chore: repository governance

.github/policies/avmrequiredfiles.yml

@@ -16,13 +16,4 @@ configuration:
     prBody: |
       This repository needs the standard workflow and policy files to ensure compliance.
     file:
-      - path: .github/workflows/version-check.yml
-        prContentLink: https://raw.githubusercontent.com/Azure/terraform-azurerm-avm-template/main/.github/workflows/version-check.yml
-      - path: .github/workflows/linting.yml
-        prContentLink: https://raw.githubusercontent.com/Azure/terraform-azurerm-avm-template/main/.github/workflows/linting.yml
-      - path: Makefile
-        prContentLink: https://raw.githubusercontent.com/Azure/terraform-azurerm-avm-template/main/Makefile
-      - path: .github/policies/avmrequiredfiles.yml
-        prContentLink: https://raw.githubusercontent.com/Azure/terraform-azurerm-avm-template/main/.github/policies/avmrequiredfiles.yml
-      - path: .github/policies/branchprotection.yml
-        prContentLink: https://raw.githubusercontent.com/Azure/terraform-azurerm-avm-template/main/.github/policies/branchprotection.yml
+

.github/workflows/e2e.yml

@@ -1,59 +1,60 @@
 ---
-  name: e2e test
-
-  on:
-    pull_request:
-      types: ['opened', 'reopened', 'synchronize']
-    merge_group:
-    workflow_dispatch:
-
-  permissions:
-    contents: read
-    id-token: write
-
-  jobs:
-    getexamples:
-      runs-on: ubuntu-latest
-      outputs:
-        examples: ${{ steps.getexamples.outputs.examples }}
-      steps:
-        - uses: actions/checkout@v4
-        - name: get examples
-          id: getexamples
-          uses: Azure/terraform-azurerm-avm-template/.github/actions/e2e-getexamples@main
-          with:
-            github-token: ${{ secrets.GITHUB_TOKEN }}
-
-    testexamples:
-      runs-on: ubuntu-latest
-      needs: getexamples
-      environment: test
-      env:
-        TF_IN_AUTOMATION: 1
-        TF_VAR_enable_telemetry: false
-      strategy:
-        matrix:
-          example: ${{ fromJson(needs.getexamples.outputs.examples) }}
-        max-parallel: 5
-      steps:
-        - uses: actions/checkout@v4
-
-        - uses: Azure/login@v1
-          with:
-            client-id: ${{ secrets.AZURE_CLIENT_ID }}
-            tenant-id: ${{ secrets.AZURE_TENANT_ID }}
-            subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
-
-        - name: Test example
-          uses: Azure/terraform-azurerm-avm-template/.github/actions/e2e-testexamples@main
-          with:
-            example: ${{ matrix.example }}
-
-    # This job is only run when all the previous jobs are successful.
-    # We can use it for PR validation to ensure all examples have completed.
-    testexamplescomplete:
-      runs-on: ubuntu-latest
-      needs: testexamples
-      steps:
-        - run: echo "All tests passed"
+name: e2e test
 
+on:
+  pull_request:
+    types: ['opened', 'reopened', 'synchronize']
+  merge_group:
+  workflow_dispatch:
+
+permissions:
+  contents: read
+  id-token: write
+
+jobs:
+  getexamples:
+    if: github.event.repository.name != 'terraform-azurerm-avm-template'
+    runs-on: ubuntu-latest
+    outputs:
+      examples: ${{ steps.getexamples.outputs.examples }}
+    steps:
+      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 #v4.1.1
+      - name: get examples
+        id: getexamples
+        uses: Azure/terraform-azurerm-avm-template/.github/actions/e2e-getexamples@main
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+
+  testexamples:
+    if: github.event.repository.name != 'terraform-azurerm-avm-template'
+    runs-on: [ self-hosted, 1ES.Pool=44c05b5db385bb8002448c83f74b5675454ff44e ]
+    needs: getexamples
+    environment: test
+    env:
+      TF_IN_AUTOMATION: 1
+      TF_VAR_enable_telemetry: false
+    strategy:
+      matrix:
+        example: ${{ fromJson(needs.getexamples.outputs.examples) }}
+      fail-fast: false
+    steps:
+      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 #v4.1.1
+
+      - name: Test example
+        shell: bash
+        run: |
+          set -e
+          az login --identity --username $MSI_ID > /dev/null
+          export ARM_SUBSCRIPTION_ID=$(az login --identity --username $MSI_ID | jq -r '.[0] | .id')
+          export ARM_TENANT_ID=$(az login --identity --username $MSI_ID | jq -r '.[0] | .tenantId')
+          export ARM_CLIENT_ID=$(az identity list | jq -r --arg MSI_ID "$MSI_ID" '.[] | select(.principalId == $MSI_ID) | .clientId')
+          docker run --rm -v /var/run/docker.sock:/var/run/docker.sock -v $(pwd):/src -w /src --network=host -e TF_IN_AUTOMATION -e TF_VAR_enable_telemetry -e AVM_MOD_PATH=/src -e AVM_EXAMPLE=${{ matrix.example }} -e MSI_ID -e ARM_SUBSCRIPTION_ID -e ARM_TENANT_ID -e ARM_CLIENT_ID -e ARM_USE_MSI=true mcr.microsoft.com/azterraform:latest make test-example
+
+  # This job is only run when all the previous jobs are successful.
+  # We can use it for PR validation to ensure all examples have completed.
+  testexamplescomplete:
+    if: github.event.repository.name != 'terraform-azurerm-avm-template'
+    runs-on: ubuntu-latest
+    needs: testexamples
+    steps:
+      - run: echo "All tests passed"

