Skip to content
This repository was archived by the owner on Apr 6, 2026. It is now read-only.

CHANGES_SUMMARY.md

Latest commit

 

History

History
391 lines (336 loc) · 19.5 KB

CHANGES_SUMMARY.md

File metadata and controls

391 lines (336 loc) · 19.5 KB

Azure DevCenter Module - 2025-04-01-preview API Update

Summary of Changes

This document summarizes the updates made to the Azure DevCenter module to implement the 2025-04-01-preview API version and fix the identity block placement.

Latest Changes (August 14, 2025)

Dev Center Project Environment Type Module - API Schema Compliance Fix

  • Fixed: Resolved Azure API schema validation errors in dev_center_project_environment_type module for userRoleAssignments
  • Classification: Bug fix
  • Breaking Change: YES - User role assignments schema changed to match Azure API requirements
  • Issue: userRoleAssignments.roles was defined as list(string) but Azure API expects map(object({}))
  • Root Cause: Mismatch between Terraform variable schema and Azure DevCenter REST API schema
  • Azure API Requirement:
    • userRoleAssignments keys must be user object IDs (GUIDs), not email addresses
    • roles property must be a map where keys are role definition IDs (GUIDs) and values are objects
  • Solution Applied:
    • Updated module variable schema: roles = list(string)roles = map(object({}))
    • Updated root variable schema in variables.tf to match module requirements
    • Updated all example configurations to use correct API format
    • Updated test files to use proper schema structure
    • Enhanced README documentation with Azure CLI commands to find required IDs
  • Files Modified:
    • modules/dev_center_project_environment_type/variables.tf: Fixed roles type definition
    • modules/dev_center_project_environment_type/README.md: Added comprehensive documentation for finding user object IDs and role definition IDs
    • variables.tf: Updated root variable definition to match module schema
    • tests/unit/dev_center_project_environment_type/project_environment_type_test.tftest.hcl: Updated test to use correct schema
    • examples/dev_center_project_environment_type/enhanced_case/configuration.tfvars: Updated all user role assignments to use object IDs and role definition IDs
  • Migration Required:
    • Users must update configurations to use Azure AD user object IDs instead of email addresses
    • Users must use role definition IDs (GUIDs) instead of role names
    • Use az ad user show --id user@domain.com --query id -o tsv to get user object IDs
    • Use az role definition list --name "Role Name" --query '[].id' -o tsv to get role definition IDs
  • Validation: All unit and integration tests pass (43 total test cases)
  • API Reference: Based on Azure DevCenter REST API documentation (2025-04-01-preview)

Dev Center Project Environment Type Module - Critical Fix Applied

  • Fixed: Resolved API validation errors in dev_center_project_environment_type module
  • Classification: Bug fix
  • Breaking Change: NO - Module interface updated but functionality preserved
  • Issue: DeploymentTargetId was incorrectly using full environment type resource ID instead of subscription ID
  • Root Cause: Azure DevCenter API requires deploymentTargetId to be subscription ID format /subscriptions/{guid}, not full resource ID
  • Solution Applied:
    • Updated deploymentTargetId to use subscription ID: /subscriptions/${data.azapi_client_config.current.subscription_id}
    • Fixed environment type name matching to use actual created environment type names
    • Removed unnecessary azurecaf_name resource for project environment types
    • Updated module to reference environment type names from parent Dev Center
  • Files Modified:
    • modules/dev_center_project_environment_type/module.tf: Fixed deploymentTargetId and name logic
    • modules/dev_center_project_environment_type/variables.tf: Added environment_type_name variable, updated validation
    • modules/dev_center_project_environment_type/output.tf: Updated deployment_target_id output description
    • modules/dev_center_project_environment_type/README.md: Updated usage examples and documentation
    • dev_center_project_environment_types.tf: Updated module call to pass environment_type_name
  • Validation: Successfully applied simple case configuration with both development and staging project environment types
  • API Reference: Based on official Azure DevCenter REST API documentation (2025-04-01-preview)
  • Resources Created:
    • /subscriptions/.../projects/.../environmentTypes/demo-dcet-development-qgi (Enabled)
    • /subscriptions/.../projects/.../environmentTypes/demo-dcet-staging-iuo (Enabled)

