From 5fd8619c047aab7fb9f9deb43bdd8a3b576f8571 Mon Sep 17 00:00:00 2001 From: Jo Date: Fri, 31 May 2024 13:22:25 -0400 Subject: [PATCH 1/2] production iac now matches the running environment --- tofu/README.md | 1 + .../prod/data-store/database/terragrunt.hcl | 1 + .../services/backend-infra/terragrunt.hcl | 1 + .../services/frontend-infra/terragrunt.hcl | 1 + .../data-store/cache/.terraform.lock.hcl | 19 ---- .../data-store/cache/terragrunt.hcl | 51 ----------- .../data-store/database/.terraform.lock.hcl | 38 -------- .../data-store/database/terragrunt.hcl | 62 ------------- tofu/environments/production/environment.hcl | 10 --- .../production/environment_vars.yaml | 4 - .../network/vpc/.terraform.lock.hcl | 20 ----- .../production/network/vpc/terragrunt.hcl | 31 ------- .../backend-infra/.terraform.lock.hcl | 20 ----- .../services/backend-infra/terragrunt.hcl | 52 ----------- .../services/backend-service/terragrunt.hcl | 90 ------------------- .../services/frontend/.terraform.lock.hcl | 19 ---- .../services/frontend/terragrunt.hcl | 48 ---------- .../terraform/tfbackend/.terraform.lock.hcl | 19 ---- .../terraform/tfbackend/terragrunt.hcl | 28 ------ .../stage/data-store/database/terragrunt.hcl | 1 - .../services/backend-infra/terragrunt.hcl | 1 + .../services/frontend-infra/terragrunt.hcl | 1 + tofu/modules/data-store/database/main.tf | 4 +- tofu/modules/data-store/database/variables.tf | 6 -- tofu/modules/network/vpc/main.tf | 2 +- tofu/modules/services/backend-infra/main.tf | 2 +- .../services/backend-infra/variables.tf | 5 ++ tofu/modules/services/frontend-infra/main.tf | 2 +- .../services/frontend-infra/variables.tf | 5 ++ 29 files changed, 21 insertions(+), 523 deletions(-) delete mode 100644 tofu/environments/production/data-store/cache/.terraform.lock.hcl delete mode 100644 tofu/environments/production/data-store/cache/terragrunt.hcl delete mode 100644 tofu/environments/production/data-store/database/.terraform.lock.hcl delete mode 100644 tofu/environments/production/data-store/database/terragrunt.hcl delete mode 100644 tofu/environments/production/environment.hcl delete mode 100644 tofu/environments/production/environment_vars.yaml delete mode 100644 tofu/environments/production/network/vpc/.terraform.lock.hcl delete mode 100644 tofu/environments/production/network/vpc/terragrunt.hcl delete mode 100644 tofu/environments/production/services/backend-infra/.terraform.lock.hcl delete mode 100644 tofu/environments/production/services/backend-infra/terragrunt.hcl delete mode 100644 tofu/environments/production/services/backend-service/terragrunt.hcl delete mode 100644 tofu/environments/production/services/frontend/.terraform.lock.hcl delete mode 100644 tofu/environments/production/services/frontend/terragrunt.hcl delete mode 100644 tofu/environments/production/terraform/tfbackend/.terraform.lock.hcl delete mode 100644 tofu/environments/production/terraform/tfbackend/terragrunt.hcl diff --git a/tofu/README.md b/tofu/README.md index 84213c7c9..daec395fe 100644 --- a/tofu/README.md +++ b/tofu/README.md @@ -99,6 +99,7 @@ These should be deployed in the following order and generally will only be updat - TF_VAR_name_prefix - TF_VAR_environment - TF_VAR_region + - TF_VAR_frontend_url 1. `cd tofu/environments//services/backend-infra` 2. `terragrunt init` diff --git a/tofu/environments/prod/data-store/database/terragrunt.hcl b/tofu/environments/prod/data-store/database/terragrunt.hcl index 77a7ac842..2df3ad05e 100644 --- a/tofu/environments/prod/data-store/database/terragrunt.hcl +++ b/tofu/environments/prod/data-store/database/terragrunt.hcl @@ -56,6 +56,7 @@ inputs = { region = local.region vpc = dependency.vpc.outputs.vpc_id subnet_group = dependency.vpc.outputs.database_subnet_group + database_subnets = dependency.vpc.outputs.database_subnets elasticache_security_group = dependency.cache.outputs.security_group_id backend_security_group = dependency.backend.outputs.security_group_id tags = local.tags diff --git a/tofu/environments/prod/services/backend-infra/terragrunt.hcl b/tofu/environments/prod/services/backend-infra/terragrunt.hcl index 4b1289993..583c2912e 100644 --- a/tofu/environments/prod/services/backend-infra/terragrunt.hcl +++ b/tofu/environments/prod/services/backend-infra/terragrunt.hcl @@ -48,5 +48,6 @@ inputs = { logs_endpoint_security_group = dependency.vpc.outputs.logs_endpoint_security_group database_subnet_cidrs = dependency.vpc.outputs.database_subnet_cidrs ssl_cert = "arn:aws:acm:us-east-1:768512802988:certificate/4a53e27b-0cd3-4855-a13f-5bac50015e43" + frontend_url = get_env("TF_VAR_frontend_url") tags = local.tags } \ No newline at end of file diff --git a/tofu/environments/prod/services/frontend-infra/terragrunt.hcl b/tofu/environments/prod/services/frontend-infra/terragrunt.hcl index ed8608d7b..f8fd9d9af 100644 --- a/tofu/environments/prod/services/frontend-infra/terragrunt.hcl +++ b/tofu/environments/prod/services/frontend-infra/terragrunt.hcl @@ -45,4 +45,5 @@ inputs = { backend_id = dependency.backend.outputs.alb_id backend_dns_name = dependency.backend.outputs.dns_name x_allow_secret = dependency.backend.outputs.x_allow_secret + frontend_url = get_env("TF_VAR_frontend_url") } \ No newline at end of file diff --git a/tofu/environments/production/data-store/cache/.terraform.lock.hcl b/tofu/environments/production/data-store/cache/.terraform.lock.hcl deleted file mode 100644 index b88b3b5eb..000000000 --- a/tofu/environments/production/data-store/cache/.terraform.lock.hcl +++ /dev/null @@ -1,19 +0,0 @@ -# This file is maintained automatically by "tofu init". -# Manual edits may be lost in future updates. - -provider "registry.opentofu.org/hashicorp/aws" { - version = "5.41.0" - hashes = [ - "h1:Fx+3haIzgp5zo3zVxJDMpTUQcZ8z0g8eQLFud0hA0xc=", - "zh:28fda8bbfe6bdba53aa8a7ce1005e7d686bce1d604c6e0b58e32735162afc667", - "zh:3961d01ce92bc6fcb1cc0e267d6fc4270adf010d93e7890460c566b2f5761670", - "zh:85cf587abfdf6f306dc593232abb91cf5090296decaf6e84669dd92662f2f856", - "zh:9f9d2e81f493c0daba943211c8146100d4a90f7f09fd831f4e8dde2c5f8ab34a", - "zh:c7444bd54437f4e044dbe71353a5fc54fae5b96673c80ec42f3823e8890c5cd3", - "zh:d041d2a83a80a2be85297cff467ef3c0ae2887789f88197bda190e6d2b64399e", - "zh:db02a4756318595de2d72cad69c25bd29b61940ad3c91ddf06c32437170f9d56", - "zh:dd90187b8382e28347ca08f4642a405edbb50c27c94405367f55f8fafd6b42ad", - "zh:e8c47d26c221d6975d9905b4ffd4dc713fbafb60db2e740b974da7ff5b500a86", - "zh:f222038c55866e5121d24290824f56c76afff2562bdd47624e42a44d1c7c2002", - ] -} diff --git a/tofu/environments/production/data-store/cache/terragrunt.hcl b/tofu/environments/production/data-store/cache/terragrunt.hcl deleted file mode 100644 index 9b6781d48..000000000 --- a/tofu/environments/production/data-store/cache/terragrunt.hcl +++ /dev/null @@ -1,51 +0,0 @@ -include "root" { - path = find_in_parent_folders() - expose = true -} - -include "environment" { - path = find_in_parent_folders("environment.hcl") - expose = true -} - -terraform { - source = "../../../../modules/data-store/cache" -} - -dependency "vpc" { - config_path = "../../network/vpc" - - mock_outputs_allowed_terraform_commands = ["init", "validate", "plan"] - mock_outputs = { - vpc_id = "mock_vpc_id" - database_subnets = [] - source_security_groups = [] - } -} - -dependency "backend" { - config_path = "../../services/backend-infra" - - mock_outputs_allowed_terraform_commands = ["init", "validate", "plan", "destroy"] - mock_outputs = { - security_group_id = "mock_sg_id" - } -} - -locals { - environment = include.environment.locals.environment - name_prefix = "tb-${include.root.locals.short_name}-${include.environment.locals.environment}" - region = include.environment.locals.region - - project_tags = include.root.locals.tags - environment_tags = include.environment.locals.tags - tags = "${merge(local.project_tags, local.environment_tags)}" -} - -inputs = { - name_prefix = local.name_prefix - vpc = dependency.vpc.outputs.vpc_id - subnets = dependency.vpc.outputs.database_subnets - source_security_groups = [dependency.backend.outputs.security_group_id] - tags = local.tags -} \ No newline at end of file diff --git a/tofu/environments/production/data-store/database/.terraform.lock.hcl b/tofu/environments/production/data-store/database/.terraform.lock.hcl deleted file mode 100644 index 520f9bfec..000000000 --- a/tofu/environments/production/data-store/database/.terraform.lock.hcl +++ /dev/null @@ -1,38 +0,0 @@ -# This file is maintained automatically by "tofu init". -# Manual edits may be lost in future updates. - -provider "registry.opentofu.org/hashicorp/aws" { - version = "5.41.0" - constraints = ">= 5.36.0" - hashes = [ - "h1:Fx+3haIzgp5zo3zVxJDMpTUQcZ8z0g8eQLFud0hA0xc=", - "zh:28fda8bbfe6bdba53aa8a7ce1005e7d686bce1d604c6e0b58e32735162afc667", - "zh:3961d01ce92bc6fcb1cc0e267d6fc4270adf010d93e7890460c566b2f5761670", - "zh:85cf587abfdf6f306dc593232abb91cf5090296decaf6e84669dd92662f2f856", - "zh:9f9d2e81f493c0daba943211c8146100d4a90f7f09fd831f4e8dde2c5f8ab34a", - "zh:c7444bd54437f4e044dbe71353a5fc54fae5b96673c80ec42f3823e8890c5cd3", - "zh:d041d2a83a80a2be85297cff467ef3c0ae2887789f88197bda190e6d2b64399e", - "zh:db02a4756318595de2d72cad69c25bd29b61940ad3c91ddf06c32437170f9d56", - "zh:dd90187b8382e28347ca08f4642a405edbb50c27c94405367f55f8fafd6b42ad", - "zh:e8c47d26c221d6975d9905b4ffd4dc713fbafb60db2e740b974da7ff5b500a86", - "zh:f222038c55866e5121d24290824f56c76afff2562bdd47624e42a44d1c7c2002", - ] -} - -provider "registry.opentofu.org/hashicorp/random" { - version = "3.6.0" - constraints = ">= 3.1.0" - hashes = [ - "h1:6QMZ6JACl+V2t8daN5GTlw22EtG7nhc3BbkbJDw2a5M=", - "zh:486a1c921eab5c51a480f2eb0ad85173f207c9b7bb215f3893e58bc38d3b7c75", - "zh:6901b3afa4607d1e31934ba91ed2625215ada42b3518c3a9adeeac7a5f656dc3", - "zh:7e93752c9de710e417191353ad1a41b5a60432ab7ef4f8b556bf248297ec5e23", - "zh:c795d3d319e8ee7be972746b935963b7e772a6a14080261a35c03915c1f9ccb2", - "zh:cd4f8bcaf332828d1736c73874549c25e427737f136173c7b61e2df3db50e5d9", - "zh:e0103eb2e280989c3d9ffda5d6b413e8f583be21bc1d5754c6e9ca87ecc1c44a", - "zh:f4fbec2510322d5b7ad584a92436b5dbd0f2e897a3ec538932af59e245a4c8e4", - "zh:f5418842afd4aa7676e2456e425e8f573cb2b9bffd29bd7de09d91845644ab24", - "zh:f572a26f93d00ec42461ce478678366e570fa4497e2273f9d47f24cdfc4b42b4", - "zh:ff1f07c561a3f7f219b6fee1647a559933b5dd6181753e164c3978fd47a11685", - ] -} diff --git a/tofu/environments/production/data-store/database/terragrunt.hcl b/tofu/environments/production/data-store/database/terragrunt.hcl deleted file mode 100644 index 6a8a0a46a..000000000 --- a/tofu/environments/production/data-store/database/terragrunt.hcl +++ /dev/null @@ -1,62 +0,0 @@ -include "root" { - path = find_in_parent_folders() - expose = true -} - -include "environment" { - path = find_in_parent_folders("environment.hcl") - expose = true -} - -terraform { - source = "../../../../modules/data-store/database" -} - -dependency "vpc" { - config_path = "../../network/vpc" - - mock_outputs_allowed_terraform_commands = ["init", "validate", "plan"] - mock_outputs = { - vpc_id = "mock_vpc_id" - database_subnet_group = "mock_subnet_group" - } -} - -dependency "cache" { - config_path = "../cache" - - mock_outputs_allowed_terraform_commands = ["init", "validate", "plan"] - mock_outputs = { - security_group_id = "mock_sg_id" - } -} - -dependency "backend" { - config_path = "../../services/backend-infra" - - mock_outputs_allowed_terraform_commands = ["init", "validate", "plan", "destroy"] - mock_outputs = { - security_group_id = "sg-mocksecuritygroup" - } -} - -locals { - environment = include.environment.locals.environment - name_prefix = "tb-${include.root.locals.short_name}-${include.environment.locals.environment}" - region = include.environment.locals.region - - project_tags = include.root.locals.tags - environment_tags = include.environment.locals.tags - tags = "${merge(local.project_tags, local.environment_tags)}" -} - -inputs = { - environment = local.environment - name_prefix = local.name_prefix - region = local.region - vpc = dependency.vpc.outputs.vpc_id - subnet_group = dependency.vpc.outputs.database_subnet_group - elasticache_security_group = dependency.cache.outputs.security_group_id - backend_security_group = dependency.backend.outputs.security_group_id - tags = local.tags -} \ No newline at end of file diff --git a/tofu/environments/production/environment.hcl b/tofu/environments/production/environment.hcl deleted file mode 100644 index 6aa839efa..000000000 --- a/tofu/environments/production/environment.hcl +++ /dev/null @@ -1,10 +0,0 @@ -locals { - environment_vars = yamldecode(file("environment_vars.yaml")) - - environment = local.environment_vars.environment - region = local.environment_vars.region - - tags = { - environment = local.environment - } -} \ No newline at end of file diff --git a/tofu/environments/production/environment_vars.yaml b/tofu/environments/production/environment_vars.yaml deleted