Move redis to citizen-auth-common domain (#723)

pagopa · Oct 30, 2023 · a18d980 · a18d980
1 parent 83ebfff
commit a18d980
Show file tree

Hide file tree

Showing 11 changed files with 40 additions and 41 deletions.
diff --git a/src/domains/citizen-auth-app/01_network.tf b/src/domains/citizen-auth-app/01_network.tf
@@ -43,12 +43,6 @@ data "azurerm_private_dns_zone" "privatelink_mongo_cosmos_azure_com" {
   resource_group_name = format("%s-rg-common", local.product)
 }
 
-data "azurerm_private_dns_zone" "privatelink_redis_cache" {
-  name                = "privatelink.redis.cache.windows.net"
-  resource_group_name = format("%s-rg-common", local.product)
-  tags                = var.tags
-}
-
 resource "azurerm_private_dns_a_record" "ingress" {
   name                = local.ingress_hostname
   zone_name           = data.azurerm_private_dns_zone.internal.name
@@ -99,15 +93,3 @@ data "azurerm_subnet" "appgateway_snet" {
   virtual_network_name = local.vnet_common_name
   resource_group_name  = local.vnet_common_resource_group_name
 }
-
-
-## Redis Common subnet
-module "redis_common_snet" {
-  source               = "git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet?ref=v7.14.0"
-  name                 = format("%s-redis-common-snet", local.project)
-  address_prefixes     = var.cidr_subnet_redis_common
-  resource_group_name  = local.vnet_common_resource_group_name
-  virtual_network_name = local.vnet_common_name
-
-  private_endpoint_network_policies_enabled = false
-}
diff --git a/src/domains/citizen-auth-app/07_function_fast_login.tf b/src/domains/citizen-auth-app/07_function_fast_login.tf
@@ -32,9 +32,9 @@ locals {
       COSMOS_CONNECTION_STRING = format("AccountEndpoint=%s;AccountKey=%s;", data.azurerm_cosmosdb_account.cosmos_citizen_auth.endpoint, data.azurerm_cosmosdb_account.cosmos_citizen_auth.primary_key)
 
       # REDIS
-      REDIS_URL      = module.redis_common.hostname
-      REDIS_PORT     = module.redis_common.ssl_port
-      REDIS_PASSWORD = module.redis_common.primary_access_key
+      # REDIS_URL      = module.redis_common.hostname
+      # REDIS_PORT     = module.redis_common.ssl_port
+      # REDIS_PASSWORD = module.redis_common.primary_access_key
 
       // --------------------------
       //  Config for getAssertion

diff --git a/src/domains/citizen-auth-app/99_variables.tf b/src/domains/citizen-auth-app/99_variables.tf
@@ -234,11 +234,6 @@ variable "cidr_subnet_fims_plus" {
   description = "App service FIMS+ address space."
 }
 
-# Redis Common
-variable "cidr_subnet_redis_common" {
-  type        = list(string)
-  description = "Redis Common address space."
-}
 
 variable "fims_plan_sku_tier" {
   type        = string

diff --git a/src/domains/citizen-auth-app/README.md b/src/domains/citizen-auth-app/README.md
@@ -26,8 +26,6 @@
 | <a name="module_function_lollipop"></a> [function\_lollipop](#module\_function\_lollipop) | git::https://github.com/pagopa/terraform-azurerm-v3.git//function_app | v5.2.0 |
 | <a name="module_function_lollipop_staging_slot"></a> [function\_lollipop\_staging\_slot](#module\_function\_lollipop\_staging\_slot) | git::https://github.com/pagopa/terraform-azurerm-v3.git//function_app_slot | v5.2.0 |
 | <a name="module_lollipop_snet"></a> [lollipop\_snet](#module\_lollipop\_snet) | git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet | v4.1.15 |
-| <a name="module_redis_common"></a> [redis\_common](#module\_redis\_common) | git::https://github.com/pagopa/terraform-azurerm-v3.git//redis_cache | v7.14.0 |
-| <a name="module_redis_common_snet"></a> [redis\_common\_snet](#module\_redis\_common\_snet) | git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet | v7.14.0 |
 
