fix formatting, add fmt gh action

.github/workflows/format.yaml

@@ -0,0 +1,40 @@
+name: Terraform Format Check
+
+on:
+  pull_request:
+    paths:
+      - "**/*.tf"
+      - "**/*.tfvars"
+
+jobs:
+  fmt:
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        working-directory: ./modules
+    permissions:
+      contents: write
+      pull-requests: write
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          ref: ${{ github.head_ref }}
+
+      - name: Install Terraform
+        uses: hashicorp/setup-terraform@v3
+        with:
+          terraform_version: 1.10.5
+
+      - name: Check Terraform formatting
+        run: terraform fmt -recursive || true
+
+      - name: Commit formatting changes
+        run: |
+          if [[ -n "$(git status --porcelain)" ]]; then
+            git config user.name "github-actions"
+            git config user.email "github-actions@github.com"
+            git commit -am "chore: terraform fmt"
+            git push
+          fi

.vscode/settings.json

@@ -0,0 +1,4 @@
+{
+  "editor.formatOnSave": true,
+  "files.insertFinalNewline": true
+}

modules/aws/gh-actions-access/module/main.tf

@@ -24,7 +24,7 @@ resource "aws_iam_role" "github_actions" {
   assume_role_policy = jsonencode({
     Version = "2012-10-17",
     Statement = [
-      for it in coalesce(var.github_repos, [var.github_repo]) :
+      for it in concat(coalesce(var.github_repos, []), var.github_repo == null ? [] : [var.github_repo]) :
       {
         Effect = "Allow",
         Principal = {
@@ -45,7 +45,7 @@ resource "aws_iam_role" "github_actions" {
 }
 
 resource "aws_iam_role_policy" "terraform_permissions" {
-  count = var.role_policy != null ? 1 : 0
+  count  = var.role_policy != null ? 1 : 0
   name   = "terraform-access-policy"
   role   = aws_iam_role.github_actions.id
   policy = var.role_policy

modules/aws/gh-actions-access/module/variables.tf

@@ -1,11 +1,13 @@
 variable "github_repo" {
   description = "The GitHub repository to grant access to in the format: owner/repo-name"
   type        = string
+  default     = null
 }
 
 variable "github_repos" {
   description = "The GitHub repositories to grant access to in the format: owner/repo-name"
   type        = list(string)
+  default     = null
 }
 
 variable "role_name" {

modules/aws/site-redirect/examples/usage.tf

@@ -8,5 +8,5 @@ module "site_redirect" {
   ]
 
   certificate_domain_name = "alternative-domain.com"
-  redirect_domain = "my-site.com"
+  redirect_domain         = "my-site.com"
 }

modules/aws/site-redirect/module/outputs.tf

@@ -1,4 +1,4 @@
 output "cloudfront_url" {
-    description = "The default domain name (URL) of the CloudFront distribution"
-    value       = aws_cloudfront_distribution.redirect_site_cloudfront.domain_name
+  description = "The default domain name (URL) of the CloudFront distribution"
+  value       = aws_cloudfront_distribution.redirect_site_cloudfront.domain_name
 }

modules/aws/site-redirect/module/variables.tf

@@ -16,6 +16,6 @@ variable "certificate_domain_name" {
 }
 
 variable "redirect_domain" {
-  type = string
+  type        = string
   description = "Domain to redirect to"
 }

modules/aws/static-site/module/outputs.tf

@@ -1,4 +1,4 @@
 output "cloudfront_url" {
-    description = "The default domain name (URL) of the CloudFront distribution"
-    value       = aws_cloudfront_distribution.site_static_cloudfront.domain_name
+  description = "The default domain name (URL) of the CloudFront distribution"
+  value       = aws_cloudfront_distribution.site_static_cloudfront.domain_name
 }