update

Author: craigthackerx

.azuredevops/templates/terraform-plan.yaml

@@ -0,0 +1,191 @@
+# azure-pipeline.yml
+# Reusable Terraform pipeline template leveraging Run-AzTerraform.ps1 and LibreDevOpsHelpers
+
+parameters:
+  - name: TerraformCodeLocation
+    type: string
+    default: 'terraform'
+    displayName: 'Path to Terraform code'
+  - name: TerraformStackToRun
+    type: object
+    default: ['all']
+    displayName: 'Stacks to run'
+  - name: TerraformWorkspace
+    type: string
+    default: 'dev'
+    displayName: 'Terraform workspace'
+  - name: RunTerraformInit
+    type: string
+    values:
+      - "true"
+      - "false"
+    default: true
+    displayName: 'Run terraform init'
+  - name: RunTerraformPlan
+    type: string
+    values:
+      - "true"
+      - "false"
+    default: true
+    displayName: 'Run terraform plan'
+  - name: RunTerraformPlanDestroy
+    type: string
+    values:
+      - "true"
+      - "false"
+    default: true
+    displayName: 'Run terraform plan -destroy'
+  - name: RunTerraformApply
+    type: string
+    values:
+      - "true"
+      - "false"
+    default: true
+    displayName: 'Run terraform apply'
+  - name: RunTerraformDestroy
+    type: string
+    values:
+      - "true"
+      - "false"
+    default: true
+    displayName: 'Run terraform destroy'
+  - name: TerraformPlanExtraArgs
+    type: object
+    default: []
+    displayName: 'Extra args for terraform plan'
+  - name: TerraformPlanDestroyExtraArgs
+    type: object
+    default: []
+    displayName: 'Extra args for terraform plan -destroy'
+  - name: TerraformApplyExtraArgs
+    type: object
+    default: []
+    displayName: 'Extra args for terraform apply'
+  - name: TerraformDestroyExtraArgs
+    type: object
+    default: []
+    displayName: 'Extra args for terraform destroy'
+  - name: DebugMode
+    type: string
+    values:
+      - "true"
+      - "false"
+    default: true
+    displayName: 'Enable debug logging'
+  - name: DeletePlanFiles
+    type: string
+    values:
+      - "true"
+      - "false"
+    default: true
+    displayName: 'Cleanup plan files after run'
+  - name: TerraformVersion
+    type: string
+    default: 'latest'
+    displayName: 'Terraform version'
+  - name: RunCheckov
+    type: string
+    values:
+      - "true"
+      - "false"
+    default: true
+    displayName: 'Run Checkov scan'
+  - name: CheckovSkipCheck
+    type: string
+    default: 'CKV2_AZURE_31'
+    displayName: 'Comma-separated Checkov skip IDs'
+  - name: CheckovSoftfail
+    type: string
+    values:
+      - "true"
+      - "false"
+    default: true
+    displayName: 'Soft-fail Checkov'
+  - name: TerraformPlanFileName
+    type: string
+    default: 'tfplan.plan'
+    displayName: 'Plan file name'
+  - name: TerraformDestroyPlanFileName
+    type: string
+    default: 'tfplan-destroy.plan'
+    displayName: 'Destroy plan file name'
+  - name: CreateTerraformWorkspace
+    type: boolean
+    default: true
+    displayName: 'Create/select Terraform workspace'
+  - name: UseAzureClientSecretLogin
+    type: boolean
+    default: true
+    displayName: 'Use Azure client-secret login'
+  - name: UseAzureOidcLogin
+    type: boolean
+    default: false
+    displayName: 'Use Azure OIDC login'
+  - name: UseAzureUserLogin
+    type: boolean
+    default: false
+    displayName: 'Use Azure user-device login'
+  - name: UseAzureManagedIdentityLogin
+    type: boolean
+    default: false
+    displayName: 'Use Azure managed identity login'
+  - name: AzureServiceConnection
+    type: string
+    default: ''
+    displayName: 'Azure DevOps service connection name'
+
+stages:
+  - stage: Terraform
+    displayName: 'Terraform: init/plan/apply/destroy'
+    jobs:
+      - job: RunTerraform
+        pool:
+          vmImage: 'windows-latest'
+        steps:
+          - checkout: self
+
+          - task: UseDotNet@2
+            displayName: 'Ensure PowerShell 7+ is available'
+            inputs:
+              packageType: 'sdk'
+              version: '7.x'
+              installationPath: $(Agent.ToolsDirectory)/dotnet
+
+          - task: PowerShell@2
+            name: RunAzTerraform
+            displayName: 'Run Terraform orchestration'
+            inputs:
+              pwsh: true
+              failOnStderr: true
+              script: |
+                # Install module if not present
+                if (-not (Get-Module -ListAvailable -Name LibreDevOpsHelpers)) {
+                  Install-Module -Name LibreDevOpsHelpers -Scope CurrentUser -Force
+                }
+                . "$(Build.SourcesDirectory)\Run-AzTerraform.ps1" `
+                  -TerraformCodeLocation   ${{ parameters.TerraformCodeLocation }} `
+                  -TerraformStackToRun     $([string]::Join(',', ${{ parameters.TerraformStackToRun }})) `
+                  -TerraformWorkspace      ${{ parameters.TerraformWorkspace }} `
+                  -RunTerraformInit        ${{ parameters.RunTerraformInit }} `
+                  -RunTerraformPlan        ${{ parameters.RunTerraformPlan }} `
+                  -RunTerraformPlanDestroy ${{ parameters.RunTerraformPlanDestroy }} `
+                  -RunTerraformApply       ${{ parameters.RunTerraformApply }} `
+                  -RunTerraformDestroy     ${{ parameters.RunTerraformDestroy }} `
+                  -TerraformPlanExtraArgs       ${{ parameters.TerraformPlanExtraArgs }} `
+                  -TerraformPlanDestroyExtraArgs ${{ parameters.TerraformPlanDestroyExtraArgs }} `
+                  -TerraformApplyExtraArgs       ${{ parameters.TerraformApplyExtraArgs }} `
+                  -TerraformDestroyExtraArgs     ${{ parameters.TerraformDestroyExtraArgs }} `
+                  -DebugMode               ${{ parameters.DebugMode }} `
+                  -DeletePlanFiles         ${{ parameters.DeletePlanFiles }} `
+                  -TerraformVersion        ${{ parameters.TerraformVersion }} `
+                  -RunCheckov              ${{ parameters.RunCheckov }} `
+                  -CheckovSkipCheck        ${{ parameters.CheckovSkipCheck }} `
+                  -CheckovSoftfail         ${{ parameters.CheckovSoftfail }} `
+                  -TerraformPlanFileName   ${{ parameters.TerraformPlanFileName }} `
+                  -TerraformDestroyPlanFileName ${{ parameters.TerraformDestroyPlanFileName }} `
+                  -CreateTerraformWorkspace ${{ parameters.CreateTerraformWorkspace }} `
+                  -UseAzureClientSecretLogin ${{ parameters.UseAzureClientSecretLogin }} `
+                  -UseAzureOidcLogin        ${{ parameters.UseAzureOidcLogin }} `
+                  -UseAzureUserLogin        ${{ parameters.UseAzureUserLogin }} `
+                  -UseAzureManagedIdentityLogin ${{ parameters.UseAzureManagedIdentityLogin }} `
+                  -AzureServiceConnection    '${{ parameters.AzureServiceConnection }}'

