Update config to support multiple clients

ipdxco · Jan 31, 2024 · 9bfd394 · 9bfd394
1 parent 8206e5c
commit 9bfd394
Show file tree

Hide file tree

Showing 29 changed files with 100 additions and 2,658 deletions.
diff --git a/.gitignore b/.gitignore
@@ -28,3 +28,5 @@ crash.log
 # Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
 # example: *tfplan*
 *.tfplan
+
+main_override.tf
diff --git a/bootstrap/aws.tf b/bootstrap/aws.tf
@@ -1,6 +1,7 @@
 # terraform init
 # export AWS_ACCESS_KEY_ID=
 # export AWS_SECRET_ACCESS_KEY=
+# export TF_VAR_name=
 # terraform apply
 
 terraform {
@@ -17,22 +18,37 @@ provider "aws" {
   region = "us-east-1"
 }
 
+variable "name" {
+  description = "The name to use for S3 bucket, DynamoDB table and IAM users."
+  type        = string
+}
+
 resource "aws_s3_bucket" "this" {
-  bucket = "tf-aws-gh-observability"
+  bucket = var.name
 
   tags = {
-    Name = "Terraform AWS GitHub Observability"
-    Url  = "https://github.com/pl-strflt/tf-aws-gh-observability"
+    Name = "GitHub Monitoring Dashboard"
+    Url  = "https://github.com/ipdxco/github-monitoring-dashboard"
+  }
+}
+
+resource "aws_s3_bucket_ownership_controls" "this" {
+  bucket = aws_s3_bucket.this.id
+
+  rule {
+    object_ownership = "BucketOwnerPreferred"
   }
 }
 
 resource "aws_s3_bucket_acl" "this" {
+  depends_on = [ aws_s3_bucket_ownership_controls.this ]
+
   bucket = aws_s3_bucket.this.id
   acl    = "private"
 }
 
 resource "aws_dynamodb_table" "this" {
-  name         = "tf-aws-gh-observability"
+  name         = var.name
   billing_mode = "PAY_PER_REQUEST"
   hash_key     = "LockID"
 
@@ -42,17 +58,17 @@ resource "aws_dynamodb_table" "this" {
   }
 
   tags = {
-    Name = "Terraform AWS GitHub Observability"
-    Url  = "https://github.com/pl-strflt/tf-aws-gh-observability"
+    Name = "GitHub Monitoring Dashboard"
+    Url  = "https://github.com/ipdxco/github-monitoring-dashboard"
   }
 }
 
 resource "aws_iam_user" "this" {
-  name = "tf-aws-gh-observability"
+  name = var.name
 
   tags = {
-    Name = "Terraform AWS GitHub Observability"
-    Url  = "https://github.com/pl-strflt/tf-aws-gh-observability"
+    Name = "GitHub Monitoring Dashboard"
+    Url  = "https://github.com/ipdxco/github-monitoring-dashboard"
   }
 }
 
@@ -76,7 +92,7 @@ data "aws_iam_policy_document" "this" {
 }
 
 resource "aws_iam_user_policy" "this" {
-  name = "tf-aws-gh-observability"
+  name = var.name
   user = "${aws_iam_user.this.name}"
 
   policy = "${data.aws_iam_policy_document.this.json}"

diff --git a/iam.tf b/iam.tf
@@ -2,8 +2,8 @@ resource "aws_iam_user" "cloud-watcher" {
   name = "cloud-watcher"
 
   tags = {
-    Name = "Terraform AWS GitHub Observability"
-    Url  = "https://github.com/pl-strflt/tf-aws-gh-observability"
+    Name = "GitHub Monitoring Dashboard"
+    Url  = "https://github.com/ipdxco/github-monitoring-dashboard"
   }
 }
 

diff --git a/lambdas.tf b/lambdas.tf
@@ -1,5 +1,5 @@
 resource "aws_apigatewayv2_api" "webhook" {
-  name          = "gateway-tf-aws-gh-observability"
+  name          = "gateway-github-monitoring-dashboard"
   protocol_type = "HTTP"
   tags          = local.tags
 }
@@ -51,7 +51,7 @@ resource "aws_apigatewayv2_integration" "webhook" {
 resource "aws_lambda_function" "webhook" {
   filename          = "${path.module}/lambdas/webhook/webhook.zip"
   source_code_hash  = filebase64sha256("${path.module}/lambdas/webhook/webhook.zip")
-  function_name     = "webhook-tf-aws-gh-observability"
+  function_name     = "webhook-github-monitoring-dashboard"
   role              = aws_iam_role.webhook_lambda.arn
   handler           = "index.githubWebhook"
   runtime           = "nodejs16.x"
@@ -95,14 +95,14 @@ data "aws_iam_policy_document" "lambda_assume_role_policy" {
 }
 
 resource "aws_iam_role" "webhook_lambda" {
-  name                 = "role-tf-aws-gh-observability"
+  name                 = "role-github-monitoring-dashboard"
   assume_role_policy   = data.aws_iam_policy_document.lambda_assume_role_policy.json
-  path                 = "/tf-aws-gh-observability/"
+  path                 = "/github-monitoring-dashboard/"
   tags                 = local.tags
 }
 
 resource "aws_iam_role_policy" "webhook_logging" {
-  name = "logging-policy-tf-aws-gh-observability"
+  name = "logging-policy-github-monitoring-dashboard"
   role = aws_iam_role.webhook_lambda.name
   policy = jsonencode({
     Version = "2012-10-17"
@@ -120,7 +120,7 @@ resource "aws_iam_role_policy" "webhook_logging" {
 }
 
 resource "aws_iam_role_policy" "webhook_ssm" {
-  name = "ssm-policy-tf-aws-gh-observability"
+  name = "ssm-policy-github-monitoring-dashboard"
   role = aws_iam_role.webhook_lambda.name
 
   policy = jsonencode({

diff --git a/lambdas/webhook/.gitignore b/lambdas/webhook/.gitignore
@@ -11,3 +11,5 @@ build/
 *.zip
 
 npm-debug.log*
+
+coverage/
diff --git a/lambdas/webhook/coverage/clover.xml b/lambdas/webhook/coverage/clover.xml