Skip to content

Commit

Permalink
Support JFrog Apps Config file (#2199)
Browse files Browse the repository at this point in the history
  • Loading branch information
yahavi authored Oct 1, 2023
1 parent d95ea1f commit e7241cd
Show file tree
Hide file tree
Showing 31 changed files with 1,958 additions and 5 deletions.
11 changes: 11 additions & 0 deletions testdata/xray/jas-config/.jfrog/jfrog-apps-config.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
version: "1.0"

modules:
- source_root: "."
scanners:
secrets:
exclude_patterns:
- "**/*secret_generic*/**"
iac:
exclude_patterns:
- "**/*gcp*/**"
116 changes: 116 additions & 0 deletions testdata/xray/jas-config/iac/azure/vpc/module.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,116 @@

#Azure Generic vNet Module
resource "azurerm_resource_group" "network" {
count = var.module_enabled ? 1 : 0
name = var.short_region != " " ? var.short_region : "${var.deploy_name}-${var.region}"
location = var.region

tags = {
environment = var.environment
}
}

resource "azurerm_virtual_network" "vnet" {
count = var.module_enabled ? 1 : 0
name = "${var.deploy_name}-${var.region}"
location = var.region
address_space = [var.vpc_cidr]
resource_group_name = azurerm_resource_group.network[0].name

tags = {
environment = var.environment
costcenter = "${var.deploy_name}-${var.region}"
}
}

resource "azurerm_subnet" "subnet" {
count = var.module_enabled ? length(var.subnet_names) : 0
name = var.subnet_names[count.index]
virtual_network_name = azurerm_virtual_network.vnet[0].name
resource_group_name = azurerm_resource_group.network[0].name
address_prefixes = [var.subnet_prefixes[count.index]]
# service_endpoints = [
# "Microsoft.KeyVault"
# ]

dynamic "delegation"{
for_each =var.subnet_names[count.index] == "flexible-dbs" ? ["exec"] : []
content {
name = "dlg-Microsoft.DBforPostgreSQL-flexibleServers"
service_delegation {
name = "Microsoft.DBforPostgreSQL/flexibleServers"
actions = [
"Microsoft.Network/virtualNetworks/subnets/join/action"
]
}
}
}

enforce_private_link_endpoint_network_policies = var.subnet_names[count.index] == "data"
enforce_private_link_service_network_policies = var.subnet_names[count.index] == "private" && var.enforce_pl_svc_net_private
lifecycle {
ignore_changes = [
service_endpoints,
delegation[0].name
]
}
}


resource "azurerm_private_dns_zone" "postgres_private_dns" {
count = var.module_enabled ? 1 : 0
name = "privatelink.postgres.database.azure.com"
resource_group_name = azurerm_resource_group.network[0].name
}

resource "random_string" "postgres_private_dns_net_link_name" {
count = var.module_enabled ? 1 : 0
length = 8
special = false
number = false
upper = false
}

resource "azurerm_private_dns_zone_virtual_network_link" "postgres_private_dns_net_link" {
count = var.module_enabled ? 1 : 0
name = random_string.postgres_private_dns_net_link_name[0].result
resource_group_name = azurerm_resource_group.network[0].name
private_dns_zone_name = azurerm_private_dns_zone.postgres_private_dns[0].name
virtual_network_id = azurerm_virtual_network.vnet[0].id
}

