wbyc/terraform-vsphere-resourcegroups
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
terraform-vsphere-resourceg.../CLAUDE.md
Patrick de Ruiter cfbe6cbdc4
Some checks failed
Code Quality & Security Scan / TFLint (push) Successful in 24s
Details
Code Quality & Security Scan / Terraform Destroy (push) Has been skipped
Details
Code Quality & Security Scan / Tfsec Security Scan (push) Successful in 29s
Details
Code Quality & Security Scan / Checkov Security Scan (push) Successful in 44s
Details
Code Quality & Security Scan / Terraform Tests (push) Failing after 35s
Details
Code Quality & Security Scan / SonarQube Trigger (push) Has been skipped
Details
Code Quality & Security Scan / Terraform Init (push) Has been skipped
Details
Code Quality & Security Scan / Terraform Apply (push) Has been skipped
Details
Add comprehensive Terraform testing framework 
- Implemented 21 test cases across 3 test suites:
  * resource_groups.tftest.hcl (7 tests): Default behavior and validation
  * custom_configuration.tftest.hcl (6 tests): Custom configurations
  * variable_validation.tftest.hcl (8 tests): Input validation and edge cases

- Updated CI/CD pipeline (.gitea/workflows/sonarqube.yaml):
  * Added terraform-test job with format check and test execution
  * Generates and uploads test reports (30-day retention)
  * Runs after security scanning, before deployment

- Added comprehensive documentation:
  * TESTING.md: Complete testing guide with best practices
  * TEST_SUMMARY.md: Implementation summary and statistics
  * TESTING_QUICK_START.md: Quick reference for developers
  * TESTING_WORKFLOW.md: Visual workflow diagrams

- Updated existing documentation:
  * README.md: Added testing section with examples
  * CLAUDE.md: Added test commands to workflow

- Test coverage includes:
  * Resource creation and configuration validation
  * Tag category and tag management
  * Variable validation and defaults
  * Custom configurations and overrides
  * Edge cases and error handling
  * Output generation verification

Tests use mock credentials for infrastructure-independent execution.
Requires Terraform >= 1.6.0 for native testing framework.
2025-11-09 00:37:45 +01:00

3.3 KiB
Raw Permalink Blame History

CLAUDE.md

This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.

Overview

This is a Terraform module for managing vSphere resource pools (resource groups). It creates organized resource pools with CPU and memory resource allocation controls, along with proper tagging for management and organization. The module integrates with vSphere for virtualization and Vault for secrets management.

Commands

Terraform Operations

  • terraform init - Initialize the Terraform working directory
  • terraform plan - Create execution plan showing changes
  • terraform apply - Apply the planned changes
  • terraform destroy - Destroy the managed infrastructure
  • terraform validate - Validate configuration syntax
  • terraform fmt - Format configuration files
  • terraform test - Run test suites to validate module functionality
  • terraform test -verbose - Run tests with detailed output

Development Workflow

  • Always run terraform validate and terraform plan before applying changes
  • Use terraform.tfvars file for environment-specific variable values
  • Secrets are managed through Vault - never hardcode sensitive values
  • Run terraform test to execute test suites before committing changes
  • Use terraform fmt to format code according to Terraform style conventions

Architecture

Core Components

Resource Pool Management:

  • Creates resource pools (vsphere_resource_pool) under the compute cluster's default resource pool
  • Configurable CPU and memory reservations, limits, expandability, and shares
  • Default resource groups: Kubernetes, Docker, and Infra

Tagging System:

  • Creates tag categories for Environment and ResourceGroupType
  • Applies environment and resource group type tags to each resource pool
  • Enables proper organization and filtering in vSphere

Data Sources:

  • Retrieves vSphere credentials from Vault
  • Looks up vSphere datacenter information
  • References compute cluster "Home" for resource pool parent

Variable Structure

Key Variables:

  • datacenter: vSphere datacenter name
  • environment: Environment name (dev, tst, acc, uat, prod, shared, tools)
  • resource_groups: Map of resource groups with CPU/memory configuration
  • role_id/secret_id: Vault AppRole authentication (sensitive)

Resource Group Configuration: Each resource group supports:

  • name: Display name for the resource pool
  • cpu_reservation: Guaranteed CPU in MHz (default: 0)
  • cpu_expandable: Allow CPU expansion beyond reservation (default: true)
  • cpu_limit: Maximum CPU in MHz (default: -1, unlimited)
  • cpu_shares: CPU priority (normal, low, high) (default: normal)
  • memory_reservation: Guaranteed memory in MB (default: 0)
  • memory_expandable: Allow memory expansion beyond reservation (default: true)
  • memory_limit: Maximum memory in MB (default: -1, unlimited)
  • memory_shares: Memory priority (normal, low, high) (default: normal)

Resource Dependencies

Resources are created in the following order:

  1. Tag categories for Environment and ResourceGroupType
  2. Environment and resource group type tags
  3. Resource pools with proper tagging

Backend Configuration

Uses S3-compatible backend (MinIO) for state storage with custom endpoint configuration. State file: home/vsphere/network/vsphere-resourcegroup-config.tfstate