From 83fad1afc7982c697de8593d45e4792ab53e9634 Mon Sep 17 00:00:00 2001 From: Jared Holgate Date: Wed, 11 Dec 2024 13:23:36 +0000 Subject: [PATCH 1/3] chore: improve test coverage --- .../{default => azure_devops_basic}/README.md | 2 +- .../_footer.md | 0 .../_header.md | 0 .../{default => azure_devops_basic}/main.tf | 2 +- .../pipeline.yml | 0 .../README.md | 4 +- .../_footer.md | 0 .../_header.md | 0 .../main.tf | 4 +- .../pipeline.yml | 0 .../README.md | 380 ++++++++++++++++++ .../_footer.md | 4 + .../_header.md | 3 + .../main.tf | 282 +++++++++++++ .../pipeline.yml | 8 + .../azure_devops_public_networking/README.md | 2 +- .../azure_devops_public_networking/main.tf | 2 +- examples/github_basic/README.md | 2 +- examples/github_basic/main.tf | 2 +- .../README.md | 380 ++++++++++++++++++ .../_footer.md | 4 + .../_header.md | 3 + .../action.yml | 17 + .../main.tf | 244 +++++++++++ examples/github_public_networking/README.md | 2 +- examples/github_public_networking/main.tf | 2 +- examples/multi_region/README.md | 2 +- examples/multi_region/main.tf | 2 +- modules/container-app-job/terraform.tf | 2 +- 29 files changed, 1340 insertions(+), 15 deletions(-) rename examples/{default => azure_devops_basic}/README.md (99%) rename examples/{bring_your_own_vnet => azure_devops_basic}/_footer.md (100%) rename examples/{default => azure_devops_basic}/_header.md (100%) rename examples/{default => azure_devops_basic}/main.tf (99%) rename examples/{bring_your_own_vnet => azure_devops_basic}/pipeline.yml (100%) rename examples/{bring_your_own_vnet => azure_devops_bring_your_own_vnet}/README.md (99%) rename examples/{default => azure_devops_bring_your_own_vnet}/_footer.md (100%) rename examples/{bring_your_own_vnet => azure_devops_bring_your_own_vnet}/_header.md (100%) rename examples/{bring_your_own_vnet => azure_devops_bring_your_own_vnet}/main.tf (99%) rename examples/{default => azure_devops_bring_your_own_vnet}/pipeline.yml (100%) create mode 100644 examples/azure_devops_bring_your_own_vnet_and_dns_zone/README.md create mode 100644 examples/azure_devops_bring_your_own_vnet_and_dns_zone/_footer.md create mode 100644 examples/azure_devops_bring_your_own_vnet_and_dns_zone/_header.md create mode 100644 examples/azure_devops_bring_your_own_vnet_and_dns_zone/main.tf create mode 100644 examples/azure_devops_bring_your_own_vnet_and_dns_zone/pipeline.yml create mode 100644 examples/github_bring_your_own_vnet_and_dns_zone/README.md create mode 100644 examples/github_bring_your_own_vnet_and_dns_zone/_footer.md create mode 100644 examples/github_bring_your_own_vnet_and_dns_zone/_header.md create mode 100644 examples/github_bring_your_own_vnet_and_dns_zone/action.yml create mode 100644 examples/github_bring_your_own_vnet_and_dns_zone/main.tf diff --git a/examples/default/README.md b/examples/azure_devops_basic/README.md similarity index 99% rename from examples/default/README.md rename to examples/azure_devops_basic/README.md index bf9d99f..77b9a23 100644 --- a/examples/default/README.md +++ b/examples/azure_devops_basic/README.md @@ -32,7 +32,7 @@ terraform { required_providers { azapi = { source = "azure/azapi" - version = "~> 1.14" + version = "~> 2.0" } azuredevops = { source = "microsoft/azuredevops" diff --git a/examples/bring_your_own_vnet/_footer.md b/examples/azure_devops_basic/_footer.md similarity index 100% rename from examples/bring_your_own_vnet/_footer.md rename to examples/azure_devops_basic/_footer.md diff --git a/examples/default/_header.md b/examples/azure_devops_basic/_header.md similarity index 100% rename from examples/default/_header.md rename to examples/azure_devops_basic/_header.md diff --git a/examples/default/main.tf b/examples/azure_devops_basic/main.tf similarity index 99% rename from examples/default/main.tf rename to examples/azure_devops_basic/main.tf index 363088b..2d9803d 100644 --- a/examples/default/main.tf +++ b/examples/azure_devops_basic/main.tf @@ -26,7 +26,7 @@ terraform { required_providers { azapi = { source = "azure/azapi" - version = "~> 1.14" + version = "~> 2.0" } azuredevops = { source = "microsoft/azuredevops" diff --git a/examples/bring_your_own_vnet/pipeline.yml b/examples/azure_devops_basic/pipeline.yml similarity index 100% rename from examples/bring_your_own_vnet/pipeline.yml rename to examples/azure_devops_basic/pipeline.yml diff --git a/examples/bring_your_own_vnet/README.md b/examples/azure_devops_bring_your_own_vnet/README.md similarity index 99% rename from examples/bring_your_own_vnet/README.md rename to examples/azure_devops_bring_your_own_vnet/README.md index 7aaab76..a5b3b9a 100644 --- a/examples/bring_your_own_vnet/README.md +++ b/examples/azure_devops_bring_your_own_vnet/README.md @@ -32,7 +32,7 @@ terraform { required_providers { azapi = { source = "azure/azapi" - version = "~> 1.14" + version = "~> 2.0" } azuredevops = { source = "microsoft/azuredevops" @@ -198,7 +198,7 @@ resource "azurerm_resource_group" "this" { module "virtual_network" { source = "Azure/avm-res-network-virtualnetwork/azurerm" - version = "0.4.2" + version = "0.7.1" name = "vnet-${random_string.name.result}" resource_group_name = azurerm_resource_group.this.name location = local.selected_region diff --git a/examples/default/_footer.md b/examples/azure_devops_bring_your_own_vnet/_footer.md similarity index 100% rename from examples/default/_footer.md rename to examples/azure_devops_bring_your_own_vnet/_footer.md diff --git a/examples/bring_your_own_vnet/_header.md b/examples/azure_devops_bring_your_own_vnet/_header.md similarity index 100% rename from examples/bring_your_own_vnet/_header.md rename to examples/azure_devops_bring_your_own_vnet/_header.md diff --git a/examples/bring_your_own_vnet/main.tf b/examples/azure_devops_bring_your_own_vnet/main.tf similarity index 99% rename from examples/bring_your_own_vnet/main.tf rename to examples/azure_devops_bring_your_own_vnet/main.tf index b19d2d9..c44c15b 100644 --- a/examples/bring_your_own_vnet/main.tf +++ b/examples/azure_devops_bring_your_own_vnet/main.tf @@ -26,7 +26,7 @@ terraform { required_providers { azapi = { source = "azure/azapi" - version = "~> 1.14" + version = "~> 2.0" } azuredevops = { source = "microsoft/azuredevops" @@ -192,7 +192,7 @@ resource "azurerm_resource_group" "this" { module "virtual_network" { source = "Azure/avm-res-network-virtualnetwork/azurerm" - version = "0.4.2" + version = "0.7.1" name = "vnet-${random_string.name.result}" resource_group_name = azurerm_resource_group.this.name location = local.selected_region diff --git a/examples/default/pipeline.yml b/examples/azure_devops_bring_your_own_vnet/pipeline.yml similarity index 100% rename from examples/default/pipeline.yml rename to examples/azure_devops_bring_your_own_vnet/pipeline.yml diff --git a/examples/azure_devops_bring_your_own_vnet_and_dns_zone/README.md b/examples/azure_devops_bring_your_own_vnet_and_dns_zone/README.md new file mode 100644 index 0000000..a5b3b9a --- /dev/null +++ b/examples/azure_devops_bring_your_own_vnet_and_dns_zone/README.md @@ -0,0 +1,380 @@ + +# Azure DevOps example with private networking and bring your own virtual network + +This example deploys Azure DevOps Agents to Azure Container Apps and Azure Container Instance using private networking and bring your own virtual network. + +```hcl +variable "azure_devops_organization_name" { + type = string + description = "Azure DevOps Organisation Name" +} + +variable "azure_devops_personal_access_token" { + type = string + description = "The personal access token used for agent authentication to Azure DevOps." + sensitive = true +} + +variable "azure_devops_agents_personal_access_token" { + description = "Personal access token for Azure DevOps self-hosted agents (the token requires the 'Agent Pools - Read & Manage' scope and should have the maximum expiry)." + type = string + sensitive = true +} + +locals { + tags = { + scenario = "default" + } +} + +terraform { + required_version = ">= 1.9" + required_providers { + azapi = { + source = "azure/azapi" + version = "~> 2.0" + } + azuredevops = { + source = "microsoft/azuredevops" + version = "~> 1.1" + } + azurerm = { + source = "hashicorp/azurerm" + version = "~> 3.113" + } + random = { + source = "hashicorp/random" + version = "~> 3.5" + } + } +} + +provider "azurerm" { + features {} +} + +locals { + azure_devops_organization_url = "https://dev.azure.com/${var.azure_devops_organization_name}" +} + +provider "azuredevops" { + personal_access_token = var.azure_devops_personal_access_token + org_service_url = local.azure_devops_organization_url +} + +resource "random_string" "name" { + length = 6 + numeric = true + special = false + upper = false +} + +module "naming" { + source = "Azure/naming/azurerm" + version = ">= 0.3.0" +} + +resource "azuredevops_project" "this" { + name = random_string.name.result +} + +resource "azuredevops_agent_pool" "this" { + name = random_string.name.result + auto_provision = false + auto_update = true +} + +resource "azuredevops_agent_queue" "this" { + project_id = azuredevops_project.this.id + agent_pool_id = azuredevops_agent_pool.this.id +} + +locals { + default_branch = "refs/heads/main" + pipeline_file = "pipeline.yml" + repository_name = "example-repo" +} + +resource "azuredevops_git_repository" "this" { + project_id = azuredevops_project.this.id + name = local.repository_name + default_branch = local.default_branch + initialization { + init_type = "Clean" + } +} + +resource "azuredevops_git_repository_file" "this" { + repository_id = azuredevops_git_repository.this.id + file = local.pipeline_file + content = templatefile("${path.module}/${local.pipeline_file}", { + agent_pool_name = azuredevops_agent_pool.this.name + }) + branch = local.default_branch + commit_message = "[skip ci]" + overwrite_on_create = true +} + +resource "azuredevops_build_definition" "this" { + project_id = azuredevops_project.this.id + name = "Example Build Definition" + + ci_trigger { + use_yaml = true + } + + repository { + repo_type = "TfsGit" + repo_id = azuredevops_git_repository.this.id + branch_name = azuredevops_git_repository.this.default_branch + yml_path = local.pipeline_file + } +} + +resource "azuredevops_pipeline_authorization" "this" { + project_id = azuredevops_project.this.id + resource_id = azuredevops_agent_queue.this.id + type = "queue" + pipeline_id = azuredevops_build_definition.this.id +} + +locals { + resource_providers_to_register = { + dev_center = { + resource_provider = "Microsoft.App" + } + } +} + +data "azurerm_client_config" "this" {} + +resource "azapi_resource_action" "resource_provider_registration" { + for_each = local.resource_providers_to_register + + resource_id = "/subscriptions/${data.azurerm_client_config.this.subscription_id}" + type = "Microsoft.Resources/subscriptions@2021-04-01" + action = "providers/${each.value.resource_provider}/register" + method = "POST" +} + +locals { + subnets = { + container_registry_private_endpoint = { + name = "subnet-container-registry-private-endpoint" + address_prefix = "10.0.0.0/29" + } + container_app = { + name = "subnet-container-app" + address_prefix = "10.0.1.0/27" + delegation = [ + { + name = "Microsoft.App/environments" + service_delegation = { + name = "Microsoft.App/environments" + } + } + ] + } + container_instance = { + name = "subnet-container-instance" + address_prefix = "10.0.2.0/28" + delegation = [ + { + name = "Microsoft.ContainerInstance/containerGroups" + service_delegation = { + name = "Microsoft.ContainerInstance/containerGroups" + } + } + ] + } + } + virtual_network_address_space = "10.0.0.0/16" +} + +resource "azurerm_resource_group" "this" { + location = local.selected_region + name = "rg-${random_string.name.result}" +} + +module "virtual_network" { + source = "Azure/avm-res-network-virtualnetwork/azurerm" + version = "0.7.1" + name = "vnet-${random_string.name.result}" + resource_group_name = azurerm_resource_group.this.name + location = local.selected_region + address_space = [local.virtual_network_address_space] + subnets = local.subnets +} + +# This is the module call +module "azure_devops_agents" { + source = "../.." + postfix = random_string.name.result + location = local.selected_region + compute_types = ["azure_container_app", "azure_container_instance"] + version_control_system_type = "azuredevops" + version_control_system_personal_access_token = var.azure_devops_agents_personal_access_token + version_control_system_organization = local.azure_devops_organization_url + version_control_system_pool_name = azuredevops_agent_pool.this.name + virtual_network_id = module.virtual_network.resource_id + virtual_network_creation_enabled = false + resource_group_creation_enabled = false + resource_group_name = azurerm_resource_group.this.name + container_app_subnet_id = module.virtual_network.subnets["container_app"].resource_id + container_instance_subnet_id = module.virtual_network.subnets["container_instance"].resource_id + container_registry_private_endpoint_subnet_id = module.virtual_network.subnets["container_registry_private_endpoint"].resource_id + tags = local.tags + depends_on = [azuredevops_pipeline_authorization.this] +} + +output "container_app_environment_resource_id" { + value = module.azure_devops_agents.resource_id +} + +output "container_app_environment_name" { + value = module.azure_devops_agents.name +} + +output "container_app_job_resource_id" { + value = module.azure_devops_agents.job_resource_id +} + +output "container_app_job_name" { + value = module.azure_devops_agents.job_name +} + +# Region helpers +module "regions" { + source = "Azure/avm-utl-regions/azurerm" + version = "0.1.0" +} + +resource "random_integer" "region_index" { + max = length(local.regions) - 1 + min = 0 +} + +locals { + excluded_regions = [ + "westeurope" # Capacity issues + ] + included_regions = [ + "northcentralusstage", "westus2", "southeastasia", "canadacentral", "westeurope", "northeurope", "eastus", "eastus2", "eastasia", "australiaeast", "germanywestcentral", "japaneast", "uksouth", "westus", "centralus", "northcentralus", "southcentralus", "koreacentral", "brazilsouth", "westus3", "francecentral", "southafricanorth", "norwayeast", "switzerlandnorth", "uaenorth", "canadaeast", "westcentralus", "ukwest", "centralindia", "italynorth", "polandcentral", "southindia" + ] + regions = [for region in module.regions.regions : region.name if !contains(local.excluded_regions, region.name) && contains(local.included_regions, region.name)] + selected_region = local.regions[random_integer.region_index.result] +} +``` + + +## Requirements + +The following requirements are needed by this module: + +- [terraform](#requirement\_terraform) (>= 1.9) + +- [azapi](#requirement\_azapi) (~> 1.14) + +- [azuredevops](#requirement\_azuredevops) (~> 1.1) + +- [azurerm](#requirement\_azurerm) (~> 3.113) + +- [random](#requirement\_random) (~> 3.5) + +## Resources + +The following resources are used by this module: + +- [azapi_resource_action.resource_provider_registration](https://registry.terraform.io/providers/azure/azapi/latest/docs/resources/resource_action) (resource) +- [azuredevops_agent_pool.this](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/resources/agent_pool) (resource) +- [azuredevops_agent_queue.this](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/resources/agent_queue) (resource) +- [azuredevops_build_definition.this](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/resources/build_definition) (resource) +- [azuredevops_git_repository.this](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/resources/git_repository) (resource) +- [azuredevops_git_repository_file.this](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/resources/git_repository_file) (resource) +- [azuredevops_pipeline_authorization.this](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/resources/pipeline_authorization) (resource) +- [azuredevops_project.this](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/resources/project) (resource) +- [azurerm_resource_group.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) (resource) +- [random_integer.region_index](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/integer) (resource) +- [random_string.name](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/string) (resource) +- [azurerm_client_config.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/client_config) (data source) + + +## Required Inputs + +The following input variables are required: + +### [azure\_devops\_agents\_personal\_access\_token](#input\_azure\_devops\_agents\_personal\_access\_token) + +Description: Personal access token for Azure DevOps self-hosted agents (the token requires the 'Agent Pools - Read & Manage' scope and should have the maximum expiry). + +Type: `string` + +### [azure\_devops\_organization\_name](#input\_azure\_devops\_organization\_name) + +Description: Azure DevOps Organisation Name + +Type: `string` + +### [azure\_devops\_personal\_access\_token](#input\_azure\_devops\_personal\_access\_token) + +Description: The personal access token used for agent authentication to Azure DevOps. + +Type: `string` + +## Optional Inputs + +No optional inputs. + +## Outputs + +The following outputs are exported: + +### [container\_app\_environment\_name](#output\_container\_app\_environment\_name) + +Description: n/a + +### [container\_app\_environment\_resource\_id](#output\_container\_app\_environment\_resource\_id) + +Description: n/a + +### [container\_app\_job\_name](#output\_container\_app\_job\_name) + +Description: n/a + +### [container\_app\_job\_resource\_id](#output\_container\_app\_job\_resource\_id) + +Description: n/a + +## Modules + +The following Modules are called: + +### [azure\_devops\_agents](#module\_azure\_devops\_agents) + +Source: ../.. + +Version: + +### [naming](#module\_naming) + +Source: Azure/naming/azurerm + +Version: >= 0.3.0 + +### [regions](#module\_regions) + +Source: Azure/avm-utl-regions/azurerm + +Version: 0.1.0 + +### [virtual\_network](#module\_virtual\_network) + +Source: Azure/avm-res-network-virtualnetwork/azurerm + +Version: 0.4.2 + + +## Data Collection + +The software may collect information about you and your use of the software and send it to Microsoft. Microsoft may use this information to provide services and improve our products and services. You may turn off the telemetry as described in the repository. There are also some features in the software that may enable you and Microsoft to collect data from users of your applications. If you use these features, you must comply with applicable law, including providing appropriate notices to users of your applications together with a copy of Microsoft’s privacy statement. Our privacy statement is located at . You can learn more about data collection and use in the help documentation and our privacy statement. Your use of the software operates as your consent to these practices. + \ No newline at end of file diff --git a/examples/azure_devops_bring_your_own_vnet_and_dns_zone/_footer.md b/examples/azure_devops_bring_your_own_vnet_and_dns_zone/_footer.md new file mode 100644 index 0000000..bc56bcb --- /dev/null +++ b/examples/azure_devops_bring_your_own_vnet_and_dns_zone/_footer.md @@ -0,0 +1,4 @@ + +## Data Collection + +The software may collect information about you and your use of the software and send it to Microsoft. Microsoft may use this information to provide services and improve our products and services. You may turn off the telemetry as described in the repository. There are also some features in the software that may enable you and Microsoft to collect data from users of your applications. If you use these features, you must comply with applicable law, including providing appropriate notices to users of your applications together with a copy of Microsoft’s privacy statement. Our privacy statement is located at . You can learn more about data collection and use in the help documentation and our privacy statement. Your use of the software operates as your consent to these practices. diff --git a/examples/azure_devops_bring_your_own_vnet_and_dns_zone/_header.md b/examples/azure_devops_bring_your_own_vnet_and_dns_zone/_header.md new file mode 100644 index 0000000..f4cd571 --- /dev/null +++ b/examples/azure_devops_bring_your_own_vnet_and_dns_zone/_header.md @@ -0,0 +1,3 @@ +# Azure DevOps example with private networking and bring your own virtual network and DNS zone + +This example deploys Azure DevOps Agents to Azure Container Apps and Azure Container Instance using private networking and bring your own virtual network and DNS zone. diff --git a/examples/azure_devops_bring_your_own_vnet_and_dns_zone/main.tf b/examples/azure_devops_bring_your_own_vnet_and_dns_zone/main.tf new file mode 100644 index 0000000..747495b --- /dev/null +++ b/examples/azure_devops_bring_your_own_vnet_and_dns_zone/main.tf @@ -0,0 +1,282 @@ +variable "azure_devops_organization_name" { + type = string + description = "Azure DevOps Organisation Name" +} + +variable "azure_devops_personal_access_token" { + type = string + description = "The personal access token used for agent authentication to Azure DevOps." + sensitive = true +} + +variable "azure_devops_agents_personal_access_token" { + description = "Personal access token for Azure DevOps self-hosted agents (the token requires the 'Agent Pools - Read & Manage' scope and should have the maximum expiry)." + type = string + sensitive = true +} + +locals { + tags = { + scenario = "default" + } +} + +terraform { + required_version = ">= 1.9" + required_providers { + azapi = { + source = "azure/azapi" + version = "~> 2.0" + } + azuredevops = { + source = "microsoft/azuredevops" + version = "~> 1.1" + } + azurerm = { + source = "hashicorp/azurerm" + version = "~> 3.113" + } + random = { + source = "hashicorp/random" + version = "~> 3.5" + } + } +} + +provider "azurerm" { + features {} +} + +locals { + azure_devops_organization_url = "https://dev.azure.com/${var.azure_devops_organization_name}" +} + +provider "azuredevops" { + personal_access_token = var.azure_devops_personal_access_token + org_service_url = local.azure_devops_organization_url +} + +resource "random_string" "name" { + length = 6 + numeric = true + special = false + upper = false +} + +module "naming" { + source = "Azure/naming/azurerm" + version = ">= 0.3.0" +} + +resource "azuredevops_project" "this" { + name = random_string.name.result +} + +resource "azuredevops_agent_pool" "this" { + name = random_string.name.result + auto_provision = false + auto_update = true +} + +resource "azuredevops_agent_queue" "this" { + project_id = azuredevops_project.this.id + agent_pool_id = azuredevops_agent_pool.this.id +} + +locals { + default_branch = "refs/heads/main" + pipeline_file = "pipeline.yml" + repository_name = "example-repo" +} + +resource "azuredevops_git_repository" "this" { + project_id = azuredevops_project.this.id + name = local.repository_name + default_branch = local.default_branch + initialization { + init_type = "Clean" + } +} + +resource "azuredevops_git_repository_file" "this" { + repository_id = azuredevops_git_repository.this.id + file = local.pipeline_file + content = templatefile("${path.module}/${local.pipeline_file}", { + agent_pool_name = azuredevops_agent_pool.this.name + }) + branch = local.default_branch + commit_message = "[skip ci]" + overwrite_on_create = true +} + +resource "azuredevops_build_definition" "this" { + project_id = azuredevops_project.this.id + name = "Example Build Definition" + + ci_trigger { + use_yaml = true + } + + repository { + repo_type = "TfsGit" + repo_id = azuredevops_git_repository.this.id + branch_name = azuredevops_git_repository.this.default_branch + yml_path = local.pipeline_file + } +} + +resource "azuredevops_pipeline_authorization" "this" { + project_id = azuredevops_project.this.id + resource_id = azuredevops_agent_queue.this.id + type = "queue" + pipeline_id = azuredevops_build_definition.this.id +} + +locals { + resource_providers_to_register = { + dev_center = { + resource_provider = "Microsoft.App" + } + } +} + +data "azurerm_client_config" "this" {} + +resource "azapi_resource_action" "resource_provider_registration" { + for_each = local.resource_providers_to_register + + resource_id = "/subscriptions/${data.azurerm_client_config.this.subscription_id}" + type = "Microsoft.Resources/subscriptions@2021-04-01" + action = "providers/${each.value.resource_provider}/register" + method = "POST" +} + +locals { + subnets = { + container_registry_private_endpoint = { + name = "subnet-container-registry-private-endpoint" + address_prefix = "10.0.0.0/29" + } + container_app = { + name = "subnet-container-app" + address_prefix = "10.0.1.0/27" + delegation = [ + { + name = "Microsoft.App/environments" + service_delegation = { + name = "Microsoft.App/environments" + } + } + ] + } + container_instance = { + name = "subnet-container-instance" + address_prefix = "10.0.2.0/28" + delegation = [ + { + name = "Microsoft.ContainerInstance/containerGroups" + service_delegation = { + name = "Microsoft.ContainerInstance/containerGroups" + } + } + ] + } + } + virtual_network_address_space = "10.0.0.0/16" +} + +resource "azurerm_resource_group" "this" { + location = local.selected_region + name = "rg-${random_string.name.result}" +} + +module "virtual_network" { + source = "Azure/avm-res-network-virtualnetwork/azurerm" + version = "0.7.1" + name = "vnet-${random_string.name.result}" + resource_group_name = azurerm_resource_group.this.name + location = local.selected_region + address_space = [local.virtual_network_address_space] + subnets = local.subnets +} + +resource "azurerm_private_dns_zone" "container_registry" { + name = "privatelink.azurecr.io" + resource_group_name = azurerm_resource_group.this.name +} + +resource "azurerm_private_dns_zone_virtual_network_link" "container_registry" { + name = "privatelink.azurecr.io" + private_dns_zone_name = azurerm_private_dns_zone.container_registry.name + resource_group_name = azurerm_resource_group.this.name + virtual_network_id = module.virtual_network.resource_id + tags = local.tags +} + +# This is the module call +module "azure_devops_agents" { + source = "../.." + postfix = random_string.name.result + location = local.selected_region + + compute_types = ["azure_container_app", "azure_container_instance"] + + version_control_system_type = "azuredevops" + version_control_system_personal_access_token = var.azure_devops_agents_personal_access_token + version_control_system_organization = local.azure_devops_organization_url + version_control_system_pool_name = azuredevops_agent_pool.this.name + + virtual_network_creation_enabled = false + virtual_network_id = module.virtual_network.resource_id + + resource_group_creation_enabled = false + resource_group_name = azurerm_resource_group.this.name + + container_app_subnet_id = module.virtual_network.subnets["container_app"].resource_id + container_instance_subnet_id = module.virtual_network.subnets["container_instance"].resource_id + + container_registry_private_dns_zone_creation_enabled = false + container_registry_dns_zone_id = azurerm_private_dns_zone.container_registry.id + container_registry_private_endpoint_subnet_id = module.virtual_network.subnets["container_registry_private_endpoint"].resource_id + + tags = local.tags + depends_on = [azuredevops_pipeline_authorization.this, azurerm_private_dns_zone_virtual_network_link.container_registry] +} + +output "container_app_environment_resource_id" { + value = module.azure_devops_agents.resource_id +} + +output "container_app_environment_name" { + value = module.azure_devops_agents.name +} + +output "container_app_job_resource_id" { + value = module.azure_devops_agents.job_resource_id +} + +output "container_app_job_name" { + value = module.azure_devops_agents.job_name +} + +# Region helpers +module "regions" { + source = "Azure/avm-utl-regions/azurerm" + version = "0.1.0" +} + +resource "random_integer" "region_index" { + max = length(local.regions) - 1 + min = 0 +} + +locals { + excluded_regions = [ + "westeurope" # Capacity issues + ] + included_regions = [ + "northcentralusstage", "westus2", "southeastasia", "canadacentral", "westeurope", "northeurope", "eastus", "eastus2", "eastasia", "australiaeast", "germanywestcentral", "japaneast", "uksouth", "westus", "centralus", "northcentralus", "southcentralus", "koreacentral", "brazilsouth", "westus3", "francecentral", "southafricanorth", "norwayeast", "switzerlandnorth", "uaenorth", "canadaeast", "westcentralus", "ukwest", "centralindia", "italynorth", "polandcentral", "southindia" + ] + regions = [for region in module.regions.regions : region.name if !contains(local.excluded_regions, region.name) && contains(local.included_regions, region.name)] + selected_region = local.regions[random_integer.region_index.result] +} diff --git a/examples/azure_devops_bring_your_own_vnet_and_dns_zone/pipeline.yml b/examples/azure_devops_bring_your_own_vnet_and_dns_zone/pipeline.yml new file mode 100644 index 0000000..78b11ff --- /dev/null +++ b/examples/azure_devops_bring_your_own_vnet_and_dns_zone/pipeline.yml @@ -0,0 +1,8 @@ +trigger: +- main + +pool: ${agent_pool_name} + +steps: +- script: echo Hello, world! + displayName: 'Run a one-line script' \ No newline at end of file diff --git a/examples/azure_devops_public_networking/README.md b/examples/azure_devops_public_networking/README.md index e048bb1..56ecefd 100644 --- a/examples/azure_devops_public_networking/README.md +++ b/examples/azure_devops_public_networking/README.md @@ -32,7 +32,7 @@ terraform { required_providers { azapi = { source = "azure/azapi" - version = "~> 1.14" + version = "~> 2.0" } azuredevops = { source = "microsoft/azuredevops" diff --git a/examples/azure_devops_public_networking/main.tf b/examples/azure_devops_public_networking/main.tf index a7e0538..9804f27 100644 --- a/examples/azure_devops_public_networking/main.tf +++ b/examples/azure_devops_public_networking/main.tf @@ -26,7 +26,7 @@ terraform { required_providers { azapi = { source = "azure/azapi" - version = "~> 1.14" + version = "~> 2.0" } azuredevops = { source = "microsoft/azuredevops" diff --git a/examples/github_basic/README.md b/examples/github_basic/README.md index 3d6ad2d..d087b61 100644 --- a/examples/github_basic/README.md +++ b/examples/github_basic/README.md @@ -32,7 +32,7 @@ terraform { required_providers { azapi = { source = "azure/azapi" - version = "~> 1.14" + version = "~> 2.0" } azurerm = { source = "hashicorp/azurerm" diff --git a/examples/github_basic/main.tf b/examples/github_basic/main.tf index 0070653..1510992 100644 --- a/examples/github_basic/main.tf +++ b/examples/github_basic/main.tf @@ -26,7 +26,7 @@ terraform { required_providers { azapi = { source = "azure/azapi" - version = "~> 1.14" + version = "~> 2.0" } azurerm = { source = "hashicorp/azurerm" diff --git a/examples/github_bring_your_own_vnet_and_dns_zone/README.md b/examples/github_bring_your_own_vnet_and_dns_zone/README.md new file mode 100644 index 0000000..a5b3b9a --- /dev/null +++ b/examples/github_bring_your_own_vnet_and_dns_zone/README.md @@ -0,0 +1,380 @@ + +# Azure DevOps example with private networking and bring your own virtual network + +This example deploys Azure DevOps Agents to Azure Container Apps and Azure Container Instance using private networking and bring your own virtual network. + +```hcl +variable "azure_devops_organization_name" { + type = string + description = "Azure DevOps Organisation Name" +} + +variable "azure_devops_personal_access_token" { + type = string + description = "The personal access token used for agent authentication to Azure DevOps." + sensitive = true +} + +variable "azure_devops_agents_personal_access_token" { + description = "Personal access token for Azure DevOps self-hosted agents (the token requires the 'Agent Pools - Read & Manage' scope and should have the maximum expiry)." + type = string + sensitive = true +} + +locals { + tags = { + scenario = "default" + } +} + +terraform { + required_version = ">= 1.9" + required_providers { + azapi = { + source = "azure/azapi" + version = "~> 2.0" + } + azuredevops = { + source = "microsoft/azuredevops" + version = "~> 1.1" + } + azurerm = { + source = "hashicorp/azurerm" + version = "~> 3.113" + } + random = { + source = "hashicorp/random" + version = "~> 3.5" + } + } +} + +provider "azurerm" { + features {} +} + +locals { + azure_devops_organization_url = "https://dev.azure.com/${var.azure_devops_organization_name}" +} + +provider "azuredevops" { + personal_access_token = var.azure_devops_personal_access_token + org_service_url = local.azure_devops_organization_url +} + +resource "random_string" "name" { + length = 6 + numeric = true + special = false + upper = false +} + +module "naming" { + source = "Azure/naming/azurerm" + version = ">= 0.3.0" +} + +resource "azuredevops_project" "this" { + name = random_string.name.result +} + +resource "azuredevops_agent_pool" "this" { + name = random_string.name.result + auto_provision = false + auto_update = true +} + +resource "azuredevops_agent_queue" "this" { + project_id = azuredevops_project.this.id + agent_pool_id = azuredevops_agent_pool.this.id +} + +locals { + default_branch = "refs/heads/main" + pipeline_file = "pipeline.yml" + repository_name = "example-repo" +} + +resource "azuredevops_git_repository" "this" { + project_id = azuredevops_project.this.id + name = local.repository_name + default_branch = local.default_branch + initialization { + init_type = "Clean" + } +} + +resource "azuredevops_git_repository_file" "this" { + repository_id = azuredevops_git_repository.this.id + file = local.pipeline_file + content = templatefile("${path.module}/${local.pipeline_file}", { + agent_pool_name = azuredevops_agent_pool.this.name + }) + branch = local.default_branch + commit_message = "[skip ci]" + overwrite_on_create = true +} + +resource "azuredevops_build_definition" "this" { + project_id = azuredevops_project.this.id + name = "Example Build Definition" + + ci_trigger { + use_yaml = true + } + + repository { + repo_type = "TfsGit" + repo_id = azuredevops_git_repository.this.id + branch_name = azuredevops_git_repository.this.default_branch + yml_path = local.pipeline_file + } +} + +resource "azuredevops_pipeline_authorization" "this" { + project_id = azuredevops_project.this.id + resource_id = azuredevops_agent_queue.this.id + type = "queue" + pipeline_id = azuredevops_build_definition.this.id +} + +locals { + resource_providers_to_register = { + dev_center = { + resource_provider = "Microsoft.App" + } + } +} + +data "azurerm_client_config" "this" {} + +resource "azapi_resource_action" "resource_provider_registration" { + for_each = local.resource_providers_to_register + + resource_id = "/subscriptions/${data.azurerm_client_config.this.subscription_id}" + type = "Microsoft.Resources/subscriptions@2021-04-01" + action = "providers/${each.value.resource_provider}/register" + method = "POST" +} + +locals { + subnets = { + container_registry_private_endpoint = { + name = "subnet-container-registry-private-endpoint" + address_prefix = "10.0.0.0/29" + } + container_app = { + name = "subnet-container-app" + address_prefix = "10.0.1.0/27" + delegation = [ + { + name = "Microsoft.App/environments" + service_delegation = { + name = "Microsoft.App/environments" + } + } + ] + } + container_instance = { + name = "subnet-container-instance" + address_prefix = "10.0.2.0/28" + delegation = [ + { + name = "Microsoft.ContainerInstance/containerGroups" + service_delegation = { + name = "Microsoft.ContainerInstance/containerGroups" + } + } + ] + } + } + virtual_network_address_space = "10.0.0.0/16" +} + +resource "azurerm_resource_group" "this" { + location = local.selected_region + name = "rg-${random_string.name.result}" +} + +module "virtual_network" { + source = "Azure/avm-res-network-virtualnetwork/azurerm" + version = "0.7.1" + name = "vnet-${random_string.name.result}" + resource_group_name = azurerm_resource_group.this.name + location = local.selected_region + address_space = [local.virtual_network_address_space] + subnets = local.subnets +} + +# This is the module call +module "azure_devops_agents" { + source = "../.." + postfix = random_string.name.result + location = local.selected_region + compute_types = ["azure_container_app", "azure_container_instance"] + version_control_system_type = "azuredevops" + version_control_system_personal_access_token = var.azure_devops_agents_personal_access_token + version_control_system_organization = local.azure_devops_organization_url + version_control_system_pool_name = azuredevops_agent_pool.this.name + virtual_network_id = module.virtual_network.resource_id + virtual_network_creation_enabled = false + resource_group_creation_enabled = false + resource_group_name = azurerm_resource_group.this.name + container_app_subnet_id = module.virtual_network.subnets["container_app"].resource_id + container_instance_subnet_id = module.virtual_network.subnets["container_instance"].resource_id + container_registry_private_endpoint_subnet_id = module.virtual_network.subnets["container_registry_private_endpoint"].resource_id + tags = local.tags + depends_on = [azuredevops_pipeline_authorization.this] +} + +output "container_app_environment_resource_id" { + value = module.azure_devops_agents.resource_id +} + +output "container_app_environment_name" { + value = module.azure_devops_agents.name +} + +output "container_app_job_resource_id" { + value = module.azure_devops_agents.job_resource_id +} + +output "container_app_job_name" { + value = module.azure_devops_agents.job_name +} + +# Region helpers +module "regions" { + source = "Azure/avm-utl-regions/azurerm" + version = "0.1.0" +} + +resource "random_integer" "region_index" { + max = length(local.regions) - 1 + min = 0 +} + +locals { + excluded_regions = [ + "westeurope" # Capacity issues + ] + included_regions = [ + "northcentralusstage", "westus2", "southeastasia", "canadacentral", "westeurope", "northeurope", "eastus", "eastus2", "eastasia", "australiaeast", "germanywestcentral", "japaneast", "uksouth", "westus", "centralus", "northcentralus", "southcentralus", "koreacentral", "brazilsouth", "westus3", "francecentral", "southafricanorth", "norwayeast", "switzerlandnorth", "uaenorth", "canadaeast", "westcentralus", "ukwest", "centralindia", "italynorth", "polandcentral", "southindia" + ] + regions = [for region in module.regions.regions : region.name if !contains(local.excluded_regions, region.name) && contains(local.included_regions, region.name)] + selected_region = local.regions[random_integer.region_index.result] +} +``` + + +## Requirements + +The following requirements are needed by this module: + +- [terraform](#requirement\_terraform) (>= 1.9) + +- [azapi](#requirement\_azapi) (~> 1.14) + +- [azuredevops](#requirement\_azuredevops) (~> 1.1) + +- [azurerm](#requirement\_azurerm) (~> 3.113) + +- [random](#requirement\_random) (~> 3.5) + +## Resources + +The following resources are used by this module: + +- [azapi_resource_action.resource_provider_registration](https://registry.terraform.io/providers/azure/azapi/latest/docs/resources/resource_action) (resource) +- [azuredevops_agent_pool.this](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/resources/agent_pool) (resource) +- [azuredevops_agent_queue.this](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/resources/agent_queue) (resource) +- [azuredevops_build_definition.this](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/resources/build_definition) (resource) +- [azuredevops_git_repository.this](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/resources/git_repository) (resource) +- [azuredevops_git_repository_file.this](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/resources/git_repository_file) (resource) +- [azuredevops_pipeline_authorization.this](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/resources/pipeline_authorization) (resource) +- [azuredevops_project.this](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/resources/project) (resource) +- [azurerm_resource_group.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) (resource) +- [random_integer.region_index](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/integer) (resource) +- [random_string.name](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/string) (resource) +- [azurerm_client_config.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/client_config) (data source) + + +## Required Inputs + +The following input variables are required: + +### [azure\_devops\_agents\_personal\_access\_token](#input\_azure\_devops\_agents\_personal\_access\_token) + +Description: Personal access token for Azure DevOps self-hosted agents (the token requires the 'Agent Pools - Read & Manage' scope and should have the maximum expiry). + +Type: `string` + +### [azure\_devops\_organization\_name](#input\_azure\_devops\_organization\_name) + +Description: Azure DevOps Organisation Name + +Type: `string` + +### [azure\_devops\_personal\_access\_token](#input\_azure\_devops\_personal\_access\_token) + +Description: The personal access token used for agent authentication to Azure DevOps. + +Type: `string` + +## Optional Inputs + +No optional inputs. + +## Outputs + +The following outputs are exported: + +### [container\_app\_environment\_name](#output\_container\_app\_environment\_name) + +Description: n/a + +### [container\_app\_environment\_resource\_id](#output\_container\_app\_environment\_resource\_id) + +Description: n/a + +### [container\_app\_job\_name](#output\_container\_app\_job\_name) + +Description: n/a + +### [container\_app\_job\_resource\_id](#output\_container\_app\_job\_resource\_id) + +Description: n/a + +## Modules + +The following Modules are called: + +### [azure\_devops\_agents](#module\_azure\_devops\_agents) + +Source: ../.. + +Version: + +### [naming](#module\_naming) + +Source: Azure/naming/azurerm + +Version: >= 0.3.0 + +### [regions](#module\_regions) + +Source: Azure/avm-utl-regions/azurerm + +Version: 0.1.0 + +### [virtual\_network](#module\_virtual\_network) + +Source: Azure/avm-res-network-virtualnetwork/azurerm + +Version: 0.4.2 + + +## Data Collection + +The software may collect information about you and your use of the software and send it to Microsoft. Microsoft may use this information to provide services and improve our products and services. You may turn off the telemetry as described in the repository. There are also some features in the software that may enable you and Microsoft to collect data from users of your applications. If you use these features, you must comply with applicable law, including providing appropriate notices to users of your applications together with a copy of Microsoft’s privacy statement. Our privacy statement is located at . You can learn more about data collection and use in the help documentation and our privacy statement. Your use of the software operates as your consent to these practices. + \ No newline at end of file diff --git a/examples/github_bring_your_own_vnet_and_dns_zone/_footer.md b/examples/github_bring_your_own_vnet_and_dns_zone/_footer.md new file mode 100644 index 0000000..bc56bcb --- /dev/null +++ b/examples/github_bring_your_own_vnet_and_dns_zone/_footer.md @@ -0,0 +1,4 @@ + +## Data Collection + +The software may collect information about you and your use of the software and send it to Microsoft. Microsoft may use this information to provide services and improve our products and services. You may turn off the telemetry as described in the repository. There are also some features in the software that may enable you and Microsoft to collect data from users of your applications. If you use these features, you must comply with applicable law, including providing appropriate notices to users of your applications together with a copy of Microsoft’s privacy statement. Our privacy statement is located at . You can learn more about data collection and use in the help documentation and our privacy statement. Your use of the software operates as your consent to these practices. diff --git a/examples/github_bring_your_own_vnet_and_dns_zone/_header.md b/examples/github_bring_your_own_vnet_and_dns_zone/_header.md new file mode 100644 index 0000000..1bad71b --- /dev/null +++ b/examples/github_bring_your_own_vnet_and_dns_zone/_header.md @@ -0,0 +1,3 @@ +# GitHub example with private networking and bring your own virtual network and DNS zone + +This example deploys GitHub Runners to Azure Container Apps and Azure Container Instance using private networking and bring your own virtual network and DNS zone. diff --git a/examples/github_bring_your_own_vnet_and_dns_zone/action.yml b/examples/github_bring_your_own_vnet_and_dns_zone/action.yml new file mode 100644 index 0000000..89ec034 --- /dev/null +++ b/examples/github_bring_your_own_vnet_and_dns_zone/action.yml @@ -0,0 +1,17 @@ +name: Example Action + +on: + push: + branches: [ "main" ] + pull_request: + branches: [ "main" ] + workflow_dispatch: + +jobs: + build: + runs-on: self-hosted + steps: + - uses: actions/checkout@v4 + + - name: Run a one-line script + run: echo Hello, world! diff --git a/examples/github_bring_your_own_vnet_and_dns_zone/main.tf b/examples/github_bring_your_own_vnet_and_dns_zone/main.tf new file mode 100644 index 0000000..5fb2a96 --- /dev/null +++ b/examples/github_bring_your_own_vnet_and_dns_zone/main.tf @@ -0,0 +1,244 @@ +variable "github_organization_name" { + type = string + description = "GitHub Organisation Name" +} + +variable "github_personal_access_token" { + type = string + description = "The personal access token used for authentication to GitHub." + sensitive = true +} + +variable "github_runners_personal_access_token" { + description = "Personal access token for GitHub self-hosted runners (the token requires the 'repo' scope and should not expire)." + type = string + sensitive = true +} + +locals { + tags = { + scenario = "default" + } +} + +terraform { + required_version = ">= 1.9" + required_providers { + azapi = { + source = "azure/azapi" + version = "~> 2.0" + } + azurerm = { + source = "hashicorp/azurerm" + version = "~> 3.113" + } + github = { + source = "integrations/github" + version = "~> 5.36" + } + random = { + source = "hashicorp/random" + version = "~> 3.5" + } + } +} + +provider "azurerm" { + features {} +} + +provider "github" { + token = var.github_personal_access_token + owner = var.github_organization_name +} + +resource "random_string" "name" { + length = 6 + numeric = true + special = false + upper = false +} + +module "naming" { + source = "Azure/naming/azurerm" + version = ">= 0.3.0" +} +data "github_organization" "alz" { + name = var.github_organization_name +} + +locals { + action_file = "action.yml" + default_commit_email = "demo@microsoft.com" + free_plan = "free" +} + +resource "github_repository" "this" { + name = random_string.name.result + description = random_string.name.result + auto_init = true + visibility = data.github_organization.alz.plan == local.free_plan ? "public" : "private" + allow_update_branch = true + allow_merge_commit = false + allow_rebase_merge = false + vulnerability_alerts = true +} + +resource "github_repository_file" "this" { + repository = github_repository.this.name + file = ".github/workflows/${local.action_file}" + content = file("${path.module}/${local.action_file}") + commit_author = local.default_commit_email + commit_email = local.default_commit_email + commit_message = "Add ${local.action_file} [skip ci]" + overwrite_on_create = true +} + +locals { + resource_providers_to_register = { + dev_center = { + resource_provider = "Microsoft.App" + } + } +} + +data "azurerm_client_config" "this" {} + +resource "azapi_resource_action" "resource_provider_registration" { + for_each = local.resource_providers_to_register + + resource_id = "/subscriptions/${data.azurerm_client_config.this.subscription_id}" + type = "Microsoft.Resources/subscriptions@2021-04-01" + action = "providers/${each.value.resource_provider}/register" + method = "POST" +} + +locals { + subnets = { + container_registry_private_endpoint = { + name = "subnet-container-registry-private-endpoint" + address_prefix = "10.0.0.0/29" + } + container_app = { + name = "subnet-container-app" + address_prefix = "10.0.1.0/27" + delegation = [ + { + name = "Microsoft.App/environments" + service_delegation = { + name = "Microsoft.App/environments" + } + } + ] + } + container_instance = { + name = "subnet-container-instance" + address_prefix = "10.0.2.0/28" + delegation = [ + { + name = "Microsoft.ContainerInstance/containerGroups" + service_delegation = { + name = "Microsoft.ContainerInstance/containerGroups" + } + } + ] + } + } + virtual_network_address_space = "10.0.0.0/16" +} + +resource "azurerm_resource_group" "this" { + location = local.selected_region + name = "rg-${random_string.name.result}" +} + +module "virtual_network" { + source = "Azure/avm-res-network-virtualnetwork/azurerm" + version = "0.7.1" + name = "vnet-${random_string.name.result}" + resource_group_name = azurerm_resource_group.this.name + location = local.selected_region + address_space = [local.virtual_network_address_space] + subnets = local.subnets +} + +resource "azurerm_private_dns_zone" "container_registry" { + name = "privatelink.azurecr.io" + resource_group_name = azurerm_resource_group.this.name +} + +resource "azurerm_private_dns_zone_virtual_network_link" "container_registry" { + name = "privatelink.azurecr.io" + private_dns_zone_name = azurerm_private_dns_zone.container_registry.name + resource_group_name = azurerm_resource_group.this.name + virtual_network_id = module.virtual_network.resource_id + tags = local.tags +} + +# This is the module call +module "azure_devops_agents" { + source = "../.." + postfix = random_string.name.result + location = local.selected_region + + compute_types = ["azure_container_app", "azure_container_instance"] + + version_control_system_type = "github" + version_control_system_personal_access_token = var.github_runners_personal_access_token + version_control_system_organization = var.github_organization_name + version_control_system_repository = github_repository.this.name + + virtual_network_creation_enabled = false + virtual_network_id = module.virtual_network.resource_id + + resource_group_creation_enabled = false + resource_group_name = azurerm_resource_group.this.name + + container_app_subnet_id = module.virtual_network.subnets["container_app"].resource_id + container_instance_subnet_id = module.virtual_network.subnets["container_instance"].resource_id + + container_registry_private_dns_zone_creation_enabled = false + container_registry_dns_zone_id = azurerm_private_dns_zone.container_registry.id + container_registry_private_endpoint_subnet_id = module.virtual_network.subnets["container_registry_private_endpoint"].resource_id + + tags = local.tags + depends_on = [azurerm_private_dns_zone_virtual_network_link.container_registry] +} + +output "container_app_environment_resource_id" { + value = module.azure_devops_agents.resource_id +} + +output "container_app_environment_name" { + value = module.azure_devops_agents.name +} + +output "container_app_job_resource_id" { + value = module.azure_devops_agents.job_resource_id +} + +output "container_app_job_name" { + value = module.azure_devops_agents.job_name +} + +# Region helpers +module "regions" { + source = "Azure/avm-utl-regions/azurerm" + version = "0.1.0" +} + +resource "random_integer" "region_index" { + max = length(local.regions) - 1 + min = 0 +} + +locals { + excluded_regions = [ + "westeurope" # Capacity issues + ] + included_regions = [ + "northcentralusstage", "westus2", "southeastasia", "canadacentral", "westeurope", "northeurope", "eastus", "eastus2", "eastasia", "australiaeast", "germanywestcentral", "japaneast", "uksouth", "westus", "centralus", "northcentralus", "southcentralus", "koreacentral", "brazilsouth", "westus3", "francecentral", "southafricanorth", "norwayeast", "switzerlandnorth", "uaenorth", "canadaeast", "westcentralus", "ukwest", "centralindia", "italynorth", "polandcentral", "southindia" + ] + regions = [for region in module.regions.regions : region.name if !contains(local.excluded_regions, region.name) && contains(local.included_regions, region.name)] + selected_region = "canadacentral" +} diff --git a/examples/github_public_networking/README.md b/examples/github_public_networking/README.md index 869d625..d5b8f89 100644 --- a/examples/github_public_networking/README.md +++ b/examples/github_public_networking/README.md @@ -32,7 +32,7 @@ terraform { required_providers { azapi = { source = "azure/azapi" - version = "~> 1.14" + version = "~> 2.0" } azurerm = { source = "hashicorp/azurerm" diff --git a/examples/github_public_networking/main.tf b/examples/github_public_networking/main.tf index 48be998..51dc6aa 100644 --- a/examples/github_public_networking/main.tf +++ b/examples/github_public_networking/main.tf @@ -26,7 +26,7 @@ terraform { required_providers { azapi = { source = "azure/azapi" - version = "~> 1.14" + version = "~> 2.0" } azurerm = { source = "hashicorp/azurerm" diff --git a/examples/multi_region/README.md b/examples/multi_region/README.md index 392bba4..2b1fba5 100644 --- a/examples/multi_region/README.md +++ b/examples/multi_region/README.md @@ -34,7 +34,7 @@ terraform { required_providers { azapi = { source = "azure/azapi" - version = "~> 1.14" + version = "~> 2.0" } azuredevops = { source = "microsoft/azuredevops" diff --git a/examples/multi_region/main.tf b/examples/multi_region/main.tf index f1839db..3cf5f7f 100644 --- a/examples/multi_region/main.tf +++ b/examples/multi_region/main.tf @@ -26,7 +26,7 @@ terraform { required_providers { azapi = { source = "azure/azapi" - version = "~> 1.14" + version = "~> 2.0" } azuredevops = { source = "microsoft/azuredevops" diff --git a/modules/container-app-job/terraform.tf b/modules/container-app-job/terraform.tf index a9e5a30..04e0d38 100644 --- a/modules/container-app-job/terraform.tf +++ b/modules/container-app-job/terraform.tf @@ -3,7 +3,7 @@ terraform { required_providers { azapi = { source = "azure/azapi" - version = "~> 1.14" + version = "~> 2.0" } } } From ba10af71d0672cedd763caf75893053637b73963 Mon Sep 17 00:00:00 2001 From: Jared Holgate Date: Wed, 11 Dec 2024 13:33:00 +0000 Subject: [PATCH 2/3] Fix azapi versions --- examples/azure_devops_basic/README.md | 2 +- examples/azure_devops_basic/main.tf | 2 +- examples/azure_devops_bring_your_own_vnet/README.md | 2 +- examples/azure_devops_bring_your_own_vnet/main.tf | 2 +- .../azure_devops_bring_your_own_vnet_and_dns_zone/README.md | 2 +- examples/azure_devops_bring_your_own_vnet_and_dns_zone/main.tf | 2 +- examples/azure_devops_container_instance/README.md | 2 +- examples/azure_devops_container_instance/main.tf | 2 +- examples/azure_devops_public_networking/README.md | 2 +- examples/azure_devops_public_networking/main.tf | 2 +- examples/github_basic/README.md | 2 +- examples/github_basic/main.tf | 2 +- examples/github_bring_your_own_vnet_and_dns_zone/README.md | 2 +- examples/github_bring_your_own_vnet_and_dns_zone/main.tf | 2 +- examples/github_container_instance/README.md | 2 +- examples/github_container_instance/main.tf | 2 +- examples/github_public_networking/README.md | 2 +- examples/github_public_networking/main.tf | 2 +- examples/multi_region/README.md | 2 +- examples/multi_region/main.tf | 2 +- main.virtual.network.tf | 2 +- 21 files changed, 21 insertions(+), 21 deletions(-) diff --git a/examples/azure_devops_basic/README.md b/examples/azure_devops_basic/README.md index 77b9a23..8d0da1c 100644 --- a/examples/azure_devops_basic/README.md +++ b/examples/azure_devops_basic/README.md @@ -190,7 +190,7 @@ output "container_app_job_name" { # Region helpers module "regions" { source = "Azure/avm-utl-regions/azurerm" - version = "0.1.0" + version = "0.3.0" } resource "random_integer" "region_index" { diff --git a/examples/azure_devops_basic/main.tf b/examples/azure_devops_basic/main.tf index 2d9803d..10a03fa 100644 --- a/examples/azure_devops_basic/main.tf +++ b/examples/azure_devops_basic/main.tf @@ -184,7 +184,7 @@ output "container_app_job_name" { # Region helpers module "regions" { source = "Azure/avm-utl-regions/azurerm" - version = "0.1.0" + version = "0.3.0" } resource "random_integer" "region_index" { diff --git a/examples/azure_devops_bring_your_own_vnet/README.md b/examples/azure_devops_bring_your_own_vnet/README.md index a5b3b9a..496a4e9 100644 --- a/examples/azure_devops_bring_your_own_vnet/README.md +++ b/examples/azure_devops_bring_your_own_vnet/README.md @@ -246,7 +246,7 @@ output "container_app_job_name" { # Region helpers module "regions" { source = "Azure/avm-utl-regions/azurerm" - version = "0.1.0" + version = "0.3.0" } resource "random_integer" "region_index" { diff --git a/examples/azure_devops_bring_your_own_vnet/main.tf b/examples/azure_devops_bring_your_own_vnet/main.tf index c44c15b..6f9fa86 100644 --- a/examples/azure_devops_bring_your_own_vnet/main.tf +++ b/examples/azure_devops_bring_your_own_vnet/main.tf @@ -240,7 +240,7 @@ output "container_app_job_name" { # Region helpers module "regions" { source = "Azure/avm-utl-regions/azurerm" - version = "0.1.0" + version = "0.3.0" } resource "random_integer" "region_index" { diff --git a/examples/azure_devops_bring_your_own_vnet_and_dns_zone/README.md b/examples/azure_devops_bring_your_own_vnet_and_dns_zone/README.md index a5b3b9a..496a4e9 100644 --- a/examples/azure_devops_bring_your_own_vnet_and_dns_zone/README.md +++ b/examples/azure_devops_bring_your_own_vnet_and_dns_zone/README.md @@ -246,7 +246,7 @@ output "container_app_job_name" { # Region helpers module "regions" { source = "Azure/avm-utl-regions/azurerm" - version = "0.1.0" + version = "0.3.0" } resource "random_integer" "region_index" { diff --git a/examples/azure_devops_bring_your_own_vnet_and_dns_zone/main.tf b/examples/azure_devops_bring_your_own_vnet_and_dns_zone/main.tf index 747495b..abc31d5 100644 --- a/examples/azure_devops_bring_your_own_vnet_and_dns_zone/main.tf +++ b/examples/azure_devops_bring_your_own_vnet_and_dns_zone/main.tf @@ -262,7 +262,7 @@ output "container_app_job_name" { # Region helpers module "regions" { source = "Azure/avm-utl-regions/azurerm" - version = "0.1.0" + version = "0.3.0" } resource "random_integer" "region_index" { diff --git a/examples/azure_devops_container_instance/README.md b/examples/azure_devops_container_instance/README.md index ee12cc6..a17aac1 100644 --- a/examples/azure_devops_container_instance/README.md +++ b/examples/azure_devops_container_instance/README.md @@ -160,7 +160,7 @@ output "container_instance_names" { # Region helpers module "regions" { source = "Azure/avm-utl-regions/azurerm" - version = "0.1.0" + version = "0.3.0" } resource "random_integer" "region_index" { diff --git a/examples/azure_devops_container_instance/main.tf b/examples/azure_devops_container_instance/main.tf index 538b9ba..1b4a0a9 100644 --- a/examples/azure_devops_container_instance/main.tf +++ b/examples/azure_devops_container_instance/main.tf @@ -154,7 +154,7 @@ output "container_instance_names" { # Region helpers module "regions" { source = "Azure/avm-utl-regions/azurerm" - version = "0.1.0" + version = "0.3.0" } resource "random_integer" "region_index" { diff --git a/examples/azure_devops_public_networking/README.md b/examples/azure_devops_public_networking/README.md index 56ecefd..7732975 100644 --- a/examples/azure_devops_public_networking/README.md +++ b/examples/azure_devops_public_networking/README.md @@ -190,7 +190,7 @@ output "container_app_job_name" { # Region helpers module "regions" { source = "Azure/avm-utl-regions/azurerm" - version = "0.1.0" + version = "0.3.0" } resource "random_integer" "region_index" { diff --git a/examples/azure_devops_public_networking/main.tf b/examples/azure_devops_public_networking/main.tf index 9804f27..c394518 100644 --- a/examples/azure_devops_public_networking/main.tf +++ b/examples/azure_devops_public_networking/main.tf @@ -184,7 +184,7 @@ output "container_app_job_name" { # Region helpers module "regions" { source = "Azure/avm-utl-regions/azurerm" - version = "0.1.0" + version = "0.3.0" } resource "random_integer" "region_index" { diff --git a/examples/github_basic/README.md b/examples/github_basic/README.md index d087b61..767190b 100644 --- a/examples/github_basic/README.md +++ b/examples/github_basic/README.md @@ -137,7 +137,7 @@ module "github_runners" { # Region helpers module "regions" { source = "Azure/avm-utl-regions/azurerm" - version = "0.1.0" + version = "0.3.0" } resource "random_integer" "region_index" { diff --git a/examples/github_basic/main.tf b/examples/github_basic/main.tf index 1510992..b6b5c85 100644 --- a/examples/github_basic/main.tf +++ b/examples/github_basic/main.tf @@ -131,7 +131,7 @@ module "github_runners" { # Region helpers module "regions" { source = "Azure/avm-utl-regions/azurerm" - version = "0.1.0" + version = "0.3.0" } resource "random_integer" "region_index" { diff --git a/examples/github_bring_your_own_vnet_and_dns_zone/README.md b/examples/github_bring_your_own_vnet_and_dns_zone/README.md index a5b3b9a..496a4e9 100644 --- a/examples/github_bring_your_own_vnet_and_dns_zone/README.md +++ b/examples/github_bring_your_own_vnet_and_dns_zone/README.md @@ -246,7 +246,7 @@ output "container_app_job_name" { # Region helpers module "regions" { source = "Azure/avm-utl-regions/azurerm" - version = "0.1.0" + version = "0.3.0" } resource "random_integer" "region_index" { diff --git a/examples/github_bring_your_own_vnet_and_dns_zone/main.tf b/examples/github_bring_your_own_vnet_and_dns_zone/main.tf index 5fb2a96..77d7859 100644 --- a/examples/github_bring_your_own_vnet_and_dns_zone/main.tf +++ b/examples/github_bring_your_own_vnet_and_dns_zone/main.tf @@ -224,7 +224,7 @@ output "container_app_job_name" { # Region helpers module "regions" { source = "Azure/avm-utl-regions/azurerm" - version = "0.1.0" + version = "0.3.0" } resource "random_integer" "region_index" { diff --git a/examples/github_container_instance/README.md b/examples/github_container_instance/README.md index 2149682..dff8879 100644 --- a/examples/github_container_instance/README.md +++ b/examples/github_container_instance/README.md @@ -115,7 +115,7 @@ module "github_runners" { # Region helpers module "regions" { source = "Azure/avm-utl-regions/azurerm" - version = "0.1.0" + version = "0.3.0" } resource "random_integer" "region_index" { diff --git a/examples/github_container_instance/main.tf b/examples/github_container_instance/main.tf index 4bf08cc..8365706 100644 --- a/examples/github_container_instance/main.tf +++ b/examples/github_container_instance/main.tf @@ -109,7 +109,7 @@ module "github_runners" { # Region helpers module "regions" { source = "Azure/avm-utl-regions/azurerm" - version = "0.1.0" + version = "0.3.0" } resource "random_integer" "region_index" { diff --git a/examples/github_public_networking/README.md b/examples/github_public_networking/README.md index d5b8f89..7ebf543 100644 --- a/examples/github_public_networking/README.md +++ b/examples/github_public_networking/README.md @@ -137,7 +137,7 @@ module "github_runners" { # Region helpers module "regions" { source = "Azure/avm-utl-regions/azurerm" - version = "0.1.0" + version = "0.3.0" } resource "random_integer" "region_index" { diff --git a/examples/github_public_networking/main.tf b/examples/github_public_networking/main.tf index 51dc6aa..408f55a 100644 --- a/examples/github_public_networking/main.tf +++ b/examples/github_public_networking/main.tf @@ -131,7 +131,7 @@ module "github_runners" { # Region helpers module "regions" { source = "Azure/avm-utl-regions/azurerm" - version = "0.1.0" + version = "0.3.0" } resource "random_integer" "region_index" { diff --git a/examples/multi_region/README.md b/examples/multi_region/README.md index 2b1fba5..1dbde55 100644 --- a/examples/multi_region/README.md +++ b/examples/multi_region/README.md @@ -236,7 +236,7 @@ output "container_app_job_secondary_name" { # Region helpers module "regions" { source = "Azure/avm-utl-regions/azurerm" - version = "0.1.0" + version = "0.3.0" } resource "random_integer" "region_index_primary" { diff --git a/examples/multi_region/main.tf b/examples/multi_region/main.tf index 3cf5f7f..0d1f3ac 100644 --- a/examples/multi_region/main.tf +++ b/examples/multi_region/main.tf @@ -228,7 +228,7 @@ output "container_app_job_secondary_name" { # Region helpers module "regions" { source = "Azure/avm-utl-regions/azurerm" - version = "0.1.0" + version = "0.3.0" } resource "random_integer" "region_index_primary" { diff --git a/main.virtual.network.tf b/main.virtual.network.tf index 6d8d478..6a4c333 100644 --- a/main.virtual.network.tf +++ b/main.virtual.network.tf @@ -1,7 +1,7 @@ module "virtual_network" { count = var.use_private_networking && var.virtual_network_creation_enabled ? 1 : 0 source = "Azure/avm-res-network-virtualnetwork/azurerm" - version = "0.4.0" + version = "0.7.1" name = local.virtual_network_name resource_group_name = local.resource_group_name location = var.location From 6f8bba89a3bb86b10cc65dd3e3d5a99467d8aef1 Mon Sep 17 00:00:00 2001 From: Jared Holgate Date: Wed, 11 Dec 2024 14:38:18 +0000 Subject: [PATCH 3/3] azapi v2 fixes, grept and pre-commit --- .github/workflows/e2e.yml | 2 +- .github/workflows/linting.yml | 6 +- .github/workflows/version-check.yml | 2 +- README.md | 2 +- examples/azure_devops_basic/README.md | 4 +- .../README.md | 6 +- .../README.md | 68 ++++-- .../main.tf | 38 ++-- .../azure_devops_container_instance/README.md | 2 +- .../azure_devops_public_networking/README.md | 4 +- examples/github_basic/README.md | 4 +- .../README.md | 202 ++++++++---------- .../main.tf | 30 +-- examples/github_container_instance/README.md | 2 +- examples/github_public_networking/README.md | 4 +- examples/multi_region/README.md | 4 +- modules/container-app-job/README.md | 12 +- modules/container-app-job/main.tf | 8 +- 18 files changed, 203 insertions(+), 197 deletions(-) diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml index 7724649..920ab58 100644 --- a/.github/workflows/e2e.yml +++ b/.github/workflows/e2e.yml @@ -19,7 +19,7 @@ } run-e2e-tests: - if: github.event.repository.name != 'terraform-azurerm-avm-template' && github.event.pull_request.head.repo.fork == false + if: github.event.pull_request.head.repo.fork == false uses: Azure/terraform-azurerm-avm-template/.github/workflows/test-examples-template.yml@main name: end to end secrets: inherit diff --git a/.github/workflows/linting.yml b/.github/workflows/linting.yml index 254164d..864db46 100644 --- a/.github/workflows/linting.yml +++ b/.github/workflows/linting.yml @@ -21,7 +21,7 @@ jobs: runs-on: ubuntu-latest steps: - name: checkout repository - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 #v4.2.2 - name: check docs uses: Azure/terraform-azurerm-avm-template/.github/actions/docs-check@main @@ -32,7 +32,7 @@ jobs: runs-on: ubuntu-latest steps: - name: checkout repository - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 #v4.2.2 - name: lint terraform uses: Azure/terraform-azurerm-avm-template/.github/actions/linting@main @@ -45,7 +45,7 @@ jobs: runs-on: ubuntu-latest steps: - name: checkout repository - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 #v4.2.2 - name: avmfix uses: Azure/terraform-azurerm-avm-template/.github/actions/avmfix@main diff --git a/.github/workflows/version-check.yml b/.github/workflows/version-check.yml index c117502..8719641 100644 --- a/.github/workflows/version-check.yml +++ b/.github/workflows/version-check.yml @@ -16,7 +16,7 @@ jobs: if: github.event.repository.name != 'terraform-azurerm-avm-template' runs-on: ubuntu-latest steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 #v4.2.2 - name: Check version uses: Azure/terraform-azurerm-avm-template/.github/actions/version-check@main with: diff --git a/README.md b/README.md index 8d52edd..e59ddf8 100644 --- a/README.md +++ b/README.md @@ -1026,7 +1026,7 @@ Version: 0.3.1 Source: Azure/avm-res-network-virtualnetwork/azurerm -Version: 0.4.0 +Version: 0.7.1 ## Data Collection diff --git a/examples/azure_devops_basic/README.md b/examples/azure_devops_basic/README.md index 8d0da1c..62dc2eb 100644 --- a/examples/azure_devops_basic/README.md +++ b/examples/azure_devops_basic/README.md @@ -217,7 +217,7 @@ The following requirements are needed by this module: - [terraform](#requirement\_terraform) (>= 1.9) -- [azapi](#requirement\_azapi) (~> 1.14) +- [azapi](#requirement\_azapi) (~> 2.0) - [azuredevops](#requirement\_azuredevops) (~> 1.1) @@ -308,7 +308,7 @@ Version: >= 0.3.0 Source: Azure/avm-utl-regions/azurerm -Version: 0.1.0 +Version: 0.3.0 ## Data Collection diff --git a/examples/azure_devops_bring_your_own_vnet/README.md b/examples/azure_devops_bring_your_own_vnet/README.md index 496a4e9..290fde7 100644 --- a/examples/azure_devops_bring_your_own_vnet/README.md +++ b/examples/azure_devops_bring_your_own_vnet/README.md @@ -273,7 +273,7 @@ The following requirements are needed by this module: - [terraform](#requirement\_terraform) (>= 1.9) -- [azapi](#requirement\_azapi) (~> 1.14) +- [azapi](#requirement\_azapi) (~> 2.0) - [azuredevops](#requirement\_azuredevops) (~> 1.1) @@ -365,13 +365,13 @@ Version: >= 0.3.0 Source: Azure/avm-utl-regions/azurerm -Version: 0.1.0 +Version: 0.3.0 ### [virtual\_network](#module\_virtual\_network) Source: Azure/avm-res-network-virtualnetwork/azurerm -Version: 0.4.2 +Version: 0.7.1 ## Data Collection diff --git a/examples/azure_devops_bring_your_own_vnet_and_dns_zone/README.md b/examples/azure_devops_bring_your_own_vnet_and_dns_zone/README.md index 496a4e9..36ec839 100644 --- a/examples/azure_devops_bring_your_own_vnet_and_dns_zone/README.md +++ b/examples/azure_devops_bring_your_own_vnet_and_dns_zone/README.md @@ -1,7 +1,7 @@ -# Azure DevOps example with private networking and bring your own virtual network +# Azure DevOps example with private networking and bring your own virtual network and DNS zone -This example deploys Azure DevOps Agents to Azure Container Apps and Azure Container Instance using private networking and bring your own virtual network. +This example deploys Azure DevOps Agents to Azure Container Apps and Azure Container Instance using private networking and bring your own virtual network and DNS zone. ```hcl variable "azure_devops_organization_name" { @@ -206,25 +206,47 @@ module "virtual_network" { subnets = local.subnets } +resource "azurerm_private_dns_zone" "container_registry" { + name = "privatelink.azurecr.io" + resource_group_name = azurerm_resource_group.this.name +} + +resource "azurerm_private_dns_zone_virtual_network_link" "container_registry" { + name = "privatelink.azurecr.io" + private_dns_zone_name = azurerm_private_dns_zone.container_registry.name + resource_group_name = azurerm_resource_group.this.name + virtual_network_id = module.virtual_network.resource_id + tags = local.tags +} + # This is the module call module "azure_devops_agents" { - source = "../.." - postfix = random_string.name.result - location = local.selected_region - compute_types = ["azure_container_app", "azure_container_instance"] - version_control_system_type = "azuredevops" - version_control_system_personal_access_token = var.azure_devops_agents_personal_access_token - version_control_system_organization = local.azure_devops_organization_url - version_control_system_pool_name = azuredevops_agent_pool.this.name - virtual_network_id = module.virtual_network.resource_id - virtual_network_creation_enabled = false - resource_group_creation_enabled = false - resource_group_name = azurerm_resource_group.this.name - container_app_subnet_id = module.virtual_network.subnets["container_app"].resource_id - container_instance_subnet_id = module.virtual_network.subnets["container_instance"].resource_id - container_registry_private_endpoint_subnet_id = module.virtual_network.subnets["container_registry_private_endpoint"].resource_id - tags = local.tags - depends_on = [azuredevops_pipeline_authorization.this] + source = "../.." + postfix = random_string.name.result + location = local.selected_region + + compute_types = ["azure_container_app", "azure_container_instance"] + + version_control_system_type = "azuredevops" + version_control_system_personal_access_token = var.azure_devops_agents_personal_access_token + version_control_system_organization = local.azure_devops_organization_url + version_control_system_pool_name = azuredevops_agent_pool.this.name + + virtual_network_creation_enabled = false + virtual_network_id = module.virtual_network.resource_id + + resource_group_creation_enabled = false + resource_group_name = azurerm_resource_group.this.name + + container_app_subnet_id = module.virtual_network.subnets["container_app"].resource_id + container_instance_subnet_id = module.virtual_network.subnets["container_instance"].resource_id + + container_registry_private_dns_zone_creation_enabled = false + container_registry_dns_zone_id = azurerm_private_dns_zone.container_registry.id + container_registry_private_endpoint_subnet_id = module.virtual_network.subnets["container_registry_private_endpoint"].resource_id + + tags = local.tags + depends_on = [azuredevops_pipeline_authorization.this, azurerm_private_dns_zone_virtual_network_link.container_registry] } output "container_app_environment_resource_id" { @@ -273,7 +295,7 @@ The following requirements are needed by this module: - [terraform](#requirement\_terraform) (>= 1.9) -- [azapi](#requirement\_azapi) (~> 1.14) +- [azapi](#requirement\_azapi) (~> 2.0) - [azuredevops](#requirement\_azuredevops) (~> 1.1) @@ -293,6 +315,8 @@ The following resources are used by this module: - [azuredevops_git_repository_file.this](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/resources/git_repository_file) (resource) - [azuredevops_pipeline_authorization.this](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/resources/pipeline_authorization) (resource) - [azuredevops_project.this](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/resources/project) (resource) +- [azurerm_private_dns_zone.container_registry](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_zone) (resource) +- [azurerm_private_dns_zone_virtual_network_link.container_registry](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_zone_virtual_network_link) (resource) - [azurerm_resource_group.