diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml
index 7724649..920ab58 100644
--- a/.github/workflows/e2e.yml
+++ b/.github/workflows/e2e.yml
@@ -19,7 +19,7 @@
}
run-e2e-tests:
- if: github.event.repository.name != 'terraform-azurerm-avm-template' && github.event.pull_request.head.repo.fork == false
+ if: github.event.pull_request.head.repo.fork == false
uses: Azure/terraform-azurerm-avm-template/.github/workflows/test-examples-template.yml@main
name: end to end
secrets: inherit
diff --git a/.github/workflows/linting.yml b/.github/workflows/linting.yml
index 254164d..864db46 100644
--- a/.github/workflows/linting.yml
+++ b/.github/workflows/linting.yml
@@ -21,7 +21,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: checkout repository
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7
+ uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 #v4.2.2
- name: check docs
uses: Azure/terraform-azurerm-avm-template/.github/actions/docs-check@main
@@ -32,7 +32,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: checkout repository
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7
+ uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 #v4.2.2
- name: lint terraform
uses: Azure/terraform-azurerm-avm-template/.github/actions/linting@main
@@ -45,7 +45,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: checkout repository
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7
+ uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 #v4.2.2
- name: avmfix
uses: Azure/terraform-azurerm-avm-template/.github/actions/avmfix@main
diff --git a/.github/workflows/version-check.yml b/.github/workflows/version-check.yml
index c117502..8719641 100644
--- a/.github/workflows/version-check.yml
+++ b/.github/workflows/version-check.yml
@@ -16,7 +16,7 @@ jobs:
if: github.event.repository.name != 'terraform-azurerm-avm-template'
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7
+ - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 #v4.2.2
- name: Check version
uses: Azure/terraform-azurerm-avm-template/.github/actions/version-check@main
with:
diff --git a/README.md b/README.md
index 8d52edd..e59ddf8 100644
--- a/README.md
+++ b/README.md
@@ -1026,7 +1026,7 @@ Version: 0.3.1
Source: Azure/avm-res-network-virtualnetwork/azurerm
-Version: 0.4.0
+Version: 0.7.1
## Data Collection
diff --git a/examples/default/README.md b/examples/azure_devops_basic/README.md
similarity index 99%
rename from examples/default/README.md
rename to examples/azure_devops_basic/README.md
index bf9d99f..62dc2eb 100644
--- a/examples/default/README.md
+++ b/examples/azure_devops_basic/README.md
@@ -32,7 +32,7 @@ terraform {
required_providers {
azapi = {
source = "azure/azapi"
- version = "~> 1.14"
+ version = "~> 2.0"
}
azuredevops = {
source = "microsoft/azuredevops"
@@ -190,7 +190,7 @@ output "container_app_job_name" {
# Region helpers
module "regions" {
source = "Azure/avm-utl-regions/azurerm"
- version = "0.1.0"
+ version = "0.3.0"
}
resource "random_integer" "region_index" {
@@ -217,7 +217,7 @@ The following requirements are needed by this module:
- [terraform](#requirement\_terraform) (>= 1.9)
-- [azapi](#requirement\_azapi) (~> 1.14)
+- [azapi](#requirement\_azapi) (~> 2.0)
- [azuredevops](#requirement\_azuredevops) (~> 1.1)
@@ -308,7 +308,7 @@ Version: >= 0.3.0
Source: Azure/avm-utl-regions/azurerm
-Version: 0.1.0
+Version: 0.3.0
## Data Collection
diff --git a/examples/bring_your_own_vnet/_footer.md b/examples/azure_devops_basic/_footer.md
similarity index 100%
rename from examples/bring_your_own_vnet/_footer.md
rename to examples/azure_devops_basic/_footer.md
diff --git a/examples/default/_header.md b/examples/azure_devops_basic/_header.md
similarity index 100%
rename from examples/default/_header.md
rename to examples/azure_devops_basic/_header.md
diff --git a/examples/default/main.tf b/examples/azure_devops_basic/main.tf
similarity index 99%
rename from examples/default/main.tf
rename to examples/azure_devops_basic/main.tf
index 363088b..10a03fa 100644
--- a/examples/default/main.tf
+++ b/examples/azure_devops_basic/main.tf
@@ -26,7 +26,7 @@ terraform {
required_providers {
azapi = {
source = "azure/azapi"
- version = "~> 1.14"
+ version = "~> 2.0"
}
azuredevops = {
source = "microsoft/azuredevops"
@@ -184,7 +184,7 @@ output "container_app_job_name" {
# Region helpers
module "regions" {
source = "Azure/avm-utl-regions/azurerm"
- version = "0.1.0"
+ version = "0.3.0"
}
resource "random_integer" "region_index" {
diff --git a/examples/bring_your_own_vnet/pipeline.yml b/examples/azure_devops_basic/pipeline.yml
similarity index 100%
rename from examples/bring_your_own_vnet/pipeline.yml
rename to examples/azure_devops_basic/pipeline.yml
diff --git a/examples/bring_your_own_vnet/README.md b/examples/azure_devops_bring_your_own_vnet/README.md
similarity index 99%
rename from examples/bring_your_own_vnet/README.md
rename to examples/azure_devops_bring_your_own_vnet/README.md
index 7aaab76..290fde7 100644
--- a/examples/bring_your_own_vnet/README.md
+++ b/examples/azure_devops_bring_your_own_vnet/README.md
@@ -32,7 +32,7 @@ terraform {
required_providers {
azapi = {
source = "azure/azapi"
- version = "~> 1.14"
+ version = "~> 2.0"
}
azuredevops = {
source = "microsoft/azuredevops"
@@ -198,7 +198,7 @@ resource "azurerm_resource_group" "this" {
module "virtual_network" {
source = "Azure/avm-res-network-virtualnetwork/azurerm"
- version = "0.4.2"
+ version = "0.7.1"
name = "vnet-${random_string.name.result}"
resource_group_name = azurerm_resource_group.this.name
location = local.selected_region
@@ -246,7 +246,7 @@ output "container_app_job_name" {
# Region helpers
module "regions" {
source = "Azure/avm-utl-regions/azurerm"
- version = "0.1.0"
+ version = "0.3.0"
}
resource "random_integer" "region_index" {
@@ -273,7 +273,7 @@ The following requirements are needed by this module:
- [terraform](#requirement\_terraform) (>= 1.9)
-- [azapi](#requirement\_azapi) (~> 1.14)
+- [azapi](#requirement\_azapi) (~> 2.0)
- [azuredevops](#requirement\_azuredevops) (~> 1.1)
@@ -365,13 +365,13 @@ Version: >= 0.3.0
Source: Azure/avm-utl-regions/azurerm
-Version: 0.1.0
+Version: 0.3.0
### [virtual\_network](#module\_virtual\_network)
Source: Azure/avm-res-network-virtualnetwork/azurerm
-Version: 0.4.2
+Version: 0.7.1
## Data Collection
diff --git a/examples/default/_footer.md b/examples/azure_devops_bring_your_own_vnet/_footer.md
similarity index 100%
rename from examples/default/_footer.md
rename to examples/azure_devops_bring_your_own_vnet/_footer.md
diff --git a/examples/bring_your_own_vnet/_header.md b/examples/azure_devops_bring_your_own_vnet/_header.md
similarity index 100%
rename from examples/bring_your_own_vnet/_header.md
rename to examples/azure_devops_bring_your_own_vnet/_header.md
diff --git a/examples/bring_your_own_vnet/main.tf b/examples/azure_devops_bring_your_own_vnet/main.tf
similarity index 99%
rename from examples/bring_your_own_vnet/main.tf
rename to examples/azure_devops_bring_your_own_vnet/main.tf
index b19d2d9..6f9fa86 100644
--- a/examples/bring_your_own_vnet/main.tf
+++ b/examples/azure_devops_bring_your_own_vnet/main.tf
@@ -26,7 +26,7 @@ terraform {
required_providers {
azapi = {
source = "azure/azapi"
- version = "~> 1.14"
+ version = "~> 2.0"
}
azuredevops = {
source = "microsoft/azuredevops"
@@ -192,7 +192,7 @@ resource "azurerm_resource_group" "this" {
module "virtual_network" {
source = "Azure/avm-res-network-virtualnetwork/azurerm"
- version = "0.4.2"
+ version = "0.7.1"
name = "vnet-${random_string.name.result}"
resource_group_name = azurerm_resource_group.this.name
location = local.selected_region
@@ -240,7 +240,7 @@ output "container_app_job_name" {
# Region helpers
module "regions" {
source = "Azure/avm-utl-regions/azurerm"
- version = "0.1.0"
+ version = "0.3.0"
}
resource "random_integer" "region_index" {
diff --git a/examples/default/pipeline.yml b/examples/azure_devops_bring_your_own_vnet/pipeline.yml
similarity index 100%
rename from examples/default/pipeline.yml
rename to examples/azure_devops_bring_your_own_vnet/pipeline.yml
diff --git a/examples/azure_devops_bring_your_own_vnet_and_dns_zone/README.md b/examples/azure_devops_bring_your_own_vnet_and_dns_zone/README.md
new file mode 100644
index 0000000..36ec839
--- /dev/null
+++ b/examples/azure_devops_bring_your_own_vnet_and_dns_zone/README.md
@@ -0,0 +1,404 @@
+
+# Azure DevOps example with private networking and bring your own virtual network and DNS zone
+
+This example deploys Azure DevOps Agents to Azure Container Apps and Azure Container Instance using private networking and bring your own virtual network and DNS zone.
