firewall module 0.1.0 (#3)

* add new files to repo * add new files to repo * add new files to repo * add new files to repo * add new files to repo * adding changes to repo * update files * update formatting * update examples * adding new module * update files * update virtual wan example * update files
Azure · Jan 25, 2024 · 47ad5d9 · 47ad5d9
1 parent e8d6ef7
commit 47ad5d9
Show file tree

Hide file tree

Showing 26 changed files with 1,381 additions and 137 deletions.
diff --git a/.github/policies/avmrequiredfiles.yml b/.github/policies/avmrequiredfiles.yml
@@ -16,13 +16,4 @@ configuration:
     prBody: |
       This repository needs the standard workflow and policy files to ensure compliance.
     file:
-      - path: .github/workflows/version-check.yml
-        prContentLink: https://raw.githubusercontent.com/Azure/terraform-azurerm-avm-template/main/.github/workflows/version-check.yml
-      - path: .github/workflows/linting.yml
-        prContentLink: https://raw.githubusercontent.com/Azure/terraform-azurerm-avm-template/main/.github/workflows/linting.yml
-      - path: Makefile
-        prContentLink: https://raw.githubusercontent.com/Azure/terraform-azurerm-avm-template/main/Makefile
-      - path: .github/policies/avmrequiredfiles.yml
-        prContentLink: https://raw.githubusercontent.com/Azure/terraform-azurerm-avm-template/main/.github/policies/avmrequiredfiles.yml
-      - path: .github/policies/branchprotection.yml
-        prContentLink: https://raw.githubusercontent.com/Azure/terraform-azurerm-avm-template/main/.github/policies/branchprotection.yml
+
diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml
@@ -13,19 +13,21 @@ permissions:
 
 jobs:
   getexamples:
+    if: github.event.repository.name != 'terraform-azurerm-avm-template'
     runs-on: ubuntu-latest
     outputs:
       examples: ${{ steps.getexamples.outputs.examples }}
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 #v4.1.1
       - name: get examples
         id: getexamples
         uses: Azure/terraform-azurerm-avm-template/.github/actions/e2e-getexamples@main
         with:
           github-token: ${{ secrets.GITHUB_TOKEN }}
 
   testexamples:
-    runs-on: ubuntu-latest
+    if: github.event.repository.name != 'terraform-azurerm-avm-template'
+    runs-on: [ self-hosted, 1ES.Pool= ]
     needs: getexamples
     environment: test
     env:
@@ -36,22 +38,21 @@ jobs:
         example: ${{ fromJson(needs.getexamples.outputs.examples) }}
       max-parallel: 5
     steps:
-      - uses: actions/checkout@v4
-
-      - uses: Azure/login@v1
-        with:
-          client-id: ${{ secrets.AZURE_CLIENT_ID }}
-          tenant-id: ${{ secrets.AZURE_TENANT_ID }}
-          subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 #v4.1.1
 
       - name: Test example
-        uses: Azure/terraform-azurerm-avm-template/.github/actions/e2e-testexamples@main
-        with:
-          example: ${{ matrix.example }}
+        shell: bash
+        run: |
+          set -e
+          az login --identity --username $MSI_ID > /dev/null
+          export ARM_SUBSCRIPTION_ID=$(az login --identity --username $MSI_ID | jq -r '.[0] | .id')
+          export ARM_TENANT_ID=$(az login --identity --username $MSI_ID | jq -r '.[0] | .tenantId')
+          docker run --rm -v /var/run/docker.sock:/var/run/docker.sock -v $(pwd):/src -w /src --network=host -e TF_IN_AUTOMATION -e TF_VAR_enable_telemetry -e AVM_MOD_PATH=/src -e AVM_EXAMPLE=${{ matrix.example }} -e MSI_ID -e ARM_SUBSCRIPTION_ID -e ARM_TENANT_ID -e ARM_USE_MSI=true mcr.microsoft.com/azterraform:latest make test-example
 
   # This job is only run when all the previous jobs are successful.
   # We can use it for PR validation to ensure all examples have completed.
   testexamplescomplete:
+    if: github.event.repository.name != 'terraform-azurerm-avm-template'
     runs-on: ubuntu-latest
     needs: testexamples
     steps:

diff --git a/.github/workflows/linting.yml b/.github/workflows/linting.yml
@@ -16,11 +16,12 @@ concurrency:
 
 jobs:
   linting:
+    if: github.event.repository.name != 'terraform-azurerm-avm-template'
     name: linting
     runs-on: ubuntu-latest
     steps:
       - name: checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 #v4.1.1
 
       - name: check docs
         uses: Azure/terraform-azurerm-avm-template/.github/actions/docs-check@main

diff --git a/.github/workflows/version-check.yml b/.github/workflows/version-check.yml
@@ -13,9 +13,10 @@ permissions:
 
 jobs:
   version-check:
+    if: github.event.repository.name != 'terraform-azurerm-avm-template'
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 #v4.1.1
       - name: Check version
         uses: Azure/terraform-azurerm-avm-template/.github/actions/version-check@main
         with:

diff --git a/.gitignore b/.gitignore
@@ -10,8 +10,8 @@ crash.log
 crash.*.log
 
 # Exclude all .tfvars files, which are likely to contain sensitive data, such as
-# password, private keys, and other secrets. These should not be part of version 
-# control as they are data points which are potentially sensitive and subject 
+# password, private keys, and other secrets. These should not be part of version
+# control as they are data points which are potentially sensitive and subject
 # to change depending on the environment.
 *.tfvars
 *.tfvars.json
@@ -26,9 +26,17 @@ override.tf.json
 # Include override files you do wish to add to version control using negated pattern
 # !example_override.tf
 
+# Ignore Terraform lock file
+.terraform.lock.hcl
+
 # Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
 # example: *tfplan*
 
 # Ignore CLI configuration files
 .terraformrc
 terraform.rc
+*tfplan*
+README-generated.md
+avm.tflint.hcl
+avm.tflint_example.hcl
+avmmakefile
diff --git a/.terraform-docs.yml b/.terraform-docs.yml
@@ -60,7 +60,7 @@ settings:
   hide-empty: false
   html: true
   indent: 2
-  lockfile: true
+  lockfile: false
   read-comments: true
   required: true
   sensitive: true

diff --git a/Makefile b/Makefile
@@ -1,18 +1,4 @@
-.PHONY: docs
-docs:
-	@echo "==> Generating module documentation..."
-	terraform-docs -c .terraform-docs.yml .
-	@echo "==> Generating examples documentation..."
-	cd examples && for d in $$(ls -d */); do terraform-docs  $$d; done
+SHELL := /bin/bash
 
-.PHONY: fmt
-fmt:
-	@echo "==> Fixing Terraform code with terraform fmt..."
-	terraform fmt -recursive
-	@echo "==> Fixing embedded Terraform with terrafmt..."
-	find . | egrep ".md|.tf" | grep -v README.md | sort | while read f; do terrafmt fmt $$f; done
-
-.PHONY: tools
-tools:
-	go install github.com/katbyte/terrafmt@latest
-	go install github.com/terraform-docs/terraform-docs@latest
+$(shell curl -H 'Cache-Control: no-cache, no-store' -sSL "https://raw.githubusercontent.com/Azure/tfmod-scaffold/main/avmmakefile" -o avmmakefile) 
+-include avmmakefile