azurerm_container_app_environment: Add support for workload_profile

internal/services/containerapps/container_app_environment_resource.go

@@ -17,6 +17,7 @@ import (
 	"github.com/hashicorp/go-azure-sdk/resource-manager/containerapps/2023-05-01/managedenvironments"
 	"github.com/hashicorp/go-azure-sdk/resource-manager/operationalinsights/2020-08-01/workspaces"
 	"github.com/hashicorp/terraform-provider-azurerm/internal/sdk"
+	"github.com/hashicorp/terraform-provider-azurerm/internal/services/containerapps/helpers"
 	"github.com/hashicorp/terraform-provider-azurerm/internal/services/containerapps/validate"
 	"github.com/hashicorp/terraform-provider-azurerm/internal/tf/pluginsdk"
 	"github.com/hashicorp/terraform-provider-azurerm/internal/tf/validation"
@@ -25,15 +26,16 @@ import (
 type ContainerAppEnvironmentResource struct{}
 
 type ContainerAppEnvironmentModel struct {
-	Name                                    string                 `tfschema:"name"`
-	ResourceGroup                           string                 `tfschema:"resource_group_name"`
-	Location                                string                 `tfschema:"location"`
-	DaprApplicationInsightsConnectionString string                 `tfschema:"dapr_application_insights_connection_string"`
-	LogAnalyticsWorkspaceId                 string                 `tfschema:"log_analytics_workspace_id"`
-	InfrastructureSubnetId                  string                 `tfschema:"infrastructure_subnet_id"`
-	InternalLoadBalancerEnabled             bool                   `tfschema:"internal_load_balancer_enabled"`
-	ZoneRedundant                           bool                   `tfschema:"zone_redundancy_enabled"`
-	Tags                                    map[string]interface{} `tfschema:"tags"`
+	Name                                    string                         `tfschema:"name"`
+	ResourceGroup                           string                         `tfschema:"resource_group_name"`
+	Location                                string                         `tfschema:"location"`
+	DaprApplicationInsightsConnectionString string                         `tfschema:"dapr_application_insights_connection_string"`
+	LogAnalyticsWorkspaceId                 string                         `tfschema:"log_analytics_workspace_id"`
+	InfrastructureSubnetId                  string                         `tfschema:"infrastructure_subnet_id"`
+	InternalLoadBalancerEnabled             bool                           `tfschema:"internal_load_balancer_enabled"`
+	ZoneRedundant                           bool                           `tfschema:"zone_redundancy_enabled"`
+	Tags                                    map[string]interface{}         `tfschema:"tags"`
+	WorkloadProfiles                        []helpers.WorkloadProfileModel `tfschema:"workload_profile"`
 
 	DefaultDomain         string `tfschema:"default_domain"`
 	DockerBridgeCidr      string `tfschema:"docker_bridge_cidr"`
@@ -104,6 +106,8 @@ func (r ContainerAppEnvironmentResource) Arguments() map[string]*pluginsdk.Schem
 			Description:  "Should the Container Environment operate in Internal Load Balancing Mode? Defaults to `false`. **Note:** can only be set to `true` if `infrastructure_subnet_id` is specified.",
 		},
 
+		"workload_profile": helpers.WorkloadProfileSchema(),
+
 		"zone_redundancy_enabled": {
 			Type:         pluginsdk.TypeBool,
 			Optional:     true,
@@ -231,6 +235,8 @@ func (r ContainerAppEnvironmentResource) Create() sdk.ResourceFunc {
 				managedEnvironment.Properties.VnetConfiguration.Internal = pointer.To(containerAppEnvironment.InternalLoadBalancerEnabled)
 			}
 
