feat: update tf modules

Signed-off-by: Rudra Gupta <[email protected]>

.github/workflows/check-compliance.yml

@@ -48,4 +48,45 @@ jobs:
       uses: actions/upload-artifact@v3
       with:
         name: help-output
-        path: privateer/release/help-output.txt
+        path: privateer/release/help-output.txt
+
+  terraform:
+    name: 'Terraform'
+    env: 
+      AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
+      AZURE_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }}
+      AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+      AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
+    runs-on: ubuntu-latest
+    environment: production
+
+    # Use the Bash shell regardless whether the GitHub Actions runner is ubuntu-latest, macos-latest, or windows-latest
+    defaults:
+      run:
+        shell: bash
+
+    steps:
+    # Checkout the repository to the GitHub Actions runner
+    - name: Checkout
+      uses: actions/checkout@v3
+
+    # Install the latest version of Terraform CLI 
+    - name: Setup Terraform
+      uses: hashicorp/setup-terraform@v1
+
+    # Initialize a new or existing Terraform working directory by creating initial files, loading any remote state, downloading modules, etc.
+    - name: Terraform Init
+      run: terraform init
+
+    # Checks that all Terraform configuration files adhere to a canonical format
+    - name: Terraform Format
+      run: terraform fmt -check
+
+    # Generates an execution plan for Terraform
+    - name: Terraform Plan
+      run: terraform plan -input=false
+
+     # On push to "master", build or change infrastructure according to Terraform configuration files
+    # - name: Terraform Apply
+    #   if: github.ref == 'refs/heads/"master"' && github.event_name == 'push'
+    #   run: terraform apply -auto-approve -input=false

examples/basic/README.md

@@ -39,4 +39,4 @@ No inputs.
 | resource_group_name | Name of the created resource group |
 | storage_account_name | Name of the created storage account |
 | primary_blob_endpoint | Primary blob endpoint |
-| container_names | Names of the created containers |
+| container_name | Names of the created container |

examples/basic/backend.tf

@@ -0,0 +1,10 @@
+terraform {
+  backend "azurerm" {
+    resource_group_name  = "cfi-tfs-rg-name"
+    storage_account_name = "cfitfsstoragename"
+    container_name       = "cfi-tfs-container-name"
+    key                  = "cfi-blob.tfstate"
+    tenant_id            = "aa7600f5-0d7c-4503-8da7-0513529847ac"
+    subscription_id      = "8f0829d1-a216-42ec-8609-b6c345b7bf4e"
+  }
+}

examples/basic/main.tf

@@ -8,10 +8,8 @@ module "azure_blob_storage" {
   resource_group_name      = "cfi-resources"
   location                 = "eastus"
   storage_account_name     = "cfistorage${random_string.suffix.result}"
-  container_names          = ["container1", "container2"]
+  container_name          = "container1"
   enable_versioning        = true
-  account_tier             = "Standard"
-  account_replication_type = "LRS"
 
   tags = {
     Environment = "Development"

examples/basic/outputs.tf

@@ -13,7 +13,8 @@ output "primary_blob_endpoint" {
   value       = module.azure_blob_storage.primary_blob_endpoint
 }
 
-output "container_names" {
+output "container_name" {
   description = "Names of the created containers"
-  value       = module.azure_blob_storage.container_names
-}
+  value       = module.azure_blob_storage.container_name
+}
+

main.tf

@@ -1,26 +1,29 @@
-resource "azurerm_resource_group" "this" {
+# Create a Resource Group if it doesn’t exist
+resource "azurerm_resource_group" "tfexample" {
   name     = var.resource_group_name
   location = var.location
   tags     = var.tags
 }
 
-resource "azurerm_storage_account" "this" {
+# Create a Storage account
+resource "azurerm_storage_account" "terraform_state" {
   name                     = var.storage_account_name
-  resource_group_name      = azurerm_resource_group.this.name
-  location                 = azurerm_resource_group.this.location
-  account_tier             = var.account_tier
-  account_replication_type = var.account_replication_type
+  resource_group_name      = azurerm_resource_group.tfexample.name
+  location                 = azurerm_resource_group.tfexample.location
+  account_tier             = "Standard"
+  account_replication_type = "LRS"
 
   blob_properties {
     versioning_enabled = var.enable_versioning
   }
 
   tags = var.tags
-}
 
-resource "azurerm_storage_container" "this" {
-  count                 = length(var.container_names)
-  name                  = var.container_names[count.index]
-  storage_account_name  = azurerm_storage_account.this.name
-  container_access_type = var.container_access_type
 }
+
+# Create a Storage container
+resource "azurerm_storage_container" "terraform_state" {
+  name                  = var.container_name
+  storage_account_name  = azurerm_storage_account.terraform_state.name
+  container_access_type = "private"
+}

