From 5cf973e01498d6fa5a12870fbf0e268b3706a157 Mon Sep 17 00:00:00 2001
From: Russell Day <russell.day.coder@gmail.com>
Date: Thu, 25 Apr 2024 23:16:56 +0100
Subject: [PATCH 1/2] Deploy DNS (#9)

Deploy DNS records to Cloudflare
Enable Production deployment
---
 .github/workflows/DeployBranchPush.yml        |  3 ++-
 .github/workflows/DeployEverything.yml        |  7 ++++++-
 .github/workflows/DeployMainBranch.yml        | 17 +++++++++++++++
 .../PocketDDD.BlazorClient/wwwroot/index.html |  5 +++++
 terraform/blazor_client.tf                    | 21 +++++++++++++++++--
 terraform/locals.tf                           |  1 +
 terraform/outputs.tf                          |  4 ++++
 terraform/terraform.tf                        |  4 ++++
 terraform/variables.tf                        |  5 +++++
 tfvars/Production.tfvars                      | 19 ++++++++++++-----
 10 files changed, 77 insertions(+), 9 deletions(-)
 create mode 100644 .github/workflows/DeployMainBranch.yml

diff --git a/.github/workflows/DeployBranchPush.yml b/.github/workflows/DeployBranchPush.yml
index 0148f7b..26a0a7d 100644
--- a/.github/workflows/DeployBranchPush.yml
+++ b/.github/workflows/DeployBranchPush.yml
@@ -4,7 +4,6 @@ on:
     branches-ignore:
       - 'main'
 
-
 jobs:
   deploy_to_test:
     uses: ./.github/workflows/DeployEverything.yml
@@ -14,3 +13,5 @@ jobs:
       AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }}
       AZURE_STATIC_WEB_APPS_API_TOKEN: ${{ secrets.AZURE_STATIC_WEB_APPS_API_TOKEN }}
       TERRAFORM_STATE_ACCESS_KEY: ${{ secrets.TERRAFORM_STATE_ACCESS_KEY }}
+      CLOUDFLARE_TOKEN: ${{ secrets.CLOUDFLARE_TOKEN }}
+      CLOUDFLARE_ACCOUNT_ID: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
diff --git a/.github/workflows/DeployEverything.yml b/.github/workflows/DeployEverything.yml
index c54a705..d8231da 100644
--- a/.github/workflows/DeployEverything.yml
+++ b/.github/workflows/DeployEverything.yml
@@ -13,6 +13,10 @@ on:
         required: true
       TERRAFORM_STATE_ACCESS_KEY:
         required: true
+      CLOUDFLARE_TOKEN:
+        required: true
+      CLOUDFLARE_ACCOUNT_ID:
+        required: true
 
 env:
   AZURE_WEBAPP_PACKAGE_PATH: PocketDDD.Server.WebAPI/publish
@@ -40,9 +44,10 @@ jobs:
     - run: |
         terraform init -backend-config="key=${{ inputs.env }}.terraform.tfstate"
 
-        terraform apply -auto-approve --var-file ../tfvars/${{ inputs.env }}.tfvars
+        terraform apply -auto-approve -var-file ../tfvars/${{ inputs.env }}.tfvars -var 'cloudflare_account_id=${{ secrets.CLOUDFLARE_ACCOUNT_ID }}'
       env:
         ARM_ACCESS_KEY: ${{ secrets.TERRAFORM_STATE_ACCESS_KEY }}
+        CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_TOKEN }}
 
