From 044701318aae173d07aecb2d8604326c058bbeed Mon Sep 17 00:00:00 2001
From: Marek Skrajnowski <marek@codequest.com>
Date: Tue, 6 Dec 2022 18:07:05 +0100
Subject: [PATCH 1/3] refactor: use latest versions of providers

---
 versions.tf | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/versions.tf b/versions.tf
index 573f7cd1..ea16a296 100644
--- a/versions.tf
+++ b/versions.tf
@@ -4,11 +4,11 @@ terraform {
 
   # Make sure all providers needed by any module are listed
   required_providers {
-    aws = "3.41.0"
+    aws = "4.45.0"
 
-    archive = "2.1.0"
-    null    = "3.1.0"
-    random  = "3.1.0"
-    tls     = "3.1.0"
+    archive = "2.2.0"
+    null    = "3.2.1"
+    random  = "3.4.3"
+    tls     = "4.0.4"
   }
 }

From 9e46c2cf0a690350d5bc8f82644e4d9a35e487d5 Mon Sep 17 00:00:00 2001
From: Marek Skrajnowski <marek@codequest.com>
Date: Tue, 6 Dec 2022 18:15:11 +0100
Subject: [PATCH 2/3] refactor(ecs/network): support tls provider 4.x, drop
 support for <3.2

---
 ecs/network/README.md   | 4 ++--
 ecs/network/main.tf     | 1 -
 ecs/network/versions.tf | 2 +-
 3 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/ecs/network/README.md b/ecs/network/README.md
index 137644c4..4fc2cfde 100644
--- a/ecs/network/README.md
+++ b/ecs/network/README.md
@@ -20,7 +20,7 @@ Creates networking resources needed for a standard ECS cluster setup:
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.12, <2.0 |
 | <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 2.40.0 |
 | <a name="requirement_null"></a> [null](#requirement\_null) | >= 2.1.2 |
-| <a name="requirement_tls"></a> [tls](#requirement\_tls) | >= 2.0.1 |
+| <a name="requirement_tls"></a> [tls](#requirement\_tls) | >= 3.2.0 |
 
 ## Providers
 
@@ -28,7 +28,7 @@ Creates networking resources needed for a standard ECS cluster setup:
 |------|---------|
 | <a name="provider_aws"></a> [aws](#provider\_aws) | >= 2.40.0 |
 | <a name="provider_null"></a> [null](#provider\_null) | >= 2.1.2 |
-| <a name="provider_tls"></a> [tls](#provider\_tls) | >= 2.0.1 |
+| <a name="provider_tls"></a> [tls](#provider\_tls) | >= 3.2.0 |
 
 ## Modules
 
diff --git a/ecs/network/main.tf b/ecs/network/main.tf
index 7dc039db..364a3767 100644
--- a/ecs/network/main.tf
+++ b/ecs/network/main.tf
@@ -258,7 +258,6 @@ resource "tls_private_key" "lb_default" {
 resource "tls_self_signed_cert" "lb_default" {
   count = var.create ? 1 : 0
 
-  key_algorithm         = "RSA"
   private_key_pem       = tls_private_key.lb_default[0].private_key_pem
   validity_period_hours = 365 * 24
 
diff --git a/ecs/network/versions.tf b/ecs/network/versions.tf
index 53113114..e04dc59d 100644
--- a/ecs/network/versions.tf
+++ b/ecs/network/versions.tf
@@ -3,7 +3,7 @@ terraform {
 
   required_providers {
     aws  = ">= 2.40.0"
-    tls  = ">= 2.0.1"
+    tls  = ">= 3.2.0"
     null = ">= 2.1.2"
   }
 }

From 9c118728e49a6671ecd2a1feca38d315effd06f6 Mon Sep 17 00:00:00 2001
From: Marek Skrajnowski <marek@codequest.com>
Date: Tue, 6 Dec 2022 18:55:08 +0100
Subject: [PATCH 3/3] ci: fail module validation on warnings

---
 tools/bin/validate-module | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/tools/bin/validate-module b/tools/bin/validate-module
index 77a63645..cfbb7f69 100755
--- a/tools/bin/validate-module
+++ b/tools/bin/validate-module
@@ -6,14 +6,14 @@ validate() {
   set -e
 
   cd "$module_dir"
-  terraform init -backend=false
-  terraform validate
+  terraform init -backend=false >/dev/null
+  terraform validate -json | jq -r '.diagnostics[] | "\(.severity) \(.range.filename):\(.range.start.line) \(.summary). \(.detail)"'
 }
 
 validate_out=$(validate 2>&1)
 validate_exit_code=$?
 
-if [ $validate_exit_code -eq 0 ]; then
+if [ $validate_exit_code -eq 0 ] && [ -z "$validate_out" ]; then
   echo "✅ $module_dir"
 else
   echo "❌ $module_dir"