Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

New Resource azurerm_static_site #7150

Merged
merged 9 commits into from
May 19, 2021
Merged

Conversation

aristosvo
Copy link
Collaborator

@aristosvo aristosvo commented May 31, 2020

Fixes #7029

TerraForm Spec

resource "azurerm_static_site" "example" {
  name = "example"
  resource_group_name = "rg"
  location = "West Europe"
  
  github_configuration {
    repo_url          = "https://github.com/aristosvo/azure-static-web-app"
    branch            = "master"
    repo_token        = "xxxxxxxx"

    app_location      = "/"
    api_location      = "/api"
    artifact_location = "dist/angular-basic"
  }
}

Acceptance Tests

--- PASS: TestAccAzureRMStaticSite_basic (168.77s)
--- PASS: TestAccAzureRMStaticSite_requiresImport (171.88s)

@ghost ghost added the size/L label May 31, 2020
@ghost ghost added size/XL and removed size/L labels May 31, 2020
@ghost ghost added the documentation label May 31, 2020
@aristosvo aristosvo force-pushed the static-web-apps branch 3 times, most recently from a1ff335 to 71c1b1b Compare May 31, 2020 23:52
@aristosvo aristosvo changed the title [WIP] New Resource azurerm_static_site New Resource azurerm_static_site May 31, 2020
@aristosvo aristosvo marked this pull request as ready for review May 31, 2020 23:54
@aristosvo
Copy link
Collaborator Author

Implementation of the initial version is done, but to acctest this properly we would need the binary test functionality to generate the GitHub repo.

Copy link
Member

@jackofallops jackofallops left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @aristosvo
Thanks for this PR for this new Preview Resource.
It's looking pretty good, and I've left some comments in line below. The key point is that I think the resource can be simplified somewhat by flattening the schema and moving the github_configuration contents to the top level.

We could also do with additional acceptance tests on the resource, in particular an update test, but any other additional appropriate coverage is welcome.

Just to set expectations appropriately...
There is something of a blocking issue on this resource for us. As you probably noticed, every create/destroy cycle leaves behind a GH Action in the branch used with a "pet" name for the deploy, and every one of them is executed every time a commit is made to that branch (or PR to it). In our testing environment this would result in many GH build/deploy actions firing (and failing, and sending emails) after relatively few testing cycles. (to see what I mean, take a look at the actions tab your repo from the tests). I'm going to try to reach out to the service team on this to find out the intent / future of this. Until that blocker is resolved in some way, we'll not be able to merge this.

azurerm/internal/services/web/resource_arm_static_site.go Outdated Show resolved Hide resolved
azurerm/internal/services/web/resource_arm_static_site.go Outdated Show resolved Hide resolved
Comment on lines 114 to 115
nameSku := "Free"
tierSku := "Free"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These should probably be an Optional schema item, with a default of Free. Whilst this service is in early preview only Free is selectable in the portal, however, other the API information suggest that other values are possible (or going to be).

tierSku := "Free"
staticSiteSkuDescription := &web.SkuDescription{Name: &nameSku, Tier: &tierSku}

staticSiteType := "Microsoft.Web/staticSites"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You shouldn't need to set this, it is usually set by the service.


siteEnvelope := web.StaticSiteARMResource{
Sku: staticSiteSkuDescription,
Type: &staticSiteType,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

as noted above

Suggested change
Type: &staticSiteType,

if err != nil {
return fmt.Errorf("Error retrieving Static Site %q (Resource Group %q): %s", name, resGroup, err)
}
if read.ID == nil {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should also check if the ID field is empty here

Suggested change
if read.ID == nil {
if read.ID == nil || read.ID == "" {

Comment on lines 56 to 79
"repo_token": {
Type: schema.TypeString,
Required: true,
Sensitive: true,
},
"repo_url": {
Type: schema.TypeString,
Required: true,
},
"branch": {
Type: schema.TypeString,
Required: true,
},
"app_location": {
Type: schema.TypeString,
Required: true,
},
"api_location": {
Type: schema.TypeString,
Optional: true,
},
"artifact_location": {
Type: schema.TypeString,
Optional: true,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Are there any sensible validation steps that can be taken for these items to catch problems at plan stage and prevent issues elsewhere?

