From a21e7082fd845e3fdec5a0fa68f225cc198367fb Mon Sep 17 00:00:00 2001 From: mamrajyadav Date: Wed, 3 Jan 2024 17:52:55 +0530 Subject: [PATCH] fix: update github/workflows version and add module version --- .github/workflows/auto_assignee.yml | 2 +- .github/workflows/automerge.yml | 12 ++++++++++++ .github/workflows/changelog.yml | 2 +- .github/workflows/tf-checks.yml | 6 +++--- .github/workflows/tflint.yml | 2 +- .github/workflows/tfsec.yml | 2 +- _example/basic/example.tf | 4 ++-- _example/complete/example.tf | 12 ++++++------ _example/complete/outputs.tf | 6 +++--- _example/nsg-with-flow-logs/example.tf | 10 +++++----- _example/nsg-with-flow-logs/ouputs.tf | 2 +- main.tf | 8 ++++---- outputs.tf | 10 +++++----- 13 files changed, 45 insertions(+), 33 deletions(-) create mode 100644 .github/workflows/automerge.yml diff --git a/.github/workflows/auto_assignee.yml b/.github/workflows/auto_assignee.yml index 4625a8b..751c4bc 100644 --- a/.github/workflows/auto_assignee.yml +++ b/.github/workflows/auto_assignee.yml @@ -7,7 +7,7 @@ on: workflow_dispatch: jobs: assignee: - uses: clouddrove/github-shared-workflows/.github/workflows/auto_assignee.yml@1.0.8 + uses: clouddrove/github-shared-workflows/.github/workflows/auto_assignee.yml@1.0.9 secrets: GITHUB: ${{ secrets.GITHUB }} with: diff --git a/.github/workflows/automerge.yml b/.github/workflows/automerge.yml new file mode 100644 index 0000000..5feccaa --- /dev/null +++ b/.github/workflows/automerge.yml @@ -0,0 +1,12 @@ +--- +name: Auto merge +on: + pull_request: +jobs: + auto-merge: + uses: clouddrove/github-shared-workflows/.github/workflows/auto_merge.yml@1.0.9 + secrets: + GITHUB: ${{ secrets.GITHUB }} + with: + tfcheck: 'complete / Get min/max versions' +... diff --git a/.github/workflows/changelog.yml b/.github/workflows/changelog.yml index a80dbf1..b3d9eb2 100644 --- a/.github/workflows/changelog.yml +++ b/.github/workflows/changelog.yml @@ -7,7 +7,7 @@ on: workflow_dispatch: jobs: changelog: - uses: clouddrove/github-shared-workflows/.github/workflows/changelog.yml@1.0.8 + uses: clouddrove/github-shared-workflows/.github/workflows/changelog.yml@1.0.9 secrets: inherit with: branch: 'master' diff --git a/.github/workflows/tf-checks.yml b/.github/workflows/tf-checks.yml index 85de87d..bf1e93e 100644 --- a/.github/workflows/tf-checks.yml +++ b/.github/workflows/tf-checks.yml @@ -6,16 +6,16 @@ on: workflow_dispatch: jobs: basic-example: - uses: clouddrove/github-shared-workflows/.github/workflows/tf-checks.yml@1.0.8 + uses: clouddrove/github-shared-workflows/.github/workflows/tf-checks.yml@1.0.9 with: working_directory: './_example/basic/' complete-example: - uses: clouddrove/github-shared-workflows/.github/workflows/tf-checks.yml@1.0.8 + uses: clouddrove/github-shared-workflows/.github/workflows/tf-checks.yml@1.0.9 with: working_directory: './_example/complete/' nsg-with-flow-logs-example: - uses: clouddrove/github-shared-workflows/.github/workflows/tf-checks.yml@1.0.8 + uses: clouddrove/github-shared-workflows/.github/workflows/tf-checks.yml@1.0.9 with: working_directory: './_example/nsg-with-flow-logs/' diff --git a/.github/workflows/tflint.yml b/.github/workflows/tflint.yml index 3eafee9..0875a68 100644 --- a/.github/workflows/tflint.yml +++ b/.github/workflows/tflint.yml @@ -6,6 +6,6 @@ on: workflow_dispatch: jobs: tf-lint: - uses: clouddrove/github-shared-workflows/.github/workflows/tf-lint.yml@1.0.8 + uses: clouddrove/github-shared-workflows/.github/workflows/tf-lint.yml@1.0.9 secrets: GITHUB: ${{ secrets.GITHUB }} diff --git a/.github/workflows/tfsec.yml b/.github/workflows/tfsec.yml index 52ad25a..daefede 100644 --- a/.github/workflows/tfsec.yml +++ b/.github/workflows/tfsec.yml @@ -5,7 +5,7 @@ on: workflow_dispatch: jobs: tfsec: - uses: clouddrove/github-shared-workflows/.github/workflows/tfsec.yml@1.0.8 + uses: clouddrove/github-shared-workflows/.github/workflows/tfsec.yml@1.0.9 secrets: inherit with: working_directory: '.' diff --git a/_example/basic/example.tf b/_example/basic/example.tf index e3a6637..8129b73 100644 --- a/_example/basic/example.tf +++ b/_example/basic/example.tf @@ -13,9 +13,9 @@ module "network_security_group" { source = "../../" name = local.name environment = local.environment - resource_group_name = "app-storage-test-resource-group" + resource_group_name = "app-subnet-test-resource-group" resource_group_location = "North Europe" - subnet_ids = ["/subscriptions/068245d4-3c94-42fe-9c4d-9e5e1cabc60c/resourceGroups/"] + subnet_ids = ["xxxxxxxxxxx"] inbound_rules = [ { name = "ssh" diff --git a/_example/complete/example.tf b/_example/complete/example.tf index 3d2f72d..931924b 100644 --- a/_example/complete/example.tf +++ b/_example/complete/example.tf @@ -25,14 +25,14 @@ module "resource_group" { ## Virtual Network module call. ##----------------------------------------------------------------------------- module "vnet" { - depends_on = [module.resource_group] - source = "clouddrove/vnet/azure" - version = "1.0.3" + depends_on = [module.resource_group] + source = "clouddrove/vnet/azure" + version = "1.0.4" name = local.name environment = local.environment resource_group_name = module.resource_group.resource_group_name location = module.resource_group.resource_group_location - address_space = "10.30.0.0/22" + address_spaces = ["10.30.0.0/22"] } ##----------------------------------------------------------------------------- @@ -40,13 +40,13 @@ module "vnet" { ## Subnet to which network security group will be attached. ##----------------------------------------------------------------------------- module "subnet" { - source = "clouddrove/subnet/azure" + source = "clouddrove/subnet/azure" version = "1.0.2" name = local.name environment = local.environment resource_group_name = module.resource_group.resource_group_name location = module.resource_group.resource_group_location - virtual_network_name = join("", module.vnet.vnet_name) + virtual_network_name = module.vnet.vnet_name # Subnet Configuration subnet_names = ["subnet"] subnet_prefixes = ["10.30.0.0/24"] diff --git a/_example/complete/outputs.tf b/_example/complete/outputs.tf index 022ae63..38caa2c 100644 --- a/_example/complete/outputs.tf +++ b/_example/complete/outputs.tf @@ -14,13 +14,13 @@ output "resource_group_name" { } output "resource_group_location" { - description = "The name of the resource group in which the subnet is created in." value = module.resource_group.resource_group_location + description = "The name of the resource group in which the subnet is created in." } output "virtual_network_name" { + value = module.vnet.vnet_name description = "The name of the virtual network in which the subnet is created in." - value = join("", module.vnet.vnet_name) } output "address_prefixes" { @@ -34,8 +34,8 @@ output "route_table_id" { } output "route_table_associated_subnets" { - description = "The collection of Subnets associated with this route table." value = module.subnet[*].route_table_associated_subnets + description = "The collection of Subnets associated with this route table." } output "security_group_id" { diff --git a/_example/nsg-with-flow-logs/example.tf b/_example/nsg-with-flow-logs/example.tf index 82c3fa5..297e4e3 100644 --- a/_example/nsg-with-flow-logs/example.tf +++ b/_example/nsg-with-flow-logs/example.tf @@ -27,12 +27,12 @@ module "resource_group" { module "vnet" { depends_on = [module.resource_group] source = "clouddrove/vnet/azure" - version = "1.0.3" + version = "1.0.4" name = local.name environment = local.environment resource_group_name = module.resource_group.resource_group_name location = module.resource_group.resource_group_location - address_space = "10.30.0.0/22" + address_spaces = ["10.30.0.0/22"] enable_network_watcher = true } @@ -47,7 +47,7 @@ module "subnet" { environment = local.environment resource_group_name = module.resource_group.resource_group_name location = module.resource_group.resource_group_location - virtual_network_name = join("", module.vnet.vnet_name) + virtual_network_name = module.vnet.vnet_name # Subnet Configuration subnet_names = ["subnet"] subnet_prefixes = ["10.30.0.0/24"] @@ -76,7 +76,7 @@ module "storage" { default_enabled = true resource_group_name = module.resource_group.resource_group_name location = module.resource_group.resource_group_location - storage_account_name = "jdjkdkh787" + storage_account_name = "djshfjdh465" ## Storage Container containers_list = [ { name = "app-test", access_type = "private" }, @@ -92,7 +92,7 @@ module "storage" { queues = ["queue1"] management_policy_enable = true #enable private endpoint - virtual_network_id = module.vnet.vnet_id[0] + virtual_network_id = module.vnet.vnet_id subnet_id = module.subnet.default_subnet_id[0] enable_diagnostic = false } diff --git a/_example/nsg-with-flow-logs/ouputs.tf b/_example/nsg-with-flow-logs/ouputs.tf index d1d4d0b..053aedc 100644 --- a/_example/nsg-with-flow-logs/ouputs.tf +++ b/_example/nsg-with-flow-logs/ouputs.tf @@ -20,7 +20,7 @@ output "resource_group_location" { output "virtual_network_name" { description = "The name of the virtual network in which the subnet is created in." - value = join("", module.vnet.vnet_name) + value = module.vnet.vnet_name } output "address_prefixes" { diff --git a/main.tf b/main.tf index 9d1f301..929e2f6 100644 --- a/main.tf +++ b/main.tf @@ -36,7 +36,7 @@ resource "azurerm_network_security_group" "nsg" { resource "azurerm_network_security_rule" "inbound" { for_each = { for rule in var.inbound_rules : rule.name => rule } resource_group_name = var.resource_group_name - network_security_group_name = join("", azurerm_network_security_group.nsg[*].name) + network_security_group_name = azurerm_network_security_group.nsg[0].name direction = "Inbound" name = each.value.name priority = each.value.priority @@ -66,7 +66,7 @@ resource "azurerm_network_security_rule" "inbound" { resource "azurerm_network_security_rule" "outbound" { for_each = { for rule in var.outbound_rules : rule.name => rule } resource_group_name = var.resource_group_name - network_security_group_name = join("", azurerm_network_security_group.nsg[*].name) + network_security_group_name = azurerm_network_security_group.nsg[0].name direction = "Outbound" name = each.value.name priority = each.value.priority @@ -96,7 +96,7 @@ resource "azurerm_network_security_rule" "outbound" { resource "azurerm_subnet_network_security_group_association" "example" { count = var.enabled ? length(var.subnet_ids) : 0 subnet_id = element(var.subnet_ids, count.index) - network_security_group_id = join("", azurerm_network_security_group.nsg[*].id) + network_security_group_id = azurerm_network_security_group.nsg[0].id } ##----------------------------------------------------------------------------- @@ -110,7 +110,7 @@ resource "azurerm_network_watcher_flow_log" "nsg_flow_logs" { version = var.flow_log_version network_watcher_name = var.network_watcher_name resource_group_name = var.resource_group_name - network_security_group_id = join("", azurerm_network_security_group.nsg[*].id) + network_security_group_id = azurerm_network_security_group.nsg[0].id storage_account_id = var.flow_log_storage_account_id retention_policy { enabled = var.flow_log_retention_policy_enabled diff --git a/outputs.tf b/outputs.tf index 956482c..034a83d 100644 --- a/outputs.tf +++ b/outputs.tf @@ -1,10 +1,10 @@ output "id" { - value = join("", azurerm_network_security_group.nsg[*].id) + value = azurerm_network_security_group.nsg[0].id description = "The network security group configuration ID." } output "name" { - value = join("", azurerm_network_security_group.nsg[*].name) + value = azurerm_network_security_group.nsg[0].name description = "The name of the network security group." } @@ -14,16 +14,16 @@ output "tags" { } output "subnet_id" { - value = join("", azurerm_subnet_network_security_group_association.example[*].subnet_id) + value = azurerm_subnet_network_security_group_association.example[0].subnet_id description = "The ID of the Subnet. Changing this forces a new resource to be created." } output "network_watcher_name" { - value = join("", azurerm_network_watcher_flow_log.nsg_flow_logs[*].name) + value = var.enabled && var.enable_flow_logs ? azurerm_network_watcher_flow_log.nsg_flow_logs[0].name : null description = "The name of the Network Watcher. Changing this forces a new resource to be created." } output "storage_account_id" { - value = join("", azurerm_network_watcher_flow_log.nsg_flow_logs[*].storage_account_id) + value = var.enabled && var.enable_flow_logs ? azurerm_network_watcher_flow_log.nsg_flow_logs[0].storage_account_id : null description = "The ID of the Storage Account where flow logs are stored." }