CIV-10543_master (#2798)

hmcts · Nov 2, 2023 · d75a988 · d75a988
1 parent 8c565de
commit d75a988
Show file tree

Hide file tree

Showing 3 changed files with 75 additions and 1 deletion.
diff --git a/infrastructure/main.tf b/infrastructure/main.tf
@@ -2,6 +2,13 @@ provider "azurerm" {
   features {}
 }
 
+provider "azurerm" {
+  features {}
+  skip_provider_registration = true
+  alias                      = "cft_vnet"
+  subscription_id            = var.aks_subscription_id
+}
+
 locals {
   vaultName = "${var.raw_product}-${var.env}"
 }
@@ -186,3 +193,56 @@ resource "azurerm_key_vault_secret" "appinsights_connection_string" {
   value        = data.azurerm_application_insights.cmc.connection_string
   key_vault_id = data.azurerm_key_vault.cmc_key_vault.id
 }
+
+
+# FlexiServer v15
+module "db-v15" {
+  providers = {
+    azurerm.postgres_network = azurerm.cft_vnet
+  }
+
+  source               = "git@github.com:hmcts/terraform-module-postgresql-flexible?ref=master"
+  admin_user_object_id = var.jenkins_AAD_objectId
+  business_area        = "CFT"
+  name                 = "cmc-db-v15"
+  product              = "${var.product}-db-v15"
+  env                  = var.env
+  component            = var.component
+  common_tags          = var.common_tags
+  pgsql_version        = 15
+
+
+  pgsql_databases = [
+      {
+        name    = var.database-name
+      }
+    ]
+  pgsql_server_configuration = [
+      {
+        name  = "azure.extensions"
+        value = "plpgsql,pg_stat_statements,pg_buffercache"
+      }
+    ]
+
+    pgsql_sku            = var.pgsql_sku
+    pgsql_storage_mb     = var.pgsql_storage_mb
+
+}
+
+resource "azurerm_key_vault_secret" "cmc-db-password-v15" {
+  name         = "cmc-db-password-v15"
+  value        = module.db-v15.password
+  key_vault_id = data.azurerm_key_vault.cmc_key_vault.id
+}
+
+resource "azurerm_key_vault_secret" "cmc-db-username-v15" {
+  name         = "cmc-db-username-v15"
+  value        = module.db-v15.username
+  key_vault_id = data.azurerm_key_vault.cmc_key_vault.id
+}
+
+resource "azurerm_key_vault_secret" "cmc-db-host-v15" {
+  name         = "cmc-db-host-v15"
+  value        = module.db-v15.fqdn
+  key_vault_id = data.azurerm_key_vault.cmc_key_vault.id
+}
diff --git a/infrastructure/state.tf b/infrastructure/state.tf
@@ -4,7 +4,7 @@ terraform {
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = "3.45.0"
+      version = "~> 3.0"
     }
     random = {
       source = "hashicorp/random"

diff --git a/infrastructure/variables.tf b/infrastructure/variables.tf
@@ -46,6 +46,8 @@ variable "tenant_id" {
 
 variable "subscription" {}
 
+variable "aks_subscription_id" {}
+
 variable "jenkins_AAD_objectId" {
   type                        = string
   description                 = "(Required) The Azure AD object ID of a user, service principal or security group in the Azure Active Directory tenant for the vault. The object ID must be unique for the list of access policies."
@@ -64,3 +66,15 @@ variable "appinsights_location" {
   default     = "West Europe"
   description = "Location for Application Insights"
 }
+
+
+variable "pgsql_sku" {
+  description = "The PGSql flexible server instance sku"
+  default     = "GP_Standard_D2s_v3"
+}
+
+variable "pgsql_storage_mb" {
+  description = "Max storage allowed for the PGSql Flexibile instance"
+  type        = number
+  default     = 65536
+}