Initial commit

.devcontainer/devcontainer.json

@@ -0,0 +1,26 @@
+{
+  "image": "mcr.microsoft.com/azterraform:latest",
+
+  "runArgs": [
+		"--cap-add=SYS_PTRACE",
+		"--security-opt",
+		"seccomp=unconfined",
+		"--init",
+		"--network=host"
+	],
+
+	"mounts": [ "source=/var/run/docker.sock,target=/var/run/docker.sock,type=bind" ],
+  "customizations": {
+    "vscode": {
+      "settings": {
+        "go.toolsManagement.checkForUpdates": "local",
+        "go.useLanguageServer": true,
+        "go.goroot": "/usr/local/go"
+      },
+      "extensions": [
+        "hashicorp.terraform",
+        "golang.Go"
+      ]
+    }
+  }
+}

.github/CODEOWNERS

@@ -0,0 +1,3 @@
+# AVM core team owns key files
+.github/policies/ @Azure/avm-core-team-technical
+.github/CODEOWNERS @Azure/avm-core-team-technical

.github/ISSUE_TEMPLATE/avm_module_issue.yml

@@ -0,0 +1,61 @@
+name: AVM - Module Issue ➕🐛🔒
+description: Want to request a new Module feature or report a bug? Let us know!
+title: "[AVM Module Issue]: "
+labels: ["Needs: Triage :mag:", "Language: Terraform :globe_with_meridians:"]
+projects: ["Azure/566"]
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thank you for submitting this AVM Module Issue! To help us triage your issue, please provide the below details.
+
+        > **NOTE**: If you'd like to propose a new AVM module, please file an [AVM Module Proposal](https://aka.ms/AVM/ModuleProposal).
+  - type: checkboxes
+    id: existing-checks
+    attributes:
+      label: Check for previous/existing GitHub issues
+      description: By submitting this issue, you confirm that you have searched for previous/existing GitHub issues to avoid creating a duplicate.
+      options:
+        - label: I have checked for previous/existing GitHub issues
+          required: true
+  - type: dropdown
+    id: issue-type
+    attributes:
+      label: Issue Type?
+      description: How would you best describe this issue? Is this a...
+      options:
+        - ""
+        - "Feature Request"
+        - "Bug"
+        - "Security Bug"
+        - "I'm not sure"
+    validations:
+      required: true
+  - type: input
+    id: module-version
+    attributes:
+      label: (Optional) Module Version
+      description: Please provide which version(s) of the module does this issue apply to.
+    validations:
+      required: false
+  - type: input
+    id: correlation-id
+    attributes:
+      label: (Optional) Correlation Id
+      description: Please provide a correlation id if available and appropriate.
+    validations:
+      required: false
+  - type: textarea
+    id: question-feedback-text
+    attributes:
+      label: Description
+      description: |
+        Please describe the issue!
+        > **NOTE**: All requested features must already be supported by the provider and Preview Services ([SFR1](https://azure.github.io/Azure-Verified-Modules/specs/shared/#id-sfr1---category-composition---preview-services)) are not supported.
+      placeholder: |
+        <!--
+        If this is a bug, please provide a minimum example to reproduce the bug.
+        If this is a feature request, please provide a detailed description of the feature.
+        -->
+    validations:
+      required: true

