Merge branch 'add_dependabot_config' of https://github.com/Azure/alz-…

…terraform-accelerator into add_dependabot_config

.github/ISSUE_TEMPLATE/config.yml

@@ -1 +1,2 @@
+---
 blank_issues_enabled: false

.github/linters/.yaml-lint.yml

@@ -0,0 +1,11 @@
+---
+extends: default
+
+rules:
+  # 200 chars should be enough, but don't fail if a line is longer
+  line-length:
+    max: 200
+    level: warning
+  truthy:
+    check-keys: false
+    level: warning

.github/workflows/docs-fmt-test.yml

@@ -0,0 +1,42 @@
+---
+name: Docs & fmt test
+
+on:
+  pull_request:
+    types: ['opened', 'reopened', 'synchronize']
+  merge_group:
+  workflow_dispatch:
+
+concurrency:
+  group: docsfmttest-${{ github.event.pull_request.head.repo.full_name }}/${{ github.head_ref || github.run_id }}
+  cancel-in-progress: true
+
+jobs:
+  docsfmttest:
+    name: Docs & fmt test
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Setup go
+        uses: actions/setup-go@v4
+        with:
+          go-version: '1.20.x'
+          cache-dependency-path: tests/go.sum
+
+      - name: Install tools
+        run: make tools
+
+      - name: Check fmt and docs
+        run: |
+          echo "==> Running make fmt & make docs"
+          make fmt
+          make docs
+          echo "==> Testing for changes to tracked files"
+          CHANGES=$(git status -suno)
+          if [ "$CHANGES" ]; then
+            echo "Repository formatting or documentation is not correct."
+            echo "Run 'make fmt && make docs' locally and commit the changes to fix."
+            exit 1
+          fi

.github/workflows/super-linter.yml

@@ -0,0 +1,49 @@
+---
+name: Linting
+on:
+  pull_request:
+    types: ['opened', 'synchronize']
+  merge_group:
+  workflow_dispatch:
+
+concurrency:
+  group: linting-${{ github.event.pull_request.head.repo.full_name }}/${{ github.head_ref || github.run_id }}
+  cancel-in-progress: true
+
+jobs:
+  superlinter:
+    name: super linter
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - name: Setup Terraform
+        uses: hashicorp/setup-terraform@v2
+        with:
+          terraform_version: latest
+          terraform_wrapper: false
+      - name: Run github/super-linter/slim
+        uses: github/super-linter/slim@v5
+        env:
+          # Lint all code
+          VALIDATE_ALL_CODEBASE: true
+          FILTER_REGEX_EXCLUDE: '.*tests/vendor/.*'
+          # Need to define main branch as default
+          # is set to master in super-linter
+          DEFAULT_BRANCH: main
+          # Enable setting the status of each individual linter
+          # run in the Checks section of a pull request
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          # The following linter types will be enabled:
+          VALIDATE_BASH: true
+          VALIDATE_BASH_EXEC: true
+          VALIDATE_GITHUB_ACTIONS: true
+          VALIDATE_JSON: true
+          VALIDATE_MARKDOWN: true
+          # VALIDATE_TERRAFORM_TERRASCAN: true # disabled for now as does not support TF 1.3 optional(type, default)
+          VALIDATE_TERRAFORM_TFLINT: true
+          VALIDATE_YAML: true
+          # VALIDATE_GO: true # Disabled because it down not work :(
+          # Additional settings:
+          # If a shell script is not executable, the bash-exec
+          # linter will report an error when set to true
+          ERROR_ON_MISSING_EXEC_BIT: true

