test

.github/workflows/main.yml

@@ -15,7 +15,7 @@ jobs:
     # These permissions are needed to interact with GitHub's OIDC Token endpoint.
     permissions:
       id-token: write
-      contents: read
+      contents: write
     steps:
       - name: Configure AWS Credentials
         uses: aws-actions/configure-aws-credentials@v1
@@ -30,7 +30,11 @@ jobs:
         id: fmt
         run: terraform fmt
         continue-on-error: true
-   
+      - uses: EndBug/add-and-commit@v7
+        with:
+          message: Terraform fmt [skip ci]
+          committer_name: GitHub Actions
+          committer_email: actions@github.com   
       - name: Terraform Init
         id: init
         run: terraform init

.github/workflows/pr.yml

@@ -13,7 +13,8 @@ jobs:
     # These permissions are needed to interact with GitHub's OIDC Token endpoint.
     permissions:
       id-token: write
-      contents: read
+      contents: write
+      pull-requests: write
     steps:
       - name: Configure AWS Credentials
         uses: aws-actions/configure-aws-credentials@v1

cdn.tf

@@ -545,7 +545,7 @@ resource "aws_cloudfront_distribution" "api" {
     viewer_protocol_policy = "redirect-to-https"
   }
   ordered_cache_behavior {
-    allowed_methods = ["GET", "HEAD", "OPTIONS"] 
+    allowed_methods = ["GET", "HEAD", "OPTIONS"]
     cached_methods = [
       "HEAD",
       "GET"

ham_ingestion.tf

@@ -215,17 +215,17 @@ resource "aws_apigatewayv2_integration" "ham_upload_telem" {
 // SNS to MQTT
 
 resource "aws_lambda_function" "ham_sns_to_mqtt" {
-  function_name = "ham-sns-to-mqtt"
-  handler       = "sns_to_mqtt.lambda_handler"
+  function_name    = "ham-sns-to-mqtt"
+  handler          = "sns_to_mqtt.lambda_handler"
   s3_bucket        = aws_s3_bucket_object.lambda.bucket
   s3_key           = aws_s3_bucket_object.lambda.key
   source_code_hash = data.archive_file.lambda.output_base64sha256
-  publish       = true
-  memory_size   = 128
-  role          = aws_iam_role.basic_lambda_role.arn
-  runtime       = "python3.9"
-  timeout       = 3
-  architectures = ["arm64"]
+  publish          = true
+  memory_size      = 128
+  role             = aws_iam_role.basic_lambda_role.arn
+  runtime          = "python3.9"
+  timeout          = 3
+  architectures    = ["arm64"]
   lifecycle {
     ignore_changes = [environment]
   }

ingestion.tf

@@ -113,17 +113,17 @@ EOF
 // SNS to MQTT
 
 resource "aws_lambda_function" "sns_to_mqtt" {
-  function_name = "sns-to-mqtt"
-  handler       = "sns_to_mqtt.lambda_handler"
+  function_name    = "sns-to-mqtt"
+  handler          = "sns_to_mqtt.lambda_handler"
   s3_bucket        = aws_s3_bucket_object.lambda.bucket
   s3_key           = aws_s3_bucket_object.lambda.key
   source_code_hash = data.archive_file.lambda.output_base64sha256
-  publish       = true
-  memory_size   = 128
-  role          = aws_iam_role.basic_lambda_role.arn
-  runtime       = "python3.9"
-  timeout       = 3
-  architectures = ["arm64"]
+  publish          = true
+  memory_size      = 128
+  role             = aws_iam_role.basic_lambda_role.arn
+  runtime          = "python3.9"
+  timeout          = 3
+  architectures    = ["arm64"]
   lifecycle {
     ignore_changes = [environment]
   }

recovered.tf

@@ -195,16 +195,16 @@ resource "aws_apigatewayv2_route" "recovered_put" {
 
 
 resource "aws_lambda_function" "recovery_ingest" {
-  function_name                  = "recovery_ingest"
-  handler                        = "recovery_ingest.handler"
-  s3_bucket                      = aws_s3_bucket_object.lambda.bucket
-  s3_key                         = aws_s3_bucket_object.lambda.key
-  source_code_hash               = data.archive_file.lambda.output_base64sha256
-  publish                        = true
-  memory_size                    = 128
-  role                           = aws_iam_role.recovered.arn
-  runtime                        = "python3.9"
-  timeout                        = 300
+  function_name    = "recovery_ingest"
+  handler          = "recovery_ingest.handler"
+  s3_bucket        = aws_s3_bucket_object.lambda.bucket
+  s3_key           = aws_s3_bucket_object.lambda.key
+  source_code_hash = data.archive_file.lambda.output_base64sha256
+  publish          = true
+  memory_size      = 128
+  role             = aws_iam_role.recovered.arn
+  runtime          = "python3.9"
+  timeout          = 300
 
   tags = {
     Name = "recovered_get"