v2.0.5

.github/workflows/ci.yml

@@ -83,7 +83,7 @@ jobs:
           query_file_path: ci-scripts/get-contributors.iql
           query_output: csv
       - name: Save contributors CSV
-        run: echo "${{ steps.get-contributors.outputs.stackql-query-results }}" > contributors.csv
+        run: echo "${{ steps.get-contributors.outputs.stackql-query-results }}" | tail -n +2 > contributors.csv
       - name: Upload contributors artifact
         uses: actions/upload-artifact@v7
         with:

.github/workflows/release.yml

@@ -46,7 +46,7 @@ jobs:
           query_file_path: ci-scripts/get-contributors.iql
           query_output: csv
       - name: Save contributors CSV
-        run: echo "${{ steps.get-contributors.outputs.stackql-query-results }}" > contributors.csv
+        run: echo "${{ steps.get-contributors.outputs.stackql-query-results }}" | tail -n +2 > contributors.csv
       - name: Upload contributors artifact
         uses: actions/upload-artifact@v7
         with:

.gitignore

@@ -7,6 +7,8 @@ stackql*.pkg
 stackql_history.txt
 stackql.log
 stackql-zip
+stackql-deploy
+.stackql-deploy-exports
 .env
 nohup.out
 contributors.csv

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "stackql-deploy"
-version = "2.0.4"
+version = "2.0.5"
 edition = "2021"
 rust-version = "1.75"
 description = "Infrastructure-as-code framework for declarative cloud resource management using StackQL"

examples/aws/aws-vpc-webserver/README.md

@@ -5,22 +5,17 @@ This example provisions a complete AWS networking stack with an Apache web serve
 ## Architecture
 
 ```mermaid
-architecture-beta
-    group vpc(logos:aws-vpc)[VPC 10.x.0.0/16]
-
-    service subnet(logos:aws-vpc)[Subnet 10.x.1.0/24] in vpc
-    service rt(logos:aws-route-53)[Route Table] in vpc
-    service sg(logos:aws-shield)[Security Group] in vpc
-    service ec2(logos:aws-ec2)[Web Server t2.micro] in vpc
-
-    group edge(logos:aws-cloudfront)[Edge]
-
-    service igw(logos:aws-api-gateway)[Internet Gateway] in edge
-
-    igw:R --> L:rt
-    rt:B -- T:subnet
-    sg:R -- L:ec2
-    subnet:T -- B:ec2
+flowchart LR
+    subgraph VPC["VPC 10.x.0.0/16"]
+        Subnet["Subnet\n10.x.1.0/24"]
+        RT["Route Table"]
+        SG["Security Group\nHTTP:80, SSH:22"]
+        EC2["Web Server\nt2.micro"]
+        Subnet --> EC2
+        SG --> EC2
+    end
+    IGW["Internet\nGateway"] --> RT --> Subnet
+    Internet(("Internet")) --> IGW
 ```
 
 ## Resources
@@ -62,37 +57,46 @@ architecture-beta
 ### Deploy
 
 ```bash
-stackql-deploy build examples/aws/aws-vpc-webserver dev
+target/release/stackql-deploy build examples/aws/aws-vpc-webserver dev \
+-e AWS_REGION=${AWS_REGION}
 ```
 
 With query visibility:
 
 ```bash
-stackql-deploy build examples/aws/aws-vpc-webserver dev --show-queries
+target/release/stackql-deploy build examples/aws/aws-vpc-webserver dev \
+-e AWS_REGION=${AWS_REGION} \
+--show-queries
 ```
 
 Dry run (no changes):
 
 ```bash
-stackql-deploy build examples/aws/aws-vpc-webserver dev --dry-run --show-queries
+target/release/stackql-deploy build examples/aws/aws-vpc-webserver dev \
+-e AWS_REGION=${AWS_REGION} \
+--dry-run --show-queries
 ```
 
 ### Test
 
 ```bash
-stackql-deploy test examples/aws/aws-vpc-webserver dev
+target/release/stackql-deploy test examples/aws/aws-vpc-webserver dev \
+-e AWS_REGION=${AWS_REGION}
 ```
 
