From 65e2394c64e4f081d20a97a65609298d21666a40 Mon Sep 17 00:00:00 2001
From: Yongkiat Goh <yongkiat.goh@shopee.com>
Date: Fri, 4 Feb 2022 11:29:46 +0800
Subject: [PATCH 01/25] Initial commit

---
 .../workflows/terraform-create-resource.yml   |  39 ++
 .gitignore                                    |  31 ++
 terraform.patch                               | 400 ++++++++++++++++++
 .../.terraform.lock.hcl                       |  39 ++
 .../terraform-create-resource/cosmosdb.tf     |  43 ++
 .../terraform-create-resource/functionapp.tf  |  30 ++
 terraform/terraform-create-resource/main.tf   |  29 ++
 .../terraform-create-resource/storage.tf      |  14 +
 .../terraform-create-resource/variables.tf    |  11 +
 .../.terraform.lock.hcl                       |  39 ++
 terraform/terraform-remote-state/main.tf      |  18 +
 terraform/terraform-remote-state/storage.tf   |  18 +
 terraform/terraform-remote-state/variables.tf |   6 +
 13 files changed, 717 insertions(+)
 create mode 100644 .github/workflows/terraform-create-resource.yml
 create mode 100644 terraform.patch
 create mode 100644 terraform/terraform-create-resource/.terraform.lock.hcl
 create mode 100644 terraform/terraform-create-resource/cosmosdb.tf
 create mode 100644 terraform/terraform-create-resource/functionapp.tf
 create mode 100644 terraform/terraform-create-resource/main.tf
 create mode 100644 terraform/terraform-create-resource/storage.tf
 create mode 100644 terraform/terraform-create-resource/variables.tf
 create mode 100644 terraform/terraform-remote-state/.terraform.lock.hcl
 create mode 100644 terraform/terraform-remote-state/main.tf
 create mode 100644 terraform/terraform-remote-state/storage.tf
 create mode 100644 terraform/terraform-remote-state/variables.tf

diff --git a/.github/workflows/terraform-create-resource.yml b/.github/workflows/terraform-create-resource.yml
new file mode 100644
index 00000000..ced04bbb
--- /dev/null
+++ b/.github/workflows/terraform-create-resource.yml
@@ -0,0 +1,39 @@
+name: Terraform Create Azure Resource
+
+on:
+  push:
+    branches:
+      - master
+  pull_request:
+    branches: 
+      - master
+
+jobs:
+  terraform:
+    runs-on: ubuntu-latest
+    
+    env:
+      ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}
+      ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
+      ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
+      ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}
+      
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      - name: Terraform Init
+        run: terraform init
+        working-directory: ./terraform/terraform-create-resource
+
+      - name: Terraform Validate
+        run: terraform validate 
+        working-directory: ./terraform/terraform-create-resource
+
+      - name: Terraform Plan
+        run: terraform plan
+        working-directory: ./terraform/terraform-create-resource
+
+      - name: Terraform Apply
+        run: terraform apply -auto-approve
+        working-directory: ./terraform/terraform-create-resource
diff --git a/.gitignore b/.gitignore
index 8d85a6e2..93af0987 100644
--- a/.gitignore
+++ b/.gitignore
@@ -367,3 +367,34 @@ MigrationBackup/
 
