Add Load Balancer module

Azure · Feb 14, 2023 · 2817162 · 2817162
1 parent 2c624f2
commit 2817162
Show file tree

Hide file tree

Showing 10 changed files with 289 additions and 0 deletions.
diff --git a/.github/workflows/load-balancer.yml b/.github/workflows/load-balancer.yml
@@ -0,0 +1,77 @@
+name: Module:load-balancer
+on:
+  workflow_dispatch:
+  pull_request:
+    branches:
+      - main  
+    paths:
+      - '.github/workflows/load-balancer.yml'
+      - 'terraform/load-balancer/**'
+      - '.github/actions/**'
+
+env:
+  terraform_workingdir: "terraform/load-balancer"  
+  GH_TOKEN: ${{ secrets.GH_TOKEN }}
+  ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}
+  ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
+  ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
+  ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}
+
+jobs:     
+  terraform-lint:
+    name: Run Terraform lint
+    runs-on: ubuntu-latest
+    defaults:
+         run:
+          working-directory: "${{ env.terraform_workingdir }}"
+
+    steps:
+    - uses: actions/checkout@v3
+    - uses: hashicorp/setup-terraform@v2
+
+    - name: Terraform fmt
+      id: fmt
+      run: terraform fmt -check
+      continue-on-error: false
+
+  terraform-sec:
+    name: Run Terraform tfsec
+    needs: 
+      - terraform-lint
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Check out code
+      uses: actions/checkout@v3
+
+    - name: Run tfsec with reviewdog output on the PR
+      uses: ./.github/actions/run-terraform-sec
+
+  terratest:
+    name: Run Terratest
+    needs: 
+      - terraform-sec
+    runs-on: ubuntu-latest
+
+    defaults:
+          run:
+            working-directory: "${{ env.terraform_workingdir }}/test"
+
+    steps:
+    - name: Check out code
+      uses: actions/checkout@v3
+
+    - name: Set up Go
+      uses: actions/setup-go@v2
+      with:
+          go-version: 1.18.2
+
+    - name: Setup Dependencies
+      run:  go mod init test && go mod tidy
+      env:
+        GOPATH: "/home/runner/work/azure-labs-modules/azure-labs-modules/${{ env.terraform_workingdir }}"
+
+    - name: Unit-test
+      run: go test -v -timeout 45m
+      env:
+        GOPATH: "/home/runner/work/azure-labs-modules/azure-labs-modules/${{ env.terraform_workingdir }}"
diff --git a/terraform/load-balancer/main.tf b/terraform/load-balancer/main.tf
@@ -0,0 +1,28 @@
+# https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/lb
+
+resource "azurerm_lb" "adl_lb" {
+  name                = "lb-${var.basename}"
+  location            = var.location
+  resource_group_name = var.rg_name
+  sku                 = var.sku
+  frontend_ip_configuration {
+    name                 = "pip-${var.basename}"
+    public_ip_address_id = azurerm_public_ip.adl_lb_pip[0].id
+  }
+  tags = var.tags
+
+  count = var.module_enabled ? 1 : 0
+}
+
+# Public IP config
+
+resource "azurerm_public_ip" "adl_lb_pip" {
+  name                = "pip-${var.basename}"
+  location            = var.location
+  resource_group_name = var.rg_name
+  allocation_method   = var.pip_allocation_method
+  sku                 = var.pip_sku
+  tags                = var.tags
+
+  count = var.module_enabled ? 1 : 0
+}
diff --git a/terraform/load-balancer/outputs.tf b/terraform/load-balancer/outputs.tf
@@ -0,0 +1,20 @@
+output "id" {
+  value = (
+    length(azurerm_lb.adl_lb) > 0 ?
+    azurerm_lb.adl_lb[0].id : ""
+  )
+}
+
+output "name" {
+  value = (
+    length(azurerm_lb.adl_lb) > 0 ?
+    azurerm_lb.adl_lb[0].name : ""
+  )
+}
+
+output "resource_group_name" {
+  value = (
+    length(azurerm_lb.adl_lb) > 0 ?
+    azurerm_lb.adl_lb[0].resource_group_name : ""
+  )
+}
diff --git a/terraform/load-balancer/test/load_balancer.tf b/terraform/load-balancer/test/load_balancer.tf
@@ -0,0 +1,17 @@
+module "load_balancer" {
+  source   = "../"
+  basename = random_string.postfix.result
+  rg_name  = module.local_rg.name
+  location = var.location
+
+  tags = {}
+}
+
+# Modules dependencies
+
+module "local_rg" {
+  source   = "../../resource-group"
+  basename = random_string.postfix.result
+  location = var.location
+  tags     = local.tags
+}
diff --git a/terraform/load-balancer/test/locals.tf b/terraform/load-balancer/test/locals.tf
@@ -0,0 +1,7 @@
+locals {
+  tags = {
+    Project = "Azure/azure-data-labs-modules"
+    Module  = "load-balancer"
+    Toolkit = "Terraform"
+  }
+}
diff --git a/terraform/load-balancer/test/outputs.tf b/terraform/load-balancer/test/outputs.tf
@@ -0,0 +1,11 @@
+output "id" {
+  value = module.load_balancer.id
+}
+
+output "name" {
+  value = module.load_balancer.name
+}
+
+output "resource_group_name" {
