From db6e6b8d6a853c0dc59639cbc9cdc14356ab1436 Mon Sep 17 00:00:00 2001 From: Ben Doerr Date: Thu, 22 Aug 2024 10:28:37 -0400 Subject: [PATCH 1/2] =?UTF-8?q?=E2=9C=A8=20feature:=20Adds=20distribution?= =?UTF-8?q?=20custom=20domain=20support?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit By default a custom domain name is assigned using my terraform-null-label logic. Also adds support for custom or vanity domain names. Ensures that a proper TLS certificate is issued covering the domain names. Finally, I typically try to keep the number of Route53 domains to a minimum since they cost $0.50 for just existing, so this module allows specifying a dedicated AWS profile for those changes. --- .deepsource.toml | 10 +-- .github/workflows/test.yml | 16 +++- aws-acm.tf | 34 +++++++ aws-cloudfront.tf | 4 +- aws-route53.tf | 14 +++ examples/simple/ctx.tf | 3 +- examples/simple/infracost-usage.yml | 134 ++++++++++++++++------------ examples/simple/main.tf | 21 ++++- examples/simple/outputs.tf | 10 +++ examples/simple/variables.tf | 18 ++++ main.tf | 7 +- outputs.tf | 10 +++ test/.golangci.yml | 4 +- test/examples_simple_test.go | 62 +++++++------ variables.tf | 29 ++++-- versions.tf | 5 +- 16 files changed, 275 insertions(+), 106 deletions(-) create mode 100644 aws-acm.tf create mode 100644 aws-route53.tf diff --git a/.deepsource.toml b/.deepsource.toml index ca41470..7ae6fb6 100644 --- a/.deepsource.toml +++ b/.deepsource.toml @@ -6,8 +6,8 @@ name = "secrets" [[analyzers]] name = "terraform" -#[[analyzers]] -#name = "go" -# -# [analyzers.meta] -# import_root = "github.com/bendoerr-terraform-modules/terraform-aws-cloudfront-with-s3-origin/test" +[[analyzers]] +name = "go" + + [analyzers.meta] + import_root = "github.com/bendoerr-terraform-modules/terraform-aws-cloudfront-and-s3-origin/test" diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 3220e64..de43709 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -29,11 +29,25 @@ jobs: - uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 with: - role-to-assume: arn:aws:iam::234656776442:role/brd-sndbx-ue1-core-apply + role-to-assume: ${{ vars.CORE_APPLY_ROLE }} + aws-region: us-east-1 + + - run: | + aws configure set aws_access_key_id ${{ env.AWS_ACCESS_KEY_ID }} --profile core-profile + aws configure set aws_secret_access_key ${{ env.AWS_SECRET_ACCESS_KEY }} --profile core-profile + aws configure set aws_session_token ${{ env.AWS_SESSION_TOKEN }} --profile core-profile + + - uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 + with: + role-to-assume: ${{ vars.SANDBOX_APPLY_ROLE }} aws-region: us-east-1 - shell: bash working-directory: test + env: + TF_VAR_route53_profile: core-profile + TF_VAR_route53_zone_id: ${{ secrets.CORE_HOSTED_ZONE_ID }} + TF_VAR_route53_zone_name: ${{ secrets.CORE_HOSTED_ZONE_NAME }} run: | go install github.com/jstemmer/go-junit-report@latest go test -timeout 20m -v ./... | tee report.txt diff --git a/aws-acm.tf b/aws-acm.tf new file mode 100644 index 0000000..3d75361 --- /dev/null +++ b/aws-acm.tf @@ -0,0 +1,34 @@ +resource "aws_acm_certificate" "cert" { + domain_name = local.default_alias + subject_alternative_names = flatten([[local.default_alias], local.extra_aliases]) + validation_method = "DNS" + tags = module.label_site.tags + + lifecycle { + create_before_destroy = true + } +} + +resource "aws_route53_record" "cert" { + for_each = { + for dvo in aws_acm_certificate.cert.domain_validation_options : dvo.domain_name => { + name = dvo.resource_record_name + record = dvo.resource_record_value + type = dvo.resource_record_type + } + } + + allow_overwrite = true + name = each.value.name + records = [each.value.record] + ttl = 60 + type = each.value.type + zone_id = var.domain_zone_id + + provider = aws.route53 +} + +resource "aws_acm_certificate_validation" "cert" { + certificate_arn = aws_acm_certificate.cert.arn + validation_record_fqdns = [for record in aws_route53_record.cert : record.fqdn] +} diff --git a/aws-cloudfront.tf b/aws-cloudfront.tf index 63b9dc6..fe2431a 100644 --- a/aws-cloudfront.tf +++ b/aws-cloudfront.tf @@ -6,7 +6,7 @@ resource "aws_cloudfront_distribution" "site" { tags = module.label_site.tags price_class = "PriceClass_100" - aliases = var.cname_aliases + aliases = flatten([[local.default_alias], local.extra_aliases]) http_version = "http2" default_root_object = var.default_root_object is_ipv6_enabled = true @@ -35,6 +35,8 @@ resource "aws_cloudfront_distribution" "site" { viewer_certificate { cloudfront_default_certificate = true + acm_certificate_arn = aws_acm_certificate_validation.cert.certificate_arn + ssl_support_method = "sni-only" } } diff --git a/aws-route53.tf b/aws-route53.tf new file mode 100644 index 0000000..a742713 --- /dev/null +++ b/aws-route53.tf @@ -0,0 +1,14 @@ +resource "aws_route53_record" "alias" { + for_each = toset(flatten([[module.label_site.dns_name], var.extra_domain_prefixes])) + name = each.key + type = "A" + zone_id = var.domain_zone_id + + alias { + evaluate_target_health = false + name = aws_cloudfront_distribution.site.domain_name + zone_id = aws_cloudfront_distribution.site.hosted_zone_id + } + + provider = aws.route53 +} diff --git a/examples/simple/ctx.tf b/examples/simple/ctx.tf index d45dbe1..342aade 100644 --- a/examples/simple/ctx.tf +++ b/examples/simple/ctx.tf @@ -1,8 +1,9 @@ module "context" { source = "bendoerr-terraform-modules/context/null" - version = "0.4.1" + version = "0.5.0" namespace = var.namespace role = "cloudfront-s3-example" region = "us-east-1" project = "simple" + long_dns = true } diff --git a/examples/simple/infracost-usage.yml b/examples/simple/infracost-usage.yml index 2af22d2..d577f2d 100644 --- a/examples/simple/infracost-usage.yml +++ b/examples/simple/infracost-usage.yml @@ -4,71 +4,83 @@ # See https://infracost.io/usage-file/ for docs version: 0.1 resource_usage: + # + # The following usage values apply to individual resources and override any value defined in the resource_type_default_usage section. + # All values are commented-out, you can uncomment resources and customize as needed. + # + module.cloudfront_with_s3_origin.aws_route53_record.alias["status.simple.ue1.cldfrnt-s3-xmpl.namespace-mock"]: + monthly_latency_based_queries: 0 + monthly_geo_queries: 0 + monthly_standard_queries: 2678400 + module.cloudfront_with_s3_origin.aws_route53_record.alias["status.test.namespace-mock"]: + monthly_latency_based_queries: 0 + monthly_geo_queries: 0 + monthly_standard_queries: 2678400 module.cloudfront_with_s3_origin.module.s3_site.aws_s3_bucket.this[0]: object_tags: 0 # Total object tags. Only for AWS provider V3. standard: - storage_gb: 0.1 # Total storage in GB. + storage_gb: 0.01 # Total storage in GB. monthly_tier_1_requests: 0 # Monthly PUT, COPY, POST, LIST requests (Tier 1). - monthly_tier_2_requests: 1000 # Monthly GET, SELECT, and all other requests (Tier 2). + monthly_tier_2_requests: 2678400 # Monthly GET, SELECT, and all other requests (Tier 2). monthly_select_data_scanned_gb: 0.0 # Monthly data scanned by S3 Select in GB. monthly_select_data_returned_gb: 0.0 # Monthly data returned by S3 Select in GB. - # intelligent_tiering: - # frequent_access_storage_gb: 0.0 # Total storage for Frequent Access Tier in GB. - # infrequent_access_storage_gb: 0.0 # Total storage for Infrequent Access Tier in GB. - # monitored_objects: 0 # Total objects monitored by the Intelligent Tiering. - # monthly_tier_1_requests: 0 # Monthly PUT, COPY, POST, LIST requests (Tier 1). - # monthly_tier_2_requests: 0 # Monthly GET, SELECT, and all other requests (Tier 2). - # monthly_lifecycle_transition_requests: 0 # Monthly