Skip to content

Plan on pr#3

Merged
renatodellosso merged 13 commits intomainfrom
plan-on-pr
Feb 6, 2025
Merged

Plan on pr#3
renatodellosso merged 13 commits intomainfrom
plan-on-pr

Conversation

@renatodellosso
Copy link
Contributor

@renatodellosso renatodellosso commented Feb 3, 2025

No description provided.

@github-actions
Copy link

github-actions bot commented Feb 3, 2025
edited
Loading

Terraform plan in .

Plan: 36 to add, 0 to change, 0 to destroy. 
Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
+   create

Terraform will perform the following actions:

  # aws_acm_certificate.gearbox-certificate will be created
+   resource "aws_acm_certificate" "gearbox-certificate" {
+       arn                       = (known after apply)
+       domain_name               = "4026.org"
+       domain_validation_options = [
+           {
+               domain_name           = "*.4026.org"
+               resource_record_name  = (known after apply)
+               resource_record_type  = (known after apply)
+               resource_record_value = (known after apply)
            },
+           {
+               domain_name           = "4026.org"
+               resource_record_name  = (known after apply)
+               resource_record_type  = (known after apply)
+               resource_record_value = (known after apply)
            },
        ]
+       id                        = (known after apply)
+       key_algorithm             = (known after apply)
+       not_after                 = (known after apply)
+       not_before                = (known after apply)
+       pending_renewal           = (known after apply)
+       renewal_eligibility       = (known after apply)
+       renewal_summary           = (known after apply)
+       status                    = (known after apply)
+       subject_alternative_names = [
+           "*.4026.org",
+           "4026.org",
        ]
+       tags_all                  = (known after apply)
+       type                      = (known after apply)
+       validation_emails         = (known after apply)
+       validation_method         = "DNS"

+       options (known after apply)
    }

  # aws_acm_certificate_validation.gearbox-certificate-validation will be created
+   resource "aws_acm_certificate_validation" "gearbox-certificate-validation" {
+       certificate_arn = (known after apply)
+       id              = (known after apply)
    }

  # aws_appautoscaling_policy.ecs_policy will be created
+   resource "aws_appautoscaling_policy" "ecs_policy" {
+       alarm_arns         = (known after apply)
+       arn                = (known after apply)
+       id                 = (known after apply)
+       name               = "scale-down"
+       policy_type        = "TargetTrackingScaling"
+       resource_id        = "***********************"
+       scalable_dimension = "ecs:service:DesiredCount"
+       service_namespace  = "ecs"

+       target_tracking_scaling_policy_configuration {
+           disable_scale_in   = false
+           scale_in_cooldown  = 300
+           scale_out_cooldown = 300
+           target_value       = 75

+           predefined_metric_specification {
+               predefined_metric_type = "ECSServiceAverageCPUUtilization"
            }
        }
    }

  # aws_appautoscaling_target.ecs_target will be created
+   resource "aws_appautoscaling_target" "ecs_target" {
+       arn                = (known after apply)
+       id                 = (known after apply)
+       max_capacity       = 3
+       min_capacity       = 1
+       resource_id        = "***********************"
+       role_arn           = (known after apply)
+       scalable_dimension = "ecs:service:DesiredCount"
+       service_namespace  = "ecs"
+       tags_all           = (known after apply)

+       suspended_state (known after apply)
    }

  # aws_cloudwatch_log_group.gearbox-logs will be created
+   resource "aws_cloudwatch_log_group" "gearbox-logs" {
+       arn               = (known after apply)
+       id                = (known after apply)
+       log_group_class   = (known after apply)
+       name              = "gearbox-logs"
+       name_prefix       = (known after apply)
+       retention_in_days = 0
+       skip_destroy      = false
+       tags_all          = (known after apply)
    }

  # aws_cloudwatch_log_stream.gearbox-log-stream will be created
+   resource "aws_cloudwatch_log_stream" "gearbox-log-stream" {
+       arn            = (known after apply)
+       id             = (known after apply)
+       log_group_name = "gearbox-logs"
+       name           = "gearbox-log-stream"
    }

