diff --git a/README.md b/README.md index e1379e7..e46aff7 100644 --- a/README.md +++ b/README.md @@ -17,7 +17,7 @@ e.g. for Azure ContainerApp: ```hcl module "my_azure_container_app_example_generic_integration" { source = "port-labs/integration-factory/ocean//examples/azure_container_app_azure_integration" - version = ">=0.0.7" + version = ">=0.0.19" integration_type = "some-integration" diff --git a/examples/azure_container_app_azure_integration/README.md b/examples/azure_container_app_azure_integration/README.md index bed7a6e..cda60e1 100644 --- a/examples/azure_container_app_azure_integration/README.md +++ b/examples/azure_container_app_azure_integration/README.md @@ -3,7 +3,7 @@ ```hcl module "ocean_container_app_example_azure-integration" { source = "port-labs/integration-factory/ocean//examples/azure_container_app_azure_integration" - version = ">=0.0.7" + version = ">=0.0.19" port_client_id = "xxxxx-xxxx-xxxx-xxxx" port_client_secret = "yyyy-yyyy-yyyy-yyyy" @@ -15,7 +15,7 @@ module "ocean_container_app_example_azure-integration" { ```hcl module "ocean_container_app_example_azure-integration" { source = "port-labs/integration-factory/ocean//examples/azure_container_app_azure_integration" - version = ">=0.0.7" + version = ">=0.0.19" port_client_id = "xxxxx-xxxx-xxxx-xxxx" port_client_secret = "yyyy-yyyy-yyyy-yyyy" @@ -28,7 +28,7 @@ module "ocean_container_app_example_azure-integration" { ```hcl module "ocean_container_app_example_azure-integration" { source = "port-labs/integration-factory/ocean//examples/azure_container_app_azure_integration" - version = ">=0.0.7" + version = ">=0.0.19" port_client_id = "xxxxx-xxxx-xxxx-xxxx" port_client_secret = "yyyy-yyyy-yyyy-yyyy" diff --git a/examples/azure_container_app_azure_integration/main.tf b/examples/azure_container_app_azure_integration/main.tf index cadbb51..8fc6911 100644 --- a/examples/azure_container_app_azure_integration/main.tf +++ b/examples/azure_container_app_azure_integration/main.tf @@ -6,10 +6,6 @@ locals { chunked_resources_filter_values = chunklist(var.resources_filter_values, 25) # creates a dictionary with the index of the chunk as key and the chunk as value chunked_resouces_filter_dict = { for i in range(length(local.chunked_resources_filter_values)) : i => local.chunked_resources_filter_values[i] } - - # check if additional_secrets contains OCEAN__INTEGRATION__CONFIG__SUBSCRIPTION_ID if not exists adds it from the current subscription - additional_secrets = contains(keys(var.additional_secrets), "OCEAN__INTEGRATION__CONFIG__SUBSCRIPTION_ID") ? var.additional_secrets : merge(var.additional_secrets, - {"OCEAN__INTEGRATION__CONFIG__SUBSCRIPTION_ID" = data.azurerm_subscription.current_subscription.subscription_id}) } @@ -35,6 +31,7 @@ module "ocean_integration" { } integration_version = var.integration_version + permissions_scope = var.permissions_scope needs_assigned_identity = var.needs_assigned_identity resource_group_name = var.resource_group_name subscription_id = var.hosting_subscription_id @@ -49,11 +46,12 @@ module "ocean_integration" { not_data_actions = [] } additional_environment_variables = var.additional_environment_variables - additional_secrets = local.additional_secrets + additional_secrets = var.additional_secrets } resource "azurerm_eventgrid_system_topic" "subscription_event_grid_topic" { # if the event grid topic name is not provided, the module will create a new one + depends_on = [module.ocean_integration] count = var.event_grid_system_topic_name != "" ? 0 : 1 name = "subscription-event-grid-topic" resource_group_name = module.ocean_integration.resource_group_name diff --git a/examples/azure_container_app_azure_integration/variables.tf b/examples/azure_container_app_azure_integration/variables.tf index 2a8614c..e15ac58 100644 --- a/examples/azure_container_app_azure_integration/variables.tf +++ b/examples/azure_container_app_azure_integration/variables.tf @@ -148,4 +148,10 @@ variable "needs_assigned_identity"{ type = bool default = true description = "If false, no identity will be assigned to the container" +} + +variable "permissions_scope" { + type = list(string) + default = null + description = "The scope assigned to the managed identity of the integration" } \ No newline at end of file diff --git a/modules/azure_container_app/README.md b/modules/azure_container_app/README.md index c2c38d1..022a136 100644 --- a/modules/azure_container_app/README.md +++ b/modules/azure_container_app/README.md @@ -10,7 +10,7 @@ Terraform module which creates Ocean Integration on Azure ContainerApp. ```hcl module "ocean-containerapp_example_basic-integration" { source = "port-labs/integration-factory/ocean//examples/azure_container_app_generic" - version = ">=0.0.7" + version = ">=0.0.19" integration_type = "some-integration" @@ -23,7 +23,7 @@ module "ocean-containerapp_example_basic-integration" { ```hcl module "ocean-container_app_example_azure-integration" { source = "port-labs/integration-factory/ocean//examples/azure_container_app_azure_integration" - version = ">=0.0.7" + version = ">=0.0.19" port_client_id = "xxxxx-xxxx-xxxx-xxxx" port_client_secret = "yyyy-yyyy-yyyy-yyyy" diff --git a/modules/azure_container_app/main.tf b/modules/azure_container_app/main.tf index 53edd0e..ac90618 100644 --- a/modules/azure_container_app/main.tf +++ b/modules/azure_container_app/main.tf @@ -18,6 +18,7 @@ module "port_ocean_authorization" { integration = var.integration permissions = var.permissions subscription_id = local.full_subscription_id + permissions_scope = var.permissions_scope } module "port_ocean_container_app" { diff --git a/modules/azure_helpers/authorization/variables.tf b/modules/azure_helpers/authorization/variables.tf index f1d8296..499cb22 100644 --- a/modules/azure_helpers/authorization/variables.tf +++ b/modules/azure_helpers/authorization/variables.tf @@ -50,5 +50,5 @@ variable "permissions" { variable "permissions_scope" { type = list(string) default = null - description = "The scope of the permissions" + description = "The scope assigned to the managed identity of the integration" } \ No newline at end of file