From ca3da7acb3e8d7b5a981877b4900c394e0ab8c8d Mon Sep 17 00:00:00 2001 From: John Ake Date: Fri, 19 Apr 2024 15:01:36 +0100 Subject: [PATCH] Add New TRS domains - authorise-access-to-a-teaching-record.education.gov.uk - teaching-record-system.education.gov.uk --- Makefile | 3 ++ .../config/dev.tfvars.json | 33 +++++++++++-- .../config/pre-production.tfvars.json | 33 +++++++++++-- .../config/production.tfvars.json | 34 ++++++++++---- .../config/test.tfvars.json | 33 +++++++++++-- terraform/domains/environment_domains/main.tf | 21 ++++----- .../domains/environment_domains/variables.tf | 47 ------------------- .../infrastructure/.terraform.lock.hcl | 1 + .../infrastructure/config/trs.tfvars.json | 12 +++++ 9 files changed, 135 insertions(+), 82 deletions(-) diff --git a/Makefile b/Makefile index f3d8c4de2..68776bdf7 100644 --- a/Makefile +++ b/Makefile @@ -246,6 +246,9 @@ domains-infra-init: bin/terrafile set-azure-pd-subscription ## make [domain|aks_ domains-infra-plan: domains-infra-init ## terraform plan for dns core resources terraform -chdir=terraform/domains/infrastructure plan -var-file config/trs.tfvars.json +domains-infra-apply: domains-infra-init ## terraform apply for dns core resources + terraform -chdir=terraform/domains/infrastructure apply -var-file config/trs.tfvars.json + domain-azure-resources: set-azure-account # make [domain|aks_domain] domain-azure-resources CONFIRM_DEPLOY=1, creates core DNA/AKS $(if $(CONFIRM_DEPLOY), , $(error can only run with CONFIRM_DEPLOY)) az deployment sub create -l "UK South" --template-uri "https://raw.githubusercontent.com/DFE-Digital/tra-shared-services/main/azure/resourcedeploy.json" --parameters "resourceGroupName=${RESOURCE_NAME_PREFIX}-trsdomains-rg" 'tags=${RG_TAGS}' "tfStorageAccountName=${RESOURCE_NAME_PREFIX}trsdomainstf" "tfStorageContainerName=trsdomains-tf" "keyVaultName=${RESOURCE_NAME_PREFIX}-trsdomain-kv" diff --git a/terraform/domains/environment_domains/config/dev.tfvars.json b/terraform/domains/environment_domains/config/dev.tfvars.json index 22aa6e312..ad2ba4e67 100644 --- a/terraform/domains/environment_domains/config/dev.tfvars.json +++ b/terraform/domains/environment_domains/config/dev.tfvars.json @@ -1,6 +1,31 @@ { - "domains": ["dev"], - "environment_short": "dv", - "environment_tag": "dev", - "origin_hostname": "trs-dev-api.test.teacherservices.cloud" + "hosted_zone": { + "teacher-qualifications-api.education.gov.uk": { + "front_door_name": "s189p01-trsdomains-fd", + "resource_group_name": "s189p01-trsdomains-rg", + "domains": [ + "dev" + ], + "environment_short": "dv", + "origin_hostname": "trs-dev-api.test.teacherservices.cloud" + }, + "authorise-access-to-a-teaching-record.education.gov.uk": { + "front_door_name": "s189p01-trsdomains1-fd", + "resource_group_name": "s189p01-trsdomains-rg", + "domains": [ + "dev" + ], + "environment_short": "dv", + "origin_hostname": "trs-dev-authz.test.teacherservices.cloud" + }, + "teaching-record-system.education.gov.uk": { + "front_door_name": "s189p01-trsdomains2-fd", + "resource_group_name": "s189p01-trsdomains-rg", + "domains": [ + "dev" + ], + "environment_short": "dv", + "origin_hostname": "trs-dev-ui.test.teacherservices.cloud" + } + } } diff --git a/terraform/domains/environment_domains/config/pre-production.tfvars.json b/terraform/domains/environment_domains/config/pre-production.tfvars.json index ab9e2da51..6bfd954cf 100644 --- a/terraform/domains/environment_domains/config/pre-production.tfvars.json +++ b/terraform/domains/environment_domains/config/pre-production.tfvars.json @@ -1,6 +1,31 @@ { - "domains": ["preprod"], - "environment_short": "pp", - "environment_tag": "pre-prod", - "origin_hostname": "trs-pre-production-api.test.teacherservices.cloud" + "hosted_zone": { + "teacher-qualifications-api.education.gov.uk": { + "front_door_name": "s189p01-trsdomains-fd", + "resource_group_name": "s189p01-trsdomains-rg", + "domains": [ + "preprod" + ], + "environment_short": "pp", + "origin_hostname": "trs-pre-production-api.test.teacherservices.cloud" + }, + "authorise-access-to-a-teaching-record.education.gov.uk": { + "front_door_name": "s189p01-trsdomains1-fd", + "resource_group_name": "s189p01-trsdomains-rg", + "domains": [ + "preprod" + ], + "environment_short": "pp", + "origin_hostname": "trs-pre-production-authz.test.teacherservices.cloud" + }, + "teaching-record-system.education.gov.uk": { + "front_door_name": "s189p01-trsdomains2-fd", + "resource_group_name": "s189p01-trsdomains-rg", + "domains": [ + "preprod" + ], + "environment_short": "pp", + "origin_hostname": "trs-pre-production-ui.test.teacherservices.cloud" + } + } } diff --git a/terraform/domains/environment_domains/config/production.tfvars.json b/terraform/domains/environment_domains/config/production.tfvars.json index 09b04070f..9c06f181a 100644 --- a/terraform/domains/environment_domains/config/production.tfvars.json +++ b/terraform/domains/environment_domains/config/production.tfvars.json @@ -1,17 +1,31 @@ { - "domains": ["apex"], - "environment_short": "pd", - "environment_tag": "Prod", - "origin_hostname": "trs-production-api.teacherservices.cloud", "hosted_zone": { "teacher-qualifications-api.education.gov.uk": { + "front_door_name": "s189p01-trsdomains-fd", "resource_group_name": "s189p01-trsdomains-rg", - "cnames": { - "_e61158082e6141e3ddafd7ec187d748b": { - "target": "_9d03d335ceca11fa14a00b153bb52ae2.bgpjyrktby.acm-validations.aws", - "ttl": 86400 - } - } + "domains": [ + "apex" + ], + "environment_short": "pd", + "origin_hostname": "trs-production-api.teacherservices.cloud" + }, + "authorise-access-to-a-teaching-record.education.gov.uk": { + "front_door_name": "s189p01-trsdomains1-fd", + "resource_group_name": "s189p01-trsdomains-rg", + "domains": [ + "apex" + ], + "environment_short": "pd", + "origin_hostname": "trs-production-authz.teacherservices.cloud" + }, + "teaching-record-system.education.gov.uk": { + "front_door_name": "s189p01-trsdomains2-fd", + "resource_group_name": "s189p01-trsdomains-rg", + "domains": [ + "apex" + ], + "environment_short": "pd", + "origin_hostname": "trs-production-ui.teacherservices.cloud" } } } diff --git a/terraform/domains/environment_domains/config/test.tfvars.json b/terraform/domains/environment_domains/config/test.tfvars.json index 091af7a45..b9bde2aa2 100644 --- a/terraform/domains/environment_domains/config/test.tfvars.json +++ b/terraform/domains/environment_domains/config/test.tfvars.json @@ -1,6 +1,31 @@ { - "domains": ["test"], - "environment_short": "ts", - "environment_tag": "test", - "origin_hostname": "trs-test-api.test.teacherservices.cloud" + "hosted_zone": { + "teacher-qualifications-api.education.gov.uk": { + "front_door_name": "s189p01-trsdomains-fd", + "resource_group_name": "s189p01-trsdomains-rg", + "domains": [ + "test" + ], + "environment_short": "ts", + "origin_hostname": "trs-test-api.test.teacherservices.cloud" + }, + "authorise-access-to-a-teaching-record.education.gov.uk": { + "front_door_name": "s189p01-trsdomains1-fd", + "resource_group_name": "s189p01-trsdomains-rg", + "domains": [ + "test" + ], + "environment_short": "ts", + "origin_hostname": "trs-test-authz.test.teacherservices.cloud" + }, + "teaching-record-system.education.gov.uk": { + "front_door_name": "s189p01-trsdomains2-fd", + "resource_group_name": "s189p01-trsdomains-rg", + "domains": [ + "test" + ], + "environment_short": "ts", + "origin_hostname": "trs-test-ui.test.teacherservices.cloud" + } + } } diff --git a/terraform/domains/environment_domains/main.tf b/terraform/domains/environment_domains/main.tf index 