outputs.tf

@@ -1,24 +1,29 @@
+# Output variable: Blob Storage container name
+# output "blob_storage_container" {
+#   value = "https://${azurerm_storage_account.terraform_state.name}.blob.core.windows.net/${azurerm_storage_container.terraform_state.name}/"
+# }
+
 output "resource_group_name" {
   description = "Name of the created resource group"
-  value       = azurerm_resource_group.this.name
+  value       = azurerm_resource_group.tfexample.name
 }
 
 output "storage_account_id" {
   description = "ID of the created storage account"
-  value       = azurerm_storage_account.this.id
+  value       = azurerm_storage_account.terraform_state.id
 }
 
 output "storage_account_name" {
   description = "Name of the created storage account"
-  value       = azurerm_storage_account.this.name
+  value       = azurerm_storage_account.terraform_state.name
 }
 
 output "primary_blob_endpoint" {
   description = "Primary blob endpoint"
-  value       = azurerm_storage_account.this.primary_blob_endpoint
+  value       = azurerm_storage_account.terraform_state.primary_blob_endpoint
 }
 
-output "container_names" {
+output "container_name" {
   description = "Names of the created containers"
-  value       = azurerm_storage_container.this[*].name
-}
+  value       = azurerm_storage_container.terraform_state.name
+}

versions.tf → provider.tf

@@ -1,14 +1,15 @@
+# Set the Azure Provider source and version being used
 terraform {
-  required_version = ">= 0.13.0"
+  required_version = ">= 0.14"
+
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = ">= 2.0"
+      version = "~> 3.1.0"
     }
   }
 }
 
 provider "azurerm" {
   features {}
-  subscription_id = "0000000-0000-00000-000000"
-}
+}

scripts/setup-storage-accts-container.sh

@@ -0,0 +1,17 @@
+#!/bin/bash
+
+RESOURCE_GROUP_NAME=cfi-tfs-rg-name #tfstate
+STORAGE_ACCOUNT_NAME=cfitfsstoragename #tfstate713   #Unique Name
+CONTAINER_NAME=cfi-tfs-container-name #tfstate
+
+# Create resource group
+az group create --name $RESOURCE_GROUP_NAME --location eastus
+
+# Create storage account
+az storage account create --resource-group $RESOURCE_GROUP_NAME --name $STORAGE_ACCOUNT_NAME --sku Standard_LRS --encryption-services blob
+
+# Create blob container
+az storage container create --name $CONTAINER_NAME --account-name $STORAGE_ACCOUNT_NAME
+
+# az ad sp create-for-rbac --name cfiSvcPrincipal --role reader --scopes /subscriptions/8f0829d1-a216-42ec-8609-b6c345b7bf4e
+

variables.tf

@@ -1,3 +1,5 @@
+# Input variable: Name of Storage Account
+
 variable "resource_group_name" {
   description = "Name of the resource group"
   type        = string
@@ -7,22 +9,10 @@ variable "location" {
   description = "Azure region where resources will be created"
   type        = string
 }
-
-variable "storage_account_name" {
-  description = "Name of the storage account"
-  type        = string
-}
-
-variable "account_tier" {
-  description = "Performance tier of the storage account"
-  type        = string
-  default     = "Standard"
-}
-
-variable "account_replication_type" {
-  description = "Replication type for the storage account"
-  type        = string
-  default     = "LRS"
+variable "tags" {
+  description = "Tags to apply to the resources"
+  type        = map(string)
+  default     = {}
 }
 
 variable "enable_versioning" {
@@ -31,26 +21,13 @@ variable "enable_versioning" {
   default     = false
 }
 
-variable "container_names" {
-  description = "List of container names to create"
-  type        = list(string)
-  default     = []
-}
-
-variable "container_access_type" {
-  description = "Access type for the containers"
-  type        = string
-  default     = "private"
-}
-
-variable "tags" {
-  description = "Tags to apply to the resources"
-  type        = map(string)
-  default     = {}
+variable "storage_account_name" {
+  description = "The name of the storage account. Must be globally unique, length between 3 and 24 characters and contain numbers and lowercase letters only."
+  default     = "mytfstorageaccount"
 }
 
-variable "subscription_id" {
-  description = "Azure subscription ID"
-  type        = string
-  default     = "0000000-0000-00000-000000"
-}
+# Input variable: Name of Storage container
+variable "container_name" {
+  description = "The name of the Blob Storage container."
+  default     = "my-terraform-state-container"
+}