feat: domain testit common created (#119)

* init github identity * upgrade core modules * fix monitor ita * testit upgrated modules * pre-commit fixs
pagopa · May 21, 2024 · 5cf9682 · 5cf9682
1 parent da5bf7a
commit 5cf9682
Show file tree

Hide file tree

Showing 18 changed files with 200 additions and 79 deletions.
diff --git a/src/core/01_keyvault.tf b/src/core/01_keyvault.tf
@@ -6,7 +6,7 @@ resource "azurerm_resource_group" "sec_rg" {
 }
 
 module "key_vault_core_ita" {
-  source              = "github.com/pagopa/terraform-azurerm-v3.git//key_vault?ref=v8.5.0"
+  source              = "github.com/pagopa/terraform-azurerm-v3.git//key_vault?ref=v8.13.0"
   name                = "${local.project_ita}-core-kv"
   location            = azurerm_resource_group.sec_rg.location
   resource_group_name = azurerm_resource_group.sec_rg.name

diff --git a/src/core/01_network.tf b/src/core/01_network.tf
@@ -9,7 +9,7 @@ resource "azurerm_resource_group" "rg_vnet" {
 # vnet
 #
 module "vnet" {
-  source              = "git::https://github.com/pagopa/terraform-azurerm-v3.git//virtual_network?ref=v8.5.0"
+  source              = "git::https://github.com/pagopa/terraform-azurerm-v3.git//virtual_network?ref=v8.13.0"
   name                = local.vnet_name
   location            = azurerm_resource_group.rg_vnet.location
   resource_group_name = azurerm_resource_group.rg_vnet.name
@@ -97,7 +97,7 @@ resource "azurerm_public_ip" "aks_outbound" {
 # Private endpoints
 #
 module "private_endpoints_snet" {
-  source               = "git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet?ref=v8.5.0"
+  source               = "git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet?ref=v8.13.0"
   name                 = "${local.project}-private-endpoints-snet"
   address_prefixes     = var.cidr_subnet_private_endpoints
   virtual_network_name = module.vnet.name

diff --git a/src/core/01_network_ita.tf b/src/core/01_network_ita.tf
@@ -6,7 +6,7 @@ resource "azurerm_resource_group" "rg_ita_vnet" {
 }
 
 module "vnet_italy" {
-  source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//virtual_network?ref=v8.5.0"
+  source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//virtual_network?ref=v8.13.0"
 
   name                = local.vnet_ita_name
   location            = var.location_ita
@@ -20,7 +20,7 @@ module "vnet_italy" {
 
 ## Peering between the vnet(main) and italy vnet
 module "vnet_ita_peering" {
-  source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//virtual_network_peering?ref=v8.5.0"
+  source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//virtual_network_peering?ref=v8.13.0"
 
   source_resource_group_name       = azurerm_resource_group.rg_ita_vnet.name
   source_virtual_network_name      = module.vnet_italy.name
@@ -35,7 +35,7 @@ module "vnet_ita_peering" {
 }
 
 module "packer_azdo_snet" {
-  source                                    = "git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet?ref=v8.5.0"
+  source                                    = "git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet?ref=v8.13.0"
   name                                      = "packer-azdo-subnet"
   address_prefixes                          = var.cidr_subnet_packer_azdo
   virtual_network_name                      = module.vnet_italy.name
@@ -45,7 +45,7 @@ module "packer_azdo_snet" {
 }
 
 module "packer_dns_forwarder_snet" {
-  source                                    = "git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet?ref=v8.5.0"
+  source                                    = "git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet?ref=v8.13.0"
   name                                      = "packer-dns-forwarder-subnet"
   address_prefixes                          = var.cidr_subnet_packer_dns_forwarder
   virtual_network_name                      = module.vnet_italy.name

diff --git a/src/core/02_monitor_ita.tf b/src/core/02_monitor_ita.tf
@@ -36,30 +36,30 @@ resource "azurerm_key_vault_secret" "application_insights_ita_key" {
   key_vault_id = module.key_vault_core_ita.id
 }
 