.github/workflows/linting.yml

@@ -15,17 +15,37 @@ concurrency:
   cancel-in-progress: true
 
 jobs:
-  linting:
-    name: linting
+  docs:
+    if: github.event.repository.name != 'terraform-azurerm-avm-template'
+    name: docs
     runs-on: ubuntu-latest
     steps:
       - name: checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 #v4.1.1
 
       - name: check docs
         uses: Azure/terraform-azurerm-avm-template/.github/actions/docs-check@main
 
+  terraform:
+    if: github.event.repository.name != 'terraform-azurerm-avm-template'
+    name: terraform
+    runs-on: ubuntu-latest
+    steps:
+      - name: checkout repository
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 #v4.1.1
+
       - name: lint terraform
         uses: Azure/terraform-azurerm-avm-template/.github/actions/linting@main
         with:
-          github-token: ${{ secrets.GITHUB_TOKEN }}
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+
+  avmfix:
+    if: github.event.repository.name != 'terraform-azurerm-avm-template' && false
+    name: avmfix
+    runs-on: ubuntu-latest
+    steps:
+      - name: checkout repository
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 #v4.1.1
+
+      - name: avmfix
+        uses: Azure/terraform-azurerm-avm-template/.github/actions/avmfix@main

.github/workflows/version-check.yml

@@ -13,10 +13,11 @@ permissions:
 
 jobs:
   version-check:
+    if: github.event.repository.name != 'terraform-azurerm-avm-template'
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 #v4.1.1
       - name: Check version
         uses: Azure/terraform-azurerm-avm-template/.github/actions/version-check@main
         with:
-          github_token: ${{ secrets.GITHUB_TOKEN }}
+          github_token: ${{ secrets.GITHUB_TOKEN }}

.gitignore

@@ -34,4 +34,13 @@ override.tf.json
 
 # Ignore CLI configuration files
 .terraformrc
-terraform.rc
+terraform.rc
+*.md.tmp
+*tfplan*
+.DS_Store
+README-generated.md
+avm.tflint.hcl
+avm.tflint.merged.hcl
+avm.tflint_example.hcl
+avm.tflint_example.merged.hcl
+avmmakefile

.terraform-docs.yml

@@ -4,7 +4,7 @@
 
 formatter: "markdown document" # this is required
 
-version: "0.16.0"
+version: "~> 0.17.0"
 
 header-from: "_header.md"
 footer-from: "_footer.md"
@@ -64,4 +64,4 @@ settings:
   read-comments: true
   required: true
   sensitive: true
-  type: true
+  type: true

Makefile

@@ -1,18 +1,4 @@
-.PHONY: docs
-docs:
-	@echo "==> Generating module documentation..."
-	terraform-docs -c .terraform-docs.yml .
-	@echo "==> Generating examples documentation..."
-	cd examples && for d in $$(ls -d */); do terraform-docs  $$d; done
+SHELL := /bin/bash
 
-.PHONY: fmt
-fmt:
-	@echo "==> Fixing Terraform code with terraform fmt..."
-	terraform fmt -recursive
-	@echo "==> Fixing embedded Terraform with terrafmt..."
-	find . | egrep ".md|.tf" | grep -v README.md | sort | while read f; do terrafmt fmt $$f; done
-
-.PHONY: tools
-tools:
-	go install github.com/katbyte/terrafmt@latest
-	go install github.com/terraform-docs/terraform-docs@latest
+$(shell curl -H 'Cache-Control: no-cache, no-store' -sSL "https://raw.githubusercontent.com/Azure/tfmod-scaffold/main/avmmakefile" -o avmmakefile)
+-include avmmakefile

SUPPORT.md

@@ -1,25 +1,15 @@
-# TODO: The maintainer of this repo has not yet edited this file
-
-**REPO OWNER**: Do you want Customer Service & Support (CSS) support for this product/project?
-
-- **No CSS support:** Fill out this template with information about how to file issues and get help.
-- **Yes CSS support:** Fill out an intake form at [aka.ms/onboardsupport](https://aka.ms/onboardsupport). CSS will work with/help you to determine next steps.
-- **Not sure?** Fill out an intake as though the answer were "Yes". CSS will help you decide.
+# Support
 
-*Then remove this first heading from this SUPPORT.MD file before publishing your repo.*
+> ⚠️**Note:** For the full details on the support statements, SLAs, and more for the Azure Verified Modules (AVM) initiative please visit [aka.ms/AVM/Support](https://aka.ms/avm/support) ⚠️
 
-# Support
+## How to file issues and get help
 
-## How to file issues and get help  
+This project uses GitHub Issues to track bugs and feature requests. Please search the existing issues before filing new issues to avoid duplicates. For new issues, file your bug or feature request as a new issue.
 
