Bump versions and update outdated files (#4)

* Bump versions and update outdated files

* Update values.yaml

* Fix format

---------

Co-authored-by: wayne-root <[email protected]>

Author: niroz89

.github/workflows/ci.yml

@@ -1,11 +1,14 @@
 name: terraform-ci
 on:
   pull_request:
-  push:
-    branches:
-      - main
+permissions:
+  actions: read
+  checks: read
+  contents: read
+  pull-requests: write
+  security-events: write
 jobs:
   ci:
-    uses: SPHTech-Platform/reusable-workflows/.github/workflows/terraform.yaml@main
+    uses: SPHTech-Platform/reusable-workflows/.github/workflows/terraform.yaml@v2
     with:
       upload_sarif: true

.pre-commit-config.yaml

@@ -2,27 +2,37 @@ repos:
   - repo: https://github.com/gruntwork-io/pre-commit
     rev: v0.1.17
     hooks:
-      - id: terraform-fmt
-      - id: terraform-validate
-      - id: tflint
-        args:
-          - "--module"
-          - "--config=.tflint.hcl"
-      - id: markdown-link-check
       - id: shellcheck
 
+  - repo: https://github.com/tcort/markdown-link-check
+    rev: v3.9.3
+    hooks:
+      - id: markdown-link-check
+        args:
+          - "--config=mlc_config.json"
+
   - repo: https://github.com/antonbabenko/pre-commit-terraform
-    rev: v1.64.0
+    rev: v1.72.2
     hooks:
+      - id: terraform_fmt
+      - id: terraform_providers_lock
+        args:
+          - --args=-platform=linux_amd64
+      - id: terraform_validate
+      - id: terraform_tflint
+        args:
+          - --args=--module
+          - --args=--config=__GIT_WORKING_DIR__/.tflint.hcl
       - id: terraform_docs
         args:
-          - "--args=--lockfile=false"
+          - --args=--config=.terraform-docs.yaml
       - id: terraform_tfsec
         args:
           - --args=--exclude-downloaded-modules
-      - id: checkov
+      - id: terraform_checkov
+
   - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v4.1.0
+    rev: v4.2.0
     hooks:
       # Git style
       - id: check-added-large-files

.terraform-docs.yaml

@@ -0,0 +1,11 @@
+formatter: "markdown table"
+
+output:
+  file: "README.md"
+  mode: inject
+  template: |-
+      <!-- BEGIN_TF_DOCS -->
+      {{ .Content }}
+      <!-- END_TF_DOCS -->
+settings:
+  lockfile: false

.tflint.hcl

@@ -0,0 +1,49 @@
+plugin "aws" {
+  enabled = true
+  version = "0.24.1"
+  source  = "github.com/terraform-linters/tflint-ruleset-aws"
+}
+
+rule "terraform_deprecated_interpolation" {
+  enabled = true
+}
+
+rule "terraform_documented_outputs" {
+  enabled = true
+}
+
+rule "terraform_documented_variables" {
+  enabled = true
+}
+
+rule "terraform_module_pinned_source" {
+  enabled = true
+}
+
+rule "terraform_typed_variables" {
+  enabled = true
+}
+
+rule "terraform_required_version" {
+  enabled = false
+}
+
+rule "terraform_required_providers" {
+  enabled = true
+}
+
+rule "terraform_standard_module_structure" {
+  enabled = false
+}
+
+rule "terraform_unused_declarations" {
+  enabled = true
+}
+
+rule "terraform_unused_required_providers" {
+  enabled = true
+}
+
+rule "terraform_naming_convention" {
+  enabled = true
+}

README.md

@@ -24,7 +24,7 @@ to a Kubernetes Cluster.
 
 | Name | Source | Version |
 |------|--------|---------|
-| <a name="module_lb_controller_role"></a> [lb\_controller\_role](#module\_lb\_controller\_role) | terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks | ~> 4.21.1 |
+| <a name="module_lb_controller_role"></a> [lb\_controller\_role](#module\_lb\_controller\_role) | terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks | ~> 5.27.0 |
 
 ## Resources
 
@@ -43,7 +43,7 @@ to a Kubernetes Cluster.
 | <a name="input_chart_namespace"></a> [chart\_namespace](#input\_chart\_namespace) | Namespace to install the chart into | `string` | `"kube-system"` | no |
 | <a name="input_chart_repository"></a> [chart\_repository](#input\_chart\_repository) | Helm repository for the chart | `string` | `"https://aws.github.io/eks-charts"` | no |
 | <a name="input_chart_timeout"></a> [chart\_timeout](#input\_chart\_timeout) | Timeout to wait for the Chart to be deployed. | `number` | `300` | no |
-| <a name="input_chart_version"></a> [chart\_version](#input\_chart\_version) | Version of Chart to install. Set to empty to install the latest version | `string` | `"1.4.4"` | no |
+| <a name="input_chart_version"></a> [chart\_version](#input\_chart\_version) | Version of Chart to install. Set to empty to install the latest version | `string` | `"1.5.4"` | no |
 | <a name="input_cluster_name"></a> [cluster\_name](#input\_cluster\_name) | Name of Kubernetes Cluster | `string` | n/a | yes |
 | <a name="input_cluster_tag_check"></a> [cluster\_tag\_check](#input\_cluster\_tag\_check) | Enable or disable subnet tag check | `bool` | `false` | no |
 | <a name="input_default_tags"></a> [default\_tags](#input\_default\_tags) | Default tags to apply to all AWS resources managed by this controller | `map(string)` | `{}` | no |

iam.tf

@@ -1,6 +1,6 @@
 module "lb_controller_role" {
   source  = "terraform-aws-modules/iam/aws//modules/iam-role-for-service-accounts-eks"
-  version = "~> 4.21.1"
+  version = "~> 5.27.0"
 
   role_name_prefix = coalesce(var.iam_role_name, "${var.cluster_name}-lb-")
   role_description = "EKS Cluster ${var.cluster_name} LoadBalancer Controller"