+
+```hcl
+variable "azure_devops_organization_name" {
+ type = string
+ description = "Azure DevOps Organisation Name"
+}
+
+variable "azure_devops_personal_access_token" {
+ type = string
+ description = "The personal access token used for agent authentication to Azure DevOps."
+ sensitive = true
+}
+
+variable "azure_devops_agents_personal_access_token" {
+ description = "Personal access token for Azure DevOps self-hosted agents (the token requires the 'Agent Pools - Read & Manage' scope and should have the maximum expiry)."
+ type = string
+ sensitive = true
+}
+
+locals {
+ tags = {
+ scenario = "default"
+ }
+}
+
+terraform {
+ required_version = ">= 1.9"
+ required_providers {
+ azapi = {
+ source = "azure/azapi"
+ version = "~> 2.0"
+ }
+ azuredevops = {
+ source = "microsoft/azuredevops"
+ version = "~> 1.1"
+ }
+ azurerm = {
+ source = "hashicorp/azurerm"
+ version = "~> 3.113"
+ }
+ random = {
+ source = "hashicorp/random"
+ version = "~> 3.5"
+ }
+ }
+}
+
+provider "azurerm" {
+ features {}
+}
+
+locals {
+ azure_devops_organization_url = "https://dev.azure.com/${var.azure_devops_organization_name}"
+}
+
+provider "azuredevops" {
+ personal_access_token = var.azure_devops_personal_access_token
+ org_service_url = local.azure_devops_organization_url
+}
+
+resource "random_string" "name" {
+ length = 6
+ numeric = true
+ special = false
+ upper = false
+}
+
+module "naming" {
+ source = "Azure/naming/azurerm"
+ version = ">= 0.3.0"
+}
+
+resource "azuredevops_project" "this" {
+ name = random_string.name.result
+}
+
+resource "azuredevops_agent_pool" "this" {
+ name = random_string.name.result
+ auto_provision = false
+ auto_update = true
+}
+
+resource "azuredevops_agent_queue" "this" {
+ project_id = azuredevops_project.this.id
+ agent_pool_id = azuredevops_agent_pool.this.id
+}
+
+locals {
+ default_branch = "refs/heads/main"
+ pipeline_file = "pipeline.yml"
+ repository_name = "example-repo"
+}
+
+resource "azuredevops_git_repository" "this" {
+ project_id = azuredevops_project.this.id
+ name = local.repository_name
+ default_branch = local.default_branch
+ initialization {
+ init_type = "Clean"
+ }
+}
+
+resource "azuredevops_git_repository_file" "this" {
+ repository_id = azuredevops_git_repository.this.id
+ file = local.pipeline_file
+ content = templatefile("${path.module}/${local.pipeline_file}", {
+ agent_pool_name = azuredevops_agent_pool.this.name
+ })
+ branch = local.default_branch
+ commit_message = "[skip ci]"
+ overwrite_on_create = true
+}
+
+resource "azuredevops_build_definition" "this" {
+ project_id = azuredevops_project.this.id
+ name = "Example Build Definition"
+
+ ci_trigger {
+ use_yaml = true
+ }
+
+ repository {
+ repo_type = "TfsGit"
+ repo_id = azuredevops_git_repository.this.id
+ branch_name = azuredevops_git_repository.this.default_branch
+ yml_path = local.pipeline_file
+ }
+}
+
+resource "azuredevops_pipeline_authorization" "this" {
+ project_id = azuredevops_project.this.id
+ resource_id = azuredevops_agent_queue.this.id
+ type = "queue"
+ pipeline_id = azuredevops_build_definition.this.id
+}
+
+locals {
+ resource_providers_to_register = {
+ dev_center = {
+ resource_provider = "Microsoft.App"
+ }
+ }
+}
+
+data "azurerm_client_config" "this" {}
+
+resource "azapi_resource_action" "resource_provider_registration" {
+ for_each = local.resource_providers_to_register
+
+ resource_id = "/subscriptions/${data.azurerm_client_config.this.subscription_id}"
+ type = "Microsoft.Resources/subscriptions@2021-04-01"
+ action = "providers/${each.value.resource_provider}/register"
+ method = "POST"
+}
+
+locals {
+ subnets = {
+ container_registry_private_endpoint = {
+ name = "subnet-container-registry-private-endpoint"
+ address_prefix = "10.0.0.0/29"
+ }
+ container_app = {
+ name = "subnet-container-app"
+ address_prefix = "10.0.1.0/27"
+ delegation = [
+ {
+ name = "Microsoft.App/environments"
+ service_delegation = {
+ name = "Microsoft.App/environments"
+ }
+ }
+ ]
+ }
+ container_instance = {
+ name = "subnet-container-instance"
+ address_prefix = "10.0.2.0/28"
+ delegation = [
+ {
+ name = "Microsoft.ContainerInstance/containerGroups"
+ service_delegation = {
+ name = "Microsoft.ContainerInstance/containerGroups"
+ }
+ }
+ ]
+ }
+ }
+ virtual_network_address_space = "10.0.0.0/16"
+}
+
+resource "azurerm_resource_group" "this" {
+ location = local.selected_region
+ name = "rg-${random_string.name.result}"
+}
+
+module "virtual_network" {
+ source = "Azure/avm-res-network-virtualnetwork/azurerm"
+ version = "0.7.1"
+ name = "vnet-${random_string.name.result}"
+ resource_group_name = azurerm_resource_group.this.name
+ location = local.selected_region
+ address_space = [local.virtual_network_address_space]
+ subnets = local.subnets
+}
+
+resource "azurerm_private_dns_zone" "container_registry" {
+ name = "privatelink.azurecr.io"
+ resource_group_name = azurerm_resource_group.this.name
+}
+
+resource "azurerm_private_dns_zone_virtual_network_link" "container_registry" {
+ name = "privatelink.azurecr.io"
+ private_dns_zone_name = azurerm_private_dns_zone.container_registry.name
+ resource_group_name = azurerm_resource_group.this.name
+ virtual_network_id = module.virtual_network.resource_id
+ tags = local.tags
+}
+
+# This is the module call
+module "azure_devops_agents" {
+ source = "../.."
