Remove unnecessary data block and tidy up outputs (#27)

* feat: trying without data block * chore: update runner * fix: correct output parameter * fix: output properties * fix: add export values from azapi * fix: try with restricted outputs to avoid sensitive flag * fix: output names * fix: set output as sensitive * fix: output sensitive * chore: fix docs and reset e2e runner * chore: bump version
Azure · Mar 7, 2024 · 14befc4 · 14befc4
1 parent 8aa77bd
commit 14befc4
Show file tree

Hide file tree

Showing 10 changed files with 45 additions and 40 deletions.
diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml
@@ -58,3 +58,4 @@ jobs:
     needs: testexamples
     steps:
       - run: echo "All tests passed"
+
diff --git a/README.md b/README.md
@@ -40,7 +40,6 @@ The following resources are used by this module:
 - [azurerm_resource_group_template_deployment.telemetry](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group_template_deployment) (resource)
 - [azurerm_role_assignment.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/role_assignment) (resource)
 - [random_id.telem](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) (resource)
-- [azapi_resource.this_environment](https://registry.terraform.io/providers/Azure/azapi/latest/docs/data-sources/resource) (data source)
 - [azurerm_resource_group.parent](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/resource_group) (data source)
 
 <!-- markdownlint-disable MD013 -->
@@ -181,8 +180,8 @@ Default: `{}`
 
 ### <a name="input_enable_telemetry"></a> [enable\_telemetry](#input\_enable\_telemetry)
 
-Description: This variable controls whether or not telemetry is enabled for the module.
-For more information see <https://aka.ms/avm/telemetryinfo>.
+Description: This variable controls whether or not telemetry is enabled for the module.  
+For more information see <https://aka.ms/avm/telemetryinfo>.  
 If it is set to false, then no telemetry will be collected.
 
 Type: `bool`
@@ -191,8 +190,8 @@ Default: `true`
 
 ### <a name="input_infrastructure_resource_group_name"></a> [infrastructure\_resource\_group\_name](#input\_infrastructure\_resource\_group\_name)
 
-Description: Name of the platform-managed resource group created for the Managed Environment to host infrastructure resources.
-If a subnet ID is provided, this resource group will be created in the same subscription as the subnet.
+Description: Name of the platform-managed resource group created for the Managed Environment to host infrastructure resources.   
+If a subnet ID is provided, this resource group will be created in the same subscription as the subnet.  
 If not specified, then one will be generated automatically, in the form `ME_<app_managed_environment_name>_<resource_group>_<location>`.
 
 Type: `string`
@@ -370,8 +369,8 @@ Default: `false`
 
 ### <a name="input_workload_profile"></a> [workload\_profile](#input\_workload\_profile)
 
-Description:
-This lists the workload profiles that will be configured for the Managed Environment.
+Description:   
+This lists the workload profiles that will be configured for the Managed Environment.  
 This is in addition to the default Consumpion Plan workload profile.
 
  - `maximum_count` - (Optional) The maximum number of instances of workload profile that can be deployed in the Container App Environment.
@@ -432,4 +431,4 @@ No modules.
 ## Data Collection
 
 The software may collect information about you and your use of the software and send it to Microsoft. Microsoft may use this information to provide services and improve our products and services. You may turn off the telemetry as described in the repository. There are also some features in the software that may enable you and Microsoft to collect data from users of your applications. If you use these features, you must comply with applicable law, including providing appropriate notices to users of your applications together with a copy of Microsoft’s privacy statement. Our privacy statement is located at <https://go.microsoft.com/fwlink/?LinkID=824704>. You can learn more about data collection and use in the help documentation and our privacy statement. Your use of the software operates as your consent to these practices.
-<!-- END_TF_DOCS -->
+<!-- END_TF_DOCS -->
diff --git a/_header.md b/_header.md
@@ -2,5 +2,4 @@
 
 Module to deploy Container Apps Managed Environments in Azure.
 
