configure precommit ci (#2)

* Adding pre-commit config

* Adding markdown files

* [pre-commit.ci lite] apply automatic fixes

* Fix pre-commit

* Snyk fix

---------

Co-authored-by: pre-commit-ci-lite[bot] <117423508+pre-commit-ci-lite[bot]@users.noreply.github.com>

Author: bushong1

.github/workflows/pre-commit.yaml

@@ -0,0 +1,47 @@
+on:
+  pull_request:
+  push:
+    branches: [main]
+
+jobs:
+  pre_commit:
+    name: Run pre-commit and commit any autocorrections
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+    - name: Setup Terraform
+      uses: hashicorp/setup-terraform@v3
+      with:
+        terraform_version: 1.6.6
+    - name: Setup Terragrunt
+      uses: autero1/action-terragrunt@v1.1.0
+      with:
+        terragrunt_version: 0.54.8
+        # To avoid rate-limiting
+        token: ${{ secrets.GITHUB_TOKEN }}
+    - uses: terraform-linters/setup-tflint@v3
+      name: TFLint - Setup
+      with:
+        tflint_version: latest
+
+    - name: TFLint - Init
+      run: tflint --init
+      env:
+        # https://github.com/terraform-linters/tflint/blob/master/docs/user-guide/plugins.md#avoiding-rate-limiting
+        GITHUB_TOKEN: ${{ github.token }}
+    - name: TFLint - Show version
+      run: tflint --version
+    - uses: actions/setup-python@v4
+      with:
+        python-version: 3.x
+    - name: Terraform Docs - Install
+      run: |
+        curl -sSLo ./terraform-docs.tar.gz https://terraform-docs.io/dl/v0.17.0/terraform-docs-v0.17.0-$(uname)-amd64.tar.gz
+        tar -xzf terraform-docs.tar.gz -- terraform-docs
+        chmod +x terraform-docs
+        echo $PATH
+        mv terraform-docs /usr/local/bin/terraform-docs
+        terraform-docs --version
+    - uses: pre-commit/action@v3.0.0
+    - uses: pre-commit-ci/lite-action@v1.0.1
+      if: always()

.gitignore

@@ -1,3 +1,3 @@
 .terraform*
 .DS_Store
-terraform.*
+terraform.*

.pre-commit-config.yaml

@@ -2,18 +2,30 @@
 # See https://pre-commit.com/hooks.html for more hooks
 repos:
   - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v4.4.0
+    rev: v4.5.0
     hooks:
     -   id: trailing-whitespace
     -   id: end-of-file-fixer
     -   id: check-yaml
         args: ["--allow-multiple-documents"]
     -   id: check-added-large-files
   - repo: https://github.com/antonbabenko/pre-commit-terraform
-    rev: v1.77.0 # Get the latest from: https://github.com/antonbabenko/pre-commit-terraform/releases
+    rev: v1.85.0 # Get the latest from: https://github.com/antonbabenko/pre-commit-terraform/releases
     hooks:
       - id: terraform_fmt     #  args: ["--enable require-variable-braces,deprecate-which"]
       - id: terraform_tflint
-        exclude: .*
+        args:
+          - "--args=--fix"
       - id: terragrunt_fmt
       - id: terraform_docs
+ci:
+    autofix_commit_msg: |
+        [pre-commit.ci] auto fixes from pre-commit.com hooks
+
+        for more information, see https://pre-commit.ci
+    autofix_prs: true
+    autoupdate_branch: ''
+    autoupdate_commit_msg: '[pre-commit.ci] pre-commit autoupdate'
+    autoupdate_schedule: weekly
+    skip: [terraform_fmt, terraform_tflint, terragrunt_fmt, terraform_docs]
+    submodules: false

