#1090 - Add Micromasters VPC Pulumi code

src/ol_infrastructure/applications/micromasters/Pulumi.applications.micromasters.CI.yaml

@@ -1,3 +1,12 @@
----
-secretsprovider: awskms://alias/infrastructure-secrets-qa
-encryptedkey: AQICAHijXuVxVlAL6bY9xCOrzO3YYhFlQBPt6jNyJGkhYu+q4QGMy4yIannSd/lzkrjExmbaAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMRoeZfasDehG5AcrtAgEQgDvOsnwTDAZrd6xg7FQjOcT8onJyrpUcL9r4WsBRqifRGolaRMEVohz4EbNnqmE0kxybvS6CKoiC0f16EA==
+secretsprovider: awskms://alias/infrastructure-secrets-ci
+encryptedkey: AQICAHi+npazf3LfzV9oCtcYyCMYLOzaQhbo9xt6lJVVpz9tkQHmbQbdOIGG4Jt34XVtsKrHAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMzjNghqk4vTeob3lJAgEQgDt7H0yPqnjaQpouv/pngrLocorB4cYIcu+1zjTT95OxLKYWG6n4zAOokfTG64Ut0fyLkxA2EvI7vytTgg==
+config:
+  aws:region: us-east-1
+  consul:address: https://consul-micromasters-ci.odl.mit.edu
+  consul:scheme: https
+  micromasters:db_password:
+    secure: v1:DTEttuHYUMFQ5AJM:FSsYgItu3JT8hNcO/kz/JJn3t/dSHEWl5RSNUzlErvov6GDajBte9cvhMjrWi1itHopHJCkiseHdBxjz8Iulaodo9eeHQwSMrAq3+HuWgXE=
+  micromasters:domain: ci.micromasters.mit.edu
+  micromasters:proctortrack_url: https://preproduction.verificient.com
+  vault:address: https://vault-ci.odl.mit.edu
+  vault_server:env_namespace: operations.ci

src/ol_infrastructure/infrastructure/aws/network/Pulumi.infrastructure.aws.network.CI.yaml

@@ -1,4 +1,3 @@
----
 secretsprovider: awskms://alias/PulumiSecrets
 encryptedkey: AQICAHionUR8LBW1ALuVC0rCH3AE2oQIfGMCx3XmpDH9HjM2LQGBLco/RG9oGViri+qOtu1pAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMdFHq4mWeThJCfms3AgEQgDvJ5h2BbmqsJftNs+lFvcyA5ovBM88JNbMXulpPU9kib6kpO1GxxqHG7eLIe2brFv3gph1xB6+heONLww==
 config:
@@ -7,6 +6,7 @@ config:
   data_vpc:cidr_block: 172.17.0.0/16
   k8s_vpc:cidr_block: 172.30.0.0/17
   k8s_vpc:k8s_service_subnet: 172.30.48.0/20
+  micromasters_vpc:cidr_block: 172.23.0.0/16
   mitx_online_vpc:cidr_block: 10.20.0.0/16
   ocw_vpc:cidr_block: 172.21.0.0/16
   operations_vpc:cidr_block: 172.16.0.0/16

src/ol_infrastructure/infrastructure/aws/network/__main__.py

@@ -170,6 +170,20 @@ def vpc_exports(vpc: OLVPC, peers: Optional[list[str]] = None) -> dict[str, Any]
 )
 xpro_vpc = OLVPC(xpro_vpc_config)
 
+micromasters_config = Config("micromasters_vpc")
+micromasters_vpc_config = OLVPCConfig(
+    vpc_name=f"micromasters-{stack_info.env_suffix}",
+    cidr_block=micromasters_config.require("cidr_block"),
+    num_subnets=5,
+    tags={
+        "OU": "micromasters",
+        "Environment": f"micromasters-{stack_info.env_suffix}",
+        "business_unit": "micromasters",
+        "Name": f"Micromasters {stack_info.name}",
+    },
+)
+micromasters_vpc = OLVPC(micromasters_vpc_config)
+
 data_vpc_exports = vpc_exports(
     data_vpc,
     [
@@ -372,6 +386,29 @@ def vpc_exports(vpc: OLVPC, peers: Optional[list[str]] = None) -> dict[str, Any]
 )
 export("xpro_vpc", xpro_vpc_exports)
 
+
+micromasters_vpc_exports = vpc_exports(micromasters_vpc, ["data_vpc", "operations_vpc"])
+micromasters_vpc_exports.update(
+    {
+        "security_groups": {
+            "default": micromasters_vpc.olvpc.id.apply(default_group).id,
+            "ssh": public_ssh(micromasters_vpc_config.vpc_name, micromasters_vpc.olvpc)(
+                tags=micromasters_vpc_config.merged_tags(
+                    {"Name": f"micromasters-{stack_info.env_suffix}-public-ssh"}
+                ),
+                name=f"micromasters-{stack_info.env_suffix}-public-ssh",
+            ).id,
+            "web": public_web(micromasters_vpc_config.vpc_name, micromasters_vpc.olvpc)(
+                tags=micromasters_vpc_config.merged_tags(
+                    {"Name": f"micromasters-{stack_info.env_suffix}-public-web"}
+                ),
+                name=f"micromasters-{stack_info.env_suffix}-public-web",
+            ).id,
+        }
+    }
+)
+export("micromasters_vpc", micromasters_vpc_exports)
+
 # TODO: MD 2022-05-13 This probably needs to be expanded upon once the k8s network is peered to others  # noqa: E501
 # when it gains some security groups.
 k8s_vpc_exports = vpc_exports(k8s_vpc)
@@ -482,6 +519,11 @@ def vpc_exports(vpc: OLVPC, peers: Optional[list[str]] = None) -> dict[str, Any]
     data_vpc,
     xpro_vpc,
 )
+data_to_micromasters_peer = OLVPCPeeringConnection(
+    "ol-data-{0}-to-micromasters-{0}-vpc-peer".format(stack_info.env_suffix),
+    data_vpc,
+    micromasters_vpc,
+)
 operations_to_applications_peer = OLVPCPeeringConnection(
     "ol-operations-{0}-to-applications-{0}-vpc-peer".format(stack_info.env_suffix),
     operations_vpc,
@@ -514,6 +556,11 @@ def vpc_exports(vpc: OLVPC, peers: Optional[list[str]] = None) -> dict[str, Any]
     operations_vpc,
     xpro_vpc,
 )
+operations_to_micromasters_peer = OLVPCPeeringConnection(
+    "ol-operations-{0}-to-micromasters-{0}-vpc-peer".format(stack_info.env_suffix),
+    operations_vpc,
+    micromasters_vpc,
+)
 
 if stack_info.env_suffix == "production":
     # TODO: Delete this once we migrate the Micromasters RDS into the applications VPC