From c05d04fd79a22475449d8fa1918df1a649f3ac5f Mon Sep 17 00:00:00 2001 From: Hitman Date: Wed, 4 Sep 2024 16:04:36 +0530 Subject: [PATCH 1/8] Added Latest Version and Removed Depreciated Variables --- main.tf | 19 +++---------------- versions.tf | 5 ++--- 2 files changed, 5 insertions(+), 19 deletions(-) diff --git a/main.tf b/main.tf index f5731eb..6c4da0f 100644 --- a/main.tf +++ b/main.tf @@ -34,29 +34,16 @@ resource "azurerm_monitor_diagnostic_setting" "example" { metric { category = "AllMetrics" enabled = var.Metric_enable - retention_policy { - enabled = var.retention_policy_enabled - days = var.days - } + } - log { + enabled_log { category = var.category category_group = "AllLogs" - retention_policy { - enabled = var.retention_policy_enabled - days = var.days - } - enabled = var.log_enabled } - log { + enabled_log{ category = var.category category_group = "Audit" - retention_policy { - enabled = var.retention_policy_enabled - days = var.days - } - enabled = var.log_enabled } lifecycle { ignore_changes = [log_analytics_destination_type] diff --git a/versions.tf b/versions.tf index bd2c2d8..a52431b 100644 --- a/versions.tf +++ b/versions.tf @@ -1,13 +1,12 @@ -# Terraform version terraform { - required_version = ">= 1.0.0" + required_version = ">= 1.7.8" } terraform { required_providers { azurerm = { source = "hashicorp/azurerm" - version = ">=3.0.0" + version = ">=3.89.0" } } } From 787fa077cd69a9a9298dd70de1716458b832863d Mon Sep 17 00:00:00 2001 From: Hitman Date: Wed, 4 Sep 2024 19:08:47 +0530 Subject: [PATCH 2/8] Added Formmating --- main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.tf b/main.tf index 6c4da0f..dc3edd0 100644 --- a/main.tf +++ b/main.tf @@ -41,7 +41,7 @@ resource "azurerm_monitor_diagnostic_setting" "example" { category_group = "AllLogs" } - enabled_log{ + enabled_log { category = var.category category_group = "Audit" } From b005e921420fa6f60c3af09ca2087c04d8968632 Mon Sep 17 00:00:00 2001 From: Hitman Date: Thu, 5 Sep 2024 14:52:10 +0530 Subject: [PATCH 3/8] Added min required Azurerm Version --- _example/example.tf | 1 + _example/verstion.tf | 12 ++++++++++++ 2 files changed, 13 insertions(+) create mode 100644 _example/verstion.tf diff --git a/_example/example.tf b/_example/example.tf index d60852c..52f8e0f 100644 --- a/_example/example.tf +++ b/_example/example.tf @@ -1,5 +1,6 @@ provider "azurerm" { features {} + subscription_id = "068245d4-3c94-42fe-9c4d-9e5e1cabc60c" } module "resource_group" { diff --git a/_example/verstion.tf b/_example/verstion.tf new file mode 100644 index 0000000..8b32c3f --- /dev/null +++ b/_example/verstion.tf @@ -0,0 +1,12 @@ +terraform { + required_version = ">= 1.0.0" +} + +terraform { + required_providers { + azurerm = { + source = "hashicorp/azurerm" + version = "3.39.0" + } + } +} From 82f90254df302f152c70e1349c7ead7d90c1c00e Mon Sep 17 00:00:00 2001 From: Hitman Date: Thu, 5 Sep 2024 15:02:52 +0530 Subject: [PATCH 4/8] Updates Github Workflow --- .github/workflows/auto_assignee.yml | 14 +++++ .github/workflows/automerge.yml | 12 ++++ .github/workflows/readme.yml | 59 ++++---------------- .github/workflows/semantic-releaser.yml | 30 ---------- .github/workflows/static-checks.yml | 73 ------------------------- .github/workflows/tf-checks.yml | 11 ++++ .github/workflows/tflint.yml | 11 ++++ 7 files changed, 58 insertions(+), 152 deletions(-) create mode 100644 .github/workflows/auto_assignee.yml create mode 100644 .github/workflows/automerge.yml delete mode 100644 .github/workflows/semantic-releaser.yml delete mode 100644 .github/workflows/static-checks.yml create mode 100644 .github/workflows/tf-checks.yml create mode 100644 .github/workflows/tflint.yml diff --git a/.github/workflows/auto_assignee.yml b/.github/workflows/auto_assignee.yml new file mode 100644 index 0000000..77d5fdf --- /dev/null +++ b/.github/workflows/auto_assignee.yml @@ -0,0 +1,14 @@ +name: Auto Assign PRs + +on: + pull_request: + types: [opened, reopened] + + workflow_dispatch: +jobs: + assignee: + uses: clouddrove/github-shared-workflows/.github/workflows/auto_assignee.yml@master + secrets: + GITHUB: ${{ secrets.GITHUB }} + with: + assignees: 'clouddrove-ci' \ No newline at end of file diff --git a/.github/workflows/automerge.yml b/.github/workflows/automerge.yml new file mode 100644 index 0000000..42d2f0d --- /dev/null +++ b/.github/workflows/automerge.yml @@ -0,0 +1,12 @@ + + name: Auto merge + on: + pull_request: + jobs: + auto-merge: + uses: clouddrove/github-shared-workflows/.github/workflows/auto_merge.yml@master + secrets: + GITHUB: ${{ secrets.GITHUB }} + with: + tfcheck: 'basic / Check code format' + \ No newline at end of file diff --git a/.github/workflows/readme.yml b/.github/workflows/readme.yml index 8b60bee..444164d 100644 --- a/.github/workflows/readme.yml +++ b/.github/workflows/readme.yml @@ -1,54 +1,15 @@ -name: 'Create README.md file' +name: Readme Workflow on: push: branches: - master - + paths-ignore: + - 'README.md' + - 'docs/**' + workflow_dispatch: jobs: - readme-create: - name: 'readme-create' - runs-on: ubuntu-latest - steps: - - name: 'Checkout' - uses: actions/checkout@master - - - name: 'Set up Python 3.7' - uses: actions/setup-python@v2 - with: - python-version: '3.x' - - - name: 'create readme' - uses: 'clouddrove/github-actions@v9.0.2' - with: - actions_subcommand: 'readme' - github_token: '${{ secrets.GITHUB }}' - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - - - name: 'pre-commit check errors' - uses: pre-commit/action@v2.0.0 - continue-on-error: true - - - name: 'pre-commit fix erros' - uses: pre-commit/action@v2.0.0 - continue-on-error: true - - - name: 'push readme' - uses: 'clouddrove/github-actions@v9.0.2' - continue-on-error: true - with: - actions_subcommand: 'push' - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - - name: 'Slack Notification' - uses: clouddrove/action-slack@v2 - with: - status: ${{ job.status }} - fields: repo,author - author_name: 'CloudDrove' - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # required - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_TERRAFORM }} # required - if: always() + README: + uses: clouddrove/github-shared-workflows/.github/workflows/readme.yml@master + secrets: + TOKEN : ${{ secrets.GITHUB }} + SLACK_WEBHOOK_TERRAFORM: ${{ secrets.SLACK_WEBHOOK_TERRAFORM }} \ No newline at end of file diff --git a/.github/workflows/semantic-releaser.yml b/.github/workflows/semantic-releaser.yml deleted file mode 100644 index 6e685a0..0000000 --- a/.github/workflows/semantic-releaser.yml +++ /dev/null @@ -1,30 +0,0 @@ -name: Release - -on: - push: - branches: - - main - paths: - - '**.tf' - - '!examples/**.tf' - -jobs: - release: - name: Release - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v2 - with: - fetch-depth: 0 - persist-credentials: false - - - name: Setup Node.js - uses: actions/setup-node@v1 - with: - node-version: 14 - - - name: Release - env: - GITHUB_TOKEN: ${{ secrets.ACCESS_TOKEN }} - run: npx semantic-release diff --git a/.github/workflows/static-checks.yml b/.github/workflows/static-checks.yml deleted file mode 100644 index f580192..0000000 --- a/.github/workflows/static-checks.yml +++ /dev/null @@ -1,73 +0,0 @@ -name: static-checks - -on: - pull_request: - -jobs: - versionExtract: - name: Get min/max versions - runs-on: ubuntu-latest - - steps: - - name: Checkout - uses: actions/checkout@v2 - - - name: Terraform min/max versions - id: minMax - uses: clowdhaus/terraform-min-max@main - outputs: - minVersion: ${{ steps.minMax.outputs.minVersion }} - maxVersion: ${{ steps.minMax.outputs.maxVersion }} - - versionEvaluate: - name: Evaluate Terraform versions - runs-on: ubuntu-latest - needs: versionExtract - strategy: - fail-fast: false - matrix: - version: - - ${{ needs.versionExtract.outputs.minVersion }} - - ${{ needs.versionExtract.outputs.maxVersion }} - directory: - - _example/ - steps: - - name: Checkout - uses: actions/checkout@v2 - - - name: Install Terraform v${{ matrix.version }} - uses: hashicorp/setup-terraform@v1 - with: - terraform_version: ${{ matrix.version }} - - - name: Init & validate v${{ matrix.version }} - run: | - cd ${{ matrix.directory }} - terraform