* adding initial terraform ci/cd
* adding the initial file
* adding workflow dispatch
* Adding the working directory
* Updating authentication to use spn
Updating authentication to use spn as auth via az cli only supported when using an user account
* updating to use remote backend
* adding vars as secrets in plan
* Update terraform-es-apim.yml
* Fixes to TF branch
* fix jumpbox resource names
* fix apim private dns zone record
* Fix NSG naming and network rules to bicep rules
* Fix conflicting key vault access policies
* Run terraform fmt.
* Fix typos.
* Correct the resource_suffix construction.
* Unify comment case.
* Explain where publisher_email is used.
* terraform gh action enhancements/oidc refactoring
* terraform gh action enhancements/oidc refactoring
* checking out feature/terraform from within the action
* wflow debug
* wflow debug
* wflow debug
* wflow debug
* wflow debug
* wflow debug
* wflow debug
* configuring remote backend to reflect storage account in CSU
* testing with v3.1 azurerm for OIDC compatibility
* wflow debug
* removing azurerm login parameters from required vars since OIDC will be leveraged in CICD
* wflow debug
* wflow debug
* azurerm 3.0 upgrade, formatting fixes, precommit
* setting defaults for account_name and cicd_agent_type
* wflow formatting
* fixing secrets
* fixing secrets
* fixing secrets
* fixing github pat secret
* removing the pr comment for now
* wflow debug...
* artifact debug
* artifact debug
* artifact debug
* artifact debug
* artifact debug
* artifact debug
* artifact debug
* artifact debug
* artifact debug
* artifact debug
* artifact debug
* minor cleanup
* Change Azure Functions runtime version from 3 to 4 in tf.
* Change TF app service plan and function resources to new versions.
Some resource types have been deprecated in version 3.0 of the AzureRM
provider and will be removed in version 4.0. These are replaced as follows:
azurerm_app_service_plan -> azurerm_service_plan
azurerm_function_app -> azurerm_linux_function_app
* Set the priority of the request AppGW routing rule.
The priority setting is required for *_v2 tier azurerm_application_gateway
resources, see the documentation here:
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/application_gateway#priority
Without this setting, the AppGW creation fails with an error message like:
Priority for the request routing rule ... cannot be empty. All request routing
rules should have a priority defined starting from api-version 2021-08-01.
* Adding a secondary workflow to initialize tf state container/sa via actions secrets
* exec'ing workflow
* adding token perms
* commenting out the init params in provider.tf to pass in at runtime
* workflow debug
* setting workload name through action's env vars
* setting workload name through action's env vars
* cleanup + minor wflow fix
* Updated docs + cleanup
* typo
* test
* configuring automated trigger conditions to only pull requests to main
* clean
* testing the pr trigger to feature/terraform
* adding token perms to write on prs
* cleanup
* adding custom logic to allow for production client ID to be injected into the pre-configured tfplan file to grant access to shared key vault
* refactoring additional_client_ids var to cicd_spn_client_id to simplify deployment
* cleanup/precommit
* conditional to capture null val
* typo
* fixing wflow
* adding in depends on for shared module
* adding in depends on for shared module
* fixing oidc env for the bicep wflow
* updating main documentation to incorporate terraform
Co-authored-by: Paromita Roy <paromita.roy@outlook.com>
Co-authored-by: Paromita Roy <55242088+paromitaroy@users.noreply.github.com>
Co-authored-by: aionic <anevico@microsoft.com>
Co-authored-by: Nabeel Prior <nabeelp@users.noreply.github.com>
Co-authored-by: lp-code <lp-code@users.noreply.github.com>
Co-authored-by: Anthony Nevico <aionic@users.noreply.github.com>
Co-authored-by: Jin @ Microsoft <jinle@Jins-MacBook-Pro.local>
Co-authored-by: Pete Messina <petermessina@microsoft.com>
Jin Lee
Jin Lee
Cenk Caglar
Cynthia Kreng