add cors policy

yadavprakash · yadavprakash · commit 6790fcd8fda9 · 2021-08-06T14:22:04.000+05:30
diff --git a/.github/workflows/readme.yml b/.github/workflows/readme.yml
@@ -23,7 +23,7 @@ jobs:
           actions_subcommand: 'readme'
           github_token: '${{ secrets.GITHUB }}'
         env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.CLOUDDROVE_GITHUB_TOKEN }}
 
 
       - name: 'pre-commit check errors'
diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml
@@ -13,24 +13,24 @@ jobs:
         uses: actions/checkout@master
 
       - name: 'Terraform Format'
-        uses: 'clouddrove/github-actions@v9.0'
+        uses: 'clouddrove/github-actions@v9.0.1'
         with:
           actions_subcommand: 'fmt'
 
       - name: 'Terraform init'
-        uses: 'clouddrove/github-actions@v9.0'
+        uses: 'clouddrove/github-actions@v9.0.1'
         with:
           actions_subcommand: 'init'
           tf_actions_working_dir: ./_example
 
       - name: 'Terraform validate'
-        uses: 'clouddrove/github-actions@v9.0'
+        uses: 'clouddrove/github-actions@v9.0.1'
         with:
           actions_subcommand: 'validate'
           tf_actions_working_dir: ./_example
 
       - name: 'Terraform plan'
-        uses: 'clouddrove/github-actions@v9.0'
+        uses: 'clouddrove/github-actions@v9.0.1'
         with:
           actions_subcommand: 'plan'
           tf_actions_working_dir: ./_example
diff --git a/.github/workflows/terratest.yml b/.github/workflows/terratest.yml
@@ -14,22 +14,20 @@ jobs:
       - name: 'Checkout'
         uses: actions/checkout@master
 
-      - name: Configure AWS Credentials
-        uses: clouddrove/configure-aws-credentials@v1
+      - name: Install doctl
+        uses: digitalocean/action-doctl@v2
         with:
-          aws-access-key-id: ${{ secrets.TEST_AWS_ACCESS_KEY }}
-          aws-secret-access-key: ${{ secrets.TEST_AWS_ACCESS_SECRET_KEY }}
-          aws-region: us-east-2
-
+          token: ${{ secrets.DO_TOKEN }}
 
       - name: 'Terratest'
         if: ${{ github.event.label.name == 'terratest' }}
-        uses: 'clouddrove/github-actions@v9.0'
+        uses: 'clouddrove/github-actions@v9.0.1'
         with:
           actions_subcommand: 'terratest'
           tf_actions_working_dir: '_test'
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          DO_TOKEN: ${{ secrets.DO_TOKEN }}
 
 
       - name: 'Slack Notification'
diff --git a/_example/.terraform.lock.hcl b/_example/.terraform.lock.hcl
diff --git a/_example/example.tf b/_example/example.tf
@@ -2,18 +2,33 @@
 provider "digitalocean" {
   # You need to set this in your .bashrc
   # export DIGITALOCEAN_TOKEN="Your API TOKEN"
-  spaces_access_id  = "xxxxxxxxxxx"
-  spaces_secret_key = "xxxxxxxxxxxxxxxxxxxxxxxxx"
+  spaces_access_id  = "ING6PR3ZYTSCEI2KHDBY"
+  spaces_secret_key = "YuCbsjncTnDwUaBhsy1SUzMAW2eD6cTkaZqSamB1pvk"
 }
 
 
 module "spaces" {
-  source = "./../"
+  source        = "./../"
   name          = "clouddrove"
   environment   = "test"
-  label_order   = ["name"]
+  label_order   = ["name", "environment"]
   acl           = "public-read"
   force_destroy = true
   region        = "nyc3"
 
