From 762d37e1a152e436f5b23f7c51edee14218e4ac0 Mon Sep 17 00:00:00 2001
From: nellyk <3062772+nellyk@users.noreply.github.com>
Date: Wed, 29 May 2024 13:46:08 +0100
Subject: [PATCH] resolve tflint issue and ignore required module source rule
---
README.md | 30 -------
avm.tflint_module.hcl | 193 ++++++++++++++++++++++++++++++++++++++++++
locals.tf | 4 +-
main.tf | 4 -
modules/README.md | 4 -
variables.tf | 21 -----
6 files changed, 194 insertions(+), 62 deletions(-)
create mode 100644 avm.tflint_module.hcl
delete mode 100644 modules/README.md
diff --git a/README.md b/README.md
index 45bd34c3..eb5f1a57 100644
--- a/README.md
+++ b/README.md
@@ -109,22 +109,6 @@ Type: `map(string)`
Default: `{}`
-### [client\_id](#input\_client\_id)
-
-Description: (Optional) The Client ID (appId) for the Service Principal used for the AKS deployment
-
-Type: `string`
-
-Default: `""`
-
-### [client\_secret](#input\_client\_secret)
-
-Description: (Optional) The Client Secret (password) for the Service Principal used for the AKS deployment
-
-Type: `string`
-
-Default: `""`
-
### [enable\_telemetry](#input\_enable\_telemetry)
Description: This variable controls whether or not telemetry is enabled for the module.
@@ -135,14 +119,6 @@ Type: `bool`
Default: `true`
-### [key\_vault\_secrets\_provider\_enabled](#input\_key\_vault\_secrets\_provider\_enabled)
-
-Description: (Optional) Whether to use the Azure Key Vault Provider for Secrets Store CSI Driver in an AKS cluster. For more details: https://docs.microsoft.com/en-us/azure/aks/csi-secrets-store-driver
-
-Type: `bool`
-
-Default: `false`
-
### [kubernetes\_version](#input\_kubernetes\_version)
Description: Specify which Kubernetes release to use. Specify only minor version, such as '1.28'.
@@ -338,12 +314,6 @@ Description: The `azurerm_kubernetes_cluster`'s resource id.
The following Modules are called:
-### [regions](#module\_regions)
-
-Source: Azure/regions/azurerm
-
-Version: >= 0.3.0
-
### [vnet](#module\_vnet)
Source: Azure/subnets/azurerm
diff --git a/avm.tflint_module.hcl b/avm.tflint_module.hcl
new file mode 100644
index 00000000..6102f14e
--- /dev/null
+++ b/avm.tflint_module.hcl
@@ -0,0 +1,193 @@
+plugin "terraform" {
+ enabled = true
+ version = "0.5.0"
+ source = "github.com/terraform-linters/tflint-ruleset-terraform"
+}
+
+plugin "avm" {
+ enabled = true
+ version = "0.5.0"
+ source = "github.com/Azure/tflint-ruleset-avm"
+ signing_key = <<-KEY
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: BSN Pgp v1.1.0.0
+
+mQENBF9hII8BCADEOCDl3/1tAZQp/1BCVJN+tqIRCd3ywzhOXTC38XWC0zVbFtiA
+vbBFL1e78aoDIyUFDZcphCyYDqBkweXeYyYVCojZFVniyKklc2xZ15LDwlMBhneU
+yEPSzDCltFn67wMPQMKa4+TujZJ3TIs1OUnUTsCPrjavGgmrfAdxAF/EjCDrnVp9
+XmRWJii/9elAnMqWLDkMDfPaWkv3lWuyYCBHc7avOJE9oWypmWoEPOujwmtika/i
+FhmvZbojZN6huf7pykXGRl1wEpu0MMEFvm4UsfEOv8JHVBZEu2w6glQugT6a+IZ6
+atH3zyy+i1mmgsJPlMF1soHNEufeK1CabMklABEBAAG0Q1RlcnJhZm9ybSBBRE8g
+cHJvdmlkZXIgcmVsZWFzZSA8dGVycmFmb3JtYWRvcHJvdmlkZXJAbWljcm9zb2Z0
+LmNvbT6JATgEEwEIACIFAl9hII8CGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheA
+AAoJEG8Lkb3phHjPT+YH/3aksw2yhoqVl+Dxkrpsq9LIsXBHmHfbk8/nwbZ7F6o6
+fZetwozQzS/v5IriE42NFdk2omilDa/Iumk5soPrCamIIToYMbGvZJ9MJzCflXzp
+H3crqEgoCwu/93FVot4hhNOGmS2ra538zDQ3JsSbsVSc2TyPeBCF08+qJrr9VSML
+LceuEvCKUN8P8LH+PXN4kKM1xNlSVw4RfH6mNJKdUG1Klvh2nbq0kuw8jiHITn2F
+ALGvKXPLwggdNA86RIQc9tc3z/uJrBGSA2n6UkJbV1gFZDETjHzVtgDqqEQwap7D
+/i9e5KqIAEIf14OPm3h+e6kCdWXRG0RJWWVWeOHIEfQ=
+=KwXd
+-----END PGP PUBLIC KEY BLOCK-----
+ KEY
+}
+
+rule "terraform_comment_syntax" {
+ enabled = true
+}
+
+rule "terraform_deprecated_index" {
+ enabled = true
+}
+
+rule "terraform_deprecated_interpolation" {
+ enabled = true
+}
+
+rule "terraform_deprecated_lookup" {
+ enabled = true
+}
+
+rule "terraform_documented_outputs" {
+ enabled = true
+}
+
+rule "terraform_documented_variables" {
+ enabled = true
+}
+
+rule "terraform_empty_list_equality" {
+ enabled = true