 ### Teardown
 
 ```bash
-stackql-deploy teardown examples/aws/aws-vpc-webserver dev
+target/release/stackql-deploy teardown examples/aws/aws-vpc-webserver dev \
+-e AWS_REGION=${AWS_REGION}
 ```
 
 ### Debug mode
 
 ```bash
-stackql-deploy build examples/aws/aws-vpc-webserver dev --log-level debug
+target/release/stackql-deploy build examples/aws/aws-vpc-webserver dev \
+-e AWS_REGION=${AWS_REGION} \
+--log-level debug
 ```
 
 ## How It Works

examples/aws/aws-vpc-webserver/stackql_manifest.yml

@@ -2,7 +2,7 @@ version: 1
 name: "aws-vpc-webserver"
 description: Provisions a complete AWS networking stack (VPC, subnet, internet gateway, route table, security group) with an Apache web server EC2 instance.
 providers:
-  - awscc
+  - awscc::v26.03.00379
 globals:
   - name: region
     description: aws region
@@ -143,3 +143,6 @@ resources:
     props: []
     exports:
       - public_dns_name
+
+exports:
+  - public_dns_name

examples/aws/patch-doc-test/stackql_manifest.yml

@@ -2,7 +2,7 @@ version: 1
 name: "patch-doc-test"
 description: Demonstrates the Cloud Control API update (PatchDocument) workflow using an S3 bucket - deploy, modify versioning config, re-deploy to apply the update.
 providers:
-  - awscc
+  - awscc::v26.03.00379
 globals:
   - name: region
     description: aws region

examples/azure/azure-web-server/README.md

@@ -0,0 +1,94 @@
+# Azure Web Server Example
+
+This example provisions an Azure networking stack with a web server VM using the `azure` provider.
+
+## Architecture
+
+```mermaid
+flowchart LR
+    subgraph RG["Resource Group"]
+        subgraph VNet["VNet 10.x.0.0/16"]
+            Subnet["Subnet\n10.x.1.0/24"]
+            NIC["Network\nInterface"]
+            Subnet --> NIC
+        end
+        NSG["NSG\nHTTP:8080\nSSH:22"] --> NIC
+        PIP["Public IP"] --> NIC
+        NIC --> VM["Web Server\nStandard_DS1_v2\nUbuntu 18.04"]
+        VM --> EXT["Custom Script\nExtension"]
+    end
+    Internet(("Internet")) --> PIP
+```
+
+## Resources
+
+| # | Resource | Provider Resource | Description |
+|---|----------|-------------------|-------------|
+| 1 | `example_resource_group` | `azure.resources.resource_groups` | Resource group for all stack resources |
+| 2 | `example_vnet` | `azure.network.virtual_networks` | Virtual network with environment-specific CIDR |
+| 3 | `example_subnet` | `azure.network.subnets` | Subnet within the VNet |
+| 4 | `example_public_ip` | `azure.network.public_ip_addresses` | Static public IP for the VM |
+| 5 | `example_nsg` | `azure.network.network_security_groups` | NSG allowing HTTP (8080) and SSH (22 from VNet) |
+| 6 | `example_nic` | `azure.network.network_interfaces` | NIC with subnet, public IP, and NSG |
+| 7 | `example_web_server` | `azure.compute.virtual_machines` | Ubuntu 18.04 VM (Standard_DS1_v2) |
+| 8 | `example_vm_ext` | `azure.compute.virtual_machine_extensions` | Custom script extension to start a web server |
+
+## Environment-Specific CIDR Blocks
+
+| Environment | VNet CIDR | Subnet CIDR |
+|-------------|-----------|-------------|
+| `prd` | 10.0.0.0/16 | 10.0.1.0/24 |
+| `sit` | 10.1.0.0/16 | 10.1.1.0/24 |
+| `dev` | 10.2.0.0/16 | 10.2.1.0/24 |
+
+## Prerequisites
+
+- `stackql-deploy` installed ([releases](https://github.com/stackql/stackql-deploy-rs/releases))
+- Azure service principal credentials set as environment variables (used for provider authentication):
+
+  ```bash
+  export AZURE_TENANT_ID=your_tenant_id
+  export AZURE_CLIENT_ID=your_client_id
+  export AZURE_CLIENT_SECRET=your_client_secret
+  ```
+
+- Stack-specific variables passed via `-e` flags (mapped to manifest globals):
+  - `AZURE_SUBSCRIPTION_ID` - your Azure subscription ID
+  - `AZURE_VM_ADMIN_PASSWORD` - password for the VM admin user
+
+  For more information on authentication, see the [`azure` provider documentation](https://azure.stackql.io/providers/azure).
+
+## Usage
+
+### Deploy
+
+```bash
+target/release/stackql-deploy build examples/azure/azure-web-server dev \
+  -e AZURE_SUBSCRIPTION_ID=${AZURE_SUBSCRIPTION_ID} \
+  -e AZURE_VM_ADMIN_PASSWORD=${AZURE_VM_ADMIN_PASSWORD}
+```
+
+### Test
+
+```bash
+stackql-deploy test examples/azure/azure-web-server dev \
+  -e AZURE_SUBSCRIPTION_ID=${AZURE_SUBSCRIPTION_ID} \
+  -e AZURE_VM_ADMIN_PASSWORD=${AZURE_VM_ADMIN_PASSWORD}
+```
+
+### Teardown
+
+```bash
+stackql-deploy teardown examples/azure/azure-web-server dev \
+  -e AZURE_SUBSCRIPTION_ID=${AZURE_SUBSCRIPTION_ID} \
+  -e AZURE_VM_ADMIN_PASSWORD=${AZURE_VM_ADMIN_PASSWORD}
+```
+
+### Debug mode
+
+```bash
+stackql-deploy build examples/azure/azure-web-server dev \
+  -e AZURE_SUBSCRIPTION_ID=${AZURE_SUBSCRIPTION_ID} \
+  -e AZURE_VM_ADMIN_PASSWORD=${AZURE_VM_ADMIN_PASSWORD} \
+  --log-level debug
+```

