automation_initiator_location set by user

README.md

@@ -59,6 +59,7 @@ Terraform module for AWS RDS instances
 | <a name="input_allow_major_version_upgrade"></a> [allow\_major\_version\_upgrade](#input\_allow\_major\_version\_upgrade) | Specify whether or not that major version upgrades are allowed.<br>    Valid Values: .<br>    Notes: Changing this parameter does not result in an outage and the change is asynchronously applied as soon as possible" | `bool` | `true` | no |
 | <a name="input_apply_immediately"></a> [apply\_immediately](#input\_apply\_immediately) | Specifiy whether any database modifications are applied immediately, or during the next maintenance window<br>    Valid Values: .<br>    Notes: apply\_immediately can result in a brief downtime as the server reboots. See [documentation](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Maintenance.html) for more information. | `bool` | `false` | no |
 | <a name="input_auto_minor_version_upgrade"></a> [auto\_minor\_version\_upgrade](#input\_auto\_minor\_version\_upgrade) | Specify whether or not that minor engine upgrades can be applied automatically to the DB instance".<br>    Valid Values: .<br>    Notes: Minor engine upgrades will be applied automatically to the DB instance during the maintenance window. | `bool` | `true` | no |
+| <a name="input_automation_initiator_location"></a> [automation\_initiator\_location](#input\_automation\_initiator\_location) | Specify the URL to the repo of automation script.<br>    Valid Values: URL to repo. Example: `"https://github.com/dfds/terraform-aws-rds"`<br>    Notes: This set the dfds.automation.initiator.location tag. See recommendations [here](https://wiki.dfds.cloud/en/playbooks/standards/tagging_policy). | `string` | `null` | no |
 | <a name="input_availability_zone"></a> [availability\_zone](#input\_availability\_zone) | Specify the Availability Zone for the RDS instance..<br>    Valid Values:<br>    Notes: Only available for DB instances that do not have multi-AZ enabled. | `string` | `null` | no |
 | <a name="input_ca_cert_identifier"></a> [ca\_cert\_identifier](#input\_ca\_cert\_identifier) | Specify the identifier of the CA certificate for the DB instance.<br>    Valid Values: .<br>    Notes: If this variable is omitted, the latest CA certificate will be used. | `string` | `null` | no |
 | <a name="input_cloudwatch_log_group_kms_key_id"></a> [cloudwatch\_log\_group\_kms\_key\_id](#input\_cloudwatch\_log\_group\_kms\_key\_id) | Specify the ARN of the KMS Key to use when encrypting log data.<br>    Valid Values: .<br>    Notes: . | `string` | `null` | no |
@@ -99,7 +100,7 @@ Terraform module for AWS RDS instances
 | <a name="input_performance_insights_enabled"></a> [performance\_insights\_enabled](#input\_performance\_insights\_enabled) | Specify whether or not to enable Performance Insights.<br>    Valid Values: .<br>    Notes:<br>    - If this variable is omitted:<br>      - This value is set to true by default for production environments. Default retention period is set to 7 days.<br>      - This value is set to false by default for non-production environments. | `bool` | `null` | no |
 | <a name="input_performance_insights_kms_key_id"></a> [performance\_insights\_kms\_key\_id](#input\_performance\_insights\_kms\_key\_id) | Specify the ARN for the KMS key to encrypt Performance Insights data.<br>    Valid Values: .<br>    Notes:<br>      - When specifying performance\_insights\_kms\_key\_id, performance\_insights\_enabled needs to be set to true.<br>      - Once KMS key is set, it can never be changed | `string` | `null` | no |
 | <a name="input_performance_insights_retention_period"></a> [performance\_insights\_retention\_period](#input\_performance\_insights\_retention\_period) | Specify the retention period for Performance Insights.<br>    Valid Values: `7`, `731` (2 years) or a multiple of `31`<br>    Notes: Set the value Default value when `performance_insights_enabled` is set to true. | `number` | `null` | no |
-| <a name="input_pipeline_location"></a> [pipeline\_location](#input\_pipeline\_location) | Specify a valid URL path to the file used for automation script.<br>    Valid Values: URL to repo. Example: `"https://github.com/dfds/terraform-aws-rds/actions/workflows/qa.yml"`<br>    Notes: This set the dfds.automation.initiator.pipeline tag. See recommendations [here](https://wiki.dfds.cloud/en/playbooks/standards/tagging_policy). | `string` | `null` | no |
+| <a name="input_pipeline_location"></a> [pipeline\_location](#input\_pipeline\_location) | Specify a valid URL path to the pipeline file used for automation script.<br>    Valid Values: URL to repo. Example: `"https://github.com/dfds/terraform-aws-rds/actions/workflows/qa.yml"`<br>    Notes: This set the dfds.automation.initiator.pipeline tag. See recommendations [here](https://wiki.dfds.cloud/en/playbooks/standards/tagging_policy). | `string` | `null` | no |
 | <a name="input_port"></a> [port](#input\_port) | Specify the port number on which the DB accepts connections.<br>    Valid Values: .<br>    Notes: If omitted, the port number will set to 5432. | `string` | `null` | no |
 | <a name="input_proxy_additional_security_group_rules"></a> [proxy\_additional\_security\_group\_rules](#input\_proxy\_additional\_security\_group\_rules) | Specify additional security group rules for the RDS proxy.<br>    Valid Values: .<br>    Notes:<br>    - Public access is not supported on RDS Proxy. See [documentation](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-proxy.html#rds-proxy.limitations) for more information.<br>    - Only ingress(inbound) rules are supported.<br>    - Ingress rules are set to "Allow outbound traffic to PostgreSQL instance"<br>    – Ingress rules are set to "Allow inbound traffic from same security group on specified database port" | <pre>object({<br>    ingress_rules     = list(any)<br>    ingress_with_self = optional(list(any), [])<br>  })</pre> | <pre>{<br>  "ingress_rules": []<br>}</pre> | no |
 | <a name="input_proxy_debug_logging_is_enabled"></a> [proxy\_debug\_logging\_is\_enabled](#input\_proxy\_debug\_logging\_is\_enabled) | Turn on debug logging for the proxy.<br>    Valid Values: .<br>    Notes: . | `bool` | `false` | no |

