Merges origin/listener-security-policy

Flaconi · Oct 18, 2021 · 2cf3523 · 2cf3523
2 parents be6755c + eff59c9
commit 2cf3523
Show file tree

Hide file tree

Showing 6 changed files with 294 additions and 85 deletions.
diff --git a/.gitignore b/.gitignore
@@ -7,3 +7,5 @@
 
 # .tfvars files
 *.tfvars
+
+.terraform.lock.hcl
diff --git a/Makefile b/Makefile
@@ -2,35 +2,69 @@ ifneq (,)
 .error This Makefile requires GNU Make.
 endif
 
-.PHONY: help gen lint test _gen-main _gen-examples _gen-modules _lint_files _lint_fmt _pull-tf _pull-tf-docs
+.PHONY: help gen lint test _gen-main _gen-examples _gen-modules _lint-files _lint-fmt _lint-json _pull-tf _pull-tfdocs _pull-fl _pull-jl
 
-CURRENT_DIR     = $(dir $(abspath $(lastword $(MAKEFILE_LIST))))
-TF_EXAMPLES     = $(sort $(dir $(wildcard $(CURRENT_DIR)examples/*/)))
-TF_MODULES      = $(sort $(dir $(wildcard $(CURRENT_DIR)modules/*/)))
+CURRENT_DIR = $(dir $(abspath $(lastword $(MAKEFILE_LIST))))
+TF_EXAMPLES = $(sort $(dir $(wildcard $(CURRENT_DIR)examples/*/)))
+TF_MODULES  = $(sort $(dir $(wildcard $(CURRENT_DIR)modules/*/)))
 
-TF_VERSION      = light
-TF_DOCS_VERSION = 0.6.0
+# -------------------------------------------------------------------------------------------------
+# Container versions
+# -------------------------------------------------------------------------------------------------
+TF_VERSION      = 0.14.11
+TFDOCS_VERSION  = 0.10.1
+FL_VERSION      = 0.4
+JL_VERSION      = 1.6.0-0.5
 
+
+# -------------------------------------------------------------------------------------------------
+# Enable linter (file-lint, terraform fmt, jsonlint)
+# -------------------------------------------------------------------------------------------------
+LINT_FL_ENABLE = 1
+LINT_TF_ENABLE = 1
+LINT_JL_ENABLE = 1
+
+
+# -------------------------------------------------------------------------------------------------
+# terraform-docs defines
+# -------------------------------------------------------------------------------------------------
 # Adjust your delimiter here or overwrite via make arguments
 DELIM_START = <!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
 DELIM_CLOSE = <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
+# What arguments to append to terraform-docs command
+TFDOCS_ARGS = --sort=false
+
 
+# -------------------------------------------------------------------------------------------------
+# Default target
+# -------------------------------------------------------------------------------------------------
 help:
-	@echo "gen        Generate terraform-docs output and replace in all README.md's"
+	@echo "gen        Generate terraform-docs output and replace in README.md's"
 	@echo "lint       Static source code analysis"
 	@echo "test       Integration tests"
 
-gen: _pull-tf-docs
+
+# -------------------------------------------------------------------------------------------------
+# Standard targets
+# -------------------------------------------------------------------------------------------------
+gen: _pull-tfdocs
 	@echo "################################################################################"
 	@echo "# Terraform-docs generate"
 	@echo "################################################################################"
 	@$(MAKE) --no-print-directory _gen-main
 	@$(MAKE) --no-print-directory _gen-examples
 	@$(MAKE) --no-print-directory _gen-modules
 
