diff --git a/packages/scaffolding-cli/package-lock.json b/packages/scaffolding-cli/package-lock.json index 8ae8217e0..bc4aa6669 100644 --- a/packages/scaffolding-cli/package-lock.json +++ b/packages/scaffolding-cli/package-lock.json @@ -5,9 +5,9 @@ "requires": true, "dependencies": { "@amidostacks/eslint-config": { - "version": "0.32.0", - "resolved": "https://registry.npmjs.org/@amidostacks/eslint-config/-/eslint-config-0.32.0.tgz", - "integrity": "sha512-sQsI5eUQivV00t5pEPKwI6MaWe4BTTQxXiqxd1WQmKlORz/3SIQtSti7X01slzX2yRyVjo3ej+6+03PQBeSLJw==", + "version": "0.38.0", + "resolved": "https://registry.npmjs.org/@amidostacks/eslint-config/-/eslint-config-0.38.0.tgz", + "integrity": "sha512-al/AO5trhiGcblYZx148++Y0UZZb+PToaI2CQhC0jA1W9aN4utyD2kQVRAc5hJSE8ZB9O9aHbVvql5di5ajeOg==", "dev": true }, "@babel/code-frame": { diff --git a/packages/scaffolding-cli/src/__tests__/domain/config/worker_maps/ssr_aks_tfs.test.ts b/packages/scaffolding-cli/src/__tests__/domain/config/worker_maps/ssr_aks_tfs.test.ts index 1fa23f51e..21ddad860 100644 --- a/packages/scaffolding-cli/src/__tests__/domain/config/worker_maps/ssr_aks_tfs.test.ts +++ b/packages/scaffolding-cli/src/__tests__/domain/config/worker_maps/ssr_aks_tfs.test.ts @@ -51,8 +51,8 @@ const files: Array = [ "tf_state_key: stacks-webapp": `tf_state_key: %REPLACE_ME_FOR_STATE_KEY_FOR_MY_APP%`, "deploy/azure/app/kube": "deploy/azure/app", "terraform_state_workspace: dev": "terraform_state_workspace: %REPLACE_ME_FOR_WORKSPACE_NAME_IN_EACH_STAGE%", - "docker_container_registry_name: amidostacksnonproduksnode": "docker_container_registry_name: REPLACE_ME_FOR_CONTAINER_REGISTRY", - "amido-stacks-nonprod-uks-node": "REPLACE_ME_FOR_CLOUD_RESOURCE_NAME" + "docker_container_registry_name: amidostacksnonprodeuncore": "docker_container_registry_name: REPLACE_ME_FOR_CONTAINER_REGISTRY", + "amido-stacks-nonprod-eun-core": "REPLACE_ME_FOR_CLOUD_RESOURCE_NAME" } } ] @@ -60,7 +60,7 @@ const files: Array = [ describe("ssr mapper tests", () => { it("to_folders return an array of objects", () => { const test: Array = staticConf.ssr.folderMap - expect(test.length).toBe(11) + expect(test.length).toBe(10) }) it("in_files return an array of objects and cloud should be default", () => { const test: Array = ssr.inFiles({ projectName: projName, businessObj: biz, networkObj: network, cloudObj: cloud, scmObj: sourceControl, terraformObj: terraform}) diff --git a/packages/scaffolding-cli/src/domain/config/static.config.json b/packages/scaffolding-cli/src/domain/config/static.config.json index 77b9c9300..64717ea15 100644 --- a/packages/scaffolding-cli/src/domain/config/static.config.json +++ b/packages/scaffolding-cli/src/domain/config/static.config.json @@ -27,10 +27,6 @@ "src": "shared/_gitignore", "dest": "./.gitignore" }, - { - "src": "build/azDevops/azure/k8s_manifests/aks", - "dest": "build/azDevops/azure/k8s_manifests" - }, { "src": "build/azDevops/azure/templates", "dest": "build/azDevops/azure/templates" diff --git a/packages/scaffolding-cli/src/domain/config/worker_maps/csr_aks_tfs.ts b/packages/scaffolding-cli/src/domain/config/worker_maps/csr_aks_tfs.ts index f978a49d0..5278e6ba3 100644 --- a/packages/scaffolding-cli/src/domain/config/worker_maps/csr_aks_tfs.ts +++ b/packages/scaffolding-cli/src/domain/config/worker_maps/csr_aks_tfs.ts @@ -51,7 +51,8 @@ export const inFiles = ({ "tf_state_key: stacks-webapp-csr": `tf_state_key: %REPLACE_ME_FOR_STATE_KEY_FOR_MY_APP%`, "deploy/azure/app/csr": "deploy/azure/app", "terraform_state_workspace: dev": "terraform_state_workspace: %REPLACE_ME_FOR_WORKSPACE_NAME_IN_EACH_STAGE%", - "nonprod.amidostacks.com": `${networkObj.baseDomain}` + "nonprod.amidostacks.com": `${networkObj.baseDomain}`, + "amido-stacks-nonprod-eun-core": "REPLACE_ME_FOR_CLOUD_RESOURCE_NAME" } } ] diff --git a/packages/scaffolding-cli/src/domain/config/worker_maps/ssr_aks_tfs.ts b/packages/scaffolding-cli/src/domain/config/worker_maps/ssr_aks_tfs.ts index 5e12c1590..f309dff16 