Lifecycle Transition requests. - # monthly_select_data_scanned_gb: 0.0 # Monthly data scanned by S3 Select in GB. - # monthly_select_data_returned_gb: 0.0 # Monthly data returned by S3 Select in GB. - # early_delete_gb: 0.0 # If an archive is deleted within 1 months of being uploaded, you will be charged an early deletion fee per GB. - # archive_access_storage_gb: 0.0 - # deep_archive_access_storage_gb: 0.0 - # standard_infrequent_access: - # storage_gb: 0.0 # Total storage in GB. - # monthly_tier_1_requests: 0 # Monthly PUT, COPY, POST, LIST requests (Tier 1). - # monthly_tier_2_requests: 0 # Monthly GET, SELECT, and all other requests (Tier 2). - # monthly_lifecycle_transition_requests: 0 # Monthly Lifecycle Transition requests. - # monthly_data_retrieval_gb: 0.0 # Monthly data retrievals in GB - # monthly_select_data_scanned_gb: 0.0 # Monthly data scanned by S3 Select in GB. - # monthly_select_data_returned_gb: 0.0 # Monthly data returned by S3 Select in GB. - # one_zone_infrequent_access: - # storage_gb: 0.0 # Total storage in GB. - # monthly_tier_1_requests: 0 # Monthly PUT, COPY, POST, LIST requests (Tier 1). - # monthly_tier_2_requests: 0 # Monthly GET, SELECT, and all other requests (Tier 2). - # monthly_lifecycle_transition_requests: 0 # Monthly Lifecycle Transition requests. - # monthly_data_retrieval_gb: 0.0 # Monthly data retrievals in GB - # monthly_select_data_scanned_gb: 0.0 # Monthly data scanned by S3 Select in GB. - # monthly_select_data_returned_gb: 0.0 # Monthly data returned by S3 Select in GB. - # glacier_flexible_retrieval: - # storage_gb: 0 # Total storage in GB. - # monthly_tier_1_requests: 0 # Monthly PUT, COPY, POST, LIST requests (Tier 1). - # monthly_tier_2_requests: 0 # Monthly GET, SELECT, and all other requests (Tier 2). - # monthly_lifecycle_transition_requests: 0 # Monthly Lifecycle Transition requests. - # monthly_standard_select_data_scanned_gb: 0.0 # Monthly data scanned by S3 Select in GB (for standard level of S3 Glacier). - # monthly_standard_select_data_returned_gb: 0.0 # Monthly data returned by S3 Select in GB (for standard level of S3 Glacier). - # monthly_bulk_select_data_scanned_gb: 0.0 # Monthly data scanned by S3 Select in GB (for bulk level of S3 Glacier) - # monthly_bulk_select_data_returned_gb: 0.0 # Monthly data returned by S3 Select in GB (for bulk level of S3 Glacier) - # monthly_expedited_select_data_scanned_gb: 0.0 # Monthly data scanned by S3 Select in GB (for expedited level of S3 Glacier) - # monthly_expedited_select_data_returned_gb: 0.0 # Monthly data returned by S3 Select in GB (for expedited level of S3 Glacier) - # monthly_standard_data_retrieval_requests: 0 # Monthly data Retrieval requests (for standard level of S3 Glacier). - # monthly_expedited_data_retrieval_requests: 0 # Monthly data Retrieval requests (for expedited level of S3 Glacier). - # monthly_standard_data_retrieval_gb: 0.0 # Monthly data retrievals in GB (for standard level of S3 Glacier). - # monthly_expedited_data_retrieval_gb: 0.0 # Monthly data retrievals in GB (for expedited level of S3 Glacier). - # early_delete_gb: 0.0 # If an archive is deleted within 3 months of being uploaded, you will be charged an early deletion fee per GB. - # glacier_deep_archive: - # storage_gb: 0.0 # Total storage in GB. - # monthly_tier_1_requests: 0 # Monthly PUT, COPY, POST, LIST requests (Tier 1). - # monthly_tier_2_requests: 0 # Monthly GET, SELECT, and all other requests (Tier 2). - # monthly_lifecycle_transition_requests: 0 # Monthly Lifecycle Transition requests. - # monthly_standard_data_retrieval_requests: 0 # Monthly data Retrieval requests (for standard level of S3 Glacier). - # monthly_bulk_data_retrieval_requests: 0 # Monthly data Retrieval requests (for bulk level of S3 Glacier). - # monthly_standard_data_retrieval_gb: 