From 3228cc623b762842b6906d7130a216b648f8ea33 Mon Sep 17 00:00:00 2001 From: Maciej Michalski <5445923+spy86@users.noreply.github.com> Date: Wed, 2 Oct 2024 11:06:09 +0000 Subject: [PATCH 01/14] Create cosmos_db_database_container.tf --- cosmos_db_database_container.tf | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 cosmos_db_database_container.tf diff --git a/cosmos_db_database_container.tf b/cosmos_db_database_container.tf new file mode 100644 index 0000000..e40759a --- /dev/null +++ b/cosmos_db_database_container.tf @@ -0,0 +1,12 @@ +resource "azurerm_cosmosdb_sql_container" "main" { + name = var.cosmosdb_sql_database_container_name + resource_group_name = data.azurerm_cosmosdb_account.main.resource_group_name + account_name = data.azurerm_cosmosdb_account.main.name + database_name = var.cosmosdb_sql_database_name + partition_key_path = var.cosmosdb_sql_database_container_partition_key_path + partition_key_version = var.cosmosdb_sql_database_container_partition_key_version + + unique_key { + paths = [var.sql_database_container_paths] + } +} From d0baff4004b093f2f459177b1a6ce92c27564027 Mon Sep 17 00:00:00 2001 From: Maciej Michalski <5445923+spy86@users.noreply.github.com> Date: Wed, 2 Oct 2024 11:06:36 +0000 Subject: [PATCH 02/14] Create main.tf --- main.tf | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 main.tf diff --git a/main.tf b/main.tf new file mode 100644 index 0000000..31aee00 --- /dev/null +++ b/main.tf @@ -0,0 +1,10 @@ +data "azurerm_client_config" "current" {} + +data "azurerm_resource_group" "rg" { + name = var.resource_group_name +} + +data "azurerm_cosmosdb_account" "main" { + name = var.cosmosdb_account_name + resource_group_name = data.azurerm_resource_group.rg.name +} From 90225534a5e7ecb22a813c1fd5d5b91bc26d08cd Mon Sep 17 00:00:00 2001 From: Maciej Michalski <5445923+spy86@users.noreply.github.com> Date: Wed, 2 Oct 2024 11:06:45 +0000 Subject: [PATCH 03/14] Create output.tf --- output.tf | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 output.tf diff --git a/output.tf b/output.tf new file mode 100644 index 0000000..392c99d --- /dev/null +++ b/output.tf @@ -0,0 +1,5 @@ +output "id" { + description = "The CosmosDB Database container ID." + value = azurerm_cosmosdb_sql_container.main.id + sensitive = false +} From 85a2ca471d4fb5509a25444cc30a286feee905fd Mon Sep 17 00:00:00 2001 From: Maciej Michalski <5445923+spy86@users.noreply.github.com> Date: Wed, 2 Oct 2024 11:07:01 +0000 Subject: [PATCH 04/14] Create backend.tf --- backend.tf | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 backend.tf diff --git a/backend.tf b/backend.tf new file mode 100644 index 0000000..1946f6e --- /dev/null +++ b/backend.tf @@ -0,0 +1,9 @@ +terraform { + required_providers { + azurerm = { + source = "hashicorp/azurerm" + version = "3.100.0" + } + } + required_version = ">= 1.6.3" +} From b4cdb3dfda5e93d68515a85391379f36d344fea2 Mon Sep 17 00:00:00 2001 From: Maciej Michalski <5445923+spy86@users.noreply.github.com> Date: Wed, 2 Oct 2024 11:07:30 +0000 Subject: [PATCH 05/14] Create variables.tf --- variables.tf | 56 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 56 insertions(+) create mode 100644 variables.tf diff --git a/variables.tf b/variables.tf new file mode 100644 index 0000000..7766307 --- /dev/null +++ b/variables.tf @@ -0,0 +1,56 @@ +############################ +# Common vars +############################ +variable "environment" { + description = "Variable used for backend container name key." + type = string + default = "dev" +} + +############################ +# Resource group vars +############################ +variable "resource_group_location" { + description = "Specifies the supported Azure location where the resource group exists. Changing this forces a new resource to be created." + default = "West Europe" + type = string +} + +variable "resource_group_name" { + description = "The name of the resource group in which to create resources. Changing this forces a new resource to be created." + type = string +} + +############################ +# CosmosDB variables +############################ +variable "cosmosdb_account_name" { + description = "Specifies the name of the Cosmos DB account. Changing this forces a new resource to be created." + type = string +} + +variable "cosmosdb_sql_database_name" { + description = "Specifies the name of the Cosmos DB SQL database. Changing this forces a new resource to be created." + type = string +} + +variable "cosmosdb_sql_database_container_name" { + description = "Specifies the name of the Cosmos DB SQL container. Changing this forces a new resource to be created." + type = string +} + +variable "cosmosdb_sql_database_container_partition_key_path" { + description = "Defines the partition key path for the container. Changing this forces a new resource to be created." + type = string +} + +variable "cosmosdb_sql_database_container_partition_key_version" { + description = "Defines the partition key version. Changing this forces a new resource to be created. Possible values are 1 and 2. This should be set to 2 in order to use large partition keys." + type = number + default = 1 +} + +variable "sql_database_container_paths" { + description = "List of Cosmos DB SQL container paths to create. Some parameters are inherited from the Cosmos account." + type = list(string) # Changed to list to reflect multiple paths +} From f60d02dab729afcd758767fee44114b28f4e81a5 Mon Sep 17 00:00:00 2001 From: Maciej Michalski <5445923+spy86@users.noreply.github.com> Date: Mon, 30 Dec 2024 13:45:46 +0000 Subject: [PATCH 06/14] Update backend.tf --- backend.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/backend.tf b/backend.tf index 1946f6e..d0252b1 100644 --- a/backend.tf +++ b/backend.tf @@ -2,7 +2,7 @@ terraform { required_providers { azurerm = { source = "hashicorp/azurerm" - version = "3.100.0" + version = "4.12.0" } } required_version = ">= 1.6.3" From 0bd79a1e000c6c6e24c472361c8dee87c773710f Mon Sep 17 00:00:00 2001 From: Maciej Michalski <5445923+spy86@users.noreply.github.com> Date: Mon, 30 Dec 2024 13:45:59 +0000 Subject: [PATCH 07/14] Update cosmos_db_database_container.tf --- cosmos_db_database_container.tf | 40 ++++++++++++++++++++++++++++++--- 1 file changed, 37 insertions(+), 3 deletions(-) diff --git a/cosmos_db_database_container.tf b/cosmos_db_database_container.tf index e40759a..8ff9181 100644 --- a/cosmos_db_database_container.tf +++ b/cosmos_db_database_container.tf @@ -3,10 +3,44 @@ resource "azurerm_cosmosdb_sql_container" "main" { resource_group_name = data.azurerm_cosmosdb_account.main.resource_group_name account_name = data.azurerm_cosmosdb_account.main.name database_name = var.cosmosdb_sql_database_name - partition_key_path = var.cosmosdb_sql_database_container_partition_key_path + partition_key_paths = var.cosmosdb_sql_database_container_partition_key_paths partition_key_version = var.cosmosdb_sql_database_container_partition_key_version + default_ttl = var.default_ttl != null ? var.default_ttl : null - unique_key { - paths = [var.sql_database_container_paths] + dynamic "unique_key" { + for_each = var.unique_keys != null ? var.unique_keys : [] + content { + paths = unique_key.value["paths"] + } + } + + dynamic "conflict_resolution_policy" { + for_each = var.conflict_resolution_policy != null ? [var.conflict_resolution_policy] : [] + content { + mode = conflict_resolution_policy.value["mode"] + conflict_resolution_path = conflict_resolution_policy.value["conflict_resolution_path"] + } + } + + dynamic "indexing_policy" { + for_each = var.indexing_policy != null ? [var.indexing_policy] : [] + content { + indexing_mode = indexing_policy.value["indexing_mode"] + + dynamic "included_path" { + for_each = indexing_policy.value["included_paths"] != null ? indexing_policy.value["included_paths"] : [] + content { + path = included_path.value["path"] + } + } + + dynamic "excluded_path" { + for_each = indexing_policy.value["excluded_paths"] != null ? indexing_policy.value["excluded_paths"] : [] + content { + path = excluded_path.value["path"] + } + } + + } } } From 1aed7fffe267904740bb03acb1a00ffd5c1689df Mon Sep 17 00:00:00 2001 From: Maciej Michalski <5445923+spy86@users.noreply.github.com> Date: Mon, 30 Dec 2024 13:46:10 +0000 Subject: [PATCH 08/14] Update