Merge pull request #146 from Azure/feature/module-data-share

Data Share Account and Data Share modules

.github/workflows/data-share-account.yml

@@ -0,0 +1,91 @@
+name: Module:data-share-account
+on:
+  workflow_dispatch:
+  pull_request:
+    branches:
+      - main  
+    paths:
+      - '.github/workflows/data-share-account.yml'
+      - 'terraform/data-share/data-share-account/**'
+#      - '.github/actions/**'
+
+env:
+  terraform_workingdir: "terraform/data-share/data-share-account"  
+  GH_TOKEN: ${{ secrets.GH_TOKEN }}
+  ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}
+  ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
+  ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
+  ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}
+
+jobs:     
+  terraform-lint:
+    name: Run Terraform lint
+    runs-on: ubuntu-latest
+    defaults:
+         run:
+          working-directory: "${{ env.terraform_workingdir }}"
+
+    steps:
+    - uses: actions/checkout@v3
+    - uses: hashicorp/setup-terraform@v2
+
+    - name: Terraform fmt
+      id: fmt
+      run: terraform fmt -check
+      continue-on-error: false
+
+  terraform-sec:
+    name: Run Terraform tfsec
+    needs: 
+      - terraform-lint
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Check out code
+      uses: actions/checkout@main
+
+    - name: Run tfsec with reviewdog output on the PR
+      uses: ./.github/actions/run-terraform-sec
+
+  terratest:
+    name: Run Terratest
+    needs: 
+      - terraform-sec
+    runs-on: ubuntu-latest
+
+    defaults:
+          run:
+            working-directory: "${{ env.terraform_workingdir }}/test"
+
+    steps:
+    - name: Check out code
+      uses: actions/checkout@v3
+
+
+    - name: Set up Go
+      uses: actions/setup-go@v2
+      with:
+          go-version: 1.18.2
+
+    - name: Setup Dependencies
+      run:  go mod init test && go mod tidy
+      env:
+        GOPATH: "/home/runner/work/azure-labs-modules/azure-labs-modules/${{ env.terraform_workingdir }}"
+
+    - name: Unit-test
+      run: go test -v -timeout 45m
+      env:
+        GOPATH: "/home/runner/work/azure-labs-modules/azure-labs-modules/${{ env.terraform_workingdir }}"
+
+  terraform-docs:
+    name: Run Terraform Docs
+    needs: 
+      - terratest
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Check out code
+      uses: actions/checkout@v3
+
+    - name: Render terraform docs and push changes back to PR
+      uses: ./.github/actions/run-terraform-docs

.github/workflows/data-share.yml

@@ -0,0 +1,91 @@
+name: Module:data-share
+on:
+  workflow_dispatch:
+  pull_request:
+    branches:
+      - main  
+    paths:
+      - '.github/workflows/data-share.yml'
+      - 'terraform/data-share/data-share/**'
+#      - '.github/actions/**'
+
+env:
+  terraform_workingdir: "terraform/data-share/data-share"  
+  GH_TOKEN: ${{ secrets.GH_TOKEN }}
+  ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}
+  ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
+  ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
+  ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}
+
+jobs:     
+  terraform-lint:
+    name: Run Terraform lint
+    runs-on: ubuntu-latest
+    defaults:
+         run:
+          working-directory: "${{ env.terraform_workingdir }}"
+
+    steps:
+    - uses: actions/checkout@v3
+    - uses: hashicorp/setup-terraform@v2
+
+    - name: Terraform fmt
+      id: fmt
+      run: terraform fmt -check
+      continue-on-error: false
+
+  terraform-sec:
+    name: Run Terraform tfsec
+    needs: 
+      - terraform-lint
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Check out code
+      uses: actions/checkout@main
+
+    - name: Run tfsec with reviewdog output on the PR
+      uses: ./.github/actions/run-terraform-sec
+
+  terratest:
+    name: Run Terratest
+    needs: 
+      - terraform-sec
+    runs-on: ubuntu-latest
+
+    defaults:
+          run:
+            working-directory: "${{ env.terraform_workingdir }}/test"
+
+    steps:
+    - name: Check out code
+      uses: actions/checkout@v3
+
+
+    - name: Set up Go
+      uses: actions/setup-go@v2
+      with:
+          go-version: 1.18.2
+
+    - name: Setup Dependencies
+      run:  go mod init test && go mod tidy
+      env:
+        GOPATH: "/home/runner/work/azure-labs-modules/azure-labs-modules/${{ env.terraform_workingdir }}"
+
+    - name: Unit-test
+      run: go test -v -timeout 45m
+      env:
+        GOPATH: "/home/runner/work/azure-labs-modules/azure-labs-modules/${{ env.terraform_workingdir }}"
+
+  terraform-docs:
+    name: Run Terraform Docs
+    needs: 
+      - terratest
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Check out code
+      uses: actions/checkout@v3
+
+    - name: Render terraform docs and push changes back to PR
+      uses: ./.github/actions/run-terraform-docs