6d104c4a7..a8749b765 100644 --- a/terraform/domains/environment_domains/main.tf +++ b/terraform/domains/environment_domains/main.tf @@ -1,15 +1,10 @@ module "domains" { - source = "./vendor/modules/domains//domains/environment_domains" - zone = var.zone - front_door_name = var.front_door_name - resource_group_name = var.resource_group_name - domains = var.domains - environment = var.environment_short - host_name = var.origin_hostname - null_host_header = var.null_host_header -} -module "records" { - source = "./vendor/modules/domains//dns/records" - hosted_zone = var.hosted_zone - + for_each = var.hosted_zone + source = "./vendor/modules/domains//domains/environment_domains" + zone = each.key + front_door_name = each.value.front_door_name + resource_group_name = each.value.resource_group_name + domains = each.value.domains + environment = each.value.environment_short + host_name = each.value.origin_hostname } diff --git a/terraform/domains/environment_domains/variables.tf b/terraform/domains/environment_domains/variables.tf index cc8924b02..ad63e546f 100644 --- a/terraform/domains/environment_domains/variables.tf +++ b/terraform/domains/environment_domains/variables.tf @@ -1,51 +1,4 @@ -variable "zone" { - type = string - description = "Name of DNS zone" - default = "teacher-qualifications-api.education.gov.uk" -} - -variable "front_door_name" { - type = string - description = "Name of Azure Front Door" - default = "s189p01-trsdomains-fd" -} - -variable "resource_group_name" { - type = string - description = "Name of resouce group name" - default = "s189p01-trsdomains-rg" -} - -variable "domains" { - description = "List of domains record names" -} - -variable "environment_tag" { - type = string - description = "Environment" -} - -variable "environment_short" { - type = string - description = "Short name for environment" -} - -variable "origin_hostname" { - type = string - description = "Origin endpoint url" -} - -variable "null_host_header" { - type = bool - description = "origin_host_header for the azurerm_cdn_frontdoor_origin" - default = false -} - variable "hosted_zone" { type = map(any) default = {} } - -locals { - hostname = "${var.domains[0]}.${var.zone}" -} diff --git a/terraform/domains/infrastructure/.terraform.lock.hcl b/terraform/domains/infrastructure/.terraform.lock.hcl index 617d685d5..23d028563 100644 --- a/terraform/domains/infrastructure/.terraform.lock.hcl +++ b/terraform/domains/infrastructure/.terraform.lock.hcl @@ -6,6 +6,7 @@ provider "registry.terraform.io/hashicorp/azurerm" { constraints = "3.53.0" hashes = [ "h1:bK70LV1NldhodSm58cUpawKwdUL1A5AKKglAV2wZ/QY=", + "h1:ocOIwGJG+K9hb22GdXhTdDiewSdeo9YO3BZ8cm8fUiE=", "zh:078ece8318ad7d6c1cd2e5f2044188e74af63921b93223c7f8d477539fa91888", "zh:1bdc98ff8c2d3f3e81a746762e03d39794b2f5c90dc478cdb23dcc3d3f9947b6", "zh:20b51cfc0ffc4ff368e6eb2eaece0b6bb99ade09e4b91b3444b50e94fc54c119", diff --git a/terraform/domains/infrastructure/config/trs.tfvars.json b/terraform/domains/infrastructure/config/trs.tfvars.json index 2f52bc6af..439c3eeec 100644 --- a/terraform/domains/infrastructure/config/trs.tfvars.json +++ b/terraform/domains/infrastructure/config/trs.tfvars.json @@ -12,6 +12,18 @@ "value": "v=DMARC1;p=quarantine;sp=quarantine;pct=100;fo=1;rua=mailto:dmarc-rua@dmarc.service.gov.uk,mailto:dmarc-rua@education.gov.uk;ruf=mailto:DMARC.Forensic@education.gov.uk" } } + }, + "authorise-access-to-a-teaching-record.education.gov.uk": { + "resource_group_name": "s189p01-trsdomains-rg", + "front_door_name": "s189p01-trsdomains1-fd", + "caa_records": {}, + "txt_records": {} + }, + "teaching-record-system.education.gov.uk": { + "resource_group_name": "s189p01-trsdomains-rg", + "front_door_name": "s189p01-trsdomains2-fd", + "caa_records": {}, + "txt_records": {} } }, "tags": {