diff --git a/src/domains/testit-app/.terraform.lock.hcl b/src/domains/testit-app/.terraform.lock.hcl
index 853b698..3f4a046 100644
--- a/src/domains/testit-app/.terraform.lock.hcl
+++ b/src/domains/testit-app/.terraform.lock.hcl
@@ -22,28 +22,28 @@ provider "registry.terraform.io/hashicorp/azuread" {
}
provider "registry.terraform.io/hashicorp/azurerm" {
- version = "3.104.1"
- constraints = "<= 3.104.1"
+ version = "3.97.1"
+ constraints = ">= 3.30.0, ~> 3.30, <= 3.97.1, <= 3.105.0"
hashes = [
- "h1:U5GAIrGfQyKSOjNatmhTp128MoYaSAmv2MbfUMcLz8s=",
- "zh:0083c69dfe538d39674816feba339b42c3278e67be8d08991dc73d3714e45696",
- "zh:201d7db8144f9a01c30931dc9016e4c0b99cfbd3abaab5ec78d1e3b0c6b9018c",
- "zh:27a63b435cedc6bc0f4a26a1f4b4a04a5bf9533f4694cdcebb997ec1e57dbdba",
- "zh:2f69e46d3ae4af8774c53a0d26983966b3c492a0ab269af0be9bb50a2a86acf4",
- "zh:3b8417fc5b8c939745f729454c4a7f0257fd291adf23f944a1556d5148efcf65",
- "zh:66c49295ff07e1c5e896186971717fa0990d01fc5c2e285aa0f1ab7d03b0db52",
- "zh:7acb9fdf249e5b90a16112d2604dccd03f62947a5ac17f959ad07712c2b188df",
- "zh:7d88b263869b42c631543aa02c1d8cf4ed9dd7944ab6b8176e302f26a8561755",
- "zh:cdb3a300a2b136f904c2d12324a5229ca73e1206f19e6e2503edc681a7ed2e7c",
- "zh:f1655eb6b16ec65b4c9f78ac5509cc81581e791865d798829e0a22f1a1ce0fbf",
- "zh:f363153ce52b654d6066e297a85976a0ffcf0ad0eadd9ae6740b76534260a649",
+ "h1:LtwGbd4HEb5QCXmdxSvTjPSh8/Gp8eAQMYfiAKaubV4=",
+ "zh:15171efcc3aa3a37748c502c493cb16ecff603b81ada4499a843574976bac524",
+ "zh:2ca6c13a4a96f67763ecced0015c7b101ee02d54ea54b28a8df4ae06468071b1",
+ "zh:2e3c77dbfd8f760132ecef2d6117e939cbea26b96aba5e4d926e7f7f0f7afe72",
+ "zh:4bc346eece1622be93c73801d8256502b11fd7c2e7f7cea12d048bb9fc9fe900",
+ "zh:4f1042942ed8d0433680a367527289459d43b0894a51eaba83ac414e80d5187f",
+ "zh:63e674c31482ae3579ea84daf5b1ba066ce40cb23475f54e17b6b131320a1bec",
+ "zh:8327148766dcb7a174673729a832c8095d7e137d0e6c7e2a9a01da48b8b73fbe",
+ "zh:851b3ae417059a80c7813e7f0063298a590a42f056004f2c2558ea14061c207e",
+ "zh:ac081b48907139c121a422ae9b1f40fc72c6aaaeb05cbdbf848102a6a5f426f4",
+ "zh:dc1d663df2d95e4ba91070ceb20d3560b6ea5c465d39c57a5979319302643e41",
+ "zh:ed26457367cbbb94237e935d297cb31b5687f9abf697377da0ee46974480db9b",
"zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
]
}
provider "registry.terraform.io/hashicorp/helm" {
version = "2.12.1"
- constraints = "<= 2.12.1"
+ constraints = "~> 2.12, <= 2.12.1"
hashes = [
"h1:7wfYOAeSEchHB8idNl+2jf+OkFi9zFSOLWkEZFuTCik=",
"zh:1d623fb1662703f2feb7860e3c795d849c77640eecbc5a776784d08807b15004",
@@ -62,22 +62,22 @@ provider "registry.terraform.io/hashicorp/helm" {
}
provider "registry.terraform.io/hashicorp/kubernetes" {
- version = "2.26.0"
- constraints = "<= 2.26.0"
+ version = "2.27.0"
+ constraints = "~> 2.27, <= 2.27.0"
hashes = [
- "h1:vTbi/tiJQS8Wto3LLxZ/WWPcptqaMpQlT33s61WTV9Q=",
- "zh:3f8ee1bffab1ba4f6ae549daae1648974214880d3606b6821cb0aceb365284a4",
- "zh:5596b1248231cc3b8f6a98f5b78df7120cd3153fd2b34b369dc20356a75bf35b",
- "zh:64420c9e4aa49c5e443afcd60f3e8d293ea6bd78797d402e21e23605f7757954",
- "zh:8327a488854e15f8d7eaf8272c3b9d6d1d9a6e68212a8dcb111d7b4023aac6b5",
- "zh:94c1c9b65280847d28a3e90e5046650858ac0bf87feefd2349336444e21e68e8",
- "zh:a3fb0b0b4bfd1844bb94011ae80111cedc188085235cf466313ca2151e75c8ca",
- "zh:ab5e381928144e0c2a9d9768a48e38797642e5c5fb2184370c7c08df500e5db3",
