Remove providers (#84)

* use azurerm 2.50 in src/core * removing provider files * updates to readme and scripts for local providers * set tf provider folder Co-authored-by: Glenn Musa <[email protected]>
Azure · Mar 17, 2021 · ce17867 · ce17867
1 parent c439941
commit ce17867
Show file tree

Hide file tree

Showing 14 changed files with 50 additions and 95 deletions.
diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile
@@ -37,6 +37,22 @@ RUN wget -O terraform.zip https://releases.hashicorp.com/terraform/0.13.4/terraf
     && unzip ./terraform.zip -d /usr/local/bin/ \
     && rm terraform.zip
 
+# Download Terraform providers (plugins)
+# Setting the TF_PLUGIN_CACHE_DIR environment variable instructs Terraform to search that folder for plugins first
+ENV TF_PLUGIN_CACHE_DIR=/usr/lib/tf-plugins
+ARG AZURERM_LOCAL_PATH="${TF_PLUGIN_CACHE_DIR}/registry.terraform.io/hashicorp/azurerm/2.50.0/linux_amd64"
+ARG RANDOM_LOCAL_PATH="${TF_PLUGIN_CACHE_DIR}/registry.terraform.io/hashicorp/random/3.1.0/linux_amd64"
+ARG AZURERM_PROVIDER=https://releases.hashicorp.com/terraform-provider-azurerm/2.50.0/terraform-provider-azurerm_2.50.0_linux_amd64.zip
+ARG RANDOM_PROVIDER=https://releases.hashicorp.com/terraform-provider-random/3.1.0/terraform-provider-random_3.1.0_linux_amd64.zip
+RUN wget -O azurerm.zip ${AZURERM_PROVIDER} \
+    && wget -O random.zip ${RANDOM_PROVIDER} \
+    && mkdir -p ${AZURERM_LOCAL_PATH} \
+    && mkdir -p ${RANDOM_LOCAL_PATH} \
+    && unzip azurerm.zip -d ${AZURERM_LOCAL_PATH} \
+    && unzip random.zip -d ${RANDOM_LOCAL_PATH} \
+    && rm azurerm.zip \
+    && rm random.zip
+
 # Install the Microsoft package key
 RUN wget -q https://packages.microsoft.com/config/ubuntu/20.04/packages-microsoft-prod.deb -O packages-microsoft-prod.deb \
     && dpkg -i packages-microsoft-prod.deb \

diff --git a/README.md b/README.md
@@ -10,24 +10,10 @@ Terraform resources to deploy Tier 0, 1, and 2, and the components of a [SACA hu
     az login
     ```
 
-1. [Prepare the Terraform provider cache](#Prepare-the-Terraform-provider-cache)
 1. [Configure the Terraform Backend](#Configure-the-Terraform-Backend)
 1. [Set Terraform Configuration Variables](#Set-Terraform-Configuration-Variables)
 1. [Deploy Terraform Configuration](#Deploy-Terraform-Configuration)
 
-### Prepare the Terraform provider cache
-
-We source the terraform provider locally from this repository and circumvent the need to fetch it from the internet.
-
-This below script will unzip the provider from the /src/provider_archive folder and place the provider in the /src/provider_cache folder and set execute permissions for the current user.
-
-Execute `unzipprovider.sh`
-
-```bash
-chmod u+x src/provider_archive/unzipprovider.sh
-src/provider_archive/unzipprovider.sh
-```
-
 ### Configure the Terraform Backend
 
