From d27c340d66d80074831969ca520644b6c5165f08 Mon Sep 17 00:00:00 2001 From: Alice Jones <21381891+Pactionly@users.noreply.github.com> Date: Mon, 3 Jul 2023 15:12:49 -0700 Subject: [PATCH] fix: remove deprecated terraform resources (#387) * fix: remove deprecated terraform resources * style: fix tf style --- .github/workflows/apply-prod.yml | 5 +-- .github/workflows/pull-request.yaml | 6 ++-- .github/workflows/release.yml | 3 +- infra/terraform/appservice.tf | 31 ++++++++++++------- infra/terraform/variables.tf | 6 ++++ infra/terraform/vault.tf | 2 +- .../nonprod/gratibot/terragrunt.hcl | 2 +- infra/terragrunt/prod/gratibot/terragrunt.hcl | 2 +- 8 files changed, 37 insertions(+), 20 deletions(-) diff --git a/.github/workflows/apply-prod.yml b/.github/workflows/apply-prod.yml index 8ee708cd..cae84450 100644 --- a/.github/workflows/apply-prod.yml +++ b/.github/workflows/apply-prod.yml @@ -13,6 +13,7 @@ on: env: IMAGE_NAME: ghcr.io/${{ github.repository_owner }}/gratibot + IMAGE_PATH: ${{ github.repository_owner }}/gratibot permissions: id-token: write @@ -64,7 +65,7 @@ jobs: ARM_TENANT_ID: "1b4a4fed-fed8-4823-a8a0-3d5cea83d122" ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_PROD_SUBSCRIPTION_ID }} ARM_USE_OIDC: true - TF_VAR_gratibot_image: "${{ env.IMAGE_NAME }}:${{ needs.build.outputs.docker_tag }}" + TF_VAR_gratibot_image: "${{ env.IMAGE_PATH }}:${{ needs.build.outputs.docker_tag }}" TF_VAR_gratibot_limit: ${{ inputs.gratibot_limit }} apply: name: "Terraform Prod Apply" @@ -89,5 +90,5 @@ jobs: ARM_TENANT_ID: "1b4a4fed-fed8-4823-a8a0-3d5cea83d122" ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_PROD_SUBSCRIPTION_ID }} ARM_USE_OIDC: true - TF_VAR_gratibot_image: "${{ env.IMAGE_NAME }}:${{ needs.build.outputs.docker_tag }}" + TF_VAR_gratibot_image: "${{ env.IMAGE_PATH }}:${{ needs.build.outputs.docker_tag }}" GRATIBOT_LIMIT: ${{ inputs.gratibot_limit }} diff --git a/.github/workflows/pull-request.yaml b/.github/workflows/pull-request.yaml index 4167b583..753c1f42 100644 --- a/.github/workflows/pull-request.yaml +++ b/.github/workflows/pull-request.yaml @@ -6,7 +6,7 @@ on: - "README.md" - "catalog.yaml" env: - IMAGE_NAME: ghcr.io/${{ github.repository_owner }}/gratibot + IMAGE_PATH: ${{ github.repository_owner }}/gratibot permissions: id-token: write @@ -63,7 +63,7 @@ jobs: terragrunt validate --terragrunt-no-auto-init working-directory: infra/terragrunt/nonprod/gratibot/ env: - TF_VAR_gratibot_image: "${{ env.IMAGE_NAME }}:${{ needs.build.outputs.docker_tag }}" + TF_VAR_gratibot_image: "${{ env.IMAGE_PATH }}:${{ needs.build.outputs.docker_tag }}" plan: name: "Terraform Nonprod plan" runs-on: ubuntu-latest @@ -88,7 +88,7 @@ jobs: ARM_TENANT_ID: "1b4a4fed-fed8-4823-a8a0-3d5cea83d122" ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_NONPROD_SUBSCRIPTION_ID }} ARM_USE_OIDC: true - TF_VAR_gratibot_image: "${{ env.IMAGE_NAME }}:${{ needs.build.outputs.docker_tag }}" + TF_VAR_gratibot_image: "${{ env.IMAGE_PATH }}:${{ needs.build.outputs.docker_tag }}" - uses: liatrio/terraform-change-pr-commenter@v1.4.1 with: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 40e37159..0730a2ac 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -17,6 +17,7 @@ on: env: IMAGE_NAME: ghcr.io/${{ github.repository_owner }}/gratibot + IMAGE_PATH: ${{ github.repository_owner }}/gratibot permissions: id-token: write @@ -68,7 +69,7 @@ jobs: ARM_TENANT_ID: "1b4a4fed-fed8-4823-a8a0-3d5cea83d122" ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_NONPROD_SUBSCRIPTION_ID }} ARM_USE_OIDC: true - TF_VAR_gratibot_image: "${{ env.IMAGE_NAME }}:${{ needs.build.outputs.docker_tag }}" + TF_VAR_gratibot_image: "${{ env.IMAGE_PATH }}:${{ needs.build.outputs.docker_tag }}" TF_VAR_gratibot_limit: ${{ inputs.gratibot_limit }} release: name: "Create Release" diff --git a/infra/terraform/appservice.tf b/infra/terraform/appservice.tf index fed0bcb7..169a24a8 100644 --- a/infra/terraform/appservice.tf +++ b/infra/terraform/appservice.tf @@ -1,29 +1,38 @@ -resource "azurerm_app_service_plan" "gratibot_app_service_plan" { +resource "azurerm_service_plan" "gratibot_app_service_plan" { name = "gratibot-${var.environment}-service-plan" location = var.location + os_type = "Linux" resource_group_name = var.resource_group_name - kind = "Linux" - reserved = true - sku { - tier = var.instance_tier - size = var.instance_size - capacity = var.instance_capacity - } + sku_name = var.instance_size + worker_count = var.instance_capacity } -resource "azurerm_app_service" "gratibot_app_service" { +resource "azurerm_linux_web_app" "gratibot_app_service" { name = "gratibot-${var.environment}-service" location = var.location resource_group_name = var.resource_group_name - app_service_plan_id = azurerm_app_service_plan.gratibot_app_service_plan.id + service_plan_id = azurerm_service_plan.gratibot_app_service_plan.id https_only = true client_affinity_enabled = true + logs { + http_logs { + file_system { + retention_in_days = 1 + retention_in_mb = 35 + } + } + } + site_config { always_on = "true" - linux_fx_version = "DOCKER|${var.gratibot_image}" health_check_path = "/health" + use_32_bit_worker = false + application_stack { + docker_image_name = var.gratibot_image + docker_registry_url = var.gratibot_image_registry + } } identity { diff --git a/infra/terraform/variables.tf b/infra/terraform/variables.tf index 0e40f866..8b7b9191 100644 --- a/infra/terraform/variables.tf +++ b/infra/terraform/variables.tf @@ -44,6 +44,12 @@ variable "gratibot_image" { type = string } +variable "gratibot_image_registry" { + description = "Image registry for Gratibot" + type = string + default = "https://ghcr.io" +} + variable "gratibot_recognize_emoji" { description = "Recognition emoji to use for recognitions" type = string diff --git a/infra/terraform/vault.tf b/infra/terraform/vault.tf index 2b0d0a82..4cc3264c 100644 --- a/infra/terraform/vault.tf +++ b/infra/terraform/vault.tf @@ -6,7 +6,7 @@ data "azurerm_key_vault" "gratibot" { resource "azurerm_role_assignment" "gratibot" { scope = data.azurerm_key_vault.gratibot.id role_definition_name = "Key Vault Secrets User" - principal_id = azurerm_app_service.gratibot_app_service.identity.0.principal_id + principal_id = azurerm_linux_web_app.gratibot_app_service.identity.0.principal_id } resource "azurerm_key_vault_secret" "mongo_connection_string" { diff --git a/infra/terragrunt/nonprod/gratibot/terragrunt.hcl b/infra/terragrunt/nonprod/gratibot/terragrunt.hcl index 05f4b602..4d6e9f0c 100644 --- a/infra/terragrunt/nonprod/gratibot/terragrunt.hcl +++ b/infra/terragrunt/nonprod/gratibot/terragrunt.hcl @@ -3,5 +3,5 @@ include { } terraform { - source = "../../../terraform" + source = "../../..//terraform" } diff --git a/infra/terragrunt/prod/gratibot/terragrunt.hcl b/infra/terragrunt/prod/gratibot/terragrunt.hcl index 05f4b602..4d6e9f0c 100644 --- a/infra/terragrunt/prod/gratibot/terragrunt.hcl +++ b/infra/terragrunt/prod/gratibot/terragrunt.hcl @@ -3,5 +3,5 @@ include { } terraform { - source = "../../../terraform" + source = "../../..//terraform" }