 # Fody - auto-generated XML schema
 FodyWeavers.xsd
+
+# Local .terraform directories
+**/.terraform/*
+
+# .tfstate files
+*.tfstate
+*.tfstate.*
+
+# Crash log files
+crash.log
+
+# Exclude all .tfvars files, which are likely to contain sentitive data, such as
+# password, private keys, and other secrets. These should not be part of version
+# control as they are data points which are potentially sensitive and subject
+# to change depending on the environment.
+#
+*.tfvars
+
+# Ignore override files as they are usually used to override resources locally and so
+# are not checked in
+override.tf
+override.tf.json
+*_override.tf
+*_override.tf.json
+
+# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
+*tfplan*
+
+# Ignore CLI configuration files
+.terraformrc
+terraform.rc
diff --git a/terraform.patch b/terraform.patch
new file mode 100644
index 00000000..2a402183
--- /dev/null
+++ b/terraform.patch
@@ -0,0 +1,400 @@
+diff --git a/.github/workflows/terraform-create-resource.yml b/.github/workflows/terraform-create-resource.yml
+new file mode 100644
+index 0000000..ced04bb
+--- /dev/null
++++ b/.github/workflows/terraform-create-resource.yml
+@@ -0,0 +1,39 @@
++name: Terraform Create Azure Resource
++
++on:
++  push:
++    branches:
++      - master
++  pull_request:
++    branches: 
++      - master
++
++jobs:
++  terraform:
++    runs-on: ubuntu-latest
++    
++    env:
++      ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}
++      ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
++      ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
++      ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}
++      
++    steps:
++      - name: Checkout
++        uses: actions/checkout@v2
++
++      - name: Terraform Init
++        run: terraform init
++        working-directory: ./terraform/terraform-create-resource
++
++      - name: Terraform Validate
++        run: terraform validate 
++        working-directory: ./terraform/terraform-create-resource
++
++      - name: Terraform Plan
++        run: terraform plan
++        working-directory: ./terraform/terraform-create-resource
++
++      - name: Terraform Apply
++        run: terraform apply -auto-approve
++        working-directory: ./terraform/terraform-create-resource
+diff --git a/.gitignore b/.gitignore
+index b18efaa..5bb9714 100644
+--- a/.gitignore
++++ b/.gitignore
+@@ -362,4 +362,35 @@ MigrationBackup/
+ .ionide/
+ 
+ # Fody - auto-generated XML schema
+-FodyWeavers.xsd
+\ No newline at end of file
++FodyWeavers.xsd
++
++# Local .terraform directories
++**/.terraform/*
++
++# .tfstate files
++*.tfstate
++*.tfstate.*
++
++# Crash log files
++crash.log
++
++# Exclude all .tfvars files, which are likely to contain sentitive data, such as
++# password, private keys, and other secrets. These should not be part of version
++# control as they are data points which are potentially sensitive and subject
++# to change depending on the environment.
++#
++*.tfvars
++
++# Ignore override files as they are usually used to override resources locally and so
++# are not checked in
++override.tf
++override.tf.json
++*_override.tf
++*_override.tf.json
++
++# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
++*tfplan*
++
++# Ignore CLI configuration files
++.terraformrc
++terraform.rc
+\ No newline at end of file
+diff --git a/terraform/terraform-create-resource/.terraform.lock.hcl b/terraform/terraform-create-resource/.terraform.lock.hcl
+new file mode 100644
+index 0000000..27e76b0
+--- /dev/null
++++ b/terraform/terraform-create-resource/.terraform.lock.hcl
+@@ -0,0 +1,39 @@
++# This file is maintained automatically by "terraform init".
++# Manual edits may be lost in future updates.
++
++provider "registry.terraform.io/hashicorp/azurerm" {
++  version     = "2.84.0"
++  constraints = "~> 2.84.0"
++  hashes = [
++    "h1:jyvuROvM/4pyDA61Gq6F9pc3c0ofhgo22XEnlWwjxnE=",
++    "zh:172f9abac9765cd4412d192fbc33ce29ef45dde7865844d246d9a645e8bf52d1",
++    "zh:1b92d4262852169bcd1c7766047af5b5bdb64bd05d4be69dfa5078b83e0d5b30",
++    "zh:391fbe77d483120ed7954d4c88ed8d6668dad807f2b4dc8f4faeaffebcf83b49",
++    "zh:5623276a8e011b7275c0f3922ac3aab0659145fcfde4bb336dfa70150b4f5630",
++    "zh:6a8f73947379b9aed2f725ba5435210b1911339ccff925fe6d0c89125d3f0d7a",
++    "zh:89bac435268a41311559ee556ef4bc10a4d4d2ff0bcdbb38d4faf70cb5703600",
++    "zh:a672d23d1e937de9796971372f47dc0938f28764396b87595d0a2241fd9fefe3",
++    "zh:cebaaa78cec7fd9aedf56445931e0e3bfbbf5d75eedf8c2da5c6026819611eee",
++    "zh:e17b79121500fd70e226bd34a45b6fdb9d8699e41896fb3d57c66890fad54ae5",
++    "zh:ec2b5d259c1cd71b6f8401c6e2cc80229d04bb525c9e0561591c4d03683e241b",
++    "zh:f9a9011f0a076084511e1602d021bc5e1fb2465cf51e5b2037687a0bba31f811",
++  ]
++}
++
++provider "registry.terraform.io/hashicorp/random" {
++  version = "3.1.0"
++  hashes = [
++    "h1:rKYu5ZUbXwrLG1w81k7H3nce/Ys6yAxXhWcbtk36HjY=",
++    "zh:2bbb3339f0643b5daa07480ef4397bd23a79963cc364cdfbb4e86354cb7725bc",
++    "zh:3cd456047805bf639fbf2c761b1848880ea703a054f76db51852008b11008626",
++    "zh:4f251b0eda5bb5e3dc26ea4400dba200018213654b69b4a5f96abee815b4f5ff",
++    "zh:7011332745ea061e517fe1319bd6c75054a314155cb2c1199a5b01fe1889a7e2",
++    "zh:738ed82858317ccc246691c8b85995bc125ac3b4143043219bd0437adc56c992",
++    "zh:7dbe52fac7bb21227acd7529b487511c91f4107db9cc4414f50d04ffc3cab427",
++    "zh:a3a9251fb15f93e4cfc1789800fc2d7414bbc18944ad4c5c98f466e6477c42bc",
++    "zh:a543ec1a3a8c20635cf374110bd2f87c07374cf2c50617eee2c669b3ceeeaa9f",
++    "zh:d9ab41d556a48bd7059f0810cf020500635bfc696c9fc3adab5ea8915c1d886b",
++    "zh:d9e13427a7d011dbd654e591b0337e6074eef8c3b9bb11b2e39eaaf257044fd7",
++    "zh:f7605bd1437752114baf601bdf6931debe6dc6bfe3006eb7e9bb9080931dca8a",
++  ]
++}
+diff --git a/terraform/terraform-create-resource/cosmosdb.tf b/terraform/terraform-create-resource/cosmosdb.tf
+new file mode 100644
+index 0000000..7504e93
+--- /dev/null
++++ b/terraform/terraform-create-resource/cosmosdb.tf
+@@ -0,0 +1,43 @@
++# azurerm_cosmosdb_account.db:
++resource "azurerm_cosmosdb_account" "db" {
++    access_key_metadata_writes_enabled    = true
++    analytical_storage_enabled            = false
++    enable_automatic_failover             = false
++    # Only one free tier cosmosDB per subscription
++    # enable_free_tier                      = true
++    enable_multiple_write_locations       = false
++    is_virtual_network_filter_enabled     = false
++    kind                                  = "GlobalDocumentDB"
++    local_authentication_disabled         = false
++    location                              = "southeastasia"
++    name                                  = "${var.prefix}-couple-management-storage"
++    network_acl_bypass_for_azure_services = false
++    network_acl_bypass_ids                = []
++    offer_type                            = "Standard"
++    public_network_access_enabled         = true
++    resource_group_name                   = azurerm_resource_group.rg.name
++
++    capabilities {
++    name = "EnableServerless"
++    }
++
++    backup {
++        interval_in_minutes = 240
++        retention_in_hours  = 8
++        type                = "Periodic"
++    }
++
++    consistency_policy {
++        consistency_level       = "ConsistentPrefix"
++        max_interval_in_seconds = 5
++        max_staleness_prefix    = 100
++    }
++
++    geo_location {
++        failover_priority = 0
++        location          = "southeastasia"
++        zone_redundant    = false
++    }
++
++    timeouts {}
++}
+\ No newline at end of file
+diff --git a/terraform/terraform-create-resource/functionapp.tf b/terraform/terraform-create-resource/functionapp.tf
+new file mode 100644
+index 0000000..d91ff15
+--- /dev/null
++++ b/terraform/terraform-create-resource/functionapp.tf
+@@ -0,0 +1,30 @@
++resource "azurerm_app_service_plan" "asp" {
++  name                = "${var.prefix}-service-plan"
++  location            = azurerm_resource_group.rg.location
++  resource_group_name = azurerm_resource_group.rg.name
++  kind                = "FunctionApp"
++
++  sku {
++    tier = "Dynamic"
++    size = "Y1"
++  }
++}
++
++resource "azurerm_function_app" "fa" {
++  name                       = "${var.prefix}-change-event"
++  location                   = azurerm_resource_group.rg.location
++  resource_group_name        = azurerm_resource_group.rg.name
++  app_service_plan_id        = azurerm_app_service_plan.asp.id
++  storage_account_name       = azurerm_storage_account.storage.name
++  storage_account_access_key = azurerm_storage_account.storage.primary_access_key
++
++  app_settings = {
++    "AccountEndpoint"           = azurerm_cosmosdb_account.db.endpoint
++    "AccountKey"                = azurerm_cosmosdb_account.db.primary_key
++    "DatabaseConnectionString"  = azurerm_cosmosdb_account.db.connection_strings[0]
++    "DatabaseName"              = "database"
++    "ImagesConnectionString"    = "DefaultEndpointsProtocol=https;AccountName=${azurerm_storage_account.storage.name};AccountKey=${azurerm_storage_account.storage.primary_access_key};EndpointSuffix=core.windows.net"
++    "FUNCTIONS_WORKER_RUNTIME"  = "dotnet"
++    "WEBSITE_RUN_FROM_PACKAGE"  = "1"
++  }
++}
+\ No newline at end of file
+diff --git a/terraform/terraform-create-resource/main.tf b/terraform/terraform-create-resource/main.tf
+new file mode 100644
+index 0000000..dc76eaa
+--- /dev/null
++++ b/terraform/terraform-create-resource/main.tf
+@@ -0,0 +1,29 @@
++terraform {
++  required_version = ">=0.12"
++  required_providers {
++    azurerm = {
++      source = "hashicorp/azurerm"
++      version = "~>2.84.0"
++    }
++  }
++
++  backend "azurerm" {
++        resource_group_name  = "StateResource"
++        storage_account_name = "couplemgmtstates"
++        container_name       = "tfstates"
++        key                  = "test.terraform.tfstate"
++    }
++}
++
++resource "random_uuid" "test" {
++}
++
++resource "azurerm_resource_group" "rg" {
++  name      = "${random_uuid.test.result}-rg-${var.prefix}"
++  location  = var.location
++}
++
++provider "azurerm" {
++  features {}
++}
++
+diff --git a/terraform/terraform-create-resource/storage.tf b/terraform/terraform-create-resource/storage.tf
+new file mode 100644
+index 0000000..0af7305
+--- /dev/null
++++ b/terraform/terraform-create-resource/storage.tf
+@@ -0,0 +1,14 @@
++resource "azurerm_storage_account" "storage" {
++  name                      = "${var.prefix}couplemgmtstorage"
++  resource_group_name       = azurerm_resource_group.rg.name
++  location                  = "southeastasia"
++  account_tier              = "Standard"
++  account_replication_type  = "LRS"
++  allow_blob_public_access  = true
++}
++
++resource "azurerm_storage_container" "images" {
++  name                  = "images"
++  storage_account_name  = azurerm_storage_account.storage.name
++  container_access_type = "private"
++}
+diff --git a/terraform/terraform-create-resource/variables.tf b/terraform/terraform-create-resource/variables.tf
+new file mode 100644
+index 0000000..7a57d5b
+--- /dev/null
++++ b/terraform/terraform-create-resource/variables.tf
+@@ -0,0 +1,11 @@
++variable "prefix" {
++  default       = "test"
++}
++
++
++# Shortnames for regions can be found here:
++# https://github.com/claranet/terraform-azurerm-regions/blob/master/REGIONS.md
++variable "location" {
++  default = "southeastasia"
++  description   = "Location of the resource group."
++}
+\ No newline at end of file
+diff --git a/terraform/terraform-remote-state/.terraform.lock.hcl b/terraform/terraform-remote-state/.terraform.lock.hcl
+new file mode 100644
+index 0000000..72d84f3
+--- /dev/null
++++ b/terraform/terraform-remote-state/.terraform.lock.hcl
+@@ -0,0 +1,39 @@
++# This file is maintained automatically by "terraform init".
++# Manual edits may be lost in future updates.
++
++provider "registry.terraform.io/hashicorp/azurerm" {
++  version     = "2.84.0"
++  constraints = "~> 2.0"
++  hashes = [
++    "h1:jyvuROvM/4pyDA61Gq6F9pc3c0ofhgo22XEnlWwjxnE=",
++    "zh:172f9abac9765cd4412d192fbc33ce29ef45dde7865844d246d9a645e8bf52d1",
++    "zh:1b92d4262852169bcd1c7766047af5b5bdb64bd05d4be69dfa5078b83e0d5b30",
++    "zh:391fbe77d483120ed7954d4c88ed8d6668dad807f2b4dc8f4faeaffebcf83b49",
++    "zh:5623276a8e011b7275c0f3922ac3aab0659145fcfde4bb336dfa70150b4f5630",
++    "zh:6a8f73947379b9aed2f725ba5435210b1911339ccff925fe6d0c89125d3f0d7a",
++    "zh:89bac435268a41311559ee556ef4bc10a4d4d2ff0bcdbb38d4faf70cb5703600",
++    "zh:a672d23d1e937de9796971372f47dc0938f28764396b87595d0a2241fd9fefe3",
++    "zh:cebaaa78cec7fd9aedf56445931e0e3bfbbf5d75eedf8c2da5c6026819611eee",
++    "zh:e17b79121500fd70e226bd34a45b6fdb9d8699e41896fb3d57c66890fad54ae5",
++    "zh:ec2b5d259c1cd71b6f8401c6e2cc80229d04bb525c9e0561591c4d03683e241b",
++    "zh:f9a9011f0a076084511e1602d021bc5e1fb2465cf51e5b2037687a0bba31f811",
++  ]
++}
++
++provider "registry.terraform.io/hashicorp/random" {
++  version = "3.1.0"
++  hashes = [
++    "h1:rKYu5ZUbXwrLG1w81k7H3nce/Ys6yAxXhWcbtk36HjY=",
++    "zh:2bbb3339f0643b5daa07480ef4397bd23a79963cc364cdfbb4e86354cb7725bc",
++    "zh:3cd456047805bf639fbf2c761b1848880ea703a054f76db51852008b11008626",
++    "zh:4f251b0eda5bb5e3dc26ea4400dba200018213654b69b4a5f96abee815b4f5ff",
++    "zh:7011332745ea061e517fe1319bd6c75054a314155cb2c1199a5b01fe1889a7e2",
++    "zh:738ed82858317ccc246691c8b85995bc125ac3b4143043219bd0437adc56c992",
++    "zh:7dbe52fac7bb21227acd7529b487511c91f4107db9cc4414f50d04ffc3cab427",
++    "zh:a3a9251fb15f93e4cfc1789800fc2d7414bbc18944ad4c5c98f466e6477c42bc",
++    "zh:a543ec1a3a8c20635cf374110bd2f87c07374cf2c50617eee2c669b3ceeeaa9f",
++    "zh:d9ab41d556a48bd7059f0810cf020500635bfc696c9fc3adab5ea8915c1d886b",
++    "zh:d9e13427a7d011dbd654e591b0337e6074eef8c3b9bb11b2e39eaaf257044fd7",
++    "zh:f7605bd1437752114baf601bdf6931debe6dc6bfe3006eb7e9bb9080931dca8a",
++  ]
++}
+diff --git a/terraform/terraform-remote-state/main.tf b/terraform/terraform-remote-state/main.tf
+new file mode 100644
+index 0000000..df818c0
+--- /dev/null
++++ b/terraform/terraform-remote-state/main.tf
+@@ -0,0 +1,18 @@
++terraform {
++  required_version = ">=0.12"
++  required_providers {
++    azurerm = {
++      source = "hashicorp/azurerm"
++      version = "~>2.84.0"
++    }
++  }
++}
++
++provider "azurerm" {
++  features {}
++}
++
++resource "azurerm_resource_group" "rg" {
++  name      = "StateResource"
++  location  = var.location
++}
+diff --git a/terraform/terraform-remote-state/storage.tf b/terraform/terraform-remote-state/storage.tf
+new file mode 100644
+index 0000000..cea9c17
+--- /dev/null
++++ b/terraform/terraform-remote-state/storage.tf
+@@ -0,0 +1,18 @@
++resource "azurerm_storage_account" "storageAccount" {
++    name                     = "couplemgmtstates"
++    resource_group_name      = azurerm_resource_group.rg.name
++    location                 = azurerm_resource_group.rg.location
++    account_tier             = "Standard"
++    account_replication_type = "LRS"
++    account_kind             = "StorageV2"
++    access_tier              = "Hot"
++    allow_blob_public_access = true
++
++    timeouts {}
++}
++
++resource "azurerm_storage_container" "storageContainer" {
++  name                  = "tfstates"
++  storage_account_name  = azurerm_storage_account.storageAccount.name
++  container_access_type = "blob"
++}
+\ No newline at end of file
+diff --git a/terraform/terraform-remote-state/variables.tf b/terraform/terraform-remote-state/variables.tf
+new file mode 100644
+index 0000000..fb369c9
+--- /dev/null
++++ b/terraform/terraform-remote-state/variables.tf
+@@ -0,0 +1,6 @@
++# Shortnames for regions can be found here:
++# https://github.com/claranet/terraform-azurerm-regions/blob/master/REGIONS.md
++variable "location" {
++  default = "southeastasia"
++  description   = "Location of the resource group."
++}
+\ No newline at end of file
diff --git a/terraform/terraform-create-resource/.terraform.lock.hcl b/terraform/terraform-create-resource/.terraform.lock.hcl
new file mode 100644
index 00000000..27e76b08
--- /dev/null
+++ b/terraform/terraform-create-resource/.terraform.lock.hcl
@@ -0,0 +1,39 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/hashicorp/azurerm" {
+  version     = "2.84.0"
+  constraints = "~> 2.84.0"
+  hashes = [
+    "h1:jyvuROvM/4pyDA61Gq6F9pc3c0ofhgo22XEnlWwjxnE=",
+    "zh:172f9abac9765cd4412d192fbc33ce29ef45dde7865844d246d9a645e8bf52d1",
+    "zh:1b92d4262852169bcd1c7766047af5b5bdb64bd05d4be69dfa5078b83e0d5b30",
+    "zh:391fbe77d483120ed7954d4c88ed8d6668dad807f2b4dc8f4faeaffebcf83b49",
+    "zh:5623276a8e011b7275c0f3922ac3aab0659145fcfde4bb336dfa70150b4f5630",
+    "zh:6a8f73947379b9aed2f725ba5435210b1911339ccff925fe6d0c89125d3f0d7a",
+    "zh:89bac435268a41311559ee556ef4bc10a4d4d2ff0bcdbb38d4faf70cb5703600",
+    "zh:a672d23d1e937de9796971372f47dc0938f28764396b87595d0a2241fd9fefe3",
+    "zh:cebaaa78cec7fd9aedf56445931e0e3bfbbf5d75eedf8c2da5c6026819611eee",
+    "zh:e17b79121500fd70e226bd34a45b6fdb9d8699e41896fb3d57c66890fad54ae5",
+    "zh:ec2b5d259c1cd71b6f8401c6e2cc80229d04bb525c9e0561591c4d03683e241b",
+    "zh:f9a9011f0a076084511e1602d021bc5e1fb2465cf51e5b2037687a0bba31f811",
+  ]
+}
+
+provider "registry.terraform.io/hashicorp/random" {
+  version = "3.1.0"
+  hashes = [
+    "h1:rKYu5ZUbXwrLG1w81k7H3nce/Ys6yAxXhWcbtk36HjY=",
+    "zh:2bbb3339f0643b5daa07480ef4397bd23a79963cc364cdfbb4e86354cb7725bc",
+    "zh:3cd456047805bf639fbf2c761b1848880ea703a054f76db51852008b11008626",
+    "zh:4f251b0eda5bb5e3dc26ea4400dba200018213654b69b4a5f96abee815b4f5ff",
+    "zh:7011332745ea061e517fe1319bd6c75054a314155cb2c1199a5b01fe1889a7e2",
+    "zh:738ed82858317ccc246691c8b85995bc125ac3b4143043219bd0437adc56c992",
+    "zh:7dbe52fac7bb21227acd7529b487511c91f4107db9cc4414f50d04ffc3cab427",
+    "zh:a3a9251fb15f93e4cfc1789800fc2d7414bbc18944ad4c5c98f466e6477c42bc",
+    "zh:a543ec1a3a8c20635cf374110bd2f87c07374cf2c50617eee2c669b3ceeeaa9f",
+    "zh:d9ab41d556a48bd7059f0810cf020500635bfc696c9fc3adab5ea8915c1d886b",
+    "zh:d9e13427a7d011dbd654e591b0337e6074eef8c3b9bb11b2e39eaaf257044fd7",
+    "zh:f7605bd1437752114baf601bdf6931debe6dc6bfe3006eb7e9bb9080931dca8a",
+  ]
+}
diff --git a/terraform/terraform-create-resource/cosmosdb.tf b/terraform/terraform-create-resource/cosmosdb.tf
new file mode 100644
index 00000000..7504e933
--- /dev/null
+++ b/terraform/terraform-create-resource/cosmosdb.tf
@@ -0,0 +1,43 @@
+# azurerm_cosmosdb_account.db:
+resource "azurerm_cosmosdb_account" "db" {
+    access_key_metadata_writes_enabled    = true
+    analytical_storage_enabled            = false
+    enable_automatic_failover             = false
+    # Only one free tier cosmosDB per subscription
+    # enable_free_tier                      = true
+    enable_multiple_write_locations       = false
+    is_virtual_network_filter_enabled     = false
+    kind                                  = "GlobalDocumentDB"
+    local_authentication_disabled         = false
+    location                              = "southeastasia"
+    name                                  = "${var.prefix}-couple-management-storage"
+    network_acl_bypass_for_azure_services = false
+    network_acl_bypass_ids                = []
+    offer_type                            = "Standard"
+    public_network_access_enabled         = true
+    resource_group_name                   = azurerm_resource_group.rg.name
+
+    capabilities {
+    name = "EnableServerless"
+    }
+
+    backup {
+        interval_in_minutes = 240
+        retention_in_hours  = 8
+        type                = "Periodic"
+    }
+
+    consistency_policy {
+        consistency_level       = "ConsistentPrefix"
+        max_interval_in_seconds = 5
+        max_staleness_prefix    = 100
+    }
+
+    geo_location {
+        failover_priority = 0
+        location          = "southeastasia"
+        zone_redundant    = false
+    }
+
+    timeouts {}
+}
\ No newline at end of file
diff --git a/terraform/terraform-create-resource/functionapp.tf b/terraform/terraform-create-resource/functionapp.tf
new file mode 100644
index 00000000..d91ff15d
--- /dev/null
+++ b/terraform/terraform-create-resource/functionapp.tf
@@ -0,0 +1,30 @@
+resource "azurerm_app_service_plan" "asp" {
+  name                = "${var.prefix}-service-plan"
+  location            = azurerm_resource_group.rg.location
+  resource_group_name = azurerm_resource_group.rg.name
+  kind                = "FunctionApp"
+
+  sku {
+    tier = "Dynamic"
+    size = "Y1"
+  }
+}
+
+resource "azurerm_function_app" "fa" {
+  name                       = "${var.prefix}-change-event"
+  location                   = azurerm_resource_group.rg.location
+  resource_group_name        = azurerm_resource_group.rg.name
+  app_service_plan_id        = azurerm_app_service_plan.asp.id
+  storage_account_name       = azurerm_storage_account.storage.name
+  storage_account_access_key = azurerm_storage_account.storage.primary_access_key
+
+  app_settings = {
+    "AccountEndpoint"           = azurerm_cosmosdb_account.db.endpoint
+    "AccountKey"                = azurerm_cosmosdb_account.db.primary_key
+    "DatabaseConnectionString"  = azurerm_cosmosdb_account.db.connection_strings[0]
+    "DatabaseName"              = "database"
+    "ImagesConnectionString"    = "DefaultEndpointsProtocol=https;AccountName=${azurerm_storage_account.storage.name};AccountKey=${azurerm_storage_account.storage.primary_access_key};EndpointSuffix=core.windows.net"
+    "FUNCTIONS_WORKER_RUNTIME"  = "dotnet"
+    "WEBSITE_RUN_FROM_PACKAGE"  = "1"
+  }
+}
\ No newline at end of file
diff --git a/terraform/terraform-create-resource/main.tf b/terraform/terraform-create-resource/main.tf
new file mode 100644
index 00000000..dc76eaa0
--- /dev/null
+++ b/terraform/terraform-create-resource/main.tf
@@ -0,0 +1,29 @@
+terraform {
+  required_version = ">=0.12"
+  required_providers {
+    azurerm = {
+      source = "hashicorp/azurerm"
+      version = "~>2.84.0"
+    }
+  }
+
+  backend "azurerm" {
+        resource_group_name  = "StateResource"
+        storage_account_name = "couplemgmtstates"
+        container_name       = "tfstates"
+        key                  = "test.terraform.tfstate"
+    }
+}
+
+resource "random_uuid" "test" {
+}
+
+resource "azurerm_resource_group" "rg" {
+  name      = "${random_uuid.test.result}-rg-${var.prefix}"
+  location  = var.location
+}
+
+provider "azurerm" {
+  features {}
+}
+
diff --git a/terraform/terraform-create-resource/storage.tf b/terraform/terraform-create-resource/storage.tf
new file mode 100644
index 00000000..0af7305f
--- /dev/null
+++ b/terraform/terraform-create-resource/storage.tf
@@ -0,0 +1,14 @@
+resource "azurerm_storage_account" "storage" {
+  name                      = "${var.prefix}couplemgmtstorage"
+  resource_group_name       = azurerm_resource_group.rg.name
+  location                  = "southeastasia"
+  account_tier              = "Standard"
+  account_replication_type  = "LRS"
+  allow_blob_public_access  = true
+}
+
+resource "azurerm_storage_container" "images" {
+  name                  = "images"
+  storage_account_name  = azurerm_storage_account.storage.name
+  container_access_type = "private"
+}
diff --git a/terraform/terraform-create-resource/variables.tf b/terraform/terraform-create-resource/variables.tf
new file mode 100644
index 00000000..7a57d5bf
--- /dev/null
+++ b/terraform/terraform-create-resource/variables.tf
@@ -0,0 +1,11 @@
+variable "prefix" {
+  default       = "test"
+}
+
+
+# Shortnames for regions can be found here:
+# https://github.com/claranet/terraform-azurerm-regions/blob/master/REGIONS.md
+variable "location" {
+  default = "southeastasia"
+  description   = "Location of the resource group."
+}
\ No newline at end of file
diff --git a/terraform/terraform-remote-state/.terraform.lock.hcl b/terraform/terraform-remote-state/.terraform.lock.hcl
new file mode 100644
index 00000000..72d84f32
--- /dev/null
+++ b/terraform/terraform-remote-state/.terraform.lock.hcl
@@ -0,0 +1,39 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/hashicorp/azurerm" {
+  version     = "2.84.0"
+  constraints = "~> 2.0"
+  hashes = [
+    "h1:jyvuROvM/4pyDA61Gq6F9pc3c0ofhgo22XEnlWwjxnE=",
+    "zh:172f9abac9765cd4412d192fbc33ce29ef45dde7865844d246d9a645e8bf52d1",
+    "zh:1b92d4262852169bcd1c7766047af5b5bdb64bd05d4be69dfa5078b83e0d5b30",
+    "zh:391fbe77d483120ed7954d4c88ed8d6668dad807f2b4dc8f4faeaffebcf83b49",
+    "zh:5623276a8e011b7275c0f3922ac3aab0659145fcfde4bb336dfa70150b4f5630",
+    "zh:6a8f73947379b9aed2f725ba5435210b1911339ccff925fe6d0c89125d3f0d7a",
+    "zh:89bac435268a41311559ee556ef4bc10a4d4d2ff0bcdbb38d4faf70cb5703600",
+    "zh:a672d23d1e937de9796971372f47dc0938f28764396b87595d0a2241fd9fefe3",
+    "zh:cebaaa78cec7fd9aedf56445931e0e3bfbbf5d75eedf8c2da5c6026819611eee",
+    "zh:e17b79121500fd70e226bd34a45b6fdb9d8699e41896fb3d57c66890fad54ae5",
+    "zh:ec2b5d259c1cd71b6f8401c6e2cc80229d04bb525c9e0561591c4d03683e241b",
+    "zh:f9a9011f0a076084511e1602d021bc5e1fb2465cf51e5b2037687a0bba31f811",
+  ]
+}
+
+provider "registry.terraform.io/hashicorp/random" {
+  version = "3.1.0"
+  hashes = [
+    "h1:rKYu5ZUbXwrLG1w81k7H3nce/Ys6yAxXhWcbtk36HjY=",
+    "zh:2bbb3339f0643b5daa07480ef4397bd23a79963cc364cdfbb4e86354cb7725bc",
+    "zh:3cd456047805bf639fbf2c761b1848880ea703a054f76db51852008b11008626",
+    "zh:4f251b0eda5bb5e3dc26ea4400dba200018213654b69b4a5f96abee815b4f5ff",
+    "zh:7011332745ea061e517fe1319bd6c75054a314155cb2c1199a5b01fe1889a7e2",
+    "zh:738ed82858317ccc246691c8b85995bc125ac3b4143043219bd0437adc56c992",
+    "zh:7dbe52fac7bb21227acd7529b487511c91f4107db9cc4414f50d04ffc3cab427",
+    "zh:a3a9251fb15f93e4cfc1789800fc2d7414bbc18944ad4c5c98f466e6477c42bc",
+    "zh:a543ec1a3a8c20635cf374110bd2f87c07374cf2c50617eee2c669b3ceeeaa9f",
+    "zh:d9ab41d556a48bd7059f0810cf020500635bfc696c9fc3adab5ea8915c1d886b",
+    "zh:d9e13427a7d011dbd654e591b0337e6074eef8c3b9bb11b2e39eaaf257044fd7",
+    "zh:f7605bd1437752114baf601bdf6931debe6dc6bfe3006eb7e9bb9080931dca8a",
+  ]
+}
diff --git a/terraform/terraform-remote-state/main.tf b/terraform/terraform-remote-state/main.tf
new file mode 100644
index 00000000..df818c0a
--- /dev/null
+++ b/terraform/terraform-remote-state/main.tf
@@ -0,0 +1,18 @@
+terraform {
+  required_version = ">=0.12"
+  required_providers {
+    azurerm = {
+      source = "hashicorp/azurerm"
+      version = "~>2.84.0"
+    }
+  }
+}
+
+provider "azurerm" {
+  features {}
+}
+
+resource "azurerm_resource_group" "rg" {
+  name      = "StateResource"
+  location  = var.location
+}
diff --git a/terraform/terraform-remote-state/storage.tf b/terraform/terraform-remote-state/storage.tf
new file mode 100644
index 00000000..cea9c171
--- /dev/null
+++ b/terraform/terraform-remote-state/storage.tf
@@ -0,0 +1,18 @@
+resource "azurerm_storage_account" "storageAccount" {
+    name                     = "couplemgmtstates"
+    resource_group_name      = azurerm_resource_group.rg.name
+    location                 = azurerm_resource_group.rg.location
+    account_tier             = "Standard"
+    account_replication_type = "LRS"
+    account_kind             = "StorageV2"
+    access_tier              = "Hot"
+    allow_blob_public_access = true
+
+    timeouts {}
+}
+
+resource "azurerm_storage_container" "storageContainer" {
+  name                  = "tfstates"
+  storage_account_name  = azurerm_storage_account.storageAccount.name
+  container_access_type = "blob"
+}
\ No newline at end of file
diff --git a/terraform/terraform-remote-state/variables.tf b/terraform/terraform-remote-state/variables.tf
new file mode 100644
index 00000000..fb369c95
--- /dev/null
+++ b/terraform/terraform-remote-state/variables.tf
@@ -0,0 +1,6 @@
+# Shortnames for regions can be found here:
+# https://github.com/claranet/terraform-azurerm-regions/blob/master/REGIONS.md
+variable "location" {
+  default = "southeastasia"
+  description   = "Location of the resource group."
+}
\ No newline at end of file

