GitHub Actions Code Formatter workflow

terraform/environments/apex/alb.tf

@@ -33,8 +33,8 @@ module "alb" {
     aws.us-east-1             = aws.us-east-1
   }
 
-  vpc_all                          = local.vpc_all
-#   fqdn                             = local.environment == "production" ? local.application_data.accounts[local.environment].acm_cert_domain_name : "${local.application_name}.${var.networking[0].business-unit}-${local.environment}.${local.application_data.accounts[local.environment].acm_cert_domain_name}"
+  vpc_all = local.vpc_all
+  #   fqdn                             = local.environment == "production" ? local.application_data.accounts[local.environment].acm_cert_domain_name : "${local.application_name}.${var.networking[0].business-unit}-${local.environment}.${local.application_data.accounts[local.environment].acm_cert_domain_name}"
   application_name                 = local.application_name
   business_unit                    = var.networking[0].business-unit
   public_subnets                   = [data.aws_subnet.public_subnets_a.id, data.aws_subnet.public_subnets_b.id, data.aws_subnet.public_subnets_c.id]
@@ -49,7 +49,7 @@ module "alb" {
   security_group_ingress_from_port = 443
   security_group_ingress_to_port   = 443
   security_group_ingress_protocol  = "tcp"
-#   moj_vpn_cidr_block               = local.application_data.accounts[local.environment].moj_vpn_cidr
+  #   moj_vpn_cidr_block               = local.application_data.accounts[local.environment].moj_vpn_cidr
   # existing_bucket_name = "" # An s3 bucket name can be provided in the module by adding the `existing_bucket_name` variable and adding the bucket name
 
   validation = local.environment == "production" ? local.prod_validation : local.non_prod_validation
@@ -59,9 +59,9 @@ module "alb" {
   listener_port     = 443
   alb_ssl_policy    = "ELBSecurityPolicy-TLS-1-2-2017-01" # TODO This enforces TLSv1.2. For general, use ELBSecurityPolicy-2016-08 instead 
 
-#   production_zone_id   = data.aws_route53_zone.production-network-services.zone_id
-#   services_zone_id     = data.aws_route53_zone.network-services.zone_id
-#   external_zone_id     = data.aws_route53_zone.external.zone_id
+  #   production_zone_id   = data.aws_route53_zone.production-network-services.zone_id
+  #   services_zone_id     = data.aws_route53_zone.network-services.zone_id
+  #   external_zone_id     = data.aws_route53_zone.external.zone_id
   acm_cert_domain_name = local.application_data.accounts[local.environment].acm_cert_domain_name
 
   target_group_deregistration_delay = 30
@@ -80,84 +80,84 @@ module "alb" {
   stickiness_type            = "lb_cookie"
   stickiness_cookie_duration = 10800
 
