From 8a2341423a2778ef73ef43e184492f2587e7a3ac Mon Sep 17 00:00:00 2001
From: Patrick de Ruiter <pderuiter@bsdserver.nl>
Date: Mon, 10 Nov 2025 12:17:58 +0100
Subject: [PATCH] Fix Terraform validation errors

- Fix ansible_host resource: use 'name' and 'variables' instead of 'inventory_hostname' and 'vars'
- Add missing Vault authentication variables: role_id and secret_id
- Update CI/CD pipeline to provide dummy auth variables for validation
- Run terraform fmt
---
 .gitea/workflows/pipeline.yaml |  4 ++++
 terraform/main.tf              |  6 +++---
 terraform/variables.tf         | 12 ++++++++++++
 3 files changed, 19 insertions(+), 3 deletions(-)

diff --git a/.gitea/workflows/pipeline.yaml b/.gitea/workflows/pipeline.yaml
index efd9d8d..551ee0e 100644
--- a/.gitea/workflows/pipeline.yaml
+++ b/.gitea/workflows/pipeline.yaml
@@ -90,6 +90,8 @@ jobs:
         TF_VAR_vault_address: "https://vault.example.com:8200"
         TF_VAR_environment: "test"
         TF_VAR_short_hostname: "test-host"
+        TF_VAR_role_id: "dummy-role-id"
+        TF_VAR_secret_id: "dummy-secret-id"
       run: terraform init -backend=false
 
     - name: Terraform Validate
@@ -98,6 +100,8 @@ jobs:
         TF_VAR_vault_address: "https://vault.example.com:8200"
         TF_VAR_environment: "test"
         TF_VAR_short_hostname: "test-host"
+        TF_VAR_role_id: "dummy-role-id"
+        TF_VAR_secret_id: "dummy-secret-id"
       run: terraform validate
 
   sonarqube:
diff --git a/terraform/main.tf b/terraform/main.tf
index 8d25cd8..4d31ca0 100755
--- a/terraform/main.tf
+++ b/terraform/main.tf
@@ -28,10 +28,10 @@ resource "vault_approle_auth_backend_role_secret_id" "cert_role_secret" {
 }
 
 resource "ansible_host" "vault_agent_node" {
-  inventory_hostname = var.short_hostname
-  groups             = ["vault_agent"]
+  name   = var.short_hostname
+  groups = ["vault_agent"]
 
-  vars = {
+  variables = {
     ansible_user                 = "ansible"
     ansible_ssh_private_key_file = "~/.ssh/id_ed25519"
     ansible_python_interpreter   = "/usr/bin/python3"
diff --git a/terraform/variables.tf b/terraform/variables.tf
index 9ab4385..c038635 100755
--- a/terraform/variables.tf
+++ b/terraform/variables.tf
@@ -28,3 +28,15 @@ variable "vault_address" {
   }
 }
 
+variable "role_id" {
+  type        = string
+  description = "Vault AppRole role_id for authentication"
+  sensitive   = true
+}
+
+variable "secret_id" {
+  type        = string
+  description = "Vault AppRole secret_id for authentication"
+  sensitive   = true
+}
+