An opinionated example of how to test Terraform configurations. It includes:
- Terraform Configurations: A simple architecture that creates an Azure Web App, Key Vault, and associated resources. This demonstrates how to structure and organize Terraform code.
- Tests: Contract and integration tests that ensure the Terraform code behaves as expected. These tests are located in the tests directory and provide examples of how to write and structure tests for Terraform code.
- GitHub Workflows: Automated workflows for continuous integration and deployment. These workflows, located in the .github/workflows directory, automate the process of scanning the code for issues, running the tests, and deploying the infrastructure.
- Configuration Files: These files configure various tools used in the repository, such as tflint, trivy, checkov, and terraform-docs. They demonstrate how to set up and configure these tools for use with Terraform.
This repository follows best practices for Terraform development and uses GitHub workflows for automation. It serves as a practical example of how to test and deploy Terraform code.
| Name | Version |
|---|---|
| terraform | >= 1.8 |
| azurerm | ~> 3.0 |
| Name | Version |
|---|---|
| azurerm | ~> 3.0 |
No modules.
| Name | Type |
|---|---|
| azurerm_key_vault.this | resource |
| azurerm_linux_web_app.this | resource |
| azurerm_private_dns_zone.vault | resource |
| azurerm_private_dns_zone_virtual_network_link.vault | resource |
| azurerm_private_endpoint.vault | resource |
| azurerm_resource_group.this | resource |
| azurerm_service_plan.this | resource |
| azurerm_subnet.app_service | resource |
| azurerm_subnet.private_endpoint | resource |
| azurerm_virtual_network.this | resource |
| azurerm_client_config.current | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| app_service_delegated_subnet | Configuration for the App Service delegated subnet. | object({ |
n/a | yes |
| app_service_plan | Configuration for the app service plan. | object({ |
n/a | yes |
| key_vault | Configuration for the key vault. | object({ |
n/a | yes |
| location | Location of the resources. | string |
n/a | yes |
| private_endpoint_subnet | Configuration for the private endpoint subnet. | object({ |
n/a | yes |
| resource_group_name | Name of the resource group. | string |
n/a | yes |
| virtual_network | Configuration for the virtual network. | object({ |
n/a | yes |
| web_app | Configuration for the web app. | object({ |
n/a | yes |
| Name | Description |
|---|---|
| app_service_plan_id | The ID of the app service plan. |
| app_service_subnet_id | The ID of the app service subnet. |
| key_vault_id | The ID of the key vault. |
| key_vault_uri | The URI of the key vault. |
| private_dns_zone_vault_id | The ID of the private DNS zone for the vault. |
| private_endpoint_subnet_id | The ID of the private endpoint subnet. |
| private_endpoint_vault_id | The ID of the private endpoint for the vault. |
| resource_group_id | The ID of the resource group. |
| virtual_network_id | The ID of the virtual network. |
| web_app_hostname | The hostname of the web app. |
| web_app_id | The ID of the web app. |