-> [!WARNING]
-> Major version Zero (0.y.z) is for initial development. Anything MAY change at any time. A module SHOULD NOT be considered stable till at least it is major version one (1.0.0) or greater. Changes will always be via new versions being published and no changes will be made to existing published versions. For more details please go to <https://semver.org/>
+-> Major version Zero (0.y.z) is for initial development. Anything MAY change at any time. A module SHOULD NOT be considered stable till at least it is major version one (1.0.0) or greater. Changes will always be via new versions being published and no changes will be made to existing published versions. For more details please go to <https://semver.org/>
diff --git a/examples/workload_profile_internal/output.tf b/examples/workload_profile_internal/output.tf
@@ -1,4 +1,5 @@
 output "app_environment" {
   description = "The outputs for the managed environment, this allows outputs to be inspected in the CI run."
   value       = module.managedenvironment.resource
+  sensitive   = true
 }
diff --git a/locals.tf b/locals.tf
@@ -1,8 +1,8 @@
 locals {
   role_definition_resource_substring = "/providers/Microsoft.Authorization/roleDefinitions"
 
-  workload_profile_outputs = jsondecode(data.azapi_resource.this_environment.output).properties.workloadProfiles != null ? [
-    for wp in jsondecode(data.azapi_resource.this_environment.output).properties.workloadProfiles : merge(
+  workload_profile_outputs = jsondecode(azapi_resource.this_environment.body).properties.workloadProfiles != null ? [
+    for wp in jsondecode(azapi_resource.this_environment.body).properties.workloadProfiles : merge(
       {
         name                  = wp.name
         workload_profile_type = wp.workloadProfileType

diff --git a/locals.version.tf.json b/locals.version.tf.json
@@ -1,5 +1,5 @@
 {
   "locals": {
-    "module_version": "0.1.0"
+    "module_version": "0.1.1"
   }
-}
+}
diff --git a/main.tf b/main.tf
@@ -38,10 +38,20 @@ resource "azapi_resource" "this_environment" {
       zoneRedundant = var.zone_redundancy_enabled
     }
   })
-  location                  = coalesce(var.location, data.azurerm_resource_group.parent.location)
-  name                      = var.name
-  parent_id                 = data.azurerm_resource_group.parent.id
-  schema_validation_enabled = false
+  location  = coalesce(var.location, data.azurerm_resource_group.parent.location)
+  name      = var.name
+  parent_id = data.azurerm_resource_group.parent.id
+  response_export_values = [
+    "properties.customDomainConfiguration",
+    "properties.daprAIInstrumentationKey",
+    "properties.defaultDomain",
+    "properties.infrastructureResourceGroup",
+    "properties.peerAuthentication",
+    "properties.staticIp",
+    "properties.vnetConfiguration",
+    "properties.workloadProfiles",
+  ]
+  schema_validation_enabled = true
   tags                      = var.tags
   dynamic "timeouts" {
     for_each = var.timeouts == null ? [] : [var.timeouts]
@@ -54,13 +64,6 @@ resource "azapi_resource" "this_environment" {
   }
 }
 
-data "azapi_resource" "this_environment" {
-  type                   = "Microsoft.App/managedEnvironments@2023-05-01"
-  name                   = azapi_resource.this_environment.name
-  parent_id              = data.azurerm_resource_group.parent.id
-  response_export_values = ["*"]
-}
-
 resource "azurerm_management_lock" "this" {
   count = var.lock.kind != "None" ? 1 : 0
 

diff --git a/outputs.tf b/outputs.tf
@@ -7,29 +7,29 @@ output "resource" {
     id                  = azapi_resource.this_environment.id
     name                = azapi_resource.this_environment.name
     resource_group_name = data.azurerm_resource_group.parent.name
-    location            = jsondecode(data.azapi_resource.this_environment.output).location
+    location            = azapi_resource.this_environment.location
 
     # outputs provided by the AzureRM provider
-    dapr_application_insights_connection_string = try(jsondecode(data.azapi_resource.this_environment.output).properties.daprAIConnectionString, null)
-    infrastructure_subnet_id                    = try(jsondecode(data.azapi_resource.this_environment.output).properties.vnetConfiguration.infrastructureSubnetId, null)
-    internal_load_balancer_enabled              = try(jsondecode(data.azapi_resource.this_environment.output).properties.vnetConfiguration.internal, null)
-    log_analytics_workspace_id                  = try(jsondecode(data.azapi_resource.this_environment.output).properties.appLogsConfiguration.logAnalyticsConfiguration.customerId, null)
+    dapr_application_insights_connection_string = try(jsondecode(azapi_resource.this_environment.body).properties.daprAIConnectionString, null)
+    infrastructure_subnet_id                    = try(jsondecode(azapi_resource.this_environment.body).properties.vnetConfiguration.infrastructureSubnetId, null)
+    internal_load_balancer_enabled              = try(jsondecode(azapi_resource.this_environment.body).properties.vnetConfiguration.internal, null)
+    log_analytics_workspace_id                  = try(jsondecode(azapi_resource.this_environment.body).properties.appLogsConfiguration.logAnalyticsConfiguration.customerId, null)
     tags                                        = try(azapi_resource.this_environment.tags, null)
     workload_profiles                           = local.workload_profile_outputs
-    zone_redundancy_enabled                     = try(jsondecode(data.azapi_resource.this_environment.output).properties.zoneRedundant, null)
+    zone_redundancy_enabled                     = try(jsondecode(azapi_resource.this_environment.body).properties.zoneRedundant, null)
 