- "zh:da78995e8d6daf3acfd4c455ebbd12f6bf154cadf455f14ef35c0862e58dd2ec",
- "zh:e24cdd5b90196df93215f40d821af3a7b4473c53992be4c3038940d117a50eb4",
- "zh:e632efb3bce6d089b7c08507660af8b2c5e3f94c34fe401bfa228f154405e26e",
+ "h1:/3kLyOR2jTaWS1MKso4xAztrocGBMxi8yVadWiqSWOg=",
+ "zh:3bdba30ae67c55dc7e9a317ac0da3b208ea7926fe9c2f0ae6587ee88dcc58d1f",
+ "zh:3f35138a831c00b188d2ffee27111dd0cf59afad2dd5653ed9e67d59646de12c",
+ "zh:64066d18f6ae9a316c2bc840ef3e641d7ab94e1ea3a41d12523e77345ad442ef",
+ "zh:653063d44b44881af3a480f7f8eaa94fa300e0229df2072d30f606bddcc9f025",
+ "zh:87f306e37efb61d13efa6da53a1e45e97e5996ebc0568b1caf8c3c5e54c05809",
+ "zh:8c428b9708f9634391e52300218771eab3fe942bb1295d8c0ad50ca4b33db3d9",
+ "zh:a44e87119a0337ded15479851786a13f412b413d9a463ba550d1210249206b0f",
+ "zh:aa2c4d110b0de6ef997c0d45f3f23f8a98f5530753095d6eff439a6d91a8ea31",
+ "zh:eb15ed8781ac6a0dec2f7d03cf090e23cfa05e3225806c6231ff2c574662fd63",
+ "zh:eb81c563f93bd3303f9620d11cd49f21f3f89ac3475c6d3e821b239feb9c217d",
+ "zh:f1a344a7f16131123577e4ec994d04a34ea458ec16c1ccac53fe7946bd817b18",
"zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
- "zh:f5aea9da0eba25d35fee49db193c4b44cd3746a5578065092c62a53077e50b84",
]
}
@@ -103,7 +103,7 @@ provider "registry.terraform.io/hashicorp/local" {
provider "registry.terraform.io/hashicorp/null" {
version = "3.2.1"
- constraints = "<= 3.2.1"
+ constraints = "~> 3.2, <= 3.2.1"
hashes = [
"h1:tSj1mL6OQ8ILGqR2mDu7OYYYWf+hoir0pf9KAQ8IzO8=",
"zh:58ed64389620cc7b82f01332e27723856422820cfd302e304b5f6c3436fb9840",
diff --git a/src/domains/testit-app/02_namespace_domain.tf b/src/domains/testit-app/02_namespace_domain.tf
index 1a47218..15982fe 100644
--- a/src/domains/testit-app/02_namespace_domain.tf
+++ b/src/domains/testit-app/02_namespace_domain.tf
@@ -5,7 +5,7 @@ resource "kubernetes_namespace" "domain_namespace" {
}
module "domain_pod_identity" {
- source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//kubernetes_pod_identity?ref=v8.13.0"
+ source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//kubernetes_pod_identity?ref=v8.17.1"
resource_group_name = local.aks_resource_group_name
location = var.location
diff --git a/src/domains/testit-app/03_serviceaccounts_azure_devops.tf b/src/domains/testit-app/03_serviceaccounts_azure_devops.tf
index fc732fb..b83fbd8 100644
--- a/src/domains/testit-app/03_serviceaccounts_azure_devops.tf
+++ b/src/domains/testit-app/03_serviceaccounts_azure_devops.tf
@@ -5,7 +5,7 @@ resource "kubernetes_namespace" "system_domain_namespace" {
}
module "system_service_account" {
- source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//kubernetes_service_account?ref=v8.13.0"
+ source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//kubernetes_service_account?ref=v8.17.1"
name = "azure-devops"
namespace = kubernetes_namespace.system_domain_namespace.metadata[0].name
}
diff --git a/src/domains/testit-app/04_k8s_storage.tf b/src/domains/testit-app/04_k8s_storage.tf
new file mode 100644
index 0000000..6b83dab
--- /dev/null
+++ b/src/domains/testit-app/04_k8s_storage.tf
@@ -0,0 +1,64 @@
+resource "kubernetes_persistent_volume_claim_v1" "testit_hdd" {
+ metadata {
+ name = "${var.domain}-hdd-pvc"
+ namespace = var.domain
+ }
+ spec {
+ access_modes = ["ReadWriteOnce"]
+ resources {
+ requests = {
+ storage = "4Gi"
