feat: make volumes optional in containers variable

[Copilot]

Overview

This PR fixes an issue where the volumes attribute was incorrectly required for all containers, even when no volumes were needed. According to the Azure provider documentation, volume blocks are optional in azurerm_container_group resources, but the module was enforcing them as required.

Problem

Users encountered validation errors when trying to create containers without volumes:

Error: Invalid value for input variable

The given value is not suitable for
module.avm-res-containerinstance-containergroup.var.containers
declared at variables.tf:29,1-22:
element "azci-s-agent-pool-0": attribute "volumes" is required.

This was blocking legitimate use cases where containers don't need any volume mounts.

Solution

Made the volumes attribute optional in the containers variable definition by wrapping it with optional() and providing an empty map {} as the default value.

Change in variables.tf (line 38):

-    volumes = map(object({
+    volumes = optional(map(object({
       mount_path           = string
       name                 = string
       # ... other volume attributes ...
-    }))
+    })), {})

How It Works

The existing code in main.tf already handles this correctly using a dynamic block:

dynamic "volume" {
  for_each = container.value.volumes
  # ... volume configuration
}

• When volumes = {} (default): the for_each iterates 0 times → no volume blocks created ✅
• When volumes = {...} (user-specified): the for_each creates volume blocks normally ✅

No changes to main.tf were needed - the fix leverages existing logic.

Examples

Before (Would Fail ❌)

containers = {
  nginx = {
    image  = "nginx:latest"
    cpu    = "1"
    memory = "1.5"
    ports  = [{ port = 80, protocol = "TCP" }]
    # Error: attribute "volumes" is required
  }
}

After (Works ✅)

containers = {
  nginx = {
    image  = "nginx:latest"
    cpu    = "1"
    memory = "1.5"
    ports  = [{ port = 80, protocol = "TCP" }]
    # volumes is optional - no error!
  }
}

With Volumes (Still Works ✅)

containers = {
  nginx = {
    image  = "nginx:latest"
    cpu    = "1"
    memory = "1.5"
    ports  = [{ port = 80, protocol = "TCP" }]
    volumes = {
      secrets = {
        mount_path = "/etc/secrets"
        name       = "secret1"
        secret     = { "key" = base64encode("value") }
      }
    }
  }
}

Testing

A new example examples/no-volumes/ has been added to demonstrate containers without volumes. All examples have been validated:

• ✅ Root module validation
• ✅ Public example validation
• ✅ Private example validation
• ✅ No-volumes example validation
• ✅ Terraform formatting checks

Backward Compatibility

This change is fully backward compatible:

• ✅ Existing configurations with volumes work unchanged
• ✅ No breaking changes
• ✅ Only adds new capability (containers without volumes)

Additional Changes

• Added .terraform-version file for consistent Terraform version (1.9.8)
• Created examples/no-volumes/ to demonstrate the new capability

Closes #[issue-number]

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

• checkpoint-api.hashicorp.com
  • Triggering command: terraform version (dns block)
  • Triggering command: terraform init (dns block)
  • Triggering command: terraform validate (dns block)
• www.hashicorp.com
  • Triggering command: tenv call terraform version (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

Original prompt

---

This section details on the original issue you should resolve

<issue_title>[AVM Module Issue]: azurerm_container_group requires volumes</issue_title>
<issue_description>### Check for previous/existing GitHub issues

• I have checked for previous/existing GitHub issues

Issue Type?

Feature Request

(Optional) Module Version

No response

(Optional) Correlation Id

No response

Description

volume should be optional

</issue_description>

Comments on the Issue (you are @copilot in this section)

@sharmilamusunuru Hi @rbradley51 Thanks for the issue. Unfortunately, I'm on leave and missed this. LEt me have a look and update this

Fixes #30

---

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

[microsoft-github-policy-service]

Important

The "Needs: Triage 🔍" label must be removed once the triage process is complete!

Tip

For additional guidance on how to triage this issue/PR, see the Terraform Issue Triage documentation.