diff --git a/.github/workflows/test_terraform_module.yaml b/.github/workflows/test_terraform_module.yaml new file mode 100644 index 000000000..a990a83bf --- /dev/null +++ b/.github/workflows/test_terraform_module.yaml @@ -0,0 +1,18 @@ +# Copyright 2025 Canonical Ltd. +# See LICENSE file for licensing details. + +name: Terraform modules tests + +on: + workflow_dispatch: + pull_request: + paths: + - 'terraform/**' + +jobs: + terraform-tests: + uses: canonical/operator-workflows/.github/workflows/terraform_modules_test.yaml@main + secrets: inherit + with: + k8s-controller: true + terraform-directories: '["terraform"]' diff --git a/renovate.json b/renovate.json index c47a709f7..bacf32c6b 100644 --- a/renovate.json +++ b/renovate.json @@ -23,6 +23,7 @@ ] } }, + "ignorePaths": [], "regexManagers": [ { "fileMatch": ["(^|/)rockcraft.yaml$"], @@ -53,10 +54,9 @@ }, { "fileMatch": ["(^|/)main.tftest.hcl$"], - "matchStrings": ["# renovate: depName=\"(?[^\"]+)\"\\s*\\n\\s*(?[a-zA-Z0-9_]+)\\s*=\\s*\"(?[^\"]+)\""], + "matchStrings": ["# renovate: depName=\"(?[^\"]+)\"\\s*\\n\\s*(?[a-zA-Z0-9_]+)\\s*=\\s*(?\\d+)"], "versioningTemplate": "semver-coerced", - "datasourceTemplate": "custom.charmhub", - "matchStringsStrategy": "recursive" + "datasourceTemplate": "custom.charmhub" }, { "fileMatch": ["(^|/)src/charm\\.py$"], @@ -83,16 +83,6 @@ "enabled": true }, { - "matchDatasources": ["terraform-provider"], - "matchPackageNames": ["juju/juju"], - "enabled": true - }, - { - "matchPackageNames": ["boto3"], - "matchUpdateTypes": ["patch"], - "enabled": false - }, - { "matchDatasources": ["github-releases"], "labels": ["workload-update"] } diff --git a/terraform/.tflint.hcl b/terraform/.tflint.hcl index 01f1384fa..f4e30c56a 100644 --- a/terraform/.tflint.hcl +++ b/terraform/.tflint.hcl @@ -2,5 +2,5 @@ # See LICENSE file for licensing details. rule "terraform_required_version" { - enabled = false + enabled = true } diff --git a/terraform/modules/lego/.tflint.hcl b/terraform/modules/lego/.tflint.hcl index 01f1384fa..f4e30c56a 100644 --- a/terraform/modules/lego/.tflint.hcl +++ b/terraform/modules/lego/.tflint.hcl @@ -2,5 +2,5 @@ # See LICENSE file for licensing details. rule "terraform_required_version" { - enabled = false + enabled = true } diff --git a/terraform/modules/lego/terraform.tf b/terraform/modules/lego/terraform.tf index 296fbdc6a..de6e0dbfa 100644 --- a/terraform/modules/lego/terraform.tf +++ b/terraform/modules/lego/terraform.tf @@ -2,10 +2,11 @@ # See LICENSE file for licensing details. terraform { + required_version = "~> 1.12" required_providers { juju = { source = "juju/juju" - version = ">= 0.22.0" + version = "~> 1.0" } } } diff --git a/terraform/modules/maubot/.tflint.hcl b/terraform/modules/maubot/.tflint.hcl index 01f1384fa..f4e30c56a 100644 --- a/terraform/modules/maubot/.tflint.hcl +++ b/terraform/modules/maubot/.tflint.hcl @@ -2,5 +2,5 @@ # See LICENSE file for licensing details. rule "terraform_required_version" { - enabled = false + enabled = true } diff --git a/terraform/modules/maubot/terraform.tf b/terraform/modules/maubot/terraform.tf index 296fbdc6a..de6e0dbfa 100644 --- a/terraform/modules/maubot/terraform.tf +++ b/terraform/modules/maubot/terraform.tf @@ -2,10 +2,11 @@ # See LICENSE file for licensing details. terraform { + required_version = "~> 1.12" required_providers { juju = { source = "juju/juju" - version = ">= 0.22.0" + version = "~> 1.0" } } } diff --git a/terraform/modules/nginx-ingress-integrator/.tflint.hcl b/terraform/modules/nginx-ingress-integrator/.tflint.hcl index 01f1384fa..f4e30c56a 100644 --- a/terraform/modules/nginx-ingress-integrator/.tflint.hcl +++ b/terraform/modules/nginx-ingress-integrator/.tflint.hcl @@ -2,5 +2,5 @@ # See LICENSE file for licensing details. rule "terraform_required_version" { - enabled = false + enabled = true } diff --git a/terraform/modules/nginx-ingress-integrator/terraform.tf b/terraform/modules/nginx-ingress-integrator/terraform.tf index 296fbdc6a..de6e0dbfa 100644 --- a/terraform/modules/nginx-ingress-integrator/terraform.tf +++ b/terraform/modules/nginx-ingress-integrator/terraform.tf @@ -2,10 +2,11 @@ # See LICENSE file for licensing details. terraform { + required_version = "~> 1.12" required_providers { juju = { source = "juju/juju" - version = ">= 0.22.0" + version = "~> 1.0" } } } diff --git a/terraform/modules/postgresql-k8s/.tflint.hcl b/terraform/modules/postgresql-k8s/.tflint.hcl index 01f1384fa..f4e30c56a 100644 --- a/terraform/modules/postgresql-k8s/.tflint.hcl +++ b/terraform/modules/postgresql-k8s/.tflint.hcl @@ -2,5 +2,5 @@ # See LICENSE file for licensing details. rule "terraform_required_version" { - enabled = false + enabled = true } diff --git a/terraform/modules/postgresql-k8s/README.md b/terraform/modules/postgresql-k8s/README.md new file mode 100644 index 000000000..1eeacb506 --- /dev/null +++ b/terraform/modules/postgresql-k8s/README.md @@ -0,0 +1,43 @@ +## Requirements + +| Name | Version | +|------|---------| +| [juju](#requirement\_juju) | ~> 1.0 | + +## Providers + +| Name | Version | +|------|---------| +| [juju](#provider\_juju) | ~> 1.0 | + +## Modules + +No modules. + +## Resources + +| Name | Type | +|------|------| +| [juju_application.postgresql_k8s](https://registry.terraform.io/providers/juju/juju/latest/docs/resources/application) | resource | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [app\_name](#input\_app\_name) | Name of the application in the Juju model. | `string` | `"postgresql-k8s"` | no | +| [base](#input\_base) | Application base | `string` | `"ubuntu@22.04"` | no | +| [channel](#input\_channel) | Charm channel to use when deploying | `string` | `"14/stable"` | no | +| [config](#input\_config) | Application configuration. Details at https://charmhub.io/postgresql-k8s/configurations | `map(string)` | `{}` | no | +| [constraints](#input\_constraints) | Juju constraints to apply for this application. | `string` | `"arch=amd64"` | no | +| [model\_uuid](#input\_model\_uuid) | Juju model name | `string` | n/a | yes | +| [resources](#input\_resources) | Resources to use with the application | `map(string)` | `{}` | no | +| [revision](#input\_revision) | Revision number to deploy charm | `number` | `null` | no | +| [storage\_size](#input\_storage\_size) | Storage size | `string` | `"10G"` | no | +| [units](#input\_units) | Number of units to deploy | `number` | `1` | no | + +## Outputs + +| Name | Description | +|------|-------------| +| [application\_name](#output\_application\_name) | Name of the deployed application. | +| [provides](#output\_provides) | n/a | diff --git a/terraform/modules/postgresql-k8s/terraform.tf b/terraform/modules/postgresql-k8s/terraform.tf index 358626157..de6e0dbfa 100644 --- a/terraform/modules/postgresql-k8s/terraform.tf +++ b/terraform/modules/postgresql-k8s/terraform.tf @@ -1,9 +1,12 @@ +# Copyright 2025 Canonical Ltd. +# See LICENSE file for licensing details. + terraform { - required_version = ">= 1.6.6" + required_version = "~> 1.12" required_providers { juju = { source = "juju/juju" - version = ">= 0.14.0" + version = "~> 1.0" } } } diff --git a/terraform/modules/redis-k8s/.tflint.hcl b/terraform/modules/redis-k8s/.tflint.hcl index 01f1384fa..f4e30c56a 100644 --- a/terraform/modules/redis-k8s/.tflint.hcl +++ b/terraform/modules/redis-k8s/.tflint.hcl @@ -2,5 +2,5 @@ # See LICENSE file for licensing details. rule "terraform_required_version" { - enabled = false + enabled = true } diff --git a/terraform/modules/redis-k8s/terraform.tf b/terraform/modules/redis-k8s/terraform.tf index 296fbdc6a..de6e0dbfa 100644 --- a/terraform/modules/redis-k8s/terraform.tf +++ b/terraform/modules/redis-k8s/terraform.tf @@ -2,10 +2,11 @@ # See LICENSE file for licensing details. terraform { + required_version = "~> 1.12" required_providers { juju = { source = "juju/juju" - version = ">= 0.22.0" + version = "~> 1.0" } } } diff --git a/terraform/modules/s3-integrator/.tflint.hcl b/terraform/modules/s3-integrator/.tflint.hcl index 01f1384fa..f4e30c56a 100644 --- a/terraform/modules/s3-integrator/.tflint.hcl +++ b/terraform/modules/s3-integrator/.tflint.hcl @@ -2,5 +2,5 @@ # See LICENSE file for licensing details. rule "terraform_required_version" { - enabled = false + enabled = true } diff --git a/terraform/modules/s3-integrator/terraform.tf b/terraform/modules/s3-integrator/terraform.tf index 296fbdc6a..de6e0dbfa 100644 --- a/terraform/modules/s3-integrator/terraform.tf +++ b/terraform/modules/s3-integrator/terraform.tf @@ -2,10 +2,11 @@ # See LICENSE file for licensing details. terraform { + required_version = "~> 1.12" required_providers { juju = { source = "juju/juju" - version = ">= 0.22.0" + version = "~> 1.0" } } } diff --git a/terraform/modules/saml-integrator/.tflint.hcl b/terraform/modules/saml-integrator/.tflint.hcl index 01f1384fa..f4e30c56a 100644 --- a/terraform/modules/saml-integrator/.tflint.hcl +++ b/terraform/modules/saml-integrator/.tflint.hcl @@ -2,5 +2,5 @@ # See LICENSE file for licensing details. rule "terraform_required_version" { - enabled = false + enabled = true } diff --git a/terraform/modules/saml-integrator/README.md b/terraform/modules/saml-integrator/README.md new file mode 100644 index 000000000..0b8fc7bc0 --- /dev/null +++ b/terraform/modules/saml-integrator/README.md @@ -0,0 +1,41 @@ +## Requirements + +| Name | Version | +|------|---------| +| [juju](#requirement\_juju) | ~> 1.0 | + +## Providers + +| Name | Version | +|------|---------| +| [juju](#provider\_juju) | ~> 1.0 | + +## Modules + +No modules. + +## Resources + +| Name | Type | +|------|------| +| [juju_application.saml_integrator](https://registry.terraform.io/providers/juju/juju/latest/docs/resources/application) | resource | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [app\_name](#input\_app\_name) | Name of the application in the Juju model. | `string` | `"saml-integrator"` | no | +| [base](#input\_base) | The operating system on which to deploy | `string` | `"ubuntu@22.04"` | no | +| [channel](#input\_channel) | The channel to use when deploying a charm. | `string` | `"4.9/edge"` | no | +| [config](#input\_config) | Application config. Details about available options can be found at https://charmhub.io/saml-integrator/configurations. | `map(string)` | `{}` | no | +| [constraints](#input\_constraints) | Juju constraints to apply for this application. | `string` | `""` | no | +| [model\_uuid](#input\_model\_uuid) | Reference to a `juju_model`. | `string` | `""` | no | +| [revision](#input\_revision) | Revision number of the charm | `number` | `null` | no | +| [units](#input\_units) | Number of units to deploy | `number` | `1` | no | + +## Outputs + +| Name | Description | +|------|-------------| +| [app\_name](#output\_app\_name) | Name of the deployed application. | +| [provides](#output\_provides) | n/a | diff --git a/terraform/modules/saml-integrator/terraform.tf b/terraform/modules/saml-integrator/terraform.tf index b862743e0..de6e0dbfa 100644 --- a/terraform/modules/saml-integrator/terraform.tf +++ b/terraform/modules/saml-integrator/terraform.tf @@ -2,10 +2,11 @@ # See LICENSE file for licensing details. terraform { + required_version = "~> 1.12" required_providers { juju = { source = "juju/juju" - version = ">= 0.17.1" + version = "~> 1.0" } } } diff --git a/terraform/modules/smtp-integrator/.tflint.hcl b/terraform/modules/smtp-integrator/.tflint.hcl index 01f1384fa..f4e30c56a 100644 --- a/terraform/modules/smtp-integrator/.tflint.hcl +++ b/terraform/modules/smtp-integrator/.tflint.hcl @@ -2,5 +2,5 @@ # See LICENSE file for licensing details. rule "terraform_required_version" { - enabled = false + enabled = true } diff --git a/terraform/modules/smtp-integrator/terraform.tf b/terraform/modules/smtp-integrator/terraform.tf index 296fbdc6a..de6e0dbfa 100644 --- a/terraform/modules/smtp-integrator/terraform.tf +++ b/terraform/modules/smtp-integrator/terraform.tf @@ -2,10 +2,11 @@ # See LICENSE file for licensing details. terraform { + required_version = "~> 1.12" required_providers { juju = { source = "juju/juju" - version = ">= 0.22.0" + version = "~> 1.0" } } } diff --git a/terraform/product/locals.tf b/terraform/product/locals.tf index a5bf5b308..cb4edbc8c 100644 --- a/terraform/product/locals.tf +++ b/terraform/product/locals.tf @@ -100,7 +100,7 @@ locals { constraints = "root-disk-source=volume" } - model = merge(local.model_defaults, var.model) + model = merge(local.model_defaults, var.model_uuid) offer_urls_defaults = {} offer_urls = merge(local.offer_urls_defaults, var.offer_urls) diff --git a/terraform/product/terraform.tf b/terraform/product/terraform.tf index 11fd4bdb8..a6846c21b 100644 --- a/terraform/product/terraform.tf +++ b/terraform/product/terraform.tf @@ -2,7 +2,7 @@ # See LICENSE file for licensing details. terraform { - required_version = ">= 1.6.6" + required_version = "~> 1.12" required_providers { vault = { source = "hashicorp/vault" @@ -10,7 +10,7 @@ terraform { } juju = { source = "juju/juju" - version = "~> 1.2.0" + version = "~> 1.0" } } } diff --git a/terraform/product/variables.tf b/terraform/product/variables.tf index 9346e026e..8eddac226 100644 --- a/terraform/product/variables.tf +++ b/terraform/product/variables.tf @@ -221,7 +221,7 @@ variable "lego_secret" { } } -variable "model" { +variable "model_uuid" { description = "Partial overrides for the model configuration." type = map(string) default = {} diff --git a/terraform/terraform.tf b/terraform/terraform.tf index 48503aa83..de6e0dbfa 100644 --- a/terraform/terraform.tf +++ b/terraform/terraform.tf @@ -2,10 +2,11 @@ # See LICENSE file for licensing details. terraform { + required_version = "~> 1.12" required_providers { juju = { source = "juju/juju" - version = "1.2.0" + version = "~> 1.0" } } } diff --git a/terraform/tests/.tflint.hcl b/terraform/tests/.tflint.hcl index 01f1384fa..f4e30c56a 100644 --- a/terraform/tests/.tflint.hcl +++ b/terraform/tests/.tflint.hcl @@ -2,5 +2,5 @@ # See LICENSE file for licensing details. rule "terraform_required_version" { - enabled = false + enabled = true } diff --git a/terraform/tests/main.tf b/terraform/tests/main.tf deleted file mode 100644 index 505e3ca86..000000000 --- a/terraform/tests/main.tf +++ /dev/null @@ -1,37 +0,0 @@ -# Copyright 2025 Canonical Ltd. -# See LICENSE file for licensing details. - -variable "channel" { - description = "The channel to use when deploying a charm." - type = string - default = "2/edge" -} - -variable "revision" { - description = "Revision number of the charm." - type = number - default = null -} - -terraform { - required_providers { - juju = { - version = "~> 0.20.0" - source = "juju/juju" - } - } -} - -provider "juju" {} - -module "synapse" { - source = "./.." - app_name = "synapse" - channel = var.channel - config = { - server_name = "chat.example.com" - } - model = "prod-chat-example" - revision = var.revision - constraints = "arch=amd64" -} diff --git a/terraform/tests/main.tftest.hcl b/terraform/tests/main.tftest.hcl index 8f6ea2a8d..885e64137 100644 --- a/terraform/tests/main.tftest.hcl +++ b/terraform/tests/main.tftest.hcl @@ -1,15 +1,22 @@ # Copyright 2025 Canonical Ltd. # See LICENSE file for licensing details. -variables { - channel = "2/edge" - # renovate: depName="synapse" - revision = 731 +run "setup_tests" { + module { + source = "./tests/setup" + } } run "basic_deploy" { + variables { + model_uuid = run.setup_tests.model_uuid + channel = "latest/edge" + # renovate: depName="synapse" + revision = 523 + } + assert { - condition = module.synapse.app_name == "synapse" - error_message = "Synapse app_name did not match expected" + condition = output.app_name == "synapse" + error_message = "synapse app_name did not match expected" } } diff --git a/terraform/tests/setup/main.tf b/terraform/tests/setup/main.tf new file mode 100644 index 000000000..da1e2049e --- /dev/null +++ b/terraform/tests/setup/main.tf @@ -0,0 +1,22 @@ +# Copyright 2025 Canonical Ltd. +# See LICENSE file for licensing details. + +terraform { + required_version = "~> 1.12" + required_providers { + juju = { + version = "~> 1.0" + source = "juju/juju" + } + } +} + +provider "juju" {} + +resource "juju_model" "test_model" { + name = "tf-testing-${formatdate("YYYYMMDDhhmmss", timestamp())}" +} + +output "model_uuid" { + value = juju_model.test_model.uuid +}