@
+---
+rules:
+  body-leading-blank: [1, always]
+  body-max-line-length: [2, always, 100]
+  footer-leading-blank: [1, always]
+  footer-max-line-length: [2, always, 100]
+  header-max-length: [2, always, 100]
+  subject-case:
+    - 2
+    - never
+    - [sentence-case, start-case, pascal-case, upper-case]
+  subject-empty: [2, never]
+  subject-full-stop: [2, never, "."]
+  type-case: [2, always, lower-case]
+  type-empty: [2, never]
+  type-enum:
+    - 2
+    - always
+    - [build, chore, ci, docs, feat, fix, perf, refactor, revert, style, test]

.gitignore

@@ -5,6 +5,9 @@
 *.tfstate
 *.tfstate.*
 
+# terraform lock file
+.terraform.lock.hcl
+
 # Crash log files
 crash.log
 crash.*.log
@@ -30,3 +33,15 @@ terraform.rc
 .DS_Store
 todo.md
 
+# Ignore vim swap files
+*.swp
+*.swo
+
+# Ignore meld diff files
+*.orig
+*.backup
+*.rej
+
+# Ignore lambda zip files and build directories
+*.zip
+builds/

.terraform-docs.yaml → .terraform-docs.yml

@@ -1,4 +1,3 @@
-formatter: markdown
 #header-from: .header.md
 settings:
   anchor: true
@@ -12,10 +11,18 @@ settings:
   type: true
   lockfile: false
 
-sort:
-  enabled: true
-  by: required
+formatter: "markdown table"
 
 output:
   file: README.md
   mode: inject
+
+sections:
+  show:
+    - providers
+    - inputs
+    - outputs
+
+sort:
+  enabled: true
+  by: required

.tflint.hcl

@@ -1,12 +1,12 @@
 plugin "aws" {
   enabled = true
-  version = "0.32.0"
+  version = "0.35.0"
   source  = "github.com/terraform-linters/tflint-ruleset-aws"
 }
 
 plugin "terraform" {
   enabled = true
-  version = "0.7.0"
+  version = "0.10.0"
   source  = "github.com/terraform-linters/tflint-ruleset-terraform"
 }
 

Makefile

@@ -36,49 +36,66 @@ examples:
 
 documentation: 
 	@echo "--> Generating documentation"
-	@terraform-docs markdown table --output-file ${PWD}/README.md --output-mode inject .
+	@terraform-docs .
 	$(MAKE) documentation-modules
 	$(MAKE) documentation-examples
 
 documentation-modules:
 	@echo "--> Generating documentation for modules"
-	@if [ -d modules ]; then \
-		find modules -type d -mindepth 1 -maxdepth 1 -exec terraform-docs markdown table --output-file README.md --output-mode inject {} \; ; \
-	fi
+	@find . -type d -regex '.*/modules/[a-za-z\-_$$]*' -not -path '*.terraform*' 2>/dev/null | while read -r dir; do \
+		echo "--> Generating documentation for module: $$dir"; \
+		terraform-docs $$dir; \
+	done;
 
 documentation-examples:
-	@echo "--> Generating documentation examples"
+	@echo "--> Generating documentation for examples"
+	@find . -type d -path '*/examples/*' -not -path '*.terraform*' 2>/dev/null| while read -r dir; do \
+		echo "--> Generating documentation for example: $$dir"; \
+		terraform-docs $$dir; \
+	done;
+
+upgrade-terraform-providers:
+	@printf "%s Upgrading Terraform providers for %-24s" "-->" "."
+	@terraform init -upgrade >/dev/null && echo "[OK]" || echo "[FAILED]"
+	@$(MAKE) upgrade-terraform-example-providers
+
+upgrade-terraform-example-providers:
 	@if [ -d examples ]; then \
-		find examples -type d -mindepth 1 -maxdepth 1 -exec terraform-docs markdown table --output-file README.md --output-mode inject {} \; ; \
+		find examples -type d -mindepth 1 -maxdepth 1 2>/dev/null | while read -r dir; do \
+			printf "%s Upgrading Terraform providers for %-24s" "-->" "$$dir"; \
+			terraform -chdir=$$dir init -upgrade >/dev/null && echo "[OK]" || echo "[FAILED]"; \
+		done; \
 	fi
 
 init: 
 	@echo "--> Running terraform init"
 	@terraform init -backend=false
+	@find . -type f -name "*.tf" -not -path '*.terraform*' -exec dirname {} \; | sort -u | while read -r dir; do \
+		echo "--> Running terraform init in $$dir"; \
+		terraform -chdir=$$dir init -backend=false; \
+	done;
 
