From a30de9ff4c9dca1616c61e58a2bcf2a634a754f4 Mon Sep 17 00:00:00 2001
From: Alexey Markevich <buhhunyx@gmail.com>
Date: Thu, 11 Jan 2024 15:05:49 +0100
Subject: [PATCH] support user_assigned_identity_id configuration for
 image_registry_credential

---
 Dockerfile                                    |  2 +-
 azure-pipeline.yaml                           |  2 +-
 main.tf                                       | 50 ++++---------------
 .../linux-agents-import-rg/provider.tf        |  2 +-
 .../provider.tf                               |  2 +-
 .../linux-agents-private-registry/provider.tf |  2 +-
 test/fixture/linux-agents-vnet/provider.tf    |  2 +-
 test/fixture/linux-agents/provider.tf         |  2 +-
 .../linux-and-windows-agents/provider.tf      |  2 +-
 variables.tf                                  | 11 ++--
 10 files changed, 23 insertions(+), 54 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 0d81fa9..393d9d8 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,5 +1,5 @@
 # Pull the base image with given version.
-ARG BUILD_TERRAFORM_VERSION="0.14.4"
+ARG BUILD_TERRAFORM_VERSION="1.3"
 FROM mcr.microsoft.com/terraform-test:${BUILD_TERRAFORM_VERSION}
 
 ARG MODULE_NAME="terraform-azure-devops-agent-aci"
diff --git a/azure-pipeline.yaml b/azure-pipeline.yaml
index bedb7b2..b25481d 100644
--- a/azure-pipeline.yaml
+++ b/azure-pipeline.yaml
@@ -10,7 +10,7 @@ variables:
 - name: dockerImage
   value: 'terraform-azure-devops-aci'
 - name: terraformVersion
-  value: 0.14.4
+  value: 1.3
 - name: vmImage
   value: ubuntu-18.04
 - name: serviceConnection
diff --git a/main.tf b/main.tf
index 9dbfdcb..2c2256d 100644
--- a/main.tf
+++ b/main.tf
@@ -30,22 +30,6 @@ locals {
 
 # Linux Agents - deployed only if variable linux_agents_configuration.count > 0
 
-resource "azurerm_network_profile" "linux_network_profile" {
-  count               = var.enable_vnet_integration ? var.linux_agents_configuration.count : 0
-  name                = "linuxnetprofile${count.index}"
-  location            = var.location
-  resource_group_name = var.create_resource_group ? azurerm_resource_group.rg[0].name : data.azurerm_resource_group.rg[0].name
-
-  container_network_interface {
-    name = "linuxnic${count.index}"
-
-    ip_configuration {
-      name      = "linuxip${count.index}"
-      subnet_id = data.azurerm_subnet.subnet[0].id
-    }
-  }
-}
-
 resource "azurerm_container_group" "linux-container-group" {
   count               = var.linux_agents_configuration.count
   name                = "${var.linux_agents_configuration.agent_name_prefix}-${count.index}"
@@ -53,7 +37,7 @@ resource "azurerm_container_group" "linux-container-group" {
   resource_group_name = var.create_resource_group ? azurerm_resource_group.rg[0].name : data.azurerm_resource_group.rg[0].name
   ip_address_type     = var.enable_vnet_integration ? "Private" : "Public"
   os_type             = "Linux"
-  network_profile_id  = var.enable_vnet_integration ? azurerm_network_profile.linux_network_profile[count.index].id : null
+  subnet_ids          = var.enable_vnet_integration ? [data.azurerm_subnet.subnet[0].id] : null
 
   container {
     name   = "${var.linux_agents_configuration.agent_name_prefix}-${count.index}"
@@ -82,9 +66,10 @@ resource "azurerm_container_group" "linux-container-group" {
   dynamic "image_registry_credential" {
     for_each = var.image_registry_credential.server == "" ? [] : [1]
     content {
-      username = var.image_registry_credential.username
-      password = var.image_registry_credential.password
-      server   = var.image_registry_credential.server
+      user_assigned_identity_id = var.image_registry_credential.user_assigned_identity_id
+      username                  = var.image_registry_credential.username
+      password                  = var.image_registry_credential.password
+      server                    = var.image_registry_credential.server
     }
   }
 
@@ -116,22 +101,6 @@ resource "azurerm_container_group" "linux-container-group" {
 