  # aws_ecs_cluster.gearbox will be created
+   resource "aws_ecs_cluster" "gearbox" {
+       arn      = (known after apply)
+       id       = (known after apply)
+       name     = "gearbox"
+       tags_all = (known after apply)

+       setting (known after apply)
    }

  # aws_ecs_service.gearbox will be created
+   resource "aws_ecs_service" "gearbox" {
+       availability_zone_rebalancing      = "DISABLED"
+       cluster                            = (known after apply)
+       deployment_maximum_percent         = 200
+       deployment_minimum_healthy_percent = 100
+       desired_count                      = 1
+       enable_ecs_managed_tags            = false
+       enable_execute_command             = false
+       iam_role                           = (known after apply)
+       id                                 = (known after apply)
+       launch_type                        = "FARGATE"
+       name                               = "gearbox"
+       platform_version                   = (known after apply)
+       scheduling_strategy                = "REPLICA"
+       tags_all                           = (known after apply)
+       task_definition                    = (known after apply)
+       triggers                           = (known after apply)
+       wait_for_steady_state              = false

+       deployment_circuit_breaker {
+           enable   = true
+           rollback = true
        }

+       load_balancer {
+           container_name   = "gearbox"
+           container_port   = 80
+           target_group_arn = (known after apply)
#            (1 unchanged attribute hidden)
        }

+       network_configuration {
+           assign_public_ip = true
+           security_groups  = (known after apply)
+           subnets          = (known after apply)
        }
    }

  # aws_ecs_task_definition.gearbox will be created
+   resource "aws_ecs_task_definition" "gearbox" {
+       arn                      = (known after apply)
+       arn_without_revision     = (known after apply)
+       container_definitions    = jsonencode(
            [
+               {
+                   environmentFiles = [
+                       {
+                           type  = "s3"
+                           value = "arn:aws:s3:::4026-gearbox-envs/.env"
                        },
                    ]
+                   essential        = true
+                   image            = "ghcr.io/decatur-robotics/gearbox:latest"
+                   logConfiguration = {
+                       logDriver = "awslogs"
+                       options   = {
+                           awslogs-group         = "gearbox-logs"
+                           awslogs-region        = "us-east-1"
+                           awslogs-stream-prefix = "gearbox-log-stream"
                        }
                    }
+                   name             = "gearbox"
+                   portMappings     = [
+                       {
+                           appProtocol   = "http"
+                           containerPort = 80
+                           name          = "http"
+                           protocol      = "tcp"
                        },
                    ]
                },
            ]
        )
+       cpu                      = "512"
+       execution_role_arn       = "arn:aws:iam::819512637580:role/ecs-task-execution-role"
+       family                   = "gearbox"
+       id                       = (known after apply)
+       memory                   = "1024"
+       network_mode             = "awsvpc"
+       requires_compatibilities = [
+           "FARGATE",
        ]
+       revision                 = (known after apply)
+       skip_destroy             = false
+       tags_all                 = (known after apply)
+       task_role_arn            = "arn:aws:iam::819512637580:role/s3-full-access-role"
+       track_latest             = false

+       runtime_platform {
+           cpu_architecture        = "X86_64"
+           operating_system_family = "LINUX"
        }
    }

  # aws_internet_gateway.gearbox-internet-gateway will be created
+   resource "aws_internet_gateway" "gearbox-internet-gateway" {
+       arn      = (known after apply)
+       id       = (known after apply)
+       owner_id = (known after apply)
+       tags_all = (known after apply)
+       vpc_id   = (known after apply)
    }

  # aws_lb.gearbox-load-balancer will be created
+   resource "aws_lb" "gearbox-load-balancer" {
+       arn                                                          = (known after apply)
+       arn_suffix                                                   = (known after apply)
+       client_keep_alive                                            = 3600
+       desync_mitigation_mode                                       = "defensive"
+       dns_name                                                     = (known after apply)
+       drop_invalid_header_fields                                   = false
+       enable_deletion_protection                                   = false
+       enable_http2                                                 = true
+       enable_tls_version_and_cipher_suite_headers                  = false
+       enable_waf_fail_open                                         = false
+       enable_xff_client_port                                       = false
+       enforce_security_group_inbound_rules_on_private_link_traffic = (known after apply)
+       id                                                           = (known after apply)
+       idle_timeout                                                 = 60
+       internal                                                     = false
+       ip_address_type                                              = (known after apply)
+       load_balancer_type                                           = "application"
+       name                                                         = "gearbox"
+       name_prefix                                                  = (known after apply)
+       preserve_host_header                                         = false
+       security_groups                                              = (known after apply)
+       subnets                                                      = (known after apply)
+       tags_all                                                     = (known after apply)
+       vpc_id                                                       = (known after apply)
+       xff_header_processing_mode                                   = "append"
+       zone_id                                                      = (known after apply)

