From 36cdb0afb4c4ea74d3038de63ca5f099595beceb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=A9r=C3=B4me=20Respaut?= Date: Tue, 8 Oct 2024 14:21:04 +0200 Subject: [PATCH] feat(AZ-1088)!: module v8 structure and updates BREAKING CHANGES: AzureRM Provider v4+ and OpenTofu 1.8+ --- .gitlab-ci.yml | 4 +- README.md | 86 +++++++++++++------------------------- r-naming.tf => d-naming.tf | 4 +- examples/main/base.tf | 31 ++++++++++++++ examples/main/modules.tf | 48 ++++----------------- outputs.tf | 27 +++++++----- providers.tf | 12 ++++++ r-subnet.tf | 11 +++-- variables-naming.tf | 12 ++---- variables-subnet.tf | 73 ++++++++++++++++++++++++++++++++ variables.tf | 82 ++---------------------------------- versions.tf | 10 ----- versions.tofu | 3 ++ 13 files changed, 191 insertions(+), 212 deletions(-) rename r-naming.tf => d-naming.tf (71%) create mode 100644 providers.tf create mode 100644 variables-subnet.tf create mode 100644 versions.tofu diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 980ead7..071e198 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -1,7 +1,7 @@ --- variables: - TF_MIN_VERSION: "1.3" - AZURERM_PROVIDER_MIN_VERSION: "3.107" + TF_MIN_VERSION: "1.8" + AZURERM_PROVIDER_MIN_VERSION: "4.0" include: - project: "claranet/projects/cloud/azure/terraform/ci" diff --git a/README.md b/README.md index d34737b..04fbb53 100644 --- a/README.md +++ b/README.md @@ -35,37 +35,7 @@ More details about variables set by the `terraform-wrapper` available in the [do [Hashicorp Terraform](https://github.com/hashicorp/terraform/). Instead, we recommend to use [OpenTofu](https://github.com/opentofu/opentofu/). ```hcl -module "azure_region" { - source = "claranet/regions/azurerm" - version = "x.x.x" - - azure_region = var.azure_region -} - -module "rg" { - source = "claranet/rg/azurerm" - version = "x.x.x" - - location = module.azure_region.location - client_name = var.client_name - environment = var.environment - stack = var.stack -} -module "azure_network_vnet" { - source = "claranet/vnet/azurerm" - version = "x.x.x" - - environment = var.environment - location = module.azure_region.location - location_short = module.azure_region.location_short - client_name = var.client_name - stack = var.stack - resource_group_name = module.rg.resource_group_name - - vnet_cidr = ["10.0.1.0/24"] -} - -module "azure_network_route_table" { +module "route_table" { source = "claranet/route-table/azurerm" version = "x.x.x" @@ -74,10 +44,10 @@ module "azure_network_route_table" { stack = var.stack location = module.azure_region.location location_short = module.azure_region.location_short - resource_group_name = module.rg.resource_group_name + resource_group_name = module.rg.name } -module "azure_network_security_group" { +module "network_security_group" { source = "claranet/nsg/azurerm" version = "x.x.x" @@ -86,10 +56,10 @@ module "azure_network_security_group" { location = module.azure_region.location location_short = module.azure_region.location_short stack = var.stack - resource_group_name = module.rg.resource_group_name + resource_group_name = module.rg.name } -module "azure_network_subnet" { +module "subnet" { source = "claranet/subnet/azurerm" version = "x.x.x" @@ -98,9 +68,9 @@ module "azure_network_subnet" { client_name = var.client_name stack = var.stack - resource_group_name = module.rg.resource_group_name + resource_group_name = module.rg.name - virtual_network_name = module.azure_network_vnet.virtual_network_name + virtual_network_name = module.vnet.name subnet_cidr_list = ["10.0.1.0/26"] subnet_delegation = { app-service-plan = [ @@ -111,9 +81,9 @@ module "azure_network_subnet" { ] } - route_table_name = module.azure_network_route_table.route_table_name + route_table_name = module.route_table.name - network_security_group_name = module.azure_network_security_group.network_security_group_name + network_security_group_name = module.network_security_group.name service_endpoints = ["Microsoft.Storage", "Microsoft.KeyVault", "Microsoft.ServiceBus", "Microsoft.Web"] } @@ -123,8 +93,8 @@ module "azure_network_subnet" { | Name | Version | |------|---------| -| azurecaf | ~> 1.2, >= 1.2.22 | -| azurerm | ~> 3.107 | +| azurecaf | ~> 1.2.28 | +| azurerm | ~> 4.0 | ## Modules @@ -134,7 +104,7 @@ No modules. | Name | Type | |------|------| -| [azurerm_subnet.subnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet) | resource | +| [azurerm_subnet.main](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet) | resource | | [azurerm_subnet_network_security_group_association.subnet_association](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet_network_security_group_association) | resource | | [azurerm_subnet_route_table_association.route_table_association](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet_route_table_association) | resource | | [azurecaf_name.subnet](https://registry.terraform.io/providers/claranet/azurecaf/latest/docs/data-sources/name) | data source | @@ -144,39 +114,39 @@ No modules. | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| -| client\_name | Client name/account used in naming | `string` | n/a | yes | -| custom\_subnet\_name | Optional custom subnet name | `string` | `null` | no | +| client\_name | Client name/account used in naming. | `string` | n/a | yes | +| custom\_subnet\_name | Optional custom subnet name. | `string` | `null` | no | | default\_outbound\_access\_enabled | Enable or Disable default\_outbound\_access. See https://learn.microsoft.com/en-us/azure/virtual-network/ip-services/default-outbound-access | `bool` | `false` | no | -| environment | Project environment | `string` | n/a | yes | +| environment | Project environment. | `string` | n/a | yes | | location\_short | Short string for Azure location. | `string` | n/a | yes | -| name\_prefix | Optional prefix for the generated name | `string` | `""` | no | -| name\_suffix | Optional suffix for the generated name | `string` | `""` | no | +| name\_prefix | Optional prefix for the generated name. | `string` | `""` | no | +| name\_suffix | Optional suffix for the generated name. | `string` | `""` | no | | network\_security\_group\_name | The Network Security Group name to associate with the subnets. | `string` | `null` | no | | network\_security\_group\_rg | The Network Security Group RG to associate with the subnet. Default is the same RG than the subnet. | `string` | `null` | no | | private\_link\_endpoint\_enabled | Enable or disable network policies for the Private Endpoint on the subnet. | `bool` | `null` | no | | private\_link\_service\_enabled | Enable or disable network policies for the Private Link Service on the subnet. | `bool` | `null` | no | -| resource\_group\_name | Resource group name | `string` | n/a | yes | +| resource\_group\_name | Resource group name. | `string` | n/a | yes | | route\_table\_name | The Route Table name to associate with the subnet. | `string` | `null` | no | | route\_table\_rg | The Route Table RG to associate with the subnet. Default is the same RG than the subnet. | `string` | `null` | no | | service\_endpoint\_policy\_ids | The list of IDs of Service Endpoint Policies to associate with the subnet. | `list(string)` | `null` | no | | service\_endpoints | The list of Service endpoints to associate with the subnet. | `list(string)` | `[]` | no | -| stack | Project stack name | `string` | n/a | yes | +| stack | Project stack name. | `string` | n/a | yes | | subnet\_cidr\_list | The address prefix list to use for the subnet. | `list(string)` | n/a | yes | | subnet\_delegation | Subnet delegations configuration. | 
map(list(object({
    name    = string
    actions = list(string)
  })))
| `{}` | no | -| use\_caf\_naming | Use the Azure CAF naming provider to generate default resource name. `custom_subnet_name` override this if set. Legacy default name is used if this is set to `false`. | `bool` | `true` | no | -| virtual\_network\_name | Virtual network name | `string` | n/a | yes | +| virtual\_network\_name | Virtual network name. | `string` | n/a | yes | ## Outputs | Name | Description | |------|-------------| -| subnet\_cidr\_list | CIDR list of the created subnets. | -| subnet\_cidrs\_map | Map with names and CIDRs of the created subnets. | -| subnet\_id | ID of the created subnet. | -| subnet\_ips | The collection of IPs within this subnet. | -| subnet\_name | Name of the created subnet. | -| subnet\_nsg\_association\_id | Subnet network security group association ID. | -| subnet\_rt\_association\_id | Subnet route table association ID. | +| cidrs\_list | CIDR list of the created subnets. | +| cidrs\_map | Map with names and CIDRs of the created subnets. | +| id | ID of the created subnet. | +| ips | The collection of IPs within this subnet. | +| name | Name of the created subnet. | +| nsg\_association\_id | Subnet network security group association ID. | +| resource | Subnet resource