-lint: _pull-tf
-	@$(MAKE) --no-print-directory _lint_files
-	@$(MAKE) --no-print-directory _lint_fmt
+lint:
+	@if [ "$(LINT_FL_ENABLE)" = "1" ]; then \
+		$(MAKE) --no-print-directory _lint-files; \
+	fi
+	@if [ "$(LINT_TF_ENABLE)" = "1" ]; then \
+		$(MAKE) --no-print-directory _lint-fmt; \
+	fi
+	@if [ "$(LINT_JL_ENABLE)" = "1" ]; then \
+		$(MAKE) --no-print-directory _lint-json; \
+	fi
 
 test: _pull-tf
 	@$(foreach example,\
@@ -43,7 +77,7 @@ test: _pull-tf
 		echo "------------------------------------------------------------"; \
 		echo "# Terraform init"; \
 		echo "------------------------------------------------------------"; \
-		if docker run -it --rm -v "$(CURRENT_DIR):/t" --workdir "$${DOCKER_PATH}" hashicorp/terraform:$(TF_VERSION) \
+		if docker run $$(tty -s && echo "-it" || echo) --rm -v "$(CURRENT_DIR):/t" --workdir "$${DOCKER_PATH}" hashicorp/terraform:$(TF_VERSION) \
 			init \
 				-verify-plugins=true \
 				-lock=false \
@@ -56,37 +90,85 @@ test: _pull-tf
 			echo "OK"; \
 		else \
 			echo "Failed"; \
-			docker run -it --rm -v "$(CURRENT_DIR):/t" --workdir "$${DOCKER_PATH}" --entrypoint=rm hashicorp/terraform:$(TF_VERSION) -rf .terraform/ || true; \
+			docker run $$(tty -s && echo "-it" || echo) --rm -v "$(CURRENT_DIR):/t" --workdir "$${DOCKER_PATH}" --entrypoint=rm hashicorp/terraform:$(TF_VERSION) -rf .terraform/ || true; \
 			exit 1; \
 		fi; \
 		echo; \
 		echo "------------------------------------------------------------"; \
 		echo "# Terraform validate"; \
 		echo "------------------------------------------------------------"; \
-		if docker run -it --rm -v "$(CURRENT_DIR):/t" --workdir "$${DOCKER_PATH}" hashicorp/terraform:$(TF_VERSION) \
+		if docker run $$(tty -s && echo "-it" || echo) --rm -v "$(CURRENT_DIR):/t" --workdir "$${DOCKER_PATH}" hashicorp/terraform:$(TF_VERSION) \
 			validate \
 				$(ARGS) \
 				.; then \
 			echo "OK"; \
-			docker run -it --rm -v "$(CURRENT_DIR):/t" --workdir "$${DOCKER_PATH}" --entrypoint=rm hashicorp/terraform:$(TF_VERSION) -rf .terraform/ || true; \
+			docker run $$(tty -s && echo "-it" || echo) --rm -v "$(CURRENT_DIR):/t" --workdir "$${DOCKER_PATH}" --entrypoint=rm hashicorp/terraform:$(TF_VERSION) -rf .terraform/ || true; \
 		else \
 			echo "Failed"; \
-			docker run -it --rm -v "$(CURRENT_DIR):/t" --workdir "$${DOCKER_PATH}" --entrypoint=rm hashicorp/terraform:$(TF_VERSION) -rf .terraform/ || true; \
+			docker run $$(tty -s && echo "-it" || echo) --rm -v "$(CURRENT_DIR):/t" --workdir "$${DOCKER_PATH}" --entrypoint=rm hashicorp/terraform:$(TF_VERSION) -rf .terraform/ || true; \
 			exit 1; \
 		fi; \
 		echo; \
 	)
 
