Removed retention_policy block from `azurerm_monitor_diagnostic_se…

…tting` & added `terraform` tests. (#16) * added `terraform` tests. * use env var authentication * added `init` step in validate * docs: updated readme * aded complete example for single test * added a new release and additional nodepool for complete example * address complete example issues * avoid hyphen in nodepool name * renaming rg and stg acc * rename test to complete * use single identity id * disabled retention policy by default in monitor diagnostics * fix the complete example * remove deprecated retention block from the monitor diagnostic settings * updated changelog * fix tests and added maintenance automation files * docs: updated docs * test pr comment * lets make the pR great * lets make pr great again * PR will be great someday * pr will be great someday * std out and std error as env var and recreate comment * pr is going to be great soon.... * PR is great (prettify pr comment) * fail test intentionally * check if the status of action is red or green * prettifyy ..... pr comment * prettify... pr comment * try github scripts for better formatting * better results workflow * trial fix script * better workflows trial :1 * better workflows :2 * better workflows : 3 * permissons for comenting * better workflows: 4 if readme workflow delete the comment * better workflow pass test * final workflows * better workflow 5 * switch to complete example * updated triggers * docs : updated readme and message
ishuar · Oct 15, 2023 · 7d89ff0 · 7d89ff0
1 parent 316b18d
commit 7d89ff0
Show file tree

Hide file tree

Showing 23 changed files with 715 additions and 115 deletions.
diff --git a/.config/header.md b/.config/header.md
@@ -76,6 +76,10 @@ module "aks" {
 Examples are availabe in `examples` directory.
 
 - [simple](/examples/simple)
-- [flux-enabled-aks](/example/flux-enabled-aks)
+- [flux-enabled-aks](/examples/flux-enabled-aks)
+- [complete](/examples/complete)
 
 ## Submodule
+
+
+**⭐️ Don't forget to give the project a star! Thanks again! ⭐️**
diff --git a/.github/workflows/module-testing.yaml b/.github/workflows/module-testing.yaml
@@ -0,0 +1,106 @@
+name: Module Testing
+
+on:
+  workflow_dispatch:
+  pull_request:
+    paths:
+      - './*.tf'                                ## trigger if any terraform file has ben modified in repo root.
+      - 'scripts/*.sh'                          ## trigger if any involved script has been modified.
+      - 'tests/*.tftest.hcl'                    ## trigger if any test has been modified.
+      - 'examples/complete/*.tf'                ## trigger if complete example has been modified.
+      - '.github/workflows/module-testing.yaml' ## trigger if this workflow has been modified.
+
+permissions:
+   pull-requests: write
+
+concurrency:
+  group: testing
+
+jobs:
+  moduleTesting:
+    runs-on: ubuntu-latest
+    env:
+      ARM_SUBSCRIPTION_ID: "${{ vars.ARM_SUBSCRIPTION_ID }}"
+      ARM_CLIENT_ID: "${{ secrets.AZURE_CLIENT_ID }}"
+      ARM_CLIENT_SECRET: "${{ secrets.AZURE_CLIENT_SECRET }}"
+      ARM_TENANT_ID: "${{ secrets.AZURE_TENANT_ID}}"
+
+    steps:
+      - uses: actions/checkout@v4
+      - uses: hashicorp/setup-terraform@v2
+        with:
+          terraform_version: 1.6
+          terraform_wrapper: true
+
+      ## Static Analysis and Linting Test (Unit Testing)
+      - name: Terraform validate on all examples
+        run: |
+          CURRENT_DIR="$(pwd)"
+          for dir in ./examples/*; do
+            if [[ -d "$dir" ]]; then
+              echo "$dir"
+              cd "$dir" || exit
+              terraform init
+              terraform validate
+              cd "${CURRENT_DIR}" || exit
+            fi
+          done
+
+      ## Integrating testing using terraform native testing
+      - name: Testing complete example
+        working-directory: "${{ github.workspace }}/tests"
+        id: testing
+        run: |
+          terraform init
+          terraform test -no-color
+
+      - uses: actions/github-script@v6
+        if: github.event_name == 'pull_request' && always() && !cancelled()
+        env:
+          TEST_OUTPUT: "${{ steps.testing.outputs.stdout }}"
+          TEST_ERROR: "${{ steps.testing.outputs.stderr }}"
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          script: |
+            // 1. Retrieve existing bot comments for the PR
+            const { data: comments } = await github.rest.issues.listComments({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              issue_number: context.issue.number,
+            })
+            const botComment = comments.find(comment => {
+              return comment.user.type === 'Bot' && comment.body.includes('Test Results')
+            })
+            // 2. Set output data
+            const output = `### Test Results :gear: Status: \`${{ steps.testing.outcome }}\`
+
+            - \`Test Output:\`
+
+            \`\`\`bash\n
+            ${process.env.TEST_OUTPUT}
+            \`\`\`
+
+            - \`Test Error Message:\`
+
+            \`\`\`bash\n
+            ${process.env.TEST_ERROR}
+            \`\`\`
+
+            *Pusher: @${{ github.actor }}, Action: \`${{ github.event_name }}\`, Workflow: \`${{ github.workflow }}\`*`;
+
+            // 3. If we have a comment, update it, otherwise create a new one
+            if (botComment) {
+              github.rest.issues.updateComment({
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                comment_id: botComment.id,
+                body: output
+              })
+            } else {
+              github.rest.issues.createComment({
+                issue_number: context.issue.number,
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                body: output
+              })
+            }
diff --git a/.github/workflows/validate-pull-request.yaml b/.github/workflows/validate-pull-request.yaml
@@ -10,6 +10,8 @@ on:
       - reopened
       - ready_for_review
 