-}
+  cors_rule = [{
+    "allowed_headers" : ["*"]
+    allowed_methods = ["PUT", "POST"],
+    allowed_origins = ["https://s3-website-test.hashicorp.com"],
+    expose_headers  = ["ETag"],
+  max_age_seconds = 3000 }]
+
+  prefix                                 = true
+  abort_incomplete_multipart_upload_days = "30"
+  date                                   = "2021-09-06"
+  expiration_days                        = "30"
+  expired_object_delete_marker           = true
+  noncurrent_version_expiration          = "30"
+
+}
+
diff --git a/main.tf b/main.tf
@@ -27,17 +27,49 @@ module "labels" {
   name        = var.name
   environment = var.environment
   label_order = var.label_order
+  attributes  = var.attributes
+
 
 }
 
 #Module      : Spaces
 #Description : Provides a bucket resource for Spaces, DigitalOcean's object storage product.
 
 resource "digitalocean_spaces_bucket" "spaces" {
-  name                  = var.name
-  region                = var.region
-  acl                   = var.acl
-  force_destroy         = var.force_destroy
+  name   = module.labels.id
+  region = var.region
+  acl    = var.acl
 
-}
+  force_destroy = var.force_destroy
+
+  dynamic "cors_rule" {
+    for_each = var.cors_rule == null ? [] : var.cors_rule
+
+    content {
+      allowed_headers = cors_rule.value.allowed_headers
+      allowed_methods = cors_rule.value.allowed_methods
+      allowed_origins = cors_rule.value.allowed_origins
+      max_age_seconds = cors_rule.value.max_age_seconds
+    }
+  }
+
+  lifecycle_rule {
+    enabled = false
+    prefix  = var.prefix
+
+    abort_incomplete_multipart_upload_days = var.abort_incomplete_multipart_upload_days
+    expiration {
+      date = var.date
+      days = var.expiration_days
+
+      expired_object_delete_marker = var.expired_object_delete_marker
+    }
+    noncurrent_version_expiration {
+      days = var.noncurrent_version_expiration
+    }
+  }
+  versioning {
+    enabled = var.versioning
+  }
 
+}
diff --git a/variables.tf b/variables.tf
@@ -23,7 +23,11 @@ variable "delimiter" {
   default     = "-"
   description = "Delimiter to be used between `organization`, `environment`, `name` and `attributes`."
 }
-
+variable "attributes" {
+  type        = list(any)
+  default     = []
+  description = "Additional attributes (e.g. `1`)."
+}
 
 variable "region" {
   type        = string
@@ -52,3 +56,52 @@ variable "force_destroy" {
   default     = false
   description = "Unless true, the bucket will only be destroyed if empty (Defaults to false)."
 }
+
+variable "cors_rule" {
+  type = list(object({
+    allowed_headers = list(string)
+    allowed_methods = list(string)
+    allowed_origins = list(string)
+    expose_headers  = list(string)
+    max_age_seconds = number
+  }))
+  default     = null
+  description = "CORS Configuration specification for this bucket"
+}
+
+variable "prefix" {
+  type        = string
+  default     = null
+  description = " (Optional, Forces new resource) Creates a unique bucket name beginning with the specified prefix."
+}
+
+variable "abort_incomplete_multipart_upload_days" {
+  type        = number
+  default     = null
+  description = "Specifies the number of days after initiating a multipart upload when the multipart upload must be completed or else Spaces will abort the upload."
+}
+
+variable "date" {
+  type        = string
+  default     = null
+  description = "pecifies the date/time after which you want applicable objects to expire. The argument uses RFC3339 format, e.g.(2020-03-22T15:03:55Z) or parts thereof e.g. 2019-02-28."
+}
+
+variable "expiration_days" {
+  type        = number
+  default     = null
+  description = "Specifies the number of days after object creation when the applicable objects will expire."
+
+}
+
+variable "expired_object_delete_marker" {
+  type        = string
+  default     = ""
+  description = "On a versioned bucket (versioning-enabled or versioning-suspended bucket), setting this to true directs Spaces to delete expired object delete markers."
+}
+
+variable "noncurrent_version_expiration" {
+  type        = string
+  default     = ""
+  description = "On a versioned bucket (versioning-enabled or versioning-suspended bucket), setting this to true directs Spaces to delete expired object delete markers."
+}
