add sql server (#174)

* add sql server Signed-off-by: Jorge Turrado <[email protected]> * add sql server Signed-off-by: Jorge Turrado <[email protected]> * add sql server Signed-off-by: Jorge Turrado <[email protected]> * add sql server Signed-off-by: Jorge Turrado <[email protected]> * add sql server Signed-off-by: Jorge Turrado <[email protected]> * add sql server Signed-off-by: Jorge Turrado <[email protected]> * add sql server Signed-off-by: Jorge Turrado <[email protected]> * add sql server Signed-off-by: Jorge Turrado <[email protected]> * add sql server Signed-off-by: Jorge Turrado <[email protected]> * add sql server Signed-off-by: Jorge Turrado <[email protected]> * add sql server Signed-off-by: Jorge Turrado <[email protected]> * add sql server Signed-off-by: Jorge Turrado <[email protected]> --------- Signed-off-by: Jorge Turrado <[email protected]>
kedacore · Jan 24, 2025 · 9c4589a · 9c4589a
1 parent e56844b
commit 9c4589a
Show file tree

Hide file tree

Showing 7 changed files with 194 additions and 3 deletions.
diff --git a/terraform/main.tf b/terraform/main.tf
@@ -305,6 +305,22 @@ module "azurerm_postgres_flexible_server" {
   tags = local.tags
 }
 
+module "azurerm_sql_server" {
+  source              = "./modules/azure/sql-server"
+  resource_group_name = var.azure_resource_group_name
+  unique_project_name = var.unique_project_name
+  location            = "northeurope"
+
+  sql_sku_name   = "Basic"
+  sql_storage_gb = 1
+
+  sql_database_name = "test_db"
+
+  user_managed_identity_sql_ad_admin = module.azuread_applications.identity_1
+
+  tags = local.tags
+}
+
 // ====== GITHUB SECRETS ======
 
 module "github_secrets" {
@@ -409,6 +425,22 @@ module "github_secrets" {
       name  = "TF_AZURE_POSTGRES_DB_NAME"
       value = module.azurerm_postgres_flexible_server.postgres_database_name
     },
+    {
+      name  = "TF_AZURE_SQL_SERVER_FQDN"
+      value = module.azurerm_sql_server.sql_server_fqdn
+    },
+    {
+      name  = "TF_AZURE_SQL_SERVER_ADMIN_USERNAME"
+      value = module.azurerm_sql_server.admin_username
+    },
+    {
+      name  = "TF_AZURE_SQL_SERVER_ADMIN_PASSWORD"
+      value = module.azurerm_sql_server.admin_password
+    },
+    {
+      name  = "TF_AZURE_SQL_SERVER_DB_NAME"
+      value = module.azurerm_sql_server.sql_database_name
+    },
     {
       name  = "TF_AZURE_KEYVAULT_URI"
       value = module.azure_key_vault.vault_uri

diff --git a/terraform/modules/azure/app-registration/main.tf b/terraform/modules/azure/app-registration/main.tf
@@ -53,8 +53,8 @@ resource "azuread_application" "oauth2_api" {
 }
 
 resource "azuread_service_principal" "oauth2_api" {
-  application_id = azuread_application.oauth2_api.application_id
-  use_existing   = true
+  client_id    = azuread_application.oauth2_api.client_id
+  use_existing = true
 }
 
 locals {

diff --git a/terraform/modules/azure/data-explorer/main.tf b/terraform/modules/azure/data-explorer/main.tf
@@ -19,7 +19,6 @@ resource "azurerm_kusto_cluster" "cluster" {
   location            = var.location
   resource_group_name = data.azurerm_resource_group.rg.name
   auto_stop_enabled   = false
-  engine              = "V3"
 
   sku {
     name     = "Dev(No SLA)_Standard_E2a_v4"