+permissions:
+   pull-requests: write
 jobs:
   validate:
     runs-on: ubuntu-latest
@@ -31,10 +33,29 @@ jobs:
           path: "${{ github.workspace }}"
 
       - name: Render and check diff on Readme with Terraform Changes
+        id: docs
         run: |
           curl -sSfL https://github.com/terraform-docs/terraform-docs/releases/download/v0.16.0/terraform-docs-v0.16.0-linux-amd64.tar.gz | tar xzf - terraform-docs
           chmod +x terraform-docs
           ./terraform-docs --config "${{ github.workspace }}/.config/.terraform-docs.yml" .
-          echo "**Run make docs from the root of the repository if this check fails**"
           git diff --exit-code
 
+      - name: Comment on the PR if Readme is not upated.
+        if: failure() && !cancelled()
+        uses: thollander/actions-comment-pull-request@v2
+        with:
+          reactions: eyes
+          comment_tag: documentation
+          mode: recreate
+          message: |
+            **${{ github.workflow }} failed, Run make docs from the root of the repository to continue**
+
+      - name: Delete Comment on the PR if Readme is upated.
+        if: ${{ always() && steps.docs.conclusion == 'success' && !cancelled() }}
+        uses: thollander/actions-comment-pull-request@v2
+        with:
+          reactions: eyes
+          comment_tag: documentation
+          mode: delete
+          message: |
+            **${{ github.workflow }} failed, Run make docs from the root of the repository to continue**
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -20,6 +20,28 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 
 > **INFO:** This file is only maintained after `v2.0.0` due to no initial availability , please refer to release notes for versions equal or older than `v2.0.0`.
 
+## v2.2.0
+### Added
+
+- A complete example is added for the module at [examples/complete](./examples/complete).
+- Updated Docs
+
+### Removed
+
+- Removed `retention_policy` block from `azurerm_monitor_diagnostic_setting` resource as it has been deprecated and not supported anymore. Please use [azurerm_storage_management_policy](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_management_policy) resource for lifecycle management for retention.
+****
+  - Following variables are removed and not available in module anymore.
+    - `enable_cluster_log_retention_policy`
+    - `cluster_log_retention_policy_days`
+    - `enable_cluster_metric_retention_policy`
+    - `cluster_metric_retention_policy_days`
+
+### Others
+
+- Added automated testing for module via github actions.
+  - Syntax/Static testing using `terraform validate`
+  - Integration/working testing using `terraform test`
+
 ## v2.1.0
 ### Added
 

diff --git a/README.md b/README.md
@@ -75,10 +75,13 @@ module "aks" {
 Examples are availabe in `examples` directory.
 
 - [simple](/examples/simple)
-- [flux-enabled-aks](/example/flux-enabled-aks)
+- [flux-enabled-aks](/examples/flux-enabled-aks)
+- [complete](/examples/complete)
 
