feat: pagerduty_service_integration_email to trigger alerts on reci…

…eving email. (#36)

This feature solves the requirement to automatically trigger alerts upon receiving specific emails to specific email addresses.

Also has below changes:

* ci: Remove shiftleft scan from workflow and update pre-commit config

* feat: Create module for pagerduty-service-integration-email

* feat: Add example for pagerduty-service-integration-email usage

* test: Add test for pagerduty service integration email

* test: Use random suffixes in all examples to avoid resource conflicts during testing

* docs: update readme to account for random generator resource

* test: Update all tests to account for the random suffixes in their assertions AND fix the 'destroy' part of these tests by moving the defer block upto the top

.pre-commit-config.yaml

@@ -1,26 +1,64 @@
 # See https://pre-commit.com for more information
 # See https://pre-commit.com/hooks.html for more hooks
+
 repos:
   - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v4.4.0 # Get the latest version from: https://github.com/pre-commit/pre-commit-hooks/releases
+    rev: v4.5.0 # Get the latest from: https://github.com/pre-commit/pre-commit-hooks/releases
     hooks:
-      - id: end-of-file-fixer
-      - id: trailing-whitespace
       - id: check-yaml
+        args: ['--allow-multiple-documents']
+      - id: check-added-large-files
       - id: detect-aws-credentials
-        args: ["--allow-missing-credentials"]
+        args: ['--allow-missing-credentials']
+  - repo: local
+    hooks:
+      - id: create-checkov-baseline
+        name: Create Checkov Baseline
+        entry: bash -c 'if [ ! -f .checkov.baseline ]; then echo "{}" > .checkov.baseline && touch baseline-created; fi'
+        language: system
+        stages: [commit]
+        pass_filenames: false
   - repo: https://github.com/antonbabenko/pre-commit-terraform
-    rev: v1.77.1 # Get the latest version from: https://github.com/antonbabenko/pre-commit-terraform/releases
+    rev: v1.83.6 # Get the latest from: https://github.com/antonbabenko/pre-commit-terraform/releases
     hooks:
       - id: terraform_fmt
-      - id: terraform_docs
       - id: terraform_validate
+        args:
+          - --hook-config=--retry-once-with-cleanup=true
+          - --tf-init-args=-upgrade
       - id: terraform_tfsec
+        exclude: "test/"
       - id: terraform_checkov
-  - repo: https://github.com/gitguardian/ggshield
-    rev: v1.14.4
+        exclude: "test/"
+        args:
+          - --args=--baseline __GIT_WORKING_DIR__/.checkov.baseline
+  - repo: local
     hooks:
-      - id: ggshield
-        language: python
+      - id: delete-checkov-baseline
+        name: Delete Checkov Baseline
+        entry: bash -c 'if [ -f baseline-created ]; then rm .checkov.baseline && rm baseline-created; fi'
+        language: system
         stages: [commit]
-        args: [ 'secret', 'scan', 'pre-commit' ]
+        pass_filenames: false
+  -   repo: https://github.com/gitguardian/ggshield
+      rev: v1.21.0
+      hooks:
+        - id: ggshield
+          language: python
+          stages: [commit]
+          args: [ 'secret', 'scan', 'pre-commit' ]
+  - repo: local
+    hooks:
+      - id: docs
+        name: docs
+        entry: make
+        args: [ 'docs' ]
+        language: system
+  # Run this at the end so that we don't end up in infinite loop
+  # where the end of line fixer runs first and then the docs and fmt
+  # and other hooks that modify files will break it again.
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v4.5.0 # Get the latest from: https://github.com/pre-commit/pre-commit-hooks/releases
+    hooks:
+      - id: trailing-whitespace
+      - id: end-of-file-fixer

Makefile

@@ -15,6 +15,7 @@ docs:
 	cd examples/pagerduty-escalation-policy/; terraform-docs markdown . --output-file README.md --output-mode inject
 	cd examples/honest-two-level-schedule/; terraform-docs markdown . --output-file README.md --output-mode inject
 	cd examples/pagerduty-service/; terraform-docs markdown . --output-file README.md --output-mode inject
+	cd examples/pagerduty-service-integrations-email/; terraform-docs markdown . --output-file README.md --output-mode inject
 
 clean:
 	rm -rf examples/*/terraform.tfstate examples/*/terraform.tfstate.backup examples/*/.test-data

examples/honest-two-level-schedule/README.md

@@ -15,7 +15,9 @@
 
 ## Providers
 
-No providers.
+| Name | Version |
+|------|---------|
+| <a name="provider_random"></a> [random](#provider\_random) | n/a |
 
 ## Modules
 
@@ -27,7 +29,9 @@ No providers.
 
