update terraform script

src/main/terraform/container_app.tf

@@ -10,9 +10,9 @@ resource "azurerm_container_app" "rtp-activator" {
   template {
     container {
       name   = "rtp-activator"
-      image  = var.mil_auth_image
-      cpu    = var.mil_auth_cpu
-      memory = var.mil_auth_memory
+      image  = var.rtp_activator_image
+      cpu    = var.rtp_activator_cpu
+      memory = var.rtp_activator_memory
 
       env {
         name  = "TZ"
@@ -21,7 +21,7 @@ resource "azurerm_container_app" "rtp-activator" {
 
       env {
         name  = "auth.app-log-level"
-        value = var.mil_auth_app_log_level
+        value = var.rtp_activator_app_log_level
       }
 
       env {
@@ -30,18 +30,18 @@ resource "azurerm_container_app" "rtp-activator" {
       }
     }
 
-    max_replicas = var.mil_auth_max_replicas
-    min_replicas = var.mil_auth_min_replicas
+    max_replicas = var.rtp_activator_max_replicas
+    min_replicas = var.rtp_activator_min_replicas
   }
 
   secret {
     name  = "identity-client-id"
-    value = "${data.azurerm_user_assigned_identity.auth.client_id}"
+    value = "${data.azurerm_user_assigned_identity.rtp-activator.client_id}"
   }
 
   identity {
     type = "UserAssigned"
-    identity_ids = [data.azurerm_user_assigned_identity.auth.id]
+    identity_ids = [data.azurerm_user_assigned_identity.rtp-activator.id]
   }
 
   ingress {

src/main/terraform/data.tf

@@ -5,3 +5,11 @@ data "azurerm_container_app_environment" "rtp-cae" {
   name                = var.cae_name
   resource_group_name = var.cae_resource_group_name
 }
+
+# ------------------------------------------------------------------------------
+# Identity for this Container App.
+# ------------------------------------------------------------------------------
+data "azurerm_user_assigned_identity" "rtp-activator" {
+  name                = var.id_name
+  resource_group_name = var.id_resource_group_name
+}

src/main/terraform/env/cstar-d-rtp/terraform.tfvars → src/main/terraform/env/dev/terraform.tfvars

@@ -22,6 +22,8 @@ tags = {
 # ------------------------------------------------------------------------------
 cae_name                       = "cstar-d-tier-0-cae"
 cae_resource_group_name        = "cstar-d-tier-0-app-rg"
+id_name                        = "cstar-d-tier-0-auth-id"
+id_resource_group_name         = "cstar-d-tier-0-identity-rg"
 
 # ------------------------------------------------------------------------------
 # Names of key vault secrets.

src/main/terraform/env/cstar-p-rtp/terraform.tfvars → src/main/terraform/env/prod/terraform.tfvars

@@ -20,9 +20,10 @@ tags = {
 # ------------------------------------------------------------------------------
 # External resources.
 # ------------------------------------------------------------------------------
-cae_name                       = "cstar-p-rtp-cae"
-cae_resource_group_name        = "cstar-p-rtp-app-rg"
-
+cae_name                       = "cstar-p-tier-0-cae"
+cae_resource_group_name        = "cstar-p-tier-0-app-rg"
+id_name                        = "cstar-p-tier-0-auth-id"
+id_resource_group_name         = "cstar-p-tier-0-identity-rg"
 
 # ------------------------------------------------------------------------------
 # Names of key vault secrets.

src/main/terraform/env/cstar-u-rtp/terraform.tfvars → src/main/terraform/env/uat/terraform.tfvars

@@ -20,9 +20,10 @@ tags = {
 # ------------------------------------------------------------------------------
 # External resources.
 # ------------------------------------------------------------------------------
-cae_name                       = "cstar-u-rtp-cae"
-cae_resource_group_name        = "cstar-u-rtp-app-rg"
-
+cae_name                       = "cstar-u-tier-0-cae"
+cae_resource_group_name        = "cstar-u-tier-0-app-rg"
+id_name                        = "cstar-u-tier-0-auth-id"
+id_resource_group_name         = "cstar-u-tier-0-identity-rg"
 
