Pass through parameters to root module

Makefile

@@ -5,7 +5,7 @@ include scripts/makefile/Makefile.init
 ###############
 BUILD_FOLDER = build
 REQUIRED_BUILD_DEPENDENCIES = yarn
-REQUIRED_RUNTIME_DEPENDENCIES = node
+REQUIRED_RUNTIME_DEPENDENCIES = node terraform
 
 #####################
 ## Install Targets ##
@@ -23,7 +23,7 @@ check: check-runtime-deps check-build-deps # Checks if runtime and build require
 
 check-runtime-deps:
 	$(foreach exec,${REQUIRED_RUNTIME_DEPENDENCIES},\
-	$(if $(shell which ${exec}),@echo -e "${exec} is installed",$(error "No ${exec} in PATH")))
+	$(if $(shell which ${exec}),@echo -e "${exec} is installed\n",$(error "No ${exec} in PATH")))
 
 check-build-deps:
 	$(foreach exec,${REQUIRED_BUILD_DEPENDENCIES},\

example/terraform/main.tf

@@ -1,4 +1,5 @@
 terraform {
+  required_version = "~> 1.5"
   required_providers {
     aws = {
       source  = "hashicorp/aws"
@@ -25,9 +26,16 @@ module "opennext" {
   source = "../../"
 
   prefix              = "opennext-example"
-  aliases             = [local.domain_name]
-  acm_certificate_arn = aws_acm_certificate_validation.ssl_certificate.certificate_arn
-  hosted_zone_id      = data.aws_route53_zone.zone.zone_id
   opennext_build_path = "../.open-next"
-  assets_paths        = ["/images/*"]
-}
+  hosted_zone_id      = data.aws_route53_zone.zone.zone_id
+
+  cloudfront = {
+    aliases = [local.domain_name]
+    acm_certificate_arn = aws_acm_certificate_validation.ssl_certificate.certificate_arn
+    assets_paths        = ["/images/*"]
+  }
+}
+
+output "cloudfront_distribution_id" {
+  value = module.opennext.cloudfront.cloudfront_distribution.id
+}

modules/cloudfront-logs/main.tf

@@ -8,7 +8,7 @@ terraform {
     }
 
     archive = {
-      source = "hashicorp/archive"
+      source  = "hashicorp/archive"
       version = "~> 2.4.0"
     }
   }

modules/cloudfront-logs/s3__logs.tf

@@ -111,7 +111,7 @@ resource "aws_s3_bucket_replication_configuration" "logs" {
 
   depends_on = [aws_s3_bucket_versioning.logs]
   bucket     = aws_s3_bucket.logs.bucket
-  role = var.log_bucket_replication_configuration.role
+  role       = var.log_bucket_replication_configuration.role
 
   dynamic "rule" {
     for_each = toset(var.log_bucket_replication_configuration.rules)

modules/opennext-assets/kms.tf

@@ -1,15 +1,15 @@
 data "aws_kms_key" "assets_key" {
-    count = var.kms_key_arn != null ? 1 : 0
-    key_id = var.kms_key_arn
+  count  = var.kms_key_arn != null ? 1 : 0
+  key_id = var.kms_key_arn
 }
 
 resource "aws_kms_key" "assets_key" {
-    count = var.kms_key_arn == null ? 1 : 0
+  count = var.kms_key_arn == null ? 1 : 0
 
-    description = "${var.prefix} Assets S3 Bucket KMS Key"
-    deletion_window_in_days = 10
+  description             = "${var.prefix} Assets S3 Bucket KMS Key"
+  deletion_window_in_days = 10
 
-    policy = data.aws_iam_policy_document.assets_key_policy[0].json
+  policy = data.aws_iam_policy_document.assets_key_policy[0].json
 }
 
 data "aws_iam_policy_document" "assets_key_policy" {

modules/opennext-assets/outputs.tf

@@ -1,7 +1,7 @@
 output "cloudfront_origin_access_identity" {
-    value = aws_cloudfront_origin_access_identity.assets
+  value = aws_cloudfront_origin_access_identity.assets
 }
 
 output "assets_bucket" {
-    value = aws_s3_bucket.assets
+  value = aws_s3_bucket.assets
 }

modules/opennext-assets/s3.tf

@@ -59,7 +59,7 @@ resource "aws_s3_bucket_replication_configuration" "logs" {
 
   depends_on = [aws_s3_bucket_versioning.assets]
   bucket     = aws_s3_bucket.assets.bucket
-  role = var.replication_configuration.role
+  role       = var.replication_configuration.role
 
   dynamic "rule" {
     for_each = toset(var.replication_configuration.rules)
@@ -171,12 +171,12 @@ data "aws_iam_policy_document" "read_assets_bucket" {
 resource "aws_s3_object" "assets" {
   for_each = fileset(var.assets_path, "**")
 
