From 20f87077a88fd6d9e933a61bb1957f7581e397ff Mon Sep 17 00:00:00 2001 From: Automatic Update Date: Thu, 19 Sep 2024 10:19:08 +0200 Subject: [PATCH] Privatelinks from github --- .../subscriptions/s940/c2/monitor/grafana.tf | 12 ++--- .../c2/virtualnetwork/.terraform.lock.hcl | 23 +++++++++ .../s940/c2/virtualnetwork/backend.tf | 4 ++ .../s940/c2/virtualnetwork/main.tf | 11 ++++- .../s940/c2/virtualnetwork/variables.tf | 19 ------- .../s940/extmon/monitor/grafana.tf | 12 ++--- .../subscriptions/s940/prod/common/github.tf | 10 ++-- .../s940/prod/monitor/grafana.tf | 12 ++--- .../s940/prod/virtualnetwork/backend.tf | 4 ++ .../subscriptions/s941/dev/common/github.tf | 10 ++-- .../subscriptions/s941/dev/monitor/grafana.tf | 12 ++--- .../dev/virtualnetwork/.terraform.lock.hcl | 49 ++++++++++++++----- .../s941/dev/virtualnetwork/backend.tf | 4 ++ .../s941/dev/virtualnetwork/main.tf | 15 ++++-- .../s941/dev/virtualnetwork/variables.tf | 24 --------- .../s941/playground/monitor/grafana.tf | 12 ++--- .../virtualnetwork/.terraform.lock.hcl | 23 +++++++++ .../s941/playground/virtualnetwork/backend.tf | 4 ++ .../s941/playground/virtualnetwork/main.tf | 11 ++++- .../playground/virtualnetwork/variables.tf | 24 --------- 20 files changed, 168 insertions(+), 127 deletions(-) diff --git a/terraform/subscriptions/s940/c2/monitor/grafana.tf b/terraform/subscriptions/s940/c2/monitor/grafana.tf index a76a5900..f1901b86 100644 --- a/terraform/subscriptions/s940/c2/monitor/grafana.tf +++ b/terraform/subscriptions/s940/c2/monitor/grafana.tf @@ -15,12 +15,12 @@ module "grafana-mi-admin" { } resource "azurerm_mysql_flexible_server" "grafana" { - location = module.config.location - name = "${module.config.subscription_shortname}-radix-grafana-${module.config.environment}-prod" - resource_group_name = "monitoring" - zone = 2 - backup_retention_days = 35 - sku_name = "B_Standard_B2ms" + location = module.config.location + name = "${module.config.subscription_shortname}-radix-grafana-${module.config.environment}-prod" + resource_group_name = "monitoring" + zone = 2 + backup_retention_days = 35 + sku_name = "B_Standard_B2ms" tags = { IaC = "terraform" diff --git a/terraform/subscriptions/s940/c2/virtualnetwork/.terraform.lock.hcl b/terraform/subscriptions/s940/c2/virtualnetwork/.terraform.lock.hcl index 62a69b53..11386128 100644 --- a/terraform/subscriptions/s940/c2/virtualnetwork/.terraform.lock.hcl +++ b/terraform/subscriptions/s940/c2/virtualnetwork/.terraform.lock.hcl @@ -20,3 +20,26 @@ provider "registry.terraform.io/hashicorp/azurerm" { "zh:fb9d78dfeca7489bffca9b1a1f3abee7f16dbbcba31388aea1102062c1d6dce8", ] } + +provider "registry.terraform.io/integrations/github" { + version = "6.3.0" + constraints = "~> 6.0" + hashes = [ + "h1:LEs8NwSWwYGHxmbJvGT1w3XeAM6pogAmskY8XavuWDs=", + "zh:04fe3b820fe8c247b98b9d6810b8bb84d3e8ac08054faf450c42489815ef4bfa", + "zh:24096b2d16208d1411a58bdb8df8cd9f0558fb9054ffeb95c4e7e90a9a34f976", + "zh:2b27332adf8d08fbdc08b5f55e87691bce02c311219e6deb39c08753bd93db6d", + "zh:335dd6c2d50fcdce2ef0cc194465fdf9df1f5fdecc805804c78df30a4eb2e11e", + "zh:383a6879565969dbdf5405b651cd870c09c615dbd3df2554e5574d39d161c98c", + "zh:4903038a6bc605f372e1569695db4a2e2862e1fc6cf4faf9e13c5f8f4fa2ed94", + "zh:4cc4dffbee8b28102d38abe855b7440d4f4226261b43fda2ec289b48c3de1537", + "zh:57c30c6fe0b64fa86906700ceb1691562b62f2b1ef0404952aeb4092acb6acb3", + "zh:7bf518396fb00e4f55c406f2ffb5583b43278682a92f0864a0c47e3a74627bbb", + "zh:93c2c5cb90f74ad3c0874b7f7d8a866f28a852f0eda736c6aef8ce65d4061f4d", + "zh:9562a82a6193a2db110fb34d1aceeedb27c0a640058dce9c31b37b17eeb5f4e7", + "zh:ac97f2d111703a219f27fcbf5e89460ea98f9168badcc0913c8b214a37f76814", + "zh:c882af4d33b761ec198cedac212ab1c114d97540119dc97daca38021ab3edd0a", + "zh:c9ffd0a37f07a93af02a1caa90bfbea27a952d3e5badf4aab866ec71cdb184a3", + "zh:fbd1fee2c9df3aa19cf8851ce134dea6e45ea01cb85695c1726670c285797e25", + ] +} diff --git a/terraform/subscriptions/s940/c2/virtualnetwork/backend.tf b/terraform/subscriptions/s940/c2/virtualnetwork/backend.tf index 2d79de86..fb9f5d2d 100644 --- a/terraform/subscriptions/s940/c2/virtualnetwork/backend.tf +++ b/terraform/subscriptions/s940/c2/virtualnetwork/backend.tf @@ -4,6 +4,10 @@ terraform { source = "hashicorp/azurerm" version = ">=3.110.0" } + github = { + source = "integrations/github" + version = "~> 6.0" + } } backend "azurerm" { diff --git a/terraform/subscriptions/s940/c2/virtualnetwork/main.tf b/terraform/subscriptions/s940/c2/virtualnetwork/main.tf index 4edb5eab..dd12af51 100644 --- a/terraform/subscriptions/s940/c2/virtualnetwork/main.tf +++ b/terraform/subscriptions/s940/c2/virtualnetwork/main.tf @@ -2,6 +2,12 @@ module "config" { source = "../../../modules/config" } +data "github_repository_file" "this" { + repository = "equinor/radix-private" + branch = "master" + file = "terraform/privatelinks/${module.config.environment}.yaml" +} + module "resourcegroups" { source = "../../../modules/resourcegroups" name = module.config.vnet_resource_group @@ -61,11 +67,12 @@ output "public_ip_prefix_ids" { module "private_endpoints" { source = "../../../modules/private-endpoints" - for_each = var.private_endpoints + for_each = yamldecode(data.github_repository_file.this.content) server_name = each.key subresourcename = each.value.subresourcename resource_id = each.value.resource_id vnet_resource_group = module.resourcegroups.data.name - manual_connection = each.value.manual_connection + manual_connection = lookup(each.value, "manual_connection", false) location = module.config.location + depends_on = [data.github_repository_file.this] } \ No newline at end of file diff --git a/terraform/subscriptions/s940/c2/virtualnetwork/variables.tf b/terraform/subscriptions/s940/c2/virtualnetwork/variables.tf index 016dfc71..b3df1257 100644 --- a/terraform/subscriptions/s940/c2/virtualnetwork/variables.tf +++ b/terraform/subscriptions/s940/c2/virtualnetwork/variables.tf @@ -7,22 +7,3 @@ variable "resource_groups_common_temporary" { type = string default = "common-westeurope" } - -variable "private_endpoints" { - description = "List of private endpoints" - type = map(object({ - subresourcename = string - resource_id = string - manual_connection = optional(bool, false) - })) - default = { - sql-radix-cost-allocation-c2 = { - subresourcename = "sqlServer" - resource_id = "/subscriptions/ded7ca41-37c8-4085-862f-b11d21ab341a/resourceGroups/cost-allocation-c2/providers/Microsoft.Sql/servers/sql-radix-cost-allocation-c2" - } - sql-radix-vulnerability-scan-c2 = { - subresourcename = "sqlServer" - resource_id = "/subscriptions/ded7ca41-37c8-4085-862f-b11d21ab341a/resourceGroups/vulnerability-scan-c2/providers/Microsoft.Sql/servers/sql-radix-vulnerability-scan-c2" - } - } -} \ No newline at end of file diff --git a/terraform/subscriptions/s940/extmon/monitor/grafana.tf b/terraform/subscriptions/s940/extmon/monitor/grafana.tf index 9efe3cfa..b1dfb3ea 100644 --- a/terraform/subscriptions/s940/extmon/monitor/grafana.tf +++ b/terraform/subscriptions/s940/extmon/monitor/grafana.tf @@ -8,12 +8,12 @@ module "grafana-mi-server" { } resource "azurerm_mysql_flexible_server" "grafana" { - location = module.config.location - name = "${module.config.subscription_shortname}-radix-grafana-${module.config.environment}-prod" - resource_group_name = "monitoring" - zone = 2 - backup_retention_days = 35 - sku_name = "B_Standard_B2ms" + location = module.config.location + name = "${module.config.subscription_shortname}-radix-grafana-${module.config.environment}-prod" + resource_group_name = "monitoring" + zone = 2 + backup_retention_days = 35 + sku_name = "B_Standard_B2ms" tags = { IaC = "terraform" diff --git a/terraform/subscriptions/s940/prod/common/github.tf b/terraform/subscriptions/s940/prod/common/github.tf index 64ecee1a..d388b6cd 100644 --- a/terraform/subscriptions/s940/prod/common/github.tf +++ b/terraform/subscriptions/s940/prod/common/github.tf @@ -33,11 +33,11 @@ resource "azurerm_role_assignment" "github-operator-user-admin" { resource "azuread_application_federated_identity_credential" "github-operator-federated-credentials" { application_id = data.azuread_application.github_operator.id - display_name = "radix-platform-operations" - description = "Allow Github to authenticate" - audiences = ["api://AzureADTokenExchange"] - issuer = "https://token.actions.githubusercontent.com" - subject = "repo:equinor/radix-platform:environment:s940" + display_name = "radix-platform-operations" + description = "Allow Github to authenticate" + audiences = ["api://AzureADTokenExchange"] + issuer = "https://token.actions.githubusercontent.com" + subject = "repo:equinor/radix-platform:environment:s940" timeouts {} } diff --git a/terraform/subscriptions/s940/prod/monitor/grafana.tf b/terraform/subscriptions/s940/prod/monitor/grafana.tf index 53023a26..84d4c9c4 100644 --- a/terraform/subscriptions/s940/prod/monitor/grafana.tf +++ b/terraform/subscriptions/s940/prod/monitor/grafana.tf @@ -15,12 +15,12 @@ module "grafana-mi-admin" { } resource "azurerm_mysql_flexible_server" "grafana" { - location = module.config.location - name = "${module.config.subscription_shortname}-radix-grafana-platform-prod" # ${module.config.environment} - resource_group_name = "monitoring" - zone = 2 - backup_retention_days = 35 - sku_name = "B_Standard_B2ms" + location = module.config.location + name = "${module.config.subscription_shortname}-radix-grafana-platform-prod" # ${module.config.environment} + resource_group_name = "monitoring" + zone = 2 + backup_retention_days = 35 + sku_name = "B_Standard_B2ms" tags = { IaC = "terraform" diff --git a/terraform/subscriptions/s940/prod/virtualnetwork/backend.tf b/terraform/subscriptions/s940/prod/virtualnetwork/backend.tf index e6c1f8cb..82fa431a 100644 --- a/terraform/subscriptions/s940/prod/virtualnetwork/backend.tf +++ b/terraform/subscriptions/s940/prod/virtualnetwork/backend.tf @@ -4,6 +4,10 @@ terraform { source = "hashicorp/azurerm" version = ">=3.110.0" } + github = { + source = "integrations/github" + version = "~> 6.0" + } } backend "azurerm" { diff --git a/terraform/subscriptions/s941/dev/common/github.tf b/terraform/subscriptions/s941/dev/common/github.tf index d9835be4..4e176dd6 100644 --- a/terraform/subscriptions/s941/dev/common/github.tf +++ b/terraform/subscriptions/s941/dev/common/github.tf @@ -33,11 +33,11 @@ resource "azurerm_role_assignment" "github-operator-user-admin" { resource "azuread_application_federated_identity_credential" "github-operator-federated-credentials" { application_id = data.azuread_application.github_operator.id - display_name = "radix-platform-operations" - description = "Allow Github to authenticate" - audiences = ["api://AzureADTokenExchange"] - issuer = "https://token.actions.githubusercontent.com" - subject = "repo:equinor/radix-platform:environment:s941" + display_name = "radix-platform-operations" + description = "Allow Github to authenticate" + audiences = ["api://AzureADTokenExchange"] + issuer = "https://token.actions.githubusercontent.com" + subject = "repo:equinor/radix-platform:environment:s941" timeouts {} } diff --git a/terraform/subscriptions/s941/dev/monitor/grafana.tf b/terraform/subscriptions/s941/dev/monitor/grafana.tf index 1cec3753..77123a0c 100644 --- a/terraform/subscriptions/s941/dev/monitor/grafana.tf +++ b/terraform/subscriptions/s941/dev/monitor/grafana.tf @@ -14,12 +14,12 @@ module "grafana-mi-admin" { } resource "azurerm_mysql_flexible_server" "grafana" { - location = module.config.location - name = "${module.config.subscription_shortname}-radix-grafana-${module.config.environment}" - resource_group_name = "monitoring" - zone = 2 - backup_retention_days = 7 - sku_name = "B_Standard_B1ms" + location = module.config.location + name = "${module.config.subscription_shortname}-radix-grafana-${module.config.environment}" + resource_group_name = "monitoring" + zone = 2 + backup_retention_days = 7 + sku_name = "B_Standard_B1ms" tags = { IaC = "terraform" diff --git a/terraform/subscriptions/s941/dev/virtualnetwork/.terraform.lock.hcl b/terraform/subscriptions/s941/dev/virtualnetwork/.terraform.lock.hcl index 62a69b53..6b17f5d6 100644 --- a/terraform/subscriptions/s941/dev/virtualnetwork/.terraform.lock.hcl +++ b/terraform/subscriptions/s941/dev/virtualnetwork/.terraform.lock.hcl @@ -2,21 +2,44 @@ # Manual edits may be lost in future updates. provider "registry.terraform.io/hashicorp/azurerm" { - version = "3.113.0" + version = "4.2.0" constraints = ">= 3.110.0" hashes = [ - "h1:eEUtt0lrLdpVaF6FiDq8BGQPgEcykmhj0aNIL7hTOGw=", - "zh:12479f5664288943400447b55e50df675c28ae82ad8d373cc2e5682f3a3411f0", - "zh:1b42a14e80e568429d3b55fed753ca3ef0df9dcdfa107890d7264599c020940f", - "zh:381be6ca617f848de3baa3985a6e1788e91a803afe04a3c5c727453528b6310d", - "zh:3e70e2e07b6db1c363de3e5d0ca47f27fc956473df03329c7d2e54d3ac29176b", - "zh:87c7633aeaa828098c6055da9e67d4acaf4b46748b6b3f0267e105e55f05de25", - "zh:8d0d98226901f874770dd5220d4701a12ae8bd586994615aa7dcba12b9736bec", - "zh:9fd913acd42a60c3a90a18ce803567ef861db8779a59aacced91f2cbd86de9d9", - "zh:b6f3f7ae0a055437fb36c139af9bb3135e7f4dad172157ae1eb0177dc74d703f", - "zh:b927027ba2bf40d34e03d742fd2b6c5299023b5ab8e6f05e50aac76a46ad1094", - "zh:ceb5187b9d2a439f4e48944f3ffeeeaf47a03dbe6f3325ea1775bf659ce0aa88", + "h1:pWbLnqrd3olgCCMj06w4PG6R096QY3Coctb2XdcPsrg=", + "zh:44d84b8a5f2bc6a71a32d85b706200d4dbb2b6a2a9babb25193a852fbbdb9e23", + "zh:57633b586c7b73b169d047a25dd2aa8931ba86bfea22f8e54228b849525708d6", + "zh:58f4e6a80cbc3ad5c92b9c6352f8b1fce6fa0b8a3231e1317bc9b3efba605355", + "zh:a2e2cc82b0d018abe8a9535dcbc173f55b36354fe9778941bdd71c975999fb52", + "zh:a7040aac14e384137f263f1d31a6183556a5acedcc19679647f0deda3c42ba1b", + "zh:c476526f7d54766b627758134a9340984888bacd41954dd11239cbe9b592fc46", + "zh:d001651de98256162c6dc351f4a22d446b6a77d65c487a59bd987d6783a93e71", + "zh:d7bffe913c2fb2a2b7abcf7d747c707a03182a2dc0dbd60a7b5da7a8c7705c3d", + "zh:e2b04f060c72050e7b53582edaaae10d1ed41d07a07babc933c04e9f600a4542", + "zh:eed6694ca700dae58f4a1aa12e02c58d2bfb0a2f09be72f43608bb1ffe709b6b", + "zh:f29200bafe66af9700dc3eb23aa2430a68d5e3dfdd3fc41ad7ceab743c10e164", "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c", - "zh:fb9d78dfeca7489bffca9b1a1f3abee7f16dbbcba31388aea1102062c1d6dce8", + ] +} + +provider "registry.terraform.io/integrations/github" { + version = "6.3.0" + constraints = "~> 6.0" + hashes = [ + "h1:LEs8NwSWwYGHxmbJvGT1w3XeAM6pogAmskY8XavuWDs=", + "zh:04fe3b820fe8c247b98b9d6810b8bb84d3e8ac08054faf450c42489815ef4bfa", + "zh:24096b2d16208d1411a58bdb8df8cd9f0558fb9054ffeb95c4e7e90a9a34f976", + "zh:2b27332adf8d08fbdc08b5f55e87691bce02c311219e6deb39c08753bd93db6d", + "zh:335dd6c2d50fcdce2ef0cc194465fdf9df1f5fdecc805804c78df30a4eb2e11e", + "zh:383a6879565969dbdf5405b651cd870c09c615dbd3df2554e5574d39d161c98c", + "zh:4903038a6bc605f372e1569695db4a2e2862e1fc6cf4faf9e13c5f8f4fa2ed94", + "zh:4cc4dffbee8b28102d38abe855b7440d4f4226261b43fda2ec289b48c3de1537", + "zh:57c30c6fe0b64fa86906700ceb1691562b62f2b1ef0404952aeb4092acb6acb3", + "zh:7bf518396fb00e4f55c406f2ffb5583b43278682a92f0864a0c47e3a74627bbb", + "zh:93c2c5cb90f74ad3c0874b7f7d8a866f28a852f0eda736c6aef8ce65d4061f4d", + "zh:9562a82a6193a2db110fb34d1aceeedb27c0a640058dce9c31b37b17eeb5f4e7", + "zh:ac97f2d111703a219f27fcbf5e89460ea98f9168badcc0913c8b214a37f76814", + "zh:c882af4d33b761ec198cedac212ab1c114d97540119dc97daca38021ab3edd0a", + "zh:c9ffd0a37f07a93af02a1caa90bfbea27a952d3e5badf4aab866ec71cdb184a3", + "zh:fbd1fee2c9df3aa19cf8851ce134dea6e45ea01cb85695c1726670c285797e25", ] } diff --git a/terraform/subscriptions/s941/dev/virtualnetwork/backend.tf b/terraform/subscriptions/s941/dev/virtualnetwork/backend.tf index b28abea7..d42c8ebb 100644 --- a/terraform/subscriptions/s941/dev/virtualnetwork/backend.tf +++ b/terraform/subscriptions/s941/dev/virtualnetwork/backend.tf @@ -4,6 +4,10 @@ terraform { source = "hashicorp/azurerm" version = ">=3.110.0" } + github = { + source = "integrations/github" + version = "~> 6.0" + } } backend "azurerm" { diff --git a/terraform/subscriptions/s941/dev/virtualnetwork/main.tf b/terraform/subscriptions/s941/dev/virtualnetwork/main.tf index b7f38c8c..7e7fca9e 100644 --- a/terraform/subscriptions/s941/dev/virtualnetwork/main.tf +++ b/terraform/subscriptions/s941/dev/virtualnetwork/main.tf @@ -2,6 +2,12 @@ module "config" { source = "../../../modules/config" } +data "github_repository_file" "this" { + repository = "equinor/radix-private" + branch = "master" + file = "terraform/privatelinks/${module.config.environment}.yaml" +} + module "resourcegroups" { source = "../../../modules/resourcegroups" name = module.config.vnet_resource_group @@ -58,10 +64,13 @@ output "public_ip_prefix_ids" { module "private_endpoints" { source = "../../../modules/private-endpoints" - for_each = var.private_endpoints + for_each = yamldecode(data.github_repository_file.this.content) server_name = each.key subresourcename = each.value.subresourcename resource_id = each.value.resource_id vnet_resource_group = module.resourcegroups.data.name - manual_connection = each.value.manual_connection -} \ No newline at end of file + manual_connection = lookup(each.value, "manual_connection", false) + depends_on = [data.github_repository_file.this] +} + + diff --git a/terraform/subscriptions/s941/dev/virtualnetwork/variables.tf b/terraform/subscriptions/s941/dev/virtualnetwork/variables.tf index a545fa4f..a5d6b930 100644 --- a/terraform/subscriptions/s941/dev/virtualnetwork/variables.tf +++ b/terraform/subscriptions/s941/dev/virtualnetwork/variables.tf @@ -12,27 +12,3 @@ variable "resource_groups_common_temporary" { type = string default = "common" } - -variable "private_endpoints" { - description = "List of private endpoints" - type = map(object({ - subresourcename = string - resource_id = string - manual_connection = optional(bool, false) - })) - default = { - radixblobtest6 = { - subresourcename = "blob" - resource_id = "/subscriptions/16ede44b-1f74-40a5-b428-46cca9a5741b/resourceGroups/test-resources/providers/Microsoft.Storage/storageAccounts/radixblobtest6" - manual_connection = true - } - sql-radix-cost-allocation-dev = { - subresourcename = "sqlServer" - resource_id = "/subscriptions/16ede44b-1f74-40a5-b428-46cca9a5741b/resourceGroups/cost-allocation-dev/providers/Microsoft.Sql/servers/sql-radix-cost-allocation-dev" - } - sql-radix-vulnerability-scan-dev = { - subresourcename = "sqlServer" - resource_id = "/subscriptions/16ede44b-1f74-40a5-b428-46cca9a5741b/resourceGroups/vulnerability-scan-dev/providers/Microsoft.Sql/servers/sql-radix-vulnerability-scan-dev" - } - } -} \ No newline at end of file diff --git a/terraform/subscriptions/s941/playground/monitor/grafana.tf b/terraform/subscriptions/s941/playground/monitor/grafana.tf index dcabeaef..e8786d24 100644 --- a/terraform/subscriptions/s941/playground/monitor/grafana.tf +++ b/terraform/subscriptions/s941/playground/monitor/grafana.tf @@ -15,12 +15,12 @@ module "grafana-mi-admin" { } resource "azurerm_mysql_flexible_server" "grafana" { - location = module.config.location - name = "${module.config.subscription_shortname}-radix-grafana-${module.config.environment}" - resource_group_name = "monitoring" - zone = 2 - backup_retention_days = 7 - sku_name = "B_Standard_B1ms" + location = module.config.location + name = "${module.config.subscription_shortname}-radix-grafana-${module.config.environment}" + resource_group_name = "monitoring" + zone = 2 + backup_retention_days = 7 + sku_name = "B_Standard_B1ms" tags = { IaC = "terraform" diff --git a/terraform/subscriptions/s941/playground/virtualnetwork/.terraform.lock.hcl b/terraform/subscriptions/s941/playground/virtualnetwork/.terraform.lock.hcl index 62a69b53..11386128 100644 --- a/terraform/subscriptions/s941/playground/virtualnetwork/.terraform.lock.hcl +++ b/terraform/subscriptions/s941/playground/virtualnetwork/.terraform.lock.hcl @@ -20,3 +20,26 @@ provider "registry.terraform.io/hashicorp/azurerm" { "zh:fb9d78dfeca7489bffca9b1a1f3abee7f16dbbcba31388aea1102062c1d6dce8", ] } + +provider "registry.terraform.io/integrations/github" { + version = "6.3.0" + constraints = "~> 6.0" + hashes = [ + "h1:LEs8NwSWwYGHxmbJvGT1w3XeAM6pogAmskY8XavuWDs=", + "zh:04fe3b820fe8c247b98b9d6810b8bb84d3e8ac08054faf450c42489815ef4bfa", + "zh:24096b2d16208d1411a58bdb8df8cd9f0558fb9054ffeb95c4e7e90a9a34f976", + "zh:2b27332adf8d08fbdc08b5f55e87691bce02c311219e6deb39c08753bd93db6d", + "zh:335dd6c2d50fcdce2ef0cc194465fdf9df1f5fdecc805804c78df30a4eb2e11e", + "zh:383a6879565969dbdf5405b651cd870c09c615dbd3df2554e5574d39d161c98c", + "zh:4903038a6bc605f372e1569695db4a2e2862e1fc6cf4faf9e13c5f8f4fa2ed94", + "zh:4cc4dffbee8b28102d38abe855b7440d4f4226261b43fda2ec289b48c3de1537", + "zh:57c30c6fe0b64fa86906700ceb1691562b62f2b1ef0404952aeb4092acb6acb3", + "zh:7bf518396fb00e4f55c406f2ffb5583b43278682a92f0864a0c47e3a74627bbb", + "zh:93c2c5cb90f74ad3c0874b7f7d8a866f28a852f0eda736c6aef8ce65d4061f4d", + "zh:9562a82a6193a2db110fb34d1aceeedb27c0a640058dce9c31b37b17eeb5f4e7", + "zh:ac97f2d111703a219f27fcbf5e89460ea98f9168badcc0913c8b214a37f76814", + "zh:c882af4d33b761ec198cedac212ab1c114d97540119dc97daca38021ab3edd0a", + "zh:c9ffd0a37f07a93af02a1caa90bfbea27a952d3e5badf4aab866ec71cdb184a3", + "zh:fbd1fee2c9df3aa19cf8851ce134dea6e45ea01cb85695c1726670c285797e25", + ] +} diff --git a/terraform/subscriptions/s941/playground/virtualnetwork/backend.tf b/terraform/subscriptions/s941/playground/virtualnetwork/backend.tf index 16f03935..274eca81 