main.tf From 10e5b8571942d895492e9441e62d7e4b88190ba1 Mon Sep 17 00:00:00 2001 From: Maciej Michalski <5445923+spy86@users.noreply.github.com> Date: Mon, 30 Dec 2024 13:46:18 +0000 Subject: [PATCH 09/14] Update output.tf From d02345e6482a1827519b23b7ee8e09d195f0d127 Mon Sep 17 00:00:00 2001 From: Maciej Michalski <5445923+spy86@users.noreply.github.com> Date: Mon, 30 Dec 2024 13:48:58 +0000 Subject: [PATCH 10/14] Update variables.tf --- variables.tf | 73 ++++++++++++++++++++++++++++++++++++---------------- 1 file changed, 51 insertions(+), 22 deletions(-) diff --git a/variables.tf b/variables.tf index 7766307..2a35f36 100644 --- a/variables.tf +++ b/variables.tf @@ -1,56 +1,85 @@ -############################ -# Common vars -############################ variable "environment" { - description = "Variable used for backend container name key." + description = "The environment name used for backend container naming (e.g., dev, staging, prod)." type = string default = "dev" } -############################ -# Resource group vars -############################ variable "resource_group_location" { - description = "Specifies the supported Azure location where the resource group exists. Changing this forces a new resource to be created." - default = "West Europe" + description = "The Azure location where the resource group is created. Changing this value forces the creation of a new resource." type = string + default = "West Europe" } variable "resource_group_name" { - description = "The name of the resource group in which to create resources. Changing this forces a new resource to be created." + description = "The name of the resource group in which to create the Cosmos DB SQL container. Changing this value forces the creation of a new resource." type = string } -############################ -# CosmosDB variables -############################ variable "cosmosdb_account_name" { - description = "Specifies the name of the Cosmos DB account. Changing this forces a new resource to be created." + description = "The name of the Cosmos DB account. Changing this value forces the creation of a new resource." type = string } variable "cosmosdb_sql_database_name" { - description = "Specifies the name of the Cosmos DB SQL database. Changing this forces a new resource to be created." + description = "The name of the Cosmos DB SQL database. Changing this value forces the creation of a new resource." type = string } variable "cosmosdb_sql_database_container_name" { - description = "Specifies the name of the Cosmos DB SQL container. Changing this forces a new resource to be created." + description = "The name of the Cosmos DB SQL container to be created." type = string } -variable "cosmosdb_sql_database_container_partition_key_path" { - description = "Defines the partition key path for the container. Changing this forces a new resource to be created." - type = string +variable "cosmosdb_sql_database_container_partition_key_paths" { + description = "A list of partition key paths for the Cosmos DB SQL container. Partition keys are essential for scalable performance in Cosmos DB." + type = list(string) + default = ["/myPartitionKey"] } variable "cosmosdb_sql_database_container_partition_key_version" { - description = "Defines the partition key version. Changing this forces a new resource to be created. Possible values are 1 and 2. This should be set to 2 in order to use large partition keys." + description = "The version of the partition key for the Cosmos DB SQL container. Defaults to 1." type = number default = 1 } variable "sql_database_container_paths" { - description = "List of Cosmos DB SQL container paths to create. Some parameters are inherited from the Cosmos account." - type = list(string) # Changed to list to reflect multiple paths + description = "List of Cosmos DB SQL containers to create. Some parameters are inherited from the Cosmos DB account." + type = string +} + +variable "conflict_resolution_policy" { + description = "The conflict resolution policy for the Cosmos DB SQL container, which determines how conflicting changes are resolved." + type = object({ + mode = string # E.g., 