Planning-Inspectorate · andylangridge · Jun 8, 2022 · Jun 8, 2022 · Jun 8, 2022 · Jun 8, 2022
diff --git a/.generate-providers.sh b/.generate-providers.sh
@@ -0,0 +1,29 @@
+#!/usr/bin/env bash
+
+generate() {
+  PROVIDERS=$(cat config/providers.tf)
+
+  FILES=$(git diff-index --cached --name-only HEAD)
+
+  PATTERN="\\.tf?$"
+
+  for file in $FILES; do
+    FILE_DIR=$(dirname $file)
+
+    if [[ $file =~ $PATTERN ]]; then
+      if [[ ! "${DIRECTORIES[*]}" =~ "$FILE_DIR" ]] && [[ $FILE_DIR == *"app/stacks"* ]]; then
+        DIRECTORIES+=$FILE_DIR
+      fi
+    fi
+  done
+
+  for dir in ${DIRECTORIES[@]}; do
+    $(cd $dir; echo "$PROVIDERS" > providers-tmp.tf)
+  done
+}
+
+remove() {
+  find . -type f -name "providers-tmp.tf" -delete
+}
+
+"$@"
diff --git a/.gitignore b/.gitignore
@@ -29,3 +29,6 @@ override.tf.json
 .idea
 .vscode
 *.iml
+
+# Pre-commit hooks
+providers-tmp.tf
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -4,12 +4,39 @@ repos:
     hooks:
       - id: end-of-file-fixer
       - id: trailing-whitespace
+  # TODO: Only run Terraform validate against stacks directory due to a known issue in Terraform when using "configuration_aliases" - https://github.com/hashicorp/terraform/issues/28490
+  - repo: local
+    hooks:
+      - id: generate_terraform_providers
+        entry: .generate-providers.sh generate
+        files: \.tf?$
+        language: script
+        name: Generate Terraform Providers
+        pass_filenames: false
+        require_serial: true
+  - repo: https://github.com/antonbabenko/pre-commit-terraform
+    rev: v1.62.0
+    hooks:
+      - id: terraform_validate
+        exclude: |
+          (?x)^(
+            app/modules|
+            app/components
+          )
+  - repo: local
+    hooks:
+      - id: remove_terraform_providers
+        entry: .generate-providers.sh remove
+        files: \.tf?$
+        language: script
+        name: Remove Terraform Providers
+        pass_filenames: false
+        require_serial: true
   - repo: https://github.com/antonbabenko/pre-commit-terraform
     rev: v1.62.0
     hooks:
       - id: terraform_docs
       - id: terraform_fmt
-      - id: terraform_validate
       - id: terraform_tflint
         args:
           - --args=--config=__GIT_WORKING_DIR__/.tflint.hcl

diff --git a/app/components/appeals-app-services/locals.tf b/app/components/appeals-app-services/locals.tf
@@ -64,6 +64,7 @@ locals {
         FEATURE_FLAG_NEW_APPEAL_JOURNEY                                       = true
         HORIZON_HAS_PUBLISHER_ATTEMPT_RECONNECTION                            = true
         HORIZON_HAS_PUBLISHER_HOST                                            = "${azurerm_servicebus_namespace.horizon.name}.servicebus.windows.net"
+        HORIZON_HAS_PUBLISHER_HOSTNAME                                        = "${azurerm_servicebus_namespace.horizon.name}.servicebus.windows.net"
         HORIZON_HAS_PUBLISHER_PASSWORD                                        = azurerm_servicebus_namespace_authorization_rule.horizon_function_apps.primary_key
         HORIZON_HAS_PUBLISHER_PORT                                            = "5671"
         HORIZON_HAS_PUBLISHER_QUEUE                                           = azurerm_servicebus_queue.horizon_householder_appeal_publish.name

diff --git a/app/components/appeals-app-services/service-bus.tf b/app/components/appeals-app-services/service-bus.tf
@@ -18,7 +18,7 @@ resource "azurerm_servicebus_namespace_authorization_rule" "horizon_function_app
   name         = "horizon-function-apps"
   namespace_id = azurerm_servicebus_namespace.horizon.id
 
-  listen = true
-  send   = false
+  listen = false
+  send   = true
   manage = false
 }
diff --git a/app/components/applications-app-services/README.md b/app/components/applications-app-services/README.md
@@ -7,7 +7,6 @@ This module contains the App Services resources for the applications service. Th
 
 | Name | Version |
 |------|---------|
-| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | 1.1.6 |
 | <a name="requirement_azurerm"></a> [azurerm](#requirement\_azurerm) | 3.6.0 |
 
 ## Providers

diff --git a/app/components/back-office-app-services/README.md b/app/components/back-office-app-services/README.md
@@ -7,7 +7,6 @@ This module contains the App Services resources for the Back Office service. The
 
 | Name | Version |
 |------|---------|
-| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | 1.1.6 |
 | <a name="requirement_azurerm"></a> [azurerm](#requirement\_azurerm) | 3.6.0 |
 
