Split example TF configs into standard module structure

Move variables and outputs from main.tf into separate variables.tf
and outputs.tf for all three examples (ai-startup, saas-startup,
api-first-startup) to satisfy tflint terraform_standard_module_structure
rule and fix CI validation failures.

Author: ricmmartins

examples/ai-startup/terraform/main.tf

@@ -27,104 +27,6 @@ provider "azurerm" {
   subscription_id = var.subscription_id
 }
 
-# ==============================================================================
-# Variables
-# ==============================================================================
-
-variable "subscription_id" {
-  description = "Azure subscription ID"
-  type        = string
-  validation {
-    condition     = can(regex("^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$", var.subscription_id))
-    error_message = "subscription_id must be a valid UUID."
-  }
-}
-
-variable "resource_group_name" {
-  description = "Resource group to deploy into"
-  type        = string
-}
-
-variable "location" {
-  description = "Azure region"
-  type        = string
-  default     = "eastus2"
-}
-
-variable "app_name" {
-  description = "Application name prefix (lowercase alphanumeric, max 12 chars to fit resource naming limits)"
-  type        = string
-  validation {
-    condition     = can(regex("^[a-z][a-z0-9]{1,11}$", var.app_name))
-    error_message = "app_name must be 2-12 lowercase alphanumeric characters, starting with a letter."
-  }
-}
-
-variable "environment" {
-  description = "Environment: prod or nonprod"
-  type        = string
-  default     = "prod"
-  validation {
-    condition     = contains(["prod", "nonprod"], var.environment)
-    error_message = "Environment must be 'prod' or 'nonprod'."
-  }
-}
-
-variable "system_node_vm_size" {
-  description = "AKS system node VM size"
-  type        = string
-  default     = "Standard_D4s_v5"
-}
-
-variable "gpu_node_vm_size" {
-  description = "GPU node VM size"
-  type        = string
-  default     = "Standard_NC6s_v3"
-}
-
-variable "cpu_node_vm_size" {
-  description = "CPU burst node pool VM size"
-  type        = string
-  default     = "Standard_D4s_v5"
-}
-
-variable "gpu_use_spot" {
-  description = "Use Spot VMs for GPU node pool"
-  type        = bool
-  default     = true
-}
-
-variable "kubernetes_version" {
-  description = "AKS Kubernetes version"
-  type        = string
-  default     = "1.30"
-}
-
-variable "ssh_public_key" {
-  description = "SSH public key for AKS nodes"
-  type        = string
-}
-
-variable "aks_admin_username" {
-  description = "Linux admin username for AKS nodes"
-  type        = string
-  default     = "azureuser"
-}
-
-variable "tags" {
-  description = "Tags applied to all resources"
-  type        = map(string)
-  default     = {}
-}
-
-locals {
-  tags = merge({
-    environment = var.environment
-    team        = "ml-engineering"
-    project     = var.app_name
-  }, var.tags)
-}
-
 # ==============================================================================
 # Data source for existing resource group
 # ==============================================================================
@@ -379,42 +281,3 @@ resource "azurerm_key_vault" "this" {
     bypass         = "AzureServices"
   }
 }
-
-# ==============================================================================
-# Outputs
-# ==============================================================================
-
-output "aks_cluster_name" {
-  description = "AKS cluster name (use with az aks get-credentials)"
-  value       = azurerm_kubernetes_cluster.this.name
-}
-
-output "aks_cluster_fqdn" {
-  description = "AKS cluster FQDN for API server access"
-  value       = azurerm_kubernetes_cluster.this.fqdn
-}
-
-output "acr_login_server" {
-  description = "Container registry login server (use with docker push)"
-  value       = azurerm_container_registry.this.login_server
-}
-
-output "openai_endpoint" {
-  description = "Azure OpenAI service endpoint URL"
-  value       = azurerm_cognitive_account.openai.endpoint
-}
-
-output "storage_account_name" {
-  description = "Storage account name for model artifacts and datasets"
-  value       = azurerm_storage_account.this.name
-}
-
-output "redis_hostname" {
-  description = "Redis cache hostname for inference caching"
-  value       = azurerm_redis_cache.this.hostname
-}
-
-output "key_vault_uri" {
-  description = "Key Vault URI for secret access"
-  value       = azurerm_key_vault.this.vault_uri
-}

examples/ai-startup/terraform/outputs.tf

@@ -0,0 +1,38 @@
+# ==============================================================================
+# Outputs
+# ==============================================================================
+
+output "aks_cluster_name" {
+  description = "AKS cluster name (use with az aks get-credentials)"
+  value       = azurerm_kubernetes_cluster.this.name
+}
+
+output "aks_cluster_fqdn" {
+  description = "AKS cluster FQDN for API server access"
+  value       = azurerm_kubernetes_cluster.this.fqdn
+}
+
+output "acr_login_server" {
+  description = "Container registry login server (use with docker push)"
+  value       = azurerm_container_registry.this.login_server
+}
+
+output "openai_endpoint" {
+  description = "Azure OpenAI service endpoint URL"
+  value       = azurerm_cognitive_account.openai.endpoint
+}
+
+output "storage_account_name" {
+  description = "Storage account name for model artifacts and datasets"
+  value       = azurerm_storage_account.this.name
+}
+
+output "redis_hostname" {
+  description = "Redis cache hostname for inference caching"
+  value       = azurerm_redis_cache.this.hostname
+}
+
+output "key_vault_uri" {
+  description = "Key Vault URI for secret access"
+  value       = azurerm_key_vault.this.vault_uri
+}