+ }
+ }
+ storage_class_name = "standard-hdd"
+ }
+}
+
+resource "kubernetes_persistent_volume_claim_v1" "testit_ssd_az" {
+ metadata {
+ name = "${var.domain}-ssd-az-pvc"
+ namespace = var.domain
+ }
+ spec {
+ access_modes = ["ReadWriteOnce"]
+ resources {
+ requests = {
+ storage = "8Gi"
+ }
+ }
+ storage_class_name = "managed-csi-premium-zrs"
+ }
+ wait_until_bound = false
+}
+
+# resource "kubernetes_persistent_volume_claim_v1" "testit_file_share_premium_zrs" {
+# metadata {
+# name = "testit-file-share-premium-zrs"
+# namespace = "testit"
+# }
+# spec {
+# access_modes = ["ReadWriteMany"]
+# resources {
+# requests = {
+# storage = "100Gi"
+# }
+# }
+# storage_class_name = "azurefile-premium-zrs"
+# }
+# }
+
+resource "kubernetes_persistent_volume_claim_v1" "testit_file_share_zrs" {
+ metadata {
+ name = "testit-file-share-zrs"
+ namespace = "testit"
+ }
+ spec {
+ access_modes = ["ReadWriteMany"]
+ resources {
+ requests = {
+ storage = "1Gi"
+ }
+ }
+ storage_class_name = "azurefile-zrs"
+ }
+}
diff --git a/src/domains/testit-app/80_middleware_tools.tf b/src/domains/testit-app/80_middleware_tools.tf
index 92e6e3f..2979f3b 100644
--- a/src/domains/testit-app/80_middleware_tools.tf
+++ b/src/domains/testit-app/80_middleware_tools.tf
@@ -1,14 +1,14 @@
module "tls_checker" {
- source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//tls_checker?ref=v8.13.0"
+ source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//tls_checker?ref=v8.18.0"
- https_endpoint = local.domain_aks_hostname
- alert_name = local.domain_aks_hostname
- alert_enabled = true
- helm_chart_present = true
- helm_chart_version = var.tls_cert_check_helm.chart_version
+ https_endpoint = local.domain_aks_hostname
+ alert_name = local.domain_aks_hostname
+ alert_enabled = true
+ helm_chart_present = true
+ # helm_chart_version = var.tls_cert_check_helm.chart_version
+ # helm_chart_image_name = var.tls_cert_check_helm.image_name
+ # helm_chart_image_tag = var.tls_cert_check_helm.image_tag
namespace = kubernetes_namespace.domain_namespace.metadata[0].name
- helm_chart_image_name = var.tls_cert_check_helm.image_name
- helm_chart_image_tag = var.tls_cert_check_helm.image_tag
location_string = var.location
kv_secret_name_for_application_insights_connection_string = "dvopla-d-itn-appinsights-connection-string"
keyvault_name = data.azurerm_key_vault.kv_domain.name
@@ -18,10 +18,10 @@ module "tls_checker" {
application_insights_action_group_ids = [data.azurerm_monitor_action_group.slack.id, data.azurerm_monitor_action_group.email.id]
}
-# module "cert_mounter" {
-# source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//cert_mounter?ref=v8.13.0"
-# namespace = var.domain
-# certificate_name = replace(local.domain_aks_hostname, ".", "-")
-# kv_name = data.azurerm_key_vault.kv_domain.name
-# tenant_id = data.azurerm_subscription.current.tenant_id
-# }
+module "cert_mounter" {
+ source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//cert_mounter?ref=v8.17.1"
+ namespace = var.domain
+ certificate_name = replace(local.domain_aks_hostname, ".", "-")
+ kv_name = data.azurerm_key_vault.kv_domain.name
+ tenant_id = data.azurerm_subscription.current.tenant_id
+}
diff --git a/src/domains/testit-app/99_main.tf b/src/domains/testit-app/99_main.tf
index 83a4c00..788dd9a 100644
--- a/src/domains/testit-app/99_main.tf