0.0 # Monthly data retrievals in GB (for standard level of S3 Glacier). - # monthly_bulk_data_retrieval_gb: 0.0 # Monthly data retrievals in GB (for bulk level of S3 Glacier). - # early_delete_gb: 0.0 # If an archive is deleted within 6 months of being uploaded, you will be charged an early deletion fee per GB. + intelligent_tiering: + frequent_access_storage_gb: 0.0 # Total storage for Frequent Access Tier in GB. + infrequent_access_storage_gb: 0.0 # Total storage for Infrequent Access Tier in GB. + monitored_objects: 0 # Total objects monitored by the Intelligent Tiering. + monthly_tier_1_requests: 0 # Monthly PUT, COPY, POST, LIST requests (Tier 1). + monthly_tier_2_requests: 0 # Monthly GET, SELECT, and all other requests (Tier 2). + monthly_lifecycle_transition_requests: 0 # Monthly Lifecycle Transition requests. + monthly_select_data_scanned_gb: 0.0 # Monthly data scanned by S3 Select in GB. + monthly_select_data_returned_gb: 0.0 # Monthly data returned by S3 Select in GB. + early_delete_gb: 0.0 # If an archive is deleted within 1 months of being uploaded, you will be charged an early deletion fee per GB. + archive_access_storage_gb: 0.0 + deep_archive_access_storage_gb: 0.0 + standard_infrequent_access: + storage_gb: 0.0 # Total storage in GB. + monthly_tier_1_requests: 0 # Monthly PUT, COPY, POST, LIST requests (Tier 1). + monthly_tier_2_requests: 0 # Monthly GET, SELECT, and all other requests (Tier 2). + monthly_lifecycle_transition_requests: 0 # Monthly Lifecycle Transition requests. + monthly_data_retrieval_gb: 0.0 # Monthly data retrievals in GB + monthly_select_data_scanned_gb: 0.0 # Monthly data scanned by S3 Select in GB. + monthly_select_data_returned_gb: 0.0 # Monthly data returned by S3 Select in GB. + one_zone_infrequent_access: + storage_gb: 0.0 # Total storage in GB. + monthly_tier_1_requests: 0 # Monthly PUT, COPY, POST, LIST requests (Tier 1). + monthly_tier_2_requests: 0 # Monthly GET, SELECT, and all other requests (Tier 2). + monthly_lifecycle_transition_requests: 0 # Monthly Lifecycle Transition requests. + monthly_data_retrieval_gb: 0.0 # Monthly data retrievals in GB + monthly_select_data_scanned_gb: 0.0 # Monthly data scanned by S3 Select in GB. + monthly_select_data_returned_gb: 0.0 # Monthly data returned by S3 Select in GB. + glacier_flexible_retrieval: + storage_gb: 0 # Total storage in GB. + monthly_tier_1_requests: 0 # Monthly PUT, COPY, POST, LIST requests (Tier 1). + monthly_tier_2_requests: 0 # Monthly GET, SELECT, and all other requests (Tier 2). + monthly_lifecycle_transition_requests: 0 # Monthly Lifecycle Transition requests. + monthly_standard_select_data_scanned_gb: 0.0 # Monthly data scanned by S3 Select in GB (for standard level of S3 Glacier). + monthly_standard_select_data_returned_gb: 0.0 # Monthly data returned by S3 Select in GB (for standard level of S3 Glacier). + monthly_bulk_select_data_scanned_gb: 0.0 # Monthly data scanned by S3 Select in GB (for bulk level of S3 Glacier) + monthly_bulk_select_data_returned_gb: 0.0 # Monthly data returned by S3 Select in GB (for bulk level of S3 Glacier) + monthly_expedited_select_data_scanned_gb: 0.0 # Monthly data scanned by S3 Select in GB (for expedited level of S3 Glacier) + monthly_expedited_select_data_returned_gb: 0.0 # Monthly data returned by S3 Select in GB (for expedited level of S3 Glacier) + monthly_standard_data_retrieval_requests: 0 # Monthly data Retrieval requests (for standard level of S3 Glacier). + monthly_expedited_data_retrieval_requests: 0 # Monthly data Retrieval requests (for expedited level of S3 Glacier). + monthly_standard_data_retrieval_gb: 0.0 # Monthly data retrievals in GB (for standard level of S3 Glacier). + monthly_expedited_data_retrieval_gb: 0.0 # Monthly data retrievals in GB (for expedited