Fix/pre commit

.github/CODEOWNERS

@@ -1,6 +1,2 @@
-.github/*     @clouddrove/approvers
-
-*     @clouddrove/clouddrovians @clouddrove/approvers
-
-.github/mergify.yml @clouddrove/admins
-.github/CODEOWNERS  @clouddrove/admins
+# These owners will be the default owners for everything in the repo.
+*    @anmolnagpal @clouddrove-ci @clouddrove/terraform-azure-admins

.github/workflows/automerge.yml

@@ -8,5 +8,5 @@ jobs:
     secrets:
       GITHUB: ${{ secrets.GITHUB }}
     with:
-      tfcheck: 'basic-example / Check code format'
+      tfcheck: 'complete-example / Check code format'
 ...

.pre-commit-config.yaml

@@ -1,21 +1,38 @@
-repos:
 
-  - repo: https://github.com/gruntwork-io/pre-commit
-    rev: v0.1.12 # Get the latest from: https://github.com/gruntwork-io/pre-commit/releases
+repos:
+  - repo: https://github.com/antonbabenko/pre-commit-terraform
+    rev: v1.96.1
     hooks:
-      - id: terraform-fmt
-      - id: shellcheck
-      - id: tflint
-
-  - repo: git://github.com/pre-commit/pre-commit-hooks
-    rev: v4.0.1 # Use the ref you want to point at
+      - id: terraform_fmt
+        entry: hooks/terraform_fmt.sh
+        language: system  # Changed from 'script' to 'system'
+      #- id: terraform_validate
+      - id: terraform_docs
+        entry: hooks/terraform_docs.sh
+        language: system
+        additional_dependencies: ['terraform-docs/terraform-docs']
+        args:
+          - '--args=--lockfile=false'
+      - id: terraform_tflint
+        language: system
+        require_serial: true
+        entry: hooks/terraform_tflint.sh
+        additional_dependencies: ['terraform-linters/tflint']
+        args:
+          - '--args=--only=terraform_deprecated_interpolation'
+          - '--args=--only=terraform_deprecated_index'
+          - '--args=--only=terraform_unused_declarations'
+          - '--args=--only=terraform_comment_syntax'
+          - '--args=--only=terraform_documented_outputs'
+          - '--args=--only=terraform_documented_variables'
+          - '--args=--only=terraform_typed_variables'
+          - '--args=--only=terraform_module_pinned_source'
+          # - '--args=--only=terraform_naming_convention'
+          - '--args=--only=terraform_required_version'
+          - '--args=--only=terraform_required_providers'
+          - '--args=--only=terraform_standard_module_structure'
+          - '--args=--only=terraform_workspace_remote'
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v5.0.0
     hooks:
-      - id: end-of-file-fixer
-      - id: trailing-whitespace
-      - id: mixed-line-ending
-      - id: check-byte-order-marker
-      - id: check-executables-have-shebangs
       - id: check-merge-conflict
-      - id: debug-statements
-      - id: check-yaml
-      - id: check-added-large-files

examples/basic/example.tf

@@ -1,14 +1,12 @@
 provider "azurerm" {
   features {}
-  subscription_id            = "01111111111110-11-11-11-11"
-  skip_provider_registration = "true"
+  subscription_id = "000001-11111-1223-XXX-XXXXXXXXXXXX"
 }
 
 provider "azurerm" {
   features {}
-  alias                      = "peer"
-  subscription_id            = "01111111111110-11-11-11-11"
-  skip_provider_registration = "true"
+  alias           = "peer"
+  subscription_id = "000001-11111-1223-XXX-XXXXXXXXXXXX"
 }
 
 locals {

examples/basic/versions.tf

@@ -7,7 +7,7 @@ terraform {
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = "3.112.0"
+      version = ">=4.0.0"
     }
   }
 }

examples/complete/example.tf

@@ -1,14 +1,12 @@
 provider "azurerm" {
   features {}
-  subscription_id            = "01111111111110-11-11-11-11"
-  skip_provider_registration = "true"
+  subscription_id = "000001-11111-1223-XXX-XXXXXXXXXXXX"
 }
 
 provider "azurerm" {
   features {}
-  alias                      = "peer"
-  subscription_id            = "01111111111110-11-11-11-11"
-  skip_provider_registration = "true"
+  alias           = "peer"
+  subscription_id = "000001-11111-1223-XXX-XXXXXXXXXXXX"
 }
 
