Skip to content

Commit

Permalink
[CES-19] Azure DevOps Agent infra moved to core modules (#1163)
Browse files Browse the repository at this point in the history
  • Loading branch information
@christian-calabrese
christian-calabrese authored Sep 16, 2024
1 parent 6061558 commit 9c996c8
Show file tree
Hide file tree
Showing 13 changed files with 242 additions and 108 deletions.
6 changes: 3 additions & 3 deletions src/core/.terraform.lock.hcl
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

5 changes: 1 addition & 4 deletions src/core/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,9 +45,6 @@
| <a name="module_appservice_app_backendli"></a> [appservice\_app\_backendli](#module\_appservice\_app\_backendli) | github.com/pagopa/terraform-azurerm-v3//app_service | v8.31.0 |
| <a name="module_appservice_app_backendli_slot_staging"></a> [appservice\_app\_backendli\_slot\_staging](#module\_appservice\_app\_backendli\_slot\_staging) | github.com/pagopa/terraform-azurerm-v3//app_service_slot | v8.31.0 |
| <a name="module_assets_cdn"></a> [assets\_cdn](#module\_assets\_cdn) | github.com/pagopa/terraform-azurerm-v3//storage_account | v8.27.0 |
| <a name="module_azdoa_li_infra"></a> [azdoa\_li\_infra](#module\_azdoa\_li\_infra) | github.com/pagopa/terraform-azurerm-v3//azure_devops_agent | v8.27.0 |
| <a name="module_azdoa_loadtest_li"></a> [azdoa\_loadtest\_li](#module\_azdoa\_loadtest\_li) | github.com/pagopa/terraform-azurerm-v3//azure_devops_agent | v8.27.0 |
| <a name="module_azdoa_snet"></a> [azdoa\_snet](#module\_azdoa\_snet) | github.com/pagopa/terraform-azurerm-v3//subnet | v8.27.0 |
| <a name="module_locked_profiles_storage"></a> [locked\_profiles\_storage](#module\_locked\_profiles\_storage) | github.com/pagopa/terraform-azurerm-v3//storage_account | v8.27.0 |
| <a name="module_redis_common_backup_zrs"></a> [redis\_common\_backup\_zrs](#module\_redis\_common\_backup\_zrs) | github.com/pagopa/terraform-azurerm-v3//storage_account | v8.27.0 |
| <a name="module_redis_common_snet"></a> [redis\_common\_snet](#module\_redis\_common\_snet) | github.com/pagopa/terraform-azurerm-v3//subnet | v8.27.0 |
Expand Down Expand Up @@ -103,7 +100,6 @@
| [azurerm_monitor_metric_alert.too_many_http_5xx](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/monitor_metric_alert) | resource |
| [azurerm_private_endpoint.locked_profiles_storage_table](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_endpoint) | resource |
| [azurerm_resource_group.assets_cdn_rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
| [azurerm_resource_group.azdo_rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
| [azurerm_resource_group.data](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
| [azurerm_resource_group.default_roleassignment_rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
| [azurerm_resource_group.grafana_dashboard_rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
Expand Down Expand Up @@ -216,6 +212,7 @@
| [azurerm_subnet.admin_snet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/subnet) | data source |
| [azurerm_subnet.apim](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/subnet) | data source |
| [azurerm_subnet.appgateway_snet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/subnet) | data source |
| [azurerm_subnet.azdoa_snet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/subnet) | data source |
| [azurerm_subnet.function_let_snet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/subnet) | data source |
| [azurerm_subnet.functions_fast_login_snet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/subnet) | data source |
| [azurerm_subnet.functions_service_messages_snet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/subnet) | data source |
Expand Down
12 changes: 12 additions & 0 deletions src/core/_modules/azure_devops_agent/locals.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
locals {
nonstandard = {
weu = {
rg = "${var.project}-azdoa-rg"
snet = "azure-devops"
li_infra = "${var.project}-azdoa-vmss-li-infra"
li_loadtest = "${var.project}-azdoa-vmss-loadtest-li"
}
}

image_name = "azdo-agent-ubuntu2204-image-v2"
}
46 changes: 46 additions & 0 deletions src/core/_modules/azure_devops_agent/main.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,46 @@
resource "azurerm_resource_group" "azdoa_rg" {
name = try(local.nonstandard[var.location_short].rg, "${var.project}-azdoa-rg-01")
location = var.location

tags = var.tags
}

module "azdoa_snet" {
source = "github.com/pagopa/terraform-azurerm-v3//subnet?ref=v8.27.0"