100644 --- a/packages/scaffolding-cli/src/domain/config/worker_maps/ssr_aks_tfs.ts +++ b/packages/scaffolding-cli/src/domain/config/worker_maps/ssr_aks_tfs.ts @@ -42,8 +42,8 @@ export const inFiles = ({ "tf_state_key: stacks-webapp": `tf_state_key: %REPLACE_ME_FOR_STATE_KEY_FOR_MY_APP%`, "deploy/azure/app/kube": "deploy/azure/app", "terraform_state_workspace: dev": "terraform_state_workspace: %REPLACE_ME_FOR_WORKSPACE_NAME_IN_EACH_STAGE%", - "docker_container_registry_name: amidostacksnonproduksnode": "docker_container_registry_name: REPLACE_ME_FOR_CONTAINER_REGISTRY", - "amido-stacks-nonprod-uks-node": "REPLACE_ME_FOR_CLOUD_RESOURCE_NAME" + "docker_container_registry_name: amidostacksnonprodeuncore": "docker_container_registry_name: REPLACE_ME_FOR_CONTAINER_REGISTRY", + "amido-stacks-nonprod-eun-core": "REPLACE_ME_FOR_CLOUD_RESOURCE_NAME" } } ] diff --git a/packages/scaffolding-cli/src/domain/workers/utils.ts b/packages/scaffolding-cli/src/domain/workers/utils.ts index a61ebdcaf..6e01d6996 100644 --- a/packages/scaffolding-cli/src/domain/workers/utils.ts +++ b/packages/scaffolding-cli/src/domain/workers/utils.ts @@ -46,7 +46,7 @@ export async function renameJavastyle(inPath: string, match: string | RegExp, re try { const newPath = resolve(inPath, replaceString) const oldPath = resolve(inPath, match as string) - const tmpPath = resolve(tmpdir(), replaceString.replace(/\//g, "-")) + const tmpPath = resolve(tmpdir(), `${replaceString.replace(/\//g, "-")}_${process.ppid}`) // workaround to ensure all types of namespaces can be accomodated await copy(oldPath, tmpPath) await remove(inPath) @@ -192,7 +192,7 @@ export class Utils { const fsResponse: TempCopy = {} as TempCopy try { const newDirectory: string = resolve(process.cwd(), directoryName) - const tempDirectory: string = resolve(tmpdir(), directoryName) + const tempDirectory: string = resolve(tmpdir(), `${directoryName}_${process.ppid}`) // precaution to make sure no files from previous run are polluting the process await remove(tempDirectory) // blanket copy templates out diff --git a/packages/scaffolding-cli/templates/build/azDevops/azure/azure-pipeline-csr-azure.yml b/packages/scaffolding-cli/templates/build/azDevops/azure/azure-pipeline-csr-azure.yml index afc69736a..b87d90a16 100644 --- a/packages/scaffolding-cli/templates/build/azDevops/azure/azure-pipeline-csr-azure.yml +++ b/packages/scaffolding-cli/templates/build/azDevops/azure/azure-pipeline-csr-azure.yml @@ -110,7 +110,7 @@ stages: cypress_e2e_env_vars: PORT: 3000 APP_BASE_URL: "http://localhost" - MENU_API_URL: "https://api.demo.nonprod.amidostacks.com/api/menu" + MENU_API_URL: "https://dev-netcore-api.nonprod.amidostacks.com/api/menu" APP_BASE_PATH: "" NODE_ENV: dev # avoid warnings about terminal @@ -183,8 +183,9 @@ stages: TF_VAR_name_stage: dev, TF_VAR_dns_zone: nonprod.amidostacks.com, TF_VAR_dns_record: csr-app, + TF_VAR_app_insights_name: "amido-stacks-nonprod-eun-core", TF_VAR_create_dns_zone: false, - TF_VAR_dns_resource_group: amido-stacks-nonprod-uks-node, + TF_VAR_dns_resource_group: amido-stacks-nonprod-eun-core, TF_VAR_response_header_cdn: '[ { action: "Append", @@ -235,6 +236,7 @@ stages: storage_account_name: $[ dependencies.AppInfraDev.outputs['tfoutputs.storage_account_name'] ] storage_account_key: $[ dependencies.AppInfraDev.outputs['tfoutputs.storage_account_key'] ] dns_name: $[ dependencies.AppInfraDev.outputs['tfoutputs.dns_name'] ] + app_insights_instrumentation_key: $[ dependencies.AppInfraDev.outputs['tfoutputs.app_insights_instrumentation_key'] ] pool: vmImage: ubuntu-18.04 environment: dev @@ -256,7 +258,7 @@ stages: build_command: 'npm run build' build_vars: { NODE_ENV: production, - MENU_API_URL: "https://app.nonprod.amidostacks.com/web/stacks", - APPINSIGHTS_INSTRUMENTATIONKEY: $(APPINSIGHTS_INSTRUMENTATIONKEY) + MENU_API_URL: "https://dev-app.nonprod.amidostacks.com/web/stacks", + APPINSIGHTS_INSTRUMENTATIONKEY: $(app_insights_instrumentation_key) } build_out: './dist' diff --git a/packages/scaffolding-cli/templates/build/azDevops/azure/azure-pipeline-infrastructure-aks.yml b/packages/scaffolding-cli/templates/build/azDevops/azure/azure-pipeline-infrastructure-aks.yml index def3a7897..88becadfa 100644 --- a/packages/scaffolding-cli/templates/build/azDevops/azure/azure-pipeline-infrastructure-aks.yml +++ b/packages/scaffolding-cli/templates/build/azDevops/azure/azure-pipeline-infrastructure-aks.yml @@ -128,6 +128,7 @@ stages: TF_VAR_name_component: $(domain), TF_VAR_name_environment: nonprod, TF_VAR_create_acr: true, + TF_VAR_acme_email: "stacks@amido.com", TF_VAR_is_cluster_private: true, TF_VAR_cluster_version: $(aks_cluster_version), TF_VAR_stage: nonprod, diff --git a/packages/scaffolding-cli/templates/build/azDevops/azure/azure-pipeline-post-deploy-testcafe.yml b/packages/scaffolding-cli/templates/build/azDevops/azure/azure-pipeline-post-deploy-testcafe.yml index bf5e65ec1..3b0e7576c 100644 --- a/packages/scaffolding-cli/templates/build/azDevops/azure/azure-pipeline-post-deploy-testcafe.yml +++ b/packages/scaffolding-cli/templates/build/azDevops/azure/azure-pipeline-post-deploy-testcafe.yml @@ -49,7 +49,7 @@ variables: # Deployed app urls - name: base_url - value: 'https://app.nonprod.amidostacks.com' + value: 'https://dev-app.nonprod.amidostacks.com' - name: base_path value: '/web/stacks' diff --git a/packages/scaffolding-cli/templates/build/azDevops/azure/azure-pipelines-ssr-aks.yml b/packages/scaffolding-cli/templates/build/azDevops/azure/azure-pipelines-ssr-aks.yml index dd764a9a5..fb406fdd6 100644 --- a/packages/scaffolding-cli/templates/build/azDevops/azure/azure-pipelines-ssr-aks.yml +++ b/packages/scaffolding-cli/templates/build/azDevops/azure/azure-pipelines-ssr-aks.yml @@ -72,11 +72,9 @@ variables: docker_dockerfile_path: "src/" docker_image_name: $(self_generic_name) docker_image_tag: "$(version_major).$(version_minor).$(version_revision)-$(build.sourcebranchname)" - docker_container_registry_name: amidostacksnonproduksnode + docker_container_registry_name: amidostacksnonprodeuncore k8s_docker_registry: $(docker_container_registry_name).azurecr.io # AKS/AZURE - # Infra - conventional_resource_namer: $(company)-$(project)-nonprod-uks-$(domain) base_domain: nonprod.amidostacks.com base_domain_internal: nonprod.amidostacks.internal # Dynamic vars for downstream purposes @@ -139,15 +137,15 @@ stages: # Should be hardcoded in your sonar-project.properties file unit_test: true project_root_dir: $(Agent.BuildDirectory)/s/$(self_repo)/$(self_repo_src) - cypress_e2e_test: true - cypress_applitools_test: true + cypress_e2e_test: false + cypress_applitools_test: false cypress_container: cypress # Set this to false or remove if cypress is not run as part of your pipeline cache_cypress: true cypress_e2e_env_vars: PORT: 3000 APP_BASE_URL: "http://localhost" - MENU_API_URL: "https://api.demo.nonprod.amidostacks.com/api/menu" + MENU_API_URL: "https://dev-netcore-api.nonprod.amidostacks.com/api/menu" APP_BASE_PATH: "" NODE_ENV: development # avoid warnings about terminal @@ -203,18 +201,19 @@ stages: tags: '' # Terraform Resource Specific Config terraform_extra_properties: { - TF_VAR_resource_group_location: uksouth, - TF_VAR_use_existing_resource_group: true, - TF_VAR_resource_group_name: amido-stacks-nonprod-uks-node, + TF_VAR_resource_group_location: northeurope, + TF_VAR_create_cdn_endpoint: false, + TF_VAR_create_dns_record: true, + TF_VAR_app_gateway_frontend_ip_name: "amido-stacks-nonprod-eun-core", + TF_VAR_app_insights_name: "amido-stacks-nonprod-eun-core", + TF_VAR_core_resource_group: "amido-stacks-nonprod-eun-core", TF_VAR_name_company: $(company), TF_VAR_name_project: $(project), - TF_VAR_name_component: $(component), + TF_VAR_name_domain: $(domain), TF_VAR_create_cosmosdb: false, TF_VAR_create_cache: true, TF_VAR_name_environment: dev, - TF_VAR_name_stage: dev, - TF_VAR_app_gateway_frontend_ip_name: amido-stacks-nonprod-uks-node, - TF_VAR_dns_record: app, + TF_VAR_dns_record: dev-app, TF_VAR_dns_zone_name: $(base_domain), TF_VAR_internal_dns_zone_name: $(base_domain_internal) } @@ -229,6 +228,7 @@ stages: variables: redis_host: $[ dependencies.AppInfraDev.outputs['tfoutputs.redis_cache_hostname'] ] redis_key: $[ dependencies.AppInfraDev.outputs['tfoutputs.redis_cache_key'] ] + app_insights_instrumentation_key: $[ dependencies.AppInfraDev.outputs['tfoutputs.app_insights_instrumentation_key'] ] pool: vmImage: ubuntu-18.04 environment: dev @@ -259,14 +259,14 @@ stages: base: $(Agent.BuildDirectory)/s/$(self_repo)/deploy/k8s/app/base_app-deploy.yml, displayName: AppDeployment, env_vars: { - dns_pointer: app.$(base_domain), + dns_pointer: dev-app.$(base_domain), tls_domain: $(base_domain), k8s_app_path: /web/stacks, k8s_image: '$(k8s_docker_registry)/$(docker_image_name):$(docker_image_tag)', - api_url: 'https://api.demo.nonprod.amidostacks.com/api/menu', + api_url: 'https://dev-netcore-api.nonprod.amidostacks.com/api/menu', app_name: webapp-template, aadpodidentitybinding: stacks-webapp-identity, - app_insights_key: $(APPINSIGHTS_INSTRUMENTATIONKEY), + app_insights_key: $(app_insights_instrumentation_key), next_public_token: $(NEXT_PUBLIC_CONTENTFUL_ACCESS_TOKEN), next_space_id: $(NEXT_PUBLIC_CONTENTFUL_SPACE_ID), auth_client_secret: $(AUTH0_CLIENT_SECRET), @@ -274,8 +274,8 @@ stages: auth_client_id: $(AUTH0_CLIENT_ID), redis_host: $(redis_host), redis_key: $(redis_key), - redis_port: "443", - redis_enabled: "false" + redis_port: "6380", + redis_enabled: "true" }, args: "-no-empty", } @@ -287,8 +287,8 @@ stages: scripts_dir: $(scripts_dir) download_deploy_artefact: false # Kubernetes Config - kubernetes_clusterrg: $(company)-$(project)-nonprod-uks-$(domain) - kubernetes_clustername: $(company)-$(project)-nonprod-uks-$(domain) + kubernetes_clusterrg: amido-stacks-nonprod-eun-core + kubernetes_clustername: amido-stacks-nonprod-eun-core # Mutation Information kubectl_filepath: - $(Agent.BuildDirectory)/s/$(self_repo)/deploy/k8s/app/app-deploy.yml @@ -305,8 +305,8 @@ stages: - template: azDevOps/azure/templates/v2/steps/test-functional-testcafe.yml@templates parameters: env_vars: - APP_BASE_URL: "https://app.$(base_domain)" - MENU_API_URL: "http://api.demo.nonprod.amidostacks.com/api/menu" + APP_BASE_URL: "https://dev-app.$(base_domain)" + MENU_API_URL: "http://dev-netcore-api.nonprod.amidostacks.com/api/menu" APP_BASE_PATH: "/web/stacks" NODE_ENV: production working_directory: $(Agent.BuildDirectory)/s/$(self_repo)/test/testcafe diff --git a/packages/scaffolding-cli/templates/build/azDevops/azure/azure-pipelines-ssr-gke.yml b/packages/scaffolding-cli/templates/build/azDevops/azure/azure-pipelines-ssr-gke.yml index 6925da6bf..e08aa537b 100644 --- a/packages/scaffolding-cli/templates/build/azDevops/azure/azure-pipelines-ssr-gke.yml +++ b/packages/scaffolding-cli/templates/build/azDevops/azure/azure-pipelines-ssr-gke.yml @@ -160,7 +160,7 @@ stages: cypress_e2e_env_vars: PORT: 3000 APP_BASE_URL: "http://localhost" - MENU_API_URL: "https://api.demo.nonprod.amidostacks.com/api/menu" + MENU_API_URL: "https://dev-netcore-api.nonprod.amidostacks.com/api/menu" APP_BASE_PATH: "" NODE_ENV: dev # avoid warnings about terminal @@ -288,7 +288,7 @@ stages: parameters: env_vars: APP_BASE_URL: "https://app.$(base_domain)" - MENU_API_URL: "http://api.demo.nonprod.amidostacks.com/api/menu" + MENU_API_URL: "http://dev-netcore-api.nonprod.amidostacks.com/api/menu" APP_BASE_PATH: "/web/stacks" NODE_ENV: production working_directory: $(Agent.BuildDirectory)/s/$(self_repo)/test/testcafe diff --git a/packages/scaffolding-cli/templates/build/jenkins/gcp/ssr-gke.Jenkinsfile b/packages/scaffolding-cli/templates/build/jenkins/gcp/ssr-gke.Jenkinsfile index 8c5f40ce0..9f45c843d 100644 --- a/packages/scaffolding-cli/templates/build/jenkins/gcp/ssr-gke.Jenkinsfile +++ b/packages/scaffolding-cli/templates/build/jenkins/gcp/ssr-gke.Jenkinsfile @@ -121,7 +121,7 @@ pipeline { environment { PORT="3000" APP_BASE_URL="http://localhost" - MENU_API_URL="https://api.demo.nonprod.amidostacks.com/api/menu" + MENU_API_URL="https://dev-netcore-api.nonprod.amidostacks.com/api/menu" APP_BASE_PATH="" } steps { diff --git a/packages/scaffolding-cli/templates/deploy/azure/app/csr/custom.tf b/packages/scaffolding-cli/templates/deploy/azure/app/csr/custom.tf new file mode 100644 index 000000000..08f5a7d61 --- /dev/null +++ b/packages/scaffolding-cli/templates/deploy/azure/app/csr/custom.tf @@ -0,0 +1,18 @@ +# Example of further extensions to Stacks Core templates +# Potential user defined extensions +data "azurerm_application_insights" "example" { + name = var.app_insights_name + resource_group_name = var.core_resource_group +} + +output "app_insights_instrumentation_key" { + description = "App Insights key for downstream deploymnent use" + value = data.azurerm_application_insights.example.instrumentation_key + sensitive = true +} + +variable app_insights_name { + type = string + default = "" + description = "app insights name for key retriaval in memory" +} diff --git a/packages/scaffolding-cli/templates/deploy/azure/app/kube/custom.tf b/packages/scaffolding-cli/templates/deploy/azure/app/kube/custom.tf new file mode 100644 index 000000000..08f5a7d61 --- /dev/null +++ b/packages/scaffolding-cli/templates/deploy/azure/app/kube/custom.tf @@ -0,0 +1,18 @@ +# Example of further extensions to Stacks Core templates +# Potential user defined extensions +data "azurerm_application_insights" "example" { + name = var.app_insights_name + resource_group_name = var.core_resource_group +} + +output "app_insights_instrumentation_key" { + description = "App Insights key for downstream deploymnent use" + value = data.azurerm_application_insights.example.instrumentation_key + sensitive = true +} + +variable app_insights_name { + type = string + default = "" + description = "app insights name for key retriaval in memory" +} diff --git a/packages/scaffolding-cli/templates/deploy/azure/app/kube/lookups.tf b/packages/scaffolding-cli/templates/deploy/azure/app/kube/lookups.tf index 9ccd826d8..47fb5cea4 100644 --- a/packages/scaffolding-cli/templates/deploy/azure/app/kube/lookups.tf +++ b/packages/scaffolding-cli/templates/deploy/azure/app/kube/lookups.tf @@ -1,7 +1,7 @@ # We are keeping this as a lookup -# since proper conventions for naming of resources should be followed +# since proper conventions for naming of resources should be followed # and things can always be looked up without resorting to cross state searches data "azurerm_public_ip" "app_gateway" { name = var.app_gateway_frontend_ip_name - resource_group_name = var.resource_group_name + resource_group_name = var.core_resource_group } diff --git a/packages/scaffolding-cli/templates/deploy/azure/app/kube/main.tf b/packages/scaffolding-cli/templates/deploy/azure/app/kube/main.tf index 7d5318ba7..28b3fc5fc 100644 --- a/packages/scaffolding-cli/templates/deploy/azure/app/kube/main.tf +++ b/packages/scaffolding-cli/templates/deploy/azure/app/kube/main.tf @@ -5,7 +5,7 @@ data "azurerm_client_config" "current" {} -# Naming convention +# Naming convention module "default_label" { source = "git::https://github.com/cloudposse/terraform-null-label.git?ref=0.16.0" namespace = "${var.name_company}-${var.name_project}" @@ -16,71 +16,20 @@ module "default_label" { tags = var.tags } -locals { - create_resource_group = var.use_existing_resource_group && var.resource_group_name != "" ? false : true - resource_group_name = var.use_existing_resource_group && var.resource_group_name != "" ? var.resource_group_name : module.default_label.id -} - -resource "azurerm_resource_group" "default" { - count = local.create_resource_group ? 