From 563020bbd12832d0aa8bb17f33fb9fe553e0871a Mon Sep 17 00:00:00 2001 From: Christopher MANEU Date: Wed, 28 Jun 2023 21:52:46 +0200 Subject: [PATCH 1/3] Add infrastructure as code to deploy database --- infrastructure/deploy-prod.sh | 15 +++++++++ infrastructure/postgres-db.bicep | 57 ++++++++++++++++++++++++++++++++ 2 files changed, 72 insertions(+) create mode 100644 infrastructure/deploy-prod.sh create mode 100644 infrastructure/postgres-db.bicep diff --git a/infrastructure/deploy-prod.sh b/infrastructure/deploy-prod.sh new file mode 100644 index 0000000..c2ecde1 --- /dev/null +++ b/infrastructure/deploy-prod.sh @@ -0,0 +1,15 @@ +#!bin/sh + +# Declare a resource group variable +export RESOURCE_GROUP_NAME=rg-plastico-database-fra-prod +az group create --name $RESOURCE_GROUP_NAME --location francecentral + +# Generate a GUID and store it in a variable +export PASSWORD=$(uuidgen) + +az deployment group create --resource-group $RESOURCE_GROUP_NAME --template-file postgres-db.bicep --parameters environment=prod administratorPassword=$PASSWORD + +# Echo the password to the console +echo $PASSWORD + +az keyvault secret set --vault-name plastico-keyvault-prod --name "postgres-prod-admin-password" --value $PASSWORD \ No newline at end of file diff --git a/infrastructure/postgres-db.bicep b/infrastructure/postgres-db.bicep new file mode 100644 index 0000000..20964ad --- /dev/null +++ b/infrastructure/postgres-db.bicep @@ -0,0 +1,57 @@ +param administratorLogin string = 'po_admin_prod' +@secure() +param administratorPassword string + +@allowed([ + 'dev' + 'prod' +]) +param environment string = 'dev' + +var serverName = 'pgdb-plastico-${environment}-fra' + +var location = 'francecentral' + +resource postGres 'Microsoft.DBforPostgreSQL/flexibleServers@2022-12-01' = { + name: serverName + location: location + tags: { + environment: environment + } + sku: { + name: 'Standard_B1ms' + tier: 'Burstable' + } + properties: { + administratorLogin: administratorLogin + administratorLoginPassword: administratorPassword + authConfig: { + activeDirectoryAuth: 'Enabled' + passwordAuth: 'Enabled' + tenantId: '1fb581f3-43ef-4dfd-b8f7-4ca7bc32ec24' + } + backup: { + backupRetentionDays: 7 + geoRedundantBackup: 'Disabled' + } + createMode: 'string' + dataEncryption: { + type: 'SystemManaged' + } + highAvailability: { + mode: 'Disabled' + } + maintenanceWindow: { + customWindow: 'Disabled' + dayOfWeek: 0 + startHour: 0 + startMinute: 0 + } + // replicaCapacity: int + // replicationRole: 'string' + storage: { + storageSizeGB: 32 + } + version: '14' + } +} From f531c78ceac2ef846a247b87bcda682b9064eb84 Mon Sep 17 00:00:00 2001 From: Christopher MANEU Date: Wed, 28 Jun 2023 21:55:33 +0200 Subject: [PATCH 2/3] iac: fix shebang --- infrastructure/deploy-prod.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/infrastructure/deploy-prod.sh b/infrastructure/deploy-prod.sh index c2ecde1..146b5e9 100644 --- a/infrastructure/deploy-prod.sh +++ b/infrastructure/deploy-prod.sh @@ -1,4 +1,4 @@ -#!bin/sh +#!/bin/bash # Declare a resource group variable export RESOURCE_GROUP_NAME=rg-plastico-database-fra-prod From 8e7c5ecd0382c5463a292f99a2c15a4bf39a716d Mon Sep 17 00:00:00 2001 From: Christopher MANEU Date: Wed, 28 Jun 2023 21:57:50 +0200 Subject: [PATCH 3/3] iac: add documentation --- README.md | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/README.md b/README.md index 08fd44e..8b96b62 100644 --- a/README.md +++ b/README.md @@ -13,6 +13,7 @@ Several extension need to be installed on our PostGre SQL database : * postgis * postgis_topology * pg_routing + # Database description ## How to edit the database/tables/columns? Create a new git branch (never work directly on master) @@ -200,3 +201,12 @@ Special thanks to all our [Contributors](https://github.com/orgs/surfriderfounda ## License We’re using the `MIT` License. For more details, check [`LICENSE`](https://github.com/surfriderfoundationeurope/plasticorigins-ops-db/blob/master/LICENSE) file. + +# Azure Deployment + +You can use [shell.azure.com](https://shell.azure.com) to execute the following commands: + +```bash +git clone https://github.com/surfriderfoundationeurope/plasticorigins-ops-db.git +./plasticorigins-ops-db/infrastructure/deploy-prod.sh +```