 ## Submodule
 
+**⭐️ Don't forget to give the project a star! Thanks again! ⭐️**
+
 ## Requirements
 
 | Name | Version |
@@ -138,9 +141,7 @@ No modules.
 | <a name="input_automatic_channel_upgrade"></a> [automatic\_channel\_upgrade](#input\_automatic\_channel\_upgrade) | (Optional) The upgrade channel for this Kubernetes Cluster, see https://docs.microsoft.com/en-us/azure/aks/upgrade-cluster#set-auto-upgrade-channel | `string` | `"node-image"` | no |
 | <a name="input_azure_policy_enabled"></a> [azure\_policy\_enabled](#input\_azure\_policy\_enabled) | Optional) Should the Azure Policy Add-On be enabled? more info: https://docs.microsoft.com/en-ie/azure/governance/policy/concepts/rego-for-aks | `bool` | `false` | no |
 | <a name="input_blob_driver_enabled"></a> [blob\_driver\_enabled](#input\_blob\_driver\_enabled) | (Optional) Is the Blob CSI driver enabled? Defaults to false | `bool` | `false` | no |
-| <a name="input_cluster_custom_log_categories"></a> [cluster\_custom\_log\_categories](#input\_cluster\_custom\_log\_categories) | (optional) A list of strings with supported category groups for postgresql cluster log monitoring diagnostics | `list(string)` | `[]` | no |
-| <a name="input_cluster_log_retention_policy_days"></a> [cluster\_log\_retention\_policy\_days](#input\_cluster\_log\_retention\_policy\_days) | (optional) The number of days for which this Retention Policy should apply for logs for flexible postgresql cluster. | `string` | `30` | no |
-| <a name="input_cluster_metric_retention_policy_days"></a> [cluster\_metric\_retention\_policy\_days](#input\_cluster\_metric\_retention\_policy\_days) | (optional) The number of days for which this Retention Policy should apply for metrics for flexible postgresql cluster. | `string` | `30` | no |
+| <a name="input_cluster_custom_log_categories"></a> [cluster\_custom\_log\_categories](#input\_cluster\_custom\_log\_categories) | (optional) A list of strings with supported category groups for Azure Kubernetes cluster log monitoring diagnostics | `list(string)` | `[]` | no |
 | <a name="input_default_node_pool_enable_auto_scaling"></a> [default\_node\_pool\_enable\_auto\_scaling](#input\_default\_node\_pool\_enable\_auto\_scaling) | (Optional) Should the Kubernetes Auto Scaler be enabled for this Node Pool? | `bool` | `null` | no |
 | <a name="input_default_node_pool_enable_host_encryption"></a> [default\_node\_pool\_enable\_host\_encryption](#input\_default\_node\_pool\_enable\_host\_encryption) | (Optional) Should the nodes in the Default Node Pool have host encryption enabled? | `bool` | `null` | no |
 | <a name="input_default_node_pool_enable_node_public_ip"></a> [default\_node\_pool\_enable\_node\_public\_ip](#input\_default\_node\_pool\_enable\_node\_public\_ip) | (Optional) Should nodes in this Node Pool have a Public IP Address? | `bool` | `null` | no |
@@ -175,13 +176,11 @@ No modules.
 | <a name="input_ebpf_data_plane"></a> [ebpf\_data\_plane](#input\_ebpf\_data\_plane) | (Optional) Specifies the eBPF data plane used for building the Kubernetes network. Possible value is cilium. Changing this forces a new resource to be created. | `string` | `null` | no |
 | <a name="input_enable_allowed_maintenance_window"></a> [enable\_allowed\_maintenance\_window](#input\_enable\_allowed\_maintenance\_window) | (optional) Whether to enable the [allowed maintenance window](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/kubernetes_cluster#allowed) block or not? | `bool` | `true` | no |
 | <a name="input_enable_api_server_access_profile"></a> [enable\_api\_server\_access\_profile](#input\_enable\_api\_server\_access\_profile) | (Optional) Whether to enable API server access profile or not? | `bool` | `false` | no |
-| <a name="input_enable_cluster_all_category_group_log"></a> [enable\_cluster\_all\_category\_group\_log](#input\_enable\_cluster\_all\_category\_group\_log) | (optional) Whether to enable all category group log for flexible postgresql cluster or not? | `bool` | `false` | no |
-| <a name="input_enable_cluster_all_metrics"></a> [enable\_cluster\_all\_metrics](#input\_enable\_cluster\_all\_metrics) | (optional) Whether to enable all metrics for diagnostics for flexible postgresql cluster or not? | `bool` | `false` | no |
-| <a name="input_enable_cluster_audit_category_group_log"></a> [enable\_cluster\_audit\_category\_group\_log](#input\_enable\_cluster\_audit\_category\_group\_log) | (optional) Whether to enable only audit category group log for flexible postgresql cluster or not? | `string` | `true` | no |
-| <a name="input_enable_cluster_custom_categories_log"></a> [enable\_cluster\_custom\_categories\_log](#input\_enable\_cluster\_custom\_categories\_log) | (optional) Whether to enable custom categories log for flexible postgresql cluster or not? | `string` | `false` | no |
-| <a name="input_enable_cluster_log_monitor_diagnostic"></a> [enable\_cluster\_log\_monitor\_diagnostic](#input\_enable\_cluster\_log\_monitor\_diagnostic) | (optional) Whether to enable the log monitor diagnostic for flexible postgresql server or not? | `bool` | `false` | no |
-| <a name="input_enable_cluster_log_retention_policy"></a> [enable\_cluster\_log\_retention\_policy](#input\_enable\_cluster\_log\_retention\_policy) | (optional) Whether to enable log retention policy for flexible postgresql cluster or not? | `bool` | `true` | no |
-| <a name="input_enable_cluster_metric_retention_policy"></a> [enable\_cluster\_metric\_retention\_policy](#input\_enable\_cluster\_metric\_retention\_policy) | (optional) Whether to enable metric retention policy for flexible postgresql cluster or not? | `string` | `true` | no |
+| <a name="input_enable_cluster_all_category_group_log"></a> [enable\_cluster\_all\_category\_group\_log](#input\_enable\_cluster\_all\_category\_group\_log) | (optional) Whether to enable all category group log for Azure Kubernetes cluster or not? | `bool` | `false` | no |
+| <a name="input_enable_cluster_all_metrics"></a> [enable\_cluster\_all\_metrics](#input\_enable\_cluster\_all\_metrics) | (optional) Whether to enable all metrics for diagnostics for Azure Kubernetes cluster or not? | `bool` | `false` | no |
+| <a name="input_enable_cluster_audit_category_group_log"></a> [enable\_cluster\_audit\_category\_group\_log](#input\_enable\_cluster\_audit\_category\_group\_log) | (optional) Whether to enable only audit category group log for Azure Kubernetes cluster or not? | `string` | `true` | no |
+| <a name="input_enable_cluster_custom_categories_log"></a> [enable\_cluster\_custom\_categories\_log](#input\_enable\_cluster\_custom\_categories\_log) | (optional) Whether to enable custom categories log for Azure Kubernetes cluster or not? | `string` | `false` | no |
+| <a name="input_enable_cluster_log_monitor_diagnostic"></a> [enable\_cluster\_log\_monitor\_diagnostic](#input\_enable\_cluster\_log\_monitor\_diagnostic) | (optional) Whether to enable the log monitor diagnostic for Azure Kubernetes cluster or not? | `bool` | `false` | no |
 | <a name="input_enable_fluxcd"></a> [enable\_fluxcd](#input\_enable\_fluxcd) | (optional) Whether to enable fluxcd extension(GitOps) or not ? | `bool` | `false` | no |
 | <a name="input_enable_fluxcd_az_providers"></a> [enable\_fluxcd\_az\_providers](#input\_enable\_fluxcd\_az\_providers) | (optional) Whether to register the azure provider to kubernetes and container namespaces. **Warning** This is an experimental feature only. | `bool` | `false` | no |
 | <a name="input_enable_fluxcd_bucket"></a> [enable\_fluxcd\_bucket](#input\_enable\_fluxcd\_bucket) | (optional) Whether to enable fluxcd S3 bucket or not? | `bool` | `false` | no |