 ## Resources
 
-No resources.
+| Name | Type |
+|------|------|
+| [random_id.random_suffix](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource |
 
 ## Inputs
 

examples/honest-two-level-schedule/inputs.tf

@@ -11,6 +11,7 @@ variable "team_name" {
 variable "pagerduty_token" {
   type        = string
   description = "PagerDuty API token."
+  sensitive   = true
 }
 
 variable "dummy_user_count" {

examples/honest-two-level-schedule/main.tf

@@ -1,23 +1,31 @@
+resource "random_id" "random_suffix" {
+  byte_length = 4
+}
+
+locals {
+  random_suffix = random_id.random_suffix.b64_url
+}
+
 module "dummy_users" {
   count = var.dummy_user_count
 
   source        = "../../modules/pagerduty-user"
-  name          = "pagerduty-schedule-example-user-${count.index}"
-  email_address = "pagerduty-schedule-example-user-${count.index}@honestbank.com"
+  name          = "pagerduty-schedule-example-user-${count.index}-${local.random_suffix}"
+  email_address = "pagerduty-schedule-example-user-${count.index}-${local.random_suffix}@honestbank.com"
 }
 
 module "dummy_team" {
   source = "../../modules/pagerduty-team"
 
-  name        = var.team_name
-  description = "${var.name} - this is an example description"
+  name        = "${var.team_name} - ${local.random_suffix}"
+  description = "${var.name} - ${local.random_suffix} - this is an example description"
 }
 
 module "schedule" {
   source = "../../modules/honest-two-level-schedule"
 
-  name        = "Example - ${var.name}"
-  description = "${var.name} - this is an example description"
+  name        = "Example-${var.name}-${local.random_suffix}"
+  description = "${var.name} - ${local.random_suffix} - this is an example description"
 
   # 604,800 seconds = 1 week (7 days)
   # 86,400 seconds = 1 day

examples/pagerduty-business-service/main.tf

@@ -1,15 +1,23 @@
+resource "random_id" "random_suffix" {
+  byte_length = 4
+}
+
+locals {
+  random_suffix = random_id.random_suffix.b64_url
+}
+
 module "mock_team" {
   source = "../../modules/pagerduty-team"
 
-  name        = "team - ${var.name}"
+  name        = "Team-${var.name}-${local.random_suffix}"
   description = "Created by terratest"
 }
 
 
 module "pagerduty_business_service" {
   source = "../../modules/pagerduty-business-service"
 
-  name             = var.name
+  name             = "${var.name}-${local.random_suffix}"
   description      = var.description
   point_of_contact = var.point_of_contact
   owner_team_id    = module.mock_team.id

examples/pagerduty-escalation-policy/README.md

@@ -13,7 +13,9 @@ This example creates a 3-level escalation policy - an example screenshot is prov
 
 ## Providers
 
-No providers.
+| Name | Version |
+|------|---------|
+| <a name="provider_random"></a> [random](#provider\_random) | n/a |
 
 ## Modules
 
@@ -34,7 +36,9 @@ No providers.
 
 ## Resources
 
-No resources.
+| Name | Type |
+|------|------|
+| [random_id.random_suffix](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource |
 
 ## Inputs
 

examples/pagerduty-escalation-policy/inputs.tf

@@ -28,4 +28,5 @@ variable "escalation_levels" {
 variable "pagerduty_token" {
   type        = string
   description = "PagerDuty API token."
+  sensitive   = true
 }

examples/pagerduty-escalation-policy/main.tf

@@ -1,38 +1,46 @@
+resource "random_id" "random_suffix" {
+  byte_length = 4
+}
+
+locals {
+  random_suffix = random_id.random_suffix.b64_url
+}
+
 module "engineering_user_one" {
   source        = "../../modules/pagerduty-user"
-  name          = "pagerduty-escalation-policy-example-engineering-user-one"
-  email_address = "pagerduty-escalation-policy-example-engineering-user-one@honestbank.com"
+  name          = "engineering-user-one-${local.random_suffix}"
+  email_address = "engineering-user-one-${local.random_suffix}@honestbank.com"
 }
 
 module "engineering_user_two" {
   source        = "../../modules/pagerduty-user"
-  name          = "pagerduty-escalation-policy-example-engineering-user-two"
-  email_address = "pagerduty-escalation-policy-example-engineering-user-two@honestbank.com"
+  name          = "example-engineering-user-two-${local.random_suffix}"
+  email_address = "example-engineering-user-two-${local.random_suffix}@honestbank.com"
 }
 
 module "engineering_lead" {
   source        = "../../modules/pagerduty-user"
-  name          = "pagerduty-escalation-policy-example-engineering-lead"
-  email_address = "pagerduty-escalation-policy-example-engineering-lead@honestbank.com"
+  name          = "example-engineering-lead-${local.random_suffix}"
+  email_address = "example-engineering-lead-${local.random_suffix}@honestbank.com"
 }
 
