Merge pull request #114 from PascalBourdier/fix-fmt

Fix fmt

Author: Etiene

.circleci/config.yml

@@ -1,5 +1,15 @@
+---
 version: 2
 jobs:
+  validate_terraform:
+    docker:
+      - image: hashicorp/terraform
+    steps:
+      - checkout
+      - run:
+          name: Validate Terraform Formatting
+          command: "[ -z \"$(terraform fmt -write=false)\" ] || { terraform fmt -write=false -diff; exit 1; }"
+
   build:
     machine: true
     # Changing default working dir to the one used for the go path configuration

examples/vault-auto-unseal/main.tf

@@ -34,6 +34,7 @@ module "vault_cluster" {
   # This setting will create the AWS policy that allows the vault cluster to
   # access KMS and use this key for encryption and decryption
   enable_auto_unseal = true
+
   auto_unseal_kms_key_arn = "${data.aws_kms_alias.vault-example.target_key_arn}"
 
   # To make testing easier, we allow requests from any IP address here but in a production deployment, we *strongly*
@@ -70,8 +71,8 @@ data "template_file" "user_data_vault_cluster" {
     consul_cluster_tag_key   = "${var.consul_cluster_tag_key}"
     consul_cluster_tag_value = "${var.consul_cluster_name}"
 
-    kms_key_id                   = "${data.aws_kms_alias.vault-example.target_key_id}"
-    aws_region                   = "${data.aws_region.current.name}"
+    kms_key_id = "${data.aws_kms_alias.vault-example.target_key_id}"
+    aws_region = "${data.aws_region.current.name}"
   }
 }
 

examples/vault-cluster-private/main.tf

@@ -74,7 +74,7 @@ data "template_file" "user_data_vault_cluster" {
 module "security_group_rules" {
   source = "github.com/hashicorp/terraform-aws-consul.git//modules/consul-client-security-group-rules?ref=v0.4.0"
 
-  security_group_id           = "${module.vault_cluster.security_group_id}"
+  security_group_id = "${module.vault_cluster.security_group_id}"
 
   # To make testing easier, we allow requests from any IP address here but in a production deployment, we *strongly*
   # recommend you limit this to the IP address ranges of known, trusted servers inside your VPC.

examples/vault-ec2-auth/main.tf

@@ -126,10 +126,12 @@ data "template_file" "user_data_vault_cluster" {
     consul_cluster_tag_key   = "${var.consul_cluster_tag_key}"
     consul_cluster_tag_value = "${var.consul_cluster_name}"
     example_role_name        = "${var.example_role_name}"
+
     # Please note that normally we would never pass a secret this way
     # This is just for test purposes so we can verify that our example instance is authenticating correctly
-    example_secret           = "${var.example_secret}"
-    ami_id                   = "${var.ami_id}"
+    example_secret = "${var.example_secret}"
+
+    ami_id = "${var.ami_id}"
   }
 }
 

examples/vault-s3-backend/main.tf

@@ -79,7 +79,7 @@ data "template_file" "user_data_vault_cluster" {
 module "security_group_rules" {
   source = "github.com/hashicorp/terraform-aws-consul.git//modules/consul-client-security-group-rules?ref=v0.4.0"
 
-  security_group_id           = "${module.vault_cluster.security_group_id}"
+  security_group_id = "${module.vault_cluster.security_group_id}"
 
   # To make testing easier, we allow requests from any IP address here but in a production deployment, we *strongly*
   # recommend you limit this to the IP address ranges of known, trusted servers inside your VPC.

examples/vault-s3-backend/outputs.tf

@@ -84,4 +84,4 @@ output "consul_cluster_cluster_tag_value" {
 
 output "s3_bucket_arn" {
   value = "${module.vault_cluster.s3_bucket_arn}"
-}
+}

main.tf

@@ -117,7 +117,7 @@ data "template_file" "user_data_vault_cluster" {
 module "security_group_rules" {
   source = "github.com/hashicorp/terraform-aws-consul.git//modules/consul-client-security-group-rules?ref=v0.4.0"
 
-  security_group_id           = "${module.vault_cluster.security_group_id}"
+  security_group_id = "${module.vault_cluster.security_group_id}"
 
   # To make testing easier, we allow requests from any IP address here but in a production deployment, we *strongly*
   # recommend you limit this to the IP address ranges of known, trusted servers inside your VPC.

modules/vault-cluster/main.tf

@@ -249,15 +249,17 @@ data "aws_iam_policy_document" "vault_s3" {
 }
 
 data "aws_iam_policy_document" "vault_auto_unseal_kms" {
-  count  = "${var.enable_auto_unseal ? 1 : 0}"
+  count = "${var.enable_auto_unseal ? 1 : 0}"
 
   statement {
-    effect    = "Allow"
+    effect = "Allow"
+
     actions = [
       "kms:Encrypt",
       "kms:Decrypt",
-      "kms:DescribeKey"
+      "kms:DescribeKey",
     ]
+
     resources = ["${var.auto_unseal_kms_key_arn}"]
   }
 }