Move TYA infra to tribs repo (#3991)

hmcts · Oct 10, 2024 · 6e736f1 · 6e736f1
1 parent d50f646
commit 6e736f1
Show file tree

Hide file tree

Showing 3 changed files with 103 additions and 2 deletions.
diff --git a/infrastructure/database.tf b/infrastructure/database.tf
@@ -0,0 +1,74 @@
+provider "azurerm" {
+  features {}
+  skip_provider_registration = true
+  alias                      = "postgres_network"
+  subscription_id            = var.aks_subscription_id
+}
+
+module "notification-scheduler-db-flexible" {
+  providers = {
+    azurerm.postgres_network = azurerm.postgres_network
+  }
+  source = "[email protected]:hmcts/terraform-module-postgresql-flexible?ref=master"
+  env    = var.env
+  product       = var.product
+  component     = var.tya-component
+  name          = "${var.product}-${var.tya-component}-postgres-v15-db"
+  business_area = "CFT" # sds or cft
+  force_user_permissions_trigger = "1"
+  # The original subnet is full, this is required to use the new subnet for new databases
+  subnet_suffix = "expanded"
+  pgsql_databases = [
+    {
+      name : var.database_name
+    }
+  ]
+  pgsql_version = "15"
+  # The ID of the principal to be granted admin access to the database server.
+  # On Jenkins it will be injected for you automatically as jenkins_AAD_objectId.
+  # Otherwise change the below:
+  admin_user_object_id = var.jenkins_AAD_objectId
+  common_tags = var.common_tags
+  pgsql_server_configuration = [
+    {
+      name  = "azure.extensions"
+      value = "plpgsql,pg_stat_statements,pg_buffercache,hypopg"
+    }
+  ]
+  //Below attributes needs to be overridden for Perftest & Prod
+  pgsql_sku            = var.pgsql_sku
+  pgsql_storage_mb     = var.pgsql_storage_mb
+}
+
+# FlexibleServer v15 creds
+resource "azurerm_key_vault_secret" "POSTGRES-USER-FLEX-V15" {
+  name         = "${var.tya-component}-POSTGRES-USER-FLEX-V15"
+  value        = module.notification-scheduler-db-flexible.username
+  key_vault_id = data.azurerm_key_vault.sscs_key_vault.id
+}
+
+resource "azurerm_key_vault_secret" "POSTGRES-PASS-FLEX-V15" {
+  name         = "${var.tya-component}-POSTGRES-PASS-FLEX-V15"
+  value        = module.notification-scheduler-db-flexible.password
+  key_vault_id = data.azurerm_key_vault.sscs_key_vault.id
+}
+
+resource "azurerm_key_vault_secret" "POSTGRES_HOST-FLEX-V15" {
+  name         = "${var.tya-component}-POSTGRES-HOST-FLEX-V15"
+  value        = module.notification-scheduler-db-flexible.fqdn
+  key_vault_id = data.azurerm_key_vault.sscs_key_vault.id
+}
+
+resource "azurerm_key_vault_secret" "POSTGRES_PORT-FLEX-V15" {
+  name         = "${var.tya-component}-POSTGRES-PORT-FLEX-V15"
+  value        = "5432"
+  key_vault_id = data.azurerm_key_vault.sscs_key_vault.id
+}
+
+resource "azurerm_key_vault_secret" "POSTGRES_DATABASE-FLEX-V15" {
+  name         = "${var.tya-component}-POSTGRES-DATABASE-FLEX-V15"
+  value        = var.database_name
+  key_vault_id = data.azurerm_key_vault.sscs_key_vault.id
+}
+
+
diff --git a/infrastructure/prod.tfvars b/infrastructure/prod.tfvars
@@ -1 +1 @@
-send_grid_subscription = "8999dec3-0104-4a27-94ee-6588559729d1"
+send_grid_subscription = "8999dec3-0104-4a27-94ee-6588559729d1"
diff --git a/infrastructure/variables.tf b/infrastructure/variables.tf
@@ -36,4 +36,31 @@ variable "appinsights_instrumentation_key" {
 
 variable "send_grid_subscription" {
   default = "1c4f0704-a29e-403d-b719-b90c34ef14c9"
-}
+}
+
+
+variable "tya-component" {
+  default = "tya-notif"
+}
+
+variable "postgresql_user" {
+  default = "notification"
+}
+
+variable "database_name" {
+  default = "notification"
+}
+
+/// POSTGRES FLEXIBLE SERVER DB VARIABLES
+variable "pgsql_sku" {
+  description = "The PGSql flexible server instance sku"
+  default     = "GP_Standard_D2s_v3"
+}
+
+variable "pgsql_storage_mb" {
+  description = "Max storage allowed for the PGSql Flexibile instance"
+  type        = number
+  default     = 65536
+}
+
+variable "aks_subscription_id" {} # provided by the Jenkins library, ADO users will need to specify this