From 8a166e91c8ef1609bb4e02781c1f84d5074ad10f Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Sun, 25 Aug 2024 01:37:02 +0000 Subject: [PATCH] fix: grept apply --- .github/ISSUE_TEMPLATE/avm_module_issue.yml | 1 - .github/PULL_REQUEST_TEMPLATE.md | 6 +- .github/policies/eventResponder.yml | 64 --------------------- .github/policies/scheduledSearches.yml | 36 ------------ .github/workflows/e2e.yml | 30 +++++++++- .terraform-docs.yml | 4 +- README.md | 14 ++--- avm | 8 ++- avm.bat | 2 +- examples/.terraform-docs.yml | 4 +- examples/default/README.md | 8 --- locals.telemetry.tf | 39 ------------- locals.version.tf.json | 5 -- main.telemetry.tf | 28 +++++---- 14 files changed, 64 insertions(+), 185 deletions(-) delete mode 100644 locals.telemetry.tf delete mode 100644 locals.version.tf.json diff --git a/.github/ISSUE_TEMPLATE/avm_module_issue.yml b/.github/ISSUE_TEMPLATE/avm_module_issue.yml index 8b05245..ec5d7a9 100644 --- a/.github/ISSUE_TEMPLATE/avm_module_issue.yml +++ b/.github/ISSUE_TEMPLATE/avm_module_issue.yml @@ -27,7 +27,6 @@ body: - "" - "Feature Request" - "Bug" - - "Security Bug" - "I'm not sure" validations: required: true diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md index 1346202..534ea7d 100644 --- a/.github/PULL_REQUEST_TEMPLATE.md +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -16,11 +16,11 @@ Closes #456 - [ ] Non-module change (e.g. CI/CD, documentation, etc.) - [ ] Azure Verified Module updates: - - [ ] Bugfix containing backwards compatible bug fixes, and I have NOT bumped the MAJOR or MINOR version in `locals.version.tf.json`: + - [ ] Bugfix containing backwards compatible bug fixes - [ ] Someone has opened a bug report issue, and I have included "Closes #{bug_report_issue_number}" in the PR description. - [ ] The bug was found by the module author, and no one has opened an issue to report it yet. - - [ ] Feature update backwards compatible feature updates, and I have bumped the MINOR version in `locals.version.tf.json`. - - [ ] Breaking changes and I have bumped the MAJOR version in `locals.version.tf.json`. + - [ ] Feature update backwards compatible feature updates. + - [ ] Breaking changes. - [ ] Update to documentation # Checklist diff --git a/.github/policies/eventResponder.yml b/.github/policies/eventResponder.yml index 1d5ba40..bad111d 100644 --- a/.github/policies/eventResponder.yml +++ b/.github/policies/eventResponder.yml @@ -17,18 +17,6 @@ configuration: then: - addLabel: label: "Needs: Triage :mag:" - - addReply: - reply: | - > [!IMPORTANT] - > **The "Needs: Triage :mag:" label must be removed once the triage process is complete!** - - - - > [!NOTE] - > This label was added as per [ITA06](https://azure.github.io/Azure-Verified-Modules/help-support/issue-triage/issue-triage-automation/#ita06). - description: 'ITA09 - When #RR is used in an issue, add the "Needs: Author Feedback :ear:" label' if: @@ -43,10 +31,6 @@ configuration: then: - addLabel: label: "Needs: Author Feedback :ear:" - - addReply: - reply: | - > [!NOTE] - > The "Needs: Author Feedback :ear:" label was added as per [ITA09](https://azure.github.io/Azure-Verified-Modules/help-support/issue-triage/issue-triage-automation/#ita09). - description: 'ITA10 - When #wontfix is used in an issue, mark it by using the label of "Status: Won''t Fix :broken_heart:"' if: @@ -62,10 +46,6 @@ configuration: - addLabel: label: "Status: Won't Fix :broken_heart:" - closeIssue - - addReply: - reply: | - > [!NOTE] - > The "Status: Won't Fix :broken_heart:" label was added and the issue was closed as per [ITA10](https://azure.github.io/Azure-Verified-Modules/help-support/issue-triage/issue-triage-automation/#ita10). - description: 'ITA11 - When a reply from anyone to an issue occurs, remove the "Needs: Author Feedback :ear:" label and label with "Needs: Attention :wave:"' if: @@ -82,10 +62,6 @@ configuration: label: "Needs: Author Feedback :ear:" - addLabel: label: "Needs: Attention :wave:" - - addReply: - reply: | - > [!NOTE] - > The "Needs: Author Feedback :ear:" label was removed and the "Needs: Attention :wave:" label was added as per [ITA11](https://azure.github.io/Azure-Verified-Modules/help-support/issue-triage/issue-triage-automation/#ita11). - description: "ITA12 - Clean email replies on every comment" if: @@ -113,16 +89,10 @@ configuration: label: "Type: New Module Proposal :bulb:" - hasLabel: label: "Type: Question/Feedback :raising_hand:" - - hasLabel: - label: "Type: Security Bug :lock:" - isAssignedToSomeone then: - removeLabel: label: "Needs: Triage :mag:" - - addReply: - reply: | - > [!NOTE] - > The "Needs: Triage :mag:" label was removed as per [ITA15](https://azure.github.io/Azure-Verified-Modules/help-support/issue-triage/issue-triage-automation/#ita15). - description: 'ITA20 - If the type is feature request, add the "Type: Feature Request :heavy_plus_sign:" label on the issue' if: @@ -140,10 +110,6 @@ configuration: then: - addLabel: label: "Type: Feature Request :heavy_plus_sign:" - - addReply: - reply: | - > [!NOTE] - > The "Type: Feature Request :heavy_plus_sign:" label was added as per [ITA20](https://azure.github.io/Azure-Verified-Modules/help-support/issue-triage/issue-triage-automation/#ita20). - description: 'ITA21 - If the type is bug, add the "Type: Bug :bug:" label on the issue' if: @@ -161,32 +127,6 @@ configuration: then: - addLabel: label: "Type: Bug :bug:" - - addReply: - reply: | - > [!NOTE] - > The "Type: Bug :bug:" label was added as per [ITA21](https://azure.github.io/Azure-Verified-Modules/help-support/issue-triage/issue-triage-automation/#ita21). - - - description: 'ITA22 - If the type is security bug, add the "Type: Security Bug :lock:" label on the issue' - if: - - payloadType: Issues - - isAction: - action: Opened - - bodyContains: - pattern: | - ### Issue Type? - - Security Bug - - not: - hasLabel: - label: "Type: Security Bug :lock:" - then: - - addLabel: - label: "Type: Security Bug :lock:" - - addReply: - reply: | - > [!NOTE] - > The "Type: Security Bug :lock:" label was added as per [ITA22](https://azure.github.io/Azure-Verified-Modules/help-support/issue-triage/issue-triage-automation/#ita22). - - description: 'ITA23 - Remove the "Status: In PR" label from an issue when it''s closed.' if: @@ -198,7 +138,3 @@ configuration: then: - removeLabel: label: "Status: In PR :point_right:" - - addReply: - reply: | - > [!NOTE] - > The "Status: In PR :point_right:" label was removed as per [ITA23](https://azure.github.io/Azure-Verified-Modules/help-support/issue-triage/issue-triage-automation/#ita23). diff --git a/.github/policies/scheduledSearches.yml b/.github/policies/scheduledSearches.yml index 452cca7..3b4b468 100644 --- a/.github/policies/scheduledSearches.yml +++ b/.github/policies/scheduledSearches.yml @@ -36,9 +36,6 @@ configuration: > [!TIP] > - To prevent further actions to take effect, the "Status: Response Overdue 🚩" label must be removed, once this issue has been responded to. > - To avoid this rule being (re)triggered, the ""Needs: Triage :mag:" label must be removed as part of the triage process (when the issue is first responded to)! - - > [!NOTE] - > This message was posted as per [ITA01TF](https://azure.github.io/Azure-Verified-Modules/help-support/issue-triage/issue-triage-automation/#ita01tf1-2). - addLabel: label: "Status: Response Overdue :triangular_flag_on_post:" @@ -68,9 +65,6 @@ configuration: > [!TIP] > - To prevent further actions to take effect, the "Status: Response Overdue 🚩" label must be removed, once this issue has been responded to. > - To avoid this rule being (re)triggered, the ""Needs: Triage :mag:" label must be removed as part of the triage process (when the issue is first responded to)! - - > [!NOTE] - > This message was posted as per [ITA01TF](https://azure.github.io/Azure-Verified-Modules/help-support/issue-triage/issue-triage-automation/#ita01tf1-2). - addLabel: label: "Status: Response Overdue :triangular_flag_on_post:" - assignTo: @@ -105,9 +99,6 @@ configuration: > [!TIP] > - To avoid this rule being (re)triggered, the "Needs: Triage :mag:" and "Status: Response Overdue :triangular_flag_on_post:" labels must be removed when the issue is first responded to! > - Remove the "Needs: Immediate Attention :bangbang:" label once the issue has been responded to. - - > [!NOTE] - > This message was posted as per [ITA02TF](https://azure.github.io/Azure-Verified-Modules/help-support/issue-triage/issue-triage-automation/#ita02tf1-2). - addLabel: label: "Needs: Immediate Attention :bangbang:" @@ -137,9 +128,6 @@ configuration: > [!TIP] > - To avoid this rule being (re)triggered, the "Needs: Triage :mag:" and "Status: Response Overdue :triangular_flag_on_post:" labels must be removed when the issue is first responded to! > - Remove the "Needs: Immediate Attention :bangbang:" label once the issue has been responded to. - - > [!NOTE] - > This message was posted as per [ITA02TF](https://azure.github.io/Azure-Verified-Modules/help-support/issue-triage/issue-triage-automation/#ita02tf1-2). - addLabel: label: "Needs: Immediate Attention :bangbang:" @@ -182,9 +170,6 @@ configuration: > [!TIP] > - To avoid this rule being (re)triggered, the "Needs: Triage :mag:" and "Status: Response Overdue :triangular_flag_on_post:" labels must be removed when the issue is first responded to! > - Remove the "Needs: Immediate Attention :bangbang:" label once the issue has been responded to. - - > [!NOTE] - > This message was posted as per [ITA03TF](https://azure.github.io/Azure-Verified-Modules/help-support/issue-triage/issue-triage-automation/#ita03tf). - addLabel: label: "Needs: Immediate Attention :bangbang:" - assignTo: @@ -213,15 +198,6 @@ configuration: > [!IMPORTANT] > @${issueAuthor}, this issue has been automatically marked as stale because it has been marked as requiring author feedback but has not had any activity for **4 days**. It will be closed if no further activity occurs **within 3 days of this comment**. - > [!TIP] - > To prevent further actions to take effect, one of the following conditions must be met: - > - The author must respond in a comment within 3 days of this comment. - > - The "Status: No Recent Activity :zzz:" label must be removed. - > - If applicable, the "Status: Long Term :hourglass_flowing_sand:" or the "Needs: Module Owner :mega:" label must be added. - - > [!NOTE] - > This message was posted as per [ITA04](https://azure.github.io/Azure-Verified-Modules/help-support/issue-triage/issue-triage-automation/#ita04). - - description: 'ITA05A - Close issues that have been marked as requiring author feedback but have not had any activity for 3 days, unless it''s been marked with the "Status long term" label.' frequencies: - hourly: @@ -242,12 +218,6 @@ configuration: reply: | > [!WARNING] > @${issueAuthor}, this issue will now be closed, as it has been marked as