file mode 100644 index e415a0ef9..000000000 --- a/tofu/environments/production/environment_vars.yaml +++ /dev/null @@ -1,4 +0,0 @@ ---- -environment: production -region: us-east-1 -... \ No newline at end of file diff --git a/tofu/environments/production/network/vpc/.terraform.lock.hcl b/tofu/environments/production/network/vpc/.terraform.lock.hcl deleted file mode 100644 index c8048244a..000000000 --- a/tofu/environments/production/network/vpc/.terraform.lock.hcl +++ /dev/null @@ -1,20 +0,0 @@ -# This file is maintained automatically by "tofu init". -# Manual edits may be lost in future updates. - -provider "registry.opentofu.org/hashicorp/aws" { - version = "5.41.0" - constraints = ">= 4.0.0, >= 5.30.0" - hashes = [ - "h1:Fx+3haIzgp5zo3zVxJDMpTUQcZ8z0g8eQLFud0hA0xc=", - "zh:28fda8bbfe6bdba53aa8a7ce1005e7d686bce1d604c6e0b58e32735162afc667", - "zh:3961d01ce92bc6fcb1cc0e267d6fc4270adf010d93e7890460c566b2f5761670", - "zh:85cf587abfdf6f306dc593232abb91cf5090296decaf6e84669dd92662f2f856", - "zh:9f9d2e81f493c0daba943211c8146100d4a90f7f09fd831f4e8dde2c5f8ab34a", - "zh:c7444bd54437f4e044dbe71353a5fc54fae5b96673c80ec42f3823e8890c5cd3", - "zh:d041d2a83a80a2be85297cff467ef3c0ae2887789f88197bda190e6d2b64399e", - "zh:db02a4756318595de2d72cad69c25bd29b61940ad3c91ddf06c32437170f9d56", - "zh:dd90187b8382e28347ca08f4642a405edbb50c27c94405367f55f8fafd6b42ad", - "zh:e8c47d26c221d6975d9905b4ffd4dc713fbafb60db2e740b974da7ff5b500a86", - "zh:f222038c55866e5121d24290824f56c76afff2562bdd47624e42a44d1c7c2002", - ] -} diff --git a/tofu/environments/production/network/vpc/terragrunt.hcl b/tofu/environments/production/network/vpc/terragrunt.hcl deleted file mode 100644 index edae031a7..000000000 --- a/tofu/environments/production/network/vpc/terragrunt.hcl +++ /dev/null @@ -1,31 +0,0 @@ -include "root" { - path = find_in_parent_folders() - expose = true -} - -include "environment" { - path = find_in_parent_folders("environment.hcl") - expose = true -} - -terraform { - source = "../../../../modules/network/vpc" -} - -locals { - environment = include.environment.locals.environment - name_prefix = "tb-${include.root.locals.short_name}-${include.environment.locals.environment}" - region = include.environment.locals.region - - project_tags = include.root.locals.tags - environment_tags = include.environment.locals.tags - tags = "${merge(local.project_tags, local.environment_tags)}" -} - -inputs = { - environment = local.environment - name_prefix = local.name_prefix - region = local.region - vpc_cidr = "10.0.0.0/16" - tags = local.tags -} \ No newline at end of file diff --git a/tofu/environments/production/services/backend-infra/.terraform.lock.hcl b/tofu/environments/production/services/backend-infra/.terraform.lock.hcl deleted file mode 100644 index 16bf2d314..000000000 --- a/tofu/environments/production/services/backend-infra/.terraform.lock.hcl +++ /dev/null @@ -1,20 +0,0 @@ -# This file is maintained automatically by "tofu init". -# Manual edits may be lost in future updates. - -provider "registry.opentofu.org/hashicorp/aws" { - version = "5.41.0" - constraints = ">= 4.66.1, >= 5.33.0" - hashes = [ - "h1:Fx+3haIzgp5zo3zVxJDMpTUQcZ8z0g8eQLFud0hA0xc=", - "zh:28fda8bbfe6bdba53aa8a7ce1005e7d686bce1d604c6e0b58e32735162afc667", - "zh:3961d01ce92bc6fcb1cc0e267d6fc4270adf010d93e7890460c566b2f5761670", - "zh:85cf587abfdf6f306dc593232abb91cf5090296decaf6e84669dd92662f2f856", - "zh:9f9d2e81f493c0daba943211c8146100d4a90f7f09fd831f4e8dde2c5f8ab34a", - "zh:c7444bd54437f4e044dbe71353a5fc54fae5b96673c80ec42f3823e8890c5cd3", - "zh:d041d2a83a80a2be85297cff467ef3c0ae2887789f88197bda190e6d2b64399e", - "zh:db02a4756318595de2d72cad69c25bd29b61940ad3c91ddf06c32437170f9d56", - "zh:dd90187b8382e28347ca08f4642a405edbb50c27c94405367f55f8fafd6b42ad", - "zh:e8c47d26c221d6975d9905b4ffd4dc713fbafb60db2e740b974da7ff5b500a86", - "zh:f222038c55866e5121d24290824f56c76afff2562bdd47624e42a44d1c7c2002", - ] -} diff --git a/tofu/environments/production/services/backend-infra/terragrunt.hcl b/tofu/environments/production/services/backend-infra/terragrunt.hcl deleted file mode 100644 index 93beded47..000000000 --- a/tofu/environments/production/services/backend-infra/terragrunt.hcl +++ /dev/null @@ -1,52 +0,0 @@ -include "root" { - path = find_in_parent_folders() - expose = true -} - -include "environment" { - path = find_in_parent_folders("environment.hcl") - expose = true -} - -terraform { - source = "../../../../modules/services/backend-infra" -} - -dependency "vpc" { - config_path = "../../network/vpc" - - mock_outputs_allowed_terraform_commands = ["init", "validate", "plan"] - mock_outputs = { - vpc_id = "mock_vpc_id" - subnets = [] - private_subnets = [] - ecr_endpoint_security_group = "mock_sg" - secrets_endpoint_security_group = "mock_sg" - logs_endpoint_security_group = "mock_sg" - database_subnet_cidrs = ["10.0.1.0/24", "10.0.2.0/24"] - } -} - -locals { - environment = include.environment.locals.environment - name_prefix = "tb-${include.root.locals.short_name}-${include.environment.locals.environment}" - region = include.environment.locals.region - - project_tags = include.root.locals.tags - environment_tags = include.environment.locals.tags - tags = "${merge(local.project_tags, local.environment_tags)}" -} - -inputs = { - environment = local.environment - name_prefix = local.name_prefix - region = local.region - vpc = dependency.vpc.outputs.vpc_id - subnets = dependency.vpc.outputs.private_subnets - ecr_endpoint_security_group = dependency.vpc.outputs.ecr_endpoint_security_group - secrets_endpoint_security_group = dependency.vpc.outputs.secrets_endpoint_security_group - logs_endpoint_security_group = dependency.vpc.outputs.logs_endpoint_security_group - database_subnet_cidrs = dependency.vpc.outputs.database_subnet_cidrs - ssl_cert = "arn:aws:acm:us-east-1:768512802988:certificate/4a53e27b-0cd3-4855-a13f-5bac50015e43" - tags = local.tags -} \ No newline at end of file diff --git a/tofu/environments/production/services/backend-service/terragrunt.hcl b/tofu/environments/production/services/backend-service/terragrunt.hcl deleted file mode 100644 index 2a2243204..000000000 --- a/tofu/environments/production/services/backend-service/terragrunt.hcl +++ /dev/null @@ -1,90 +0,0 @@ -include "root" { - path = find_in_parent_folders() - expose = true -} - -include "env" { - path = find_in_parent_folders("environment.hcl") - expose = true -} - -terraform { - source = "../../../../modules/services/backend-service" -} - -dependency "vpc" { - config_path = "../../network/vpc" - - mock_outputs_allowed_terraform_commands = ["init", "validate", "plan"] - mock_outputs = { - private_subnets = ["subnet-mocksubnet1234567"] - ecs_execution_role = "arn:aws:iam::768512802988:role/mockrolearn" - } -} - -dependency "backend-infra" { - config_path = "../backend-infra" - - mock_outputs_allowed_terraform_commands = ["init", "validate", "plan"] - mock_outputs = { - target_group_arn = "arn:aws:elasticloadbalancing:us-east-1:768512802988:targetgroup/mocktg/12345678901234" - log_group = "MOCK_LOGS" - cluster_id = "MOCK_CLUSTER_ID" - security_group_id = "MOCK_SG" - } -} - -dependency "database" { - config_path = "../../data-store/database" - - mock_outputs_allowed_terraform_commands = ["init", "validate", "plan"] - mock_outputs = { - db_secret = "arn:aws:secretsmanager:us-east-1:768512802988:secret:mocksecretarn" - } -} - -dependency "cache" { - config_path = "../../data-store/cache" - - mock_outputs_allowed_terraform_commands = ["init", "validate", "plan"] - mock_outputs = { - redis_endpoint = "mockcache.serverless.use1.cache.amazonaws.com" - } -} - -locals { - environment = get_env("TF_VAR_environment") - name_prefix = get_env("TF_VAR_name_prefix") - region = get_env("TF_VAR_region") - project = include.root.locals.project - short_name = include.root.locals.short_name - project_tags = include.root.locals.tags - environment_tags = include.env.locals.tags - tags = "${merge(local.project_tags, local.environment_tags)}" -} - -inputs = { - name_prefix = local.name_prefix - region = local.region - subnets = dependency.vpc.outputs.private_subnets - log_group = dependency.backend-infra.outputs.log_group - target_group_arn = dependency.backend-infra.outputs.target_group_arn - security_group = dependency.backend-infra.outputs.security_group_id - ecs_cluster = dependency.backend-infra.outputs.cluster_id - task_execution_role = dependency.vpc.outputs.ecs_execution_role - frontend_url = get_env("TF_VAR_frontend_url") - short_base_url = get_env("TF_VAR_short_base_url") - app_env = get_env("TF_VAR_app_env") - sentry_dsn = get_env("TF_VAR_sentry_dsn") - zoom_auth_callback = get_env("TF_VAR_zoom_callback") - short_name = local.short_name - database_secret = dependency.database.outputs.db_secret - db_enc_secret = get_env("TF_VAR_db_enc_secret") - smtp_secret = get_env("TF_VAR_smtp_secret") - google_oauth_secret = get_env("TF_VAR_google_oauth_secret") - zoom_secret = get_env("TF_VAR_zoom_secret") - fxa_secret = get_env("TF_VAR_fxa_secret") - log_level = get_env("TF_VAR_log_level") - redis_endpoint = dependency.cache.outputs.endpoint - tags = local.tags -} \ No newline at end of file diff --git a/tofu/environments/production/services/frontend/.terraform.lock.hcl b/tofu/environments/production/services/frontend/.terraform.lock.hcl deleted file mode 100644 index b88b3b5eb..000000000 --- a/tofu/environments/production/services/frontend/.terraform.lock.hcl +++ /dev/null @@ -1,19 +0,0 @@ -# This file is maintained automatically by "tofu init". -# Manual edits may be lost in future updates. - -provider "registry.opentofu.org/hashicorp/aws" { - version = "5.41.0" - hashes = [ - "h1:Fx+3haIzgp5zo3zVxJDMpTUQcZ8z0g8eQLFud0hA0xc=", - "zh:28fda8bbfe6bdba53aa8a7ce1005e7d686bce1d604c6e0b58e32735162afc667", - "zh:3961d01ce92bc6fcb1cc0e267d6fc4270adf010d93e7890460c566b2f5761670", - "zh:85cf587abfdf6f306dc593232abb91cf5090296decaf6e84669dd92662f2f856", - "zh:9f9d2e81f493c0daba943211c8146100d4a90f7f09fd831f4e8dde2c5f8ab34a", - "zh:c7444bd54437f4e044dbe71353a5fc54fae5b96673c80ec42f3823e8890c5cd3", - "zh:d041d2a83a80a2be85297cff467ef3c0ae2887789f88197bda190e6d2b64399e", - "zh:db02a4756318595de2d72cad69c25bd29b61940ad3c91ddf06c32437170f9d56", - "zh:dd90187b8382e28347ca08f4642a405edbb50c27c94405367f55f8fafd6b42ad", - "zh:e8c47d26c221d6975d9905b4ffd4dc713fbafb60db2e740b974da7ff5b500a86", - "zh:f222038c55866e5121d24290824f56c76afff2562bdd47624e42a44d1c7c2002", - ] -} diff --git a/tofu/environments/production/services/frontend/terragrunt.hcl b/tofu/environments/production/services/frontend/terragrunt.hcl deleted file mode 100644 index 5e4c5e5c6..000000000 --- a/tofu/environments/production/services/frontend/terragrunt.hcl +++ /dev/null @@ -1,48 +0,0 @@ -include "root" { - path = find_in_parent_folders() - expose = true -} - -include "environment" { - path = find_in_parent_folders("environment.hcl") - expose = true -} - -terraform { - source = "../../../../modules/services/frontend" -} - -dependency "backend" { - config_path = "../../services/backend" - - mock_outputs_allowed_terraform_commands = ["init", "validate", "plan", "destroy"] - mock_outputs = { - alb_id = "mock_alb_id" - dns_name = "mock_dns_name" - x_allow_secret = "mock_secret" - } -} - -locals { - environment = include.environment.locals.environment - name_prefix = "tb-${include.root.locals.short_name}-${include.environment.locals.environment}" - region = include.environment.locals.region - - project_tags = include.root.locals.tags - environment_tags = include.environment.locals.tags - tags = "${merge(local.project_tags, local.environment_tags)}" - - - ssl_cert = "arn:aws:acm:us-east-1:768512802988:certificate/4a53e27b-0cd3-4855-a13f-5bac50015e43" -} - -inputs = { - environment = local.environment - name_prefix = local.name_prefix - region = local.region - tags = local.tags - ssl_cert = local.ssl_cert - backend_id = dependency.backend.outputs.alb_id - backend_dns_name = dependency.backend.outputs.dns_name - x_allow_secret = dependency.backend.outputs.x_allow_secret -} \ No newline at end of file diff --git a/tofu/environments/production/terraform/tfbackend/.terraform.lock.hcl b/tofu/environments/production/terraform/tfbackend/.terraform.lock.hcl deleted file mode 100644 index b88b3b5eb..000000000 --- a/tofu/environments/production/terraform/tfbackend/.terraform.lock.hcl +++ /dev/null @@ -1,19 +0,0 @@ -# This file is maintained automatically by "tofu init". -# Manual edits may be lost in future updates. - -provider "registry.opentofu.org/hashicorp/aws" { - version = "5.41.0" - hashes = [ - "h1:Fx+3haIzgp5zo3zVxJDMpTUQcZ8z0g8eQLFud0hA0xc=", - "zh:28fda8bbfe6bdba53aa8a7ce1005e7d686bce1d604c6e0b58e32735162afc667", - "zh:3961d01ce92bc6fcb1cc0e267d6fc4270adf010d93e7890460c566b2f5761670", - "zh:85cf587abfdf6f306dc593232abb91cf5090296decaf6e84669dd92662f2f856", - "zh:9f9d2e81f493c0daba943211c8146100d4a90f7f09fd831f4e8dde2c5f8ab34a", - "zh:c7444bd54437f4e044dbe71353a5fc54fae5b96673c80ec42f3823e8890c5cd3", - "zh:d041d2a83a80a2be85297cff467ef3c0ae2887789f88197bda190e6d2b64399e", - "zh:db02a4756318595de2d72cad69c25bd29b61940ad3c91ddf06c32437170f9d56", - "zh:dd90187b8382e28347ca08f4642a405edbb50c27c94405367f55f8fafd6b42ad", - "zh:e8c47d26c221d6975d9905b4ffd4dc713fbafb60db2e740b974da7ff5b500a86", - "zh:f222038c55866e5121d24290824f56c76afff2562bdd47624e42a44d1c7c2002", - ] -} diff --git a/tofu/environments/production/terraform/tfbackend/terragrunt.hcl b/tofu/environments/production/terraform/tfbackend/terragrunt.hcl deleted file mode 100644 index 74efdd318..000000000 --- a/tofu/environments/production/terraform/tfbackend/terragrunt.hcl +++ /dev/null @@ -1,28 +0,0 @@ -include "root" { - path = find_in_parent_folders() - expose = true -} - -include "environment" { - path = find_in_parent_folders("environment.hcl") - expose = true -} - -terraform { - source = "../../../../modules/terraform/tfbackend" -} - -locals { - bucket_name = "tb-${include.root.locals.short_name}-${include.environment.locals.environment}-state" - table_name = "tb-${include.root.locals.short_name}-${include.environment.locals.environment}-locks" - - project_tags = include.root.locals.tags - environment_tags = include.environment.locals.tags - tags = "${merge(local.project_tags, local.environment_tags)}" -} - -inputs = { - bucket_name = local.bucket_name - table_name = local.table_name - tags = local.tags -} \ No newline at end of file diff --git a/tofu/environments/stage/data-store/database/terragrunt.hcl b/tofu/environments/stage/data-store/database/terragrunt.hcl index 474f1c1ca..bff6f816a 100644 --- a/tofu/environments/stage/data-store/database/terragrunt.hcl +++ b/tofu/environments/stage/data-store/database/terragrunt.hcl @@ -61,6 +61,5 @@ inputs = { database_subnets = dependency.vpc.outputs.database_subnets elasticache_security_group = dependency.cache.outputs.security_group_id backend_security_group = dependency.backend.outputs.security_group_id - database_secret = "arn:aws:secretsmanager:us-east-1:768512802988:secret:tb-apmt-stage-db-secret-V0syHj" tags = local.tags } \ No newline at end of file diff --git a/tofu/environments/stage/services/backend-infra/terragrunt.hcl b/tofu/environments/stage/services/backend-infra/terragrunt.hcl index 7a4aeac5a..3d7f54d82 100644 --- a/tofu/environments/stage/services/backend-infra/terragrunt.hcl +++ b/tofu/environments/stage/services/backend-infra/terragrunt.hcl @@ -48,5 +48,6 @@ inputs = { logs_endpoint_security_group = dependency.vpc.outputs.logs_endpoint_security_group database_subnet_cidrs = dependency.vpc.outputs.database_subnet_cidrs ssl_cert = "arn:aws:acm:us-east-1:768512802988:certificate/4a53e27b-0cd3-4855-a13f-5bac50015e43" + frontend_url = get_env("TF_VAR_frontend_url") tags = local.tags } \ No newline at end of file diff --git a/tofu/environments/stage/services/frontend-infra/terragrunt.hcl b/tofu/environments/stage/services/frontend-infra/terragrunt.hcl index ed8608d7b..f8fd9d9af 100644 --- a/tofu/environments/stage/services/frontend-infra/terragrunt.hcl +++ b/tofu/environments/stage/services/frontend-infra/terragrunt.hcl @@ -45,4 +45,5 @@ inputs = { backend_id = dependency.backend.outputs.alb_id backend_dns_name = dependency.backend.outputs.dns_name x_allow_secret = dependency.backend.outputs.x_allow_secret + frontend_url = get_env("TF_VAR_frontend_url") } \ No newline at end of file diff --git a/tofu/modules/data-store/database/main.tf b/tofu/modules/data-store/database/main.tf index 436c26136..a507fcb99 100644 --- a/tofu/modules/data-store/database/main.tf +++ b/tofu/modules/data-store/database/main.tf @@ -50,8 +50,8 @@ module "db" { major_engine_version = "8.0" # Database Deletion Protection - skip_final_snapshot = var.environment == "production" ? false : true - deletion_protection = var.environment == "production" ? true : false + skip_final_snapshot = var.environment == "prod" ? false : true + deletion_protection = var.environment == "prod" ? true : false parameters = [ { diff --git a/tofu/modules/data-store/database/variables.tf b/tofu/modules/data-store/database/variables.tf index 51a35565f..068d07bd5 100644 --- a/tofu/modules/data-store/database/variables.tf +++ b/tofu/modules/data-store/database/variables.tf @@ -44,9 +44,3 @@ variable "backend_security_group" { type = string default = "" } - -variable "database_secret" { - description = "Database secret" - type = string - default = "" -} \ No newline at end of file diff --git a/tofu/modules/network/vpc/main.tf b/tofu/modules/network/vpc/main.tf index 4c1010e30..5d2b44e1c 100644 --- a/tofu/modules/network/vpc/main.tf +++ b/tofu/modules/network/vpc/main.tf @@ -16,7 +16,7 @@ module "vpc" { public_subnets = [for k, v in local.azs : cidrsubnet("${var.vpc_cidr}", 8, k + 254)] database_subnets = [for k, v in local.azs : cidrsubnet("${var.vpc_cidr}", 8, k + 2)] - create_database_subnet_group = false + create_database_subnet_group = true manage_default_network_acl = false manage_default_route_table = false manage_default_security_group = false diff --git a/tofu/modules/services/backend-infra/main.tf b/tofu/modules/services/backend-infra/main.tf index 27348f63b..0aaa67b37 100644 --- a/tofu/modules/services/backend-infra/main.tf +++ b/tofu/modules/services/backend-infra/main.tf @@ -123,7 +123,7 @@ module "backend_alb" { redirect = { status_code = "HTTP_302" - host = "${var.environment}.appointment.day" + host = var.frontend_url path = "/user/#{path}" port = 443 protocol = "HTTPS" diff --git a/tofu/modules/services/backend-infra/variables.tf b/tofu/modules/services/backend-infra/variables.tf index b1b07c585..db244801e 100644 --- a/tofu/modules/services/backend-infra/variables.tf +++ b/tofu/modules/services/backend-infra/variables.tf @@ -58,3 +58,8 @@ variable "ssl_cert" { description = "SSL certificate ARN in AWS Certificate Manager" type = string } + +variable "frontend_url" { + description = "environment frontend url" + type = string +} diff --git a/tofu/modules/services/frontend-infra/main.tf b/tofu/modules/services/frontend-infra/main.tf index f00e0c0c3..bbc2c512c 100644 --- a/tofu/modules/services/frontend-infra/main.tf +++ b/tofu/modules/services/frontend-infra/main.tf @@ -88,7 +88,7 @@ resource "aws_cloudfront_distribution" "appointment" { comment = "appointment ${var.environment} frontend" enabled = true - aliases = ["${var.environment}.appointment.day"] + aliases = [var.frontend_url] logging_config { bucket = "${aws_s3_bucket.request_logs.id}.s3.amazonaws.com" diff --git a/tofu/modules/services/frontend-infra/variables.tf b/tofu/modules/services/frontend-infra/variables.tf index 3f218240f..82f6ffa51 100644 --- a/tofu/modules/services/frontend-infra/variables.tf +++ b/tofu/modules/services/frontend-infra/variables.tf @@ -41,4 +41,9 @@ variable "backend_dns_name" { variable "x_allow_secret" { description = "X-Allow header secret" type = string +} + +variable "frontend_url" { + description = "Environment frontend url" + type = string } \ No newline at end of file From 057c4f40dc0b7513957f986fe600b72ffd35588c Mon Sep 17 00:00:00 2001 From: Jo Date: Fri, 31 May 2024 13:25:26 -0400 Subject: [PATCH 2/2] formatting cleanup --- tofu/environments/prod/services/frontend-infra/terragrunt.hcl | 2 +- tofu/environments/stage/services/frontend-infra/terragrunt.hcl | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tofu/environments/prod/services/frontend-infra/terragrunt.hcl b/tofu/environments/prod/services/frontend-infra/terragrunt.hcl index f8fd9d9af..bcd3335e4 100644 --- a/tofu/environments/prod/services/frontend-infra/terragrunt.hcl +++ b/tofu/environments/prod/services/frontend-infra/terragrunt.hcl @@ -45,5 +45,5 @@ inputs = { backend_id = dependency.backend.outputs.alb_id backend_dns_name = dependency.backend.outputs.dns_name x_allow_secret = dependency.backend.outputs.x_allow_secret - frontend_url = get_env("TF_VAR_frontend_url") + frontend_url = get_env("TF_VAR_frontend_url") } \ No newline at end of file diff --git a/tofu/environments/stage/services/frontend-infra/terragrunt.hcl b/tofu/environments/stage/services/frontend-infra/terragrunt.hcl index f8fd9d9af..bcd3335e4 100644 --- a/tofu/environments/stage/services/frontend-infra/terragrunt.hcl +++ b/tofu/environments/stage/services/frontend-infra/terragrunt.hcl @@ -45,5 +45,5 @@ inputs = { backend_id = dependency.backend.outputs.alb_id backend_dns_name = dependency.backend.outputs.dns_name x_allow_secret = dependency.backend.outputs.x_allow_secret - frontend_url = get_env("TF_VAR_frontend_url") + frontend_url = get_env("TF_VAR_frontend_url") } \ No newline at end of file