object. | +| rt\_association\_id | Subnet route table association ID. | ## Related documentation diff --git a/r-naming.tf b/d-naming.tf similarity index 71% rename from r-naming.tf rename to d-naming.tf index f29d5e2..924668f 100644 --- a/r-naming.tf +++ b/d-naming.tf @@ -2,8 +2,8 @@ data "azurecaf_name" "subnet" { name = var.stack resource_type = "azurerm_subnet" prefixes = var.name_prefix == "" ? null : [local.name_prefix] - suffixes = compact([var.client_name, var.location_short, var.environment, local.name_suffix, var.use_caf_naming ? "" : "subnet"]) - use_slug = var.use_caf_naming + suffixes = compact([var.client_name, var.location_short, var.environment, local.name_suffix]) + use_slug = true clean_input = true separator = "-" } diff --git a/examples/main/base.tf b/examples/main/base.tf index e69de29..418dc16 100644 --- a/examples/main/base.tf +++ b/examples/main/base.tf @@ -0,0 +1,31 @@ +module "azure_region" { + source = "claranet/regions/azurerm" + version = "x.x.x" + + azure_region = var.azure_region +} + +module "rg" { + source = "claranet/rg/azurerm" + version = "x.x.x" + + location = module.azure_region.location + location_short = module.azure_region.location_short + + client_name = var.client_name + environment = var.environment + stack = var.stack +} +module "vnet" { + source = "claranet/vnet/azurerm" + version = "x.x.x" + + environment = var.environment + location = module.azure_region.location + location_short = module.azure_region.location_short + client_name = var.client_name + stack = var.stack + resource_group_name = module.rg.resource_group_name + + vnet_cidr = ["10.0.1.0/24"] +} diff --git a/examples/main/modules.tf b/examples/main/modules.tf index 3a10945..78b20ee 100644 --- a/examples/main/modules.tf +++ b/examples/main/modules.tf @@ -1,34 +1,4 @@ -module "azure_region" { - source = "claranet/regions/azurerm" - version = "x.x.x" - - azure_region = var.azure_region -} - -module "rg" { - source = "claranet/rg/azurerm" - version = "x.x.x" - - location = module.azure_region.location - client_name = var.client_name - environment = var.environment - stack = var.stack -} -module "azure_network_vnet" { - source = "claranet/vnet/azurerm" - version = "x.x.x" - - environment = var.environment - location = module.azure_region.location - location_short = module.azure_region.location_short - client_name = var.client_name - stack = var.stack - resource_group_name = module.rg.resource_group_name - - vnet_cidr = ["10.0.1.0/24"] -} - -module "azure_network_route_table" { +module "route_table" { source = "claranet/route-table/azurerm" version = "x.x.x" @@ -37,10 +7,10 @@ module "azure_network_route_table" { stack = var.stack location = module.azure_region.location location_short = module.azure_region.location_short - resource_group_name = module.rg.resource_group_name + resource_group_name = module.rg.name } -module "azure_network_security_group" { +module "network_security_group" { source = "claranet/nsg/azurerm" version = "x.x.x" @@ -49,10 +19,10 @@ module "azure_network_security_group" { location = module.azure_region.location location_short = module.azure_region.location_short stack = var.stack - resource_group_name = module.rg.resource_group_name + resource_group_name = module.rg.name } -module "azure_network_subnet" { +module "subnet" { source = "claranet/subnet/azurerm" version = "x.x.x" @@ -61,9 +31,9 @@ module "azure_network_subnet" { client_name = var.client_name stack = var.stack - resource_group_name = module.rg.resource_group_name + resource_group_name = module.rg.name - virtual_network_name = module.azure_network_vnet.virtual_network_name + virtual_network_name = module.vnet.name subnet_cidr_list = ["10.0.1.0/26"] subnet_delegation = { app-service-plan = [ @@ -74,9 +44,9 @@ module "azure_network_subnet" { ] } - route_table_name = module.azure_network_route_table.route_table_name + route_table_name = module.route_table.name - network_security_group_name = module.azure_network_security_group.network_security_group_name + network_security_group_name = module.network_security_group.name service_endpoints = ["Microsoft.Storage", "Microsoft.KeyVault", "Microsoft.ServiceBus", "Microsoft.Web"] } diff --git a/outputs.tf b/outputs.tf index 457e094..52d45f5 100644 --- a/outputs.tf +++ b/outputs.tf @@ -1,36 +1,41 @@ -output "subnet_id" { +output "resource" { + description = "Subnet resource object." + value = azurerm_subnet.main +} + +output "id" { description = "ID of the created subnet." - value = azurerm_subnet.subnet.id + value = azurerm_subnet.main.id } -output "subnet_cidr_list" { +output "cidrs_list" { description = "CIDR list of the created subnets." - value = azurerm_subnet.subnet.address_prefixes + value = azurerm_subnet.main.address_prefixes } -output "subnet_cidrs_map" { +output "cidrs_map" { description = "Map with names and CIDRs of the created subnets." value = { - (azurerm_subnet.subnet.name) = azurerm_subnet.subnet.address_prefixes + (azurerm_subnet.main.name) = azurerm_subnet.main.address_prefixes } } -output "subnet_name" { +output "name" { description = "Name of the created subnet." - value = azurerm_subnet.subnet.name + value = azurerm_subnet.main.name } -output "subnet_ips" { +output "ips" { description = "The collection of IPs within this subnet." value = var.subnet_cidr_list[*] } -output "subnet_nsg_association_id" { +output "nsg_association_id" { description = "Subnet network security group association ID." value = one(azurerm_subnet_network_security_group_association.subnet_association[*].id) } -output "subnet_rt_association_id" { +output "rt_association_id" { description = "Subnet route table association ID." value = one(azurerm_subnet_route_table_association.route_table_association[*].id) } diff --git a/providers.tf b/providers.tf new file mode 100644 index 0000000..0a4390f --- /dev/null +++ b/providers.tf @@ -0,0 +1,12 @@ +terraform { + required_providers { + azurerm = { + source = "hashicorp/azurerm" + version = "~> 4.0" + } + azurecaf = { + source = "claranet/azurecaf" + version = "~> 1.2.28" + } + } +} diff --git a/r-subnet.tf b/r-subnet.tf index abdf701..b5f892f 100644 --- a/r-subnet.tf +++ b/r-subnet.tf @@ -1,4 +1,9 @@ -resource "azurerm_subnet" "subnet" { +moved { + from = azurerm_subnet.main + to = azurerm_subnet.main +} + +resource "azurerm_subnet" "main" { name = local.subnet_name resource_group_name = var.resource_group_name virtual_network_name = var.virtual_network_name @@ -30,14 +35,14 @@ resource "azurerm_subnet" "subnet" { resource "azurerm_subnet_network_security_group_association" "subnet_association" { count = var.network_security_group_name == null ? 0 : 1 - subnet_id = azurerm_subnet.subnet.id + subnet_id = azurerm_subnet.main.id network_security_group_id = local.network_security_group_id } resource "azurerm_subnet_route_table_association" "route_table_association" { count = var.route_table_name == null ? 0 : 1 - subnet_id = azurerm_subnet.subnet.id + subnet_id = azurerm_subnet.main.id route_table_id = local.route_table_id } diff --git a/variables-naming.tf b/variables-naming.tf index e288a4f..79342b9 100644 --- a/variables-naming.tf +++ b/variables-naming.tf @@ -1,25 +1,19 @@ # Generic naming variables variable "name_prefix" { - description = "Optional prefix for the generated name" + description = "Optional prefix for the generated name." type = string default = "" } variable "name_suffix" { - description = "Optional suffix for the generated name" + description = "Optional suffix for the generated name." type = string default = "" } -variable "use_caf_naming" { - description = "Use the Azure CAF naming provider to generate default resource name. `custom_subnet_name` override this if set. Legacy default name is used if this is set to `false`." - type = bool - default = true -} - # Custom naming override variable "custom_subnet_name" { - description = "Optional custom subnet name" + description = "Optional custom subnet name." type = string default = null } diff --git a/variables-subnet.tf b/variables-subnet.tf new file mode 100644 index 0000000..2bc74f3 --- /dev/null +++ b/variables-subnet.tf @@ -0,0 +1,73 @@ +variable "virtual_network_name" { + description = "Virtual network name." + type = string +} + +variable "subnet_cidr_list" { + description = "The address prefix list to use for the subnet." + type = list(string) +} + +variable "route_table_name" { + description = "The Route Table name to associate with the subnet." + type = string + default = null +} + +variable "route_table_rg" { + description = "The Route Table RG to associate with the subnet. Default is the same RG than the subnet." + type = string + default = null +} + +variable "network_security_group_name" { + description = "The Network Security Group name to associate with the subnets." + type = string + default = null +} + +variable "network_security_group_rg" { + description = "The