darkhelm/notifications-api
1
0
Fork 0
mirror of https://github.com/GSA/notifications-api.git synced 2025-12-21 07:51:13 -05:00
Code Issues Packages Projects Releases Wiki Activity

Fix remaining Terraform for production and demo

Browse Source 
This changeset adjusts our Terraform for the production and demo environments so that the new delete_recursive_allowed with the Cloud Foundry Cloud Controller is set to false.  It also updates the shared modules to all explicitly account for this property so that we can set the flag easily.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
This commit is contained in:
Carlo Costino
2024-03-12 13:59:08 -04:00
parent d7edf32de4
commit 61703471bb
9 changed files with 116 additions and 68 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
terraform/demo/main.tf
View File

@@ -3,7 +3,18 @@ locals {
cf_space_name = "notify-demo" cf_space_name = "notify-demo"
env = "demo" env = "demo"
app_name = "notify-api" app_name = "notify-api"
recursive_delete = false delete_recursive_allowed = false
}
data "cloudfoundry_space" "demo" {
org_name = local.cf_org_name
name = local.cf_space_name
}
resource "cloudfoundry_space" "notify-demo" {
delete_recursive_allowed = local.delete_recursive_allowed
name = local.cf_space_name
org = data.cloudfoundry_org.org.id
} }
module "database" { module "database" {
@@ -12,7 +23,6 @@ module "database" {
cf_org_name = local.cf_org_name cf_org_name = local.cf_org_name
cf_space_name = local.cf_space_name cf_space_name = local.cf_space_name
name = "${local.app_name}-rds-${local.env}" name = "${local.app_name}-rds-${local.env}"
recursive_delete = local.recursive_delete
rds_plan_name = "micro-psql" rds_plan_name = "micro-psql"
} }
@@ -22,7 +32,6 @@ module "redis" {
cf_org_name = local.cf_org_name cf_org_name = local.cf_org_name
cf_space_name = local.cf_space_name cf_space_name = local.cf_space_name
name = "${local.app_name}-redis-${local.env}" name = "${local.app_name}-redis-${local.env}"
recursive_delete = local.recursive_delete
redis_plan_name = "redis-dev" redis_plan_name = "redis-dev"
} }
@@ -31,7 +40,6 @@ module "csv_upload_bucket" {
cf_org_name = local.cf_org_name cf_org_name = local.cf_org_name
cf_space_name = local.cf_space_name cf_space_name = local.cf_space_name
recursive_delete = local.recursive_delete
name = "${local.app_name}-csv-upload-bucket-${local.env}" name = "${local.app_name}-csv-upload-bucket-${local.env}"
} }
@@ -40,6 +48,7 @@ module "egress-space" {
cf_org_name = local.cf_org_name cf_org_name = local.cf_org_name
cf_restricted_space_name = local.cf_space_name cf_restricted_space_name = local.cf_space_name
delete_recursive_allowed = local.delete_recursive_allowed
deployers = [ deployers = [
var.cf_user, var.cf_user,
"steven.reilly@gsa.gov" "steven.reilly@gsa.gov"
@@ -52,10 +61,10 @@ module "ses_email" {
cf_org_name = local.cf_org_name cf_org_name = local.cf_org_name
cf_space_name = local.cf_space_name cf_space_name = local.cf_space_name
name = "${local.app_name}-ses-${local.env}" name = "${local.app_name}-ses-${local.env}"
recursive_delete = local.recursive_delete
aws_region = "us-west-2" aws_region = "us-west-2"
email_domain = "notify.sandbox.10x.gsa.gov" email_domain = "notify.sandbox.10x.gsa.gov"
email_receipt_error = "notify-support@gsa.gov" email_receipt_error = "notify-support@gsa.gov"
delete_recursive_allowed = local.delete_recursive_allowed
} }
module "sns_sms" { module "sns_sms" {
@@ -64,7 +73,7 @@ module "sns_sms" {
cf_org_name = local.cf_org_name cf_org_name = local.cf_org_name
cf_space_name = local.cf_space_name cf_space_name = local.cf_space_name
name = "${local.app_name}-sns-${local.env}" name = "${local.app_name}-sns-${local.env}"
recursive_delete = local.recursive_delete
aws_region = "us-east-1" aws_region = "us-east-1"
monthly_spend_limit = 25 monthly_spend_limit = 25
delete_recursive_allowed = local.delete_recursive_allowed
} }

2
terraform/demo/providers.tf
View File

@@ -3,7 +3,7 @@ terraform {
required_providers { required_providers {
cloudfoundry = { cloudfoundry = {
source = "cloudfoundry-community/cloudfoundry" source = "cloudfoundry-community/cloudfoundry"
version = "0.53.0" version = "0.53.1"
} }
} }

