From 65e2394c64e4f081d20a97a65609298d21666a40 Mon Sep 17 00:00:00 2001 From: Yongkiat Goh <yongkiat.goh@shopee.com> Date: Fri, 4 Feb 2022 11:29:46 +0800 Subject: [PATCH 01/25] Initial commit --- .../workflows/terraform-create-resource.yml | 39 ++ .gitignore | 31 ++ terraform.patch | 400 ++++++++++++++++++ .../.terraform.lock.hcl | 39 ++ .../terraform-create-resource/cosmosdb.tf | 43 ++ .../terraform-create-resource/functionapp.tf | 30 ++ terraform/terraform-create-resource/main.tf | 29 ++ .../terraform-create-resource/storage.tf | 14 + .../terraform-create-resource/variables.tf | 11 + .../.terraform.lock.hcl | 39 ++ terraform/terraform-remote-state/main.tf | 18 + terraform/terraform-remote-state/storage.tf | 18 + terraform/terraform-remote-state/variables.tf | 6 + 13 files changed, 717 insertions(+) create mode 100644 .github/workflows/terraform-create-resource.yml create mode 100644 terraform.patch create mode 100644 terraform/terraform-create-resource/.terraform.lock.hcl create mode 100644 terraform/terraform-create-resource/cosmosdb.tf create mode 100644 terraform/terraform-create-resource/functionapp.tf create mode 100644 terraform/terraform-create-resource/main.tf create mode 100644 terraform/terraform-create-resource/storage.tf create mode 100644 terraform/terraform-create-resource/variables.tf create mode 100644 terraform/terraform-remote-state/.terraform.lock.hcl create mode 100644 terraform/terraform-remote-state/main.tf create mode 100644 terraform/terraform-remote-state/storage.tf create mode 100644 terraform/terraform-remote-state/variables.tf diff --git a/.github/workflows/terraform-create-resource.yml b/.github/workflows/terraform-create-resource.yml new file mode 100644 index 00000000..ced04bbb --- /dev/null +++ b/.github/workflows/terraform-create-resource.yml @@ -0,0 +1,39 @@ +name: Terraform Create Azure Resource + +on: + push: + branches: + - master + pull_request: + branches: + - master + +jobs: + terraform: + runs-on: ubuntu-latest + + env: + ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }} + ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }} + ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }} + ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }} + + steps: + - name: Checkout + uses: actions/checkout@v2 + + - name: Terraform Init + run: terraform init + working-directory: ./terraform/terraform-create-resource + + - name: Terraform Validate + run: terraform validate + working-directory: ./terraform/terraform-create-resource + + - name: Terraform Plan + run: terraform plan + working-directory: ./terraform/terraform-create-resource + + - name: Terraform Apply + run: terraform apply -auto-approve + working-directory: ./terraform/terraform-create-resource diff --git a/.gitignore b/.gitignore index 8d85a6e2..93af0987 100644 --- a/.gitignore +++ b/.gitignore @@ -367,3 +367,34 @@ MigrationBackup/ # Fody - auto-generated XML schema FodyWeavers.xsd + +# Local .terraform directories +**/.terraform/* + +# .tfstate files +*.tfstate +*.tfstate.* + +# Crash log files +crash.log + +# Exclude all .tfvars files, which are likely to contain sentitive data, such as +# password, private keys, and other secrets. These should not be part of version +# control as they are data points which are potentially sensitive and subject +# to change depending on the environment. +# +*.tfvars + +# Ignore override files as they are usually used to override resources locally and so +# are not checked in +override.tf +override.tf.json +*_override.tf +*_override.tf.json + +# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan +*tfplan* + +# Ignore CLI configuration files +.terraformrc +terraform.rc diff --git a/terraform.patch b/terraform.patch new file mode 100644 index 00000000..2a402183 --- /dev/null +++ b/terraform.patch @@ -0,0 +1,400 @@ +diff --git a/.github/workflows/terraform-create-resource.yml b/.github/workflows/terraform-create-resource.yml +new file mode 100644 +index 0000000..ced04bb +--- /dev/null ++++ b/.github/workflows/terraform-create-resource.yml +@@ -0,0 +1,39 @@ ++name: Terraform Create Azure Resource ++ ++on: ++ push: ++ branches: ++ - master ++ pull_request: ++ branches: ++ - master ++ ++jobs: ++ terraform: ++ runs-on: ubuntu-latest ++ ++ env: ++ ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }} ++ ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }} ++ ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }} ++ ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }} ++ ++ steps: ++ - name: Checkout ++ uses: actions/checkout@v2 ++ ++ - name: Terraform Init ++ run: terraform init ++ working-directory: ./terraform/terraform-create-resource ++ ++ - name: Terraform Validate ++ run: terraform validate ++ working-directory: ./terraform/terraform-create-resource ++ ++ - name: Terraform Plan ++ run: terraform plan ++ working-directory: ./terraform/terraform-create-resource ++ ++ - name: Terraform Apply ++ run: terraform apply -auto-approve ++ working-directory: ./terraform/terraform-create-resource +diff --git a/.gitignore b/.gitignore +index b18efaa..5bb9714 100644 +--- a/.gitignore ++++ b/.gitignore +@@ -362,4 +362,35 @@ MigrationBackup/ + .ionide/ + + # Fody - auto-generated XML schema +-FodyWeavers.xsd +\ No newline at end of file ++FodyWeavers.xsd ++ ++# Local .terraform directories ++**/.terraform/* ++ ++# .tfstate files ++*.tfstate ++*.tfstate.* ++ ++# Crash log files ++crash.log ++ ++# Exclude all .tfvars files, which are likely to contain sentitive data, such as ++# password, private keys, and other secrets. These should not be part of version ++# control as they are data points which are potentially sensitive and subject ++# to change depending on the environment. ++# ++*.tfvars ++ ++# Ignore override files as they are usually used to override resources locally and so ++# are not checked in ++override.tf ++override.tf.json ++*_override.tf ++*_override.tf.json ++ ++# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan ++*tfplan* ++ ++# Ignore CLI configuration files ++.terraformrc ++terraform.rc +\ No newline at end of file +diff --git a/terraform/terraform-create-resource/.terraform.lock.hcl b/terraform/terraform-create-resource/.terraform.lock.hcl +new file mode 100644 +index 0000000..27e76b0 +--- /dev/null ++++ b/terraform/terraform-create-resource/.terraform.lock.hcl +@@ -0,0 +1,39 @@ ++# This file is maintained automatically by "terraform init". ++# Manual edits may be lost in future updates. ++ ++provider "registry.terraform.io/hashicorp/azurerm" { ++ version = "2.84.0" ++ constraints = "~> 2.84.0" ++ hashes = [ ++ "h1:jyvuROvM/4pyDA61Gq6F9pc3c0ofhgo22XEnlWwjxnE=", ++ "zh:172f9abac9765cd4412d192fbc33ce29ef45dde7865844d246d9a645e8bf52d1", ++ "zh:1b92d4262852169bcd1c7766047af5b5bdb64bd05d4be69dfa5078b83e0d5b30", ++ "zh:391fbe77d483120ed7954d4c88ed8d6668dad807f2b4dc8f4faeaffebcf83b49", ++ "zh:5623276a8e011b7275c0f3922ac3aab0659145fcfde4bb336dfa70150b4f5630", ++ "zh:6a8f73947379b9aed2f725ba5435210b1911339ccff925fe6d0c89125d3f0d7a", ++ "zh:89bac435268a41311559ee556ef4bc10a4d4d2ff0bcdbb38d4faf70cb5703600", ++ "zh:a672d23d1e937de9796971372f47dc0938f28764396b87595d0a2241fd9fefe3", ++ "zh:cebaaa78cec7fd9aedf56445931e0e3bfbbf5d75eedf8c2da5c6026819611eee", ++ "zh:e17b79121500fd70e226bd34a45b6fdb9d8699e41896fb3d57c66890fad54ae5", ++ "zh:ec2b5d259c1cd71b6f8401c6e2cc80229d04bb525c9e0561591c4d03683e241b", ++ "zh:f9a9011f0a076084511e1602d021bc5e1fb2465cf51e5b2037687a0bba31f811", ++ ] ++} ++ ++provider "registry.terraform.io/hashicorp/random" { ++ version = "3.1.0" ++ hashes = [ ++ "h1:rKYu5ZUbXwrLG1w81k7H3nce/Ys6yAxXhWcbtk36HjY=", ++ "zh:2bbb3339f0643b5daa07480ef4397bd23a79963cc364cdfbb4e86354cb7725bc", ++ "zh:3cd456047805bf639fbf2c761b1848880ea703a054f76db51852008b11008626", ++ "zh:4f251b0eda5bb5e3dc26ea4400dba200018213654b69b4a5f96abee815b4f5ff", ++ "zh:7011332745ea061e517fe1319bd6c75054a314155cb2c1199a5b01fe1889a7e2", ++ "zh:738ed82858317ccc246691c8b85995bc125ac3b4143043219bd0437adc56c992", ++ "zh:7dbe52fac7bb21227acd7529b487511c91f4107db9cc4414f50d04ffc3cab427", ++ "zh:a3a9251fb15f93e4cfc1789800fc2d7414bbc18944ad4c5c98f466e6477c42bc", ++ "zh:a543ec1a3a8c20635cf374110bd2f87c07374cf2c50617eee2c669b3ceeeaa9f", ++ "zh:d9ab41d556a48bd7059f0810cf020500635bfc696c9fc3adab5ea8915c1d886b", ++ "zh:d9e13427a7d011dbd654e591b0337e6074eef8c3b9bb11b2e39eaaf257044fd7", ++ "zh:f7605bd1437752114baf601bdf6931debe6dc6bfe3006eb7e9bb9080931dca8a", ++ ] ++} +diff --git a/terraform/terraform-create-resource/cosmosdb.tf b/terraform/terraform-create-resource/cosmosdb.tf +new file mode 100644 +index 0000000..7504e93 +--- /dev/null ++++ b/terraform/terraform-create-resource/cosmosdb.tf +@@ -0,0 +1,43 @@ ++# azurerm_cosmosdb_account.db: ++resource "azurerm_cosmosdb_account" "db" { ++ access_key_metadata_writes_enabled = true ++ analytical_storage_enabled = false ++ enable_automatic_failover = false ++ # Only one free tier cosmosDB per subscription ++ # enable_free_tier = true ++ enable_multiple_write_locations = false ++ is_virtual_network_filter_enabled = false ++ kind = "GlobalDocumentDB" ++ local_authentication_disabled = false ++ location = "southeastasia" ++ name = "${var.prefix}-couple-management-storage" ++ network_acl_bypass_for_azure_services = false ++ network_acl_bypass_ids = [] ++ offer_type = "Standard" ++ public_network_access_enabled = true ++ resource_group_name = azurerm_resource_group.rg.name ++ ++ capabilities { ++ name = "EnableServerless" ++ } ++ ++ backup { ++ interval_in_minutes = 240 ++ retention_in_hours = 8 ++ type = "Periodic" ++ } ++ ++ consistency_policy { ++ consistency_level = "ConsistentPrefix" ++ max_interval_in_seconds = 5 ++ max_staleness_prefix = 100 ++ } ++ ++ geo_location { ++ failover_priority = 0 ++ location = "southeastasia" ++ zone_redundant = false ++ } ++ ++ timeouts {} ++} +\ No newline at end of file +diff --git a/terraform/terraform-create-resource/functionapp.tf b/terraform/terraform-create-resource/functionapp.tf +new file mode 100644 +index 0000000..d91ff15 +--- /dev/null ++++ b/terraform/terraform-create-resource/functionapp.tf +@@ -0,0 +1,30 @@ ++resource "azurerm_app_service_plan" "asp" { ++ name = "${var.prefix}-service-plan" ++ location = azurerm_resource_group.rg.location ++ resource_group_name = azurerm_resource_group.rg.name ++ kind = "FunctionApp" ++ ++ sku { ++ tier = "Dynamic" ++ size = "Y1" ++ } ++} ++ ++resource "azurerm_function_app" "fa" { ++ name = "${var.prefix}-change-event" ++ location = azurerm_resource_group.rg.location ++ resource_group_name = azurerm_resource_group.rg.name ++ app_service_plan_id = azurerm_app_service_plan.asp.id ++ storage_account_name = azurerm_storage_account.storage.name ++ storage_account_access_key = azurerm_storage_account.storage.primary_access_key ++ ++ app_settings = { ++ "AccountEndpoint" = azurerm_cosmosdb_account.db.endpoint ++ "AccountKey" = azurerm_cosmosdb_account.db.primary_key ++ "DatabaseConnectionString" = azurerm_cosmosdb_account.db.connection_strings[0] ++ "DatabaseName" = "database" ++ "ImagesConnectionString" = "DefaultEndpointsProtocol=https;AccountName=${azurerm_storage_account.storage.name};AccountKey=${azurerm_storage_account.storage.primary_access_key};EndpointSuffix=core.windows.net" ++ "FUNCTIONS_WORKER_RUNTIME" = "dotnet" ++ "WEBSITE_RUN_FROM_PACKAGE" = "1" ++ } ++} +\ No newline at end of file +diff --git a/terraform/terraform-create-resource/main.tf b/terraform/terraform-create-resource/main.tf +new file mode 100644 +index 0000000..dc76eaa +--- /dev/null ++++ b/terraform/terraform-create-resource/main.tf +@@ -0,0 +1,29 @@ ++terraform { ++ required_version = ">=0.12" ++ required_providers { ++ azurerm = { ++ source = "hashicorp/azurerm" ++ version = "~>2.84.0" ++ } ++ } ++ ++ backend "azurerm" { ++ resource_group_name = "StateResource" ++ storage_account_name = "couplemgmtstates" ++ container_name = "tfstates" ++ key = "test.terraform.tfstate" ++ } ++} ++ ++resource "random_uuid" "test" { ++} ++ ++resource "azurerm_resource_group" "rg" { ++ name = "${random_uuid.test.result}-rg-${var.prefix}" ++ location = var.location ++} ++ ++provider "azurerm" { ++ features {} ++} ++ +diff --git a/terraform/terraform-create-resource/storage.tf b/terraform/terraform-create-resource/storage.tf +new file mode 100644 +index 0000000..0af7305 +--- /dev/null ++++ b/terraform/terraform-create-resource/storage.tf +@@ -0,0 +1,14 @@ ++resource "azurerm_storage_account" "storage" { ++ name = "${var.prefix}couplemgmtstorage" ++ resource_group_name = azurerm_resource_group.rg.name ++ location = "southeastasia" ++ account_tier = "Standard" ++ account_replication_type = "LRS" ++ allow_blob_public_access = true ++} ++ ++resource "azurerm_storage_container" "images" { ++ name = "images" ++ storage_account_name = azurerm_storage_account.storage.name ++ container_access_type = "private" ++} +diff --git a/terraform/terraform-create-resource/variables.tf b/terraform/terraform-create-resource/variables.tf +new file mode 100644 +index 0000000..7a57d5b +--- /dev/null ++++ b/terraform/terraform-create-resource/variables.tf +@@ -0,0 +1,11 @@ ++variable "prefix" { ++ default = "test" ++} ++ ++ ++# Shortnames for regions can be found here: ++# https://github.com/claranet/terraform-azurerm-regions/blob/master/REGIONS.md ++variable "location" { ++ default = "southeastasia" ++ description = "Location of the resource group." ++} +\ No newline at end of file +diff --git a/terraform/terraform-remote-state/.terraform.lock.hcl b/terraform/terraform-remote-state/.terraform.lock.hcl +new file mode 100644 +index 0000000..72d84f3 +--- /dev/null ++++ b/terraform/terraform-remote-state/.terraform.lock.hcl +@@ -0,0 +1,39 @@ ++# This file is maintained automatically by "terraform init". ++# Manual edits may be lost in future updates. ++ ++provider "registry.terraform.io/hashicorp/azurerm" { ++ version = "2.84.0" ++ constraints = "~> 2.0" ++ hashes = [ ++ "h1:jyvuROvM/4pyDA61Gq6F9pc3c0ofhgo22XEnlWwjxnE=", ++ "zh:172f9abac9765cd4412d192fbc33ce29ef45dde7865844d246d9a645e8bf52d1", ++ "zh:1b92d4262852169bcd1c7766047af5b5bdb64bd05d4be69dfa5078b83e0d5b30", ++ "zh:391fbe77d483120ed7954d4c88ed8d6668dad807f2b4dc8f4faeaffebcf83b49", ++ "zh:5623276a8e011b7275c0f3922ac3aab0659145fcfde4bb336dfa70150b4f5630", ++ "zh:6a8f73947379b9aed2f725ba5435210b1911339ccff925fe6d0c89125d3f0d7a", ++ "zh:89bac435268a41311559ee556ef4bc10a4d4d2ff0bcdbb38d4faf70cb5703600", ++ "zh:a672d23d1e937de9796971372f47dc0938f28764396b87595d0a2241fd9fefe3", ++ "zh:cebaaa78cec7fd9aedf56445931e0e3bfbbf5d75eedf8c2da5c6026819611eee", ++ "zh:e17b79121500fd70e226bd34a45b6fdb9d8699e41896fb3d57c66890fad54ae5", ++ "zh:ec2b5d259c1cd71b6f8401c6e2cc80229d04bb525c9e0561591c4d03683e241b", ++ "zh:f9a9011f0a076084511e1602d021bc5e1fb2465cf51e5b2037687a0bba31f811", ++ ] ++} ++ ++provider "registry.terraform.io/hashicorp/random" { ++ version = "3.1.0" ++ hashes = [ ++ "h1:rKYu5ZUbXwrLG1w81k7H3nce/Ys6yAxXhWcbtk36HjY=", ++ "zh:2bbb3339f0643b5daa07480ef4397bd23a79963cc364cdfbb4e86354cb7725bc", ++ "zh:3cd456047805bf639fbf2c761b1848880ea703a054f76db51852008b11008626", ++ "zh:4f251b0eda5bb5e3dc26ea4400dba200018213654b69b4a5f96abee815b4f5ff", ++ "zh:7011332745ea061e517fe1319bd6c75054a314155cb2c1199a5b01fe1889a7e2", ++ "zh:738ed82858317ccc246691c8b85995bc125ac3b4143043219bd0437adc56c992", ++ "zh:7dbe52fac7bb21227acd7529b487511c91f4107db9cc4414f50d04ffc3cab427", ++ "zh:a3a9251fb15f93e4cfc1789800fc2d7414bbc18944ad4c5c98f466e6477c42bc", ++ "zh:a543ec1a3a8c20635cf374110bd2f87c07374cf2c50617eee2c669b3ceeeaa9f", ++ "zh:d9ab41d556a48bd7059f0810cf020500635bfc696c9fc3adab5ea8915c1d886b", ++ "zh:d9e13427a7d011dbd654e591b0337e6074eef8c3b9bb11b2e39eaaf257044fd7", ++ "zh:f7605bd1437752114baf601bdf6931debe6dc6bfe3006eb7e9bb9080931dca8a", ++ ] ++} +diff --git a/terraform/terraform-remote-state/main.tf b/terraform/terraform-remote-state/main.tf +new file mode 100644 +index 0000000..df818c0 +--- /dev/null ++++ b/terraform/terraform-remote-state/main.tf +@@ -0,0 +1,18 @@ ++terraform { ++ required_version = ">=0.12" ++ required_providers { ++ azurerm = { ++ source = "hashicorp/azurerm" ++ version = "~>2.84.0" ++ } ++ } ++} ++ ++provider "azurerm" { ++ features {} ++} ++ ++resource "azurerm_resource_group" "rg" { ++ name = "StateResource" ++ location = var.location ++} +diff --git a/terraform/terraform-remote-state/storage.tf b/terraform/terraform-remote-state/storage.tf +new file mode 100644 +index 0000000..cea9c17 +--- /dev/null ++++ b/terraform/terraform-remote-state/storage.tf +@@ -0,0 +1,18 @@ ++resource "azurerm_storage_account" "storageAccount" { ++ name = "couplemgmtstates" ++ resource_group_name = azurerm_resource_group.rg.name ++ location = azurerm_resource_group.rg.location ++ account_tier = "Standard" ++ account_replication_type = "LRS" ++ account_kind = "StorageV2" ++ access_tier = "Hot" ++ allow_blob_public_access = true ++ ++ timeouts {} ++} ++ ++resource "azurerm_storage_container" "storageContainer" { ++ name = "tfstates" ++ storage_account_name = azurerm_storage_account.storageAccount.name ++ container_access_type = "blob" ++} +\ No newline at end of file +diff --git a/terraform/terraform-remote-state/variables.tf b/terraform/terraform-remote-state/variables.tf +new file mode 100644 +index 0000000..fb369c9 +--- /dev/null ++++ b/terraform/terraform-remote-state/variables.tf +@@ -0,0 +1,6 @@ ++# Shortnames for regions can be found here: ++# https://github.com/claranet/terraform-azurerm-regions/blob/master/REGIONS.md ++variable "location" { ++ default = "southeastasia" ++ description = "Location of the resource group." ++} +\ No newline at end of file diff --git a/terraform/terraform-create-resource/.terraform.lock.hcl b/terraform/terraform-create-resource/.terraform.lock.hcl new file mode 100644 index 00000000..27e76b08 --- /dev/null +++ b/terraform/terraform-create-resource/.terraform.lock.hcl @@ -0,0 +1,39 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/hashicorp/azurerm" { + version = "2.84.0" + constraints = "~> 2.84.0" + hashes = [ + "h1:jyvuROvM/4pyDA61Gq6F9pc3c0ofhgo22XEnlWwjxnE=", + "zh:172f9abac9765cd4412d192fbc33ce29ef45dde7865844d246d9a645e8bf52d1", + "zh:1b92d4262852169bcd1c7766047af5b5bdb64bd05d4be69dfa5078b83e0d5b30", + "zh:391fbe77d483120ed7954d4c88ed8d6668dad807f2b4dc8f4faeaffebcf83b49", + "zh:5623276a8e011b7275c0f3922ac3aab0659145fcfde4bb336dfa70150b4f5630", + "zh:6a8f73947379b9aed2f725ba5435210b1911339ccff925fe6d0c89125d3f0d7a", + "zh:89bac435268a41311559ee556ef4bc10a4d4d2ff0bcdbb38d4faf70cb5703600", + "zh:a672d23d1e937de9796971372f47dc0938f28764396b87595d0a2241fd9fefe3", + "zh:cebaaa78cec7fd9aedf56445931e0e3bfbbf5d75eedf8c2da5c6026819611eee", + "zh:e17b79121500fd70e226bd34a45b6fdb9d8699e41896fb3d57c66890fad54ae5", + "zh:ec2b5d259c1cd71b6f8401c6e2cc80229d04bb525c9e0561591c4d03683e241b", + "zh:f9a9011f0a076084511e1602d021bc5e1fb2465cf51e5b2037687a0bba31f811", + ] +} + +provider "registry.terraform.io/hashicorp/random" { + version = "3.1.0" + hashes = [ + "h1:rKYu5ZUbXwrLG1w81k7H3nce/Ys6yAxXhWcbtk36HjY=", + "zh:2bbb3339f0643b5daa07480ef4397bd23a79963cc364cdfbb4e86354cb7725bc", + "zh:3cd456047805bf639fbf2c761b1848880ea703a054f76db51852008b11008626", + "zh:4f251b0eda5bb5e3dc26ea4400dba200018213654b69b4a5f96abee815b4f5ff", + "zh:7011332745ea061e517fe1319bd6c75054a314155cb2c1199a5b01fe1889a7e2", + "zh:738ed82858317ccc246691c8b85995bc125ac3b4143043219bd0437adc56c992", + "zh:7dbe52fac7bb21227acd7529b487511c91f4107db9cc4414f50d04ffc3cab427", + "zh:a3a9251fb15f93e4cfc1789800fc2d7414bbc18944ad4c5c98f466e6477c42bc", + "zh:a543ec1a3a8c20635cf374110bd2f87c07374cf2c50617eee2c669b3ceeeaa9f", + "zh:d9ab41d556a48bd7059f0810cf020500635bfc696c9fc3adab5ea8915c1d886b", + "zh:d9e13427a7d011dbd654e591b0337e6074eef8c3b9bb11b2e39eaaf257044fd7", + "zh:f7605bd1437752114baf601bdf6931debe6dc6bfe3006eb7e9bb9080931dca8a", + ] +} diff --git a/terraform/terraform-create-resource/cosmosdb.tf b/terraform/terraform-create-resource/cosmosdb.tf new file mode 100644 index 00000000..7504e933 --- /dev/null +++ b/terraform/terraform-create-resource/cosmosdb.tf @@ -0,0 +1,43 @@ +# azurerm_cosmosdb_account.db: +resource "azurerm_cosmosdb_account" "db" { + access_key_metadata_writes_enabled = true + analytical_storage_enabled = false + enable_automatic_failover = false + # Only one free tier cosmosDB per subscription + # enable_free_tier = true + enable_multiple_write_locations = false + is_virtual_network_filter_enabled = false + kind = "GlobalDocumentDB" + local_authentication_disabled = false + location = "southeastasia" + name = "${var.prefix}-couple-management-storage" + network_acl_bypass_for_azure_services = false + network_acl_bypass_ids = [] + offer_type = "Standard" + public_network_access_enabled = true + resource_group_name = azurerm_resource_group.rg.name + + capabilities { + name = "EnableServerless" + } + + backup { + interval_in_minutes = 240 + retention_in_hours = 8 + type = "Periodic" + } + + consistency_policy { + consistency_level = "ConsistentPrefix" + max_interval_in_seconds = 5 + max_staleness_prefix = 100 + } + + geo_location { + failover_priority = 0 + location = "southeastasia" + zone_redundant = false + } + + timeouts {} +} \ No newline at end of file diff --git a/terraform/terraform-create-resource/functionapp.tf b/terraform/terraform-create-resource/functionapp.tf new file mode 100644 index 00000000..d91ff15d --- /dev/null +++ b/terraform/terraform-create-resource/functionapp.tf @@ -0,0 +1,30 @@ +resource "azurerm_app_service_plan" "asp" { + name = "${var.prefix}-service-plan" + location = azurerm_resource_group.rg.location + resource_group_name = azurerm_resource_group.rg.name + kind = "FunctionApp" + + sku { + tier = "Dynamic" + size = "Y1" + } +} + +resource "azurerm_function_app" "fa" { + name = "${var.prefix}-change-event" + location = azurerm_resource_group.rg.location + resource_group_name = azurerm_resource_group.rg.name + app_service_plan_id = azurerm_app_service_plan.asp.id + storage_account_name = azurerm_storage_account.storage.name + storage_account_access_key = azurerm_storage_account.storage.primary_access_key + + app_settings = { + "AccountEndpoint" = azurerm_cosmosdb_account.db.endpoint + "AccountKey" = azurerm_cosmosdb_account.db.primary_key + "DatabaseConnectionString" = azurerm_cosmosdb_account.db.connection_strings[0] + "DatabaseName" = "database" + "ImagesConnectionString" = "DefaultEndpointsProtocol=https;AccountName=${azurerm_storage_account.storage.name};AccountKey=${azurerm_storage_account.storage.primary_access_key};EndpointSuffix=core.windows.net" + "FUNCTIONS_WORKER_RUNTIME" = "dotnet" + "WEBSITE_RUN_FROM_PACKAGE" = "1" + } +} \ No newline at end of file diff --git a/terraform/terraform-create-resource/main.tf b/terraform/terraform-create-resource/main.tf new file mode 100644 index 00000000..dc76eaa0 --- /dev/null +++ b/terraform/terraform-create-resource/main.tf @@ -0,0 +1,29 @@ +terraform { + required_version = ">=0.12" + required_providers { + azurerm = { + source = "hashicorp/azurerm" + version = "~>2.84.0" + } + } + + backend "azurerm" { + resource_group_name = "StateResource" + storage_account_name = "couplemgmtstates" + container_name = "tfstates" + key = "test.terraform.tfstate" + } +} + +resource "random_uuid" "test" { +} + +resource "azurerm_resource_group" "rg" { + name = "${random_uuid.test.result}-rg-${var.prefix}" + location = var.location +} + +provider "azurerm" { + features {} +} + diff --git a/terraform/terraform-create-resource/storage.tf b/terraform/terraform-create-resource/storage.tf new file mode 100644 index 00000000..0af7305f --- /dev/null +++ b/terraform/terraform-create-resource/storage.tf @@ -0,0 +1,14 @@ +resource "azurerm_storage_account" "storage" { + name = "${var.prefix}couplemgmtstorage" + resource_group_name = azurerm_resource_group.rg.name + location = "southeastasia" + account_tier = "Standard" + account_replication_type = "LRS" + allow_blob_public_access = true +} + +resource "azurerm_storage_container" "images" { + name = "images" + storage_account_name = azurerm_storage_account.storage.name + container_access_type = "private" +} diff --git a/terraform/terraform-create-resource/variables.tf b/terraform/terraform-create-resource/variables.tf new file mode 100644 index 00000000..7a57d5bf --- /dev/null +++ b/terraform/terraform-create-resource/variables.tf @@ -0,0 +1,11 @@ +variable "prefix" { + default = "test" +} + + +# Shortnames for regions can be found here: +# https://github.com/claranet/terraform-azurerm-regions/blob/master/REGIONS.md +variable "location" { + default = "southeastasia" + description = "Location of the resource group." +} \ No newline at end of file diff --git a/terraform/terraform-remote-state/.terraform.lock.hcl b/terraform/terraform-remote-state/.terraform.lock.hcl new file mode 100644 index 00000000..72d84f32 --- /dev/null +++ b/terraform/terraform-remote-state/.terraform.lock.hcl @@ -0,0 +1,39 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/hashicorp/azurerm" { + version = "2.84.0" + constraints = "~> 2.0" + hashes = [ + "h1:jyvuROvM/4pyDA61Gq6F9pc3c0ofhgo22XEnlWwjxnE=", + "zh:172f9abac9765cd4412d192fbc33ce29ef45dde7865844d246d9a645e8bf52d1", + "zh:1b92d4262852169bcd1c7766047af5b5bdb64bd05d4be69dfa5078b83e0d5b30", + "zh:391fbe77d483120ed7954d4c88ed8d6668dad807f2b4dc8f4faeaffebcf83b49", + "zh:5623276a8e011b7275c0f3922ac3aab0659145fcfde4bb336dfa70150b4f5630", + "zh:6a8f73947379b9aed2f725ba5435210b1911339ccff925fe6d0c89125d3f0d7a", + "zh:89bac435268a41311559ee556ef4bc10a4d4d2ff0bcdbb38d4faf70cb5703600", + "zh:a672d23d1e937de9796971372f47dc0938f28764396b87595d0a2241fd9fefe3", + "zh:cebaaa78cec7fd9aedf56445931e0e3bfbbf5d75eedf8c2da5c6026819611eee", + "zh:e17b79121500fd70e226bd34a45b6fdb9d8699e41896fb3d57c66890fad54ae5", + "zh:ec2b5d259c1cd71b6f8401c6e2cc80229d04bb525c9e0561591c4d03683e241b", + "zh:f9a9011f0a076084511e1602d021bc5e1fb2465cf51e5b2037687a0bba31f811", + ] +} + +provider "registry.terraform.io/hashicorp/random" { + version = "3.1.0" + hashes = [ + "h1:rKYu5ZUbXwrLG1w81k7H3nce/Ys6yAxXhWcbtk36HjY=", + "zh:2bbb3339f0643b5daa07480ef4397bd23a79963cc364cdfbb4e86354cb7725bc", + "zh:3cd456047805bf639fbf2c761b1848880ea703a054f76db51852008b11008626", + "zh:4f251b0eda5bb5e3dc26ea4400dba200018213654b69b4a5f96abee815b4f5ff", + "zh:7011332745ea061e517fe1319bd6c75054a314155cb2c1199a5b01fe1889a7e2", + "zh:738ed82858317ccc246691c8b85995bc125ac3b4143043219bd0437adc56c992", + "zh:7dbe52fac7bb21227acd7529b487511c91f4107db9cc4414f50d04ffc3cab427", + "zh:a3a9251fb15f93e4cfc1789800fc2d7414bbc18944ad4c5c98f466e6477c42bc", + "zh:a543ec1a3a8c20635cf374110bd2f87c07374cf2c50617eee2c669b3ceeeaa9f", + "zh:d9ab41d556a48bd7059f0810cf020500635bfc696c9fc3adab5ea8915c1d886b", + "zh:d9e13427a7d011dbd654e591b0337e6074eef8c3b9bb11b2e39eaaf257044fd7", + "zh:f7605bd1437752114baf601bdf6931debe6dc6bfe3006eb7e9bb9080931dca8a", + ] +} diff --git a/terraform/terraform-remote-state/main.tf b/terraform/terraform-remote-state/main.tf new file mode 100644 index 00000000..df818c0a --- /dev/null +++ b/terraform/terraform-remote-state/main.tf @@ -0,0 +1,18 @@ +terraform { + required_version = ">=0.12" + required_providers { + azurerm = { + source = "hashicorp/azurerm" + version = "~>2.84.0" + } + } +} + +provider "azurerm" { + features {} +} + +resource "azurerm_resource_group" "rg" { + name = "StateResource" + location = var.location +} diff --git a/terraform/terraform-remote-state/storage.tf b/terraform/terraform-remote-state/storage.tf new file mode 100644 index 00000000..cea9c171 --- /dev/null +++ b/terraform/terraform-remote-state/storage.tf @@ -0,0 +1,18 @@ +resource "azurerm_storage_account" "storageAccount" { + name = "couplemgmtstates" + resource_group_name = azurerm_resource_group.rg.name + location = azurerm_resource_group.rg.location + account_tier = "Standard" + account_replication_type = "LRS" + account_kind = "StorageV2" + access_tier = "Hot" + allow_blob_public_access = true + + timeouts {} +} + +resource "azurerm_storage_container" "storageContainer" { + name = "tfstates" + storage_account_name = azurerm_storage_account.storageAccount.name + container_access_type = "blob" +} \ No newline at end of file diff --git a/terraform/terraform-remote-state/variables.tf b/terraform/terraform-remote-state/variables.tf new file mode 100644 index 00000000..fb369c95 --- /dev/null +++ b/terraform/terraform-remote-state/variables.tf @@ -0,0 +1,6 @@ +# Shortnames for regions can be found here: +# https://github.com/claranet/terraform-azurerm-regions/blob/master/REGIONS.md +variable "location" { + default = "southeastasia" + description = "Location of the resource group." +} \ No newline at end of file From 890ba5891ca673dbb17368dcb4836b31dfbfcadd Mon Sep 17 00:00:00 2001 From: Yongkiat Goh <yongkiat.goh@shopee.com> Date: Sat, 19 Feb 2022 12:51:08 +0800 Subject: [PATCH 02/25] Change publish profile reference --- .github/workflows/azure-messaging-function.yml | 10 ++++++++-- .github/workflows/terraform-create-resource.yml | 9 +++++++++ terraform/terraform-create-resource/main.tf | 4 ++++ 3 files changed, 21 insertions(+), 2 deletions(-) diff --git a/.github/workflows/azure-messaging-function.yml b/.github/workflows/azure-messaging-function.yml index a858faac..6f40963a 100644 --- a/.github/workflows/azure-messaging-function.yml +++ b/.github/workflows/azure-messaging-function.yml @@ -29,10 +29,16 @@ jobs: dotnet build --configuration Release --output ./output popd - - name: 'Deploy' + - name: Get Pubilsh Profile + id: getPublishProfile + run: | + echo "::set-output name=PUBLISH_PROFILE::$(az webapp deployment list-publishing-profiles -g '${{ needs.terraform.outputs.rgName }}' -n 'app-service-name' --xml)" + + + - name: 'Run Azure Functions Action' uses: Azure/functions-action@v1 id: fa with: app-name: ${{ env.AZURE_FUNCTIONAPP_NAME }} package: '${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }}/output' - publish-profile: ${{ secrets.AZURE_MESSAGING_FUNCTIONAPP_PUBLISH_PROFILE }} + publish-profile: ${{ steps.getPublishProfile.outputs.PUBLISH_PROFILE }} diff --git a/.github/workflows/terraform-create-resource.yml b/.github/workflows/terraform-create-resource.yml index ced04bbb..c40e7f6b 100644 --- a/.github/workflows/terraform-create-resource.yml +++ b/.github/workflows/terraform-create-resource.yml @@ -17,6 +17,9 @@ jobs: ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }} ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }} ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }} + + outputs: + rgName: ${{ steps.getResourceGroupName.outputs.rgName }} steps: - name: Checkout @@ -37,3 +40,9 @@ jobs: - name: Terraform Apply run: terraform apply -auto-approve working-directory: ./terraform/terraform-create-resource + + - name: Get Resource Group name + id: getResourceGroupName + run: | + echo "::set-output name=rgName::$(terraform output -raw rgName)" + diff --git a/terraform/terraform-create-resource/main.tf b/terraform/terraform-create-resource/main.tf index dc76eaa0..66a8c19c 100644 --- a/terraform/terraform-create-resource/main.tf +++ b/terraform/terraform-create-resource/main.tf @@ -27,3 +27,7 @@ provider "azurerm" { features {} } +output "rgName" { + value = azurerm_resource_group.rg.name +} + From 22a3ece06e391eccfb229a6d51aa44a954636c4e Mon Sep 17 00:00:00 2001 From: Yongkiat Goh <yongkiat.goh@shopee.com> Date: Tue, 1 Mar 2022 00:06:26 +0800 Subject: [PATCH 03/25] Add workflow job dependencies --- .github/workflows/dotnet-deploy-workflow.yml | 87 ++++++++++++++++++++ 1 file changed, 87 insertions(+) create mode 100644 .github/workflows/dotnet-deploy-workflow.yml diff --git a/.github/workflows/dotnet-deploy-workflow.yml b/.github/workflows/dotnet-deploy-workflow.yml new file mode 100644 index 00000000..f08cc219 --- /dev/null +++ b/.github/workflows/dotnet-deploy-workflow.yml @@ -0,0 +1,87 @@ +name: Deploy DotNet project + +on: + push: + branches: + - master + pull_request: + branches: + - master + +jobs: + terraform-create: + runs-on: ubuntu-latest + defaults: + run: + working-directory: ./terraform/terraform-create-resource + env: + ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }} + ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }} + ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }} + ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }} + + AZURE_FUNCTIONAPP_NAME: change-event + AZURE_FUNCTIONAPP_PACKAGE_PATH: 'Messaging' + DOTNET_VERSION: '6.0.x' + + outputs: + rgName: ${{ steps.getResourceGroupName.outputs.rgName }} + + steps: + - name: Checkout + uses: actions/checkout@v2 + + - name: Terraform Init + run: terraform init + + - name: Terraform Validate + run: terraform validate + + - name: Terraform Plan + run: terraform plan + + - name: Terraform Apply + run: terraform apply -auto-approve + + - name: Get Resource Group name + id: getResourceGroupName + run: | + echo "::set-output name=rgName::$(terraform output -raw rgName)" + + fa-build-and-deploy: + needs: terraform-create + runs-on: ubuntu-latest + env: + AZURE_FUNCTIONAPP_NAME: change-event + AZURE_FUNCTIONAPP_PACKAGE_PATH: 'Messaging' + DOTNET_VERSION: '6.0.x' + + steps: + - name: 'Checkout GitHub Action' + uses: actions/checkout@v2 + + - name: Setup DotNet ${{ env.DOTNET_VERSION }} Environment + uses: actions/setup-dotnet@v1 + with: + dotnet-version: ${{ env.DOTNET_VERSION }} + + - name: 'Resolve Project Dependencies Using Dotnet' + shell: bash + run: | + pushd './${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }}' + dotnet build --configuration Release --output ./output + popd + + - name: Get Pubilsh Profile + id: getPublishProfile + run: | + echo "::set-output name=PUBLISH_PROFILE::$(az webapp deployment list-publishing-profiles -g '${{ needs.terraform-create.outputs.rgName }}' -n '${{ env.AZURE_FUNCTIONAPP_NAME }}' --xml)" + + + - name: 'Run Azure Functions Action' + uses: Azure/functions-action@v1 + id: fa + with: + app-name: ${{ env.AZURE_FUNCTIONAPP_NAME }} + package: '${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }}/output' + publish-profile: ${{ steps.getPublishProfile.outputs.PUBLISH_PROFILE }} \ No newline at end of file From ca49b09260cd4efae9f3853d59abf158aa9af23a Mon Sep 17 00:00:00 2001 From: Yongkiat Goh <yongkiat.goh@shopee.com> Date: Tue, 1 Mar 2022 00:36:45 +0800 Subject: [PATCH 04/25] Update ARM env scope --- .github/workflows/dotnet-deploy-workflow.yml | 20 ++++++++------------ 1 file changed, 8 insertions(+), 12 deletions(-) diff --git a/.github/workflows/dotnet-deploy-workflow.yml b/.github/workflows/dotnet-deploy-workflow.yml index f08cc219..a79f3113 100644 --- a/.github/workflows/dotnet-deploy-workflow.yml +++ b/.github/workflows/dotnet-deploy-workflow.yml @@ -8,24 +8,21 @@ on: branches: - master +env: + ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }} + ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }} + ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }} + ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }} + jobs: terraform-create: runs-on: ubuntu-latest defaults: run: working-directory: ./terraform/terraform-create-resource - env: - ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }} - ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }} - ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }} - ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }} - - AZURE_FUNCTIONAPP_NAME: change-event - AZURE_FUNCTIONAPP_PACKAGE_PATH: 'Messaging' - DOTNET_VERSION: '6.0.x' outputs: - rgName: ${{ steps.getResourceGroupName.outputs.rgName }} + AZURE_RESOURCEGROUP_NAME: ${{ steps.getResourceGroupName.outputs.rgName }} steps: - name: Checkout @@ -52,7 +49,7 @@ jobs: needs: terraform-create runs-on: ubuntu-latest env: - AZURE_FUNCTIONAPP_NAME: change-event + AZURE_FUNCTIONAPP_NAME: test-change-event AZURE_FUNCTIONAPP_PACKAGE_PATH: 'Messaging' DOTNET_VERSION: '6.0.x' @@ -77,7 +74,6 @@ jobs: run: | echo "::set-output name=PUBLISH_PROFILE::$(az webapp deployment list-publishing-profiles -g '${{ needs.terraform-create.outputs.rgName }}' -n '${{ env.AZURE_FUNCTIONAPP_NAME }}' --xml)" - - name: 'Run Azure Functions Action' uses: Azure/functions-action@v1 id: fa From 913bea6088a8a9dd320b7dc38bb3efcd75fbd709 Mon Sep 17 00:00:00 2001 From: Yongkiat Goh <yongkiat.goh@shopee.com> Date: Tue, 1 Mar 2022 23:45:26 +0800 Subject: [PATCH 05/25] Add Az CLI login step --- .github/workflows/dotnet-deploy-workflow.yml | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/.github/workflows/dotnet-deploy-workflow.yml b/.github/workflows/dotnet-deploy-workflow.yml index a79f3113..a3510317 100644 --- a/.github/workflows/dotnet-deploy-workflow.yml +++ b/.github/workflows/dotnet-deploy-workflow.yml @@ -48,11 +48,13 @@ jobs: fa-build-and-deploy: needs: terraform-create runs-on: ubuntu-latest + permissions: + id-token: write + contents: read env: AZURE_FUNCTIONAPP_NAME: test-change-event AZURE_FUNCTIONAPP_PACKAGE_PATH: 'Messaging' DOTNET_VERSION: '6.0.x' - steps: - name: 'Checkout GitHub Action' uses: actions/checkout@v2 @@ -69,10 +71,17 @@ jobs: dotnet build --configuration Release --output ./output popd + - name: 'Az CLI login' + uses: azure/login@v1 + with: + client-id: ${{ secrets.ARM_CLIENT_ID }} + tenant-id: ${{ secrets.ARM_TENANT_ID }} + subscription-id: ${{ secrets.ARM_SUBSCRIPTION_ID }} + - name: Get Pubilsh Profile id: getPublishProfile run: | - echo "::set-output name=PUBLISH_PROFILE::$(az webapp deployment list-publishing-profiles -g '${{ needs.terraform-create.outputs.rgName }}' -n '${{ env.AZURE_FUNCTIONAPP_NAME }}' --xml)" + echo "::set-output name=PUBLISH_PROFILE::$(az webapp deployment list-publishing-profiles -g '${{ needs.terraform-create.outputs.AZURE_RESOURCEGROUP_NAME }}' -n '${{ env.AZURE_FUNCTIONAPP_NAME }}' --xml)" - name: 'Run Azure Functions Action' uses: Azure/functions-action@v1 From 725e3f4b7463ed744a2ec2ab221b17b68c678cef Mon Sep 17 00:00:00 2001 From: Yongkiat Goh <yongkiat.goh@shopee.com> Date: Sun, 8 May 2022 00:58:31 +0800 Subject: [PATCH 06/25] Upgrade tf azurerm version --- .../.terraform.lock.hcl | 55 ++++++++++--------- terraform/terraform-create-resource/main.tf | 2 +- 2 files changed, 29 insertions(+), 28 deletions(-) diff --git a/terraform/terraform-create-resource/.terraform.lock.hcl b/terraform/terraform-create-resource/.terraform.lock.hcl index 27e76b08..4c575616 100644 --- a/terraform/terraform-create-resource/.terraform.lock.hcl +++ b/terraform/terraform-create-resource/.terraform.lock.hcl @@ -2,38 +2,39 @@ # Manual edits may be lost in future updates. provider "registry.terraform.io/hashicorp/azurerm" { - version = "2.84.0" - constraints = "~> 2.84.0" + version = "2.91.0" + constraints = "~> 2.91.0" hashes = [ - "h1:jyvuROvM/4pyDA61Gq6F9pc3c0ofhgo22XEnlWwjxnE=", - "zh:172f9abac9765cd4412d192fbc33ce29ef45dde7865844d246d9a645e8bf52d1", - "zh:1b92d4262852169bcd1c7766047af5b5bdb64bd05d4be69dfa5078b83e0d5b30", - "zh:391fbe77d483120ed7954d4c88ed8d6668dad807f2b4dc8f4faeaffebcf83b49", - "zh:5623276a8e011b7275c0f3922ac3aab0659145fcfde4bb336dfa70150b4f5630", - "zh:6a8f73947379b9aed2f725ba5435210b1911339ccff925fe6d0c89125d3f0d7a", - "zh:89bac435268a41311559ee556ef4bc10a4d4d2ff0bcdbb38d4faf70cb5703600", - "zh:a672d23d1e937de9796971372f47dc0938f28764396b87595d0a2241fd9fefe3", - "zh:cebaaa78cec7fd9aedf56445931e0e3bfbbf5d75eedf8c2da5c6026819611eee", - "zh:e17b79121500fd70e226bd34a45b6fdb9d8699e41896fb3d57c66890fad54ae5", - "zh:ec2b5d259c1cd71b6f8401c6e2cc80229d04bb525c9e0561591c4d03683e241b", - "zh:f9a9011f0a076084511e1602d021bc5e1fb2465cf51e5b2037687a0bba31f811", + "h1:JpJCgETSFOW1VX9MwlMEtJtZi6LdvBL7lZ4aeVqPUHs=", + "zh:17102231bc42ac91260489377fb0344408185f9233f126b825c0d0bdc873c8ec", + "zh:2454e0683fd8b230c7f30da2afc26bb0e9d699b85409d175a25cd094e4bf7089", + "zh:276fdae42310057bc7847ff4af6bb441408153af2ad72f8931145da21072ba8a", + "zh:29fd177efd83807acaadc788cbf151e0ed19275b00c7600e1b72316f00e0f1ea", + "zh:5d5ec15bbd38fa4d50074ff530e8851b06eeb08048666cde5096d44eeb495e9c", + "zh:7974ae42bdb7f9104c1477760d7227243a34087526b4d3eea138f3110b10fd58", + "zh:a9fd00320e15c53061556e0dd5818d7e0ca4af0713554dced1ede819350edd9a", + "zh:d8a1a3294faabfe0722ed5e553f054a92b2dc03b7f479ca58d67d36621289ce4", + "zh:ec4e798182bde6a9d89869c458d36b02d3acdd7ce118c91e8af2b86f082bf5e0", + "zh:fb1b3f126f823cb4b6e9018136562e9c28f65732ef0d0f11c18d04117c7ae7a3", + "zh:ff0ead2fe3c4c5d597fdc3f2183407ab971f2f435a887ff7af7dac9ae3fa6e86", ] } provider "registry.terraform.io/hashicorp/random" { - version = "3.1.0" + version = "3.1.3" hashes = [ - "h1:rKYu5ZUbXwrLG1w81k7H3nce/Ys6yAxXhWcbtk36HjY=", - "zh:2bbb3339f0643b5daa07480ef4397bd23a79963cc364cdfbb4e86354cb7725bc", - "zh:3cd456047805bf639fbf2c761b1848880ea703a054f76db51852008b11008626", - "zh:4f251b0eda5bb5e3dc26ea4400dba200018213654b69b4a5f96abee815b4f5ff", - "zh:7011332745ea061e517fe1319bd6c75054a314155cb2c1199a5b01fe1889a7e2", - "zh:738ed82858317ccc246691c8b85995bc125ac3b4143043219bd0437adc56c992", - "zh:7dbe52fac7bb21227acd7529b487511c91f4107db9cc4414f50d04ffc3cab427", - "zh:a3a9251fb15f93e4cfc1789800fc2d7414bbc18944ad4c5c98f466e6477c42bc", - "zh:a543ec1a3a8c20635cf374110bd2f87c07374cf2c50617eee2c669b3ceeeaa9f", - "zh:d9ab41d556a48bd7059f0810cf020500635bfc696c9fc3adab5ea8915c1d886b", - "zh:d9e13427a7d011dbd654e591b0337e6074eef8c3b9bb11b2e39eaaf257044fd7", - "zh:f7605bd1437752114baf601bdf6931debe6dc6bfe3006eb7e9bb9080931dca8a", + "h1:7+wnAXQM7IpNEAQ6WZXdO0ZfQW/ncQFXYJ5T2KaR+Z8=", + "zh:26e07aa32e403303fc212a4367b4d67188ac965c37a9812e07acee1470687a73", + "zh:27386f48e9c9d849fbb5a8828d461fde35e71f6b6c9fc235bc4ae8403eb9c92d", + "zh:5f4edda4c94240297bbd9b83618fd362348cadf6bf24ea65ea0e1844d7ccedc0", + "zh:646313a907126cd5e69f6a9fafe816e9154fccdc04541e06fed02bb3a8fa2d2e", + "zh:7349692932a5d462f8dee1500ab60401594dddb94e9aa6bf6c4c0bd53e91bbb8", + "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", + "zh:9034daba8d9b32b35930d168f363af04cecb153d5849a7e4a5966c97c5dc956e", + "zh:bb81dfca59ef5f949ef39f19ea4f4de25479907abc28cdaa36d12ecd7c0a9699", + "zh:bcf7806b99b4c248439ae02c8e21f77aff9fadbc019ce619b929eef09d1221bb", + "zh:d708e14d169e61f326535dd08eecd3811cd4942555a6f8efabc37dbff9c6fc61", + "zh:dc294e19a46e1cefb9e557a7b789c8dd8f319beca99b8c265181bc633dc434cc", + "zh:f9d758ee53c55dc016dd736427b6b0c3c8eb4d0dbbc785b6a3579b0ffedd9e42", ] } diff --git a/terraform/terraform-create-resource/main.tf b/terraform/terraform-create-resource/main.tf index 66a8c19c..e7c8666d 100644 --- a/terraform/terraform-create-resource/main.tf +++ b/terraform/terraform-create-resource/main.tf @@ -3,7 +3,7 @@ terraform { required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~>2.84.0" + version = "~>2.91.0" } } From 09b3b3bdd70441135baba0f3ede7306b540629b1 Mon Sep 17 00:00:00 2001 From: Yongkiat Goh <yongkiat.goh@shopee.com> Date: Sun, 8 May 2022 21:59:28 +0800 Subject: [PATCH 07/25] Remove duplicate workflow --- .../workflows/terraform-create-resource.yml | 48 ------------------- 1 file changed, 48 deletions(-) delete mode 100644 .github/workflows/terraform-create-resource.yml diff --git a/.github/workflows/terraform-create-resource.yml b/.github/workflows/terraform-create-resource.yml deleted file mode 100644 index c40e7f6b..00000000 --- a/.github/workflows/terraform-create-resource.yml +++ /dev/null @@ -1,48 +0,0 @@ -name: Terraform Create Azure Resource - -on: - push: - branches: - - master - pull_request: - branches: - - master - -jobs: - terraform: - runs-on: ubuntu-latest - - env: - ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }} - ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }} - ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }} - ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }} - - outputs: - rgName: ${{ steps.getResourceGroupName.outputs.rgName }} - - steps: - - name: Checkout - uses: actions/checkout@v2 - - - name: Terraform Init - run: terraform init - working-directory: ./terraform/terraform-create-resource - - - name: Terraform Validate - run: terraform validate - working-directory: ./terraform/terraform-create-resource - - - name: Terraform Plan - run: terraform plan - working-directory: ./terraform/terraform-create-resource - - - name: Terraform Apply - run: terraform apply -auto-approve - working-directory: ./terraform/terraform-create-resource - - - name: Get Resource Group name - id: getResourceGroupName - run: | - echo "::set-output name=rgName::$(terraform output -raw rgName)" - From d3f189316be06e7812aa1db10b3de8d95a9a7de8 Mon Sep 17 00:00:00 2001 From: Yongkiat Goh <yongkiat.goh@shopee.com> Date: Sun, 8 May 2022 23:46:30 +0800 Subject: [PATCH 08/25] Change TF auth secrets --- .github/workflows/dotnet-deploy-workflow.yml | 23 ++++++++++++++------ 1 file changed, 16 insertions(+), 7 deletions(-) diff --git a/.github/workflows/dotnet-deploy-workflow.yml b/.github/workflows/dotnet-deploy-workflow.yml index a3510317..6d0b352d 100644 --- a/.github/workflows/dotnet-deploy-workflow.yml +++ b/.github/workflows/dotnet-deploy-workflow.yml @@ -8,12 +8,6 @@ on: branches: - master -env: - ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }} - ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }} - ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }} - ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }} - jobs: terraform-create: runs-on: ubuntu-latest @@ -28,6 +22,21 @@ jobs: - name: Checkout uses: actions/checkout@v2 + - name: Azure CLI login + uses: azure/login@v1 + with: + creds: ${{ secrets.AZURE_CREDENTIALS }} + + - name: Prep TF environment variables + env: + AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }} + run: | + $servicePrincipal = fromJSON($env.AZURE_CREDENTIALS) + echo "ARM_CLIENT_ID=$servicePrincipal.clientId" >> $GITHUB_ENV + echo "ARM_CLIENT_SECRET=$servicePrincipal.clientSecret" >> $GITHUB_ENV + echo "ARM_SUBSCRIPTION_ID=$servicePrincipal.subscriptionID" >> $GITHUB_ENV + echo "ARM_TENANT_ID=$servicePrincipal.tenantId" >> $GITHUB_ENV + - name: Terraform Init run: terraform init @@ -71,7 +80,7 @@ jobs: dotnet build --configuration Release --output ./output popd - - name: 'Az CLI login' + - name: Azure CLI login uses: azure/login@v1 with: client-id: ${{ secrets.ARM_CLIENT_ID }} From 56ebc8597fea9866f8cf683e3dac8ac84932073b Mon Sep 17 00:00:00 2001 From: Yongkiat Goh <yongkiat.goh@shopee.com> Date: Sun, 8 May 2022 23:58:10 +0800 Subject: [PATCH 09/25] Fix workflow errors on fromJSON cmdlet --- .github/workflows/dotnet-deploy-workflow.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dotnet-deploy-workflow.yml b/.github/workflows/dotnet-deploy-workflow.yml index 6d0b352d..d6ef86c2 100644 --- a/.github/workflows/dotnet-deploy-workflow.yml +++ b/.github/workflows/dotnet-deploy-workflow.yml @@ -31,7 +31,7 @@ jobs: env: AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }} run: | - $servicePrincipal = fromJSON($env.AZURE_CREDENTIALS) + $servicePrincipal = ${{ fromJSON(env.AZURE_CREDENTIALS) }} echo "ARM_CLIENT_ID=$servicePrincipal.clientId" >> $GITHUB_ENV echo "ARM_CLIENT_SECRET=$servicePrincipal.clientSecret" >> $GITHUB_ENV echo "ARM_SUBSCRIPTION_ID=$servicePrincipal.subscriptionID" >> $GITHUB_ENV From 2acfb87d50d43c53b8eeafa945408b3a684bf509 Mon Sep 17 00:00:00 2001 From: Yongkiat Goh <yongkiat.goh@shopee.com> Date: Mon, 9 May 2022 00:05:41 +0800 Subject: [PATCH 10/25] Change TF auth secrets using pwsh --- .github/workflows/dotnet-deploy-workflow.yml | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/.github/workflows/dotnet-deploy-workflow.yml b/.github/workflows/dotnet-deploy-workflow.yml index d6ef86c2..7837229a 100644 --- a/.github/workflows/dotnet-deploy-workflow.yml +++ b/.github/workflows/dotnet-deploy-workflow.yml @@ -28,14 +28,17 @@ jobs: creds: ${{ secrets.AZURE_CREDENTIALS }} - name: Prep TF environment variables + shell: pwsh env: AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }} - run: | - $servicePrincipal = ${{ fromJSON(env.AZURE_CREDENTIALS) }} - echo "ARM_CLIENT_ID=$servicePrincipal.clientId" >> $GITHUB_ENV - echo "ARM_CLIENT_SECRET=$servicePrincipal.clientSecret" >> $GITHUB_ENV - echo "ARM_SUBSCRIPTION_ID=$servicePrincipal.subscriptionID" >> $GITHUB_ENV - echo "ARM_TENANT_ID=$servicePrincipal.tenantId" >> $GITHUB_ENV + run: | + $servicePrincipal = ($env:AZURE_CREDENTIALS | ConvertFrom-Json) + $env:ARM_CLIENT_ID = $servicePrincipal.clientId + $env:ARM_CLIENT_SECRET = $servicePrincipal.clientSecret + $env:ARM_SUBSCRIPTION_ID = $servicePrincipal.subscriptionId + $env:ARM_TENANT_ID = $servicePrincipal.tenantId + + Get-ChildItem -Path Env: -Recurse -Include ARM_*,TF_VAR_* | ForEach-Object {Write-Output "$($_.Name)=$($_.Value)"} >> $env:GITHUB_ENV - name: Terraform Init run: terraform init From ec476c4169e1a4fbfe03bfc7a2a2c72efd812550 Mon Sep 17 00:00:00 2001 From: Yongkiat Goh <yongkiat.goh@shopee.com> Date: Wed, 11 May 2022 21:44:41 +0800 Subject: [PATCH 11/25] Upgrade tf azurerm version to 2.91.0 --- .../.terraform.lock.hcl | 46 ++++++------------- terraform/terraform-remote-state/main.tf | 2 +- 2 files changed, 15 insertions(+), 33 deletions(-) diff --git a/terraform/terraform-remote-state/.terraform.lock.hcl b/terraform/terraform-remote-state/.terraform.lock.hcl index 72d84f32..af66a834 100644 --- a/terraform/terraform-remote-state/.terraform.lock.hcl +++ b/terraform/terraform-remote-state/.terraform.lock.hcl @@ -2,38 +2,20 @@ # Manual edits may be lost in future updates. provider "registry.terraform.io/hashicorp/azurerm" { - version = "2.84.0" - constraints = "~> 2.0" + version = "2.91.0" + constraints = "~> 2.91.0" hashes = [ - "h1:jyvuROvM/4pyDA61Gq6F9pc3c0ofhgo22XEnlWwjxnE=", - "zh:172f9abac9765cd4412d192fbc33ce29ef45dde7865844d246d9a645e8bf52d1", - "zh:1b92d4262852169bcd1c7766047af5b5bdb64bd05d4be69dfa5078b83e0d5b30", - "zh:391fbe77d483120ed7954d4c88ed8d6668dad807f2b4dc8f4faeaffebcf83b49", - "zh:5623276a8e011b7275c0f3922ac3aab0659145fcfde4bb336dfa70150b4f5630", - "zh:6a8f73947379b9aed2f725ba5435210b1911339ccff925fe6d0c89125d3f0d7a", - "zh:89bac435268a41311559ee556ef4bc10a4d4d2ff0bcdbb38d4faf70cb5703600", - "zh:a672d23d1e937de9796971372f47dc0938f28764396b87595d0a2241fd9fefe3", - "zh:cebaaa78cec7fd9aedf56445931e0e3bfbbf5d75eedf8c2da5c6026819611eee", - "zh:e17b79121500fd70e226bd34a45b6fdb9d8699e41896fb3d57c66890fad54ae5", - "zh:ec2b5d259c1cd71b6f8401c6e2cc80229d04bb525c9e0561591c4d03683e241b", - "zh:f9a9011f0a076084511e1602d021bc5e1fb2465cf51e5b2037687a0bba31f811", - ] -} - -provider "registry.terraform.io/hashicorp/random" { - version = "3.1.0" - hashes = [ - "h1:rKYu5ZUbXwrLG1w81k7H3nce/Ys6yAxXhWcbtk36HjY=", - "zh:2bbb3339f0643b5daa07480ef4397bd23a79963cc364cdfbb4e86354cb7725bc", - "zh:3cd456047805bf639fbf2c761b1848880ea703a054f76db51852008b11008626", - "zh:4f251b0eda5bb5e3dc26ea4400dba200018213654b69b4a5f96abee815b4f5ff", - "zh:7011332745ea061e517fe1319bd6c75054a314155cb2c1199a5b01fe1889a7e2", - "zh:738ed82858317ccc246691c8b85995bc125ac3b4143043219bd0437adc56c992", - "zh:7dbe52fac7bb21227acd7529b487511c91f4107db9cc4414f50d04ffc3cab427", - "zh:a3a9251fb15f93e4cfc1789800fc2d7414bbc18944ad4c5c98f466e6477c42bc", - "zh:a543ec1a3a8c20635cf374110bd2f87c07374cf2c50617eee2c669b3ceeeaa9f", - "zh:d9ab41d556a48bd7059f0810cf020500635bfc696c9fc3adab5ea8915c1d886b", - "zh:d9e13427a7d011dbd654e591b0337e6074eef8c3b9bb11b2e39eaaf257044fd7", - "zh:f7605bd1437752114baf601bdf6931debe6dc6bfe3006eb7e9bb9080931dca8a", + "h1:JpJCgETSFOW1VX9MwlMEtJtZi6LdvBL7lZ4aeVqPUHs=", + "zh:17102231bc42ac91260489377fb0344408185f9233f126b825c0d0bdc873c8ec", + "zh:2454e0683fd8b230c7f30da2afc26bb0e9d699b85409d175a25cd094e4bf7089", + "zh:276fdae42310057bc7847ff4af6bb441408153af2ad72f8931145da21072ba8a", + "zh:29fd177efd83807acaadc788cbf151e0ed19275b00c7600e1b72316f00e0f1ea", + "zh:5d5ec15bbd38fa4d50074ff530e8851b06eeb08048666cde5096d44eeb495e9c", + "zh:7974ae42bdb7f9104c1477760d7227243a34087526b4d3eea138f3110b10fd58", + "zh:a9fd00320e15c53061556e0dd5818d7e0ca4af0713554dced1ede819350edd9a", + "zh:d8a1a3294faabfe0722ed5e553f054a92b2dc03b7f479ca58d67d36621289ce4", + "zh:ec4e798182bde6a9d89869c458d36b02d3acdd7ce118c91e8af2b86f082bf5e0", + "zh:fb1b3f126f823cb4b6e9018136562e9c28f65732ef0d0f11c18d04117c7ae7a3", + "zh:ff0ead2fe3c4c5d597fdc3f2183407ab971f2f435a887ff7af7dac9ae3fa6e86", ] } diff --git a/terraform/terraform-remote-state/main.tf b/terraform/terraform-remote-state/main.tf index df818c0a..853fd875 100644 --- a/terraform/terraform-remote-state/main.tf +++ b/terraform/terraform-remote-state/main.tf @@ -3,7 +3,7 @@ terraform { required_providers { azurerm = { source = "hashicorp/azurerm" - version = "~>2.84.0" + version = "~>2.91.0" } } } From 9256501d08a63779c7e601771938812b867cfb69 Mon Sep 17 00:00:00 2001 From: Yongkiat Goh <yongkiat.goh@shopee.com> Date: Wed, 11 May 2022 22:40:20 +0800 Subject: [PATCH 12/25] Update Azure auth --- .github/workflows/dotnet-deploy-workflow.yml | 25 ++++---------------- 1 file changed, 5 insertions(+), 20 deletions(-) diff --git a/.github/workflows/dotnet-deploy-workflow.yml b/.github/workflows/dotnet-deploy-workflow.yml index 7837229a..057322ae 100644 --- a/.github/workflows/dotnet-deploy-workflow.yml +++ b/.github/workflows/dotnet-deploy-workflow.yml @@ -14,32 +14,17 @@ jobs: defaults: run: working-directory: ./terraform/terraform-create-resource - + env: + ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} + ARM_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} + ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} + ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} outputs: AZURE_RESOURCEGROUP_NAME: ${{ steps.getResourceGroupName.outputs.rgName }} - steps: - name: Checkout uses: actions/checkout@v2 - - name: Azure CLI login - uses: azure/login@v1 - with: - creds: ${{ secrets.AZURE_CREDENTIALS }} - - - name: Prep TF environment variables - shell: pwsh - env: - AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }} - run: | - $servicePrincipal = ($env:AZURE_CREDENTIALS | ConvertFrom-Json) - $env:ARM_CLIENT_ID = $servicePrincipal.clientId - $env:ARM_CLIENT_SECRET = $servicePrincipal.clientSecret - $env:ARM_SUBSCRIPTION_ID = $servicePrincipal.subscriptionId - $env:ARM_TENANT_ID = $servicePrincipal.tenantId - - Get-ChildItem -Path Env: -Recurse -Include ARM_*,TF_VAR_* | ForEach-Object {Write-Output "$($_.Name)=$($_.Value)"} >> $env:GITHUB_ENV - - name: Terraform Init run: terraform init From 042a6f74806d791c2d732e545282fd0377fc802e Mon Sep 17 00:00:00 2001 From: Yongkiat Goh <yongkiat.goh@shopee.com> Date: Fri, 8 Jul 2022 14:57:33 +0800 Subject: [PATCH 13/25] Add couple-api functionapp --- .../terraform-create-resource/functionapp.tf | 39 +++++++++++++++++-- 1 file changed, 35 insertions(+), 4 deletions(-) diff --git a/terraform/terraform-create-resource/functionapp.tf b/terraform/terraform-create-resource/functionapp.tf index d91ff15d..6260a5ce 100644 --- a/terraform/terraform-create-resource/functionapp.tf +++ b/terraform/terraform-create-resource/functionapp.tf @@ -1,5 +1,5 @@ -resource "azurerm_app_service_plan" "asp" { - name = "${var.prefix}-service-plan" +resource "azurerm_app_service_plan" "change_event_asp" { + name = "${var.prefix}-change-event" location = azurerm_resource_group.rg.location resource_group_name = azurerm_resource_group.rg.name kind = "FunctionApp" @@ -10,11 +10,42 @@ resource "azurerm_app_service_plan" "asp" { } } -resource "azurerm_function_app" "fa" { +resource "azurerm_function_app" "change_event_fa" { name = "${var.prefix}-change-event" location = azurerm_resource_group.rg.location resource_group_name = azurerm_resource_group.rg.name - app_service_plan_id = azurerm_app_service_plan.asp.id + app_service_plan_id = azurerm_app_service_plan.change_event_asp.id + storage_account_name = azurerm_storage_account.storage.name + storage_account_access_key = azurerm_storage_account.storage.primary_access_key + + app_settings = { + "AccountEndpoint" = azurerm_cosmosdb_account.db.endpoint + "AccountKey" = azurerm_cosmosdb_account.db.primary_key + "DatabaseConnectionString" = azurerm_cosmosdb_account.db.connection_strings[0] + "DatabaseName" = "database" + "ImagesConnectionString" = "DefaultEndpointsProtocol=https;AccountName=${azurerm_storage_account.storage.name};AccountKey=${azurerm_storage_account.storage.primary_access_key};EndpointSuffix=core.windows.net" + "FUNCTIONS_WORKER_RUNTIME" = "dotnet" + "WEBSITE_RUN_FROM_PACKAGE" = "1" + } +} + +resource "azurerm_app_service_plan" "couple_api_asp" { + name = "${var.prefix}-couple-api" + location = azurerm_resource_group.rg.location + resource_group_name = azurerm_resource_group.rg.name + kind = "FunctionApp" + + sku { + tier = "Dynamic" + size = "Y1" + } +} + +resource "azurerm_function_app" "couple_api_fa" { + name = "${var.prefix}-couple-api" + location = azurerm_resource_group.rg.location + resource_group_name = azurerm_resource_group.rg.name + app_service_plan_id = azurerm_app_service_plan.couple_api_asp.id storage_account_name = azurerm_storage_account.storage.name storage_account_access_key = azurerm_storage_account.storage.primary_access_key From c8e76192b5c58644e6a0bc24d16eb8e897640b3e Mon Sep 17 00:00:00 2001 From: Yongkiat Goh <yongkiat.goh@shopee.com> Date: Fri, 8 Jul 2022 15:00:46 +0800 Subject: [PATCH 14/25] Revert changes on azure-messaging-function workflow --- .github/workflows/azure-messaging-function.yml | 11 ++--------- 1 file changed, 2 insertions(+), 9 deletions(-) diff --git a/.github/workflows/azure-messaging-function.yml b/.github/workflows/azure-messaging-function.yml index 6f40963a..9a7c8330 100644 --- a/.github/workflows/azure-messaging-function.yml +++ b/.github/workflows/azure-messaging-function.yml @@ -28,17 +28,10 @@ jobs: pushd './${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }}' dotnet build --configuration Release --output ./output popd - - - name: Get Pubilsh Profile - id: getPublishProfile - run: | - echo "::set-output name=PUBLISH_PROFILE::$(az webapp deployment list-publishing-profiles -g '${{ needs.terraform.outputs.rgName }}' -n 'app-service-name' --xml)" - - - - name: 'Run Azure Functions Action' + - name: 'Deploy' uses: Azure/functions-action@v1 id: fa with: app-name: ${{ env.AZURE_FUNCTIONAPP_NAME }} package: '${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }}/output' - publish-profile: ${{ steps.getPublishProfile.outputs.PUBLISH_PROFILE }} + publish-profile: ${{ secrets.AZURE_MESSAGING_FUNCTIONAPP_PUBLISH_PROFILE }} From bcb0ce603d0ca1cf7a31de28d792d64aba1bdda3 Mon Sep 17 00:00:00 2001 From: Yongkiat Goh <yongkiat.goh@shopee.com> Date: Thu, 14 Jul 2022 01:00:39 +0800 Subject: [PATCH 15/25] Remove terraform workflow --- .github/workflows/dotnet-deploy-workflow.yml | 89 -------------------- 1 file changed, 89 deletions(-) delete mode 100644 .github/workflows/dotnet-deploy-workflow.yml diff --git a/.github/workflows/dotnet-deploy-workflow.yml b/.github/workflows/dotnet-deploy-workflow.yml deleted file mode 100644 index 057322ae..00000000 --- a/.github/workflows/dotnet-deploy-workflow.yml +++ /dev/null @@ -1,89 +0,0 @@ -name: Deploy DotNet project - -on: - push: - branches: - - master - pull_request: - branches: - - master - -jobs: - terraform-create: - runs-on: ubuntu-latest - defaults: - run: - working-directory: ./terraform/terraform-create-resource - env: - ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} - ARM_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} - ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }} - ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} - outputs: - AZURE_RESOURCEGROUP_NAME: ${{ steps.getResourceGroupName.outputs.rgName }} - steps: - - name: Checkout - uses: actions/checkout@v2 - - - name: Terraform Init - run: terraform init - - - name: Terraform Validate - run: terraform validate - - - name: Terraform Plan - run: terraform plan - - - name: Terraform Apply - run: terraform apply -auto-approve - - - name: Get Resource Group name - id: getResourceGroupName - run: | - echo "::set-output name=rgName::$(terraform output -raw rgName)" - - fa-build-and-deploy: - needs: terraform-create - runs-on: ubuntu-latest - permissions: - id-token: write - contents: read - env: - AZURE_FUNCTIONAPP_NAME: test-change-event - AZURE_FUNCTIONAPP_PACKAGE_PATH: 'Messaging' - DOTNET_VERSION: '6.0.x' - steps: - - name: 'Checkout GitHub Action' - uses: actions/checkout@v2 - - - name: Setup DotNet ${{ env.DOTNET_VERSION }} Environment - uses: actions/setup-dotnet@v1 - with: - dotnet-version: ${{ env.DOTNET_VERSION }} - - - name: 'Resolve Project Dependencies Using Dotnet' - shell: bash - run: | - pushd './${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }}' - dotnet build --configuration Release --output ./output - popd - - - name: Azure CLI login - uses: azure/login@v1 - with: - client-id: ${{ secrets.ARM_CLIENT_ID }} - tenant-id: ${{ secrets.ARM_TENANT_ID }} - subscription-id: ${{ secrets.ARM_SUBSCRIPTION_ID }} - - - name: Get Pubilsh Profile - id: getPublishProfile - run: | - echo "::set-output name=PUBLISH_PROFILE::$(az webapp deployment list-publishing-profiles -g '${{ needs.terraform-create.outputs.AZURE_RESOURCEGROUP_NAME }}' -n '${{ env.AZURE_FUNCTIONAPP_NAME }}' --xml)" - - - name: 'Run Azure Functions Action' - uses: Azure/functions-action@v1 - id: fa - with: - app-name: ${{ env.AZURE_FUNCTIONAPP_NAME }} - package: '${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }}/output' - publish-profile: ${{ steps.getPublishProfile.outputs.PUBLISH_PROFILE }} \ No newline at end of file From 71da4607b6f293c32d5bc3f22bf7bd16ffca9354 Mon Sep 17 00:00:00 2001 From: Yongkiat Goh <yongkiat.goh@shopee.com> Date: Thu, 14 Jul 2022 01:17:08 +0800 Subject: [PATCH 16/25] Clean up pull request --- .../workflows/azure-messaging-function.yml | 1 + terraform.patch | 400 ------------------ terraform/terraform-create-resource/main.tf | 7 +- 3 files changed, 2 insertions(+), 406 deletions(-) delete mode 100644 terraform.patch diff --git a/.github/workflows/azure-messaging-function.yml b/.github/workflows/azure-messaging-function.yml index e03c6d04..f6262e8a 100644 --- a/.github/workflows/azure-messaging-function.yml +++ b/.github/workflows/azure-messaging-function.yml @@ -31,6 +31,7 @@ jobs: pushd './${{ env.AZURE_FUNCTIONAPP_PACKAGE_PATH }}' dotnet build --configuration Release --output ./output popd + - name: 'Deploy' uses: Azure/functions-action@v1 id: fa diff --git a/terraform.patch b/terraform.patch deleted file mode 100644 index 2a402183..00000000 --- a/terraform.patch +++ /dev/null @@ -1,400 +0,0 @@ -diff --git a/.github/workflows/terraform-create-resource.yml b/.github/workflows/terraform-create-resource.yml -new file mode 100644 -index 0000000..ced04bb ---- /dev/null -+++ b/.github/workflows/terraform-create-resource.yml -@@ -0,0 +1,39 @@ -+name: Terraform Create Azure Resource -+ -+on: -+ push: -+ branches: -+ - master -+ pull_request: -+ branches: -+ - master -+ -+jobs: -+ terraform: -+ runs-on: ubuntu-latest -+ -+ env: -+ ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }} -+ ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }} -+ ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }} -+ ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }} -+ -+ steps: -+ - name: Checkout -+ uses: actions/checkout@v2 -+ -+ - name: Terraform Init -+ run: terraform init -+ working-directory: ./terraform/terraform-create-resource -+ -+ - name: Terraform Validate -+ run: terraform validate -+ working-directory: ./terraform/terraform-create-resource -+ -+ - name: Terraform Plan -+ run: terraform plan -+ working-directory: ./terraform/terraform-create-resource -+ -+ - name: Terraform Apply -+ run: terraform apply -auto-approve -+ working-directory: ./terraform/terraform-create-resource -diff --git a/.gitignore b/.gitignore -index b18efaa..5bb9714 100644 ---- a/.gitignore -+++ b/.gitignore -@@ -362,4 +362,35 @@ MigrationBackup/ - .ionide/ - - # Fody - auto-generated XML schema --FodyWeavers.xsd -\ No newline at end of file -+FodyWeavers.xsd -+ -+# Local .terraform directories -+**/.terraform/* -+ -+# .tfstate files -+*.tfstate -+*.tfstate.* -+ -+# Crash log files -+crash.log -+ -+# Exclude all .tfvars files, which are likely to contain sentitive data, such as -+# password, private keys, and other secrets. These should not be part of version -+# control as they are data points which are potentially sensitive and subject -+# to change depending on the environment. -+# -+*.tfvars -+ -+# Ignore override files as they are usually used to override resources locally and so -+# are not checked in -+override.tf -+override.tf.json -+*_override.tf -+*_override.tf.json -+ -+# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan -+*tfplan* -+ -+# Ignore CLI configuration files -+.terraformrc -+terraform.rc -\ No newline at end of file -diff --git a/terraform/terraform-create-resource/.terraform.lock.hcl b/terraform/terraform-create-resource/.terraform.lock.hcl -new file mode 100644 -index 0000000..27e76b0 ---- /dev/null -+++ b/terraform/terraform-create-resource/.terraform.lock.hcl -@@ -0,0 +1,39 @@ -+# This file is maintained automatically by "terraform init". -+# Manual edits may be lost in future updates. -+ -+provider "registry.terraform.io/hashicorp/azurerm" { -+ version = "2.84.0" -+ constraints = "~> 2.84.0" -+ hashes = [ -+ "h1:jyvuROvM/4pyDA61Gq6F9pc3c0ofhgo22XEnlWwjxnE=", -+ "zh:172f9abac9765cd4412d192fbc33ce29ef45dde7865844d246d9a645e8bf52d1", -+ "zh:1b92d4262852169bcd1c7766047af5b5bdb64bd05d4be69dfa5078b83e0d5b30", -+ "zh:391fbe77d483120ed7954d4c88ed8d6668dad807f2b4dc8f4faeaffebcf83b49", -+ "zh:5623276a8e011b7275c0f3922ac3aab0659145fcfde4bb336dfa70150b4f5630", -+ "zh:6a8f73947379b9aed2f725ba5435210b1911339ccff925fe6d0c89125d3f0d7a", -+ "zh:89bac435268a41311559ee556ef4bc10a4d4d2ff0bcdbb38d4faf70cb5703600", -+ "zh:a672d23d1e937de9796971372f47dc0938f28764396b87595d0a2241fd9fefe3", -+ "zh:cebaaa78cec7fd9aedf56445931e0e3bfbbf5d75eedf8c2da5c6026819611eee", -+ "zh:e17b79121500fd70e226bd34a45b6fdb9d8699e41896fb3d57c66890fad54ae5", -+ "zh:ec2b5d259c1cd71b6f8401c6e2cc80229d04bb525c9e0561591c4d03683e241b", -+ "zh:f9a9011f0a076084511e1602d021bc5e1fb2465cf51e5b2037687a0bba31f811", -+ ] -+} -+ -+provider "registry.terraform.io/hashicorp/random" { -+ version = "3.1.0" -+ hashes = [ -+ "h1:rKYu5ZUbXwrLG1w81k7H3nce/Ys6yAxXhWcbtk36HjY=", -+ "zh:2bbb3339f0643b5daa07480ef4397bd23a79963cc364cdfbb4e86354cb7725bc", -+ "zh:3cd456047805bf639fbf2c761b1848880ea703a054f76db51852008b11008626", -+ "zh:4f251b0eda5bb5e3dc26ea4400dba200018213654b69b4a5f96abee815b4f5ff", -+ "zh:7011332745ea061e517fe1319bd6c75054a314155cb2c1199a5b01fe1889a7e2", -+ "zh:738ed82858317ccc246691c8b85995bc125ac3b4143043219bd0437adc56c992", -+ "zh:7dbe52fac7bb21227acd7529b487511c91f4107db9cc4414f50d04ffc3cab427", -+ "zh:a3a9251fb15f93e4cfc1789800fc2d7414bbc18944ad4c5c98f466e6477c42bc", -+ "zh:a543ec1a3a8c20635cf374110bd2f87c07374cf2c50617eee2c669b3ceeeaa9f", -+ "zh:d9ab41d556a48bd7059f0810cf020500635bfc696c9fc3adab5ea8915c1d886b", -+ "zh:d9e13427a7d011dbd654e591b0337e6074eef8c3b9bb11b2e39eaaf257044fd7", -+ "zh:f7605bd1437752114baf601bdf6931debe6dc6bfe3006eb7e9bb9080931dca8a", -+ ] -+} -diff --git a/terraform/terraform-create-resource/cosmosdb.tf b/terraform/terraform-create-resource/cosmosdb.tf -new file mode 100644 -index 0000000..7504e93 ---- /dev/null -+++ b/terraform/terraform-create-resource/cosmosdb.tf -@@ -0,0 +1,43 @@ -+# azurerm_cosmosdb_account.db: -+resource "azurerm_cosmosdb_account" "db" { -+ access_key_metadata_writes_enabled = true -+ analytical_storage_enabled = false -+ enable_automatic_failover = false -+ # Only one free tier cosmosDB per subscription -+ # enable_free_tier = true -+ enable_multiple_write_locations = false -+ is_virtual_network_filter_enabled = false -+ kind = "GlobalDocumentDB" -+ local_authentication_disabled = false -+ location = "southeastasia" -+ name = "${var.prefix}-couple-management-storage" -+ network_acl_bypass_for_azure_services = false -+ network_acl_bypass_ids = [] -+ offer_type = "Standard" -+ public_network_access_enabled = true -+ resource_group_name = azurerm_resource_group.rg.name -+ -+ capabilities { -+ name = "EnableServerless" -+ } -+ -+ backup { -+ interval_in_minutes = 240 -+ retention_in_hours = 8 -+ type = "Periodic" -+ } -+ -+ consistency_policy { -+ consistency_level = "ConsistentPrefix" -+ max_interval_in_seconds = 5 -+ max_staleness_prefix = 100 -+ } -+ -+ geo_location { -+ failover_priority = 0 -+ location = "southeastasia" -+ zone_redundant = false -+ } -+ -+ timeouts {} -+} -\ No newline at end of file -diff --git a/terraform/terraform-create-resource/functionapp.tf b/terraform/terraform-create-resource/functionapp.tf -new file mode 100644 -index 0000000..d91ff15 ---- /dev/null -+++ b/terraform/terraform-create-resource/functionapp.tf -@@ -0,0 +1,30 @@ -+resource "azurerm_app_service_plan" "asp" { -+ name = "${var.prefix}-service-plan" -+ location = azurerm_resource_group.rg.location -+ resource_group_name = azurerm_resource_group.rg.name -+ kind = "FunctionApp" -+ -+ sku { -+ tier = "Dynamic" -+ size = "Y1" -+ } -+} -+ -+resource "azurerm_function_app" "fa" { -+ name = "${var.prefix}-change-event" -+ location = azurerm_resource_group.rg.location -+ resource_group_name = azurerm_resource_group.rg.name -+ app_service_plan_id = azurerm_app_service_plan.asp.id -+ storage_account_name = azurerm_storage_account.storage.name -+ storage_account_access_key = azurerm_storage_account.storage.primary_access_key -+ -+ app_settings = { -+ "AccountEndpoint" = azurerm_cosmosdb_account.db.endpoint -+ "AccountKey" = azurerm_cosmosdb_account.db.primary_key -+ "DatabaseConnectionString" = azurerm_cosmosdb_account.db.connection_strings[0] -+ "DatabaseName" = "database" -+ "ImagesConnectionString" = "DefaultEndpointsProtocol=https;AccountName=${azurerm_storage_account.storage.name};AccountKey=${azurerm_storage_account.storage.primary_access_key};EndpointSuffix=core.windows.net" -+ "FUNCTIONS_WORKER_RUNTIME" = "dotnet" -+ "WEBSITE_RUN_FROM_PACKAGE" = "1" -+ } -+} -\ No newline at end of file -diff --git a/terraform/terraform-create-resource/main.tf b/terraform/terraform-create-resource/main.tf -new file mode 100644 -index 0000000..dc76eaa ---- /dev/null -+++ b/terraform/terraform-create-resource/main.tf -@@ -0,0 +1,29 @@ -+terraform { -+ required_version = ">=0.12" -+ required_providers { -+ azurerm = { -+ source = "hashicorp/azurerm" -+ version = "~>2.84.0" -+ } -+ } -+ -+ backend "azurerm" { -+ resource_group_name = "StateResource" -+ storage_account_name = "couplemgmtstates" -+ container_name = "tfstates" -+ key = "test.terraform.tfstate" -+ } -+} -+ -+resource "random_uuid" "test" { -+} -+ -+resource "azurerm_resource_group" "rg" { -+ name = "${random_uuid.test.result}-rg-${var.prefix}" -+ location = var.location -+} -+ -+provider "azurerm" { -+ features {} -+} -+ -diff --git a/terraform/terraform-create-resource/storage.tf b/terraform/terraform-create-resource/storage.tf -new file mode 100644 -index 0000000..0af7305 ---- /dev/null -+++ b/terraform/terraform-create-resource/storage.tf -@@ -0,0 +1,14 @@ -+resource "azurerm_storage_account" "storage" { -+ name = "${var.prefix}couplemgmtstorage" -+ resource_group_name = azurerm_resource_group.rg.name -+ location = "southeastasia" -+ account_tier = "Standard" -+ account_replication_type = "LRS" -+ allow_blob_public_access = true -+} -+ -+resource "azurerm_storage_container" "images" { -+ name = "images" -+ storage_account_name = azurerm_storage_account.storage.name -+ container_access_type = "private" -+} -diff --git a/terraform/terraform-create-resource/variables.tf b/terraform/terraform-create-resource/variables.tf -new file mode 100644 -index 0000000..7a57d5b ---- /dev/null -+++ b/terraform/terraform-create-resource/variables.tf -@@ -0,0 +1,11 @@ -+variable "prefix" { -+ default = "test" -+} -+ -+ -+# Shortnames for regions can be found here: -+# https://github.com/claranet/terraform-azurerm-regions/blob/master/REGIONS.md -+variable "location" { -+ default = "southeastasia" -+ description = "Location of the resource group." -+} -\ No newline at end of file -diff --git a/terraform/terraform-remote-state/.terraform.lock.hcl b/terraform/terraform-remote-state/.terraform.lock.hcl -new file mode 100644 -index 0000000..72d84f3 ---- /dev/null -+++ b/terraform/terraform-remote-state/.terraform.lock.hcl -@@ -0,0 +1,39 @@ -+# This file is maintained automatically by "terraform init". -+# Manual edits may be lost in future updates. -+ -+provider "registry.terraform.io/hashicorp/azurerm" { -+ version = "2.84.0" -+ constraints = "~> 2.0" -+ hashes = [ -+ "h1:jyvuROvM/4pyDA61Gq6F9pc3c0ofhgo22XEnlWwjxnE=", -+ "zh:172f9abac9765cd4412d192fbc33ce29ef45dde7865844d246d9a645e8bf52d1", -+ "zh:1b92d4262852169bcd1c7766047af5b5bdb64bd05d4be69dfa5078b83e0d5b30", -+ "zh:391fbe77d483120ed7954d4c88ed8d6668dad807f2b4dc8f4faeaffebcf83b49", -+ "zh:5623276a8e011b7275c0f3922ac3aab0659145fcfde4bb336dfa70150b4f5630", -+ "zh:6a8f73947379b9aed2f725ba5435210b1911339ccff925fe6d0c89125d3f0d7a", -+ "zh:89bac435268a41311559ee556ef4bc10a4d4d2ff0bcdbb38d4faf70cb5703600", -+ "zh:a672d23d1e937de9796971372f47dc0938f28764396b87595d0a2241fd9fefe3", -+ "zh:cebaaa78cec7fd9aedf56445931e0e3bfbbf5d75eedf8c2da5c6026819611eee", -+ "zh:e17b79121500fd70e226bd34a45b6fdb9d8699e41896fb3d57c66890fad54ae5", -+ "zh:ec2b5d259c1cd71b6f8401c6e2cc80229d04bb525c9e0561591c4d03683e241b", -+ "zh:f9a9011f0a076084511e1602d021bc5e1fb2465cf51e5b2037687a0bba31f811", -+ ] -+} -+ -+provider "registry.terraform.io/hashicorp/random" { -+ version = "3.1.0" -+ hashes = [ -+ "h1:rKYu5ZUbXwrLG1w81k7H3nce/Ys6yAxXhWcbtk36HjY=", -+ "zh:2bbb3339f0643b5daa07480ef4397bd23a79963cc364cdfbb4e86354cb7725bc", -+ "zh:3cd456047805bf639fbf2c761b1848880ea703a054f76db51852008b11008626", -+ "zh:4f251b0eda5bb5e3dc26ea4400dba200018213654b69b4a5f96abee815b4f5ff", -+ "zh:7011332745ea061e517fe1319bd6c75054a314155cb2c1199a5b01fe1889a7e2", -+ "zh:738ed82858317ccc246691c8b85995bc125ac3b4143043219bd0437adc56c992", -+ "zh:7dbe52fac7bb21227acd7529b487511c91f4107db9cc4414f50d04ffc3cab427", -+ "zh:a3a9251fb15f93e4cfc1789800fc2d7414bbc18944ad4c5c98f466e6477c42bc", -+ "zh:a543ec1a3a8c20635cf374110bd2f87c07374cf2c50617eee2c669b3ceeeaa9f", -+ "zh:d9ab41d556a48bd7059f0810cf020500635bfc696c9fc3adab5ea8915c1d886b", -+ "zh:d9e13427a7d011dbd654e591b0337e6074eef8c3b9bb11b2e39eaaf257044fd7", -+ "zh:f7605bd1437752114baf601bdf6931debe6dc6bfe3006eb7e9bb9080931dca8a", -+ ] -+} -diff --git a/terraform/terraform-remote-state/main.tf b/terraform/terraform-remote-state/main.tf -new file mode 100644 -index 0000000..df818c0 ---- /dev/null -+++ b/terraform/terraform-remote-state/main.tf -@@ -0,0 +1,18 @@ -+terraform { -+ required_version = ">=0.12" -+ required_providers { -+ azurerm = { -+ source = "hashicorp/azurerm" -+ version = "~>2.84.0" -+ } -+ } -+} -+ -+provider "azurerm" { -+ features {} -+} -+ -+resource "azurerm_resource_group" "rg" { -+ name = "StateResource" -+ location = var.location -+} -diff --git a/terraform/terraform-remote-state/storage.tf b/terraform/terraform-remote-state/storage.tf -new file mode 100644 -index 0000000..cea9c17 ---- /dev/null -+++ b/terraform/terraform-remote-state/storage.tf -@@ -0,0 +1,18 @@ -+resource "azurerm_storage_account" "storageAccount" { -+ name = "couplemgmtstates" -+ resource_group_name = azurerm_resource_group.rg.name -+ location = azurerm_resource_group.rg.location -+ account_tier = "Standard" -+ account_replication_type = "LRS" -+ account_kind = "StorageV2" -+ access_tier = "Hot" -+ allow_blob_public_access = true -+ -+ timeouts {} -+} -+ -+resource "azurerm_storage_container" "storageContainer" { -+ name = "tfstates" -+ storage_account_name = azurerm_storage_account.storageAccount.name -+ container_access_type = "blob" -+} -\ No newline at end of file -diff --git a/terraform/terraform-remote-state/variables.tf b/terraform/terraform-remote-state/variables.tf -new file mode 100644 -index 0000000..fb369c9 ---- /dev/null -+++ b/terraform/terraform-remote-state/variables.tf -@@ -0,0 +1,6 @@ -+# Shortnames for regions can be found here: -+# https://github.com/claranet/terraform-azurerm-regions/blob/master/REGIONS.md -+variable "location" { -+ default = "southeastasia" -+ description = "Location of the resource group." -+} -\ No newline at end of file diff --git a/terraform/terraform-create-resource/main.tf b/terraform/terraform-create-resource/main.tf index e7c8666d..0276ebeb 100644 --- a/terraform/terraform-create-resource/main.tf +++ b/terraform/terraform-create-resource/main.tf @@ -25,9 +25,4 @@ resource "azurerm_resource_group" "rg" { provider "azurerm" { features {} -} - -output "rgName" { - value = azurerm_resource_group.rg.name -} - +} \ No newline at end of file From 6e58f38a8673c2c41533b31468de092ae0470a34 Mon Sep 17 00:00:00 2001 From: Yongkiat Goh <yongkiat.goh@shopee.com> Date: Thu, 21 Jul 2022 00:31:50 +0800 Subject: [PATCH 17/25] Cleanup indents --- terraform/terraform-create-resource/cosmosdb.tf | 5 +---- terraform/terraform-create-resource/main.tf | 5 ++--- terraform/terraform-create-resource/variables.tf | 7 +++---- terraform/terraform-remote-state/variables.tf | 4 ++-- 4 files changed, 8 insertions(+), 13 deletions(-) diff --git a/terraform/terraform-create-resource/cosmosdb.tf b/terraform/terraform-create-resource/cosmosdb.tf index 7504e933..f4722f38 100644 --- a/terraform/terraform-create-resource/cosmosdb.tf +++ b/terraform/terraform-create-resource/cosmosdb.tf @@ -1,4 +1,3 @@ -# azurerm_cosmosdb_account.db: resource "azurerm_cosmosdb_account" "db" { access_key_metadata_writes_enabled = true analytical_storage_enabled = false @@ -18,7 +17,7 @@ resource "azurerm_cosmosdb_account" "db" { resource_group_name = azurerm_resource_group.rg.name capabilities { - name = "EnableServerless" + name = "EnableServerless" } backup { @@ -38,6 +37,4 @@ resource "azurerm_cosmosdb_account" "db" { location = "southeastasia" zone_redundant = false } - - timeouts {} } \ No newline at end of file diff --git a/terraform/terraform-create-resource/main.tf b/terraform/terraform-create-resource/main.tf index 0276ebeb..2395bdf1 100644 --- a/terraform/terraform-create-resource/main.tf +++ b/terraform/terraform-create-resource/main.tf @@ -2,7 +2,7 @@ terraform { required_version = ">=0.12" required_providers { azurerm = { - source = "hashicorp/azurerm" + source = "hashicorp/azurerm" version = "~>2.91.0" } } @@ -15,8 +15,7 @@ terraform { } } -resource "random_uuid" "test" { -} +resource "random_uuid" "test" {} resource "azurerm_resource_group" "rg" { name = "${random_uuid.test.result}-rg-${var.prefix}" diff --git a/terraform/terraform-create-resource/variables.tf b/terraform/terraform-create-resource/variables.tf index 7a57d5bf..92628146 100644 --- a/terraform/terraform-create-resource/variables.tf +++ b/terraform/terraform-create-resource/variables.tf @@ -1,11 +1,10 @@ variable "prefix" { - default = "test" + default = "test" } - # Shortnames for regions can be found here: # https://github.com/claranet/terraform-azurerm-regions/blob/master/REGIONS.md variable "location" { - default = "southeastasia" - description = "Location of the resource group." + default = "southeastasia" + description = "Location of the resource group." } \ No newline at end of file diff --git a/terraform/terraform-remote-state/variables.tf b/terraform/terraform-remote-state/variables.tf index fb369c95..1f96ff54 100644 --- a/terraform/terraform-remote-state/variables.tf +++ b/terraform/terraform-remote-state/variables.tf @@ -1,6 +1,6 @@ # Shortnames for regions can be found here: # https://github.com/claranet/terraform-azurerm-regions/blob/master/REGIONS.md variable "location" { - default = "southeastasia" - description = "Location of the resource group." + default = "southeastasia" + description = "Location of the resource group." } \ No newline at end of file From 604f8147234e5f0fd4378a2516213d375285fe5b Mon Sep 17 00:00:00 2001 From: Yongkiat Goh <yongkiat.goh@shopee.com> Date: Mon, 25 Jul 2022 23:33:27 +0800 Subject: [PATCH 18/25] Remove .terraform.lock.hcl --- .../.terraform.lock.hcl | 40 ------------------- .../.terraform.lock.hcl | 21 ---------- 2 files changed, 61 deletions(-) delete mode 100644 terraform/terraform-create-resource/.terraform.lock.hcl delete mode 100644 terraform/terraform-remote-state/.terraform.lock.hcl diff --git a/terraform/terraform-create-resource/.terraform.lock.hcl b/terraform/terraform-create-resource/.terraform.lock.hcl deleted file mode 100644 index 4c575616..00000000 --- a/terraform/terraform-create-resource/.terraform.lock.hcl +++ /dev/null @@ -1,40 +0,0 @@ -# This file is maintained automatically by "terraform init". -# Manual edits may be lost in future updates. - -provider "registry.terraform.io/hashicorp/azurerm" { - version = "2.91.0" - constraints = "~> 2.91.0" - hashes = [ - "h1:JpJCgETSFOW1VX9MwlMEtJtZi6LdvBL7lZ4aeVqPUHs=", - "zh:17102231bc42ac91260489377fb0344408185f9233f126b825c0d0bdc873c8ec", - "zh:2454e0683fd8b230c7f30da2afc26bb0e9d699b85409d175a25cd094e4bf7089", - "zh:276fdae42310057bc7847ff4af6bb441408153af2ad72f8931145da21072ba8a", - "zh:29fd177efd83807acaadc788cbf151e0ed19275b00c7600e1b72316f00e0f1ea", - "zh:5d5ec15bbd38fa4d50074ff530e8851b06eeb08048666cde5096d44eeb495e9c", - "zh:7974ae42bdb7f9104c1477760d7227243a34087526b4d3eea138f3110b10fd58", - "zh:a9fd00320e15c53061556e0dd5818d7e0ca4af0713554dced1ede819350edd9a", - "zh:d8a1a3294faabfe0722ed5e553f054a92b2dc03b7f479ca58d67d36621289ce4", - "zh:ec4e798182bde6a9d89869c458d36b02d3acdd7ce118c91e8af2b86f082bf5e0", - "zh:fb1b3f126f823cb4b6e9018136562e9c28f65732ef0d0f11c18d04117c7ae7a3", - "zh:ff0ead2fe3c4c5d597fdc3f2183407ab971f2f435a887ff7af7dac9ae3fa6e86", - ] -} - -provider "registry.terraform.io/hashicorp/random" { - version = "3.1.3" - hashes = [ - "h1:7+wnAXQM7IpNEAQ6WZXdO0ZfQW/ncQFXYJ5T2KaR+Z8=", - "zh:26e07aa32e403303fc212a4367b4d67188ac965c37a9812e07acee1470687a73", - "zh:27386f48e9c9d849fbb5a8828d461fde35e71f6b6c9fc235bc4ae8403eb9c92d", - "zh:5f4edda4c94240297bbd9b83618fd362348cadf6bf24ea65ea0e1844d7ccedc0", - "zh:646313a907126cd5e69f6a9fafe816e9154fccdc04541e06fed02bb3a8fa2d2e", - "zh:7349692932a5d462f8dee1500ab60401594dddb94e9aa6bf6c4c0bd53e91bbb8", - "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", - "zh:9034daba8d9b32b35930d168f363af04cecb153d5849a7e4a5966c97c5dc956e", - "zh:bb81dfca59ef5f949ef39f19ea4f4de25479907abc28cdaa36d12ecd7c0a9699", - "zh:bcf7806b99b4c248439ae02c8e21f77aff9fadbc019ce619b929eef09d1221bb", - "zh:d708e14d169e61f326535dd08eecd3811cd4942555a6f8efabc37dbff9c6fc61", - "zh:dc294e19a46e1cefb9e557a7b789c8dd8f319beca99b8c265181bc633dc434cc", - "zh:f9d758ee53c55dc016dd736427b6b0c3c8eb4d0dbbc785b6a3579b0ffedd9e42", - ] -} diff --git a/terraform/terraform-remote-state/.terraform.lock.hcl b/terraform/terraform-remote-state/.terraform.lock.hcl deleted file mode 100644 index af66a834..00000000 --- a/terraform/terraform-remote-state/.terraform.lock.hcl +++ /dev/null @@ -1,21 +0,0 @@ -# This file is maintained automatically by "terraform init". -# Manual edits may be lost in future updates. - -provider "registry.terraform.io/hashicorp/azurerm" { - version = "2.91.0" - constraints = "~> 2.91.0" - hashes = [ - "h1:JpJCgETSFOW1VX9MwlMEtJtZi6LdvBL7lZ4aeVqPUHs=", - "zh:17102231bc42ac91260489377fb0344408185f9233f126b825c0d0bdc873c8ec", - "zh:2454e0683fd8b230c7f30da2afc26bb0e9d699b85409d175a25cd094e4bf7089", - "zh:276fdae42310057bc7847ff4af6bb441408153af2ad72f8931145da21072ba8a", - "zh:29fd177efd83807acaadc788cbf151e0ed19275b00c7600e1b72316f00e0f1ea", - "zh:5d5ec15bbd38fa4d50074ff530e8851b06eeb08048666cde5096d44eeb495e9c", - "zh:7974ae42bdb7f9104c1477760d7227243a34087526b4d3eea138f3110b10fd58", - "zh:a9fd00320e15c53061556e0dd5818d7e0ca4af0713554dced1ede819350edd9a", - "zh:d8a1a3294faabfe0722ed5e553f054a92b2dc03b7f479ca58d67d36621289ce4", - "zh:ec4e798182bde6a9d89869c458d36b02d3acdd7ce118c91e8af2b86f082bf5e0", - "zh:fb1b3f126f823cb4b6e9018136562e9c28f65732ef0d0f11c18d04117c7ae7a3", - "zh:ff0ead2fe3c4c5d597fdc3f2183407ab971f2f435a887ff7af7dac9ae3fa6e86", - ] -} From 27333083faf3723f9ca7850a5bdcdad625ea354f Mon Sep 17 00:00:00 2001 From: Yongkiat Goh <yongkiat.goh@shopee.com> Date: Tue, 26 Jul 2022 00:42:38 +0800 Subject: [PATCH 19/25] Update variables conventions --- terraform/terraform-create-resource/variables.tf | 13 ++++++++----- terraform/terraform-remote-state/variables.tf | 3 ++- 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/terraform/terraform-create-resource/variables.tf b/terraform/terraform-create-resource/variables.tf index 92628146..7b684c44 100644 --- a/terraform/terraform-create-resource/variables.tf +++ b/terraform/terraform-create-resource/variables.tf @@ -1,10 +1,13 @@ -variable "prefix" { - default = "test" -} - # Shortnames for regions can be found here: # https://github.com/claranet/terraform-azurerm-regions/blob/master/REGIONS.md variable "location" { + description = "Location of the resources" + type = string default = "southeastasia" - description = "Location of the resource group." +} + +variable "env" { + description = "Environment for resource names" + type = string + default = "test" } \ No newline at end of file diff --git a/terraform/terraform-remote-state/variables.tf b/terraform/terraform-remote-state/variables.tf index 1f96ff54..5980b498 100644 --- a/terraform/terraform-remote-state/variables.tf +++ b/terraform/terraform-remote-state/variables.tf @@ -1,6 +1,7 @@ # Shortnames for regions can be found here: # https://github.com/claranet/terraform-azurerm-regions/blob/master/REGIONS.md variable "location" { - default = "southeastasia" description = "Location of the resource group." + type = string + default = "southeastasia" } \ No newline at end of file From e1f053c9754e9b698e669ef46ee2bc091fbe98b9 Mon Sep 17 00:00:00 2001 From: Yongkiat Goh <yongkiat.goh@shopee.com> Date: Tue, 26 Jul 2022 01:51:10 +0800 Subject: [PATCH 20/25] Update naming convention for region variable --- terraform/terraform-create-resource/cosmosdb.tf | 2 +- terraform/terraform-create-resource/functionapp.tf | 8 ++++---- terraform/terraform-create-resource/main.tf | 2 +- terraform/terraform-create-resource/storage.tf | 2 +- terraform/terraform-create-resource/variables.tf | 4 ++-- terraform/terraform-remote-state/main.tf | 2 +- terraform/terraform-remote-state/storage.tf | 2 +- terraform/terraform-remote-state/variables.tf | 4 ++-- 8 files changed, 13 insertions(+), 13 deletions(-) diff --git a/terraform/terraform-create-resource/cosmosdb.tf b/terraform/terraform-create-resource/cosmosdb.tf index f4722f38..744d87a0 100644 --- a/terraform/terraform-create-resource/cosmosdb.tf +++ b/terraform/terraform-create-resource/cosmosdb.tf @@ -8,7 +8,7 @@ resource "azurerm_cosmosdb_account" "db" { is_virtual_network_filter_enabled = false kind = "GlobalDocumentDB" local_authentication_disabled = false - location = "southeastasia" + location = var.azurerm_region name = "${var.prefix}-couple-management-storage" network_acl_bypass_for_azure_services = false network_acl_bypass_ids = [] diff --git a/terraform/terraform-create-resource/functionapp.tf b/terraform/terraform-create-resource/functionapp.tf index 6260a5ce..c39bcb27 100644 --- a/terraform/terraform-create-resource/functionapp.tf +++ b/terraform/terraform-create-resource/functionapp.tf @@ -1,6 +1,6 @@ resource "azurerm_app_service_plan" "change_event_asp" { name = "${var.prefix}-change-event" - location = azurerm_resource_group.rg.location + location = var.azurerm_region resource_group_name = azurerm_resource_group.rg.name kind = "FunctionApp" @@ -12,7 +12,7 @@ resource "azurerm_app_service_plan" "change_event_asp" { resource "azurerm_function_app" "change_event_fa" { name = "${var.prefix}-change-event" - location = azurerm_resource_group.rg.location + location = var.azurerm_region resource_group_name = azurerm_resource_group.rg.name app_service_plan_id = azurerm_app_service_plan.change_event_asp.id storage_account_name = azurerm_storage_account.storage.name @@ -31,7 +31,7 @@ resource "azurerm_function_app" "change_event_fa" { resource "azurerm_app_service_plan" "couple_api_asp" { name = "${var.prefix}-couple-api" - location = azurerm_resource_group.rg.location + location = var.azurerm_region resource_group_name = azurerm_resource_group.rg.name kind = "FunctionApp" @@ -43,7 +43,7 @@ resource "azurerm_app_service_plan" "couple_api_asp" { resource "azurerm_function_app" "couple_api_fa" { name = "${var.prefix}-couple-api" - location = azurerm_resource_group.rg.location + location = var.azurerm_region resource_group_name = azurerm_resource_group.rg.name app_service_plan_id = azurerm_app_service_plan.couple_api_asp.id storage_account_name = azurerm_storage_account.storage.name diff --git a/terraform/terraform-create-resource/main.tf b/terraform/terraform-create-resource/main.tf index 2395bdf1..7f0620e0 100644 --- a/terraform/terraform-create-resource/main.tf +++ b/terraform/terraform-create-resource/main.tf @@ -19,7 +19,7 @@ resource "random_uuid" "test" {} resource "azurerm_resource_group" "rg" { name = "${random_uuid.test.result}-rg-${var.prefix}" - location = var.location + location = var.azurerm_region } provider "azurerm" { diff --git a/terraform/terraform-create-resource/storage.tf b/terraform/terraform-create-resource/storage.tf index 0af7305f..dc282136 100644 --- a/terraform/terraform-create-resource/storage.tf +++ b/terraform/terraform-create-resource/storage.tf @@ -1,7 +1,7 @@ resource "azurerm_storage_account" "storage" { name = "${var.prefix}couplemgmtstorage" resource_group_name = azurerm_resource_group.rg.name - location = "southeastasia" + location = var.azurerm_region account_tier = "Standard" account_replication_type = "LRS" allow_blob_public_access = true diff --git a/terraform/terraform-create-resource/variables.tf b/terraform/terraform-create-resource/variables.tf index 7b684c44..4510441b 100644 --- a/terraform/terraform-create-resource/variables.tf +++ b/terraform/terraform-create-resource/variables.tf @@ -1,7 +1,7 @@ # Shortnames for regions can be found here: # https://github.com/claranet/terraform-azurerm-regions/blob/master/REGIONS.md -variable "location" { - description = "Location of the resources" +variable "azurerm_region" { + description = "Standard Azure region in shortname format for resource naming purpose" type = string default = "southeastasia" } diff --git a/terraform/terraform-remote-state/main.tf b/terraform/terraform-remote-state/main.tf index 853fd875..2d7cddbf 100644 --- a/terraform/terraform-remote-state/main.tf +++ b/terraform/terraform-remote-state/main.tf @@ -14,5 +14,5 @@ provider "azurerm" { resource "azurerm_resource_group" "rg" { name = "StateResource" - location = var.location + location = var.azurerm_region } diff --git a/terraform/terraform-remote-state/storage.tf b/terraform/terraform-remote-state/storage.tf index cea9c171..13c56eb0 100644 --- a/terraform/terraform-remote-state/storage.tf +++ b/terraform/terraform-remote-state/storage.tf @@ -1,7 +1,7 @@ resource "azurerm_storage_account" "storageAccount" { name = "couplemgmtstates" resource_group_name = azurerm_resource_group.rg.name - location = azurerm_resource_group.rg.location + location = var.azurerm_region account_tier = "Standard" account_replication_type = "LRS" account_kind = "StorageV2" diff --git a/terraform/terraform-remote-state/variables.tf b/terraform/terraform-remote-state/variables.tf index 5980b498..f88a612f 100644 --- a/terraform/terraform-remote-state/variables.tf +++ b/terraform/terraform-remote-state/variables.tf @@ -1,7 +1,7 @@ # Shortnames for regions can be found here: # https://github.com/claranet/terraform-azurerm-regions/blob/master/REGIONS.md -variable "location" { - description = "Location of the resource group." +variable "azurerm_region" { + description = "Standard Azure region in shortname format for resource naming purpose" type = string default = "southeastasia" } \ No newline at end of file From bf94b57e5c3ee58ef78b6eac27765c5747366eb0 Mon Sep 17 00:00:00 2001 From: Yongkiat Goh <yongkiat.goh@shopee.com> Date: Wed, 10 Aug 2022 01:22:56 +0800 Subject: [PATCH 21/25] Change resource naming according to cloud adoption practices --- .../terraform-create-resource/cosmosdb.tf | 10 +++--- .../terraform-create-resource/functionapp.tf | 36 +++++++++---------- terraform/terraform-create-resource/main.tf | 20 +++++------ .../terraform-create-resource/storage.tf | 10 +++--- terraform/terraform-remote-state/main.tf | 4 +-- terraform/terraform-remote-state/storage.tf | 14 ++++---- 6 files changed, 45 insertions(+), 49 deletions(-) diff --git a/terraform/terraform-create-resource/cosmosdb.tf b/terraform/terraform-create-resource/cosmosdb.tf index 744d87a0..2d4bbd8a 100644 --- a/terraform/terraform-create-resource/cosmosdb.tf +++ b/terraform/terraform-create-resource/cosmosdb.tf @@ -1,20 +1,20 @@ -resource "azurerm_cosmosdb_account" "db" { +resource "azurerm_cosmosdb_account" "storage" { + name = "cosmos-couplemgmt-${var.prefix}" access_key_metadata_writes_enabled = true analytical_storage_enabled = false enable_automatic_failover = false - # Only one free tier cosmosDB per subscription - # enable_free_tier = true enable_multiple_write_locations = false is_virtual_network_filter_enabled = false kind = "GlobalDocumentDB" local_authentication_disabled = false location = var.azurerm_region - name = "${var.prefix}-couple-management-storage" network_acl_bypass_for_azure_services = false network_acl_bypass_ids = [] offer_type = "Standard" public_network_access_enabled = true - resource_group_name = azurerm_resource_group.rg.name + resource_group_name = azurerm_resource_group.app.name + # Only one free tier cosmosDB per subscription + # enable_free_tier = true capabilities { name = "EnableServerless" diff --git a/terraform/terraform-create-resource/functionapp.tf b/terraform/terraform-create-resource/functionapp.tf index c39bcb27..6ceda8a9 100644 --- a/terraform/terraform-create-resource/functionapp.tf +++ b/terraform/terraform-create-resource/functionapp.tf @@ -1,7 +1,7 @@ -resource "azurerm_app_service_plan" "change_event_asp" { - name = "${var.prefix}-change-event" +resource "azurerm_app_service_plan" "changeevent" { + name = "changeevent-service-plan" location = var.azurerm_region - resource_group_name = azurerm_resource_group.rg.name + resource_group_name = azurerm_resource_group.app.name kind = "FunctionApp" sku { @@ -10,18 +10,18 @@ resource "azurerm_app_service_plan" "change_event_asp" { } } -resource "azurerm_function_app" "change_event_fa" { - name = "${var.prefix}-change-event" +resource "azurerm_function_app" "changeevent" { + name = "func-changeevent.azurewebsites.net" location = var.azurerm_region - resource_group_name = azurerm_resource_group.rg.name + resource_group_name = azurerm_resource_group.app.name app_service_plan_id = azurerm_app_service_plan.change_event_asp.id storage_account_name = azurerm_storage_account.storage.name storage_account_access_key = azurerm_storage_account.storage.primary_access_key app_settings = { - "AccountEndpoint" = azurerm_cosmosdb_account.db.endpoint - "AccountKey" = azurerm_cosmosdb_account.db.primary_key - "DatabaseConnectionString" = azurerm_cosmosdb_account.db.connection_strings[0] + "AccountEndpoint" = azurerm_cosmosdb_account.storage.endpoint + "AccountKey" = azurerm_cosmosdb_account.storage.primary_key + "DatabaseConnectionString" = azurerm_cosmosdb_account.storage.connection_strings[0] "DatabaseName" = "database" "ImagesConnectionString" = "DefaultEndpointsProtocol=https;AccountName=${azurerm_storage_account.storage.name};AccountKey=${azurerm_storage_account.storage.primary_access_key};EndpointSuffix=core.windows.net" "FUNCTIONS_WORKER_RUNTIME" = "dotnet" @@ -29,10 +29,10 @@ resource "azurerm_function_app" "change_event_fa" { } } -resource "azurerm_app_service_plan" "couple_api_asp" { - name = "${var.prefix}-couple-api" +resource "azurerm_app_service_plan" "couple_api" { + name = "coupleapi-service-plan" location = var.azurerm_region - resource_group_name = azurerm_resource_group.rg.name + resource_group_name = azurerm_resource_group.app.name kind = "FunctionApp" sku { @@ -41,18 +41,18 @@ resource "azurerm_app_service_plan" "couple_api_asp" { } } -resource "azurerm_function_app" "couple_api_fa" { - name = "${var.prefix}-couple-api" +resource "azurerm_function_app" "coupleapi" { + name = "func-coupleapi.azurewebsites.net" location = var.azurerm_region - resource_group_name = azurerm_resource_group.rg.name + resource_group_name = azurerm_resource_group.app.name app_service_plan_id = azurerm_app_service_plan.couple_api_asp.id storage_account_name = azurerm_storage_account.storage.name storage_account_access_key = azurerm_storage_account.storage.primary_access_key app_settings = { - "AccountEndpoint" = azurerm_cosmosdb_account.db.endpoint - "AccountKey" = azurerm_cosmosdb_account.db.primary_key - "DatabaseConnectionString" = azurerm_cosmosdb_account.db.connection_strings[0] + "AccountEndpoint" = azurerm_cosmosdb_account.storage.endpoint + "AccountKey" = azurerm_cosmosdb_account.storage.primary_key + "DatabaseConnectionString" = azurerm_cosmosdb_account.storage.connection_strings[0] "DatabaseName" = "database" "ImagesConnectionString" = "DefaultEndpointsProtocol=https;AccountName=${azurerm_storage_account.storage.name};AccountKey=${azurerm_storage_account.storage.primary_access_key};EndpointSuffix=core.windows.net" "FUNCTIONS_WORKER_RUNTIME" = "dotnet" diff --git a/terraform/terraform-create-resource/main.tf b/terraform/terraform-create-resource/main.tf index 7f0620e0..d0239abb 100644 --- a/terraform/terraform-create-resource/main.tf +++ b/terraform/terraform-create-resource/main.tf @@ -8,20 +8,18 @@ terraform { } backend "azurerm" { - resource_group_name = "StateResource" - storage_account_name = "couplemgmtstates" - container_name = "tfstates" - key = "test.terraform.tfstate" + resource_group_name = "rg-remote-tfstate" + storage_account_name = "stcouplemgmtstate" + container_name = "container-remote-tfstate" + key = "terraform.tfstate" } } -resource "random_uuid" "test" {} +provider "azurerm" { + features {} +} -resource "azurerm_resource_group" "rg" { - name = "${random_uuid.test.result}-rg-${var.prefix}" +resource "azurerm_resource_group" "app" { + name = "rg-couplemgmt" location = var.azurerm_region } - -provider "azurerm" { - features {} -} \ No newline at end of file diff --git a/terraform/terraform-create-resource/storage.tf b/terraform/terraform-create-resource/storage.tf index dc282136..536da5b9 100644 --- a/terraform/terraform-create-resource/storage.tf +++ b/terraform/terraform-create-resource/storage.tf @@ -1,6 +1,6 @@ -resource "azurerm_storage_account" "storage" { - name = "${var.prefix}couplemgmtstorage" - resource_group_name = azurerm_resource_group.rg.name +resource "azurerm_storage_account" "images" { + name = "stcouplemgmtimages" + resource_group_name = azurerm_resource_group.app.name location = var.azurerm_region account_tier = "Standard" account_replication_type = "LRS" @@ -8,7 +8,7 @@ resource "azurerm_storage_account" "storage" { } resource "azurerm_storage_container" "images" { - name = "images" - storage_account_name = azurerm_storage_account.storage.name + name = "container-images" + storage_account_name = azurerm_storage_account.images.name container_access_type = "private" } diff --git a/terraform/terraform-remote-state/main.tf b/terraform/terraform-remote-state/main.tf index 2d7cddbf..119ecdcf 100644 --- a/terraform/terraform-remote-state/main.tf +++ b/terraform/terraform-remote-state/main.tf @@ -12,7 +12,7 @@ provider "azurerm" { features {} } -resource "azurerm_resource_group" "rg" { - name = "StateResource" +resource "azurerm_resource_group" "tfstate" { + name = "rg-couplemgmt-tfstate" location = var.azurerm_region } diff --git a/terraform/terraform-remote-state/storage.tf b/terraform/terraform-remote-state/storage.tf index 13c56eb0..31a4c338 100644 --- a/terraform/terraform-remote-state/storage.tf +++ b/terraform/terraform-remote-state/storage.tf @@ -1,18 +1,16 @@ -resource "azurerm_storage_account" "storageAccount" { - name = "couplemgmtstates" - resource_group_name = azurerm_resource_group.rg.name +resource "azurerm_storage_account" "tfstate" { + name = "stcouplemgmtstate" + resource_group_name = azurerm_resource_group.tfstate.name location = var.azurerm_region account_tier = "Standard" account_replication_type = "LRS" account_kind = "StorageV2" access_tier = "Hot" allow_blob_public_access = true - - timeouts {} } -resource "azurerm_storage_container" "storageContainer" { - name = "tfstates" - storage_account_name = azurerm_storage_account.storageAccount.name +resource "azurerm_storage_container" "tfstate" { + name = "container-tfstate" + storage_account_name = azurerm_storage_account.tfstate.name container_access_type = "blob" } \ No newline at end of file From acdd8749afca0ef150fe184944cb4837b2b5e1e0 Mon Sep 17 00:00:00 2001 From: Yongkiat Goh <yongkiat.goh@shopee.com> Date: Sat, 13 Aug 2022 18:35:59 +0800 Subject: [PATCH 22/25] Fix remote reference --- terraform/terraform-create-resource/main.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/terraform/terraform-create-resource/main.tf b/terraform/terraform-create-resource/main.tf index d0239abb..dab30cf2 100644 --- a/terraform/terraform-create-resource/main.tf +++ b/terraform/terraform-create-resource/main.tf @@ -8,9 +8,9 @@ terraform { } backend "azurerm" { - resource_group_name = "rg-remote-tfstate" + resource_group_name = "rg-couplemgmt-tfstate" storage_account_name = "stcouplemgmtstate" - container_name = "container-remote-tfstate" + container_name = "container-tfstate" key = "terraform.tfstate" } } From 89ccceb1d56075d1c41bea7567640904e41b9f21 Mon Sep 17 00:00:00 2001 From: Yongkiat Goh <yongkiat.goh@shopee.com> Date: Wed, 7 Sep 2022 14:34:07 +0800 Subject: [PATCH 23/25] Add terraform docs --- docs/IAC-Introduction.md | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 docs/IAC-Introduction.md diff --git a/docs/IAC-Introduction.md b/docs/IAC-Introduction.md new file mode 100644 index 00000000..b38ac995 --- /dev/null +++ b/docs/IAC-Introduction.md @@ -0,0 +1,33 @@ +# Introduction +## Background +Traditionally, to manage a piece of infrastructure hosted in a cloud provider, we would have to log into a administrative portal/console, and manually provision that infrastructure resource. This is fine if there are not a lot resources to manage. + +As the project gets more complex, there would be higher volatility in the infrastructure changes. For example, to scale up infrastructure for a peak day, to sunsetting legacy infrastructures and etc. Managing infrastructure manually starts to get challenging as there are many changes to make. + +## What is IaC? +Infrastructure as Code (IaC) is the idea of using code to create configuration files for managing a software infrastructure. By specifying infrastructure requirements and dependencies as code, we can then version, automate and release the changes on the infrastructure. + +## What is Terraform? +Terraform is an open source Infrastructure as Code tool to automate the provisioning and management of Cloud infrastructures. The configuration files is written in the **HashiCorp Configuration Language(HCL)**. This language is written in `.tf` files. + +## Terraform Architechture +```mermaid +flowchart TB + subgraph Plugins + Providers + Provisioners + end + id1[Terraform Core] -- RPC --> Plugins + Plugins -- golang --> id3[Client Libraries] + id3 -- "HTTP(s)" --> id4[Upstream APIs] +``` +Terraform is mainly split into several parts: + +**Terraform Core:** This is the binary that communicates with Terraform plugins to manage the infrastructure. It is responsible for reading configuration files, building the dependency graph and communication with plugins over RPC. + +**Terraform Plugins:** Plugins are executable binaries written in Go. Currently, there are 2 kinds of plugin: Providers and Provisioners. Providers exposes implementations to services such as AWS, AzureRM. Provisioners runs scripts during resource creation or destruction. + +**Client Libraries:** Client libraries make it easier to communicate with services from a supported language. While it is possible to call the services' API directly, client libraries simplifies the code you need to call them + +## Terraform Workflow +The workflow for using Terraform consists of five stages: Write, Init, Plan, Apply/Destroy From f0a4675160b2fcca848cde2a2fc8926a2cfc5b92 Mon Sep 17 00:00:00 2001 From: Yongkiat Goh <yongkiat.goh@shopee.com> Date: Sun, 11 Sep 2022 17:07:43 +0800 Subject: [PATCH 24/25] fix grammar --- docs/IAC-Introduction.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/docs/IAC-Introduction.md b/docs/IAC-Introduction.md index b38ac995..86a53943 100644 --- a/docs/IAC-Introduction.md +++ b/docs/IAC-Introduction.md @@ -1,14 +1,14 @@ # Introduction ## Background -Traditionally, to manage a piece of infrastructure hosted in a cloud provider, we would have to log into a administrative portal/console, and manually provision that infrastructure resource. This is fine if there are not a lot resources to manage. +Traditionally, to manage a piece of infrastructure hosted in a cloud provider, we would have to log into an administrative portal/console, and manually provision that infrastructure resource. This is fine if there are not a lot of resources to manage. -As the project gets more complex, there would be higher volatility in the infrastructure changes. For example, to scale up infrastructure for a peak day, to sunsetting legacy infrastructures and etc. Managing infrastructure manually starts to get challenging as there are many changes to make. +As the project gets more complex, there would be higher volatility in the infrastructure changes. For example, to scale up infrastructure for a peak day, sunsetting legacy infrastructures, etc. Managing infrastructure manually starts to get challenging as there are many changes to make. ## What is IaC? -Infrastructure as Code (IaC) is the idea of using code to create configuration files for managing a software infrastructure. By specifying infrastructure requirements and dependencies as code, we can then version, automate and release the changes on the infrastructure. +Infrastructure as Code (IaC) is the idea of using code to create configuration files for managing a software infrastructure. By specifying infrastructure requirements and dependencies as code, we can then version, automate and release the changes on the infrastructure. ## What is Terraform? -Terraform is an open source Infrastructure as Code tool to automate the provisioning and management of Cloud infrastructures. The configuration files is written in the **HashiCorp Configuration Language(HCL)**. This language is written in `.tf` files. +Terraform is an open source Infrastructure as Code tool to automate the provisioning and management of Cloud infrastructures. The configuration files are written in the **HashiCorp Configuration Language(HCL)**. This language is written in `.tf` files. ## Terraform Architechture ```mermaid @@ -23,11 +23,11 @@ flowchart TB ``` Terraform is mainly split into several parts: -**Terraform Core:** This is the binary that communicates with Terraform plugins to manage the infrastructure. It is responsible for reading configuration files, building the dependency graph and communication with plugins over RPC. +**Terraform Core:** This is the binary that communicates with Terraform plugins to manage the infrastructure. It is responsible for reading configuration files, building the dependency graph and communicating with plugins over RPC. -**Terraform Plugins:** Plugins are executable binaries written in Go. Currently, there are 2 kinds of plugin: Providers and Provisioners. Providers exposes implementations to services such as AWS, AzureRM. Provisioners runs scripts during resource creation or destruction. +**Terraform Plugins:** Plugins are executable binaries written in Go. Currently, there are 2 kinds of plugins: Providers and Provisioners. Providers expose implementations to services such as AWS, AzureRM. Provisioners run scripts during resource creation or destruction. -**Client Libraries:** Client libraries make it easier to communicate with services from a supported language. While it is possible to call the services' API directly, client libraries simplifies the code you need to call them +**Client Libraries:** Client libraries make it easier to communicate with services from a supported language. While it is possible to call the services' API directly, client libraries simplify the code you need to call them ## Terraform Workflow The workflow for using Terraform consists of five stages: Write, Init, Plan, Apply/Destroy From c9aec879575e6e03e3aac8b2df3b0a9263dd45ca Mon Sep 17 00:00:00 2001 From: Yongkiat Goh <yongkiat.goh@shopee.com> Date: Sun, 18 Sep 2022 19:23:24 +0800 Subject: [PATCH 25/25] Update docs --- docs/IAC-Introduction.md | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/docs/IAC-Introduction.md b/docs/IAC-Introduction.md index 86a53943..55a92c7f 100644 --- a/docs/IAC-Introduction.md +++ b/docs/IAC-Introduction.md @@ -18,8 +18,8 @@ flowchart TB Provisioners end id1[Terraform Core] -- RPC --> Plugins - Plugins -- golang --> id3[Client Libraries] - id3 -- "HTTP(s)" --> id4[Upstream APIs] + Plugins -- golang --> id2[Client Libraries] + id2 -- "HTTP(s)" --> id3[Upstream APIs] ``` Terraform is mainly split into several parts: @@ -30,4 +30,16 @@ Terraform is mainly split into several parts: **Client Libraries:** Client libraries make it easier to communicate with services from a supported language. While it is possible to call the services' API directly, client libraries simplify the code you need to call them ## Terraform Workflow -The workflow for using Terraform consists of five stages: Write, Init, Plan, Apply/Destroy +The workflow for using Terraform consists of five stages: **Write, Initialisation, Plan, Apply/Destroy** + +**Writing Terraform configuration files** + +Writing the configuration files is the first step of using Terraform. The working directory should have at least include one `.tf` file written using HCL. + +Several common practices when writing the config files are: +1. Store your config files in version control and make small incremental changes to them as you write them. +1. Repeatedly run commands `terraform init` or `terraform plan` to check and fix the syntax errors. + +**Initialization** + +When `terraform init` command is executed, Terraform Core reads the configuration files in the working directory, downloads the plugins from several sources, and generates a lock file for subsequent `terraform init` executions to decide which plugin versions to be used.