feat: [PAYMCLOUD-580] GH runner update@uat (#3645)

* wip

* add vnet link private dns zone aks

Author: umbcoppolabottazzi

src/aks-leonardo/00_network.tf

@@ -29,3 +29,11 @@ data "azurerm_public_ip" "pip_aks_outboud" {
   name                = local.public_ip_aks_leonardo_outbound_name
   resource_group_name = data.azurerm_resource_group.vnet_ita_rg.name
 }
+
+# VNET HUB-SPOKE
+data "azurerm_virtual_network" "vnet_hub_spoke" {
+  for_each = toset(local.hub_spoke_vnet_name)
+
+  name                = each.key
+  resource_group_name = local.hub_spoke_vnet_rg_name
+}

src/aks-leonardo/03_aks_dns_private_link.tf

@@ -38,3 +38,19 @@ resource "azurerm_private_dns_zone_virtual_network_link" "aks_dns_private_link_v
 
   tags = module.tag_config.tags
 }
+
+# Virtual Network Link for Hub - Spoke Network
+resource "azurerm_private_dns_zone_virtual_network_link" "aks_dns_private_link_vs_vnet_hub_spoke" {
+  for_each = var.aks_private_cluster_enabled ? data.azurerm_virtual_network.vnet_hub_spoke : {}
+
+  name                  = each.value.name
+  virtual_network_id    = each.value.id
+  resource_group_name   = module.aks_leonardo.managed_resource_group_name
+  private_dns_zone_name = module.aks_leonardo.managed_private_dns_zone_name
+
+  depends_on = [
+    module.aks_leonardo,
+  ]
+
+  tags = module.tag_config.tags
+}

src/aks-leonardo/99_locals.tf

@@ -16,6 +16,10 @@ locals {
 
   public_ip_aks_leonardo_outbound_name = "pagopa-${var.env_short}-itn-${var.env}-aksoutbound-pip"
 
+  hub_spoke_vnet_name = ["${local.product_location}-hub-vnet", "${local.product_location}-spoke-data-vnet", "${local.product_location}-spoke-security-vnet",
+  "${local.product_location}-spoke-streaming-vnet", "${local.product_location}-spoke-tools-vnet"]
+  hub_spoke_vnet_rg_name = "${local.product_location}-network-hub-spoke-rg"
+
   # ACR DOCKER
   acr_name_ita                = replace("${local.product}itncoreacr", "-", "")
   acr_resource_group_name_ita = "${local.product}-itn-acr-rg"

src/aks-leonardo/README.md

@@ -57,6 +57,7 @@ Re-enable all the resource, commented before to complete the procedure
 | [azurerm_linux_virtual_machine.vm_debug_italy](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_virtual_machine) | resource |
 | [azurerm_network_interface.vm_debug_italy](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface) | resource |
 | [azurerm_private_dns_zone_virtual_network_link.aks_dns_private_link_vs_vnet_core_weu](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_zone_virtual_network_link) | resource |
+| [azurerm_private_dns_zone_virtual_network_link.aks_dns_private_link_vs_vnet_hub_spoke](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_zone_virtual_network_link) | resource |
 | [azurerm_private_dns_zone_virtual_network_link.aks_dns_private_link_vs_vnet_ita](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_zone_virtual_network_link) | resource |
 | [azurerm_resource_group.rg_aks](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
 | [azurerm_role_assignment.aks_to_acr](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/role_assignment) | resource |
@@ -102,6 +103,7 @@ Re-enable all the resource, commented before to complete the procedure
 | [azurerm_resource_group.vnet_ita_rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/resource_group) | data source |
 | [azurerm_subscription.current](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/subscription) | data source |
 | [azurerm_virtual_network.vnet_core](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/virtual_network) | data source |
+| [azurerm_virtual_network.vnet_hub_spoke](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/virtual_network) | data source |
 | [azurerm_virtual_network.vnet_ita](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/virtual_network) | data source |
 
 ## Inputs

src/domains/cruscotto-app/07_gh_runner.tf

@@ -1,5 +1,5 @@
 locals {
-  tools_cae_name = var.env_short == "d" ? "${local.product}-${var.location_short}-core-spoke-tools-cae" : "${local.product}-${var.location_short}-core-tools-cae"
+  tools_cae_name = var.env_short != "p" ? "${local.project_core_itn}-spoke-tools-cae" : "${local.product}-${var.location_short}-core-tools-cae"
   tools_cae_rg   = "${local.product}-${var.location_short}-core-tools-rg"
 }
 

src/domains/ebollo-app/07_gh_runner.tf

@@ -1,5 +1,5 @@
 locals {
-  tools_cae_name = var.env_short == "d" ? "${local.product}-${var.location_short}-core-spoke-tools-cae" : "${local.product}-${var.location_short}-core-tools-cae"
+  tools_cae_name = var.env_short != "p" ? "${local.project_core_itn}-spoke-tools-cae" : "${local.product}-${var.location_short}-core-tools-cae"
   tools_cae_rg   = "${local.product}-${var.location_short}-core-tools-rg"
 }
 

src/domains/payopt-app/07_gh_runner.tf

@@ -1,5 +1,5 @@
 locals {
-  tools_cae_name = var.env_short == "d" ? "${local.product}-${var.location_short}-core-spoke-tools-cae" : "${local.product}-${var.location_short}-core-tools-cae"
+  tools_cae_name = var.env_short != "p" ? "${local.project_core_itn}-spoke-tools-cae" : "${local.product}-${var.location_short}-core-tools-cae"
   tools_cae_rg   = "${local.product}-${var.location_short}-core-tools-rg"
 }
 

src/domains/printit-app/07_gh_runner.tf

@@ -1,5 +1,5 @@
 locals {
-  tools_cae_name = var.env_short == "d" ? "${local.product}-${var.location_short}-core-spoke-tools-cae" : "${local.product}-${var.location_short}-core-tools-cae"
+  tools_cae_name = var.env_short != "p" ? "${local.project_core_itn}-spoke-tools-cae" : "${local.product}-${var.location_short}-core-tools-cae"
   tools_cae_rg   = "${local.product}-${var.location_short}-core-tools-rg"
 }