 ## Resources
 
@@ -76,7 +74,6 @@
 | [azurerm_private_dns_zone.privatelink_file_core_windows_net](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/private_dns_zone) | data source |
 | [azurerm_private_dns_zone.privatelink_mongo_cosmos_azure_com](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/private_dns_zone) | data source |
 | [azurerm_private_dns_zone.privatelink_queue_core_windows_net](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/private_dns_zone) | data source |
-| [azurerm_private_dns_zone.privatelink_redis_cache](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/private_dns_zone) | data source |
 | [azurerm_private_dns_zone.privatelink_table_core_windows_net](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/private_dns_zone) | data source |
 | [azurerm_resource_group.data_rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/resource_group) | data source |
 | [azurerm_resource_group.monitor_rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/resource_group) | data source |
@@ -102,7 +99,6 @@
 | <a name="input_cidr_subnet_fims_plus"></a> [cidr\_subnet\_fims\_plus](#input\_cidr\_subnet\_fims\_plus) | App service FIMS+ address space. | `list(string)` | n/a | yes |
 | <a name="input_cidr_subnet_fnfastlogin"></a> [cidr\_subnet\_fnfastlogin](#input\_cidr\_subnet\_fnfastlogin) | Function Lollipop address space. | `list(string)` | n/a | yes |
 | <a name="input_cidr_subnet_fnlollipop"></a> [cidr\_subnet\_fnlollipop](#input\_cidr\_subnet\_fnlollipop) | Function Lollipop address space. | `list(string)` | n/a | yes |
-| <a name="input_cidr_subnet_redis_common"></a> [cidr\_subnet\_redis\_common](#input\_cidr\_subnet\_redis\_common) | Redis Common address space. | `list(string)` | n/a | yes |
 | <a name="input_domain"></a> [domain](#input\_domain) | n/a | `string` | n/a | yes |
 | <a name="input_enable_azdoa"></a> [enable\_azdoa](#input\_enable\_azdoa) | Specifies Azure Devops Agent enabling | `bool` | `true` | no |
 | <a name="input_env"></a> [env](#input\_env) | n/a | `string` | n/a | yes |

diff --git a/src/domains/citizen-auth-app/env/weu-beta/terraform.tfvars b/src/domains/citizen-auth-app/env/weu-beta/terraform.tfvars
@@ -45,6 +45,4 @@ ingress_load_balancer_ip = "10.10.100.250"
 cidr_subnet_fnlollipop   = ["127.0.0.1/32"]
 cidr_subnet_fnfastlogin  = ["127.0.0.2/32"]
 cidr_subnet_fims         = ["127.0.0.3/32"]
-cidr_subnet_fims_plus    = ["127.0.0.4/32"]
-# Redis Common
-cidr_subnet_redis_common = ["127.0.0.5/32"]
+cidr_subnet_fims_plus    = ["127.0.0.4/32"]
diff --git a/src/domains/citizen-auth-app/env/weu-prod01/terraform.tfvars b/src/domains/citizen-auth-app/env/weu-prod01/terraform.tfvars
@@ -72,8 +72,3 @@ fims_autoscale_minimum = 1
 fims_autoscale_maximum = 3
 fims_autoscale_default = 1
 
-# Redis Common
-# You can retrieve the list of current defined subnets using the CLI command
-# az network vnet subnet list --subscription PROD-IO --vnet-name io-p-vnet-common --resource-group io-p-rg-common --output table
-# and thus define new CIDRs according to the unallocated address space
-cidr_subnet_redis_common = ["10.0.118.0/24"]
diff --git a/src/domains/citizen-auth-common/01_network.tf b/src/domains/citizen-auth-common/01_network.tf
@@ -35,3 +35,20 @@ data "azurerm_private_dns_zone" "privatelink_mongo_cosmos_azure_com" {
   name                = "privatelink.mongo.cosmos.azure.com"
   resource_group_name = "io-p-rg-common"
 }
+
+data "azurerm_private_dns_zone" "privatelink_redis_cache" {
+  name                = "privatelink.redis.cache.windows.net"
+  resource_group_name = local.vnet_common_resource_group_name
+}
+
+
+## Redis Common subnet
+module "redis_common_snet" {
+  source               = "git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet?ref=v7.14.0"
+  name                 = format("%s-redis-snet", local.project)
+  address_prefixes     = var.cidr_subnet_redis_common
+  resource_group_name  = local.vnet_common_resource_group_name
+  virtual_network_name = local.vnet_common_name
+
+  private_endpoint_network_policies_enabled = false
+}
diff --git a/...mains/citizen-auth-app/04_redis_common.tf → ...ns/citizen-auth-common/04_redis_common.tf b/...mains/citizen-auth-app/04_redis_common.tf → ...ns/citizen-auth-common/04_redis_common.tf
@@ -4,9 +4,9 @@
 */
 module "redis_common" {
   source                = "git::https://github.com/pagopa/terraform-azurerm-v3.git//redis_cache?ref=v7.14.0"
-  name                  = format("%s-redis-common-std-v6", local.project)
-  resource_group_name   = data.azurerm_resource_group.data_rg.name
-  location              = data.azurerm_resource_group.data_rg.location
+  name                  = format("%s-redis-std-v6", local.project)
+  resource_group_name   = azurerm_resource_group.data_rg.name
+  location              = azurerm_resource_group.data_rg.location
   capacity              = 0
   family                = "C"
   sku_name              = "Standard"