level of S3 Glacier). + early_delete_gb: 0.0 # If an archive is deleted within 3 months of being uploaded, you will be charged an early deletion fee per GB. + glacier_deep_archive: + storage_gb: 0.0 # Total storage in GB. + monthly_tier_1_requests: 0 # Monthly PUT, COPY, POST, LIST requests (Tier 1). + monthly_tier_2_requests: 0 # Monthly GET, SELECT, and all other requests (Tier 2). + monthly_lifecycle_transition_requests: 0 # Monthly Lifecycle Transition requests. + monthly_standard_data_retrieval_requests: 0 # Monthly data Retrieval requests (for standard level of S3 Glacier). + monthly_bulk_data_retrieval_requests: 0 # Monthly data Retrieval requests (for bulk level of S3 Glacier). + monthly_standard_data_retrieval_gb: 0.0 # Monthly data retrievals in GB (for standard level of S3 Glacier). + monthly_bulk_data_retrieval_gb: 0.0 # Monthly data retrievals in GB (for bulk level of S3 Glacier). + early_delete_gb: 0.0 # If an archive is deleted within 6 months of being uploaded, you will be charged an early deletion fee per GB. module.cloudfront_with_s3_origin.aws_cloudfront_distribution.site: monthly_data_transfer_to_internet_gb: - us: 0.1 # United States, Mexico, Canada + us: 3.4 # United States, Mexico, Canada europe: 0 # Europe, Israel south_africa: 0 # South Africa, Kenya, Middle East south_america: 0 # South America @@ -77,7 +89,7 @@ resource_usage: asia_pacific: 0 # Hong Kong, Philippines, Singapore, South Korea, Taiwan, Thailand india: 0 # India monthly_data_transfer_to_origin_gb: - us: 0.1 # United States, Mexico, Canada + us: 0 # United States, Mexico, Canada europe: 0 # Europe, Israel south_africa: 0 # South Africa, Kenya, Middle East south_america: 0 # South America @@ -95,7 +107,7 @@ resource_usage: asia_pacific: 0 # Hong Kong, Philippines, Singapore, South Korea, Taiwan, Thailand india: 0 # India monthly_https_requests: - us: 1000 # United States, Mexico, Canada + us: 2678400 # United States, Mexico, Canada europe: 0 # Europe, Israel south_africa: 0 # South Africa, Kenya, Middle East south_america: 0 # South America @@ -116,3 +128,7 @@ resource_usage: monthly_encryption_requests: 0 # Monthly number of field level encryption requests. monthly_log_lines: 0 # Monthly number of real-time log lines. custom_ssl_certificates: 0 # Number of dedicated IP custom SSL certificates. + module.cloudfront_with_s3_origin.aws_route53_record.cert: + monthly_standard_queries: 0 # Monthly number of Standard queries. + monthly_latency_based_queries: 0 # Monthly number of Latency Based Routing queries. + monthly_geo_queries: 0 # Monthly number of Geo DNS and Geoproximity queries. diff --git a/examples/simple/main.tf b/examples/simple/main.tf index dd79a32..4d0a585 100644 --- a/examples/simple/main.tf +++ b/examples/simple/main.tf @@ -12,7 +12,26 @@ provider "aws" { region = "us-east-1" } +# Route53 zones can often be in a different account. They cost $0.50 to exist +# so if we are trying to keep costs down we may want to only have the minimum +# needed to function. +provider "aws" { + region = "us-east-1" + alias = "route53" + profile = var.route53_profile +} + module "cloudfront_with_s3_origin" { - source = "../.." + source = "../.." + context = module.context.shared + name = "status" + + domain_zone_name = var.route53_zone_name + domain_zone_id = var.route53_zone_id + extra_domain_prefixes = [format("status.test.