Dev Center Project Environment Type Module - New Implementation

  • Added: New dev_center_project_environment_type module for associating environment types with Dev Center projects
  • Classification: Feature
  • Breaking Change: NO - This is a new module that doesn't affect existing functionality
  • Files Added:
    • modules/dev_center_project_environment_type/module.tf: Main module implementation using azapi provider
    • modules/dev_center_project_environment_type/variables.tf: Strong typing with comprehensive validation
    • modules/dev_center_project_environment_type/output.tf: Output definitions for project environment type properties
    • modules/dev_center_project_environment_type/README.md: Complete documentation with usage examples
    • dev_center_project_environment_types.tf: Root orchestration file
    • variables.tf: Added new variable definition with validation rules
    • examples/dev_center_project_environment_type/simple_case/configuration.tfvars: Basic example
    • examples/dev_center_project_environment_type/enhanced_case/configuration.tfvars: Advanced example with user role assignments
    • tests/unit/dev_center_project_environment_type/project_environment_type_test.tftest.hcl: Unit tests with provider mocking
  • Files Modified:
    • tests/integration/dev_center_integration_test.tftest.hcl: Added project environment type integration test
    • .vscode/tasks.json: Added new example options for VS Code development workflow
    • docs/file_structure.md: Updated with new module and example locations
    • docs/module_guide.md: Enhanced with comprehensive usage patterns and configuration options
  • Features:
    • Associates environment types with Dev Center projects using Azure DevCenter 2025-04-01-preview API
    • Configurable status (Enabled/Disabled) for project environment types
    • User role assignments for granular access control
    • Comprehensive validation for all input variables
    • Full test coverage with both unit and integration tests
    • Complete documentation and examples

Previous Changes (July 28, 2025)

Dev Center Network Connection Module - AzAPI Migration

  • Updated: Migrated dev_center_network_connection module from azurerm to azapi provider
  • Classification: Improvement
  • Breaking Change: NO - Module interface remains the same, only internal implementation changed
  • Files Modified:
    • modules/dev_center_network_connection/module.tf:
      • Replaced azurerm provider with azapi provider (version ~> 2.4.0)
      • Updated resource from azurerm_dev_center_network_connection to azapi_resource
      • Set resource type to Microsoft.DevCenter/networkConnections@2025-02-01
      • Added azapi_client_config data source for subscription ID
      • Restructured properties in body block following Azure REST API schema
      • Added response_export_values = ["properties"] for proper output handling
    • modules/dev_center_network_connection/output.tf:
      • Updated output references from azurerm_dev_center_network_connection.this to azapi_resource.this
      • Modified property access to use azapi_resource.this.output.properties.* pattern
      • Added new outputs: provisioning_state and health_check_status
      • Updated resource_group_name output to reference variable (azapi doesn't expose this)
    • modules/dev_center_network_connection/README.md:
      • Updated provider requirements to reference azapi instead of azurerm
      • Added new output descriptions for provisioning_state and health_check_status
      • Updated resource table to reflect azapi_resource usage
  • Testing: All examples remain compatible as module interface is unchanged
  • Validation: Terraform fmt and validate pass successfully

Dev Center Environment Type Module - Complete Implementation

  • Created: Full implementation of the dev_center_environment_type module
  • Files Created:
    • modules/dev_center_environment_type/module.tf: Main module with AzAPI resource implementation
    • modules/dev_center_environment_type/variables.tf: Strong typing and validation rules
    • modules/dev_center_environment_type/output.tf: Comprehensive output definitions
    • modules/dev_center_environment_type/README.md: Module documentation and usage examples
    • dev_center_environment_types.tf: Root orchestration file
    • examples/dev_center_environment_type/simple_case/configuration.tfvars: Basic example
    • examples/dev_center_environment_type/enhanced_case/configuration.tfvars: Advanced example with multiple environment types
    • examples/dev_center_environment_type/simple_case/README.md: Example documentation
    • tests/unit/dev_center_environment_type/environment_type_test.tftest.hcl: Comprehensive unit tests
  • Files Updated:
    • .vscode/tasks.json: Added environment type example options to VS Code tasks
  • Description: Complete environment type module implementation following DevFactory patterns with AzAPI provider v2.4.0
  • API Version: Microsoft.DevCenter/devcenters/environmentTypes@2025-04-01-preview
  • Features: Name validation, display names, tagging support, azurecaf naming integration
  • Validation: All tests pass, terraform validate successful, example configurations verified
  • Type: Feature addition
  • Breaking Change: No

