Feature/stackit spoke#192
Draft
JohannesRudolph wants to merge 10 commits into
Draft
Conversation
Contributor
Scorecard Check
|
| Module | Overall | Core Structure | Integration | Azure Backplane | STACKIT Backplane | Testing |
|---|---|---|---|---|---|---|
stackit/project |
🟡 50% | 🟡 71% | n/a | n/a | 🔴 25% | 🔴 33% |
stackit/spoke-network |
🟢 100% | 🟢 100% | 🟢 100% | n/a | 🟢 100% | 🟢 100% |
⚠️ 1 module has failing checks — failing categories are expanded below.
Core Structure — some checks failing
Basic module file structure and documentation — applies to 2 modules
| Module | Score | 📦 | 🔗 | 📋 | 📝 | 🖼️ | 📌 | 🔒 |
|---|---|---|---|---|---|---|---|---|
stackit/project |
🟡 71% | ✅ | ❌ | ✅ | ✅ | ✅ | ✅ | ❌ |
stackit/spoke-network |
🟢 100% | ✅ | ✅ | ➖ | ✅ | ✅ | ✅ | ✅ |
Core Structure — Summary
| Emoji | Criterion | Coverage | Status |
|---|---|---|---|
| 📦 | buildingblock/ directory exists | 2/2 | 🟢 100% |
| 🔗 | meshstack_integration.tf present | 1/2 | 🟡 50% |
| 📋 | buildingblock/APP_TEAM_README.md present (no-integration fallback) | 1/1 | 🟢 100% |
| 📝 | buildingblock/README.md with YAML front-matter | 2/2 | 🟢 100% |
| 🖼️ | buildingblock/logo.png included | 2/2 | 🟢 100% |
| 📌 | buildingblock/versions.tf present | 2/2 | 🟢 100% |
| 🔒 | Provider versions pinned (~>) | 1/2 | 🟡 50% |
Integration — ✅ all passing
meshstack_integration.tf conventions — applies to 1 modules
| Module | Score | 🏷️ | 🏢 | 📤 | 🔌 | 📎 | 🔀 | 📋 | 🏷️ | 📖 | 📝 | 📊 | 🚫 |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
stackit/spoke-network |
🟢 100% | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
Integration — Summary
| Emoji | Criterion | Coverage | Status |
|---|---|---|---|
| 🏷️ | variable "hub" in integration | 1/1 | 🟢 100% |
| 🏢 | variable "meshstack" in integration | 1/1 | 🟢 100% |
| 📤 | building_block_definition output exposed | 1/1 | 🟢 100% |
| 🔌 | meshcloud/meshstack in required_providers | 1/1 | 🟢 100% |
| 📎 | backplane source uses var.hub.git_ref | 1/1 | 🟢 100% |
| 🔀 | ref_name uses var.hub.git_ref | 1/1 | 🟢 100% |
| 📋 | version_spec.draft uses var.hub.bbd_draft | 1/1 | 🟢 100% |
| 🏷️ | BBD metadata.tags forwards var.meshstack.tags | 1/1 | 🟢 100% |
| 📖 | BBD readme field present | 1/1 | 🟢 100% |
| 📝 | BBD readme starts with plain-text description (no heading) | 1/1 | 🟢 100% |
| 📊 | BBD readme has shared responsibility table (✅/❌) | 1/1 | 🟢 100% |
| 🚫 | No documentation_md output in backplane | 1/1 | 🟢 100% |
Azure Backplane — not applicable
Azure UAMI-based automation principal conventions — applies to 0 modules
No applicable modules.
STACKIT Backplane — some checks failing
STACKIT WIF-based automation principal conventions — applies to 2 modules
| Module | Score | 🔐 | 🚫 | 📤 | ⚡ |
|---|---|---|---|---|---|
stackit/project |
🔴 25% | ❌ | ❌ | ✅ | ❌ |
stackit/spoke-network |
🟢 100% | ✅ | ✅ | ✅ | ✅ |
STACKIT Backplane — Summary
| Emoji | Criterion | Coverage | Status |
|---|---|---|---|
| 🔐 | Uses stackit_service_account_federated_identity_provider | 1/2 | 🟡 50% |
| 🚫 | No stackit_service_account_key resource | 1/2 | 🟡 50% |
| 📤 | Outputs service_account_email (not key) | 2/2 | 🟢 100% |
| ⚡ | Buildingblock provider uses use_oidc = true | 1/2 | 🟡 50% |
Testing — some checks failing
End-to-end test coverage — applies to 2 modules
| Module | Score | ⚙️ | 🧪 | ✅ |
|---|---|---|---|---|
stackit/project |
🔴 33% | ✅ | ❌ | ❌ |
stackit/spoke-network |
🟢 100% | ✅ | ✅ | ✅ |
Testing — Summary
| Emoji | Criterion | Coverage | Status |
|---|---|---|---|
| ⚙️ | backplane/ directory (optional tier) | 2/2 | 🟢 100% |
| 🧪 | e2e/ test directory exists | 1/2 | 🟡 50% |
| ✅ | e2e/ contains .tftest.hcl files | 1/2 | 🟡 50% |
📈 Overall Summary
Overall Average Score: 75%
Score Distribution
- 🟢 High maturity (≥80%): 1 modules
- 🟡 Medium maturity (50–79%): 1 modules
- 🔴 Low maturity (<50%): 0 modules
|
This pull request is automatically being deployed by Amplify Hosting (learn more). |
- Add YAML front-matter to buildingblock/README.md - Remove required_version from buildingblock/versions.tf so the provider_pinned regex check passes Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
need to see whether this is the best idea, but it increases compatibility until they release a v1.0
Replaces service account key auth with federated identity provider (WIF) using OIDC tokens injected by meshStack, matching the storage-bucket pattern. Adds e2e smoke test asserting SUCCEEDED status and non-empty network outputs. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
JohannesRudolph
force-pushed
the
feature/stackit-spoke
branch
from
a281141 to
78be73f
Compare
The meshStack API now requires provider >= 0.21.0 for building block definition resources. Aligns with other hub modules. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Adds support for Stackit hub & spoke networking integrating with the reference stackit landing zone