name = try(local.nonstandard[var.location_short].snet, "${var.project}-azdoa-snet-01")
address_prefixes = var.cidr_subnet
resource_group_name = var.resource_groups.common
virtual_network_name = var.vnet_common.name
private_endpoint_network_policies_enabled = false

service_endpoints = [
"Microsoft.Web",
]
}

module "azdoa_li_infra" {
source = "github.com/pagopa/terraform-azurerm-v3//azure_devops_agent?ref=v8.27.0"
name = try(local.nonstandard[var.location_short].li_infra, "${var.project}-azdoa-infra-vmss-01")
resource_group_name = azurerm_resource_group.azdoa_rg.name
subnet_id = module.azdoa_snet.id
subscription_id = var.datasources.azurerm_client_config.subscription_id
location = var.location
source_image_name = local.image_name
vm_sku = "Standard_B2als_v2"

tags = var.tags
}

module "azdoa_loadtest_li" {
source = "github.com/pagopa/terraform-azurerm-v3//azure_devops_agent?ref=v8.27.0"
name = try(local.nonstandard[var.location_short].li_loadtest, "${var.project}-azdoa-loadtest-vmss-01")
resource_group_name = azurerm_resource_group.azdoa_rg.name
subnet_id = module.azdoa_snet.id
subscription_id = var.datasources.azurerm_client_config.subscription_id
location = var.location
source_image_name = local.image_name
vm_sku = "Standard_D8ds_v5"

tags = var.tags
}
7 changes: 7 additions & 0 deletions src/core/_modules/azure_devops_agent/outputs.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
output "snet" {
value = {
id = module.azdoa_snet.id
name = module.azdoa_snet.name
address_prefixes = module.azdoa_snet.address_prefixes
}
}
49 changes: 49 additions & 0 deletions src/core/_modules/azure_devops_agent/variables.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
variable "project" {
type = string
description = "IO prefix, short environment and short location"
}

variable "location" {
type = string
description = "Azure region"
}

variable "location_short" {
type = string
description = "Azure region short name"
}

variable "tags" {
type = map(any)
description = "Resource tags"
}

variable "resource_group_name" {
type = string
description = "Resource group name for VNet"
}

variable "cidr_subnet" {
type = list(string)
description = "Azure DevOps agent network address space"
}

variable "vnet_common" {
type = object({
id = string
name = string
address_space = list(string)
resource_group_name = string
})
description = "Information of the common VNet"
}

variable "resource_groups" {
type = map(string)
description = "Resource group names"
}

variable "datasources" {
type = map(any)
description = "Common datasources"
}
6 changes: 3 additions & 3 deletions src/core/app_backend.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -717,7 +717,7 @@ module "appservice_app_backendl1_slot_staging" {
ip_restriction_default_action = "Deny"

allowed_subnets = [
module.azdoa_snet[0].id,
data.azurerm_subnet.azdoa_snet.id,
data.azurerm_subnet.services_snet[0].id,
data.azurerm_subnet.services_snet[1].id,
data.azurerm_subnet.appgateway_snet.id,
Expand Down Expand Up @@ -847,7 +847,7 @@ module "appservice_app_backendl2_slot_staging" {
ip_restriction_default_action = "Deny"

allowed_subnets = [
module.azdoa_snet[0].id,
data.azurerm_subnet.azdoa_snet.id,
data.azurerm_subnet.services_snet[0].id,
data.azurerm_subnet.services_snet[1].id,
data.azurerm_subnet.appgateway_snet.id,
Expand Down Expand Up @@ -964,7 +964,7 @@ module "appservice_app_backendli_slot_staging" {
ip_restriction_default_action = "Deny"

allowed_subnets = [
module.azdoa_snet[0].id,
data.azurerm_subnet.azdoa_snet.id,
data.azurerm_subnet.services_snet[0].id,
data.azurerm_subnet.services_snet[1].id,
data.azurerm_subnet.admin_snet.id,
Expand Down
50 changes: 0 additions & 50 deletions src/core/azure_devops_agent.tf
View file

This file was deleted.

10 changes: 10 additions & 0 deletions src/core/data.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -462,3 +462,13 @@ data "azurerm_subnet" "appgateway_snet" {
resource_group_name = azurerm_resource_group.rg_common.name
virtual_network_name = data.azurerm_virtual_network.common.name
}

#
# Azure DevOps Agent
#

data "azurerm_subnet" "azdoa_snet" {
name = "azure-devops"
resource_group_name = azurerm_resource_group.rg_common.name
virtual_network_name = data.azurerm_virtual_network.common.name
}
Loading

0 comments on commit 9c996c8

Please sign in to comment.