-#   # CloudFront settings, to be moved to application_variables.json if there are differences between environments
-#   cloudfront_default_cache_behavior = {
-#     smooth_streaming                           = false
-#     allowed_methods                            = ["DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT"]
-#     cached_methods                             = ["HEAD", "GET"]
-#     forwarded_values_query_string              = true
-#     forwarded_values_headers                   = ["Authorization", "CloudFront-Forwarded-Proto", "CloudFront-Is-Desktop-Viewer", "CloudFront-Is-Mobile-Viewer", "CloudFront-Is-SmartTV-Viewer", "CloudFront-Is-Tablet-Viewer", "CloudFront-Viewer-Country", "Host", "User-Agent"]
-#     forwarded_values_cookies_forward           = "whitelist"
-#     forwarded_values_cookies_whitelisted_names = ["AWSALB", "JSESSIONID"]
-#     viewer_protocol_policy                     = "https-only"
-#   }
-#   # Other cache behaviors are processed in the order in which they're listed in the CloudFront console or, if you're using the CloudFront API, the order in which they're listed in the DistributionConfig element for the distribution.
-#   cloudfront_ordered_cache_behavior = {
-#     "cache_behavior_0" = {
-#       smooth_streaming                 = false
-#       path_pattern                     = "*.png"
-#       min_ttl                          = 0
-#       allowed_methods                  = ["GET", "HEAD"]
-#       cached_methods                   = ["HEAD", "GET"]
-#       forwarded_values_query_string    = false
-#       forwarded_values_headers         = ["Host", "User-Agent"]
-#       forwarded_values_cookies_forward = "none"
-#       viewer_protocol_policy           = "https-only"
-#     },
-#     "cache_behavior_1" = {
-#       smooth_streaming                 = false
-#       path_pattern                     = "*.jpg"
-#       min_ttl                          = 0
-#       allowed_methods                  = ["GET", "HEAD"]
-#       cached_methods                   = ["HEAD", "GET"]
-#       forwarded_values_query_string    = false
-#       forwarded_values_headers         = ["Host", "User-Agent"]
-#       forwarded_values_cookies_forward = "none"
-#       viewer_protocol_policy           = "https-only"
-#     },
-#     "cache_behavior_2" = {
-#       smooth_streaming                 = false
-#       path_pattern                     = "*.gif"
-#       min_ttl                          = 0
-#       allowed_methods                  = ["GET", "HEAD"]
-#       cached_methods                   = ["HEAD", "GET"]
-#       forwarded_values_query_string    = false
-#       forwarded_values_headers         = ["Host", "User-Agent"]
-#       forwarded_values_cookies_forward = "none"
-#       viewer_protocol_policy           = "https-only"
-#     },
-#     "cache_behavior_3" = {
-#       smooth_streaming                 = false
-#       path_pattern                     = "*.css"
-#       min_ttl                          = 0
-#       allowed_methods                  = ["GET", "HEAD"]
-#       cached_methods                   = ["HEAD", "GET"]
-#       forwarded_values_query_string    = false
-#       forwarded_values_headers         = ["Host", "User-Agent"]
-#       forwarded_values_cookies_forward = "none"
-#       viewer_protocol_policy           = "https-only"
-#     },
-#     "cache_behavior_4" = {
-#       smooth_streaming                 = false
-#       path_pattern                     = "*.js"
-#       min_ttl                          = 0
-#       allowed_methods                  = ["GET", "HEAD"]
-#       cached_methods                   = ["HEAD", "GET"]
-#       forwarded_values_query_string    = false
-#       forwarded_values_headers         = ["Host", "User-Agent"]
-#       forwarded_values_cookies_forward = "none"
-#       viewer_protocol_policy           = "https-only"
-#     }
-#   }
-#   cloudfront_http_version             = "http2"
-#   cloudfront_enabled                  = true
-#   cloudfront_origin_protocol_policy   = "https-only"
-#   cloudfront_origin_read_timeout      = 60
-#   cloudfront_origin_keepalive_timeout = 60
-#   cloudfront_price_class              = "PriceClass_100"
-#   cloudfront_geo_restriction_type     = "none"
-#   cloudfront_geo_restriction_location = []
-#   cloudfront_is_ipv6_enabled          = true
-#   waf_default_action                  = "BLOCK"
+  #   # CloudFront settings, to be moved to application_variables.json if there are differences between environments
+  #   cloudfront_default_cache_behavior = {
+  #     smooth_streaming                           = false
+  #     allowed_methods                            = ["DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT"]
+  #     cached_methods                             = ["HEAD", "GET"]
+  #     forwarded_values_query_string              = true
+  #     forwarded_values_headers                   = ["Authorization", "CloudFront-Forwarded-Proto", "CloudFront-Is-Desktop-Viewer", "CloudFront-Is-Mobile-Viewer", "CloudFront-Is-SmartTV-Viewer", "CloudFront-Is-Tablet-Viewer", "CloudFront-Viewer-Country", "Host", "User-Agent"]
+  #     forwarded_values_cookies_forward           = "whitelist"
+  #     forwarded_values_cookies_whitelisted_names = ["AWSALB", "JSESSIONID"]
+  #     viewer_protocol_policy                     = "https-only"
+  #   }
+  #   # Other cache behaviors are processed in the order in which they're listed in the CloudFront console or, if you're using the CloudFront API, the order in which they're listed in the DistributionConfig element for the distribution.
+  #   cloudfront_ordered_cache_behavior = {
+  #     "cache_behavior_0" = {
+  #       smooth_streaming                 = false
+  #       path_pattern                     = "*.png"
+  #       min_ttl                          = 0
+  #       allowed_methods                  = ["GET", "HEAD"]
+  #       cached_methods                   = ["HEAD", "GET"]
+  #       forwarded_values_query_string    = false
+  #       forwarded_values_headers         = ["Host", "User-Agent"]
+  #       forwarded_values_cookies_forward = "none"
+  #       viewer_protocol_policy           = "https-only"
+  #     },
+  #     "cache_behavior_1" = {
+  #       smooth_streaming                 = false
+  #       path_pattern                     = "*.jpg"
+  #       min_ttl                          = 0
+  #       allowed_methods                  = ["GET", "HEAD"]
+  #       cached_methods                   = ["HEAD", "GET"]
+  #       forwarded_values_query_string    = false
+  #       forwarded_values_headers         = ["Host", "User-Agent"]
+  #       forwarded_values_cookies_forward = "none"
+  #       viewer_protocol_policy           = "https-only"
+  #     },
+  #     "cache_behavior_2" = {
+  #       smooth_streaming                 = false
+  #       path_pattern                     = "*.gif"
+  #       min_ttl                          = 0
+  #       allowed_methods                  = ["GET", "HEAD"]
+  #       cached_methods                   = ["HEAD", "GET"]
+  #       forwarded_values_query_string    = false
+  #       forwarded_values_headers         = ["Host", "User-Agent"]
+  #       forwarded_values_cookies_forward = "none"
+  #       viewer_protocol_policy           = "https-only"
+  #     },
+  #     "cache_behavior_3" = {
+  #       smooth_streaming                 = false
+  #       path_pattern                     = "*.css"
+  #       min_ttl                          = 0
+  #       allowed_methods                  = ["GET", "HEAD"]
+  #       cached_methods                   = ["HEAD", "GET"]
+  #       forwarded_values_query_string    = false
+  #       forwarded_values_headers         = ["Host", "User-Agent"]
+  #       forwarded_values_cookies_forward = "none"
+  #       viewer_protocol_policy           = "https-only"
+  #     },
+  #     "cache_behavior_4" = {
+  #       smooth_streaming                 = false
+  #       path_pattern                     = "*.js"
+  #       min_ttl                          = 0
+  #       allowed_methods                  = ["GET", "HEAD"]
+  #       cached_methods                   = ["HEAD", "GET"]
+  #       forwarded_values_query_string    = false
+  #       forwarded_values_headers         = ["Host", "User-Agent"]
+  #       forwarded_values_cookies_forward = "none"
+  #       viewer_protocol_policy           = "https-only"
+  #     }
+  #   }
+  #   cloudfront_http_version             = "http2"
+  #   cloudfront_enabled                  = true
+  #   cloudfront_origin_protocol_policy   = "https-only"
+  #   cloudfront_origin_read_timeout      = 60
+  #   cloudfront_origin_keepalive_timeout = 60
+  #   cloudfront_price_class              = "PriceClass_100"
+  #   cloudfront_geo_restriction_type     = "none"
+  #   cloudfront_geo_restriction_location = []
+  #   cloudfront_is_ipv6_enabled          = true
+  #   waf_default_action                  = "BLOCK"
 