 
@@ -78,11 +76,12 @@ module "subnet" {
 ##-----------------------------------------------------------------------------
 module "log-analytics" {
   source                           = "clouddrove/log-analytics/azure"
-  version                          = "1.0.1"
+  version                          = "1.1.0"
   name                             = local.name
   environment                      = local.environment
   create_log_analytics_workspace   = true
   log_analytics_workspace_sku      = "PerGB2018"
+  log_analytics_workspace_id       = module.log-analytics.workspace_id
   resource_group_name              = module.resource_group.resource_group_name
   log_analytics_workspace_location = module.resource_group.resource_group_location
 }

examples/complete/versions.tf

@@ -7,7 +7,7 @@ terraform {
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = "3.112.0"
+      version = ">=4.0.0"
     }
   }
 }

examples/with_existing_dns_zone_in_diff_rg/example.tf

@@ -1,14 +1,12 @@
 provider "azurerm" {
   features {}
-  subscription_id            = "01111111111110-11-11-11-11"
-  skip_provider_registration = "true"
+  subscription_id = "000001-11111-1223-XXX-XXXXXXXXXXXX"
 }
 
 provider "azurerm" {
   features {}
-  alias                      = "peer"
-  subscription_id            = "01111111111110-11-11-11-11"
-  skip_provider_registration = "true"
+  alias           = "peer"
+  subscription_id = "000001-11111-1223-XXX-XXXXXXXXXXXX"
 }
 
 locals {
@@ -77,11 +75,12 @@ module "subnet" {
 ##-----------------------------------------------------------------------------
 module "log-analytics" {
   source                           = "clouddrove/log-analytics/azure"
-  version                          = "1.0.1"
+  version                          = "1.1.0"
   name                             = local.name
   environment                      = local.environment
   create_log_analytics_workspace   = true
   log_analytics_workspace_sku      = "PerGB2018"
+  log_analytics_workspace_id       = module.log-analytics.workspace_id
   resource_group_name              = module.resource_group.resource_group_name
   log_analytics_workspace_location = module.resource_group.resource_group_location
 }
@@ -106,9 +105,11 @@ module "container-registry" {
   environment         = local.environment
   resource_group_name = module.resource_group.resource_group_name
   location            = module.resource_group.resource_group_location
+
   container_registry_config = {
-    name = "cdacr1234" # Name of Container Registry
-    sku  = "Premium"
+    name                     = "cdacr1234" # Name of Container Registry
+    sku                      = "Premium"
+    retention_policy_in_days = 5
   }
   log_analytics_workspace_id = module.log-analytics.workspace_id
   ##----------------------------------------------------------------------------- 

examples/with_existing_dns_zone_in_diff_rg/versions.tf

@@ -7,7 +7,7 @@ terraform {
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = "3.112.0"
+      version = ">=4.0.0"
     }
   }
 }

examples/with_existing_dns_zone_in_diff_subs/example.tf

@@ -1,14 +1,12 @@
 provider "azurerm" {
   features {}
-  subscription_id            = "01111111111110-11-11-11-11"
-  skip_provider_registration = "true"
+  subscription_id = "000001-11111-1223-XXX-XXXXXXXXXXXX"
 }
 
 provider "azurerm" {
   features {}
-  alias                      = "peer"
-  subscription_id            = "01111111111110-11-11-11-11"
-  skip_provider_registration = "true"
+  alias           = "peer"
+  subscription_id = "000001-11111-1223-XXX-XXXXXXXXXXXX"
 }
 locals {
   name        = "app"
@@ -75,11 +73,12 @@ module "subnet" {
 ##-----------------------------------------------------------------------------
 module "log-analytics" {
   source                           = "clouddrove/log-analytics/azure"
-  version                          = "1.0.1"
+  version                          = "1.1.0"
   name                             = local.name
   environment                      = local.environment
   create_log_analytics_workspace   = true
   log_analytics_workspace_sku      = "PerGB2018"
+  log_analytics_workspace_id       = module.log-analytics.workspace_id
   resource_group_name              = module.resource_group.resource_group_name
   log_analytics_workspace_location = module.resource_group.resource_group_location
 }

