add terraform for azure deployment

Author: MalteSchwitters

terraform/.terraform.lock.hcl

@@ -0,0 +1,76 @@
+resource "azurerm_container_app_environment" "lissi_eventplanner" {
+  name                       = "cae-${local.stack}"
+  location                   = azurerm_resource_group.lissi_eventplanner.location
+  resource_group_name        = azurerm_resource_group.lissi_eventplanner.name
+  log_analytics_workspace_id = azurerm_log_analytics_workspace.lissi_eventplanner.id
+  tags                       = local.default_tags
+}
+
+resource "azurerm_container_app" "lissi_eventplanner" {
+  name                         = "ca-${local.stack}"
+  container_app_environment_id = azurerm_container_app_environment.lissi_eventplanner.id
+  resource_group_name          = azurerm_resource_group.lissi_eventplanner.name
+  revision_mode                = "Single"
+  tags                         = local.default_tags
+
+  ingress {
+    allow_insecure_connections = true
+    external_enabled           = true
+    target_port                = 80
+
+    traffic_weight {
+      percentage      = 100
+      latest_revision = true
+    }
+
+    # custom_domain {
+    #   name                     = var.domain
+    #   certificate_id           = data.azurerm_key_vault_certificate.ssl_certificate.id
+    #   certificate_binding_type = "SniEnabled"
+    # }
+  }
+
+  lifecycle {
+    // Required to not delete the manually created custom domain since it is not possible to create a managed certificate for a custom domain with terraform
+    // https://github.com/hashicorp/terraform-provider-azurerm/issues/21866
+    ignore_changes = ["ingress"]
+  }
+
+  template {
+    min_replicas = 1
+    max_replicas = 1
+
+    container {
+      name   = "eventplanner"
+      image  = "ghcr.io/grossherzogin-elisabeth/eventplanner:main"
+      cpu    = 0.5
+      memory = "1Gi"
+      env {
+        name  = "AUTH_ISSUER_URI"
+        value = "https://login.microsoftonline.com/63384ddf-6496-44bd-b22c-93e944e6ed88/v2.0"
+      }
+      env {
+        name        = "AUTH_CLIENT_ID"
+        secret_name = "client-id"
+      }
+      env {
+        name        = "AUTH_CLIENT_SECRET"
+        secret_name = "client-secret"
+      }
+      env {
+        name  = "SERVER_HOST"
+        value = var.domain
+      }
+    }
+  }
+
+  secret {
+    name  = "client-id"
+    value = data.azurerm_key_vault_secret.client_id.value
+  }
+
+  secret {
+    name  = "client-secret"
+    value = data.azurerm_key_vault_secret.client_secret.value
+  }
+}

terraform/container_app.tf

@@ -0,0 +1,23 @@
+locals {
+  stack = "${var.app}-${var.env}"
+
+  default_tags = {
+    environment = var.env
+    app         = var.app
+  }
+}
+
+resource "azurerm_resource_group" "lissi_eventplanner" {
+  name     = "rg-${local.stack}"
+  location = var.region
+  tags     = local.default_tags
+}
+
+resource "azurerm_log_analytics_workspace" "lissi_eventplanner" {
+  name                = "log-${local.stack}"
+  location            = azurerm_resource_group.lissi_eventplanner.location
+  resource_group_name = azurerm_resource_group.lissi_eventplanner.name
+  sku                 = "PerGB2018"
+  retention_in_days   = 30
+  tags                = local.default_tags
+}

terraform/main.tf

@@ -0,0 +1,3 @@
+output "azurerm_container_app_url" {
+  value = azurerm_container_app.lissi_eventplanner.latest_revision_fqdn
+}

terraform/outputs.tf

@@ -0,0 +1,13 @@
+terraform {
+  required_version = ">= 1.3"
+  required_providers {
+    azurerm = {
+      source  = "hashicorp/azurerm"
+      version = "=3.52.0"
+    }
+  }
+}
+
+provider "azurerm" {
+  features {}
+}

terraform/provider.tf

@@ -0,0 +1,19 @@
+data "azurerm_key_vault" "lissi_eventplanner" {
+  name                = "kv-lissi"
+  resource_group_name = "rg-lissi"
+}
+
+data "azurerm_key_vault_secret" "client_id" {
+  name         = "auth-client-id"
+  key_vault_id = data.azurerm_key_vault.lissi_eventplanner.id
+}
+
+data "azurerm_key_vault_secret" "client_secret" {
+  name         = "auth-client-secret"
+  key_vault_id = data.azurerm_key_vault.lissi_eventplanner.id
+}
+
+data "azurerm_key_vault_certificate" "ssl_certificate" {
+  name         = "cert-crew-grosses-meer-surf"
+  key_vault_id = data.azurerm_key_vault.lissi_eventplanner.id
+}

terraform/secrets.tf

@@ -0,0 +1,24 @@
+variable "region" {
+  description = "Azure infrastructure region"
+  type        = string
+  default     = "germanywestcentral"
+}
+
+variable "app" {
+  description = "Application that we want to deploy"
+  type        = string
+  default     = "eventplanner"
+}
+
+variable "env" {
+  description = "Application env"
+  type        = string
+  default     = "live"
+}
+
+variable "domain" {
+  description = "Domain of the application"
+  type        = string
+  default     = "crew.grosses-meer.surf"
+}
+