%s", var.namespace)] + + providers = { + aws.route53 = aws.route53 + } } diff --git a/examples/simple/outputs.tf b/examples/simple/outputs.tf index 8101f4d..5ba4bd0 100644 --- a/examples/simple/outputs.tf +++ b/examples/simple/outputs.tf @@ -22,3 +22,13 @@ output "cloudfront_distribution_domain_name" { value = module.cloudfront_with_s3_origin.cloudfront_distribution_domain_name description = "The domain name of the CloudFront distribution." } + +output "cloudfront_distribution_alias_domain_name" { + value = module.cloudfront_with_s3_origin.cloudfront_distribution_alias_domain_name + description = "The custom domain name generated by bendoerr-terraform-modules/terraform-null-label." +} + +output "cloudfront_distribution_extra_domain_names" { + value = module.cloudfront_with_s3_origin.cloudfront_distribution_extra_domain_names + description = "Any extra domain names provided." +} diff --git a/examples/simple/variables.tf b/examples/simple/variables.tf index 85b7a5d..301c5b2 100644 --- a/examples/simple/variables.tf +++ b/examples/simple/variables.tf @@ -2,3 +2,21 @@ variable "namespace" { type = string description = "The context namespace" } + +variable "route53_profile" { + type = string + description = "Dedicated AWS profile for accessing Route53" + nullable = false +} + +variable "route53_zone_id" { + type = string + description = "The ZoneID for the Route53 Zone" + nullable = false +} + +variable "route53_zone_name" { + type = string + description = "The Name of the Route53 Zone" + nullable = false +} diff --git a/main.tf b/main.tf index a772ebb..cd13ea1 100644 --- a/main.tf +++ b/main.tf @@ -2,5 +2,10 @@ module "label_site" { source = "bendoerr-terraform-modules/label/null" version = "0.4.2" context = var.context - name = "site" + name = var.name +} + +locals { + default_alias = format("%s.%s", module.label_site.dns_name, var.domain_zone_name) + extra_aliases = formatlist("%s.%s", var.extra_domain_prefixes, var.domain_zone_name) } diff --git a/outputs.tf b/outputs.tf index 68b4579..493a26c 100644 --- a/outputs.tf +++ b/outputs.tf @@ -22,3 +22,13 @@ output "cloudfront_distribution_domain_name" { value = aws_cloudfront_distribution.site.domain_name description = "The domain name of the CloudFront distribution." } + +output "cloudfront_distribution_alias_domain_name" { + value = local.default_alias + description = "The custom domain name generated by bendoerr-terraform-modules/terraform-null-label." +} + +output "cloudfront_distribution_extra_domain_names" { + value = local.extra_aliases + description = "Any extra domain names provided." +} diff --git a/test/.golangci.yml b/test/.golangci.yml index a21d084..bb6f6c2 100644 --- a/test/.golangci.yml +++ b/test/.golangci.yml @@ -72,7 +72,7 @@ linters-settings: gocognit: # Minimal code complexity to report. # Default: 30 (but we recommend 10-20) - min-complexity: 20 + min-complexity: 30 gocritic: # Settings passed to gocritic. @@ -314,3 +314,5 @@ issues: - gosec - noctx - wrapcheck + - text: 'shadow: declaration of "(err|ctx)" shadows declaration at' + linters: [govet] diff --git a/test/examples_simple_test.go b/test/examples_simple_test.go index e34f194..6fabe36 100644 --- a/test/examples_simple_test.go +++ b/test/examples_simple_test.go @@ -145,40 +145,44 @@ func TestDefaults(t *testing.T) { } // Make test HTTPS requests - domainName := terraform.Output(t, terraformOptions, "cloudfront_distribution_domain_name") - - // Test the / default - resp, err := http.Get(fmt.Sprintf("https://%s/", domainName)) - if err != nil { - t.Fatal(err) - } + defaultDomainName := terraform.Output(t, terraformOptions, "cloudfront_distribution_domain_name") + aliasDomainName := terraform.Output(t, terraformOptions, "cloudfront_distribution_alias_domain_name") + names := []string{defaultDomainName, aliasDomainName} + + for _, domainName := range names { + // Test the / default + resp, err := http.Get(fmt.Sprintf("https://%s/", domainName)) + if err != nil { + t.Fatal(err) + } - indexResp, err := io.ReadAll(resp.Body) - if err != nil { - t.Fatal(err) - } + indexResp, err := io.ReadAll(resp.Body) + if err != nil { + t.Fatal(err) + } - if indexTxt != string(indexResp) { - t.Fatal(makediff(indexTxt, string(indexResp))) - } else { - t.Log("success GET