Feature/stackit spoke#192
Draft
JohannesRudolph wants to merge 11 commits into
Draft
Conversation
Contributor
Scorecard Check
|
| Module | Overall | Core Structure | Integration | Azure Backplane | STACKIT Backplane | Testing |
|---|---|---|---|---|---|---|
ske/ske-starterkit |
🟢 95% | 🟢 100% | 🟢 100% | n/a | n/a | 🟡 67% |
stackit/spoke-network |
🟢 96% | 🟢 83% | 🟢 100% | n/a | 🟢 100% | 🟢 100% |
⚠️ 2 modules have failing checks — failing categories are expanded below.
Core Structure — some checks failing
Basic module file structure and documentation — applies to 2 modules
| Module | Score | 📦 | 🔗 | 📋 | 📝 | 🖼️ | 📌 | 🔒 |
|---|---|---|---|---|---|---|---|---|
ske/ske-starterkit |
🟢 100% | ✅ | ✅ | ➖ | ✅ | ✅ | ✅ | ✅ |
stackit/spoke-network |
🟢 83% | ✅ | ✅ | ➖ | ✅ | ✅ | ✅ | ❌ |
Core Structure — Summary
| Emoji | Criterion | Coverage | Status |
|---|---|---|---|
| 📦 | buildingblock/ directory exists | 2/2 | 🟢 100% |
| 🔗 | meshstack_integration.tf present | 2/2 | 🟢 100% |
| 📋 | buildingblock/APP_TEAM_README.md present (no-integration fallback) | n/a | — |
| 📝 | buildingblock/README.md with YAML front-matter | 2/2 | 🟢 100% |
| 🖼️ | buildingblock/logo.png included | 2/2 | 🟢 100% |
| 📌 | buildingblock/versions.tf present | 2/2 | 🟢 100% |
| 🔒 | Provider versions use minimum constraint (>=) | 1/2 | 🟡 50% |
Integration — ✅ all passing
meshstack_integration.tf conventions — applies to 2 modules
| Module | Score | 🏷️ | 🏢 | 📤 | 🔌 | 📎 | 🔀 | 📋 | 🏷️ | 📖 | 📝 | 📊 | 🚫 | 🔄 |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ske/ske-starterkit |
🟢 100% | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ➖ |
stackit/spoke-network |
🟢 100% | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ➖ |
Integration — Summary
| Emoji | Criterion | Coverage | Status |
|---|---|---|---|
| 🏷️ | variable "hub" in integration | 2/2 | 🟢 100% |
| 🏢 | variable "meshstack" in integration | 2/2 | 🟢 100% |
| 📤 | building_block_definition output exposed | 2/2 | 🟢 100% |
| 🔌 | meshcloud/meshstack in required_providers | 2/2 | 🟢 100% |
| 📎 | backplane source uses var.hub.git_ref | 2/2 | 🟢 100% |
| 🔀 | ref_name uses var.hub.git_ref | 2/2 | 🟢 100% |
| 📋 | version_spec.draft uses var.hub.bbd_draft | 2/2 | 🟢 100% |
| 🏷️ | BBD metadata.tags forwards var.meshstack.tags | 2/2 | 🟢 100% |
| 📖 | BBD readme field present | 2/2 | 🟢 100% |
| 📝 | BBD readme starts with plain-text description (no heading) | 2/2 | 🟢 100% |
| 📊 | BBD readme has shared responsibility table (✅/❌) | 2/2 | 🟢 100% |
| 🚫 | No documentation_md output in backplane | 2/2 | 🟢 100% |
| 🔄 | meshstack_platform has lifecycle ignore_changes = [availability] | n/a | — |
Azure Backplane — not applicable
Azure UAMI-based automation principal conventions — applies to 0 modules
No applicable modules.
STACKIT Backplane — ✅ all passing
STACKIT WIF-based automation principal conventions — applies to 1 modules
| Module | Score | 🔐 | 🚫 | 📤 | ⚡ |
|---|---|---|---|---|---|
stackit/spoke-network |
🟢 100% | ✅ | ✅ | ✅ | ✅ |
STACKIT Backplane — Summary
| Emoji | Criterion | Coverage | Status |
|---|---|---|---|
| 🔐 | Uses stackit_service_account_federated_identity_provider | 1/1 | 🟢 100% |
| 🚫 | No stackit_service_account_key resource | 1/1 | 🟢 100% |
| 📤 | Outputs service_account_email (not key) | 1/1 | 🟢 100% |
| ⚡ | Buildingblock provider uses use_oidc = true | 1/1 | 🟢 100% |
Testing — some checks failing
End-to-end test coverage — applies to 2 modules
| Module | Score | ⚙️ | 🧪 | ✅ |
|---|---|---|---|---|
ske/ske-starterkit |
🟡 67% | ❌ | ✅ | ✅ |
stackit/spoke-network |
🟢 100% | ✅ | ✅ | ✅ |
Testing — Summary
| Emoji | Criterion | Coverage | Status |
|---|---|---|---|
| ⚙️ | backplane/ directory (optional tier) | 1/2 | 🟡 50% |
| 🧪 | e2e/ test directory exists | 2/2 | 🟢 100% |
| ✅ | e2e/ contains .tftest.hcl files | 2/2 | 🟢 100% |
📈 Overall Summary
Overall Average Score: 96%
Score Distribution
- 🟢 High maturity (≥80%): 2 modules
- 🟡 Medium maturity (50–79%): 0 modules
- 🔴 Low maturity (<50%): 0 modules
|
This pull request is automatically being deployed by Amplify Hosting (learn more). |
JohannesRudolph
force-pushed
the
feature/stackit-spoke
branch
from
a281141 to
78be73f
Compare
JohannesRudolph
force-pushed
the
feature/stackit-spoke
branch
3 times, most recently
from
0185552 to
8f89846
Compare
The `availability` field controls publication state and access restrictions. meshStack operators modify this after initial deployment (e.g. to publish a platform to users) — Terraform must not reset it on subsequent applies.
- Add YAML front-matter to buildingblock/README.md - Remove required_version from buildingblock/versions.tf so the provider_pinned regex check passes Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
need to see whether this is the best idea, but it increases compatibility until they release a v1.0
Replaces service account key auth with federated identity provider (WIF) using OIDC tokens injected by meshStack, matching the storage-bucket pattern. Adds e2e smoke test asserting SUCCEEDED status and non-empty network outputs. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Aligns with other hub modules. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
JohannesRudolph
force-pushed
the
feature/stackit-spoke
branch
from
8f89846 to
7578d22
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Adds support for Stackit hub & spoke networking integrating with the reference stackit landing zone