diff --git a/terraform/modules/azure/sql-server/main.tf b/terraform/modules/azure/sql-server/main.tf
@@ -0,0 +1,86 @@
+terraform {
+  required_providers {
+    mssql = {
+      source = "betr-io/mssql"
+    }
+  }
+}
+
+provider "azurerm" {
+  features {}
+  skip_provider_registration = true
+}
+
+locals {
+  sql_server_name         = "${var.unique_project_name}-e2e-sql-server"
+  sql_server_network_name = "${var.unique_project_name}-e2e-sql-server-net"
+  sql_server_subnet_name  = "${var.unique_project_name}-e2e-sql-server-subnet"
+}
+
+data "azurerm_client_config" "current" {}
+
+data "azurerm_resource_group" "rg" {
+  name = var.resource_group_name
+}
+
+resource "random_password" "admin_password" {
+  length      = 32
+  special     = false
+  min_lower   = 1
+  min_numeric = 1
+  min_upper   = 1
+}
+
+resource "random_string" "admin_username" {
+  length    = 8
+  special   = false
+  numeric   = false
+  min_lower = 1
+  min_upper = 1
+}
+
+resource "azurerm_mssql_server" "server" {
+  name                = local.sql_server_name
+  resource_group_name = data.azurerm_resource_group.rg.name
+  location            = var.location
+  version             = var.sql_version
+  minimum_tls_version = "1.2"
+
+  administrator_login          = random_string.admin_username.result
+  administrator_login_password = random_password.admin_password.result
+
+  azuread_administrator {
+    login_username = "AzureAD Admin"
+    object_id      = data.azurerm_client_config.current.object_id
+  }
+
+  tags = var.tags
+}
+
+resource "azurerm_mssql_database" "database" {
+  name        = var.sql_database_name
+  server_id   = azurerm_mssql_server.server.id
+  max_size_gb = var.sql_storage_gb
+  sku_name    = var.sql_sku_name
+  tags        = var.tags
+}
+
+provider "mssql" {
+  debug = "true"
+}
+
+resource "mssql_user" "external_users" {
+  server {
+    host = azurerm_mssql_server.server.fully_qualified_domain_name
+    login {
+      username = random_string.admin_username.result
+      password = random_password.admin_password.result
+    }
+  }
+
+  database  = azurerm_mssql_database.database.name
+  username  = "msi-admin-${azurerm_mssql_database.database.name}"
+  object_id = var.user_managed_identity_sql_ad_admin.client_id
+
+  roles = ["db_owner"]
+}
diff --git a/terraform/modules/azure/sql-server/outputs.tf b/terraform/modules/azure/sql-server/outputs.tf
@@ -0,0 +1,16 @@
+output "sql_server_fqdn" {
+  value = azurerm_mssql_server.server.fully_qualified_domain_name
+}
+
+output "sql_database_name" {
+  value = var.sql_database_name
+}
+
+output "admin_username" {
+  value = random_string.admin_username.result
+}
+
+output "admin_password" {
+  value = random_password.admin_password.result
+}
+
diff --git a/terraform/modules/azure/sql-server/vars.tf b/terraform/modules/azure/sql-server/vars.tf
@@ -0,0 +1,54 @@
+variable "resource_group_name" {
+  type        = string
+  description = "Resource group name where event hub will be placed"
+}
+
+variable "location" {
+  type        = string
+  description = "Location to place the resource"
+  default     = "westeurope"
+}
+
+variable "unique_project_name" {
+  type        = string
+  description = "Value to make unique every resource name generated"
+}
+
+variable "tags" {
+  type        = map(any)
+  description = "Tags to apply on resources accepting it"
+}
+
+variable "sql_version" {
+  type        = string
+  description = "Sql version to use"
+  default     = "12.0"
+}
+
+variable "sql_sku_name" {
+  type        = string
+  description = "The SKU Name"
+  default     = "BC_Gen4"
+}
+
+variable "sql_storage_gb" {
+  type        = number
+  description = "The max storage allowed"
+  default     = 5
+}
+
+variable "sql_vcores" {
+  type        = number
+  description = "The vcores allowed"
+  default     = 1
+}
+variable "sql_database_name" {
+  type        = string
+  description = "Database name to create inside the server"
+  default     = "test_db"
+}
+
+variable "user_managed_identity_sql_ad_admin" {
+  type        = any
+  description = "User managed identitiy that will be granted admin access on the SQL server"
+}
diff --git a/terraform/terraform.tf b/terraform/terraform.tf
@@ -34,6 +34,10 @@ terraform {
       source  = "alekc/kubectl"
       version = "2.1.2"
     }
+    mssql = {
+      source  = "betr-io/mssql"
+      version = "0.3.1"
+    }
   }
 }