 # ------------------------------------------------------------------------------
 # Names of key vault secrets.

src/main/terraform/variables.tf

@@ -73,154 +73,37 @@ variable "id_resource_group_name" {
 }
 
 # ------------------------------------------------------------------------------
-# General purpose key vault used to protect secrets.
+# Specific to rtp-activator microservice.
 # ------------------------------------------------------------------------------
-variable "general_kv_name" {
-  type = string
-}
-
-variable "general_kv_resource_group_name" {
-  type = string
-}
-
-# ------------------------------------------------------------------------------
-# Key vault for cryptographics operations.
-# ------------------------------------------------------------------------------
-variable "auth_kv_name" {
-  type = string
-}
-
-variable "auth_kv_resource_group_name" {
-  type = string
-}
-
-# ------------------------------------------------------------------------------
-# Storage account containing configuration files.
-# ------------------------------------------------------------------------------
-variable "auth_st_name" {
-  type = string
-}
-
-variable "auth_st_resource_group_name" {
-  type = string
-}
-
-# ------------------------------------------------------------------------------
-# Names of key vault secrets.
-# ------------------------------------------------------------------------------
-variable "cosmosdb_account_primary_mongodb_connection_string_kv_secret" {
-  type = string
-}
-
-variable "cosmosdb_account_secondary_mongodb_connection_string_kv_secret" {
-  type = string
-}
-
-variable "storage_account_primary_blob_endpoint_kv_secret" {
-  type = string
-}
-
-variable "key_vault_auth_vault_uri_kv_secret" {
-  type = string
-}
-
-variable "application_insigths_connection_string_kv_secret" {
-  type = string
-}
-
-# ------------------------------------------------------------------------------
-# Specific to auth microservice.
-# ------------------------------------------------------------------------------
-variable "mil_auth_quarkus_log_level" {
-  type    = string
-  default = "ERROR"
-}
-
-variable "mil_auth_app_log_level" {
+variable "rtp_activator_app_log_level" {
   type    = string
   default = "DEBUG"
 }
 
-variable "mil_auth_json_log" {
-  type    = bool
-  default = true
-}
-
-variable "mil_auth_quarkus_rest_client_logging_scope" {
-  description = "Scope for Quarkus REST client logging. Allowed values are: all, request-response, none."
-  type        = string
-  default     = "all"
-}
-
-variable "mil_auth_cryptoperiod" {
-  type    = number
-  default = 86400000
-}
-
-variable "mil_auth_keysize" {
-  type    = number
-  default = 4096
-}
-
-variable "mil_auth_access_duration" {
-  type    = number
-  default = 900
-}
-
-variable "mil_auth_refresh_duration" {
-  type    = number
-  default = 3600
-}
-
-variable "mil_auth_image" {
-  type = string
-}
-
-variable "mil_auth_cpu" {
-  type    = number
-  default = 1
-}
-
-variable "mil_auth_memory" {
-  type    = string
-  default = "2Gi"
-}
-
-variable "mil_auth_max_replicas" {
+variable "rtp_activator_max_replicas" {
   type    = number
   default = 10
 }
 
-variable "mil_auth_min_replicas" {
+variable "rtp_activator_min_replicas" {
   type    = number
   default = 1
 }
 
-variable "mil_auth_keyvault_maxresults" {
-  type    = number
-  default = 20
+variable "rtp_activator_base_url" {
+  type = string
 }
 
-variable "mil_auth_keyvault_backoff_num_of_attempts" {
+variable "rtp_activator_cpu" {
   type    = number
-  default = 3
-}
-
-variable "mil_auth_mongodb_connect_timeout" {
-  type    = string
-  default = "5s"
-}
-
-variable "mil_auth_mongodb_read_timeout" {
-  type    = string
-  default = "10s"
+  default = 1
 }
 
-variable "mil_auth_mongodb_server_selection_timeout" {
+variable "rtp_activator_memory" {
   type    = string
-  default = "5s"
+  default = "1Gi"
 }
 
-variable "mil_auth_base_url" {
+variable "rtp_activator_image" {
   type = string
-}
+}