remove from core

pagopa · Mar 19, 2024 · 2f2d55d · 2f2d55d
1 parent c5df9d0
commit 2f2d55d
Show file tree

Hide file tree

Showing 5 changed files with 12 additions and 61 deletions.
diff --git a/src/core/README.md b/src/core/README.md
@@ -112,7 +112,6 @@
 | <a name="module_redis_common_backup_zrs"></a> [redis\_common\_backup\_zrs](#module\_redis\_common\_backup\_zrs) | github.com/pagopa/terraform-azurerm-v3//storage_account | v7.61.0 |
 | <a name="module_redis_common_snet"></a> [redis\_common\_snet](#module\_redis\_common\_snet) | git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet | v7.61.0 |
 | <a name="module_redis_messages_v6"></a> [redis\_messages\_v6](#module\_redis\_messages\_v6) | git::https://github.com/pagopa/terraform-azurerm-v3.git//redis_cache | v7.61.0 |
-| <a name="module_selfcare_cdn"></a> [selfcare\_cdn](#module\_selfcare\_cdn) | git::https://github.com/pagopa/terraform-azurerm-v3.git//cdn | v7.61.0 |
 | <a name="module_selfcare_jwt"></a> [selfcare\_jwt](#module\_selfcare\_jwt) | git::https://github.com/pagopa/terraform-azurerm-v3.git//jwt_keys | v7.61.0 |
 | <a name="module_services_snet"></a> [services\_snet](#module\_services\_snet) | git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet | v7.61.0 |
 | <a name="module_shared_1_snet"></a> [shared\_1\_snet](#module\_shared\_1\_snet) | git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet | v7.61.0 |
@@ -391,6 +390,7 @@
 | [azurerm_client_config.current](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/client_config) | data source |
 | [azurerm_cosmosdb_account.cosmos_api](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/cosmosdb_account) | data source |
 | [azurerm_cosmosdb_account.cosmos_remote_content](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/cosmosdb_account) | data source |
+| [azurerm_dns_a_record.selfcare_cdn](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/dns_a_record) | data source |
 | [azurerm_eventhub_authorization_rule.io-p-messages-weu-prod01-evh-ns_message-status_io-fn-messages-cqrs](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/eventhub_authorization_rule) | data source |
 | [azurerm_eventhub_authorization_rule.io-p-messages-weu-prod01-evh-ns_messages_io-fn-messages-cqrs](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/eventhub_authorization_rule) | data source |
 | [azurerm_eventhub_authorization_rule.io-p-payments-weu-prod01-evh-ns_payment-updates_io-fn-messages-cqrs](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/eventhub_authorization_rule) | data source |

diff --git a/src/core/monitor.tf b/src/core/monitor.tf
@@ -334,8 +334,8 @@ locals {
     },
     {
       # https://io.selfcare.pagopa.it
-      name                              = module.selfcare_cdn.fqdn,
-      host                              = module.selfcare_cdn.fqdn,
+      name                              = trimsuffix(data.azurerm_dns_a_record.selfcare_cdn.fqdn, "."),
+      host                              = trimsuffix(data.azurerm_dns_a_record.selfcare_cdn.fqdn, "."),
       path                              = "",
       frequency                         = 900
       http_status                       = 200,

diff --git a/src/core/selfcare.tf b/src/core/selfcare.tf
@@ -16,67 +16,17 @@ data "azurerm_resource_group" "selfcare_fe_rg" {
   name = "${local.project}-selfcare-fe-rg"
 }
 
-### Frontend resources
-#tfsec:ignore:azure-storage-queue-services-logging-enabled:exp:2022-05-01 # already ignored, maybe a bug in tfsec
-module "selfcare_cdn" {
-  source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//cdn?ref=v7.61.0"
-
-  name                  = "selfcare"
-  prefix                = local.project
-  resource_group_name   = data.azurerm_resource_group.selfcare_fe_rg.name
-  location              = data.azurerm_resource_group.selfcare_fe_rg.location
-  hostname              = "${var.dns_zone_io_selfcare}.${var.external_domain}"
-  https_rewrite_enabled = true
-
-  index_document     = "index.html"
-  error_404_document = "404.html"
-
-  storage_account_replication_type = "GZRS"
-
-  dns_zone_name                = azurerm_dns_zone.io_selfcare_pagopa_it[0].name
-  dns_zone_resource_group_name = azurerm_dns_zone.io_selfcare_pagopa_it[0].resource_group_name
-
-  keyvault_vault_name          = module.key_vault.name
-  keyvault_resource_group_name = module.key_vault.resource_group_name
-  keyvault_subscription_id     = data.azurerm_subscription.current.subscription_id
-
-  querystring_caching_behaviour = "BypassCaching"
-
-  global_delivery_rule = {
-    cache_expiration_action       = []
-    cache_key_query_string_action = []
-    modify_request_header_action  = []
-
-    # HSTS
-    modify_response_header_action = [{
-      action = "Overwrite"
-      name   = "Strict-Transport-Security"
-      value  = "max-age=31536000"
-      },
-      # Content-Security-Policy (in Report mode)
-      {
-        action = "Append"
-        name   = "Content-Security-Policy-Report-Only"
-        value  = "script-src 'self' https://www.google.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; worker-src 'none'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; "
-      },
-      {
-        action = "Append"
-        name   = "Content-Security-Policy-Report-Only"
-        value  = "img-src 'self' https://assets.cdn.io.italia.it data:; "
-      }
-    ]
-  }
-
-  log_analytics_workspace_id = azurerm_log_analytics_workspace.log_analytics_workspace.id
-
-  tags = var.tags
-}
-
 ### Backend common resources
 data "azurerm_resource_group" "selfcare_be_rg" {
   name = format("%s-selfcare-be-rg", local.project)
 }
 
+data "azurerm_dns_a_record" "selfcare_cdn" {
+  name                = "@"
+  resource_group_name = azurerm_dns_zone.io_selfcare_pagopa_it[0].resource_group_name
+  zone_name           = azurerm_dns_zone.io_selfcare_pagopa_it[0].name
+}
+
 ## key vault
 
 data "azurerm_key_vault_secret" "selfcare_apim_io_service_key" {

diff --git a/src/domains/selfcare/_modules/cdn/variables.tf b/src/domains/selfcare/_modules/cdn/variables.tf
@@ -14,11 +14,11 @@ variable "tags" {
 }
 
 variable "resource_group_name" {
-  type = string
+  type        = string
   description = "Resource group name for the CDN"
 }
 
 variable "dns_zone_name" {
-  type = string
+  type        = string
   description = "DNZ zone for the CDN Profile"
 }
diff --git a/src/domains/selfcare/prod/westeurope/README.md b/src/domains/selfcare/prod/westeurope/README.md
@@ -10,6 +10,7 @@
 
 | Name | Source | Version |
 |------|--------|---------|
+| <a name="module_cdn"></a> [cdn](#module\_cdn) | ../../_modules/cdn | n/a |
 | <a name="module_networking"></a> [networking](#module\_networking) | ../../_modules/networking | n/a |
 | <a name="module_resource_groups"></a> [resource\_groups](#module\_resource\_groups) | ../../_modules/resource_groups | n/a |