Merge pull request #93 from CDCgov/Production-setup

#1153 - SFTP Production Setup
CDCgov · Jul 25, 2024 · 66aa950 · 66aa950
2 parents e88ce59 + 58bdf7b
commit 66aa950
Show file tree

Hide file tree

Showing 3 changed files with 78 additions and 0 deletions.
diff --git a/.github/workflows/prod-deploy.yml b/.github/workflows/prod-deploy.yml
@@ -0,0 +1,38 @@
+name: Deploy to Production Environment
+
+on:
+  release:
+    types:
+      - published
+
+jobs:
+  ci:
+    name: CI
+    uses: ./.github/workflows/ci.yml
+    secrets: inherit
+
+  terraform-deploy:
+    name: Production Infrastructure Deploy
+    needs: ci
+    uses: ./.github/workflows/terraform-deploy_reusable.yml
+    with:
+      ENVIRONMENT: prd
+      TERRAFORM_DIRECTORY: operations/environments/prd
+    secrets:
+      AZURE_CLIENT_ID: ${{ secrets.AZURE_CDC_CLIENT_ID }}
+      AZURE_TENANT_ID: ${{ secrets.AZURE_CDC_TENANT_ID }}
+      AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_CDC_DMZ_C1_SUBSCRIPTION_ID }}
+
+  prd-deploy:
+    name: Production Deploy Application Deploy
+    needs: terraform-deploy
+    uses: ./.github/workflows/deploy_reusable.yml
+    with:
+      ENVIRONMENT: prd
+      REPO: report-stream-sftp-ingest
+      APP: ${{ needs.terraform-deploy.outputs.APP }}
+      REGISTRY: ${{ needs.terraform-deploy.outputs.REGISTRY }}
+    secrets:
+      AZURE_CLIENT_ID: ${{ secrets.AZURE_CDC_CLIENT_ID }}
+      AZURE_TENANT_ID: ${{ secrets.AZURE_CDC_TENANT_ID }}
+      AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_CDC_DMZ_C1_SUBSCRIPTION_ID }}
diff --git a/operations/environments/prd/main.tf b/operations/environments/prd/main.tf
@@ -0,0 +1,33 @@
+terraform {
+  required_providers {
+    azurerm = {
+      source  = "hashicorp/azurerm"
+      version = "3.113.0"
+    }
+  }
+
+  # Use a remote Terraform state in Azure Storage
+  backend "azurerm" {
+    resource_group_name  = "csels-rsti-prd-moderate-rg"
+    storage_account_name = "cdcintermediarytrfrmprd"
+    container_name       = "terraform-state"
+    key                  = "rs-sftp-prd.terraform.tfstate"
+  }
+}
+
+# Configure the Microsoft Azure Provider
+provider "azurerm" {
+  features {
+    key_vault {
+      purge_soft_deleted_secrets_on_destroy = false
+    }
+  }
+}
+
+module "template" {
+  source = "../../template/"
+
+  environment = "prd"
+  deployer_id = "f5feabe7-5d37-40ba-94f2-e5c0760b4561" //github app registration in Flexion Azure Entra
+  cron        = "0 30 9 * May Mon"
+}
diff --git a/operations/environments/prd/outputs.tf b/operations/environments/prd/outputs.tf
@@ -0,0 +1,7 @@
+output "registry" {
+  value = module.template.registry
+}
+
+output "publish_app" {
+  value = module.template.publish_app
+}