Install az CLI on bootstrap (#24)

* Install `az` CLI on bootstrap Signed-off-by: Roman Schwarz <[email protected]> * Add missing submodules directory Signed-off-by: Roman Schwarz <[email protected]> * Update terraform-docs configuration file Signed-off-by: Roman Schwarz <[email protected]> * Add and update TFLint configuration files Signed-off-by: Roman Schwarz <[email protected]> * Fix TFLint notices Signed-off-by: Roman Schwarz <[email protected]> --------- Signed-off-by: Roman Schwarz <[email protected]>
cloudeteer · Jan 7, 2025 · ec02286 · ec02286
1 parent e7babc7
commit ec02286
Show file tree

Hide file tree

Showing 9 changed files with 101 additions and 6 deletions.
diff --git a/.terraform-docs.yaml b/.terraform-docs.yaml
@@ -4,6 +4,10 @@ settings:
   hide-empty: true
   lockfile: false
 
+recursive:
+  enabled: true
+  path: modules
+
 output:
   file: README.md
 

diff --git a/.tflint.examples.hcl b/.tflint.examples.hcl
@@ -2,20 +2,46 @@ tflint {
   required_version = "~> 0.50"
 }
 
+plugin "terraform" {
+  enabled = true
+
+  source  = "github.com/terraform-linters/tflint-ruleset-terraform"
+  version = "0.9.1"
+
+  preset = "all"
+}
+
 plugin "azurerm" {
   enabled = true
-  version = "0.27.0"
+
   source  = "github.com/terraform-linters/tflint-ruleset-azurerm"
+  version = "0.27.0"
 }
 
-rule "terraform_required_version" {
+rule "terraform_documented_variables" {
   enabled = false
 }
 
-rule "terraform_required_providers" {
+rule "terraform_documented_outputs" {
   enabled = false
 }
 
 rule "terraform_module_version" {
   enabled = false
 }
+
+rule "terraform_required_providers" {
+  enabled = false
+}
+
+rule "terraform_required_version" {
+  enabled = false
+}
+
+rule "terraform_standard_module_structure" {
+  enabled = false
+}
+
+rule "terraform_unused_required_providers" {
+  enabled = false
+}
diff --git a/.tflint.hcl b/.tflint.hcl
@@ -2,6 +2,15 @@ tflint {
   required_version = "~> 0.50"
 }
 
+plugin "terraform" {
+  enabled = true
+
+  source  = "github.com/terraform-linters/tflint-ruleset-terraform"
+  version = "0.9.1"
+
+  preset = "all"
+}
+
 plugin "azurerm" {
   enabled = true
   version = "0.27.0"

diff --git a/.tflint.tests.hcl b/.tflint.tests.hcl
@@ -0,0 +1,27 @@
+tflint {
+  required_version = "~> 0.50"
+}
+
+plugin "terraform" {
+  enabled = true
+
+  source  = "github.com/terraform-linters/tflint-ruleset-terraform"
+  version = "0.9.1"
+
+  preset = "all"
+}
+
+plugin "azurerm" {
+  enabled = true
+
+  source  = "github.com/terraform-linters/tflint-ruleset-azurerm"
+  version = "0.27.0"
+}
+
+rule "terraform_unused_required_providers" {
+  enabled = false
+}
+
+rule "terraform_standard_module_structure" {
+  enabled = false
+}
diff --git a/README.md b/README.md
@@ -145,7 +145,8 @@ Default: `false`
 
 ### <a name="input_init_access_azure_principal_id"></a> [init\_access\_azure\_principal\_id](#input\_init\_access\_azure\_principal\_id)
 
-Description: n/a
+Description: Set the Azure Principal ID which will be given access to the storage account and key vault.
+**NOTE**: This is only required when `init` is set to `true`.
 
 Type: `string`
 

diff --git a/assets/install_github_actions_runner.sh.tftpl b/assets/install_github_actions_runner.sh.tftpl
@@ -27,6 +27,9 @@ apt-get update -yqq
 apt-get install -yqq curl jq unzip python3 python3-pip
 ln -s /usr/bin/python3 /usr/bin/python
 
+# Install Azure CLI
+curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash
+
 RUNNER_NAME=$(hostname)
 
 # Fill variables with Terraform templatefile()

diff --git a/modules/README.md b/modules/README.md
@@ -0,0 +1,18 @@
+# Sub-modules
+
+Create directories for each sub-module as needed. The `README.md` files for each sub-module will be automatically generated using [terraform-docs](https://terraform-docs.io/user-guide/configuration/recursive/), just like the `README.md` of the primary module. Documentation generation requires a usage example in `./<module>/examples/usage/`, with a `main.tf` file defining the example and a `main.md` file briefly describing it.
+
+Thus, the minimal file structure of a module is:
+
+```tree
+.
+├── README.md
+├── examples
+│   └── usage
+│       ├── main.md
+│       └── main.tf
+├── inputs.tf
+├── main.tf
+├── outputs.tf
+└── terraform.tf
+```
diff --git a/outputs.tf b/outputs.tf
@@ -1,13 +1,16 @@
+# tflint-ignore: terraform_naming_convention
 output "LAUNCHPAD_AZURE_CLIENT_ID" {
   value       = azurerm_user_assigned_identity.this.client_id
   description = "The client ID of the Azure user identity assigned to the Launchpad."
 }
 
+# tflint-ignore: terraform_naming_convention
 output "LAUNCHPAD_AZURE_STORAGE_ACCOUNT_NAME" {
   value       = azurerm_storage_account.this.name
   description = "The storage account name used by the Launchpad for the Terraform state backend."
 }
 
+# tflint-ignore: terraform_naming_convention
 output "LAUNCHPAD_AZURE_TENANT_ID" {
   value       = azurerm_user_assigned_identity.this.tenant_id
   description = "The tenant ID of the Azure user identity assigned to the Launchpad"

diff --git a/variables.tf b/variables.tf
@@ -5,8 +5,12 @@ variable "init" {
 }
 
 variable "init_access_azure_principal_id" {
-  type    = string
-  default = null
+  description = <<-EOD
+    Set the Azure Principal ID which will be given access to the storage account and key vault.
+    **NOTE**: This is only required when `init` is set to `true`.
+  EOD
+  type        = string
+  default     = null
 }
 
 variable "init_access_ip_address" {