From 4a5a1cba06bf8b6cf51e082b675444979f4cd318 Mon Sep 17 00:00:00 2001
From: Mario Mupo <mario.mupo@pagopa.it>
Date: Tue, 10 Sep 2024 13:21:12 +0200
Subject: [PATCH] fix: added github runner snet as allowed for functions

---
 src/domains/selfcare/_modules/app_services/data.tf          | 6 ++++++
 .../app_services/function_devportal_service_data.tf         | 6 ++++++
 .../app_services/function_subscription_migrations.tf        | 6 ++++++
 3 files changed, 18 insertions(+)

diff --git a/src/domains/selfcare/_modules/app_services/data.tf b/src/domains/selfcare/_modules/app_services/data.tf
index 33ea1a69b..124ca04c7 100644
--- a/src/domains/selfcare/_modules/app_services/data.tf
+++ b/src/domains/selfcare/_modules/app_services/data.tf
@@ -16,6 +16,12 @@ data "azurerm_subnet" "services_cms_backoffice_snet_itn" {
   resource_group_name  = "${var.project}-itn-common-rg-01"
 }
 
+data "azurerm_subnet" "self_hosted_runner_snet" {
+  name                 = "io-p-github-runner-snet"
+  virtual_network_name = local.vnet_name_common
+  resource_group_name  = local.resource_group_name_common
+}
+
 data "azurerm_cosmosdb_account" "cosmos_api" {
   name                = "${var.project}-cosmos-api"
   resource_group_name = "${var.project}-rg-internal"
diff --git a/src/domains/selfcare/_modules/app_services/function_devportal_service_data.tf b/src/domains/selfcare/_modules/app_services/function_devportal_service_data.tf
index 79d862c5f..bc123722c 100644
--- a/src/domains/selfcare/_modules/app_services/function_devportal_service_data.tf
+++ b/src/domains/selfcare/_modules/app_services/function_devportal_service_data.tf
@@ -44,6 +44,9 @@ module "function_devportalservicedata" {
   subnet_id   = var.subnet_id
   allowed_ips = var.app_insights_ips
   allowed_subnets = [
+    # self hosted runners subnet
+    data.azurerm_subnet.self_hosted_runner_snet.id,
+    #
     var.subnet_id,
   ]
 
@@ -90,6 +93,9 @@ module "function_devportalservicedata_staging_slot" {
     [],
   )
   allowed_subnets = [
+    # self hosted runners subnet
+    data.azurerm_subnet.self_hosted_runner_snet.id,
+    #
     data.azurerm_subnet.snet_azdoa.id
   ]
 
diff --git a/src/domains/selfcare/_modules/app_services/function_subscription_migrations.tf b/src/domains/selfcare/_modules/app_services/function_subscription_migrations.tf
index 4561b98c6..eae9a3399 100644
--- a/src/domains/selfcare/_modules/app_services/function_subscription_migrations.tf
+++ b/src/domains/selfcare/_modules/app_services/function_subscription_migrations.tf
@@ -30,6 +30,9 @@ module "function_subscriptionmigrations" {
   subnet_id   = var.subnet_id
   allowed_ips = var.app_insights_ips
   allowed_subnets = [
+    # self hosted runners subnet
+    data.azurerm_subnet.self_hosted_runner_snet.id,
+    #
     var.subnet_id,
     data.azurerm_subnet.services_cms_backoffice_snet_itn.id
   ]
@@ -87,6 +90,9 @@ module "function_subscriptionmigrations_staging_slot" {
     [],
   )
   allowed_subnets = [
+    # self hosted runners subnet
+    data.azurerm_subnet.self_hosted_runner_snet.id,
+    #
     data.azurerm_subnet.snet_azdoa.id
   ]