feat(azure-tf): websites

Author: davemooreuws

cloud/azure/deploytf/.nitric/modules/api/outputs.tf

@@ -0,0 +1,3 @@
+output "api_gateway_url" {
+  value = azurerm_api_management.api.gateway_url
+}

cloud/azure/deploytf/.nitric/modules/cdn/main.tf

@@ -0,0 +1,142 @@
+terraform {
+  required_providers {
+    azapi = {
+      source = "Azure/azapi"
+    }
+  }
+}
+
+locals {
+  endpoint_name = "${var.stack_name}-cdn"
+  default_origin_group_name = "website-origin-group"
+}
+
+data "azurerm_client_config" "current" {}
+
+# Create the CDN profile for the website
+resource "azurerm_cdn_profile" "website_profile" {
+  name = "website-profile"
+  resource_group_name = var.resource_group_name
+  location = var.location
+  sku = "Standard_Microsoft"
+}
+
+
+# Create the CDN endpoint with full configuration using azapi, due to limitations in the azurerm provider
+# This includes all origins, origin groups, and delivery rule, see https://github.com/hashicorp/terraform-provider-azurerm/issues/10771
+resource "azapi_resource" "cdn_endpoint" {
+  type        = "Microsoft.Cdn/profiles/endpoints@2024-09-01"
+  name        = local.endpoint_name
+  parent_id   = azurerm_cdn_profile.website_profile.id
+  location    = var.location
+
+  body = {
+    properties = {
+      isHttpAllowed          = false
+      isHttpsAllowed         = true
+      isCompressionEnabled   = true
+      contentTypesToCompress = [
+        "text/html", "text/css", "application/javascript",
+        "application/json", "image/svg+xml", "font/woff", "font/woff2"
+      ]
+      
+      # Define all origins in one place
+      origins = concat(
+        # Storage origin (duplicated from Terraform resource)
+        [{
+          name = var.storage_account_name
+          properties = {
+            hostName = var.storage_account_primary_web_host
+            originHostHeader = var.storage_account_primary_web_host
+            enabled = true
+            httpPort = 80
+            httpsPort = 443
+          }
+        }],
+        # API origins
+        [for key in sort(keys(var.apis)) : {
+          name = "api-origin-${key}"
+          properties = {
+            hostName = replace(replace(var.apis[key].gateway_url, "https://", ""), "/", "")
+            originHostHeader = replace(replace(var.apis[key].gateway_url, "https://", ""), "/", "")
+            httpPort = 80
+            httpsPort = 443
+            enabled = true
+          }
+        }]
+      )
+      
+      # Define all origin groups
+      originGroups = concat(
+        # Website origin group
+        [{
+          name = "website-origin-group"
+          properties = {
+            origins = [{
+              id = "${azurerm_cdn_profile.website_profile.id}/endpoints/${local.endpoint_name}/origins/${var.storage_account_name}"
+            }]
+          }
+        }],
+        # API origin groups
+        [for key in sort(keys(var.apis)) : {
+          name = "api-origin-group-${key}"
+          properties = {
+            origins = [{
+              id = "${azurerm_cdn_profile.website_profile.id}/endpoints/${local.endpoint_name}/origins/api-origin-${key}"
+            }]
+          }
+        }]
+      )
+      
+      # Set default origin group
+      defaultOriginGroup = {
+        id = "${azurerm_cdn_profile.website_profile.id}/endpoints/${local.endpoint_name}/originGroups/website-origin-group"
+      }
+      
+      # Define delivery rules
+      deliveryPolicy = {
+        description = "API routing policy"
+        rules = [
+          for idx, key in { for i, k in sort(keys(var.apis)) : i => k } : {
+            name  = "forward_${key}"
+            order = idx + 1
+            conditions = [{
+              name = "UrlPath"
+              parameters = {
+                typeName = "DeliveryRuleUrlPathMatchConditionParameters"
+                operator = "BeginsWith"
+                matchValues = ["/api/${key}"]
+                transforms = ["Lowercase"]
+                negateCondition = false
+              }
+            }]
+            actions = [
+              {
+                name = "OriginGroupOverride"
+                parameters = {
+                  typeName = "DeliveryRuleOriginGroupOverrideActionParameters"
+                  originGroup = {
+                    id = "${azurerm_cdn_profile.website_profile.id}/endpoints/${local.endpoint_name}/originGroups/api-origin-group-${key}"
+                  }
+                }
+              },
+              {
+                name = "UrlRewrite"
+                parameters = {
+                  typeName = "DeliveryRuleUrlRewriteActionParameters"
+                  sourcePattern = "/api/${key}/"
+                  destination = "/"
+                }
+              }
+            ]
+          }
+        ]
+      }
+    }
+  }
+
+  response_export_values = ["properties.hostName"]
+
+  depends_on = [azurerm_cdn_profile.website_profile]
+}
+

