hmcts · adusumillipraveen · Oct 2, 2024 · Oct 2, 2024 · Oct 2, 2024 · Oct 2, 2024
@@ -0,0 +1,7 @@
+postgresql_password_id="https://sscs-aat.vault.azure.net/secrets/tya-notif-POSTGRES-PASS-FLEX-V15/8255fb0f891d4c20be223ca609bcb430"
+postgresql_user_id="https://sscs-aat.vault.azure.net/secrets/tya-notif-POSTGRES-USER-FLEX-V15/48d678ff6e1f41d08c9120429ee9b1d8"
+postgresql_database_id="https://sscs-aat.vault.azure.net/secrets/tya-notif-POSTGRES-DATABASE-FLEX-V15/dbc15dd2b87b4455b90f8fda422df566"
+postgresql_host_id="https://sscs-aat.vault.azure.net/secrets/tya-notif-POSTGRES-HOST-FLEX-V15/b18ab5aaf7784ab093e50608678e3546"
+postgresql_port_id="https://sscs-aat.vault.azure.net/secrets/tya-notif-POSTGRES-PORT-FLEX-V15/c546f4fb3251499f836a9870f505160c"
+psqlserver_id="/subscriptions/1c4f0704-a29e-403d-b719-b90c34ef14c9/resourceGroups/sscs-tya-notif-postgres-v15-db-data-aat/providers/Microsoft.DBforPostgreSQL/flexibleServers/sscs-tya-notif-postgres-v15-db-aat"
+psqladmin_id="/subscriptions/1c4f0704-a29e-403d-b719-b90c34ef14c9/resourceGroups/sscs-tya-notif-postgres-v15-db-data-aat/providers/Microsoft.DBforPostgreSQL/flexibleServers/sscs-tya-notif-postgres-v15-db-aat/administrators/e7ea2042-4ced-45dd-8ae3-e051c6551789"
@@ -0,0 +1,109 @@
+provider "azurerm" {
+  features {}
+  skip_provider_registration = true
+  alias                      = "postgres_network"
+  subscription_id            = var.aks_subscription_id
+}
+
+import {
+  to = azurerm_key_vault_secret.POSTGRES-PASS-FLEX-V15
+  id = var.postgresql_password_id
+}
+
+import {
+  to = azurerm_key_vault_secret.POSTGRES-USER-FLEX-V15
+  id = var.postgresql_user_id
+}
+
+import {
+  to = azurerm_key_vault_secret.POSTGRES_DATABASE-FLEX-V15
+  id = var.postgresql_database_id
+}
+
+import {
+  to = azurerm_key_vault_secret.POSTGRES_HOST-FLEX-V15
+  id = var.postgresql_host_id
+}
+
+import {
+  to = azurerm_key_vault_secret.POSTGRES_PORT-FLEX-V15
+  id = var.postgresql_port_id
+}
+
+import {
+  to = module.notification-scheduler-db-flexible.azurerm_postgresql_flexible_server.pgsql_server
+  id = var.psqlserver_id
+}
+
+import {
+  to = module.notification-scheduler-db-flexible.azurerm_postgresql_flexible_server_active_directory_administrator.pgsql_adadmin
+  id = var.psqladmin_id
+}
+
+module "notification-scheduler-db-flexible" {
+  providers = {
+    azurerm.postgres_network = azurerm.postgres_network
+  }
+  source = "git@github.com:hmcts/terraform-module-postgresql-flexible?ref=master"
+  env    = var.env
+  product       = var.product
+  component     = var.tya-component
+  name          = "${var.product}-${var.tya-component}-postgres-v15-db"
+  business_area = "CFT" # sds or cft
+  force_user_permissions_trigger = "1"
+  # The original subnet is full, this is required to use the new subnet for new databases
+  subnet_suffix = "expanded"
+  pgsql_databases = [
+    {
+      name : var.database_name
+    }
+  ]
+  pgsql_version = "15"
+  # The ID of the principal to be granted admin access to the database server.
+  # On Jenkins it will be injected for you automatically as jenkins_AAD_objectId.