.github/workflows/wiki-sync.yml

@@ -1,62 +1,62 @@
----
-    name: Docs/Wiki Sync
-    
-    # yamllint disable-line rule:truthy
-    on:
-      release:
-        types: [published]
-      workflow_dispatch: {}
-    
-    env:
-      wiki_source_repo: "${{ github.repository }}"
-      wiki_source_repo_dir: "${{ github.repository }}/docs/wiki"
-      wiki_target_repo: "${{ github.repository }}.wiki"
-      github_user_name: "github-actions"
-      github_email: "[email protected]"
-      github_commit_message: "GitHub Action syncing wiki from docs/wiki"
-    
-    jobs:
-      sync-wiki:
-        name: Sync Wiki
-        if: github.repository == 'Azure/alz-terraform-accelerator' || github.event_name == 'workflow_dispatch'
-        runs-on: ubuntu-latest
-        steps:
-          - name: Checkout Source Repo
-            uses: actions/checkout@v3
-            with:
-              repository: ${{ env.wiki_source_repo }}
-              path: ${{ env.wiki_source_repo }}
-    
-          - name: Checkout Wiki Repo
-            uses: actions/checkout@v3
-            with:
-              repository: ${{ env.wiki_target_repo }}
-              path: ${{ env.wiki_target_repo }}
-    
-          - name: Configure Local Git
-            run: |
-              git config --global user.name "$github_user_name"
-              git config --global user.email "$github_email"
-            working-directory: ${{ env.GITHUB_WORKSPACE }}
-    
-          - name: Sync docs/wiki Into Wiki Repo
-            run: |
-              rsync -avzr --delete --exclude='.git/' "$wiki_source_repo_dir/" "$wiki_target_repo"
-            working-directory: ${{ env.GITHUB_WORKSPACE }}
-    
-          - name: Check for changes
-            id: git_status
-            run: |
-              mapfile -t "CHECK_GIT_STATUS" < <(git status -s)
-              printf "%s\n" "${CHECK_GIT_STATUS[@]}"
-              echo "changes=${#CHECK_GIT_STATUS[@]}" >> "$GITHUB_OUTPUT"
-            working-directory: ${{ env.wiki_target_repo }}
-    
-          - name: Add files, commit and push into Wiki
-            if: steps.git_status.outputs.changes > 0
-            run: |
-              echo "Pushing changes to origin..."
-              git add .
-              git commit -m "$github_commit_message [$GITHUB_ACTOR/${GITHUB_SHA::8}]"
-              git push --set-upstream "https://[email protected]/$wiki_target_repo.git" master
-            working-directory: ${{ env.wiki_target_repo }}
+---
+name: Docs/Wiki Sync
+
+# yamllint disable-line rule:truthy
+on:
+  release:
+    types: [published]
+  workflow_dispatch:
+
+env:
+  wiki_source_repo: "${{ github.repository }}"
+  wiki_source_repo_dir: "${{ github.repository }}/docs/wiki"
+  wiki_target_repo: "${{ github.repository }}.wiki"
+  github_user_name: "github-actions"
+  github_email: "[email protected]"
+  github_commit_message: "GitHub Action syncing wiki from docs/wiki"
+
+jobs:
+  sync-wiki:
+    name: Sync Wiki
+    if: github.repository == 'Azure/alz-terraform-accelerator' || github.event_name == 'workflow_dispatch'
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Source Repo
+        uses: actions/checkout@v3
+        with:
+          repository: ${{ env.wiki_source_repo }}
+          path: ${{ env.wiki_source_repo }}
+
+      - name: Checkout Wiki Repo
+        uses: actions/checkout@v3
+        with:
+          repository: ${{ env.wiki_target_repo }}
+          path: ${{ env.wiki_target_repo }}
+
+      - name: Configure Local Git
+        run: |
+          git config --global user.name "$github_user_name"
+          git config --global user.email "$github_email"
+        working-directory: ${{ env.GITHUB_WORKSPACE }}
+
+      - name: Sync docs/wiki Into Wiki Repo
+        run: |
+          rsync -avzr --delete --exclude='.git/' "$wiki_source_repo_dir/" "$wiki_target_repo"
+        working-directory: ${{ env.GITHUB_WORKSPACE }}
+
+      - name: Check for changes
+        id: git_status
+        run: |
+          mapfile -t "CHECK_GIT_STATUS" < <(git status -s)
+          printf "%s\n" "${CHECK_GIT_STATUS[@]}"
+          echo "changes=${#CHECK_GIT_STATUS[@]}" >> "$GITHUB_OUTPUT"
+        working-directory: ${{ env.wiki_target_repo }}
+
+      - name: Add files, commit and push into Wiki
+        if: steps.git_status.outputs.changes > 0
+        run: |
+          echo "Pushing changes to origin..."
+          git add .
+          git commit -m "$github_commit_message [$GITHUB_ACTOR/${GITHUB_SHA::8}]"
+          git push --set-upstream "https://[email protected]/$wiki_target_repo.git" master
+        working-directory: ${{ env.wiki_target_repo }}