+       subnet_mapping (known after apply)
    }

  # aws_lb_listener.gearbox-https-listener will be created
+   resource "aws_lb_listener" "gearbox-https-listener" {
+       arn                                                                   = (known after apply)
+       certificate_arn                                                       = (known after apply)
+       id                                                                    = (known after apply)
+       load_balancer_arn                                                     = (known after apply)
+       port                                                                  = 443
+       protocol                                                              = "HTTPS"
+       routing_http_request_x_amzn_mtls_clientcert_header_name               = (known after apply)
+       routing_http_request_x_amzn_mtls_clientcert_issuer_header_name        = (known after apply)
+       routing_http_request_x_amzn_mtls_clientcert_leaf_header_name          = (known after apply)
+       routing_http_request_x_amzn_mtls_clientcert_serial_number_header_name = (known after apply)
+       routing_http_request_x_amzn_mtls_clientcert_subject_header_name       = (known after apply)
+       routing_http_request_x_amzn_mtls_clientcert_validity_header_name      = (known after apply)
+       routing_http_request_x_amzn_tls_cipher_suite_header_name              = (known after apply)
+       routing_http_request_x_amzn_tls_version_header_name                   = (known after apply)
+       routing_http_response_access_control_allow_credentials_header_value   = (known after apply)
+       routing_http_response_access_control_allow_headers_header_value       = (known after apply)
+       routing_http_response_access_control_allow_methods_header_value       = (known after apply)
+       routing_http_response_access_control_allow_origin_header_value        = (known after apply)
+       routing_http_response_access_control_expose_headers_header_value      = (known after apply)
+       routing_http_response_access_control_max_age_header_value             = (known after apply)
+       routing_http_response_content_security_policy_header_value            = (known after apply)
+       routing_http_response_server_enabled                                  = (known after apply)
+       routing_http_response_strict_transport_security_header_value          = (known after apply)
+       routing_http_response_x_content_type_options_header_value             = (known after apply)
+       routing_http_response_x_frame_options_header_value                    = (known after apply)
+       ssl_policy                                                            = (known after apply)
+       tags_all                                                              = (known after apply)
+       tcp_idle_timeout_seconds                                              = (known after apply)

+       default_action {
+           order            = (known after apply)
+           target_group_arn = (known after apply)
+           type             = "forward"
        }

+       mutual_authentication (known after apply)
    }

  # aws_lb_target_group.gearbox-instances will be created
+   resource "aws_lb_target_group" "gearbox-instances" {
+       arn                                = (known after apply)
+       arn_suffix                         = (known after apply)
+       connection_termination             = (known after apply)
+       deregistration_delay               = "300"
+       id                                 = (known after apply)
+       ip_address_type                    = (known after apply)
+       lambda_multi_value_headers_enabled = false
+       load_balancer_arns                 = (known after apply)
+       load_balancing_algorithm_type      = (known after apply)
+       load_balancing_anomaly_mitigation  = (known after apply)
+       load_balancing_cross_zone_enabled  = (known after apply)
+       name                               = "gearbox-instances"
+       name_prefix                        = (known after apply)
+       port                               = 80
+       preserve_client_ip                 = (known after apply)
+       protocol                           = "HTTP"
+       protocol_version                   = (known after apply)
+       proxy_protocol_v2                  = false
+       slow_start                         = 0
+       tags_all                           = (known after apply)
+       target_type                        = "ip"
+       vpc_id                             = (known after apply)

+       health_check {
+           enabled             = true
+           healthy_threshold   = 3
+           interval            = 30
+           matcher             = (known after apply)
+           path                = "/api/hello"
+           port                = "traffic-port"
+           protocol            = "HTTP"
+           timeout             = (known after apply)
+           unhealthy_threshold = 3
        }