-security: 
+security: init
 	@echo "--> Running Security checks"
 	@trivy config .
 	$(MAKE) security-modules
 	$(MAKE) security-examples
 
 security-modules:
 	@echo "--> Running Security checks on modules"
-	@if [ -d modules ]; then \
-		find modules -type d -mindepth 1 -maxdepth 1 | while read -r dir; do \
-			echo "--> Validating $$dir"; \
-			trivy config  --format table --exit-code  1 --severity  CRITICAL,HIGH --ignorefile .trivyignore $$dir; \
-		done; \
-	fi
+	@find . -type d -regex '.*/modules/[a-zA-Z\-_$$]*' -not -path '*.terraform*' 2>/dev/null | while read -r dir; do \
+		echo "--> Validating $$dir"; \
+	  terraform init -backend=false; \
+		trivy config  --format table --exit-code  1 --severity  CRITICAL,HIGH --ignorefile .trivyignore $$dir; \
+	done; 
 
 security-examples:
 	@echo "--> Running Security checks on examples"
-	@if [ -d examples ]; then \
-		find examples -type d -mindepth 1 -maxdepth 1 | while read -r dir; do \
-			echo "--> Validating $$dir"; \
-			trivy config  --format table --exit-code  1 --severity  CRITICAL,HIGH --ignorefile .trivyignore $$dir; \
-		done; \
-	fi
+	@find . -type d -path '*/examples/*' -not -path '*.terraform*' 2>/dev/null | while read -r dir; do \
+		echo "--> Validating $$dir"; \
+	  terraform init -backend=false; \
+		trivy config  --format table --exit-code  1 --severity  CRITICAL,HIGH --ignorefile .trivyignore $$dir; \
+	done;
 
 tests: 
 	@echo "--> Running Terraform Tests" 
@@ -90,26 +107,28 @@ validate:
 	@terraform validate
 	$(MAKE) validate-modules
 	$(MAKE) validate-examples
+	$(MAKE) validate-commits
 
 validate-modules:
 	@echo "--> Running terraform validate on modules"
-	@if [ -d modules ]; then \
-		find modules -type d -mindepth 1 -maxdepth 1 | while read -r dir; do \
-			echo "--> Validating $$dir"; \
-			terraform -chdir=$$dir init -backend=false; \
-			terraform -chdir=$$dir validate; \
-		done; \
-	fi
+	@find . -type d -regex '.*/modules/[a-zA-Z\-_$$]*' -not -path '*.terraform*' 2>/dev/null | while read -r dir; do \
+		echo "--> Validating Module $$dir"; \
+		terraform -chdir=$$dir init -backend=false; \
+		terraform -chdir=$$dir validate; \
+	done;
 
 validate-examples:
 	@echo "--> Running terraform validate on examples"
-	@if [ -d examples ]; then \
-		find examples -type d -mindepth 1 -maxdepth 1 | while read -r dir; do \
-			echo "--> Validating $$dir"; \
-			terraform -chdir=$$dir init -backend=false; \
-			terraform -chdir=$$dir validate; \
-		done; \
-	fi
+	@find . -type d -path '*/examples/*' -not -path '*.terraform*' 2>/dev/null | while read -r dir; do \
+		echo "--> Validating $$dir"; \
+		terraform -chdir=$$dir init -backend=false; \
+		terraform -chdir=$$dir validate; \
+	done; 
+
+validate-commits:
+	@echo "--> Running commitlint against the main branch"
+	@command -v commitlint >/dev/null 2>&1 || { echo "commitlint is not installed. Please install it by running 'npm install -g commitlint'"; exit 1; }
+	@git log --pretty=format:"%s" origin/main..HEAD | commitlint --from=origin/main
 
 lint:
 	@echo "--> Running tflint"
@@ -120,31 +139,27 @@ lint:
 
 lint-modules:
 	@echo "--> Running tflint on modules"
-	@if [ -d modules ]; then \
-		find modules -type d -mindepth 1 -maxdepth 1 | while read -r dir; do \
-			echo "--> Linting $$dir"; \
-			tflint --chdir=$$dir --init; \
-			tflint --chdir=$$dir -f compact; \
-		done; \
-	fi
+	@find . -type d -regex '.*/modules/[a-zA-Z\-_$$]*' -not -path '*.terraform*' 2>/dev/null | while read -r dir; do \
+		echo "--> Linting $$dir"; \
+		tflint --chdir=$$dir --init; \
+		tflint --chdir=$$dir -f compact; \
+	done;
 
 lint-examples:
 	@echo "--> Running tflint on examples"
-	@if [ -d examples ]; then \
-		find examples -type d -mindepth 1 -maxdepth 1 | while read -r dir; do \
-			echo "--> Linting $$dir"; \
-			tflint --chdir=$$dir --init; \
-			tflint --chdir=$$dir -f compact; \
-		done; \
-	fi
+	@find . -type d -path '*/examples/*' -not -path '*.terraform*' 2>/dev/null | while read -r dir; do \
+		echo "--> Linting $$dir"; \
+		tflint --chdir=$$dir --init; \
+		tflint --chdir=$$dir -f compact; \
+	done; 
 
 format: 
 	@echo "--> Running terraform fmt"
 	@terraform fmt -recursive -write=true
 
 clean:
 	@echo "--> Cleaning up"
-	@find . -type d -name ".terraform" | while read -r dir; do \
+	@find . -type d -name ".terraform" 2>/dev/null | while read -r dir; do \
 		echo "--> Removing $$dir"; \
 		rm -rf $$dir; \
 	done