+}
+
+rule "terraform_module_pinned_source" {
+ enabled = true
+}
+
+rule "terraform_module_version" {
+ enabled = true
+}
+
+rule "terraform_naming_convention" {
+ enabled = true
+}
+
+rule "terraform_required_providers" {
+ enabled = true
+}
+
+rule "terraform_required_version" {
+ enabled = true
+}
+
+rule "terraform_standard_module_structure" {
+ enabled = false
+}
+
+rule "terraform_typed_variables" {
+ enabled = true
+}
+
+# disable for `locals.version.tf.json for now
+rule "terraform_unused_declarations" {
+ enabled = true
+}
+
+rule "terraform_unused_required_providers" {
+ enabled = true
+}
+
+rule "terraform_workspace_remote" {
+ enabled = true
+}
+
+rule "terraform_heredoc_usage" {
+ enabled = true
+}
+
+rule "terraform_module_provider_declaration" {
+ enabled = true
+}
+
+rule "terraform_output_separate" {
+ enabled = true
+}
+
+rule "terraform_required_providers_declaration" {
+ enabled = true
+}
+
+rule "terraform_required_version_declaration" {
+ enabled = true
+}
+
+rule "terraform_sensitive_variable_no_default" {
+ enabled = true
+}
+
+rule "terraform_variable_nullable_false" {
+ enabled = true
+}
+
+rule "terraform_variable_separate" {
+ enabled = true
+}
+
+rule "azurerm_resource_tag" {
+ enabled = true
+}
+
+# AVM Provider Rules
+
+rule "tfnfr26" {
+ enabled = true
+}
+
+# AVM Module Rules
+
+rule "required_module_source_tffr1" {
+ enabled = false
+}
+
+# AVM Output Rules
+
+rule "required_output_rmfr7" {
+ enabled = true
+}
+
+rule "required_output_tffr2" {
+ enabled = true
+}
+
+# AVM Variable Interface Rules
+
+rule "customer_managed_key" {
+ enabled = true
+}
+
+rule "diagnostic_settings" {
+ enabled = true
+}
+
+rule "location" {
+ enabled = true
+}
+
+rule "lock" {
+ enabled = true
+}
+
+rule "managed_identities" {
+ enabled = true
+}
+
+rule "private_endpoints" {
+ enabled = true
+}
+
+rule "role_assignments" {
+ enabled = true
+}
+
+rule "tags" {
+ enabled = true
+}
diff --git a/locals.tf b/locals.tf
index 2739ae74..9350d147 100644
--- a/locals.tf
+++ b/locals.tf
@@ -1,6 +1,4 @@
-locals {
- role_definition_resource_substring = "/providers/Microsoft.Authorization/roleDefinitions"
-}
+
locals {
locations_cached_or_live = data.local_file.locations.content
diff --git a/main.tf b/main.tf
index 489efb16..bada60e1 100644
--- a/main.tf
+++ b/main.tf
@@ -1,7 +1,3 @@
-module "regions" {
- source = "Azure/regions/azurerm"
- version = ">= 0.3.0"
-}
resource "random_string" "acr_suffix" {
length = 8
diff --git a/modules/README.md b/modules/README.md
deleted file mode 100644
index 0cfb517b..00000000
--- a/modules/README.md
+++ /dev/null
@@ -1,4 +0,0 @@
-# Sub-modules
-
-Create directories for each sub-module if required.
-README.md files will be automatically generated for each sub-module using `terraform-docs`.
diff --git a/variables.tf b/variables.tf
index 7e8a62f2..9fa89749 100644
--- a/variables.tf
+++ b/variables.tf
@@ -27,20 +27,6 @@ variable "agents_tags" {
description = "(Optional) A mapping of tags to assign to the Node Pool."
}
-variable "client_id" {
- type = string
- default = ""
- description = "(Optional) The Client ID (appId) for the Service Principal used for the AKS deployment"
- nullable = false
-}
-
-variable "client_secret" {
- type = string
- default = ""
- description = "(Optional) The Client Secret (password) for the Service Principal used for the AKS deployment"
- nullable = false
-}
-
variable "enable_telemetry" {
type = bool
default = true
@@ -51,13 +37,6 @@ If it is set to false, then no telemetry will be collected.
DESCRIPTION
}
-variable "key_vault_secrets_provider_enabled" {
- type = bool
- default = false
- description = "(Optional) Whether to use the Azure Key Vault Provider for Secrets Store CSI Driver in an AKS cluster. For more details: https://docs.microsoft.com/en-us/azure/aks/csi-secrets-store-driver"
- nullable = false
-}
-
variable "kubernetes_version" {
type = string
default = null