From 6f748c825f8014c3e37c71739a771cce1327d27d Mon Sep 17 00:00:00 2001 From: tankilevitch Date: Wed, 10 Apr 2024 20:56:02 +0300 Subject: [PATCH 1/6] remove OCEAN__INTEGRATION__CONFIG__SUBSCRIPTION_ID as it is not needed anymore --- examples/azure_container_app_azure_integration/main.tf | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/examples/azure_container_app_azure_integration/main.tf b/examples/azure_container_app_azure_integration/main.tf index cadbb51..18ab9a1 100644 --- a/examples/azure_container_app_azure_integration/main.tf +++ b/examples/azure_container_app_azure_integration/main.tf @@ -6,10 +6,6 @@ locals { chunked_resources_filter_values = chunklist(var.resources_filter_values, 25) # creates a dictionary with the index of the chunk as key and the chunk as value chunked_resouces_filter_dict = { for i in range(length(local.chunked_resources_filter_values)) : i => local.chunked_resources_filter_values[i] } - - # check if additional_secrets contains OCEAN__INTEGRATION__CONFIG__SUBSCRIPTION_ID if not exists adds it from the current subscription - additional_secrets = contains(keys(var.additional_secrets), "OCEAN__INTEGRATION__CONFIG__SUBSCRIPTION_ID") ? var.additional_secrets : merge(var.additional_secrets, - {"OCEAN__INTEGRATION__CONFIG__SUBSCRIPTION_ID" = data.azurerm_subscription.current_subscription.subscription_id}) } @@ -35,6 +31,7 @@ module "ocean_integration" { } integration_version = var.integration_version + permissions_scope = var.permissions_scope needs_assigned_identity = var.needs_assigned_identity resource_group_name = var.resource_group_name subscription_id = var.hosting_subscription_id @@ -49,11 +46,12 @@ module "ocean_integration" { not_data_actions = [] } additional_environment_variables = var.additional_environment_variables - additional_secrets = local.additional_secrets + additional_secrets = var.additional_secrets } resource "azurerm_eventgrid_system_topic" "subscription_event_grid_topic" { - # if the event grid topic name is not provided, the module will create a new one + # if the event grid topic name is not provided, the module will create a new one\ + depends_on = [module.ocean_integration] count = var.event_grid_system_topic_name != "" ? 0 : 1 name = "subscription-event-grid-topic" resource_group_name = module.ocean_integration.resource_group_name From e43c0d2e31cce3e13aaebe4d24a7f75384a6dec0 Mon Sep 17 00:00:00 2001 From: tankilevitch Date: Wed, 10 Apr 2024 20:56:28 +0300 Subject: [PATCH 2/6] pass permissions scope to the role definition --- examples/azure_container_app_azure_integration/variables.tf | 6 ++++++ modules/azure_container_app/main.tf | 1 + modules/azure_helpers/authorization/variables.tf | 2 +- 3 files changed, 8 insertions(+), 1 deletion(-) diff --git a/examples/azure_container_app_azure_integration/variables.tf b/examples/azure_container_app_azure_integration/variables.tf index 2a8614c..e15ac58 100644 --- a/examples/azure_container_app_azure_integration/variables.tf +++ b/examples/azure_container_app_azure_integration/variables.tf @@ -148,4 +148,10 @@ variable "needs_assigned_identity"{ type = bool default = true description = "If false, no identity will be assigned to the container" +} + +variable "permissions_scope" { + type = list(string) + default = null + description = "The scope assigned to the managed identity of the integration" } \ No newline at end of file diff --git a/modules/azure_container_app/main.tf b/modules/azure_container_app/main.tf index 53edd0e..ac90618 100644 --- a/modules/azure_container_app/main.tf +++ b/modules/azure_container_app/main.tf @@ -18,6 +18,7 @@ module "port_ocean_authorization" { integration = var.integration permissions = var.permissions subscription_id = local.full_subscription_id + permissions_scope = var.permissions_scope } module "port_ocean_container_app" { diff --git a/modules/azure_helpers/authorization/variables.tf b/modules/azure_helpers/authorization/variables.tf