requiring author feedback but has not had any activity for **7 days**. - - > [!TIP] - > In case this issue needs to be reopened (e.g., the author responds after the issue was closed), the "Status: No Recent Activity :zzz:" label must be removed. - - > [!NOTE] - > This message was posted as per [ITA05](https://azure.github.io/Azure-Verified-Modules/help-support/issue-triage/issue-triage-automation/#ita05). - closeIssue - description: 'ITA05B - Close issues that have been marked as requiring author feedback but have not had any activity for 3 days, unless it''s been marked with the "Status long term" label.' @@ -270,10 +240,4 @@ configuration: reply: | > [!WARNING] > @${issueAuthor}, this issue will now be closed, as it has been marked as requiring author feedback but has not had any activity for **7 days**. - - > [!TIP] - > In case this issue needs to be reopened (e.g., the author responds after the issue was closed), the "Status: No Recent Activity :zzz:" label must be removed. - - > [!NOTE] - > This message was posted as per [ITA05](https://azure.github.io/Azure-Verified-Modules/help-support/issue-triage/issue-triage-automation/#ita05). - closeIssue diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml index 4fee2fa..effe4ad 100644 --- a/.github/workflows/e2e.yml +++ b/.github/workflows/e2e.yml @@ -42,6 +42,9 @@ jobs: - name: Test example shell: bash + env: + SECRETS_CONTEXT: ${{ toJson(secrets) }} + VARS_CONTEXT: ${{ toJson(vars) }} run: | set -e MAX_RETRIES=10 @@ -56,10 +59,35 @@ jobs: echo "Failed to login after $MAX_RETRIES attempts." exit 1 fi + + declare -A secrets + eval "$(echo $SECRETS_CONTEXT | jq -r 'to_entries[] | @sh "secrets[\(.key|tostring)]=\(.value|tostring)"')" + + declare -A variables + eval "$(echo $VARS_CONTEXT | jq -r 'to_entries[] | @sh "variables[\(.key|tostring)]=\(.value|tostring)"')" + + for key in "${!secrets[@]}"; do + if [[ $key = \TF_VAR_* ]]; then + lowerKey=$(echo "$key" | tr '[:upper:]' '[:lower:]') + finalKey=${lowerKey/tf_var_/TF_VAR_} + export "$finalKey"="${secrets[$key]}" + fi + done + + for key in "${!variables[@]}"; do + if [[ $key = \TF_VAR_* ]]; then + lowerKey=$(echo "$key" | tr '[:upper:]' '[:lower:]') + finalKey=${lowerKey/tf_var_/TF_VAR_} + export "$finalKey"="${variables[$key]}" + fi + done + + echo -e "Custom environment variables:\n$(env | grep TF_VAR_ | grep -v ' "TF_VAR_')" + export ARM_SUBSCRIPTION_ID=$(az login --identity --username $MSI_ID | jq -r '.[0] | .id') export ARM_TENANT_ID=$(az login --identity --username $MSI_ID | jq -r '.[0] | .tenantId') export ARM_CLIENT_ID=$(az identity list | jq -r --arg MSI_ID "$MSI_ID" '.[] | select(.principalId == $MSI_ID) | .clientId') - docker run --rm -v /var/run/docker.sock:/var/run/docker.sock -v $(pwd):/src -w /src --network=host -e TF_IN_AUTOMATION -e TF_VAR_enable_telemetry -e AVM_MOD_PATH=/src -e AVM_EXAMPLE=${{ matrix.example }} -e MSI_ID -e ARM_SUBSCRIPTION_ID -e ARM_TENANT_ID -e ARM_CLIENT_ID -e ARM_USE_MSI=true mcr.microsoft.com/azterraform:latest make test-example + docker run --rm -v /var/run/docker.sock:/var/run/docker.sock -v $(pwd):/src -w /src --network=host -e TF_IN_AUTOMATION -e TF_VAR_enable_telemetry -e AVM_MOD_PATH=/src -e AVM_EXAMPLE=${{ matrix.example }} -e MSI_ID -e ARM_SUBSCRIPTION_ID -e ARM_TENANT_ID -e ARM_CLIENT_ID -e ARM_USE_MSI=true --env-file <(env | grep TF_VAR_ | grep -v ' "TF_VAR_') mcr.microsoft.com/azterraform:latest make test-example # This job is only run when all the previous jobs are successful. # We can use it for PR validation to ensure all examples have completed. diff --git a/.terraform-docs.yml b/.terraform-docs.yml