+       stickiness (known after apply)

+       target_failover (known after apply)

+       target_group_health (known after apply)

+       target_health_state (known after apply)
    }

  # aws_route_table.gearbox-route-table will be created
+   resource "aws_route_table" "gearbox-route-table" {
+       arn              = (known after apply)
+       id               = (known after apply)
+       owner_id         = (known after apply)
+       propagating_vgws = (known after apply)
+       route            = [
+           {
+               cidr_block                 = "0.0.0.0/0"
+               gateway_id                 = (known after apply)
#                (11 unchanged attributes hidden)
            },
+           {
+               cidr_block                 = "40.26.0.0/16"
+               gateway_id                 = "*****"
#                (11 unchanged attributes hidden)
            },
        ]
+       tags_all         = (known after apply)
+       vpc_id           = (known after apply)
    }

  # aws_route_table_association.gearbox-route-table-association[0] will be created
+   resource "aws_route_table_association" "gearbox-route-table-association" {
+       id             = (known after apply)
+       route_table_id = (known after apply)
+       subnet_id      = (known after apply)
    }

  # aws_route_table_association.gearbox-route-table-association[1] will be created
+   resource "aws_route_table_association" "gearbox-route-table-association" {
+       id             = (known after apply)
+       route_table_id = (known after apply)
+       subnet_id      = (known after apply)
    }

  # aws_route_table_association.gearbox-route-table-association[2] will be created
+   resource "aws_route_table_association" "gearbox-route-table-association" {
+       id             = (known after apply)
+       route_table_id = (known after apply)
+       subnet_id      = (known after apply)
    }

  # aws_security_group.gearbox-security-group will be created
+   resource "aws_security_group" "gearbox-security-group" {
+       arn                    = (known after apply)
+       description            = "Managed by Terraform"
+       egress                 = (known after apply)
+       id                     = (known after apply)
+       ingress                = (known after apply)
+       name                   = "gearbox-security-group"
+       name_prefix            = (known after apply)
+       owner_id               = (known after apply)
+       revoke_rules_on_delete = false
+       tags_all               = (known after apply)
+       vpc_id                 = (known after apply)
    }

  # aws_security_group.load-balancer-security-group will be created
+   resource "aws_security_group" "load-balancer-security-group" {
+       arn                    = (known after apply)
+       description            = "Managed by Terraform"
+       egress                 = (known after apply)
+       id                     = (known after apply)
+       ingress                = (known after apply)
+       name                   = "load-balancer-security-group"
+       name_prefix            = (known after apply)
+       owner_id               = (known after apply)
+       revoke_rules_on_delete = false
+       tags_all               = (known after apply)
+       vpc_id                 = (known after apply)
    }

  # aws_security_group_rule.gearbox-allow-all-egress will be created
+   resource "aws_security_group_rule" "gearbox-allow-all-egress" {
+       cidr_blocks              = [
+           "0.0.0.0/0",
        ]
+       from_port                = 0
+       id                       = (known after apply)
+       protocol                 = "-1"
+       security_group_id        = (known after apply)
+       security_group_rule_id   = (known after apply)
+       self                     = false
+       source_security_group_id = (known after apply)
+       to_port                  = 65535
+       type                     = "egress"
    }

  # aws_security_group_rule.gearbox-allow-http-ingress will be created
+   resource "aws_security_group_rule" "gearbox-allow-http-ingress" {
+       cidr_blocks              = [
+           "0.0.0.0/0",
        ]
+       from_port                = 80
+       id                       = (known after apply)
+       protocol                 = "tcp"
+       security_group_id        = (known after apply)
+       security_group_rule_id   = (known after apply)
+       self                     = false
+       source_security_group_id = (known after apply)
+       to_port                  = 80
+       type                     = "ingress"
    }

  # aws_security_group_rule.load-balancer-allow-all-egress will be created
+   resource "aws_security_group_rule" "load-balancer-allow-all-egress" {
+       cidr_blocks              = [
+           "40.26.0.0/16",
        ]
+       from_port                = 0
+       id                       = (known after apply)
+       protocol                 = "-1"
+       security_group_id        = (known after apply)
+       security_group_rule_id   = (known after apply)
+       self                     = false
+       source_security_group_id = (known after apply)
+       to_port                  = 65535
+       type                     = "egress"
    }