-  bucket = aws_s3_bucket.assets.bucket
-  key    = "assets/${each.value}"
-  source = "${var.assets_path}/${each.value}"
-  etag   = filemd5("${var.assets_path}/${each.value}")
+  bucket        = aws_s3_bucket.assets.bucket
+  key           = "assets/${each.value}"
+  source        = "${var.assets_path}/${each.value}"
+  source_hash          = filemd5("${var.assets_path}/${each.value}")
   cache_control = length(regexall(".*(_next).*$", each.value)) > 0 ? "public,max-age=31536000,immutable" : "public,max-age=0,s-maxage=31536000,must-revalidate"
-  content_type = lookup(local.content_type_lookup, split(".", each.value)[length(split(".", each.value)) - 1], "text/plain")
+  content_type  = lookup(local.content_type_lookup, split(".", each.value)[length(split(".", each.value)) - 1], "text/plain")
 }
 
 # Cached Files
@@ -186,6 +186,6 @@ resource "aws_s3_object" "cache" {
   bucket       = aws_s3_bucket.assets.bucket
   key          = "cache/${each.value}"
   source       = "${var.cache_path}/${each.value}"
-  etag         = filemd5("${var.cache_path}/${each.value}")
+  source_hash         = filemd5("${var.cache_path}/${each.value}")
   content_type = lookup(local.content_type_lookup, split(".", each.value)[length(split(".", each.value)) - 1], "text/plain")
 }

modules/opennext-assets/variables.tf

@@ -4,18 +4,18 @@ variable "prefix" {
 }
 
 variable "assets_path" {
-    type = string
-    description = "The path of the open-next static assets"
+  type        = string
+  description = "The path of the open-next static assets"
 }
 
 variable "cache_path" {
-    type = string
-    description = "The path of the open-next cache"
+  type        = string
+  description = "The path of the open-next cache"
 }
 
 variable "server_function_role_arn" {
-    type = string
-    description = "The IAM role ARN of the Next.js server lambda function"
+  type        = string
+  description = "The IAM role ARN of the Next.js server lambda function"
 }
 
 variable "logging_config" {

modules/opennext-cloudfront/cloudfront.tf

@@ -1,6 +1,6 @@
 locals {
-  server_origin_id = "${var.prefix}-server-origin"
-  assets_origin_id = "${var.prefix}-assets-origin"
+  server_origin_id             = "${var.prefix}-server-origin"
+  assets_origin_id             = "${var.prefix}-assets-origin"
   image_optimization_origin_id = "${var.prefix}-image-optimization-origin"
 }
 
@@ -73,38 +73,42 @@ resource "aws_cloudfront_response_headers_policy" "response_headers_policy" {
     }
   }
 
-  custom_headers_config {
-    dynamic "items" {
-      for_each = toset(var.custom_headers)
+  dynamic "custom_headers_config" {
+    for_each = length(var.custom_headers) > 0 ? [true] : []
 
-      content {
-        header   = items.header
-        override = items.override
-        value    = items.value
+    content {
+      dynamic "items" {
+        for_each = toset(var.custom_headers)
+
+        content {
+          header   = items.header
+          override = items.override
+          value    = items.value
+        }
       }
     }
   }
 }
 
 provider "aws" {
-  alias = "global"
+  alias  = "global"
   region = "us-east-1"
 }
 
 resource "aws_cloudfront_distribution" "distribution" {
-  provider            = aws.global
-  price_class         = "PriceClass_100"
-  enabled             = true
-  is_ipv6_enabled     = true
-  comment             = "${var.prefix} - CloudFront Distribution for Next.js Application"
-  aliases             = var.aliases
-  web_acl_id          = aws_wafv2_web_acl.cloudfront_waf.arn
+  provider        = aws.global
+  price_class     = "PriceClass_100"
+  enabled         = true
+  is_ipv6_enabled = true
+  comment         = "${var.prefix} - CloudFront Distribution for Next.js Application"
+  aliases         = var.aliases
+  web_acl_id      = aws_wafv2_web_acl.cloudfront_waf.arn
 
   logging_config {
     include_cookies = false
     # bucket          = module.cloudfront_logs.logs_s3_bucket.bucket_regional_domain_name
     bucket = var.logging_bucket_domain_name
-    prefix          = one(var.aliases)
+    prefix = one(var.aliases)
   }
 