From 890ba5891ca673dbb17368dcb4836b31dfbfcadd Mon Sep 17 00:00:00 2001
From: Yongkiat Goh <yongkiat.goh@shopee.com>
Date: Sat, 19 Feb 2022 12:51:08 +0800
Subject: [PATCH 02/25] Change publish profile reference

---
 .github/workflows/azure-messaging-function.yml  | 10 ++++++++--
 .github/workflows/terraform-create-resource.yml |  9 +++++++++
 terraform/terraform-create-resource/main.tf     |  4 ++++
 3 files changed, 21 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/azure-messaging-function.yml b/.github/workflows/azure-messaging-function.yml
index a858faac..6f40963a 100644
--- a/.github/workflows/azure-messaging-function.yml
+++ b/.github/workflows/azure-messaging-function.yml
@@ -29,10 +29,16 @@ jobs:
           dotnet build --configuration Release --output ./output
           popd
 
-      - name: 'Deploy'
+      - name: Get Pubilsh Profile
+        id: getPublishProfile
+        run: |
+          echo "::set-output name=PUBLISH_PROFILE::$(az webapp deployment list-publishing-profiles -g '${{ needs.terraform.outputs.rgName }}' -n 'app-service-name' --xml)"
+        
+
+      - name: 'Run Azure Functions Action'
         uses: Azure/functions-action@v1
         id: fa
         with:
           app-name: ${{ env.AZURE_FUNCTIONAPP_NAME }}
           package: '${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }}/output'
-          publish-profile: ${{ secrets.AZURE_MESSAGING_FUNCTIONAPP_PUBLISH_PROFILE }}
+          publish-profile: ${{ steps.getPublishProfile.outputs.PUBLISH_PROFILE }}
diff --git a/.github/workflows/terraform-create-resource.yml b/.github/workflows/terraform-create-resource.yml
index ced04bbb..c40e7f6b 100644
--- a/.github/workflows/terraform-create-resource.yml
+++ b/.github/workflows/terraform-create-resource.yml
@@ -17,6 +17,9 @@ jobs:
       ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
       ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
       ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}
+
+    outputs:
+      rgName: ${{ steps.getResourceGroupName.outputs.rgName }}
       
     steps:
       - name: Checkout
@@ -37,3 +40,9 @@ jobs:
       - name: Terraform Apply
         run: terraform apply -auto-approve
         working-directory: ./terraform/terraform-create-resource
+
+      - name: Get Resource Group name
+        id: getResourceGroupName
+        run: |
+          echo "::set-output name=rgName::$(terraform output -raw rgName)"
+        
diff --git a/terraform/terraform-create-resource/main.tf b/terraform/terraform-create-resource/main.tf
index dc76eaa0..66a8c19c 100644
--- a/terraform/terraform-create-resource/main.tf
+++ b/terraform/terraform-create-resource/main.tf
@@ -27,3 +27,7 @@ provider "azurerm" {
   features {}
 }
 
+output "rgName" {
+  value = azurerm_resource_group.rg.name
+}
+

From 22a3ece06e391eccfb229a6d51aa44a954636c4e Mon Sep 17 00:00:00 2001
From: Yongkiat Goh <yongkiat.goh@shopee.com>
Date: Tue, 1 Mar 2022 00:06:26 +0800
Subject: [PATCH 03/25] Add workflow job dependencies

---
 .github/workflows/dotnet-deploy-workflow.yml | 87 ++++++++++++++++++++
 1 file changed, 87 insertions(+)
 create mode 100644 .github/workflows/dotnet-deploy-workflow.yml

diff --git a/.github/workflows/dotnet-deploy-workflow.yml b/.github/workflows/dotnet-deploy-workflow.yml
new file mode 100644
index 00000000..f08cc219
--- /dev/null
+++ b/.github/workflows/dotnet-deploy-workflow.yml
@@ -0,0 +1,87 @@
+name: Deploy DotNet project
+
+on:
+  push:
+    branches:
+      - master
+  pull_request:
+    branches: 
+      - master
+
+jobs:
+  terraform-create:
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        working-directory: ./terraform/terraform-create-resource
+    env:
+      ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}
+      ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
+      ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
+      ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}
+
+      AZURE_FUNCTIONAPP_NAME: change-event
+      AZURE_FUNCTIONAPP_PACKAGE_PATH: 'Messaging'
+      DOTNET_VERSION: '6.0.x'
+
+    outputs:
+      rgName: ${{ steps.getResourceGroupName.outputs.rgName }}
+      
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      - name: Terraform Init
+        run: terraform init
+
+      - name: Terraform Validate
+        run: terraform validate 
+
+      - name: Terraform Plan
+        run: terraform plan
+
+      - name: Terraform Apply
+        run: terraform apply -auto-approve
+
+      - name: Get Resource Group name
+        id: getResourceGroupName
+        run: |
+          echo "::set-output name=rgName::$(terraform output -raw rgName)"
+  
+  fa-build-and-deploy:
+    needs: terraform-create
+    runs-on: ubuntu-latest
+    env:
+      AZURE_FUNCTIONAPP_NAME: change-event
+      AZURE_FUNCTIONAPP_PACKAGE_PATH: 'Messaging'
+      DOTNET_VERSION: '6.0.x'
+
+    steps:
+      - name: 'Checkout GitHub Action'
+        uses: actions/checkout@v2
+
+      - name: Setup DotNet ${{ env.DOTNET_VERSION }} Environment
+        uses: actions/setup-dotnet@v1
+        with:
+          dotnet-version: ${{ env.DOTNET_VERSION }}
+
+      - name: 'Resolve Project Dependencies Using Dotnet'
+        shell: bash
+        run: |
+          pushd './${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }}'
+          dotnet build --configuration Release --output ./output
+          popd
+
+      - name: Get Pubilsh Profile
+        id: getPublishProfile
+        run: |
+          echo "::set-output name=PUBLISH_PROFILE::$(az webapp deployment list-publishing-profiles -g '${{ needs.terraform-create.outputs.rgName }}' -n '${{ env.AZURE_FUNCTIONAPP_NAME }}' --xml)"
+        
+
+      - name: 'Run Azure Functions Action'
+        uses: Azure/functions-action@v1
+        id: fa
+        with:
+          app-name: ${{ env.AZURE_FUNCTIONAPP_NAME }}
+          package: '${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }}/output'
+          publish-profile: ${{ steps.getPublishProfile.outputs.PUBLISH_PROFILE }}
\ No newline at end of file

From ca49b09260cd4efae9f3853d59abf158aa9af23a Mon Sep 17 00:00:00 2001
From: Yongkiat Goh <yongkiat.goh@shopee.com>
Date: Tue, 1 Mar 2022 00:36:45 +0800
Subject: [PATCH 04/25] Update ARM env scope

---
 .github/workflows/dotnet-deploy-workflow.yml | 20 ++++++++------------
 1 file changed, 8 insertions(+), 12 deletions(-)

diff --git a/.github/workflows/dotnet-deploy-workflow.yml b/.github/workflows/dotnet-deploy-workflow.yml
index f08cc219..a79f3113 100644
--- a/.github/workflows/dotnet-deploy-workflow.yml
+++ b/.github/workflows/dotnet-deploy-workflow.yml
@@ -8,24 +8,21 @@ on:
     branches: 
       - master
 
+env:
+  ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}
+  ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
+  ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
+  ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}
+
 jobs:
   terraform-create:
     runs-on: ubuntu-latest
     defaults:
       run:
         working-directory: ./terraform/terraform-create-resource
-    env:
-      ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}
-      ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
-      ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
-      ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}
-
-      AZURE_FUNCTIONAPP_NAME: change-event
-      AZURE_FUNCTIONAPP_PACKAGE_PATH: 'Messaging'
-      DOTNET_VERSION: '6.0.x'
 
     outputs:
-      rgName: ${{ steps.getResourceGroupName.outputs.rgName }}
+      AZURE_RESOURCEGROUP_NAME: ${{ steps.getResourceGroupName.outputs.rgName }}
       
     steps:
       - name: Checkout
@@ -52,7 +49,7 @@ jobs:
     needs: terraform-create
     runs-on: ubuntu-latest
     env:
-      AZURE_FUNCTIONAPP_NAME: change-event
+      AZURE_FUNCTIONAPP_NAME: test-change-event
       AZURE_FUNCTIONAPP_PACKAGE_PATH: 'Messaging'
       DOTNET_VERSION: '6.0.x'
 
@@ -77,7 +74,6 @@ jobs:
         run: |
           echo "::set-output name=PUBLISH_PROFILE::$(az webapp deployment list-publishing-profiles -g '${{ needs.terraform-create.outputs.rgName }}' -n '${{ env.AZURE_FUNCTIONAPP_NAME }}' --xml)"
         
-
       - name: 'Run Azure Functions Action'
         uses: Azure/functions-action@v1
         id: fa

From 913bea6088a8a9dd320b7dc38bb3efcd75fbd709 Mon Sep 17 00:00:00 2001
From: Yongkiat Goh <yongkiat.goh@shopee.com>
Date: Tue, 1 Mar 2022 23:45:26 +0800
Subject: [PATCH 05/25] Add Az CLI login step

---
 .github/workflows/dotnet-deploy-workflow.yml | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/dotnet-deploy-workflow.yml b/.github/workflows/dotnet-deploy-workflow.yml
index a79f3113..a3510317 100644
--- a/.github/workflows/dotnet-deploy-workflow.yml
+++ b/.github/workflows/dotnet-deploy-workflow.yml
@@ -48,11 +48,13 @@ jobs:
   fa-build-and-deploy:
     needs: terraform-create
     runs-on: ubuntu-latest
+    permissions:
+      id-token: write
+      contents: read
     env:
       AZURE_FUNCTIONAPP_NAME: test-change-event
       AZURE_FUNCTIONAPP_PACKAGE_PATH: 'Messaging'
       DOTNET_VERSION: '6.0.x'
-
     steps:
       - name: 'Checkout GitHub Action'
         uses: actions/checkout@v2
@@ -69,10 +71,17 @@ jobs:
           dotnet build --configuration Release --output ./output
           popd
 
+      - name: 'Az CLI login'
+        uses: azure/login@v1
+        with:
+          client-id: ${{ secrets.ARM_CLIENT_ID }}
+          tenant-id: ${{ secrets.ARM_TENANT_ID }}
+          subscription-id: ${{ secrets.ARM_SUBSCRIPTION_ID }}
+
       - name: Get Pubilsh Profile
         id: getPublishProfile
         run: |
-          echo "::set-output name=PUBLISH_PROFILE::$(az webapp deployment list-publishing-profiles -g '${{ needs.terraform-create.outputs.rgName }}' -n '${{ env.AZURE_FUNCTIONAPP_NAME }}' --xml)"
+          echo "::set-output name=PUBLISH_PROFILE::$(az webapp deployment list-publishing-profiles -g '${{ needs.terraform-create.outputs.AZURE_RESOURCEGROUP_NAME }}' -n '${{ env.AZURE_FUNCTIONAPP_NAME }}' --xml)"
         
       - name: 'Run Azure Functions Action'
         uses: Azure/functions-action@v1

From 725e3f4b7463ed744a2ec2ab221b17b68c678cef Mon Sep 17 00:00:00 2001
From: Yongkiat Goh <yongkiat.goh@shopee.com>
Date: Sun, 8 May 2022 00:58:31 +0800
Subject: [PATCH 06/25] Upgrade tf azurerm version

---
 .../.terraform.lock.hcl                       | 55 ++++++++++---------
 terraform/terraform-create-resource/main.tf   |  2 +-
 2 files changed, 29 insertions(+), 28 deletions(-)

diff --git a/terraform/terraform-create-resource/.terraform.lock.hcl b/terraform/terraform-create-resource/.terraform.lock.hcl
index 27e76b08..4c575616 100644
--- a/terraform/terraform-create-resource/.terraform.lock.hcl
+++ b/terraform/terraform-create-resource/.terraform.lock.hcl
@@ -2,38 +2,39 @@
 # Manual edits may be lost in future updates.
 
 provider "registry.terraform.io/hashicorp/azurerm" {
-  version     = "2.84.0"
-  constraints = "~> 2.84.0"
+  version     = "2.91.0"
+  constraints = "~> 2.91.0"
   hashes = [
-    "h1:jyvuROvM/4pyDA61Gq6F9pc3c0ofhgo22XEnlWwjxnE=",
-    "zh:172f9abac9765cd4412d192fbc33ce29ef45dde7865844d246d9a645e8bf52d1",
-    "zh:1b92d4262852169bcd1c7766047af5b5bdb64bd05d4be69dfa5078b83e0d5b30",
-    "zh:391fbe77d483120ed7954d4c88ed8d6668dad807f2b4dc8f4faeaffebcf83b49",
-    "zh:5623276a8e011b7275c0f3922ac3aab0659145fcfde4bb336dfa70150b4f5630",
-    "zh:6a8f73947379b9aed2f725ba5435210b1911339ccff925fe6d0c89125d3f0d7a",
-    "zh:89bac435268a41311559ee556ef4bc10a4d4d2ff0bcdbb38d4faf70cb5703600",
-    "zh:a672d23d1e937de9796971372f47dc0938f28764396b87595d0a2241fd9fefe3",
-    "zh:cebaaa78cec7fd9aedf56445931e0e3bfbbf5d75eedf8c2da5c6026819611eee",
-    "zh:e17b79121500fd70e226bd34a45b6fdb9d8699e41896fb3d57c66890fad54ae5",
-    "zh:ec2b5d259c1cd71b6f8401c6e2cc80229d04bb525c9e0561591c4d03683e241b",
-    "zh:f9a9011f0a076084511e1602d021bc5e1fb2465cf51e5b2037687a0bba31f811",
+    "h1:JpJCgETSFOW1VX9MwlMEtJtZi6LdvBL7lZ4aeVqPUHs=",
+    "zh:17102231bc42ac91260489377fb0344408185f9233f126b825c0d0bdc873c8ec",
+    "zh:2454e0683fd8b230c7f30da2afc26bb0e9d699b85409d175a25cd094e4bf7089",
+    "zh:276fdae42310057bc7847ff4af6bb441408153af2ad72f8931145da21072ba8a",
+    "zh:29fd177efd83807acaadc788cbf151e0ed19275b00c7600e1b72316f00e0f1ea",
+    "zh:5d5ec15bbd38fa4d50074ff530e8851b06eeb08048666cde5096d44eeb495e9c",
+    "zh:7974ae42bdb7f9104c1477760d7227243a34087526b4d3eea138f3110b10fd58",
+    "zh:a9fd00320e15c53061556e0dd5818d7e0ca4af0713554dced1ede819350edd9a",
+    "zh:d8a1a3294faabfe0722ed5e553f054a92b2dc03b7f479ca58d67d36621289ce4",
+    "zh:ec4e798182bde6a9d89869c458d36b02d3acdd7ce118c91e8af2b86f082bf5e0",
+    "zh:fb1b3f126f823cb4b6e9018136562e9c28f65732ef0d0f11c18d04117c7ae7a3",
+    "zh:ff0ead2fe3c4c5d597fdc3f2183407ab971f2f435a887ff7af7dac9ae3fa6e86",
   ]
 }
 
 provider "registry.terraform.io/hashicorp/random" {
-  version = "3.1.0"
+  version = "3.1.3"
   hashes = [
-    "h1:rKYu5ZUbXwrLG1w81k7H3nce/Ys6yAxXhWcbtk36HjY=",
-    "zh:2bbb3339f0643b5daa07480ef4397bd23a79963cc364cdfbb4e86354cb7725bc",
-    "zh:3cd456047805bf639fbf2c761b1848880ea703a054f76db51852008b11008626",
-    "zh:4f251b0eda5bb5e3dc26ea4400dba200018213654b69b4a5f96abee815b4f5ff",
-    "zh:7011332745ea061e517fe1319bd6c75054a314155cb2c1199a5b01fe1889a7e2",
-    "zh:738ed82858317ccc246691c8b85995bc125ac3b4143043219bd0437adc56c992",
-    "zh:7dbe52fac7bb21227acd7529b487511c91f4107db9cc4414f50d04ffc3cab427",
-    "zh:a3a9251fb15f93e4cfc1789800fc2d7414bbc18944ad4c5c98f466e6477c42bc",
-    "zh:a543ec1a3a8c20635cf374110bd2f87c07374cf2c50617eee2c669b3ceeeaa9f",
-    "zh:d9ab41d556a48bd7059f0810cf020500635bfc696c9fc3adab5ea8915c1d886b",
-    "zh:d9e13427a7d011dbd654e591b0337e6074eef8c3b9bb11b2e39eaaf257044fd7",
-    "zh:f7605bd1437752114baf601bdf6931debe6dc6bfe3006eb7e9bb9080931dca8a",
+    "h1:7+wnAXQM7IpNEAQ6WZXdO0ZfQW/ncQFXYJ5T2KaR+Z8=",
+    "zh:26e07aa32e403303fc212a4367b4d67188ac965c37a9812e07acee1470687a73",
+    "zh:27386f48e9c9d849fbb5a8828d461fde35e71f6b6c9fc235bc4ae8403eb9c92d",
+    "zh:5f4edda4c94240297bbd9b83618fd362348cadf6bf24ea65ea0e1844d7ccedc0",
+    "zh:646313a907126cd5e69f6a9fafe816e9154fccdc04541e06fed02bb3a8fa2d2e",
+    "zh:7349692932a5d462f8dee1500ab60401594dddb94e9aa6bf6c4c0bd53e91bbb8",
+    "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3",
+    "zh:9034daba8d9b32b35930d168f363af04cecb153d5849a7e4a5966c97c5dc956e",
+    "zh:bb81dfca59ef5f949ef39f19ea4f4de25479907abc28cdaa36d12ecd7c0a9699",
+    "zh:bcf7806b99b4c248439ae02c8e21f77aff9fadbc019ce619b929eef09d1221bb",
+    "zh:d708e14d169e61f326535dd08eecd3811cd4942555a6f8efabc37dbff9c6fc61",
+    "zh:dc294e19a46e1cefb9e557a7b789c8dd8f319beca99b8c265181bc633dc434cc",
+    "zh:f9d758ee53c55dc016dd736427b6b0c3c8eb4d0dbbc785b6a3579b0ffedd9e42",
   ]
 }
diff --git a/terraform/terraform-create-resource/main.tf b/terraform/terraform-create-resource/main.tf
index 66a8c19c..e7c8666d 100644
--- a/terraform/terraform-create-resource/main.tf
+++ b/terraform/terraform-create-resource/main.tf
@@ -3,7 +3,7 @@ terraform {
   required_providers {
     azurerm = {
       source = "hashicorp/azurerm"
-      version = "~>2.84.0"
+      version = "~>2.91.0"
     }
   }
 

From 09b3b3bdd70441135baba0f3ede7306b540629b1 Mon Sep 17 00:00:00 2001
From: Yongkiat Goh <yongkiat.goh@shopee.com>
Date: Sun, 8 May 2022 21:59:28 +0800
Subject: [PATCH 07/25] Remove duplicate workflow

---
 .../workflows/terraform-create-resource.yml   | 48 -------------------
 1 file changed, 48 deletions(-)
 delete mode 100644 .github/workflows/terraform-create-resource.yml

diff --git a/.github/workflows/terraform-create-resource.yml b/.github/workflows/terraform-create-resource.yml
deleted file mode 100644
index c40e7f6b..00000000
--- a/.github/workflows/terraform-create-resource.yml
+++ /dev/null
@@ -1,48 +0,0 @@
-name: Terraform Create Azure Resource
-
-on:
-  push:
-    branches:
-      - master
-  pull_request:
-    branches: 
-      - master
-
-jobs:
-  terraform:
-    runs-on: ubuntu-latest
-    
-    env:
-      ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}
-      ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
-      ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
-      ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}
-
-    outputs:
-      rgName: ${{ steps.getResourceGroupName.outputs.rgName }}
-      
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v2
-
-      - name: Terraform Init
-        run: terraform init
-        working-directory: ./terraform/terraform-create-resource
-
-      - name: Terraform Validate
-        run: terraform validate 
-        working-directory: ./terraform/terraform-create-resource
-
-      - name: Terraform Plan
-        run: terraform plan
-        working-directory: ./terraform/terraform-create-resource
-
-      - name: Terraform Apply
-        run: terraform apply -auto-approve
-        working-directory: ./terraform/terraform-create-resource
-
-      - name: Get Resource Group name
-        id: getResourceGroupName
-        run: |
-          echo "::set-output name=rgName::$(terraform output -raw rgName)"
-        

From d3f189316be06e7812aa1db10b3de8d95a9a7de8 Mon Sep 17 00:00:00 2001
From: Yongkiat Goh <yongkiat.goh@shopee.com>
Date: Sun, 8 May 2022 23:46:30 +0800
Subject: [PATCH 08/25] Change TF auth secrets

---
 .github/workflows/dotnet-deploy-workflow.yml | 23 ++++++++++++++------
 1 file changed, 16 insertions(+), 7 deletions(-)

diff --git a/.github/workflows/dotnet-deploy-workflow.yml b/.github/workflows/dotnet-deploy-workflow.yml
index a3510317..6d0b352d 100644
--- a/.github/workflows/dotnet-deploy-workflow.yml
+++ b/.github/workflows/dotnet-deploy-workflow.yml
@@ -8,12 +8,6 @@ on:
     branches: 
       - master
 
-env:
-  ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}
-  ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
-  ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
-  ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}
-
 jobs:
   terraform-create:
     runs-on: ubuntu-latest
@@ -28,6 +22,21 @@ jobs:
       - name: Checkout
         uses: actions/checkout@v2
 
+      - name: Azure CLI login
+        uses: azure/login@v1
+        with:
+          creds: ${{ secrets.AZURE_CREDENTIALS }}
+
+      - name: Prep TF environment variables
+        env: 
+          AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }}
+        run: |
+          $servicePrincipal = fromJSON($env.AZURE_CREDENTIALS)
+          echo "ARM_CLIENT_ID=$servicePrincipal.clientId" >> $GITHUB_ENV
+          echo "ARM_CLIENT_SECRET=$servicePrincipal.clientSecret" >> $GITHUB_ENV
+          echo "ARM_SUBSCRIPTION_ID=$servicePrincipal.subscriptionID" >> $GITHUB_ENV
+          echo "ARM_TENANT_ID=$servicePrincipal.tenantId" >> $GITHUB_ENV
+
       - name: Terraform Init
         run: terraform init
 
@@ -71,7 +80,7 @@ jobs:
           dotnet build --configuration Release --output ./output
           popd
 
-      - name: 'Az CLI login'
+      - name: Azure CLI login
         uses: azure/login@v1
         with:
           client-id: ${{ secrets.ARM_CLIENT_ID }}

From 56ebc8597fea9866f8cf683e3dac8ac84932073b Mon Sep 17 00:00:00 2001
From: Yongkiat Goh <yongkiat.goh@shopee.com>
Date: Sun, 8 May 2022 23:58:10 +0800
Subject: [PATCH 09/25] Fix workflow errors on fromJSON cmdlet

---
 .github/workflows/dotnet-deploy-workflow.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/dotnet-deploy-workflow.yml b/.github/workflows/dotnet-deploy-workflow.yml
index 6d0b352d..d6ef86c2 100644
--- a/.github/workflows/dotnet-deploy-workflow.yml
+++ b/.github/workflows/dotnet-deploy-workflow.yml
@@ -31,7 +31,7 @@ jobs:
         env: 
           AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }}
         run: |
-          $servicePrincipal = fromJSON($env.AZURE_CREDENTIALS)
+          $servicePrincipal = ${{ fromJSON(env.AZURE_CREDENTIALS) }}
           echo "ARM_CLIENT_ID=$servicePrincipal.clientId" >> $GITHUB_ENV
           echo "ARM_CLIENT_SECRET=$servicePrincipal.clientSecret" >> $GITHUB_ENV
           echo "ARM_SUBSCRIPTION_ID=$servicePrincipal.subscriptionID" >> $GITHUB_ENV

From 2acfb87d50d43c53b8eeafa945408b3a684bf509 Mon Sep 17 00:00:00 2001
From: Yongkiat Goh <yongkiat.goh@shopee.com>
Date: Mon, 9 May 2022 00:05:41 +0800
Subject: [PATCH 10/25] Change TF auth secrets using pwsh

---
 .github/workflows/dotnet-deploy-workflow.yml | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/dotnet-deploy-workflow.yml b/.github/workflows/dotnet-deploy-workflow.yml
index d6ef86c2..7837229a 100644
--- a/.github/workflows/dotnet-deploy-workflow.yml
+++ b/.github/workflows/dotnet-deploy-workflow.yml
@@ -28,14 +28,17 @@ jobs:
           creds: ${{ secrets.AZURE_CREDENTIALS }}
 
       - name: Prep TF environment variables
+        shell: pwsh
         env: 
           AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }}
-        run: |
-          $servicePrincipal = ${{ fromJSON(env.AZURE_CREDENTIALS) }}
-          echo "ARM_CLIENT_ID=$servicePrincipal.clientId" >> $GITHUB_ENV
-          echo "ARM_CLIENT_SECRET=$servicePrincipal.clientSecret" >> $GITHUB_ENV
-          echo "ARM_SUBSCRIPTION_ID=$servicePrincipal.subscriptionID" >> $GITHUB_ENV
-          echo "ARM_TENANT_ID=$servicePrincipal.tenantId" >> $GITHUB_ENV
+        run: | 
+          $servicePrincipal = ($env:AZURE_CREDENTIALS | ConvertFrom-Json)
+          $env:ARM_CLIENT_ID = $servicePrincipal.clientId
+          $env:ARM_CLIENT_SECRET = $servicePrincipal.clientSecret
+          $env:ARM_SUBSCRIPTION_ID = $servicePrincipal.subscriptionId
+          $env:ARM_TENANT_ID = $servicePrincipal.tenantId
+          
+          Get-ChildItem -Path Env: -Recurse -Include ARM_*,TF_VAR_* | ForEach-Object {Write-Output "$($_.Name)=$($_.Value)"} >> $env:GITHUB_ENV
 
       - name: Terraform Init
         run: terraform init

From ec476c4169e1a4fbfe03bfc7a2a2c72efd812550 Mon Sep 17 00:00:00 2001
From: Yongkiat Goh <yongkiat.goh@shopee.com>
Date: Wed, 11 May 2022 21:44:41 +0800
Subject: [PATCH 11/25] Upgrade tf azurerm version to 2.91.0

---
 .../.terraform.lock.hcl                       | 46 ++++++-------------
 terraform/terraform-remote-state/main.tf      |  2 +-
 2 files changed, 15 insertions(+), 33 deletions(-)

diff --git a/terraform/terraform-remote-state/.terraform.lock.hcl b/terraform/terraform-remote-state/.terraform.lock.hcl
index 72d84f32..af66a834 100644
--- a/terraform/terraform-remote-state/.terraform.lock.hcl
+++ b/terraform/terraform-remote-state/.terraform.lock.hcl
@@ -2,38 +2,20 @@
 # Manual edits may be lost in future updates.
 
 provider "registry.terraform.io/hashicorp/azurerm" {
-  version     = "2.84.0"
-  constraints = "~> 2.0"
+  version     = "2.91.0"
+  constraints = "~> 2.91.0"
   hashes = [
-    "h1:jyvuROvM/4pyDA61Gq6F9pc3c0ofhgo22XEnlWwjxnE=",
-    "zh:172f9abac9765cd4412d192fbc33ce29ef45dde7865844d246d9a645e8bf52d1",
-    "zh:1b92d4262852169bcd1c7766047af5b5bdb64bd05d4be69dfa5078b83e0d5b30",
-    "zh:391fbe77d483120ed7954d4c88ed8d6668dad807f2b4dc8f4faeaffebcf83b49",
-    "zh:5623276a8e011b7275c0f3922ac3aab0659145fcfde4bb336dfa70150b4f5630",
-    "zh:6a8f73947379b9aed2f725ba5435210b1911339ccff925fe6d0c89125d3f0d7a",
-    "zh:89bac435268a41311559ee556ef4bc10a4d4d2ff0bcdbb38d4faf70cb5703600",
-    "zh:a672d23d1e937de9796971372f47dc0938f28764396b87595d0a2241fd9fefe3",
-    "zh:cebaaa78cec7fd9aedf56445931e0e3bfbbf5d75eedf8c2da5c6026819611eee",
-    "zh:e17b79121500fd70e226bd34a45b6fdb9d8699e41896fb3d57c66890fad54ae5",
-    "zh:ec2b5d259c1cd71b6f8401c6e2cc80229d04bb525c9e0561591c4d03683e241b",
-    "zh:f9a9011f0a076084511e1602d021bc5e1fb2465cf51e5b2037687a0bba31f811",
-  ]
-}
-
-provider "registry.terraform.io/hashicorp/random" {
-  version = "3.1.0"
-  hashes = [
-    "h1:rKYu5ZUbXwrLG1w81k7H3nce/Ys6yAxXhWcbtk36HjY=",
-    "zh:2bbb3339f0643b5daa07480ef4397bd23a79963cc364cdfbb4e86354cb7725bc",
-    "zh:3cd456047805bf639fbf2c761b1848880ea703a054f76db51852008b11008626",
-    "zh:4f251b0eda5bb5e3dc26ea4400dba200018213654b69b4a5f96abee815b4f5ff",
-    "zh:7011332745ea061e517fe1319bd6c75054a314155cb2c1199a5b01fe1889a7e2",
-    "zh:738ed82858317ccc246691c8b85995bc125ac3b4143043219bd0437adc56c992",
-    "zh:7dbe52fac7bb21227acd7529b487511c91f4107db9cc4414f50d04ffc3cab427",
-    "zh:a3a9251fb15f93e4cfc1789800fc2d7414bbc18944ad4c5c98f466e6477c42bc",
-    "zh:a543ec1a3a8c20635cf374110bd2f87c07374cf2c50617eee2c669b3ceeeaa9f",
-    "zh:d9ab41d556a48bd7059f0810cf020500635bfc696c9fc3adab5ea8915c1d886b",
-    "zh:d9e13427a7d011dbd654e591b0337e6074eef8c3b9bb11b2e39eaaf257044fd7",
-    "zh:f7605bd1437752114baf601bdf6931debe6dc6bfe3006eb7e9bb9080931dca8a",
+    "h1:JpJCgETSFOW1VX9MwlMEtJtZi6LdvBL7lZ4aeVqPUHs=",
+    "zh:17102231bc42ac91260489377fb0344408185f9233f126b825c0d0bdc873c8ec",
+    "zh:2454e0683fd8b230c7f30da2afc26bb0e9d699b85409d175a25cd094e4bf7089",
+    "zh:276fdae42310057bc7847ff4af6bb441408153af2ad72f8931145da21072ba8a",
+    "zh:29fd177efd83807acaadc788cbf151e0ed19275b00c7600e1b72316f00e0f1ea",
+    "zh:5d5ec15bbd38fa4d50074ff530e8851b06eeb08048666cde5096d44eeb495e9c",
+    "zh:7974ae42bdb7f9104c1477760d7227243a34087526b4d3eea138f3110b10fd58",
+    "zh:a9fd00320e15c53061556e0dd5818d7e0ca4af0713554dced1ede819350edd9a",
+    "zh:d8a1a3294faabfe0722ed5e553f054a92b2dc03b7f479ca58d67d36621289ce4",
+    "zh:ec4e798182bde6a9d89869c458d36b02d3acdd7ce118c91e8af2b86f082bf5e0",
+    "zh:fb1b3f126f823cb4b6e9018136562e9c28f65732ef0d0f11c18d04117c7ae7a3",
+    "zh:ff0ead2fe3c4c5d597fdc3f2183407ab971f2f435a887ff7af7dac9ae3fa6e86",
   ]
 }
diff --git a/terraform/terraform-remote-state/main.tf b/terraform/terraform-remote-state/main.tf
index df818c0a..853fd875 100644
--- a/terraform/terraform-remote-state/main.tf
+++ b/terraform/terraform-remote-state/main.tf
@@ -3,7 +3,7 @@ terraform {
   required_providers {
     azurerm = {
       source = "hashicorp/azurerm"
-      version = "~>2.84.0"
+      version = "~>2.91.0"
     }
   }
 }

From 9256501d08a63779c7e601771938812b867cfb69 Mon Sep 17 00:00:00 2001
From: Yongkiat Goh <yongkiat.goh@shopee.com>
Date: Wed, 11 May 2022 22:40:20 +0800
Subject: [PATCH 12/25] Update Azure auth

---
 .github/workflows/dotnet-deploy-workflow.yml | 25 ++++----------------
 1 file changed, 5 insertions(+), 20 deletions(-)

diff --git a/.github/workflows/dotnet-deploy-workflow.yml b/.github/workflows/dotnet-deploy-workflow.yml
index 7837229a..057322ae 100644
--- a/.github/workflows/dotnet-deploy-workflow.yml
+++ b/.github/workflows/dotnet-deploy-workflow.yml
@@ -14,32 +14,17 @@ jobs:
     defaults:
       run:
         working-directory: ./terraform/terraform-create-resource
-
+    env:
+      ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
+      ARM_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }}
+      ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
+      ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
     outputs:
       AZURE_RESOURCEGROUP_NAME: ${{ steps.getResourceGroupName.outputs.rgName }}
-      
     steps:
       - name: Checkout
         uses: actions/checkout@v2
 
-      - name: Azure CLI login
-        uses: azure/login@v1
-        with:
-          creds: ${{ secrets.AZURE_CREDENTIALS }}
-
-      - name: Prep TF environment variables
-        shell: pwsh
-        env: 
-          AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }}
-        run: | 
-          $servicePrincipal = ($env:AZURE_CREDENTIALS | ConvertFrom-Json)
-          $env:ARM_CLIENT_ID = $servicePrincipal.clientId
-          $env:ARM_CLIENT_SECRET = $servicePrincipal.clientSecret
-          $env:ARM_SUBSCRIPTION_ID = $servicePrincipal.subscriptionId
-          $env:ARM_TENANT_ID = $servicePrincipal.tenantId
-          
-          Get-ChildItem -Path Env: -Recurse -Include ARM_*,TF_VAR_* | ForEach-Object {Write-Output "$($_.Name)=$($_.Value)"} >> $env:GITHUB_ENV
-
       - name: Terraform Init
         run: terraform init
 

From 042a6f74806d791c2d732e545282fd0377fc802e Mon Sep 17 00:00:00 2001
From: Yongkiat Goh <yongkiat.goh@shopee.com>
Date: Fri, 8 Jul 2022 14:57:33 +0800
Subject: [PATCH 13/25] Add couple-api functionapp

---
 .../terraform-create-resource/functionapp.tf  | 39 +++++++++++++++++--
 1 file changed, 35 insertions(+), 4 deletions(-)

diff --git a/terraform/terraform-create-resource/functionapp.tf b/terraform/terraform-create-resource/functionapp.tf
index d91ff15d..6260a5ce 100644
--- a/terraform/terraform-create-resource/functionapp.tf
+++ b/terraform/terraform-create-resource/functionapp.tf
@@ -1,5 +1,5 @@
-resource "azurerm_app_service_plan" "asp" {
-  name                = "${var.prefix}-service-plan"
+resource "azurerm_app_service_plan" "change_event_asp" {
+  name                = "${var.prefix}-change-event"
   location            = azurerm_resource_group.rg.location
   resource_group_name = azurerm_resource_group.rg.name
   kind                = "FunctionApp"
@@ -10,11 +10,42 @@ resource "azurerm_app_service_plan" "asp" {
   }
 }
 
-resource "azurerm_function_app" "fa" {
+resource "azurerm_function_app" "change_event_fa" {
   name                       = "${var.prefix}-change-event"
   location                   = azurerm_resource_group.rg.location
   resource_group_name        = azurerm_resource_group.rg.name
-  app_service_plan_id        = azurerm_app_service_plan.asp.id
+  app_service_plan_id        = azurerm_app_service_plan.change_event_asp.id
+  storage_account_name       = azurerm_storage_account.storage.name
+  storage_account_access_key = azurerm_storage_account.storage.primary_access_key
+
+  app_settings = {
+    "AccountEndpoint"           = azurerm_cosmosdb_account.db.endpoint
+    "AccountKey"                = azurerm_cosmosdb_account.db.primary_key
+    "DatabaseConnectionString"  = azurerm_cosmosdb_account.db.connection_strings[0]
+    "DatabaseName"              = "database"
+    "ImagesConnectionString"    = "DefaultEndpointsProtocol=https;AccountName=${azurerm_storage_account.storage.name};AccountKey=${azurerm_storage_account.storage.primary_access_key};EndpointSuffix=core.windows.net"
+    "FUNCTIONS_WORKER_RUNTIME"  = "dotnet"
+    "WEBSITE_RUN_FROM_PACKAGE"  = "1"
+  }
+}
+
+resource "azurerm_app_service_plan" "couple_api_asp" {
+  name                = "${var.prefix}-couple-api"
+  location            = azurerm_resource_group.rg.location
+  resource_group_name = azurerm_resource_group.rg.name
+  kind                = "FunctionApp"
+
+  sku {
+    tier = "Dynamic"
+    size = "Y1"
+  }
+}
+
+resource "azurerm_function_app" "couple_api_fa" {
+  name                       = "${var.prefix}-couple-api"
+  location                   = azurerm_resource_group.rg.location
+  resource_group_name        = azurerm_resource_group.rg.name
+  app_service_plan_id        = azurerm_app_service_plan.couple_api_asp.id
   storage_account_name       = azurerm_storage_account.storage.name
   storage_account_access_key = azurerm_storage_account.storage.primary_access_key
 

From c8e76192b5c58644e6a0bc24d16eb8e897640b3e Mon Sep 17 00:00:00 2001
From: Yongkiat Goh <yongkiat.goh@shopee.com>
Date: Fri, 8 Jul 2022 15:00:46 +0800
Subject: [PATCH 14/25] Revert changes on azure-messaging-function workflow

---
 .github/workflows/azure-messaging-function.yml | 11 ++---------
 1 file changed, 2 insertions(+), 9 deletions(-)

diff --git a/.github/workflows/azure-messaging-function.yml b/.github/workflows/azure-messaging-function.yml
index 6f40963a..9a7c8330 100644
--- a/.github/workflows/azure-messaging-function.yml
+++ b/.github/workflows/azure-messaging-function.yml
@@ -28,17 +28,10 @@ jobs:
           pushd './${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }}'
           dotnet build --configuration Release --output ./output
           popd
-
-      - name: Get Pubilsh Profile
-        id: getPublishProfile
-        run: |
-          echo "::set-output name=PUBLISH_PROFILE::$(az webapp deployment list-publishing-profiles -g '${{ needs.terraform.outputs.rgName }}' -n 'app-service-name' --xml)"
-        
-
-      - name: 'Run Azure Functions Action'
+      - name: 'Deploy'
         uses: Azure/functions-action@v1
         id: fa
         with:
           app-name: ${{ env.AZURE_FUNCTIONAPP_NAME }}
           package: '${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }}/output'
-          publish-profile: ${{ steps.getPublishProfile.outputs.PUBLISH_PROFILE }}
+          publish-profile: ${{ secrets.AZURE_MESSAGING_FUNCTIONAPP_PUBLISH_PROFILE }}

From bcb0ce603d0ca1cf7a31de28d792d64aba1bdda3 Mon Sep 17 00:00:00 2001
From: Yongkiat Goh <yongkiat.goh@shopee.com>
Date: Thu, 14 Jul 2022 01:00:39 +0800
Subject: [PATCH 15/25] Remove terraform workflow

---
 .github/workflows/dotnet-deploy-workflow.yml | 89 --------------------
 1 file changed, 89 deletions(-)
 delete mode 100644 .github/workflows/dotnet-deploy-workflow.yml

diff --git a/.github/workflows/dotnet-deploy-workflow.yml b/.github/workflows/dotnet-deploy-workflow.yml
deleted file mode 100644
index 057322ae..00000000
--- a/.github/workflows/dotnet-deploy-workflow.yml
+++ /dev/null
@@ -1,89 +0,0 @@
-name: Deploy DotNet project
-
-on:
-  push:
-    branches:
-      - master
-  pull_request:
-    branches: 
-      - master
-
-jobs:
-  terraform-create:
-    runs-on: ubuntu-latest
-    defaults:
-      run:
-        working-directory: ./terraform/terraform-create-resource
-    env:
-      ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
-      ARM_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }}
-      ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
-      ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
-    outputs:
-      AZURE_RESOURCEGROUP_NAME: ${{ steps.getResourceGroupName.outputs.rgName }}
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v2
-
-      - name: Terraform Init
-        run: terraform init
-
-      - name: Terraform Validate
-        run: terraform validate 
-
-      - name: Terraform Plan
-        run: terraform plan
-
-      - name: Terraform Apply
-        run: terraform apply -auto-approve
-
-      - name: Get Resource Group name
-        id: getResourceGroupName
-        run: |
-          echo "::set-output name=rgName::$(terraform output -raw rgName)"
-  
-  fa-build-and-deploy:
-    needs: terraform-create
-    runs-on: ubuntu-latest
-    permissions:
-      id-token: write
-      contents: read
-    env:
-      AZURE_FUNCTIONAPP_NAME: test-change-event
-      AZURE_FUNCTIONAPP_PACKAGE_PATH: 'Messaging'
-      DOTNET_VERSION: '6.0.x'
-    steps:
-      - name: 'Checkout GitHub Action'
-        uses: actions/checkout@v2
-
-      - name: Setup DotNet ${{ env.DOTNET_VERSION }} Environment
-        uses: actions/setup-dotnet@v1
-        with:
-          dotnet-version: ${{ env.DOTNET_VERSION }}
-
-      - name: 'Resolve Project Dependencies Using Dotnet'
-        shell: bash
-        run: |
-          pushd './${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }}'
-          dotnet build --configuration Release --output ./output
-          popd
-
-      - name: Azure CLI login
-        uses: azure/login@v1
-        with:
-          client-id: ${{ secrets.ARM_CLIENT_ID }}
-          tenant-id: ${{ secrets.ARM_TENANT_ID }}
-          subscription-id: ${{ secrets.ARM_SUBSCRIPTION_ID }}
-
-      - name: Get Pubilsh Profile
-        id: getPublishProfile
-        run: |
-          echo "::set-output name=PUBLISH_PROFILE::$(az webapp deployment list-publishing-profiles -g '${{ needs.terraform-create.outputs.AZURE_RESOURCEGROUP_NAME }}' -n '${{ env.AZURE_FUNCTIONAPP_NAME }}' --xml)"
-        
-      - name: 'Run Azure Functions Action'
-        uses: Azure/functions-action@v1
-        id: fa
-        with:
-          app-name: ${{ env.AZURE_FUNCTIONAPP_NAME }}
-          package: '${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }}/output'
-          publish-profile: ${{ steps.getPublishProfile.outputs.PUBLISH_PROFILE }}
\ No newline at end of file

From 71da4607b6f293c32d5bc3f22bf7bd16ffca9354 Mon Sep 17 00:00:00 2001
From: Yongkiat Goh <yongkiat.goh@shopee.com>
Date: Thu, 14 Jul 2022 01:17:08 +0800
Subject: [PATCH 16/25] Clean up pull request

---
 .../workflows/azure-messaging-function.yml    |   1 +
 terraform.patch                               | 400 ------------------
 terraform/terraform-create-resource/main.tf   |   7 +-
 3 files changed, 2 insertions(+), 406 deletions(-)
 delete mode 100644 terraform.patch

diff --git a/.github/workflows/azure-messaging-function.yml b/.github/workflows/azure-messaging-function.yml
index e03c6d04..f6262e8a 100644
--- a/.github/workflows/azure-messaging-function.yml
+++ b/.github/workflows/azure-messaging-function.yml
@@ -31,6 +31,7 @@ jobs:
           pushd './${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }}'
           dotnet build --configuration Release --output ./output
           popd
+
       - name: 'Deploy'
         uses: Azure/functions-action@v1
         id: fa
diff --git a/terraform.patch b/terraform.patch
deleted file mode 100644
index 2a402183..00000000
--- a/terraform.patch
+++ /dev/null
@@ -1,400 +0,0 @@
-diff --git a/.github/workflows/terraform-create-resource.yml b/.github/workflows/terraform-create-resource.yml
-new file mode 100644
-index 0000000..ced04bb
---- /dev/null
-+++ b/.github/workflows/terraform-create-resource.yml
-@@ -0,0 +1,39 @@
-+name: Terraform Create Azure Resource
-+
-+on:
-+  push:
-+    branches:
-+      - master
-+  pull_request:
-+    branches: 
-+      - master
-+
-+jobs:
-+  terraform:
-+    runs-on: ubuntu-latest
-+    
-+    env:
-+      ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}
-+      ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
-+      ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
-+      ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}
-+      
-+    steps:
-+      - name: Checkout
-+        uses: actions/checkout@v2
-+
-+      - name: Terraform Init
-+        run: terraform init
-+        working-directory: ./terraform/terraform-create-resource
-+
-+      - name: Terraform Validate
-+        run: terraform validate 
-+        working-directory: ./terraform/terraform-create-resource
-+
-+      - name: Terraform Plan
-+        run: terraform plan
-+        working-directory: ./terraform/terraform-create-resource
-+
-+      - name: Terraform Apply
-+        run: terraform apply -auto-approve
-+        working-directory: ./terraform/terraform-create-resource
-diff --git a/.gitignore b/.gitignore
-index b18efaa..5bb9714 100644
---- a/.gitignore
-+++ b/.gitignore
-@@ -362,4 +362,35 @@ MigrationBackup/
- .ionide/
- 
- # Fody - auto-generated XML schema
--FodyWeavers.xsd
-\ No newline at end of file
-+FodyWeavers.xsd
-+
-+# Local .terraform directories
-+**/.terraform/*
-+
-+# .tfstate files
-+*.tfstate
-+*.tfstate.*
-+
-+# Crash log files
-+crash.log
-+
-+# Exclude all .tfvars files, which are likely to contain sentitive data, such as
-+# password, private keys, and other secrets. These should not be part of version
-+# control as they are data points which are potentially sensitive and subject
-+# to change depending on the environment.
-+#
-+*.tfvars
-+
-+# Ignore override files as they are usually used to override resources locally and so
-+# are not checked in
-+override.tf
-+override.tf.json
-+*_override.tf
-+*_override.tf.json
-+
-+# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
-+*tfplan*
-+
-+# Ignore CLI configuration files
-+.terraformrc
-+terraform.rc
-\ No newline at end of file
-diff --git a/terraform/terraform-create-resource/.terraform.lock.hcl b/terraform/terraform-create-resource/.terraform.lock.hcl
-new file mode 100644
-index 0000000..27e76b0
---- /dev/null
-+++ b/terraform/terraform-create-resource/.terraform.lock.hcl
-@@ -0,0 +1,39 @@
-+# This file is maintained automatically by "terraform init".
-+# Manual edits may be lost in future updates.
-+
-+provider "registry.terraform.io/hashicorp/azurerm" {
-+  version     = "2.84.0"
-+  constraints = "~> 2.84.0"
-+  hashes = [
-+    "h1:jyvuROvM/4pyDA61Gq6F9pc3c0ofhgo22XEnlWwjxnE=",
-+    "zh:172f9abac9765cd4412d192fbc33ce29ef45dde7865844d246d9a645e8bf52d1",
-+    "zh:1b92d4262852169bcd1c7766047af5b5bdb64bd05d4be69dfa5078b83e0d5b30",
-+    "zh:391fbe77d483120ed7954d4c88ed8d6668dad807f2b4dc8f4faeaffebcf83b49",
-+    "zh:5623276a8e011b7275c0f3922ac3aab0659145fcfde4bb336dfa70150b4f5630",
-+    "zh:6a8f73947379b9aed2f725ba5435210b1911339ccff925fe6d0c89125d3f0d7a",
-+    "zh:89bac435268a41311559ee556ef4bc10a4d4d2ff0bcdbb38d4faf70cb5703600",
-+    "zh:a672d23d1e937de9796971372f47dc0938f28764396b87595d0a2241fd9fefe3",
-+    "zh:cebaaa78cec7fd9aedf56445931e0e3bfbbf5d75eedf8c2da5c6026819611eee",
-+    "zh:e17b79121500fd70e226bd34a45b6fdb9d8699e41896fb3d57c66890fad54ae5",
-+    "zh:ec2b5d259c1cd71b6f8401c6e2cc80229d04bb525c9e0561591c4d03683e241b",
-+    "zh:f9a9011f0a076084511e1602d021bc5e1fb2465cf51e5b2037687a0bba31f811",
-+  ]
-+}
-+
-+provider "registry.terraform.io/hashicorp/random" {
-+  version = "3.1.0"
-+  hashes = [
-+    "h1:rKYu5ZUbXwrLG1w81k7H3nce/Ys6yAxXhWcbtk36HjY=",
-+    "zh:2bbb3339f0643b5daa07480ef4397bd23a79963cc364cdfbb4e86354cb7725bc",
-+    "zh:3cd456047805bf639fbf2c761b1848880ea703a054f76db51852008b11008626",
-+    "zh:4f251b0eda5bb5e3dc26ea4400dba200018213654b69b4a5f96abee815b4f5ff",
-+    "zh:7011332745ea061e517fe1319bd6c75054a314155cb2c1199a5b01fe1889a7e2",
-+    "zh:738ed82858317ccc246691c8b85995bc125ac3b4143043219bd0437adc56c992",
-+    "zh:7dbe52fac7bb21227acd7529b487511c91f4107db9cc4414f50d04ffc3cab427",
-+    "zh:a3a9251fb15f93e4cfc1789800fc2d7414bbc18944ad4c5c98f466e6477c42bc",
-+    "zh:a543ec1a3a8c20635cf374110bd2f87c07374cf2c50617eee2c669b3ceeeaa9f",
-+    "zh:d9ab41d556a48bd7059f0810cf020500635bfc696c9fc3adab5ea8915c1d886b",
-+    "zh:d9e13427a7d011dbd654e591b0337e6074eef8c3b9bb11b2e39eaaf257044fd7",
-+    "zh:f7605bd1437752114baf601bdf6931debe6dc6bfe3006eb7e9bb9080931dca8a",
-+  ]
-+}
-diff --git a/terraform/terraform-create-resource/cosmosdb.tf b/terraform/terraform-create-resource/cosmosdb.tf
-new file mode 100644
-index 0000000..7504e93
---- /dev/null
-+++ b/terraform/terraform-create-resource/cosmosdb.tf
-@@ -0,0 +1,43 @@
-+# azurerm_cosmosdb_account.db:
-+resource "azurerm_cosmosdb_account" "db" {
-+    access_key_metadata_writes_enabled    = true
-+    analytical_storage_enabled            = false
-+    enable_automatic_failover             = false
-+    # Only one free tier cosmosDB per subscription
-+    # enable_free_tier                      = true
-+    enable_multiple_write_locations       = false
-+    is_virtual_network_filter_enabled     = false
-+    kind                                  = "GlobalDocumentDB"
-+    local_authentication_disabled         = false
-+    location                              = "southeastasia"
-+    name                                  = "${var.prefix}-couple-management-storage"
-+    network_acl_bypass_for_azure_services = false
-+    network_acl_bypass_ids                = []
-+    offer_type                            = "Standard"
-+    public_network_access_enabled         = true
-+    resource_group_name                   = azurerm_resource_group.rg.name
-+
-+    capabilities {
-+    name = "EnableServerless"
-+    }
-+
-+    backup {
-+        interval_in_minutes = 240
-+        retention_in_hours  = 8
-+        type                = "Periodic"
-+    }
-+
-+    consistency_policy {
-+        consistency_level       = "ConsistentPrefix"
-+        max_interval_in_seconds = 5
-+        max_staleness_prefix    = 100
-+    }
-+
-+    geo_location {
-+        failover_priority = 0
-+        location          = "southeastasia"
-+        zone_redundant    = false
-+    }
-+
-+    timeouts {}
-+}
-\ No newline at end of file
-diff --git a/terraform/terraform-create-resource/functionapp.tf b/terraform/terraform-create-resource/functionapp.tf
-new file mode 100644
-index 0000000..d91ff15
---- /dev/null
-+++ b/terraform/terraform-create-resource/functionapp.tf
-@@ -0,0 +1,30 @@
-+resource "azurerm_app_service_plan" "asp" {
-+  name                = "${var.prefix}-service-plan"
-+  location            = azurerm_resource_group.rg.location
-+  resource_group_name = azurerm_resource_group.rg.name
-+  kind                = "FunctionApp"
-+
-+  sku {
-+    tier = "Dynamic"
-+    size = "Y1"
-+  }
-+}
-+
-+resource "azurerm_function_app" "fa" {
-+  name                       = "${var.prefix}-change-event"
-+  location                   = azurerm_resource_group.rg.location
-+  resource_group_name        = azurerm_resource_group.rg.name
-+  app_service_plan_id        = azurerm_app_service_plan.asp.id
-+  storage_account_name       = azurerm_storage_account.storage.name
-+  storage_account_access_key = azurerm_storage_account.storage.primary_access_key
-+
-+  app_settings = {
-+    "AccountEndpoint"           = azurerm_cosmosdb_account.db.endpoint
-+    "AccountKey"                = azurerm_cosmosdb_account.db.primary_key
-+    "DatabaseConnectionString"  = azurerm_cosmosdb_account.db.connection_strings[0]
-+    "DatabaseName"              = "database"
-+    "ImagesConnectionString"    = "DefaultEndpointsProtocol=https;AccountName=${azurerm_storage_account.storage.name};AccountKey=${azurerm_storage_account.storage.primary_access_key};EndpointSuffix=core.windows.net"
-+    "FUNCTIONS_WORKER_RUNTIME"  = "dotnet"
-+    "WEBSITE_RUN_FROM_PACKAGE"  = "1"
-+  }
-+}
-\ No newline at end of file
-diff --git a/terraform/terraform-create-resource/main.tf b/terraform/terraform-create-resource/main.tf
-new file mode 100644
-index 0000000..dc76eaa
---- /dev/null
-+++ b/terraform/terraform-create-resource/main.tf
-@@ -0,0 +1,29 @@
-+terraform {
-+  required_version = ">=0.12"
-+  required_providers {
-+    azurerm = {
-+      source = "hashicorp/azurerm"
-+      version = "~>2.84.0"
-+    }
-+  }
-+
-+  backend "azurerm" {
-+        resource_group_name  = "StateResource"
-+        storage_account_name = "couplemgmtstates"
-+        container_name       = "tfstates"
-+        key                  = "test.terraform.tfstate"
-+    }
-+}
-+
-+resource "random_uuid" "test" {
-+}
-+
-+resource "azurerm_resource_group" "rg" {
-+  name      = "${random_uuid.test.result}-rg-${var.prefix}"
-+  location  = var.location
-+}
-+
-+provider "azurerm" {
-+  features {}
-+}
-+
-diff --git a/terraform/terraform-create-resource/storage.tf b/terraform/terraform-create-resource/storage.tf
-new file mode 100644
-index 0000000..0af7305
---- /dev/null
-+++ b/terraform/terraform-create-resource/storage.tf
-@@ -0,0 +1,14 @@
-+resource "azurerm_storage_account" "storage" {
-+  name                      = "${var.prefix}couplemgmtstorage"
-+  resource_group_name       = azurerm_resource_group.rg.name
-+  location                  = "southeastasia"
-+  account_tier              = "Standard"
-+  account_replication_type  = "LRS"
-+  allow_blob_public_access  = true
-+}
-+
-+resource "azurerm_storage_container" "images" {
-+  name                  = "images"
-+  storage_account_name  = azurerm_storage_account.storage.name
-+  container_access_type = "private"
-+}
-diff --git a/terraform/terraform-create-resource/variables.tf b/terraform/terraform-create-resource/variables.tf
-new file mode 100644
-index 0000000..7a57d5b
---- /dev/null
-+++ b/terraform/terraform-create-resource/variables.tf
-@@ -0,0 +1,11 @@
-+variable "prefix" {
-+  default       = "test"
-+}
-+
-+
-+# Shortnames for regions can be found here:
-+# https://github.com/claranet/terraform-azurerm-regions/blob/master/REGIONS.md
-+variable "location" {
-+  default = "southeastasia"
-+  description   = "Location of the resource group."
-+}
-\ No newline at end of file
-diff --git a/terraform/terraform-remote-state/.terraform.lock.hcl b/terraform/terraform-remote-state/.terraform.lock.hcl
-new file mode 100644
-index 0000000..72d84f3
---- /dev/null
-+++ b/terraform/terraform-remote-state/.terraform.lock.hcl
-@@ -0,0 +1,39 @@
-+# This file is maintained automatically by "terraform init".
-+# Manual edits may be lost in future updates.
-+
-+provider "registry.terraform.io/hashicorp/azurerm" {
-+  version     = "2.84.0"
-+  constraints = "~> 2.0"
-+  hashes = [
-+    "h1:jyvuROvM/4pyDA61Gq6F9pc3c0ofhgo22XEnlWwjxnE=",
-+    "zh:172f9abac9765cd4412d192fbc33ce29ef45dde7865844d246d9a645e8bf52d1",
-+    "zh:1b92d4262852169bcd1c7766047af5b5bdb64bd05d4be69dfa5078b83e0d5b30",
-+    "zh:391fbe77d483120ed7954d4c88ed8d6668dad807f2b4dc8f4faeaffebcf83b49",
-+    "zh:5623276a8e011b7275c0f3922ac3aab0659145fcfde4bb336dfa70150b4f5630",
-+    "zh:6a8f73947379b9aed2f725ba5435210b1911339ccff925fe6d0c89125d3f0d7a",
-+    "zh:89bac435268a41311559ee556ef4bc10a4d4d2ff0bcdbb38d4faf70cb5703600",
-+    "zh:a672d23d1e937de9796971372f47dc0938f28764396b87595d0a2241fd9fefe3",
-+    "zh:cebaaa78cec7fd9aedf56445931e0e3bfbbf5d75eedf8c2da5c6026819611eee",
-+    "zh:e17b79121500fd70e226bd34a45b6fdb9d8699e41896fb3d57c66890fad54ae5",
-+    "zh:ec2b5d259c1cd71b6f8401c6e2cc80229d04bb525c9e0561591c4d03683e241b",
-+    "zh:f9a9011f0a076084511e1602d021bc5e1fb2465cf51e5b2037687a0bba31f811",
-+  ]
-+}
-+
-+provider "registry.terraform.io/hashicorp/random" {
-+  version = "3.1.0"
-+  hashes = [
-+    "h1:rKYu5ZUbXwrLG1w81k7H3nce/Ys6yAxXhWcbtk36HjY=",
-+    "zh:2bbb3339f0643b5daa07480ef4397bd23a79963cc364cdfbb4e86354cb7725bc",
-+    "zh:3cd456047805bf639fbf2c761b1848880ea703a054f76db51852008b11008626",
-+    "zh:4f251b0eda5bb5e3dc26ea4400dba200018213654b69b4a5f96abee815b4f5ff",
-+    "zh:7011332745ea061e517fe1319bd6c75054a314155cb2c1199a5b01fe1889a7e2",
-+    "zh:738ed82858317ccc246691c8b85995bc125ac3b4143043219bd0437adc56c992",
-+    "zh:7dbe52fac7bb21227acd7529b487511c91f4107db9cc4414f50d04ffc3cab427",
-+    "zh:a3a9251fb15f93e4cfc1789800fc2d7414bbc18944ad4c5c98f466e6477c42bc",
-+    "zh:a543ec1a3a8c20635cf374110bd2f87c07374cf2c50617eee2c669b3ceeeaa9f",
-+    "zh:d9ab41d556a48bd7059f0810cf020500635bfc696c9fc3adab5ea8915c1d886b",
-+    "zh:d9e13427a7d011dbd654e591b0337e6074eef8c3b9bb11b2e39eaaf257044fd7",
-+    "zh:f7605bd1437752114baf601bdf6931debe6dc6bfe3006eb7e9bb9080931dca8a",
-+  ]
-+}
-diff --git a/terraform/terraform-remote-state/main.tf b/terraform/terraform-remote-state/main.tf
-new file mode 100644
-index 0000000..df818c0
---- /dev/null
-+++ b/terraform/terraform-remote-state/main.tf
-@@ -0,0 +1,18 @@
-+terraform {
-+  required_version = ">=0.12"
-+  required_providers {
-+    azurerm = {
-+      source = "hashicorp/azurerm"
-+      version = "~>2.84.0"
-+    }
-+  }
-+}
-+
-+provider "azurerm" {
-+  features {}
-+}
-+
-+resource "azurerm_resource_group" "rg" {
-+  name      = "StateResource"
-+  location  = var.location
-+}
-diff --git a/terraform/terraform-remote-state/storage.tf b/terraform/terraform-remote-state/storage.tf
-new file mode 100644
-index 0000000..cea9c17
---- /dev/null
-+++ b/terraform/terraform-remote-state/storage.tf
-@@ -0,0 +1,18 @@
-+resource "azurerm_storage_account" "storageAccount" {
-+    name                     = "couplemgmtstates"
-+    resource_group_name      = azurerm_resource_group.rg.name
-+    location                 = azurerm_resource_group.rg.location
-+    account_tier             = "Standard"
-+    account_replication_type = "LRS"
-+    account_kind             = "StorageV2"
-+    access_tier              = "Hot"
-+    allow_blob_public_access = true
-+
-+    timeouts {}
-+}
-+
-+resource "azurerm_storage_container" "storageContainer" {
-+  name                  = "tfstates"
-+  storage_account_name  = azurerm_storage_account.storageAccount.name
-+  container_access_type = "blob"
-+}
-\ No newline at end of file
-diff --git a/terraform/terraform-remote-state/variables.tf b/terraform/terraform-remote-state/variables.tf
-new file mode 100644
-index 0000000..fb369c9
---- /dev/null
-+++ b/terraform/terraform-remote-state/variables.tf
-@@ -0,0 +1,6 @@
-+# Shortnames for regions can be found here:
-+# https://github.com/claranet/terraform-azurerm-regions/blob/master/REGIONS.md
-+variable "location" {
-+  default = "southeastasia"
-+  description   = "Location of the resource group."
-+}
-\ No newline at end of file
diff --git a/terraform/terraform-create-resource/main.tf b/terraform/terraform-create-resource/main.tf
index e7c8666d..0276ebeb 100644
--- a/terraform/terraform-create-resource/main.tf
+++ b/terraform/terraform-create-resource/main.tf
@@ -25,9 +25,4 @@ resource "azurerm_resource_group" "rg" {
 
 provider "azurerm" {
   features {}
-}
-
-output "rgName" {
-  value = azurerm_resource_group.rg.name
-}
-
+}
\ No newline at end of file

From 6e58f38a8673c2c41533b31468de092ae0470a34 Mon Sep 17 00:00:00 2001
From: Yongkiat Goh <yongkiat.goh@shopee.com>
Date: Thu, 21 Jul 2022 00:31:50 +0800
Subject: [PATCH 17/25] Cleanup indents

---
 terraform/terraform-create-resource/cosmosdb.tf  | 5 +----
 terraform/terraform-create-resource/main.tf      | 5 ++---
 terraform/terraform-create-resource/variables.tf | 7 +++----
 terraform/terraform-remote-state/variables.tf    | 4 ++--
 4 files changed, 8 insertions(+), 13 deletions(-)

diff --git a/terraform/terraform-create-resource/cosmosdb.tf b/terraform/terraform-create-resource/cosmosdb.tf
index 7504e933..f4722f38 100644
--- a/terraform/terraform-create-resource/cosmosdb.tf
+++ b/terraform/terraform-create-resource/cosmosdb.tf
@@ -1,4 +1,3 @@
-# azurerm_cosmosdb_account.db:
 resource "azurerm_cosmosdb_account" "db" {
     access_key_metadata_writes_enabled    = true
     analytical_storage_enabled            = false
@@ -18,7 +17,7 @@ resource "azurerm_cosmosdb_account" "db" {
     resource_group_name                   = azurerm_resource_group.rg.name
 
     capabilities {
-    name = "EnableServerless"
+        name = "EnableServerless"
     }
 
     backup {
@@ -38,6 +37,4 @@ resource "azurerm_cosmosdb_account" "db" {
         location          = "southeastasia"
         zone_redundant    = false
     }
-
-    timeouts {}
 }
\ No newline at end of file
diff --git a/terraform/terraform-create-resource/main.tf b/terraform/terraform-create-resource/main.tf
index 0276ebeb..2395bdf1 100644
--- a/terraform/terraform-create-resource/main.tf
+++ b/terraform/terraform-create-resource/main.tf
@@ -2,7 +2,7 @@ terraform {
   required_version = ">=0.12"
   required_providers {
     azurerm = {
-      source = "hashicorp/azurerm"
+      source  = "hashicorp/azurerm"
       version = "~>2.91.0"
     }
   }
@@ -15,8 +15,7 @@ terraform {
     }
 }
 
-resource "random_uuid" "test" {
-}
+resource "random_uuid" "test" {}
 
 resource "azurerm_resource_group" "rg" {
   name      = "${random_uuid.test.result}-rg-${var.prefix}"
diff --git a/terraform/terraform-create-resource/variables.tf b/terraform/terraform-create-resource/variables.tf
index 7a57d5bf..92628146 100644
--- a/terraform/terraform-create-resource/variables.tf
+++ b/terraform/terraform-create-resource/variables.tf
@@ -1,11 +1,10 @@
 variable "prefix" {
-  default       = "test"
+  default = "test"
 }
 
-
 # Shortnames for regions can be found here:
 # https://github.com/claranet/terraform-azurerm-regions/blob/master/REGIONS.md
 variable "location" {
-  default = "southeastasia"
-  description   = "Location of the resource group."
+  default     = "southeastasia"
+  description = "Location of the resource group."
 }
\ No newline at end of file
diff --git a/terraform/terraform-remote-state/variables.tf b/terraform/terraform-remote-state/variables.tf
index fb369c95..1f96ff54 100644
--- a/terraform/terraform-remote-state/variables.tf
+++ b/terraform/terraform-remote-state/variables.tf
@@ -1,6 +1,6 @@
 # Shortnames for regions can be found here:
 # https://github.com/claranet/terraform-azurerm-regions/blob/master/REGIONS.md
 variable "location" {
-  default = "southeastasia"
-  description   = "Location of the resource group."
+  default     = "southeastasia"
+  description = "Location of the resource group."
 }
\ No newline at end of file

From 604f8147234e5f0fd4378a2516213d375285fe5b Mon Sep 17 00:00:00 2001
From: Yongkiat Goh <yongkiat.goh@shopee.com>
Date: Mon, 25 Jul 2022 23:33:27 +0800
Subject: [PATCH 18/25] Remove .terraform.lock.hcl