 module "product_manager" {
   source        = "../../modules/pagerduty-user"
-  name          = "pagerduty-escalation-policy-example-product-manager"
-  email_address = "pagerduty-escalation-policy-example-product-manager@honestbank.com"
+  name          = "example-product-manager-${local.random_suffix}"
+  email_address = "example-product-manager-${local.random_suffix}@honestbank.com"
 }
 
 module "product_lead" {
   source        = "../../modules/pagerduty-user"
-  name          = "pagerduty-escalation-policy-example-product-lead"
-  email_address = "pagerduty-escalation-policy-example-product-lead@honestbank.com"
+  name          = "example-product-lead-${local.random_suffix}"
+  email_address = "example-product-lead-${local.random_suffix}@honestbank.com"
 }
 
 module "level_one_engineering_schedule" {
   source = "../../modules/pagerduty-schedule"
 
   description = "level one engineering schedule"
-  name        = "level one engineering schedule - ${var.schedule_suffix}"
+  name        = "level one engineering schedule-${var.schedule_suffix}-${local.random_suffix}"
 
   # 604,800 seconds = 1 week (7 days)
   rotation_turn_length_seconds = 604800
@@ -51,7 +59,7 @@ module "level_two_engineering_schedule" {
   source = "../../modules/pagerduty-schedule"
 
   description = "level two engineering schedule"
-  name        = "level two engineering schedule - ${var.schedule_suffix}"
+  name        = "level two engineering schedule-${var.schedule_suffix}-${local.random_suffix}"
 
   # 604,800 seconds = 1 week (7 days)
   rotation_turn_length_seconds = 604800
@@ -70,7 +78,7 @@ module "level_two_product_schedule" {
   source = "../../modules/pagerduty-schedule"
 
   description = "level two product schedule"
-  name        = "level two product schedule - ${var.schedule_suffix}"
+  name        = "level two product schedule-${var.schedule_suffix}-${local.random_suffix}"
 
   # 604,800 seconds = 1 week (7 days)
   rotation_turn_length_seconds = 604800
@@ -86,7 +94,7 @@ module "level_three_engineering_schedule" {
   source = "../../modules/pagerduty-schedule"
 
   description = "level three engineering schedule"
-  name        = "level three engineering schedule - ${var.schedule_suffix}"
+  name        = "level three engineering schedule-${var.schedule_suffix}-${local.random_suffix}"
 
   # 604,800 seconds = 1 week (7 days)
   rotation_turn_length_seconds = 604800
@@ -102,7 +110,7 @@ module "level_three_product_schedule" {
   source = "../../modules/pagerduty-schedule"
 
   description = "level three product schedule"
-  name        = "level three product schedule - ${var.schedule_suffix}"
+  name        = "level three product schedule-${var.schedule_suffix}-${local.random_suffix}"
 
   # 604,800 seconds = 1 week (7 days)
   rotation_turn_length_seconds = 604800
@@ -116,14 +124,14 @@ module "level_three_product_schedule" {
 
 module "mock_team" {
   source      = "../../modules/pagerduty-team"
-  name        = "${var.name} team"
+  name        = "Team-${var.name}-${local.random_suffix}"
   description = "Created by terratest"
 }
 
 module "escalation_policy" {
   source = "../../modules/pagerduty-escalation-policy"
 
-  name        = var.name
+  name        = "${var.name}-${local.random_suffix}"
   description = var.description
 
   escalation_delay_in_minutes = 60

examples/pagerduty-schedule/README.md

@@ -11,7 +11,9 @@ This example creates a basic PagerDuty Schedule.
 
 ## Providers
 
-No providers.
+| Name | Version |
+|------|---------|
+| <a name="provider_random"></a> [random](#provider\_random) | n/a |
 
 ## Modules
 
@@ -23,7 +25,9 @@ No providers.
 
 ## Resources
 
-No resources.
+| Name | Type |
+|------|------|
+| [random_id.random_suffix](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource |
 
 ## Inputs
 
@@ -39,4 +43,4 @@ No resources.
 | <a name="output_schedule_id"></a> [schedule\_id](#output\_schedule\_id) | The `id` attribute of the schedule. |
 | <a name="output_user_one_id"></a> [user\_one\_id](#output\_user\_one\_id) | Dummy user created for inserting into the schedule. |
 | <a name="output_user_two_id"></a> [user\_two\_id](#output\_user\_two\_id) | Dummy user created for inserting into the schedule. |
-<!-- END_TF_DOCS -->
+<!-- END_TF_DOCS -->

examples/pagerduty-schedule/inputs.tf

@@ -6,4 +6,5 @@ variable "name" {
 variable "pagerduty_token" {
   type        = string
   description = "PagerDuty API token."
+  sensitive   = true
 }