//resource "azurerm_network_security_group" "nsg" {
// count = "${var.module_enabled ? length(var.subnet_names) : 0}"
// name = "${var.subnet_names[count.index]}-sg"
// location = "${var.region}"
// resource_group_name = "${var.deploy_name}-${var.region}"
//}
//
//resource "azurerm_subnet_network_security_group_association" "nsg" {
// count = "${var.module_enabled ? length(var.subnet_names) : 0}"
// subnet_id = "${element(azurerm_subnet.subnet.*.id, count.index)}"
// network_security_group_id = "${element(azurerm_network_security_group.nsg.*.id, count.index)}"
//}
//resource "azurerm_subnet_route_table_association" "nat" {
// count = "${var.module_enabled ? length(var.nat_subnets) : 0}"
// subnet_id = "${element(azurerm_subnet.subnet.*.id, count.index + 1)}"
// route_table_id = "${azurerm_route_table.nattable.id}"
//}
# UDR
//resource "azurerm_route_table" "nattable" {
// count = "${var.module_enabled}"
// name = "${var.deploy_name}-${var.region}"
// location = "${var.region}"
// resource_group_name = "${azurerm_resource_group.network.name}"
//
// route {
// name = "all-traffic-via-nat"
// address_prefix = "0.0.0.0/0"
// next_hop_type = "VirtualAppliance"
// next_hop_in_ip_address = "${var.natgw_private_ip}"
// }
//
// tags = {
// environment = "${var.environment}"
// }
//}
79 changes: 79 additions & 0 deletions testdata/xray/jas-config/iac/azure/vpc/outputs.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,79 @@
##################################################################################
# OUTPUT
##################################################################################

output "resource_group_id" {
value = azurerm_resource_group.network[0].id
}

output "resource_group_name" {
value = azurerm_resource_group.network[0].name
}

output "vnet_id" {
value = element(concat(azurerm_virtual_network.vnet.*.id, [""]), 0)
}

output "vnet_location" {
value = element(concat(azurerm_virtual_network.vnet.*.location, [""]), 0)
}

output "vnet_name" {
value = element(concat(azurerm_virtual_network.vnet.*.name, [""]), 0)
}

output "private_dns_id" {
value = element(
concat(azurerm_private_dns_zone.postgres_private_dns.*.id, [""]),
0,
)
}

output "private_dns_name" {
value = element(
concat(azurerm_private_dns_zone.postgres_private_dns.*.name, [""]),
0,
)
}

//output "vnet_subnets" {
// value = "${azurerm_subnet.subnet.*.id}"
//}

### subnets ids ###
output "public_subnet" {
value = element(concat(azurerm_subnet.subnet.*.id, [""]), 0)
}

output "private_subnet" {
value = element(concat(azurerm_subnet.subnet.*.id, [""]), 1)
}
output "flexible_subnet" {
value = element(concat(azurerm_subnet.subnet.*.id, [""]), 4)
}
output "data_subnet" {
value = element(concat(azurerm_subnet.subnet.*.id, [""]), 2)
}

output "mgmt_subnet" {
value = element(concat(azurerm_subnet.subnet.*.id, [""]), 3)
}

### subnets names ###
output "public_subnet_name" {
value = element(concat(azurerm_subnet.subnet.*.name, [""]), 0)
}

output "private_subnet_name" {
value = element(concat(azurerm_subnet.subnet.*.name, [""]), 1)
}

output "data_subnet_name" {
value = element(concat(azurerm_subnet.subnet.*.name, [""]), 2)
}

output "mgmt_subnet_name" {
value = element(concat(azurerm_subnet.subnet.*.name, [""]), 3)
}


39 changes: 39 additions & 0 deletions testdata/xray/jas-config/iac/azure/vpc/variables.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
variable "module_enabled" {
default = true
}

variable "region" {
}

variable "deploy_name" {
}

variable "vpc_cidr" {
}

variable "short_region" {
default = " "
}

variable "subnet_prefixes" {
type = list(string)
}

variable "ssh_source_ranges" {
type = list(string)
}

variable "environment" {
}

variable "subnet_names" {
type = list(string)
}

variable "enforce_pl_svc_net_private" {
default = false
}
//variable "natgw_private_ip" {}
//variable "nat_subnets" {
// type = "list"
//}
4 changes: 4 additions & 0 deletions testdata/xray/jas-config/iac/azure/vpc/versions.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@

terraform {
required_version = ">= 0.12"
}
34 changes: 34 additions & 0 deletions testdata/xray/jas-config/iac/azure/vpc_pp/module.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@