.github/workflows/log-analytics-cluster.yml

@@ -1,12 +1,12 @@
 name: Module:log-analytics-cluster
 on:
   workflow_dispatch:
-  pull_request:
-    branches:
-      - main  
-    paths:
-      - '.github/workflows/log-analytics-cluster.yml'
-      - 'terraform/log-analytics/log-analytics-cluster/**'
+#  pull_request:
+#    branches:
+#      - main  
+#    paths:
+#      - '.github/workflows/log-analytics-cluster.yml'
+#      - 'terraform/log-analytics/log-analytics-cluster/**'
 #      - '.github/actions/**'
 
 env:

terraform/data-share/data-share-account/README.md

@@ -0,0 +1,26 @@
+<!-- BEGIN_TF_DOCS -->
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_data_share_account.adl_dsa](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/data_share_account) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_basename"></a> [basename](#input\_basename) | Basename of the module. | `string` | n/a | yes |
+| <a name="input_location"></a> [location](#input\_location) | Location of the resource group. | `string` | n/a | yes |
+| <a name="input_module_enabled"></a> [module\_enabled](#input\_module\_enabled) | Variable to enable or disable the module. | `bool` | `true` | no |
+| <a name="input_rg_name"></a> [rg\_name](#input\_rg\_name) | Resource group name. | `string` | n/a | yes |
+| <a name="input_tags"></a> [tags](#input\_tags) | A mapping of tags which should be assigned to the deployed resource. | `map(string)` | `{}` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_id"></a> [id](#output\_id) | Resource identifier of the instance of Data Share account. |
+| <a name="output_identity"></a> [identity](#output\_identity) | Principal ID and Tenant ID for the Service Principal associated with the identity of the Data Share account. |
+| <a name="output_name"></a> [name](#output\_name) | The name of the Data Share account. |
+| <a name="output_resource_group_name"></a> [resource\_group\_name](#output\_resource\_group\_name) | Resource Group where the Data Share account exists. |
+<!-- END_TF_DOCS -->

terraform/data-share/data-share-account/main.tf

@@ -0,0 +1,13 @@
+# https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/data_share_account
+
+resource "azurerm_data_share_account" "adl_dsa" {
+  name                = "dsa-${var.basename}"
+  location            = var.location
+  resource_group_name = var.rg_name
+  identity {
+    type = "SystemAssigned"
+  }
+  tags = var.tags
+
+  count = var.module_enabled ? 1 : 0
+}

terraform/data-share/data-share-account/outputs.tf

@@ -0,0 +1,31 @@
+output "id" {
+  value = (
+    length(azurerm_data_share_account.adl_dsa) > 0 ?
+    azurerm_data_share_account.adl_dsa[0].id : ""
+  )
+  description = "Resource identifier of the instance of Data Share account."
+}
+
+output "name" {
+  value = (
+    length(azurerm_data_share_account.adl_dsa) > 0 ?
+    azurerm_data_share_account.adl_dsa[0].name : ""
+  )
+  description = "The name of the Data Share account."
+}
+
+output "resource_group_name" {
+  value = (
+    length(azurerm_data_share_account.adl_dsa) > 0 ?
+    azurerm_data_share_account.adl_dsa[0].resource_group_name : ""
+  )
+  description = "Resource Group where the Data Share account exists."
+}
+
+output "identity" {
+  value = (
+    length(azurerm_data_share_account.adl_dsa) > 0 ?
+    azurerm_data_share_account.adl_dsa[0].identity : [{}]
+  )
+  description = "Principal ID and Tenant ID for the Service Principal associated with the identity of the Data Share account."
+}

terraform/data-share/data-share-account/test/data_share_account.tf

@@ -0,0 +1,16 @@
+module "data_share_account" {
+  source   = "../"
+  basename = random_string.postfix.result
+  rg_name  = module.local_rg.name
+  location = var.location
+  tags     = {}
+}
+
+# Modules dependencies
+
+module "local_rg" {
+  source   = "../../../resource-group"
+  basename = random_string.postfix.result
+  location = var.location
+  tags     = local.tags
+}

terraform/data-share/data-share-account/test/locals.tf

@@ -0,0 +1,7 @@
+locals {
+  tags = {
+    Project = "Azure/azure-data-labs-modules"
+    Module  = "data-share-account"
+    Toolkit = "Terraform"
+  }
+}

terraform/data-share/data-share-account/test/outputs.tf

@@ -0,0 +1,15 @@
+output "id" {
+  value = module.data_share_account.id
+}
+
+output "name" {
+  value = module.data_share_account.name
+}
+
+output "resource_group_name" {
+  value = module.data_share_account.resource_group_name
+}
+
+output "identity" {
+  value = module.data_share_account.identity
+}

terraform/data-share/data-share-account/test/providers.tf

@@ -0,0 +1,19 @@
+terraform {
+  backend "azurerm" {
+    resource_group_name  = "rg-adl-terraform-state"
+    storage_account_name = "stadlterraformstate"
+    container_name       = "default"
+    key                  = "datashareaccount.terraform.tfstate"
+  }
+
+  required_providers {
+    azurerm = {
+      source  = "hashicorp/azurerm"
+      version = "= 3.43.0"
+    }
+  }
+}
+
+provider "azurerm" {
+  features {}
+}

terraform/data-share/data-share-account/test/unit_test.go

@@ -0,0 +1,38 @@
+package test
+
+import (
+	"testing"
+	"github.com/gruntwork-io/terratest/modules/terraform"
+	"github.com/stretchr/testify/assert"
+)
+
+func TestModule(t *testing.T) {
+	t.Parallel()
+
+	terraformOptions := &terraform.Options{
+		TerraformDir: "./",
+		Lock: true,
+		LockTimeout: "1800s",
+		// VarFiles: []string{"terraform_unitest.tfvars"},
+	}
+
+	// At the end of the test, run `terraform destroy` to clean up any resources that were created
+	defer terraform.Destroy(t, terraformOptions)
+
+	// Is used mainly for debugging, fail early if plan is not possible
+	terraform.InitAndPlan(t, terraformOptions)
+
+	// This will run `terraform init` and `terraform apply` and fail the test if there are any errors
+	terraform.InitAndApply(t, terraformOptions)
+
+	// Check if the outputs exist
+	assert := assert.New(t)
+	id := terraform.Output(t, terraformOptions, "id")
+	assert.NotNil(id)
+	name := terraform.Output(t, terraformOptions, "name")
+	assert.NotNil(name)
+	resource_group_name := terraform.Output(t, terraformOptions, "resource_group_name")
+	assert.NotNil(resource_group_name)
+	identity := terraform.Output(t, terraformOptions, "identity")
+	assert.NotNil(identity)
+}

terraform/data-share/data-share-account/test/variables.tf

@@ -0,0 +1,10 @@
+resource "random_string" "postfix" {
+  length  = 8
+  special = false
+  upper   = false
+}
+
+variable "location" {
+  type    = string
+  default = "North Europe"
+}