   viewer_certificate {
@@ -136,7 +140,7 @@ resource "aws_cloudfront_distribution" "distribution" {
   origin {
     domain_name = var.origins.server_function
     # domain_name = "${module.server_function.lambda_function_url_id}.lambda-url.eu-west-2.on.aws"
-    origin_id   = local.server_origin_id
+    origin_id = local.server_origin_id
 
     custom_origin_config {
       http_port              = 80
@@ -248,7 +252,7 @@ resource "aws_cloudfront_distribution" "distribution" {
       path_pattern     = ordered_cache_behavior.value
       allowed_methods  = ["GET", "HEAD", "OPTIONS"]
       cached_methods   = ["GET", "HEAD", "OPTIONS"]
-      target_origin_id = local.static_assets_origin_id
+      target_origin_id = local.assets_origin_id
 
       response_headers_policy_id = aws_cloudfront_response_headers_policy.response_headers_policy.id
       cache_policy_id            = aws_cloudfront_cache_policy.cache_policy.id

modules/opennext-cloudfront/outputs.tf

@@ -1,7 +1,7 @@
 output "cloudfront_distribution" {
-    value = aws_cloudfront_distribution.distribution
+  value = aws_cloudfront_distribution.distribution
 }
 
 output "wafv2_web_acl" {
-    value = aws_wafv2_web_acl.cloudfront_waf
+  value = aws_wafv2_web_acl.cloudfront_waf
 }

modules/opennext-cloudfront/variables.tf

@@ -3,10 +3,14 @@ variable "prefix" {
   description = "Prefix for created resource IDs"
 }
 
+variable "acm_certificate_arn" {
+  type = string
+}
+
 variable "origins" {
   type = object({
-    assets_bucket = string
-    server_function = string
+    assets_bucket               = string
+    server_function             = string
     image_optimization_function = string
   })
 }
@@ -103,7 +107,3 @@ variable "waf_logging_configuration" {
 
   default = null
 }
-
-variable "acm_certificate_arn" {
-  type = string
-}

modules/opennext-lambda/data.tf

@@ -1,5 +1,6 @@
 data "archive_file" "lambda_zip" {
-    type = "zip"
-    source_dir = var.source_dir
-    output_path =  "${var.output_dir}${var.prefix}.zip"
+  type = "zip"
+
+  source_dir  = var.source_dir
+  output_path = "${var.output_dir}${var.prefix}.zip"
 }

modules/opennext-lambda/eventbridge.tf

@@ -1,11 +1,13 @@
 resource "aws_cloudwatch_event_rule" "scheduled_lambda_event_rule" {
-  count               = var.create_eventbridge_scheduled_rule ? 1 : 0
+  count = var.create_eventbridge_scheduled_rule ? 1 : 0
+
   name                = "${var.prefix}-scheduled-lambda-event-rule"
   schedule_expression = var.schedule_expression
 }
 
 resource "aws_cloudwatch_event_target" "lambda_target" {
   count = var.create_eventbridge_scheduled_rule ? 1 : 0
-  arn   = aws_lambda_function.function.arn
-  rule  = aws_cloudwatch_event_rule.scheduled_lambda_event_rule[0].name
+
+  arn  = aws_lambda_function.function.arn
+  rule = aws_cloudwatch_event_rule.scheduled_lambda_event_rule[0].name
 }

modules/opennext-lambda/lambda.tf

@@ -20,12 +20,14 @@ resource "aws_lambda_function" "function" {
   filename         = data.archive_file.lambda_zip.output_path
   source_code_hash = filebase64sha256(data.archive_file.lambda_zip.output_path)
 
-  description = var.description
-  function_name                  = var.prefix
-  handler                        = var.handler
-  runtime                        = var.runtime
-  architectures                  = var.architectures
-  role                           = aws_iam_role.lambda_role.arn
+  function_name = var.function_name != null ? var.function_name : var.prefix
+  description   = var.description
+
+  handler       = var.handler
+  runtime       = var.runtime
+  architectures = var.architectures
+  role          = aws_iam_role.lambda_role.arn
+
   kms_key_arn                    = var.kms_key_arn
   code_signing_config_arn        = try(aws_lambda_code_signing_config.signing_config[0].arn, null)
   reserved_concurrent_executions = var.reserved_concurrent_executions

modules/opennext-lambda/main.tf

@@ -7,7 +7,7 @@ terraform {
       version = "~> 4.0"
     }
     archive = {
-      source = "hashicorp/archive"
+      source  = "hashicorp/archive"
       version = "~> 2.4.0"
     }
   }