+  # Otherwise change the below:
+  admin_user_object_id = var.jenkins_AAD_objectId
+  common_tags = var.common_tags
+  pgsql_server_configuration = [
+    {
+      name  = "azure.extensions"
+      value = "plpgsql,pg_stat_statements,pg_buffercache,hypopg"
+    }
+  ]
+  //Below attributes needs to be overridden for Perftest & Prod
+  pgsql_sku            = var.pgsql_sku
+  pgsql_storage_mb     = var.pgsql_storage_mb
+}
+
+# FlexibleServer v15 creds
+resource "azurerm_key_vault_secret" "POSTGRES-USER-FLEX-V15" {
+  name         = "${var.tya-component}-POSTGRES-USER-FLEX-V15"
+  value        = module.notification-scheduler-db-flexible.username
+  key_vault_id = data.azurerm_key_vault.sscs_key_vault.id
+}
+
+resource "azurerm_key_vault_secret" "POSTGRES-PASS-FLEX-V15" {
+  name         = "${var.tya-component}-POSTGRES-PASS-FLEX-V15"
+  value        = module.notification-scheduler-db-flexible.password
+  key_vault_id = data.azurerm_key_vault.sscs_key_vault.id
+}
+
+resource "azurerm_key_vault_secret" "POSTGRES_HOST-FLEX-V15" {
+  name         = "${var.tya-component}-POSTGRES-HOST-FLEX-V15"
+  value        = module.notification-scheduler-db-flexible.fqdn
+  key_vault_id = data.azurerm_key_vault.sscs_key_vault.id
+}
+
+resource "azurerm_key_vault_secret" "POSTGRES_PORT-FLEX-V15" {
+  name         = "${var.tya-component}-POSTGRES-PORT-FLEX-V15"
+  value        = "5432"
+  key_vault_id = data.azurerm_key_vault.sscs_key_vault.id
+}
+
+resource "azurerm_key_vault_secret" "POSTGRES_DATABASE-FLEX-V15" {
+  name         = "${var.tya-component}-POSTGRES-DATABASE-FLEX-V15"
+  value        = var.database_name
+  key_vault_id = data.azurerm_key_vault.sscs_key_vault.id
+}
+
+
@@ -1 +1,8 @@
 send_grid_subscription = "8999dec3-0104-4a27-94ee-6588559729d1"
+postgresql_password_id="https://sscs-prod.vault.azure.net/secrets/tya-notif-POSTGRES-PASS-FLEX-V15/a6a803d4e90943c5bda071d21aafe867"
+postgresql_user_id="https://sscs-prod.vault.azure.net/secrets/tya-notif-POSTGRES-USER-FLEX-V15/920c395404034a339dedce4b25389f18"
+postgresql_database_id="https://sscs-prod.vault.azure.net/secrets/tya-notif-POSTGRES-DATABASE-FLEX-V15/9b9a95db13d34231a11342ca8de6f102"
+postgresql_host_id="https://sscs-prod.vault.azure.net/secrets/tya-notif-POSTGRES-HOST-FLEX-V15/1d392ed75cc2430eb059396cbc0670c9"
+postgresql_port_id="https://sscs-prod.vault.azure.net/secrets/tya-notif-POSTGRES-PORT-FLEX-V15/d2fb053b6045443bacd8afe49f45f4e9"
+psqlserver_id="/subscriptions/8999dec3-0104-4a27-94ee-6588559729d1/resourceGroups/sscs-tya-notif-postgres-v15-db-data-prod/providers/Microsoft.DBforPostgreSQL/flexibleServers/sscs-tya-notif-postgres-v15-db-prod"
+psqladmin_id="/subscriptions/8999dec3-0104-4a27-94ee-6588559729d1/resourceGroups/sscs-tya-notif-postgres-v15-db-data-prod/providers/Microsoft.DBforPostgreSQL/flexibleServers/sscs-tya-notif-postgres-v15-db-prod/administrators/4d0554dd-fe60-424a-be9c-36636826d927"
@@ -36,4 +36,45 @@ variable "appinsights_instrumentation_key" {
 
 variable "send_grid_subscription" {
   default = "1c4f0704-a29e-403d-b719-b90c34ef14c9"
-}
+}
+
+
+variable "tya-component" {
+  default = "tya-notif"
+}
+
+variable "postgresql_user" {
+  default = "notification"
+}
+
+variable "database_name" {
+  default = "notification"
+}
+
+/// POSTGRES FLEXIBLE SERVER DB VARIABLES
+variable "pgsql_sku" {
+  description = "The PGSql flexible server instance sku"
+  default     = "GP_Standard_D2s_v3"
+}
+
+variable "pgsql_storage_mb" {
+  description = "Max storage allowed for the PGSql Flexibile instance"
+  type        = number
+  default     = 65536
+}
+
+variable "aks_subscription_id" {} # provided by the Jenkins library, ADO users will need to specify this
+
+variable "postgresql_password_id" {}
+
+variable "postgresql_user_id" {}
+
+variable "postgresql_database_id" {}
+
+variable "postgresql_host_id" {}
+
+variable "postgresql_port_id" {}
+
+variable "psqlserver_id" {}
+
+variable "psqladmin_id" {}