wbyc/terraform-vsphere-resourcegroups
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
terraform-vsphere-resourceg.../CLAUDE.md
Patrick de Ruiter cfbe6cbdc4
Some checks failed
Code Quality & Security Scan / TFLint (push) Successful in 24s
Details
Code Quality & Security Scan / Terraform Destroy (push) Has been skipped
Details
Code Quality & Security Scan / Tfsec Security Scan (push) Successful in 29s
Details
Code Quality & Security Scan / Checkov Security Scan (push) Successful in 44s
Details
Code Quality & Security Scan / Terraform Tests (push) Failing after 35s
Details
Code Quality & Security Scan / SonarQube Trigger (push) Has been skipped
Details
Code Quality & Security Scan / Terraform Init (push) Has been skipped
Details
Code Quality & Security Scan / Terraform Apply (push) Has been skipped
Details
Add comprehensive Terraform testing framework 
- Implemented 21 test cases across 3 test suites:
  * resource_groups.tftest.hcl (7 tests): Default behavior and validation
  * custom_configuration.tftest.hcl (6 tests): Custom configurations
  * variable_validation.tftest.hcl (8 tests): Input validation and edge cases

- Updated CI/CD pipeline (.gitea/workflows/sonarqube.yaml):
  * Added terraform-test job with format check and test execution
  * Generates and uploads test reports (30-day retention)
  * Runs after security scanning, before deployment

- Added comprehensive documentation:
  * TESTING.md: Complete testing guide with best practices
  * TEST_SUMMARY.md: Implementation summary and statistics
  * TESTING_QUICK_START.md: Quick reference for developers
  * TESTING_WORKFLOW.md: Visual workflow diagrams

- Updated existing documentation:
  * README.md: Added testing section with examples
  * CLAUDE.md: Added test commands to workflow

- Test coverage includes:
  * Resource creation and configuration validation
  * Tag category and tag management
  * Variable validation and defaults
  * Custom configurations and overrides
  * Edge cases and error handling
  * Output generation verification

Tests use mock credentials for infrastructure-independent execution.
Requires Terraform >= 1.6.0 for native testing framework.
2025-11-09 00:37:45 +01:00

76 lines
3.3 KiB
Markdown
Raw Blame History

# CLAUDE.md
This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.
## Overview
This is a Terraform module for managing vSphere resource pools (resource groups). It creates organized resource pools with CPU and memory resource allocation controls, along with proper tagging for management and organization. The module integrates with vSphere for virtualization and Vault for secrets management.
## Commands
### Terraform Operations
- `terraform init` - Initialize the Terraform working directory
- `terraform plan` - Create execution plan showing changes
- `terraform apply` - Apply the planned changes
- `terraform destroy` - Destroy the managed infrastructure
- `terraform validate` - Validate configuration syntax
- `terraform fmt` - Format configuration files
- `terraform test` - Run test suites to validate module functionality
- `terraform test -verbose` - Run tests with detailed output
### Development Workflow
- Always run `terraform validate` and `terraform plan` before applying changes
- Use `terraform.tfvars` file for environment-specific variable values
- Secrets are managed through Vault - never hardcode sensitive values
- Run `terraform test` to execute test suites before committing changes
- Use `terraform fmt` to format code according to Terraform style conventions
## Architecture
### Core Components
**Resource Pool Management:**
- Creates resource pools (`vsphere_resource_pool`) under the compute cluster's default resource pool
- Configurable CPU and memory reservations, limits, expandability, and shares
- Default resource groups: Kubernetes, Docker, and Infra
**Tagging System:**
- Creates tag categories for Environment and ResourceGroupType
- Applies environment and resource group type tags to each resource pool
- Enables proper organization and filtering in vSphere
**Data Sources:**
- Retrieves vSphere credentials from Vault
- Looks up vSphere datacenter information
- References compute cluster "Home" for resource pool parent
### Variable Structure
**Key Variables:**
- `datacenter`: vSphere datacenter name
- `environment`: Environment name (dev, tst, acc, uat, prod, shared, tools)
- `resource_groups`: Map of resource groups with CPU/memory configuration
- `role_id`/`secret_id`: Vault AppRole authentication (sensitive)
**Resource Group Configuration:**
Each resource group supports:
- `name`: Display name for the resource pool
- `cpu_reservation`: Guaranteed CPU in MHz (default: 0)
- `cpu_expandable`: Allow CPU expansion beyond reservation (default: true)
- `cpu_limit`: Maximum CPU in MHz (default: -1, unlimited)
- `cpu_shares`: CPU priority (normal, low, high) (default: normal)
- `memory_reservation`: Guaranteed memory in MB (default: 0)
- `memory_expandable`: Allow memory expansion beyond reservation (default: true)
- `memory_limit`: Maximum memory in MB (default: -1, unlimited)
- `memory_shares`: Memory priority (normal, low, high) (default: normal)
### Resource Dependencies
Resources are created in the following order:
1. Tag categories for Environment and ResourceGroupType
2. Environment and resource group type tags
3. Resource pools with proper tagging
### Backend Configuration
Uses S3-compatible backend (MinIO) for state storage with custom endpoint configuration. State file: `home/vsphere/network/vsphere-resourcegroup-config.tfstate`
Reference in New Issue View Git Blame Copy Permalink