This Terraform module checks for the existence of a VM in Proxmox Virtual Environment. It uses the Proxmox API to query the status of a specified VM and returns a boolean indicating whether the VM exists.

• Checks for the existence of a specific VM in Proxmox
• Uses secure HTTPS connections to the Proxmox API
• Implements best practices for handling sensitive data
• Includes OPA (Open Policy Agent) tests for validation

To use this module in your Terraform configuration, add the following:

module "proxmox_vm_check" {
  source  = "janpreet/vm-check/proxmox"
  version = "1.0.0"

  pm_api_url  = "https://proxmox.example.com:8006/api2/json"
  pm_user     = "root@pam"
  pm_password = var.proxmox_password
  node_name   = "pve"
  vm_id       = 100

  vm_exists_file_path  = "${path.root}/vm_exists.txt"
}

Make sure to use the latest version number available in the Terraform Registry.

• Terraform 0.13
• Proxmox Virtual Environment 6.x
• curl and jq installed on the machine running Terraform

module "check_vm" {
  source  = "janpreet/vm-check/proxmox"
  version = "1.0.0"

  pm_api_url  = "https://proxmox.example.com:8006/api2/json"
  pm_user     = "root@pam"
  pm_password = var.proxmox_password
  node_name   = "pve"
  vm_id       = 100

  vm_exists_file_path  = "${path.root}/vm_exists.txt"
}

output "vm_100_exists" {
  value = module.check_vm.vm_exists
}

• Always use HTTPS for the Proxmox API URL.
• The pm_password variable is marked as sensitive. Ensure you're not logging or exposing this value.
• It's recommended to use a Terraform backend that supports encryption at rest for your state files, as they may contain sensitive information.
• Consider using Vault or another secrets management solution to securely provide the Proxmox password at runtime.

For local development and testing, you can use environment variables to provide sensitive information:

export TF_VAR_pm_password="your-proxmox-password"
terraform plan

This approach keeps sensitive data out of your Terraform files and version control.

This module uses GitHub Actions for continuous integration and automated publishing to the Terraform Registry. The workflow performs the following:

• Terraform format and validation
• Static analysis with TFLint
• OPA policy checks
• Security and compliance scanning with Checkov and Terrascan
• Vulnerability scanning with Trivy
• Automatic README updates with terraform-docs
• Publishing to the Terraform Registry on new releases

Note: The CI process does not perform actual Proxmox API calls or require Proxmox credentials, ensuring that sensitive information is not needed in the GitHub repository or Actions.

This module follows semantic versioning. When using the module, it's recommended to pin to a specific version:

module "proxmox_vm_check" {
  source  = "janpreet/vm-check/proxmox"
  version = "1.0.0"
  # ... other configuration ...
}

Check the Terraform Registry for the latest available version.

Contributions to this module are welcome. Please ensure that any PRs include appropriate tests and documentation updates. When testing locally, remember to handle sensitive information securely as described in the "Local Development and Testing" section.

This module is licensed under the MIT License. See the LICENSE file for details.