examples/azure/azure-stack/resources/example_nic.iql → examples/azure/azure-web-server/resources/example_nic.iql

@@ -3,9 +3,9 @@ INSERT INTO azure.network.interfaces(
    networkInterfaceName,
    resourceGroupName,
    subscriptionId,
-   location,
-   properties,
-   tags
+   data__location,
+   data__properties,
+   data__tags
 )
 SELECT
    '{{ nic_name }}',

examples/azure/azure-stack/resources/example_nsg.iql → examples/azure/azure-web-server/resources/example_nsg.iql

@@ -3,9 +3,9 @@ INSERT INTO azure.network.security_groups(
    networkSecurityGroupName,
    resourceGroupName,
    subscriptionId,
-   location,
-   properties,
-   tags
+   data__location,
+   data__properties,
+   data__tags
 )
 SELECT
    '{{ nsg_name }}',

examples/azure/azure-stack/resources/example_public_ip.iql → examples/azure/azure-web-server/resources/example_public_ip.iql

@@ -3,15 +3,17 @@ INSERT INTO azure.network.public_ip_addresses(
    publicIpAddressName,
    resourceGroupName, 
    subscriptionId, 
-   location,
-   properties,
-   tags   
+   data__location,
+   data__sku,
+   data__properties,
+   data__tags   
 )
 SELECT
    '{{ public_ip_name }}',
    '{{ resource_group_name }}',
    '{{ subscription_id }}',
    '{{ location }}',
+   '{"name":"Standard","tier":"Regional"}',
    '{"publicIPAllocationMethod":"Static"}',
    '{{ global_tags }}'
 

examples/azure/azure-stack/resources/example_resource_group.iql → examples/azure/azure-web-server/resources/example_resource_group.iql

@@ -7,8 +7,8 @@ AND resourceGroupName = '{{ resource_group_name }}'
 INSERT INTO azure.resources.resource_groups(
    resourceGroupName,
    subscriptionId,
-   location,
-   tags
+   data__location,
+   data__tags
 )
 SELECT
    '{{ resource_group_name }}',

examples/azure/azure-stack/resources/example_subnet.iql → examples/azure/azure-web-server/resources/example_subnet.iql

@@ -4,7 +4,7 @@ INSERT INTO azure.network.subnets(
    virtualNetworkName,
    resourceGroupName, 
    subscriptionId, 
-   properties
+   data__properties
 )
 SELECT
    '{{ subnet_name }}',