Network Security Group RG to associate with the subnet. Default is the same RG than the subnet." + type = string + default = null +} + +variable "service_endpoints" { + description = "The list of Service endpoints to associate with the subnet." + type = list(string) + default = [] +} + +variable "service_endpoint_policy_ids" { + description = "The list of IDs of Service Endpoint Policies to associate with the subnet." + type = list(string) + default = null +} + +variable "private_link_endpoint_enabled" { + description = "Enable or disable network policies for the Private Endpoint on the subnet." + type = bool + default = null +} + +variable "private_link_service_enabled" { + description = "Enable or disable network policies for the Private Link Service on the subnet." + type = bool + default = null +} + +variable "subnet_delegation" { + description = "Subnet delegations configuration." + type = map(list(object({ + name = string + actions = list(string) + }))) + default = {} + nullable = false +} + +variable "default_outbound_access_enabled" { + description = "Enable or Disable default_outbound_access. See https://learn.microsoft.com/en-us/azure/virtual-network/ip-services/default-outbound-access" + type = bool + default = false +} diff --git a/variables.tf b/variables.tf index a1d0d9a..5a0cc5a 100644 --- a/variables.tf +++ b/variables.tf @@ -4,95 +4,21 @@ variable "location_short" { } variable "client_name" { - description = "Client name/account used in naming" + description = "Client name/account used in naming." type = string } variable "environment" { - description = "Project environment" + description = "Project environment." type = string } variable "stack" { - description = "Project stack name" + description = "Project stack name." type = string } variable "resource_group_name" { - description = "Resource group name" + description = "Resource group name." type = string } - -variable "virtual_network_name" { - description = "Virtual network name" - type = string -} - -variable "subnet_cidr_list" { - description = "The address prefix list to use for the subnet." - type = list(string) -} - -variable "route_table_name" { - description = "The Route Table name to associate with the subnet." - type = string - default = null -} - -variable "route_table_rg" { - description = "The Route Table RG to associate with the subnet. Default is the same RG than the subnet." - type = string - default = null -} - -variable "network_security_group_name" { - description = "The Network Security Group name to associate with the subnets." - type = string - default = null -} - -variable "network_security_group_rg" { - description = "The Network Security Group RG to associate with the subnet. Default is the same RG than the subnet." - type = string - default = null -} - -variable "service_endpoints" { - description = "The list of Service endpoints to associate with the subnet." - type = list(string) - default = [] -} - -variable "service_endpoint_policy_ids" { - description = "The list of IDs of Service Endpoint Policies to associate with the subnet." - type = list(string) - default = null -} - -variable "private_link_endpoint_enabled" { - description = "Enable or disable network policies for the Private Endpoint on the subnet." - type = bool - default = null -} - -variable "private_link_service_enabled" { - description = "Enable or disable network policies for the Private Link Service on the subnet." - type = bool - default = null -} - -variable "subnet_delegation" { - description = "Subnet delegations configuration." - type = map(list(object({ - name = string - actions = list(string) - }))) - default = {} - nullable = false -} - -variable "default_outbound_access_enabled" { - description = "Enable or Disable default_outbound_access. See https://learn.microsoft.com/en-us/azure/virtual-network/ip-services/default-outbound-access" - type = bool - default = false -} diff --git a/versions.tf b/versions.tf index 1bfbb2d..6964268 100644 --- a/versions.tf +++ b/versions.tf @@ -1,13 +1,3 @@ terraform { required_version = ">= 1.3" - required_providers { - azurerm = { - source = "hashicorp/azurerm" - version = "~> 3.107" - } - azurecaf = { - source = "claranet/azurecaf" - version = "~> 1.2, >= 1.2.22" - } - } } diff --git a/versions.tofu b/versions.tofu new file mode 100644 index 0000000..102e4ab --- /dev/null +++ b/versions.tofu @@ -0,0 +1,3 @@ +terraform { + required_version = ">= 1.8" +}