other(ssm-script docs): escape double quotes and refactor doc

Author: AppliNH

examples/external-managed-ssm-secrets/README.md

@@ -6,7 +6,25 @@ Manually creating the SSM parameters that hold the configuration of your GitHub
 
 ## Prerequisites
 
-Create the following SSM parameters on the AWS console, or by using the following aws-cli commands, see example below. You can also use the script `ssm.sh`. First set the required values, next source the script before running terraform.
+To configure GitHub App credentials in AWS, you have two options:
+
+### 1. Using the [`ssm.sh`](./ssm.sh) script
+
+- Edit [`ssm.sh`](./ssm.sh) and set your values
+- Run: `source ssm.sh`
+- Then run your Terraform commands (`terraform plan` / `terraform apply`)
+
+### 2. Create them manually via the AWS console (or the `aws-cli`)
+
+- Create the following SSM parameters on the AWS console:
+
+```
+/github-action-runners/app/github_app_id           (Your GitHub App ID)
+/github-action-runners/app/github_app_key_base64   (Your GitHub App Private Key)
+/github-action-runners/app/github_app_webhook_secret (Your Installation ID)
+```
+
+Example using AWS CLI:
 
 ```bash
    # GitHub App ID
@@ -28,7 +46,7 @@ Create the following SSM parameters on the AWS console, or by using the followin
      --type "SecureString"
 ```
 
-Then fill the `arn` and `name` values for each of these inside the [`github_app_ssm_parameters` variable](./variables.tf).
+- Fill the `arn` and `name` values for each of these inside the [`github_app_ssm_parameters` variable](./variables.tf).
 
 ## Usages
 
@@ -57,43 +75,45 @@ terraform output -raw webhook_secret
 ```
 
 <!-- BEGIN_TF_DOCS -->
+
 ## Requirements
 
-| Name | Version |
-|------|---------|
-| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.3.0 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | ~> 5.27 |
-| <a name="requirement_local"></a> [local](#requirement\_local) | ~> 2.0 |
-| <a name="requirement_random"></a> [random](#requirement\_random) | ~> 3.0 |
+| Name                                                                     | Version  |
+| ------------------------------------------------------------------------ | -------- |
+| <a name="requirement_terraform"></a> [terraform](#requirement_terraform) | >= 1.3.0 |
+| <a name="requirement_aws"></a> [aws](#requirement_aws)                   | ~> 5.27  |
+| <a name="requirement_local"></a> [local](#requirement_local)             | ~> 2.0   |
+| <a name="requirement_random"></a> [random](#requirement_random)          | ~> 3.0   |
 
 ## Providers
 
 No providers.
 
 ## Modules
 
-| Name | Source | Version |
-|------|--------|---------|
-| <a name="module_base"></a> [base](#module\_base) | ../base | n/a |
-| <a name="module_runners"></a> [runners](#module\_runners) | ../../ | n/a |
+| Name                                                     | Source  | Version |
+| -------------------------------------------------------- | ------- | ------- |
+| <a name="module_base"></a> [base](#module_base)          | ../base | n/a     |
+| <a name="module_runners"></a> [runners](#module_runners) | ../../  | n/a     |
 
 ## Resources
 
 No resources.
 
 ## Inputs
 
-| Name | Description | Type | Default | Required |
-|------|-------------|------|---------|:--------:|
-| <a name="input_aws_region"></a> [aws\_region](#input\_aws\_region) | AWS region. | `string` | `"eu-west-1"` | no |
-| <a name="input_environment"></a> [environment](#input\_environment) | Environment name, used as prefix. | `string` | `null` | no |
-| <a name="input_github_app_ssm_parameters"></a> [github\_app\_ssm\_parameters](#input\_github\_app\_ssm\_parameters) | SSM parameters details for the GitHub App, that you've created manually on AWS. | <pre>object({<br/>    key_base64 = optional(object({<br/>      arn  = string<br/>      name = string<br/>    }))<br/>    id = optional(object({<br/>      arn  = string<br/>      name = string<br/>    }))<br/>    webhook_secret = optional(object({<br/>      arn  = string<br/>      name = string<br/>    }))<br/>  })</pre> | `{}` | no |
+| Name                                                                                                         | Description                                                                     | Type                                                                                                                                                                                                                                                                          | Default       | Required |
+| ------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------- | :------: |
+| <a name="input_aws_region"></a> [aws_region](#input_aws_region)                                              | AWS region.                                                                     | `string`                                                                                                                                                                                                                                                                      | `"eu-west-1"` |    no    |
+| <a name="input_environment"></a> [environment](#input_environment)                                           | Environment name, used as prefix.                                               | `string`                                                                                                                                                                                                                                                                      | `null`        |    no    |
+| <a name="input_github_app_ssm_parameters"></a> [github_app_ssm_parameters](#input_github_app_ssm_parameters) | SSM parameters details for the GitHub App, that you've created manually on AWS. | <pre>object({<br/> key_base64 = optional(object({<br/> arn = string<br/> name = string<br/> }))<br/> id = optional(object({<br/> arn = string<br/> name = string<br/> }))<br/> webhook_secret = optional(object({<br/> arn = string<br/> name = string<br/> }))<br/> })</pre> | `{}`          |    no    |
 
 ## Outputs
 
-| Name | Description |
-|------|-------------|
-| <a name="output_note"></a> [note](#output\_note) | n/a |
-| <a name="output_runners"></a> [runners](#output\_runners) | n/a |
-| <a name="output_webhook_endpoint"></a> [webhook\_endpoint](#output\_webhook\_endpoint) | n/a |
+| Name                                                                                | Description |
+| ----------------------------------------------------------------------------------- | ----------- |
+| <a name="output_note"></a> [note](#output_note)                                     | n/a         |
+| <a name="output_runners"></a> [runners](#output_runners)                            | n/a         |
+| <a name="output_webhook_endpoint"></a> [webhook_endpoint](#output_webhook_endpoint) | n/a         |
+
 <!-- END_TF_DOCS -->

examples/external-managed-ssm-secrets/ssm.sh

@@ -59,9 +59,9 @@ github_app_key_base64_ssm=$(aws ssm get-parameter --name "${SSM_PATH}/github_app
 github_app_webhook_secret_ssm=$(aws ssm get-parameter --name "${SSM_PATH}/github_app_webhook_secret" --query 'Parameter.{arn:ARN,name:Name}' --output json)
 
 export TF_VAR_github_app_ssm_parameters="{
-  "id": `echo $github_app_id_ssm`,
-  "key_base64": `echo $github_app_key_base64_ssm`,
-  "webhook_secret": `echo $github_app_webhook_secret_ssm`
+  \"id\": `echo $github_app_id_ssm`,
+  \"key_base64\": `echo $github_app_key_base64_ssm`,
+  \"webhook_secret\": `echo $github_app_webhook_secret_ssm`
 }"
 
 export TF_VAR_environment=external-ssm