'LastWriterWins' or 'Custom'. + conflict_resolution_path = string # Path used for resolving conflicts, applicable for 'LastWriterWins' mode. + }) + default = null +} + +variable "unique_keys" { + description = "A list of unique keys for the Cosmos DB SQL container to ensure uniqueness of specified paths." + type = list(object({ + paths = list(string) # Paths defining the unique key constraints. + })) + default = null +} + +variable "indexing_policy" { + description = "The indexing policy for the Cosmos DB SQL container, which specifies how items are indexed for queries." + type = object({ + indexing_mode = string # Either 'consistent' or 'none'. + included_paths = list(object({ + path = string # Paths explicitly included in the index. + })) + excluded_paths = list(object({ + path = string # Paths explicitly excluded from the index. + })) + }) + default = null +} + +variable "default_ttl" { + description = "Default time-to-live (TTL) for the Cosmos DB SQL container, specified in seconds. If null, TTL is not configured." + type = number + default = null } From b06ffbb9f2de4b5e789a67cfea092a96adf98168 Mon Sep 17 00:00:00 2001 From: Maciej Michalski <5445923+spy86@users.noreply.github.com> Date: Mon, 30 Dec 2024 13:51:05 +0000 Subject: [PATCH 11/14] Create azure-pipelines.yaml --- pipelines/azure-pipelines.yaml | 117 +++++++++++++++++++++++++++++++++ 1 file changed, 117 insertions(+) create mode 100644 pipelines/azure-pipelines.yaml diff --git a/pipelines/azure-pipelines.yaml b/pipelines/azure-pipelines.yaml new file mode 100644 index 0000000..d0c6b34 --- /dev/null +++ b/pipelines/azure-pipelines.yaml @@ -0,0 +1,117 @@ +name: $(MODULE_NAME)-$(date:yyyyMMdd)-$(rev:.r) +parameters: +- name: publish_module + displayName: 'Publish Module ???' + type: string + default: 'false' + values: + - true + - false +trigger: + branches: + include: + - refs/heads/master + - refs/heads/main +resources: + repositories: + - repository: self +variables: + - name: TERRAFORM_SEC_VERSION + value: "v1.26.0" + - name: GITHUB_REPO + value: "Think-Cube/terraform-azure-cosmosdb-database-container" + - group: GITHUB-PAT-TOKEN + - name: PUBLISH_MODULE + value: ${{parameters.publish_module}} + - name: VM_IMAGE + value: ubuntu-latest + - name: MODULE_NAME + value: "terraform-azure-cosmosdb-database-container" + - name: MODULE_DESCRIPTION + value: "Terraform module for azure cosmosdb database container" +pool: + vmImage: $(VM_IMAGE) +stages: + - stage: Validate_Terraform_Module + displayName: 'Validate Terraform Module' + jobs: + - job: Validate_Terraform_Module + displayName: 'Validate Terraform Module' + steps: + - checkout: self + displayName: 'Checkout Module' + fetchDepth: 1 + - task: CmdLine@2 + displayName: 'Terraform Init' + inputs: + script: | + terraform init + workingDirectory: '$(System.DefaultWorkingDirectory)' + - task: CmdLine@2 + displayName: 'Terraform Validate' + inputs: + script: | + terraform validate + workingDirectory: '$(System.DefaultWorkingDirectory)' + - task: tfsec@1 + displayName: 'Terraform SEC check' + inputs: + version: '$(TERRAFORM_SEC_VERSION)' + dir: '$(System.DefaultWorkingDirectory)' + - stage: Publish_Terraform_Module + condition: eq('${{parameters.publish_module}}', 'true') + displayName: 'Publish Terraform Module' + jobs: + - job: Publish_Terraform_Module + displayName: 'Publish Terraform Module' + steps: + - checkout: self + - task: CopyFiles@2 + displayName: 'Copy Terraform module files' + inputs: + SourceFolder: $(System.DefaultWorkingDirectory) + Contents: '**.tf' + TargetFolder: $(System.DefaultWorkingDirectory)/$(MODULE_NAME) + - task: CmdLine@2 + displayName: 'Fetch latest version and increment' + inputs: + script: | + # Variables + module_path="$(System.DefaultWorkingDirectory)/$(MODULE_NAME)" + github_repo="$(GITHUB_REPO)" + github_token="$(GITHUB_TOKEN)" + description="New $(MODULE_DESCRIPTION) release" + + # Remove unnecessary files from the module directory + find "$module_path" -name ".git" -type d -exec rm -rf {} + + find "$module_path" -name ".github" -type d -exec rm -rf {} + + + # Fetch the latest tag and increment version + latest_tag=$(git tag --list "v*" | sort -V | tail -n1) + new_version="0.0.1" + if [ -n "$latest_tag" ]; then + IFS='.' read -r major minor patch <<< "${latest_tag#v}" + if (( patch < 999 )); then + patch=$((patch + 1)) + else + patch=0 + if (( minor < 999 )); then + minor=$((minor + 1)) + else + minor=0 + major=$((major + 1)) + fi + fi + new_version="$major.