-# resource "azurerm_monitor_ita_action_group" "email_ita" {
-#   name                = "PagoPA"
-#   resource_group_name = azurerm_resource_group.monitor_ita_rg.name
-#   short_name          = "PagoPA"
-#
-#   email_receiver {
-#     name                    = "sendtooperations"
-#     email_address           = data.azurerm_key_vault_secret.monitor_ita_notification_email.value
-#     use_common_alert_schema = true
-#   }
-#
-#   tags = var.tags
-# }
-#
-# resource "azurerm_monitor_ita_action_group" "slack_ita" {
-#   name                = "SlackPagoPA"
-#   resource_group_name = azurerm_resource_group.monitor_ita_rg.name
-#   short_name          = "SlackPagoPA"
-#
-#   email_receiver {
-#     name                    = "sendtoslack"
-#     email_address           = data.azurerm_key_vault_secret.monitor_ita_notification_slack_email.value
-#     use_common_alert_schema = true
-#   }
-#
-#   tags = var.tags
-# }
+resource "azurerm_monitor_action_group" "email_ita" {
+  name                = "PagoPA"
+  resource_group_name = azurerm_resource_group.monitor_ita_rg.name
+  short_name          = "PagoPA"
+
+  email_receiver {
+    name                    = "sendtooperations"
+    email_address           = data.azurerm_key_vault_secret.monitor_notification_email.value
+    use_common_alert_schema = true
+  }
+
+  tags = var.tags
+}
+
+resource "azurerm_monitor_action_group" "slack_ita" {
+  name                = "SlackPagoPA"
+  resource_group_name = azurerm_resource_group.monitor_ita_rg.name
+  short_name          = "SlackPagoPA"
+
+  email_receiver {
+    name                    = "sendtoslack"
+    email_address           = data.azurerm_key_vault_secret.monitor_notification_slack_email.value
+    use_common_alert_schema = true
+  }
+
+  tags = var.tags
+}
diff --git a/src/core/02_monitor_weu.tf b/src/core/02_monitor_weu.tf
@@ -68,7 +68,7 @@ resource "azurerm_monitor_action_group" "slack" {
 # # Monitor storage
 # #
 # module "security_monitoring_storage" {
-#   source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//storage_account?ref=v8.5.0"
+#   source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//storage_account?ref=v8.13.0"
 #
 #   name                            = local.monitor_security_storage_name
 #   account_kind                    = "StorageV2"

diff --git a/src/core/02_vpn.tf b/src/core/02_vpn.tf
@@ -1,6 +1,6 @@
 ## VPN subnet
 module "vpn_snet" {
-  source                                    = "git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet?ref=v8.5.0"
+  source                                    = "git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet?ref=v8.13.0"
   name                                      = "GatewaySubnet"
   address_prefixes                          = var.cidr_subnet_vpn
   virtual_network_name                      = module.vnet_italy.name
@@ -15,7 +15,7 @@ data "azuread_application" "vpn_app" {
 
 module "vpn" {
   count  = var.vpn_enabled ? 1 : 0
-  source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//vpn_gateway?ref=v8.5.0"
+  source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//vpn_gateway?ref=v8.13.0"
 
   name                  = "${local.project_ita}-vpn"
   location              = var.location_ita
@@ -45,7 +45,7 @@ module "vpn" {
 # Dns Forwarder module
 
 module "subnet_dns_forwarder_lb" {
-  source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet?ref=v8.5.0"
+  source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet?ref=v8.13.0"
   count  = var.dns_forwarder_is_enabled ? 1 : 0
 
   name                 = "${local.project_ita}-dns-forwarder-lb"
@@ -55,7 +55,7 @@ module "subnet_dns_forwarder_lb" {
 }
 
 module "subnet_dns_forwarder_vmss" {
-  source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet?ref=v8.5.0"
+  source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet?ref=v8.13.0"
   count  = var.dns_forwarder_is_enabled ? 1 : 0
 