index dd5d16b..5f3b231 100644 --- a/.terraform-docs.yml +++ b/.terraform-docs.yml @@ -4,7 +4,7 @@ formatter: "markdown document" # this is required -version: "~> 0.17.0" +version: "~> 0.18" header-from: "_header.md" footer-from: "_footer.md" @@ -23,8 +23,6 @@ content: |- {{ .Requirements }} - {{ .Providers }} - {{ .Resources }} diff --git a/README.md b/README.md index 6721819..ab9c1c6 100644 --- a/README.md +++ b/README.md @@ -19,23 +19,17 @@ The following requirements are needed by this module: - [random](#requirement\_random) (>= 3.5.0) -## Providers - -The following providers are used by this module: - -- [azurerm](#provider\_azurerm) (>= 3.71.0) - -- [random](#provider\_random) (>= 3.5.0) - ## Resources The following resources are used by this module: - [azurerm_app_service_environment_v3.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service_environment_v3) (resource) - [azurerm_management_lock.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/management_lock) (resource) -- [azurerm_resource_group_template_deployment.telemetry](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group_template_deployment) (resource) - [azurerm_role_assignment.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/role_assignment) (resource) -- [random_id.telem](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) (resource) +- [modtm_telemetry.telemetry](https://registry.terraform.io/providers/hashicorp/modtm/latest/docs/resources/telemetry) (resource) +- [random_uuid.telemetry](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/uuid) (resource) +- [azurerm_client_config.telemetry](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/client_config) (data source) +- [modtm_module_source.telemetry](https://registry.terraform.io/providers/hashicorp/modtm/latest/docs/data-sources/module_source) (data source) ## Required Inputs diff --git a/avm b/avm index 6668be7..9716dfb 100755 --- a/avm +++ b/avm @@ -18,10 +18,16 @@ if [ -z "$1" ]; then exit 1 fi +# Mount .azure directory if it exists +AZURE_VOLUME="" +if [ -d "$HOME/.azure" ]; then + AZURE_VOLUME="-v $HOME/.azure:/home/runtimeuser/.azure" +fi + # Check if we are running in a container # If we are then just run make directly if [ -z "$AVM_IN_CONTAINER" ]; then - $CONTAINER_RUNTIME run --pull always --user "$(id -u):$(id -g)" --rm -v /etc/passwd:/etc/passwd -v /etc/group:/etc/group -v "$(pwd)":/src -w /src -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER mcr.microsoft.com/azterraform make "$1" + $CONTAINER_RUNTIME run --pull always --user "$(id -u):$(id -g)" --rm $AZURE_VOLUME -v /etc/passwd:/etc/passwd -v /etc/group:/etc/group -v "$(pwd)":/src -w /src -e GITHUB_REPOSITORY -e ARM_SUBSCRIPTION_ID -e GITHUB_REPOSITORY_OWNER mcr.microsoft.com/azterraform make "$1" else make "$1" fi diff --git a/avm.bat b/avm.bat index cdfa812..2eea22f 100644 --- a/avm.bat +++ b/avm.bat @@ -18,6 +18,6 @@ IF "%~1"=="" ( ) REM Run the make target with CONTAINER_RUNTIME -%CONTAINER_RUNTIME% run --pull always --rm -v "%cd%":/src -w /src -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER mcr.microsoft.com/azterraform make %1 +%CONTAINER_RUNTIME% run --pull always --rm -v "%cd%":/src -w /src --user "1000:1000" -r ARM_SUBSCRIPTION_ID -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER mcr.microsoft.com/azterraform make %1 ENDLOCAL diff --git a/examples/.terraform-docs.yml b/examples/.terraform-docs.yml index f97f3a3..bdfb331 100644 --- a/examples/.terraform-docs.yml +++ b/examples/.terraform-docs.yml @@ -4,7 +4,7 @@ formatter: "markdown document" # this is required -version: "~> 0.17.0" +version: "~> 