fix: Basic authentication configuration at the branch level

[sestrella]

what

Module consumers cannot pass a custom basic_auth_credentials per branch using the existing variables. At the branch level, there is also a typo on enable_basic_auth.

why

The changes made in this PR allow consumers to configure different basic authentication credentials for each branch.

[skilef]

Please review this, it would be really helpful!

[kevcube]

@sestrella can you please update base branch and I will look to get this merged

[kevcube]

/terratest

[kevcube]

@sestrella tests failing and readme is out of date, can you locally run make init; make readme (on macOS brew install make; gmake init; gmake readme)

[sestrella]

@kevcube done. Would you mind taking a second look, please?

[kevcube]

/terratest

[kevcube]

@sestrella tests are still failing. It doesn't appear to be related to your PR but if you have time to investigate that would be appreciated. Otherwise I'll check it out when I'm able to.

[sestrella]

@kevcube After taking a closer look at the job log, I found the following relevant information:

TestExamplesComplete 2023-12-29T06:54:08Z logger.go:66: │ Error: creating Amplify App (eg-ue2-test-amplify-jrjxrn): BadRequestException: There was an issue setting up your repository. Please try again later.({"message":"Moved Permanently","url":"https://api.github.com/repositories/498423879/hooks","documentation_url":"https://docs.github.com/rest/guides/best-practices-for-using-the-rest-api#follow-redirects"})
TestExamplesComplete 2023-12-29T06:54:08Z logger.go:66: │ 
TestExamplesComplete 2023-12-29T06:54:08Z logger.go:66: │   with module.amplify_app.aws_amplify_app.default[0],
TestExamplesComplete 2023-12-29T06:54:08Z logger.go:66: │   on ../../main.tf line 10, in resource "aws_amplify_app" "default":
TestExamplesComplete 2023-12-29T06:54:08Z logger.go:66: │   10: resource "aws_amplify_app" "default" {
TestExamplesComplete 2023-12-29T06:54:08Z logger.go:66: │ 
TestExamplesComplete 2023-12-29T06:54:08Z logger.go:66: ╵
TestExamplesComplete 2023-12-29T06:54:08Z retry.go:99: Returning due to fatal error: FatalError{Underlying: error while running command: exit status 1; ╷
│ Error: creating Amplify App (eg-ue2-test-amplify-jrjxrn): BadRequestException: There was an issue setting up your repository. Please try again later.({"message":"Moved Permanently","url":"https://api.github.com/repositories/498423879/hooks","documentation_url":"https://docs.github.com/rest/guides/best-practices-for-using-the-rest-api#follow-redirects"})

I'm wondering if this is related to the fact that the amplify-test2 appears to be transferred from the cloudposse organization to the cloudposse-archives organization. I submitted a commit updating the URL for the repository found in the complete example.

[kevcube]

/terratest

[sestrella]

@kevcube I got a different error this time. Perhaps is related to the permissions associated with the GH token?

TestExamplesComplete 2024-01-03T03:18:06Z logger.go:66: │ Error: creating Amplify App (eg-ue2-test-amplify-t9vp6d): BadRequestException: There was an issue setting up your repository. Please try again later.({"message":"Not Found","documentation_url":"https://docs.github.com/rest/repos/webhooks#create-a-repository-webhook"})
TestExamplesComplete 2024-01-03T03:18:06Z logger.go:66: │ 
TestExamplesComplete 2024-01-03T03:18:06Z logger.go:66: │   with module.amplify_app.aws_amplify_app.default[0],
TestExamplesComplete 2024-01-03T03:18:06Z logger.go:66: │   on ../../main.tf line 10, in resource "aws_amplify_app" "default":
TestExamplesComplete 2024-01-03T03:18:06Z logger.go:66: │   10: resource "aws_amplify_app" "default" {
TestExamplesComplete 2024-01-03T03:18:06Z logger.go:66: │ 
TestExamplesComplete 2024-01-03T03:18:06Z logger.go:66: ╵
TestExamplesComplete 2024-01-03T03:18:06Z retry.go:99: Returning due to fatal error: FatalError{Underlying: error while running command: exit status 1; ╷
│ Error: creating Amplify App (eg-ue2-test-amplify-t9vp6d): BadRequestException: There was an issue setting up your repository. Please try again later.({"message":"Not Found","documentation_url":"https://docs.github.com/rest/repos/webhooks#create-a-repository-webhook"})
│ 
│   with module.amplify_app.aws_amplify_app.default[0],
│   on ../../main.tf line 10, in resource "aws_amplify_app" "default":
│   10: resource "aws_amplify_app" "default" {
│ 
╵}

[kevcube]

@sestrella not sure how to proceed with that one. for a shorter debug loop you can try just terraform apply-ing the examples/complete into your own AWS and GitHub accounts until you find a working solution. I'm not an admin in Cloudposse so if it's a token issue I can call in someone else.

[sestrella]

@kevcube I finally made it back to this PR. I made it work by creating a fork of https://github.com/cloudposse-archives/amplify-test2 to which I had write access; the following GH token permissions were required to make the complete/example work:

On a side note, according to the official documentation, a token with write access is required to set up a webhook, so my guess is that the token used by the CI lacks the necessary permissions:

Reference: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/amplify_app#access_token

[sestrella]

Hi @kevcube, I'm wondering if there is anything else I can do on my end to help get this PR move forward. Please let me know.

[hans-d]

/terratest

[hans-d]

/terratest

[sestrella]

@kevcube Thank you for triggering the CI again. I realized the check for the README was failing, so I re-ran gmake init; gmake readme.

[kevcube]

/terratest

[sestrella]

I look closely at the error message:

BadRequestException: There was an issue setting up your repository. Please try again later

However, it appears to be a little misleading because the GH status page has not revealed any recent issues. Based on my tests a few weeks ago, I continue to believe this is related to token permissions. I'm wondering if the token was revisited.

[kevcube]

@sestrella the repo has been moved from cloudposse-archives back to cloudposse, can you please update the reference in this PR and we will try tests again

[sestrella]

@kevcube done! Let's see how it goes 🤞🏼

[kevcube]

/terratest

[fm7-1]

Hello, @kevcube. I tested this PR by applying the Terraform code in "examples/complete" and was able to use it with our AWS and GH accounts.

I also ran the tests, and they work as expected. For this, I created a personal GitHub token with the permissions mentioned by @sestrella in a previous comment and forked the amplify-test2 repository. After changing the repository URL in the test fixtures to my fork, the tests passed.

Please let me know if I can provide additional information that will allow us to move forward with this PR.

[hans-d]

/terratest

[fm7-1]

@hans-d - Perhaps the token used for testing is missing the public_repo permission?

[hans-d]

@fm7-1 could be.We need to check various options re this.

[fm7-1]

Hello, @hans-d. Is there anything we could do from our side to move forward with this PR? Please let me know.

[mergify[bot]]

💥 This pull request now has conflicts. Could you fix it @sestrella? 🙏

[mergify[bot]]

[!IMPORTANT]

Cloud Posse Engineering Team Review Required

This pull request modifies files that require Cloud Posse's review. Please be patient, and a core maintainer will review your changes.

To expedite this process, reach out to us on Slack in the #pr-reviews channel.

[goruha]

/terratest

[sestrella]

@goruha terratest appears to be failing for the same reasons that it fails on #32. Here are the links to the runs:

• This PR
• PR #32