index f1d8296..499cb22 100644 --- a/modules/azure_helpers/authorization/variables.tf +++ b/modules/azure_helpers/authorization/variables.tf @@ -50,5 +50,5 @@ variable "permissions" { variable "permissions_scope" { type = list(string) default = null - description = "The scope of the permissions" + description = "The scope assigned to the managed identity of the integration" } \ No newline at end of file From 206f5fc70e75947178f7456c21537531e46ce00b Mon Sep 17 00:00:00 2001 From: Tom Tankilevitch <59158507+Tankilevitch@users.noreply.github.com> Date: Wed, 10 Apr 2024 21:06:16 +0300 Subject: [PATCH 3/6] Update examples/azure_container_app_azure_integration/main.tf --- examples/azure_container_app_azure_integration/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/examples/azure_container_app_azure_integration/main.tf b/examples/azure_container_app_azure_integration/main.tf index 18ab9a1..8fc6911 100644 --- a/examples/azure_container_app_azure_integration/main.tf +++ b/examples/azure_container_app_azure_integration/main.tf @@ -50,7 +50,7 @@ module "ocean_integration" { } resource "azurerm_eventgrid_system_topic" "subscription_event_grid_topic" { - # if the event grid topic name is not provided, the module will create a new one\ + # if the event grid topic name is not provided, the module will create a new one depends_on = [module.ocean_integration] count = var.event_grid_system_topic_name != "" ? 0 : 1 name = "subscription-event-grid-topic" From 47f24e7308e8184e7c4f3e5b60527abe2a1e36fd Mon Sep 17 00:00:00 2001 From: tankilevitch Date: Wed, 10 Apr 2024 21:08:17 +0300 Subject: [PATCH 4/6] bump --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index e1379e7..6817aec 100644 --- a/README.md +++ b/README.md @@ -17,7 +17,7 @@ e.g. for Azure ContainerApp: ```hcl module "my_azure_container_app_example_generic_integration" { source = "port-labs/integration-factory/ocean//examples/azure_container_app_azure_integration" - version = ">=0.0.7" + version = ">=0.0.17" integration_type = "some-integration" From 30ad619717fe9f939053f40fd6a20b584958934b Mon Sep 17 00:00:00 2001 From: tankilevitch Date: Wed, 10 Apr 2024 21:08:53 +0300 Subject: [PATCH 5/6] bump --- README.md | 2 +- examples/azure_container_app_azure_integration/README.md | 6 +++--- modules/azure_container_app/README.md | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 6817aec..1ea5786 100644 --- a/README.md +++ b/README.md @@ -17,7 +17,7 @@ e.g. for Azure ContainerApp: ```hcl module "my_azure_container_app_example_generic_integration" { source = "port-labs/integration-factory/ocean//examples/azure_container_app_azure_integration" - version = ">=0.0.17" + version = ">=0.0.18" integration_type = "some-integration" diff --git a/examples/azure_container_app_azure_integration/README.md b/examples/azure_container_app_azure_integration/README.md index bed7a6e..7efc805 100644 --- a/examples/azure_container_app_azure_integration/README.md +++ b/examples/azure_container_app_azure_integration/README.md @@ -3,7 +3,7 @@ ```hcl module "ocean_container_app_example_azure-integration" { source = "port-labs/integration-factory/ocean//examples/azure_container_app_azure_integration" - version = ">=0.0.7" + version = ">=0.0.18" port_client_id = "xxxxx-xxxx-xxxx-xxxx" port_client_secret = "yyyy-yyyy-yyyy-yyyy" @@ -15,7 +15,7 @@ module "ocean_container_app_example_azure-integration" { ```hcl module "ocean_container_app_example_azure-integration" { source = "port-labs/integration-factory/ocean//examples/azure_container_app_azure_integration" - version = ">=0.0.7" + version = ">=0.0.18" port_client_id = "xxxxx-xxxx-xxxx-xxxx" port_client_secret = "yyyy-yyyy-yyyy-yyyy" @@ -28,7 +28,7 @@ module "ocean_container_app_example_azure-integration" { ```hcl module "ocean_container_app_example_azure-integration" { source = "port-labs/integration-factory/ocean//examples/azure_container_app_azure_integration" - version = ">=0.0.7" + version = ">=0.0.18" port_client_id = "xxxxx-xxxx-xxxx-xxxx" port_client_secret = "yyyy-yyyy-yyyy-yyyy" diff --git a/modules/azure_container_app/README.md b/modules/azure_container_app/README.md index c2c38d1..70d7fb7 100644 --- a/modules/azure_container_app/README.md +++ b/modules/azure_container_app/README.md @@ -10,7 +10,7 @@ Terraform module which creates Ocean Integration on Azure ContainerApp. ```hcl module "ocean-containerapp_example_basic-integration" { source = "port-labs/integration-factory/ocean//examples/azure_container_app_generic" - version = ">=0.0.7" + version = ">=0.0.18" integration_type = "some-integration" @@ -23,7 +23,7 @@ module "ocean-containerapp_example_basic-integration" { ```hcl module "ocean-container_app_example_azure-integration" { source = "port-labs/integration-factory/ocean//examples/azure_container_app_azure_integration" - version = ">=0.0.7" + version = ">=0.0.18" port_client_id = "xxxxx-xxxx-xxxx-xxxx" port_client_secret = "yyyy-yyyy-yyyy-yyyy" From 0a70a5f8e2fc2ff25ca518e77e89f39166773439 Mon Sep 17 00:00:00 2001 From: tankilevitch Date: Wed, 10 Apr 2024 21:09:24 +0300 Subject: [PATCH 6/6] bump --- README.md | 2 +- examples/azure_container_app_azure_integration/README.md | 6 +++--- modules/azure_container_app/README.md | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 1ea5786..e46aff7 100644 --- a/README.md +++ b/README.md @@ -17,7 +17,7 @@ e.g. for Azure ContainerApp: ```hcl module "my_azure_container_app_example_generic_integration" { source = "port-labs/integration-factory/ocean//examples/azure_container_app_azure_integration" - version = ">=0.0.18" + version = ">=0.0.19" integration_type = "some-integration" diff --git a/examples/azure_container_app_azure_integration/README.md b/examples/azure_container_app_azure_integration/README.md index 7efc805..cda60e1 100644 --- a/examples/azure_container_app_azure_integration/README.md +++ b/examples/azure_container_app_azure_integration/README.md @@ -3,7 +3,7 @@ ```hcl module "ocean_container_app_example_azure-integration" { source = "port-labs/integration-factory/ocean//examples/azure_container_app_azure_integration" - version = ">=0.0.18" + version = ">=0.0.19" port_client_id = "xxxxx-xxxx-xxxx-xxxx" port_client_secret = "yyyy-yyyy-yyyy-yyyy" @@ -15,7 +15,7 @@ module "ocean_container_app_example_azure-integration" { ```hcl module "ocean_container_app_example_azure-integration" { source = "port-labs/integration-factory/ocean//examples/azure_container_app_azure_integration" - version = ">=0.0.18" + version = ">=0.0.19" port_client_id = "xxxxx-xxxx-xxxx-xxxx" port_client_secret = "yyyy-yyyy-yyyy-yyyy" @@ -28,7 +28,7 @@ module "ocean_container_app_example_azure-integration" { ```hcl module "ocean_container_app_example_azure-integration" { source = "port-labs/integration-factory/ocean//examples/azure_container_app_azure_integration" - version = ">=0.0.18" + version = ">=0.0.19" port_client_id = "xxxxx-xxxx-xxxx-xxxx" port_client_secret = "yyyy-yyyy-yyyy-yyyy" diff --git a/modules/azure_container_app/README.md b/modules/azure_container_app/README.md index 70d7fb7..022a136 100644 --- a/modules/azure_container_app/README.md +++ b/modules/azure_container_app/README.md @@ -10,7 +10,7 @@ Terraform module which creates Ocean Integration on Azure ContainerApp. ```hcl module "ocean-containerapp_example_basic-integration" { source = "port-labs/integration-factory/ocean//examples/azure_container_app_generic" - version = ">=0.0.18" + version = ">=0.0.19" integration_type = "some-integration" @@ -23,7 +23,7 @@ module "ocean-containerapp_example_basic-integration" { ```hcl module "ocean-container_app_example_azure-integration" { source = "port-labs/integration-factory/ocean//examples/azure_container_app_azure_integration" - version = ">=0.0.18" + version = ">=0.0.19" port_client_id = "xxxxx-xxxx-xxxx-xxxx" port_client_secret = "yyyy-yyyy-yyyy-yyyy"