Add files via upload

backend.tf

@@ -0,0 +1,3 @@
+terraform {
+  backend "azurerm" {}
+}

globals.tf

@@ -0,0 +1,86 @@
+variable "application_name" {
+  description = "A unique name for the application."
+}
+
+variable "line_of_business" {
+  description = "The Line of Business which owns the application."
+}
+
+variable "business_unit" {
+  description = "The business unit which owns the application."
+}
+
+variable "parent_ci_id" {
+  description = "The parent component id in CMDB of the configuration item."
+}
+
+variable "resource_group_name" {
+  description = "The resource group in which to create the Azure resources."
+}
+
+variable "environment" {
+  description = "The environment which these resources are being deployed in."
+  default     = "development"
+}
+
+variable "region" {
+  description = "The region to host the app in. Can be made iterable to support high-availability."
+  default     = "eastus2"
+}
+
+variable "tags" {
+  description = "Additional tags to apply which are not already assigned to the resource group."
+  default     = {}
+}
+
+data "azurerm_resource_group" "resource_group" {
+  name = var.resource_group_name
+}
+
+data "azurerm_client_config" "current" {
+}
+
+locals {
+  environment_tag        = lookup(local.environment_map, var.environment, "dev")
+  region_name            = lookup(local.region_map, var.region).name
+  region_prefix          = lookup(local.region_map, var.region).prefix
+  clean_business_unit    = replace(var.business_unit, "/\\W/", "")
+  clean_application_name = replace(var.application_name, "/\\W/", "")
+  tags                   = merge(data.azurerm_resource_group.resource_group.tags, local.required_tags, var.tags)
+
+  required_tags = {
+    ApplicationName = var.application_name,
+    LineOfBusiness  = var.line_of_business,
+    BusinessUnit    = var.business_unit
+    ParentCIID      = var.parent_ci_id
+    Environment     = var.environment
+  }
+
+  # Standards maps
+  region_map = {
+    eastus        = { name = "East US", prefix = "us5" }
+    eastus2       = { name = "East US 2", prefix = "us6" }
+    centralus     = { name = "Central US", prefix = "us7" }
+    westus2       = { name = "West US 2", prefix = "us8" }
+    northeurope   = { name = "North Europe", prefix = "ie1" }
+    westeurope    = { name = "West Europe", prefix = "nl1" }
+    southeastasia = { name = "Southeast Asia", prefix = "sg1" }
+    eastasia      = { name = "East Asia", prefix = "hk1" }
+  }
+
+  environment_map = {
+    sandbox     = "sbx"
+    development = "dev"
+    qa          = "qa"
+    uat         = "uat"
+    production  = "prod"
+  }
+
+  business_map = {
+    corp     = "corp"
+    consumer = "cx"
+    vaccines = "vx"
+    pharma   = "rx"
+    psc      = "psc"
+  }
+}

main.tf

@@ -0,0 +1,57 @@
+locals {
+  db_admin_username = "SonarqubeAdmin"
+  postgres_db_name  = "sonarqube"
+}
+
+# Postgres Password
+resource "random_password" "psql_admin_password" {
+  length           = 32
+  special          = true
+  override_special = "@-_+?"
+}
+
+resource "azurerm_postgresql_server" "sonarqube_server" {
+  name                = lower(join("-", [local.region_prefix, local.clean_business_unit, local.clean_application_name, local.environment_tag, "psql"]))
+  resource_group_name = data.azurerm_resource_group.resource_group.name
+  location            = local.region_name
+
+  sku_name                     = var.postgres_server_sku_name
+  version                      = var.db_version
+  storage_mb                   = var.db_storage
+  backup_retention_days        = var.backup_retention_days
+  administrator_login          = local.db_admin_username
+  administrator_login_password = random_password.psql_admin_password.result
+  tags                         = merge(local.tags, { "ResourceFunction" : "Compute", "ResourceRegion" : local.region_name })
+
+  geo_redundant_backup_enabled     = true
+  auto_grow_enabled                = true
+  ssl_enforcement_enabled          = true
+  ssl_minimal_tls_version_enforced = "TLS1_2"
+
+  lifecycle {
+    prevent_destroy = true
+  }
+}
+
+resource "azurerm_postgresql_firewall_rule" "azurefirewall" {
+  resource_group_name = data.azurerm_resource_group.resource_group.name
+  server_name         = azurerm_postgresql_server.sonarqube_server.name
+  name                = "azure-resources"
+  start_ip_address    = "0.0.0.0"
+  end_ip_address      = "0.0.0.0"
+}
+
+resource "azurerm_postgresql_database" "sonarqube_database" {
+  name                = local.postgres_db_name
+  resource_group_name = data.azurerm_resource_group.resource_group.name
+  server_name         = azurerm_postgresql_server.sonarqube_server.name
+  charset             = "UTF8"
+  collation           = "English_United States.1252"
+  depends_on = [
+    azurerm_postgresql_server.sonarqube_server,
+  ]
+
+  lifecycle {
+    prevent_destroy = true
+  }
+}

output.tf

@@ -0,0 +1,20 @@
+output "psql_server_id" {
+  description = "The Postgres Server Resource ID."
+  value       = azurerm_postgresql_server.sonarqube_server.id
+}
+
+output "psql_server_fqdn" {
+  description = "The Postgres Server FQDN."
+  value       = azurerm_postgresql_server.sonarqube_server.fqdn
+}
+
+output "psql_user" {
+  description = "The Postgres Server username."
+  value       = "${local.db_admin_username}@${lower(join("-", [local.region_prefix, local.clean_business_unit, local.clean_application_name, local.environment_tag, "psql"]))}"
+}
+
+output "psql_password" {
+  description = "The Postgres Server password."
+  value       = random_password.psql_admin_password.result
+  sensitive   = true
+}

provider.tf

@@ -0,0 +1,13 @@
+variable "subscription_id" { default = null }
+variable "client_id" { default = null }
+variable "client_secret" { default = null }
+variable "tenant_id" { default = null }
+
+provider "azurerm" {
+  features {}
+  skip_provider_registration = true
+  subscription_id            = var.subscription_id
+  client_id                  = var.client_id
+  tenant_id                  = var.tenant_id
+  client_secret              = var.client_secret
+}

variables.tf

@@ -0,0 +1,20 @@
+variable "postgres_server_sku_name" {
+  description = "PostgreSQL server SKU size."
+  type        = string
+}
+
+variable "db_version" {
+  description = "PostgreSQL server major version number."
+  type        = number
+  default     = 11
+}
+
+variable "db_storage" {
+  description = "PostgreSQL server storage size."
+  type        = number
+}
+
+variable "backup_retention_days" {
+  description = "Number of days to retain data for rollback on the PostgreSQL server"
+  type        = number
+}

version.tf

@@ -0,0 +1,9 @@
+terraform {
+  required_version = "~>1.0.3"
+  required_providers {
+    azurerm = {
+      source  = "registry.terraform.io/hashicorp/azurerm"
+      version = "2.77.0"
+    }
+  }
+}