---
 .../.terraform.lock.hcl                       | 40 -------------------
 .../.terraform.lock.hcl                       | 21 ----------
 2 files changed, 61 deletions(-)
 delete mode 100644 terraform/terraform-create-resource/.terraform.lock.hcl
 delete mode 100644 terraform/terraform-remote-state/.terraform.lock.hcl

diff --git a/terraform/terraform-create-resource/.terraform.lock.hcl b/terraform/terraform-create-resource/.terraform.lock.hcl
deleted file mode 100644
index 4c575616..00000000
--- a/terraform/terraform-create-resource/.terraform.lock.hcl
+++ /dev/null
@@ -1,40 +0,0 @@
-# This file is maintained automatically by "terraform init".
-# Manual edits may be lost in future updates.
-
-provider "registry.terraform.io/hashicorp/azurerm" {
-  version     = "2.91.0"
-  constraints = "~> 2.91.0"
-  hashes = [
-    "h1:JpJCgETSFOW1VX9MwlMEtJtZi6LdvBL7lZ4aeVqPUHs=",
-    "zh:17102231bc42ac91260489377fb0344408185f9233f126b825c0d0bdc873c8ec",
-    "zh:2454e0683fd8b230c7f30da2afc26bb0e9d699b85409d175a25cd094e4bf7089",
-    "zh:276fdae42310057bc7847ff4af6bb441408153af2ad72f8931145da21072ba8a",
-    "zh:29fd177efd83807acaadc788cbf151e0ed19275b00c7600e1b72316f00e0f1ea",
-    "zh:5d5ec15bbd38fa4d50074ff530e8851b06eeb08048666cde5096d44eeb495e9c",
-    "zh:7974ae42bdb7f9104c1477760d7227243a34087526b4d3eea138f3110b10fd58",
-    "zh:a9fd00320e15c53061556e0dd5818d7e0ca4af0713554dced1ede819350edd9a",
-    "zh:d8a1a3294faabfe0722ed5e553f054a92b2dc03b7f479ca58d67d36621289ce4",
-    "zh:ec4e798182bde6a9d89869c458d36b02d3acdd7ce118c91e8af2b86f082bf5e0",
-    "zh:fb1b3f126f823cb4b6e9018136562e9c28f65732ef0d0f11c18d04117c7ae7a3",
-    "zh:ff0ead2fe3c4c5d597fdc3f2183407ab971f2f435a887ff7af7dac9ae3fa6e86",
-  ]
-}
-
-provider "registry.terraform.io/hashicorp/random" {
-  version = "3.1.3"
-  hashes = [
-    "h1:7+wnAXQM7IpNEAQ6WZXdO0ZfQW/ncQFXYJ5T2KaR+Z8=",
-    "zh:26e07aa32e403303fc212a4367b4d67188ac965c37a9812e07acee1470687a73",
-    "zh:27386f48e9c9d849fbb5a8828d461fde35e71f6b6c9fc235bc4ae8403eb9c92d",
-    "zh:5f4edda4c94240297bbd9b83618fd362348cadf6bf24ea65ea0e1844d7ccedc0",
-    "zh:646313a907126cd5e69f6a9fafe816e9154fccdc04541e06fed02bb3a8fa2d2e",
-    "zh:7349692932a5d462f8dee1500ab60401594dddb94e9aa6bf6c4c0bd53e91bbb8",
-    "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3",
-    "zh:9034daba8d9b32b35930d168f363af04cecb153d5849a7e4a5966c97c5dc956e",
-    "zh:bb81dfca59ef5f949ef39f19ea4f4de25479907abc28cdaa36d12ecd7c0a9699",
-    "zh:bcf7806b99b4c248439ae02c8e21f77aff9fadbc019ce619b929eef09d1221bb",
-    "zh:d708e14d169e61f326535dd08eecd3811cd4942555a6f8efabc37dbff9c6fc61",
-    "zh:dc294e19a46e1cefb9e557a7b789c8dd8f319beca99b8c265181bc633dc434cc",
-    "zh:f9d758ee53c55dc016dd736427b6b0c3c8eb4d0dbbc785b6a3579b0ffedd9e42",
-  ]
-}
diff --git a/terraform/terraform-remote-state/.terraform.lock.hcl b/terraform/terraform-remote-state/.terraform.lock.hcl
deleted file mode 100644
index af66a834..00000000
--- a/terraform/terraform-remote-state/.terraform.lock.hcl
+++ /dev/null
@@ -1,21 +0,0 @@
-# This file is maintained automatically by "terraform init".
-# Manual edits may be lost in future updates.
-
-provider "registry.terraform.io/hashicorp/azurerm" {
-  version     = "2.91.0"
-  constraints = "~> 2.91.0"
-  hashes = [
-    "h1:JpJCgETSFOW1VX9MwlMEtJtZi6LdvBL7lZ4aeVqPUHs=",
-    "zh:17102231bc42ac91260489377fb0344408185f9233f126b825c0d0bdc873c8ec",
-    "zh:2454e0683fd8b230c7f30da2afc26bb0e9d699b85409d175a25cd094e4bf7089",
-    "zh:276fdae42310057bc7847ff4af6bb441408153af2ad72f8931145da21072ba8a",
-    "zh:29fd177efd83807acaadc788cbf151e0ed19275b00c7600e1b72316f00e0f1ea",
-    "zh:5d5ec15bbd38fa4d50074ff530e8851b06eeb08048666cde5096d44eeb495e9c",
-    "zh:7974ae42bdb7f9104c1477760d7227243a34087526b4d3eea138f3110b10fd58",
-    "zh:a9fd00320e15c53061556e0dd5818d7e0ca4af0713554dced1ede819350edd9a",
-    "zh:d8a1a3294faabfe0722ed5e553f054a92b2dc03b7f479ca58d67d36621289ce4",
-    "zh:ec4e798182bde6a9d89869c458d36b02d3acdd7ce118c91e8af2b86f082bf5e0",
-    "zh:fb1b3f126f823cb4b6e9018136562e9c28f65732ef0d0f11c18d04117c7ae7a3",
-    "zh:ff0ead2fe3c4c5d597fdc3f2183407ab971f2f435a887ff7af7dac9ae3fa6e86",
-  ]
-}

From 27333083faf3723f9ca7850a5bdcdad625ea354f Mon Sep 17 00:00:00 2001
From: Yongkiat Goh <yongkiat.goh@shopee.com>
Date: Tue, 26 Jul 2022 00:42:38 +0800
Subject: [PATCH 19/25] Update variables conventions

---
 terraform/terraform-create-resource/variables.tf | 13 ++++++++-----
 terraform/terraform-remote-state/variables.tf    |  3 ++-
 2 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/terraform/terraform-create-resource/variables.tf b/terraform/terraform-create-resource/variables.tf
index 92628146..7b684c44 100644
--- a/terraform/terraform-create-resource/variables.tf
+++ b/terraform/terraform-create-resource/variables.tf
@@ -1,10 +1,13 @@
-variable "prefix" {
-  default = "test"
-}
-
 # Shortnames for regions can be found here:
 # https://github.com/claranet/terraform-azurerm-regions/blob/master/REGIONS.md
 variable "location" {
+  description = "Location of the resources"
+  type        = string
   default     = "southeastasia"
-  description = "Location of the resource group."
+}
+
+variable "env" {
+  description = "Environment for resource names"
+  type        = string
+  default     = "test"
 }
\ No newline at end of file
diff --git a/terraform/terraform-remote-state/variables.tf b/terraform/terraform-remote-state/variables.tf
index 1f96ff54..5980b498 100644
--- a/terraform/terraform-remote-state/variables.tf
+++ b/terraform/terraform-remote-state/variables.tf
@@ -1,6 +1,7 @@
 # Shortnames for regions can be found here:
 # https://github.com/claranet/terraform-azurerm-regions/blob/master/REGIONS.md
 variable "location" {
-  default     = "southeastasia"
   description = "Location of the resource group."
+  type        = string
+  default     = "southeastasia"
 }
\ No newline at end of file

From e1f053c9754e9b698e669ef46ee2bc091fbe98b9 Mon Sep 17 00:00:00 2001
From: Yongkiat Goh <yongkiat.goh@shopee.com>
Date: Tue, 26 Jul 2022 01:51:10 +0800
Subject: [PATCH 20/25] Update naming convention for region variable

---
 terraform/terraform-create-resource/cosmosdb.tf    | 2 +-
 terraform/terraform-create-resource/functionapp.tf | 8 ++++----
 terraform/terraform-create-resource/main.tf        | 2 +-
 terraform/terraform-create-resource/storage.tf     | 2 +-
 terraform/terraform-create-resource/variables.tf   | 4 ++--
 terraform/terraform-remote-state/main.tf           | 2 +-
 terraform/terraform-remote-state/storage.tf        | 2 +-
 terraform/terraform-remote-state/variables.tf      | 4 ++--
 8 files changed, 13 insertions(+), 13 deletions(-)

diff --git a/terraform/terraform-create-resource/cosmosdb.tf b/terraform/terraform-create-resource/cosmosdb.tf
index f4722f38..744d87a0 100644
--- a/terraform/terraform-create-resource/cosmosdb.tf
+++ b/terraform/terraform-create-resource/cosmosdb.tf
@@ -8,7 +8,7 @@ resource "azurerm_cosmosdb_account" "db" {
     is_virtual_network_filter_enabled     = false
     kind                                  = "GlobalDocumentDB"
     local_authentication_disabled         = false
-    location                              = "southeastasia"
+    location                              = var.azurerm_region
     name                                  = "${var.prefix}-couple-management-storage"
     network_acl_bypass_for_azure_services = false
     network_acl_bypass_ids                = []
diff --git a/terraform/terraform-create-resource/functionapp.tf b/terraform/terraform-create-resource/functionapp.tf
index 6260a5ce..c39bcb27 100644
--- a/terraform/terraform-create-resource/functionapp.tf
+++ b/terraform/terraform-create-resource/functionapp.tf
@@ -1,6 +1,6 @@
 resource "azurerm_app_service_plan" "change_event_asp" {
   name                = "${var.prefix}-change-event"
-  location            = azurerm_resource_group.rg.location
+  location            = var.azurerm_region
   resource_group_name = azurerm_resource_group.rg.name
   kind                = "FunctionApp"
 
@@ -12,7 +12,7 @@ resource "azurerm_app_service_plan" "change_event_asp" {
 
 resource "azurerm_function_app" "change_event_fa" {
   name                       = "${var.prefix}-change-event"
-  location                   = azurerm_resource_group.rg.location
+  location                   = var.azurerm_region
   resource_group_name        = azurerm_resource_group.rg.name
   app_service_plan_id        = azurerm_app_service_plan.change_event_asp.id
   storage_account_name       = azurerm_storage_account.storage.name
@@ -31,7 +31,7 @@ resource "azurerm_function_app" "change_event_fa" {
 
 resource "azurerm_app_service_plan" "couple_api_asp" {
   name                = "${var.prefix}-couple-api"
-  location            = azurerm_resource_group.rg.location
+  location            = var.azurerm_region
   resource_group_name = azurerm_resource_group.rg.name
   kind                = "FunctionApp"
 
@@ -43,7 +43,7 @@ resource "azurerm_app_service_plan" "couple_api_asp" {
 
 resource "azurerm_function_app" "couple_api_fa" {
   name                       = "${var.prefix}-couple-api"
-  location                   = azurerm_resource_group.rg.location
+  location                   = var.azurerm_region
   resource_group_name        = azurerm_resource_group.rg.name
   app_service_plan_id        = azurerm_app_service_plan.couple_api_asp.id
   storage_account_name       = azurerm_storage_account.storage.name
diff --git a/terraform/terraform-create-resource/main.tf b/terraform/terraform-create-resource/main.tf
index 2395bdf1..7f0620e0 100644
--- a/terraform/terraform-create-resource/main.tf
+++ b/terraform/terraform-create-resource/main.tf
@@ -19,7 +19,7 @@ resource "random_uuid" "test" {}
 
 resource "azurerm_resource_group" "rg" {
   name      = "${random_uuid.test.result}-rg-${var.prefix}"
-  location  = var.location
+  location  = var.azurerm_region
 }
 
 provider "azurerm" {
diff --git a/terraform/terraform-create-resource/storage.tf b/terraform/terraform-create-resource/storage.tf
index 0af7305f..dc282136 100644
--- a/terraform/terraform-create-resource/storage.tf
+++ b/terraform/terraform-create-resource/storage.tf
@@ -1,7 +1,7 @@
 resource "azurerm_storage_account" "storage" {
   name                      = "${var.prefix}couplemgmtstorage"
   resource_group_name       = azurerm_resource_group.rg.name
-  location                  = "southeastasia"
+  location                  = var.azurerm_region
   account_tier              = "Standard"
   account_replication_type  = "LRS"
   allow_blob_public_access  = true
diff --git a/terraform/terraform-create-resource/variables.tf b/terraform/terraform-create-resource/variables.tf
index 7b684c44..4510441b 100644
--- a/terraform/terraform-create-resource/variables.tf
+++ b/terraform/terraform-create-resource/variables.tf
@@ -1,7 +1,7 @@
 # Shortnames for regions can be found here:
 # https://github.com/claranet/terraform-azurerm-regions/blob/master/REGIONS.md
-variable "location" {
-  description = "Location of the resources"
+variable "azurerm_region" {
+  description = "Standard Azure region in shortname format for resource naming purpose"
   type        = string
   default     = "southeastasia"
 }
diff --git a/terraform/terraform-remote-state/main.tf b/terraform/terraform-remote-state/main.tf
index 853fd875..2d7cddbf 100644
--- a/terraform/terraform-remote-state/main.tf
+++ b/terraform/terraform-remote-state/main.tf
@@ -14,5 +14,5 @@ provider "azurerm" {
 
 resource "azurerm_resource_group" "rg" {
   name      = "StateResource"
-  location  = var.location
+  location  = var.azurerm_region
 }
diff --git a/terraform/terraform-remote-state/storage.tf b/terraform/terraform-remote-state/storage.tf
index cea9c171..13c56eb0 100644
--- a/terraform/terraform-remote-state/storage.tf
+++ b/terraform/terraform-remote-state/storage.tf
@@ -1,7 +1,7 @@
 resource "azurerm_storage_account" "storageAccount" {
     name                     = "couplemgmtstates"
     resource_group_name      = azurerm_resource_group.rg.name
-    location                 = azurerm_resource_group.rg.location
+    location                 = var.azurerm_region
     account_tier             = "Standard"
     account_replication_type = "LRS"
     account_kind             = "StorageV2"
diff --git a/terraform/terraform-remote-state/variables.tf b/terraform/terraform-remote-state/variables.tf
index 5980b498..f88a612f 100644
--- a/terraform/terraform-remote-state/variables.tf
+++ b/terraform/terraform-remote-state/variables.tf
@@ -1,7 +1,7 @@
 # Shortnames for regions can be found here:
 # https://github.com/claranet/terraform-azurerm-regions/blob/master/REGIONS.md
-variable "location" {
-  description = "Location of the resource group."
+variable "azurerm_region" {
+  description = "Standard Azure region in shortname format for resource naming purpose"
   type        = string
   default     = "southeastasia"
 }
\ No newline at end of file

From bf94b57e5c3ee58ef78b6eac27765c5747366eb0 Mon Sep 17 00:00:00 2001
From: Yongkiat Goh <yongkiat.goh@shopee.com>
Date: Wed, 10 Aug 2022 01:22:56 +0800
Subject: [PATCH 21/25] Change resource naming according to cloud adoption
 practices

---
 .../terraform-create-resource/cosmosdb.tf     | 10 +++---
 .../terraform-create-resource/functionapp.tf  | 36 +++++++++----------
 terraform/terraform-create-resource/main.tf   | 20 +++++------
 .../terraform-create-resource/storage.tf      | 10 +++---
 terraform/terraform-remote-state/main.tf      |  4 +--
 terraform/terraform-remote-state/storage.tf   | 14 ++++----
 6 files changed, 45 insertions(+), 49 deletions(-)

diff --git a/terraform/terraform-create-resource/cosmosdb.tf b/terraform/terraform-create-resource/cosmosdb.tf
index 744d87a0..2d4bbd8a 100644
--- a/terraform/terraform-create-resource/cosmosdb.tf
+++ b/terraform/terraform-create-resource/cosmosdb.tf
@@ -1,20 +1,20 @@
-resource "azurerm_cosmosdb_account" "db" {
+resource "azurerm_cosmosdb_account" "storage" {
+    name                                  = "cosmos-couplemgmt-${var.prefix}"
     access_key_metadata_writes_enabled    = true
     analytical_storage_enabled            = false
     enable_automatic_failover             = false
-    # Only one free tier cosmosDB per subscription
-    # enable_free_tier                      = true
     enable_multiple_write_locations       = false
     is_virtual_network_filter_enabled     = false
     kind                                  = "GlobalDocumentDB"
     local_authentication_disabled         = false
     location                              = var.azurerm_region
-    name                                  = "${var.prefix}-couple-management-storage"
     network_acl_bypass_for_azure_services = false
     network_acl_bypass_ids                = []
     offer_type                            = "Standard"
     public_network_access_enabled         = true
-    resource_group_name                   = azurerm_resource_group.rg.name
+    resource_group_name                   = azurerm_resource_group.app.name
+    # Only one free tier cosmosDB per subscription
+    # enable_free_tier                      = true
 
     capabilities {
         name = "EnableServerless"
diff --git a/terraform/terraform-create-resource/functionapp.tf b/terraform/terraform-create-resource/functionapp.tf
index c39bcb27..6ceda8a9 100644
--- a/terraform/terraform-create-resource/functionapp.tf
+++ b/terraform/terraform-create-resource/functionapp.tf
@@ -1,7 +1,7 @@
-resource "azurerm_app_service_plan" "change_event_asp" {
-  name                = "${var.prefix}-change-event"
+resource "azurerm_app_service_plan" "changeevent" {
+  name                = "changeevent-service-plan"
   location            = var.azurerm_region
-  resource_group_name = azurerm_resource_group.rg.name
+  resource_group_name = azurerm_resource_group.app.name
   kind                = "FunctionApp"
 
   sku {
@@ -10,18 +10,18 @@ resource "azurerm_app_service_plan" "change_event_asp" {
   }
 }
 
-resource "azurerm_function_app" "change_event_fa" {
-  name                       = "${var.prefix}-change-event"
+resource "azurerm_function_app" "changeevent" {
+  name                       = "func-changeevent.azurewebsites.net"
   location                   = var.azurerm_region
-  resource_group_name        = azurerm_resource_group.rg.name
+  resource_group_name        = azurerm_resource_group.app.name
   app_service_plan_id        = azurerm_app_service_plan.change_event_asp.id
   storage_account_name       = azurerm_storage_account.storage.name
   storage_account_access_key = azurerm_storage_account.storage.primary_access_key
 
   app_settings = {
-    "AccountEndpoint"           = azurerm_cosmosdb_account.db.endpoint
-    "AccountKey"                = azurerm_cosmosdb_account.db.primary_key
-    "DatabaseConnectionString"  = azurerm_cosmosdb_account.db.connection_strings[0]
+    "AccountEndpoint"           = azurerm_cosmosdb_account.storage.endpoint
+    "AccountKey"                = azurerm_cosmosdb_account.storage.primary_key
+    "DatabaseConnectionString"  = azurerm_cosmosdb_account.storage.connection_strings[0]
     "DatabaseName"              = "database"
     "ImagesConnectionString"    = "DefaultEndpointsProtocol=https;AccountName=${azurerm_storage_account.storage.name};AccountKey=${azurerm_storage_account.storage.primary_access_key};EndpointSuffix=core.windows.net"
     "FUNCTIONS_WORKER_RUNTIME"  = "dotnet"
@@ -29,10 +29,10 @@ resource "azurerm_function_app" "change_event_fa" {
   }
 }
 
-resource "azurerm_app_service_plan" "couple_api_asp" {
-  name                = "${var.prefix}-couple-api"
+resource "azurerm_app_service_plan" "couple_api" {
+  name                = "coupleapi-service-plan"
   location            = var.azurerm_region
-  resource_group_name = azurerm_resource_group.rg.name
+  resource_group_name = azurerm_resource_group.app.name
   kind                = "FunctionApp"
 
   sku {
@@ -41,18 +41,18 @@ resource "azurerm_app_service_plan" "couple_api_asp" {
   }
 }
 
-resource "azurerm_function_app" "couple_api_fa" {
-  name                       = "${var.prefix}-couple-api"
+resource "azurerm_function_app" "coupleapi" {
+  name                       = "func-coupleapi.azurewebsites.net"
   location                   = var.azurerm_region
-  resource_group_name        = azurerm_resource_group.rg.name
+  resource_group_name        = azurerm_resource_group.app.name
   app_service_plan_id        = azurerm_app_service_plan.couple_api_asp.id
   storage_account_name       = azurerm_storage_account.storage.name
   storage_account_access_key = azurerm_storage_account.storage.primary_access_key
 
   app_settings = {
-    "AccountEndpoint"           = azurerm_cosmosdb_account.db.endpoint
-    "AccountKey"                = azurerm_cosmosdb_account.db.primary_key
-    "DatabaseConnectionString"  = azurerm_cosmosdb_account.db.connection_strings[0]
+    "AccountEndpoint"           = azurerm_cosmosdb_account.storage.endpoint
+    "AccountKey"                = azurerm_cosmosdb_account.storage.primary_key
+    "DatabaseConnectionString"  = azurerm_cosmosdb_account.storage.connection_strings[0]
     "DatabaseName"              = "database"
     "ImagesConnectionString"    = "DefaultEndpointsProtocol=https;AccountName=${azurerm_storage_account.storage.name};AccountKey=${azurerm_storage_account.storage.primary_access_key};EndpointSuffix=core.windows.net"
     "FUNCTIONS_WORKER_RUNTIME"  = "dotnet"
diff --git a/terraform/terraform-create-resource/main.tf b/terraform/terraform-create-resource/main.tf
index 7f0620e0..d0239abb 100644
--- a/terraform/terraform-create-resource/main.tf
+++ b/terraform/terraform-create-resource/main.tf
@@ -8,20 +8,18 @@ terraform {
   }
 
   backend "azurerm" {
-        resource_group_name  = "StateResource"
-        storage_account_name = "couplemgmtstates"
-        container_name       = "tfstates"
-        key                  = "test.terraform.tfstate"
+        resource_group_name  = "rg-remote-tfstate"
+        storage_account_name = "stcouplemgmtstate"
+        container_name       = "container-remote-tfstate"
+        key                  = "terraform.tfstate"
     }
 }
 
-resource "random_uuid" "test" {}
+provider "azurerm" {
+  features {}
+}
 
-resource "azurerm_resource_group" "rg" {
-  name      = "${random_uuid.test.result}-rg-${var.prefix}"
+resource "azurerm_resource_group" "app" {
+  name      = "rg-couplemgmt"
   location  = var.azurerm_region
 }
-
-provider "azurerm" {
-  features {}
-}
\ No newline at end of file
diff --git a/terraform/terraform-create-resource/storage.tf b/terraform/terraform-create-resource/storage.tf
index dc282136..536da5b9 100644
--- a/terraform/terraform-create-resource/storage.tf
+++ b/terraform/terraform-create-resource/storage.tf
@@ -1,6 +1,6 @@
-resource "azurerm_storage_account" "storage" {
-  name                      = "${var.prefix}couplemgmtstorage"
-  resource_group_name       = azurerm_resource_group.rg.name
+resource "azurerm_storage_account" "images" {
+  name                      = "stcouplemgmtimages"
+  resource_group_name       = azurerm_resource_group.app.name
   location                  = var.azurerm_region
   account_tier              = "Standard"
   account_replication_type  = "LRS"
@@ -8,7 +8,7 @@ resource "azurerm_storage_account" "storage" {
 }
 
 resource "azurerm_storage_container" "images" {
-  name                  = "images"
-  storage_account_name  = azurerm_storage_account.storage.name
+  name                  = "container-images"
+  storage_account_name  = azurerm_storage_account.images.name
   container_access_type = "private"
 }
diff --git a/terraform/terraform-remote-state/main.tf b/terraform/terraform-remote-state/main.tf
index 2d7cddbf..119ecdcf 100644
--- a/terraform/terraform-remote-state/main.tf
+++ b/terraform/terraform-remote-state/main.tf
@@ -12,7 +12,7 @@ provider "azurerm" {
   features {}
 }
 
-resource "azurerm_resource_group" "rg" {
-  name      = "StateResource"
+resource "azurerm_resource_group" "tfstate" {
+  name      = "rg-couplemgmt-tfstate"
   location  = var.azurerm_region
 }
diff --git a/terraform/terraform-remote-state/storage.tf b/terraform/terraform-remote-state/storage.tf
index 13c56eb0..31a4c338 100644
--- a/terraform/terraform-remote-state/storage.tf
+++ b/terraform/terraform-remote-state/storage.tf
@@ -1,18 +1,16 @@
-resource "azurerm_storage_account" "storageAccount" {
-    name                     = "couplemgmtstates"
-    resource_group_name      = azurerm_resource_group.rg.name
+resource "azurerm_storage_account" "tfstate" {
+    name                     = "stcouplemgmtstate"
+    resource_group_name      = azurerm_resource_group.tfstate.name
     location                 = var.azurerm_region
     account_tier             = "Standard"
     account_replication_type = "LRS"
     account_kind             = "StorageV2"
     access_tier              = "Hot"
     allow_blob_public_access = true
-
-    timeouts {}
 }
 
-resource "azurerm_storage_container" "storageContainer" {
-  name                  = "tfstates"
-  storage_account_name  = azurerm_storage_account.storageAccount.name
+resource "azurerm_storage_container" "tfstate" {
+  name                  = "container-tfstate"
+  storage_account_name  = azurerm_storage_account.tfstate.name
   container_access_type = "blob"
 }
\ No newline at end of file

From acdd8749afca0ef150fe184944cb4837b2b5e1e0 Mon Sep 17 00:00:00 2001
From: Yongkiat Goh <yongkiat.goh@shopee.com>
Date: Sat, 13 Aug 2022 18:35:59 +0800
Subject: [PATCH 22/25] Fix remote reference

---
 terraform/terraform-create-resource/main.tf | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/terraform/terraform-create-resource/main.tf b/terraform/terraform-create-resource/main.tf
index d0239abb..dab30cf2 100644
--- a/terraform/terraform-create-resource/main.tf
+++ b/terraform/terraform-create-resource/main.tf
@@ -8,9 +8,9 @@ terraform {
   }
 
   backend "azurerm" {
-        resource_group_name  = "rg-remote-tfstate"
+        resource_group_name  = "rg-couplemgmt-tfstate"
         storage_account_name = "stcouplemgmtstate"
-        container_name       = "container-remote-tfstate"
+        container_name       = "container-tfstate"
         key                  = "terraform.tfstate"
     }
 }

From 89ccceb1d56075d1c41bea7567640904e41b9f21 Mon Sep 17 00:00:00 2001
From: Yongkiat Goh <yongkiat.goh@shopee.com>
Date: Wed, 7 Sep 2022 14:34:07 +0800
Subject: [PATCH 23/25] Add terraform docs

---
 docs/IAC-Introduction.md | 33 +++++++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)
 create mode 100644 docs/IAC-Introduction.md

diff --git a/docs/IAC-Introduction.md b/docs/IAC-Introduction.md
new file mode 100644
index 00000000..b38ac995
--- /dev/null
+++ b/docs/IAC-Introduction.md
@@ -0,0 +1,33 @@
+# Introduction
+## Background
+Traditionally, to manage a piece of infrastructure hosted in a cloud provider, we would have to log into a administrative portal/console, and manually provision that infrastructure resource. This is fine if there are not a lot resources to manage.
+
+As the project gets more complex, there would be higher volatility in the  infrastructure changes. For example, to scale up infrastructure for a peak day, to sunsetting legacy infrastructures and etc. Managing infrastructure manually starts to get challenging as there are many changes to make.
+
+## What is IaC?
+Infrastructure as Code (IaC) is the idea of using code to create configuration files for managing a software infrastructure. By specifying infrastructure requirements and dependencies as code, we can then version, automate and release the changes on  the infrastructure.  
+
+## What is Terraform?
+Terraform is an open source Infrastructure as Code tool to automate the provisioning and management of Cloud infrastructures. The configuration files is written in the **HashiCorp Configuration Language(HCL)**. This language is written in `.tf` files. 
+
+## Terraform Architechture
+```mermaid
+flowchart TB
+    subgraph Plugins
+        Providers
+        Provisioners
+    end
+    id1[Terraform Core] -- RPC --> Plugins
+    Plugins -- golang --> id3[Client Libraries]
+    id3 -- "HTTP(s)" --> id4[Upstream APIs]
+```
+Terraform is mainly split into several parts:
+
+**Terraform Core:** This is the binary that communicates with Terraform plugins to manage the infrastructure. It is responsible for reading configuration files, building the dependency graph and communication with plugins over RPC.
+
+**Terraform Plugins:** Plugins are executable binaries written in Go. Currently, there are 2 kinds of plugin: Providers and Provisioners. Providers exposes implementations to services such as AWS, AzureRM. Provisioners runs scripts during resource creation or destruction.
+
+**Client Libraries:** Client libraries make it easier to communicate with services from a supported language. While it is possible to call the services' API directly, client libraries simplifies the code you need to call them
+
+## Terraform Workflow
+The workflow for using Terraform consists of five stages: Write, Init, Plan, Apply/Destroy

From f0a4675160b2fcca848cde2a2fc8926a2cfc5b92 Mon Sep 17 00:00:00 2001
From: Yongkiat Goh <yongkiat.goh@shopee.com>
Date: Sun, 11 Sep 2022 17:07:43 +0800
Subject: [PATCH 24/25] fix grammar

---
 docs/IAC-Introduction.md | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/docs/IAC-Introduction.md b/docs/IAC-Introduction.md
index b38ac995..86a53943 100644
--- a/docs/IAC-Introduction.md
+++ b/docs/IAC-Introduction.md
@@ -1,14 +1,14 @@
 # Introduction
 ## Background
-Traditionally, to manage a piece of infrastructure hosted in a cloud provider, we would have to log into a administrative portal/console, and manually provision that infrastructure resource. This is fine if there are not a lot resources to manage.
+Traditionally, to manage a piece of infrastructure hosted in a cloud provider, we would have to log into an administrative portal/console, and manually provision that infrastructure resource. This is fine if there are not a lot of resources to manage.
 
-As the project gets more complex, there would be higher volatility in the  infrastructure changes. For example, to scale up infrastructure for a peak day, to sunsetting legacy infrastructures and etc. Managing infrastructure manually starts to get challenging as there are many changes to make.
+As the project gets more complex, there would be higher volatility in the infrastructure changes. For example, to scale up infrastructure for a peak day, sunsetting legacy infrastructures, etc. Managing infrastructure manually starts to get challenging as there are many changes to make.
 
 ## What is IaC?
-Infrastructure as Code (IaC) is the idea of using code to create configuration files for managing a software infrastructure. By specifying infrastructure requirements and dependencies as code, we can then version, automate and release the changes on  the infrastructure.  
+Infrastructure as Code (IaC) is the idea of using code to create configuration files for managing a software infrastructure. By specifying infrastructure requirements and dependencies as code, we can then version, automate and release the changes on the infrastructure.  
 
 ## What is Terraform?
-Terraform is an open source Infrastructure as Code tool to automate the provisioning and management of Cloud infrastructures. The configuration files is written in the **HashiCorp Configuration Language(HCL)**. This language is written in `.tf` files. 
+Terraform is an open source Infrastructure as Code tool to automate the provisioning and management of Cloud infrastructures. The configuration files are written in the **HashiCorp Configuration Language(HCL)**. This language is written in `.tf` files. 
 
 ## Terraform Architechture
 ```mermaid
@@ -23,11 +23,11 @@ flowchart TB
 ```
 Terraform is mainly split into several parts:
 
-**Terraform Core:** This is the binary that communicates with Terraform plugins to manage the infrastructure. It is responsible for reading configuration files, building the dependency graph and communication with plugins over RPC.
+**Terraform Core:** This is the binary that communicates with Terraform plugins to manage the infrastructure. It is responsible for reading configuration files, building the dependency graph and communicating with plugins over RPC.
 
-**Terraform Plugins:** Plugins are executable binaries written in Go. Currently, there are 2 kinds of plugin: Providers and Provisioners. Providers exposes implementations to services such as AWS, AzureRM. Provisioners runs scripts during resource creation or destruction.
+**Terraform Plugins:** Plugins are executable binaries written in Go. Currently, there are 2 kinds of plugins: Providers and Provisioners. Providers expose implementations to services such as AWS, AzureRM. Provisioners run scripts during resource creation or destruction.
 
-**Client Libraries:** Client libraries make it easier to communicate with services from a supported language. While it is possible to call the services' API directly, client libraries simplifies the code you need to call them
+**Client Libraries:** Client libraries make it easier to communicate with services from a supported language. While it is possible to call the services' API directly, client libraries simplify the code you need to call them
 
 ## Terraform Workflow
 The workflow for using Terraform consists of five stages: Write, Init, Plan, Apply/Destroy

From c9aec879575e6e03e3aac8b2df3b0a9263dd45ca Mon Sep 17 00:00:00 2001
From: Yongkiat Goh <yongkiat.goh@shopee.com>
Date: Sun, 18 Sep 2022 19:23:24 +0800
Subject: [PATCH 25/25] Update docs

---
 docs/IAC-Introduction.md | 18 +++++++++++++++---
 1 file changed, 15 insertions(+), 3 deletions(-)

diff --git a/docs/IAC-Introduction.md b/docs/IAC-Introduction.md
index 86a53943..55a92c7f 100644
--- a/docs/IAC-Introduction.md
+++ b/docs/IAC-Introduction.md
@@ -18,8 +18,8 @@ flowchart TB
         Provisioners
     end
     id1[Terraform Core] -- RPC --> Plugins
-    Plugins -- golang --> id3[Client Libraries]
-    id3 -- "HTTP(s)" --> id4[Upstream APIs]
+    Plugins -- golang --> id2[Client Libraries]
+    id2 -- "HTTP(s)" --> id3[Upstream APIs]
 ```
 Terraform is mainly split into several parts:
 
@@ -30,4 +30,16 @@ Terraform is mainly split into several parts:
 **Client Libraries:** Client libraries make it easier to communicate with services from a supported language. While it is possible to call the services' API directly, client libraries simplify the code you need to call them
 
 ## Terraform Workflow
-The workflow for using Terraform consists of five stages: Write, Init, Plan, Apply/Destroy
+The workflow for using Terraform consists of five stages: **Write, Initialisation, Plan, Apply/Destroy**
+
+**Writing Terraform configuration files**
+
+Writing the configuration files is the first step of using Terraform. The working directory should have at least include one `.tf` file written using HCL. 
+
+Several common practices when writing the config files are:
+1. Store your config files in version control and make small incremental changes to them as you write them.
+1.  Repeatedly run commands `terraform init` or `terraform plan` to check and fix the syntax errors.
+
+**Initialization** 
+
+When `terraform init` command is executed, Terraform Core reads the configuration files in the working directory, downloads the plugins from several sources,  and generates a lock file for subsequent `terraform init` executions to decide which plugin versions to be used.