README.md

@@ -47,45 +47,22 @@ The `terraform-docs` utility is used to generate this README. Follow the below s
 3. Run `terraform-docs markdown table --output-file ${PWD}/README.md --output-mode inject .`
 
 <!-- BEGIN_TF_DOCS -->
-## Requirements
-
-| Name | Version |
-|------|---------|
-| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.7 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5 |
-
 ## Providers
 
 | Name | Version |
 |------|---------|
 | <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5 |
 
-## Modules
-
-No modules.
-
-## Resources
-
-| Name | Type |
-|------|------|
-| [aws_cloudformation_stack_set.role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set) | resource |
-| [aws_cloudformation_stack_set.vault](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set) | resource |
-| [aws_cloudformation_stack_set_instance.role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set_instance) | resource |
-| [aws_cloudformation_stack_set_instance.vault](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack_set_instance) | resource |
-| [aws_organizations_policy.backup](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/organizations_policy) | resource |
-| [aws_organizations_policy_attachment.backup](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/organizations_policy_attachment) | resource |
-| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |
-
 ## Inputs
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
 | <a name="input_name"></a> [name](#input\_name) | Name of the backup policy | `string` | n/a | yes |
-| <a name="input_plans"></a> [plans](#input\_plans) | List of plan definitions. Each definition defines a backup plan governing the frequency, destinations and retention settings. | <pre>list(object({<br>    name                    = string<br>    schedule                = string<br>    start_window_minutes    = optional(number, 60)<br>    complete_window_minutes = optional(number, 360)<br>    backup_tag_name         = optional(string, "BackupPolicy")<br>    backup_role_name        = optional(string, "lza-backup-service-linked-role")<br>    vault_name              = optional(string, "Default")<br><br>    copy_backups = optional(list(object({<br>      target_vault = string<br><br>      lifecycle = optional(object({<br>        cold_storage_after_days = optional(number)<br>        delete_after_days       = optional(number)<br>      }))<br>    })), [])<br><br>    lifecycle = optional(object({<br>      cold_storage_after_days = optional(number)<br>      delete_after_days       = optional(number)<br>    }))<br>  }))</pre> | n/a | yes |
+| <a name="input_plans"></a> [plans](#input\_plans) | List of plan definitions. Each definition defines a backup plan governing the frequency, destinations and retention settings. | <pre>list(object({<br/>    name                    = string<br/>    schedule                = string<br/>    start_window_minutes    = optional(number, 60)<br/>    complete_window_minutes = optional(number, 360)<br/>    backup_tag_name         = optional(string, "BackupPolicy")<br/>    backup_role_name        = optional(string, "lza-backup-service-linked-role")<br/>    vault_name              = optional(string, "Default")<br/><br/>    copy_backups = optional(list(object({<br/>      target_vault = string<br/><br/>      lifecycle = optional(object({<br/>        cold_storage_after_days = optional(number)<br/>        delete_after_days       = optional(number)<br/>      }))<br/>    })), [])<br/><br/>    lifecycle = optional(object({<br/>      cold_storage_after_days = optional(number)<br/>      delete_after_days       = optional(number)<br/>    }))<br/>  }))</pre> | n/a | yes |
 | <a name="input_deployment_targets"></a> [deployment\_targets](#input\_deployment\_targets) | The accounts or organizational unit to attach the backup policy to. | `list(string)` | `[]` | no |
 | <a name="input_regions"></a> [regions](#input\_regions) | List of regions where resources to be backed up are located | `list(string)` | `[]` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | Map of tags to apply to resources create by this module. These are also passed down to individual backups. | `map(string)` | `{}` | no |
-| <a name="input_vaults"></a> [vaults](#input\_vaults) | List of Backup Vaults to be created along with their lock configuration | <pre>list(object({<br>    name               = string<br>    change_grace_days  = optional(number)<br>    min_retention_days = optional(number)<br>    max_retention_days = optional(number)<br>  }))</pre> | `[]` | no |
+| <a name="input_vaults"></a> [vaults](#input\_vaults) | List of Backup Vaults to be created along with their lock configuration | <pre>list(object({<br/>    name               = string<br/>    change_grace_days  = optional(number)<br/>    min_retention_days = optional(number)<br/>    max_retention_days = optional(number)<br/>  }))</pre> | `[]` | no |
 
 ## Outputs
 

examples/basic/README.md

@@ -1,30 +1,10 @@
 <!-- BEGIN_TF_DOCS -->
-## Requirements
-
-| Name | Version |
-|------|---------|
-| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0.0 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.0.0 |
-
 ## Providers
 
 | Name | Version |
 |------|---------|
 | <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.0.0 |
 
-## Modules
-
-| Name | Source | Version |
-|------|--------|---------|
-| <a name="module_basic"></a> [basic](#module\_basic) | ../.. | n/a |
-
-## Resources
-
-| Name | Type |
-|------|------|
-| [aws_s3_bucket.data_pending_processing](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket) | resource |
-| [aws_s3_bucket.financial_audits](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket) | resource |
-
 ## Inputs
 
 No inputs.