+			managedEnvironment.Properties.WorkloadProfiles = helpers.ExpandWorkloadProfiles(containerAppEnvironment.WorkloadProfiles)
+
 			if err := client.CreateOrUpdateThenPoll(ctx, id, managedEnvironment); err != nil {
 				return fmt.Errorf("creating %s: %+v", id, err)
 			}
@@ -279,6 +285,7 @@ func (r ContainerAppEnvironmentResource) Read() sdk.ResourceFunc {
 					state.ZoneRedundant = pointer.From(props.ZoneRedundant)
 					state.StaticIP = pointer.From(props.StaticIP)
 					state.DefaultDomain = pointer.From(props.DefaultDomain)
+					state.WorkloadProfiles = helpers.FlattenWorkloadProfiles(props.WorkloadProfiles)
 				}
 			}
 

internal/services/containerapps/container_app_environment_resource_test.go

@@ -64,6 +64,21 @@ func TestAccContainerAppEnvironment_complete(t *testing.T) {
 	})
 }
 
+func TestAccContainerAppEnvironment_withWorkloadProfile(t *testing.T) {
+	data := acceptance.BuildTestData(t, "azurerm_container_app_environment", "test")
+	r := ContainerAppEnvironmentResource{}
+
+	data.ResourceTest(t, r, []acceptance.TestStep{
+		{
+			Config: r.completeWithWorkloadProfile(data),
+			Check: acceptance.ComposeTestCheckFunc(
+				check.That(data.ResourceName).ExistsInAzure(r),
+			),
+		},
+		data.ImportStep("log_analytics_workspace_id"),
+	})
+}
+
 func TestAccContainerAppEnvironment_completeUpdate(t *testing.T) {
 	data := acceptance.BuildTestData(t, "azurerm_container_app_environment", "test")
 	r := ContainerAppEnvironmentResource{}
@@ -189,6 +204,68 @@ resource "azurerm_container_app_environment" "test" {
 `, r.templateVNet(data), data.RandomInteger)
 }
 
+func (r ContainerAppEnvironmentResource) completeWithWorkloadProfile(data acceptance.TestData) string {
+	return fmt.Sprintf(`
+provider "azurerm" {
+  features {
+    resource_group {
+      prevent_deletion_if_contains_resources = false
+    }
+  }
+}
+
+%[1]s
+
+resource "azurerm_virtual_network" "test" {
+  name                = "acctestvirtnet%[2]d"
+  address_space       = ["10.0.0.0/16"]
+  location            = azurerm_resource_group.test.location
+  resource_group_name = azurerm_resource_group.test.name
+}
+
+resource "azurerm_subnet" "control" {
+  name                 = "control-plane"
+  resource_group_name  = azurerm_resource_group.test.name
+  virtual_network_name = azurerm_virtual_network.test.name
+  address_prefixes     = ["10.0.0.0/23"]
+  delegation {
+    name = "acctestdelegation%[2]d"
+    service_delegation {
+      actions = ["Microsoft.Network/virtualNetworks/subnets/join/action"]
+      name    = "Microsoft.App/environments"
+    }
+  }
+}
+
+resource "azurerm_container_app_environment" "test" {
+  name                     = "acctest-CAEnv%[2]d"
+  resource_group_name      = azurerm_resource_group.test.name
+  location                 = azurerm_resource_group.test.location
+  infrastructure_subnet_id = azurerm_subnet.control.id
+
+  workload_profile {
+    maximum_count         = 2
+    minimum_count         = 0
+    name                  = "My-GP-01"
+    workload_profile_type = "D4"
+  }
+
+  workload_profile {
+    name                  = "Consumption"
+    workload_profile_type = "Consumption"
+  }
+
+  zone_redundancy_enabled = true
+
+  tags = {
+    Foo    = "Bar"
+    secret = "sauce"
+  }
+}
+`, r.template(data), data.RandomInteger)
+
+}
+
 func (r ContainerAppEnvironmentResource) completeUpdate(data acceptance.TestData) string {
 	return fmt.Sprintf(`
 provider "azurerm" {

internal/services/containerapps/helpers/container_apps.go

@@ -17,6 +17,8 @@ import (
 	"github.com/hashicorp/terraform-provider-azurerm/internal/tf/validation"
 )
 
