diff --git a/.github/workflows/_release-terraform-graph-generation-cd.yaml b/.github/workflows/_release-terraform-graph-generation-cd.yaml new file mode 100644 index 00000000..35af1586 --- /dev/null +++ b/.github/workflows/_release-terraform-graph-generation-cd.yaml @@ -0,0 +1,146 @@ +name: Add generated Mermaid Diagrams on Terraform modules - CD - TEST + +# Trigger the workflow on push to main branch +# The workflow will create or update corresponding Mermaid diagrams in README.md files within the same directories +# The generated diagrams will be committed back to the PR branch + +on: + pull_request: + types: + - closed + paths: + - '**/graph.dot' + # push: + # branches: + # - feat-poc-ai-graph-generation #main + workflow_dispatch: + inputs: + from_pr: + description: "Search artifacts from PR number" + default: "" + required: false + +env: + PR_NUMBER: ${{ (github.event_name == 'workflow_dispatch' && inputs.from_pr == '') && github.sha || (inputs.from_pr != '') && inputs.from_pr || github.event.pull_request.number }} + +jobs: + commit-changes: + runs-on: ubuntu-latest + name: Commit Mermaid Diagrams + permissions: + contents: write + pull-requests: write + actions: read + + steps: + - name: Checkout PR branch + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + with: + ref: ${{ github.head_ref }} + + - name: Download generated diagrams + uses: dawidd6/action-download-artifact@ac66b43f0e6a346234dd65d4d0c8fbb31cb316e5 # v11 + with: + workflow: _release-terraform-graph-generation-ci.yaml + name: mermaid-diagrams-${{ env.PR_NUMBER }} + path: ${{ runner.temp }}/downloaded-artifacts + check_artifacts: true + workflow_conclusion: success + + - name: Node Setup + id: node-setup + uses: pagopa/dx/.github/actions/node-setup@main + + - name: Install mermaid-cli + run: npm install -g @mermaid-js/mermaid-cli + + - name: Organize downloaded files + id: organize_files + run: | + if [ -z "$(ls -A ${{ runner.temp }}/downloaded-artifacts)" ]; then + echo "No artifacts found or directory is empty. Nothing to commit." + echo "changes_made=false" >> $GITHUB_OUTPUT + exit 0 + fi + + echo "Organizing downloaded files..." + for filepath in ${{ runner.temp }}/downloaded-artifacts/*.md; do + if [ -f "$filepath" ]; then + filename=$(basename "$filepath") + dir_encoded_name="${filename%.md}" + dest_dir=$(echo "$dir_encoded_name" | base64 -d) + readme_file="$dest_dir/README.md" + graph_file="$dest_dir/graph.md" + + # Move the .md file to the correct directory + mv "$filepath" "$graph_file" + echo "Moved $filename to $graph_file" + + # Check if README.md exists in the destination directory + echo "Processing $filename for $readme_file" + if [ ! -f "$readme_file" ]; then + echo "Skipping: README.md not found at $readme_file" + continue + fi + if ! grep -q "" "$readme_file"; then + echo "Skipping: Start tag not found in $readme_file" + continue + fi + if ! grep -q "" "$readme_file"; then + echo "Skipping: End tag not found in $readme_file" + continue + fi + + # Inject Mermaid in README.md (replace existing block) + awk -v f="$graph_file" ' + BEGIN { + while ((getline line < f) > 0) graph = graph line "\n" + } + // { print; print graph; skip=1; next } + // { skip=0 } + !skip + ' "$readme_file" > "$readme_file.tmp" && mv "$readme_file.tmp" "$readme_file" + + echo "✅ Successfully updated $readme_file" + changes_made=true + fi + done + echo "Files organized." + echo "changes_made=$changes_made" >> $GITHUB_OUTPUT + + - name: Collect changed files + id: collect_changed + if: steps.organize_files.outputs.changes_made == 'true' + run: | + # Find changed/added files + files=$(git status --porcelain | awk '/^ M|^A / {print $2}' | grep -E '(README\.md|graph\.md)$' || true) + + if [ -z "$files" ]; then + echo "No README.md or graph.md changes found." + echo "paths=" >> $GITHUB_OUTPUT + else + echo "Found changed files:" + echo "$files" + # Convert in list with newlines separator + echo "paths<> $GITHUB_OUTPUT + echo "$files" >> $GITHUB_OUTPUT + echo "EOF" >> $GITHUB_OUTPUT + fi + + - name: Create Pull Request for updated diagrams + if: steps.organize_files.outputs.changes_made == 'true' && steps.collect_changed.outputs.paths != '' + uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7.0.8 + with: + token: ${{ secrets.GITHUB_TOKEN }} + commit-message: "docs(autodocs): ✨ Update Mermaid diagrams from PR #${{ env.PR_NUMBER }}" + branch: "docs/update-diagrams-pr-${{ env.PR_NUMBER }}" + delete-branch: true + title: "Docs: ✨ Update Mermaid diagrams from PR #${{ env.PR_NUMBER }}" + body: | + This is an auto-generated PR to update the Mermaid diagrams in the README files. + + This was triggered by the merge of PR #${{ env.PR_NUMBER }}. + labels: "documentation, automated" + committer: "dx-pagopa-bot " + author: "dx-pagopa-bot " + add-paths: ${{ steps.collect_changed.outputs.paths }} diff --git a/.github/workflows/_release-terraform-graph-generation-ci.yaml b/.github/workflows/_release-terraform-graph-generation-ci.yaml new file mode 100644 index 00000000..b7228ff1 --- /dev/null +++ b/.github/workflows/_release-terraform-graph-generation-ci.yaml @@ -0,0 +1,236 @@ +name: Generate Mermaid Diagrams for Terraform modules - CI - TEST + +# Trigger the workflow on pull requests that modify .dot files or manually via workflow_dispatch +# For workflow_dispatch, an optional input 'dot_path' can be provided to specify a single .dot file to convert +# If 'dot_path' is not provided, all changed .dot files in the PR will be processed + +on: + pull_request: + types: + - opened + - synchronize + paths: + - '**/graph.dot' + workflow_dispatch: + inputs: + dot_path: + description: "Path to the .dot file to convert" + default: "" + required: false + # push: + # branches: + # - feat-poc-ai-graph-generation + +jobs: + find-changed-dots: + name: Find Changed .dot Files + runs-on: ubuntu-latest + outputs: + changed_files: ${{ steps.find_files.outputs.changed_files }} + permissions: + contents: read + steps: + - name: Checkout code + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + with: + fetch-depth: 0 + + - name: Find changed .dot files using Git diff + id: find_files + env: + DOT_PATH: ${{ inputs.dot_path }} + run: | + set -e + echo "Determining changed .dot files based on event..." + + if [[ "${{ github.event_name }}" == "pull_request" && "${{ github.event.action }}" == "synchronize" ]]; then + echo "Event: synchronize. Comparing last push commits." + CHANGED_DOTS=$(git diff --name-only ${{ github.event.before }} ${{ github.event.after }} -- '**/graph.dot') + elif [[ "${{ github.event_name }}" == "pull_request" ]]; then + echo "Event: pull_request (${{ github.event.action }}). Comparing PR head with base." + CHANGED_DOTS=$(git diff --name-only ${{ github.event.pull_request.base.sha }} ${{ github.event.pull_request.head.sha }} -- '**/graph.dot') + elif [[ "${{ github.event_name }}" == "workflow_dispatch" && "$DOT_PATH" == "" ]]; then + echo "Event: workflow_dispatch. Comparing current ref with 'main'." + git