examples/with_existing_dns_zone_in_diff_subs/versions.tf

@@ -7,7 +7,7 @@ terraform {
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = "3.112.0"
+      version = ">=4.0.0"
     }
   }
 }

main.tf

@@ -52,30 +52,11 @@ resource "azurerm_container_registry" "main" {
         }
       }
 
-      dynamic "virtual_network" {
-        for_each = network_rule_set.value.virtual_network
-        content {
-          action    = "Allow"
-          subnet_id = virtual_network.value.subnet_id
-        }
-      }
-    }
-  }
-
-  dynamic "retention_policy" {
-    for_each = var.retention_policy != null && var.container_registry_config.sku == "Premium" ? [var.retention_policy] : []
-    content {
-      days    = lookup(retention_policy.value, "days", 7)
-      enabled = lookup(retention_policy.value, "enabled", true)
     }
   }
 
-  dynamic "trust_policy" {
-    for_each = var.enable_content_trust ? [1] : []
-    content {
-      enabled = var.enable_content_trust
-    }
-  }
+  trust_policy_enabled     = var.container_registry_config.sku == "Premium" ? var.enable_content_trust : false
+  retention_policy_in_days = var.retention_policy_in_days != null && var.container_registry_config.sku == "Premium" ? var.retention_policy_in_days : null
 
   identity {
     type         = var.identity_ids != null || var.encryption ? "SystemAssigned, UserAssigned" : "SystemAssigned"
@@ -85,7 +66,6 @@ resource "azurerm_container_registry" "main" {
   dynamic "encryption" {
     for_each = var.encryption && var.container_registry_config.sku == "Premium" ? ["encryption"] : []
     content {
-      enabled            = true
       key_vault_key_id   = azurerm_key_vault_key.kvkey[0].id
       identity_client_id = azurerm_user_assigned_identity.identity[0].client_id
     }

variables.tf

@@ -87,15 +87,10 @@ variable "network_rule_set" {
   description = "Manage network rules for Azure Container Registries"
 }
 
-variable "retention_policy" {
-  type = object({
-    days    = optional(number)
-    enabled = optional(bool)
-  })
-  default = {
-    days    = 10
-    enabled = true
-  }
+
+variable "retention_policy_in_days" {
+  type        = number
+  default     = 5
   description = "Set a retention policy for untagged manifests"
 }
 
@@ -114,6 +109,7 @@ variable "identity_ids" {
 variable "encryption" {
   type    = bool
   default = false
+  description = "Flag to enable encryption in acr."
 }
 
 variable "scope_map" {
@@ -139,7 +135,7 @@ variable "container_registry_webhooks" {
 variable "key_vault_id" {
   type        = string
   default     = null
-  description = ""
+  description = "Keyvault id in which encryption key will be created."
 }
 
 variable "enable_rotation_policy" {
@@ -151,6 +147,7 @@ variable "enable_rotation_policy" {
 variable "key_vault_rbac_auth_enabled" {
   type    = bool
   default = true
+  description = "Flag to tell whether key vault used role based access or not."
 }
 
 ##-----------------------------------------------------------------------------
@@ -171,6 +168,7 @@ variable "existing_private_dns_zone" {
 variable "private_dns_name" {
   type    = string
   default = "privatelink.azurecr.io"
+  description = "Private DNS name for ACR."
 }
 
 variable "subnet_id" {

versions.tf

@@ -6,8 +6,9 @@ terraform {
 terraform {
   required_providers {
     azurerm = {
-      source  = "hashicorp/azurerm"
-      version = ">=3.102.0"
+      source                = "hashicorp/azurerm"
+      version               = ">=4.0.0"
+      configuration_aliases = [azurerm.main_sub, azurerm.dns_sub]
     }
   }
 }