+ postfix = random_string.name.result
+ location = local.selected_region
+
+ compute_types = ["azure_container_app", "azure_container_instance"]
+
+ version_control_system_type = "azuredevops"
+ version_control_system_personal_access_token = var.azure_devops_agents_personal_access_token
+ version_control_system_organization = local.azure_devops_organization_url
+ version_control_system_pool_name = azuredevops_agent_pool.this.name
+
+ virtual_network_creation_enabled = false
+ virtual_network_id = module.virtual_network.resource_id
+
+ resource_group_creation_enabled = false
+ resource_group_name = azurerm_resource_group.this.name
+
+ container_app_subnet_id = module.virtual_network.subnets["container_app"].resource_id
+ container_instance_subnet_id = module.virtual_network.subnets["container_instance"].resource_id
+
+ container_registry_private_dns_zone_creation_enabled = false
+ container_registry_dns_zone_id = azurerm_private_dns_zone.container_registry.id
+ container_registry_private_endpoint_subnet_id = module.virtual_network.subnets["container_registry_private_endpoint"].resource_id
+
+ tags = local.tags
+ depends_on = [azuredevops_pipeline_authorization.this, azurerm_private_dns_zone_virtual_network_link.container_registry]
+}
+
+output "container_app_environment_resource_id" {
+ value = module.azure_devops_agents.resource_id
+}
+
+output "container_app_environment_name" {
+ value = module.azure_devops_agents.name
+}
+
+output "container_app_job_resource_id" {
+ value = module.azure_devops_agents.job_resource_id
+}
+
+output "container_app_job_name" {
+ value = module.azure_devops_agents.job_name
+}
+
+# Region helpers
+module "regions" {
+ source = "Azure/avm-utl-regions/azurerm"
+ version = "0.3.0"
+}
+
+resource "random_integer" "region_index" {
+ max = length(local.regions) - 1
+ min = 0
+}
+
+locals {
+ excluded_regions = [
+ "westeurope" # Capacity issues
+ ]
+ included_regions = [
+ "northcentralusstage", "westus2", "southeastasia", "canadacentral", "westeurope", "northeurope", "eastus", "eastus2", "eastasia", "australiaeast", "germanywestcentral", "japaneast", "uksouth", "westus", "centralus", "northcentralus", "southcentralus", "koreacentral", "brazilsouth", "westus3", "francecentral", "southafricanorth", "norwayeast", "switzerlandnorth", "uaenorth", "canadaeast", "westcentralus", "ukwest", "centralindia", "italynorth", "polandcentral", "southindia"
+ ]
+ regions = [for region in module.regions.regions : region.name if !contains(local.excluded_regions, region.name) && contains(local.included_regions, region.name)]
+ selected_region = local.regions[random_integer.region_index.result]
+}
+```
+
+
+## Requirements
+
+The following requirements are needed by this module:
+
+- [terraform](#requirement\_terraform) (>= 1.9)
+
+- [azapi](#requirement\_azapi) (~> 2.0)
+
+- [azuredevops](#requirement\_azuredevops) (~> 1.1)
+
+- [azurerm](#requirement\_azurerm) (~> 3.113)
+
+- [random](#requirement\_random) (~> 3.5)
+
+## Resources
+
+The following resources are used by this module:
+
+- [azapi_resource_action.resource_provider_registration](https://registry.terraform.io/providers/azure/azapi/latest/docs/resources/resource_action) (resource)
+- [azuredevops_agent_pool.this](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/resources/agent_pool) (resource)
+- [azuredevops_agent_queue.this](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/resources/agent_queue) (resource)
+- [azuredevops_build_definition.this](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/resources/build_definition) (resource)
+- [azuredevops_git_repository.this](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/resources/git_repository) (resource)
+- [azuredevops_git_repository_file.this](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/resources/git_repository_file) (resource)
+- [azuredevops_pipeline_authorization.this](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/resources/pipeline_authorization) (resource)
+- [azuredevops_project.this](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/resources/project) (resource)
+- [azurerm_private_dns_zone.container_registry](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_zone) (resource)
+- [azurerm_private_dns_zone_virtual_network_link.container_registry](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_zone_virtual_network_link) (resource)
+- [azurerm_resource_group.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) (resource)
+- [random_integer.region_index](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/integer) (resource)
+- [random_string.name](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/string) (resource)
+- [azurerm_client_config.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/client_config) (data source)
+
+
+## Required Inputs
+
+The following input variables are required:
+
+### [azure\_devops\_agents\_personal\_access\_token](#input\_azure\_devops\_agents\_personal\_access\_token)
+
+Description: Personal access token for Azure DevOps self-hosted agents (the token requires the 'Agent Pools - Read & Manage' scope and should have the maximum expiry).
+
+Type: `string`
+
+### [azure\_devops\_organization\_name](#input\_azure\_devops\_organization\_name)
+
+Description: Azure DevOps Organisation Name
+
+Type: `string`
+
+### [azure\_devops\_personal\_access\_token](#input\_azure\_devops\_personal\_access\_token)
+
+Description: The personal access token used for agent authentication to Azure DevOps.
+
+Type: `string`
+
+## Optional Inputs
+
+No optional inputs.
+
+## Outputs
+
+The following outputs are exported:
+
+### [container\_app\_environment\_name](#output\_container\_app\_environment\_name)
+
+Description: n/a
+
+### [container\_app\_environment\_resource\_id](#output\_container\_app\_environment\_resource\_id)
+
+Description: n/a
+
+### [container\_app\_job\_name](#output\_container\_app\_job\_name)
+
+Description: n/a
+
+### [container\_app\_job\_resource\_id](#output\_container\_app\_job\_resource\_id)
+
+Description: n/a
+
+## Modules
+
+The following Modules are called:
+
+### [azure\_devops\_agents](#module\_azure\_devops\_agents)
+
+Source: ../..
+
+Version:
+
+### [naming](#module\_naming)
+
+Source: Azure/naming/azurerm
+
+Version: >= 0.3.0
+
+### [regions](#module\_regions)
+
+Source: Azure/avm-utl-regions/azurerm
+
+Version: 0.3.0
+
+### [virtual\_network](#module\_virtual\_network)
+
+Source: Azure/avm-res-network-virtualnetwork/azurerm
+
+Version: 0.7.1
+
+
+## Data Collection
+
+The software may collect information about you and your use of the software and send it to Microsoft. Microsoft may use this information to provide services and improve our products and services. You may turn off the telemetry as described in the repository. There are also some features in the software that may enable you and Microsoft to collect data from users of your applications. If you use these features, you must comply with applicable law, including providing appropriate notices to users of your applications together with a copy of Microsoft’s privacy statement. Our privacy statement is located at . You can learn more about data collection and use in the help documentation and our privacy statement. Your use of the software operates as your consent to these practices.
+
\ No newline at end of file
diff --git a/examples/azure_devops_bring_your_own_vnet_and_dns_zone/_footer.md b/examples/azure_devops_bring_your_own_vnet_and_dns_zone/_footer.md
new file mode 100644
index 0000000..bc56bcb
--- /dev/null
+++ b/examples/azure_devops_bring_your_own_vnet_and_dns_zone/_footer.md
@@ -0,0 +1,4 @@
+
+## Data Collection
+
+The software may collect information about you and your use of the software and send it to Microsoft. Microsoft may use this information to provide services and improve our products and services. You may turn off the telemetry as described in the repository. There are also some features in the software that may enable you and Microsoft to collect data from users of your applications. If you use these features, you must comply with applicable law, including providing appropriate notices to users of your applications together with a copy of Microsoft’s privacy statement. Our privacy statement is located at . You can learn more about data collection and use in the help documentation and our privacy statement. Your use of the software operates as your consent to these practices.
diff --git a/examples/azure_devops_bring_your_own_vnet_and_dns_zone/_header.md b/examples/azure_devops_bring_your_own_vnet_and_dns_zone/_header.md
new file mode 100644
index 0000000..f4cd571
--- /dev/null
+++ b/examples/azure_devops_bring_your_own_vnet_and_dns_zone/_header.md
@@ -0,0 +1,3 @@
+# Azure DevOps example with private networking and bring your own virtual network and DNS zone
+
+This example deploys Azure DevOps Agents to Azure Container Apps and Azure Container Instance using private networking and bring your own virtual network and DNS zone.
diff --git a/examples/azure_devops_bring_your_own_vnet_and_dns_zone/main.tf b/examples/azure_devops_bring_your_own_vnet_and_dns_zone/main.tf
new file mode 100644
index 0000000..349ee50
--- /dev/null
+++ b/examples/azure_devops_bring_your_own_vnet_and_dns_zone/main.tf
@@ -0,0 +1,282 @@
+variable "azure_devops_organization_name" {
+ type = string
+ description = "Azure DevOps Organisation Name"
+}
+
+variable "azure_devops_personal_access_token" {
+ type = string
+ description = "The personal access token used for agent authentication to Azure DevOps."
+ sensitive = true
+}
+
+variable "azure_devops_agents_personal_access_token" {
+ description = "Personal access token for Azure DevOps self-hosted agents (the token requires the 'Agent Pools - Read & Manage' scope and should have the maximum expiry)."