 ## Providers

diff --git a/app/components/networking/README.md b/app/components/networking/README.md
@@ -7,7 +7,6 @@ This module contains the networking resources for the PINS ODT environments. The
 
 | Name | Version |
 |------|---------|
-| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | 1.1.6 |
 | <a name="requirement_azurerm"></a> [azurerm](#requirement\_azurerm) | 3.6.0 |
 
 ## Providers

diff --git a/app/modules/node-app-service/README.md b/app/modules/node-app-service/README.md
@@ -7,7 +7,6 @@ This Terraform module creates an App service to deploy backend or frontend servi
 
 | Name | Version |
 |------|---------|
-| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | 1.1.6 |
 | <a name="requirement_azurerm"></a> [azurerm](#requirement\_azurerm) | 3.6.0 |
 
 ## Providers

diff --git a/app/stacks/uk-south/appeals-service/README.md b/app/stacks/uk-south/appeals-service/README.md
@@ -26,11 +26,9 @@ No requirements.
 | Name | Type |
 |------|------|
 | [azurerm_log_analytics_workspace.appeals_service](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/log_analytics_workspace) | resource |
-| [azurerm_private_endpoint.cosmosdb](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_endpoint) | resource |
 | [azurerm_resource_group.appeals_service_stack](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
 | [azurerm_subnet.appeals_service_ingress](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet) | resource |
 | [azurerm_private_dns_zone.app_service](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/private_dns_zone) | data source |
-| [azurerm_private_dns_zone.cosmosdb](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/private_dns_zone) | data source |
 
 ## Inputs
 
@@ -49,9 +47,6 @@ No requirements.
 | <a name="input_container_registry_name"></a> [container\_registry\_name](#input\_container\_registry\_name) | The name of the container registry that hosts the image | `string` | n/a | yes |
 | <a name="input_container_registry_rg"></a> [container\_registry\_rg](#input\_container\_registry\_rg) | The resource group of the container registry that hosts the image | `string` | n/a | yes |
 | <a name="input_cosmosdb_connection_string"></a> [cosmosdb\_connection\_string](#input\_cosmosdb\_connection\_string) | The connection string used to connect to CosmosDB | `string` | n/a | yes |
-| <a name="input_cosmosdb_id"></a> [cosmosdb\_id](#input\_cosmosdb\_id) | The ID of the CosmosDB account | `string` | n/a | yes |
-| <a name="input_cosmosdb_subnet_id"></a> [cosmosdb\_subnet\_id](#input\_cosmosdb\_subnet\_id) | The ID of the subnet containing the Cosmos DB endpoint | `string` | n/a | yes |
-| <a name="input_database_public_access_enabled"></a> [database\_public\_access\_enabled](#input\_database\_public\_access\_enabled) | A switch indicating if databases should have public access enabled | `bool` | `false` | no |
 | <a name="input_environment"></a> [environment](#input\_environment) | The environment resources are deployed to e.g. 'dev' | `string` | n/a | yes |
 | <a name="input_function_apps_storage_account"></a> [function\_apps\_storage\_account](#input\_function\_apps\_storage\_account) | The name of the storage account used by the Function Apps | `string` | n/a | yes |
 | <a name="input_function_apps_storage_account_access_key"></a> [function\_apps\_storage\_account\_access\_key](#input\_function\_apps\_storage\_account\_access\_key) | The access key for the storage account | `string` | n/a | yes |

diff --git a/app/stacks/uk-south/appeals-service/cosmosdb.tf b/app/stacks/uk-south/appeals-service/cosmosdb.tf
diff --git a/app/stacks/uk-south/appeals-service/data.tf b/app/stacks/uk-south/appeals-service/data.tf
@@ -3,9 +3,3 @@ data "azurerm_private_dns_zone" "app_service" {
 
   provider = azurerm.tooling
 }
-
-data "azurerm_private_dns_zone" "cosmosdb" {
-  name = "privatelink.mongo.cosmos.azure.com"
-
-  provider = azurerm.tooling
-}
diff --git a/app/stacks/uk-south/appeals-service/variables.tf b/app/stacks/uk-south/appeals-service/variables.tf
@@ -59,28 +59,12 @@ variable "container_registry_rg" {
   type        = string
 }
 
-variable "cosmosdb_id" {
-  description = "The ID of the CosmosDB account"
-  type        = string
-}
-
-variable "cosmosdb_subnet_id" {
-  description = "The ID of the subnet containing the Cosmos DB endpoint"
-  type        = string
-}
-
 variable "cosmosdb_connection_string" {
   description = "The connection string used to connect to CosmosDB"
   sensitive   = true
   type        = string
 }
 
-variable "database_public_access_enabled" {
-  description = "A switch indicating if databases should have public access enabled"
-  type        = bool
-  default     = false
-}
-
 variable "environment" {
   description = "The environment resources are deployed to e.g. 'dev'"
   type        = string