Azure virtual network terraform module DEVOPS-294

.github/workflows/create-release.yaml

@@ -0,0 +1,34 @@
+name: create release
+
+on:
+  pull_request:
+    types:
+    - closed
+    branches:
+    - main
+
+run-name: create release from pr number ${{ github.event.number }}
+jobs:
+  create-release:
+    runs-on: ubuntu-latest
+
+    steps:
+
+    - name: Token generator
+      uses: githubofkrishnadhas/github-access-using-githubapp@v2
+      id: token-generation
+      with:
+        github_app_id: ${{ secrets.TOKEN_GENERATOR_APPID }}
+        github_app_private_key: ${{ secrets.TOKEN_GENERATOR_PRIVATE_KEY }}
+
+    - name: Checkout Repository
+      uses: actions/checkout@v4
+      with:
+        token: ${{ steps.token-generation.outputs.token }}
+
+    - name: create-release
+      uses: devwithkrishna/[email protected]
+      with:
+        token: ${{ steps.token-generation.outputs.token }}
+        pr_number: ${{ github.event.number }}
+        generate_release_notes: true

.github/workflows/terraform-docs.yml

@@ -0,0 +1,47 @@
+name: generate-terraform-docs
+on:
+  workflow_dispatch:
+  pull_request:
+    types:
+    - closed
+    branches:
+    - main
+  push:
+    branches:
+    - main
+
+permissions:
+  contents: write
+
+jobs:
+  generate-terraform-docs:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: configure terraform-docs
+      run: |
+        curl -sSLo ./terraform-docs.tar.gz https://terraform-docs.io/dl/v0.18.0/terraform-docs-v0.18.0-$(uname)-amd64.tar.gz
+        tar -xzf terraform-docs.tar.gz
+        chmod +x terraform-docs
+        sudo mv terraform-docs /usr/bin/terraform-docs
+        rm -rf terraform-docs.tar.gz
+        terraform-docs -v
+
+    - name: generate terraform docs
+      run: |
+        terraform-docs markdown table -c .terraform-docs.yml --output-file README.md --output-mode inject .
+
+    - name: checks
+      run: |
+        ls -la
+        git status
+        rm README.md
+
+    - name: Commit and Push Changes
+      run: |
+        git config user.name 'terraform-doc-bot'
+        git config user.email '[email protected]'
+        git add .
+        git commit -m "Update documentation"
+        git push

.gitignore

@@ -34,4 +34,4 @@ override.tf.json
 
 # Ignore CLI configuration files
 .terraformrc
-terraform.rc
+*.hcl

.terraform-docs.yml

@@ -0,0 +1,70 @@
+formatter: "markdown table" # this is required
+version: "0.18"
+header-from: main.tf
+footer-from: ""
+recursive:
+  enabled: false
+  path: "."
+
+recursive-include-main: false
+# enabled: false
+sections:
+  hide: []
+  show: []
+  hide-all: false # deprecated in v0.13.0, removed in v0.15.0
+  show-all: true # deprecated in v0.13.0, removed in v0.15.0
+content: |-
+  {{ .Requirements }}
+  ## Usage
+  Basic usage of this module is as follows:
+    ```hcl
+      module "example" {
+        {{"\t"}} source  = "<module-path>"
+    {{- if .Module.RequiredInputs }}
+        {{"\n\t"}} # Required variables
+        {{- range .Module.RequiredInputs }}
+        {{"\t"}} {{ .Name }}  = {{ .GetValue }}
+        {{- end }}
+        {{- end }}
+    {{- if .Module.OptionalInputs }}
+        {{"\n\t"}} # Optional variables
+        {{- range .Module.OptionalInputs }}
+        {{"\t"}} {{ .Name }}  = {{ .GetValue | printf "%s" }}
+        {{- end }}
+        {{- end }}
+      }
+    ```
+
+  {{ .Resources }}
+
+  {{ .Inputs }}
+
+  {{ .Outputs }}
+output:
+  file: README.md
+  mode: inject
+  template: |-
+    <!-- BEGIN_AUTOMATED_TF_DOCS_BLOCK -->
+    {{ .Content }}
+    <!-- END_AUTOMATED_TF_DOCS_BLOCK -->
+output-values:
+  enabled: false
+  from: ""
+sort:
+  enabled: true
+  by: name
+settings:
+  anchor: true
+  color: true
+  default: false
+  description: true
+  escape: false
+  hide-empty: false
+  html: false
+  indent: 2
+  lockfile: true
+  read-comments: true
+  required: true
+  sensitive: true
+  type: true
+  pretty: true