LICENSE.md

@@ -0,0 +1,34 @@
+# License
+
+As a work of the [United States government](https://www.usa.gov/), this project
+is in the public domain within the United States of America.
+
+Additionally, we waive copyright and related rights in the work worldwide
+through the CC0 1.0 Universal public domain dedication.
+
+## CC0 1.0 Universal Summary
+
+This is a human-readable summary of the [Legal Code (read the full
+text)](https://creativecommons.org/publicdomain/zero/1.0/legalcode).
+
+### No Copyright
+
+The person who associated a work with this deed has dedicated the work to the
+public domain by waiving all of their rights to the work worldwide under
+copyright law, including all related and neighboring rights, to the extent
+allowed by law.
+
+You can copy, modify, distribute, and perform the work, even for commercial
+purposes, all without asking permission.
+
+### Other Information
+
+In no way are the patent or trademark rights of any person affected by CC0, nor
+are the rights that other persons may have in the work or in how the work is
+used, such as publicity or privacy rights.
+
+Unless expressly stated otherwise, the person who associated a work with this
+deed makes no warranties about the work, and disclaims liability for all uses
+of the work, to the fullest extent permitted by applicable law. When using or
+citing the work, you should not imply endorsement by the author or the
+affirmer.

README.md

@@ -1 +1,47 @@
 # batcave-tf-redis
+
+<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.2 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 4.61.0 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 4.61.0 |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [aws_elasticache_cluster.redis](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticache_cluster) | resource |
+| [aws_subnet.private](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/subnet) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_cluster_id"></a> [cluster\_id](#input\_cluster\_id) | n/a | `string` | `""` | no |
+| <a name="input_engine"></a> [engine](#input\_engine) | n/a | `string` | `""` | no |
+| <a name="input_engine_version"></a> [engine\_version](#input\_engine\_version) | n/a | `string` | `""` | no |
+| <a name="input_node_type"></a> [node\_type](#input\_node\_type) | n/a | `string` | `"cache.m4.large"` | no |
+| <a name="input_num_cache_nodes"></a> [num\_cache\_nodes](#input\_num\_cache\_nodes) | n/a | `number` | `1` | no |
+| <a name="input_parameter_group_name"></a> [parameter\_group\_name](#input\_parameter\_group\_name) | n/a | `string` | `""` | no |
+| <a name="input_port"></a> [port](#input\_port) | n/a | `number` | `6379` | no |
+| <a name="input_security_group_ids"></a> [security\_group\_ids](#input\_security\_group\_ids) | n/a | `list(string)` | `[]` | no |
+| <a name="input_snapshot_retention_limit"></a> [snapshot\_retention\_limit](#input\_snapshot\_retention\_limit) | The number of days for which ElastiCache will retain automatic cache cluster snapshots before deleting them. For example, if you set SnapshotRetentionLimit to 5, then a snapshot that was taken today will be retained for 5 days before being deleted. | `number` | `7` | no |
+| <a name="input_tags"></a> [tags](#input\_tags) | n/a | `map(string)` | <pre>{<br>  "Owner": "Batcave"<br>}</pre> | no |
+| <a name="input_vpc_id"></a> [vpc\_id](#input\_vpc\_id) | n/a | `string` | n/a | yes |
+
+## Outputs
+
+No outputs.
+<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->

SECURITY.md

@@ -0,0 +1,17 @@
+# Security and Responsible Disclosure Policy
+
+*Submit a vulnerability:* Unfortunately, we cannot accept secure submissions via
+email or via GitHub Issues. Please use our website to submit vulnerabilities at
+[https://hhs.responsibledisclosure.com](https://hhs.responsibledisclosure.com).
+HHS maintains an acknowledgements page to recognize your efforts on behalf of
+the American public, but you are also welcome to submit anonymously.
+
+Review the HHS Disclosure Policy and websites in scope:
+[https://www.hhs.gov/vulnerability-disclosure-policy/index.html](https://www.hhs.gov/vulnerability-disclosure-policy/index.html).
+
+This policy describes *what systems and types of research* are covered under this
+policy, *how to send* us vulnerability reports, and *how long* we ask security
+researchers to wait before publicly disclosing vulnerabilities.
+
+If you have other cybersecurity related questions, please contact us at
+[csirc@hhs.gov.](mailto:csirc@hhs.gov).