  # aws_security_group_rule.load-balancer-allow-https-ingress will be created
+   resource "aws_security_group_rule" "load-balancer-allow-https-ingress" {
+       cidr_blocks              = [
+           "0.0.0.0/0",
        ]
+       from_port                = 443
+       id                       = (known after apply)
+       protocol                 = "tcp"
+       security_group_id        = (known after apply)
+       security_group_rule_id   = (known after apply)
+       self                     = false
+       source_security_group_id = (known after apply)
+       to_port                  = 443
+       type                     = "ingress"
    }

  # aws_service_discovery_http_namespace.gearbox-namespace will be created
+   resource "aws_service_discovery_http_namespace" "gearbox-namespace" {
+       arn         = (known after apply)
+       description = "The namespace to use for Service Connect"
+       http_name   = (known after apply)
+       id          = (known after apply)
+       name        = "gearbox"
+       tags_all    = (known after apply)
    }

  # aws_subnet.gearbox-subnets[0] will be created
+   resource "aws_subnet" "gearbox-subnets" {
+       arn                                            = (known after apply)
+       assign_ipv6_address_on_creation                = false
+       availability_zone                              = "us-east-1a"
+       availability_zone_id                           = (known after apply)
+       cidr_block                                     = "40.26.0.0/20"
+       enable_dns64                                   = false
+       enable_resource_name_dns_a_record_on_launch    = false
+       enable_resource_name_dns_aaaa_record_on_launch = false
+       id                                             = (known after apply)
+       ipv6_cidr_block_association_id                 = (known after apply)
+       ipv6_native                                    = false
+       map_public_ip_on_launch                        = false
+       owner_id                                       = (known after apply)
+       private_dns_hostname_type_on_launch            = (known after apply)
+       tags_all                                       = (known after apply)
+       vpc_id                                         = (known after apply)
    }

  # aws_subnet.gearbox-subnets[1] will be created
+   resource "aws_subnet" "gearbox-subnets" {
+       arn                                            = (known after apply)
+       assign_ipv6_address_on_creation                = false
+       availability_zone                              = "us-east-1b"
+       availability_zone_id                           = (known after apply)
+       cidr_block                                     = "40.26.16.0/20"
+       enable_dns64                                   = false
+       enable_resource_name_dns_a_record_on_launch    = false
+       enable_resource_name_dns_aaaa_record_on_launch = false
+       id                                             = (known after apply)
+       ipv6_cidr_block_association_id                 = (known after apply)
+       ipv6_native                                    = false
+       map_public_ip_on_launch                        = false
+       owner_id                                       = (known after apply)
+       private_dns_hostname_type_on_launch            = (known after apply)
+       tags_all                                       = (known after apply)
+       vpc_id                                         = (known after apply)
    }

  # aws_subnet.gearbox-subnets[2] will be created
+   resource "aws_subnet" "gearbox-subnets" {
+       arn                                            = (known after apply)
+       assign_ipv6_address_on_creation                = false
+       availability_zone                              = "us-east-1c"
+       availability_zone_id                           = (known after apply)
+       cidr_block                                     = "40.26.32.0/20"
+       enable_dns64                                   = false
+       enable_resource_name_dns_a_record_on_launch    = false
+       enable_resource_name_dns_aaaa_record_on_launch = false
+       id                                             = (known after apply)
+       ipv6_cidr_block_association_id                 = (known after apply)
+       ipv6_native                                    = false
+       map_public_ip_on_launch                        = false
+       owner_id                                       = (known after apply)
+       private_dns_hostname_type_on_launch            = (known after apply)
+       tags_all                                       = (known after apply)
+       vpc_id                                         = (known after apply)
    }

