Add Terraform deployment

* Creates a directory which consumes the module
* This will be used to test and deploy the module through GitHub
  workflows

.github/workflows/continuous-integration-terraform-module-deployment.yml

@@ -0,0 +1,87 @@
+name: Continuous integration Module Deplyment
+
+on:
+  push:
+    branches: main
+  pull_request:
+
+env:
+  GITHUB_PR_BRANCH: ""
+  MODULE_DEPLOYMENT_DIR: "module-deployment"
+
+jobs:
+  terraform-validate:
+    name: Terraform Validate
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v4
+
+      - name: Get terraform version
+        id: get-terraform-version
+        run: |
+          DOTFILE_VERSION=$(cat ${{ env.MODULE_DEPLOYMENT_DIR }}/.terraform-version)
+          echo "version=$DOTFILE_VERSION" >> $GITHUB_OUTPUT
+
+      - name: Setup Terraform
+        uses: hashicorp/[email protected]
+        with:
+          terraform_version: ${{ steps.get-terraform-version.outputs.version }}
+
+      - name: Run a Terraform init
+        run: |
+          terraform -chdir=${{ env.MODULE_DEPLOYMENT_DIR }} \
+          init
+
+      - name: Run a Terraform validate
+        run: |
+          terraform -chdir=${{ env.MODULE_DEPLOYMENT_DIR }} \
+          validate
+
+      - name: Run a Terraform format check
+        run: |
+          terraform -chdir=${{ env.MODULE_DEPLOYMENT_DIR }} \
+          fmt -check=true -diff=true
+
+  terraform-docs-validation:
+    name: Terraform Docs validation
+    needs: terraform-validate
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v4
+        with:
+          ref: ${{ github.event.pull_request.head.ref }}
+          token: ${{ secrets.TERRAFORM_DOCS_RENOVATE_WORKFLOW_GITHUB_TOKEN }}
+
+      - name: Get PR base branch
+        id: pr-base-branch-name
+        if: github.event_name == 'pull_request'
+        run: |
+          echo "GITHUB_PR_BRANCH=${{ github.head_ref }}" >> $GITHUB_ENV
+
+      - name: Get commit message
+        run: |
+          echo "GIT_COMMIT_MESSAGE=$(git show -s --format=%s)" >> $GITHUB_ENV
+
+      - name: Generate Terraform docs
+        uses: terraform-docs/[email protected]
+        if: "!startsWith(env.GITHUB_PR_BRANCH, 'renovate/')"
+        with:
+          working-dir: ${{ env.MODULE_DEPLOYMENT_DIR }}
+          config-file: .terraform-docs.yml
+          output-file: README.md
+          output-method: inject
+          fail-on-diff: true
+
+      - name: Generate Terraform docs for Renovate
+        uses: terraform-docs/[email protected]
+        if: "startsWith(env.GITHUB_PR_BRANCH, 'renovate/')"
+        with:
+          working-dir: ${{ env.MODULE_DEPLOYMENT_DIR }}
+          config-file: .terraform-docs.yml
+          output-file: README.md
+          output-method: inject
+          git-push: true
+          ref: ${{ github.event.pull_request.head.ref }}
+          git-commit-message: "${{ env.GIT_COMMIT_MESSAGE }} - Terraform Docs Module Deployment"

.github/workflows/continuous-integration-tflint-module-deployment.yml

@@ -0,0 +1,23 @@
+name: Continuous integration Module Deployment
+
+on:
+  pull_request:
+
+env:
+  MODULE_DEPLOYMENT_DIR: "module-deployment"
+
+jobs:
+  tflint:
+    name: tflint
+    runs-on: ubuntu-latest
+    steps:
+      - name: Clone repo
+        uses: actions/checkout@v4
+
+      - name: Setup TFLint
+        uses: terraform-linters/setup-tflint@v4
+        with:
+          tflint_version: v0.44.1
+
+      - name: Run TFLint
+        run: tflint --chdir=${{ env.MODULE_DEPLOYMENT_DIR }} -f compact

.github/workflows/continuous-integration-tfsec-module-deplyment.yml

@@ -0,0 +1,21 @@
+name: Continuous integration
+
+on:
+  pull_request:
+
+env:
+  MODULE_DEPLOYMENT_DIR: "module-deployment"
+
+jobs:
+  tfsec-pr-commenter:
+    name: tfsec PR commenter
+    runs-on: ubuntu-latest
+    steps:
+      - name: Clone repo
+        uses: actions/checkout@v4
+
+      - name: tfsec
+        uses: aquasecurity/[email protected]
+        with:
+          github_token: ${{ github.token }}
+          working_directory: ${{ env.MODULE_DEPLOYMENT_DIR }}

.gitignore

@@ -8,6 +8,7 @@ override.tf
 override.tf.json
 *_override.tf
 *_override.tf.json
+backend.tf
 
 # Angular
 node_modules/

module-deployment/.terraform-docs.yml

@@ -0,0 +1,26 @@
+---
+formatter: "markdown table"
+version: "~> 0.16"
+settings:
+  anchor: true
+  default: true
+  description: false
+  escape: true
+  hide-empty: false
+  html: true
+  indent: 2
+  lockfile: true
+  read-comments: true
+  required: true
+  sensitive: true
+  type: true
+sort:
+  enabled: true
+  by: name
+output:
+  file: README.md
+  mode: inject
+  template: |-
+        <!-- BEGIN_TF_DOCS -->
+        {{ .Content }}
+        <!-- END_TF_DOCS -->

module-deployment/.terraform-version

@@ -0,0 +1 @@
+1.8.1

module-deployment/README.md

@@ -0,0 +1,33 @@
+# chris-qa-org/terraform-aws-tfl-notice-board Deployment
+
+This project consumes the chris-qa-org/terraform-aws-tfl-notice-board module for testing and deployment
+
+<!-- BEGIN_TF_DOCS -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.8.1 |
+
+## Providers
+
+No providers.
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| <a name="module_tfl_notice_board"></a> [tfl\_notice\_board](#module\_tfl\_notice\_board) | github.com/chris-qa-org/terraform-aws-tfl-notice-board | v0.1.0 |
+
+## Resources
+
+No resources.
+
+## Inputs
+
+No inputs.
+
+## Outputs
+
+No outputs.
+<!-- END_TF_DOCS -->

module-deployment/backend.tf.aws-s3.example

@@ -0,0 +1,8 @@
+terraform {
+  backend "s3" {
+    bucket  = "<bucket-name>"
+    key     = "terraform.tfstate"
+    region  = "<region>"
+    encrypt = "true"
+  }
+}

module-deployment/locals.tf

@@ -0,0 +1,2 @@
+locals {
+}

module-deployment/tfl-notice-board.tf

@@ -0,0 +1,3 @@
+module "tfl_notice_board" {
+  source = "github.com/chris-qa-org/terraform-aws-tfl-notice-board?ref=v0.1.0"
+}

module-deployment/versions.tf

@@ -0,0 +1,5 @@
+terraform {
+  required_version = ">= 1.8.1"
+  required_providers {
+  }
+}