professional-service-best-practices/best-practice-template

Template

No description

Markus Brunsch 3b4e09c665 All checks were successful CI / Check License Header (push) Successful in 3s Details CI / TruffleHog Secrets Scan (push) Successful in 4s Details CI / Terraform CI (push) Successful in 10s Details added gpg block		2025-10-31 14:08:03 +01:00
.forgejo	ci: fix setup tf step	2025-10-31 13:44:29 +01:00
.gitignore	updated gitignore	2025-10-31 13:27:03 +01:00
.terraform-version	Initial commit	2025-10-31 13:24:56 +01:00
.terraform.lock.hcl	Initial commit	2025-10-31 13:35:20 +01:00
00-backend.tf	Initial commit	2025-10-31 13:35:20 +01:00
00-provider.tf	Initial commit	2025-10-31 13:31:58 +01:00
01-variables.tf	Initial commit	2025-10-31 13:35:20 +01:00
02-example.tf	Initial commit	2025-10-31 13:31:58 +01:00
backend.conf.example	Initial commit	2025-10-31 13:31:58 +01:00
CHANGELOG.md	Initial commit	2025-10-31 13:22:18 +01:00
LICENSE	added license	2025-10-31 13:26:53 +01:00
MAINTAINERS.md	Initial commit	2025-10-31 13:22:18 +01:00
README.md	added gpg block	2025-10-31 14:08:03 +01:00

README.md

[Name of the Best Practice Template]

Overview

This repository provides a standardized template to solve [specific problem or use case]. It is designed to ensure quality, maintainability, and security for [mention the technology, e.g., Terraform module, CI/CD pipeline, etc.] on STACKIT.

The main goal of this Best Practice (BP) is to [briefly describe the primary benefit, e.g., "deploy a secure and cost-effective Kubernetes cluster on STACKIT"].

License Header

/*
Copyright 2025 STACKIT GmbH & Co. KG <maintainer.email@stackit.cloud>

Use of this source code is governed by an MIT-style
license that can be found in the LICENSE file or at
https://opensource.org/licenses/MIT.
*/

Setup Git GPG Key

https://docs.codeberg.org/security/gpg-key/

Generate GPG Key

gpg --full-generate-key

Configure Git to use the Key

git config --global user.signingkey <GPG KEY ID>
git config --global commit.gpgsign true

Read GPG Key and add it to STACKIT Git

gpg --armor --export <GPG KEY ID>

Copy the Public Key block and add it into your Profile settings on the STACKIT Git instance.

Prerequisites

Before using this template, ensure you have the following:

Tools:
- [Tool Name, e.g., Terraform] version x.y.z or higher
- [Tool Name, e.g., Git]
Access & Permissions:
- [Required access, e.g., Project Member permissions on a STACKIT project]
- STACKIT provider credentials configured

How to Use

Follow these steps to implement the template:

Clone the repository:

git clone [repository-url]
cd [repository-name]

Configure the variables:
- Create a terraform.tfvars file or set environment variables as described in the Configuration section below.

Initialize and apply:

terraform init
terraform plan
terraform apply

Verify the deployment:
- [Provide a simple command or step to check if the deployment was successful].

Configuration

The following variables can be configured.

Variable Name	Description	Type	Default Value	Required
`project_id`	The STACKIT project ID.	`string`	`null`	Yes
`region`	The region where resources will be created.	`string`	`eu01`	No
`...`	...	`...`	`...`	...

Testing

This repository includes automated and manual testing procedures to ensure quality.

Automated Tests

Validation: terraform validate is automatically executed on every commit via the CI/CD pipeline.
Security Scans: A secret check is performed on every push to the repository.

Manual Tests

The following aspects should be tested manually after deployment:

[Manual Test Case 1, e.g., "Verify connectivity to the database instance."]
[Manual Test Case 2, e.g., "Check permissions for the created service account."]

Dependencies

This template relies on the following pinned versions:

Provider [Provider Name, e.g., STACKIT]: ~> 0.69.0

Changelog

All notable changes to this project are documented in the CHANGELOG.md file.