Skip to content

feat: MMC-203 MDC pre migration to Italy #233

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 33 commits into
base: main
Choose a base branch
from
+3,821 −38
Open

feat: MMC-203 MDC pre migration to Italy #233

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
33 commits
Select commit Hold shift + click to select a range
80efc56
update module to 7.34 with argocd
diegoitaliait Sep 19, 2025
e691acb
fix variables
diegoitaliait Sep 19, 2025
5bfa6c5
update module and source reference
diegoitaliait Sep 19, 2025
d43b241
pre-commit fixs
diegoitaliait Sep 19, 2025
6cc1678
init mdc secrets
diegoitaliait Sep 20, 2025
b4ff033
rename folder
diegoitaliait Sep 20, 2025
433f5fa
prima parte della migrazione
diegoitaliait Sep 20, 2025
a5a6103
minor fix
diegoitaliait Sep 20, 2025
40100a1
init
diegoitaliait Sep 20, 2025
5ab5537
alpha common
diegoitaliait Sep 20, 2025
a695863
alpha common
diegoitaliait Sep 20, 2025
e68ed1a
removed mil as reference for mdc
diegoitaliait Sep 20, 2025
d1bd679
cambio cartelle di ambiente
diegoitaliait Sep 20, 2025
d0fe4e0
updated terrraform lock
diegoitaliait Sep 20, 2025
6e13ce1
Merge branch 'main' into MMC-203-mdc-pre-migrazione-italy
diegoitaliait Sep 20, 2025
9486cf0
pre-commit fixs
diegoitaliait Sep 20, 2025
a9b018b
Merge branch 'main' into MMC-203-mdc-pre-migrazione-italy
diegoitaliait Sep 22, 2025
c35349b
Merge branch 'main' into MMC-203-mdc-pre-migrazione-italy
diegoitaliait Sep 23, 2025
2ea766c
Merge branch 'main' into MMC-203-mdc-pre-migrazione-italy
diegoitaliait Oct 6, 2025
6403644
idpay security: added tags module
diegoitaliait Oct 7, 2025
332b516
mdc secrets: now is validated
diegoitaliait Oct 7, 2025
4df6476
setup dei kv in italy
diegoitaliait Oct 7, 2025
b8a4e10
fix validation in mdc-common
diegoitaliait Oct 8, 2025
a2bae97
refactor: remove unused resource group definition and rename tags file
diegoitaliait Oct 8, 2025
8d200b5
Merge branch 'main' into MMC-203-mdc-pre-migrazione-italy
diegoitaliait Oct 9, 2025
40d6be4
refactor: update ingress load balancer IP and clean up unused Cosmos …
diegoitaliait Oct 9, 2025
2118647
fix subnets
diegoitaliait Oct 9, 2025
5a8b8e9
Merge branch 'main' into MMC-203-mdc-pre-migrazione-italy
diegoitaliait Oct 10, 2025
31baf59
common completed
diegoitaliait Oct 10, 2025
344e9e9
Merge branch 'main' into MMC-203-mdc-pre-migrazione-italy
diegoitaliait Oct 11, 2025
a674d78
Merge branch 'main' into MMC-203-mdc-pre-migrazione-italy
diegoitaliait Oct 14, 2025
f1c5d53
removed apim files and move to infra api specs
diegoitaliait Oct 14, 2025
fefd898
refactor: remove unused variables from 99_variables.tf
diegoitaliait Oct 14, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions src/40_platform/50_argocd.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ resource "kubernetes_namespace" "namespace_argocd" {
#
module "argocd" {
source = "./.terraform/modules/__v4__/kubernetes_argocd_setup"
# source = "git::https://github.com/pagopa/terraform-azurerm-v4.git//kubernetes_argocd_setup?ref=PAYMCLOUD-231-argocd-creazione-modulo"

namespace = kubernetes_namespace.namespace_argocd.metadata[0].name
argocd_helm_release_version = var.argocd_helm_release_version
Expand Down
1 change: 1 addition & 0 deletions src/70_domains/idpay_common/21_cdn_assetregister.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,7 @@ locals {
// public_cstar storage used to serve FE
module "cdn_idpay_assetregister" {
source = "./.terraform/modules/__v4__/cdn_frontdoor"
# source = "git::https://github.com/pagopa/terraform-azurerm-v4.git//cdn_frontdoor?ref=PAYMCLOUD-477-v-4-creazione-modulo-cdn-front-door-per-sostituire-cdn-classic-deprecata"

cdn_prefix_name = "${local.project}-asset-register"
resource_group_name = data.azurerm_resource_group.idpay_data_rg.name
Expand Down
1 change: 1 addition & 0 deletions src/70_domains/idpay_common/21_cdn_bonus_elettrodomestici.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -229,6 +229,7 @@ locals {
// Public CDN to serve frontend - main domain
module "cdn_idpay_bonuselettrodomestici" {
source = "./.terraform/modules/__v4__/cdn_frontdoor"
# source = "git::https://github.com/pagopa/terraform-azurerm-v4.git//cdn_frontdoor?ref=PAYMCLOUD-477-v-4-creazione-modulo-cdn-front-door-per-sostituire-cdn-classic-deprecata"

