Add workflows (#80)

* Add workflows

* shared workflows

* update readme

* upd secret

* Add codeowners

* Add configs

* upd token

* ci

* ci

* ci

* ci

* ci

* ci

* ci

* ci

* ci

* ci

* ci

* ci

* ci

* ci

* ci

* rm old config

.github/CODEOWNERS

@@ -0,0 +1,25 @@
+# Use this file to define individuals or teams that are responsible for code in a repository.
+# Read more: <https://help.github.com/articles/about-codeowners/>
+#
+# Order is important: the last matching pattern has the highest precedence
+
+# These owners will be the default owners for everything
+*             @cloudposse/engineering @cloudposse/contributors
+
+# Cloud Posse must review any changes to Makefiles
+**/Makefile   @cloudposse/engineering
+**/Makefile.* @cloudposse/engineering
+
+# Cloud Posse must review any changes to GitHub actions
+.github/*     @cloudposse/engineering
+
+# Cloud Posse must review any changes to standard context definition,
+# but some changes can be rubber-stamped.
+**/*.tf       @cloudposse/engineering @cloudposse/contributors @cloudposse/approvers
+README.yaml   @cloudposse/engineering @cloudposse/contributors @cloudposse/approvers
+README.md     @cloudposse/engineering @cloudposse/contributors @cloudposse/approvers
+docs/*.md     @cloudposse/engineering @cloudposse/contributors @cloudposse/approvers
+
+# Cloud Posse Admins must review all changes to CODEOWNERS or the mergify configuration
+.github/mergify.yml @cloudposse/admins
+.github/CODEOWNERS  @cloudposse/admins

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,37 @@
+---
+name: Bug report
+about: Create a report to help us improve
+title: ''
+labels: 'bug'
+assignees: ''
+
+---
+
+Found a bug? Maybe our [Slack Community](https://slack.cloudposse.com) can help. 
+
+[![Slack Community](https://slack.cloudposse.com/badge.svg)](https://slack.cloudposse.com)
+
+## Describe the Bug
+A clear and concise description of what the bug is.
+
+## Expected Behavior
+A clear and concise description of what you expected to happen.
+
+## Steps to Reproduce
+Steps to reproduce the behavior:
+1. Go to '...'
+2. Run '....'
+3. Enter '....'
+4. See error
+
+## Screenshots
+If applicable, add screenshots or logs to help explain your problem.
+
+## Environment (please complete the following information):
+
+Anything that will help us triage the bug will help. Here are some ideas:
+ - OS: [e.g. Linux, OSX, WSL, etc]
+ - Version [e.g. 10.15]
+
+## Additional Context
+Add any other context about the problem here.

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,18 @@
+blank_issues_enabled: false
+
+contact_links:
+
+  - name: Community Slack Team
+    url: https://cloudposse.com/slack/
+    about: |-
+      Please ask and answer questions here.
+
+  - name: Office Hours
+    url: https://cloudposse.com/office-hours/
+    about: |-
+      Join us every Wednesday for FREE Office Hours (lunch & learn).
+
+  - name: DevOps Accelerator Program
+    url: https://cloudposse.com/accelerate/
+    about: |-
+      Own your infrastructure in record time. We build it. You drive it. 

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,36 @@
+---
+name: Feature Request
+about: Suggest an idea for this project
+title: ''
+labels: 'feature request'
+assignees: ''
+
+---
+
+Have a question? Please checkout our [Slack Community](https://slack.cloudposse.com) or visit our [Slack Archive](https://archive.sweetops.com/). 
+
+[![Slack Community](https://slack.cloudposse.com/badge.svg)](https://slack.cloudposse.com)
+
+## Describe the Feature
+
+A clear and concise description of what the bug is. 
+
+## Expected Behavior
+
+A clear and concise description of what you expected to happen.
+
+## Use Case
+
+Is your feature request related to a problem/challenge you are trying to solve? Please provide some additional context of why this feature or capability will be valuable.
+
+## Describe Ideal Solution
+
+A clear and concise description of what you want to happen. If you don't know, that's okay.
+
+## Alternatives Considered
+
+Explain what alternative solutions or features you've considered.
+
+## Additional Context
+
+Add any other context or screenshots about the feature request here.

