From 50a332ce5f225d64f79c6b4a39ba15c781aeb144 Mon Sep 17 00:00:00 2001
From: Manos Vlassis <57320708+mvlassis@users.noreply.github.com>
Date: Thu, 26 Sep 2024 14:14:51 +0300
Subject: [PATCH] Feat: Add Terraform modules (#554)

* Add Terraform charms

* Update format

* Update action

* Update README.md

* Remove channel from terraform action

* Update default Terraform channel

* Update default Terraform channel
---
 .github/workflows/integrate.yaml            |  9 ++++
 .gitignore                                  |  3 ++
 charms/istio-gateway/terraform/README.md    | 58 +++++++++++++++++++++
 charms/istio-gateway/terraform/main.tf      | 13 +++++
 charms/istio-gateway/terraform/outputs.tf   | 15 ++++++
 charms/istio-gateway/terraform/variables.tf | 34 ++++++++++++
 charms/istio-gateway/terraform/versions.tf  |  9 ++++
 charms/istio-gateway/tox.ini                |  7 +++
 charms/istio-pilot/terraform/README.md      | 58 +++++++++++++++++++++
 charms/istio-pilot/terraform/main.tf        | 13 +++++
 charms/istio-pilot/terraform/outputs.tf     | 20 +++++++
 charms/istio-pilot/terraform/variables.tf   | 34 ++++++++++++
 charms/istio-pilot/terraform/versions.tf    |  9 ++++
 charms/istio-pilot/tox.ini                  |  7 +++
 14 files changed, 289 insertions(+)
 create mode 100644 charms/istio-gateway/terraform/README.md
 create mode 100644 charms/istio-gateway/terraform/main.tf
 create mode 100644 charms/istio-gateway/terraform/outputs.tf
 create mode 100644 charms/istio-gateway/terraform/variables.tf
 create mode 100644 charms/istio-gateway/terraform/versions.tf
 create mode 100644 charms/istio-pilot/terraform/README.md
 create mode 100644 charms/istio-pilot/terraform/main.tf
 create mode 100644 charms/istio-pilot/terraform/outputs.tf
 create mode 100644 charms/istio-pilot/terraform/variables.tf
 create mode 100644 charms/istio-pilot/terraform/versions.tf

diff --git a/.github/workflows/integrate.yaml b/.github/workflows/integrate.yaml
index 52db99fd..9ba71051 100644
--- a/.github/workflows/integrate.yaml
+++ b/.github/workflows/integrate.yaml
@@ -41,6 +41,15 @@ jobs:
       - run: sudo apt update && sudo apt install tox
       - run: tox -e ${{ matrix.charm }}-unit
 
