From 08e8c90b6f7b29617a8b94c87cd146051002e4da Mon Sep 17 00:00:00 2001 From: Christian Fosli Date: Sun, 2 Jul 2023 21:47:24 +0200 Subject: [PATCH] [wip]: Deploy rewritten highscore api as container app --- terraform/api.tf | 65 +++++++++++++++++++++++++++++++++++++++++++++++- terraform/dns.tf | 19 ++++++-------- 2 files changed, 72 insertions(+), 12 deletions(-) diff --git a/terraform/api.tf b/terraform/api.tf index 91ed6b8..8e1d58b 100644 --- a/terraform/api.tf +++ b/terraform/api.tf @@ -1 +1,64 @@ -# TODO: Deploy new highscore API as az container app +resource "azurerm_container_app_environment" "containerAppEnv" { + name = "cae-snake-${var.ENVIRONMENT}" + location = data.azurerm_resource_group.rg.location + resource_group_name = data.azurerm_resource_group.rg.name + log_analytics_workspace_id = azurerm_log_analytics_workspace.logWorkspace.id +} + +resource "azurerm_container_app" "highscoreApi" { + name = "ca-snakehighscoreapi-${var.ENVIRONMENT}" + container_app_environment_id = azurerm_container_app_environment.containerAppEnv.id + resource_group_name = azurerm_container_app_environment.containerAppEnv.resource_group_name + revision_mode = "Single" + + template { + container { + name = "highscore-api" + image = "ghcr.io/christianfosli/snake/highscore-api:latest" # <-- tag will be overridden by ci/cd + cpu = 0.25 + memory = "0.5Gi" + + env { + name = "DB_CONNSTR" + secret_name = "db-connstr" + } + + liveness_probe { + transport = "http" + path = "/livez" + port = 3000 + } + + readiness_probe { + transport = "http" + path = "/readyz" + port = 3000 + } + } + } + + ingress { + # custom_domain { + # # Manual Step: Currently (July 2023), azurerm_container_app_environment_certificate doesn't support + # # managed TLS certificates. + # # Therefore during initial deploy this block must be commented out, and added through the Azure Portal + # # Then the below certificate_id must be updated as required. + # name = "${azurerm_dns_cname_record.highScoreApi.name}.${azurerm_dns_cname_record.highScoreApi.zone_name}" + # certificate_id = "??" + # certificate_binding_type = "SniEnabled" + # } + target_port = 3000 + + traffic_weight { + percentage = 100 + } + } + + secret { + name = "db-connstr" + value = azurerm_key_vault_secret.mongoConnectionString.value + } + + + tags = local.common_tags +} diff --git a/terraform/dns.tf b/terraform/dns.tf index f51b5d4..a821337 100644 --- a/terraform/dns.tf +++ b/terraform/dns.tf @@ -20,14 +20,11 @@ resource "azurerm_dns_cname_record" "app" { tags = local.common_tags } -# todo: add again after container app up -# resource "azurerm_dns_cname_record" "highScoreApi" { -# name = var.ENVIRONMENT == "prod" ? "highscores" : "highscores-${var.ENVIRONMENT}" -# zone_name = "playsnake.no" # hardcoded because sometimes different env -# resource_group_name = "rg-snake-prod" # hardcoded because sometimes different env -# ttl = 300 -# # record = azurerm_linux_function_app.highScoreApi.default_hostname -# # default_hostname incorrenctly returns empty string - see upstream bug report https://github.com/hashicorp/terraform-provider-azurerm/issues/16263 -# record = "${azurerm_linux_function_app.highScoreApi.name}.azurewebsites.net" -# tags = local.common_tags -# } +resource "azurerm_dns_cname_record" "highScoreApi" { + name = var.ENVIRONMENT == "prod" ? "highscores" : "highscores-${var.ENVIRONMENT}" + zone_name = "playsnake.no" # hardcoded because sometimes different env + resource_group_name = "rg-snake-prod" # hardcoded because sometimes different env + ttl = 300 + record = azurerm_container_app.highscoreApi.latest_revision_fqdn + tags = local.common_tags +}