100644 --- a/terraform/subscriptions/s941/playground/virtualnetwork/backend.tf +++ b/terraform/subscriptions/s941/playground/virtualnetwork/backend.tf @@ -4,6 +4,10 @@ terraform { source = "hashicorp/azurerm" version = ">=3.110.0" } + github = { + source = "integrations/github" + version = "~> 6.0" + } } backend "azurerm" { diff --git a/terraform/subscriptions/s941/playground/virtualnetwork/main.tf b/terraform/subscriptions/s941/playground/virtualnetwork/main.tf index f03854b5..8ac4908f 100644 --- a/terraform/subscriptions/s941/playground/virtualnetwork/main.tf +++ b/terraform/subscriptions/s941/playground/virtualnetwork/main.tf @@ -2,6 +2,12 @@ module "config" { source = "../../../modules/config" } +data "github_repository_file" "this" { + repository = "equinor/radix-private" + branch = "master" + file = "terraform/privatelinks/${module.config.environment}.yaml" +} + module "resourcegroups" { source = "../../../modules/resourcegroups" name = module.config.vnet_resource_group @@ -58,10 +64,11 @@ output "public_ip_prefix_ids" { module "private_endpoints" { source = "../../../modules/private-endpoints" - for_each = var.private_endpoints + for_each = yamldecode(data.github_repository_file.this.content) server_name = each.key subresourcename = each.value.subresourcename resource_id = each.value.resource_id vnet_resource_group = module.resourcegroups.data.name - manual_connection = each.value.manual_connection + manual_connection = lookup(each.value, "manual_connection", false) + depends_on = [data.github_repository_file.this] } \ No newline at end of file diff --git a/terraform/subscriptions/s941/playground/virtualnetwork/variables.tf b/terraform/subscriptions/s941/playground/virtualnetwork/variables.tf index 1d57e4ba..53561e44 100644 --- a/terraform/subscriptions/s941/playground/virtualnetwork/variables.tf +++ b/terraform/subscriptions/s941/playground/virtualnetwork/variables.tf @@ -7,27 +7,3 @@ variable "resource_groups_common_temporary" { type = string default = "common" } - -variable "private_endpoints" { - description = "List of private endpoints" - type = map(object({ - subresourcename = string - resource_id = string - manual_connection = optional(bool, false) - })) - default = { - psql-s209nlpdevpsql01-playground = { - subresourcename = "postgresqlServer" - resource_id = "/subscriptions/f63116e3-4460-4b18-9e64-5a58ce7cf837/resourceGroups/S209-NE-NLP-DEV/providers/Microsoft.DBforPostgreSQL/flexibleServers/s209nlpdevpsql01" - manual_connection = true - } - sql-radix-cost-allocation-playground = { - subresourcename = "sqlServer" - resource_id = "/subscriptions/16ede44b-1f74-40a5-b428-46cca9a5741b/resourceGroups/cost-allocation-playground/providers/Microsoft.Sql/servers/sql-radix-cost-allocation-playground" - } - sql-radix-vulnerability-scan-playground = { - subresourcename = "sqlServer" - resource_id = "/subscriptions/16ede44b-1f74-40a5-b428-46cca9a5741b/resourceGroups/vulnerability-scan-playground/providers/Microsoft.Sql/servers/sql-radix-vulnerability-scan-playground" - } - } -} \ No newline at end of file