0.18" header-from: "_header.md" footer-from: "_footer.md" @@ -27,8 +27,6 @@ content: |- {{ .Requirements }} - {{ .Providers }} - {{ .Resources }} diff --git a/examples/default/README.md b/examples/default/README.md index 4a3ce82..f184fe2 100644 --- a/examples/default/README.md +++ b/examples/default/README.md @@ -102,14 +102,6 @@ The following requirements are needed by this module: - [random](#requirement\_random) (>= 3.5.0, < 4.0.0) -## Providers - -The following providers are used by this module: - -- [azurerm](#provider\_azurerm) (>= 3.7.0, < 4.0.0) - -- [random](#provider\_random) (>= 3.5.0, < 4.0.0) - ## Resources The following resources are used by this module: diff --git a/locals.telemetry.tf b/locals.telemetry.tf deleted file mode 100644 index e10f435..0000000 --- a/locals.telemetry.tf +++ /dev/null @@ -1,39 +0,0 @@ -locals { - module_name = "avm-res-web-hostingenvironment " - module_type = "res" - # This constructs the ARM deployment name that is used for the telemetry. - # We shouldn't ever hit the 64 character limit but use substr just in case. - telem_arm_deployment_name = substr( - format( - "%s.%s.%s.v%s.%s", - local.telem_puid, - local.module_type, - substr(local.module_name, 0, 30), - replace(local.module_version, ".", "-"), - local.telem_random_hex - ), - 0, - 64 - ) - # This is an empty ARM deployment template. - telem_arm_template_content = jsonencode( - { - "$schema" = "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", - "contentVersion" = "1.0.0.0", - "parameters" = {}, - "variables" = {}, - "resources" = [], - "outputs" = { - "telemetry" = { - "type" = "String", - "value" = "For more information, see https://aka.ms/avm/telemetry" - } - } - } - ) - # This is the unique id AVM Terraform modules that is supplied by the AVM team. - # See https://azure.github.io/Azure-Verified-Modules/specs/shared/#id-sfr3---category-telemetry---deploymentusage-telemetry - telem_puid = "46d3xgtf" - # This ensures we don't get errors if telemetry is disabled. - telem_random_hex = can(random_id.telem[0].hex) ? random_id.telem[0].hex : "" -} diff --git a/locals.version.tf.json b/locals.version.tf.json deleted file mode 100644 index f82cc2c..0000000 --- a/locals.version.tf.json +++ /dev/null @@ -1,5 +0,0 @@ -{ - "locals": { - "module_version": "0.1.0" - } -} diff --git a/main.telemetry.tf b/main.telemetry.tf index ca2cca2..25144c3 100644 --- a/main.telemetry.tf +++ b/main.telemetry.tf @@ -1,17 +1,25 @@ -resource "random_id" "telem" { +data "azurerm_client_config" "telemetry" { + count = var.enable_telemetry ? 1 : 0 +} + +data "modtm_module_source" "telemetry" { count = var.enable_telemetry ? 1 : 0 - byte_length = 4 + module_path = path.module +} + +resource "random_uuid" "telemetry" { + count = var.enable_telemetry ? 1 : 0 } -# This is the module telemetry deployment that is only created if telemetry is enabled. -# It is deployed to the resource's resource group. -resource "azurerm_resource_group_template_deployment" "telemetry" { +resource "modtm_telemetry" "telemetry" { count = var.enable_telemetry ? 1 : 0 - deployment_mode = "Incremental" - name = local.telem_arm_deployment_name - resource_group_name = var.resource_group_name - tags = var.tags - template_content = local.telem_arm_template_content + tags = { + subscription_id = one(data.azurerm_client_config.telemetry).subscription_id + tenant_id = one(data.azurerm_client_config.telemetry).tenant_id + module_source = one(data.modtm_module_source.telemetry).module_source + module_version = one(data.modtm_module_source.telemetry).module_version + random_id = one(random_uuid.telemetry).result + } }