use new config module in vulnerability-scan in dev+playground

terraform/subscriptions/modules/config/main.tf

@@ -0,0 +1,32 @@
+variable "configfile" {
+  type = string
+  default = "../config.yaml"
+}
+
+locals {
+  config = yamldecode(file(var.configfile))
+}
+
+output "environment" {
+  value = local.config.environment
+}
+
+output "location" {
+  value = local.config.location
+}
+
+output "common_resource_group" {
+  value = "common-${local.config.environment}"
+}
+output "cluster_resource_group" {
+  value = "clusters-${local.config.environment}"
+}
+output "vnet_resource_group" {
+  value = "cluster-vnet-hub-${local.config.environment}"
+}
+output "key_vault_name" {
+  value = "radix-kv-${local.config.environment}"
+}
+output "backend" {
+  value = local.config.backend
+}

terraform/subscriptions/s941/dev/common/variables.tf

@@ -21,8 +21,6 @@ variable "resource_groups_ver1" {
       role_definition_name = "Log Analytics Contributor"
       policyassignment     = true
       policy_name          = "Radix-Enforce-Diagnostics-AKS-Clusters"
-
-
     }
   }
 

terraform/subscriptions/s941/dev/config.yaml

@@ -0,0 +1,9 @@
+environment: "dev"
+location: "northeurope"
+backend:
+  resource_group_name:   "s941-tfstate"
+  storage_account_name:  "s941radixinfra"
+  container_name:        "infrastructure"
+  subscription_id:       "16ede44b-1f74-40a5-b428-46cca9a5741b"
+  tenant_id:             "3aa4a235-b6e2-48d5-9195-7fcf05b459b0"
+

terraform/subscriptions/s941/dev/vulnerability-scanner/main.tf

@@ -1,25 +1,35 @@
 module "resourcegroup" {
   source = "../../../modules/resourcegroups"
-  name     = "${var.resourse_group_name}-${local.external_outputs.common.data.enviroment}"
-  location = local.external_outputs.common.data.location
+  name     = "${var.resourse_group_name}-${module.config.environment}"
+  location = module.config.location
+}
+
+module "config" {
+  source = "../../../modules/config"
+}
+
+# TODO: Migrate keys to radix-kv-dev when ready
+data "azurerm_key_vault" "keyvault" {
+  name = "radix-vault-dev" # module.config.key_vault_name
+  resource_group_name = "common" # module.config.common_resource_group
 }
 
 data "azurerm_key_vault_secret" "keyvault_secrets" {
   name         = var.keyvault_dbadmin_secret_name
-  key_vault_id = local.external_outputs.keyvault.vault_id
+  key_vault_id = data.azurerm_key_vault.keyvault.id
 }
 
 # MS SQL Server
 module "mssql-database" {
   source                        = "../../../modules/mssqldatabase"
-  env                           = local.external_outputs.common.data.enviroment
+  env                           = module.config.environment
   database_name                 = "radix-vulnerability-scan"
-  server_name                   = "sql-radix-vulnerability-scan-${local.external_outputs.common.data.enviroment}"
+  server_name                   = "sql-radix-vulnerability-scan-${module.config.environment}"
   admin_adgroup                 = var.admin-adgroup
   administrator_login           = "radix"
   administrator_password        = data.azurerm_key_vault_secret.keyvault_secrets.value
   rg_name                       = module.resourcegroup.data.name
-  location                      = local.external_outputs.common.data.location
+  location                      = module.config.location
   public_network_access_enabled = true
   zone_redundant                = false
 

terraform/subscriptions/s941/playground/config.yaml

@@ -0,0 +1,9 @@
+environment: "playground"
+location: "northeurope"
+backend:
+  resource_group_name:   "s941-tfstate"
+  storage_account_name:  "s941radixinfra"
+  container_name:        "infrastructure"
+  subscription_id:       "16ede44b-1f74-40a5-b428-46cca9a5741b"
+  tenant_id:             "3aa4a235-b6e2-48d5-9195-7fcf05b459b0"
+

terraform/subscriptions/s941/playground/vulnerability-scanner/main.tf

@@ -1,28 +1,33 @@
+
+module "config" {
+  source = "../../../modules/config"
+}
 module "resourcegroup" {
   source = "../../../modules/resourcegroups"
-  name     = "${var.resourse_group_name}-${local.external_outputs.common.data.enviroment}"
-  location = local.external_outputs.common.data.location
+  name     = "vulnerability-scan-${module.config.environment}"
+  location = module.config.location
 }
+
 data "azurerm_key_vault" "keyvault" {
-  name = "radix-vault-dev"
-  resource_group_name = "common"
+  name = module.config.key_vault_name
+  resource_group_name = module.config.common_resource_group
 }
 data "azurerm_key_vault_secret" "keyvault_secrets" {
   name         = var.keyvault_dbadmin_secret_name
-  key_vault_id = data.azurerm_key_vault.keyvault.id # local.external_outputs.keyvault.vault_id
+  key_vault_id = data.azurerm_key_vault.keyvault.id
 }
 
 # MS SQL Server
 module "mssql-database" {
   source                        = "../../../modules/mssqldatabase"
-  env                           = local.external_outputs.common.data.enviroment
+  env                           = module.config.environment
   database_name                 = "radix-vulnerability-scan"
-  server_name                   = "sql-radix-vulnerability-scan-${local.external_outputs.common.data.enviroment}"
+  server_name                   = "sql-radix-vulnerability-scan-${module.config.environment}"
   admin_adgroup                 = var.admin-adgroup
   administrator_login           = "radix"
   administrator_password        = data.azurerm_key_vault_secret.keyvault_secrets.value
   rg_name                       = module.resourcegroup.data.name
-  location                      = local.external_outputs.common.data.location
+  location                      = module.config.location
   public_network_access_enabled = false
   zone_redundant                = false
 

terraform/subscriptions/s941/playground/vulnerability-scanner/variables.tf

@@ -3,11 +3,6 @@ variable "admin-adgroup" {
   default = "Radix SQL server admin - playground"
 }
 
-variable "resourse_group_name" {
-  type    = string
-  default = "vulnerability-scan"
-}
-
 variable "keyvault_dbadmin_secret_name" {
   type    = string
   default = "radix-vulnerability-scan-db-admin"