     # outputs provided by the AzureRM provider known after apply
-    default_domain                   = jsondecode(data.azapi_resource.this_environment.output).properties.defaultDomain
-    docker_bridge_cidr               = try(jsondecode(data.azapi_resource.this_environment.output).properties.vnetConfiguration.dockerBridgeCidr, null)
-    platform_reserved_cidr           = try(jsondecode(data.azapi_resource.this_environment.output).properties.vnetConfiguration.platformReservedCidr, null)
-    platform_reserved_dns_ip_address = try(jsondecode(data.azapi_resource.this_environment.output).properties.vnetConfiguration.platformReservedDnsIP, null)
-    static_ip_address                = jsondecode(data.azapi_resource.this_environment.output).properties.staticIp
+    default_domain                   = jsondecode(azapi_resource.this_environment.output).properties.defaultDomain
+    docker_bridge_cidr               = try(jsondecode(azapi_resource.this_environment.output).properties.vnetConfiguration.dockerBridgeCidr, null)
+    platform_reserved_cidr           = try(jsondecode(azapi_resource.this_environment.output).properties.vnetConfiguration.platformReservedCidr, null)
+    platform_reserved_dns_ip_address = try(jsondecode(azapi_resource.this_environment.output).properties.vnetConfiguration.platformReservedDnsIP, null)
+    static_ip_address                = jsondecode(azapi_resource.this_environment.output).properties.staticIp
 
     # additional outputs not yet supported by the AzureRM provider
-    custom_domain_verification_id          = try(jsondecode(data.azapi_resource.this_environment.output).properties.customDomainConfiguration.customDomainVerificationId, null)
-    dapr_azure_monitor_instrumentation_key = try(jsondecode(data.azapi_resource.this_environment.output).properties.daprAIInstrumentationKey, null)
-    infrastructure_resource_group          = try(jsondecode(data.azapi_resource.this_environment.output).properties.infrastructureResourceGroup, null)
-    mtls_enabled                           = try(jsondecode(data.azapi_resource.this_environment.output).properties.peerAuthentication.mtls.enabled, false)
+    custom_domain_verification_id          = try(jsondecode(azapi_resource.this_environment.output).properties.customDomainConfiguration.customDomainVerificationId, null)
+    dapr_azure_monitor_instrumentation_key = try(jsondecode(azapi_resource.this_environment.output).properties.daprAIInstrumentationKey, null)
+    infrastructure_resource_group          = try(jsondecode(azapi_resource.this_environment.output).properties.infrastructureResourceGroup, null)
+    mtls_enabled                           = try(jsondecode(azapi_resource.this_environment.output).properties.peerAuthentication.mtls.enabled, false)
   }
 }
 

diff --git a/variable.storage.tf b/variable.storage.tf
@@ -24,6 +24,7 @@ variable "storages" {
  - `delete` - (Defaults to 30 minutes) Used when deleting the Container App Environment Storage.
  - `read` - (Defaults to 5 minutes) Used when retrieving the Container App Environment Storage.
  - `update` - (Defaults to 30 minutes) Used when updating the Container App Environment Storage.
+
 EOT
   nullable    = false
 }
diff --git a/variables.tf b/variables.tf
@@ -89,6 +89,7 @@ For more information see <https://aka.ms/avm/telemetryinfo>.
 If it is set to false, then no telemetry will be collected.
 DESCRIPTION
 }
+
 variable "infrastructure_subnet_id" {
   type        = string
   default     = null
Original file line number	Diff line number	Diff line change
Expand Up		@@ -58,3 +58,4 @@ jobs:
		needs: testexamples
		steps:
		- run: echo "All tests passed"