   name                 = "${local.project_ita}-dns-forwarder-vmss"
@@ -65,7 +65,7 @@ module "subnet_dns_forwarder_vmss" {
 }
 
 module "dns_forwarder_lb_vmss" {
-  source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//dns_forwarder_lb_vmss?ref=dns-forwarder-lb-fix"
+  source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//dns_forwarder_lb_vmss?ref=v8.13.0"
   count  = var.dns_forwarder_is_enabled ? 1 : 0
 
   name                 = local.project
@@ -80,5 +80,6 @@ module "dns_forwarder_lb_vmss" {
   subscription_id   = data.azurerm_subscription.current.subscription_id
   source_image_name = var.dns_forwarder_vmss_image_name
   key_vault_id      = data.azurerm_key_vault.kv.id
+  tenant_id         = data.azurerm_client_config.current.id
   tags              = var.tags
 }
diff --git a/src/core/03_apim_0.tf b/src/core/03_apim_0.tf
@@ -22,7 +22,7 @@
 #
 # # APIM subnet
 # module "apim_snet" {
-#   source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet?ref=v8.5.0"
+#   source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet?ref=v8.13.0"
 #   count  = var.apim_enabled == true ? 1 : 0
 #
 #   name                 = "${local.project_ita}-apim-snet"
@@ -34,7 +34,7 @@
 # }
 #
 # module "apim_stv2_snet" {
-#   source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet?ref=v8.5.0"
+#   source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet?ref=v8.13.0"
 #   count  = var.apim_enabled == true ? 1 : 0
 #
 #   name                 = "${local.project_ita}-apim-stv2-snet"
@@ -88,7 +88,7 @@
 # ###########################
 #
 # module "apim" {
-#   source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//api_management?ref=v8.5.0"
+#   source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//api_management?ref=v8.13.0"
 #   count  = var.apim_enabled == true ? 1 : 0
 #
 #   name = "${local.project_ita}-apim"

diff --git a/src/core/03_apim_api_configurations.tf b/src/core/03_apim_api_configurations.tf
@@ -5,7 +5,7 @@
 # module "apim_product_blueprint" {
 #   count = var.apim_enabled == true ? 1 : 0
 #
-#   source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//api_management_product?ref=v8.5.0"
+#   source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//api_management_product?ref=v8.13.0"
 #
 #   product_id   = "blueprint"
 #   display_name = "blueprint product"
@@ -35,7 +35,7 @@
 # # }
 #
 # module "apim_blueprint_status_v1" {
-#   source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//api_management_api?ref=v8.5.0"
+#   source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//api_management_api?ref=v8.13.0"
 #   count  = var.apim_enabled == true ? 1 : 0
 #
 #

diff --git a/src/core/04_azure_devops_agent.tf b/src/core/04_azure_devops_agent.tf
@@ -7,7 +7,7 @@ resource "azurerm_resource_group" "azdo_rg" {
 }
 
 module "azdoa_snet" {
-  source                                    = "git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet?ref=v8.5.0"
+  source                                    = "git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet?ref=v8.13.0"
   count                                     = var.enable_azdoa ? 1 : 0
   name                                      = local.azuredevops_subnet_name
   address_prefixes                          = var.cidr_subnet_azdoa
@@ -18,12 +18,11 @@ module "azdoa_snet" {
 
 
 module "azdoa_vmss_li" {
-  source              = "git::https://github.com/pagopa/terraform-azurerm-v3.git//azure_devops_agent?ref=v8.5.0"
+  source              = "git::https://github.com/pagopa/terraform-azurerm-v3.git//azure_devops_agent?ref=v8.13.0"
   count               = var.enable_azdoa ? 1 : 0
   name                = local.azuredevops_agent_vm_name
   resource_group_name = azurerm_resource_group.azdo_rg[0].name
   subnet_id           = module.azdoa_snet[0].id
-  subscription_name   = data.azurerm_subscription.current.display_name
   subscription_id     = data.azurerm_subscription.current.subscription_id
   location            = var.location_ita
   source_image_name   = var.azdoa_image_name