README.md

@@ -1,2 +1,75 @@
-# azure-virtual-network-terraform-module
-Templated azure virtual network module
+# AZURE VIRTUAL NETWORK TERRAFORM MODULE
+
+Azure Virtual Network (VNet) is a foundational service in Microsoft Azure that enables secure communication between Azure resources, on-premises networks, and the internet. It provides isolation, segmentation, and control over network traffic, allowing you to define subnets, routing rules, and network security policies.
+
+A Terraform module for Azure VNet simplifies the provisioning and management of VNets by encapsulating reusable configurations. It allows you to define parameters like resource group, location, CIDR blocks, and subnets, enabling consistent and efficient deployment of network infrastructure across environments.
+
+<!-- BEGIN_AUTOMATED_TF_DOCS_BLOCK -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_terraform"></a> [terraform](#requirement_terraform) | ~> 1.3 |
+| <a name="requirement_azurerm"></a> [azurerm](#requirement_azurerm) | <= 4.0 |
+| <a name="requirement_random"></a> [random](#requirement_random) | >= 3.1 |
+## Usage
+Basic usage of this module is as follows:
+  ```hcl
+    module "example" {
+      	 source  = "<module-path>"
+      
+	 # Optional variables
+      	 application_name  = "devwithkrishna"
+      	 environment  = "DEV"
+      	 location  = "southindia"
+      	 resource_group_name  = "test1"
+      	 subnet_cidrs  = [
+  "10.247.0.0/25"
+]
+      	 temporary  = "TRUE"
+      	 vnet_address_space  = [
+  "10.247.0.0/25"
+]
+      	 vnet_name  = "test1"
+    }
+  ```
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_network_security_group.nsg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_group) | resource |
+| [azurerm_network_security_rule.port22](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_rule) | resource |
+| [azurerm_network_security_rule.port4243](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_rule) | resource |
+| [azurerm_network_security_rule.port80](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_rule) | resource |
+| [azurerm_network_security_rule.port8080](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_rule) | resource |
+| [azurerm_resource_group.rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
+| [azurerm_subnet.subnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet) | resource |
+| [azurerm_subnet_network_security_group_association.subnet2nsg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet_network_security_group_association) | resource |
+| [azurerm_virtual_network.vnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_network) | resource |
+| [azurerm_subscription.current](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/subscription) | data source |
+
+## Inputs
+
+| Name | Description | Type | Required |
+|------|-------------|------|:--------:|
+| <a name="input_application_name"></a> [application_name](#input_application_name) | Azure application name tag | `string` | no |
+| <a name="input_environment"></a> [environment](#input_environment) | Environment tag value in Azure | `string` | no |
+| <a name="input_location"></a> [location](#input_location) | Azure location | `string` | no |
+| <a name="input_resource_group_name"></a> [resource_group_name](#input_resource_group_name) | Azure Vnet resource group name | `string` | no |
+| <a name="input_subnet_cidrs"></a> [subnet_cidrs](#input_subnet_cidrs) | Azure Subnet Ip addresses | `list(string)` | no |
+| <a name="input_temporary"></a> [temporary](#input_temporary) | Temporary tag value in Azure | `string` | no |
+| <a name="input_vnet_address_space"></a> [vnet_address_space](#input_vnet_address_space) | Azure VNET address space | `list(string)` | no |
+| <a name="input_vnet_name"></a> [vnet_name](#input_vnet_name) | Azure Vnet name | `string` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_current_subscription_display_name"></a> [current_subscription_display_name](#output_current_subscription_display_name) | Subscription name |
+| <a name="output_current_subscription_id"></a> [current_subscription_id](#output_current_subscription_id) | Subscription id |
+| <a name="output_vnet_address_range"></a> [vnet_address_range](#output_vnet_address_range) | Azure Vnet address range |
+| <a name="output_vnet_location"></a> [vnet_location](#output_vnet_location) | Azure Location |
+| <a name="output_vnet_name"></a> [vnet_name](#output_vnet_name) | Azure Virtual network name |
+| <a name="output_vnet_resource_group_name"></a> [vnet_resource_group_name](#output_vnet_resource_group_name) | Azure resource group name |
+<!-- END_AUTOMATED_TF_DOCS_BLOCK -->