examples/ai-startup/terraform/variables.tf

@@ -0,0 +1,97 @@
+# ==============================================================================
+# Variables
+# ==============================================================================
+
+variable "subscription_id" {
+  description = "Azure subscription ID"
+  type        = string
+  validation {
+    condition     = can(regex("^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$", var.subscription_id))
+    error_message = "subscription_id must be a valid UUID."
+  }
+}
+
+variable "resource_group_name" {
+  description = "Resource group to deploy into"
+  type        = string
+}
+
+variable "location" {
+  description = "Azure region"
+  type        = string
+  default     = "eastus2"
+}
+
+variable "app_name" {
+  description = "Application name prefix (lowercase alphanumeric, max 12 chars to fit resource naming limits)"
+  type        = string
+  validation {
+    condition     = can(regex("^[a-z][a-z0-9]{1,11}$", var.app_name))
+    error_message = "app_name must be 2-12 lowercase alphanumeric characters, starting with a letter."
+  }
+}
+
+variable "environment" {
+  description = "Environment: prod or nonprod"
+  type        = string
+  default     = "prod"
+  validation {
+    condition     = contains(["prod", "nonprod"], var.environment)
+    error_message = "Environment must be 'prod' or 'nonprod'."
+  }
+}
+
+variable "system_node_vm_size" {
+  description = "AKS system node VM size"
+  type        = string
+  default     = "Standard_D4s_v5"
+}
+
+variable "gpu_node_vm_size" {
+  description = "GPU node VM size"
+  type        = string
+  default     = "Standard_NC6s_v3"
+}
+
+variable "cpu_node_vm_size" {
+  description = "CPU burst node pool VM size"
+  type        = string
+  default     = "Standard_D4s_v5"
+}
+
+variable "gpu_use_spot" {
+  description = "Use Spot VMs for GPU node pool"
+  type        = bool
+  default     = true
+}
+
+variable "kubernetes_version" {
+  description = "AKS Kubernetes version"
+  type        = string
+  default     = "1.30"
+}
+
+variable "ssh_public_key" {
+  description = "SSH public key for AKS nodes"
+  type        = string
+}
+
+variable "aks_admin_username" {
+  description = "Linux admin username for AKS nodes"
+  type        = string
+  default     = "azureuser"
+}
+
+variable "tags" {
+  description = "Tags applied to all resources"
+  type        = map(string)
+  default     = {}
+}
+
+locals {
+  tags = merge({
+    environment = var.environment
+    team        = "ml-engineering"
+    project     = var.app_name
+  }, var.tags)
+}

examples/api-first-startup/terraform/main.tf

@@ -27,75 +27,6 @@ provider "azurerm" {
   subscription_id = var.subscription_id
 }
 
-# ==============================================================================
-# Variables
-# ==============================================================================
-
-variable "subscription_id" {
-  description = "Azure subscription ID"
-  type        = string
-  validation {
-    condition     = can(regex("^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$", var.subscription_id))
-    error_message = "subscription_id must be a valid UUID."
-  }
-}
-
-variable "resource_group_name" {
-  description = "Resource group to deploy into"
-  type        = string
-}
-
-variable "location" {
-  description = "Azure region"
-  type        = string
-  default     = "eastus2"
-}
-
-variable "app_name" {
-  description = "Application name prefix (lowercase alphanumeric, max 12 chars to fit resource naming limits)"
-  type        = string
-  validation {
-    condition     = can(regex("^[a-z][a-z0-9]{1,11}$", var.app_name))
-    error_message = "app_name must be 2-12 lowercase alphanumeric characters, starting with a letter."
-  }
-}
-
-variable "environment" {
-  description = "Environment: prod or nonprod"
-  type        = string
-  default     = "prod"
-  validation {
-    condition     = contains(["prod", "nonprod"], var.environment)
-    error_message = "Environment must be 'prod' or 'nonprod'."
-  }
-}
-
-variable "apim_publisher_email" {
-  description = "APIM publisher email"
-  type        = string
-}
-
-variable "apim_publisher_name" {
-  description = "APIM publisher name"
-  type        = string
-}
-
-variable "tags" {
-  description = "Tags applied to all resources"
-  type        = map(string)
-  default     = {}
-}
-
-locals {
-  app_service_sku = var.environment == "prod" ? "P1v3" : "B1"
-
-  tags = merge({
-    environment = var.environment
-    team        = "engineering"
-    project     = var.app_name
-  }, var.tags)
-}
-
 # ==============================================================================
 # Data source for existing resource group
 # ==============================================================================
@@ -354,38 +285,3 @@ resource "azurerm_monitor_diagnostic_setting" "apim" {
     category = "GatewayLogs"
   }
 }
-
-# ==============================================================================
-# Outputs
-# ==============================================================================
-
-output "app_url" {
-  description = "HTTPS URL of the App Service API"
-  value       = "https://${azurerm_linux_web_app.this.default_hostname}"
-}
-
-output "apim_gateway_url" {
-  description = "API Management gateway URL for external consumers"
-  value       = azurerm_api_management.this.gateway_url
-}
-
-output "cosmos_endpoint" {
-  description = "Cosmos DB account endpoint URL"
-  value       = azurerm_cosmosdb_account.this.endpoint
-}
-
-output "app_insights_connection_string" {
-  description = "Application Insights connection string (sensitive)"
-  value       = azurerm_application_insights.this.connection_string
-  sensitive   = true
-}
-
-output "redis_hostname" {
-  description = "Redis cache hostname for response caching"
-  value       = azurerm_redis_cache.this.hostname
-}
-
-output "key_vault_uri" {
-  description = "Key Vault URI for secret access"
-  value       = azurerm_key_vault.this.vault_uri
-}