1 : 0 - name = local.resource_group_name - location = var.resource_group_location - tags = var.tags -} - -#### -# app level DNS can/should be controlled from here -# an alternative way of managing this would be through K8s operators -# [TODO]: examples can be found in the deploy folders -#### -resource "azurerm_dns_a_record" "default" { - name = var.dns_record - zone_name = var.dns_zone_name - resource_group_name = local.resource_group_name - ttl = 300 - records = [data.azurerm_public_ip.app_gateway.ip_address] -} - -module "cosmosdb" { - source = "git::https://github.com/amido/stacks-terraform//azurerm/modules/azurerm-cosmosdb?ref=v1.1.0" +module "app" { + source = "git::https://github.com/amido/stacks-terraform//azurerm/modules/azurerm-server-side-app?ref=v1.3.1" create_cosmosdb = var.create_cosmosdb resource_namer = module.default_label.id - name_environment = "dev-feature" - name_project = var.name_project - name_company = var.name_company - name_component = var.name_component - resource_group_name = local.resource_group_name - cosmosdb_sql_container = "Menu" - cosmosdb_sql_container_partition_key = "/id" - cosmosdb_kind = "GlobalDocumentDB" - cosmosdb_offer_type = "Standard" -} - -#### -# Additional modules need to go here as they can be re-used across app deployments -#### -# module "observability" { -# source = "git://...." -# } - -#### -# Additional user defined resources or modules can go here -#### -resource "azurerm_redis_cache" "default" { - count = var.create_cache ? 1 : 0 - name = module.default_label.id - location = var.resource_group_location - resource_group_name = local.resource_group_name - capacity = 2 - family = "C" - sku_name = "Standard" - enable_non_ssl_port = false - minimum_tls_version = "1.2" - - redis_configuration { - enable_authentication = true - maxmemory_reserved = 2 - maxmemory_delta = 2 - maxmemory_policy = "allkeys-lru" - } + resource_tags = module.default_label.tags + resource_group_location = var.resource_group_location + create_cache = var.create_cache + create_dns_record = var.create_dns_record + dns_record = var.dns_record + dns_zone_name = var.dns_zone_name + dns_zone_resource_group = var.dns_zone_resource_group != "" ? var.dns_zone_resource_group : var.core_resource_group + dns_a_records = [data.azurerm_public_ip.app_gateway.ip_address] + create_cdn_endpoint = var.create_cdn_endpoint + subscription_id = data.azurerm_client_config.current.subscription_id + # Alternatively if you want you can pass in the IP directly + # dns_a_records = ["0.1.23.45"] } diff --git a/packages/scaffolding-cli/templates/deploy/azure/app/kube/outputs.tf b/packages/scaffolding-cli/templates/deploy/azure/app/kube/outputs.tf index 5c398e5fc..b0c8a1450 100644 --- a/packages/scaffolding-cli/templates/deploy/azure/app/kube/outputs.tf +++ b/packages/scaffolding-cli/templates/deploy/azure/app/kube/outputs.tf @@ -1,32 +1,41 @@ output "cosmosdb_database_name" { description = "CosmosDB Database name" - value = module.cosmosdb.cosmosdb_database_name + value = module.app.cosmosdb_database_name } output "cosmosdb_account_name" { description = "CosmosDB account name" - value = module.cosmosdb.cosmosdb_account_name + value = module.app.cosmosdb_account_name } output "cosmosdb_endpoint" { description = "Endpoint for accessing the DB CRUD" - value = module.cosmosdb.cosmosdb_endpoint + value = module.app.cosmosdb_endpoint } output "cosmosdb_primary_master_key" { description = "Primary Key for accessing the DB CRUD, should only be used in applications running outside of AzureCloud" sensitive = true - value = module.cosmosdb.cosmosdb_primary_master_key + value = module.app.cosmosdb_primary_master_key } output "redis_cache_key" { description = "Primary Key for accessing the RedisCache, should only be used in applications running outside of AzureCloud" sensitive = true - value = var.create_cache ? azurerm_redis_cache.default.0.primary_access_key : "" + value = module.app.redis_cache_key } output "redis_cache_hostname" { description = "Primary Hostname endpoint for Redis Cache" - sensitive = false - value = var.create_cache ? azurerm_redis_cache.default.0.hostname : "" + value = module.app.redis_cache_hostname +} + +output "resource_group" { + description = "Resource group name for