[CES-30] Move Redis-Common in Common TF config (#1178)

src/common/_modules/redis/locals.tf

@@ -0,0 +1,9 @@
+locals {
+  nonstandard = {
+    weu = {
+      subnet          = "rediscommon"
+      redis_common    = "${var.project}-redis-common"
+      storage_account = replace(format("%s-stredisbackup", var.project), "-", "")
+    }
+  }
+}

src/common/_modules/redis/main.tf

@@ -0,0 +1,54 @@
+resource "azurerm_redis_cache" "common" {
+  name                          = try(local.nonstandard[var.location_short].redis_common, "${var.project}-common-redis-01")
+  resource_group_name           = var.resource_group_name
+  location                      = var.location
+  capacity                      = 2
+  shard_count                   = 4
+  family                        = "P"
+  sku_name                      = "Premium"
+  subnet_id                     = azurerm_subnet.redis.id
+  public_network_access_enabled = true
+  redis_version                 = "6"
+  zones                         = null
+
+  redis_configuration {
+    authentication_enabled                 = true
+    rdb_backup_enabled                     = true
+    rdb_backup_frequency                   = 60
+    rdb_backup_max_snapshot_count          = 1
+    rdb_storage_connection_string          = module.redis_common_backup_zrs.primary_blob_connection_string
+    data_persistence_authentication_method = "SAS"
+    storage_account_subscription_id        = "ec285037-c673-4f58-b594-d7c480da4e8b"
+  }
+
+  patch_schedule {
+    day_of_week    = "Sunday"
+    start_hour_utc = 23
+  }
+  patch_schedule {
+    day_of_week    = "Monday"
+    start_hour_utc = 23
+  }
+  patch_schedule {
+    day_of_week    = "Tuesday"
+    start_hour_utc = 23
+  }
+  patch_schedule {
+    day_of_week    = "Wednesday"
+    start_hour_utc = 23
+  }
+  patch_schedule {
+    day_of_week    = "Thursday"
+    start_hour_utc = 23
+  }
+
+  # NOTE: There's a bug in the Redis API where the original storage connection string isn't being returned,
+  # which is being tracked here [https://github.com/Azure/azure-rest-api-specs/issues/3037].
+  # At first import/creation, apply without the lifecyle, add it later. Connection string
+  # should be about the blob storage
+  lifecycle {
+    ignore_changes = [redis_configuration[0].rdb_storage_connection_string]
+  }
+
+  tags = var.tags
+}

src/common/_modules/redis/storage_account.tf

@@ -0,0 +1,17 @@
+module "redis_common_backup_zrs" {
+  source = "github.com/pagopa/terraform-azurerm-v3//storage_account?ref=v8.27.0"
+
+  name                            = try(local.nonstandard[var.location_short].storage_account, "${var.project}-redis-common-st-01")
+  account_kind                    = "StorageV2"
+  account_tier                    = "Premium"
+  access_tier                     = "Hot"
+  account_replication_type        = "ZRS"
+  resource_group_name             = var.resource_group_name
+  location                        = var.location
+  advanced_threat_protection      = true
+  use_legacy_defender_version     = false
+  allow_nested_items_to_be_public = false
+  public_network_access_enabled   = true
+
+  tags = var.tags
+}

src/common/_modules/redis/subnet.tf

@@ -0,0 +1,7 @@
+resource "azurerm_subnet" "redis" {
+  name                              = try(local.nonstandard[var.location_short].subnet, "${var.project}-redis-snet-01")
+  address_prefixes                  = [var.cidr_subnet_redis_common]
+  resource_group_name               = var.vnet_common.resource_group_name
+  virtual_network_name              = var.vnet_common.name
+  private_endpoint_network_policies = "Enabled"
+}