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,13 @@
+## what
+* Describe high-level what changed as a result of these commits (i.e. in plain-english, what do these changes mean?)
+* Use bullet points to be concise and to the point.
+
+## why
+* Provide the justifications for the changes (e.g. business case). 
+* Describe why these changes were made (e.g. why do these commits fix the problem?)
+* Use bullet points to be concise and to the point.
+
+## references
+* Link to any supporting github issues or helpful documentation to add some context (e.g. stackoverflow). 
+* Use `closes #123`, if this PR closes a GitHub issue `#123`
+

.github/auto-release.yml

@@ -0,0 +1,53 @@
+name-template: 'v$RESOLVED_VERSION'
+tag-template: '$RESOLVED_VERSION'
+version-template: '$MAJOR.$MINOR.$PATCH'
+version-resolver:
+  major:
+    labels:
+    - 'major'
+  minor:
+    labels:
+    - 'minor'
+    - 'enhancement'
+  patch:
+    labels:
+    - 'auto-update'
+    - 'patch'
+    - 'fix'
+    - 'bugfix'
+    - 'bug'
+    - 'hotfix'
+  default: 'minor'
+
+categories:
+- title: '🚀 Enhancements'
+  labels:
+  - 'enhancement'
+  - 'patch'
+- title: '🐛 Bug Fixes'
+  labels:
+  - 'fix'
+  - 'bugfix'
+  - 'bug'
+  - 'hotfix'
+- title: '🤖 Automatic Updates'
+  labels:
+  - 'auto-update'
+
+change-template: |
+  <details>
+    <summary>$TITLE @$AUTHOR (#$NUMBER)</summary>
+
+    $BODY
+  </details>
+
+template: |
+  $CHANGES
+
+replacers:
+# Remove irrelevant information from Renovate bot
+- search: '/(?<=---\s)\s*^#.*(Renovate configuration|Configuration)(?:.|\n)*?This PR has been generated .*/gm'
+  replace: ''
+# Remove Renovate bot banner image
+- search: '/\[!\[[^\]]*Renovate\][^\]]*\](\([^)]*\))?\s*\n+/gm'
+  replace: ''

.github/workflows/feature-branch.yml

@@ -0,0 +1,52 @@
+name: feature-branch
+on:
+  pull_request:
+    branches: [ main ]
+    types: [ opened, synchronize, reopened ]
+
+permissions:
+  pull-requests: write
+  id-token: write
+  contents: read
+
+jobs:
+  ci-readme:
+    uses: cloudposse/github-actions-workflows/.github/workflows/ci-readme.yml@main
+    with:
+      filter-mode: nofilter
+      suggestions: false
+
+  ci-codeowners:
+    uses: cloudposse/github-actions-workflows/.github/workflows/ci-codeowners.yml@main
+    with:
+      is_fork: ${{ github.event.pull_request.head.repo.full_name != github.repository }}
+    secrets:
+      github_access_token: ${{ secrets.REPO_ACCESS_TOKEN }}
+
+  ci-build-test:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - uses: KengoTODA/actions-setup-docker-compose@main
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Run Tests
+        shell: bash
+        run: cd test && ./test.sh
+
+      - name: Cleanup
+        if: always()
+        shell: bash
+        run: cd test && docker-compose down
+
+  ci:
+    runs-on: ubuntu-latest
+    if: ${{ always() }}
+    steps:
+      - run: |
+          echo '${{ toJSON(needs) }}'  # easier debug
+          ! ${{ contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled') || contains(needs.*.result, 'skipped') }}
+    needs: [ ci-readme, ci-codeowners, ci-build-test ]

