bug: fix issues preventing deployment of resources

Author: sgtoj

assets/custom-message-sender/Dockerfile

@@ -1,6 +1,6 @@
 # ------------------------------------------------------------------- base ---
 
-FROM node:18-alpine as base
+FROM node:18 as base
 
 RUN mkdir -p /opt/app
 WORKDIR /opt/app

assets/custom-message-sender/package.json

@@ -15,7 +15,7 @@
     "opa-build:sample_policy": "opa build -t wasm -e sample/validate ./src/opa/fixtures/sample_policy.rego && tar -zxv -C ./src/opa/fixtures/ -f bundle.tar.gz '/policy.wasm' && mv ./src/opa/fixtures/policy.wasm ./src/opa/fixtures/sample_policy.wasm",
     "opa-test": "npm run opa-test:sample_policy",
     "opa-test:sample_policy": "opa test -v ./src/opa/fixtures/sample_policy.rego ./src/opa/fixtures/sample_policy_test.rego",
-    "test": "jest",
+    "test": "jest --detectOpenHandles --forceExit",
     "test:coverage": "jest --coverage",
     "tsc": "npx tsc",
     "lint": "npx eslint src/**/*.ts"

main.tf

@@ -1,7 +1,8 @@
 locals {
+  name            = coalesce(module.this.name, var.name, "cognito-custom-message-sender")
   enabled         = module.this.enabled
   aws_account_id  = try(coalesce(var.aws_account_id, data.aws_caller_identity.current[0].account_id), "")
-  aws_region_name = try(coalesce(var.aws_region_name, data.aws_caller_identity.current[0].region), "")
+  aws_region_name = try(coalesce(var.aws_region_name, data.aws_region.current[0].name), "")
 
   email_sender_enabled = false
 
@@ -12,7 +13,11 @@ locals {
 }
 
 data "aws_caller_identity" "current" {
-  count = local.enabled && (var.aws_account_id == "" || var.aws_region_name == "") ? 1 : 0
+  count = local.enabled && var.aws_account_id == "" ? 1 : 0
+}
+
+data "aws_region" "current" {
+  count = local.enabled && var.aws_region_name == "" ? 1 : 0
 }
 
 # ============================================================ message-sender ===
@@ -21,30 +26,31 @@ module "message_sender_label" {
   source  = "cloudposse/label/null"
   version = "0.25.0"
 
-  name    = var.name == "" ? "cognito-custom-message-sender" : var.name
+  name    = local.name
   context = module.this.context
 }
 
 module "message_sender_code" {
   source  = "sgtoj/artifact-packager/docker"
-  version = "1.0.0"
+  version = "1.3.1"
 
   artifact_src_path    = "/tmp/package.zip"
-  docker_build_context = abspath("${path.module}/assets/cognito-message-sender")
+  docker_build_context = abspath("${path.module}/assets/custom-message-sender")
   docker_build_target  = "package"
 
   docker_build_args = {
     SERVICE_OPA_POLICY_ENCODED = base64encode(local.sms_sender_policy_content)
   }
 
-
   context = module.message_sender_label.context
 }
 
 resource "aws_cloudwatch_log_group" "message_sender" {
-  count             = local.enabled ? 1 : 0
+  count = local.enabled ? 1 : 0
+
   name              = "/aws/lambda/${module.message_sender_label.id}"
   retention_in_days = 90
+  tags              = module.message_sender_label.tags
 }
 
 resource "aws_lambda_function" "message_sender" {
@@ -64,7 +70,7 @@ resource "aws_lambda_function" "message_sender" {
 
   environment {
     variables = {
-      LOG_LEVEL                      = var.service_log_level ? "debug" : "info"
+      LOG_LEVEL                      = var.service_log_level
       KMS_KEY_ID                     = module.kms_key.key_arn
       DDB_TABLE_HISTORY_NAME         = aws_dynamodb_table.history[0].name
       DDB_TABLE_HISTORY_TTL          = 43200
@@ -100,11 +106,11 @@ module "history_label" {
   version = "0.25.0"
 
   attributes = ["history"]
-  context    = module.this.context
+  context    = module.message_sender_label.context
 }
 
 resource "aws_dynamodb_table" "history" {
-  count = module.this.enabled ? 1 : 0
+  count = module.message_sender_label.enabled ? 1 : 0
 
   name         = module.history_label.id
   billing_mode = "PAY_PER_REQUEST"
@@ -160,18 +166,18 @@ module "kms_key" {
   source  = "cloudposse/kms-key/aws"
   version = "0.12.1"
 
-  alias                   = "${var.kms_key_alias_prefix}/${module.this.name}"
+  alias                   = "${var.kms_key_alias_prefix}/${module.message_sender_label.name}"
   deletion_window_in_days = 7
 
-  context = module.this.context
+  context = module.message_sender_label.context
 }
 
 # ---------------------------------------------------------------------- iam ---
 
 resource "aws_iam_role" "this" {
   count = local.enabled ? 1 : 0
 
-  name        = module.this.id
+  name        = module.message_sender_label.id
   description = ""
 
   assume_role_policy = jsonencode({
@@ -192,7 +198,7 @@ resource "aws_iam_role" "this" {
     policy = data.aws_iam_policy_document.this[0].json
   }
 
-  tags = module.this.tags
+  tags = module.message_sender_label.tags
 }
 
 data "aws_iam_policy_document" "this" {

variables.tf

@@ -6,7 +6,7 @@ variable "kms_key_alias_prefix" {
   default     = "alias"
 
   validation {
-    condition     = can(regex("^alias[a-zA-Z0-9/_-]*[^/]$", var.kms_key_alias_prefix))
+    condition     = can(regex("^alias[a-zA-Z0-9/_-]*[^/]*$", var.kms_key_alias_prefix))
     error_message = "KMS key alias prefix must start with 'alias' and only have alphanumeric, dashes, underscores, colons or slashes but doesn't end with a slash"
   }
 }
@@ -33,7 +33,7 @@ variable "sms_sender_policy_content" {
   type        = string
 
   validation {
-    condition     = contains(var.sms_sender_policy_content, "package cognito_custom_sender_sms_policy")
+    condition     = startswith(var.sms_sender_policy_content, "package cognito_custom_sender_sms_policy")
     error_message = "The SMS sender policy content must include 'package cognito_custom_sender_sms_policy'."
   }
 }

version.tf renamed to versions.tf

@@ -6,5 +6,9 @@ terraform {
       source  = "hashicorp/aws"
       version = ">= 5.0.0, < 6.0.0"
     }
+    docker = {
+      source  = "kreuzwerker/docker"
+      version = ">= 3.0.0, < 4.0.0"
+    }
   }
 }