chore: update things (#51)

esacteksab · web-flow · commit 0b6b86334eb4 · 2025-01-12T18:07:50.000-06:00
* chore(deps): pre-commit autoupdate

* chore: make these files match other projects

* chore: pin shared action

* chore: changes to renovate to align with current needs

* chore: official tfdocs hook
diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml
@@ -10,4 +10,4 @@ on:
 
 jobs:
   validate-tf:
-    uses: trussworks/shared-actions/.github/workflows/validate-tf.yml@main
+    uses: trussworks/shared-actions/.github/workflows/validate-tf.yml@3cab03ab95045711da37ad6d63a93c666fc22398 # v0.0.2
diff --git a/.markdownlintrc b/.markdownlintrc
@@ -4,5 +4,6 @@
   "first-line-h1": false,
   "line_length": false,
   "no-multiple-blanks": false,
-  "no-inline-html": false
+  "no-inline-html": false,
+  "no-alt-text": false
 }
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -1,6 +1,6 @@
 repos:
   - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v4.4.0
+    rev: v5.0.0
     hooks:
       - id: check-json
       - id: check-merge-conflict
@@ -15,7 +15,7 @@ repos:
       - id: mixed-line-ending
 
   - repo: https://github.com/executablebooks/mdformat
-    rev: 0.7.16
+    rev: 0.7.21
     hooks:
       - id: mdformat
         additional_dependencies:
@@ -25,16 +25,16 @@ repos:
         exclude: README.m(ark)?d(own)?
 
   - repo: https://github.com/igorshubovych/markdownlint-cli
-    rev: v0.33.0
+    rev: v0.43.0
     hooks:
       - id: markdownlint
 
-  - repo: https://github.com/detailyang/pre-commit-shell
-    rev: 1.0.5
+  - repo: https://github.com/terraform-docs/terraform-docs
+    rev: "v0.19.0"
     hooks:
-      - id: shell-lint
+      - id: terraform-docs-go
 
   - repo: https://github.com/antonbabenko/pre-commit-terraform
-    rev: v1.77.1
+    rev: v1.96.3
     hooks:
       - id: terraform_fmt
diff --git a/.terraform-docs.yml b/.terraform-docs.yml
@@ -1,4 +1,25 @@
 settings:
   html: false
   anchor: false
+  escape: false
+  lockfile: false
+  hide-empty: true
 formatter: "markdown table"
+
+sections:
+  show:
+    - requirements
+    - providers
+    - modules
+    - data-sources
+    - resources
+    - inputs
+    - outputs
+
+output:
+  file: README.md
+  mode: inject
+  template: |-
+    <!-- BEGIN_TF_DOCS -->
+    {{ .Content }}
+    <!-- END_TF_DOCS -->
diff --git a/README.md b/README.md
@@ -108,10 +108,6 @@ module "github_terraform_aws_ou_scp" {
 |------|---------|
 | aws | >= 3.0 |
 