diff --git a/src/core/04_docker_registry.tf b/src/core/04_docker_registry.tf
@@ -5,7 +5,7 @@ resource "azurerm_resource_group" "rg_docker" {
 }
 
 module "container_registry_public" {
-  source              = "git::https://github.com/pagopa/terraform-azurerm-v3.git//container_registry?ref=v8.5.0"
+  source              = "git::https://github.com/pagopa/terraform-azurerm-v3.git//container_registry?ref=v8.13.0"
   name                = local.docker_registry_name
   resource_group_name = azurerm_resource_group.rg_docker.name
   location            = azurerm_resource_group.rg_docker.location

diff --git a/src/core/05_postgres_sql.tf b/src/core/05_postgres_sql.tf
@@ -114,7 +114,7 @@ resource "azurerm_resource_group" "data_rg" {
 
 ## Database subnet
 module "postgres_snet" {
-  source                                    = "git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet?ref=v8.5.0"
+  source                                    = "git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet?ref=v8.13.0"
   name                                      = "${local.project}-postgres-snet"
   address_prefixes                          = var.cidr_subnet_postgres
   resource_group_name                       = azurerm_resource_group.rg_ita_vnet.name
@@ -125,7 +125,7 @@ module "postgres_snet" {
 
 module "postgres" {
   count  = var.is_resource_core_enabled.postgresql_server ? 1 : 0
-  source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//postgresql_server?ref=v8.5.0"
+  source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//postgresql_server?ref=v8.13.0"
 
   name                = "${local.project}-postgres"
   location            = azurerm_resource_group.data_rg.location

diff --git a/src/core/08_redis.tf b/src/core/08_redis.tf
@@ -6,7 +6,7 @@ resource "azurerm_resource_group" "redis" {
 
 ## redisbase subnet
 module "redis_snet" {
-  source               = "git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet?ref=v8.5.0"
+  source               = "git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet?ref=v8.13.0"
   name                 = "${local.project_ita}-redis-snet"
   address_prefixes     = var.cidr_subnet_redis
   resource_group_name  = azurerm_resource_group.rg_ita_vnet.name
@@ -15,7 +15,7 @@ module "redis_snet" {
 
 module "redis" {
   count                 = var.redis_enabled ? 1 : 0
-  source                = "git::https://github.com/pagopa/terraform-azurerm-v3.git//redis_cache?ref=v8.5.0"
+  source                = "git::https://github.com/pagopa/terraform-azurerm-v3.git//redis_cache?ref=v8.13.0"
   name                  = "${local.project_ita}-redis"
   resource_group_name   = azurerm_resource_group.redis.name
   location              = azurerm_resource_group.redis.location

diff --git a/src/core/10_containers_app_tools.tf b/src/core/10_containers_app_tools.tf
@@ -13,7 +13,7 @@ resource "azurerm_subnet" "tools_cae_snet" {
 }
 
 module "container_app_environment" {
-  source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//container_app_environment_v2?ref=v8.5.0"
+  source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//container_app_environment_v2?ref=v8.13.0"
 
   resource_group_name        = azurerm_resource_group.tools_cae_rg.name
   location                   = azurerm_resource_group.tools_cae_rg.location

diff --git a/src/core/20_github_identity.tf b/src/core/20_github_identity.tf
@@ -33,7 +33,7 @@ locals {
 
 # create a module for each 20 repos
 module "identity_cd_01" {
-  source = "github.com/pagopa/terraform-azurerm-v3//github_federated_identity?ref=v8.5.0"
+  source = "github.com/pagopa/terraform-azurerm-v3//github_federated_identity?ref=v8.13.0"
   # pagopa-<ENV><DOMAIN>-<COUNTER>-github-<PERMS>-identity
   prefix    = var.prefix
   env_short = var.env_short