cloud/azure/deploytf/.nitric/modules/cdn/outputs.tf

@@ -0,0 +1,4 @@
+output "cdn_url" {
+  description = "The URL of the CDN endpoint"
+  value = "https://${jsondecode(azapi_resource.cdn_endpoint.output).properties.hostName}"
+}

cloud/azure/deploytf/.nitric/modules/cdn/variables.tf

@@ -0,0 +1,38 @@
+variable "stack_name" {
+  description = "The name of the stack"
+  type        = string
+}
+
+variable "storage_account_id" {
+  description = "The id of the storage account to use for the cdn"
+  type        = string
+}
+
+variable "storage_account_name" {
+  description = "The name of the storage account to use for the cdn"
+  type        = string
+}
+
+variable "storage_account_primary_web_host" {
+  description = "The primary web host of the storage account to use for the cdn"
+  type        = string
+}
+
+variable "resource_group_name" {
+  description = "The name of the resource group to use for the cdn"
+  type        = string
+}
+
+variable "apis" {
+  description = "Map of APIs and their gateway information"
+  type = map(object({
+    gateway_url = string
+    # Add any other API properties you might need
+  }))
+  default = {}
+}
+
+variable "location" {
+  description = "The location/region where the resources will be created"
+  type        = string
+}

cloud/azure/deploytf/.nitric/modules/stack/main.tf

@@ -40,6 +40,16 @@ resource "azurerm_storage_account" "storage" {
   }
 }
 
+# Create a storage container for the website
+resource "azurerm_storage_account_static_website" "storage_website" {
+  count              = var.enable_website ? 1 : 0
+  storage_account_id = azurerm_storage_account.storage[0].id
+  index_document     = var.website_root_index_document
+  error_404_document = var.website_root_error_document
+
+  depends_on = [azurerm_storage_account.storage]
+}
+
 # Create a keyvault if secrets are enabled
 resource "azurerm_key_vault" "keyvault" {
   count = var.enable_keyvault ? 1 : 0
@@ -250,5 +260,5 @@ resource "azurerm_container_app_environment" "environment" {
     "x-nitric-${local.stack_name}-type" = "stack"
   }
 
-  infrastructure_subnet_id = azurerm_subnet.database_infrastructure_subnet[0].id
+  infrastructure_subnet_id = var.enable_database ? azurerm_subnet.database_infrastructure_subnet[0].id : null
 }

cloud/azure/deploytf/.nitric/modules/stack/outputs.tf

@@ -50,6 +50,10 @@ output "storage_account_queue_endpoint" {
   value = one(azurerm_storage_account.storage) != null ? one(azurerm_storage_account.storage).primary_queue_endpoint : null
 }
 
+output "storage_account_web_host" {
+  value = one(azurerm_storage_account.storage) != null ? one(azurerm_storage_account.storage).primary_web_host : null
+}
+
 output "registry_username" {
   value = azurerm_container_registry.container_registry.admin_username
 }

cloud/azure/deploytf/.nitric/modules/stack/variables.tf

@@ -21,6 +21,24 @@ variable "enable_database" {
   default     = false
 }
 
+variable "enable_website" {
+  description = "Enable the creation of a website"
+  type        = bool
+  default     = false
+}
+
+variable "website_root_index_document" {
+  description = "The root index document for the website"
+  type        = string
+  default     = "index.html"
+}
+
+variable "website_root_error_document" {
+  description = "The root error document for the website"
+  type        = string
+  default     = "404.html"
+}
+
 variable "location" {
   description = "The location/region where the resources will be created"
   type        = string