+ type = string
+ sensitive = true
+}
+
+locals {
+ tags = {
+ scenario = "default"
+ }
+}
+
+terraform {
+ required_version = ">= 1.9"
+ required_providers {
+ azapi = {
+ source = "azure/azapi"
+ version = "~> 2.0"
+ }
+ azuredevops = {
+ source = "microsoft/azuredevops"
+ version = "~> 1.1"
+ }
+ azurerm = {
+ source = "hashicorp/azurerm"
+ version = "~> 3.113"
+ }
+ random = {
+ source = "hashicorp/random"
+ version = "~> 3.5"
+ }
+ }
+}
+
+provider "azurerm" {
+ features {}
+}
+
+locals {
+ azure_devops_organization_url = "https://dev.azure.com/${var.azure_devops_organization_name}"
+}
+
+provider "azuredevops" {
+ personal_access_token = var.azure_devops_personal_access_token
+ org_service_url = local.azure_devops_organization_url
+}
+
+resource "random_string" "name" {
+ length = 6
+ numeric = true
+ special = false
+ upper = false
+}
+
+module "naming" {
+ source = "Azure/naming/azurerm"
+ version = ">= 0.3.0"
+}
+
+resource "azuredevops_project" "this" {
+ name = random_string.name.result
+}
+
+resource "azuredevops_agent_pool" "this" {
+ name = random_string.name.result
+ auto_provision = false
+ auto_update = true
+}
+
+resource "azuredevops_agent_queue" "this" {
+ project_id = azuredevops_project.this.id
+ agent_pool_id = azuredevops_agent_pool.this.id
+}
+
+locals {
+ default_branch = "refs/heads/main"
+ pipeline_file = "pipeline.yml"
+ repository_name = "example-repo"
+}
+
+resource "azuredevops_git_repository" "this" {
+ project_id = azuredevops_project.this.id
+ name = local.repository_name
+ default_branch = local.default_branch
+ initialization {
+ init_type = "Clean"
+ }
+}
+
+resource "azuredevops_git_repository_file" "this" {
+ repository_id = azuredevops_git_repository.this.id
+ file = local.pipeline_file
+ content = templatefile("${path.module}/${local.pipeline_file}", {
+ agent_pool_name = azuredevops_agent_pool.this.name
+ })
+ branch = local.default_branch
+ commit_message = "[skip ci]"
+ overwrite_on_create = true
+}
+
+resource "azuredevops_build_definition" "this" {
+ project_id = azuredevops_project.this.id
+ name = "Example Build Definition"
+
+ ci_trigger {
+ use_yaml = true
+ }
+
+ repository {
+ repo_type = "TfsGit"
+ repo_id = azuredevops_git_repository.this.id
+ branch_name = azuredevops_git_repository.this.default_branch
+ yml_path = local.pipeline_file
+ }
+}
+
+resource "azuredevops_pipeline_authorization" "this" {
+ project_id = azuredevops_project.this.id
+ resource_id = azuredevops_agent_queue.this.id
+ type = "queue"
+ pipeline_id = azuredevops_build_definition.this.id
+}
+
+locals {
+ resource_providers_to_register = {
+ dev_center = {
+ resource_provider = "Microsoft.App"
+ }
+ }
+}
+
+data "azurerm_client_config" "this" {}
+
+resource "azapi_resource_action" "resource_provider_registration" {
+ for_each = local.resource_providers_to_register
+
+ resource_id = "/subscriptions/${data.azurerm_client_config.this.subscription_id}"
+ type = "Microsoft.Resources/subscriptions@2021-04-01"
+ action = "providers/${each.value.resource_provider}/register"
+ method = "POST"
+}
+
+locals {
+ subnets = {
+ container_registry_private_endpoint = {
+ name = "subnet-container-registry-private-endpoint"
+ address_prefix = "10.0.0.0/29"
+ }
+ container_app = {
+ name = "subnet-container-app"
+ address_prefix = "10.0.1.0/27"
+ delegation = [
+ {
+ name = "Microsoft.App/environments"
+ service_delegation = {
+ name = "Microsoft.App/environments"
+ }
+ }
+ ]
+ }
+ container_instance = {
+ name = "subnet-container-instance"
+ address_prefix = "10.0.2.0/28"
+ delegation = [
+ {
+ name = "Microsoft.ContainerInstance/containerGroups"
+ service_delegation = {
+ name = "Microsoft.ContainerInstance/containerGroups"
+ }
+ }
+ ]
+ }
+ }
+ virtual_network_address_space = "10.0.0.0/16"
+}
+
+resource "azurerm_resource_group" "this" {
+ location = local.selected_region
+ name = "rg-${random_string.name.result}"
+}
+
+module "virtual_network" {
+ source = "Azure/avm-res-network-virtualnetwork/azurerm"
+ version = "0.7.1"
+ name = "vnet-${random_string.name.result}"
+ resource_group_name = azurerm_resource_group.this.name
+ location = local.selected_region
+ address_space = [local.virtual_network_address_space]
+ subnets = local.subnets
+}
+
+resource "azurerm_private_dns_zone" "container_registry" {
+ name = "privatelink.azurecr.io"
+ resource_group_name = azurerm_resource_group.this.name
+}
+
+resource "azurerm_private_dns_zone_virtual_network_link" "container_registry" {
+ name = "privatelink.azurecr.io"
+ private_dns_zone_name = azurerm_private_dns_zone.container_registry.name
+ resource_group_name = azurerm_resource_group.this.name
+ virtual_network_id = module.virtual_network.resource_id
+ tags = local.tags
+}
+
+# This is the module call
+module "azure_devops_agents" {
+ source = "../.."
+ postfix = random_string.name.result
+ location = local.selected_region
+
+ compute_types = ["azure_container_app", "azure_container_instance"]
+
+ version_control_system_type = "azuredevops"
+ version_control_system_personal_access_token = var.azure_devops_agents_personal_access_token
+ version_control_system_organization = local.azure_devops_organization_url
+ version_control_system_pool_name = azuredevops_agent_pool.this.name
+
+ virtual_network_creation_enabled = false
+ virtual_network_id = module.virtual_network.resource_id
+
+ resource_group_creation_enabled = false
+ resource_group_name = azurerm_resource_group.this.name
+
+ container_app_subnet_id = module.virtual_network.subnets["container_app"].resource_id
+ container_instance_subnet_id = module.virtual_network.subnets["container_instance"].resource_id
+
+ container_registry_private_dns_zone_creation_enabled = false
+ container_registry_dns_zone_id = azurerm_private_dns_zone.container_registry.id
+ container_registry_private_endpoint_subnet_id = module.virtual_network.subnets["container_registry_private_endpoint"].resource_id
+
+ tags = local.tags
+ depends_on = [azuredevops_pipeline_authorization.this, azurerm_private_dns_zone_virtual_network_link.container_registry]
+}
+
+output "container_app_environment_resource_id" {
+ value = module.azure_devops_agents.resource_id
+}
+
+output "container_app_environment_name" {
+ value = module.azure_devops_agents.name
+}
+
+output "container_app_job_resource_id" {
+ value = module.azure_devops_agents.job_resource_id
+}
+
+output "container_app_job_name" {
+ value = module.azure_devops_agents.job_name
+}
+
+# Region helpers
+module "regions" {
+ source = "Azure/avm-utl-regions/azurerm"
+ version = "0.3.0"
+}
+
+resource "random_integer" "region_index" {
+ max = length(local.regions) - 1
+ min = 0
+}
+
+locals {
+ excluded_regions = [
+ "westeurope" # Capacity issues
+ ]
+ included_regions = [
+ "northcentralusstage", "westus2", "southeastasia", "canadacentral", "westeurope", "northeurope", "eastus", "eastus2", "eastasia", "australiaeast", "germanywestcentral", "japaneast", "uksouth", "westus", "centralus", "northcentralus", "southcentralus", "koreacentral", "brazilsouth", "westus3", "francecentral", "southafricanorth", "norwayeast", "switzerlandnorth", "uaenorth", "canadaeast", "westcentralus", "ukwest", "centralindia", "italynorth", "polandcentral", "southindia"
+ ]
+ regions = [for region in module.regions.regions : region.name if !contains(local.excluded_regions, region.name) && contains(local.included_regions, region.name)]
+ selected_region = local.regions[random_integer.region_index.result]
+}
diff --git a/examples/azure_devops_bring_your_own_vnet_and_dns_zone/pipeline.yml b/examples/azure_devops_bring_your_own_vnet_and_dns_zone/pipeline.yml
new file mode 100644
index 0000000..78b11ff
--- /dev/null
+++ b/examples/azure_devops_bring_your_own_vnet_and_dns_zone/pipeline.yml
@@ -0,0 +1,8 @@
+trigger:
+- main
+
+pool: ${agent_pool_name}
+
+steps:
+- script: echo Hello, world!
