Skip to content
This repository has been archived by the owner on Mar 27, 2023. It is now read-only.

pagopa-archive/userregistry-infra

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

36 Commits
.devops
.devops
 
 
.github
.github
 
 
.vscode
.vscode
 
 
src
src
 
 
.gitignore
.gitignore
 
 
.pre-commit-config.yaml
.pre-commit-config.yaml
 
 
.terraform-version
.terraform-version
 
 
CODEOWNERS
CODEOWNERS
 
 
README.md
README.md
 
 

Repository files navigation

⚠️ Archived repository ⚠️

This repository is archived. New contents has been migrated in https://github.com/pagopa/pdv-tokenizer-infra and https://github.com/pagopa/pdv-user-registry-infra

Static Analysis

userregistry-infra

UserRegistry infra project

Flow of installation

  1. Run terraform on ´pillar´ folder, to generate all the resources that are pillar for other resources

  2. Run on ´core´ folder this command, to generate the secrets mandatory for pipelines ´´´bash sh terraform.sh apply [dev|uat|prod] -target azurerm_key_vault_secret.aks_apiserver_url ´´´

  3. Generate all the pipelines usign project https://github.com/pagopa/userregistry-devops

    1. Launch the pipelines to allow the generation of the certificate, mandatory for apim and app gateway

  4. Check that the new certificates are created inside the keyvault

  5. Run terraform on ´core´ folder to complete all the resources

  6. (Only via VPN for UAT and PROD) Run terraform on ´k8s´ folder to setup kubernetes cluster

Requirements

1. terraform

In order to manage the suitable version of terraform it is strongly recommended to install the following tool:

  • tfenv: Terraform version manager inspired by rbenv.

Once these tools have been installed, install the terraform version shown in:

  • .terraform-version

After installation install terraform:

tfenv install

Terraform modules

As PagoPA we build our standard Terraform modules, check available modules:

Apply changes

To apply changes follow the standard terraform lifecycle once the code in this repository has been changed:

terraform.sh init [dev|uat|prod]

terraform.sh plan [dev|uat|prod]

terraform.sh apply [dev|uat|prod]

Terraform lock.hcl

We have both developers who work with your Terraform configuration on their Linux, macOS or Windows workstations and automated systems that apply the configuration while running on Linux. https://www.terraform.io/docs/cli/commands/providers/lock.html#specifying-target-platforms

So we need to specify this in terraform lock providers:

terraform init

rm .terraform.lock.hcl

terraform providers lock \
  -platform=windows_amd64 \
  -platform=darwin_amd64 \
  -platform=darwin_arm64 \
  -platform=linux_amd64

Precommit checks

Check your code before commit.

https://github.com/antonbabenko/pre-commit-terraform#how-to-install

pre-commit run -a

Install the pre-commit hook globally

DIR=~/.git-template
git config --global init.templateDir ${DIR}
pre-commit init-templatedir -t pre-commit ${DIR}

About

User Registry IaC

Topics

infrastructure terraform user-registry

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

4 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages