Add GxIT subdomains #178

sanjaysrikakulam · 2023-10-02T13:14:30Z

This PR matches the current state of IT subdomains in AWS Route 53.

I have cross-checked the current wildcard IT CNAME records list in our AWS Route53 and added a new variable. So, in the future, if a subdomain requests GxIT privileges, we can simply add that subdomain to this variable and increase the counter. This way, we do not allow GxITs for all subdomains by default (hence a new exclusive variable).

This PR matches the current state of IT subdomains in AWS Route 53.

bgruening · 2023-10-02T13:16:51Z

@hexylena can you please have a look at this one?

usegalaxy-eu-bot · 2023-10-02T13:18:52Z


Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # aws_route53_record.it-subdomain-main[0] will be created
  + resource "aws_route53_record" "it-subdomain-main" {
      + allow_overwrite = (known after apply)
      + fqdn            = (known after apply)
      + id              = (known after apply)
      + name            = "*.interactivetoolentrypoint.interactivetool.annotation.usegalaxy.eu"
      + records         = [
          + "usegalaxy.eu",
        ]
      + ttl             = 7200
      + type            = "CNAME"
      + zone_id         = "Z1C7L7XFF9613J"
    }

  # aws_route53_record.it-subdomain-main[1] will be created
  + resource "aws_route53_record" "it-subdomain-main" {
      + allow_overwrite = (known after apply)
      + fqdn            = (known after apply)
      + id              = (known after apply)
      + name            = "*.interactivetoolentrypoint.interactivetool.aqua.usegalaxy.eu"
      + records         = [
          + "usegalaxy.eu",
        ]
      + ttl             = 7200
      + type            = "CNAME"
      + zone_id         = "Z1C7L7XFF9613J"
    }

  # aws_route53_record.it-subdomain-main[2] will be created
  + resource "aws_route53_record" "it-subdomain-main" {
      + allow_overwrite = (known after apply)
      + fqdn            = (known after apply)
      + id              = (known after apply)
      + name            = "*.interactivetoolentrypoint.interactivetool.beta.usegalaxy.eu"
      + records         = [
          + "usegalaxy.eu",
        ]
      + ttl             = 7200
      + type            = "CNAME"
      + zone_id         = "Z1C7L7XFF9613J"
    }

  # aws_route53_record.it-subdomain-main[3] will be created
  + resource "aws_route53_record" "it-subdomain-main" {
      + allow_overwrite = (known after apply)
      + fqdn            = (known after apply)
      + id              = (known after apply)
      + name            = "*.interactivetoolentrypoint.interactivetool.build.usegalaxy.eu"
      + records         = [
          + "usegalaxy.eu",
        ]
      + ttl             = 7200
      + type            = "CNAME"
      + zone_id         = "Z1C7L7XFF9613J"
    }

  # aws_route53_record.it-subdomain-main[4] will be created
  + resource "aws_route53_record" "it-subdomain-main" {
      + allow_overwrite = (known after apply)
      + fqdn            = (known after apply)
      + id              = (known after apply)
      + name            = "*.interactivetoolentrypoint.interactivetool.cheminformatics.usegalaxy.eu"
      + records         = [
          + "usegalaxy.eu",
        ]
      + ttl             = 7200
      + type            = "CNAME"
      + zone_id         = "Z1C7L7XFF9613J"
    }

  # aws_route53_record.it-subdomain-main[5] will be created
  + resource "aws_route53_record" "it-subdomain-main" {
      + allow_overwrite = (known after apply)
      + fqdn            = (known after apply)
      + id              = (known after apply)
      + name            = "*.interactivetoolentrypoint.interactivetool.climate.usegalaxy.eu"
      + records         = [
          + "usegalaxy.eu",
        ]
      + ttl             = 7200
      + type            = "CNAME"
      + zone_id         = "Z1C7L7XFF9613J"
    }

  # aws_route53_record.it-subdomain-main[6] will be created
  + resource "aws_route53_record" "it-subdomain-main" {
      + allow_overwrite = (known after apply)
      + fqdn            = (known after apply)
      + id              = (known after apply)
      + name            = "*.interactivetoolentrypoint.interactivetool.clipseq.usegalaxy.eu"
      + records         = [
          + "usegalaxy.eu",
        ]
      + ttl             = 7200
      + type            = "CNAME"
      + zone_id         = "Z1C7L7XFF9613J"
    }