+ displayName: 'Run a one-line script'
\ No newline at end of file
diff --git a/examples/azure_devops_container_instance/README.md b/examples/azure_devops_container_instance/README.md
index ee12cc6..273a65a 100644
--- a/examples/azure_devops_container_instance/README.md
+++ b/examples/azure_devops_container_instance/README.md
@@ -160,7 +160,7 @@ output "container_instance_names" {
# Region helpers
module "regions" {
source = "Azure/avm-utl-regions/azurerm"
- version = "0.1.0"
+ version = "0.3.0"
}
resource "random_integer" "region_index" {
@@ -266,7 +266,7 @@ Version: >= 0.3.0
Source: Azure/avm-utl-regions/azurerm
-Version: 0.1.0
+Version: 0.3.0
## Data Collection
diff --git a/examples/azure_devops_container_instance/main.tf b/examples/azure_devops_container_instance/main.tf
index 538b9ba..1b4a0a9 100644
--- a/examples/azure_devops_container_instance/main.tf
+++ b/examples/azure_devops_container_instance/main.tf
@@ -154,7 +154,7 @@ output "container_instance_names" {
# Region helpers
module "regions" {
source = "Azure/avm-utl-regions/azurerm"
- version = "0.1.0"
+ version = "0.3.0"
}
resource "random_integer" "region_index" {
diff --git a/examples/azure_devops_public_networking/README.md b/examples/azure_devops_public_networking/README.md
index e048bb1..0838606 100644
--- a/examples/azure_devops_public_networking/README.md
+++ b/examples/azure_devops_public_networking/README.md
@@ -32,7 +32,7 @@ terraform {
required_providers {
azapi = {
source = "azure/azapi"
- version = "~> 1.14"
+ version = "~> 2.0"
}
azuredevops = {
source = "microsoft/azuredevops"
@@ -190,7 +190,7 @@ output "container_app_job_name" {
# Region helpers
module "regions" {
source = "Azure/avm-utl-regions/azurerm"
- version = "0.1.0"
+ version = "0.3.0"
}
resource "random_integer" "region_index" {
@@ -217,7 +217,7 @@ The following requirements are needed by this module:
- [terraform](#requirement\_terraform) (>= 1.9)
-- [azapi](#requirement\_azapi) (~> 1.14)
+- [azapi](#requirement\_azapi) (~> 2.0)
- [azuredevops](#requirement\_azuredevops) (~> 1.1)
@@ -308,7 +308,7 @@ Version: >= 0.3.0
Source: Azure/avm-utl-regions/azurerm
-Version: 0.1.0
+Version: 0.3.0
## Data Collection
diff --git a/examples/azure_devops_public_networking/main.tf b/examples/azure_devops_public_networking/main.tf
index a7e0538..c394518 100644
--- a/examples/azure_devops_public_networking/main.tf
+++ b/examples/azure_devops_public_networking/main.tf
@@ -26,7 +26,7 @@ terraform {
required_providers {
azapi = {
source = "azure/azapi"
- version = "~> 1.14"
+ version = "~> 2.0"
}
azuredevops = {
source = "microsoft/azuredevops"
@@ -184,7 +184,7 @@ output "container_app_job_name" {
# Region helpers
module "regions" {
source = "Azure/avm-utl-regions/azurerm"
- version = "0.1.0"
+ version = "0.3.0"
}
resource "random_integer" "region_index" {
diff --git a/examples/github_basic/README.md b/examples/github_basic/README.md
index 3d6ad2d..30f5423 100644
--- a/examples/github_basic/README.md
+++ b/examples/github_basic/README.md
@@ -32,7 +32,7 @@ terraform {
required_providers {
azapi = {
source = "azure/azapi"
- version = "~> 1.14"
+ version = "~> 2.0"
}
azurerm = {
source = "hashicorp/azurerm"
@@ -137,7 +137,7 @@ module "github_runners" {
# Region helpers
module "regions" {
source = "Azure/avm-utl-regions/azurerm"
- version = "0.1.0"
+ version = "0.3.0"
}
resource "random_integer" "region_index" {
@@ -164,7 +164,7 @@ The following requirements are needed by this module:
- [terraform](#requirement\_terraform) (>= 1.9)
-- [azapi](#requirement\_azapi) (~> 1.14)
+- [azapi](#requirement\_azapi) (~> 2.0)
- [azurerm](#requirement\_azurerm) (~> 3.113)
@@ -235,7 +235,7 @@ Version: >= 0.3.0
Source: Azure/avm-utl-regions/azurerm
-Version: 0.1.0
+Version: 0.3.0
## Data Collection
diff --git a/examples/github_basic/main.tf b/examples/github_basic/main.tf
index 0070653..b6b5c85 100644
--- a/examples/github_basic/main.tf
+++ b/examples/github_basic/main.tf
@@ -26,7 +26,7 @@ terraform {
required_providers {
azapi = {
source = "azure/azapi"
- version = "~> 1.14"
+ version = "~> 2.0"
}
azurerm = {
source = "hashicorp/azurerm"
@@ -131,7 +131,7 @@ module "github_runners" {
# Region helpers
module "regions" {
source = "Azure/avm-utl-regions/azurerm"
- version = "0.1.0"
+ version = "0.3.0"
}
resource "random_integer" "region_index" {
diff --git a/examples/github_bring_your_own_vnet_and_dns_zone/README.md b/examples/github_bring_your_own_vnet_and_dns_zone/README.md
new file mode 100644
index 0000000..2f423ff
--- /dev/null
+++ b/examples/github_bring_your_own_vnet_and_dns_zone/README.md
@@ -0,0 +1,362 @@
+
+# GitHub example with private networking and bring your own virtual network and DNS zone
+
+This example deploys GitHub Runners to Azure Container Apps and Azure Container Instance using private networking and bring your own virtual network and DNS zone.
+
+```hcl
+variable "github_organization_name" {
+ type = string
+ description = "GitHub Organisation Name"
+}
+
+variable "github_personal_access_token" {
+ type = string
+ description = "The personal access token used for authentication to GitHub."
+ sensitive = true
+}
+
+variable "github_runners_personal_access_token" {
+ description = "Personal access token for GitHub self-hosted runners (the token requires the 'repo' scope and should not expire)."
+ type = string
+ sensitive = true
+}
+
+locals {
+ tags = {
+ scenario = "default"
+ }
+}
+
+terraform {
+ required_version = ">= 1.9"
+ required_providers {
+ azapi = {
+ source = "azure/azapi"
+ version = "~> 2.0"
+ }
+ azurerm = {
+ source = "hashicorp/azurerm"
+ version = "~> 3.113"
+ }
+ github = {
+ source = "integrations/github"
+ version = "~> 5.36"
+ }
+ random = {
+ source = "hashicorp/random"
+ version = "~> 3.5"
+ }
+ }
+}
+
+provider "azurerm" {
+ features {}
+}
+
+provider "github" {
+ token = var.github_personal_access_token
+ owner = var.github_organization_name
+}
+
+resource "random_string" "name" {
+ length = 6
+ numeric = true
+ special = false
+ upper = false
+}
+
+module "naming" {
+ source = "Azure/naming/azurerm"
+ version = ">= 0.3.0"
+}
+data "github_organization" "alz" {
+ name = var.github_organization_name
+}
+
+locals {
+ action_file = "action.yml"
+ default_commit_email = "demo@microsoft.com"
+ free_plan = "free"
+}
+
+resource "github_repository" "this" {
+ name = random_string.name.result
+ description = random_string.name.result
+ auto_init = true
+ visibility = data.github_organization.alz.plan == local.free_plan ? "public" : "private"
+ allow_update_branch = true
+ allow_merge_commit = false
+ allow_rebase_merge = false
+ vulnerability_alerts = true
+}
+
+resource "github_repository_file" "this" {
+ repository = github_repository.this.name
+ file = ".github/workflows/${local.action_file}"
+ content = file("${path.module}/${local.action_file}")
+ commit_author = local.default_commit_email
+ commit_email = local.default_commit_email
+ commit_message = "Add ${local.action_file} [skip ci]"
+ overwrite_on_create = true
+}
+
+locals {
+ resource_providers_to_register = {
+ dev_center = {
+ resource_provider = "Microsoft.App"
+ }
+ }
+}
+
+data "azurerm_client_config" "this" {}
+
+resource "azapi_resource_action" "resource_provider_registration" {
+ for_each = local.resource_providers_to_register
+
+ resource_id = "/subscriptions/${data.azurerm_client_config.this.subscription_id}"
+ type = "Microsoft.Resources/subscriptions@2021-04-01"
+ action = "providers/${each.value.resource_provider}/register"
+ method = "POST"
+}
+
+locals {
+ subnets = {
+ container_registry_private_endpoint = {
+ name = "subnet-container-registry-private-endpoint"
+ address_prefix = "10.0.0.0/29"
+ }
+ container_app = {
+ name = "subnet-container-app"
+ address_prefix = "10.0.1.0/27"
+ delegation = [
+ {
+ name = "Microsoft.App/environments"
+ service_delegation = {
+ name = "Microsoft.App/environments"
+ }
+ }
+ ]
+ }
+ container_instance = {
+ name = "subnet-container-instance"
+ address_prefix = "10.0.2.0/28"
+ delegation = [
+ {
+ name = "Microsoft.ContainerInstance/containerGroups"
+ service_delegation = {
+ name = "Microsoft.ContainerInstance/containerGroups"
+ }
+ }
+ ]
+ }
+ }
+ virtual_network_address_space = "10.0.0.0/16"
+}
+
+resource "azurerm_resource_group" "this" {
+ location = local.selected_region
+ name = "rg-${random_string.name.result}"
+}
+
+module "virtual_network" {
+ source = "Azure/avm-res-network-virtualnetwork/azurerm"
+ version = "0.7.1"
+ name = "vnet-${random_string.name.result}"
+ resource_group_name = azurerm_resource_group.this.name
+ location = local.selected_region
+ address_space = [local.virtual_network_address_space]
+ subnets = local.subnets
+}
+
+resource "azurerm_private_dns_zone" "container_registry" {
+ name = "privatelink.azurecr.io"
+ resource_group_name = azurerm_resource_group.this.name
+}
+
+resource "azurerm_private_dns_zone_virtual_network_link" "container_registry" {
+ name = "privatelink.azurecr.io"
+ private_dns_zone_name = azurerm_private_dns_zone.container_registry.name
+ resource_group_name = azurerm_resource_group.this.name
+ virtual_network_id = module.virtual_network.resource_id
+ tags = local.tags
+}
+
+# This is the module call
+module "azure_devops_agents" {
+ source = "../.."
