From 64f588115d5dc3293f16e722606b005b1910ed7f Mon Sep 17 00:00:00 2001 From: Daniela Plascencia Date: Tue, 24 Sep 2024 13:55:14 +0200 Subject: [PATCH 1/2] feat: add Terraform module for dex-auth (#228) * feat: add Terraform module for dex-auth This commit adds the terraform/ directory to the root of the repository to host the Terraform module of this charm. This follows the standard set in CC006. For more information please also refer to canonical/argo-operators/pull/198. Part of #226 --- .github/workflows/integrate.yaml | 6 ++++ .gitignore | 3 ++ terraform/README.md | 60 ++++++++++++++++++++++++++++++++ terraform/main.tf | 13 +++++++ terraform/outputs.tf | 19 ++++++++++ terraform/variables.tf | 34 ++++++++++++++++++ terraform/versions.tf | 9 +++++ tox.ini | 7 ++++ 8 files changed, 151 insertions(+) create mode 100644 terraform/README.md create mode 100644 terraform/main.tf create mode 100644 terraform/outputs.tf create mode 100644 terraform/variables.tf create mode 100644 terraform/versions.tf diff --git a/.github/workflows/integrate.yaml b/.github/workflows/integrate.yaml index f5455c51..11a5f6c2 100644 --- a/.github/workflows/integrate.yaml +++ b/.github/workflows/integrate.yaml @@ -35,6 +35,12 @@ jobs: - run: pip install tox - run: tox -e unit + terraform-checks: + name: Terraform + uses: canonical/charmed-kubeflow-workflows/.github/workflows/terraform-checks.yaml@main + with: + charm-path: . + integration-test: name: Integration runs-on: ubuntu-20.04 diff --git a/.gitignore b/.gitignore index a737d8f5..31120d92 100644 --- a/.gitignore +++ b/.gitignore @@ -4,3 +4,6 @@ __pycache__ *.charm build/ .idea +venv/ +.terraform* +*.tfstate* diff --git a/terraform/README.md b/terraform/README.md new file mode 100644 index 00000000..43f2c5fd --- /dev/null +++ b/terraform/README.md @@ -0,0 +1,60 @@ +# Terraform module for dex-auth + +This is a Terraform module facilitating the deployment of the dex-auth charm, using the [Terraform juju provider](https://github.com/juju/terraform-provider-juju/). For more information, refer to the provider [documentation](https://registry.terraform.io/providers/juju/juju/latest/docs). + +## Requirements +This module requires a `juju` model to be available. Refer to the [usage section](#usage) below for more details. + +## API + +### Inputs +The module offers the following configurable inputs: + +| Name | Type | Description | Required | +| - | - | - | - | +| `app_name`| string | Application name | False | +| `channel`| string | Channel that the charm is deployed from | False | +| `config`| map(string) | Map of the charm configuration options | False | +| `model_name`| string | Name of the model that the charm is deployed on | True | +| `resources`| map(string) | Map of the charm resources | False | +| `revision`| number | Revision number of the charm name | False | + +### Outputs +Upon applied, the module exports the following outputs: + +| Name | Description | +| - | - | +| `app_name`| Application name | +| `provides`| Map of `provides` endpoints | +| `requires`| Map of `reqruires` endpoints | + +## Usage + +This module is intended to be used as part of a higher-level module. When defining one, users should ensure that Terraform is aware of the `juju_model` dependency of the charm module. There are two options to do so when creating a high-level module: + +### Define a `juju_model` resource +Define a `juju_model` resource and pass to the `model_name` input a reference to the `juju_model` resource's name. For example: + +``` +resource "juju_model" "testing" { + name = dex-auth-model +} + +module "dex-auth" { + source = "" + model_name = juju_model.testing.name +} +``` + +### Define a `data` source +Define a `data` source and pass to the `model_name` input a reference to the `data.juju_model` resource's name. This will enable Terraform to look for a `juju_model` resource with a name attribute equal to the one provided, and apply only if this is present. Otherwise, it will fail before applying anything. +``` +data "juju_model" "testing" { + name = var.model_name +} + +module "dex-auth" { + source = "" + model_name = data.juju_model.testing.name +} +``` diff --git a/terraform/main.tf b/terraform/main.tf new file mode 100644 index 00000000..848236e6 --- /dev/null +++ b/terraform/main.tf @@ -0,0 +1,13 @@ +resource "juju_application" "dex_auth" { + charm { + name = "dex-auth" + channel = var.channel + revision = var.revision + } + config = var.config + model = var.model_name + name = var.app_name + resources = var.resources + trust = true + units = 1 +} diff --git a/terraform/outputs.tf b/terraform/outputs.tf new file mode 100644 index 00000000..5b6db079 --- /dev/null +++ b/terraform/outputs.tf @@ -0,0 +1,19 @@ +output "app_name" { + value = juju_application.dex_auth.name +} + +output "provides" { + value = { + dex_oidc_config = "dex-oidc-config", + grafana_dashboard = "grafana-dashboard", + metrics_endpoint = "metrics-endpoint", + } +} + +output "requires" { + value = { + ingress = "ingress", + logging = "logging", + oidc_client = "oidc-client", + } +} diff --git a/terraform/variables.tf b/terraform/variables.tf new file mode 100644 index 00000000..fff1b629 --- /dev/null +++ b/terraform/variables.tf @@ -0,0 +1,34 @@ +variable "app_name" { + description = "Application name" + type = string + default = "dex-auth" +} + +variable "channel" { + description = "Charm channel" + type = string + default = "2.39/stable" +} + +variable "config" { + description = "Map of charm configuration options" + type = map(string) + default = {} +} + +variable "model_name" { + description = "Model name" + type = string +} + +variable "resources" { + description = "Map of resources" + type = map(string) + default = null +} + +variable "revision" { + description = "Charm revision" + type = number + default = null +} diff --git a/terraform/versions.tf b/terraform/versions.tf new file mode 100644 index 00000000..eb357ca6 --- /dev/null +++ b/terraform/versions.tf @@ -0,0 +1,9 @@ +terraform { + required_version = ">= 1.6" + required_providers { + juju = { + source = "juju/juju" + version = "~> 0.14.0" + } + } +} diff --git a/tox.ini b/tox.ini index 73509eaa..61b7094a 100644 --- a/tox.ini +++ b/tox.ini @@ -79,3 +79,10 @@ commands = pytest -vvs --tb native --log-cli-level=INFO --asyncio-mode=auto {tox deps = -r requirements-integration.txt description = Run integration tests + +[testenv:tflint] +allowlist_externals = + tflint +commands = + tflint --chdir=terraform --recursive +description = Check Terraform code against coding style standards From 988b3e0a0b1068d125e1b601b7704e95a1d4eabd Mon Sep 17 00:00:00 2001 From: Daniela Plascencia Date: Tue, 24 Sep 2024 15:17:33 +0200 Subject: [PATCH 2/2] ci: use 2.39/stable as the channel for deploying dex with Terraform modules --- .github/workflows/integrate.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/integrate.yaml b/.github/workflows/integrate.yaml index 11a5f6c2..e560553e 100644 --- a/.github/workflows/integrate.yaml +++ b/.github/workflows/integrate.yaml @@ -40,6 +40,7 @@ jobs: uses: canonical/charmed-kubeflow-workflows/.github/workflows/terraform-checks.yaml@main with: charm-path: . + channel: 2.39/stable integration-test: name: Integration