diff --git a/.deepsource.toml b/.deepsource.toml new file mode 100644 index 0000000..18b001a --- /dev/null +++ b/.deepsource.toml @@ -0,0 +1,4 @@ +version = 1 + +[[analyzers]] +name = "terraform" \ No newline at end of file diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 2f0c1ab..08ea960 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -5,15 +5,52 @@ version: 2 updates: + + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "daily" + open-pull-requests-limit: 3 + assignees: + - "clouddrove-ci" + reviewers: + - "approvers" + - package-ecosystem: "terraform" # See documentation for possible values directory: "/" # Location of package manifests schedule: interval: "weekly" + # Add assignees + assignees: + - "clouddrove-ci" + # Add reviewer + reviewers: + - "approvers" + # Allow up to 3 open pull requests for pip dependencies + open-pull-requests-limit: 3 + - package-ecosystem: "terraform" # See documentation for possible values - directory: "_example/basic" # Location of package manifests + directory: "/_example/basic" # Location of package manifests schedule: interval: "weekly" + # Add assignees + assignees: + - "clouddrove-ci" + # Add reviewer + reviewers: + - "approvers" + # Allow up to 3 open pull requests for pip dependencies + open-pull-requests-limit: 3 + - package-ecosystem: "terraform" # See documentation for possible values - directory: "_example/complete" # Location of package manifests + directory: "/_example/complete" # Location of package manifests schedule: interval: "weekly" + # Add assignees + assignees: + - "clouddrove-ci" + # Add reviewer + reviewers: + - "approvers" + # Allow up to 3 open pull requests for pip dependencies + open-pull-requests-limit: 3 diff --git a/.github/workflows/auto_assignee.yml b/.github/workflows/auto_assignee.yml new file mode 100644 index 0000000..4625a8b --- /dev/null +++ b/.github/workflows/auto_assignee.yml @@ -0,0 +1,14 @@ +name: Auto Assign PRs + +on: + pull_request: + types: [opened, reopened] + + workflow_dispatch: +jobs: + assignee: + uses: clouddrove/github-shared-workflows/.github/workflows/auto_assignee.yml@1.0.8 + secrets: + GITHUB: ${{ secrets.GITHUB }} + with: + assignees: 'clouddrove-ci' diff --git a/.github/workflows/changelog.yaml b/.github/workflows/changelog.yaml index 3e88b85..a80dbf1 100644 --- a/.github/workflows/changelog.yaml +++ b/.github/workflows/changelog.yaml @@ -6,8 +6,8 @@ on: - "*" workflow_dispatch: jobs: - call-workflow-changelog: - uses: clouddrove/github-shared-workflows/.github/workflows/changelog.yml@master + changelog: + uses: clouddrove/github-shared-workflows/.github/workflows/changelog.yml@1.0.8 secrets: inherit with: - branch: 'master' \ No newline at end of file + branch: 'master' diff --git a/.github/workflows/readme.yml b/.github/workflows/readme.yml index d3cbfb6..1eb0243 100644 --- a/.github/workflows/readme.yml +++ b/.github/workflows/readme.yml @@ -13,29 +13,28 @@ jobs: uses: actions/checkout@master - name: 'Set up Python 3.7' - uses: actions/setup-python@v2 + uses: actions/setup-python@v5 with: python-version: '3.x' - name: 'create readme' - uses: 'clouddrove/github-actions@v9.0.2' + uses: 'clouddrove/github-actions@9.0.3' with: actions_subcommand: 'readme' github_token: '${{ secrets.GITHUB }}' env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - name: 'pre-commit check errors' - uses: pre-commit/action@v2.0.0 + uses: pre-commit/action@v3.0.0 continue-on-error: true - name: 'pre-commit fix erros' - uses: pre-commit/action@v2.0.0 + uses: pre-commit/action@v3.0.0 continue-on-error: true - name: 'push readme' - uses: 'clouddrove/github-actions@v9.0.2' + uses: 'clouddrove/github-actions@9.0.3' continue-on-error: true with: actions_subcommand: 'push' @@ -51,4 +50,4 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # required SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_TERRAFORM }} # required - if: always() \ No newline at end of file + if: always() diff --git a/.github/workflows/semantic-releaser.yml b/.github/workflows/semantic-releaser.yml deleted file mode 100644 index 58dffd0..0000000 --- a/.github/workflows/semantic-releaser.yml +++ /dev/null @@ -1,30 +0,0 @@ -name: Release - -on: - push: - branches: - - main - paths: - - '**.tf' - - '_example/**.tf' - -jobs: - release: - name: Release - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v2 - with: - fetch-depth: 0 - persist-credentials: false - - - name: Setup Node.js - uses: actions/setup-node@v1 - with: - node-version: 14 - - - name: Release - env: - GITHUB_TOKEN: ${{ secrets.ACCESS_TOKEN }} - run: npx semantic-release diff --git a/.github/workflows/static-checks.yml b/.github/workflows/static-checks.yml deleted file mode 100644 index b36bd64..0000000 --- a/.github/workflows/static-checks.yml +++ /dev/null @@ -1,75 +0,0 @@ -name: static-checks - -on: - pull_request: - -jobs: - versionExtract: - name: Get min/max versions - runs-on: ubuntu-latest - - steps: - - name: Checkout - uses: actions/checkout@v2 - - - name: Terraform min/max versions - id: minMax - uses: clowdhaus/terraform-min-max@main - outputs: - minVersion: ${{ steps.minMax.outputs.minVersion }} - maxVersion: ${{ steps.minMax.outputs.maxVersion }} - - versionEvaluate: - name: Evaluate Terraform versions - runs-on: ubuntu-latest - needs: versionExtract - strategy: - fail-fast: false - matrix: - version: - - ${{ needs.versionExtract.outputs.minVersion }} - - ${{ needs.versionExtract.outputs.maxVersion }} - directory: - - _example/basic/ - - _example/complete/ - - steps: - - name: Checkout - uses: actions/checkout@v2 - - - name: Install Terraform v${{ matrix.version }} - uses: hashicorp/setup-terraform@v1 - with: - terraform_version: ${{ matrix.version }} - - - name: Init & validate v${{ matrix.version }} - run: | - cd ${{ matrix.directory }} - terraform init - terraform validate - - name: tflint - uses: reviewdog/action-tflint@master - with: - tflint_version: v0.29.0 - github_token: ${{ secrets.GITHUB_TOKEN }} - working_directory: ${{ matrix.directory }} - fail_on_error: 'true' - filter_mode: 'nofilter' - flags: '--module' - - format: - name: Check code format - runs-on: ubuntu-latest - needs: versionExtract - - steps: - - name: Checkout - uses: actions/checkout@v2 - - - name: Install Terraform v${{ needs.versionExtract.outputs.maxVersion }} - uses: hashicorp/setup-terraform@v1 - with: - terraform_version: ${{ needs.versionExtract.outputs.maxVersion }} - - - name: Check Terraform format changes - run: terraform fmt --recursive -check=true \ No newline at end of file diff --git a/.github/workflows/tf-checks.yml b/.github/workflows/tf-checks.yml new file mode 100644 index 0000000..2b4249a --- /dev/null +++ b/.github/workflows/tf-checks.yml @@ -0,0 +1,16 @@ +name: tf-checks +on: + push: + branches: [ master ] + pull_request: + workflow_dispatch: +jobs: + example-basic: + uses: clouddrove/github-shared-workflows/.github/workflows/tf-checks.yml@1.0.8 + with: + working_directory: './_example/basic/' + + example-complete: + uses: clouddrove/github-shared-workflows/.github/workflows/tf-checks.yml@1.0.8 + with: + working_directory: './_example/complete/' diff --git a/.github/workflows/tflint.yml b/.github/workflows/tflint.yml new file mode 100644 index 0000000..3eafee9 --- /dev/null +++ b/.github/workflows/tflint.yml @@ -0,0 +1,11 @@ +name: tf-lint +on: + push: + branches: [ master ] + pull_request: + workflow_dispatch: +jobs: + tf-lint: + uses: clouddrove/github-shared-workflows/.github/workflows/tf-lint.yml@1.0.8 + secrets: + GITHUB: ${{ secrets.GITHUB }} diff --git a/.github/workflows/tfsec.yml b/.github/workflows/tfsec.yml index 9aaf588..52ad25a 100644 --- a/.github/workflows/tfsec.yml +++ b/.github/workflows/tfsec.yml @@ -5,7 +5,7 @@ on: workflow_dispatch: jobs: tfsec: - uses: clouddrove/github-shared-workflows/.github/workflows/tfsec.yml@master + uses: clouddrove/github-shared-workflows/.github/workflows/tfsec.yml@1.0.8 secrets: inherit with: - working_directory: '.' \ No newline at end of file + working_directory: '.' diff --git a/README.yaml b/README.yaml index cfa611e..9bcaac6 100644 --- a/README.yaml +++ b/README.yaml @@ -16,9 +16,12 @@ github_repo: clouddrove/terraform-azure-vnet # Badges to display badges: - - name: "Terraform" - image: "https://img.shields.io/badge/Terraform-v1.0.0-green" - url: "https://www.terraform.io" + - name: "Latest Release" + image: "https://img.shields.io/github/release/clouddrove/terraform-azure-vnet.svg" + url: "https://github.com/clouddrove/terraform-azure-vnet/releases/latest" + - name: "tfsec" + image: "https://github.com/clouddrove/terraform-azure-vnet/actions/workflows/tfsec.yml/badge.svg" + url: "https://github.com/clouddrove/terraform-azure-vnet/actions/workflows/tfsec.yml" - name: "Licence" image: "https://img.shields.io/badge/License-APACHE-blue.svg" url: "LICENSE.md" @@ -34,17 +37,29 @@ include: # How to use this project # yamllint disable rule:line-length usage: |- - ### Simple Example Here is an example of how you can use this module in your inventory structure: + ### Basic Example ```hcl - module "virtual-network" { - source = "clouddrove/vnet/azure" - name = "app" - environment = "test" - label_order = ["name", "environment"] - resource_group_name = module.resource_group.resource_group_name - location = module.resource_group.resource_group_location - address_space = "10.0.0.0/16" - enable_network_watcher = false # To be set true when network security group flow logs are to be tracked and network watcher with specific name is to be deployed. - } - ``` \ No newline at end of file + module "vnet" { + source = "clouddrove/vnet/azure" + name = local.name + environment = local.environment + resource_group_name = "testsg" + location = "NorthEurope" + address_space = "10.0.0.0/16" + enable_network_watcher = false # To be set true when network security group flow logs are to be tracked and network watcher with specific name is to be deployed. + } + ``` + ### Complete Example + ```hcl + module "vnet" { + source = "clouddrove/vnet/azure" + name = local.name + environment = local.environment + resource_group_name = module.resource_group.resource_group_name + location = module.resource_group.resource_group_location + address_space = "10.0.0.0/16" + enable_network_watcher = false # To be set true when network security group flow logs are to be tracked and network watcher with specific name is to be deployed. + } + ``` + diff --git a/_example/basic/outputs.tf b/_example/basic/outputs.tf index 940cb7b..1cfd52e 100644 --- a/_example/basic/outputs.tf +++ b/_example/basic/outputs.tf @@ -1,29 +1,29 @@ output "vnet_id" { - description = "The id of the newly created vNet" value = module.vnet.vnet_id + description = "The id of the newly created vNet" } output "vnet_name" { - description = "The name of the newly created vNet" value = module.vnet.vnet_name + description = "The name of the newly created vNet" } output "vnet_location" { - description = "The location of the newly created vNet" value = module.vnet.vnet_location + description = "The location of the newly created vNet" } output "vnet_address_space" { - description = "The address space of the newly created vNet" value = module.vnet.vnet_address_space + description = "The address space of the newly created vNet" } output "vnet_guid" { - description = "The GUID of the virtual network." value = module.vnet.vnet_guid + description = "The GUID of the virtual network." } output "vnet_rg_name" { - description = "The name of the resource group in which to create the virtual network. Changing this forces a new resource to be created." value = module.vnet.vnet_rg_name -} \ No newline at end of file + description = "The name of the resource group in which to create the virtual network. Changing this forces a new resource to be created." +} diff --git a/_example/complete/example.tf b/_example/complete/example.tf index fc48154..4426922 100644 --- a/_example/complete/example.tf +++ b/_example/complete/example.tf @@ -29,5 +29,6 @@ module "vnet" { resource_group_name = module.resource_group.resource_group_name location = module.resource_group.resource_group_location address_space = "10.0.0.0/16" + enable_ddos_pp = false enable_network_watcher = false # To be set true when network security group flow logs are to be tracked and network watcher with specific name is to be deployed. } diff --git a/_example/complete/outputs.tf