+ postfix = random_string.name.result
+ location = local.selected_region
+
+ compute_types = ["azure_container_app", "azure_container_instance"]
+
+ version_control_system_type = "github"
+ version_control_system_personal_access_token = var.github_runners_personal_access_token
+ version_control_system_organization = var.github_organization_name
+ version_control_system_repository = github_repository.this.name
+
+ virtual_network_creation_enabled = false
+ virtual_network_id = module.virtual_network.resource_id
+
+ resource_group_creation_enabled = false
+ resource_group_name = azurerm_resource_group.this.name
+
+ container_app_subnet_id = module.virtual_network.subnets["container_app"].resource_id
+ container_instance_subnet_id = module.virtual_network.subnets["container_instance"].resource_id
+
+ container_registry_private_dns_zone_creation_enabled = false
+ container_registry_dns_zone_id = azurerm_private_dns_zone.container_registry.id
+ container_registry_private_endpoint_subnet_id = module.virtual_network.subnets["container_registry_private_endpoint"].resource_id
+
+ tags = local.tags
+ depends_on = [azurerm_private_dns_zone_virtual_network_link.container_registry]
+}
+
+output "container_app_environment_resource_id" {
+ value = module.azure_devops_agents.resource_id
+}
+
+output "container_app_environment_name" {
+ value = module.azure_devops_agents.name
+}
+
+output "container_app_job_resource_id" {
+ value = module.azure_devops_agents.job_resource_id
+}
+
+output "container_app_job_name" {
+ value = module.azure_devops_agents.job_name
+}
+
+# Region helpers
+module "regions" {
+ source = "Azure/avm-utl-regions/azurerm"
+ version = "0.3.0"
+}
+
+resource "random_integer" "region_index" {
+ max = length(local.regions) - 1
+ min = 0
+}
+
+locals {
+ excluded_regions = [
+ "westeurope" # Capacity issues
+ ]
+ included_regions = [
+ "northcentralusstage", "westus2", "southeastasia", "canadacentral", "westeurope", "northeurope", "eastus", "eastus2", "eastasia", "australiaeast", "germanywestcentral", "japaneast", "uksouth", "westus", "centralus", "northcentralus", "southcentralus", "koreacentral", "brazilsouth", "westus3", "francecentral", "southafricanorth", "norwayeast", "switzerlandnorth", "uaenorth", "canadaeast", "westcentralus", "ukwest", "centralindia", "italynorth", "polandcentral", "southindia"
+ ]
+ regions = [for region in module.regions.regions : region.name if !contains(local.excluded_regions, region.name) && contains(local.included_regions, region.name)]
+ selected_region = "canadacentral"
+}
+```
+
+
+## Requirements
+
+The following requirements are needed by this module:
+
+- [terraform](#requirement\_terraform) (>= 1.9)
+
+- [azapi](#requirement\_azapi) (~> 2.0)
+
+- [azurerm](#requirement\_azurerm) (~> 3.113)
+
+- [github](#requirement\_github) (~> 5.36)
+
+- [random](#requirement\_random) (~> 3.5)
+
+## Resources
+
+The following resources are used by this module:
+
+- [azapi_resource_action.resource_provider_registration](https://registry.terraform.io/providers/azure/azapi/latest/docs/resources/resource_action) (resource)
+- [azurerm_private_dns_zone.container_registry](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_zone) (resource)
+- [azurerm_private_dns_zone_virtual_network_link.container_registry](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_zone_virtual_network_link) (resource)
+- [azurerm_resource_group.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) (resource)
+- [github_repository.this](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository) (resource)
+- [github_repository_file.this](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_file) (resource)
+- [random_integer.region_index](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/integer) (resource)
+- [random_string.name](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/string) (resource)
+- [azurerm_client_config.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/client_config) (data source)
+- [github_organization.alz](https://registry.terraform.io/providers/integrations/github/latest/docs/data-sources/organization) (data source)
+
+
+## Required Inputs
+
+The following input variables are required:
+
+### [github\_organization\_name](#input\_github\_organization\_name)
+
+Description: GitHub Organisation Name
+
+Type: `string`
+
+### [github\_personal\_access\_token](#input\_github\_personal\_access\_token)
+
+Description: The personal access token used for authentication to GitHub.
+
+Type: `string`
+
+### [github\_runners\_personal\_access\_token](#input\_github\_runners\_personal\_access\_token)
+
+Description: Personal access token for GitHub self-hosted runners (the token requires the 'repo' scope and should not expire).
+
+Type: `string`
+
+## Optional Inputs
+
+No optional inputs.
+
+## Outputs
+
+The following outputs are exported:
+
+### [container\_app\_environment\_name](#output\_container\_app\_environment\_name)
+
+Description: n/a
+
+### [container\_app\_environment\_resource\_id](#output\_container\_app\_environment\_resource\_id)
+
+Description: n/a
+
+### [container\_app\_job\_name](#output\_container\_app\_job\_name)
+
+Description: n/a
+
+### [container\_app\_job\_resource\_id](#output\_container\_app\_job\_resource\_id)
+
+Description: n/a
+
+## Modules
+
+The following Modules are called:
+
+### [azure\_devops\_agents](#module\_azure\_devops\_agents)
+
+Source: ../..
+
+Version:
+
+### [naming](#module\_naming)
+
+Source: Azure/naming/azurerm
+
+Version: >= 0.3.0
+
+### [regions](#module\_regions)
+
+Source: Azure/avm-utl-regions/azurerm
+
+Version: 0.3.0
+
+### [virtual\_network](#module\_virtual\_network)
+
+Source: Azure/avm-res-network-virtualnetwork/azurerm
+
+Version: 0.7.1
+
+
+## Data Collection
+
+The software may collect information about you and your use of the software and send it to Microsoft. Microsoft may use this information to provide services and improve our products and services. You may turn off the telemetry as described in the repository. There are also some features in the software that may enable you and Microsoft to collect data from users of your applications. If you use these features, you must comply with applicable law, including providing appropriate notices to users of your applications together with a copy of Microsoft’s privacy statement. Our privacy statement is located at . You can learn more about data collection and use in the help documentation and our privacy statement. Your use of the software operates as your consent to these practices.
+
\ No newline at end of file
diff --git a/examples/github_bring_your_own_vnet_and_dns_zone/_footer.md b/examples/github_bring_your_own_vnet_and_dns_zone/_footer.md
new file mode 100644
index 0000000..bc56bcb
--- /dev/null
+++ b/examples/github_bring_your_own_vnet_and_dns_zone/_footer.md
@@ -0,0 +1,4 @@
+
+## Data Collection
+
+The software may collect information about you and your use of the software and send it to Microsoft. Microsoft may use this information to provide services and improve our products and services. You may turn off the telemetry as described in the repository. There are also some features in the software that may enable you and Microsoft to collect data from users of your applications. If you use these features, you must comply with applicable law, including providing appropriate notices to users of your applications together with a copy of Microsoft’s privacy statement. Our privacy statement is located at . You can learn more about data collection and use in the help documentation and our privacy statement. Your use of the software operates as your consent to these practices.
diff --git a/examples/github_bring_your_own_vnet_and_dns_zone/_header.md b/examples/github_bring_your_own_vnet_and_dns_zone/_header.md
new file mode 100644
index 0000000..1bad71b
--- /dev/null
+++ b/examples/github_bring_your_own_vnet_and_dns_zone/_header.md
@@ -0,0 +1,3 @@
+# GitHub example with private networking and bring your own virtual network and DNS zone
+
+This example deploys GitHub Runners to Azure Container Apps and Azure Container Instance using private networking and bring your own virtual network and DNS zone.
diff --git a/examples/github_bring_your_own_vnet_and_dns_zone/action.yml b/examples/github_bring_your_own_vnet_and_dns_zone/action.yml
new file mode 100644
index 0000000..89ec034
--- /dev/null
+++ b/examples/github_bring_your_own_vnet_and_dns_zone/action.yml
@@ -0,0 +1,17 @@
+name: Example Action
+
+on:
+ push:
+ branches: [ "main" ]
+ pull_request:
+ branches: [ "main" ]
+ workflow_dispatch:
+
+jobs:
+ build:
+ runs-on: self-hosted
+ steps:
+ - uses: actions/checkout@v4
+
+ - name: Run a one-line script
+ run: echo Hello, world!
diff --git a/examples/github_bring_your_own_vnet_and_dns_zone/main.tf b/examples/github_bring_your_own_vnet_and_dns_zone/main.tf
new file mode 100644
index 0000000..9b315ba
--- /dev/null
+++ b/examples/github_bring_your_own_vnet_and_dns_zone/main.tf
@@ -0,0 +1,244 @@
+variable "github_organization_name" {
+ type = string
+ description = "GitHub Organisation Name"
+}
+
+variable "github_personal_access_token" {
+ type = string
+ description = "The personal access token used for authentication to GitHub."