Dev Center Environment Type Implementation Plan

  • Created: Implementation plan for dev_center_environment_type module
  • File: docs/plans/dev_center_environment_type.plan.md
  • Description: Comprehensive plan outlining the implementation of environment type resources for Dev Centers (now completed)
  • Scope: Module creation, root orchestration, examples, unit tests, integration tests, and documentation
  • API Version: Microsoft.DevCenter/devcenters/environmentTypes@2025-04-01-preview
  • Pattern: Follows established DevFactory modular patterns with AzAPI provider v2.4.0
  • Type: Feature addition and planning
  • Breaking Change: No

Documentation Updates

  • Updated: docs/file_structure.md to include environment type implementation plan
  • Fixed: Markdown formatting and trailing newline issues
  • Type: Documentation improvement
  • Breaking Change: No

Previous Changes (June 19, 2025)

Merge Conflict Resolution

  • Fixed: Resolved merge conflicts in PR #24 (devboxpools branch)
  • Conflict Location: tests/run_tests.sh - between dynamic test discovery and hardcoded test list
  • Resolution: Preserved enhanced dynamic test discovery functionality while merging upstream changes
  • Merged Changes: Updated from upstream main:
    • .devcontainer/devcontainer.json - DevContainer configuration updates
    • .vscode/mcp.json - MCP server configuration
    • README.md - Documentation improvements
    • docs/getting_started.md - Getting started guide updates
  • Type: Bug fix and merge resolution
  • Breaking Change: No

TFLint Compliance Fixes

  • Fixed: Added missing required_version = ">= 1.9.0" to Terraform blocks
    • modules/dev_center_project_pool/module.tf
    • modules/dev_center_project_pool_schedule/module.tf
  • Fixed: Added TFLint ignore comment for unused but documented variable
    • modules/dev_center_project_pool/variables.tf - resource_group_id variable
  • Result: All modules now pass TFLint validation without warnings
  • Type: Code quality improvement
  • Breaking Change: No

Test Runner Update

  • Fixed: Updated tests/run_tests.sh to include all missing test directories
  • Enhanced: Made test discovery dynamic instead of hardcoded
    • Automatically discovers unit test directories in tests/unit/
    • Automatically discovers integration test directories in tests/integration/
    • Validates directories contain test files (*.tftest.hcl or *.tf)
    • Shows discovered test directories before execution
  • Fixed: Added proper root configuration initialization
    • Initializes root Terraform configuration before running tests
    • Properly handles module dependencies for tests that reference root configuration
    • Cleans and re-initializes test directories when needed
  • Added: Missing unit test directories:
    • dev_center_project_pool
    • dev_center_project_pool_schedule
    • key_vault
  • Result: All 9 test suites now pass (41 individual test cases)
  • Type: Improvement and bug fix
  • Breaking Change: No

Issues Addressed

  1. API Version Update: Updated from 2025-02-01 to 2025-04-01-preview
  2. Identity Block Verification: Confirmed that identity block was already correctly placed at the azapi_resource level (not inside body)
  3. Enhanced Features: Added support for new properties available in the 2025-04-01-preview API

Files Modified

1. /modules/dev_center/module.tf

  • API Version: Updated to Microsoft.DevCenter/devcenters@2025-04-01-preview
  • Enhanced Body: Added support for new properties:
    • displayName
    • devBoxProvisioningSettings
    • encryption (customer-managed key encryption)
    • networkSettings
    • projectCatalogSettings
  • Identity Block: Fixed to be truly conditional using dynamic blocks
    • Changed from always including SystemAssigned default to only including identity block when var.dev_center.identity is specified
    • Uses dynamic "identity" block with for_each = try(var.dev_center.identity, null) != null ? [var.dev_center.identity] : []
  • Resource Naming: Updated resource name from azapi_resource.dev_center to azapi_resource.this for consistency
  • CAF Naming: Updated azurecaf_name resource references in the code from azurecaf_name.dev_center to azurecaf_name.this for consistency

2. /modules/dev_center/variables.tf

  • New Variables: Added support for all 2025-04-01-preview properties
  • Type Definitions: Enhanced with strongly-typed object structures
  • Validation: Added input validation for name constraints
  • Backward Compatibility: All existing variable structures preserved

3. /modules/dev_center/output.tf

  • Additional Outputs: Added new outputs for enhanced API features:
    • dev_center_uri
    • provisioning_state
    • location
    • resource_group_name
  • Resource References: Updated all output references from azapi_resource.dev_center to azapi_resource.this