+++ b/src/domains/testit-app/99_main.tf
@@ -2,7 +2,7 @@ terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
- version = "<= 3.104.1"
+ version = "<= 3.105.0"
}
azuread = {
source = "hashicorp/azuread"
@@ -14,7 +14,7 @@ terraform {
}
kubernetes = {
source = "hashicorp/kubernetes"
- version = "<= 2.26.0"
+ version = "<= 2.27.0"
}
helm = {
source = "hashicorp/helm"
diff --git a/src/domains/testit-app/README.md b/src/domains/testit-app/README.md
index 92a1a99..98ffeee 100644
--- a/src/domains/testit-app/README.md
+++ b/src/domains/testit-app/README.md
@@ -5,9 +5,9 @@
| Name | Version |
|------|---------|
| [azuread](#requirement\_azuread) | <= 2.47.0 |
-| [azurerm](#requirement\_azurerm) | <= 3.104.1 |
+| [azurerm](#requirement\_azurerm) | <= 3.105.0 |
| [helm](#requirement\_helm) | <= 2.12.1 |
-| [kubernetes](#requirement\_kubernetes) | <= 2.26.0 |
+| [kubernetes](#requirement\_kubernetes) | <= 2.27.0 |
| [local](#requirement\_local) | <= 2.5.1 |
| [null](#requirement\_null) | <= 3.2.1 |
@@ -15,9 +15,10 @@
| Name | Source | Version |
|------|--------|---------|
-| [domain\_pod\_identity](#module\_domain\_pod\_identity) | git::https://github.com/pagopa/terraform-azurerm-v3.git//kubernetes_pod_identity | v8.13.0 |
-| [system\_service\_account](#module\_system\_service\_account) | git::https://github.com/pagopa/terraform-azurerm-v3.git//kubernetes_service_account | v8.13.0 |
-| [tls\_checker](#module\_tls\_checker) | git::https://github.com/pagopa/terraform-azurerm-v3.git//tls_checker | v8.13.0 |
+| [cert\_mounter](#module\_cert\_mounter) | git::https://github.com/pagopa/terraform-azurerm-v3.git//cert_mounter | v8.17.1 |
+| [domain\_pod\_identity](#module\_domain\_pod\_identity) | git::https://github.com/pagopa/terraform-azurerm-v3.git//kubernetes_pod_identity | v8.17.1 |
+| [system\_service\_account](#module\_system\_service\_account) | git::https://github.com/pagopa/terraform-azurerm-v3.git//kubernetes_service_account | v8.17.1 |
+| [tls\_checker](#module\_tls\_checker) | git::https://github.com/pagopa/terraform-azurerm-v3.git//tls_checker | v8.18.0 |
## Resources
@@ -31,6 +32,9 @@
| [helm_release.reloader](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource |
| [kubernetes_namespace.domain_namespace](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/namespace) | resource |
| [kubernetes_namespace.system_domain_namespace](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/namespace) | resource |
+| [kubernetes_persistent_volume_claim_v1.testit_file_share_zrs](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/persistent_volume_claim_v1) | resource |
+| [kubernetes_persistent_volume_claim_v1.testit_hdd](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/persistent_volume_claim_v1) | resource |
+| [kubernetes_persistent_volume_claim_v1.testit_ssd_az](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/persistent_volume_claim_v1) | resource |
| [kubernetes_role_binding.deployer_binding](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/role_binding) | resource |
| [kubernetes_role_binding.system_deployer_binding](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/role_binding) | resource |
| [azuread_group.adgroup_admin](https://registry.terraform.io/providers/hashicorp/azuread/latest/docs/data-sources/group) | data source |