From ea87372ee8bf8232aaf30e1667ee51efec1d50c7 Mon Sep 17 00:00:00 2001 From: Benjamin Chiverton Date: Mon, 1 Jul 2024 10:18:20 +0100 Subject: [PATCH] Add DNS to each environment (pt. 1) (#70) --- .github/workflows/instance-deploy-prod.yml | 2 ++ .github/workflows/instance-deploy-test.yml | 2 ++ .github/workflows/instance-destroy-test.yaml | 1 + .github/workflows/instance-plan-prod.yml | 1 + terraform/instance/container_apps.tf | 5 ++-- terraform/instance/variables.tf | 5 ++++ terraform/shared/.terraform.lock.hcl | 28 +++++++++---------- terraform/shared/container-app-environment.tf | 5 ++++ terraform/shared/dns.tf | 22 +++++++++++++++ terraform/shared/main.tf | 2 +- 10 files changed, 55 insertions(+), 18 deletions(-) create mode 100644 terraform/shared/container-app-environment.tf create mode 100644 terraform/shared/dns.tf diff --git a/.github/workflows/instance-deploy-prod.yml b/.github/workflows/instance-deploy-prod.yml index 94a6cd4d..05d311ab 100644 --- a/.github/workflows/instance-deploy-prod.yml +++ b/.github/workflows/instance-deploy-prod.yml @@ -61,6 +61,7 @@ jobs: TF_VAR_environment: prod TF_VAR_acr_username: ${{ secrets.ACR_USERNAME }} TF_VAR_acr_password: ${{ secrets.ACR_TOKEN }} + TF_VAR_website_dns_subdomain: www - name: Terraform Apply id: apply run: terraform -chdir=instance apply -auto-approve @@ -69,6 +70,7 @@ jobs: TF_VAR_environment: prod TF_VAR_acr_username: ${{ secrets.ACR_USERNAME }} TF_VAR_acr_password: ${{ secrets.ACR_TOKEN }} + TF_VAR_website_dns_subdomain: www - name: Save terraform outputs shell: bash run: | diff --git a/.github/workflows/instance-deploy-test.yml b/.github/workflows/instance-deploy-test.yml index 7977c4ed..a8010af6 100644 --- a/.github/workflows/instance-deploy-test.yml +++ b/.github/workflows/instance-deploy-test.yml @@ -60,6 +60,7 @@ jobs: TF_VAR_environment: ${{ github.head_ref }} TF_VAR_acr_username: ${{ secrets.ACR_USERNAME }} TF_VAR_acr_password: ${{ secrets.ACR_TOKEN }} + TF_VAR_website_dns_subdomain: ${{ github.head_ref }} - name: Terraform Apply id: apply run: terraform -chdir=instance apply -auto-approve @@ -68,6 +69,7 @@ jobs: TF_VAR_environment: ${{ github.head_ref }} TF_VAR_acr_username: ${{ secrets.ACR_USERNAME }} TF_VAR_acr_password: ${{ secrets.ACR_TOKEN }} + TF_VAR_website_dns_subdomain: ${{ github.head_ref }} - name: Save terraform outputs shell: bash run: | diff --git a/.github/workflows/instance-destroy-test.yaml b/.github/workflows/instance-destroy-test.yaml index 01ca81d8..6c660d05 100644 --- a/.github/workflows/instance-destroy-test.yaml +++ b/.github/workflows/instance-destroy-test.yaml @@ -30,3 +30,4 @@ jobs: env: TF_VAR_acr_username: "not-used" TF_VAR_acr_password: "not-used" + TF_VAR_website_dns_subdomain: "not-used" diff --git a/.github/workflows/instance-plan-prod.yml b/.github/workflows/instance-plan-prod.yml index 7e66d09c..d8c03eae 100644 --- a/.github/workflows/instance-plan-prod.yml +++ b/.github/workflows/instance-plan-prod.yml @@ -39,6 +39,7 @@ jobs: TF_VAR_environment: prod TF_VAR_acr_username: ${{ secrets.ACR_USERNAME }} TF_VAR_acr_password: ${{ secrets.ACR_TOKEN }} + TF_VAR_website_dns_subdomain: www - name: Find Comment uses: peter-evans/find-comment@v1 id: fc diff --git a/terraform/instance/container_apps.tf b/terraform/instance/container_apps.tf index abe1b185..da5fb4c6 100644 --- a/terraform/instance/container_apps.tf +++ b/terraform/instance/container_apps.tf @@ -1,7 +1,6 @@ -resource "azurerm_container_app_environment" "apps" { +data "azurerm_container_app_environment" "apps" { name = "${var.name}-containerapps" - resource_group_name = azurerm_resource_group.instance.name - location = azurerm_resource_group.instance.location + resource_group_name = "onlinestore-shared-rg" } resource "azurerm_container_app" "api" { diff --git a/terraform/instance/variables.tf b/terraform/instance/variables.tf index 9957eeba..580ceb23 100644 --- a/terraform/instance/variables.tf +++ b/terraform/instance/variables.tf @@ -39,3 +39,8 @@ variable "acr_password" { description = "The password to log in to