#Azure Generic vNet Module
resource "azurerm_resource_group" "network" {
count = var.module_enabled ? 1 : 0
name = var.short_region != " " ? var.short_region : "${var.deploy_name}-${var.region}"
location = var.region

tags = {
environment = var.environment
}
}

resource "azurerm_virtual_network" "vnet" {
count = var.module_enabled ? 1 : 0
name = "${var.deploy_name}-${var.region}"
location = var.region
address_space = [var.vpc_cidr]
resource_group_name = azurerm_resource_group.network[0].name

tags = {
environment = var.environment
costcenter = "${var.deploy_name}-${var.region}"
}
}

resource "azurerm_subnet" "subnet" {
count = var.module_enabled ? length(var.subnet_names) : 0
name = var.subnet_names[count.index]
virtual_network_name = azurerm_virtual_network.vnet[0].name
resource_group_name = azurerm_resource_group.network[0].name
address_prefixes = [var.subnet_prefixes[count.index]]
enforce_private_link_endpoint_network_policies = var.subnet_names[count.index] == "private" && var.enforce_private_subnet

}
62 changes: 62 additions & 0 deletions testdata/xray/jas-config/iac/azure/vpc_pp/outputs.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,62 @@
##################################################################################
# OUTPUT
##################################################################################

output "resource_group_id" {
value = azurerm_resource_group.network[0].id
}

output "resource_group_name" {
value = azurerm_resource_group.network[0].name
}

output "vnet_id" {
value = element(concat(azurerm_virtual_network.vnet.*.id, [""]), 0)
}

output "vnet_location" {
value = element(concat(azurerm_virtual_network.vnet.*.location, [""]), 0)
}

output "vnet_name" {
value = element(concat(azurerm_virtual_network.vnet.*.name, [""]), 0)
}

//output "vnet_subnets" {
// value = "${azurerm_subnet.subnet.*.id}"
//}

### subnets ids ###
output "public_subnet" {
value = element(concat(azurerm_subnet.subnet.*.id, [""]), 0)
}

output "private_subnet" {
value = element(concat(azurerm_subnet.subnet.*.id, [""]), 1)
}

output "data_subnet" {
value = element(concat(azurerm_subnet.subnet.*.id, [""]), 2)
}

output "mgmt_subnet" {
value = element(concat(azurerm_subnet.subnet.*.id, [""]), 3)
}

### subnets names ###
output "public_subnet_name" {
value = element(concat(azurerm_subnet.subnet.*.name, [""]), 0)
}

output "private_subnet_name" {
value = element(concat(azurerm_subnet.subnet.*.name, [""]), 1)
}

output "data_subnet_name" {
value = element(concat(azurerm_subnet.subnet.*.name, [""]), 2)
}

output "mgmt_subnet_name" {
value = element(concat(azurerm_subnet.subnet.*.name, [""]), 3)
}

40 changes: 40 additions & 0 deletions testdata/xray/jas-config/iac/azure/vpc_pp/variables.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
variable "module_enabled" {
default = true
}

variable "region" {
}

variable "deploy_name" {
}

variable "vpc_cidr" {
}

variable "short_region" {
default = " "
}

variable "subnet_prefixes" {
type = list(string)
}

variable "ssh_source_ranges" {
type = list(string)
}

variable "environment" {
}

variable "subnet_names" {
type = list(string)
}

variable "enforce_private_subnet" {
default = true
}

//variable "natgw_private_ip" {}
//variable "nat_subnets" {
// type = "list"
//}
4 changes: 4 additions & 0 deletions testdata/xray/jas-config/iac/azure/vpc_pp/versions.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@

terraform {
required_version = ">= 0.12"
}
Loading

0 comments on commit e7241cd

Please sign in to comment.