4. /modules/dev_center/README.md

  • Updated Documentation: Comprehensive documentation update
  • New Examples: Enhanced usage examples showing 2025-04-01-preview features
  • Variable Documentation: Updated variable structure documentation
  • Output Documentation: Updated output descriptions

5. /examples/dev_center/enhanced_case/configuration.tfvars

  • New Example: Created enhanced example demonstrating:
    • Display name configuration
    • DevBox provisioning settings
    • Network settings
    • Project catalog settings
    • System-assigned identity

New Features Available

DevBox Provisioning Settings

dev_box_provisioning_settings = {
  install_azure_monitor_agent_enable_installation = true
}

Network Settings

network_settings = {
  microsoft_hosted_network_enable_status = "Enabled"
}

Project Catalog Settings

project_catalog_settings = {
  catalog_item_sync_enable_status = "Enabled"
}

Customer-Managed Key Encryption

encryption = {
  customer_managed_key_encryption = {
    key_encryption_key_identity = {
      identity_type = "UserAssigned"
      user_assigned_identity_resource_id = "/subscriptions/.../identity"
    }
    key_encryption_key_url = "https://vault.vault.azure.net/keys/key/version"
  }
}

Identity Block Analysis

Issue Reported: Identity block placement in azapi configuration Finding: The identity block was already correctly placed at the azapi_resource level, following the proper azapi provider pattern:

resource "azapi_resource" "dev_center" {
  type      = "Microsoft.DevCenter/devcenters@2025-04-01-preview"
  name      = azurecaf_name.dev_center.result
  location  = var.location
  parent_id = "/subscriptions/${data.azurerm_client_config.current.subscription_id}/resourceGroups/${var.resource_group_name}"

  # ✅ CORRECT: Identity block at resource level
  identity {
    type         = try(var.dev_center.identity.type, "SystemAssigned")
    identity_ids = try(var.dev_center.identity.identity_ids, null)
  }

  body = {
    properties = {
      # ❌ INCORRECT: Identity would go here
      # ✅ CORRECT: Properties-specific content only
    }
  }
}

Validation & Testing

  1. Terraform Validate: ✅ Configuration is syntactically valid
  2. Terraform Format: ✅ Code is properly formatted
  3. Plan Testing:
    • ✅ Simple case (backward compatibility)
    • ✅ Enhanced case (new features)
  4. API Version: ✅ Confirmed 2025-04-01-preview is the latest available

Backward Compatibility

All existing configurations continue to work without modification:

  • All existing variable structures preserved
  • Output values maintain the same structure
  • Simple configurations work without new properties

Best Practices Implemented

  1. Strong Typing: All variables use detailed object types with optional parameters
  2. Input Validation: Name validation and type checking
  3. Error Handling: Use of try() for optional parameters
  4. Documentation: Comprehensive README and inline comments
  5. Examples: Working examples for all use cases
  6. Naming Convention: Integration with azurecaf for consistent naming

Usage Examples

Simple DevCenter (Backward Compatible)

dev_center = {
  name = "my-devcenter"
  tags = {
    environment = "development"
  }
}

Enhanced DevCenter (2025-04-01-preview Features)

dev_center = {
  name         = "my-enhanced-devcenter"
  display_name = "Enhanced DevCenter"

  dev_box_provisioning_settings = {
    install_azure_monitor_agent_enable_installation = true
  }

  network_settings = {
    microsoft_hosted_network_enable_status = "Enabled"
  }

  project_catalog_settings = {
    catalog_item_sync_enable_status = "Enabled"
  }
}

Conclusion

The Azure DevCenter module has been successfully updated to:

  1. ✅ Use the latest 2025-04-01-preview API version
  2. ✅ Fix identity block to be truly conditional (only included when identity is specified)
  3. ✅ Support all new preview features
  4. ✅ Maintain backward compatibility for existing configurations

Testing Results

Identity Block Conditional Logic

  • Without Identity: Verified that no identity block is included when var.dev_center.identity is null/unspecified
  • With SystemAssigned Identity: Verified that identity block is properly included when identity is configured
  • Resource Naming: All references updated from dev_center to this for consistency

Validation Status

  • terraform fmt -recursive - All files properly formatted
  • terraform validate - Configuration is valid
  • terraform plan - Successfully planned with both simple and identity configurations

The module now properly handles identity configuration as requested - no identity block when no identity is specified, and proper identity block inclusion when identity is configured. 4. ✅ Preserve backward compatibility 5. ✅ Follow Terraform and Azure best practices

The module is ready for production use with both simple and enhanced configurations.