Merge pull request #51 from aztfmod/vnext

2007

.devcontainer/docker-compose.yml

@@ -1,29 +1,29 @@
-#-------------------------------------------------------------------------------------------------------------
-# Copyright (c) Microsoft Corporation. All rights reserved.
-# Licensed under the MIT License. See https://go.microsoft.com/fwlink/?linkid=2090316 for license information.
-#-------------------------------------------------------------------------------------------------------------
-
-  version: '3.7'
-  services:
-    rover:
-      image: aztfmod/rover:2005.1314
-
-      labels:
-        - "caf=Azure CAF"
-
-      volumes:
-        - ..:/tf/rover
-        - volume-caf-vscode:/home/vscode
-        - ~/.ssh:/tmp/.ssh-localhost:ro
-
-        - /var/run/docker.sock:/var/run/docker.sock 
-
-      # Overrides default command so things don't shut down after the process ends.
-      command: /bin/sh -c "while sleep 1000; do :; done" 
-
-  volumes:
-     volume-caf-vscode:
-      labels:
-        - "caf=Azure CAF"
-
-
+#-------------------------------------------------------------------------------------------------------------
+# Copyright (c) Microsoft Corporation. All rights reserved.
+# Licensed under the MIT License. See https://go.microsoft.com/fwlink/?linkid=2090316 for license information.
+#-------------------------------------------------------------------------------------------------------------
+
+  version: '3.7'
+  services:
+    rover:
+      image: aztfmod/roverdev:vnext
+
+      labels:
+        - "caf=Azure CAF"
+
+      volumes:
+        - ..:/tf/rover
+        - volume-caf-vscode:/home/vscode
+        - ~/.ssh:/tmp/.ssh-localhost:ro
+
+        - /var/run/docker.sock:/var/run/docker.sock 
+
+      # Overrides default command so things don't shut down after the process ends.
+      command: /bin/sh -c "while sleep 1000; do :; done" 
+
+  volumes:
+     volume-caf-vscode:
+      labels:
+        - "caf=Azure CAF"
+
+

.env

@@ -1,9 +1,11 @@
-versionTerraform=0.12.24
-versionAzureCli=2.3.1
+versionTerraform=0.12.28
+versionAzureCli=2.7.0
 versionKubectl=v1.18.2
 versionGit=2.25.0
-versionTflint=0.13.1
+versionTflint=v0.16.2
 versionJq=1.6
 versionDockerCompose=1.25.5
 versionLaunchpadOpensource=master
-versionAzureCafTerraform=v.0.3.1
+versionAzureCafTerraform=v.0.3.1
+versionTfsec=v0.21.0
+versionTerraformDocs=v0.9.1

.github/workflows/ci-branches.yml

@@ -4,6 +4,7 @@ on:
   push:
     branches-ignore:
       - master
+      - vnext
 
 env:
   ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
@@ -34,17 +35,15 @@ jobs:
     - name: Build the rover
       run: |        
         set -e
-        docker_tag=$(date +"%g%m.%d%H%M")
+        docker_tag=latest
         echo ::set-env name=docker_tag::${docker_tag}
 
         # Build the rover base image
         docker-compose build --build-arg versionRover="aztfmod/roverdev:$docker_tag"
 
         docker tag rover_rover aztfmod/roverdev:$docker_tag
-        docker tag rover_rover aztfmod/roverdev:latest
         
         docker push aztfmod/roverdev:$docker_tag
-        docker push aztfmod/roverdev:latest
   
