Add test pipeline.

.github/workflows/build-docker.yaml

@@ -0,0 +1,34 @@
+name: Build and deploy Node.js docker image - firstmate-git-manager
+on:
+  pull_request:
+    types:
+      - opened
+      - reopened
+      - synchronize
+  push:
+    branches:
+      - main
+env:
+  AZURE_FUNCTIONAPP_PACKAGE_PATH: '.' # set this to the path to your web app project, defaults to the repository root
+  NODE_VERSION: '18.x' # set this to the node version to use (supports 8.x, 10.x, 12.x)
+  APP_NAME: firstmate-git-manager
+  REPO_NAME: desyco
+  HELM_EXPERIMENTAL_OCI: 1
+  ENVIRONMENT_REPOSITORY_DEV: chart-env-dev
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    name: validate terraform
+    outputs:
+      tag: ${{ steps.bump_version.outputs.new_tag }}
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+          submodules: true
+      - uses: hashicorp/setup-terraform@v3
+      - name: validate terraform
+        run: terraform validate
+      - name: test terraform
+        run: terraform test

.gitignore

@@ -0,0 +1 @@
+.terraform.lock.hcl

main.tf

@@ -1,3 +1,14 @@
+terraform {
+  required_providers {
+    azurerm = {
+      source  = "hashicorp/azurerm"
+      version = "~> 3.0.2"
+    }
+  }
+
+  required_version = ">= 1.1.0"
+}
+
 provider "azurerm" {
   features {}
 }

modules/keyvault/main.tf

@@ -1,5 +1,9 @@
 data "azurerm_client_config" "current" {}
 
+data "azuread_service_principal" "keyvault" {
+  display_name = "keyvault"
+}
+
 resource "azurerm_key_vault" "keyvault" {
   name                = var.key_vault_name
   location            = var.location
@@ -12,26 +16,32 @@ resource "azurerm_key_vault" "keyvault" {
     object_id = data.azurerm_client_config.current.object_id
 
     secret_permissions = [
-      "get",
-      "list",
-      "set",
-      "delete",
-      "recover",
-      "backup",
-      "restore",
+      "Get",
+      "List",
+      "Set",
+      "Delete",
+      "Recover",
+      "Backup",
+      "Restore",
     ]
 
     key_permissions = [
-      "create",
-      "delete",
-      "list",
-      "get",
-      "import",
-      "update",
-      "sign",
-      "verify",
-      "wrapKey",
-      "unwrapKey",
+      "Backup",
+      "Create",
+      "Decrypt",
+      "Delete",
+      "Encrypt",
+      "Get",
+      "Import",
+      "List",
+      "Purge",
+      "Recover",
+      "Restore",
+      "Sign",
+      "UnwrapKey",
+      "Update",
+      "Verify",
+      "WrapKey"
     ]
   }
 }

tests/plan.tftest.hcl

@@ -0,0 +1,18 @@
+variables {
+  location              = "germanywestcentral"
+  key_vault_name        = "test"
+  aks_cluster_name      = "test"
+  resource_group_name   = "test"
+}
+
+mock_provider "azurerm" {
+  alias = "fake"
+}
+
+run "plan" {
+  command = plan
+
+  providers = {
+    azurerm = azurerm.fake
+  }
+}

tests/setup/main.tf

@@ -0,0 +1,11 @@
+terraform {
+  required_providers {
+    azurerm = {
+      source  = "hashicorp/azurerm"
+      version = "~> 3.0.2"
+    }
+  }
+}
+
+
+

variables.tf

@@ -1,6 +1,7 @@
 variable "resource_group_name" {
   description = "The name of the resource group"
   type        = string
+  default     = "test"
 }
 
 variable "location" {
@@ -11,9 +12,11 @@ variable "location" {
 variable "aks_cluster_name" {
   description = "The name of the AKS cluster"
   type        = string
+  default     = "test"
 }
 
 variable "key_vault_name" {
   description = "The name of the Key Vault"
   type        = string
+  default     = "test"
 }