From 5c2d0aad5e6d762c768506ea86eaeadaec295f05 Mon Sep 17 00:00:00 2001 From: Melo Date: Tue, 22 Oct 2024 15:57:38 +0200 Subject: [PATCH] Do not install VM extensions when `var.allow_extension_operations` is `false` (#37) * Updated the for_each block to dynamically control extension creation. Signed-off-by: Melody Sofia Eroshevich * Updated the for_each block to dynamically control extension creation Signed-off-by: Melody Sofia Eroshevich * UUpdate variables.tf Signed-off-by: Melody Sofia Eroshevich * Add tests for 'allow_extension_operations' Signed-off-by: philthoennissen --------- Signed-off-by: Melody Sofia Eroshevich Signed-off-by: philthoennissen Co-authored-by: philthoennissen --- README.md | 2 ++ r-extensions.tf | 2 +- tests/local/input_vm_extension.tftest.hcl | 31 +++++++++++++++++++++++ variables.tf | 2 ++ 4 files changed, 36 insertions(+), 1 deletion(-) create mode 100644 tests/local/input_vm_extension.tftest.hcl diff --git a/README.md b/README.md index 64ab338..a5f5f5d 100644 --- a/README.md +++ b/README.md @@ -445,6 +445,8 @@ Possible values: - `AzurePolicy` - `AntiMalware` +**NOTE**: The extensions listed here will only be applied if `allow_extension_operations` is set to `true` (default). If `allow_extension_operations` is set to `false`, this list will be ignored and no extensions will be created. + Type: `list(string)` Default: diff --git a/r-extensions.tf b/r-extensions.tf index 44955f5..13e3125 100644 --- a/r-extensions.tf +++ b/r-extensions.tf @@ -48,7 +48,7 @@ resource "azurerm_virtual_machine_extension" "this" { (local.is_windows ? local.windows_extenstion : []), (local.is_linux ? local.linux_extensions : []) ) : - element.name => element if contains(var.extensions, element.name) + element.name => element if contains(var.extensions, element.name) && var.allow_extension_operations } virtual_machine_id = local.virtual_machine.id diff --git a/tests/local/input_vm_extension.tftest.hcl b/tests/local/input_vm_extension.tftest.hcl new file mode 100644 index 0000000..2722e11 --- /dev/null +++ b/tests/local/input_vm_extension.tftest.hcl @@ -0,0 +1,31 @@ +mock_provider "azapi" { source = "tests/local/mocks" } +mock_provider "azurerm" { source = "tests/local/mocks" } +mock_provider "random" { source = "tests/local/mocks" } +mock_provider "tls" { source = "tests/local/mocks" } + +run "no_extension_should_be_created" { + command = plan + + variables { + allow_extension_operations = false + extensions = [] + } + + assert { + condition = length(azurerm_virtual_machine_extension.this) == 0 + error_message = "It is not possible to install extension with 'allow_extension_operations = false'. The azurerm_virtual_machine_extension.this length is ${length(azurerm_virtual_machine_extension.this)}." + } +} + +run "no_extension_should_be_created_2" { + command = plan + + variables { + allow_extension_operations = false + } + + assert { + condition = length(azurerm_virtual_machine_extension.this) == 0 + error_message = "It is not possible to install extension with 'allow_extension_operations = false'. The azurerm_virtual_machine_extension.this length is ${length(azurerm_virtual_machine_extension.this)}." + } +} diff --git a/variables.tf b/variables.tf index 9e7e183..f4a07d2 100644 --- a/variables.tf +++ b/variables.tf @@ -257,6 +257,8 @@ variable "extensions" { - `AzureMonitorAgent` - `AzurePolicy` - `AntiMalware` + + **NOTE**: The extensions listed here will only be applied if `allow_extension_operations` is set to `true` (default). If `allow_extension_operations` is set to `false`, this list will be ignored and no extensions will be created. EOT type = list(string)