b/_example/complete/outputs.tf index 940cb7b..1cfd52e 100644 --- a/_example/complete/outputs.tf +++ b/_example/complete/outputs.tf @@ -1,29 +1,29 @@ output "vnet_id" { - description = "The id of the newly created vNet" value = module.vnet.vnet_id + description = "The id of the newly created vNet" } output "vnet_name" { - description = "The name of the newly created vNet" value = module.vnet.vnet_name + description = "The name of the newly created vNet" } output "vnet_location" { - description = "The location of the newly created vNet" value = module.vnet.vnet_location + description = "The location of the newly created vNet" } output "vnet_address_space" { - description = "The address space of the newly created vNet" value = module.vnet.vnet_address_space + description = "The address space of the newly created vNet" } output "vnet_guid" { - description = "The GUID of the virtual network." value = module.vnet.vnet_guid + description = "The GUID of the virtual network." } output "vnet_rg_name" { - description = "The name of the resource group in which to create the virtual network. Changing this forces a new resource to be created." value = module.vnet.vnet_rg_name -} \ No newline at end of file + description = "The name of the resource group in which to create the virtual network. Changing this forces a new resource to be created." +} diff --git a/_test/virtual_network_test.go b/_test/virtual_network_test.go deleted file mode 100644 index 04a2504..0000000 --- a/_test/virtual_network_test.go +++ /dev/null @@ -1,33 +0,0 @@ -// Managed By : CloudDrove -// Description : This Terratest is used to test the Terraform VPC module. -// Copyright @ CloudDrove. All Right Reserved. -package test - -import ( - "testing" - "github.com/gruntwork-io/terratest/modules/terraform" - "github.com/stretchr/testify/assert" -) - -func Test(t *testing.T) { - t.Parallel() - - terraformOptions := &terraform.Options{ - // Source path of Terraform directory. - TerraformDir: "../_example", - } - - // This will run 'terraform init' and 'terraform application' and will fail the test if any errors occur - terraform.InitAndApply(t, terraformOptions) - - // To clean up any resources that have been created, run 'terraform destroy' towards the end of the test - defer terraform.Destroy(t, terraformOptions) - - // To get the value of an output variable, run 'terraform output' - Id := terraform.Output(t, terraformOptions, "virtual_network_id") - Tags := terraform.OutputMap(t, terraformOptions, "tags") - - // Check that we get back the outputs that we expect - assert.Equal(t, "test-clouddrove-virtual-network", Tags["Name"]) - assert.Contains(t, Id, "/subscriptions") -} \ No newline at end of file diff --git a/outputs.tf b/outputs.tf index 06af3f8..eedc1e7 100644 --- a/outputs.tf +++ b/outputs.tf @@ -1,31 +1,31 @@ output "vnet_id" { - description = "The id of the newly created vNet" value = azurerm_virtual_network.vnet[*].id + description = "The id of the newly created vNet" } output "vnet_name" { - description = "The name of the newly created vNet" value = azurerm_virtual_network.vnet[*].name + description = "The name of the newly created vNet" } output "vnet_location" { - description = "The location of the newly created vNet" value = azurerm_virtual_network.vnet[*].location + description = "The location of the newly created vNet" } output "vnet_address_space" { - description = "The address space of the newly created vNet" value = azurerm_virtual_network.vnet[*].address_space + description = "The address space of the newly created vNet" } output "vnet_guid" { - description = "The GUID of the virtual network." value = azurerm_virtual_network.vnet[*].guid + description = "The GUID of the virtual network." } output "vnet_rg_name" { - description = "The name of the resource group in which to create the virtual network. Changing this forces a new resource to be created" value = azurerm_virtual_network.vnet[*].resource_group_name + description = "The name of the resource group in which to create the virtual network. Changing this forces a new resource to be created" } output "ddos_protection_plan_id" {