From 44af498b60fa1427d0a494a005cbad51900fbdee Mon Sep 17 00:00:00 2001
From: "github-actions[bot]" <github-actions[bot]@users.noreply.github.com>
Date: Sun, 1 Dec 2024 02:31:47 +0000
Subject: [PATCH] fix: grept apply

---
 .github/workflows/e2e.yml           | 96 ++++++++---------------------
 .github/workflows/linting.yml       |  6 +-
 .github/workflows/version-check.yml |  2 +-
 avm                                 |  8 ++-
 avm.bat                             |  2 +-
 main.tf                             |  3 +
 6 files changed, 42 insertions(+), 75 deletions(-)

diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml
index 7bb2c47..920ab58 100644
--- a/.github/workflows/e2e.yml
+++ b/.github/workflows/e2e.yml
@@ -1,71 +1,29 @@
 ---
-name: e2e test
+  name: test examples
+  on:
+    pull_request:
+      types: ['opened', 'reopened', 'synchronize']
+    merge_group:
+    workflow_dispatch:
+  
+  jobs:
+    check:
+      runs-on: ubuntu-latest
+      steps:
+        - name: Checking for Fork
+          shell: pwsh
+          run: |
+            $isFork = "${{ github.event.pull_request.head.repo.fork }}"
+            if($isFork -eq "true") {
+              echo "### WARNING: This workflow is disabled for forked repositories. Please follow the [release branch process](https://azure.github.io/Azure-Verified-Modules/contributing/terraform/terraform-contribution-flow/#5-create-a-pull-request-to-the-upstream-repository) if end to end tests are required." >> $env:GITHUB_STEP_SUMMARY
+            }
 
-on:
-  pull_request:
-    types: ['opened', 'reopened', 'synchronize']
-  merge_group:
-  workflow_dispatch:
-
-permissions:
-  contents: read
-  id-token: write
-
-jobs:
-  getexamples:
-    if: github.event.repository.name != 'terraform-azurerm-avm-template'
-    runs-on: ubuntu-latest
-    outputs:
-      examples: ${{ steps.getexamples.outputs.examples }}
-    steps:
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7
-      - name: get examples
-        id: getexamples
-        uses: Azure/terraform-azurerm-avm-template/.github/actions/e2e-getexamples@main
-        with:
-          github-token: ${{ secrets.GITHUB_TOKEN }}
-
-  testexamples:
-    if: github.event.repository.name != 'terraform-azurerm-avm-template'
-    runs-on: [ self-hosted, 1ES.Pool=terraform-azurerm-avm-res-compute-disk ]
-    needs: getexamples
-    environment: test
-    env:
-      TF_IN_AUTOMATION: 1
-      TF_VAR_enable_telemetry: false
-    strategy:
-      matrix:
-        example: ${{ fromJson(needs.getexamples.outputs.examples) }}
-      fail-fast: false
-    steps:
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7
-
-      - name: Test example
-        shell: bash
-        run: |
-          set -e
-           MAX_RETRIES=10
-          RETRY_COUNT=0
-          until [ $RETRY_COUNT -ge $MAX_RETRIES ]
-          do
-            az login --identity --username $MSI_ID > /dev/null && break
-            RETRY_COUNT=$[$RETRY_COUNT+1]
-            sleep 10
-          done
-          if [ $RETRY_COUNT -eq $MAX_RETRIES ]; then
-            echo "Failed to login after $MAX_RETRIES attempts."
-            exit 1
-          fi
-          export ARM_SUBSCRIPTION_ID=$(az login --identity --username $MSI_ID | jq -r '.[0] | .id')
-          export ARM_TENANT_ID=$(az login --identity --username $MSI_ID | jq -r '.[0] | .tenantId')
-          export ARM_CLIENT_ID=$(az identity list | jq -r --arg MSI_ID "$MSI_ID" '.[] | select(.principalId == $MSI_ID) | .clientId')
-          docker run --rm -v /var/run/docker.sock:/var/run/docker.sock -v $(pwd):/src -w /src --network=host -e TF_IN_AUTOMATION -e TF_VAR_enable_telemetry -e AVM_MOD_PATH=/src -e AVM_EXAMPLE=${{ matrix.example }} -e MSI_ID -e ARM_SUBSCRIPTION_ID -e ARM_TENANT_ID -e ARM_CLIENT_ID -e ARM_USE_MSI=true mcr.microsoft.com/azterraform:latest make test-example
-
-  # This job is only run when all the previous jobs are successful.
-  # We can use it for PR validation to ensure all examples have completed.
-  testexamplescomplete:
-    if: github.event.repository.name != 'terraform-azurerm-avm-template'
-    runs-on: ubuntu-latest
-    needs: testexamples
-    steps:
-      - run: echo "All tests passed"
+    run-e2e-tests:
+      if: github.event.pull_request.head.repo.fork == false
+      uses: Azure/terraform-azurerm-avm-template/.github/workflows/test-examples-template.yml@main
+      name: end to end
+      secrets: inherit
+      permissions:
+        id-token: write
+        contents: read
+  
\ No newline at end of file
diff --git a/.github/workflows/linting.yml b/.github/workflows/linting.yml
index 254164d..864db46 100644
--- a/.github/workflows/linting.yml
+++ b/.github/workflows/linting.yml
@@ -21,7 +21,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: checkout repository
-        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 #v4.2.2
 