+  terraform-checks:
+    name: Terraform
+    uses: canonical/charmed-kubeflow-workflows/.github/workflows/terraform-checks.yaml@main
+    strategy:
+      matrix:
+        charm: [gateway, pilot]
+    with:
+      charm-path: ./charms/istio-${{ matrix.charm }}
+        
   integration:
     name: Integration Test
     runs-on: ubuntu-20.04
diff --git a/.gitignore b/.gitignore
index 47616e81..1d1a6fcb 100644
--- a/.gitignore
+++ b/.gitignore
@@ -2,3 +2,6 @@
 *__pycache__
 *.tox
 build/
+venv/
+.terraform*
+*.tfstate*
diff --git a/charms/istio-gateway/terraform/README.md b/charms/istio-gateway/terraform/README.md
new file mode 100644
index 00000000..79c546d7
--- /dev/null
+++ b/charms/istio-gateway/terraform/README.md
@@ -0,0 +1,58 @@
+# Terraform module for istio-gateway
+
+This is a Terraform module facilitating the deployment of the istio-gateway charm, using the [Terraform juju provider](https://github.com/juju/terraform-provider-juju/). For more information, refer to the provider [documentation](https://registry.terraform.io/providers/juju/juju/latest/docs). 
+
+## Requirements
+This module requires a `juju` model to be available. Refer to the [usage section](#usage) below for more details.
+
+## API
+
+### Inputs
+The module offers the following configurable inputs:
+
+| Name | Type | Description | Required |
+| - | - | - | - |
+| `app_name`| string | Application name | False |
+| `channel`| string | Channel that the charm is deployed from | False |
+| `config`| map(string) | Map of the charm configuration options | False |
+| `model_name`| string | Name of the model that the charm is deployed on | True |
+| `resources`| map(string) | Map of the charm resources | False |
+| `revision`| number | Revision number of the charm name | False |
+
+### Outputs
+Upon applied, the module exports the following outputs:
+
+| Name | Description |
+| - | - |
+| `app_name`|  Application name |
+| `provides`| Map of `provides` endpoints |
+| `requires`|  Map of `requires` endpoints |
+
+## Usage
+
+This module is intended to be used as part of a higher-level module. When defining one, users should ensure that Terraform is aware of the `juju_model` dependency of the charm module. There are two options to do so when creating a high-level module:
+
+### Define a `juju_model` resource
+Define a `juju_model` resource and pass to the `model_name` input a reference to the `juju_model` resource's name. For example:
+
+```
+resource "juju_model" "testing" {
+  name = kubeflow
+}
+module "istio_gateway" {
+  source = "<path-to-this-directory>"
+  model_name = juju_model.testing.name
+}
+```
+
+### Define a `data` source
+Define a `data` source and pass to the `model_name` input a reference to the `data.juju_model` resource's name. This will enable Terraform to look for a `juju_model` resource with a name attribute equal to the one provided, and apply only if this is present. Otherwise, it will fail before applying anything.
+```
+data "juju_model" "testing" {
+  name = var.model_name
+}
+module "istio_gateway" {
+  source = "<path-to-this-directory>"
+  model_name = data.juju_model.testing.name
+}
+```
diff --git a/charms/istio-gateway/terraform/main.tf b/charms/istio-gateway/terraform/main.tf
new file mode 100644
index 00000000..f3cb61e7
--- /dev/null
+++ b/charms/istio-gateway/terraform/main.tf
@@ -0,0 +1,13 @@
+resource "juju_application" "istio_gateway" {
+  charm {
+    name     = "istio-gateway"
+    channel  = var.channel
+    revision = var.revision
+  }
+  config    = var.config
+  model     = var.model_name
+  name      = var.app_name
+  resources = var.resources
+  trust     = true
+  units     = 1
+}
diff --git a/charms/istio-gateway/terraform/outputs.tf b/charms/istio-gateway/terraform/outputs.tf
new file mode 100644
index 00000000..d22c6b34
--- /dev/null
+++ b/charms/istio-gateway/terraform/outputs.tf
@@ -0,0 +1,15 @@
+output "app_name" {
+  value = juju_application.istio_gateway.name
+}
+
+output "provides" {
+  value = {
+    metrics_endpoint = "metrics-endpoint"
+  }
+}
+
+output "requires" {
+  value = {
+    istio_pilot = "istio-pilot"
+  }
+}
diff --git a/charms/istio-gateway/terraform/variables.tf b/charms/istio-gateway/terraform/variables.tf
new file mode 100644
index 00000000..0cdb2c6f
--- /dev/null
+++ b/charms/istio-gateway/terraform/variables.tf
@@ -0,0 +1,34 @@
+variable "app_name" {
+  description = "Application name"
+  type        = string
+  default     = "istio-gateway"
+}
+
+variable "channel" {
+  description = "Charm channel"
+  type        = string
+  default     = null
+}
+
+variable "config" {
+  description = "Map of charm configuration options"
+  type        = map(string)
+  default     = {}
+}
+
+variable "model_name" {
+  description = "Model name"
+  type        = string
+}
+
+variable "resources" {
+  description = "Map of resources"
+  type        = map(string)
+  default     = null
+}
+
+variable "revision" {
+  description = "Charm revision"
+  type        = number
+  default     = null
+}
diff --git a/charms/istio-gateway/terraform/versions.tf b/charms/istio-gateway/terraform/versions.tf
new file mode 100644
index 00000000..eb357ca6
--- /dev/null
+++ b/charms/istio-gateway/terraform/versions.tf
@@ -0,0 +1,9 @@
+terraform {
+  required_version = ">= 1.6"
+  required_providers {
+    juju = {
+      source  = "juju/juju"
+      version = "~> 0.14.0"
+    }
+  }
+}
diff --git a/charms/istio-gateway/tox.ini b/charms/istio-gateway/tox.ini
index 1ba99587..dfb034f2 100644
--- a/charms/istio-gateway/tox.ini
+++ b/charms/istio-gateway/tox.ini
@@ -64,6 +64,13 @@ deps =
     -r requirements-lint.txt
 description = Check code against coding style standards
 