21
terraform/production/main.tf
View File

@@ -3,7 +3,18 @@ locals {
cf_space_name = "notify-production" cf_space_name = "notify-production"
env = "production" env = "production"
app_name = "notify-api" app_name = "notify-api"
recursive_delete = false delete_recursive_allowed = false
}
data "cloudfoundry_space" "production" {
org_name = local.cf_org_name
name = local.cf_space_name
}
resource "cloudfoundry_space" "notify-production" {
delete_recursive_allowed = local.delete_recursive_allowed
name = local.cf_space_name
org = data.cloudfoundry_org.org.id
} }
module "database" { module "database" {
@@ -12,7 +23,6 @@ module "database" {
cf_org_name = local.cf_org_name cf_org_name = local.cf_org_name
cf_space_name = local.cf_space_name cf_space_name = local.cf_space_name
name = "${local.app_name}-rds-${local.env}" name = "${local.app_name}-rds-${local.env}"
recursive_delete = local.recursive_delete
rds_plan_name = "small-psql-redundant" rds_plan_name = "small-psql-redundant"
} }
@@ -22,7 +32,6 @@ module "redis" {
cf_org_name = local.cf_org_name cf_org_name = local.cf_org_name
cf_space_name = local.cf_space_name cf_space_name = local.cf_space_name
name = "${local.app_name}-redis-${local.env}" name = "${local.app_name}-redis-${local.env}"
recursive_delete = local.recursive_delete
redis_plan_name = "redis-3node-large" redis_plan_name = "redis-3node-large"
} }
@@ -31,7 +40,6 @@ module "csv_upload_bucket" {
cf_org_name = local.cf_org_name cf_org_name = local.cf_org_name
cf_space_name = local.cf_space_name cf_space_name = local.cf_space_name
recursive_delete = local.recursive_delete
name = "${local.app_name}-csv-upload-bucket-${local.env}" name = "${local.app_name}-csv-upload-bucket-${local.env}"
} }
@@ -40,6 +48,7 @@ module "egress-space" {
cf_org_name = local.cf_org_name cf_org_name = local.cf_org_name
cf_restricted_space_name = local.cf_space_name cf_restricted_space_name = local.cf_space_name
delete_recursive_allowed = local.delete_recursive_allowed
deployers = [ deployers = [
var.cf_user var.cf_user
] ]
@@ -51,11 +60,11 @@ module "ses_email" {
cf_org_name = local.cf_org_name cf_org_name = local.cf_org_name
cf_space_name = local.cf_space_name cf_space_name = local.cf_space_name
name = "${local.app_name}-ses-${local.env}" name = "${local.app_name}-ses-${local.env}"
recursive_delete = local.recursive_delete
aws_region = "us-gov-west-1" aws_region = "us-gov-west-1"
email_domain = "notify.gov" email_domain = "notify.gov"
mail_from_subdomain = "mail" mail_from_subdomain = "mail"
email_receipt_error = "notify-support@gsa.gov" email_receipt_error = "notify-support@gsa.gov"
delete_recursive_allowed = local.delete_recursive_allowed
} }
module "sns_sms" { module "sns_sms" {
@@ -64,9 +73,9 @@ module "sns_sms" {
cf_org_name = local.cf_org_name cf_org_name = local.cf_org_name
cf_space_name = local.cf_space_name cf_space_name = local.cf_space_name
name = "${local.app_name}-sns-${local.env}" name = "${local.app_name}-sns-${local.env}"
recursive_delete = local.recursive_delete
aws_region = "us-gov-west-1" aws_region = "us-gov-west-1"
monthly_spend_limit = 1000 monthly_spend_limit = 1000
delete_recursive_allowed = local.delete_recursive_allowed
} }
########################################################################### ###########################################################################

2
terraform/production/providers.tf
View File

@@ -3,7 +3,7 @@ terraform {
required_providers { required_providers {
cloudfoundry = { cloudfoundry = {
source = "cloudfoundry-community/cloudfoundry" source = "cloudfoundry-community/cloudfoundry"
version = "0.53.0" version = "0.53.1"
} }
} }

2
terraform/shared/egress_space/main.tf
View File

@@ -11,7 +11,7 @@ data "cloudfoundry_org" "org" {
### ###
resource "cloudfoundry_space" "public_egress" { resource "cloudfoundry_space" "public_egress" {
delete_recursive_allowed = false delete_recursive_allowed = var.delete_recursive_allowed
name = "${var.cf_restricted_space_name}-egress" name = "${var.cf_restricted_space_name}-egress"
org = data.cloudfoundry_org.org.id org = data.cloudfoundry_org.org.id
} }

9
terraform/shared/ses/main.tf
View File

@@ -7,6 +7,15 @@ data "cloudfoundry_space" "space" {
name = var.cf_space_name name = var.cf_space_name
} }
###
# SES Space
###
resource "cloudfoundry_space" "cf_ses_service_space" {
delete_recursive_allowed = var.delete_recursive_allowed
name = data.cloudfoundry_space.space.name
org = data.cloudfoundry_org.org.id
}
### ###
# SES instance # SES instance
### ###

6
terraform/shared/ses/variables.tf
View File

@@ -34,3 +34,9 @@ variable "mail_from_subdomain" {
description = "Subdomain of email_domain to set as the mail-from header" description = "Subdomain of email_domain to set as the mail-from header"
default = "" default = ""
} }
variable "delete_recursive_allowed" {
type = bool
default = true
description = "Flag for allowing resources to be recursively deleted - not recommended in production environments"
}

9
terraform/shared/sns/main.tf
View File

@@ -7,6 +7,15 @@ data "cloudfoundry_space" "space" {
name = var.cf_space_name name = var.cf_space_name
} }
###
# SNS Space
###
resource "cloudfoundry_space" "cf_sns_service_space" {
delete_recursive_allowed = var.delete_recursive_allowed
name = data.cloudfoundry_space.space.name
org = data.cloudfoundry_org.org.id
}
### ###
# SES instance # SES instance
### ###

6
terraform/shared/sns/variables.tf
View File

@@ -22,3 +22,9 @@ variable "monthly_spend_limit" {
type = number type = number
description = "SMS budget limit in USD. Support request must be made before raising above 1" description = "SMS budget limit in USD. Support request must be made before raising above 1"
} }
variable "delete_recursive_allowed" {
type = bool
default = true
description = "Flag for allowing resources to be recursively deleted - not recommended in production environments"
}