diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 00000000..fae8897c --- /dev/null +++ b/.gitattributes @@ -0,0 +1 @@ +* eol=lf diff --git a/.github/release-drafter.yml b/.github/release-drafter.yml deleted file mode 100644 index b9fa3215..00000000 --- a/.github/release-drafter.yml +++ /dev/null @@ -1,52 +0,0 @@ ---- -# Format and labels used aim to match those used by Ansible project -name-template: '$RESOLVED_VERSION' -tag-template: '$RESOLVED_VERSION' -categories: - - title: 'Major Changes' - labels: - - 'major' # c6476b - - title: 'Minor Changes' - labels: - - 'feature' # 006b75 - - 'enhancement' # ededed - - 'refactoring' - - title: 'Bugfixes' - labels: - - 'bug' # fbca04 - - title: 'Deprecations' - labels: - - 'deprecated' # fef2c0 -exclude-labels: - - 'skip-changelog' - - 'duplicate' -version-resolver: - major: - labels: - - 'major' - minor: - labels: - - 'minor' - - 'feature' - - 'enhancement' - - 'refactoring' - patch: - labels: - - 'patch' - - 'bug' - - 'deprecated' - default: patch -autolabeler: - - label: 'skip-changelog' - title: '/chore/i' - - label: 'bug' - title: '/fix/i' - - label: 'enhancement' - title: '/(enhance|improve)/i' - - label: 'feature' - title: '/feature/i' - - label: 'dreprecated' - title: '/deprecat/i' -template: | - $CHANGES - Kudos goes to: $CONTRIBUTORS diff --git a/.github/settings.json b/.github/settings.json new file mode 100644 index 00000000..3ca462f6 --- /dev/null +++ b/.github/settings.json @@ -0,0 +1,13 @@ +{ + "repos": { + "description": "A Terraform module that manages the azurerm application-insights resources from the azurerm provider.", + "visibility": "public", + "default_branch": "main", + "homepage": "https://telekom-mms.github.io/terraform-template", + "topics": [ + "application-insights", + "azure", + "terraform" + ] + } +} diff --git a/.github/workflows/codespell.yml b/.github/workflows/codespell.yml new file mode 100644 index 00000000..c39d7a4c --- /dev/null +++ b/.github/workflows/codespell.yml @@ -0,0 +1,12 @@ +--- +name: codespell + +on: + push: + branches: [main] + pull_request: + branches: [main] + +jobs: + call-codespell: + uses: telekom-mms/.github/.github/workflows/codespell.yml@main diff --git a/.github/workflows/linting.yml b/.github/workflows/linting.yml new file mode 100644 index 00000000..412fa256 --- /dev/null +++ b/.github/workflows/linting.yml @@ -0,0 +1,12 @@ +--- +name: linting + +on: + push: + branches: [main] + pull_request: + branches: [main] + +jobs: + call-linting: + uses: telekom-mms/.github/.github/workflows/terraform_linting.yml@main diff --git a/.github/workflows/prettier-md.yml b/.github/workflows/prettier-md.yml deleted file mode 100644 index 95ea2687..00000000 --- a/.github/workflows/prettier-md.yml +++ /dev/null @@ -1,24 +0,0 @@ ---- -# https://github.com/creyD/prettier_action -name: Prettier markdown files - -on: - push: - paths: - - '**.md' - -jobs: - prettier-md: - runs-on: ubuntu-latest - timeout-minutes: 1 - - steps: - - name: Git checkout - uses: actions/checkout@v3 - with: - ref: ${{ github.head_ref }} - - - name: Prettify code - uses: creyD/prettier_action@v4.2 - with: - prettier_options: --write {**/*,*}.md diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 076d98cd..9a6918f9 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,80 +1,21 @@ --- -name: New release +name: release -on: # yamllint disable-line rule:truthy - workflow_dispatch: +on: push: - branches: - - main + branches: [main] -jobs: - generate_changelog: - runs-on: ubuntu-latest - name: create release draft - steps: - - uses: actions/checkout@v3.2.0 - with: - fetch-depth: 0 - - - name: 'Get Previous tag' - id: previoustag - uses: "WyriHaximus/github-action-get-previous-tag@master" - env: - GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" - - - name: calculate next version - id: version - uses: patrickjahns/version-drafter-action@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - - name: Generate changelog - uses: charmixer/auto-changelog-action@v1 - with: - token: ${{ secrets.GITHUB_TOKEN }} - future_release: ${{ steps.version.outputs.next-version }} - - - name: Generate readme - uses: terraform-docs/gh-actions@main - with: - working-dir: . - output-file: README.md - output-method: inject +env: + TEMPLATE_REPOSITORY: telekom-mms/terraform-template - - name: push changelog and readme - uses: github-actions-x/commit@v2.9 - with: - github-token: ${{ secrets.GITHUB_TOKEN }} - push-branch: 'main' - commit-message: 'update changelog' - force-add: 'true' - files: CHANGELOG.md README.md - name: T-Systems MMS - email: frage@t-systems-mms.com - - # do a second checkout to prevent race situation - # changelog gets updated but action works on old commit id - - uses: actions/checkout@v3.2.0 - with: - ref: main - - - name: Generate changelog for the release - run: | - sed '/## \[${{ steps.previoustag.outputs.tag }}\]/Q' CHANGELOG.md > CHANGELOGRELEASE.md - - name: Read CHANGELOG.md - id: package - uses: juliangruber/read-file-action@v1 - with: - path: ./CHANGELOGRELEASE.md - - - name: Create Release draft - id: create_release - uses: actions/create-release@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token - with: - release_name: ${{ steps.version.outputs.next-version }} - tag_name: ${{ steps.version.outputs.next-version }} - body: | - ${{ steps.package.outputs.content }} - draft: true +jobs: + call-readme: + if: github.repository != '$TEMPLATE_REPOSITORY' + uses: telekom-mms/.github/.github/workflows/terraform_docs.yml@main + call-release: + if: github.repository != '$TEMPLATE_REPOSITORY' + uses: telekom-mms/.github/.github/workflows/release.yml@main + secrets: + GH_BRANCH_PROTECTION_APP_TOKEN: ${{ secrets.GH_BRANCH_PROTECTION_APP_TOKEN }} + with: + files: README.md diff --git a/.github/workflows/settings.yml b/.github/workflows/settings.yml new file mode 100644 index 00000000..f1b9ecbe --- /dev/null +++ b/.github/workflows/settings.yml @@ -0,0 +1,18 @@ +--- +name: settings + +on: + push: + branches: [main] + schedule: + - cron: '0 10 * * *' + +env: + TEMPLATE_REPOSITORY: telekom-mms/terraform-template + +jobs: + call-settings: + if: github.repository != '$TEMPLATE_REPOSITORY' + uses: telekom-mms/.github/.github/workflows/github_repository.yml@main + secrets: + GH_APP_CREDENTIALS_TOKEN: ${{ secrets.GH_APP_CREDENTIALS_TOKEN }} diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml deleted file mode 100644 index 06826e6a..00000000 --- a/.github/workflows/terraform.yml +++ /dev/null @@ -1,23 +0,0 @@ ---- -name: Terraform - -on: [push, pull_request] - -jobs: - terraform-lint: - runs-on: ubuntu-latest - - steps: - # Important: This sets up your GITHUB_WORKSPACE environment variable - - uses: actions/checkout@v3 - - uses: hashicorp/setup-terraform@v2 - - - name: fmt - run: terraform fmt -recursive -check - continue-on-error: true - - - name: init - run: terraform init - - - name: validate - run: terraform validate -no-color diff --git a/.github/workflows/terrascan.yml b/.github/workflows/terrascan.yml new file mode 100644 index 00000000..3cd8966c --- /dev/null +++ b/.github/workflows/terrascan.yml @@ -0,0 +1,19 @@ +--- +name: terrascan + +on: + pull_request: + branches: [main] + +env: + TEMPLATE_REPOSITORY: telekom-mms/terraform-template + +jobs: + call-terrascan: + if: github.repository != '$TEMPLATE_REPOSITORY' + uses: telekom-mms/.github/.github/workflows/terrascan.yml@main + with: + iac_type: terraform + iac_dir: ./tests + policy_type: azure + non_recursive: true diff --git a/.github/workflows/terratest.yml b/.github/workflows/terratest.yml new file mode 100644 index 00000000..c1e75476 --- /dev/null +++ b/.github/workflows/terratest.yml @@ -0,0 +1,21 @@ +--- +name: terratest + +on: + pull_request: + branches: [main] + +env: + TEMPLATE_REPOSITORY: telekom-mms/terraform-template + +jobs: + call-terratest: + if: github.repository != '$TEMPLATE_REPOSITORY' + uses: telekom-mms/.github/.github/workflows/terratest.yml@main + with: + test: azure + secrets: + azure_client_id: ${{ secrets.AZURE_CLIENT_ID }} + azure_client_secret: ${{ secrets.AZURE_CLIENT_SECRET }} + azure_subscription_id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + azure_tenant_id: ${{ secrets.AZURE_TENANT_ID }} diff --git a/README.md b/README.md index 51c1c46a..a5154d61 100644 --- a/README.md +++ b/README.md @@ -38,19 +38,45 @@ This module manages Azure Application Insights. ## Examples +Minimal configuration to install the desired resources with the module + +```hcl +module "application_insights" { + source = "registry.terraform.io/telekom-mms/application-insights/azurerm" + + application_insights = { + aimms = { + resource_group_name = "rg-mms-github" + application_type = "web" + } + } +} +``` + +Advanced configuration to install the desired resources with the module + ```hcl module "application_insights" { - source = "registry.terraform.io/T-Systems-MMS/application-insights/azurerm" + source = "registry.terraform.io/telekom-mms/application-insights/azurerm" + application_insights = { - function_app = { - location = "westeurope" - resource_group_name = "service-env-rg" - application_type = "Node.JS" - internet_ingestion_enabled = true - internet_query_enabled = true - retention_in_days = "90" + aimms = { + location = "westeurope" + resource_group_name = "rg-mms-github" + application_type = "web" + daily_data_cap_in_gb = 10 + daily_data_cap_notifications_disabled = false + retention_in_days = 90 + sampling_percentage = 100 + disable_ip_masking = false + local_authentication_disabled = false + internet_ingestion_enabled = true + internet_query_enabled = true + force_customer_storage_for_profiler = false tags = { - service = "service_name" + project = "mms-github" + environment = terraform.workspace + managed-by = "terraform" } } } diff --git a/examples/.tflint.hcl b/examples/.tflint.hcl new file mode 100644 index 00000000..78bf1022 --- /dev/null +++ b/examples/.tflint.hcl @@ -0,0 +1,9 @@ +rule "terraform_required_providers" { + enabled = false +} +rule "terraform_required_version" { + enabled = false +} +rule "terraform_module_version" { + enabled = false +} diff --git a/examples/apply_main.tf b/examples/apply_main.tf new file mode 100644 index 00000000..2f9ca98c --- /dev/null +++ b/examples/apply_main.tf @@ -0,0 +1,11 @@ +module "application_insights" { + source = "registry.terraform.io/telekom-mms/application-insights/azurerm" + + application_insights = { + appi-mms-github = { + location = "westeurope" + resource_group_name = "rg-mms-github" + application_type = "web" + } + } +} diff --git a/examples/full_main.tf b/examples/full_main.tf new file mode 100644 index 00000000..f356b430 --- /dev/null +++ b/examples/full_main.tf @@ -0,0 +1,27 @@ +module "application_insights" { + source = "registry.terraform.io/telekom-mms/application-insights/azurerm" + + application_insights = { + aimms = { + name = "appi-mms-github" + location = "westeurope" + resource_group_name = "rg-mms-github" + application_type = "web" + daily_data_cap_in_gb = 10 + daily_data_cap_notifications_disabled = false + retention_in_days = 90 + sampling_percentage = 100 + disable_ip_masking = false + local_authentication_disabled = false + internet_ingestion_enabled = true + internet_query_enabled = true + force_customer_storage_for_profiler = false + tags = { + project = "mms-github" + environment = terraform.workspace + managed-by = "terraform" + } + } + } +} + diff --git a/examples/main.tf b/examples/main.tf deleted file mode 100644 index d141f7e9..00000000 --- a/examples/main.tf +++ /dev/null @@ -1,16 +0,0 @@ -module "application_insights" { - source = "registry.terraform.io/T-Systems-MMS/application-insights/azurerm" - application_insights = { - function_app = { - location = "westeurope" - resource_group_name = "service-env-rg" - application_type = "Node.JS" - internet_ingestion_enabled = true - internet_query_enabled = true - retention_in_days = "90" - tags = { - service = "service_name" - } - } - } -} diff --git a/examples/min_main.tf b/examples/min_main.tf new file mode 100644 index 00000000..2f9ca98c --- /dev/null +++ b/examples/min_main.tf @@ -0,0 +1,11 @@ +module "application_insights" { + source = "registry.terraform.io/telekom-mms/application-insights/azurerm" + + application_insights = { + appi-mms-github = { + location = "westeurope" + resource_group_name = "rg-mms-github" + application_type = "web" + } + } +} diff --git a/main.tf b/main.tf index 1deea15e..3cb9e753 100644 --- a/main.tf +++ b/main.tf @@ -1,8 +1,10 @@ /** - * # application_insights - * - * This module manages Azure Application Insights. - * +* # application-insights +* +* This module manages the azurerm application-insights resources, see https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs. +* +* For more information about the module structure see https://telekom-mms.github.io/terraform-template. +* */ resource "azurerm_application_insights" "application_insights" { diff --git a/outputs.tf b/outputs.tf index 7b95dd0d..b4fc741a 100644 --- a/outputs.tf +++ b/outputs.tf @@ -1,13 +1,26 @@ output "application_insights" { - description = "azurerm_application_insights" + description = "Outputs all attributes of application_insights." value = { for application_insights in keys(azurerm_application_insights.application_insights) : application_insights => { - id = azurerm_application_insights.application_insights[application_insights].id - name = azurerm_application_insights.application_insights[application_insights].name - app_id = azurerm_application_insights.application_insights[application_insights].app_id - instrumentation_key = azurerm_application_insights.application_insights[application_insights].instrumentation_key - connection_string = azurerm_application_insights.application_insights[application_insights].connection_string + for key, value in azurerm_application_insights.application_insights[application_insights] : + key => value + } + } +} + +output "variables" { + description = "Displays all configurable variables passed by the module. __default__ = predefined values per module. __merged__ = result of merging the default values and custom values passed to the module" + value = { + default = { + for variable in keys(local.default) : + variable => local.default[variable] + } + merged = { + application_insights = { + for key in keys(var.application_insights) : + key => local.application_insights[key] + } } } } diff --git a/renovate.json b/renovate.json index a02bfd86..d6deba21 100644 --- a/renovate.json +++ b/renovate.json @@ -1,8 +1,10 @@ { "extends": [ "config:base", - ":dependencyDashboard" + "github>telekom-mms/terraform-template" ], + "dependencyDashboard": true, + "dependencyDashboardAutoclose": false, "packageRules": [ { "matchUpdateTypes": ["patch"], @@ -10,3 +12,4 @@ } ] } + diff --git a/tests/terratest.yaml b/tests/terratest.yaml new file mode 100644 index 00000000..a36c138f --- /dev/null +++ b/tests/terratest.yaml @@ -0,0 +1,3 @@ +# see https://pkg.go.dev/github.com/gruntwork-io/terratest/modules/[package] +functions: [] +options: {} diff --git a/variables.tf b/variables.tf index e9bd5c41..9e785b08 100644 --- a/variables.tf +++ b/variables.tf @@ -11,14 +11,14 @@ locals { name = "" daily_data_cap_in_gb = null daily_data_cap_notifications_disabled = null - retention_in_days = 30 + retention_in_days = 30 # defined default sampling_percentage = null - disable_ip_masking = false + disable_ip_masking = null workspace_id = null - local_authentication_disabled = false - internet_ingestion_enabled = false - internet_query_enabled = false - force_customer_storage_for_profiler = false + local_authentication_disabled = null + internet_ingestion_enabled = false # defined default + internet_query_enabled = false # defined default + force_customer_storage_for_profiler = null tags = {} } } diff --git a/versions.tf b/versions.tf index 71b23649..c2a8eb99 100644 --- a/versions.tf +++ b/versions.tf @@ -1,9 +1,9 @@ terraform { required_providers { azurerm = { - source = "registry.terraform.io/hashicorp/azurerm" - version = ">=3.11.0, <4.0" + source = "hashicorp/azurerm" + version = ">= 4.0, < 5.0" } } - required_version = ">=1.0" + required_version = ">= 1.5" }