diff --git a/src/domains/citizen-auth-common/99_variables.tf b/src/domains/citizen-auth-common/99_variables.tf
@@ -113,4 +113,10 @@ variable "enable_azdoa" {
   type        = bool
   description = "Specifies Azure Devops Agent enabling"
   default     = true
+}
+
+# Redis Common
+variable "cidr_subnet_redis_common" {
+  type        = list(string)
+  description = "Redis Common address space."
 }
diff --git a/src/domains/citizen-auth-common/README.md b/src/domains/citizen-auth-common/README.md
@@ -24,6 +24,8 @@
 | <a name="module_lollipop_assertions_storage_customer_managed_key"></a> [lollipop\_assertions\_storage\_customer\_managed\_key](#module\_lollipop\_assertions\_storage\_customer\_managed\_key) | git::https://github.com/pagopa/terraform-azurerm-v3//storage_account_customer_managed_key | v4.3.1 |
 | <a name="module_lv_audit_logs_storage"></a> [lv\_audit\_logs\_storage](#module\_lv\_audit\_logs\_storage) | git::https://github.com/pagopa/terraform-azurerm-v3//storage_account | v6.1.0 |
 | <a name="module_lv_audit_logs_storage_customer_managed_key"></a> [lv\_audit\_logs\_storage\_customer\_managed\_key](#module\_lv\_audit\_logs\_storage\_customer\_managed\_key) | git::https://github.com/pagopa/terraform-azurerm-v3//storage_account_customer_managed_key | v4.3.1 |
+| <a name="module_redis_common"></a> [redis\_common](#module\_redis\_common) | git::https://github.com/pagopa/terraform-azurerm-v3.git//redis_cache | v7.14.0 |
+| <a name="module_redis_common_snet"></a> [redis\_common\_snet](#module\_redis\_common\_snet) | git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet | v7.14.0 |
 
 ## Resources
 
@@ -82,6 +84,7 @@
 | [azurerm_private_dns_zone.privatelink_documents_azure_com](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/private_dns_zone) | data source |
 | [azurerm_private_dns_zone.privatelink_mongo_cosmos_azure_com](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/private_dns_zone) | data source |
 | [azurerm_private_dns_zone.privatelink_queue_core_windows_net](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/private_dns_zone) | data source |
+| [azurerm_private_dns_zone.privatelink_redis_cache](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/private_dns_zone) | data source |
 | [azurerm_resource_group.monitor_rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/resource_group) | data source |
 | [azurerm_subnet.azdoa_snet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/subnet) | data source |
 | [azurerm_subnet.private_endpoints_subnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/subnet) | data source |
@@ -93,6 +96,7 @@
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
 | <a name="input_application_insights_name"></a> [application\_insights\_name](#input\_application\_insights\_name) | Specifies the name of the Application Insights. | `string` | n/a | yes |
+| <a name="input_cidr_subnet_redis_common"></a> [cidr\_subnet\_redis\_common](#input\_cidr\_subnet\_redis\_common) | Redis Common address space. | `list(string)` | n/a | yes |
 | <a name="input_citizen_auth_database"></a> [citizen\_auth\_database](#input\_citizen\_auth\_database) | n/a | <pre>map(<br>    object({<br>      max_throughput = number<br>      ttl            = number<br>    })<br>  )</pre> | n/a | yes |
 | <a name="input_domain"></a> [domain](#input\_domain) | n/a | `string` | n/a | yes |
 | <a name="input_enable_azdoa"></a> [enable\_azdoa](#input\_enable\_azdoa) | Specifies Azure Devops Agent enabling | `bool` | `true` | no |

diff --git a/src/domains/citizen-auth-common/env/prod/terraform.tfvars b/src/domains/citizen-auth-common/env/prod/terraform.tfvars
@@ -49,3 +49,9 @@ monitor_resource_group_name                 = "io-p-rg-common"
 log_analytics_workspace_name                = "io-p-law-common"
 log_analytics_workspace_resource_group_name = "io-p-rg-common"
 application_insights_name                   = "io-p-ai-common"
+
+# Redis Common
+# You can retrieve the list of current defined subnets using the CLI command
+# az network vnet subnet list --subscription PROD-IO --vnet-name io-p-vnet-common --resource-group io-p-rg-common --output table
+# and thus define new CIDRs according to the unallocated address space
+cidr_subnet_redis_common = ["10.0.118.0/24"]