locals.tf

@@ -131,7 +131,7 @@ locals {
     "dfds.cost.centre" : var.cost_centre,
     "dfds.service.availability" : var.service_availability,
     "dfds.automation.tool" : "Terraform",
-    "dfds.automation.initiator.location" : "https://github.com/dfds/terraform-aws-rds",
+    "dfds.automation.initiator.location" : var.automation_initiator_location,
   }, var.optional_tags, local.resource_owner_contact_email, local.automation_initiator_pipeline_tag)
   data_backup_retention_tag = var.additional_backup_retention != null ? { "dfds.data.backup.retention" : var.additional_backup_retention } : {}
   data_tags = merge({

tests/qa/main.tf

@@ -7,12 +7,9 @@ locals {
   region = "eu-central-1"
 
   tags = {
-    Name                                 = local.name
-    Repository                           = "https://github.com/dfds/terraform-aws-rds"
-    "dfds.automation.tool"               = "Terraform"
-    "dfds.automation.initiator.location" = "https://github.com/dfds/terraform-aws-rds/"
-    "dfds.automation.initiator.pipeline" = "https://github.com/dfds/terraform-aws-rds/actions/workflows/qa.yml"
-    "dfds.test.scope"                    = "qa"
+    Name = local.name
+
+    "dfds.test.scope" = "qa"
   }
 
 }
@@ -50,4 +47,7 @@ module "rds_instance_test" { # TODO: change to only use defaults and required va
 
   public_access_ip_whitelist = ["0.0.0.0/0"]
   is_kubernetes_app_enabled  = true
+
+  automation_initiator_location = "https://github.com/dfds/terraform-aws-rds/"
+  pipeline_location             = "https://github.com/dfds/terraform-aws-rds/actions/workflows/qa.yml"
 }

tools/scaffolding/templates/main.tf.template

@@ -15,7 +15,7 @@ provider "aws" {
 
 
 module "db_instance" {
-  source = "git::https://github.com/dfds/terraform-aws-rds.git?ref=<release_number>"
+  source = "git::https://github.com/dfds/terraform-aws-rds.git?ref=0.0.1"
 $inputs
 }
 

variables.tf

@@ -804,16 +804,30 @@ EOF
   default     = {}
 }
 
-variable "pipeline_location" { # TODO: Consider making it required. Consider how to support run from local machine. Re-Test validation.
+variable "pipeline_location" {
   description = <<EOF
-    Specify a valid URL path to the file used for automation script.
+    Specify a valid URL path to the pipeline file used for automation script.
     Valid Values: URL to repo. Example: `"https://github.com/dfds/terraform-aws-rds/actions/workflows/qa.yml"`
     Notes: This set the dfds.automation.initiator.pipeline tag. See recommendations [here](https://wiki.dfds.cloud/en/playbooks/standards/tagging_policy).
 EOF
   type        = string
   default     = null
   validation {
-    condition     = var.pipeline_location == null || can(regex("^(https:\\/\\/www\\.|http:\\/\\/www\\.|https:\\/\\/|http:\\/\\/)?[a-zA-Z0-9]{2,}(\\.[a-zA-Z0-9]{2,})([a-z0-9_@\\-^!#$%&+={}.\\/\\\\[\\]]+)+\\.(yml|yaml|sh)$", var.pipeline_location))
-    error_message = "Invalid value for var.pipeline_location. Supported values: URL path. Example: https://github.com/dfds/terraform-aws-rds/actions/workflows/qa.yml"
+    condition     = var.pipeline_location == null || can(regex("^(https:\\/\\/www\\.|http:\\/\\/www\\.|https:\\/\\/|http:\\/\\/)?[a-zA-Z0-9]{2,}(\\.[a-zA-Z0-9]{2,})(\\.[a-zA-Z0-9]{2,})?(\\/[a-zA-Z0-9_.:/=+-@][^?|^/&]{2,})+$", var.pipeline_location))
+    error_message = "Value for var.pipeline_location contains invalid characters. See AWS [user guide](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html) for more information."
+  }
+}
+
+variable "automation_initiator_location" {
+  description = <<EOF
+    Specify the URL to the repo of automation script.
+    Valid Values: URL to repo. Example: `"https://github.com/dfds/terraform-aws-rds"`
+    Notes: This set the dfds.automation.initiator.location tag. See recommendations [here](https://wiki.dfds.cloud/en/playbooks/standards/tagging_policy).
+  EOF
+  type        = string
+  default     = null
+  validation {
+    condition     = var.automation_initiator_location == null || can(regex("^(https:\\/\\/www\\.|http:\\/\\/www\\.|https:\\/\\/|http:\\/\\/)?[a-zA-Z0-9]{2,}(\\.[a-zA-Z0-9]{2,})(\\.[a-zA-Z0-9]{2,})?(\\/[a-zA-Z0-9_.:/=+-@][^?|^/&]{2,})+[\\/]?$", var.automation_initiator_location))
+    error_message = "Value for var.automation_initiator_location contains invalid characters or URL is malformed. See AWS [user guide](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html) for more information. Example: https://github.com/dfds/terraform-aws-rds"
   }
 }