# Creating modules for Terraform

This repository contains code for an application that is published using the Application Builder Platform (ABP). 

## Module Standards

For best practices and information on developing with Terraform, see the [I&A Module Standards](https://aws-ia.github.io/standards-terraform/)

## Contributing Code

In order to contibute code to this repository, you must submit a *[Pull Request](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-a-pull-request)*. To do so, you must *[fork](https://docs.github.com/en/get-started/quickstart/fork-a-repo)* this repostiory, make your changes in your forked version and submit a *Pull Request*.

## Writing Documentation

> :bangbang: **Do not manually update README.md**.

README.md is automatically generated by pulling in content from other files. For instructions, including a fill-in-the-blank content template, see [Create readmes for Terraform-based Partner Solutions.](https://aws-ia-us-west-2.s3.us-west-2.amazonaws.com/docs/content/index.html#/lessons/8rpYWWL59M7dcS-NsjYmaISUu-L_UqEv)


## Checks and Validation

Pull Requests (PRs) submitted against this repository undergo a series of static and functional checks.

> :exclamation: Note: Failures during funtional or static checks will prevent a pull request from being accepted. 

It is a best practice to perform these checks locally prior to submitting a pull request.

## Checks Performed
- TFLint
- tfsec
- Markdown Lint
- Checkov
- Terratest

> :bangbang: The readme.md file will be created after all checks have completed successfuly, it is recommended that you install terraform-docs locally in order to preview your readme.md file prior to publication.

## Install the required tools

Prerequisites:
- [Python](https://docs.python.org/3/using/index.html)
- [Pip](https://pip.pypa.io/en/stable/installation/)
- [golang](https://go.dev/doc/install) (for macos you can use `brew`)
- [tflint](https://github.com/terraform-linters/tflint)
- [tfsec](https://aquasecurity.github.io/tfsec/v1.0.11/)
- [Markdown Lint](https://github.com/markdownlint/markdownlint)
- [Checkov](https://www.checkov.io/2.Basics/Installing%20Checkov.html)
- [terraform-docs](https://github.com/terraform-docs/terraform-docs)
- [coreutils](https://www.gnu.org/software/coreutils/)

## Performing Checks manually

Preparation
```
terraform init
terraform validate
```
## Checks

### tflint
```
tflint --init
tflint
```
### tfsec
```
tfsec .
```
### Markdown Lint
```
mdl .header.md
```
### Checkov
```
terraform init
terraform plan -out tf.plan
terraform show -json tf.plan  > tf.json 
checkov 
```
### Terratest

Include tests to validate your examples/<> root modules, at a minimum. This can be accomplished with usually only slight modifications to the [boilerplate test provided in this template](./test/examples\_basic\_test.go)

```
# from the root of the repository
cd test
go mod init github.com/aws-ia/terraform-project-ephemeral
go mod tidy
go install github.com/gruntwork-io/terratest/modules/terraform
go test -timeout 45m
```

## Documentation

### terraform-docs

```
# from the root of the repository
terraform-docs --lockfile=false ./
```