the app" + value = module.app.resource_group +} + +output "dns_name" { + description = "DNS Name if created" + value = module.app.dns_name } diff --git a/packages/scaffolding-cli/templates/deploy/azure/app/kube/vars.tf b/packages/scaffolding-cli/templates/deploy/azure/app/kube/vars.tf index 6918fcb8a..d803267ea 100644 --- a/packages/scaffolding-cli/templates/deploy/azure/app/kube/vars.tf +++ b/packages/scaffolding-cli/templates/deploy/azure/app/kube/vars.tf @@ -36,7 +36,7 @@ variable "tags" { default = {} } -# Each region must have corresponding a shortend name for resource naming purposes +# Each region must have corresponding a shortend name for resource naming purposes variable "location_name_map" { type = map(string) @@ -62,33 +62,37 @@ variable "resource_group_location" { default = "uksouth" } -variable "resource_group_name" { - description = "RG name of where you want to be deploying app level resources, can be left blank and " - type = string -} - variable "app_gateway_frontend_ip_name" { description = "" - type = string + type = string } variable "dns_record" { description = "" type = string - default = "app" + default = "app" } - variable "dns_zone_name" { type = string default = "nonprod.amidostacks.com" } +variable "dns_zone_resource_group" { + type = string + default = "" +} + +variable "core_resource_group" { + type = string +} + variable "internal_dns_zone_name" { type = string default = "nonprod.amidostacks.internal" } + ########################### # CONDITIONAL SETTINGS ########################## @@ -103,8 +107,90 @@ variable "create_cache" { description = "Whether to create a RedisCache" default = false } -variable "use_existing_resource_group" { - description = "Whether to create a resource group for application level resources, if set to true and `resource_group_name` is not specified it will create a resource group for you. Ensure you specify resource group when setting to true" - type = bool + +variable "create_dns_record" { + type = bool + default = false +} + +variable "create_cdn_endpoint" { + type = bool + default = false +} + +#################### +# RedisCache Options +#################### + +variable "cache_capacity" { + type = number + default = 2 + description = "Specify desired capacity" +} + +variable "cache_family" { + type = string + default = "C" + description = "Specify desired compute family" +} + +variable "cache_sku_name" { + type = string + default = "Standard" + description = "Specify desired sku_name" +} + +variable "cach_enable_non_ssl_port" { + type = bool + default = false + description = "Enable non SSL port" +} + +variable "cache_minimum_tls_version" { + type = string + default = "1.2" + description = "Specify minimum TLS version" +} + +variable "cache_redis_enable_authentication" { + type = bool default = true + description = "Enabale authentication. This highly recommended for any public facing clusters" +} + +variable "cache_redis_maxmemory_reserved" { + type = number + default = 2 + description = "Specify max reserved memory" +} + +variable "cache_redis_maxmemory_delta" { + type = number + default = 2 + description = "Specify max memory delta" +} + +variable "cache_redis_maxmemory_policy" { + type = string + default = "allkeys-lru" + description = "Specify max memory policy" +} + +#################### +# CDN Options +#################### + +######################## +# CDN Response Headers # +######################## +variable "response_header_cdn" { + type = list(map(string)) + description = "Custom Response Headers for Microsoft CDN. Can be used with security and auditing requirements" + default = [ + { + action = "Append" + name = "Content-Security-Policy" + value = "default-src * 'unsafe-inline' 'unsafe-eval'" + } + ] } diff --git a/packages/scaffolding-cli/templates/deploy/azure/infra/stacks-aks/main.tf b/packages/scaffolding-cli/templates/deploy/azure/infra/stacks-aks/main.tf index 82d548bb8..c367b84a2 100644 --- a/packages/scaffolding-cli/templates/deploy/azure/infra/stacks-aks/main.tf +++ b/packages/scaffolding-cli/templates/deploy/azure/infra/stacks-aks/main.tf @@ -21,7 +21,7 @@ variable "vnet_cidr" { } module "aks_bootstrap" { - source = "git::https://github.com/amido/stacks-terraform//azurerm/modules/azurerm-aks?ref=v1.3.1" + source = "git::https://github.com/amido/stacks-terraform//azurerm/modules/azurerm-aks?ref=v1.3.2" resource_namer = module.default_label.id resource_group_location = var.resource_group_location spn_object_id = data.azurerm_client_config.current.object_id @@ -67,6 +67,7 @@ module "ssl_app_gateway" { subnet_front_end_prefix = cidrsubnet(var.vnet_cidr.0, 4, 3) subnet_backend_end_prefix = cidrsubnet(var.vnet_cidr.0, 4, 4) subnet_names = ["k8s1"] + acme_email = var.acme_email } #### diff --git a/packages/scaffolding-cli/templates/deploy/azure/infra/stacks-aks/outputs.tf b/packages/scaffolding-cli/templates/deploy/azure/infra/stacks-aks/outputs.tf index 142acdb5d..0461b81a6 100644 --- a/packages/scaffolding-cli/templates/deploy/azure/infra/stacks-aks/outputs.tf +++ b/packages/scaffolding-cli/templates/deploy/azure/infra/stacks-aks/outputs.tf @@ -69,3 +69,20 @@ output "aks_ingress_public_ip" { description = "Public IP to be used for the ingress controller inside the cluster" value = module.aks_bootstrap.aks_ingress_public_ip } + +output "certificate_pem" { + description = "PEM key of certificate, can be used internally" + value = module.ssl_app_gateway.certificate_pem + sensitive = true +} + +output "issuer_pem" { + description = "PEM key of certificate, can be used internally together certificate to create a full cert" + value = module.ssl_app_gateway.issuer_pem + sensitive = true +} + +output "app_gateway_ip" { + description = "Application Gateway public IP. Should be used with DNS provider at a top level. Can have multiple subs pointing to it - e.g. app.sub.domain.com, app-uat.sub.domain.com. App Gateway will perform SSL termination for all " + value = module.ssl_app_gateway.app_gateway_ip +} diff --git a/packages/scaffolding-cli/templates/deploy/azure/infra/stacks-aks/vars.tf b/packages/scaffolding-cli/templates/deploy/azure/infra/stacks-aks/vars.tf index db0b03ca1..aca16f06c 100644 --- a/packages/scaffolding-cli/templates/deploy/azure/infra/stacks-aks/vars.tf +++ b/packages/scaffolding-cli/templates/deploy/azure/infra/stacks-aks/vars.tf @@ -136,3 +136,8 @@ variable key_vault_name { type = string default = "" } + +variable acme_email { + type = string + description = "Email for Acme registration, must be a valid email" +} diff --git a/packages/scaffolding-cli/templates/deploy/k8s/app/base_gke-app-deploy.yml b/packages/scaffolding-cli/templates/deploy/k8s/app/base_gke-app-deploy.yml index 392a4475c..b54f48c69 100644 --- a/packages/scaffolding-cli/templates/deploy/k8s/app/base_gke-app-deploy.yml +++ b/packages/scaffolding-cli/templates/deploy/k8s/app/base_gke-app-deploy.yml @@ -80,7 +80,7 @@ spec: - name: PORT value: '3000' - name: MENU_API_URL - value: 'https://api.demo.nonprod.amidostacks.com/api/menu' + value: 'https://dev-netcore-api.nonprod.amidostacks.com/api/menu' - name: APP_BASE_PATH value: '${k8s_app_path:=""}' - name: APP_BASE_URL diff --git a/packages/scaffolding-cli/templates/src/ssr/components/Header/index.tsx b/packages/scaffolding-cli/templates/src/ssr/components/Header/index.tsx index 6aa98f998..bb4b67fba 100644 --- a/packages/scaffolding-cli/templates/src/ssr/components/Header/index.tsx +++ b/packages/scaffolding-cli/templates/src/ssr/components/Header/index.tsx @@ -26,9 +26,11 @@ const useStyles = makeStyles(theme => ({ }, })) -const title: string = `Yumido` +const title = `Yumido` + const authenticationEnabled = !!conf.AUTH0_CLIENT_SECRET && !!conf.AUTH0_CLIENT_ID + export const Header = props => { const user: UserType = useUser() const classes = useStyles() @@ -36,7 +38,7 @@ export const Header = props => { return ( - + { - + {title} {!isCreatePage && ( - + { {!!authenticationEnabled && ( <> {!user ? ( - + - +