diff --git a/examples/Makefile b/examples/Makefile
@@ -0,0 +1,34 @@
+## Determine the Makefile's directory
+## * dir function -> https://www.gnu.org/software/make/manual/html_node/File-Name-Functions.html#index-dir
+## * abspath -> https://www.gnu.org/software/make/manual/html_node/File-Name-Functions.html#index-abspath-1
+## * lastword -> http://gnu.ist.utl.pt/software/make/manual/html_node/Text-Functions.html#Text-Functions
+## * MAKEFILE_LIST -> https://ftp.gnu.org/old-gnu/Manuals/make-3.80/html_node/make_17.html
+MKFILE_DIR := $(dir $(abspath $(lastword $(MAKEFILE_LIST))))
+
+.Phony: init
+init:
+	terraform init
+
+.Phony: initlock
+initlock: init
+	terraform providers lock -platform=darwin_arm64 -platform=darwin_amd64 -platform=linux_amd64 -platform=linux_arm64
+
+.Phony: fmt
+fmt:
+	terraform fmt -recursive
+
+.Phony: format
+format: fmt
+
+.Phony: lock
+lock: initlock
+
+.Phony: clean
+clean:
+	find . -type d -name ".terraform" -prune -exec rm -rf {} \;
+
+.Phony: clean-all
+clean-all: clean
+	find . -name ".terraform.lock.hcl" -prune -exec rm -rf {} \;
+	az logout
+	az account clear