 The MLZ deployment architecture uses a single Service Principal whose credentials are stored in a central "config" Key Vault. Terraform state storage is distributed into a separate storage account for each tier. When deploying the MLZ architecture, all tiers can be deployed into a single subscription or each tier can be deployed into its own subscription.
@@ -124,6 +110,12 @@ scripts/init_terraform.sh \
   src/core/tier-1
 ```
 
+### Terraform Providers
+
+The development container definition downloads the required Terraform plugin providers during the container build so that the container can be transported to an air-gapped network for use. The container also sets the `TF_PLUGIN_CACHE_DIR` environment variable, which Terraform uses as the search location for locally installed providers. If you are not using the container to deploy or if the `TF_PLUGIN_CACHE_DIR` environment variable is not set, Terraform will automatically attempt to download the provider from the internet when you execute the `terraform init` command.
+
+See the development container [README](.devcontainer/README.md) for more details on building and running the container.
+
 ## Helpful Links
 
 For more endpoint mappings between AzureCloud and AzureUsGovernment: <https://docs.microsoft.com/en-us/azure/azure-government/compare-azure-government-global-azure#guidance-for-developers/>

diff --git a/scripts/apply_terraform.sh b/scripts/apply_terraform.sh
@@ -31,8 +31,6 @@ tfvars="${tf_dir}/${tf_name}.tfvars"
 
 auto_approve=${3:-n}
 
-plugin_dir="$(dirname "$(dirname "$(realpath "$0")")")/src/provider_cache"
-
 # check for dependencies
 . "${BASH_SOURCE%/*}/util/checkforazcli.sh"
 . "${BASH_SOURCE%/*}/util/checkforterraform.sh"
@@ -65,7 +63,6 @@ key="${mlz_env_name}${tf_name}"
 # initialize terraform in the configuration directory
 cd "${tf_dir}" || exit
 terraform init \
-   -plugin-dir="${plugin_dir}" \
    -backend-config "key=${key}" \
    -backend-config "resource_group_name=${tf_be_rg_name}" \
    -backend-config "storage_account_name=${tf_be_sa_name}" \

diff --git a/scripts/destroy_terraform.sh b/scripts/destroy_terraform.sh
@@ -31,8 +31,6 @@ tfvars="${tf_dir}/${tf_name}.tfvars"
 
 auto_approve=${3:-n}
 
-plugin_dir="$(dirname "$(dirname "$(realpath "$0")")")/src/provider_cache"
-
 # check for dependencies
 . "${BASH_SOURCE%/*}/util/checkforazcli.sh"
 . "${BASH_SOURCE%/*}/util/checkforterraform.sh"
@@ -65,7 +63,6 @@ key="${mlz_env_name}${tf_name}"
 # initialize terraform in the configuration directory
 cd "${tf_dir}" || exit
 terraform init \
-   -plugin-dir="${plugin_dir}" \
    -backend-config "key=${key}" \
    -backend-config "resource_group_name=${tf_be_rg_name}" \
    -backend-config "storage_account_name=${tf_be_sa_name}" \

diff --git a/scripts/init_terraform.sh b/scripts/init_terraform.sh
@@ -24,8 +24,6 @@ tf_name=$(basename "${tf_dir}")
 
 config_vars="${tf_dir}/config.vars"
 
-plugin_dir="$(dirname "$(dirname "$(realpath "$0")")")/src/provider_cache"
-
 # check for dependencies
 . "${BASH_SOURCE%/*}/util/checkforazcli.sh"
 . "${BASH_SOURCE%/*}/util/checkforterraform.sh"
@@ -50,7 +48,6 @@ key="${mlz_env_name}${tf_name}"
 # Initialize terraform in the configuration directory
 cd "${tf_dir}" || exit
 terraform init \
-   -plugin-dir="${plugin_dir}" \
    -backend-config "key=${key}" \
    -backend-config "resource_group_name=${tf_be_rg_name}" \
    -backend-config "storage_account_name=${tf_be_sa_name}" \

diff --git a/src/core/saca-hub/main.tf b/src/core/saca-hub/main.tf
@@ -2,27 +2,26 @@
 # Licensed under the MIT License.
 terraform {
   backend "azurerm" {}
-  required_providers {
-    azurerm = {
-      source  = "hashicorp/azurerm"
-      version = "2.45.1"
-    }
-    random = {
-      source  = "hashicorp/random"
-      version = "3.1.0"
-    }
-  }
 }
 
 provider "azurerm" {
+  version         = "~> 2.50.0"
   environment     = var.tf_environment