+
+# -------------------------------------------------------------------------------------------------
+# Helper Targets
+# -------------------------------------------------------------------------------------------------
 _gen-main:
 	@echo "------------------------------------------------------------"
 	@echo "# Main module"
 	@echo "------------------------------------------------------------"
-	@if docker run --rm \
+	@if docker run $$(tty -s && echo "-it" || echo) --rm \
+		-v $(CURRENT_DIR):/data \
+		-e DELIM_START='<!-- TFDOCS_HEADER_START -->' \
+		-e DELIM_CLOSE='<!-- TFDOCS_HEADER_END -->' \
+		cytopia/terraform-docs:$(TFDOCS_VERSION) \
+		terraform-docs-replace --show-all=false --show header md tbl --indent 2 --sort README.md; then \
+		echo "OK"; \
+	else \
+		echo "Failed"; \
+		exit 1; \
+	fi
+	@if docker run $$(tty -s && echo "-it" || echo) --rm \
+		-v $(CURRENT_DIR):/data \
+		-e DELIM_START='<!-- TFDOCS_PROVIDER_START -->' \
+		-e DELIM_CLOSE='<!-- TFDOCS_PROVIDER_END -->' \
+		cytopia/terraform-docs:$(TFDOCS_VERSION) \
+		terraform-docs-replace --show-all=false --show providers md tbl --indent 2 --sort README.md; then \
+		echo "OK"; \
+	else \
+		echo "Failed"; \
+		exit 1; \
+	fi
+	@if docker run $$(tty -s && echo "-it" || echo) --rm \
+		-v $(CURRENT_DIR):/data \
+		-e DELIM_START='<!-- TFDOCS_REQUIREMENTS_START -->' \
+		-e DELIM_CLOSE='<!-- TFDOCS_REQUIREMENTS_END -->' \
+		cytopia/terraform-docs:$(TFDOCS_VERSION) \
+		terraform-docs-replace --show-all=false --show requirements md tbl --indent 2 --sort README.md; then \
+		echo "OK"; \
+	else \
+		echo "Failed"; \
+		exit 1; \
+	fi
+	@if docker run $$(tty -s && echo "-it" || echo) --rm \
 		-v $(CURRENT_DIR):/data \
-		-e DELIM_START='$(DELIM_START)' \
-		-e DELIM_CLOSE='$(DELIM_CLOSE)' \
-		cytopia/terraform-docs:$(TF_DOCS_VERSION) \
-		terraform-docs-replace-012 --sort-inputs-by-required --with-aggregate-type-defaults md README.md; then \
+		-e DELIM_START='<!-- TFDOCS_INPUTS_START -->' \
+		-e DELIM_CLOSE='<!-- TFDOCS_INPUTS_END -->' \
+		cytopia/terraform-docs:$(TFDOCS_VERSION) \
+		terraform-docs-replace --show-all=false --show inputs md doc --indent 2 $(TFDOCS_ARGS) README.md; then \
+		echo "OK"; \
+	else \
+		echo "Failed"; \
+		exit 1; \
+	fi
+	@if docker run $$(tty -s && echo "-it" || echo) --rm \
+		-v $(CURRENT_DIR):/data \
+		-e DELIM_START='<!-- TFDOCS_OUTPUTS_START -->' \
+		-e DELIM_CLOSE='<!-- TFDOCS_OUTPUTS_END -->' \
+		cytopia/terraform-docs:$(TFDOCS_VERSION) \
+		terraform-docs-replace --show-all=false --show outputs md tbl --indent 2 --sort README.md; then \
 		echo "OK"; \
 	else \
 		echo "Failed"; \
@@ -100,13 +182,12 @@ _gen-examples:
 		echo "------------------------------------------------------------"; \
 		echo "# $${DOCKER_PATH}"; \
 		echo "------------------------------------------------------------"; \
-		if docker run --rm \
+		if docker run $$(tty -s && echo "-it" || echo) --rm \
 			-v $(CURRENT_DIR):/data \
-			--workdir "/data/$${DOCKER_PATH}" \
 			-e DELIM_START='$(DELIM_START)' \
 			-e DELIM_CLOSE='$(DELIM_CLOSE)' \
-			cytopia/terraform-docs:$(TF_DOCS_VERSION) \
-			terraform-docs-replace-012 --sort-inputs-by-required --with-aggregate-type-defaults md README.md; then \
+			cytopia/terraform-docs:$(TFDOCS_VERSION) \
+			terraform-docs-replace $(TFDOCS_ARGS) md $${DOCKER_PATH}/README.md; then \
 			echo "OK"; \
 		else \
 			echo "Failed"; \
@@ -121,54 +202,32 @@ _gen-modules:
 		echo "------------------------------------------------------------"; \
 		echo "# $${DOCKER_PATH}"; \
 		echo "------------------------------------------------------------"; \
-		if docker run --rm \
+		if docker run $$(tty -s && echo "-it" || echo) --rm \
 			-v $(CURRENT_DIR):/data \
 			-e DELIM_START='$(DELIM_START)' \
 			-e DELIM_CLOSE='$(DELIM_CLOSE)' \
-			cytopia/terraform-docs:$(TF_DOCS_VERSION) \
-			terraform-docs-replace-012 --sort-inputs-by-required --with-aggregate-type-defaults md README.md; then \
+			cytopia/terraform-docs:$(TFDOCS_VERSION) \
+			terraform-docs-replace $(TFDOCS_ARGS) md $${DOCKER_PATH}/README.md; then \
 			echo "OK"; \
 		else \
 			echo "Failed"; \
 			exit 1; \
 		fi; \
 	)
 