  # aws_route53_record.it-subdomain-main[7] will be created
  + resource "aws_route53_record" "it-subdomain-main" {
      + allow_overwrite = (known after apply)
      + fqdn            = (known after apply)
      + id              = (known after apply)
      + name            = "*.interactivetoolentrypoint.interactivetool.ecology.usegalaxy.eu"
      + records         = [
          + "usegalaxy.eu",
        ]
      + ttl             = 7200
      + type            = "CNAME"
      + zone_id         = "Z1C7L7XFF9613J"
    }

  # aws_route53_record.it-subdomain-main[8] will be created
  + resource "aws_route53_record" "it-subdomain-main" {
      + allow_overwrite = (known after apply)
      + fqdn            = (known after apply)
      + id              = (known after apply)
      + name            = "*.interactivetoolentrypoint.interactivetool.erasmusmc.usegalaxy.eu"
      + records         = [
          + "usegalaxy.eu",
        ]
      + ttl             = 7200
      + type            = "CNAME"
      + zone_id         = "Z1C7L7XFF9613J"
    }

  # aws_route53_record.it-subdomain-main[9] will be created
  + resource "aws_route53_record" "it-subdomain-main" {
      + allow_overwrite = (known after apply)
      + fqdn            = (known after apply)
      + id              = (known after apply)
      + name            = "*.interactivetoolentrypoint.interactivetool.graphclust.usegalaxy.eu"
      + records         = [
          + "usegalaxy.eu",
        ]
      + ttl             = 7200
      + type            = "CNAME"
      + zone_id         = "Z1C7L7XFF9613J"
    }

  # aws_route53_record.it-subdomain-main[10] will be created
  + resource "aws_route53_record" "it-subdomain-main" {
      + allow_overwrite = (known after apply)
      + fqdn            = (known after apply)
      + id              = (known after apply)
      + name            = "*.interactivetoolentrypoint.interactivetool.hicexplorer.usegalaxy.eu"
      + records         = [
          + "usegalaxy.eu",
        ]
      + ttl             = 7200
      + type            = "CNAME"
      + zone_id         = "Z1C7L7XFF9613J"
    }

  # aws_route53_record.it-subdomain-main[11] will be created
  + resource "aws_route53_record" "it-subdomain-main" {
      + allow_overwrite = (known after apply)
      + fqdn            = (known after apply)
      + id              = (known after apply)
      + name            = "*.interactivetoolentrypoint.interactivetool.humancellatlas.usegalaxy.eu"
      + records         = [
          + "usegalaxy.eu",
        ]
      + ttl             = 7200
      + type            = "CNAME"
      + zone_id         = "Z1C7L7XFF9613J"
    }

  # aws_route53_record.it-subdomain-main[12] will be created
  + resource "aws_route53_record" "it-subdomain-main" {
      + allow_overwrite = (known after apply)
      + fqdn            = (known after apply)
      + id              = (known after apply)
      + name            = "*.interactivetoolentrypoint.interactivetool.imaging.usegalaxy.eu"
      + records         = [
          + "usegalaxy.eu",
        ]
      + ttl             = 7200
      + type            = "CNAME"
      + zone_id         = "Z1C7L7XFF9613J"
    }

  # aws_route53_record.it-subdomain-main[13] will be created
  + resource "aws_route53_record" "it-subdomain-main" {
      + allow_overwrite = (known after apply)
      + fqdn            = (known after apply)
      + id              = (known after apply)
      + name            = "*.interactivetoolentrypoint.interactivetool.usegalaxy.eu"
      + records         = [
          + "usegalaxy.eu",
        ]
      + ttl             = 7200
      + type            = "CNAME"
      + zone_id         = "Z1C7L7XFF9613J"
    }

  # aws_route53_record.it-subdomain-main[14] will be created
  + resource "aws_route53_record" "it-subdomain-main" {
      + allow_overwrite = (known after apply)
      + fqdn            = (known after apply)
      + id              = (known after apply)
      + name            = "*.interactivetoolentrypoint.interactivetool.test.internal.usegalaxy.eu"
      + records         = [
          + "usegalaxy.eu",
        ]
      + ttl             = 7200
      + type            = "CNAME"
      + zone_id         = "Z1C7L7XFF9613J"
    }