+  value = module.load_balancer.resource_group_name
+}
diff --git a/terraform/load-balancer/test/providers.tf b/terraform/load-balancer/test/providers.tf
@@ -0,0 +1,19 @@
+terraform {
+  backend "azurerm" {
+    resource_group_name  = "rg-adl-terraform-state"
+    storage_account_name = "stadlterraformstate"
+    container_name       = "default"
+    key                  = "loadbalancer.terraform.tfstate"
+  }
+
+  required_providers {
+    azurerm = {
+      source  = "hashicorp/azurerm"
+      version = "= 3.43.0"
+    }
+  }
+}
+
+provider "azurerm" {
+  features {}
+}
diff --git a/terraform/load-balancer/test/unit_test.go b/terraform/load-balancer/test/unit_test.go
@@ -0,0 +1,36 @@
+package test
+
+import (
+	"testing"
+	"github.com/gruntwork-io/terratest/modules/terraform"
+	"github.com/stretchr/testify/assert"
+)
+
+func TestModule(t *testing.T) {
+	t.Parallel()
+
+	terraformOptions := &terraform.Options{
+		TerraformDir: "./",
+		Lock: true,
+		LockTimeout: "1800s",
+		// VarFiles: []string{"terraform_unitest.tfvars"},
+	}
+
+	// At the end of the test, run `terraform destroy` to clean up any resources that were created
+	defer terraform.Destroy(t, terraformOptions)
+
+	// Is used mainly for debugging, fail early if plan is not possible
+	terraform.InitAndPlan(t, terraformOptions)
+
+	// This will run `terraform init` and `terraform apply` and fail the test if there are any errors
+	terraform.InitAndApply(t, terraformOptions)
+
+	// Check if the outputs exist
+	assert := assert.New(t)
+	id := terraform.Output(t, terraformOptions, "id")
+	assert.NotNil(id)
+	name := terraform.Output(t, terraformOptions, "name")
+	assert.NotNil(name)
+	resource_group_name := terraform.Output(t, terraformOptions, "resource_group_name")
+	assert.NotNil(resource_group_name)
+}
diff --git a/terraform/load-balancer/test/variables.tf b/terraform/load-balancer/test/variables.tf
@@ -0,0 +1,10 @@
+resource "random_string" "postfix" {
+  length  = 8
+  special = false
+  upper   = false
+}
+
+variable "location" {
+  type    = string
+  default = "North Europe"
+}
diff --git a/terraform/load-balancer/variables.tf b/terraform/load-balancer/variables.tf
@@ -0,0 +1,64 @@
+variable "basename" {
+  type        = string
+  description = "Basename of the module."
+  validation {
+    condition     = can(regex("^[-\\.\\w]{0,77}$", var.basename)) && can(regex("[\\w]+$", var.basename))
+    error_message = "The name must be between 0 and 77 characters, must end with a letter, number or underscore, and may contain only letters, numbers, underscores, periods, or hyphens."
+  }
+}
+
+variable "rg_name" {
+  type        = string
+  description = "Resource group name."
+  validation {
+    condition     = can(regex("^[-\\w\\.\\(\\)]{1,90}$", var.rg_name)) && can(regex("[-\\w\\(\\)]+$", var.rg_name))
+    error_message = "Resource group names must be between 1 and 90 characters and can only include alphanumeric, underscore, parentheses, hyphen, period (except at end)."
+  }
+}
+
+variable "location" {
+  type        = string
+  description = "Location of the resource group."
+}
+
+variable "tags" {
+  type        = map(string)
+  default     = {}
+  description = "A mapping of tags which should be assigned to the deployed resource."
+}
+
+variable "module_enabled" {
+  type        = bool
+  description = "Variable to enable or disable the module."
+  default     = true
+}
+
+variable "sku" {
+  type        = string
+  description = "(Optional) The SKU of the Azure Load Balancer. Accepted values are Basic, Standard and Gateway. Defaults to Basic. Changing this forces a new resource to be created."
+  validation {
+    condition     = contains(["basic", "standard", "gateway"], lower(var.sku))
+    error_message = "Valid values for sku are \"Basic\", \"Standard\" or \"Gateway\"."
+  }
+  default = "Basic"
+}
+
+variable "pip_allocation_method" {
+  type        = string
+  description = "(Required) Defines the allocation method for this IP address. Possible values are Static or Dynamic."
+  validation {
+    condition     = contains(["static", "dynamic"], lower(var.pip_allocation_method))
+    error_message = "Valid values for pip_allocation_method are \"Static\" or \"Dynamic\"."
+  }
+  default = "Static"
+}
+
+variable "pip_sku" {
+  type        = string
+  description = "(Optional) The SKU of the Public IP. Accepted values are Basic and Standard. Defaults to Basic. Changing this forces a new resource to be created."
+  validation {
+    condition     = contains(["basic", "standard"], lower(var.pip_sku))
+    error_message = "Valid values for pip_sku are \"Basic\" or \"Standard\"."
+  }
+  default = "Basic"
+}