-_lint_files:
-	@# Lint all non-binary files for trailing spaces
+_lint-files: _pull-fl
+	@# Basic file linting
 	@echo "################################################################################"
-	@echo "# Lint files"
+	@echo "# File-lint"
 	@echo "################################################################################"
-	@echo
-	@echo "------------------------------------------------------------"
-	@echo "# Trailing spaces"
-	@echo "------------------------------------------------------------"
-	find . -type f -not \( -path "*/.git/*" -o -path "*/.github/*" -o -path "*/.terraform/*" \) -print0 \
-		| xargs -0 -n1 grep -Il '' \
-		| tr '\n' '\0' \
-		| xargs -0 -n1 \
-		sh -c 'if [ -f "$${1}" ]; then if LC_ALL=C grep --color=always -inHE "^.*[[:blank:]]+$$" "$${1}";then false; else true; fi; fi' --
-	@echo
-	@echo "------------------------------------------------------------"
-	@echo "# Windows line feeds (CRLF)"
-	@echo "------------------------------------------------------------"
-	find . -type f -not \( -path "*/.git/*" -o -path "*/.github/*" -o -path "*/.terraform/*" \) -print0 \
-		| xargs -0 -n1 grep -Il '' \
-		| tr '\n' '\0' \
-		| xargs -0 -n1 \
-		sh -c 'if [ -f "$${1}" ]; then if file "$${1}" | grep --color=always -E "[[:space:]]CRLF[[:space:]].*line"; then false; else true; fi; fi' --
-	@echo
-	@echo "------------------------------------------------------------"
-	@echo "# Single trailing newline"
-	@echo "------------------------------------------------------------"
-	find . -type f -not \( -path "*/.git/*" -o -path "*/.github/*" -o -path "*/.terraform/*" \) -print0 \
-		| xargs -0 -n1 grep -Il '' \
-		| tr '\n' '\0' \
-		| xargs -0 -n1 \
-		sh -c 'if [ -f "$${1}" ]; then if ! (tail -c 1 "$${1}" | grep -Eq "^$$" && tail -c 2 "$${1}" | grep -Eqv "^$$"); then echo "$${1}"; false; else true; fi; fi' --
-	@echo
+	@docker run $$(tty -s && echo "-it" || echo) --rm -v $(CURRENT_DIR):/data cytopia/file-lint:$(FL_VERSION) file-cr --text --ignore '.git/,.github/,.terraform/' --path .
+	@docker run $$(tty -s && echo "-it" || echo) --rm -v $(CURRENT_DIR):/data cytopia/file-lint:$(FL_VERSION) file-crlf --text --ignore '.git/,.github/,.terraform/' --path .
+	@docker run $$(tty -s && echo "-it" || echo) --rm -v $(CURRENT_DIR):/data cytopia/file-lint:$(FL_VERSION) file-trailing-single-newline --text --ignore '.git/,.github/,.terraform/' --path .
+	@docker run $$(tty -s && echo "-it" || echo) --rm -v $(CURRENT_DIR):/data cytopia/file-lint:$(FL_VERSION) file-trailing-space --text --ignore '.git/,.github/,.terraform/' --path .
+	@docker run $$(tty -s && echo "-it" || echo) --rm -v $(CURRENT_DIR):/data cytopia/file-lint:$(FL_VERSION) file-utf8 --text --ignore '.git/,.github/,.terraform/' --path .
+	@docker run $$(tty -s && echo "-it" || echo) --rm -v $(CURRENT_DIR):/data cytopia/file-lint:$(FL_VERSION) file-utf8-bom --text --ignore '.git/,.github/,.terraform/' --path .
 
