Added the option to use access tokens (#80)

That feature allows to access private GitHub repos, where custom conformance packs could be stored Version constraints added to the conformance pack submodule to satisfy the tflint
cloudposse · Jan 22, 2024 · 9cbefc9 · 9cbefc9
1 parent 2c984d1
commit 9cbefc9
Show file tree

Hide file tree

Showing 7 changed files with 98 additions and 160 deletions.
diff --git a/.github/renovate.json b/.github/renovate.json
@@ -1,13 +1,14 @@
 {
   "extends": [
     "config:base",
-    ":preserveSemverRanges"
+    ":preserveSemverRanges",
+    ":rebaseStalePrs"
   ],
-  "baseBranches": ["main", "master", "/^release\\/v\\d{1,2}$/"],
+  "baseBranches": ["main"],
   "labels": ["auto-update"],
   "dependencyDashboardAutoclose": true,
   "enabledManagers": ["terraform"],
   "terraform": {
-    "ignorePaths": ["**/context.tf", "examples/**"]
+    "ignorePaths": ["**/context.tf"]
   }
 }
diff --git a/README.md b/README.md
diff --git a/docs/terraform.md b/docs/terraform.md
@@ -5,6 +5,7 @@
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0 |
 | <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.0 |
+| <a name="requirement_http"></a> [http](#requirement\_http) | >= 3.4.1 |
 
 ## Providers
 

diff --git a/modules/conformance-pack/main.tf b/modules/conformance-pack/main.tf
@@ -13,5 +13,13 @@ resource "aws_config_conformance_pack" "default" {
 }
 
 data "http" "conformance_pack" {
-  url = var.conformance_pack
+  /*
+  To access a public GitHub repo the following URL is used:
+    https://raw.githubusercontent.com/<owner>/<repo>/<branch>/<path_to_file>
+  
+  To access a private GitHub repo an access token with appropriate permissions should be generated first and then provided in the url:
+    https://<private_access_token>@raw.githubusercontent.com/<owner>/<repo>/<branch>/<path_to_file>
+  */
+
+  url = var.access_token == "" ? var.conformance_pack : "${split("://", var.conformance_pack)[0]}://${var.access_token}@${split("://", var.conformance_pack)[1]}"
 }
diff --git a/modules/conformance-pack/variables.tf b/modules/conformance-pack/variables.tf
@@ -3,6 +3,12 @@ variable "conformance_pack" {
   description = "The URL to a Conformance Pack"
 }
 
+variable "access_token" {
+  type        = string
+  description = "Optional: access token required to access private GitHub repos, where custom conformance packs could be stored"
+  default     = ""
+}
+
 variable "parameter_overrides" {
   type        = map(any)
   description = "A map of parameters names to values to override from the template"

diff --git a/modules/conformance-pack/versions.tf b/modules/conformance-pack/versions.tf
@@ -0,0 +1,15 @@
+terraform {
+  required_version = ">= 1.0"
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 5.0"
+    }
+
+    http = {
+      source  = "hashicorp/http"
+      version = ">= 3.4.1"
+    }
+  }
+}
diff --git a/versions.tf b/versions.tf
@@ -6,5 +6,10 @@ terraform {
       source  = "hashicorp/aws"
       version = ">= 5.0"
     }
+
+    http = {
+      source  = "hashicorp/http"
+      version = ">= 3.4.1"
+    }
   }
 }