       - name: check docs
         uses: Azure/terraform-azurerm-avm-template/.github/actions/docs-check@main
@@ -32,7 +32,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: checkout repository
-        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 #v4.2.2
 
       - name: lint terraform
         uses: Azure/terraform-azurerm-avm-template/.github/actions/linting@main
@@ -45,7 +45,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: checkout repository
-        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 #v4.2.2
 
       - name: avmfix
         uses: Azure/terraform-azurerm-avm-template/.github/actions/avmfix@main
diff --git a/.github/workflows/version-check.yml b/.github/workflows/version-check.yml
index c117502..8719641 100644
--- a/.github/workflows/version-check.yml
+++ b/.github/workflows/version-check.yml
@@ -16,7 +16,7 @@ jobs:
     if: github.event.repository.name != 'terraform-azurerm-avm-template'
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 #v4.2.2
       - name: Check version
         uses: Azure/terraform-azurerm-avm-template/.github/actions/version-check@main
         with:
diff --git a/avm b/avm
index 6668be7..1c6b0d2 100755
--- a/avm
+++ b/avm
@@ -18,10 +18,16 @@ if [ -z "$1" ]; then
     exit 1
 fi
 
+# Mount .azure directory if it exists
+AZURE_VOLUME=""
+if [ -d "$HOME/.azure" ]; then
+  AZURE_VOLUME="-v $HOME/.azure:/home/runtimeuser/.azure"
+fi
+
 # Check if we are running in a container
 # If we are then just run make directly
 if [ -z "$AVM_IN_CONTAINER" ]; then
-  $CONTAINER_RUNTIME run --pull always --user "$(id -u):$(id -g)" --rm -v /etc/passwd:/etc/passwd -v /etc/group:/etc/group -v "$(pwd)":/src -w /src -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER mcr.microsoft.com/azterraform make "$1"
+  $CONTAINER_RUNTIME run --pull always --user "$(id -u):$(id -g)" --rm $AZURE_VOLUME -v "$(pwd)":/src -w /src -e GITHUB_REPOSITORY -e ARM_SUBSCRIPTION_ID -e GITHUB_REPOSITORY_OWNER mcr.microsoft.com/azterraform make "$1"
 else
   make "$1"
 fi
diff --git a/avm.bat b/avm.bat
index cdfa812..6b177be 100644
--- a/avm.bat
+++ b/avm.bat
@@ -18,6 +18,6 @@ IF "%~1"=="" (
 )
 
 REM Run the make target with CONTAINER_RUNTIME
-%CONTAINER_RUNTIME% run --pull always --rm -v "%cd%":/src -w /src -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER mcr.microsoft.com/azterraform make %1
+%CONTAINER_RUNTIME% run --pull always --rm -v "%cd%":/src -w /src --user "1000:1000" -e ARM_SUBSCRIPTION_ID -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER mcr.microsoft.com/azterraform make %1
 
 ENDLOCAL
diff --git a/main.tf b/main.tf
index d92a234..ac30f91 100644
--- a/main.tf
+++ b/main.tf
@@ -59,11 +59,13 @@ resource "azurerm_managed_disk" "this" {
 
   dynamic "encryption_settings" {
     for_each = var.encryption_settings == null ? [] : [var.encryption_settings]
+
     content {
       enabled = encryption_settings.value.enabled
 
       dynamic "disk_encryption_key" {
         for_each = encryption_settings.value.disk_encryption_key == null ? [] : [encryption_settings.value.disk_encryption_key]
+
         content {
           secret_url      = disk_encryption_key.value.secret_url
           source_vault_id = disk_encryption_key.value.source_vault_id
@@ -71,6 +73,7 @@ resource "azurerm_managed_disk" "this" {
       }
       dynamic "key_encryption_key" {
         for_each = encryption_settings.value.key_encryption_key == null ? [] : [encryption_settings.value.key_encryption_key]
+
         content {
           key_url         = key_encryption_key.value.key_url
           source_vault_id = key_encryption_key.value.source_vault_id