 }

terraform/environments/apex/lambda.tf

@@ -29,7 +29,7 @@ resource "aws_s3_object" "provision_files" {
 #This delays the creation of resource 
 resource "time_sleep" "wait_for_provision_files" {
   create_duration = "1m"
-  depends_on = [ aws_s3_object.provision_files ]
+  depends_on      = [aws_s3_object.provision_files]
 }
 
 resource "aws_security_group" "lambdasg" {
@@ -91,7 +91,7 @@ resource "aws_lambda_function" "snapshotDBFunction" {
   s3_key           = local.snapshotDBFunctionfilename
   memory_size      = 128
   timeout          = 900
-   depends_on      = [ time_sleep.wait_for_provision_files ] #This resource will create (at least) 300 seconds after aws_s3_object.provision_files
+  depends_on       = [time_sleep.wait_for_provision_files] #This resource will create (at least) 300 seconds after aws_s3_object.provision_files
 
 
 
@@ -124,7 +124,7 @@ resource "aws_lambda_function" "deletesnapshotFunction" {
   s3_key           = local.deletesnapshotFunctionfilename
   memory_size      = 1024
   timeout          = 900
-   depends_on      = [ time_sleep.wait_for_provision_files ] #This resource will create (at least) 300 seconds after aws_s3_object.provision_files
+  depends_on       = [time_sleep.wait_for_provision_files] #This resource will create (at least) 300 seconds after aws_s3_object.provision_files
 
 
   environment {
@@ -157,7 +157,7 @@ resource "aws_lambda_function" "connectDBFunction" {
   s3_key           = local.connectDBFunctionfilename
   memory_size      = 128
   timeout          = 900
-   depends_on      = [ time_sleep.wait_for_provision_files ] #This resource will create (at least) 300 seconds after aws_s3_object.provision_files
+  depends_on       = [time_sleep.wait_for_provision_files] #This resource will create (at least) 300 seconds after aws_s3_object.provision_files
 