     - name: Create Release
       id: create_release

.github/workflows/master.yml

@@ -1,7 +1,7 @@
 name: master
 
 on:
-  push:
+  pull_request:
     branches:
       - master
 

.github/workflows/vnext.yml

@@ -0,0 +1,77 @@
+name: vnext
+
+on:
+  pull_request:
+    branches:
+      - vnext
+  push:
+    branches:
+      - vnext
+
+env:
+  ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
+  ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}
+  ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
+  ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}
+  TF_VAR_azure_devops_pat_token: ${{ secrets.TF_VAR_azure_devops_pat_token }}
+  TF_VAR_azure_devops_url_organization: ${{ secrets.TF_VAR_azure_devops_url_organization }}
+
+
+jobs:
+  build:
+
+    name: Build roverdev
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v1
+    - name: Docker Hub Login
+      uses: Azure/docker-login@v1
+      with:
+        # Container registry username
+        username: aztfmod 
+        # Container registry password
+        password: ${{ secrets.docker_registry_password }}
+        # Container registry server url
+        login-server: https://index.docker.io/v1/
+    - name: Build the rover
+      run: |        
+        set -e
+        docker_tag=$(date +"%g%m.%d%H%M")
+        echo ::set-env name=docker_tag::${docker_tag}
+
+        # Build the rover base image
+        docker-compose build --build-arg versionRover="aztfmod/roverdev:$docker_tag"
+
+        docker tag rover_rover aztfmod/roverdev:$docker_tag
+        docker tag rover_rover aztfmod/roverdev:vnext
+
+        docker push aztfmod/roverdev:$docker_tag
+        docker push aztfmod/roverdev:vnext
+
+    - name: Build the rover (beta 0.13)
+      run: |        
+        set -e
+        docker_tag=vnext-13-beta2
+        
+        # Override .env variable
+        export versionTerraform="0.13.0-beta2"
+
+        # Build the rover base image
+        docker-compose build --build-arg versionRover="aztfmod/roverdev:$docker_tag"
+
+        docker tag rover_rover aztfmod/roverdev:$docker_tag
+
+        docker push aztfmod/roverdev:$docker_tag
+
+    - name: Create Release
+      id: create_release
+      uses: actions/create-release@latest
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token
+      with:
+        tag_name: ${{ env.docker_tag }}
+        release_name: aztfmod/roverdev:${{ env.docker_tag }}
+        draft: true
+        prerelease: false
+        body: You can also use the latest vnext by using aztfmod/roverdev:vnext

Dockerfile

@@ -32,18 +32,35 @@ RUN yum makecache fast && \
     yum -y update
 
 
+###########################################################
+# Getting latest version of terraform-docs
+###########################################################
+FROM golang:1.13 as terraform-docs
+
+ARG versionTerraformDocs
+ENV versionTerraformDocs=${versionTerraformDocs}
+
+RUN GO111MODULE="on" go get github.com/segmentio/terraform-docs@${versionTerraformDocs}
 
 ###########################################################
-# Getting latest version of Azure DevOps Terraform provider
+# Getting latest version of tfsec
 ###########################################################
-FROM golang:1.13 as devops
+FROM golang:1.13 as tfsec
 
 # to force the docker cache to invalidate when there is a new version
-ADD https://api.github.com/repos/microsoft/terraform-provider-azuredevops/git/refs/heads/master version.json
-RUN cd /tmp && \
-    git clone https://github.com/microsoft/terraform-provider-azuredevops.git && \
-    cd terraform-provider-azuredevops && \
-    ./scripts/build.sh
+RUN env GO111MODULE=on go get -u github.com/liamg/tfsec/cmd/tfsec
+
+# ###########################################################
+# # Getting latest version of Azure DevOps Terraform provider
+# ###########################################################
+# FROM golang:1.13 as devops
+
+# # to force the docker cache to invalidate when there is a new version
+# ADD https://api.github.com/repos/microsoft/terraform-provider-azuredevops/git/refs/heads/master version.json
+# RUN cd /tmp && \
+#     git clone https://github.com/microsoft/terraform-provider-azuredevops.git && \
+#     cd terraform-provider-azuredevops && \
+#     ./scripts/build.sh
 
 ###########################################################
 # Getting latest version of Azure CAF Terraform provider
@@ -60,6 +77,19 @@ RUN cd /tmp && \
     cd terraform-provider-azurecaf && \
     go build -o terraform-provider-azurecaf
 
+###########################################################
+# Getting latest version of yaegashi/terraform-provider-msgraph
+###########################################################
+FROM golang:1.13 as msgraph
+
+# to force the docker cache to invalidate when there is a new version
+ADD https://api.github.com/repos/aztfmod/terraform-provider-azurecaf/git/ref/heads/master version.json
+RUN cd /tmp && \
+    git clone https://github.com/yaegashi/terraform-provider-msgraph.git && \
+    cd terraform-provider-msgraph && \
+    go build -o terraform-provider-msgraph
+
+
 
 ###########################################################
 # CAF rover image
@@ -75,6 +105,7 @@ ARG versionGit
 ARG versionJq
 ARG versionDockerCompose
 ARG versionLaunchpadOpensource
+ARG versionTfsec
 
 ARG USERNAME=vscode
 ARG USER_UID=1000
@@ -88,6 +119,7 @@ ENV versionTerraform=${versionTerraform} \
     versionGit=${versionGit} \
     versionDockerCompose=${versionDockerCompose} \
     versionLaunchpadOpensource=${versionLaunchpadOpensource} \
+    versionTfsec=${versionTfsec} \
     TF_DATA_DIR="/home/${USERNAME}/.terraform.cache" \
     TF_PLUGIN_CACHE_DIR="/home/${USERNAME}/.terraform.cache/plugin-cache"
 
@@ -157,11 +189,22 @@ gpgkey=https://packages.microsoft.com/keys/microsoft.asc" > /etc/yum.repos.d/azu
     curl -L -o /usr/bin/jq https://github.com/stedolan/jq/releases/download/jq-${versionJq}/jq-linux64 && \
     chmod +x /usr/bin/jq && \
     #
+    # Install pre-commit
+    #
+    echo "Installing pre-commit ..." && \
+    python3 -m pip install pre-commit && \ 
+    #
+    # Install graphviz
+    #
     # echo "Installing graphviz ..." && \
     # yum -y install graphviz && \
-    # && echo "Installing tflint ..." \
-    # && curl -sSL -o /tmp/tflint.zip https://github.com/wata727/tflint/releases/download/v${versionTflint}/tflint_linux_amd64.zip \
-    # && unzip -d /usr/local/bin /tmp/tflint.zip \
+    #
+    # Install tflint
+    #
+    echo "Installing tflint ..." && \
+    curl -sSL -o /tmp/tflint.zip https://github.com/terraform-linters/tflint/releases/download/${versionTflint}/tflint_linux_amd64.zip && \
+    unzip -d /usr/bin /tmp/tflint.zip && \
+    chmod +x /usr/bin/tflint && \
     #
     # Clean-up
     rm -f /tmp/*.zip && rm -f /tmp/*.gz && \
@@ -187,8 +230,11 @@ RUN echo "cloning the launchpads version ${versionLaunchpadOpensource}" && \
     chmod +x /tf/bootstrap/*.sh
 
 # Add Community terraform providers
-COPY --from=devops /tmp/terraform-provider-azuredevops/bin /bin/
+# COPY --from=devops /tmp/terraform-provider-azuredevops/bin /bin/
 COPY --from=azurecaf /tmp/terraform-provider-azurecaf/terraform-provider-azurecaf /bin/
+COPY --from=msgraph /tmp/terraform-provider-msgraph/terraform-provider-msgraph /bin/
+COPY --from=tfsec /go/bin/tfsec /bin/
+COPY --from=terraform-docs /go/bin/terraform-docs /bin/
 
 WORKDIR /tf/rover
 COPY ./scripts/rover.sh .

README.md

@@ -2,18 +2,19 @@
 ![](https://github.com/aztfmod/rover/workflows/.github/workflows/ci-branches.yml/badge.svg)
 
 ## Introduction
-The **Azure CAF rover** is a Docker container in charge of the deployment of the landing zones in your Azure environment. It is acting as a **sandbox toolchain** development environment to avoid impacting the local machine but more importantly to make sure that all contributors in the GitOps teams are using a **consistent set of tools** and version. 
+
+The **Azure CAF rover** is a Docker container in charge of the deployment of the landing zones in your Azure environment. It is acting as a **sandbox toolchain** development environment to avoid impacting the local machine but more importantly to make sure that all contributors in the GitOps teams are using a **consistent set of tools** and version.
 
 The Azure CAF rover is the same container regarless you are using Windows, Linux or macOS. On the local GitOps machine you need to install Visual Studio Code. The Azure CAF rover is executed locally in a container.
 
 <img src="https://code.visualstudio.com/assets/docs/remote/containers/architecture-containers.png" width="75%">
 
 You can learn more about the Visual Studio Code Remote on this [link](https://code.visualstudio.com/docs/remote/remote-overview).
 
-
-
 ## Pre-requisites
+
 The Visual Studio Code system requirements describe the steps to follow to get your GitOps development environment ready -> [link](https://code.visualstudio.com/docs/remote/containers#_system-requirements)
+
 * **Windows**: Docker Desktop 2.0+ on Windows 10 Pro/Enterprise with Linux Container mode
 * **macOS**: Docker Desktop 2.0+
 * **Linux**: Docker CE/EE 18.06+ and Docker Compose 1.24+

docker-compose.yml

@@ -23,6 +23,8 @@ services:
         - versionLaunchpadOpensource
         - versionAzureCafTerraform
         - versionRover
+        - versionTfsec
+        - versionTerraformDocs
 
     volumes:
       - ..:/tf