cloud/azure/deploytf/.nitric/modules/website/main.tf

@@ -0,0 +1,34 @@
+module "template_files" {
+  source  = "hashicorp/dir/template"
+  version = "1.0.2"
+  
+  base_dir = var.local_directory
+}
+
+locals {
+  # Apply the base path logic for key transformation
+  transformed_files = {
+    for path, file in module.template_files.files : (
+      var.base_path == "/" ? 
+        path : 
+        "${trimsuffix(var.base_path, "/")}/${path}"
+    ) => file
+  }
+}
+
+
+resource "azurerm_storage_blob" "website_files" {
+  for_each = local.transformed_files
+
+  name                   = trimprefix(each.key, "/")
+
+  storage_account_name   = var.storage_account_name
+  storage_container_name = "$web"
+  type                   = "Block"
+  source                 = each.value.source_path
+  content_type           = each.value.content_type
+
+  # required to detect file changes in Terraform 
+  content_md5            = each.value.digests.md5
+}
+

cloud/azure/deploytf/.nitric/modules/website/outputs.tf

@@ -0,0 +1,7 @@
+# output "uploaded_files" {
+#   value = {
+#     for file, blob in azurerm_storage_blob.website_files :
+#     file => blob.url
+#     if blob.content_md5 != filemd5("${var.local_directory}/${file}") # Filter changed files
+#   }
+# }

cloud/azure/deploytf/.nitric/modules/website/variables.tf

@@ -0,0 +1,21 @@
+variable "name" {
+  description = "The name of the website"
+  type        = string
+}
+
+variable "base_path" {
+  description = "The base path for the website"
+  type        = string
+}
+
+variable "local_directory" {
+  description = "The local directory to deploy the website from"
+  type        = string
+}
+
+variable "storage_account_name" {
+  description = "The name of the storage account"
+  type        = string
+}
+
+

cloud/azure/deploytf/cdktf.json

@@ -53,6 +53,14 @@
     {
       "name": "sql",
       "source": "./.nitric/modules/sql"
+    },
+    {
+      "name": "website",
+      "source": "./.nitric/modules/website"
+    },
+    {
+      "name": "cdn",
+      "source": "./.nitric/modules/cdn"
     }
   ],
   "context": {}

cloud/azure/deploytf/cdn.go

@@ -0,0 +1,54 @@
+// Copyright 2021 Nitric Technologies Pty Ltd.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package deploytf
+
+import (
+	"slices"
+
+	"github.com/aws/jsii-runtime-go"
+	"github.com/hashicorp/terraform-cdk-go/cdktf"
+	"github.com/nitrictech/nitric/cloud/azure/deploytf/generated/cdn"
+	"github.com/samber/lo"
+)
+
+type ApiGateway struct {
+	GatewayURL *string `json:"gateway_url"`
+}
+
+// function to create a new cdn
+func (n *NitricAzureTerraformProvider) NewCdn(tfstack cdktf.TerraformStack) cdn.Cdn {
+	apiGateways := make(map[string]ApiGateway)
+
+	sortedApiKeys := lo.Keys(n.Apis)
+	slices.Sort(sortedApiKeys)
+
+	for _, apiName := range sortedApiKeys {
+		api := n.Apis[apiName]
+		apiGateways[apiName] = ApiGateway{
+			GatewayURL: api.ApiGatewayUrlOutput(),
+		}
+	}
+
+	return cdn.NewCdn(tfstack, jsii.String("cdn"), &cdn.CdnConfig{
+		StackName:                    n.Stack.StackNameOutput(),
+		StorageAccountId:             n.Stack.StorageAccountIdOutput(),
+		StorageAccountName:           n.Stack.StorageAccountNameOutput(),
+		StorageAccountPrimaryWebHost: n.Stack.StorageAccountWebHostOutput(),
+		ResourceGroupName:            n.Stack.ResourceGroupNameOutput(),
+		Location:                     jsii.String(n.Region),
+		Apis:                         apiGateways,
+		DependsOn:                    &[]cdktf.ITerraformDependable{n.Stack},
+	})
+}