move to github

.github/release-drafter.yml

@@ -0,0 +1,52 @@
+---
+# Format and labels used aim to match those used by Ansible project
+name-template: '$RESOLVED_VERSION'
+tag-template: '$RESOLVED_VERSION'
+categories:
+  - title: 'Major Changes'
+    labels:
+      - 'major'  # c6476b
+  - title: 'Minor Changes'
+    labels:
+      - 'feature'  # 006b75
+      - 'enhancement'  # ededed
+      - 'refactoring'
+  - title: 'Bugfixes'
+    labels:
+      - 'bug'  # fbca04
+  - title: 'Deprecations'
+    labels:
+      - 'deprecated'  # fef2c0
+exclude-labels:
+  - 'skip-changelog'
+  - 'duplicate'
+version-resolver:
+  major:
+    labels:
+      - 'major'
+  minor:
+    labels:
+      - 'minor'
+      - 'feature'
+      - 'enhancement'
+      - 'refactoring'
+  patch:
+    labels:
+      - 'patch'
+      - 'bug'
+      - 'deprecated'
+  default: patch
+autolabeler:
+  - label: 'skip-changelog'
+    title: '/chore/i'
+  - label: 'bug'
+    title: '/fix/i'
+  - label: 'enhancement'
+    title: '/(enhance|improve)/i'
+  - label: 'feature'
+    title: '/feature/i'
+  - label: 'dreprecated'
+    title: '/deprecat/i'
+template: |
+  $CHANGES
+  Kudos goes to: $CONTRIBUTORS

.github/workflows/prettier-md.yml

@@ -0,0 +1,24 @@
+---
+# https://github.com/creyD/prettier_action
+name: Prettier markdown files
+
+on:
+  push:
+    paths:
+      - '**.md'
+
+jobs:
+  prettier-md:
+    runs-on: ubuntu-latest
+    timeout-minutes: 1
+
+    steps:
+      - name: Git checkout
+        uses: actions/checkout@v2
+        with:
+          ref: ${{ github.head_ref }}
+
+      - name: Prettify code
+        uses: creyD/[email protected]
+        with:
+          prettier_options: --write {**/*,*}.md

.github/workflows/release.yml

@@ -0,0 +1,80 @@
+---
+name: New release
+
+on:  # yamllint disable-line rule:truthy
+  workflow_dispatch:
+  push:
+    branches:
+      - main
+
+jobs:
+  generate_changelog:
+    runs-on: ubuntu-latest
+    name: create release draft
+    steps:
+      - uses: actions/[email protected]
+        with:
+          fetch-depth: 0
+
+      - name: 'Get Previous tag'
+        id: previoustag
+        uses: "WyriHaximus/github-action-get-previous-tag@master"
+        env:
+          GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
+
+      - name: calculate next version
+        id: version
+        uses: patrickjahns/version-drafter-action@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Generate changelog
+        uses: charmixer/auto-changelog-action@v1
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+          future_release: ${{ steps.version.outputs.next-version }}
+
+      - name: Generate readme
+        uses: terraform-docs/gh-actions@main
+        with:
+          working-dir: .
+          output-file: README.md
+          output-method: inject
+
+      - name: push changelog and readme
+        uses: github-actions-x/[email protected]
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          push-branch: 'main'
+          commit-message: 'update changelog'
+          force-add: 'true'
+          files: CHANGELOG.md README.md
+          name: T-Systems MMS
+          email: [email protected]
+
+      # do a second checkout to prevent race situation
+      # changelog gets updated but action works on old commit id
+      - uses: actions/[email protected]
+        with:
+          ref: main
+
+      - name: Generate changelog for the release
+        run: |
+          sed '/## \[${{ steps.previoustag.outputs.tag }}\]/Q' CHANGELOG.md > CHANGELOGRELEASE.md
+      - name: Read CHANGELOG.md
+        id: package
+        uses: juliangruber/read-file-action@v1
+        with:
+          path: ./CHANGELOGRELEASE.md
+
+      - name: Create Release draft
+        id: create_release
+        uses: actions/create-release@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  # This token is provided by Actions, you do not need to create your own token
+        with:
+          release_name: ${{ steps.version.outputs.next-version }}
+          tag_name: ${{ steps.version.outputs.next-version }}
+          body: |
+            ${{ steps.package.outputs.content }}
+          draft: true

.github/workflows/terraform-lint.yml

@@ -0,0 +1,15 @@
+---
+name: Terraform Lint
+
+on: [push, pull_request]
+
+jobs:
+  terraform-lint:
+    runs-on: ubuntu-latest
+
+    steps:
+    # Important: This sets up your GITHUB_WORKSPACE environment variable
+    - uses: actions/checkout@v2
+    - name: Lint Terraform
+      # replace "master" with any valid ref
+      uses: actionshub/terraform-lint@main