# Basic Configuration
cdn_prefix_name = "${local.project}-bonus"
Expand Down
2 changes: 2 additions & 0 deletions src/70_domains/idpay_common/21_cdn_welfare.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,9 @@ locals {
*/
// public_cstar storage used to serve FE
module "cdn_idpay_welfare" {

source = "./.terraform/modules/__v4__/cdn_frontdoor"
# source = "git::https://github.com/pagopa/terraform-azurerm-v4.git//cdn_frontdoor?ref=PAYMCLOUD-477-v-4-creazione-modulo-cdn-front-door-per-sostituire-cdn-classic-deprecata"

cdn_prefix_name = "${local.project}-welfare"
resource_group_name = data.azurerm_resource_group.idpay_data_rg.name
Expand Down
2 changes: 1 addition & 1 deletion src/70_domains/idpay_security/01_domain_kvs.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ module "key_vault" {
soft_delete_retention_days = var.env != "prod" ? 7 : 90
public_network_access_enabled = true

tags = var.tags
tags = module.tag_config.tags
}

#
Expand Down
5 changes: 5 additions & 0 deletions src/70_domains/idpay_security/01_tags.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
module "tag_config" {
source = "../../tag_config"
domain = var.domain
environment = var.env
}
7 changes: 0 additions & 7 deletions src/70_domains/idpay_security/99_variables.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,13 +32,6 @@ variable "location_short" {
description = "Location short like eg: neu, weu.."
}

variable "tags" {
type = map(any)
default = {
CreatedBy = "Terraform"
}
}

variable "domain" {
type = string
validation {
Expand Down
10 changes: 0 additions & 10 deletions src/70_domains/idpay_security/env/itn-dev/terraform.tfvars
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,15 +6,5 @@ domain = "idpay"
location = "italynorth"
location_short = "itn"

tags = {
CreatedBy = "Terraform"
Environment = "DEV"
Owner = "CSTAR"
Source = "https://github.com/pagopa/cstar-securehub-infra"
CostCenter = "TS310 - PAGAMENTI & SERVIZI"
BusinessUnit = "CStar"
domain = "idpay"
}


input_file = "./secret/itn-dev/configs.json"
10 changes: 0 additions & 10 deletions src/70_domains/idpay_security/env/itn-prod/terraform.tfvars
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,14 +6,4 @@ domain = "idpay"
location = "italynorth"
location_short = "itn"

tags = {
CreatedBy = "Terraform"
Environment = "PROD"
Owner = "CSTAR"
Source = "https://github.com/pagopa/cstar-securehub-infra"
CostCenter = "TS310 - PAGAMENTI & SERVIZI"
BusinessUnit = "CStar"
domain = "idpay"
}

input_file = "./secret/itn-prod/configs.json"
10 changes: 0 additions & 10 deletions src/70_domains/idpay_security/env/itn-uat/terraform.tfvars
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,14 +6,4 @@ domain = "idpay"
location = "italynorth"
location_short = "itn"

tags = {
CreatedBy = "Terraform"
Environment = "UAT"
Owner = "CSTAR"
Source = "https://github.com/pagopa/cstar-securehub-infra"
CostCenter = "TS310 - PAGAMENTI & SERVIZI"
BusinessUnit = "CStar"
domain = "idpay"
}

input_file = "./secret/itn-uat/configs.json"
126 changes: 126 additions & 0 deletions src/70_domains/mdc_app/.terraform.lock.hcl
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

65 changes: 65 additions & 0 deletions src/70_domains/mdc_app/00_data.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,65 @@
# 🔒 Key Vault
data "azurerm_key_vault" "kv_domain" {
name = local.kv_domain_name
resource_group_name = local.kv_domain_rg_name
}

# 📥 Event Hub Namespace (read-only)
data "azurerm_eventhub_namespace" "eventhub" {
name = local.eventhub_namespace_name
resource_group_name = local.eventhub_namespace_rg_name
}

# 📊 Monitoring
data "azurerm_resource_group" "monitor_rg" {
name = local.monitor_resource_group_name
}

data "azurerm_application_insights" "application_insights" {
name = local.monitor_appinsights_name
resource_group_name = local.monitor_resource_group_name
}

data "azurerm_monitor_action_group" "slack" {
resource_group_name = local.monitor_resource_group_name
name = local.monitor_action_group_slack
}

data "azurerm_monitor_action_group" "email" {
resource_group_name = local.monitor_resource_group_name
name = local.monitor_action_group_email
}

data "azurerm_log_analytics_workspace" "log_analytics" {
name = local.log_analytics_workspace_name
resource_group_name = local.monitor_resource_group_name
}

# 🐳 Kubernetes Cluster
data "azurerm_kubernetes_cluster" "aks" {
name = local.aks_name
resource_group_name = local.aks_resource_group_name
}

# 🔗 API Management
data "azurerm_api_management" "apim_core" {
name = local.apim_name
resource_group_name = local.apim_rg_name
}

# 🔑 Azure AD
data "azuread_group" "adgroup_admin" {
display_name = "${local.product}-adgroup-admin"
}

data "azuread_group" "adgroup_developers" {
display_name = "${local.product}-adgroup-developers"
}

data "azuread_group" "adgroup_externals" {
display_name = "${local.product}-adgroup-externals"
}

data "azuread_group" "adgroup_security" {
display_name = "${local.product}-adgroup-security"
}
9 changes: 9 additions & 0 deletions src/70_domains/mdc_app/01_keyvault.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
#tfsec:ignore:AZU023
resource "azurerm_key_vault_secret" "appinsights-instrumentation-key" {
key_vault_id = data.azurerm_key_vault.kv_domain.id
name = "appinsights-instrumentation-key"
value = data.azurerm_application_insights.application_insights.connection_string
content_type = "text/plain"

tags = local.tags
}
5 changes: 5 additions & 0 deletions src/70_domains/mdc_app/01_tags.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
module "tag_config" {
source = "../../tag_config"
domain = var.domain
environment = var.env
}
11 changes: 11 additions & 0 deletions src/70_domains/mdc_app/02_namespace.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
resource "kubernetes_namespace" "namespace" {
metadata {
name = var.domain
}
}

resource "kubernetes_namespace" "namespace_system" {
metadata {
name = "${var.domain}-system"
}
}
Loading
Loading