+const consumption = "Consumption"
+
 type Registry struct {
 	PasswordSecretRef string `tfschema:"password_secret_name"`
 	Server            string `tfschema:"server"`
@@ -3014,3 +3016,84 @@ func (c *ContainerTemplate) flattenContainerAppScaleRules(input *[]containerapps
 		c.TCPScaleRules = tcpScaleRules
 	}
 }
+
+type WorkloadProfileModel struct {
+	MaximumCount        int64  `tfschema:"maximum_count"`
+	MinimumCount        int64  `tfschema:"minimum_count"`
+	Name                string `tfschema:"name"`
+	WorkloadProfileType string `tfschema:"workload_profile_type"`
+}
+
+func WorkloadProfileSchema() *pluginsdk.Schema {
+	return &pluginsdk.Schema{
+		Type:     pluginsdk.TypeSet,
+		Optional: true,
+		Elem: &pluginsdk.Resource{
+			Schema: map[string]*pluginsdk.Schema{
+				"name": {
+					Type:         pluginsdk.TypeString,
+					Required:     true,
+					ValidateFunc: validation.StringIsNotEmpty,
+				},
+
+				"workload_profile_type": {
+					Type:         pluginsdk.TypeString,
+					Required:     true,
+					ValidateFunc: validation.StringIsNotEmpty,
+				},
+
+				"maximum_count": {
+					Type:     pluginsdk.TypeInt,
+					Optional: true,
+				},
+
+				"minimum_count": {
+					Type:     pluginsdk.TypeInt,
+					Optional: true,
+				},
+			},
+		},
+	}
+}
+
+func ExpandWorkloadProfiles(input []WorkloadProfileModel) *[]managedenvironments.WorkloadProfile {
+	if len(input) == 0 {
+		return nil
+	}
+
+	result := make([]managedenvironments.WorkloadProfile, 0)
+
+	for _, v := range input {
+		r := managedenvironments.WorkloadProfile{
+			Name:                v.Name,
+			WorkloadProfileType: v.WorkloadProfileType,
+		}
+
+		if v.Name != consumption {
+			r.MaximumCount = pointer.To(v.MaximumCount)
+			r.MinimumCount = pointer.To(v.MinimumCount)
+		}
+
+		result = append(result, r)
+	}
+
+	return &result
+}
+
+func FlattenWorkloadProfiles(input *[]managedenvironments.WorkloadProfile) []WorkloadProfileModel {
+	if input == nil || len(*input) == 0 {
+		return []WorkloadProfileModel{}
+	}
+	result := make([]WorkloadProfileModel, 0)
+
+	for _, v := range *input {
+		result = append(result, WorkloadProfileModel{
+			Name:                v.Name,
+			MaximumCount:        pointer.From(v.MaximumCount),
+			MinimumCount:        pointer.From(v.MinimumCount),
+			WorkloadProfileType: v.WorkloadProfileType,
+		})
+	}
+
+	return result
+}

internal/services/paloalto/local_rulestack_data_source_test.go

@@ -29,7 +29,7 @@ func (d LocalRulestackDataSource) basic(data acceptance.TestData) string {
 	return fmt.Sprintf(`
 %s
 
-data "azurerm_palo_alto_local_rulestack" "test"{
+data "azurerm_palo_alto_local_rulestack" "test" {
   name                = azurerm_palo_alto_local_rulestack.test.name
   resource_group_name = azurerm_palo_alto_local_rulestack.test.resource_group_name
 }

website/docs/r/container_app_environment.html.markdown

@@ -62,8 +62,22 @@ The following arguments are supported:
 
 * `log_analytics_workspace_id` - (Optional) The ID for the Log Analytics Workspace to link this Container Apps Managed Environment to. Changing this forces a new resource to be created.
 
+* `workload_profile` - (Optional) The profile of the workload to scope the container app execution. A `workload_profile` block as defined below.
+
 * `tags` - (Optional) A mapping of tags to assign to the resource.
 
+---
+
+A `workload_profile` block supports the following:
+
+* `name` - (Required) The name of the workload profile.
+
+* `workload_profile_type` - (Required) Workload profile type for the workloads to run on. 
+
+* `maximum_count` - (Optional) The maximum number of containers that can be deployed in the Container App Environment.
+
+* `minimum_count` - (Optional) The minimum number of containers that can be deployed in the Container App Environment.
+
 ## Attributes Reference
 
 In addition to the Arguments listed above - the following Attributes are exported: