Merge branch 'main' into Support-rolling_upgrade_policy-for-vm-module

.github/workflows/handler-destroy.yml

@@ -9,7 +9,7 @@ jobs:
   public_active_active:
     uses: hashicorp/terraform-random-tfe-utility/.github/workflows/destroy.yml@main
     secrets: inherit
-    name: Destroy resources from Azure Public Active/Active
+    name: Destroy Public Active/Active
     if: ${{ github.event.client_payload.slash_command.args.unnamed.all == 'all' || github.event.client_payload.slash_command.args.unnamed.all == 'public-active-active' }}
     with:
       cloud: Azure
@@ -26,7 +26,7 @@ jobs:
   private_active_active:
     uses: hashicorp/terraform-random-tfe-utility/.github/workflows/destroy.yml@main
     secrets: inherit
-    name: Destroy resources from Azure Private Active/Active
+    name: Destroy Private Active/Active
     if: ${{ github.event.client_payload.slash_command.args.unnamed.all == 'all' || github.event.client_payload.slash_command.args.unnamed.all == 'private-active-active' }}
     with:
       cloud: Azure
@@ -43,7 +43,7 @@ jobs:
   private_tcp_active_active:
     uses: hashicorp/terraform-random-tfe-utility/.github/workflows/destroy.yml@main
     secrets: inherit
-    name: Destroy resources from Azure Private TCP Active/Active
+    name: Destroy Private TCP Active/Active
     if: ${{ github.event.client_payload.slash_command.args.unnamed.all == 'all' || github.event.client_payload.slash_command.args.unnamed.all == 'private-tcp-active-active' }}
     with:
       cloud: Azure
@@ -60,7 +60,7 @@ jobs:
   standalone_external:
     uses: hashicorp/terraform-random-tfe-utility/.github/workflows/destroy.yml@main
     secrets: inherit
-    name: Destroy resources from Azure Standalone External
+    name: Destroy Standalone External
     if: ${{ github.event.client_payload.slash_command.args.unnamed.all == 'all' || github.event.client_payload.slash_command.args.unnamed.all == 'standalone-external' }}
     with:
       cloud: Azure
@@ -84,7 +84,7 @@ jobs:
   standalone_mounted_disk:
     uses: hashicorp/terraform-random-tfe-utility/.github/workflows/destroy.yml@main
     secrets: inherit
-    name: Destroy resources from Azure Standalone Mounted Disk
+    name: Destroy Standalone Mounted Disk
     if: ${{ github.event.client_payload.slash_command.args.unnamed.all == 'all' || github.event.client_payload.slash_command.args.unnamed.all == 'standalone-mounted-disk' }}
     with:
       cloud: Azure
@@ -108,11 +108,11 @@ jobs:
   public_active_active_replicated:
     uses: hashicorp/terraform-random-tfe-utility/.github/workflows/destroy.yml@main
     secrets: inherit
-    name: Destroy resources from Azure Public Active/Active (Replicated)
+    name: Destroy Public Active/Active
     if: ${{ github.event.client_payload.slash_command.args.unnamed.all == 'all' || github.event.client_payload.slash_command.args.unnamed.all == 'public-active-active-replicated' }}
     with:
       cloud: Azure
-      test_name: Public Active/Active (Replicated)
+      test_name: Public Active/Active
       utility_test: false
       is_replicated_deployment: true
       module_repository_id: hashicorp/terraform-azurerm-terraform-enterprise
@@ -126,11 +126,11 @@ jobs:
   private_active_active_replicated:
     uses: hashicorp/terraform-random-tfe-utility/.github/workflows/destroy.yml@main
     secrets: inherit
-    name: Destroy resources from Azure Private Active/Active (Replicated)
+    name: Destroy Private Active/Active
     if: ${{ github.event.client_payload.slash_command.args.unnamed.all == 'all' || github.event.client_payload.slash_command.args.unnamed.all == 'private-active-active-replicated' }}
     with:
       cloud: Azure
-      test_name: Private Active/Active (Replicated)
+      test_name: Private Active/Active
       utility_test: false
       is_replicated_deployment: true
       module_repository_id: hashicorp/terraform-azurerm-terraform-enterprise
@@ -144,11 +144,11 @@ jobs:
   private_tcp_active_active_replicated:
     uses: hashicorp/terraform-random-tfe-utility/.github/workflows/destroy.yml@main
     secrets: inherit
-    name: Destroy resources from Azure Private TCP Active/Active (Replicated)
+    name: Destroy Private TCP Active/Active
     if: ${{ github.event.client_payload.slash_command.args.unnamed.all == 'all' || github.event.client_payload.slash_command.args.unnamed.all == 'private-tcp-active-active-replicated' }}
     with:
       cloud: Azure
-      test_name: Private TCP Active/Active (Replicated)
+      test_name: Private TCP Active/Active
       utility_test: false
       is_replicated_deployment: true
       module_repository_id: hashicorp/terraform-azurerm-terraform-enterprise
@@ -162,11 +162,11 @@ jobs:
   standalone_external_replicated:
     uses: hashicorp/terraform-random-tfe-utility/.github/workflows/destroy.yml@main
     secrets: inherit
-    name: Destroy resources from Azure Standalone External (Replicated)
+    name: Destroy Standalone External
     if: ${{ github.event.client_payload.slash_command.args.unnamed.all == 'all' || github.event.client_payload.slash_command.args.unnamed.all == 'standalone-external-replicated' }}
     with:
       cloud: Azure
-      test_name: Standalone External (Replicated)
+      test_name: Standalone External
       utility_test: false
       is_replicated_deployment: true
       module_repository_id: hashicorp/terraform-azurerm-terraform-enterprise
@@ -186,11 +186,11 @@ jobs:
   standalone_mounted_disk_replicated:
     uses: hashicorp/terraform-random-tfe-utility/.github/workflows/destroy.yml@main
     secrets: inherit
-    name: Destroy resources from Azure Standalone Mounted Disk (Replicated)
+    name: Destroy Standalone Mounted Disk
     if: ${{ github.event.client_payload.slash_command.args.unnamed.all == 'all' || github.event.client_payload.slash_command.args.unnamed.all == 'standalone-mounted-disk-replicated' }}
     with:
       cloud: Azure
-      test_name: Standalone Mounted Disk (Replicated)
+      test_name: Standalone Mounted Disk
       utility_test: false
       is_replicated_deployment: true
       module_repository_id: hashicorp/terraform-azurerm-terraform-enterprise

.github/workflows/handler-help.yml

@@ -24,20 +24,20 @@ jobs:
             > | /test <all\|test case name...> [destroy=false] | Run the Terraform test workflow on the modules in the tests/ directory. Unnamed arguments can be "all" to run all test cases or specific test case names to only run selected cases. The named argument "destroy=false" will disable the destruction of test infrastructure for debugging purposes. |
             > | /destroy <all\|test case name...> | Destroy any resources that may still be in Terraform state from previous tests. Unnamed arguments can be "all" to destroy all resources from all test cases or specific test case names to only destroy selected test case resources. |
             > | /help | Shows this help message |
-            
-            ## Test Case Names
-            
-            FDO:
-            * private-active-active
-            * private-tcp-active-active
-            * public-active-active
-            * standalone-external
-            * standalone-mounted-disk
-
-            Replicated:
-            * private-active-active-replicated
-            * private-tcp-active-active-replicated
-            * public-active-active-replicated
-            * standalone-external-replicated
-            * standalone-mounted-disk-replicated
+            >
+            > ## Test Case Names
+            >
+            > ### FDO
+            > * private-active-active
+            > * private-tcp-active-active
+            > * public-active-active
+            > * standalone-external
+            > * standalone-mounted-disk
+            >
+            > ### Replicated
+            > * private-active-active-replicated
+            > * private-tcp-active-active-replicated
+            > * public-active-active-replicated
+            > * standalone-external-replicated
+            > * standalone-mounted-disk-replicated
           reaction-type: confused

.github/workflows/handler-test.yml

@@ -9,10 +9,10 @@ jobs:
   standalone_external:
     uses: hashicorp/terraform-random-tfe-utility/.github/workflows/azure-tests.yml@main
     secrets: inherit
-    name: Run tf-test on Azure Standalone External
+    name: Standalone External
     if: ${{ github.event.client_payload.slash_command.args.unnamed.all == 'all' || github.event.client_payload.slash_command.args.unnamed.all == 'standalone-external' }}
     with:
-      test_name: Standalone External (FDO)
+      test_name: Standalone External
       is_replicated_deployment: false
       module_repository_id: hashicorp/terraform-azurerm-terraform-enterprise
       work_dir: ./tests/standalone-external
@@ -33,10 +33,10 @@ jobs:
   standalone_mounted_disk:
     uses: hashicorp/terraform-random-tfe-utility/.github/workflows/azure-tests.yml@main
     secrets: inherit
-    name: Run tf-test on Azure Standalone Mounted Disk
+    name: Standalone Mounted Disk
     if: ${{ github.event.client_payload.slash_command.args.unnamed.all == 'all' || github.event.client_payload.slash_command.args.unnamed.all == 'standalone-mounted-disk' }}
     with:
-      test_name: Standalone Mounted Disk (FDO)
+      test_name: Standalone Mounted Disk
       is_replicated_deployment: false
       module_repository_id: hashicorp/terraform-azurerm-terraform-enterprise
       work_dir: ./tests/standalone-mounted-disk
@@ -57,10 +57,10 @@ jobs:
   public_active_active:
     uses: hashicorp/terraform-random-tfe-utility/.github/workflows/azure-tests.yml@main
     secrets: inherit
-    name: Run tf-test on Azure Public Active/Active
+    name: Public Active/Active
     if: ${{ github.event.client_payload.slash_command.args.unnamed.all == 'all' || github.event.client_payload.slash_command.args.unnamed.all == 'public-active-active' }}
     with:
-      test_name: Public Active/Active (FDO)
+      test_name: Public Active/Active
       is_replicated_deployment: false
       module_repository_id: hashicorp/terraform-azurerm-terraform-enterprise
       work_dir: ./tests/public-active-active
@@ -74,10 +74,10 @@ jobs:
   private_active_active:
     uses: hashicorp/terraform-random-tfe-utility/.github/workflows/azure-tests.yml@main
     secrets: inherit
-    name: Run tf-test on Azure Private Active/Active
+    name: Private Active/Active
     if: ${{ github.event.client_payload.slash_command.args.unnamed.all == 'all' || github.event.client_payload.slash_command.args.unnamed.all == 'private-active-active' }}
     with:
-      test_name: Private Active/Active (FDO)
+      test_name: Private Active/Active
       is_replicated_deployment: false
       module_repository_id: hashicorp/terraform-azurerm-terraform-enterprise
       work_dir: ./tests/private-active-active
@@ -92,10 +92,10 @@ jobs:
   private_tcp_active_active:
     uses: hashicorp/terraform-random-tfe-utility/.github/workflows/azure-tests.yml@main
     secrets: inherit
-    name: Run tf-test on Azure Private TCP Active/Active
+    name: Private TCP Active/Active
     if: ${{ github.event.client_payload.slash_command.args.unnamed.all == 'all' || github.event.client_payload.slash_command.args.unnamed.all == 'private-tcp-active-active' }}
     with:
-      test_name: Private TCP Active/Active (FDO)
+      test_name: Private TCP Active/Active
       is_replicated_deployment: false
       module_repository_id: hashicorp/terraform-azurerm-terraform-enterprise
       work_dir: ./tests/private-tcp-active-active
@@ -110,7 +110,7 @@ jobs:
   standalone_external_replicated:
     uses: hashicorp/terraform-random-tfe-utility/.github/workflows/azure-tests.yml@main
     secrets: inherit
-    name: Run tf-test on Azure Standalone External (Replicated)
+    name: Standalone External
     if: ${{ github.event.client_payload.slash_command.args.unnamed.all == 'all' || github.event.client_payload.slash_command.args.unnamed.all == 'standalone-external-replicated' }}
     with:
       test_name: Standalone External
@@ -134,7 +134,7 @@ jobs:
   standalone_mounted_disk_replicated:
     uses: hashicorp/terraform-random-tfe-utility/.github/workflows/azure-tests.yml@main
     secrets: inherit
-    name: Run tf-test on Azure Standalone Mounted Disk (Replicated)
+    name: Standalone Mounted Disk
     if: ${{ github.event.client_payload.slash_command.args.unnamed.all == 'all' || github.event.client_payload.slash_command.args.unnamed.all == 'standalone-mounted-disk-replicated' }}
     with:
       test_name: Standalone Mounted Disk
@@ -158,7 +158,7 @@ jobs:
   public_active_active_replicated:
     uses: hashicorp/terraform-random-tfe-utility/.github/workflows/azure-tests.yml@main
     secrets: inherit
-    name: Run tf-test on Azure Public Active/Active (Replicated)
+    name: Public Active/Active
     if: ${{ github.event.client_payload.slash_command.args.unnamed.all == 'all' || github.event.client_payload.slash_command.args.unnamed.all == 'public-active-active-replicated' }}
     with:
       test_name: Public Active/Active
@@ -176,7 +176,7 @@ jobs:
   private_active_active_replicated:
     uses: hashicorp/terraform-random-tfe-utility/.github/workflows/azure-tests.yml@main
     secrets: inherit
-    name: Run tf-test on Azure Private Active/Active (Replicated)
+    name: Private Active/Active
     if: ${{ github.event.client_payload.slash_command.args.unnamed.all == 'all' || github.event.client_payload.slash_command.args.unnamed.all == 'private-active-active-replicated' }}
     with:
       test_name: Private Active/Active
@@ -195,7 +195,7 @@ jobs:
   private_tcp_active_active_replicated:
     uses: hashicorp/terraform-random-tfe-utility/.github/workflows/azure-tests.yml@main
     secrets: inherit
-    name: Run tf-test on Azure Private TCP Active/Active (Replicated)
+    name: Private TCP Active/Active
     if: ${{ github.event.client_payload.slash_command.args.unnamed.all == 'all' || github.event.client_payload.slash_command.args.unnamed.all == 'private-tcp-active-active-replicated' }}
     with:
       test_name: Private TCP Active/Active

README.md

@@ -24,7 +24,7 @@ This module is intended to run in an Azure account with minimal preparation, how
 
 ### License file
 
-- A Terraform Enterprise license file is required, and it must be provided as a Base64 encoded secret in Azure Key Vault.
+- When `var.is_replicated_deployment` is `true`, a Terraform Enterprise license file is required, and it must be provided as a Base64 encoded secret in Azure Key Vault. Otherwise, the `var.hc_license` can be provided as a string for Flexible Deployment Options.
 
 ### Azure Resources
 

examples/active-active-proxy/main.tf

@@ -80,7 +80,7 @@ module "active_active" {
   # Private Active / Active Scenario
   create_bastion             = false
   distribution               = "rhel"
-  production_type            = "external"
+  operational_mode           = "external"
   load_balancer_public       = false
   load_balancer_type         = "load_balancer"
   redis_rdb_backup_enabled   = true
@@ -91,4 +91,4 @@ module "active_active" {
   vm_node_count              = 2
   vm_sku                     = "Standard_D32a_v4"
   tags                       = var.tags
-}
+}

examples/existing-network/main.tf

@@ -49,7 +49,7 @@ module "existing_network" {
 
   # Public Active / Active Scenario
   distribution            = "ubuntu"
-  production_type         = "external"
+  operational_mode        = "external"
   iact_subnet_list        = var.iact_subnet_list
   vm_node_count           = 2
   vm_sku                  = "Standard_D4_v3"

examples/standalone_airgap/main.tf

@@ -28,7 +28,7 @@ module "standalone_airgap" {
   # Standalone, External Mode, Airgapped Installation Example
   distribution         = "ubuntu"
   iact_subnet_list     = var.iact_subnet_list
-  production_type      = "external"
+  operational_mode     = "external"
   load_balancer_public = true
   load_balancer_type   = "load_balancer"
   vm_node_count        = 1

examples/standalone_airgap_dev/main.tf

@@ -44,7 +44,7 @@ module "standalone_airgap_dev" {
 
   # Standalone External Scenario
   distribution         = "ubuntu"
-  production_type      = "external"
+  operational_mode     = "external"
   iact_subnet_list     = var.iact_subnet_list
   vm_node_count        = 1
   vm_sku               = "Standard_D4_v3"

examples/standalone_mounted_disk/main.tf

@@ -46,7 +46,7 @@ module "standalone_mounted_disk" {
   iact_subnet_list     = var.iact_subnet_list
   load_balancer_public = true
   load_balancer_type   = "application_gateway"
-  production_type      = "disk"
+  operational_mode     = "disk"
   vm_node_count        = 1
   vm_sku               = "Standard_D4_v3"
   vm_image_id          = "ubuntu"

locals.tf

@@ -6,9 +6,7 @@
 locals {
   # TFE Architecture
   # ----------------
-  # Determine whether or not TFE in active-active mode based on node count, by default standalone is assumed
-  active_active = var.vm_node_count >= 2 ? true : false
-  disk_mode     = var.production_type == "disk" ? true : false
+  disk_mode = var.operational_mode == "disk"
 
   # Network
   # -------
@@ -48,6 +46,17 @@ locals {
 
   # User Data
   # ---------
+  no_proxy = concat([
+    "127.0.0.1",
+    "localhost",
+    "169.254.169.254",
+    ".azure.com",
+    ".windows.net",
+    ".microsoft.com",
+    module.load_balancer.fqdn,
+    var.network_cidr,
+  ], var.no_proxy)
+
   trusted_proxies = concat(
     var.trusted_proxies,
     [var.network_frontend_subnet_cidr]