index.html") - } + if indexTxt != string(indexResp) { + t.Fatal(makediff(indexTxt, string(indexResp))) + } else { + t.Log("success GET index.html") + } - // Test the /text.txt - resp, err = http.Get(fmt.Sprintf("https://%s/test.txt", domainName)) - if err != nil { - t.Fatal(err) - } + // Test the /text.txt + resp, err = http.Get(fmt.Sprintf("https://%s/test.txt", domainName)) + if err != nil { + t.Fatal(err) + } - textResp, err := io.ReadAll(resp.Body) - if err != nil { - t.Fatal(err) - } + textResp, err := io.ReadAll(resp.Body) + if err != nil { + t.Fatal(err) + } - if testTxt != string(textResp) { - t.Fatal(makediff(testTxt, string(textResp))) - } else { - t.Log("success GET test.txt") + if testTxt != string(textResp) { + t.Fatal(makediff(testTxt, string(textResp))) + } else { + t.Log("success GET test.txt") + } } } diff --git a/variables.tf b/variables.tf index 6c7494c..19cb7f0 100644 --- a/variables.tf +++ b/variables.tf @@ -16,6 +16,13 @@ variable "context" { description = "Shared Context from Ben's terraform-null-context" } +variable "name" { + type = string + default = "site" + description = "TODO" + nullable = false +} + variable "s3_kms_key_arn" { type = string default = null @@ -30,9 +37,21 @@ variable "default_root_object" { nullable = true } -variable "cname_aliases" { - type = set(string) - default = null - description = "A set of CNAME aliases for the S3 bucket." - nullable = true +variable "domain_zone_name" { + type = string + description = "If setting a custom CNAME for the Cloudfront distribution this is the domain name for the zone." + nullable = false +} + +variable "domain_zone_id" { + type = string + description = "If setting a custom CNAME for the Cloudfront distribution this is the domain name for the zone." + nullable = false +} + +variable "extra_domain_prefixes" { + type = list(string) + default = [] + description = "Custom domains" + nullable = false } diff --git a/versions.tf b/versions.tf index 5db35af..d74ee8f 100644 --- a/versions.tf +++ b/versions.tf @@ -2,8 +2,9 @@ terraform { required_version = ">= 0.13" required_providers { aws = { - source = "hashicorp/aws" - version = "~> 5.0" + source = "hashicorp/aws" + version = "~> 5.0" + configuration_aliases = [aws.route53] } } } From 7b51a77017b6b240af33c9039b158931db64fd1e Mon Sep 17 00:00:00 2001 From: Ben Doerr Date: Thu, 22 Aug 2024 10:54:30 -0400 Subject: [PATCH 2/2] =?UTF-8?q?=F0=9F=93=9D=20docs:=20Apply=20suggestions?= =?UTF-8?q?=20from=20code=20review?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> Signed-off-by: Ben Doerr --- examples/simple/outputs.tf | 2 +- variables.tf | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/examples/simple/outputs.tf b/examples/simple/outputs.tf index 5ba4bd0..be880ea 100644 --- a/examples/simple/outputs.tf +++ b/examples/simple/outputs.tf @@ -30,5 +30,5 @@ output "cloudfront_distribution_alias_domain_name" { output "cloudfront_distribution_extra_domain_names" { value = module.cloudfront_with_s3_origin.cloudfront_distribution_extra_domain_names - description = "Any extra domain names provided." + description = "List of additional domain names associated with the CloudFront distribution, useful for multi-domain setups." } diff --git a/variables.tf b/variables.tf index 19cb7f0..79f0456 100644 --- a/variables.tf +++ b/variables.tf @@ -19,7 +19,7 @@ variable "context" { variable "name" { type = string default = "site" - description = "TODO" + description = "The name of the site, used for naming resources and identifiers." nullable = false } @@ -52,6 +52,6 @@ variable "domain_zone_id" { variable "extra_domain_prefixes" { type = list(string) default = [] - description = "Custom domains" + description = "Prefixes for additional custom domains to be associated with the CloudFront distribution." nullable = false }