data.tf

@@ -0,0 +1,2 @@
+data "azurerm_subscription" "current" {
+}

nsg.tf

@@ -0,0 +1,67 @@
+# Inbound rules
+resource "azurerm_network_security_rule" "port80" {
+  name                        = "AllowHttpOn80"
+  description                 = "port 80 open for HTTP traffic"
+  priority                    = 150
+  direction                   = "Inbound"
+  access                      = "Allow"
+  protocol                    = "Tcp"
+  source_port_range           = "*"
+  destination_port_range      = "80"
+  source_address_prefix       = "Internet"
+  destination_address_prefix  = "VirtualNetwork"
+  resource_group_name         = azurerm_resource_group.rg.name
+  network_security_group_name = azurerm_network_security_group.nsg.name
+}
+
+resource "azurerm_network_security_rule" "port22" {
+  name                        = "AllowSSHOn22"
+  priority                    = 160
+  description                 = "Ssh on port 22"
+  direction                   = "Inbound"
+  access                      = "Allow"
+  protocol                    = "Tcp"
+  source_port_range           = "*"
+  destination_port_range      = "22"
+  source_address_prefix       = "*"
+  destination_address_prefix  = "VirtualNetwork"
+  resource_group_name         = azurerm_resource_group.rg.name
+  network_security_group_name = azurerm_network_security_group.nsg.name
+  depends_on                  = [azurerm_network_security_rule.port80]
+}
+
+resource "azurerm_network_security_rule" "port8080" {
+  name                        = "AllowAnyCustom8080Inbound"
+  priority                    = 170
+  description                 = "port 8080 opened for jenkins deployment as a docker container"
+  direction                   = "Inbound"
+  access                      = "Allow"
+  protocol                    = "*"
+  source_port_range           = "*"
+  destination_port_range      = "8080"
+  source_address_prefix       = "*"
+  destination_address_prefix  = "VirtualNetwork"
+  resource_group_name         = azurerm_resource_group.rg.name
+  network_security_group_name = azurerm_network_security_group.nsg.name
+  depends_on = [azurerm_network_security_rule.port22,
+    azurerm_network_security_rule.port80
+  ]
+}
+
+resource "azurerm_network_security_rule" "port4243" {
+  name                        = "AllowAnyCustom4243Inbound"
+  priority                    = 180
+  description                 = "TCP connection jenkins + docker set"
+  direction                   = "Inbound"
+  access                      = "Allow"
+  protocol                    = "Tcp"
+  source_port_range           = "*"
+  destination_port_range      = "4243"
+  source_address_prefix       = "*"
+  destination_address_prefix  = "VirtualNetwork"
+  resource_group_name         = azurerm_resource_group.rg.name
+  network_security_group_name = azurerm_network_security_group.nsg.name
+  depends_on = [azurerm_network_security_rule.port22,
+    azurerm_network_security_rule.port80, azurerm_network_security_rule.port8080
+  ]
+}

outputs.tf

@@ -0,0 +1,34 @@
+output "vnet_resource_group_name" {
+  value       = azurerm_resource_group.rg.name
+  description = "Azure resource group name"
+}
+
+output "vnet_location" {
+  description = "Azure Location"
+  value       = azurerm_resource_group.rg.location
+}
+
+output "vnet_environment" {
+  description = "Azure Vnet environment tag value"
+  value       = azurerm_virtual_network.vnet.tags.environment
+}
+
+output "vnet_name" {
+  description = "Azure Virtual network name"
+  value       = azurerm_virtual_network.vnet.name
+}
+
+output "vnet_address_range" {
+  description = "Azure Vnet address range"
+  value       = azurerm_virtual_network.vnet.address_space
+}
+
+output "current_subscription_display_name" {
+  description = "Subscription name"
+  value       = data.azurerm_subscription.current.display_name
+}
+
+output "current_subscription_id" {
+  description = "Subscription id"
+  value       = data.azurerm_subscription.current.id
+}

providers.tf

@@ -0,0 +1,16 @@
+terraform {
+  required_version = "~> 1.3"
+  required_providers {
+    azurerm = {
+      source  = "hashicorp/azurerm"
+      version = "<= 4.0"
+    }
+    random = {
+      source  = "hashicorp/random"
+      version = ">= 3.1"
+    }
+  }
+}
+provider "azurerm" {
+  features {}
+}