fetch origin main --depth=1 + CHANGED_DOTS=$(git diff --name-only origin/main...HEAD -- '**/graph.dot') + elif [[ "${{ github.event_name }}" == "workflow_dispatch" && "$DOT_PATH" != "" ]]; then + echo "Event: workflow_dispatch. Use passed dot $DOT_PATH." + CHANGED_DOTS="$DOT_PATH" + else + echo "Unsupported event type. No files will be processed." + CHANGED_DOTS="" + fi + + # Convert the list in JSON array for matrix strategy + if [ -z "$CHANGED_DOTS" ]; then + echo "No changed .dot files found." + JSON_OUTPUT="[]" + else + echo "Found changed .dot files:" + echo "$CHANGED_DOTS" + JSON_OUTPUT=$(echo "$CHANGED_DOTS" | jq --raw-input --slurp 'split("\n") | map(select(length > 0))') + fi + + echo "Final JSON output for matrix: $JSON_OUTPUT" + echo 'changed_files<> $GITHUB_OUTPUT + echo $JSON_OUTPUT >> $GITHUB_OUTPUT + echo 'EOF' >> $GITHUB_OUTPUT + + dot-to-mermaid: + needs: find-changed-dots + if: ${{ needs.find-changed-dots.outputs.changed_files != '[]' && needs.find-changed-dots.outputs.changed_files != '' }} + name: Convert DOT to Mermaid + runs-on: ubuntu-latest + permissions: + contents: write + pull-requests: write + + strategy: + matrix: + dot_file: ${{ github.event.inputs.dot_path == '' && fromJson(needs.find-changed-dots.outputs.changed_files) || fromJson(format('["{0}"]', github.event.inputs.dot_path)) }} + + steps: + - name: Checkout PR branch + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + with: + ref: ${{ github.head_ref }} + + - name: Generate Prompt for ${{ matrix.dot_file }} + id: generate_prompt + run: | + PROMPT_FILE="prompt-$(echo "${{ matrix.dot_file }}" | tr '/' '-').txt" + + # SECURITY: Added instructions to mitigate prompt injection + cat > "$PROMPT_FILE" <> "$PROMPT_FILE" + echo "\`\`\`" >> "$PROMPT_FILE" + + echo "Prompt file created at $PROMPT_FILE" + echo "prompt_path=$PROMPT_FILE" >> $GITHUB_OUTPUT + + - name: Prepare JSON Payload + id: prepare_json + run: | + JSON_FILE="payload-$(echo "${{ matrix.dot_file }}" | tr '/' '-').json" + jq -n \ + --arg content "$(cat ${{ steps.generate_prompt.outputs.prompt_path }})" \ + '{ + "messages": [ + { + "role": "user", + "content": $content + } + ], + "max_completion_tokens": 100000, + "model": "o4-mini" + }' > "$JSON_FILE" + + echo "JSON payload created at $JSON_FILE" + echo "json_payload_path=$JSON_FILE" >> $GITHUB_OUTPUT + + - name: Run AI call API for ${{ matrix.dot_file }} + id: ai_call + env: + AZURE_API_KEY: ${{ secrets.AZURE_AI_API_KEY }} + run: | + RESPONSE_FILE="response-$(echo "${{ matrix.dot_file }}" | tr '/' '-').json" + DOT_DIR=$(dirname "${{ matrix.dot_file }}") + ENCODED_NAME=$(echo -n "$DOT_DIR" | base64 -w 0) + MD_FILE_PATH="${ENCODED_NAME}.md" + + curl -s -X POST "https://dx-d-sdc-test-aif-01.cognitiveservices.azure.com/openai/deployments/o4-mini/chat/completions?api-version=2025-01-01-preview" \ + -H "Content-Type: application/json" \ + -H "Authorization: Bearer $AZURE_API_KEY" \ + -d @${{ steps.prepare_json.outputs.json_payload_path }} \ + -o "$RESPONSE_FILE" + + jq -r '.choices[0].message.content' "$RESPONSE_FILE" > "$MD_FILE_PATH" + + # cat $DOT_DIR/graph.md > "$MD_FILE_PATH" + + echo "Mermaid file created at: $MD_FILE_PATH" + echo "md_file_path=$MD_FILE_PATH" >> $GITHUB_OUTPUT + + echo "Diagram preview for module in **${DOT_DIR}**" > tmp_message_preview.txt + cat "$MD_FILE_PATH" >> tmp_message_preview.txt + + - name: Post Diagranm as PR Comment + id: comment + if: always() && github.event_name == 'pull_request' + uses: pagopa/dx/actions/pr-comment@main + env: + COMMENT_BODY_FILE: tmp_message_preview.txt + with: + comment-body-file: ${{ env.COMMENT_BODY_FILE }} + search-pattern: "Diagram for ${{ matrix.dot_file }}" + + - name: Upload Artifact + uses: pagopa/dx/.github/actions/upload-artifact@main + with: + bundle_name: diagram-${{ strategy.job-index }} + file_path: ${{ steps.ai_call.outputs.md_file_path }} + + upload-artifacts: + name: Upload all generated diagrams into artifact + runs-on: ubuntu-latest + needs: dot-to-mermaid + permissions: + contents: read + steps: + - name: Checkout code + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + with: + fetch-depth: 0 + + - name: Download generated diagrams + uses: pagopa/dx/.github/actions/download-artifact@feat-add-graph-generation # main + with: + file_path: downloaded-artifacts + + - name: Organize downloaded files + run: | + mkdir -p ./artifacts + + echo "Organizing downloaded files..." + for filepath in downloaded-artifacts/*/*.md; do + if [ -f "$filepath" ]; then + mv "$filepath" "./artifacts" + fi + done + echo "Files organized." + + - name: Upload Artifact + uses: pagopa/dx/.github/actions/upload-artifact@main + with: + bundle_name: mermaid-diagrams-${{ github.event_name == 'workflow_dispatch' && github.sha || github.event.pull_request.number }} + file_path: artifacts diff --git a/.github/workflows/poc-dot-to-mermaid-ai-complete.yaml b/.github/workflows/poc-dot-to-mermaid-ai-complete.yaml new file mode 100644 index 00000000..8498efa3 --- /dev/null +++ b/.github/workflows/poc-dot-to-mermaid-ai-complete.yaml @@ -0,0 +1,198 @@ +name: Convert Dot to Mermaid with Inference - PR + +on: + pull_request: + types: + - opened + # paths: + # - '**/graph.dot' # Uncomment to trigger only on changes to graph.dot files + workflow_dispatch: + # push: + # branches: + # - feat-poc-ai-graph-generation + +jobs: + find-changed-dots: + runs-on: ubuntu-latest + outputs: + changed_files: ${{ steps.changed-files.outputs.all_changed_files }} + steps: + - name: Checkout code + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Find changed .dot files + id: changed-files + uses: tj-actions/changed-files@ed68ef82c095e0d48ec87eccea555d944a631a4c # v46 + with: + files: '**/graph.dot' + base_sha: 'main' # REMOVE (normally compare PR branch latest two commits) + sha: feat-poc-ai-graph-generation # REMOVE (this is the branch where the PR is opened, now specified ti permit workflow_dispatch) + matrix: true + + - name: Test print + run: | + echo "Changed files: ${{ steps.changed-files.outputs.all_changed_files }}" + + dot-to-mermaid: + needs: find-changed-dots + if: ${{ needs.find-changed-dots.outputs.changed_files != '[]' && needs.find-changed-dots.outputs.changed_files != '' }} + + runs-on: ubuntu-latest + permissions: + contents: write + pull-requests: write + + strategy: + matrix: + dot_file: ${{ fromJson(needs.find-changed-dots.outputs.changed_files) }} + + steps: + - name: Checkout PR branch + uses: actions/checkout@v4 + with: + ref: ${{ github.head_ref }} + + - name: Generate Prompt for ${{ matrix.dot_file }} + id: generate_prompt + run: | + PROMPT_FILE="prompt-$(echo "${{ matrix.dot_file }}" | tr '/' '-').txt" + + cat > "$PROMPT_FILE" <> $GITHUB_OUTPUT + + - name: Prepare JSON Payload + id: prepare_json + run: | + JSON_FILE="payload-$(echo "${{ matrix.dot_file }}" | tr '/' '-').json" + jq -n \ + --arg content "$(cat ${{ steps.generate_prompt.outputs.prompt_path }})" \ + '{ + "messages": [ + { + "role": "user", + "content": $content + } + ], + "max_completion_tokens": 100000, + "model": "o4-mini" + }' > "$JSON_FILE" + + echo "JSON payload created at $JSON_FILE" + echo "json_payload_path=$JSON_FILE" >> $GITHUB_OUTPUT + + - name: Run AI call API for ${{ matrix.dot_file }} + id: ai_call + env: + AZURE_API_KEY: ${{ secrets.AZURE_AI_API_KEY }} + run: | + RESPONSE_FILE="response-$(echo "${{ matrix.dot_file }}" | tr '/' '-').json" + DOT_DIR=$(dirname "${{ matrix.dot_file }}") + ENCODED_NAME=$(echo "$DOT_DIR" | tr '/' '-') + MD_FILE_PATH="${ENCODED_NAME}.md" + + curl -s -X POST "https://dx-d-sdc-test-aif-01.cognitiveservices.azure.com/openai/deployments/o4-mini/chat/completions?api-version=2025-01-01-preview" \ + -H "Content-Type: application/json" \ + -H "Authorization: Bearer $AZURE_API_KEY" \ + -d @${{ steps.prepare_json.outputs.json_payload_path }} \ + -o "$RESPONSE_FILE" + + jq -r '.choices[0].message.content' "$RESPONSE_FILE" > "$MD_FILE_PATH" + + echo "Mermaid file created at: $MD_FILE_PATH" + echo "md_file_path=$MD_FILE_PATH" >> $GITHUB_OUTPUT + + - name: Upload generated diagrams + uses: actions/upload-artifact@v4 + with: + name: diagram-${{ strategy.job-index }} + path: ${{ steps.ai_call.outputs.md_file_path }} + if-no-files-found: error + + commit-changes: + runs-on: ubuntu-latest + needs: dot-to-mermaid + permissions: + contents: write + pull-requests: write + + steps: + - name: Checkout PR branch + uses: actions/checkout@v4 + with: + ref: ${{ github.head_ref }} + + - name: Download generated diagrams + uses: actions/download-artifact@v4 + with: + path: downloaded-artifacts + + - name: Organize downloaded files + run: | + echo "Organizing downloaded files..." + for filepath in downloaded-artifacts/*/*.md; do + if [ -f "$filepath" ]; then + filename=$(basename "$filepath") + dir_encoded_name="${filename%.md}" + dest_dir=$(echo "$dir_encoded_name" | tr '-' '/') + + mv "$filepath" "$dest_dir/graph.md" + + echo "Moved $filename to $dest_dir/graph.md" + fi + done + echo "Files organized." + + - name: Delete original .dot files + run: | + echo "Deleting original .dot files..." + + for md_file in $(git ls-files --others --exclude-standard -- '**/graph.md'); do + dot_file="$(dirname "$md_file")/graph.dot" + if [ -f "$dot_file" ]; then + echo "Deleting $dot_file" + rm "$dot_file" + fi + done + echo "Original .dot files deleted." + + - name: Commit and push all graph.md files + uses: stefanzweifel/git-auto-commit-action@v5 + with: + commit_message: "docs: ✨ Generate Mermaid diagrams from all .dot files and remove original .dot files ✨" + file_pattern: '**/graph.*' + commit_user_name: "dx-pagopa-bot" + commit_user_email: "dx-pagopa-github-bot@pagopa.it" + commit_author: "dx-pagopa-bot " \ No newline at end of file diff --git a/.gitignore b/.gitignore index 6eca8e55..b4aad1c1 100644 --- a/.gitignore +++ b/.gitignore @@ -294,3 +294,5 @@ changeset-status.json cdktf.out/ cdk.tf.json manifest.json + +.DS_Store diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 98e5c1ef..93f2bd6f 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,16 +1,22 @@ repos: - - repo: https://github.com/antonbabenko/pre-commit-terraform - rev: v1.96.2 - hooks: - - id: terraform_fmt - - id: terraform_docs - - id: terraform_validate - args: - - --args=-json - - --args=-no-color + # - repo: https://github.com/antonbabenko/pre-commit-terraform + # rev: v1.96.2 + # hooks: + # - id: terraform_fmt + # - id: terraform_docs + # - id: terraform_validate + # args: + # - --args=-json + # - --args=-no-color + + # - repo: https://github.com/pagopa/dx + # rev: pre_commit_scripts@0.1.0 + # hooks: + # - id: lock_modules + # exclude: ^.