-## Modules
-
-No modules.
-
 ## Resources
 
 | Name | Type |
@@ -125,30 +121,26 @@ No modules.
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| allowed\_ec2\_instance\_types | EC2 instances types allowed for use | `list(string)` | ```[ "" ]``` | no |
-| allowed\_regions | AWS Regions allowed for use (for use with the restrict regions SCP) | `list(string)` | ```[ "" ]``` | no |
-| deny\_all | If false, create a combined policy. If true, deny all access | `bool` | `false` | no |
-| deny\_creating\_iam\_users | DenyCreatingIAMUsers in the OU policy. | `bool` | `false` | no |
-| deny\_deleting\_cloudwatch\_logs | DenyDeletingCloudwatchLogs in the OU policy. | `bool` | `false` | no |
-| deny\_deleting\_kms\_keys | DenyDeletingKMSKeys in the OU policy. | `bool` | `false` | no |
-| deny\_deleting\_route53\_zones | DenyDeletingRoute53Zones in the OU policy. | `bool` | `false` | no |
-| deny\_leaving\_orgs | DenyLeavingOrgs in the OU policy. | `bool` | `false` | no |
-| deny\_root\_account | DenyRootAccount in the OU policy. | `bool` | `false` | no |
-| deny\_s3\_bucket\_public\_access\_resources | S3 bucket resource ARNs to block public access | `list(string)` | ```[ "" ]``` | no |
-| deny\_s3\_buckets\_public\_access | DenyS3BucketsPublicAccess in the OU policy. | `bool` | `false` | no |
-| limit\_ec2\_instance\_types | LimitEC2InstanceTypes in the OU policy. | `bool` | `false` | no |
-| limit\_regions | LimitRegions in the OU policy. | `bool` | `false` | no |
-| protect\_iam\_role\_resources | IAM role resource ARNs to protect from modification and deletion | `list(string)` | ```[ "" ]``` | no |
-| protect\_iam\_roles | ProtectIAMRoles in the OU policy. | `bool` | `false` | no |
-| protect\_s3\_bucket\_resources | S3 bucket resource ARNs to protect from bucket and object deletion | `list(string)` | ```[ "" ]``` | no |
-| protect\_s3\_buckets | ProtectS3Buckets in the OU policy. | `bool` | `false` | no |
-| require\_s3\_encryption | DenyIncorrectEncryptionHeader and DenyUnEncryptedObjectUploads in the OU policy | `bool` | `false` | no |
+| allowed_ec2_instance_types | EC2 instances types allowed for use | `list(string)` | ```[ "" ]``` | no |
+| allowed_regions | AWS Regions allowed for use (for use with the restrict regions SCP) | `list(string)` | ```[ "" ]``` | no |
+| deny_all | If false, create a combined policy. If true, deny all access | `bool` | `false` | no |
+| deny_creating_iam_users | DenyCreatingIAMUsers in the OU policy. | `bool` | `false` | no |
+| deny_deleting_cloudwatch_logs | DenyDeletingCloudwatchLogs in the OU policy. | `bool` | `false` | no |
+| deny_deleting_kms_keys | DenyDeletingKMSKeys in the OU policy. | `bool` | `false` | no |
+| deny_deleting_route53_zones | DenyDeletingRoute53Zones in the OU policy. | `bool` | `false` | no |
+| deny_leaving_orgs | DenyLeavingOrgs in the OU policy. | `bool` | `false` | no |
+| deny_root_account | DenyRootAccount in the OU policy. | `bool` | `false` | no |
+| deny_s3_bucket_public_access_resources | S3 bucket resource ARNs to block public access | `list(string)` | ```[ "" ]``` | no |
+| deny_s3_buckets_public_access | DenyS3BucketsPublicAccess in the OU policy. | `bool` | `false` | no |
+| limit_ec2_instance_types | LimitEC2InstanceTypes in the OU policy. | `bool` | `false` | no |
+| limit_regions | LimitRegions in the OU policy. | `bool` | `false` | no |
+| protect_iam_role_resources | IAM role resource ARNs to protect from modification and deletion | `list(string)` | ```[ "" ]``` | no |
+| protect_iam_roles | ProtectIAMRoles in the OU policy. | `bool` | `false` | no |
+| protect_s3_bucket_resources | S3 bucket resource ARNs to protect from bucket and object deletion | `list(string)` | ```[ "" ]``` | no |
+| protect_s3_buckets | ProtectS3Buckets in the OU policy. | `bool` | `false` | no |
+| require_s3_encryption | DenyIncorrectEncryptionHeader and DenyUnEncryptedObjectUploads in the OU policy | `bool` | `false` | no |
 | tags | Tags applied to the SCP policy | `map(string)` | `{}` | no |
 | target | OU resource to attach SCP | ```object({ name = string id = string })``` | n/a | yes |
-
-## Outputs
-
-No outputs.
 <!-- END_TF_DOCS -->
 
 ## Developer Setup
diff --git a/renovate.json b/renovate.json
@@ -1,7 +1,7 @@
 {
   "extends": [
-    "config:base",
-    ":disableDependencyDashboard"
+    "config:recommended",
+    "helpers:pinGitHubActionDigests"
   ],
   "labels": [
     "dependencies"
@@ -32,10 +32,7 @@
       "groupName": "dependencies",
       "managers": [
         "terraform",
-        "gomod",
         "pre-commit",
-        "circleci",
-        "dockerfile",
         "github-actions"
       ],
       "matchUpdateTypes": [
@@ -44,9 +41,6 @@
       ]
     }
   ],
-  "postUpdateOptions": [
-    "gomodTidy"
-  ],
   "schedule": [
     "every weekend"
   ],

Original file line number	Diff line number	Diff line change
`@@ -4,5 +4,6 @@`
`4`	`4`	`"first-line-h1": false,`
`5`	`5`	`"line_length": false,`
`6`	`6`	`"no-multiple-blanks": false,`
`7`		`- "no-inline-html": false`
	`7`	`+ "no-inline-html": false,`
	`8`	`+ "no-alt-text": false`
`8`	`9`	`}`