fix: fix issues from refactor

Azure · Jan 20, 2025 · 665bc68 · 665bc68
1 parent db780d3
commit 665bc68
Show file tree

Hide file tree

Showing 12 changed files with 65 additions and 15 deletions.
diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
@@ -2,6 +2,5 @@
 * @Azure/terraform-azurerm-lz-vending-admins
 # Require admin approval for the following files:
 .github/CODEOWNERS @Azure/terraform-azurerm-lz-vending-admins
-.github/fabricbot.json @Azure/terraform-azurerm-lz-vending-admins
 .github/workflows/ @Azure/terraform-azurerm-lz-vending-admins
 Makefile @Azure/terraform-azurerm-lz-vending-admins
diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md
@@ -1,7 +1,7 @@
 ---
 name: "Feature request \U0001F680"
 about: Suggest an idea for this project
-title: 'feat:'
+title: 'feat: '
 assignees: ''
 ---
 <!--- Please keep this note for the community --->

diff --git a/docs/wiki/Upgrades.md b/docs/wiki/Upgrades.md
@@ -75,3 +75,48 @@ module "lz_vending" {
   }
 }
 ```
+
+## Upgrading from v4.x to v5.x
+
+###  Terraform version
+
+We now require a minimum of Terraform version 1.8.
+
+### Provider Versions
+
+We now require a minimum of AzureRM version 4.0 and AzAPI version 2.2.
+
+### Resource Groups
+
+We have removed the boolean input variable to create the network watcher resource group.
+Instead, use `var.resource_groups` to specify the resource groups to create.
+
+We have used the `moved {}` block to move the resource in state.
+If you previously deployed the network watcher resource group, please modify the value of `var.resource_groups` to include the existing resource group. The key ***must*** be `NetworkWatcherRG` You can use the following example:
+
+```hcl
+resource_groups = {
+  NetworkWatcherRG = {
+    name     = "NetworkWatcherRG"
+    location = "your-location"
+    tags     = {} # add tags here
+  }
+}
+```
+
+## Virtual WAN
+
+When joining virtual networks to a Virtual WAN hub, the behaviour with routing intent has changed.
+Previously the AzAPI provider allowed us to use `ignore_body_properties` to dynamically ignore parts of the resource body
+With AzAPI v2 this is no longer possible, so we have to use the `lifecycle` block to ignore changes.
+However, as ignore changes is not able to be user configurable, we have had to split the virtual hub connections into two separate resources.
+
+In order to avoid destroying and re-creating the virtual hub connections, you will have to use the `moved {}` block to move the resource in state.
+We are unable to do this for you because we do not know the specific instances of the resources that require moving.
+
+```hcl
+moved {
+  from = module.<YOUR_MODULE_ALIAS>.module.virtualnetwork.azapi_resource.vhubconnection["instance_name"]
+  to   = module.<YOUR_MODULE_ALIAS>.module.virtualnetwork.azapi_resource.vhubconnection_routing_intent["instance_name"]
+}
+```
diff --git a/locals.tf b/locals.tf
@@ -28,5 +28,5 @@ locals {
 
   # resource_group_ids is a map of resource groups created, if the module has been enabled.
   # This is used in the outputs.tf file to return the resource group ids.
-  virtual_network_resource_group_ids = var.virtual_network_enabled ? module.virtualnetwork[0].resource_group_ids : {}
+  virtual_network_resource_group_ids = var.virtual_network_enabled ? module.virtualnetwork[0].resource_group_resource_ids : {}
 }
diff --git a/main.budget.tf b/main.budget.tf
@@ -3,7 +3,6 @@
 module "budget" {
   source = "./modules/budget"
   depends_on = [
-    module.resourcegroup_networkwatcherrg,
     module.resourcegroup,
     module.subscription,
     module.usermanagedidentity,

diff --git a/main.resourcegroup.tf b/main.resourcegroup.tf
@@ -8,9 +8,15 @@ module "resourcegroup" {
   tags                = each.value.tags
 }
 
-# v3.3.0 introuced networkwatcherrg support,
+# v3.3.0 introduced networkwatcherrg support,
 # this was then moved into a more general resourcegroups module in later versions
 moved {