   build_api_server:
     runs-on: ubuntu-latest
diff --git a/.github/workflows/DeployMainBranch.yml b/.github/workflows/DeployMainBranch.yml
new file mode 100644
index 0000000..3fb5b09
--- /dev/null
+++ b/.github/workflows/DeployMainBranch.yml
@@ -0,0 +1,17 @@
+name: Deploy Branch Push
+on:
+  push:
+    branches:
+      - 'main'
+
+jobs:
+  deploy_to_test:
+    uses: ./.github/workflows/DeployEverything.yml
+    with:
+      env: "Production"
+    secrets: 
+      AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }}
+      AZURE_STATIC_WEB_APPS_API_TOKEN: ${{ secrets.AZURE_STATIC_WEB_APPS_API_TOKEN }}
+      TERRAFORM_STATE_ACCESS_KEY: ${{ secrets.TERRAFORM_STATE_ACCESS_KEY }}
+      CLOUDFLARE_TOKEN: ${{ secrets.CLOUDFLARE_TOKEN }}
+      CLOUDFLARE_ACCOUNT_ID: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
diff --git a/PocketDDD.BlazorClient/PocketDDD.BlazorClient/wwwroot/index.html b/PocketDDD.BlazorClient/PocketDDD.BlazorClient/wwwroot/index.html
index 22301a2..5e86f46 100644
--- a/PocketDDD.BlazorClient/PocketDDD.BlazorClient/wwwroot/index.html
+++ b/PocketDDD.BlazorClient/PocketDDD.BlazorClient/wwwroot/index.html
@@ -27,6 +27,11 @@
         Blazor.start({
             environment: "Development"
         });
+    } else if (window.location.hostname.includes("test2")) {
+        console.info("Env = Test2")
+        Blazor.start({
+            environment: "Test2"
+        });
     } else if (window.location.hostname.includes("test")) {
         console.info("Env = Test")
         Blazor.start({
diff --git a/terraform/blazor_client.tf b/terraform/blazor_client.tf
index 905ff05..4943190 100644
--- a/terraform/blazor_client.tf
+++ b/terraform/blazor_client.tf
@@ -7,8 +7,6 @@ resource "azurerm_static_web_app" "blazor-client" {
   sku_size = var.client_sku_size
 
   app_settings = {
-    "ASPNETCORE_ENVIRONMENT": "${ var.env }"
-    "DOTNET_ENVIRONMENT": "${ var.env }"
     "apiUrl": "https://pocketddd-${ var.env }-api-server-web-app.azurewebsites.net/api/"
     "fakeBackend": "false"
   }
@@ -21,3 +19,22 @@ resource "azurerm_key_vault_secret" "blazor_client_deployment_token" {
   value        = azurerm_static_web_app.blazor-client.api_key
   key_vault_id = azurerm_key_vault.key_vault.id
 }
+
+data "cloudflare_zone" "dns_zone" {
+  account_id = var.cloudflare_account_id
+  name       = "dddsouthwest.com"
+}
+
+resource "cloudflare_record" "cname_record" {
+  zone_id = data.cloudflare_zone.dns_zone.id
+  name    = local.subdomain
+  value   = azurerm_static_web_app.blazor-client.default_host_name
+  type    = "CNAME"
+  ttl     = 3600
+}
+
+resource "azurerm_static_web_app_custom_domain" "custom_domain" {
+  static_web_app_id = azurerm_static_web_app.blazor-client.id
+  domain_name       = "${cloudflare_record.cname_record.name}.${data.cloudflare_zone.dns_zone.name}"
+  validation_type   = "cname-delegation"
+}
diff --git a/terraform/locals.tf b/terraform/locals.tf
index f501ce1..d6fce8f 100644
--- a/terraform/locals.tf
+++ b/terraform/locals.tf
@@ -1,4 +1,5 @@
 locals {
   resource_prefix = "pocketddd-${var.env}"
   sql_server_name = "${local.resource_prefix}-sql-server"
+  subdomain = var.env == "prod" ? "pocket" : "pocket-${var.env}"
 }
\ No newline at end of file
diff --git a/terraform/outputs.tf b/terraform/outputs.tf
index 3d45d91..2d24ab7 100644
--- a/terraform/outputs.tf
+++ b/terraform/outputs.tf
@@ -1,3 +1,7 @@
 output "api_server_url" {
   value = "https://${azurerm_linux_web_app.api_server_web_app.default_hostname}/"
 }
+
+# output "client_app_public_url" {
+#   value = 
+# }
diff --git a/terraform/terraform.tf b/terraform/terraform.tf
index a631d7b..a37dc48 100644
--- a/terraform/terraform.tf
+++ b/terraform/terraform.tf
@@ -13,6 +13,10 @@ terraform {
       source  = "hashicorp/random"
       version = "3.6.1"
     }
+    cloudflare = {
+      source  = "cloudflare/cloudflare"
+      version = "~> 4.0"
+    }
   }
 }
 