 
 

terraform/environments/apex/modules/alb/main.tf

@@ -3,10 +3,10 @@ locals {
 
   loadbalancer_ingress_rules = {
     "lb_ingress" = {
-      description     = "Loadbalancer ingress rule from CloudFront"
-      from_port       = var.security_group_ingress_from_port
-      to_port         = var.security_group_ingress_to_port
-      protocol        = var.security_group_ingress_protocol
+      description = "Loadbalancer ingress rule from CloudFront"
+      from_port   = var.security_group_ingress_from_port
+      to_port     = var.security_group_ingress_to_port
+      protocol    = var.security_group_ingress_protocol
       # Uncomment below when CloudFront is setup
       # prefix_list_ids = [data.aws_ec2_managed_prefix_list.cloudfront.id]
     }
@@ -23,27 +23,27 @@ locals {
     }
   }
 
-#   ip_set_list   = [for ip in split("\n", chomp(file("${path.module}/waf_ip_set.txt"))) : ip]
+  #   ip_set_list   = [for ip in split("\n", chomp(file("${path.module}/waf_ip_set.txt"))) : ip]
   custom_header = "X-Custom-Header-LAA-${upper(var.application_name)}"
 
-#   cloudfront_validation_records = {
-#     for dvo in aws_acm_certificate.cloudfront.domain_validation_options : dvo.domain_name => {
-#       name   = dvo.resource_record_name
-#       record = dvo.resource_record_value
-#       type   = dvo.resource_record_type
-#       zone = lookup(
-#         local.route53_zones,
-#         dvo.domain_name,
-#         lookup(
-#           local.route53_zones,
-#           replace(dvo.domain_name, "/^[^.]*./", ""),
-#           lookup(
-#             local.route53_zones,
-#             replace(dvo.domain_name, "/^[^.]*.[^.]*./", ""),
-#             { provider = "external" }
-#       )))
-#     }
-#   }
+  #   cloudfront_validation_records = {
+  #     for dvo in aws_acm_certificate.cloudfront.domain_validation_options : dvo.domain_name => {
+  #       name   = dvo.resource_record_name
+  #       record = dvo.resource_record_value
+  #       type   = dvo.resource_record_type
+  #       zone = lookup(
+  #         local.route53_zones,
+  #         dvo.domain_name,
+  #         lookup(
+  #           local.route53_zones,
+  #           replace(dvo.domain_name, "/^[^.]*./", ""),
+  #           lookup(
+  #             local.route53_zones,
+  #             replace(dvo.domain_name, "/^[^.]*.[^.]*./", ""),
+  #             { provider = "external" }
+  #       )))
+  #     }
+  #   }
 
   external_lb_validation_records = {
     for dvo in aws_acm_certificate.external_lb.domain_validation_options : dvo.domain_name => {
@@ -72,13 +72,13 @@ locals {
     } if value.zone.provider == "external"
   }
 
-#   validation_records_cloudfront = {
-#     for key, value in local.cloudfront_validation_records : key => {
-#       name   = value.name
-#       record = value.record
-#       type   = value.type
-#     } if value.zone.provider == "external"
-#   }
+  #   validation_records_cloudfront = {
+  #     for key, value in local.cloudfront_validation_records : key => {
+  #       name   = value.name
+  #       record = value.record
+  #       type   = value.type
+  #     } if value.zone.provider == "external"
+  #   }
 
   core_network_services_domains = {
     for domain, value in var.validation : domain => value if value.account == "core-network-services"

terraform/environments/data-platform-apps-and-tools/auth0-log-steams.tf

@@ -3,7 +3,7 @@ module "auth0_log_streams" {
 
   for_each = local.environment_configuration.auth0_log_streams
 
-  name = each.key
+  name              = each.key
   event_source_name = each.value.event_source_name
 
   tags = local.tags

terraform/environments/data-platform-apps-and-tools/modules/auth0-log-streams/variables.tf

@@ -11,6 +11,6 @@ variable "tags" {
 }
 
 variable "retention_in_days" {
-  type = number
+  type    = number
   default = 400
 }