Review sqlmi (#57)

* review code

* upgrade to 3.41.0

Author: murggu

.github/workflows/sql-managed-instance.yml

@@ -1,31 +1,4 @@
-# Associate subnet and the security group
-resource "azurerm_subnet_network_security_group_association" "adl_sqlmi" {
-  subnet_id                 = var.subnet_id
-  network_security_group_id = var.network_security_group_id
-  count                     = var.module_enabled ? 1 : 0
-}
-
-# Associate subnet and the route table
-resource "azurerm_subnet_route_table_association" "adl_sqlmi" {
-  subnet_id      = var.subnet_id
-  route_table_id = var.route_table_id
-  count          = var.module_enabled ? 1 : 0
-}
-
-# Associate subnet and the security group
-resource "azurerm_subnet_network_security_group_association" "adl_sqlmi_pe" {
-  subnet_id                 = var.subnet_private_enpoint_id
-  network_security_group_id = var.network_security_group_id
-  count                     = var.is_sec_module && var.module_enabled ? 1 : 0
-}
-
-# Associate subnet and the route table
-resource "azurerm_subnet_route_table_association" "adl_sqlmi_pe" {
-  subnet_id      = var.subnet_private_enpoint_id
-  route_table_id = var.route_table_id
-  count          = var.is_sec_module && var.module_enabled ? 1 : 0
-}
-
+#  https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/mssql_managed_instance
 
 resource "azurerm_mssql_managed_instance" "adl_sqlmi" {
   name                = "sqlmi-${var.basename}"
@@ -57,11 +30,41 @@ resource "azurerm_mssql_managed_instance" "adl_sqlmi" {
   tags  = var.tags
 
   depends_on = [
-    azurerm_subnet_network_security_group_association.adl_sqlmi,
-    azurerm_subnet_route_table_association.adl_sqlmi
+    azurerm_subnet_network_security_group_association.adl_sqlmi_snet_nsg,
+    azurerm_subnet_route_table_association.adl_sqlmi_snet_rt
   ]
 }
 
+# Network configuration
+
+# Associate subnet and the security group
+resource "azurerm_subnet_network_security_group_association" "adl_sqlmi_snet_nsg" {
+  subnet_id                 = var.subnet_id
+  network_security_group_id = var.network_security_group_id
+  count                     = var.module_enabled ? 1 : 0
+}
+
+# Associate subnet and the route table
+resource "azurerm_subnet_route_table_association" "adl_sqlmi_snet_rt" {
+  subnet_id      = var.subnet_id
+  route_table_id = var.route_table_id
+  count          = var.module_enabled ? 1 : 0
+}
+
+# Associate subnet and the security group
+resource "azurerm_subnet_network_security_group_association" "adl_sqlmi_snet_nsg_pe" {
+  subnet_id                 = var.subnet_private_enpoint_id
+  network_security_group_id = var.network_security_group_id
+  count                     = var.is_sec_module && var.module_enabled ? 1 : 0
+}
+
+# Associate subnet and the route table
+resource "azurerm_subnet_route_table_association" "adl_sqlmi_snet_rt_pe" {
+  subnet_id      = var.subnet_private_enpoint_id
+  route_table_id = var.route_table_id
+  count          = var.is_sec_module && var.module_enabled ? 1 : 0
+}
+
 # Private Endpoint configuration
 
 resource "azurerm_private_endpoint" "sqlmi_pe_server" {
@@ -84,5 +87,4 @@ resource "azurerm_private_endpoint" "sqlmi_pe_server" {
   count = var.is_sec_module && var.module_enabled ? 1 : 0
 
   tags = var.tags
-}
-
+}

terraform/sql-managed-instance/main.tf

@@ -3,4 +3,4 @@ output "id" {
     length(azurerm_mssql_managed_instance.adl_sqlmi) > 0 ?
     azurerm_mssql_managed_instance.adl_sqlmi[0].id : ""
   )
-}
+}

terraform/sql-managed-instance/outputs.tf

@@ -3,15 +3,13 @@ terraform {
     resource_group_name  = "rg-adl-terraform-state"
     storage_account_name = "stadltfstate"
     container_name       = "default"
-    key                  = "sqlami.terraform.tfstate"
-
-    
+    key                  = "sqlmi.terraform.tfstate"
   }
 
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = "= 3.30.0"
+      version = "= 3.41.0"
     }
   }
 
@@ -23,4 +21,4 @@ provider "azurerm" {
       prevent_deletion_if_contains_resources = false
     }
   }
-}
+}

terraform/sql-managed-instance/test/providers.tf

@@ -1,5 +1,34 @@
+module "sql_managed_instance" {
+  source                         = "../"
+  
+  basename                       = "sqlmi-${random_string.postfix.result}"
+  rg_name                        = module.local_rg.name
+  location                       = var.location
+  subnet_id                      = module.local_snet_default.id
+  subnet_private_enpoint_id      = module.local_snet_private_enpoint.id
+  route_table_id                 = module.route_table.id
+  network_security_group_id      = module.network_security_group.id
+  administrator_login            = "sqladminuser"
+  administrator_login_password   = "ThisIsNotVerySecure!"
+  module_enabled                 = true
+  is_sec_module                  = var.is_sec_module
+  tags                           = {}
+  license_type                   = "BasePrice"
+  sku_name                       = "GP_Gen5"
+  storage_size_in_gb             = 32
+  vcores                         = 4
+  maintenance_configuration_name = "SQL_Default"
+  dns_zone_partner_id            = ""
+  collation                      = "SQL_Latin1_General_CP1_CI_AS"
+  minimum_tls_version            = "1.2"
+  proxy_override                 = "Default"
+  public_data_endpoint_enabled   = false
+  storage_account_type           = "GRS"
+  timezone_id                    = "UTC"
+}
 
 # Modules dependencies
+
 module "local_rg" {
   source   = "../../resource-group"
   basename = random_string.postfix.result
@@ -50,35 +79,4 @@ module "route_table" {
   rg_name  = module.local_rg.name
   location = var.location
   tags     = {}
-}
-
-// sql_managed_instance module
-module "sql_managed_instance" {
-  source                         = "git::https://github.com/Azure/azure-data-labs-modules.git//terraform/sql-managed-instance?ref=feature/sqlami"
-  basename                       = "sqlmi-${random_string.postfix.result}"
-  rg_name                        = module.local_rg.name
-  location                       = var.location
-  subnet_id                      = module.local_snet_default.id
-  subnet_private_enpoint_id      = module.local_snet_private_enpoint.id
-  route_table_id                 = module.route_table.id
-  network_security_group_id      = module.network_security_group.id
-  administrator_login            = "sqladminuser"
-  administrator_login_password   = "ThisIsNotVerySecure!"
-  module_enabled                 = true
-  is_sec_module                  = var.is_sec_module
-  tags                           = {}
-  license_type                   = "BasePrice"
-  sku_name                       = "GP_Gen5"
-  storage_size_in_gb             = 32
-  vcores                         = 4
-  maintenance_configuration_name = "SQL_Default"
-  dns_zone_partner_id            = ""
-  collation                      = "SQL_Latin1_General_CP1_CI_AS"
-  minimum_tls_version            = "1.2"
-  proxy_override                 = "Default"
-  public_data_endpoint_enabled   = false
-  storage_account_type           = "GRS"
-  timezone_id                    = "UTC"
-
-}
-
+}

terraform/sql-managed-instance/test/sql_managed_instance.tf

@@ -17,5 +17,5 @@ variable "rg_name_dns" {
 variable "is_sec_module" {
   type        = bool
   description = "Is secure module?"
-  default     = true
+  default     = false
 }