diff --git a/terraform/variables.tf b/terraform/variables.tf
index a730615..4548969 100644
--- a/terraform/variables.tf
+++ b/terraform/variables.tf
@@ -39,3 +39,8 @@ variable "client_sku_size" {
   nullable = false
   type     = string
 }
+
+variable "cloudflare_account_id" {
+  nullable = false
+  type = string
+}
diff --git a/tfvars/Production.tfvars b/tfvars/Production.tfvars
index be4ae7a..8af8b9d 100644
--- a/tfvars/Production.tfvars
+++ b/tfvars/Production.tfvars
@@ -1,7 +1,16 @@
 env = "prod"
-sql_db_sku = "S0"
-sql_max_storage = "10"
+sql_db_sku = "Basic"
+sql_max_storage = "2"
 api_app_service_sku = "B1"
-api_always_on = true
-client_sku_tier = "Standard"
-client_sku_size = "Standard"
\ No newline at end of file
+api_always_on = false
+client_sku_tier = "Free"
+client_sku_size = "Free"
+
+# Real prod values
+# env = "prod"
+# sql_db_sku = "S0"
+# sql_max_storage = "10"
+# api_app_service_sku = "B1"
+# api_always_on = true
+# client_sku_tier = "Standard"
+# client_sku_size = "Standard"
\ No newline at end of file

From 238c6e40900bd7cf668f8f5bd1b39839d0f54e5a Mon Sep 17 00:00:00 2001
From: Russell Day <russell.day.coder@gmail.com>
Date: Fri, 26 Apr 2024 00:05:26 +0100
Subject: [PATCH 2/2] Fix Production deployment (#10)

---
 .github/workflows/DeployEverything.yml | 1 +
 .github/workflows/DeployMainBranch.yml | 5 +++--
 terraform/outputs.tf                   | 6 +++---
 tfvars/Production.tfvars               | 2 +-
 4 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/DeployEverything.yml b/.github/workflows/DeployEverything.yml
index d8231da..271fa1e 100644
--- a/.github/workflows/DeployEverything.yml
+++ b/.github/workflows/DeployEverything.yml
@@ -109,6 +109,7 @@ jobs:
 
       - run: |
           cp PocketDDD.BlazorClient/PocketDDD.BlazorClient/wwwroot/appsettings.${{ inputs.env }}.json PocketDDD.BlazorClient/PocketDDD.BlazorClient/wwwroot/appsettings.Production.json
+        if: ${{ inputs.env != 'Production' }}
 
       - run: |
           apiToken=$(az staticwebapp secrets list --name pocketddd-${{ inputs.env }}-blazorclient --query "properties.apiKey" -o tsv)
diff --git a/.github/workflows/DeployMainBranch.yml b/.github/workflows/DeployMainBranch.yml
index 3fb5b09..5c70caf 100644
--- a/.github/workflows/DeployMainBranch.yml
+++ b/.github/workflows/DeployMainBranch.yml
@@ -1,11 +1,12 @@
-name: Deploy Branch Push
+name: Deploy Main to Production
 on:
   push:
     branches:
       - 'main'
+      - 'fixProdDeployment'
 
 jobs:
-  deploy_to_test:
+  deploy_to_production:
     uses: ./.github/workflows/DeployEverything.yml
     with:
       env: "Production"
diff --git a/terraform/outputs.tf b/terraform/outputs.tf
index 2d24ab7..5e81d3c 100644
--- a/terraform/outputs.tf
+++ b/terraform/outputs.tf
@@ -2,6 +2,6 @@ output "api_server_url" {
   value = "https://${azurerm_linux_web_app.api_server_web_app.default_hostname}/"
 }
 
-# output "client_app_public_url" {
-#   value = 
-# }
+output "client_app_public_url" {
+  value = "https://${azurerm_static_web_app_custom_domain.custom_domain.domain_name}"
+}
diff --git a/tfvars/Production.tfvars b/tfvars/Production.tfvars
index 8af8b9d..27cedef 100644
--- a/tfvars/Production.tfvars
+++ b/tfvars/Production.tfvars
@@ -1,4 +1,4 @@
-env = "prod"
+env = "production"
 sql_db_sku = "Basic"
 sql_max_storage = "2"
 api_app_service_sku = "B1"