Conversation
- Introduced logic to handle existing CDN FrontDoor profiles. - Updated resource references to use local variables for profile ID and identity. - Added WAF policy and security policy resources with conditional creation. - Enhanced origin configurations to support managed identity for storage access. - Updated outputs to reflect changes in resource handling.
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
…, add profile SKU check for WAF compatibility
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
🦋 Changeset detectedLatest commit: ff26d19 The changes in this PR will be included in the next version bump. This PR includes changesets to release 1 package
Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
Contributor
|
Tip ✅ All Terraform module locks are up to dateNo module changes detected - everything is in sync! 📋 Pre-commit Output LogGenerated on Tue Feb 3 08:59:57 UTC 2026 |
Contributor
📖 Terraform Plan (infra/resources/prod) - successShow Plan # module.mcp_registry.module.portal.azurerm_cdn_frontdoor_endpoint.this will be updated in-place
~ resource "azurerm_cdn_frontdoor_endpoint" "this" {
id = "/subscriptions/02a23258-2e41-433c-8e9a-465b99e77bca/resourceGroups/dx-p-itn-common-rg-01/providers/Microsoft.Cdn/profiles/dx-p-weu-mcp-registry-afd-01/afdEndpoints/dx-p-weu-mcp-registry-fde-01"
name = "dx-p-weu-mcp-registry-fde-01"
~ tags = {
"CostCenter" = "TS000 - Tecnologia e Servizi"
"CreatedBy" = "Terraform"
"Environment" = "Prod"
"ManagementTeam" = "Developer Experience"
"ModuleName" = "azure_cdn"
"ModuleSource" = "DX"
~ "ModuleVersion" = "0.3.2" -> "0.4.0"
"Owner" = "DevEx"
"Source" = "https://github.com/pagopa/dx/blob/main/infra/resources/prod"
}
# (3 unchanged attributes hidden)
}
# module.mcp_registry.module.portal.azurerm_cdn_frontdoor_profile.this will be updated in-place
~ resource "azurerm_cdn_frontdoor_profile" "this" {
id = "/subscriptions/02a23258-2e41-433c-8e9a-465b99e77bca/resourceGroups/dx-p-itn-common-rg-01/providers/Microsoft.Cdn/profiles/dx-p-weu-mcp-registry-afd-01"
name = "dx-p-weu-mcp-registry-afd-01"
~ tags = {
"CostCenter" = "TS000 - Tecnologia e Servizi"
"CreatedBy" = "Terraform"
"Environment" = "Prod"
"ManagementTeam" = "Developer Experience"
"ModuleName" = "azure_cdn"
"ModuleSource" = "DX"
~ "ModuleVersion" = "0.3.2" -> "0.4.0"
"Owner" = "DevEx"
"Source" = "https://github.com/pagopa/dx/blob/main/infra/resources/prod"
}
# (4 unchanged attributes hidden)
# (1 unchanged block hidden)
}
# module.mcp_registry.module.portal.azurerm_dns_cname_record.this["mcp.dx.pagopa.it"] will be updated in-place
~ resource "azurerm_dns_cname_record" "this" {
id = "/subscriptions/02a23258-2e41-433c-8e9a-465b99e77bca/resourceGroups/dx-p-itn-network-rg-01/providers/Microsoft.Network/dnsZones/dx.pagopa.it/CNAME/mcp"
name = "mcp"
~ tags = {
"CostCenter" = "TS000 - Tecnologia e Servizi"
"CreatedBy" = "Terraform"
"Environment" = "Prod"
"ManagementTeam" = "Developer Experience"
"ModuleName" = "azure_cdn"
"ModuleSource" = "DX"
~ "ModuleVersion" = "0.3.2" -> "0.4.0"
"Owner" = "DevEx"
"Source" = "https://github.com/pagopa/dx/blob/main/infra/resources/prod"
}
# (6 unchanged attributes hidden)
}
# module.mcp_registry.module.portal.azurerm_dns_txt_record.validation["mcp.dx.pagopa.it"] will be updated in-place
~ resource "azurerm_dns_txt_record" "validation" {
id = "/subscriptions/02a23258-2e41-433c-8e9a-465b99e77bca/resourceGroups/dx-p-itn-network-rg-01/providers/Microsoft.Network/dnsZones/dx.pagopa.it/TXT/_dnsauth.mcp"
name = "_dnsauth.mcp"
~ tags = {
"Cdn" = "dx-p-weu-mcp-registry-afd-01"
"CostCenter" = "TS000 - Tecnologia e Servizi"
"CreatedBy" = "Terraform"
"Environment" = "Prod"
"ManagementTeam" = "Developer Experience"
"ModuleName" = "azure_cdn"
"ModuleSource" = "DX"
~ "ModuleVersion" = "0.3.2" -> "0.4.0"
"Origin" = "mcp.dx.pagopa.it"
"Owner" = "DevEx"
"Source" = "https://github.com/pagopa/dx/blob/main/infra/resources/prod"
}
# (4 unchanged attributes hidden)
# (1 unchanged block hidden)
}
Plan: 0 to add, 4 to change, 0 to destroy.
Warning: Argument is deprecated
with module.mcp_registry.module.portal.azurerm_cdn_frontdoor_custom_domain.this["mcp.dx.pagopa.it"],
on .terraform/modules/mcp_registry.portal/custom_domain.tf line 14, in resource "azurerm_cdn_frontdoor_custom_domain" "this":
14: resource "azurerm_cdn_frontdoor_custom_domain" "this" {
As of March 1, 2025, support for 'TLS10' will be retired from Azure Front
Door, therefore the 'TLS10' property value will be removed in v5.0 of the
provider. |
|
🎉 All dependencies have been resolved ! |
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
mamu0
force-pushed
the
feat-add-cdn-tests
branch
from
3918e85 to
ff26d19
Compare
Contributor
📋 Pre-commit Output LogGenerated on Fri Feb 6 12:08:28 UTC 2026 |
Krusty93
reviewed
Feb 6, 2026
Krusty93
reviewed
Feb 6, 2026
Krusty93
reviewed
Feb 6, 2026
Krusty93
reviewed
Feb 6, 2026
|
|
||
| data "azurerm_resource_group" "integration" { | ||
| name = provider::dx::resource_name(merge(local.naming_config, { | ||
| name = "integration", |
Contributor
There was a problem hiding this comment.
Suggested change
| name = "integration", | |
| name = "e2e", |
Contributor
Author
There was a problem hiding this comment.
I know it's not ideal, but to avoid creating two identical CDNs, I leveraged the existing integration one. Do you think it would be better to create a dedicated one for E2E as well?
Contributor
There was a problem hiding this comment.
As discussed in this morning, I believe it'd be better to have two different infrastructures for the two kind of tests. Keep in mind that also foundational infrastructure (vnet, peps, etc.) is also doubled
Krusty93
reviewed
Feb 6, 2026
| @@ -0,0 +1,71 @@ | |||
|
|
|||
| data "azurerm_resource_group" "integration" { | |||
Contributor
There was a problem hiding this comment.
Suggested change
| data "azurerm_resource_group" "integration" { | |
| data "azurerm_resource_group" "e2e" { |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This pull request introduces new test format with Unit, Contract, Integration and E2E tests.
depends-on: #1265
Resolves: CES-1661