ACR" sensitive = true } + +variable "website_dns_subdomain" { + type = string + description = "DNS subdomain for website" +} diff --git a/terraform/shared/.terraform.lock.hcl b/terraform/shared/.terraform.lock.hcl index 6fba039b..ba46f512 100644 --- a/terraform/shared/.terraform.lock.hcl +++ b/terraform/shared/.terraform.lock.hcl @@ -2,21 +2,21 @@ # Manual edits may be lost in future updates. provider "registry.terraform.io/hashicorp/azurerm" { - version = "3.42.0" - constraints = "3.42.0" + version = "3.109.0" + constraints = "3.109.0" hashes = [ - "h1:HY0I9i8l11AhaAeKM/TDXneNAb4RIqrG4YPIC71fq30=", - "zh:15b1fb70cbcb43ea0f15985643c71ca167bca170448d3bfe9936f87ef6c9adca", - "zh:26a8b81031b7cb53625f6ac751ba93affbd87b7fc09d69b57f5d9264a8be9ec7", - "zh:3dbf6f6d4de8cf9333de371f7a2f7e9424b445ee5028eba6801fb370ae40de1f", - "zh:7344037970ce197004ba43cfa9b9008a9145f65ace4999e8b2634e347cab63da", - "zh:76715723eb6c0849f8b7b4ff7410a795bc718ef562e15abe6adc7929bc3ce166", - "zh:a4d22e8005932be9a4f1a8182f07bba78597141b0ba84bb3cdd8ba2235d95d32", - "zh:a5af12badf44d005b80bd78183b1d4826b553f41f37beb7a6640b931902a1dd8", - "zh:bd4a1b1bc040a40bafae4c61098dc71c5ca434b0fa48c53c4936e13be21d3a56", - "zh:ccc2a2ee68d1e20a731de145cea16d0c5887c9976d472c66ad1d7ecf1b16fa91", - "zh:edc0abb51f8815dccae847caa3a8f82ac02e6eef3e64960e98a5a657e34df9eb", - "zh:f3187788996d113ce9f926c7933cef2725b9a90399a5ce581760af34b477e930", + "h1:Fk7L51TM48PIqPlmSjja7iiEL0w5mmfOimWfMsthhLU=", + "zh:4324c3df26709c7e669b751259cc5e62c4694ab44370dfcdfe197dcd9261c365", + "zh:4e3e83649240cea7105cd2802d0ae64b143fb543c2f559173feae5a108bc4287", + "zh:74ebf6be1277e9bd357b011026b80fc5ec1c26b70ec7ddd5fcae5e977f9a66ef", + "zh:82cfd3c92035f834a05f4b91d813a059a29ff4157792e36a0b3a224cba8737ae", + "zh:93f05c8ae3555c885c84b82781b2e90774671c321138b7f3c38ecd498009e1d8", + "zh:9b445a9a1544b4b38db10fadbd9ffd5efdded0def54feb9ca593e1bec6fbec5f", + "zh:b21ccd2c1bc691cf2f9876482b6e226d8a37a48de951b168a10f96ba929ebefd", + "zh:b7b7e458eb3c22669e1d36e9ef1886272c10f310501001abce8ae76383014fa5", + "zh:bd3c0cf7caab0a989227934bc60a8ac27131efcf84dd77cb6e32e68374170aee", + "zh:f4b9ccbb28eadf3825f6d7d38a3519379de222f136235a2f21a96c0221d65fb8", "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c", + "zh:f8ef0b4a970ff5edeadfdeed77f9d0682befdca5df4e9b6d9dcfdf9903305b26", ] } diff --git a/terraform/shared/container-app-environment.tf b/terraform/shared/container-app-environment.tf new file mode 100644 index 00000000..fc27ca1d --- /dev/null +++ b/terraform/shared/container-app-environment.tf @@ -0,0 +1,5 @@ +resource "azurerm_container_app_environment" "apps" { + name = "${var.name}-containerapps" + resource_group_name = azurerm_resource_group.shared.name + location = azurerm_resource_group.shared.location +} diff --git a/terraform/shared/dns.tf b/terraform/shared/dns.tf new file mode 100644 index 00000000..0da59214 --- /dev/null +++ b/terraform/shared/dns.tf @@ -0,0 +1,22 @@ +data "azurerm_dns_zone" "rockpal-co-uk" { + name = "rockpal.co.uk" + resource_group_name = "onlinestore-shared-rg" +} + +resource "azurerm_dns_a_record" "apps" { + name = azurerm_container_app_environment.apps.name + zone_name = data.azurerm_dns_zone.rockpal-co-uk.name + resource_group_name = data.azurerm_dns_zone.rockpal-co-uk.resource_group_name + ttl = 300 + records = [azurerm_container_app_environment.apps.default_domain] +} + +resource "azurerm_dns_txt_record" "apps" { + name = "asuid.${azurerm_container_app_environment.apps.name}" + zone_name = data.azurerm_dns_zone.rockpal-co-uk.name + resource_group_name = data.azurerm_dns_zone.rockpal-co-uk.resource_group_name + ttl = 300 + record { + value = azurerm_container_app_environment.apps.custom_domain_verification_id + } +} diff --git a/terraform/shared/main.tf b/terraform/shared/main.tf index 15fca2f1..0f969c08 100644 --- a/terraform/shared/main.tf +++ b/terraform/shared/main.tf @@ -2,7 +2,7 @@ terraform { required_providers { azurerm = { source = "hashicorp/azurerm" - version = "=3.42.0" + version = "=3.109.0" } } backend "azurerm" {