   metadata_host   = var.mlz_metadatahost
   tenant_id       = var.mlz_tenantid
   subscription_id = var.saca_subid
   client_id       = var.mlz_clientid
   client_secret   = var.mlz_clientsecret
 
-  features {}
+  features {
+    log_analytics_workspace {
+      permanently_delete_on_destroy = true
+    }
+  }
+}
+
+provider "random" {
+  version = "3.1.0"
 }
 
 resource "azurerm_resource_group" "hub" {

diff --git a/src/core/tier-0/main.tf b/src/core/tier-0/main.tf
@@ -2,19 +2,10 @@
 # Licensed under the MIT License.
 terraform {
   backend "azurerm" {}
-  required_providers {
-    azurerm = {
-      source  = "hashicorp/azurerm"
-      version = "2.45.1"
-    }
-    random = {
-      source  = "hashicorp/random"
-      version = "3.1.0"
-    }
-  }
 }
 
 provider "azurerm" {
+  version         = "~> 2.50.0"
   environment     = var.tf_environment
   metadata_host   = var.mlz_metadatahost
   tenant_id       = var.mlz_tenantid
@@ -26,6 +17,7 @@ provider "azurerm" {
 }
 
 provider "azurerm" {
+  version         = "~> 2.50.0"
   alias           = "hub"
   environment     = var.tf_environment
   metadata_host   = var.mlz_metadatahost
@@ -37,6 +29,10 @@ provider "azurerm" {
   features {}
 }
 
+provider "random" {
+  version = "3.1.0"
+}
+
 data "azurerm_resource_group" "hub" {
   provider = azurerm.hub
   name     = var.saca_rgname

diff --git a/src/core/tier-1/main.tf b/src/core/tier-1/main.tf
@@ -2,19 +2,10 @@
 # Licensed under the MIT License.
 terraform {
   backend "azurerm" {}
-  required_providers {
-    azurerm = {
-      source  = "hashicorp/azurerm"
-      version = "2.45.1"
-    }
-    random = {
-      source  = "hashicorp/random"
-      version = "3.1.0"
-    }
-  }
 }
 
 provider "azurerm" {
+  version         = "~> 2.50.0"
   environment     = var.tf_environment
   metadata_host   = var.mlz_metadatahost
   tenant_id       = var.mlz_tenantid
@@ -26,6 +17,7 @@ provider "azurerm" {
 }
 
 provider "azurerm" {
+  version         = "~> 2.50.0"
   alias           = "hub"
   environment     = var.tf_environment
   metadata_host   = var.mlz_metadatahost
@@ -37,6 +29,10 @@ provider "azurerm" {
   features {}
 }
 
+provider "random" {
+  version = "3.1.0"
+}
+
 data "azurerm_resource_group" "hub" {
   provider = azurerm.hub
   name     = var.saca_rgname

diff --git a/src/core/tier-2/main.tf b/src/core/tier-2/main.tf
@@ -2,15 +2,10 @@
 # Licensed under the MIT License.
 terraform {
   backend "azurerm" {}
-  required_providers {
-    azurerm = {
-      source  = "hashicorp/azurerm"
-      version = "2.45.1"
-    }
-  }
 }
 
 provider "azurerm" {
+  version         = "~> 2.50.0"
   environment     = var.tf_environment
   metadata_host   = var.mlz_metadatahost
   tenant_id       = var.mlz_tenantid
@@ -22,6 +17,7 @@ provider "azurerm" {
 }
 
 provider "azurerm" {
+  version         = "~> 2.50.0"
   alias           = "hub"
   environment     = var.tf_environment
   metadata_host   = var.mlz_metadatahost
@@ -33,6 +29,10 @@ provider "azurerm" {
   features {}
 }
 
+provider "random" {
+  version = "3.1.0"
+}
+
 data "azurerm_resource_group" "hub" {
   provider = azurerm.hub
   name     = var.saca_rgname

diff --git a/src/provider_archive/terraform-provider-azurerm_2.45.1_linux_amd64.zip b/src/provider_archive/terraform-provider-azurerm_2.45.1_linux_amd64.zip
diff --git a/src/provider_archive/terraform-provider-random_3.1.0_linux_amd64.zip b/src/provider_archive/terraform-provider-random_3.1.0_linux_amd64.zip
diff --git a/src/provider_archive/unzipprovider.sh b/src/provider_archive/unzipprovider.sh
diff --git a/...egistry.terraform.io/hashicorp/azurerm/2.45.1/linux_amd64/terraform-provider.md b/...egistry.terraform.io/hashicorp/azurerm/2.45.1/linux_amd64/terraform-provider.md
diff --git a/.../registry.terraform.io/hashicorp/random/3.1.0/linux_amd64/terraform-provider.md b/.../registry.terraform.io/hashicorp/random/3.1.0/linux_amd64/terraform-provider.md