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) (resource) - [random_integer.region_index](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/integer) (resource) - [random_string.name](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/string) (resource) @@ -365,13 +389,13 @@ Version: >= 0.3.0 Source: Azure/avm-utl-regions/azurerm -Version: 0.1.0 +Version: 0.3.0 ### [virtual\_network](#module\_virtual\_network) Source: Azure/avm-res-network-virtualnetwork/azurerm -Version: 0.4.2 +Version: 0.7.1 ## Data Collection diff --git a/examples/azure_devops_bring_your_own_vnet_and_dns_zone/main.tf b/examples/azure_devops_bring_your_own_vnet_and_dns_zone/main.tf index abc31d5..349ee50 100644 --- a/examples/azure_devops_bring_your_own_vnet_and_dns_zone/main.tf +++ b/examples/azure_devops_bring_your_own_vnet_and_dns_zone/main.tf @@ -215,32 +215,32 @@ resource "azurerm_private_dns_zone_virtual_network_link" "container_registry" { # This is the module call module "azure_devops_agents" { - source = "../.." - postfix = random_string.name.result - location = local.selected_region + source = "../.." + postfix = random_string.name.result + location = local.selected_region + + compute_types = ["azure_container_app", "azure_container_instance"] - compute_types = ["azure_container_app", "azure_container_instance"] + version_control_system_type = "azuredevops" + version_control_system_personal_access_token = var.azure_devops_agents_personal_access_token + version_control_system_organization = local.azure_devops_organization_url + version_control_system_pool_name = azuredevops_agent_pool.this.name - version_control_system_type = "azuredevops" - version_control_system_personal_access_token = var.azure_devops_agents_personal_access_token - version_control_system_organization = local.azure_devops_organization_url - version_control_system_pool_name = azuredevops_agent_pool.this.name + virtual_network_creation_enabled = false + virtual_network_id = module.virtual_network.resource_id - virtual_network_creation_enabled = false - virtual_network_id = module.virtual_network.resource_id - - resource_group_creation_enabled = false - resource_group_name = azurerm_resource_group.this.name + resource_group_creation_enabled = false + resource_group_name = azurerm_resource_group.this.name - container_app_subnet_id = module.virtual_network.subnets["container_app"].resource_id - container_instance_subnet_id = module.virtual_network.subnets["container_instance"].resource_id + container_app_subnet_id = module.virtual_network.subnets["container_app"].resource_id + container_instance_subnet_id = module.virtual_network.subnets["container_instance"].resource_id container_registry_private_dns_zone_creation_enabled = false - container_registry_dns_zone_id = azurerm_private_dns_zone.container_registry.id - container_registry_private_endpoint_subnet_id = module.virtual_network.subnets["container_registry_private_endpoint"].resource_id + container_registry_dns_zone_id = azurerm_private_dns_zone.container_registry.id + container_registry_private_endpoint_subnet_id = module.virtual_network.subnets["container_registry_private_endpoint"].resource_id - tags = local.tags - depends_on = [azuredevops_pipeline_authorization.this, azurerm_private_dns_zone_virtual_network_link.container_registry] + tags = local.tags + depends_on = [azuredevops_pipeline_authorization.this, azurerm_private_dns_zone_virtual_network_link.container_registry] } output "container_app_environment_resource_id" { diff --git a/examples/azure_devops_container_instance/README.md b/examples/azure_devops_container_instance/README.md index a17aac1..273a65a 100644 --- a/examples/azure_devops_container_instance/README.md +++ b/examples/azure_devops_container_instance/README.md @@ -266,7 +266,7 @@ Version: >= 0.3.0 Source: Azure/avm-utl-regions/azurerm -Version: 0.1.0 +Version: 0.3.0 ## Data Collection diff --git a/examples/azure_devops_public_networking/README.md b/examples/azure_devops_public_networking/README.md index 7732975..0838606 100644 --- a/examples/azure_devops_public_networking/README.md +++ b/examples/azure_devops_public_networking/README.md @@ -217,7 +217,7 @@ The following requirements are needed by this module: - [terraform](#requirement\_terraform) (>= 1.9) -- [azapi](#requirement\_azapi) (~> 1.14) +- [azapi](#requirement\_azapi) (~> 2.0) - [azuredevops](#requirement\_azuredevops) (~> 1.1) @@ -308,7 +308,7 @@ Version: >= 0.3.0 Source: Azure/avm-utl-regions/azurerm -Version: 0.1.0 +Version: 0.3.0 ## Data Collection diff --git a/examples/github_basic/README.md b/examples/github_basic/README.md index 767190b..30f5423 100644 --- a/examples/github_basic/README.md +++ b/examples/github_basic/README.md @@ -164,7 +164,7 @@ The following requirements are needed by this module: - [terraform](#requirement\_terraform) (>= 1.9) -- [azapi](#requirement\_azapi) (~> 1.14) +- [azapi](#requirement\_azapi) (~> 2.0) - [azurerm](#requirement\_azurerm) (~> 3.113) @@ -235,7 +235,7 @@ Version: >= 0.3.0 Source: Azure/avm-utl-regions/azurerm -Version: 0.1.0 +Version: 0.3.0 ## Data Collection diff --git a/examples/github_bring_your_own_vnet_and_dns_zone/README.md b/examples/github_bring_your_own_vnet_and_dns_zone/README.md index 496a4e9..2f423ff 100644 --- a/examples/github_bring_your_own_vnet_and_dns_zone/README.md +++ b/examples/github_bring_your_own_vnet_and_dns_zone/README.md @@ -1,22 +1,22 @@ -# Azure DevOps example with private networking and bring your own virtual network +# GitHub example with private networking and bring your own virtual network and DNS zone -This example deploys Azure DevOps Agents to Azure Container Apps and Azure Container Instance using private networking and bring your own virtual network. +This example deploys GitHub Runners to Azure Container Apps and Azure Container Instance using private networking and bring your own virtual network and DNS zone. ```hcl -variable "azure_devops_organization_name" { +variable "github_organization_name" { type = string - description = "Azure DevOps Organisation Name" + description = "GitHub Organisation Name" } -variable "azure_devops_personal_access_token" { +variable "github_personal_access_token" { type = string - description = "The personal access token used for agent authentication to Azure DevOps." + description = "The personal access token used for authentication to GitHub." sensitive = true } -variable "azure_devops_agents_personal_access_token" { - description = "Personal access token for Azure DevOps self-hosted agents (the token requires the 'Agent Pools - Read & Manage' scope and should have the maximum expiry)." +variable "github_runners_personal_access_token" { + description = "Personal access token for GitHub self-hosted runners (the token requires the 'repo' scope and should not expire)." type = string sensitive = true } @@ -34,14 +34,14 @@ terraform { source = "azure/azapi" version = "~> 2.0" } - azuredevops = { - source = "microsoft/azuredevops" - version = "~> 1.1" - } azurerm = { source = "hashicorp/azurerm" version = "~> 3.113" } + github = { + source = "integrations/github" + version = "~> 5.36" + } random = { source = "hashicorp/random" version = "~> 3.5" @@ -53,13 +53,9 @@ provider "azurerm" { features {} } -locals { - azure_devops_organization_url = "https://dev.azure.com/${var.azure_devops_organization_name}" -} - -provider "azuredevops" { - personal_access_token = var.azure_devops_personal_access_token - org_service_url = local.azure_devops_organization_url +provider "github" { + token = var.github_personal_access_token + owner = var.github_organization_name } resource "random_string" "name" { @@ -73,71 +69,37 @@ module "naming" { source = "Azure/naming/azurerm" version = ">= 0.3.0" } - -resource "azuredevops_project" "this" { - name = random_string.name.result -} - -resource "azuredevops_agent_pool" "this" { - name = random_string.name.result - auto_provision = false - auto_update = true -} - -resource "azuredevops_agent_queue" "this" { - project_id = azuredevops_project.this.id - agent_pool_id = azuredevops_agent_pool.this.id +data "github_organization" "alz" { + name = var.github_organization_name } locals { - default_branch = "refs/heads/main" - pipeline_file = "pipeline.yml" - repository_name = "example-repo" + action_file = "action.yml" + default_commit_email = "demo@microsoft.com" + free_plan = "free" } -resource "azuredevops_git_repository" "this" { - project_id = azuredevops_project.this.id - name = local.repository_name - default_branch = local.default_branch - initialization { - init_type = "Clean" - } +resource "github_repository" "this" { + name = random_string.name.result + description = random_string.name.result + auto_init = true + visibility = data.github_organization.alz.plan == local.free_plan ? "public" : "private" + allow_update_branch = true + allow_merge_commit = false + allow_rebase_merge = false + vulnerability_alerts = true } -resource "azuredevops_git_repository_file" "this" { - repository_id = azuredevops_git_repository.this.id - file = local.pipeline_file - content = templatefile("${path.module}/${local.pipeline_file}", { - agent_pool_name = azuredevops_agent_pool.this.name - }) - branch = local.default_branch - commit_message = "[skip ci]" +resource "github_repository_file" "this" { + repository = github_repository.this.name + file = ".github/workflows/${local.action_file}" + content = file("${path.module}/${local.action_file}") + commit_author = local.default_commit_email + commit_email = local.default_commit_email + commit_message = "Add ${local.action_file} [skip ci]" overwrite_on_create = true } -resource "azuredevops_build_definition" "this" { - project_id = azuredevops_project.this.id - name = "Example Build Definition" - - ci_trigger { - use_yaml = true - } - - repository { - repo_type = "TfsGit" - repo_id = azuredevops_git_repository.this.id - branch_name = azuredevops_git_repository.this.default_branch - yml_path = local.pipeline_file - } -} - -resource "azuredevops_pipeline_authorization" "this" { - project_id = azuredevops_project.this.id - resource_id = azuredevops_agent_queue.this.id - type = "queue" - pipeline_id = azuredevops_build_definition.this.id -} - locals { resource_providers_to_register = { dev_center = { @@ -206,25 +168,47 @@ module "virtual_network" { subnets = local.subnets } +resource "azurerm_private_dns_zone" "container_registry" { + name = "privatelink.azurecr.io" + resource_group_name = azurerm_resource_group.this.name +} + +resource "azurerm_private_dns_zone_virtual_network_link" "container_registry" { + name = "privatelink.azurecr.io" + private_dns_zone_name = azurerm_private_dns_zone.container_registry.name + resource_group_name = azurerm_resource_group.this.name + virtual_network_id = module.virtual_network.resource_id + tags = local.tags +} + # This is the module call module "azure_devops_agents" { - source = "../.." - postfix = random_string.name.result - location = local.selected_region - compute_types = ["azure_container_app", "azure_container_instance"] - version_control_system_type = "azuredevops" - version_control_system_personal_access_token = var.azure_devops_agents_personal_access_token - version_control_system_organization = local.azure_devops_organization_url - version_control_system_pool_name = azuredevops_agent_pool.this.name - virtual_network_id = module.virtual_network.resource_id - virtual_network_creation_enabled = false - resource_group_creation_enabled = false - resource_group_name = azurerm_resource_group.this.name - container_app_subnet_id = module.virtual_network.subnets["container_app"].resource_id - container_instance_subnet_id = module.virtual_network.subnets["container_instance"].resource_id - container_registry_private_endpoint_subnet_id = module.virtual_network.subnets["container_registry_private_endpoint"].resource_id - tags = local.tags - depends_on = [azuredevops_pipeline_authorization.this] + source = "../.." + postfix = random_string.name.result + location = local.selected_region + + compute_types = ["azure_container_app", "azure_container_instance"] + + version_control_system_type = "github" + version_control_system_personal_access_token = var.github_runners_personal_access_token + version_control_system_organization = var.github_organization_name + version_control_system_repository = github_repository.this.name + + virtual_network_creation_enabled = false + virtual_network_id = module.virtual_network.resource_id + + resource_group_creation_enabled = false + resource_group_name = azurerm_resource_group.this.name + + container_app_subnet_id = module.virtual_network.subnets["container_app"].resource_id + container_instance_subnet_id = module.virtual_network.subnets["container_instance"].resource_id + + container_registry_private_dns_zone_creation_enabled = false + container_registry_dns_zone_id = azurerm_private_dns_zone.container_registry.id + container_registry_private_endpoint_subnet_id = module.virtual_network.subnets["container_registry_private_endpoint"].resource_id + + tags = local.tags + depends_on = [azurerm_private_dns_zone_virtual_network_link.container_registry] } output "container_app_environment_resource_id" { @@ -262,7 +246,7 @@ locals { "northcentralusstage", "westus2", "southeastasia", "canadacentral", "westeurope", "northeurope", "eastus", "eastus2", "eastasia", "australiaeast", "germanywestcentral", "japaneast", "uksouth", "westus", "centralus", "northcentralus", "southcentralus", "koreacentral", "brazilsouth", "westus3", "francecentral", "southafricanorth", "norwayeast", "switzerlandnorth", "uaenorth", "canadaeast", "westcentralus", "ukwest", "centralindia", "italynorth", "polandcentral", "southindia" ] regions = [for region in module.regions.regions : region.name if !contains(local.excluded_regions, region.name) && contains(local.included_regions, region.name)] - selected_region = local.regions[random_integer.region_index.result] + selected_region = "canadacentral" } ``` @@ -273,12 +257,12 @@ The following requirements are needed by this module: - [terraform](#requirement\_terraform) (>= 1.9) -- [azapi](#requirement\_azapi) (~> 1.14) - -- [azuredevops](#requirement\_azuredevops) (~> 1.1) +- [azapi](#requirement\_azapi) (~> 2.0) - [azurerm](#requirement\_azurerm) (~> 3.113) +- [github](#requirement\_github) (~> 5.36) + - [random](#requirement\_random) (~> 3.5) ## Resources @@ -286,38 +270,36 @@ The following requirements are needed by this module: The following resources are used by this module: - [azapi_resource_action.resource_provider_registration](https://registry.terraform.io/providers/azure/azapi/latest/docs/resources/resource_action) (resource) -- [azuredevops_agent_pool.this](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/resources/agent_pool) (resource) -- [azuredevops_agent_queue.this](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/resources/agent_queue) (resource) -- [azuredevops_build_definition.this](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/resources/build_definition) (resource) -- [azuredevops_git_repository.this](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/resources/git_repository) (resource) -- [azuredevops_git_repository_file.this](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/resources/git_repository_file) (resource) -- [azuredevops_pipeline_authorization.this](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/resources/pipeline_authorization) (resource) -- [azuredevops_project.this](https://registry.terraform.io/providers/microsoft/azuredevops/latest/docs/resources/project) (resource) +- [azurerm_private_dns_zone.container_registry](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_zone) (resource) +- [azurerm_private_dns_zone_virtual_network_link.container_registry](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_zone_virtual_network_link) (resource) - [azurerm_resource_group.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) (resource) +- [github_repository.this](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository) (resource) +- [github_repository_file.this](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/repository_file) (resource) - [random_integer.region_index](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/integer) (resource) - [random_string.name](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/string) (resource) - [azurerm_client_config.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/client_config) (data source) +- [github_organization.alz](https://registry.terraform.io/providers/integrations/github/latest/docs/data-sources/organization) (data source) ## Required Inputs The following input variables are required: -### [azure\_devops\_agents\_personal\_access\_token](#input\_azure\_devops\_agents\_personal\_access\_token) +### [github\_organization\_name](#input\_github\_organization\_name) -Description: Personal access token for Azure DevOps self-hosted agents (the token requires the 'Agent Pools - Read & Manage' scope and should have the maximum expiry). +Description: GitHub Organisation Name Type: `string` -### [azure\_devops\_organization\_name](#input\_azure\_devops\_organization\_name) +### [github\_personal\_access\_token](#input\_github\_personal\_access\_token) -Description: Azure DevOps Organisation Name +Description: The personal access token used for authentication to GitHub. Type: `string` -### [azure\_devops\_personal\_access\_token](#input\_azure\_devops\_personal\_access\_token) +### [github\_runners\_personal\_access\_token](#input\_github\_runners\_personal\_access\_token) -Description: The personal access token used for agent authentication to Azure DevOps. +Description: Personal access token for GitHub self-hosted runners (the token requires the 'repo' scope and should not expire). Type: `string` @@ -365,13 +347,13 @@ Version: >= 0.3.0 Source: Azure/avm-utl-regions/azurerm -Version: 0.1.0 +Version: 0.3.0 ### [virtual\_network](#module\_virtual\_network) Source: Azure/avm-res-network-virtualnetwork/azurerm -Version: 0.4.2 +Version: 0.7.1 ## Data Collection diff --git a/examples/github_bring_your_own_vnet_and_dns_zone/main.tf b/examples/github_bring_your_own_vnet_and_dns_zone/main.tf index 77d7859..9b315ba 100644 --- a/examples/github_bring_your_own_vnet_and_dns_zone/main.tf +++ b/examples/github_bring_your_own_vnet_and_dns_zone/main.tf @@ -177,32 +177,32 @@ resource "azurerm_private_dns_zone_virtual_network_link" "container_registry" { # This is the module call module "azure_devops_agents" { - source = "../.." - postfix = random_string.name.result - location = local.selected_region + source = "../.." + postfix = random_string.name.result + location = local.selected_region - compute_types = ["azure_container_app", "azure_container_instance"] + compute_types = ["azure_container_app", "azure_container_instance"] version_control_system_type = "github" version_control_system_personal_access_token = var.github_runners_personal_access_token version_control_system_organization = var.github_organization_name version_control_system_repository = github_repository.this.name - virtual_network_creation_enabled = false - virtual_network_id = module.virtual_network.resource_id - - resource_group_creation_enabled = false - resource_group_name = azurerm_resource_group.this.name + virtual_network_creation_enabled = false + virtual_network_id = module.virtual_network.resource_id + + resource_group_creation_enabled = false + resource_group_name = azurerm_resource_group.this.name - container_app_subnet_id = module.virtual_network.subnets["container_app"].resource_id - container_instance_subnet_id = module.virtual_network.subnets["container_instance"].resource_id + container_app_subnet_id = module.virtual_network.subnets["container_app"].resource_id + container_instance_subnet_id = module.virtual_network.subnets["container_instance"].resource_id container_registry_private_dns_zone_creation_enabled = false - container_registry_dns_zone_id = azurerm_private_dns_zone.container_registry.id - container_registry_private_endpoint_subnet_id = module.virtual_network.subnets["container_registry_private_endpoint"].resource_id + container_registry_dns_zone_id = azurerm_private_dns_zone.container_registry.id + container_registry_private_endpoint_subnet_id = module.virtual_network.subnets["container_registry_private_endpoint"].resource_id - tags = local.tags - depends_on = [azurerm_private_dns_zone_virtual_network_link.container_registry] + tags = local.tags + depends_on = [azurerm_private_dns_zone_virtual_network_link.container_registry] } output "container_app_environment_resource_id" { diff --git a/examples/github_container_instance/README.md b/examples/github_container_instance/README.md index dff8879..556ee6e 100644 --- a/examples/github_container_instance/README.md +++ b/examples/github_container_instance/README.md @@ -209,7 +209,7 @@ Version: >= 0.3.0 Source: Azure/avm-utl-regions/azurerm -Version: 0.1.0 +Version: 0.3.0 ## Data Collection diff --git a/examples/github_public_networking/README.md b/examples/github_public_networking/README.md index 7ebf543..0339bb1 100644 --- a/examples/github_public_networking/README.md +++ b/examples/github_public_networking/README.md @@ -164,7 +164,7 @@ The following requirements are needed by this module: - [terraform](#requirement\_terraform) (>= 1.9) -- [azapi](#requirement\_azapi) (~> 1.14) +- [azapi](#requirement\_azapi) (~> 2.0) - [azurerm](#requirement\_azurerm) (~> 3.113) @@ -235,7 +235,7 @@ Version: >= 0.3.0 Source: Azure/avm-utl-regions/azurerm -Version: 0.1.0 +Version: 0.3.0 ## Data Collection diff --git a/examples/multi_region/README.md b/examples/multi_region/README.md index 1dbde55..3110e9f 100644 --- a/examples/multi_region/README.md +++ b/examples/multi_region/README.md @@ -270,7 +270,7 @@ The following requirements are needed by this module: - [terraform](#requirement\_terraform) (>= 1.9) -- [azapi](#requirement\_azapi) (~> 1.14) +- [azapi](#requirement\_azapi) (~> 2.0) - [azuredevops](#requirement\_azuredevops) (~> 1.1) @@ -392,7 +392,7 @@ Version: >= 0.3.0 Source: Azure/avm-utl-regions/azurerm -Version: 0.1.0 +Version: 0.3.0 ## Data Collection diff --git a/modules/container-app-job/README.md b/modules/container-app-job/README.md index e248307..78bbd73 100644 --- a/modules/container-app-job/README.md +++ b/modules/container-app-job/README.md @@ -6,7 +6,7 @@ This submodule deploys an Azure Container Apps Job for CI/CD agents and runners. ```hcl resource "azapi_resource" "job" { type = "Microsoft.App/jobs@2023-05-01" - body = jsonencode({ + body = { properties = { environmentId = var.container_app_environment_id configuration = { @@ -30,7 +30,7 @@ resource "azapi_resource" "job" { containers = [local.container_job] } } - }) + } location = var.location name = local.job_name parent_id = var.resource_group_id @@ -46,7 +46,7 @@ resource "azapi_resource" "placeholder" { count = var.placeholder_job_creation_enabled ? 1 : 0 type = "Microsoft.App/jobs@2023-05-01" - body = jsonencode({ + body = { properties = { environmentId = var.container_app_environment_id configuration = { @@ -64,7 +64,7 @@ resource "azapi_resource" "placeholder" { containers = [local.container_placeholder] } } - }) + } location = var.location name = local.placeholder_job_name parent_id = var.resource_group_id @@ -97,13 +97,13 @@ The following requirements are needed by this module: - [terraform](#requirement\_terraform) (>= 1.9) -- [azapi](#requirement\_azapi) (~> 1.14) +- [azapi](#requirement\_azapi) (~> 2.0) ## Providers The following providers are used by this module: -- [azapi](#provider\_azapi) (~> 1.14) +- [azapi](#provider\_azapi) (~> 2.0) ## Resources diff --git a/modules/container-app-job/main.tf b/modules/container-app-job/main.tf index 5072398..632335b 100644 --- a/modules/container-app-job/main.tf +++ b/modules/container-app-job/main.tf @@ -1,6 +1,6 @@ resource "azapi_resource" "job" { type = "Microsoft.App/jobs@2023-05-01" - body = jsonencode({ + body = { properties = { environmentId = var.container_app_environment_id configuration = { @@ -24,7 +24,7 @@ resource "azapi_resource" "job" { containers = [local.container_job] } } - }) + } location = var.location name = local.job_name parent_id = var.resource_group_id @@ -40,7 +40,7 @@ resource "azapi_resource" "placeholder" { count = var.placeholder_job_creation_enabled ? 1 : 0 type = "Microsoft.App/jobs@2023-05-01" - body = jsonencode({ + body = { properties = { environmentId = var.container_app_environment_id configuration = { @@ -58,7 +58,7 @@ resource "azapi_resource" "placeholder" { containers = [local.container_placeholder] } } - }) + } location = var.location name = local.placeholder_job_name parent_id = var.resource_group_id