.github/workflows/release-branch.yaml

@@ -0,0 +1,54 @@
+name: release-branch
+on:
+  push:
+    branches: [ main ]
+
+permissions:
+  contents: write
+  id-token: write
+
+jobs:
+  ci-readme:
+    uses: cloudposse/github-actions-workflows/.github/workflows/ci-readme.yml@main
+    with:
+      filter-mode: nofilter
+      suggestions: false
+
+  ci-codeowners:
+    uses: cloudposse/github-actions-workflows/.github/workflows/ci-codeowners.yml@main
+    with:
+      is_fork: false
+    secrets:
+      github_access_token: ${{ secrets.github_access_token }}
+
+  ci-build-push:
+    runs-on: ubuntu-latest
+    needs: [ ci-readme, ci-codeowners ]
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v4
+        with:
+          images: ${{ github.repository }}
+
+      - name: Login to DockerHub
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_PASSWORD }}
+
+      - name: Build and push
+        uses: docker/build-push-action@v4
+        with:
+          context: .
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+
+  controller-release:
+    uses: cloudposse/github-actions-workflows/.github/workflows/controller-release.yml@main
+    needs: [ ci-build-push ]

.github/workflows/scheduled.yml

@@ -0,0 +1,16 @@
+name: scheduled
+on:
+  workflow_dispatch: {}  # Allows manually trigger this workflow
+  schedule:
+    - cron: "0 3 * * *"
+
+permissions:
+  pull-requests: write
+  id-token: write
+  contents: write
+
+jobs:
+  scheduled-readme:
+    uses: cloudposse/github-actions-workflows-terraform-module/.github/workflows/scheduled.yml@main
+    secrets:
+      github_access_token: ${{ secrets.REPO_ACCESS_TOKEN }}

test/test.sh

@@ -1,6 +1,5 @@
 #!/bin/bash
 
-
 red=`tput setaf 1`
 green=`tput setaf 2`
 reset=`tput sgr0`
@@ -10,10 +9,10 @@ rm -rf fixtures/auth/ida_rsa*
 ssh-keygen -q -f fixtures/auth/ida_rsa -N ""
 chmod 600 fixtures/auth/ida_rsa
 
-docker compose down
-docker compose up --build bastion -d
-docker compose exec bastion /scripts/setup.sh
-docker compose run --build test /scripts/google_auth_test.sh
+docker-compose down
+docker-compose up --build bastion -d
+docker-compose exec bastion /scripts/setup.sh
+docker-compose run --build test /scripts/google_auth_test.sh
 
 retVal=$?
 
@@ -22,10 +21,10 @@ if [ $retVal -ne 0 ]; then
   exit $retVal
 else
   echo "${green}* Google Authenticator/SSH Test Succeeded${reset}"
-fi 
+fi
 
 
-docker compose exec bastion ls /var/log/sudo-io/00/00/01/ 
+docker-compose exec bastion ls /var/log/sudo-io/00/00/01/
 
 retVal=$?
 
@@ -37,7 +36,7 @@ else
 fi
 
 
-docker compose exec bastion curl https://hooks.slack.com
+docker-compose exec bastion curl https://hooks.slack.com
 
 retVal=$?
 
@@ -48,12 +47,12 @@ else
   echo "${green}* Slack API Connection Test Succeeded${reset}"
 fi
 
-export SSHRC_KILL_OUTPUT=`docker compose run --build test /scripts/sshrc_kill_test.sh`
+export SSHRC_KILL_OUTPUT=`docker-compose run --build test /scripts/sshrc_kill_test.sh`
 
 if [[ "$SSHRC_KILL_OUTPUT" == *"this output should never print"* ]]; then
   echo "${red}* Failure to quit after non-zero exit code in sshrc${reset}"
   exit 1
 else
   echo "${green}* sshrc non-zero exit code quit Succeeded${reset}"
 fi
-  
+