init - terraform validate - - name: tflint - uses: reviewdog/action-tflint@master - with: - tflint_version: v0.29.0 - github_token: ${{ secrets.GITHUB_TOKEN }} - working_directory: ${{ matrix.directory }} - fail_on_error: 'true' - filter_mode: 'nofilter' - flags: '--module' - - format: - name: Check code format - runs-on: ubuntu-latest - needs: versionExtract - - steps: - - name: Checkout - uses: actions/checkout@v2 - - - name: Install Terraform v${{ needs.versionExtract.outputs.maxVersion }} - uses: hashicorp/setup-terraform@v1 - with: - terraform_version: ${{ needs.versionExtract.outputs.maxVersion }} - - - name: Check Terraform format changes - run: terraform fmt --recursive -check=true diff --git a/.github/workflows/tf-checks.yml b/.github/workflows/tf-checks.yml new file mode 100644 index 0000000..b4cd18f --- /dev/null +++ b/.github/workflows/tf-checks.yml @@ -0,0 +1,11 @@ +name: tf-checks +on: + push: + branches: [ master ] + pull_request: + workflow_dispatch: +jobs: + tf-checks-aws-managed-example: + uses: clouddrove/github-shared-workflows/.github/workflows/tf-checks.yml@master + with: + working_directory: './examples/' \ No newline at end of file diff --git a/.github/workflows/tflint.yml b/.github/workflows/tflint.yml new file mode 100644 index 0000000..ee98182 --- /dev/null +++ b/.github/workflows/tflint.yml @@ -0,0 +1,11 @@ +name: tf-lint +on: + push: + branches: [ master ] + pull_request: + workflow_dispatch: +jobs: + tf-lint: + uses: clouddrove/github-shared-workflows/.github/workflows/tf-lint.yml@master + secrets: + GITHUB: ${{ secrets.GITHUB }} \ No newline at end of file From d863df262322b39b2951cee4236ed3350f07261c Mon Sep 17 00:00:00 2001 From: Hitman Date: Thu, 5 Sep 2024 15:30:47 +0530 Subject: [PATCH 5/8] Renamed Folder --- .github/dependabot.yml | 2 +- {_example => examples}/example.tf | 0 {_example => examples}/outputs.tf | 0 {_example => examples}/verstion.tf | 0 versions.tf | 2 +- 5 files changed, 2 insertions(+), 2 deletions(-) rename {_example => examples}/example.tf (100%) rename {_example => examples}/outputs.tf (100%) rename {_example => examples}/verstion.tf (100%) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 6f6a30d..7931628 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -10,7 +10,7 @@ updates: schedule: interval: "weekly" - package-ecosystem: "terraform" # See documentation for possible values - directory: "_example" # Location of package manifests + directory: "examples" # Location of package manifests schedule: interval: "weekly" diff --git a/_example/example.tf b/examples/example.tf similarity index 100% rename from _example/example.tf rename to examples/example.tf diff --git a/_example/outputs.tf b/examples/outputs.tf similarity index 100% rename from _example/outputs.tf rename to examples/outputs.tf diff --git a/_example/verstion.tf b/examples/verstion.tf similarity index 100% rename from _example/verstion.tf rename to examples/verstion.tf diff --git a/versions.tf b/versions.tf index a52431b..fe43bde 100644 --- a/versions.tf +++ b/versions.tf @@ -6,7 +6,7 @@ terraform { required_providers { azurerm = { source = "hashicorp/azurerm" - version = ">=3.89.0" + version = ">=3.39.0" } } } From 829b4d8471edd89540113cebf0ae064e56118271 Mon Sep 17 00:00:00 2001 From: Hitman Date: Thu, 5 Sep 2024 16:01:52 +0530 Subject: [PATCH 6/8] Fixed Warnings --- main.tf | 2 +- outputs.tf | 4 ++-- variable.tf | 6 +----- 3 files changed, 4 insertions(+), 8 deletions(-) diff --git a/main.tf b/main.tf index dc3edd0..75511a9 100644 --- a/main.tf +++ b/main.tf @@ -25,7 +25,7 @@ resource "azurerm_log_analytics_workspace" "main" { resource "azurerm_monitor_diagnostic_setting" "example" { count = var.enabled && var.diagnostic_setting_enable ? 1 : 0 name = format("%s-log-analytics-diagnostic-log", module.labels.id) - target_resource_id = join("", azurerm_log_analytics_workspace.main.