  # aws_route53_record.it-subdomain-main[15] will be created
  + resource "aws_route53_record" "it-subdomain-main" {
      + allow_overwrite = (known after apply)
      + fqdn            = (known after apply)
      + id              = (known after apply)
      + name            = "*.interactivetoolentrypoint.interactivetool.live.usegalaxy.eu"
      + records         = [
          + "usegalaxy.eu",
        ]
      + ttl             = 7200
      + type            = "CNAME"
      + zone_id         = "Z1C7L7XFF9613J"
    }

  # aws_route53_record.it-subdomain-main[16] will be created
  + resource "aws_route53_record" "it-subdomain-main" {
      + allow_overwrite = (known after apply)
      + fqdn            = (known after apply)
      + id              = (known after apply)
      + name            = "*.interactivetoolentrypoint.interactivetool.metabolomics.usegalaxy.eu"
      + records         = [
          + "usegalaxy.eu",
        ]
      + ttl             = 7200
      + type            = "CNAME"
      + zone_id         = "Z1C7L7XFF9613J"
    }

  # aws_route53_record.it-subdomain-main[17] will be created
  + resource "aws_route53_record" "it-subdomain-main" {
      + allow_overwrite = (known after apply)
      + fqdn            = (known after apply)
      + id              = (known after apply)
      + name            = "*.interactivetoolentrypoint.interactivetool.metagenomics.usegalaxy.eu"
      + records         = [
          + "usegalaxy.eu",
        ]
      + ttl             = 7200
      + type            = "CNAME"
      + zone_id         = "Z1C7L7XFF9613J"
    }

  # aws_route53_record.it-subdomain-main[18] will be created
  + resource "aws_route53_record" "it-subdomain-main" {
      + allow_overwrite = (known after apply)
      + fqdn            = (known after apply)
      + id              = (known after apply)
      + name            = "*.interactivetoolentrypoint.interactivetool.nanopore.usegalaxy.eu"
      + records         = [
          + "usegalaxy.eu",
        ]
      + ttl             = 7200
      + type            = "CNAME"
      + zone_id         = "Z1C7L7XFF9613J"
    }

  # aws_route53_record.it-subdomain-main[19] will be created
  + resource "aws_route53_record" "it-subdomain-main" {
      + allow_overwrite = (known after apply)
      + fqdn            = (known after apply)
      + id              = (known after apply)
      + name            = "*.interactivetoolentrypoint.interactivetool.proteomics.usegalaxy.eu"
      + records         = [
          + "usegalaxy.eu",
        ]
      + ttl             = 7200
      + type            = "CNAME"
      + zone_id         = "Z1C7L7XFF9613J"
    }

  # aws_route53_record.it-subdomain-main[20] will be created
  + resource "aws_route53_record" "it-subdomain-main" {
      + allow_overwrite = (known after apply)
      + fqdn            = (known after apply)
      + id              = (known after apply)
      + name            = "*.interactivetoolentrypoint.interactivetool.rna.usegalaxy.eu"
      + records         = [
          + "usegalaxy.eu",
        ]
      + ttl             = 7200
      + type            = "CNAME"
      + zone_id         = "Z1C7L7XFF9613J"
    }

  # aws_route53_record.it-subdomain-main[21] will be created
  + resource "aws_route53_record" "it-subdomain-main" {
      + allow_overwrite = (known after apply)
      + fqdn            = (known after apply)
      + id              = (known after apply)
      + name            = "*.interactivetoolentrypoint.interactivetool.singlecell.usegalaxy.eu"
      + records         = [
          + "usegalaxy.eu",
        ]
      + ttl             = 7200
      + type            = "CNAME"
      + zone_id         = "Z1C7L7XFF9613J"
    }

  # aws_route53_record.it-subdomain-main[22] will be created
  + resource "aws_route53_record" "it-subdomain-main" {
      + allow_overwrite = (known after apply)
      + fqdn            = (known after apply)
      + id              = (known after apply)
      + name            = "*.interactivetoolentrypoint.interactivetool.stats.usegalaxy.eu"
      + records         = [
          + "usegalaxy.eu",
        ]
      + ttl             = 7200
      + type            = "CNAME"
      + zone_id         = "Z1C7L7XFF9613J"
    }