  # aws_vpc.gearbox-vpc will be created
+   resource "aws_vpc" "gearbox-vpc" {
+       arn                                  = (known after apply)
+       cidr_block                           = "40.26.0.0/16"
+       default_network_acl_id               = (known after apply)
+       default_route_table_id               = (known after apply)
+       default_security_group_id            = (known after apply)
+       dhcp_options_id                      = (known after apply)
+       enable_dns_hostnames                 = true
+       enable_dns_support                   = true
+       enable_network_address_usage_metrics = (known after apply)
+       id                                   = (known after apply)
+       instance_tenancy                     = "default"
+       ipv6_association_id                  = (known after apply)
+       ipv6_cidr_block                      = (known after apply)
+       ipv6_cidr_block_network_border_group = (known after apply)
+       main_route_table_id                  = (known after apply)
+       owner_id                             = (known after apply)
+       tags_all                             = (known after apply)
    }

  # cloudflare_dns_record.domain-ownership-validation-record will be created
+   resource "cloudflare_dns_record" "domain-ownership-validation-record" {
+       comment             = "ACM Certificate Validation"
+       comment_modified_on = (known after apply)
+       content             = (known after apply)
+       created_on          = (known after apply)
+       data                = (known after apply)
+       id                  = (known after apply)
+       meta                = (known after apply)
+       modified_on         = (known after apply)
+       name                = (known after apply)
+       proxiable           = (known after apply)
+       proxied             = false
+       settings            = (known after apply)
+       tags                = []
+       tags_modified_on    = (known after apply)
+       ttl                 = 60
+       type                = (known after apply)
+       zone_id             = "********************************"
    }

  # cloudflare_dns_record.resend-domain-key-txt will be created
+   resource "cloudflare_dns_record" "resend-domain-key-txt" {
+       comment             = "Resend"
+       comment_modified_on = (known after apply)
+       content             = "p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDof5w1H6DaIgsH2qxCLQWqE4QPayoA+5SL/Z8/s8Gfwq8N4Q/U9Wu9VPRoEWzh+LqM35Ce7GrAxkhsCiFvb/7a0RrHn6okfODWtebB7iz9Zfa9aqk8wcpR1DAhcCf9El4RKUBlBmQ0xaDwCRovcBM6cRcRq5wAbx1sHqVTo4X1HwIDAQAB"
+       created_on          = (known after apply)
+       data                = (known after apply)
+       id                  = (known after apply)
+       meta                = (known after apply)
+       modified_on         = (known after apply)
+       name                = "resend._domainkey"
+       proxiable           = (known after apply)
+       proxied             = false
+       settings            = (known after apply)
+       tags                = []
+       tags_modified_on    = (known after apply)
+       ttl                 = 1
+       type                = "TXT"
+       zone_id             = "********************************"
    }

  # cloudflare_dns_record.root-cname will be created
+   resource "cloudflare_dns_record" "root-cname" {
+       comment             = (known after apply)
+       comment_modified_on = (known after apply)
+       content             = (known after apply)
+       created_on          = (known after apply)
+       data                = (known after apply)
+       id                  = (known after apply)
+       meta                = (known after apply)
+       modified_on         = (known after apply)
+       name                = "4026.org"
+       proxiable           = (known after apply)
+       proxied             = true
+       settings            = (known after apply)
+       tags                = []
+       tags_modified_on    = (known after apply)
+       ttl                 = 1
+       type                = "CNAME"
+       zone_id             = "********************************"
    }

  # cloudflare_dns_record.root-send-txt will be created
+   resource "cloudflare_dns_record" "root-send-txt" {
+       comment             = "Resend"
+       comment_modified_on = (known after apply)
+       content             = "v=spf1 include:_spf.mx.cloudflare.net ~all"
+       created_on          = (known after apply)
+       data                = (known after apply)
+       id                  = (known after apply)
+       meta                = (known after apply)
+       modified_on         = (known after apply)
+       name                = "send"
+       proxiable           = (known after apply)
+       proxied             = false
+       settings            = (known after apply)
+       tags                = []
+       tags_modified_on    = (known after apply)
+       ttl                 = 1
+       type                = "TXT"
+       zone_id             = "********************************"
    }