"github_configuration": {
Type: schema.TypeList,
Required: true,
Elem: &schema.Resource{
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I believe this resource could be made more simple by moving these items to the top level, rather than having a separate block.
(If there's a reason you feel it should be a block, I think this should have MaxItems: 1)

)

func skipStaticSite() bool {
return os.Getenv("ARM_TEST_GITHUB_TOKEN") == ""
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This should probably have a TF prefix, rather than ARM as these are for configuring the client itself, rather than test flags.

Suggested change
return os.Getenv("ARM_TEST_GITHUB_TOKEN") == ""
return os.Getenv("TF_ACCTEST_GITHUB_TOKEN") == ""

Name string
}

func StaticSiteID(input string) (*StaticSiteResourceID, error) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could we have a test for this function as for other ID type elsewhere in the provider?

@jackofallops jackofallops added this to the Blocked milestone Jun 8, 2020
@jackofallops
Copy link
Member

Hi @aristosvo
I hope you don't mind, I needed to check if this service had been unblocked for us, so I quickly completed the refactor / rework you started to a testable point and fixed the merge conflicts. Sadly we're still not going to be able to unblock this due to the GH actions behaviours being incompatible with the service being managed by terraform. I've reached out to my contacts at Microsoft to see if there's a route forward for this. Any meaningful updates I get I'll post here.

@tombuildsstuff tombuildsstuff added the upstream/microsoft Indicates that there's an upstream issue blocking this issue/PR label Jul 10, 2020
@payamazadi
Copy link

payamazadi commented Oct 4, 2020

would be really excited to see this come through, any updates please @jackofallops ?

meanwhile could you or @aristosvo could you provide any quick documentation on how to include this as a patch for individuals who want to use it? maybe it doesnt make sense for the core/master right now but it doesn't mean other folks couldn't take advantage of it..

@Oceanswave
Copy link

Oceanswave commented Nov 1, 2020

Hi @aristosvo
I hope you don't mind, I needed to check if this service had been unblocked for us, so I quickly completed the refactor / rework you started to a testable point and fixed the merge conflicts. Sadly we're still not going to be able to unblock this due to the GH actions behaviours being incompatible with the service being managed by terraform. I've reached out to my contacts at Microsoft to see if there's a route forward for this. Any meaningful updates I get I'll post here.

Without any meaningful updates in a while, I'm wondering if there is an alterative path forward - since

  1. This is 'mostly' a blocker only for terraform resource test code due to the static web app resource creation having a side effect of creating a GH Action
  2. The Github Action that gets created by the static web app creation is represented by a .yml file with the associated repository
  3. The Github repo, branch and token is included as part of the configuration

could the test be modified so that it includes test tear down behaviour to reach out to the defined GH repo/branch/token and remove the .github/workflows/azure-static-web-apps-{{ d.Id() }}.yml file - implementation might look similar to this

@jackofallops
Copy link
Member

Hi @Oceanswave
Thanks for the comment and the suggestion. It's an approach we have already considered, but involves vendoring a large dependency for the sake of removing a single file from a repository.
The nightly/regular testing aspect is indeed part of our blocker for proceeding, this makes a lot of noise quite quickly, but this will also translate to similar issue for users employing this resource for non-production type environments (dev / staging / test / other). We're looking at options, but waiting on a few answers from the service team. Ultimately, this is still a preview, so could be subject to significant implementation change right up to GA. It may be that after the answers, we go ahead an include it as is, which some warning(s) around this behaviour and some examples/suggestions of how to stop it getting out of hand (since we'd need to employ this for the acceptance tests also).
fwiw - we're chasing this at every opportunity, as we'd like it in too.

@payamazadi
Copy link

thanks @jackofallops . Any updates?

Meanwhile, I managed to get this patched into my local version of Terraform and it works flawlessly. This was a big service to the community @aristosvo and is much appreciated!

@mpetuska
Copy link

@payamazadi, could you please briefly outline how you've managed to patch this in locally?

@magodo
Copy link
Collaborator

magodo commented Mar 5, 2021

Is that possible to ask the service team provide an option to not create the workflow for users, rather return the content of the yaml file and the secret in the creation response. Then users can use the github_repository_file to manage that workflow file, and use github_actions_secret to manage the secret.