$minor.$patch" + fi + + # Create a tarball of the module + tarball_name="$(MODULE_NAME)-v$new_version.tar.gz" + tar -czf "$tarball_name" -C "$module_path" . + + # Publish to GitHub Releases using gh CLI + echo "$github_token" | gh auth login --with-token + gh release create "v$new_version" "$tarball_name" \ + --repo "$github_repo" \ + --title "$(MODULE_NAME) v$new_version" \ + --notes "$description" From 11811e3ba9492aa78c7e51eda234a8fde30bea9a Mon Sep 17 00:00:00 2001 From: Maciej Michalski <5445923+spy86@users.noreply.github.com> Date: Mon, 30 Dec 2024 13:51:54 +0000 Subject: [PATCH 12/14] Create azure-pipelines-pr.yaml --- pipelines/azure-pipelines-pr.yaml | 80 +++++++++++++++++++++++++++++++ 1 file changed, 80 insertions(+) create mode 100644 pipelines/azure-pipelines-pr.yaml diff --git a/pipelines/azure-pipelines-pr.yaml b/pipelines/azure-pipelines-pr.yaml new file mode 100644 index 0000000..9d7f7ff --- /dev/null +++ b/pipelines/azure-pipelines-pr.yaml @@ -0,0 +1,80 @@ +name: $(MODULE_NAME)-$(date:yyyyMMdd)-$(rev:.r) +trigger: none +pr: + branches: + include: + - refs/heads/master + - refs/heads/main +resources: + repositories: + - repository: self +variables: + - name: TERRAFORM_SEC_VERSION + value: "v1.26.0" + - name: GITHUB_REPO + value: "Think-Cube/terraform-azure-cosmosdb-database-container" + - group: GITHUB-PAT-TOKEN + - name: VM_IMAGE + value: ubuntu-latest + - name: MODULE_NAME + value: "terraform-azure-cosmosdb-database-container" +pool: + vmImage: $(VM_IMAGE) +stages: + - stage: Validate_Terraform_Module + displayName: 'Validate Terraform Module' + jobs: + - job: Validate_Terraform_Module + displayName: 'Validate Terraform Module' + steps: + - checkout: self + displayName: 'Checkout Module' + fetchDepth: 1 + - task: TerraformCLI@0 + displayName: 'Terraform Init' + inputs: + command: 'init' + allowTelemetryCollection: false + - task: TerraformCLI@0 + displayName: 'Terraform Validate' + inputs: + command: 'validate' + allowTelemetryCollection: false + - task: tfsec@1 + displayName: 'Terraform SEC check' + inputs: + version: '$(TERRAFORM_SEC_VERSION)' + dir: '$(System.DefaultWorkingDirectory)' + - script: | + cd /tmp + curl -sSLo /tmp/terraform-docs.tar.gz https://terraform-docs.io/dl/v0.19.0/terraform-docs-v0.19.0-$(uname)-amd64.tar.gz + tar -xzf /tmp/terraform-docs.tar.gz + chmod +x /tmp/terraform-docs + displayName: 'Download terraform-docs' + - script: | + # Variables + github_token="$(GITHUB_TOKEN)" + # Generate or update README.md + /tmp/terraform-docs markdown table . > README.md + + # Check if README.md has been updated or created and add to PR + if [ -f README.md ]; then + echo "README.md file generated/updated." + git config --global user.email "devops-bot@example.com" + git config --global user.name "DevOps Bot" + git add README.md + git commit -m "Update README.md with module documentation" + + # Set remote URL with authentication token + git remote set-url origin https://$(GITHUB_TOKEN)@github.com/Think-Cube/terraform-azure-cosmosdb-database-container.git + + # Pull the latest changes to avoid conflicts (source branch of the PR) + git pull origin $(System.PullRequest.SourceBranch) --rebase + + # Push changes + git push origin HEAD:$(System.PullRequest.SourceBranch) + else + echo "Failed to generate README.md" + exit 1 + fi + displayName: 'Generate and Update README.md Documentation' From 7cab2518953e44ba138f6645c1915a5ce9484ee4 Mon Sep 17 00:00:00 2001 From: Maciej Michalski <5445923+spy86@users.noreply.github.com> Date: Mon, 27 Jan 2025 08:31:50 +0000 Subject: [PATCH 13/14] Update cosmos_db_database_container.tf From e8cad866b3cd034bc31620642ee92ee181085a7a Mon Sep 17 00:00:00 2001 From: Maciej Michalski <5445923+spy86@users.noreply.github.com> Date: Mon, 27 Jan 2025 08:32:21 +0000 Subject: [PATCH 14/14] Update main.tf