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,49 @@
+---
+name: "Bug report \U0001F41B"
+about: Report errors or unexpected behaviour
+title: 'Bug Report'
+labels: 'needs triage :warning:'
+assignees: ''
+---
+
+### Community Note
+
+<!--- Please keep this note for the community --->
+
+- Please vote on this issue by adding a 👍 [reaction](https://blog.github.com/2016-03-10-add-reactions-to-pull-requests-issues-and-comments/) to the original issue to help the community and maintainers prioritize this request
+- Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
+- If you are interested in working on this issue or have submitted a pull request, please leave a comment
+
+<!--- Thank you for keeping this note for the community --->
+
+### Versions
+
+<!-- Please tell us the versions of terraform, azure provider and this module you are using, to help us replicate the issue. -->
+
+**terraform**:
+
+**azure provider**:
+
+**module**:
+
+### Description
+
+#### Describe the bug
+
+<!-- A clear and concise description of what the bug is. -->
+
+#### Steps to Reproduce
+
+<!-- Please provide detailed steps for reproducing the issue. -->
+
+1. step 1
+2. step 2
+3. you get it...
+
+#### Screenshots
+
+<!-- If applicable, add screenshots to help explain your problem. -->
+
+#### Additional context
+
+<!-- Add any other context about the problem here. -->