  # aws_route53_record.it-subdomain-main[23] will be created
  + resource "aws_route53_record" "it-subdomain-main" {
      + allow_overwrite = (known after apply)
      + fqdn            = (known after apply)
      + id              = (known after apply)
      + name            = "*.interactivetoolentrypoint.interactivetool.streetscience.usegalaxy.eu"
      + records         = [
          + "usegalaxy.eu",
        ]
      + ttl             = 7200
      + type            = "CNAME"
      + zone_id         = "Z1C7L7XFF9613J"
    }

  # aws_route53_record.it-subdomain-main[24] will be created
  + resource "aws_route53_record" "it-subdomain-main" {
      + allow_overwrite = (known after apply)
      + fqdn            = (known after apply)
      + id              = (known after apply)
      + name            = "*.interactivetoolentrypoint.interactivetool.test.usegalaxy.eu"
      + records         = [
          + "usegalaxy.eu",
        ]
      + ttl             = 7200
      + type            = "CNAME"
      + zone_id         = "Z1C7L7XFF9613J"
    }

Plan: 25 to add, 0 to change, 0 to destroy.

─────────────────────────────────────────────────────────────────────────────

Saved the plan to: tf.plan

To perform exactly these actions, run the following command to apply:
    terraform apply "tf.plan" ```

kysrpex

Looks good but wait for @hexylena's review too.

hexylena · 2023-10-03T09:01:33Z

@bgruening I can look, and on the surface it looks fine (though I still maintain my position on this solution vs path-based.)

I do wonder how it will be kept in sync with the ansible variable(s) that requests wildcards for only those, but maybe fetching this file from github via some automation, or during the ansible run, or, some other solution can be found for that.

bgruening · 2023-10-03T10:59:12Z

though I still maintain my position on this solution vs path-based

We all do. But we also need to move forward until this gets implemented/tested because our users needs it as it seems.

Thanks for looking into it!

#179

usegalaxy-eu-bot · 2023-10-05T14:00:24Z


Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # aws_route53_record.subdomains[38] will be created
  + resource "aws_route53_record" "subdomains" {
      + allow_overwrite = true
      + fqdn            = (known after apply)
      + id              = (known after apply)
      + name            = "earth-system.usegalaxy.eu"
      + records         = [
          + "usegalaxy.eu",
        ]
      + ttl             = 7200
      + type            = "CNAME"
      + zone_id         = "Z1C7L7XFF9613J"
    }

Plan: 1 to add, 0 to change, 0 to destroy.

─────────────────────────────────────────────────────────────────────────────

Saved the plan to: tf.plan

To perform exactly these actions, run the following command to apply:
    terraform apply "tf.plan" ```

Add subdomain ITs

0bd0f81

This PR matches the current state of IT subdomains in AWS Route 53.

sanjaysrikakulam requested review from bgruening and kysrpex October 2, 2023 13:14

bgruening requested review from hexylena and removed request for bgruening October 2, 2023 13:16

sanjaysrikakulam mentioned this pull request Oct 2, 2023

Add subdomains to sn06's certbot for wildcard certificate usegalaxy-eu/infrastructure-playbook#916

Merged

kysrpex approved these changes Oct 2, 2023

View reviewed changes

sanjaysrikakulam mentioned this pull request Oct 2, 2023

Add 'To add GxIT privileges' section to the subdomains usegalaxy-eu/operations#38

Merged

Update with earth-system IT subdomain

a1a38e9

#179

Marie59 mentioned this pull request Oct 5, 2023

add earth-system for GxIT usegalaxy-eu/infrastructure-playbook#922

Merged

detocjerome approved these changes Oct 5, 2023

View reviewed changes

bgruening approved these changes Oct 7, 2023

View reviewed changes

sanjaysrikakulam merged commit 01148fd into main Jan 4, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add GxIT subdomains #178

Add GxIT subdomains #178

sanjaysrikakulam commented Oct 2, 2023

bgruening commented Oct 2, 2023

usegalaxy-eu-bot commented Oct 2, 2023

kysrpex left a comment

hexylena commented Oct 3, 2023

bgruening commented Oct 3, 2023

usegalaxy-eu-bot commented Oct 5, 2023

Add GxIT subdomains #178

Add GxIT subdomains #178

Conversation

sanjaysrikakulam commented Oct 2, 2023

bgruening commented Oct 2, 2023

usegalaxy-eu-bot commented Oct 2, 2023

kysrpex left a comment

Choose a reason for hiding this comment

hexylena commented Oct 3, 2023

bgruening commented Oct 3, 2023

usegalaxy-eu-bot commented Oct 5, 2023