feat [EP-1505] IAM Name Prefix and Quiet output option

.github/workflows/pull-requests.yml

@@ -0,0 +1,81 @@
+name: Lint
+
+on:
+  pull_request:
+    branches:
+      - main
+
+# cancel workflow runs in progress when a new commit comes through
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+env:
+ BRANCH_NAME: ${{ github.head_ref || github.ref_name }} 
+
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      - name: Get Terraform and TFLint versions from .tool-versions
+        id: tool-versions
+        run: |
+          echo "terraform-version=$(cat .tool-versions | grep 'terraform' | awk '{print $2}')" >> "$GITHUB_OUTPUT"
+          echo "tflint-version=$(cat .tool-versions | grep 'tflint' | awk '{print $2}')" >> "$GITHUB_OUTPUT"
+
+      - uses: hashicorp/setup-terraform@v3
+        with:
+          terraform_version: ${{ steps.tool-versions.outputs.terraform-version }}
+
+      - uses: terraform-linters/setup-tflint@v4
+        with:
+          tflint_version: ${{ format('v{0}', steps.tool-versions.outputs.tflint-version) }}
+          # https://github.com/terraform-linters/tflint/blob/master/docs/user-guide/plugins.md#avoiding-rate-limiting
+          github_token: ${{ github.token }} 
+
+      - run: terraform init
+        name: terraform init main module
+
+      - run: terraform validate
+        name: terraform validate main module
+
+      - run: tflint --init 
+        name: tflint init main module
+
+      - run: tflint
+        name: tflint main module
+
+      - run: |
+          mkdir -p tmp && cd tmp
+          curl -Lo ./terraform-docs.tar.gz https://github.com/terraform-docs/terraform-docs/releases/download/v0.17.0/terraform-docs-v0.17.0-$(uname)-amd64.tar.gz
+          tar -xzf terraform-docs.tar.gz
+          chmod +x terraform-docs
+          mv terraform-docs /usr/local/bin/terraform-docs
+          cd .. && rm -rf tmp
+        name: install tfdocs
+
+      - run: terraform-docs markdown table --output-file README.md --output-mode inject .
+        name: tfdocs
+        working-directory: .
+
+      - run: terraform-docs markdown table --output-file README.md --output-mode inject .
+        name: tfdocs cloudwatch-logging
+        working-directory: ./modules/cloudwatch-logging
+
+      - name: commit changes
+        env:
+          GH_TOKEN: ${{ github.token }}
+        run: |
+          git switch ${{ env.BRANCH_NAME }}
+          git config --global user.email "[email protected]"
+          git config --global user.name "DevOps"
+          git add README.md
+          git add modules/cloudwatch-logging/README.md
+          export CHANGES=$(git diff --cached)
+          if [ -n "$CHANGES" ]; then
+            git commit -m "Update READMEs with Terraform Docs."
+            git push
+          fi

.github/workflows/release.yml

@@ -1,37 +1,43 @@
-name: Release
+name: Create Release Version
 
 on:
-  workflow_dispatch:
   push:
     branches:
       - main
-      - master
-    paths:
-      - '**/*.tpl'
-      - '**/*.py'
-      - '**/*.tf'
-      - '.github/workflows/release.yml'
 
 jobs:
   release:
     name: Release
     runs-on: ubuntu-latest
-    # Skip running release workflow on forks
-    if: github.repository_owner == 'terraform-aws-modules'
     steps:
-      - name: Checkout
-        uses: actions/checkout@v4
+      - uses: actions/checkout@v3
         with:
-          persist-credentials: false
           fetch-depth: 0
-
-      - name: Release
-        uses: cycjimmy/semantic-release-action@v4
+      - uses: paulhatch/[email protected]
+        id: semantic-version
         with:
-          semantic_version: 23.0.2
-          extra_plugins: |
-            @semantic-release/[email protected]
-            @semantic-release/[email protected]
-            [email protected]
+          # The prefix to use to identify tags
+          tag_prefix: "v"
+          # A string which, if present in a git commit, indicates that a change represents a
+          # major (breaking) change, supports regular expressions wrapped with '/'
+          major_pattern: "(MAJOR)"
+          # Same as above except indicating a minor change, supports regular expressions wrapped with '/'
+          minor_pattern: "(MINOR)"
+          # A string to determine the format of the version output
+          version_format: "${major}.${minor}.${patch}"
+          # If this is set to true, *every* commit will be treated as a new version.
+          # Otherwise, only commits with diffs will be treated as a new version.
+          bump_each_commit: false
+          # If true, the body of commits will also be searched for major/minor patterns to determine the version type.
+          search_commit_body: true
+      - name: Tag & Release
+        id: release-tag
         env:
-          GITHUB_TOKEN: ${{ secrets.SEMANTIC_RELEASE_TOKEN }}
+          GH_TOKEN: ${{ github.token }}
+        run: |
+          # Create tag for release.
+          git tag ${{steps.semantic-version.outputs.version_tag }}
+          git push origin ${{steps.semantic-version.outputs.version_tag }}
+
+          # Create release from tag.
+          gh release create ${{steps.semantic-version.outputs.version_tag }} --generate-notes

.tool-versions

@@ -0,0 +1,2 @@
+tflint 0.50.3
+terraform 1.7.5