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,2 @@
+---
+blank_issues_enabled: false

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,31 @@
+---
+name: "Feature request \U0001F680"
+about: Suggest an idea for this project
+title: 'Feature Request'
+labels: 'needs triage :warning:'
+assignees: ''
+---
+
+### Community Note
+
+<!--- Please keep this note for the community --->
+
+- Please vote on this issue by adding a 👍 [reaction](https://blog.github.com/2016-03-10-add-reactions-to-pull-requests-issues-and-comments/) to the original issue to help the community and maintainers prioritize this request
+- Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
+- If you are interested in working on this issue or have submitted a pull request, please leave a comment
+
+<!--- Thank you for keeping this note for the community --->
+
+### Description
+
+#### Is your feature request related to a problem?
+
+<!-- A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] -->
+
+#### Describe the solution you'd like
+
+<!-- A clear and concise description of what you want to happen. -->
+
+<!-- A clear and concise description of any alternative solutions or features you've considered. -->
+
+#### Additional context

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,29 @@
+<!-- markdownlint-disable first-line-h1 -->
+
+<!-- Thank you for submitting a Pull Request. Please fill out the template below.-->
+## Overview/Summary
+
+Replace this with a brief description of what this Pull Request fixes, changes, etc.
+
+## This PR fixes/adds/changes/removes
+
+1. *Replace me*
+2. *Replace me*
+3. *Replace me*
+
+### Breaking Changes
+
+1. *Replace me*
+2. *Replace me*
+
+## Testing Evidence
+
+Please provide any testing evidence to show that your Pull Request works/fixes as described and planned (include screenshots, if appropriate).
+
+## As part of this Pull Request I have
+
+- [ ] Checked for duplicate
+- [ ] Associated it with relevant 
+- [ ] Ensured my code/branch is up-to-date with the latest changes in the `main`
+- [ ] Performed testing and provided evidence.
+- [ ] Updated relevant and associated documentation.

.github/workflows/build-rhel-base-docker.yaml

@@ -0,0 +1,59 @@
+name: 'Run Docker - RHEL'
+
+# Allow run manually
+on:
+  schedule:
+    - cron: '0 0 1 * *'  # This will run at 00:00 on the 1st of every month
+  workflow_dispatch:
+    inputs:
+      working_directory:
+        type: string
+        description: What working directory should be passed to the script
+        default: "containers/rhel"
+      docker_image_name:
+        type: string
+        description: 'Docker Image name?'
+        default: "terraform-azure-azdo-pipeline-templates/rhel"
+      enable_debug_mode:
+        type: boolean
+        description: 'Whether debug mode should be enable for within the script'
+        default: true
+      registry_url:
+        type: string
+        description: 'The URL of the container registry'
+        default: ghcr.io
+      docker_file_name:
+        type: string
+        description: 'Docker file name?'
+        default: "Dockerfile"
+      push_docker_image:
+        type: string
+        description: 'Push docker image?'
+        default: 'true'
+
+jobs:
+  run-script:
+    name: 'Run Script'
+    runs-on: ubuntu-latest
+
+    defaults:
+      run:
+        shell: pwsh
+
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: Build
+        id: run-script
+        shell: pwsh
+        run: |
+          $workingDirectory = Join-Path -Path "${{ github.workspace }}" -ChildPath "${{ inputs.working_directory }}"
+          .\Run-Docker.ps1 `
+            -WorkingDirectory $workingDirectory `
+            -PushDockerImage ${{ inputs.push_docker_image }} `
+            -DebugMode ${{ inputs.enable_debug_mode }} `
+            -DockerImageName ${{ inputs.docker_image_name }} `
+            -DockerFileName ${{ inputs.docker_file_name }} `
+            -RegistryUsername ${{ secrets.RegistryUsername }} `
+            -RegistryPassword ${{ secrets.RegistryPassword }} `
+            -ImageOrg ${{ github.repository_owner }}