diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index b241206..1f18c42 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -15,7 +15,7 @@ jobs: # These permissions are needed to interact with GitHub's OIDC Token endpoint. permissions: id-token: write - contents: read + contents: write steps: - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@v1 @@ -30,7 +30,11 @@ jobs: id: fmt run: terraform fmt continue-on-error: true - + - uses: EndBug/add-and-commit@v7 + with: + message: Terraform fmt [skip ci] + committer_name: GitHub Actions + committer_email: actions@github.com - name: Terraform Init id: init run: terraform init diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index 248f2ec..6b51a27 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -13,7 +13,8 @@ jobs: # These permissions are needed to interact with GitHub's OIDC Token endpoint. permissions: id-token: write - contents: read + contents: write + pull-requests: write steps: - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@v1 diff --git a/cdn.tf b/cdn.tf index db8c906..33fda15 100644 --- a/cdn.tf +++ b/cdn.tf @@ -545,7 +545,7 @@ resource "aws_cloudfront_distribution" "api" { viewer_protocol_policy = "redirect-to-https" } ordered_cache_behavior { - allowed_methods = ["GET", "HEAD", "OPTIONS"] + allowed_methods = ["GET", "HEAD", "OPTIONS"] cached_methods = [ "HEAD", "GET" diff --git a/ham_ingestion.tf b/ham_ingestion.tf index 276d557..dc7c921 100644 --- a/ham_ingestion.tf +++ b/ham_ingestion.tf @@ -215,17 +215,17 @@ resource "aws_apigatewayv2_integration" "ham_upload_telem" { // SNS to MQTT resource "aws_lambda_function" "ham_sns_to_mqtt" { - function_name = "ham-sns-to-mqtt" - handler = "sns_to_mqtt.lambda_handler" + function_name = "ham-sns-to-mqtt" + handler = "sns_to_mqtt.lambda_handler" s3_bucket = aws_s3_bucket_object.lambda.bucket s3_key = aws_s3_bucket_object.lambda.key source_code_hash = data.archive_file.lambda.output_base64sha256 - publish = true - memory_size = 128 - role = aws_iam_role.basic_lambda_role.arn - runtime = "python3.9" - timeout = 3 - architectures = ["arm64"] + publish = true + memory_size = 128 + role = aws_iam_role.basic_lambda_role.arn + runtime = "python3.9" + timeout = 3 + architectures = ["arm64"] lifecycle { ignore_changes = [environment] } diff --git a/ingestion.tf b/ingestion.tf index 94bb274..af8cb87 100644 --- a/ingestion.tf +++ b/ingestion.tf @@ -113,17 +113,17 @@ EOF // SNS to MQTT resource "aws_lambda_function" "sns_to_mqtt" { - function_name = "sns-to-mqtt" - handler = "sns_to_mqtt.lambda_handler" + function_name = "sns-to-mqtt" + handler = "sns_to_mqtt.lambda_handler" s3_bucket = aws_s3_bucket_object.lambda.bucket s3_key = aws_s3_bucket_object.lambda.key source_code_hash = data.archive_file.lambda.output_base64sha256 - publish = true - memory_size = 128 - role = aws_iam_role.basic_lambda_role.arn - runtime = "python3.9" - timeout = 3 - architectures = ["arm64"] + publish = true + memory_size = 128 + role = aws_iam_role.basic_lambda_role.arn + runtime = "python3.9" + timeout = 3 + architectures = ["arm64"] lifecycle { ignore_changes = [environment] } diff --git a/recovered.tf b/recovered.tf index 0527ef5..a629c41 100644 --- a/recovered.tf +++ b/recovered.tf @@ -195,16 +195,16 @@ resource "aws_apigatewayv2_route" "recovered_put" { resource "aws_lambda_function" "recovery_ingest" { - function_name = "recovery_ingest" - handler = "recovery_ingest.handler" - s3_bucket = aws_s3_bucket_object.lambda.bucket - s3_key = aws_s3_bucket_object.lambda.key - source_code_hash = data.archive_file.lambda.output_base64sha256 - publish = true - memory_size = 128 - role = aws_iam_role.recovered.arn - runtime = "python3.9" - timeout = 300 + function_name = "recovery_ingest" + handler = "recovery_ingest.handler" + s3_bucket = aws_s3_bucket_object.lambda.bucket + s3_key = aws_s3_bucket_object.lambda.key + source_code_hash = data.archive_file.lambda.output_base64sha256 + publish = true + memory_size = 128 + role = aws_iam_role.recovered.arn + runtime = "python3.9" + timeout = 300 tags = { Name = "recovered_get"