Makefile

@@ -0,0 +1,35 @@
+default:
+	@echo "==> Type make <thing> to run tasks"
+	@echo
+	@echo "Thing is one of:"
+	@echo "docs fmt fmtcheck tfclean tools"
+
+docs:
+	@echo "==> Updating documentation..."
+	find . | egrep "\.md" | grep -v README.md | sort | while read f; do terrafmt fmt $$f; done
+
+fmt:
+	@echo "==> Fixing Terraform code with terraform fmt..."
+	terraform fmt -recursive
+	@echo "==> Fixing embedded Terraform with terrafmt..."
+	find . | egrep "\.md|\.tf" | grep -v README.md | sort | while read f; do terrafmt fmt $$f; done
+
+fmtcheck:
+	@echo "==> Checking source code with gofmt..."
+	@sh "$(CURDIR)/scripts/gofmtcheck.sh"
+	@echo "==> Checking source code with terraform fmt..."
+	terraform fmt -check -recursive
+
+tfclean:
+	@echo "==> Cleaning terraform files..."
+	find . -type d -name '.terraform' | xargs rm -vrf
+	find . -type f -name 'tfplan' | xargs rm -vf
+	find . -type f -name 'terraform.tfstate*' | xargs rm -vf
+	find . -type f -name '.terraform.lock.hcl' | xargs rm -vf
+
+tools:
+	go install github.com/katbyte/terrafmt@latest
+
+# Makefile targets are files, but we aren't using it like this,
+# so have to declare PHONY targets
+.PHONY: docs fmt fmtcheck tfclean tools

README.md

@@ -33,7 +33,7 @@ Please refer to our [wiki](https://github.com/Azure/alz-terraform-accelerator/wi
 
 This project welcomes contributions and suggestions.  Most contributions require you to agree to a
 Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us
-the rights to use your contribution. For details, visit https://cla.opensource.microsoft.com.
+the rights to use your contribution. For details, visit [https://cla.opensource.microsoft.com](https://cla.opensource.microsoft.com).
 
 When you submit a pull request, a CLA bot will automatically determine whether you need to provide
 a CLA and decorate the PR appropriately (e.g., status check, comment). Simply follow the instructions

SECURITY.md

@@ -14,17 +14,17 @@ Instead, please report them to the Microsoft Security Response Center (MSRC) at
 
 If you prefer to submit without logging in, send email to [[email protected]](mailto:[email protected]).  If possible, encrypt your message with our PGP key; please download it from the [Microsoft Security Response Center PGP Key page](https://www.microsoft.com/en-us/msrc/pgp-key-msrc).
 
-You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Additional information can be found at [microsoft.com/msrc](https://www.microsoft.com/msrc). 
+You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Additional information can be found at [microsoft.com/msrc](https://www.microsoft.com/msrc).
 
 Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue:
 
-  * Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
-  * Full paths of source file(s) related to the manifestation of the issue
-  * The location of the affected source code (tag/branch/commit or direct URL)
-  * Any special configuration required to reproduce the issue
-  * Step-by-step instructions to reproduce the issue
-  * Proof-of-concept or exploit code (if possible)
-  * Impact of the issue, including how an attacker might exploit the issue
+* Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
+* Full paths of source file(s) related to the manifestation of the issue
+* The location of the affected source code (tag/branch/commit or direct URL)
+* Any special configuration required to reproduce the issue
+* Step-by-step instructions to reproduce the issue
+* Proof-of-concept or exploit code (if possible)
+* Impact of the issue, including how an attacker might exploit the issue
 
 This information will help us triage your report more quickly.
 
@@ -38,4 +38,4 @@ We prefer all communications to be in English.
 
 Microsoft follows the principle of [Coordinated Vulnerability Disclosure](https://www.microsoft.com/en-us/msrc/cvd).
 
-<!-- END MICROSOFT SECURITY.MD BLOCK -->
+<!-- END MICROSOFT SECURITY.MD BLOCK -->

SUPPORT.md

@@ -1,25 +1,11 @@
-# TODO: The maintainer of this repo has not yet edited this file
-
-**REPO OWNER**: Do you want Customer Service & Support (CSS) support for this product/project?
-
-- **No CSS support:** Fill out this template with information about how to file issues and get help.
-- **Yes CSS support:** Fill out an intake form at [aka.ms/spot](https://aka.ms/spot). CSS will work with/help you to determine next steps. More details also available at [aka.ms/onboardsupport](https://aka.ms/onboardsupport).
-- **Not sure?** Fill out a SPOT intake as though the answer were "Yes". CSS will help you decide.
-
-*Then remove this first heading from this SUPPORT.MD file before publishing your repo.*
-
-# Support
-
-## How to file issues and get help  
-
-This project uses GitHub Issues to track bugs and feature requests. Please search the existing 
-issues before filing new issues to avoid duplicates.  For new issues, file your bug or 
-feature request as a new Issue.
-
-For help and questions about using this project, please **REPO MAINTAINER: INSERT INSTRUCTIONS HERE 
-FOR HOW TO ENGAGE REPO OWNERS OR COMMUNITY FOR HELP. COULD BE A STACK OVERFLOW TAG OR OTHER
-CHANNEL. WHERE WILL YOU HELP PEOPLE?**.
-
-## Microsoft Support Policy  
-
-Support for this **PROJECT or PRODUCT** is limited to the resources listed above.
+# Support
+
+## How to file issues and get help  
+
+This project uses GitHub Issues to track bugs and feature requests. Please search the existing issues before filing new issues to avoid duplicates.  For new issues, file your bug or feature request as a new Issue.
+
+For help and questions about using this project, please raise an Issue.
+
+## Microsoft Support Policy
+
+Support for this project is limited to the resources listed above.

bootstrap/.config/ALZ-Powershell.config.json

@@ -90,7 +90,7 @@
         "azure_name" : {
             "Type": "Valid",
             "Description": "A valid Azure name e.g. 'my-azure-name'",
-            "Valid": "^[a-zA-Z0-9]{2,10}(-[a-zA-Z0-9]{2,10})?$"
+            "Valid": "^[a-zA-Z0-9]{2,10}(-[a-zA-Z0-9]{2,10}){0,1}(-[a-zA-Z0-9]{2,10})?$"
         },
         "azure_name_section" : {
             "Type": "Valid",
@@ -132,7 +132,7 @@
         "cidr_range" : {
             "Type": "Valid",
             "Description": "A valid CIDR range e.g '10.0.0.0/16'",
-            "Valid": "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(3[0-2]|[1-2][0-9]|[0-9]))$"
+            "Valid": "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(/(3[0-2]|[1-2][0-9]|[0-9]))$"
         }
     }
 }

bootstrap/azuredevops/locals.tf

@@ -1,4 +1,4 @@
-# Resource Name Setup
-locals {
-  resource_names = module.resource_names.resource_names
-}
+# Resource Name Setup
+locals {
+  resource_names = module.resource_names.resource_names
+}