-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathvariables.tf
More file actions
242 lines (197 loc) · 7.09 KB
/
variables.tf
File metadata and controls
242 lines (197 loc) · 7.09 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
variable "api_oauth_token_url" {
description = "The OAuth API endpoint URL used to request client credentials for NHS Notify API"
type = string
default = null
}
variable "app_key_vault_id" {
description = "Application key vault ID"
type = string
}
variable "app_short_name" {
description = "Application short name (6 characters)"
type = string
}
variable "resource_group_name_infra" {
description = "resource group name infra"
type = string
}
variable "container_app_environment_id" {
description = "The ID of the container app environment where container apps are deployed"
type = string
}
variable "default_domain" {
description = "The container app environment default domain"
type = string
}
variable "dns_zone_name" {
description = "Public DNS zone name"
type = string
default = ""
}
variable "docker_image" {
description = "Docker image full path including registry, repository and tag"
type = string
}
variable "enable_entra_id_authentication" {
description = "Enable authentication for the container app. If true, the app will use Azure AD authentication."
type = bool
}
variable "env_config" {
description = "Environment configuration. Different environments may share the same environment config and the same infrastructure"
type = string
}
variable "environment" {
description = "Application environment name"
type = string
}
variable "features" {
description = "Feature flags for the deployment"
type = object({
front_door = optional(bool, true)
hub_and_spoke = optional(bool, true)
private_networking = optional(bool, true)
})
}
variable "fetch_secrets_from_app_key_vault" {
description = <<EOT
Set to false initially to create and populate the app key vault.
Then set to true to let the container app read secrets from the key vault."
EOT
type = bool
}
variable "front_door_profile" {
description = "Name of the front door profile created for this application in the hub subscription"
type = string
}
variable "hub" {
description = "Hub name (dev or prod)"
type = string
}
variable "log_analytics_workspace_audit_id" {
description = "Log analytics workspace audit ID"
type = string
}
variable "deploy_database_as_container" {
description = "Whether to deploy the database as a container or as an Azure postgres flexible server."
type = bool
}
variable "postgres_backup_retention_days" {
description = "The number of days to retain backups for the PostgreSQL Flexible Server."
type = number
}
variable "postgres_geo_redundant_backup_enabled" {
description = "Whether geo-redundant backup is enabled for the PostgreSQL Flexible Server."
type = bool
}
variable "postgres_sku_name" {
description = "Value of the PostgreSQL Flexible Server SKU name"
type = string
}
variable "postgres_sql_admin_group" {
description = "Entra ID group which is granted admin access to the PostgreSQL Flexible Server."
type = string
}
variable "postgres_storage_mb" {
description = "Value of the PostgreSQL Flexible Server storage in MB"
type = number
}
variable "postgres_storage_tier" {
description = "Value of the PostgreSQL Flexible Server storage tier"
type = string
}
variable "postgres_subnet_id" {
description = "The postgres subnet id. Created in the infra module."
type = string
}
variable "main_subnet_id" {
description = "The main subnet id. Created in the infra module."
type = string
}
variable "min_replicas" {
description = "Minimum number of container replicas"
type = number
}
variable "app_insights_id" {
description = "The Application Insights id."
type = string
}
variable "region" {
description = "The region to deploy in"
type = string
}
variable "seed_demo_data" {
description = "Whether or not to seed the demo data in the database."
type = bool
default = false
}
variable "use_apex_domain" {
description = "Use apex domain for the Front Door endpoint. Set to true for production."
type = bool
}
variable "enable_alerting" {
description = "Whether monitoring and alerting is enabled."
type = bool
}
variable "alert_window_size" {
type = string
nullable = false
validation {
condition = contains(["PT1M", "PT5M", "PT15M", "PT30M", "PT1H", "PT6H", "PT12H"], var.alert_window_size)
error_message = "The alert_window_size must be one of: PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H"
}
description = "The period of time that is used to monitor alert activity e.g. PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H. The interval between checks is adjusted accordingly."
}
variable "container_memory" {
description = "Memory allocated to the webapp container in Gi. CPU is automatically set to half the memory value by the container-app module."
type = string
}
variable "action_group_id" {
type = string
description = "ID of the action group to notify."
}
variable "infra_key_vault_name" {
description = "Name of the infra key vault"
type = string
}
variable "infra_key_vault_rg" {
description = "Name of the infra key vault resource group"
type = string
}
variable "slack_webhook_url" {
description = "slack_webhook_url is the URL used to send alerts to Slack. It should be stored as a secret in the infra key vault with the name 'slack-webhook-url'."
type = string
}
locals {
resource_group_name = "rg-${var.app_short_name}-${var.environment}-container-app-uks"
hostname = var.use_apex_domain ? var.dns_zone_name : "${var.environment}.${var.dns_zone_name}"
database_user = "admin"
database_name = "lung_cancer_screening"
# Here we expect the environment to be in format pr-XXX. For example PR 1234 would have environment pr-1234 and port 2234
database_port = var.deploy_database_as_container ? try(tonumber(regex("\\d+", var.environment)), 24) + 1000 : 5432
env_vars_from_yaml = yamldecode(
file("${path.module}/../../environments/${var.env_config}/variables.yml")
)
common_env = merge(
local.env_vars_from_yaml,
{
SSL_MODE = "require"
DJANGO_ENV = var.env_config
}
)
container_db_env = {
DATABASE_HOST = var.deploy_database_as_container ? module.database_container[0].container_app_fqdn : null
DATABASE_NAME = local.database_name
DATABASE_USER = local.database_user
DATABASE_PORT = local.database_port
}
azure_db_env = {
AZURE_CLIENT_ID = var.deploy_database_as_container ? null : module.db_connect_identity[0].client_id
DATABASE_HOST = var.deploy_database_as_container ? null : module.postgres[0].host
DATABASE_NAME = var.deploy_database_as_container ? null : module.postgres[0].database_names[0]
DATABASE_USER = var.deploy_database_as_container ? null : module.db_connect_identity[0].name
}
external_url = "https://${module.frontdoor_endpoint[0].custom_domains["${var.environment}-domain"].host_name}/"
storage_account_name = "st${var.app_short_name}${var.environment}uks"
storage_containers = {}
storage_queues = []
}