From d75a988a3e6de6d879f43dd7dfe1a2efa7ab904b Mon Sep 17 00:00:00 2001 From: asthamalviya <104994907+asthamalviya@users.noreply.github.com> Date: Thu, 2 Nov 2023 09:05:29 +0000 Subject: [PATCH] CIV-10543_master (#2798) --- infrastructure/main.tf | 60 +++++++++++++++++++++++++++++++++++++ infrastructure/state.tf | 2 +- infrastructure/variables.tf | 14 +++++++++ 3 files changed, 75 insertions(+), 1 deletion(-) diff --git a/infrastructure/main.tf b/infrastructure/main.tf index f68a2d2944..61787d4f7b 100644 --- a/infrastructure/main.tf +++ b/infrastructure/main.tf @@ -2,6 +2,13 @@ provider "azurerm" { features {} } +provider "azurerm" { + features {} + skip_provider_registration = true + alias = "cft_vnet" + subscription_id = var.aks_subscription_id +} + locals { vaultName = "${var.raw_product}-${var.env}" } @@ -186,3 +193,56 @@ resource "azurerm_key_vault_secret" "appinsights_connection_string" { value = data.azurerm_application_insights.cmc.connection_string key_vault_id = data.azurerm_key_vault.cmc_key_vault.id } + + +# FlexiServer v15 +module "db-v15" { + providers = { + azurerm.postgres_network = azurerm.cft_vnet + } + + source = "git@github.com:hmcts/terraform-module-postgresql-flexible?ref=master" + admin_user_object_id = var.jenkins_AAD_objectId + business_area = "CFT" + name = "cmc-db-v15" + product = "${var.product}-db-v15" + env = var.env + component = var.component + common_tags = var.common_tags + pgsql_version = 15 + + + pgsql_databases = [ + { + name = var.database-name + } + ] + pgsql_server_configuration = [ + { + name = "azure.extensions" + value = "plpgsql,pg_stat_statements,pg_buffercache" + } + ] + + pgsql_sku = var.pgsql_sku + pgsql_storage_mb = var.pgsql_storage_mb + +} + +resource "azurerm_key_vault_secret" "cmc-db-password-v15" { + name = "cmc-db-password-v15" + value = module.db-v15.password + key_vault_id = data.azurerm_key_vault.cmc_key_vault.id +} + +resource "azurerm_key_vault_secret" "cmc-db-username-v15" { + name = "cmc-db-username-v15" + value = module.db-v15.username + key_vault_id = data.azurerm_key_vault.cmc_key_vault.id +} + +resource "azurerm_key_vault_secret" "cmc-db-host-v15" { + name = "cmc-db-host-v15" + value = module.db-v15.fqdn + key_vault_id = data.azurerm_key_vault.cmc_key_vault.id +} diff --git a/infrastructure/state.tf b/infrastructure/state.tf index 86bc161973..53d59a7394 100644 --- a/infrastructure/state.tf +++ b/infrastructure/state.tf @@ -4,7 +4,7 @@ terraform { required_providers { azurerm = { source = "hashicorp/azurerm" - version = "3.45.0" + version = "~> 3.0" } random = { source = "hashicorp/random" diff --git a/infrastructure/variables.tf b/infrastructure/variables.tf index 6d05a2844a..6913671bb4 100644 --- a/infrastructure/variables.tf +++ b/infrastructure/variables.tf @@ -46,6 +46,8 @@ variable "tenant_id" { variable "subscription" {} +variable "aks_subscription_id" {} + variable "jenkins_AAD_objectId" { type = string description = "(Required) The Azure AD object ID of a user, service principal or security group in the Azure Active Directory tenant for the vault. The object ID must be unique for the list of access policies." @@ -64,3 +66,15 @@ variable "appinsights_location" { default = "West Europe" description = "Location for Application Insights" } + + +variable "pgsql_sku" { + description = "The PGSql flexible server instance sku" + default = "GP_Standard_D2s_v3" +} + +variable "pgsql_storage_mb" { + description = "Max storage allowed for the PGSql Flexibile instance" + type = number + default = 65536 +}