.github/ISSUE_TEMPLATE/avm_question_feedback.yml

@@ -0,0 +1,32 @@
+name: AVM - General Question/Feedback ❔
+description: Just got a question or some general feedback? Let us know!
+title: "[AVM Question/Feedback]: "
+labels:
+  [
+    "Language: Terraform :globe_with_meridians:",
+    "Type: Question/Feedback :raising_hand:",
+    "Needs: Triage :mag:",
+  ]
+projects: ["Azure/538"]
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thank you for your question/feedback!
+
+        > **NOTE**: If your question/request is related to the AVM site/documentation, please file an issue in the [AVM repo](https://github.com/Azure/Azure-Verified-Modules/issues/new?assignees=&labels=Type%3A+Question%2FFeedback+%3Araising_hand%3A%2CNeeds%3A+Triage+%3Amag%3A&projects=&template=question_feedback.yml&title=%5BQuestion%2FFeedback%5D%3A+).
+  - type: checkboxes
+    id: existing-checks
+    attributes:
+      label: Check for previous/existing GitHub issues
+      description: By submitting this issue, you confirm that you have searched for previous/existing GitHub issues to avoid creating a duplicate.
+      options:
+        - label: I have checked for previous/existing GitHub issues
+          required: true
+  - type: textarea
+    id: question-feedback-text
+    attributes:
+      label: Description
+      description: Let us know your question or feedback here!
+    validations:
+      required: true

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,5 @@
+blank_issues_enabled: true
+contact_links:
+  - name: New AVM Module Proposal 📝
+    url: https://aka.ms/AVM/ModuleProposal
+    about: Want a new AVM Module to exist? Let us know!

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,32 @@
+## Description
+
+<!--
+>Thank you for your contribution !
+> Please include a summary of the change and which issue is fixed.
+> Please also include the context.
+> List any dependencies that are required for this change.
+
+Fixes #123
+Closes #456
+-->
+
+## Type of Change
+
+<!-- Use the check-boxes [x] on the options that are relevant. -->
+
+- [ ] Non-module change (e.g. CI/CD, documentation, etc.)
+- [ ] Azure Verified Module updates:
+  - [ ] Bugfix containing backwards compatible bug fixes, and I have NOT bumped the MAJOR or MINOR version in `locals.version.tf.json`:
+    - [ ] Someone has opened a bug report issue, and I have included "Closes #{bug_report_issue_number}" in the PR description.
+    - [ ] The bug was found by the module author, and no one has opened an issue to report it yet.
+  - [ ] Feature update backwards compatible feature updates, and I have bumped the MINOR version in `locals.version.tf.json`.
+  - [ ] Breaking changes and I have bumped the MAJOR version in `locals.version.tf.json`.
+  - [ ] Update to documentation
+
+# Checklist
+
+- [ ] I'm sure there are no other open Pull Requests for the same update/change
+- [ ] My corresponding pipelines / checks run clean and green without any errors or warnings
+- [ ] I did run all  [pre-commit](https://azure.github.io/Azure-Verified-Modules/contributing/terraform/terraform-contribution-flow/#5-run-pre-commit-checks) checks
+
+<!--  Please keep up to date with the contribution guide at https://aka.ms/avm/contribute/terraform -->

.github/actions/avmfix/action.yml

@@ -0,0 +1,28 @@
+author: AVM
+name: avmfix
+description: Ensures that avmfix has been run.
+
+runs:
+  using: composite
+  steps:
+    - name: run avmfix
+      shell: bash
+      run: |
+        docker run --rm -v $(pwd):/src -w /src mcr.microsoft.com/azterraform make autofix
+
+    - name: detect changes
+      shell: bash
+      run: |
+        if [ -z $(git status -s) ]; then
+          echo "No changes detected"
+          exit 0
+        else
+          echo "AVMfix changes detected, please run:"
+          echo "> docker run --rm -v $(pwd):/src -w /src mcr.microsoft.com/azterraform make pre-commit"
+          echo "... or if you have the avm helper script installed:"
+          echo "> ./avm pre-commit"
+          echo "> avm.bat pre-commit (on Windows)"
+          echo
+          echo "Then commit and push the changes"
+          exit 1
+        fi

.github/actions/docs-check/action.yml

@@ -0,0 +1,15 @@
+author: AVM
+name: Docs check
+description: Checks that documentation has been updated on PR
+runs:
+  using: composite
+  steps:
+    - name: fmt check
+      shell: bash
+      run: |
+        docker run --rm -v $(pwd):/src -w /src mcr.microsoft.com/azterraform make fmtcheck
+
+    - name: docs check
+      shell: bash
+      run: |
+        docker run --rm -v $(pwd):/src -w /src mcr.microsoft.com/azterraform make docscheck