src/common/_modules/redis/variables.tf

@@ -0,0 +1,38 @@
+variable "project" {
+  type        = string
+  description = "IO prefix, short environment and short location"
+}
+
+variable "location" {
+  type        = string
+  description = "Azure region"
+}
+
+variable "location_short" {
+  type        = string
+  description = "Azure region short name"
+}
+
+variable "tags" {
+  type        = map(any)
+  description = "Resource tags"
+}
+
+variable "resource_group_name" {
+  type        = string
+  description = "Resource group"
+}
+
+variable "vnet_common" {
+  type = object({
+    id                  = string
+    name                = string
+    address_space       = list(string)
+    resource_group_name = string
+  })
+  description = "Information of the common VNet"
+}
+
+variable "cidr_subnet_redis_common" {
+  type = string
+}

src/common/prod/README.md

@@ -4,7 +4,7 @@
 
 | Name | Version |
 |------|---------|
-| <a name="requirement_azurerm"></a> [azurerm](#requirement\_azurerm) | <= 3.114.0 |
+| <a name="requirement_azurerm"></a> [azurerm](#requirement\_azurerm) | <= 3.116.0 |
 
 ## Modules
 
@@ -18,6 +18,7 @@
 | <a name="module_github_runner_itn"></a> [github\_runner\_itn](#module\_github\_runner\_itn) | ../_modules/github_runner | n/a |
 | <a name="module_global"></a> [global](#module\_global) | ../_modules/global | n/a |
 | <a name="module_monitoring_weu"></a> [monitoring\_weu](#module\_monitoring\_weu) | ../_modules/monitoring | n/a |
+| <a name="module_redis_weu"></a> [redis\_weu](#module\_redis\_weu) | ../_modules/redis | n/a |
 
 ## Resources
 

src/common/prod/main.tf

@@ -10,7 +10,7 @@ terraform {
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = "<= 3.114.0"
+      version = "<= 3.116.0"
     }
   }
 }

src/common/prod/westeurope.tf

@@ -398,4 +398,18 @@ module "cosmos_api_weu" {
   allowed_subnets_ids = values(data.azurerm_subnet.cosmos_api_allowed)[*].id
 
   tags = local.tags
-}
+}
+
+module "redis_weu" {
+  source = "../_modules/redis"
+
+  location       = data.azurerm_resource_group.common_weu.location
+  location_short = local.location_short[data.azurerm_resource_group.common_weu.location]
+  project        = local.project_weu_legacy
+
+  resource_group_name      = local.resource_groups[local.location_short[data.azurerm_resource_group.common_weu.location]].common
+  vnet_common              = local.core.networking.weu.vnet_common
+  cidr_subnet_redis_common = "10.0.200.0/24"
+
+  tags = local.tags
+}

src/core/README.md

@@ -40,8 +40,6 @@
 | <a name="module_appservice_app_backendl2_slot_staging"></a> [appservice\_app\_backendl2\_slot\_staging](#module\_appservice\_app\_backendl2\_slot\_staging) | github.com/pagopa/terraform-azurerm-v3//app_service_slot | v8.31.0 |
 | <a name="module_appservice_app_backendli"></a> [appservice\_app\_backendli](#module\_appservice\_app\_backendli) | github.com/pagopa/terraform-azurerm-v3//app_service | v8.31.0 |
 | <a name="module_appservice_app_backendli_slot_staging"></a> [appservice\_app\_backendli\_slot\_staging](#module\_appservice\_app\_backendli\_slot\_staging) | github.com/pagopa/terraform-azurerm-v3//app_service_slot | v8.31.0 |
-| <a name="module_redis_common_backup_zrs"></a> [redis\_common\_backup\_zrs](#module\_redis\_common\_backup\_zrs) | github.com/pagopa/terraform-azurerm-v3//storage_account | v8.27.0 |
-| <a name="module_redis_common_snet"></a> [redis\_common\_snet](#module\_redis\_common\_snet) | github.com/pagopa/terraform-azurerm-v3//subnet | v8.27.0 |
 
 ## Resources
 

src/core/app_backend.tf

@@ -1,3 +1,8 @@
+data "azurerm_redis_cache" "redis_common" {
+  name                = format("%s-redis-common", local.project)
+  resource_group_name = azurerm_resource_group.rg_common.name
+}
+
 ### Common resources
 
 locals {