Update pipelines, triggers, vars, and mod to be Flowpipe v1 compatible (

#33)

Co-authored-by: misraved <[email protected]>
Co-authored-by: Priyanka Chatterjee <[email protected]>
Co-authored-by: ParthaI <[email protected]>

CHANGELOG.md

@@ -1,3 +1,30 @@
+## v1.0.0 (2024-10-22)
+
+_Breaking changes_
+
+- Flowpipe v1.0.0 is now required. For a full list of CLI changes, please see the [Flowpipe v1.0.0 CHANGELOG](https://flowpipe.io/changelog/flowpipe-cli-v1-0-0).
+- In Flowpipe configuration files (`.fpc`), `credential` and `credential_import` resources have been renamed to `connection` and `connection_import` respectively.
+- Updated the following param types:
+  - `approvers`: `list(string)` to `list(notifier)`.
+  - `database`: `string` to `connection.steampipe`.
+  - `notifier`: `string` to `notifier`.
+- Updated the following variable types:
+  - `approvers`: `list(string)` to `list(notifier)`.
+  - `database`: `string` to `connection.steampipe`.
+  - `notifier`: `string` to `notifier`.
+- Renamed `cred` param to `conn` and updated its type from `string` to `conn`.
+
+_Enhancements_
+
+- Added `standard` to the mod's categories.
+- Updated the following pipeline tags:
+  - `type = "featured"` to `recommended = "true"`
+  - `type = "test"` to `folder = "Tests"`
+- Added the `folder = "Internal"` tag to pipelines that are not meant to be run directly.
+- Added the `folder = "Advanced/<service>"` tag to variables.
+- Added `enum` to `*_default_action` and `*_notification_level` params and variables.
+- Added `format` to params and variables that use multiline and JSON strings.
+
 ## v0.2.0 [2024-08-21]
 
 _Enhancements_

README.md

@@ -27,22 +27,22 @@ Install the AWS plugin with [Steampipe](https://steampipe.io):
 steampipe plugin install aws
 ```
 
-Steampipe will automatically use your default AWS credentials. Optionally, you can [setup multiple accounts](https://hub.steampipe.io/plugins/turbot/aws#multi-account-connections) or [customize AWS credentials](https://hub.steampipe.io/plugins/turbot/aws#configuring-aws-credentials).
+Steampipe will automatically use your default AWS connections. Optionally, you can [setup multiple accounts](https://hub.steampipe.io/plugins/turbot/aws#multi-account-connections) or [customize AWS connections](https://hub.steampipe.io/plugins/turbot/aws#configuring-aws-connections).
 
-Create a [`credential_import`](https://flowpipe.io/docs/reference/config-files/credential_import) resource to import your Steampipe AWS connections:
+Create a [`connection_import`](https://flowpipe.io/docs/reference/config-files/connection_import) resource to import your Steampipe AWS connections:
 
