From 5cf968d84785c29d2c3e669df9b4c8454239c619 Mon Sep 17 00:00:00 2001 From: Harshit Luthra Date: Mon, 4 Nov 2024 02:31:06 +0530 Subject: [PATCH 1/7] chore(terraform): update provider version constraints to allow newer versions --- versions.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/versions.tf b/versions.tf index 8b1bc0a..8837677 100644 --- a/versions.tf +++ b/versions.tf @@ -4,11 +4,11 @@ terraform { required_providers { azurerm = { source = "hashicorp/azurerm" - version = "3.94.0" + version = ">= 3.94.0" } azuread = { source = "hashicorp/azuread" - version = "2.47.0" + version = ">= 2.47.0" } } } From e71c7ada2b0e7626301a1009b8d56c8f9653034b Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Sun, 3 Nov 2024 21:01:31 +0000 Subject: [PATCH 2/7] terraform-docs: automated action --- README.md | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/README.md b/README.md index 3c314d7..4c31bbe 100644 --- a/README.md +++ b/README.md @@ -5,15 +5,15 @@ | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.4 | -| [azuread](#requirement\_azuread) | 2.47.0 | -| [azurerm](#requirement\_azurerm) | 3.94.0 | +| [azuread](#requirement\_azuread) | >= 2.47.0 | +| [azurerm](#requirement\_azurerm) | >= 3.94.0 | ## Providers | Name | Version | |------|---------| -| [azuread](#provider\_azuread) | 2.47.0 | -| [azurerm](#provider\_azurerm) | 3.94.0 | +| [azuread](#provider\_azuread) | >= 2.47.0 | +| [azurerm](#provider\_azurerm) | >= 3.94.0 | ## Modules @@ -23,13 +23,13 @@ No modules. | Name | Type | |------|------| -| [azuread_application.truefoundry_platform_features_application](https://registry.terraform.io/providers/hashicorp/azuread/2.47.0/docs/resources/application) | resource | -| [azuread_service_principal.truefoundry_platform_features_service_principal](https://registry.terraform.io/providers/hashicorp/azuread/2.47.0/docs/resources/service_principal) | resource | -| [azuread_service_principal_password.truefoundry_platform_features_service_principal_password](https://registry.terraform.io/providers/hashicorp/azuread/2.47.0/docs/resources/service_principal_password) | resource | -| [azurerm_container_registry.truefoundry_container_registry](https://registry.terraform.io/providers/hashicorp/azurerm/3.94.0/docs/resources/container_registry) | resource | -| [azurerm_role_assignment.truefoundry_reader_role_assignment](https://registry.terraform.io/providers/hashicorp/azurerm/3.94.0/docs/resources/role_assignment) | resource | -| [azurerm_storage_account.truefoundry_platform_storage_account](https://registry.terraform.io/providers/hashicorp/azurerm/3.94.0/docs/resources/storage_account) | resource | -| [azurerm_storage_container.truefoundry_platform_container](https://registry.terraform.io/providers/hashicorp/azurerm/3.94.0/docs/resources/storage_container) | resource | +| [azuread_application.truefoundry_platform_features_application](https://registry.terraform.io/providers/hashicorp/azuread/latest/docs/resources/application) | resource | +| [azuread_service_principal.truefoundry_platform_features_service_principal](https://registry.terraform.io/providers/hashicorp/azuread/latest/docs/resources/service_principal) | resource | +| [azuread_service_principal_password.truefoundry_platform_features_service_principal_password](https://registry.terraform.io/providers/hashicorp/azuread/latest/docs/resources/service_principal_password) | resource | +| [azurerm_container_registry.truefoundry_container_registry](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/container_registry) | resource | +| [azurerm_role_assignment.truefoundry_reader_role_assignment](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/role_assignment) | resource | +| [azurerm_storage_account.truefoundry_platform_storage_account](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account) | resource | +| [azurerm_storage_container.truefoundry_platform_container](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_container) | resource | ## Inputs @@ -39,13 +39,13 @@ No modules. | [blob\_container\_override\_name](#input\_blob\_container\_override\_name) | Container name. Only used if container\_enable\_override is true | `string` | `""` | no | | [blob\_storage\_account\_account\_tier](#input\_blob\_storage\_account\_account\_tier) | Account tier of the storage account | `string` | `"Standard"` | no | | [blob\_storage\_account\_enable\_override](#input\_blob\_storage\_account\_enable\_override) | Enable overriding the name of storage account. This will only be used if feature\_blob\_storage\_enabled is true. You need to pass blob\_storage\_account\_override\_name to pass the storage account name | `bool` | `false` | no | -| [blob\_storage\_account\_exposed\_headers](#input\_blob\_storage\_account\_exposed\_headers) | List of exposed headers for CORS origins of storage account | `list(string)` | 
[
  "Etag"
]
| no | +| [blob\_storage\_account\_exposed\_headers](#input\_blob\_storage\_account\_exposed\_headers) | List of exposed headers for CORS origins of storage account | `list(string)` | 
[
  "Etag"
]
| no | | [blob\_storage\_account\_override\_name](#input\_blob\_storage\_account\_override\_name) | Storage account name. Only used if blob\_storage\_account\_enable\_override is true | `string` | `""` | no | | [blob\_storage\_account\_replication\_type](#input\_blob\_storage\_account\_replication\_type) | Replication type of storage account | `string` | `"GRS"` | no | -| [blob\_storage\_cors\_allowed\_headers](#input\_blob\_storage\_cors\_allowed\_headers) | List of allowed headers for CORS of storage account | `list(string)` | 
[
  "*"
]
| no | +| [blob\_storage\_cors\_allowed\_headers](#input\_blob\_storage\_cors\_allowed\_headers) | List of allowed headers for CORS of storage account | `list(string)` | 
[
  "*"
]
| no | | [blob\_storage\_cors\_allowed\_maxage](#input\_blob\_storage\_cors\_allowed\_maxage) | List of allowed maxage for CORS of storage account | `number` | `3000` | no | -| [blob\_storage\_cors\_allowed\_methods](#input\_blob\_storage\_cors\_allowed\_methods) | List of allowed methods for CORS of storage account | `list(string)` | 
[
  "GET",
  "POST",
  "PUT"
]
| no | -| [blob\_storage\_cors\_allowed\_origins](#input\_blob\_storage\_cors\_allowed\_origins) | List of allowed origin for CORS of storage account | `list(string)` | 
[
  "*"
]
| no | +| [blob\_storage\_cors\_allowed\_methods](#input\_blob\_storage\_cors\_allowed\_methods) | List of allowed methods for CORS of storage account | `list(string)` | 
[
  "GET",
  "POST",
  "PUT"
]
| no | +| [blob\_storage\_cors\_allowed\_origins](#input\_blob\_storage\_cors\_allowed\_origins) | List of allowed origin for CORS of storage account | `list(string)` | 
[
  "*"
]
| no | | [cluster\_id](#input\_cluster\_id) | ID of the AKS cluster | `string` | n/a | yes | | [cluster\_integration\_azuread\_application\_enable\_override](#input\_cluster\_integration\_azuread\_application\_enable\_override) | Enable overriding the name of azuread application. This will only be used if feature\_cluster\_integration\_azuread\_application\_enabled is true. You need to pass cluster\_integration\_azuread\_application\_override\_name to pass the azuread application name | `bool` | `false` | no | | [cluster\_integration\_azuread\_application\_override\_name](#input\_cluster\_integration\_azuread\_application\_override\_name) | Azuread application name. Only used if cluster\_integration\_azuread\_application\_enable\_override is true | `string` | `""` | no | From 8a871d14802fce69e871341076ea77dce7dec704 Mon Sep 17 00:00:00 2001 From: Harshit Luthra Date: Mon, 4 Nov 2024 13:10:48 +0530 Subject: [PATCH 3/7] chore(versions.tf): update azurerm provider version to 3.107.0 to ensure compatibility with latest features and fixes --- versions.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/versions.tf b/versions.tf index 8837677..6904ce4 100644 --- a/versions.tf +++ b/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { azurerm = { source = "hashicorp/azurerm" - version = ">= 3.94.0" + version = ">= 3.107.0" } azuread = { source = "hashicorp/azuread" From 73665073ddf870c22cee2ad1f3612599ae5fa1d0 Mon Sep 17 00:00:00 2001 From: Harshit Luthra Date: Tue, 5 Nov 2024 00:58:09 +0530 Subject: [PATCH 4/7] fix(cluster_integration.tf): correct service principal ID attribute from object_id to id for proper resource referencing --- cluster_integration.