.github/actions/e2e-getexamples/action.yml

@@ -0,0 +1,34 @@
+author: AVM
+name: e2e - getexamples
+description: Gets example directories from `examples/` and outputs them to the next step
+inputs:
+  github-token:
+    description: The GitHub token to use for the API calls
+    required: true
+outputs:
+  examples:
+    description: The examples to test
+    value: ${{ steps.getexamples.outputs.examples }}
+runs:
+  using: composite
+  steps:
+    - name: get examples
+      id: getexamples
+      run: |
+        # Get latest release from GitHub API and get download URL for the Linux x64 binary
+        URL=$(curl -sL -H "Authorization: Bearer ${{ inputs.github-token }}" https://api.github.com/repos/matt-FFFFFF/jsonls/releases/latest \
+          | jq -r '.assets[] | select( .name | test("linux_amd64")) | .browser_download_url')
+
+        # Download the binary and extract
+        curl -sL "$URL" | tar -xvz jsonls
+
+        # Ensure exec bit set
+        sudo chmod a+x jsonls
+
+        # Move binary to path
+        sudo mv jsonls /usr/local/bin/jsonls
+
+        # Get the examples
+        echo examples="$(jsonls -d)" >> "$GITHUB_OUTPUT"
+      working-directory: examples
+      shell: bash

.github/actions/e2e-testexamples/action.yml

@@ -0,0 +1,47 @@
+author: AVM
+name: e2e - testexamples
+description: Tests the example supplied in the input. Needs checkout and Azure login prior.
+inputs:
+  example:
+    description: The example directory to test
+    required: true
+
+runs:
+  using: composite
+  steps:
+    - uses: hashicorp/setup-terraform@v2
+      with:
+        terraform_version: ">=1.5.0"
+
+    - name: terraform init
+      run: terraform init
+      working-directory: examples/${{ inputs.example }}
+      shell: bash
+
+    - name: terraform apply
+      run: terraform apply -auto-approve
+      working-directory: examples/${{ inputs.example }}
+      shell: bash
+
+    - name: terraform plan
+      id: plan
+      run: |
+        terraform plan -detailed-exitcode
+        echo PLANCODE="$?" >> "$GITHUB_OUTPUT"
+      continue-on-error: true
+      working-directory: examples/${{ inputs.example }}
+      shell: bash
+
+    - name: check idempotent
+      run: |
+        echo Error: terraform plan code is ${{ steps.plan.outputs.PLANCODE }}
+        exit 1
+      working-directory: examples/${{ inputs.example }}
+      shell: bash
+      if: steps.plan.outputs.PLANCODE != 0
+
+    - name: terraform destroy
+      run: terraform destroy -auto-approve
+      working-directory: examples/${{ inputs.example }}
+      shell: bash
+      if: always()

.github/actions/linting/action.yml

@@ -0,0 +1,36 @@
+author: AVM
+name: linting
+description: Tests the example supplied in the input. Needs checkout and Azure login prior.
+inputs:
+  github-token:
+    description: The GitHub token
+    required: true
+
+runs:
+  using: composite
+  steps:
+
+    - name: terraform fmt check
+      shell: bash
+      run: |
+        docker run --rm -v $(pwd):/src -w /src mcr.microsoft.com/azterraform make tffmtcheck
+
+    - name: terraform validate
+      shell: bash
+      run: |
+        docker run --rm -v $(pwd):/src -w /src mcr.microsoft.com/azterraform make tfvalidatecheck
+
+    - name: terrafmt check
+      shell: bash
+      run: |
+        docker run --rm -v $(pwd):/src -w /src mcr.microsoft.com/azterraform make terrafmtcheck
+
+    - name: tflint
+      shell: bash
+      run: |
+        docker run --rm -v $(pwd):/src -w /src mcr.microsoft.com/azterraform make tflint
+
+    - name: tfsec
+      shell: bash
+      run: |
+        echo "Bypass tfsec for now"