diff --git a/Makefile b/Makefile index 871913fb..e48d0c83 100644 --- a/Makefile +++ b/Makefile @@ -191,6 +191,8 @@ terraform-init-aks: bin/terrafile [[ "${SP_AUTH}" != "true" ]] && az account set -s $(AZURE_SUBSCRIPTION) || true ./bin/terrafile -p terraform/aks/vendor/modules -f terraform/aks/workspace_variables/$(CONFIG)_Terrafile terraform -chdir=terraform/aks init -backend-config workspace_variables/$(CONFIG).backend.tfvars $(backend_config) -upgrade -reconfigure + $(if $(IMAGE_TAG), , $(eval export IMAGE_TAG=2ad42e8958a4d63ed295a58a0847430705725ba8)) + $(eval export TF_VAR_paas_app_docker_image=ghcr.io/dfe-digital/find-a-lost-trn:$(IMAGE_TAG)) terraform-plan-aks: terraform-init-aks terraform -chdir=terraform/aks plan -var-file workspace_variables/$(CONFIG).tfvars.json diff --git a/terraform/aks/application.tf b/terraform/aks/application.tf index e4c7a68f..20f2d635 100644 --- a/terraform/aks/application.tf +++ b/terraform/aks/application.tf @@ -1,4 +1,43 @@ locals { environment = "${var.app_environment}${var.app_suffix}" service_name = "find-a-lost-trn" + app_secrets = { + DATABASE_URL = var.deploy_postgres ? module.postgres.url : "${data.azurerm_key_vault_secret.db_url[0].value}" + REDIS_URL = var.deploy_redis ? module.redis[0].url : "${data.azurerm_key_vault_secret.redis_url[0].value}" + } +} + +module "web_application" { + source = "./vendor/modules/aks//aks/application" + + is_web = true + + namespace = var.namespace + environment = var.app_environment + service_name = local.service_name + + cluster_configuration_map = module.cluster_data.configuration_map + + kubernetes_config_map_name = module.application_configuration.kubernetes_config_map_name + kubernetes_secret_name = module.application_configuration.kubernetes_secret_name + + docker_image = var.paas_app_docker_image + max_memory = var.memory_max + replicas = var.replicas + web_external_hostnames = var.gov_uk_host_names + web_port = 3000 + probe_path = "/health" +} + +module "application_configuration" { + source = "./vendor/modules/aks//aks/application_configuration" + + namespace = var.namespace + environment = var.app_environment + azure_resource_prefix = var.azure_resource_prefix + service_short = var.service_short + config_short = var.config_short + config_variables = { AKS_ENV_NAME = var.file_environment, EnableMetrics = false } + secret_variables = local.app_secrets + secret_key_vault_short = "app" } diff --git a/terraform/aks/databases.tf b/terraform/aks/databases.tf index 5c43a7ad..2ccb0243 100644 --- a/terraform/aks/databases.tf +++ b/terraform/aks/databases.tf @@ -1,34 +1,36 @@ module "postgres" { - source = "./vendor/modules/aks//aks/postgres" + source = "./vendor/modules/aks//aks/postgres" - namespace = var.namespace - environment = local.environment - azure_resource_prefix = var.azure_resource_prefix - service_name = local.service_name - service_short = var.service_short - config_short = var.config_short + namespace = var.namespace + environment = local.environment + azure_resource_prefix = var.azure_resource_prefix + service_name = local.service_name + service_short = var.service_short + config_short = var.config_short cluster_configuration_map = module.cluster_data.configuration_map - use_azure = var.deploy_azure_backing_services - azure_enable_monitoring = var.enable_monitoring - azure_extensions = ["plpgsql"] + use_azure = var.deploy_azure_backing_services + azure_enable_monitoring = var.enable_monitoring + azure_extensions = ["plpgsql"] server_version = "14" } module "redis" { - source = "./vendor/modules/aks//aks/redis" + count = var.deploy_redis ? 1 : 0 + source = "./vendor/modules/aks//aks/redis" - namespace = var.namespace - environment = local.environment - azure_resource_prefix = var.azure_resource_prefix - service_name = local.service_name - service_short = var.service_short - config_short = var.config_short + namespace = var.namespace + environment = local.environment + azure_resource_prefix = var.azure_resource_prefix + service_name = local.service_name + service_short = var.service_short + config_short = var.config_short cluster_configuration_map = module.cluster_data.configuration_map - use_azure = var.deploy_azure_backing_services - azure_enable_monitoring = var.enable_monitoring + use_azure = var.deploy_azure_backing_services + azure_enable_monitoring = var.enable_monitoring + azure_patch_schedule = [{ "day_of_week" : "Sunday", "start_hour_utc" : 01 }] } diff --git a/terraform/aks/variables.tf b/terraform/aks/variables.tf index 720f6c35..fd684ce4 100644 --- a/terraform/aks/variables.tf +++ b/terraform/aks/variables.tf @@ -1,10 +1,17 @@ variable "app_environment" { type = string + description = "Environment name in full e.g development" +} + +variable "file_environment" { + type = string + description = "AKS environment name e.g dev" } variable "app_suffix" { type = string default = "" + description = "App suffix" } variable "azure_resource_prefix" { @@ -48,3 +55,54 @@ variable "service_short" { type = string description = "Short name to identify the service. Up to 6 charcters." } + +variable "replicas" { + default = 1 + type = number +} + +variable "memory_max" { + default = "1Gi" + type = string + description = "Max memory size" +} + +variable "gov_uk_host_names" { + default = [] + type = list(any) +} + +# PaaS variables +variable "paas_app_docker_image" { + description = "PaaS image name and version " +} + +variable "deploy_redis" { + default = true + description = "whether Deploy redis or not" +} + +variable "deploy_postgres" { + default = true + description = "whether Deploy postgres or not" +} + +variable "key_vault_name" { + default = null + description = "the name of the key vault to get postgres and redis" +} + +variable "key_vault_resource_group" { + default = null + description = "the name of the key vault resorce group" +} + +variable "review_url_db_name" { + default = null + description = "the name of the secret storing review db url" +} + +variable "review_url_redis_name" { + default = null + description = "the name of the secret storing review redis url" +} diff --git a/terraform/aks/workspace_variables/development_aks.tfvars.json b/terraform/aks/workspace_variables/development_aks.tfvars.json index d834d657..ebe622e1 100644 --- a/terraform/aks/workspace_variables/development_aks.tfvars.json +++ b/terraform/aks/workspace_variables/development_aks.tfvars.json @@ -1,6 +1,7 @@ { "app_environment": "development", "cluster": "test", + "file_environment": "dev", "enable_monitoring": false, "namespace": "tra-development", "azure_resource_prefix": "s189t01",