 # Windows Agents - deployed only if variable windows_agents_configuration.count > 0
 
-resource "azurerm_network_profile" "windows_network_profile" {
-  count               = var.enable_vnet_integration ? var.windows_agents_configuration.count : 0
-  name                = "windowsnetprofile${count.index}"
-  location            = var.location
-  resource_group_name = var.create_resource_group ? azurerm_resource_group.rg[0].name : data.azurerm_resource_group.rg[0].name
-
-  container_network_interface {
-    name = "windowsnic${count.index}"
-
-    ip_configuration {
-      name      = "windowsip${count.index}"
-      subnet_id = data.azurerm_subnet.subnet[0].id
-    }
-  }
-}
-
 resource "azurerm_container_group" "windows-container-group" {
   count               = var.windows_agents_configuration.count
   name                = "${var.windows_agents_configuration.agent_name_prefix}-${count.index}"
@@ -139,7 +108,7 @@ resource "azurerm_container_group" "windows-container-group" {
   resource_group_name = var.create_resource_group ? azurerm_resource_group.rg[0].name : data.azurerm_resource_group.rg[0].name
   ip_address_type     = var.enable_vnet_integration ? "Private" : "Public"
   os_type             = "Windows"
-  network_profile_id  = var.enable_vnet_integration ? azurerm_network_profile.windows_network_profile[count.index].id : null
+  subnet_ids          = var.enable_vnet_integration ? [data.azurerm_subnet.subnet[0].id] : null
 
   container {
     name   = "${var.windows_agents_configuration.agent_name_prefix}-${count.index}"
@@ -167,9 +136,10 @@ resource "azurerm_container_group" "windows-container-group" {
   dynamic "image_registry_credential" {
     for_each = var.image_registry_credential.server == "" ? [] : [1]
     content {
-      username = var.image_registry_credential.username
-      password = var.image_registry_credential.password
-      server   = var.image_registry_credential.server
+      user_assigned_identity_id = var.image_registry_credential.user_assigned_identity_id
+      username                  = var.image_registry_credential.username
+      password                  = var.image_registry_credential.password
+      server                    = var.image_registry_credential.server
     }
   }
 }
diff --git a/test/fixture/linux-agents-import-rg/provider.tf b/test/fixture/linux-agents-import-rg/provider.tf
index 49f3ab5..931c993 100644
--- a/test/fixture/linux-agents-import-rg/provider.tf
+++ b/test/fixture/linux-agents-import-rg/provider.tf
@@ -2,7 +2,7 @@ terraform {
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = ">= 2.0"
+      version = ">= 3.29.0"
     }
   }
 }
diff --git a/test/fixture/linux-agents-managed-identities/provider.tf b/test/fixture/linux-agents-managed-identities/provider.tf
index 49f3ab5..931c993 100644
--- a/test/fixture/linux-agents-managed-identities/provider.tf
+++ b/test/fixture/linux-agents-managed-identities/provider.tf
@@ -2,7 +2,7 @@ terraform {
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = ">= 2.0"
+      version = ">= 3.29.0"
     }
   }
 }
diff --git a/test/fixture/linux-agents-private-registry/provider.tf b/test/fixture/linux-agents-private-registry/provider.tf
index 49f3ab5..931c993 100644
--- a/test/fixture/linux-agents-private-registry/provider.tf
+++ b/test/fixture/linux-agents-private-registry/provider.tf
@@ -2,7 +2,7 @@ terraform {
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = ">= 2.0"
+      version = ">= 3.29.0"
     }
   }
 }
diff --git a/test/fixture/linux-agents-vnet/provider.tf b/test/fixture/linux-agents-vnet/provider.tf
index 49f3ab5..931c993 100644
--- a/test/fixture/linux-agents-vnet/provider.tf
+++ b/test/fixture/linux-agents-vnet/provider.tf
@@ -2,7 +2,7 @@ terraform {
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = ">= 2.0"
+      version = ">= 3.29.0"
     }
   }
 }
diff --git a/test/fixture/linux-agents/provider.tf b/test/fixture/linux-agents/provider.tf
index 49f3ab5..931c993 100644
--- a/test/fixture/linux-agents/provider.tf
+++ b/test/fixture/linux-agents/provider.tf
@@ -2,7 +2,7 @@ terraform {
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = ">= 2.0"
+      version = ">= 3.29.0"
     }
   }
 }
diff --git a/test/fixture/linux-and-windows-agents/provider.tf b/test/fixture/linux-and-windows-agents/provider.tf
index 49f3ab5..931c993 100644
--- a/test/fixture/linux-and-windows-agents/provider.tf
+++ b/test/fixture/linux-and-windows-agents/provider.tf
@@ -2,7 +2,7 @@ terraform {
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = ">= 2.0"
+      version = ">= 3.29.0"
     }
   }
 }
diff --git a/variables.tf b/variables.tf
index 751a5d0..329e5fe 100644
--- a/variables.tf
+++ b/variables.tf
@@ -98,14 +98,13 @@ variable "windows_agents_configuration" {
 
 variable "image_registry_credential" {
   type = object({
-    username = string,
-    password = string,
-    server   = string
+    user_assigned_identity_id = optional(string),
+    username                  = optional(string),
+    password                  = optional(string),
+    server                    = string
   })
   description = "(Optional) The credentials to use to connect to the Docker private registry where agent images are stored."
   default = {
-    username = "",
-    password = "",
-    server   = ""
+    server                    = ""
   }
 }
\ No newline at end of file