*/(_modules|modules|\.terraform)(/.*)?$ # directories to exclude + # files: infra/(github_runner|identity/dev|repository|resources/dev) # directories with terraform files to validate - - repo: https://github.com/pagopa/dx - rev: pre_commit_scripts@0.1.0 + - repo: local hooks: - id: terraform_providers_lock_staged - id: lock_modules diff --git a/infra/resources/_modules/api/README.md b/infra/resources/_modules/api/README.md index a5807bba..7c65d48b 100644 --- a/infra/resources/_modules/api/README.md +++ b/infra/resources/_modules/api/README.md @@ -2,6 +2,9 @@ This module is responsible for creating the API and the APIM backend service for the To Do API. + + + ## Requirements @@ -37,4 +40,4 @@ No modules. ## Outputs No outputs. - \ No newline at end of file + diff --git a/infra/resources/_modules/api/graph.dot b/infra/resources/_modules/api/graph.dot new file mode 100644 index 00000000..ea98ae4e --- /dev/null +++ b/infra/resources/_modules/api/graph.dot @@ -0,0 +1,10 @@ +digraph G { + rankdir = "RL"; + node [shape = rect, fontname = "sans-serif"]; + "azurerm_api_management_api.api" [label="azurerm_api_management_api.api"]; + "azurerm_api_management_api_policy.policy" [label="azurerm_api_management_api_policy.policy"]; + "azurerm_api_management_backend.backend" [label="azurerm_api_management_backend.backend"]; + "azurerm_api_management_api_policy.policy" -> "azurerm_api_management_api.api"; + "azurerm_api_management_api_policy.policy" -> "azurerm_api_management_backend.backend"; +} + diff --git a/infra/resources/_modules/api/graph.md b/infra/resources/_modules/api/graph.md new file mode 100644 index 00000000..c90ea095 --- /dev/null +++ b/infra/resources/_modules/api/graph.md @@ -0,0 +1,11 @@ +```mermaid +graph LR +subgraph API Management Service + API["API Management API"] + Policy["API Management API Policy"] + Backend["API Management Backend"] +end + +Policy --> API +Policy --> Backend +``` diff --git a/infra/resources/_modules/application_insights/.terraform.lock.hcl b/infra/resources/_modules/application_insights/.terraform.lock.hcl index cf9cb179..a1603e3c 100644 --- a/infra/resources/_modules/application_insights/.terraform.lock.hcl +++ b/infra/resources/_modules/application_insights/.terraform.lock.hcl @@ -24,6 +24,7 @@ provider "registry.terraform.io/pagopa-dx/azure" { version = "0.2.0" constraints = "~> 0.0" hashes = [ + "h1:5teYJ0PPPjWbGHoXTDKeh0QZrxJR1xOh02wIcFxODHc=", "h1:I/tTgCuaapwwzUuoaxIg+x8/HNr8pYdYSGeiNpobKOw=", "zh:2301715691aabde18a23834654b236f972aecf4448df62750c5235e4c219b9ff", "zh:42c235c4bd422fdf97c84dd91cb5b8db00293b9f8785c86377358f9d72d66f92", diff --git a/infra/resources/_modules/application_insights/README.md b/infra/resources/_modules/application_insights/README.md index d6c78e6f..a504def1 100644 --- a/infra/resources/_modules/application_insights/README.md +++ b/infra/resources/_modules/application_insights/README.md @@ -2,6 +2,9 @@ This module is useful to create a configuration of Application Insights and save the connection string into a key vault. + + + ## Requirements @@ -44,4 +47,4 @@ No modules. | [connection\_string\_secret\_id](#output\_connection\_string\_secret\_id) | The id of the secret containing the connection string | | [id](#output\_id) | The id of the Application Insights instance | | [log\_analytics\_workspace\_id](#output\_log\_analytics\_workspace\_id) | The