Add DNS to each environment (pt. 1) (#70)

benchiverton · Jul 1, 2024 · ea87372 · ea87372
1 parent 5465edf
commit ea87372
Show file tree

Hide file tree

Showing 10 changed files with 55 additions and 18 deletions.
diff --git a/.github/workflows/instance-deploy-prod.yml b/.github/workflows/instance-deploy-prod.yml
@@ -61,6 +61,7 @@ jobs:
           TF_VAR_environment: prod
           TF_VAR_acr_username: ${{ secrets.ACR_USERNAME }}
           TF_VAR_acr_password: ${{ secrets.ACR_TOKEN }}
+          TF_VAR_website_dns_subdomain: www
       - name: Terraform Apply
         id: apply
         run: terraform -chdir=instance apply -auto-approve
@@ -69,6 +70,7 @@ jobs:
           TF_VAR_environment: prod
           TF_VAR_acr_username: ${{ secrets.ACR_USERNAME }}
           TF_VAR_acr_password: ${{ secrets.ACR_TOKEN }}
+          TF_VAR_website_dns_subdomain: www
       - name: Save terraform outputs
         shell: bash
         run: |

diff --git a/.github/workflows/instance-deploy-test.yml b/.github/workflows/instance-deploy-test.yml
@@ -60,6 +60,7 @@ jobs:
           TF_VAR_environment: ${{ github.head_ref }}
           TF_VAR_acr_username: ${{ secrets.ACR_USERNAME }}
           TF_VAR_acr_password: ${{ secrets.ACR_TOKEN }}
+          TF_VAR_website_dns_subdomain: ${{ github.head_ref }}
       - name: Terraform Apply
         id: apply
         run: terraform -chdir=instance apply -auto-approve
@@ -68,6 +69,7 @@ jobs:
           TF_VAR_environment: ${{ github.head_ref }}
           TF_VAR_acr_username: ${{ secrets.ACR_USERNAME }}
           TF_VAR_acr_password: ${{ secrets.ACR_TOKEN }}
+          TF_VAR_website_dns_subdomain: ${{ github.head_ref }}
       - name: Save terraform outputs
         shell: bash
         run: |

diff --git a/.github/workflows/instance-destroy-test.yaml b/.github/workflows/instance-destroy-test.yaml
@@ -30,3 +30,4 @@ jobs:
         env:
           TF_VAR_acr_username: "not-used"
           TF_VAR_acr_password: "not-used"
+          TF_VAR_website_dns_subdomain: "not-used"
diff --git a/.github/workflows/instance-plan-prod.yml b/.github/workflows/instance-plan-prod.yml
@@ -39,6 +39,7 @@ jobs:
           TF_VAR_environment: prod
           TF_VAR_acr_username: ${{ secrets.ACR_USERNAME }}
           TF_VAR_acr_password: ${{ secrets.ACR_TOKEN }}
+          TF_VAR_website_dns_subdomain: www
       - name: Find Comment
         uses: peter-evans/find-comment@v1
         id: fc

diff --git a/terraform/instance/container_apps.tf b/terraform/instance/container_apps.tf
@@ -1,7 +1,6 @@
-resource  "azurerm_container_app_environment" "apps" {
+data  "azurerm_container_app_environment" "apps" {
   name                = "${var.name}-containerapps"
-  resource_group_name = azurerm_resource_group.instance.name
-  location            = azurerm_resource_group.instance.location
+  resource_group_name = "onlinestore-shared-rg"
 }
 
 resource "azurerm_container_app" "api" {

diff --git a/terraform/instance/variables.tf b/terraform/instance/variables.tf
@@ -39,3 +39,8 @@ variable "acr_password" {
   description = "The password to log in to ACR"
   sensitive   = true
 }
+
+variable "website_dns_subdomain" {
+  type        = string
+  description = "DNS subdomain for website"
+}
diff --git a/terraform/shared/.terraform.lock.hcl b/terraform/shared/.terraform.lock.hcl
diff --git a/terraform/shared/container-app-environment.tf b/terraform/shared/container-app-environment.tf
@@ -0,0 +1,5 @@
+resource  "azurerm_container_app_environment" "apps" {
+  name                = "${var.name}-containerapps"
+  resource_group_name = azurerm_resource_group.shared.name
+  location            = azurerm_resource_group.shared.location
+}
diff --git a/terraform/shared/dns.tf b/terraform/shared/dns.tf
@@ -0,0 +1,22 @@
+data "azurerm_dns_zone" "rockpal-co-uk" {
+  name                = "rockpal.co.uk"
+  resource_group_name = "onlinestore-shared-rg"
+}
+
+resource "azurerm_dns_a_record" "apps" {
+  name                = azurerm_container_app_environment.apps.name
+  zone_name           = data.azurerm_dns_zone.rockpal-co-uk.name
+  resource_group_name = data.azurerm_dns_zone.rockpal-co-uk.resource_group_name
+  ttl                 = 300
+  records             = [azurerm_container_app_environment.apps.default_domain]
+}
+
+resource "azurerm_dns_txt_record" "apps" {
+  name                = "asuid.${azurerm_container_app_environment.apps.name}"
+  zone_name           = data.azurerm_dns_zone.rockpal-co-uk.name
+  resource_group_name = data.azurerm_dns_zone.rockpal-co-uk.resource_group_name
+  ttl                 = 300
+  record {
+    value = azurerm_container_app_environment.apps.custom_domain_verification_id
+  }
+}
diff --git a/terraform/shared/main.tf b/terraform/shared/main.tf
@@ -2,7 +2,7 @@ terraform {
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = "=3.42.0"
+      version = "=3.109.0"
     }
   }
   backend "azurerm" {