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cluster_integration.tf b/cluster_integration.tf index 5dcd10e..32d3919 100644 --- a/cluster_integration.tf +++ b/cluster_integration.tf @@ -11,7 +11,7 @@ resource "azuread_service_principal" "truefoundry_platform_features_service_prin resource "azuread_service_principal_password" "truefoundry_platform_features_service_principal_password" { count = var.platform_feature_enabled ? var.feature_cluster_integration_enabled ? 1 : 0 : 0 - service_principal_id = azuread_service_principal.truefoundry_platform_features_service_principal[0].object_id + service_principal_id = azuread_service_principal.truefoundry_platform_features_service_principal[0].id display_name = local.service_principal_password end_date = var.cluster_integration_service_principal_password_expiry_end_date } From a99a9901fd504a41048d5a49655c0126642b0410 Mon Sep 17 00:00:00 2001 From: Harshit Luthra Date: Wed, 6 Nov 2024 15:29:32 +0530 Subject: [PATCH 5/7] fix(container.tf): correct attribute name to `https_traffic_only_enabled` for clarity and consistency chore(versions.tf): update azuread provider version to `>= 3.0.2` to ensure compatibility with latest features and improvements --- container.tf | 15 +++++++-------- versions.tf | 2 +- 2 files changed, 8 insertions(+), 9 deletions(-) diff --git a/container.tf b/container.tf index 67418fd..cc97465 100644 --- a/container.tf +++ b/container.tf @@ -1,12 +1,11 @@ resource "azurerm_storage_account" "truefoundry_platform_storage_account" { - count = var.platform_feature_enabled ? var.feature_blob_storage_enabled ? 1 : 0 : 0 - name = local.storage_account_name - resource_group_name = var.resource_group_name - location = var.location - account_tier = var.blob_storage_account_account_tier - account_replication_type = var.blob_storage_account_replication_type - - enable_https_traffic_only = true + count = var.platform_feature_enabled ? var.feature_blob_storage_enabled ? 1 : 0 : 0 + name = local.storage_account_name + resource_group_name = var.resource_group_name + location = var.location + account_tier = var.blob_storage_account_account_tier + account_replication_type = var.blob_storage_account_replication_type + https_traffic_only_enabled = true access_tier = "Hot" min_tls_version = "TLS1_2" public_network_access_enabled = true diff --git a/versions.tf b/versions.tf index 6904ce4..2f9272b 100644 --- a/versions.tf +++ b/versions.tf @@ -8,7 +8,7 @@ terraform { } azuread = { source = "hashicorp/azuread" - version = ">= 2.47.0" + version = ">= 3.0.2" } } } From 5691724f4dfba0cbc590aba594d6034826452923 Mon Sep 17 00:00:00 2001 From: Harshit Luthra Date: Fri, 8 Nov 2024 05:50:30 +0530 Subject: [PATCH 6/7] fix(container.tf): correct attribute name from https_traffic_only_enabled to enable_https_traffic_only for azurerm_storage_account resource --- container.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/container.tf b/container.tf index cc97465..73853d3 100644 --- a/container.tf +++ b/container.tf @@ -5,7 +5,7 @@ resource "azurerm_storage_account" "truefoundry_platform_storage_account" { location = var.location account_tier = var.blob_storage_account_account_tier account_replication_type = var.blob_storage_account_replication_type - https_traffic_only_enabled = true + enable_https_traffic_only = true access_tier = "Hot" min_tls_version = "TLS1_2" public_network_access_enabled = true From 3010ab484ebee5d4d65f4d0b7689f2b4e3186e42 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Mon, 11 Nov 2024 06:35:17 +0000 Subject: [PATCH 7/7] terraform-docs: automated action --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 9b3d49b..656ea3f 100644 --- a/README.md +++ b/README.md @@ -5,14 +5,14 @@ | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.4 | -| [azuread](#requirement\_azuread) | >= 2.47.0 | +| [azuread](#requirement\_azuread) | >= 3.0.2 | | [azurerm](#requirement\_azurerm) | >= 3.107.0 | ## Providers | Name | Version | |------|---------| -| [azuread](#provider\_azuread) | >= 2.47.0 | +| [azuread](#provider\_azuread) | >= 3.0.2 | | [azurerm](#provider\_azurerm) | >= 3.107.0 | ## Modules