id of the Log Analytics workspace | - \ No newline at end of file + diff --git a/infra/resources/_modules/application_insights/graph.dot b/infra/resources/_modules/application_insights/graph.dot new file mode 100644 index 00000000..f72ce2c1 --- /dev/null +++ b/infra/resources/_modules/application_insights/graph.dot @@ -0,0 +1,9 @@ +digraph G { + rankdir = "RL"; + node [shape = rect, fontname = "sans-serif"]; + "azurerm_application_insights.main" [label="azurerm_application_insights.main"]; + "azurerm_key_vault_secret.ai_connection_string" [label="azurerm_key_vault_secret.ai_connection_string"]; + "azurerm_log_analytics_workspace.main" [label="azurerm_log_analytics_workspace.main"]; + "azurerm_application_insights.main" -> "azurerm_log_analytics_workspace.main"; + "azurerm_key_vault_secret.ai_connection_string" -> "azurerm_application_insights.main"; +} diff --git a/infra/resources/_modules/application_insights/graph.md b/infra/resources/_modules/application_insights/graph.md new file mode 100644 index 00000000..86c6854e --- /dev/null +++ b/infra/resources/_modules/application_insights/graph.md @@ -0,0 +1,12 @@ +```mermaid +graph LR + subgraph Monitoring + AppInsights["Application Insights"] + LogAnalytics["Log Analytics Workspace"] + end + + KeyVaultSecret["Key Vault Secret (AI Connection String)"] + + KeyVaultSecret --> AppInsights + AppInsights --> LogAnalytics +``` diff --git a/infra/resources/_modules/application_insights/providers.tf b/infra/resources/_modules/application_insights/providers.tf index 25f4f06d..9ac4e8a7 100644 --- a/infra/resources/_modules/application_insights/providers.tf +++ b/infra/resources/_modules/application_insights/providers.tf @@ -6,3 +6,4 @@ terraform { } } } + diff --git a/infra/resources/_modules/virtual_machine/graph.dot b/infra/resources/_modules/virtual_machine/graph.dot new file mode 100644 index 00000000..3e324448 --- /dev/null +++ b/infra/resources/_modules/virtual_machine/graph.dot @@ -0,0 +1,7 @@ +digraph G { + rankdir = "RL"; + node [shape = rect, fontname = "sans-serif"]; + "azurerm_linux_virtual_machine.vm" [label="azurerm_linux_virtual_machine.vm"]; + "azurerm_network_interface.nic" [label="azurerm_network_interface.nic"]; + "azurerm_linux_virtual_machine.vm" -> "azurerm_network_interface.nic"; +} diff --git a/infra/resources/_modules/virtual_machine/graph.md b/infra/resources/_modules/virtual_machine/graph.md new file mode 100644 index 00000000..f43dcc41 --- /dev/null +++ b/infra/resources/_modules/virtual_machine/graph.md @@ -0,0 +1,10 @@ +```mermaid +graph LR + subgraph Compute + VM["Linux Virtual Machine"] + end + subgraph Networking + NIC["Network Interface"] + end + VM --> NIC +``` diff --git a/scripts/generate-terraform-graphs.sh b/scripts/generate-terraform-graphs.sh new file mode 100755 index 00000000..423cc1fd --- /dev/null +++ b/scripts/generate-terraform-graphs.sh @@ -0,0 +1,28 @@ +#!/bin/bash +set -e + +if ! command -v dot &> /dev/null; then + echo "Please install Graphviz, use the command:" + echo " - brew install graphviz" + exit 1 +fi + +if [ $# -eq 0 ]; then + echo "No .tf files changed. Skip this hook." + exit 0 +fi + +DIRECTORIES=$(dirname -- "$@" | sort -u) + +echo "Directory with changes:" +echo "$DIRECTORIES" +echo "---" + +for DIR in $DIRECTORIES; do + echo "🔄 Graph generation in: $DIR" + + (cd "$DIR" && terraform init && terraform graph > graph.dot) + + echo "✅ File graph.dot generated" + echo "---" +done \ No newline at end of file