From 46328af163b62e8dbe238ffc51a3fd0858938794 Mon Sep 17 00:00:00 2001
From: Michael Thamm <mike.thamm@canonical.com>
Date: Fri, 18 Oct 2024 15:02:30 -0400
Subject: [PATCH] Add terraform module (#412)

---
 .github/workflows/pull-request.yaml |  4 +++
 .gitignore                          | 38 +++++++++++++++++++++++++-
 terraform/README.md                 |  4 +++
 terraform/main.tf                   | 12 +++++++++
 terraform/outputs.tf                | 22 +++++++++++++++
 terraform/variables.tf              | 42 +++++++++++++++++++++++++++++
 terraform/versions.tf               |  9 +++++++
 7 files changed, 130 insertions(+), 1 deletion(-)
 create mode 100644 terraform/README.md
 create mode 100644 terraform/main.tf
 create mode 100644 terraform/outputs.tf
 create mode 100644 terraform/variables.tf
 create mode 100644 terraform/versions.tf

diff --git a/.github/workflows/pull-request.yaml b/.github/workflows/pull-request.yaml
index 1080b5fd..bda1847b 100644
--- a/.github/workflows/pull-request.yaml
+++ b/.github/workflows/pull-request.yaml
@@ -10,3 +10,7 @@ jobs:
     name: PR
     uses: canonical/observability/.github/workflows/charm-pull-request.yaml@main
     secrets: inherit
+
+  terraform-checks:
+    name: Terraform
+    uses: canonical/observability/.github/workflows/terraform-quality-checks.yaml@main
\ No newline at end of file
diff --git a/.gitignore b/.gitignore
index 10bc6a0e..7dcedfe3 100644
--- a/.gitignore
+++ b/.gitignore
@@ -12,4 +12,40 @@ tests/integration/testers/*/lib
 # charmcraft bug: leaves the build folders behind after a pack.
 **/parts/
 **/prime/
-**/stage/
\ No newline at end of file
+**/stage/
+
+# Local .terraform directories
+**/.terraform/*
+
+# .tfstate files
+*.tfstate
+*.tfstate.*
+
+# Crash log files
+crash.log
+crash.*.log
+
+# Exclude all .tfvars files, which are likely to contain sensitive data, such as
+# password, private keys, and other secrets. These should not be part of version 
+# control as they are data points which are potentially sensitive and subject 
+# to change depending on the environment.
+*.tfvars
+*.tfvars.json
+
+# Ignore override files as they are usually used to override resources locally and so
+# are not checked in
+override.tf
+override.tf.json
+*_override.tf
+*_override.tf.json
+
+# Include override files you do wish to add to version control using negated pattern
+# !example_override.tf
+
+# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
+# example: *tfplan*
+
+# Ignore CLI configuration files
+.terraformrc
+terraform.rc
+.terraform.lock.hcl
\ No newline at end of file
diff --git a/terraform/README.md b/terraform/README.md
new file mode 100644
index 00000000..42b1854d
--- /dev/null
+++ b/terraform/README.md
@@ -0,0 +1,4 @@
+# Terraform module for traefik-k8s
+
+
+This module is in experimental status. It is not yet ready for production.
diff --git a/terraform/main.tf b/terraform/main.tf
new file mode 100644
index 00000000..6b2f6e5a
--- /dev/null
+++ b/terraform/main.tf
@@ -0,0 +1,12 @@
+resource "juju_application" "traefik" {
+  name  = var.app_name
+  model = var.model_name
+  trust = true
+  charm {
+    name     = "traefik-k8s"
+    channel  = var.channel
+    revision = var.revision
+  }
+  units  = var.units
+  config = var.config
+}
\ No newline at end of file
diff --git a/terraform/outputs.tf b/terraform/outputs.tf
new file mode 100644
index 00000000..6dc5c29e
--- /dev/null
+++ b/terraform/outputs.tf
@@ -0,0 +1,22 @@
+output "app_name" {
+  value = juju_application.traefik.name
+}
+
+output "requires" {
+  value = {
+    certificates              = "certificates",
+    experimental_forward_auth = "experimental-forward-auth",
+    logging                   = "logging",
+    tracing                   = "tracing",
+  }
+}
+
+output "provides" {
+  value = {
+    grafana_dashboard = "grafana-dashboard",
+    ingress           = "ingress",
+    ingress_per_unit  = "ingress-per-unit",
+    metrics_endpoint  = "metrics-endpoint",
+    traefik_route     = "traefik-route",
+  }
+}
diff --git a/terraform/variables.tf b/terraform/variables.tf
new file mode 100644
index 00000000..ac8d649b
--- /dev/null
+++ b/terraform/variables.tf
@@ -0,0 +1,42 @@
+variable "app_name" {
+  description = "Application name"
+  type        = string
+}
+
+variable "channel" {
+  description = "Charm channel"
+  type        = string
+  default     = "latest/stable"
+}
+
+variable "config" {
+  description = "Config options as in the ones we pass in juju config"
+  type        = map(string)
+  default     = {}
+}
+
+# We use constraints to set AntiAffinity in K8s
+# https://discourse.charmhub.io/t/pod-priority-and-affinity-in-juju-charms/4091/13?u=jose
+variable "constraints" {
+  description = "Constraints to be applied"
+  type        = string
+  default     = ""
+}
+
+variable "model_name" {
+  description = "Model name"
+  type        = string
+}
+
+variable "revision" {
+  description = "Charm revision"
+  type        = number
+  nullable    = true
+  default     = null
+}
+
+variable "units" {
+  description = "Number of units"
+  type        = number
+  default     = 1
+}
\ No newline at end of file
diff --git a/terraform/versions.tf b/terraform/versions.tf
new file mode 100644
index 00000000..77b64403
--- /dev/null
+++ b/terraform/versions.tf
@@ -0,0 +1,9 @@
+terraform {
+  required_version = ">= 1.5"
+  required_providers {
+    juju = {
+      source  = "juju/juju"
+      version = "~> 0.14"
+    }
+  }
+}
\ No newline at end of file