diff --git a/deployments/main.tf b/deployments/main.tf index ea53ff7b..2390899e 100644 --- a/deployments/main.tf +++ b/deployments/main.tf @@ -5,6 +5,13 @@ resource "spacelift_space" "development" { inherit_entities = true } +resource "spacelift_space" "staging" { + name = "staging" + parent_space_id = var.parent_space_id + description = "Contains all the resources to deploy out to the staging enviornment." + inherit_entities = true +} + resource "spacelift_space" "production" { name = "production" parent_space_id = var.parent_space_id @@ -82,6 +89,62 @@ module "dpe-sandbox-spacelift-development" { smtp_from = "aws-dpe-dev@sagebase.org" } +module "dpe-sandbox-spacelift-staging" { + source = "./spacelift/dpe-k8s" + parent_space_id = spacelift_space.staging.id + admin_stack_id = var.admin_stack_id + spotinst_account = "act-ac6522b4" + + aws_integration_id = var.org_sagebase_dpe_prod_aws_integration_id + auto_deploy = false + git_branch = var.git_branch + + space_name = "dpe-staging" + + k8s_stack_name = "DPE Staging Kubernetes Infrastructure" + k8s_stack_project_root = "deployments/stacks/dpe-k8s" + + k8s_stack_deployments_name = "DPE Staging Kubernetes Deployments" + k8s_stack_deployments_project_root = "deployments/stacks/dpe-k8s-deployments" + + auth0_stack_name = "DPE Staging Auth0" + auth0_stack_project_root = "deployments/stacks/dpe-auth0" + auth0_domain = "staging-sage-dpe.us.auth0.com" + auth0_clients = [ + { + name = "schematic - Staging" + description = "Client for schematic deployed to AWS Staging to export telemetry data" + app_type = "non_interactive" + scopes = ["write:telemetry"] + }, + ] + auth0_identifier = "https://staging.sagedpe.org" + + aws_account_id = "766808016710" + region = "us-east-1" + + cluster_name = "dpe-k8-staging" + vpc_name = "dpe-k8-staging" + + vpc_cidr_block = "10.52.32.0/20" + # A public subnet is required for each AZ in which the worker nodes are deployed + public_subnet_cidrs = ["10.52.32.0/24", "10.52.33.0/24", "10.52.34.0/24"] + private_subnet_cidrs_eks_control_plane = ["10.52.35.0/28", "10.52.35.16/28"] + azs_eks_control_plane = ["us-east-1a", "us-east-1b"] + + private_subnet_cidrs_eks_worker_nodes = ["10.52.36.0/22", "10.52.40.0/22", "10.52.44.0/22"] + azs_eks_worker_nodes = ["us-east-1c", "us-east-1b", "us-east-1a"] + + enable_cluster_ingress = true + enable_otel_ingress = true + ssl_hostname = "staging.sagedpe.org" + auth0_jwks_uri = "https://staging-sage-dpe.us.auth0.com/.well-known/jwks.json" + deploy_auth0 = true + + ses_email_identities = [] + smtp_from = "" +} + module "dpe-sandbox-spacelift-production" { source = "./spacelift/dpe-k8s" parent_space_id = spacelift_space.production.id @@ -102,9 +165,16 @@ module "dpe-sandbox-spacelift-production" { auth0_stack_name = "DPE Auth0" auth0_stack_project_root = "deployments/stacks/dpe-auth0" - auth0_domain = "" - auth0_clients = [] - auth0_identifier = "" + auth0_domain = "prod-sage-dpe.us.auth0.com" + auth0_clients = [ + { + name = "schematic - Prod" + description = "Client for schematic deployed to AWS Prod to export telemetry data" + app_type = "non_interactive" + scopes = ["write:telemetry"] + }, + ] + auth0_identifier = "https://prod.sagedpe.org" aws_account_id = "766808016710" region = "us-east-1" @@ -121,11 +191,13 @@ module "dpe-sandbox-spacelift-production" { private_subnet_cidrs_eks_worker_nodes = ["10.52.12.0/22", "10.52.8.0/22", "10.52.4.0/22"] azs_eks_worker_nodes = ["us-east-1c", "us-east-1b", "us-east-1a"] - enable_cluster_ingress = false - enable_otel_ingress = false - ssl_hostname = "" - auth0_jwks_uri = "" - deploy_auth0 = false + enable_cluster_ingress = true + enable_otel_ingress = true + ssl_hostname = "prod.sagedpe.org" + auth0_jwks_uri = "https://prod-sage-dpe.us.auth0.com/.well-known/jwks.json" + deploy_auth0 = true - ses_email_identities = [] + ses_email_identities = ["dpe@sagebase.org"] + # Defines the email address that will be used as the sender of the email alerts + smtp_from = "dpe@sagebase.org" }