This way we do not need to involve the dependency on github related packages, and since we recently opt in the binary testing framework, it should also works for acctest.

@jackofallops WDYT?

@magodo
Copy link
Collaborator

magodo commented Mar 16, 2021

@jackofallops and @aristosvo I've pushed two commits to this PR.

One is to remove the repo-related properties from static site resource (to avoid service manipulate the repo) and adding some comptued properties (to allow users to add the api key and workflow to the repo by their own).
The other one is to merge with the master branch, changing the test style a bit.

I've passed the acctest locally:

💢 TF_ACC=1 go test -v -timeout=180m -run=TestAccAzureStaticSite_ ./...
2021/03/16 14:46:00 [DEBUG] not using binary driver name, it's no longer needed
2021/03/16 14:46:00 [DEBUG] not using binary driver name, it's no longer needed
=== RUN   TestAccAzureStaticSite_basic
=== PAUSE TestAccAzureStaticSite_basic
=== RUN   TestAccAzureStaticSite_requiresImport
=== PAUSE TestAccAzureStaticSite_requiresImport
=== CONT  TestAccAzureStaticSite_basic
=== CONT  TestAccAzureStaticSite_requiresImport
--- PASS: TestAccAzureStaticSite_basic (221.86s)
--- PASS: TestAccAzureStaticSite_requiresImport (240.79s)

@jackofallops Please take another look, thank you!

@tombuildsstuff
Copy link
Contributor

@magodo without the ability to connect this resource to a repository, the provisioned Static Site will be non-functional (e.g. no site will be deployed, which is the point of this service) - so this still appears to need service changes to be usable, or is there some other automated way of connecting the repo?

@magodo
Copy link
Collaborator

magodo commented Mar 16, 2021

@tombuildsstuff You can use the github terraform provider to do that, like this: https://gist.github.com/magodo/287009b96ebfa6b8c173e62d6907fa0f.
Note that you'd need to ensure the github access token has the workflow permission, as it will be used to create a workflow file in that repo.
After above resources are provisioned, the github action will be triggered, which will in turn notify the static site to pull the repo and do the deployment.

@aristosvo
Copy link
Collaborator Author

aristosvo commented Mar 16, 2021

Looks good within current limitations from my point of view! I'd probably add your example code to the documentation to have clear instructions how to use this resource, as without the GitHub configuration functionality is indeed limited.

Just thinking out loud, but maybe we'd even go as far as adding that scenario as an acceptance test? 😇 Binary testing is awesome 🤩

@magodo
Copy link
Collaborator

magodo commented Mar 17, 2021

@aristosvo Good point! The reason why I didn't add my example to the document is because currently there is a bug in the github provider, which will cause the provider panic on file creation. Anyway, I've added an example for this.

@scuderig
Copy link

Any update on this? The service has been announced as GA but we still haven’t got a way to provision using IaC..

@dirien
Copy link

dirien commented May 13, 2021

@scuderig, asking the same question. Looking forward to use this via TF too.

@jackofallops jackofallops modified the milestones: Blocked, v2.60.0 May 14, 2021
Copy link
Collaborator

@katbyte katbyte left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Aside from one comment looks good to me 👍

azurerm/internal/services/web/static_site_resource.go Outdated Show resolved Hide resolved
@katbyte katbyte merged commit a002d67 into hashicorp:master May 19, 2021
katbyte added a commit that referenced this pull request May 19, 2021
@ghost
Copy link

ghost commented May 21, 2021

This has been released in version 2.60.0 of the provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. As an example:

provider "azurerm" {
    version = "~> 2.60.0"
}
# ... other configuration ...

favoretti pushed a commit to gro1m/terraform-provider-azurerm that referenced this pull request May 26, 2021
Co-authored-by: jackofallops <[email protected]>
Co-authored-by: magodo <[email protected]>
Co-authored-by: kt <[email protected]>
Fixes hashicorp#7029
favoretti pushed a commit to gro1m/terraform-provider-azurerm that referenced this pull request May 26, 2021
@github-actions
Copy link

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active contributions.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Jun 20, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
documentation new-resource preview service/app-service size/XL upstream/microsoft Indicates that there's an upstream issue blocking this issue/PR
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Azure Static Web App support
10 participants