  # cloudflare_dns_record.send-mx will be created
+   resource "cloudflare_dns_record" "send-mx" {
+       comment             = "Resend"
+       comment_modified_on = (known after apply)
+       content             = "feedback-smtp.us-east-1.amazonses.com"
+       created_on          = (known after apply)
+       data                = (known after apply)
+       id                  = (known after apply)
+       meta                = (known after apply)
+       modified_on         = (known after apply)
+       name                = "send"
+       priority            = 1
+       proxiable           = (known after apply)
+       proxied             = false
+       settings            = (known after apply)
+       tags                = []
+       tags_modified_on    = (known after apply)
+       ttl                 = 1
+       type                = "MX"
+       zone_id             = "********************************"
    }

  # cloudflare_dns_record.send-txt will be created
+   resource "cloudflare_dns_record" "send-txt" {
+       comment             = "Resend"
+       comment_modified_on = (known after apply)
+       content             = "v=spf1 include:amazonses.com ~all"
+       created_on          = (known after apply)
+       data                = (known after apply)
+       id                  = (known after apply)
+       meta                = (known after apply)
+       modified_on         = (known after apply)
+       name                = "send"
+       proxiable           = (known after apply)
+       proxied             = false
+       settings            = (known after apply)
+       tags                = []
+       tags_modified_on    = (known after apply)
+       ttl                 = 1
+       type                = "TXT"
+       zone_id             = "********************************"
    }

  # cloudflare_dns_record.status-cname will be created
+   resource "cloudflare_dns_record" "status-cname" {
+       comment             = (known after apply)
+       comment_modified_on = (known after apply)
+       content             = "app.pulsetic.com"
+       created_on          = (known after apply)
+       data                = (known after apply)
+       id                  = (known after apply)
+       meta                = (known after apply)
+       modified_on         = (known after apply)
+       name                = "status"
+       proxiable           = (known after apply)
+       proxied             = false
+       settings            = (known after apply)
+       tags                = []
+       tags_modified_on    = (known after apply)
+       ttl                 = 1
+       type                = "CNAME"
+       zone_id             = "********************************"
    }

  # cloudflare_dns_record.www-cname will be created
+   resource "cloudflare_dns_record" "www-cname" {
+       comment             = (known after apply)
+       comment_modified_on = (known after apply)
+       content             = (known after apply)
+       created_on          = (known after apply)
+       data                = (known after apply)
+       id                  = (known after apply)
+       meta                = (known after apply)
+       modified_on         = (known after apply)
+       name                = "www"
+       proxiable           = (known after apply)
+       proxied             = true
+       settings            = (known after apply)
+       tags                = []
+       tags_modified_on    = (known after apply)
+       ttl                 = 1
+       type                = "CNAME"
+       zone_id             = "********************************"
    }

Plan: 36 to add, 0 to change, 0 to destroy.

📝 Plan generated in Plan Terraform #14

github-advanced-security[bot]
github-advanced-security bot found potential problems Feb 3, 2025
View reviewed changes
github-advanced-security[bot]
github-advanced-security bot found potential problems Feb 4, 2025
View reviewed changes
.github/workflows/apply.yml
Comment on lines +10 to +11
uses: ./.github/workflows/validate.yml
terraform-apply:

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {}
LookItsJosh
LookItsJosh reviewed Feb 6, 2025
View reviewed changes
.github/workflows/apply.yml
terraform-validate:
uses: ./.github/workflows/validate.yml
terraform-apply:
runs-on: ubuntu-latest
Copy link

@LookItsJosh LookItsJosh Feb 6, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is there an option to list an exact ubuntu version? as in line line 19 where you list an exact commit:
uses: dflook/terraform-apply@61432ffb5b94226bdfc9cd68a1702a2c40e0db8b,
it may be best to lock in whatever version you know is working currently even if it's unlikely a new version of ubuntu would break anything

main.tf
zone_id = var.cloudflare-zone-id
name = "status"
content = aws_lb.gearbox-load-balancer.dns_name
content = "app.pulsetic.com"
Copy link

@LookItsJosh LookItsJosh Feb 6, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Assuming this is correct, but the previous content name wasn't in quotes. Unsure if whatever code processes this is expecting quotes or not

@renatodellosso renatodellosso merged commit 084b869 into main Feb 6, 2025
4 checks passed
@renatodellosso renatodellosso deleted the plan-on-pr branch February 6, 2025 22:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@LookItsJosh LookItsJosh LookItsJosh left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@renatodellosso @LookItsJosh

Comments