Move DNS back into instance

.github/workflows/instance-deploy-prod.yml

@@ -62,6 +62,8 @@ jobs:
           TF_VAR_acr_username: ${{ secrets.ACR_USERNAME }}
           TF_VAR_acr_password: ${{ secrets.ACR_TOKEN }}
           TF_VAR_website_dns_subdomain: www
+          TF_VAR_api_dns_subdomain: api
+          TF_VAR_monitoring_dns_subdomain: monitoring
       - name: Terraform Apply
         id: apply
         run: terraform -chdir=instance apply -auto-approve
@@ -71,6 +73,8 @@ jobs:
           TF_VAR_acr_username: ${{ secrets.ACR_USERNAME }}
           TF_VAR_acr_password: ${{ secrets.ACR_TOKEN }}
           TF_VAR_website_dns_subdomain: www
+          TF_VAR_api_dns_subdomain: api
+          TF_VAR_monitoring_dns_subdomain: monitoring
       - name: Save terraform outputs
         shell: bash
         run: |
@@ -131,4 +135,4 @@ jobs:
           location: 'East US'
           resourceGroup: ${{ env.resource_group_name }}
           targetPort: 80
-          environmentVariables: "API__BASEPATH=https://${{ env.container_app_api_fqdn }}"
+          environmentVariables: "API__BASEPATH=https://api.rockpal.co.uk"

.github/workflows/instance-deploy-test.yml

@@ -60,7 +60,9 @@ jobs:
           TF_VAR_environment: ${{ github.head_ref }}
           TF_VAR_acr_username: ${{ secrets.ACR_USERNAME }}
           TF_VAR_acr_password: ${{ secrets.ACR_TOKEN }}
-          TF_VAR_website_dns_subdomain: ${{ github.head_ref }}
+          TF_VAR_website_dns_subdomain: ${{ github.head_ref }}-site
+          TF_VAR_api_dns_subdomain: ${{ github.head_ref }}-api
+          TF_VAR_monitoring_dns_subdomain: ${{ github.head_ref }}-monitoring
       - name: Terraform Apply
         id: apply
         run: terraform -chdir=instance apply -auto-approve
@@ -70,6 +72,8 @@ jobs:
           TF_VAR_acr_username: ${{ secrets.ACR_USERNAME }}
           TF_VAR_acr_password: ${{ secrets.ACR_TOKEN }}
           TF_VAR_website_dns_subdomain: ${{ github.head_ref }}
+          TF_VAR_api_dns_subdomain: api
+          TF_VAR_monitoring_dns_subdomain: monitoring
       - name: Save terraform outputs
         shell: bash
         run: |
@@ -130,7 +134,7 @@ jobs:
           location: 'East US'
           resourceGroup: ${{ env.resource_group_name }}
           targetPort: 80
-          environmentVariables: "API__BASEPATH=https://${{ env.container_app_api_fqdn }}"
+          environmentVariables: "API__BASEPATH=https://${{ github.head_ref }}-api.rockpal.co.uk"
       - name: Find Comment
         uses: peter-evans/find-comment@v1
         id: fc
@@ -146,8 +150,8 @@ jobs:
           edit-mode: replace
           body: |
             ### Test environment information
-            #### 🔗 [Company Website](https://${{ env.container_app_website_fqdn }}/)
-            #### 🔗 [Company API](https://${{ env.container_app_api_fqdn }}/swagger/)
-            #### 🔗 [Monitoring Dashboard](https://${{ env.container_app_monitoring_fqdn }})
+            #### 🔗 [Company Website](https://${{ github.head_ref }}-site.rockpal.co.uk/)
+            #### 🔗 [Company API](https://${{ github.head_ref }}-api.rockpal.co.uk/swagger/)
+            #### 🔗 [Monitoring Dashboard](https://${{ github.head_ref }}-monitoring.rockpal.co.uk/)
 
             *Pusher: @${{ github.actor }}, Action: \`${{ github.event_name }}\`, Working Directory: \`${{ env.tf_actions_working_dir }}\`, Workflow: \`${{ github.workflow }}\`*

.github/workflows/instance-plan-prod.yml

@@ -40,6 +40,8 @@ jobs:
           TF_VAR_acr_username: ${{ secrets.ACR_USERNAME }}
           TF_VAR_acr_password: ${{ secrets.ACR_TOKEN }}
           TF_VAR_website_dns_subdomain: www
+          TF_VAR_api_dns_subdomain: api
+          TF_VAR_monitoring_dns_subdomain: monitoring
       - name: Find Comment
         uses: peter-evans/find-comment@v1
         id: fc

terraform/instance/dns.tf

@@ -0,0 +1,32 @@
+data "azurerm_dns_zone" "rockpal-co-uk"{
+    resource_group_name = "onlinestore-shared-rg"
+    name                = "rockpal.co.uk"
+}
+
+resource "azurerm_dns_cname_record" "api" {
+  name                = var.api_dns_subdomain
+  zone_name           = data.azurerm_dns_zone.rockpal-co-uk.name
+  resource_group_name = data.azurerm_dns_zone.rockpal-co-uk.resource_group_name
+  ttl                 = 300
+  record              = azurerm_container_app.api.ingress[0].fqdn
+}
+
+resource "azurerm_dns_txt_record" "api" {
+  name                = "asuid.${var.api_dns_subdomain}"
+  zone_name           = data.azurerm_dns_zone.rockpal-co-uk.name
+  resource_group_name = data.azurerm_dns_zone.rockpal-co-uk.resource_group_name
+  ttl                 = 300
+  record {
+    value = azurerm_container_app.api.custom_domain_verification_id
+  }
+}
+
+resource "azurerm_container_app_custom_domain" "api" {
+  name             = trimprefix(azurerm_dns_txt_record.api.fqdn, "asuid.")
+  container_app_id = azurerm_container_app.api.id
+
+  lifecycle {
+    // When using an Azure created Managed Certificate these values must be added to ignore_changes to prevent resource recreation.
+    ignore_changes = [certificate_binding_type, container_app_environment_certificate_id]
+  }
+}

terraform/instance/variables.tf

@@ -16,18 +16,6 @@ variable "location" {
   default     = "East US 2"
 }
 
-variable "dns_prefix" {
-  type        = string
-  description = "A prefix for any dns based resources"
-  default     = "os"
-}
-
-variable "plan_sku" {
-  type        = string
-  description = "The sku of app service plan to create"
-  default     = "F1"
-}
-
 variable "acr_username" {
   type        = string
   description = "The username to log in to ACR"
@@ -44,3 +32,13 @@ variable "website_dns_subdomain" {
   type        = string
   description = "DNS subdomain for website"
 }
+
+variable "api_dns_subdomain" {
+  type        = string
+  description = "DNS subdomain for api"
+}
+
+variable "monitoring_dns_subdomain" {
+  type        = string
+  description = "DNS subdomain for monitoring"
+}