+ sensitive = true
+}
+
+variable "github_runners_personal_access_token" {
+ description = "Personal access token for GitHub self-hosted runners (the token requires the 'repo' scope and should not expire)."
+ type = string
+ sensitive = true
+}
+
+locals {
+ tags = {
+ scenario = "default"
+ }
+}
+
+terraform {
+ required_version = ">= 1.9"
+ required_providers {
+ azapi = {
+ source = "azure/azapi"
+ version = "~> 2.0"
+ }
+ azurerm = {
+ source = "hashicorp/azurerm"
+ version = "~> 3.113"
+ }
+ github = {
+ source = "integrations/github"
+ version = "~> 5.36"
+ }
+ random = {
+ source = "hashicorp/random"
+ version = "~> 3.5"
+ }
+ }
+}
+
+provider "azurerm" {
+ features {}
+}
+
+provider "github" {
+ token = var.github_personal_access_token
+ owner = var.github_organization_name
+}
+
+resource "random_string" "name" {
+ length = 6
+ numeric = true
+ special = false
+ upper = false
+}
+
+module "naming" {
+ source = "Azure/naming/azurerm"
+ version = ">= 0.3.0"
+}
+data "github_organization" "alz" {
+ name = var.github_organization_name
+}
+
+locals {
+ action_file = "action.yml"
+ default_commit_email = "demo@microsoft.com"
+ free_plan = "free"
+}
+
+resource "github_repository" "this" {
+ name = random_string.name.result
+ description = random_string.name.result
+ auto_init = true
+ visibility = data.github_organization.alz.plan == local.free_plan ? "public" : "private"
+ allow_update_branch = true
+ allow_merge_commit = false
+ allow_rebase_merge = false
+ vulnerability_alerts = true
+}
+
+resource "github_repository_file" "this" {
+ repository = github_repository.this.name
+ file = ".github/workflows/${local.action_file}"
+ content = file("${path.module}/${local.action_file}")
+ commit_author = local.default_commit_email
+ commit_email = local.default_commit_email
+ commit_message = "Add ${local.action_file} [skip ci]"
+ overwrite_on_create = true
+}
+
+locals {
+ resource_providers_to_register = {
+ dev_center = {
+ resource_provider = "Microsoft.App"
+ }
+ }
+}
+
+data "azurerm_client_config" "this" {}
+
+resource "azapi_resource_action" "resource_provider_registration" {
+ for_each = local.resource_providers_to_register
+
+ resource_id = "/subscriptions/${data.azurerm_client_config.this.subscription_id}"
+ type = "Microsoft.Resources/subscriptions@2021-04-01"
+ action = "providers/${each.value.resource_provider}/register"
+ method = "POST"
+}
+
+locals {
+ subnets = {
+ container_registry_private_endpoint = {
+ name = "subnet-container-registry-private-endpoint"
+ address_prefix = "10.0.0.0/29"
+ }
+ container_app = {
+ name = "subnet-container-app"
+ address_prefix = "10.0.1.0/27"
+ delegation = [
+ {
+ name = "Microsoft.App/environments"
+ service_delegation = {
+ name = "Microsoft.App/environments"
+ }
+ }
+ ]
+ }
+ container_instance = {
+ name = "subnet-container-instance"
+ address_prefix = "10.0.2.0/28"
+ delegation = [
+ {
+ name = "Microsoft.ContainerInstance/containerGroups"
+ service_delegation = {
+ name = "Microsoft.ContainerInstance/containerGroups"
+ }
+ }
+ ]
+ }
+ }
+ virtual_network_address_space = "10.0.0.0/16"
+}
+
+resource "azurerm_resource_group" "this" {
+ location = local.selected_region
+ name = "rg-${random_string.name.result}"
+}
+
+module "virtual_network" {
+ source = "Azure/avm-res-network-virtualnetwork/azurerm"
+ version = "0.7.1"
+ name = "vnet-${random_string.name.result}"
+ resource_group_name = azurerm_resource_group.this.name
+ location = local.selected_region
+ address_space = [local.virtual_network_address_space]
+ subnets = local.subnets
+}
+
+resource "azurerm_private_dns_zone" "container_registry" {
+ name = "privatelink.azurecr.io"
+ resource_group_name = azurerm_resource_group.this.name
+}
+
+resource "azurerm_private_dns_zone_virtual_network_link" "container_registry" {
+ name = "privatelink.azurecr.io"
+ private_dns_zone_name = azurerm_private_dns_zone.container_registry.name
+ resource_group_name = azurerm_resource_group.this.name
+ virtual_network_id = module.virtual_network.resource_id
+ tags = local.tags
+}
+
+# This is the module call
+module "azure_devops_agents" {
+ source = "../.."
+ postfix = random_string.name.result
+ location = local.selected_region
+
+ compute_types = ["azure_container_app", "azure_container_instance"]
+
+ version_control_system_type = "github"
+ version_control_system_personal_access_token = var.github_runners_personal_access_token
+ version_control_system_organization = var.github_organization_name
+ version_control_system_repository = github_repository.this.name
+
+ virtual_network_creation_enabled = false
+ virtual_network_id = module.virtual_network.resource_id
+
+ resource_group_creation_enabled = false
+ resource_group_name = azurerm_resource_group.this.name
+
+ container_app_subnet_id = module.virtual_network.subnets["container_app"].resource_id
+ container_instance_subnet_id = module.virtual_network.subnets["container_instance"].resource_id
+
+ container_registry_private_dns_zone_creation_enabled = false
+ container_registry_dns_zone_id = azurerm_private_dns_zone.container_registry.id
+ container_registry_private_endpoint_subnet_id = module.virtual_network.subnets["container_registry_private_endpoint"].resource_id
+
+ tags = local.tags
+ depends_on = [azurerm_private_dns_zone_virtual_network_link.container_registry]
+}
+
+output "container_app_environment_resource_id" {
+ value = module.azure_devops_agents.resource_id
+}
+
+output "container_app_environment_name" {
+ value = module.azure_devops_agents.name
+}
+
+output "container_app_job_resource_id" {
+ value = module.azure_devops_agents.job_resource_id
+}
+
+output "container_app_job_name" {
+ value = module.azure_devops_agents.job_name
+}
+
+# Region helpers
+module "regions" {
+ source = "Azure/avm-utl-regions/azurerm"
+ version = "0.3.0"
+}
+
+resource "random_integer" "region_index" {
+ max = length(local.regions) - 1
+ min = 0
+}
+
+locals {
+ excluded_regions = [
+ "westeurope" # Capacity issues
+ ]
+ included_regions = [
+ "northcentralusstage", "westus2", "southeastasia", "canadacentral", "westeurope", "northeurope", "eastus", "eastus2", "eastasia", "australiaeast", "germanywestcentral", "japaneast", "uksouth", "westus", "centralus", "northcentralus", "southcentralus", "koreacentral", "brazilsouth", "westus3", "francecentral", "southafricanorth", "norwayeast", "switzerlandnorth", "uaenorth", "canadaeast", "westcentralus", "ukwest", "centralindia", "italynorth", "polandcentral", "southindia"
+ ]
+ regions = [for region in module.regions.regions : region.name if !contains(local.excluded_regions, region.name) && contains(local.included_regions, region.name)]
+ selected_region = "canadacentral"
+}
diff --git a/examples/github_container_instance/README.md b/examples/github_container_instance/README.md
index 2149682..556ee6e 100644
--- a/examples/github_container_instance/README.md
+++ b/examples/github_container_instance/README.md
@@ -115,7 +115,7 @@ module "github_runners" {
# Region helpers
module "regions" {
source = "Azure/avm-utl-regions/azurerm"
- version = "0.1.0"
+ version = "0.3.0"
}
resource "random_integer" "region_index" {
@@ -209,7 +209,7 @@ Version: >= 0.3.0
Source: Azure/avm-utl-regions/azurerm
-Version: 0.1.0
+Version: 0.3.0
## Data Collection
diff --git a/examples/github_container_instance/main.tf b/examples/github_container_instance/main.tf
index 4bf08cc..8365706 100644
--- a/examples/github_container_instance/main.tf
+++ b/examples/github_container_instance/main.tf
@@ -109,7 +109,7 @@ module "github_runners" {
# Region helpers
module "regions" {
source = "Azure/avm-utl-regions/azurerm"
- version = "0.1.0"
+ version = "0.3.0"
}
resource "random_integer" "region_index" {
diff --git a/examples/github_public_networking/README.md b/examples/github_public_networking/README.md
index 869d625..0339bb1 100644
--- a/examples/github_public_networking/README.md
+++ b/examples/github_public_networking/README.md
@@ -32,7 +32,7 @@ terraform {
required_providers {
azapi = {
source = "azure/azapi"
- version = "~> 1.14"
+ version = "~> 2.0"
}
azurerm = {
source = "hashicorp/azurerm"
@@ -137,7 +137,7 @@ module "github_runners" {
# Region helpers
module "regions" {
source = "Azure/avm-utl-regions/azurerm"
- version = "0.1.0"
+ version = "0.3.0"
}
resource "random_integer" "region_index" {
@@ -164,7 +164,7 @@ The following requirements are needed by this module:
- [terraform](#requirement\_terraform) (>= 1.9)
-- [azapi](#requirement\_azapi) (~> 1.14)
+- [azapi](#requirement\_azapi) (~> 2.0)
- [azurerm](#requirement\_azurerm) (~> 3.113)
@@ -235,7 +235,7 @@ Version: >= 0.3.0
Source: Azure/avm-utl-regions/azurerm
-Version: 0.1.0
+Version: 0.3.0
## Data Collection
diff --git a/examples/github_public_networking/main.tf b/examples/github_public_networking/main.tf
index 48be998..408f55a 100644
--- a/examples/github_public_networking/main.tf
+++ b/examples/github_public_networking/main.tf
@@ -26,7 +26,7 @@ terraform {
required_providers {
azapi = {
source = "azure/azapi"
- version = "~> 1.14"
+ version = "~> 2.0"
}
azurerm = {
source = "hashicorp/azurerm"
@@ -131,7 +131,7 @@ module "github_runners" {
# Region helpers
module "regions" {
source = "Azure/avm-utl-regions/azurerm"
- version = "0.1.0"
+ version = "0.3.0"
}
resource "random_integer" "region_index" {
diff --git a/examples/multi_region/README.md b/examples/multi_region/README.md
index 392bba4..3110e9f 100644
--- a/examples/multi_region/README.md
+++ b/examples/multi_region/README.md
@@ -34,7 +34,7 @@ terraform {
required_providers {
azapi = {
source = "azure/azapi"
- version = "~> 1.14"
+ version = "~> 2.0"
}
azuredevops = {
source = "microsoft/azuredevops"
@@ -236,7 +236,7 @@ output "container_app_job_secondary_name" {
# Region helpers
module "regions" {
source = "Azure/avm-utl-regions/azurerm"
- version = "0.1.0"
+ version = "0.3.0"
}
resource "random_integer" "region_index_primary" {
@@ -270,7 +270,7 @@ The following requirements are needed by this module:
- [terraform](#requirement\_terraform) (>= 1.9)
-- [azapi](#requirement\_azapi) (~> 1.14)
+- [azapi](#requirement\_azapi) (~> 2.0)
- [azuredevops](#requirement\_azuredevops) (~> 1.1)
@@ -392,7 +392,7 @@ Version: >= 0.3.0
Source: Azure/avm-utl-regions/azurerm
-Version: 0.1.0
+Version: 0.3.0
## Data Collection
diff --git a/examples/multi_region/main.tf b/examples/multi_region/main.tf
index f1839db..0d1f3ac 100644
--- a/examples/multi_region/main.tf
+++ b/examples/multi_region/main.tf
@@ -26,7 +26,7 @@ terraform {
required_providers {
azapi = {
source = "azure/azapi"
- version = "~> 1.14"
+ version = "~> 2.0"
}
azuredevops = {
source = "microsoft/azuredevops"
@@ -228,7 +228,7 @@ output "container_app_job_secondary_name" {
# Region helpers
module "regions" {
source = "Azure/avm-utl-regions/azurerm"
- version = "0.1.0"
+ version = "0.3.0"
}
resource "random_integer" "region_index_primary" {
diff --git a/main.virtual.network.tf b/main.virtual.network.tf
index 6d8d478..6a4c333 100644
--- a/main.virtual.network.tf
+++ b/main.virtual.network.tf
@@ -1,7 +1,7 @@
module "virtual_network" {
count = var.use_private_networking && var.virtual_network_creation_enabled ? 1 : 0
source = "Azure/avm-res-network-virtualnetwork/azurerm"
- version = "0.4.0"
+ version = "0.7.1"
name = local.virtual_network_name
resource_group_name = local.resource_group_name
location = var.location
diff --git a/modules/container-app-job/README.md b/modules/container-app-job/README.md
index e248307..78bbd73 100644
--- a/modules/container-app-job/README.md
+++ b/modules/container-app-job/README.md
@@ -6,7 +6,7 @@ This submodule deploys an Azure Container Apps Job for CI/CD agents and runners.
```hcl
resource "azapi_resource" "job" {
type = "Microsoft.App/jobs@2023-05-01"
- body = jsonencode({
+ body = {
properties = {
environmentId = var.container_app_environment_id
configuration = {
@@ -30,7 +30,7 @@ resource "azapi_resource" "job" {
containers = [local.container_job]
}
}
- })
+ }
location = var.location
name = local.job_name
parent_id = var.resource_group_id
@@ -46,7 +46,7 @@ resource "azapi_resource" "placeholder" {
count = var.placeholder_job_creation_enabled ? 1 : 0
type = "Microsoft.App/jobs@2023-05-01"
- body = jsonencode({
+ body = {
properties = {
environmentId = var.container_app_environment_id
configuration = {
@@ -64,7 +64,7 @@ resource "azapi_resource" "placeholder" {
containers = [local.container_placeholder]
}
}
- })
+ }
location = var.location
name = local.placeholder_job_name
parent_id = var.resource_group_id
@@ -97,13 +97,13 @@ The following requirements are needed by this module:
- [terraform](#requirement\_terraform) (>= 1.9)
-- [azapi](#requirement\_azapi) (~> 1.14)
+- [azapi](#requirement\_azapi) (~> 2.0)
## Providers
The following providers are used by this module:
-- [azapi](#provider\_azapi) (~> 1.14)
+- [azapi](#provider\_azapi) (~> 2.0)
## Resources
diff --git a/modules/container-app-job/main.tf b/modules/container-app-job/main.tf
index 5072398..632335b 100644
--- a/modules/container-app-job/main.tf
+++ b/modules/container-app-job/main.tf
@@ -1,6 +1,6 @@
resource "azapi_resource" "job" {
type = "Microsoft.App/jobs@2023-05-01"
- body = jsonencode({
+ body = {
properties = {
environmentId = var.container_app_environment_id
configuration = {
@@ -24,7 +24,7 @@ resource "azapi_resource" "job" {
containers = [local.container_job]
}
}
- })
+ }
location = var.location
name = local.job_name
parent_id = var.resource_group_id
@@ -40,7 +40,7 @@ resource "azapi_resource" "placeholder" {
count = var.placeholder_job_creation_enabled ? 1 : 0
type = "Microsoft.App/jobs@2023-05-01"
- body = jsonencode({
+ body = {
properties = {
environmentId = var.container_app_environment_id
configuration = {
@@ -58,7 +58,7 @@ resource "azapi_resource" "placeholder" {
containers = [local.container_placeholder]
}
}
- })
+ }
location = var.location
name = local.placeholder_job_name
parent_id = var.resource_group_id
diff --git a/modules/container-app-job/terraform.tf b/modules/container-app-job/terraform.tf
index a9e5a30..04e0d38 100644
--- a/modules/container-app-job/terraform.tf
+++ b/modules/container-app-job/terraform.tf
@@ -3,7 +3,7 @@ terraform {
required_providers {
azapi = {
source = "azure/azapi"
- version = "~> 1.14"
+ version = "~> 2.0"
}
}
}