*.id) + target_resource_id = join("", azurerm_log_analytics_workspace.main[*].id) storage_account_id = var.storage_account_id eventhub_name = var.eventhub_name eventhub_authorization_rule_id = var.eventhub_authorization_rule_id diff --git a/outputs.tf b/outputs.tf index d9ced8c..891356f 100644 --- a/outputs.tf +++ b/outputs.tf @@ -1,8 +1,8 @@ output "workspace_id" { - value = var.create_log_analytics_workspace == true ? join("", azurerm_log_analytics_workspace.main.*.id) : null + value = var.create_log_analytics_workspace == true ? join("", azurerm_log_analytics_workspace.main[*].id) : null } output "workspace_customer_id" { - value = var.create_log_analytics_workspace == true ? join("", azurerm_log_analytics_workspace.main.*.workspace_id) : null + value = var.create_log_analytics_workspace == true ? join("", azurerm_log_analytics_workspace.main[*].workspace_id) : null } diff --git a/variable.tf b/variable.tf index effd85a..466d124 100644 --- a/variable.tf +++ b/variable.tf @@ -114,11 +114,7 @@ variable "log_analytics_destination_type" { default = "AzureDiagnostics" description = "Possible values are AzureDiagnostics and Dedicated, default to AzureDiagnostics. When set to Dedicated, logs sent to a Log Analytics workspace will go into resource specific tables, instead of the legacy AzureDiagnostics table." } -variable "retention_policy_enabled" { - type = bool - default = false - description = "Is this Retention Policy enabled?" -} + variable "days" { type = number default = "90" From c5e15507edd4730810fcc34e61e7c178aac2f177 Mon Sep 17 00:00:00 2001 From: Hitman Date: Thu, 5 Sep 2024 16:12:28 +0530 Subject: [PATCH 7/8] Removed Unused Variables --- variable.tf | 36 +----------------------------------- 1 file changed, 1 insertion(+), 35 deletions(-) diff --git a/variable.tf b/variable.tf index 466d124..96f9638 100644 --- a/variable.tf +++ b/variable.tf @@ -38,17 +38,6 @@ variable "enabled" { } -variable "tags" { - type = map(string) - default = {} - description = "A map of tags to add to all resources" -} -variable "log_analytics_workspace_name" { - type = string - default = "loganalytics" - description = "Name of the Log Analytics Workspace" -} - variable "log_analytics_workspace_location" { type = string default = "West Us" @@ -67,20 +56,6 @@ variable "log_analytics_workspace_sku" { description = "pecifies the Sku of the Log Analytics Workspace. Possible values are Free, PerNode, Premium, Standard, Standalone, Unlimited, CapacityReservation, and PerGB2018 (new Sku as of 2018-04-03). Defaults to PerGB2018" } - - -variable "email_receiver" { - type = list(any) - default = [] - description = "One or more email_receiver blocks as defined below." -} - -variable "scheduled_query_rules_alert" { - type = any - default = {} - description = "Manages an AlertingAction Scheduled Query Rules resource within Azure Monitor." -} - variable "create_log_analytics_workspace" { type = bool default = true @@ -115,11 +90,6 @@ variable "log_analytics_destination_type" { description = "Possible values are AzureDiagnostics and Dedicated, default to AzureDiagnostics. When set to Dedicated, logs sent to a Log Analytics workspace will go into resource specific tables, instead of the legacy AzureDiagnostics table." } -variable "days" { - type = number - default = "90" - description = " The number of days for which this Retention Policy should apply." -} variable "Metric_enable" { type = bool default = true @@ -139,11 +109,7 @@ variable "category" { default = null description = " The name of a Diagnostic Log Category Group for this Resource." } -variable "log_enabled" { - type = string - default = true - description = " Is this Diagnostic Log enabled? Defaults to true." -} + variable "storage_account_id" { type = string default = null From 932e85a38ce9f60140b1c9c224706602f1f9ad37 Mon Sep 17 00:00:00 2001 From: Hitman Date: Thu, 5 Sep 2024 16:37:37 +0530 Subject: [PATCH 8/8] Remove Subscription id --- examples/example.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/examples/example.tf b/examples/example.tf index 52f8e0f..4b6640f 100644 --- a/examples/example.tf +++ b/examples/example.tf @@ -1,6 +1,6 @@ provider "azurerm" { features {} - subscription_id = "068245d4-3c94-42fe-9c4d-9e5e1cabc60c" + subscription_id = "" } module "resource_group" {