Refactoring

.github/workflows/terraform-plan.yml

@@ -9,24 +9,71 @@ on:
 
 env:
   TF_WORKSPACE: gha
+  ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
+  ARM_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }}
+  ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+  ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
 
 jobs:
-  terraform:
-    name: 'Terraform Validate and plan'
+  test_storagerg_module:
+    name: 'Test and deploy 01_Storage_rg module with Terraform Validate and plan'
     runs-on: ubuntu-latest
     if: contains(github.event.pull_request.labels.*.name, 'safe-to-test')
 
-    env:
-      ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
-      ARM_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }}
-      ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
-      ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
-
     # Use the Bash shell regardless whether the GitHub Actions runner is ubuntu-latest, macos-latest, or windows-latest
     defaults:
       run:
         shell: bash
+        working-directory: ./01_storage_rg
+    steps:
+    # Checkout the repository to the GitHub Actions runner
+    - name: Checkout
+      uses: actions/checkout@v2
+      with:
+          ref: ${{ github.event.pull_request.head.sha }}
+
+    # Install the latest version of Terraform CLI. Enable wrapper for output
+    - name: Setup Terraform
+      uses: hashicorp/setup-terraform@v1
+      with:
+        terraform_wrapper: true
+
+    # Initialize a new or existing Terraform working directory by creating initial files, loading any remote state, downloading modules, etc.
+    - name: Terraform Init
+      id: init
+      run: terraform init
+
+    # Validate config files 
+    - name: Terraform Validate
+      id: validate
+      run: terraform validate -no-color
+
+    # Checks that all Terraform configuration files adhere to a canonical format
+    - name: Terraform Format
+      id: fmt
+      run: terraform fmt -recursive -check -list=true
+      #continue-on-error: true
+
+    # Generates an execution plan for Terraform
+    - name: Terraform Plan
+      id: plan
+      run: terraform plan
+      #continue-on-error: true
+    - name: Terraform Apply
+      id: apply
+      run: terraform apply -auto-approve
+
+  test_deployhono_module:
+    name: 'Test 02_deploy_hono module with Terraform Validate and plan'
+    needs: test_storagerg_module
+    runs-on: ubuntu-latest
+    if: contains(github.event.pull_request.labels.*.name, 'safe-to-test')
 
+    # Use the Bash shell regardless whether the GitHub Actions runner is ubuntu-latest, macos-latest, or windows-latest
+    defaults:
+      run:
+        shell: bash
+        working-directory: ./02_deployHono
     steps:
     # Checkout the repository to the GitHub Actions runner
     - name: Checkout
@@ -61,6 +108,40 @@ jobs:
       id: plan
       run: terraform plan
       #continue-on-error: true
+
+  destroy_storagerg_module:
+    name: 'Destroy 01_Storage_rg module from Azure subscription'
+    needs: test_deployhono_module
+    runs-on: ubuntu-latest
+    if: contains(github.event.pull_request.labels.*.name, 'safe-to-test')
+
+    # Use the Bash shell regardless whether the GitHub Actions runner is ubuntu-latest, macos-latest, or windows-latest
+    defaults:
+      run:
+        shell: bash
+        working-directory: ./01_storage_rg
+    steps:
+    # Checkout the repository to the GitHub Actions runner
+    - name: Checkout
+      uses: actions/checkout@v2
+      with:
+          ref: ${{ github.event.pull_request.head.sha }}
+
+    # Install the latest version of Terraform CLI. Enable wrapper for output
+    - name: Setup Terraform
+      uses: hashicorp/setup-terraform@v1
+      with:
+        terraform_wrapper: true
+
+    # Initialize a new or existing Terraform working directory by creating initial files, loading any remote state, downloading modules, etc.
+    - name: Terraform Init
+      id: init
+      run: terraform init
+
+    - name: Terraform Destroy
+      id: destroy
+      run: terraform destroy -auto-approve
+
 
     # TODO
     # Make a better output

modules/tfstate_storage_azure/main.tf → 00_tfstate_storage/main.tf

@@ -2,7 +2,7 @@ terraform {
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = "~> 2.45.1"
+      version = "~> 2.68.0"
     }
   }
 }
@@ -11,15 +11,6 @@ provider "azurerm" {
   features {}
 }
 
-# NOTE: Needed when storage account uniqueness wants to be automatically achieved
-# resource "random_string" "storage_account_name_suffix" {
-#     length  = 8
-#     upper   = false
-#     number  = true
-#     lower   = true
-#     special = false
-# }
-
 resource "azurerm_resource_group" "tfstate_rg" {
   name     = "${lower(var.project_name)}-${var.tfstate_resource_group_name_suffix}"
   location = var.location
@@ -32,12 +23,6 @@ resource "azurerm_resource_group" "tfstate_rg" {
 }
 
 resource "azurerm_storage_account" "tfstate_sa" {
-  depends_on = [azurerm_resource_group.tfstate_rg]
-
-  # 'name' must be unique across the entire Azure service, not just within the resource group.
-  # 'name' can only consist of lowercase letters and numbers, and must be between 3 and 24 characters long
-  # NOTE: Uncomment the next line to generate suffix for storage account.
-  # name                     = "${lower(var.project_name)}tfstatesa${random_id.storage_account_name_suffix.result}"
   name                     = "${lower(var.project_name)}${var.tfstate_storage_account_name_suffix}"
   resource_group_name      = azurerm_resource_group.tfstate_rg.name
   location                 = var.location
@@ -53,7 +38,6 @@ resource "azurerm_storage_account" "tfstate_sa" {
 }
 
 resource "azurerm_storage_container" "tfstate_container" {
-  depends_on            = [azurerm_storage_account.tfstate_sa]
   name                  = var.tfstate_container_name
   storage_account_name  = azurerm_storage_account.tfstate_sa.name
   container_access_type = "private"

modules/tfstate_storage_azure/variables.tf → 00_tfstate_storage/variables.tf

@@ -1,28 +1,33 @@
 variable "environment" {
+  type    = string
   default = "development"
 }
 
 variable "location" {
+  type    = string
   default = "West Europe"
 }
 
 variable "project_name" {
-  default = "kuksatrng"
+  type    = string
+  default = "smaddis"
 }
 
 variable "tfstate_resource_group_name_suffix" {
+  type    = string
   default = "tfstate-rg"
 }
 
-# 'name' must be unique across the entire Azure service, 
+# 'name' must be unique across the entire Azure service,
 #  not just within the resource group.
-# 'name' can only consist of lowercase letters and numbers, 
+# 'name' can only consist of lowercase letters and numbers,
 #  and must be between 3 and 24 characters long.
 variable "tfstate_storage_account_name_suffix" {
+  type    = string
   default = "tfstatesa"
 }
 
 variable "tfstate_container_name" {
+  type    = string
   default = "tfstate"
 }
-