   from = module.networkwatcherrg[0].azapi_resource.network_watcher_rg
   to   = module.resourcegroup_networkwatcherrg[0].azapi_resource.rg
 }
+
+# v5.0.0 consolidated the resource groups into a single module call
+moved {
+  from = module.resourcegroup_networkwatcherrg[0].azapi_resource.rg
+  to   = module.resourcegroup["NetworkWatcherRG"].azapi_resource.rg
+}
diff --git a/main.resourceproviders.tf b/main.resourceproviders.tf
@@ -7,7 +7,6 @@ module "resourceproviders" {
 
   depends_on = [
     module.resourcegroup,
-    module.resourcegroup_networkwatcherrg,
     module.roleassignment,
     module.roleassignment_umi,
     module.subscription,

diff --git a/main.roleassignment.tf b/main.roleassignment.tf
@@ -3,7 +3,6 @@
 module "roleassignment" {
   source = "./modules/roleassignment"
   depends_on = [
-    module.resourcegroup_networkwatcherrg,
     module.resourcegroup,
     module.subscription,
     module.usermanagedidentity,
@@ -22,7 +21,6 @@ module "roleassignment" {
 module "roleassignment_umi" {
   source = "./modules/roleassignment"
   depends_on = [
-    module.resourcegroup_networkwatcherrg,
     module.resourcegroup,
     module.subscription,
     module.usermanagedidentity,

diff --git a/main.routetable.tf b/main.routetable.tf
@@ -1,12 +1,17 @@
 # route table submodule, disabled by default
 # Will create a route table, and optionally routes
 module "routetable" {
-  for_each        = var.route_tables
+  for_each        = var.route_table_enabled ? var.route_tables : {}
   source          = "./modules/routetable"
-  count           = var.route_table_enabled ? 1 : 0
   subscription_id = local.subscription_id
 
-  route_tables = var.route_tables
+  resource_group_name           = each.value.resource_group_name
+  bgp_route_propagation_enabled = each.value.bgp_route_propagation_enabled
+  name                          = each.value.name
+  location                      = each.value.location
+  routes                        = each.value.routes
+  tags                          = each.value.tags
+
   depends_on = [
     module.resourcegroup,
   ]

diff --git a/main.virtualnetwork.tf b/main.virtualnetwork.tf
@@ -8,7 +8,6 @@ module "virtualnetwork" {
   location         = var.location
 
   depends_on = [
-    module.resourcegroup_networkwatcherrg,
     module.resourcegroup
   ]
 }
diff --git a/modules/budget/outputs.tf b/modules/budget/outputs.tf
@@ -1,4 +1,4 @@
 output "budget_resource_id" {
   description = "The Azure resource id of the created budget."
-  value       = azurerm_consumption_budget.this.id
+  value       = azapi_resource.budget.id
 }
diff --git a/variables.routetable.tf b/variables.routetable.tf
@@ -9,7 +9,7 @@ variable "route_tables" {
     name                          = string
     location                      = string
     resource_group_name           = string
-    disable_bgp_route_propagation = optional(bool, false)
+    bgp_route_propagation_enabled = optional(bool, true)
     tags                          = optional(map(string))
 
     routes = optional(map(object({
@@ -24,7 +24,7 @@ A map defining route tables and their associated routes to be created.
   - `name` (required): The name of the route table.
   - `location` (required): The location of the resource group.
   - `resource_group_name` (required): The name of the resource group.
-  - `disable_bgp_route_propagation` (optional): Boolean that controls whether routes learned by BGP are propagated to the route table.
+  - `bgp_route_propagation_enabled` (optional): Boolean that controls whether routes learned by BGP are propagated to the route table. Default is `true`.
   - `tags` (optional): A map of key-value pairs for tags associated with the route table.
   - `routes` (optional): A map defining routes for the route table. Each route object has the following properties:
       - `name` (required): The name of the route.