 ```sh
 vi ~/.flowpipe/config/aws.fpc
 ```
 
 ```hcl
-credential_import "aws" {
+connection_import "aws" {
   source      = "~/.steampipe/config/aws.spc"
   connections = ["*"]
 }
 ```
 
-For more information on credentials in Flowpipe, please see [Managing Credentials](https://flowpipe.io/docs/run/credentials).
+For more information on connections in Flowpipe, please see [Managing Connections](https://flowpipe.io/docs/run/connections).
 
 Clone the mod:
 
@@ -540,4 +540,4 @@ This repository is published under the [Apache 2.0 license](https://www.apache.o
 Want to help but don't know where to start? Pick up one of the `help wanted` issues:
 
 - [Flowpipe](https://github.com/turbot/flowpipe/labels/help%20wanted)
-- [AWS Tags Mod](https://github.com/turbot/flowpipe-mod-aws-tags/labels/help%20wanted)
+- [AWS Tags Mod](https://github.com/turbot/flowpipe-mod-aws-tags/labels/help%20wanted)

flowpipe.fpvars.example

@@ -1,9 +1,11 @@
-## Core options
-database                      = "postgres:#steampipe@localhost:9193/steampipe"
-notifier                      = "default"
-notification_level            = "info"
-approvers                     = ["default"]
-max_concurrency               = 1
+# Core options
+approvers          = [notifier.default]
+notifier           = notifier.default
+notification_level = "info"
+
+# Advanced options
+database        = connection.steampipe.default
+max_concurrency = 1
 
 incorrect_tags_default_action = "notify"
 
@@ -289,4 +291,4 @@ base_tag_rules = {
 
 # wafv2_web_acls_tag_rules = {}
 # wafv2_web_acls_with_incorrect_tags_trigger_enabled = false
-# wafv2_web_acls_with_incorrect_tags_trigger_schedule = "15m"
+# wafv2_web_acls_with_incorrect_tags_trigger_schedule = "15m"

locals.fp

@@ -16,30 +16,33 @@ locals {
   style_alert   = "alert"
 }
 
+// Notification level
+
+locals {
+  notification_level_enum = ["info", "verbose", "error"]
+}
+
 // Common Texts
 locals {
-  description_database         = "Database connection string."
+  description_account_id       = "The account ID of the resource."
   description_approvers        = "List of notifiers to be used for obtaining action/approval decisions."
-  description_max_concurrency  = "The maximum concurrency to use for responding to detection items."
-  description_notifier         = "The name of the notifier to use for sending notification messages."
-  description_notifier_level   = "The verbosity level of notification messages to send. Valid options are 'verbose', 'info', 'error'."
+  description_arn              = "The ARN of the resource."
+  description_connection       = "Name of the AWS connection to be used for any authenticated actions."
+  description_database         = "Database connection string."
   description_default_action   = "The default action to use for the detected item, used if no input is provided."
   description_enabled_actions  = "The list of enabled actions to provide to approvers for selection."
-  description_trigger_enabled  = "If true, the trigger is enabled."
-  description_trigger_schedule = "The schedule on which to run the trigger if enabled."
-  description_credential       = "Name of the credential to be used for any authenticated actions."
+  description_items            = "A collection of detected resources to run corrective actions against."
+  description_max_concurrency  = "The maximum concurrency to use for responding to detection items."
+  description_notifier         = "The name of the notifier to use for sending notification messages."
+  description_notifier_level   = "The verbosity level of notification messages to send."
   description_region           = "AWS Region of the resource(s)."
   description_title            = "Title of the resource, to be used as a display name."
-  description_arn              = "The ARN of the resource."
-  description_account_id       = "The account ID of the resource."
-  description_items            = "A collection of detected resources to run corrective actions against."
+  description_trigger_enabled  = "If true, the trigger is enabled."
+  description_trigger_schedule = "The schedule on which to run the trigger if enabled."
 }
 
-// Pipeline References
 locals {
-  pipeline_optional_message    = detect_correct.pipeline.optional_message
-  aws_pipeline_tag_resources   = aws.pipeline.tag_resources
-  aws_pipeline_untag_resources = aws.pipeline.untag_resources
+  incorrect_tags_default_action_enum = ["notify", "apply", "skip"]
 }
 
 locals {
@@ -62,7 +65,7 @@ with tags as (
     arn,
     region,
     account_id,
-    sp_connection_name as cred,
+    sp_connection_name as conn,
     coalesce(tags, '{}'::jsonb) as tags,
     key,
     value
@@ -157,7 +160,7 @@ select * from (
     t.arn,
     t.region,
     t.account_id,
-    t.cred,
+    t.conn,
     coalesce((select jsonb_agg(key) from remove_tags rt where rt.arn = t.arn), '[]'::jsonb) as remove,
     coalesce((select jsonb_object_agg(at.new_key, at.value) from all_tags at where at.arn = t.arn and at.new_key != coalesce(at.old_key, '') and not exists (
       select 1 from remove_tags rt where rt.arn = at.arn and rt.key = at.new_key
@@ -166,8 +169,8 @@ select * from (
     )), '{}'::jsonb) as upsert
   from
     tags t
-  group by t.title, t.arn, t.region, t.account_id, t.cred
+  group by t.title, t.arn, t.region, t.account_id, t.conn
 ) result
 where remove != '[]'::jsonb or upsert != '{}'::jsonb;
   EOQ
-}
+}

mod.fp

@@ -4,20 +4,24 @@ mod "aws_tags" {
   color         = "#FF9900"
   documentation = file("./README.md")
   icon          = "/images/mods/turbot/aws-tags.svg"
-  categories    = ["aws", "tags", "public cloud"]
+  categories    = ["aws", "public cloud", "standard", "tags"]
+  database      = var.database
 
   opengraph {
     title       = "AWS Tags Mod for Flowpipe"
     description = "Run pipelines to detect and correct AWS tags which are missing, prohibited or otherwise unexpected."
     image       = "/images/mods/turbot/aws-tags-social-graphic.png"
   }
-  
+
   require {
+    flowpipe {
+      min_version = "1.0.0"
+    }
     mod "github.com/turbot/flowpipe-mod-detect-correct" {
-      version = "*"
+      version = "^1"
     }
     mod "github.com/turbot/flowpipe-mod-aws" {
-      version = "*"
+      version = "^1"
     }
   }
-}
+}