fix: Basic authentication configuration at the branch level

[sestrella]

what

Module consumers cannot pass a custom basic_auth_credentials per branch using the existing variables. At the branch level, there is also a typo on enable_basic_auth.

why

The changes made in this PR allow consumers to configure different basic authentication credentials for each branch.

[skilef]

Please review this, it would be really helpful!

[kevcube]

@sestrella can you please update base branch and I will look to get this merged

[kevcube]

/terratest

[kevcube]

@sestrella tests failing and readme is out of date, can you locally run make init; make readme (on macOS brew install make; gmake init; gmake readme)

[sestrella]

@kevcube done. Would you mind taking a second look, please?

[kevcube]

/terratest

[kevcube]

@sestrella tests are still failing. It doesn't appear to be related to your PR but if you have time to investigate that would be appreciated. Otherwise I'll check it out when I'm able to.

[sestrella]

@kevcube After taking a closer look at the job log, I found the following relevant information:

TestExamplesComplete 2023-12-29T06:54:08Z logger.go:66: │ Error: creating Amplify App (eg-ue2-test-amplify-jrjxrn): BadRequestException: There was an issue setting up your repository. Please try again later.({"message":"Moved Permanently","url":"https://api.github.com/repositories/498423879/hooks","documentation_url":"https://docs.github.com/rest/guides/best-practices-for-using-the-rest-api#follow-redirects"})
TestExamplesComplete 2023-12-29T06:54:08Z logger.go:66: │ 
TestExamplesComplete 2023-12-29T06:54:08Z logger.go:66: │   with module.amplify_app.aws_amplify_app.default[0],
TestExamplesComplete 2023-12-29T06:54:08Z logger.go:66: │   on ../../main.tf line 10, in resource "aws_amplify_app" "default":
TestExamplesComplete 2023-12-29T06:54:08Z logger.go:66: │   10: resource "aws_amplify_app" "default" {
TestExamplesComplete 2023-12-29T06:54:08Z logger.go:66: │ 
TestExamplesComplete 2023-12-29T06:54:08Z logger.go:66: ╵
TestExamplesComplete 2023-12-29T06:54:08Z retry.go:99: Returning due to fatal error: FatalError{Underlying: error while running command: exit status 1; ╷
│ Error: creating Amplify App (eg-ue2-test-amplify-jrjxrn): BadRequestException: There was an issue setting up your repository. Please try again later.({"message":"Moved Permanently","url":"https://api.github.com/repositories/498423879/hooks","documentation_url":"https://docs.github.com/rest/guides/best-practices-for-using-the-rest-api#follow-redirects"})

I'm wondering if this is related to the fact that the amplify-test2 appears to be transferred from the cloudposse organization to the cloudposse-archives organization. I submitted a commit updating the URL for the repository found in the complete example.

[kevcube]

/terratest

[sestrella]

@kevcube I got a different error this time. Perhaps is related to the permissions associated with the GH token?

TestExamplesComplete 2024-01-03T03:18:06Z logger.go:66: │ Error: creating Amplify App (eg-ue2-test-amplify-t9vp6d): BadRequestException: There was an issue setting up your repository. Please try again later.({"message":"Not Found","documentation_url":"https://docs.github.com/rest/repos/webhooks#create-a-repository-webhook"})
TestExamplesComplete 2024-01-03T03:18:06Z logger.go:66: │ 
TestExamplesComplete 2024-01-03T03:18:06Z logger.go:66: │   with module.amplify_app.aws_amplify_app.default[0],
TestExamplesComplete 2024-01-03T03:18:06Z logger.go:66: │   on ../../main.tf line 10, in resource "aws_amplify_app" "default":
TestExamplesComplete 2024-01-03T03:18:06Z logger.go:66: │   10: resource "aws_amplify_app" "default" {
TestExamplesComplete 2024-01-03T03:18:06Z logger.go:66: │ 
TestExamplesComplete 2024-01-03T03:18:06Z logger.go:66: ╵
TestExamplesComplete 2024-01-03T03:18:06Z retry.go:99: Returning due to fatal error: FatalError{Underlying: error while running command: exit status 1; ╷
│ Error: creating Amplify App (eg-ue2-test-amplify-t9vp6d): BadRequestException: There was an issue setting up your repository. Please try again later.({"message":"Not Found","documentation_url":"https://docs.github.com/rest/repos/webhooks#create-a-repository-webhook"})
│ 
│   with module.amplify_app.aws_amplify_app.default[0],
│   on ../../main.tf line 10, in resource "aws_amplify_app" "default":
│   10: resource "aws_amplify_app" "default" {
│ 
╵}

[kevcube]

@sestrella not sure how to proceed with that one. for a shorter debug loop you can try just terraform apply-ing the examples/complete into your own AWS and GitHub accounts until you find a working solution. I'm not an admin in Cloudposse so if it's a token issue I can call in someone else.

[sestrella]

@kevcube I finally made it back to this PR. I made it work by creating a fork of https://github.com/cloudposse-archives/amplify-test2 to which I had write access; the following GH token permissions were required to make the complete/example work:

On a side note, according to the official documentation, a token with write access is required to set up a webhook, so my guess is that the token used by the CI lacks the necessary permissions:

Reference: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/amplify_app#access_token

[sestrella]

Hi @kevcube, I'm wondering if there is anything else I can do on my end to help get this PR move forward. Please let me know.

[hans-d]

/terratest

[hans-d]

/terratest

[sestrella]

@kevcube Thank you for triggering the CI again. I realized the check for the README was failing, so I re-ran gmake init; gmake readme.

[kevcube]

/terratest

[sestrella]

I look closely at the error message:

BadRequestException: There was an issue setting up your repository. Please try again later

However, it appears to be a little misleading because the GH status page has not revealed any recent issues. Based on my tests a few weeks ago, I continue to believe this is related to token permissions. I'm wondering if the token was revisited.

[kevcube]

@sestrella the repo has been moved from cloudposse-archives back to cloudposse, can you please update the reference in this PR and we will try tests again

[sestrella]

@kevcube done! Let's see how it goes 🤞🏼

[mergify]

Important

Cloud Posse Engineering Team Review Required

This pull request modifies files that require Cloud Posse's review. Please be patient, and a core maintainer will review your changes.

To expedite this process, reach out to us on Slack in the #pr-reviews channel.

[goruha]

/terratest

[sestrella]

@goruha terratest appears to be failing for the same reasons that it fails on #32. Here are the links to the runs:

• This PR
• PR #32

[osterman]

We have some work here to fix the tests. I cannot yet commit to an ETA. 🙏 for your understanding. We are tracking it internally.

[goruha]

/terratest

[fm7-1]

Hello, @goruha. I have rebased this PR with the latest commits in main. Could you run the tests again, please?

[osterman]

/terratest

[fm7-1]

Hello, everyone! I see terratest is still failing with the same error as before. Is there anyway we can assist to move forward with the fix?

[osterman]

The hold up is we finally had switched/deprecated all our workflows in hundreds of repos from using PATs, but now this one repo needs a PAT. The terraform provider for amplify doesn't work with fine grained tokens. As a result we need to do a one off for this repo. We are still working on it, but it's in between other work.

[fm7-1]

Got it! Thank you for your prompt response, @osterman!

[goruha]

@sestrella can you pls update branch or rebase?

[fm7-1]

@goruha Done, I have rebased this branch

[goruha]

/terratest

[github-actions]

These changes were released in v1.1.0.