+[testenv:tflint]
+allowlist_externals =
+    tflint
+commands =
+    tflint --chdir=terraform --recursive
+description = Check Terraform code against coding style standards
+
 [testenv:unit]
 commands =
     coverage run --source={[vars]src_path} \
diff --git a/charms/istio-pilot/terraform/README.md b/charms/istio-pilot/terraform/README.md
new file mode 100644
index 00000000..b6925a45
--- /dev/null
+++ b/charms/istio-pilot/terraform/README.md
@@ -0,0 +1,58 @@
+# Terraform module for istio-pilot
+
+This is a Terraform module facilitating the deployment of the istio-pilot charm, using the [Terraform juju provider](https://github.com/juju/terraform-provider-juju/). For more information, refer to the provider [documentation](https://registry.terraform.io/providers/juju/juju/latest/docs). 
+
+## Requirements
+This module requires a `juju` model to be available. Refer to the [usage section](#usage) below for more details.
+
+## API
+
+### Inputs
+The module offers the following configurable inputs:
+
+| Name | Type | Description | Required |
+| - | - | - | - |
+| `app_name`| string | Application name | False |
+| `channel`| string | Channel that the charm is deployed from | False |
+| `config`| map(string) | Map of the charm configuration options | False |
+| `model_name`| string | Name of the model that the charm is deployed on | True |
+| `resources`| map(string) | Map of the charm resources | False |
+| `revision`| number | Revision number of the charm name | False |
+
+### Outputs
+Upon applied, the module exports the following outputs:
+
+| Name | Description |
+| - | - |
+| `app_name`|  Application name |
+| `provides`| Map of `provides` endpoints |
+| `requires`|  Map of `requires` endpoints |
+
+## Usage
+
+This module is intended to be used as part of a higher-level module. When defining one, users should ensure that Terraform is aware of the `juju_model` dependency of the charm module. There are two options to do so when creating a high-level module:
+
+### Define a `juju_model` resource
+Define a `juju_model` resource and pass to the `model_name` input a reference to the `juju_model` resource's name. For example:
+
+```
+resource "juju_model" "testing" {
+  name = kubeflow
+}
+module "istio_pilot" {
+  source = "<path-to-this-directory>"
+  model_name = juju_model.testing.name
+}
+```
+
+### Define a `data` source
+Define a `data` source and pass to the `model_name` input a reference to the `data.juju_model` resource's name. This will enable Terraform to look for a `juju_model` resource with a name attribute equal to the one provided, and apply only if this is present. Otherwise, it will fail before applying anything.
+```
+data "juju_model" "testing" {
+  name = var.model_name
+}
+module "istio_pilot" {
+  source = "<path-to-this-directory>"
+  model_name = data.juju_model.testing.name
+}
+```
diff --git a/charms/istio-pilot/terraform/main.tf b/charms/istio-pilot/terraform/main.tf
new file mode 100644
index 00000000..8b042bfc
--- /dev/null
+++ b/charms/istio-pilot/terraform/main.tf
@@ -0,0 +1,13 @@
+resource "juju_application" "istio_pilot" {
+  charm {
+    name     = "istio-pilot"
+    channel  = var.channel
+    revision = var.revision
+  }
+  config    = var.config
+  model     = var.model_name
+  name      = var.app_name
+  resources = var.resources
+  trust     = true
+  units     = 1
+}
diff --git a/charms/istio-pilot/terraform/outputs.tf b/charms/istio-pilot/terraform/outputs.tf
new file mode 100644
index 00000000..922d2cdc
--- /dev/null
+++ b/charms/istio-pilot/terraform/outputs.tf
@@ -0,0 +1,20 @@
+output "app_name" {
+  value = juju_application.istio_pilot.name
+}
+
+output "provides" {
+  value = {
+    metrics_endpoint  = "metrics-endpoint",
+    grafana_dashboard = "grafana-dashboard",
+    istio_pilot       = "istio-pilot",
+    ingress           = "ingress",
+    ingress_auth      = "ingress-auth",
+    gateway_info      = "gatway-info"
+  }
+}
+
+output "requires" {
+  value = {
+    certificates = "certificates"
+  }
+}
diff --git a/charms/istio-pilot/terraform/variables.tf b/charms/istio-pilot/terraform/variables.tf
new file mode 100644
index 00000000..51411ce0
--- /dev/null
+++ b/charms/istio-pilot/terraform/variables.tf
@@ -0,0 +1,34 @@
+variable "app_name" {
+  description = "Application name"
+  type        = string
+  default     = "istio-pilot"
+}
+
+variable "channel" {
+  description = "Charm channel"
+  type        = string
+  default     = null
+}
+
+variable "config" {
+  description = "Map of charm configuration options"
+  type        = map(string)
+  default     = {}
+}
+
+variable "model_name" {
+  description = "Model name"
+  type        = string
+}
+
+variable "resources" {
+  description = "Map of resources"
+  type        = map(string)
+  default     = null
+}
+
+variable "revision" {
+  description = "Charm revision"
+  type        = number
+  default     = null
+}
diff --git a/charms/istio-pilot/terraform/versions.tf b/charms/istio-pilot/terraform/versions.tf
new file mode 100644
index 00000000..eb357ca6
--- /dev/null
+++ b/charms/istio-pilot/terraform/versions.tf
@@ -0,0 +1,9 @@
+terraform {
+  required_version = ">= 1.6"
+  required_providers {
+    juju = {
+      source  = "juju/juju"
+      version = "~> 0.14.0"
+    }
+  }
+}
diff --git a/charms/istio-pilot/tox.ini b/charms/istio-pilot/tox.ini
index 46dbaf81..5a3e5586 100644
--- a/charms/istio-pilot/tox.ini
+++ b/charms/istio-pilot/tox.ini
@@ -65,6 +65,13 @@ deps =
     -r requirements-lint.txt
 description = Check code against coding style standards
 
+[testenv:tflint]
+allowlist_externals =
+    tflint
+commands =
+    tflint --chdir=terraform --recursive
+description = Check Terraform code against coding style standards
+
 [testenv:unit]
 commands =
     coverage run --source={[vars]src_path} \