-_lint_fmt:
+_lint-fmt: _pull-tf
 	@# Lint all Terraform files
 	@echo "################################################################################"
 	@echo "# Terraform fmt"
@@ -177,8 +236,8 @@ _lint_fmt:
 	@echo "------------------------------------------------------------"
 	@echo "# *.tf files"
 	@echo "------------------------------------------------------------"
-	@if docker run --rm -v "$(CURRENT_DIR):/t:ro" --workdir "/t" hashicorp/terraform:$(TF_VERSION) \
-		fmt -check=true -diff=true -write=false -list=true /t; then \
+	@if docker run $$(tty -s && echo "-it" || echo) --rm -v "$(CURRENT_DIR):/t:ro" --workdir "/t" hashicorp/terraform:$(TF_VERSION) \
+		fmt -check=true -diff=true -write=false -list=true .; then \
 		echo "OK"; \
 	else \
 		echo "Failed"; \
@@ -188,7 +247,7 @@ _lint_fmt:
 	@echo "------------------------------------------------------------"
 	@echo "# *.tfvars files"
 	@echo "------------------------------------------------------------"
-	@if docker run --rm --entrypoint=/bin/sh -v "$(CURRENT_DIR)/terraform:/t:ro" hashicorp/terraform:$(TF_VERSION) \
+	@if docker run $$(tty -s && echo "-it" || echo) --rm --entrypoint=/bin/sh -v "$(CURRENT_DIR):/t:ro" --workdir "/t" hashicorp/terraform:$(TF_VERSION) \
 		-c "find . -name '*.tfvars' -type f -print0 | xargs -0 -n1 terraform fmt -check=true -write=false -diff=true -list=true"; then \
 		echo "OK"; \
 	else \
@@ -197,8 +256,25 @@ _lint_fmt:
 	fi;
 	@echo
 
+_lint-json: _pull-jl
+	@# Lint all JSON files
+	@echo "################################################################################"
+	@echo "# Jsonlint"
+	@echo "################################################################################"
+	@if docker run $$(tty -s && echo "-it" || echo) --rm -v "$(CURRENT_DIR):/data:ro" cytopia/jsonlint:$(JL_VERSION) \
+		-t '  ' -i '*.terraform/*' '*.json'; then \
+		echo "OK"; \
+	else \
+		echo "Failed"; \
+		exit 1; \
+	fi;
+	@echo
+
 _pull-tf:
 	docker pull hashicorp/terraform:$(TF_VERSION)
 
-_pull-tf-docs:
-	docker pull cytopia/terraform-docs:$(TF_DOCS_VERSION)
+_pull-tfdocs:
+	docker pull cytopia/terraform-docs:$(TFDOCS_VERSION)
+
+_pull-fl:
+	docker pull cytopia/file-lint:$(FL_VERSION)
Original file line number	Diff line number	Diff line change
Expand Up		@@ -7,3 +7,5 @@

		# .tfvars files
		*.tfvars

		.terraform.lock.hcl