-This project uses GitHub Issues to track bugs and feature requests. Please search the existing 
-issues before filing new issues to avoid duplicates.  For new issues, file your bug or 
-feature request as a new Issue.
+Issues can be created and searched through for existing [issues here](https://github.com/Azure/terraform-azurerm-avm-res-network-virtualnetwork/issues).
 
-For help and questions about using this project, please **REPO MAINTAINER: INSERT INSTRUCTIONS HERE 
-FOR HOW TO ENGAGE REPO OWNERS OR COMMUNITY FOR HELP. COULD BE A STACK OVERFLOW TAG OR OTHER
-CHANNEL. WHERE WILL YOU HELP PEOPLE?**.
+Please provide as much information as possible when filing an issue. Include screenshots or correlation IDs if possible (please redact any sensitive information).
 
-## Microsoft Support Policy  
+For instructions on how to get deployments and correlation ID, please follow this link [here](https://learn.microsoft.com/azure/azure-resource-manager/templates/deployment-history?tabs=azure-portal#get-deployments-and-correlation-id).
 
-Support for this **PROJECT or PRODUCT** is limited to the resources listed above.
+We may ask you to create an Azure support request once we have triaged the issue following the process documented [here](https://learn.microsoft.com/azure/azure-portal/supportability/how-to-create-azure-support-request).

_footer.md

@@ -2,8 +2,3 @@
 ## Data Collection
 
 The software may collect information about you and your use of the software and send it to Microsoft. Microsoft may use this information to provide services and improve our products and services. You may turn off the telemetry as described in the repository. There are also some features in the software that may enable you and Microsoft to collect data from users of your applications. If you use these features, you must comply with applicable law, including providing appropriate notices to users of your applications together with a copy of Microsoft’s privacy statement. Our privacy statement is located at <https://go.microsoft.com/fwlink/?LinkID=824704>. You can learn more about data collection and use in the help documentation and our privacy statement. Your use of the software operates as your consent to these practices.
-
-
-## AVM Versioning Notice
-
-Major version Zero (0.y.z) is for initial development. Anything MAY change at any time. The module SHOULD NOT be considered stable till at least it is major version one (1.0.0) or greater. Changes will always be via new versions being published and no changes will be made to existing published versions. For more details please go to https://semver.org/

avm

@@ -0,0 +1,21 @@
+#!/usr/bin/env sh
+
+usage () {
+  echo "Usage: avm <make target>"
+}
+
+CONTAINER_RUNTIME=${CONTAINER_RUNTIME:-docker}
+
+if [ ! "$(command -v "$CONTAINER_RUNTIME")" ]; then
+    echo "Error: $CONTAINER_RUNTIME is not installed. Please install $CONTAINER_RUNTIME first."
+    exit 1
+fi
+
+if [ -z "$1" ]; then
+    echo "Error: Please provide a make target. See https://github.com/Azure/tfmod-scaffold/blob/main/avmmakefile for available targets."
+    echo
+    usage
+    exit 1
+fi
+
+$CONTAINER_RUNTIME run --pull always --rm -v "$(pwd)":/src -w /src -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER mcr.microsoft.com/azterraform make "$1"

avm.bat

@@ -0,0 +1,23 @@
+@echo off
+SETLOCAL
+
+REM Set CONTAINER_RUNTIME to its current value if it's already set, or docker if it's not
+IF DEFINED CONTAINER_RUNTIME (SET "CONTAINER_RUNTIME=%CONTAINER_RUNTIME%") ELSE (SET "CONTAINER_RUNTIME=docker")
+
+REM Check if CONTAINER_RUNTIME is installed
+WHERE /Q %CONTAINER_RUNTIME%
+IF ERRORLEVEL 1 (
+    echo Error: %CONTAINER_RUNTIME% is not installed. Please install %CONTAINER_RUNTIME% first.
+    exit /b
+)
+
+REM Check if a make target is provided
+IF "%~1"=="" (
+    echo Error: Please provide a make target. See https://github.com/Azure/tfmod-scaffold/blob/main/avmmakefile for available targets.
+    exit /b
+)
+
+REM Run the make target with CONTAINER_RUNTIME
+%CONTAINER_RUNTIME% run --pull always --rm -v "%cd%":/src -w /src -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER mcr.microsoft.com/azterraform make %1
+
+ENDLOCAL