main.tf

@@ -1,40 +1,33 @@
+terraform {
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 4.61.0"
+    }
+  }
+  required_version = ">= 1.2"
 
-# Configure the AWS Provider
-// provider "aws" {
-//   region = "us-east-1"
-// }
-
-
-
+}
 
 resource "aws_elasticache_cluster" "redis" {
-  cluster_id           = var.cluster_id 
-  engine               = var.engine
-  engine_version       = var.engine_version
-  node_type            = var.node_type
-  num_cache_nodes      = var.num_cache_nodes
-  parameter_group_name = var.parameter_group_name
-  port                 = var.port
-  security_group_ids   = var.security_group_ids
-
-  subnet_group_name = aws_subnet.private.name
-
-
-  tags = var.tags
+  cluster_id               = var.cluster_id
+  engine                   = var.engine
+  engine_version           = var.engine_version
+  node_type                = var.node_type
+  num_cache_nodes          = var.num_cache_nodes
+  parameter_group_name     = var.parameter_group_name
+  port                     = var.port
+  security_group_ids       = var.security_group_ids
+  subnet_group_name        = aws_subnet.private.name
+  tags                     = var.tags
+  snapshot_retention_limit = var.snapshot_retention_limit
 }
 
 resource "aws_subnet" "private" {
   vpc_id     = var.vpc_id
   cidr_block = "10.202.196.0/23"
 }
 
-# private subnets
-data "aws_subnets" "private" {
-  filter {
-    name = "tag:Name"
-    values = [ "${var.project}-*-${var.env}-private-*"]
-  }
-}
 
 
 
@@ -44,11 +37,3 @@ data "aws_subnets" "private" {
 //     }
 //   )
 // }
-
-
-
-
-
-
-
-

output.tf

@@ -2,4 +2,4 @@
 // output "db_subnet_group_name" {
 //   description = "The db subnet group name"
 //   value       = module.redis.subnet_group_namee
-// }
+// }

variables.tf

@@ -1,41 +1,35 @@
-variable "env" {
-  default = "dev"
+variable "vpc_id" {
+  type = string
 }
 
-variable "project" {
-  default = "eppe"
-}
-
-variable "vpc_id" {}
-
 variable "cluster_id" {
-  default     = ""
-  type        = string
+  default = ""
+  type    = string
 }
 
 variable "engine" {
-  default     = ""
-  type        = string
+  default = ""
+  type    = string
 }
 
 variable "engine_version" {
-  default     = ""
-  type        = string
+  default = ""
+  type    = string
 }
 
 variable "node_type" {
-  default     = ""
-  type        = string
+  type    = string
+  default = "cache.m4.large"
 }
 
 variable "num_cache_nodes" {
-  default     = 1
-  type        = number
+  default = 1
+  type    = number
 }
 
 variable "parameter_group_name" {
-  default     = ""
-  type        = string
+  default = ""
+  type    = string
 }
 
 variable "security_group_ids" {
@@ -44,13 +38,8 @@ variable "security_group_ids" {
 }
 
 variable "port" {
-  default     = 6379
-  type        = number
-}
-
-variable "subnet_ids" {
-  type    = list(string)
-  default = []
+  default = 6379
+  type    = number
 }
 
 // variable "subnet_lookup_overrides" {
@@ -64,4 +53,10 @@ variable "tags" {
   default = {
     Owner = "Batcave"
   }
-}
+}
+
+variable "snapshot_retention_limit" {
+  type        = number
+  default     = 7
+  description = "The number of days for which ElastiCache will retain automatic cache cluster snapshots before deleting them. For example, if you set SnapshotRetentionLimit to 5, then a snapshot that was taken today will be retained for 5 days before being deleted."
+}