.terraform-docs.yml

@@ -0,0 +1,46 @@
+formatter: template
+
+sections:
+  show:
+    - header
+    - requirements
+    - providers
+    - resources
+    - modules
+    - inputs
+    - outputs
+    - footer
+
+content: |-
+  {{ .Header }}
+
+  <-- This file is autogenerated, please do not change. -->
+
+  {{ .Requirements }}
+
+  {{ .Providers }}
+
+  {{ .Resources }}
+
+  {{ .Inputs }}
+
+  {{ .Outputs }}
+
+  ## Examples
+
+  ```hcl
+  {{ include "examples/main.tf" }}
+  ```
+
+sort:
+  enabled: true
+  by: required
+
+settings:
+  indent: 2
+  hide-empty: true
+  anchor: false
+  escape: false
+  required: true
+  type: true
+  read-comments: true

examples/main.tf

@@ -0,0 +1,19 @@
+module "storage" {
+  source              = "../terraform-storage"
+  location            = "westeurope"
+  resource_group_name = "service-infrastructure-rg"
+  resource_name = {
+    storage_account = {
+      mgmt = "servicemgmtstg"
+    }
+  }
+  storage_account = {
+    account_replication_type = "LRS"
+  }
+  storage_container = {
+    terraform = {}
+  }
+  tags = {
+    service = "service_name"
+  }
+}

main.tf

@@ -0,0 +1,76 @@
+/**
+ * # storage
+ *
+ * This module manages Azure Storage Configuration.
+ *
+*/
+resource "azurerm_storage_account" "storage_account" {
+  for_each = var.resource_name.storage_account
+
+  name                      = each.value
+  location                  = var.location
+  resource_group_name       = var.resource_group_name
+  account_kind              = local.storage_account.account_kind
+  account_tier              = local.storage_account.account_tier
+  account_replication_type  = local.storage_account.account_replication_type
+  access_tier               = local.storage_account.access_tier
+  enable_https_traffic_only = local.storage_account.enable_https_traffic_only
+  allow_blob_public_access  = local.storage_account.allow_blob_public_access
+  shared_access_key_enabled = local.storage_account.shared_access_key_enabled
+
+  dynamic "static_website" {
+    /** is static website config set and should be enabled */
+    for_each = contains(keys(var.storage_account_config), "static_website") == true ? [1] : []
+    content {
+      index_document     = local.storage_account_config.static_website.index_document
+      error_404_document = local.storage_account_config.static_website.error_404_document
+    }
+  }
+
+  tags = {
+    for tag in keys(local.tags) :
+    tag => local.tags[tag]
+  }
+}
+
+resource "azurerm_storage_container" "storage_container" {
+  for_each = var.storage_container
+
+  name                  = each.key
+  storage_account_name  = lookup(local.storage_container[each.key], "storage_account_name",azurerm_storage_account.storage_account[element(keys(var.resource_name.storage_account), 0)].name)
+  container_access_type = local.storage_container[each.key].container_access_type
+}
+
+resource "azurerm_storage_share" "storage_share" {
+  for_each = var.storage_share
+
+  name                 = each.key
+  metadata             = local.storage_share[each.key].metadata
+  storage_account_name = lookup(local.storage_share[each.key], "storage_account_name",azurerm_storage_account.storage_account[element(keys(var.resource_name.storage_account), 0)].name)
+  quota                = local.storage_share[each.key].quota
+
+  dynamic "acl" {
+    for_each = contains(keys(var.storage_share_config), "acl") == true ? [1] : []
+    content {
+      id     = local.storage_share_config.acl[each.key].id
+
+      dynamic "access_policy" {
+        for_each = local.storage_share_config.acl[each.key].access_policy
+        content {
+          permissions = local.storage_share_config.acl[each.key].access_policy[access_policy.key].permissions
+          start       = local.storage_share_config.acl[each.key].access_policy[access_policy.key].start
+          expiry      = local.storage_share_config.acl[each.key].access_policy[access_policy.key].expiry
+        }
+      }
+    }
+  }
+}
+
+resource "azurerm_storage_share_directory" "storage_share_directory" {
+  for_each = var.storage_share_directory
+
+  name                 = each.key
+  metadata             = local.storage_share_directory[each.key].metadata
+  share_name           = lookup(local.storage_share_directory[each.key], "share_name", azurerm_storage_share.storage_share[element(keys(var.storage_share), 0)].name)
+  storage_account_name = lookup(local.storage_share_directory[each.key], "storage_account_name",azurerm_storage_account.storage_account[element(keys(var.resource_name.storage_account), 0)].name)
+}

outputs.tf

@@ -0,0 +1,12 @@
+output "storage_account" {
+  description = "azurerm_storage_account results"
+  value = {
+    for storage_account in keys(azurerm_storage_account.storage_account) :
+    storage_account => {
+      id                   = azurerm_storage_account.storage_account[storage_account].id
+      name                 = azurerm_storage_account.storage_account[storage_account].name
+      primary_access_key   = azurerm_storage_account.storage_account[storage_account].primary_access_key
+      primary_web_endpoint = azurerm_storage_account.storage_account[storage_account].primary_web_endpoint
+    }
+  }
+}

providers.tf

@@ -0,0 +1,3 @@
+provider "azurerm" {
+  features {}
+}