[630] - initial commit for tf infra code

README.md

@@ -2,9 +2,9 @@
 
 Docs to be written
 
-## How to Clone the PX-BEARS-DRUPAL Repository with usagov-2021 Submodule
+## How to Clone the PX-BENEFIT-FINDER Repository with usagov-2021 Submodule
 
-This guide will walk you through the process of cloning the **_PX-BEARS-DRUPAL_** repository that includes a submodule. Submodules are repositories embedded within another repository, allowing you to include external dependencies or shared code as part of your project. When you clone such a project, by default you get the directories that contain submodules, but none of the files within them yet.
+This guide will walk you through the process of cloning the **_PX-BENEFIT-FINDER_** repository that includes a submodule. Submodules are repositories embedded within another repository, allowing you to include external dependencies or shared code as part of your project. When you clone such a project, by default you get the directories that contain submodules, but none of the files within them yet.
 
 To clone the repository with a submodule, follow these steps:
 
@@ -15,13 +15,13 @@ To clone the repository with a submodule, follow these steps:
 3. Use the following command to clone the main repository:
 
 ```
-git clone [email protected]:GSA/px-bears-drupal.git
+git clone [email protected]:GSA/px-benefit-finder.git
 ```
 
 4. Once the cloning process completes, navigate into the cloned repository's directory using the cd command.
 
 ```
-cd px-bears-drupal
+cd px-benefit-finder
 ```
 
 5. usagov-2021 directory is there but empty. You must run the following two commands to initialize your local configuration file and fetch all the data from that project.
@@ -132,8 +132,77 @@ aws s3 ls s3://${AWS_BUCKET}/
 
 7. Run it again after using it to delete the service-key.
 
+# Infrastructure (provisioned by Terraform)
 
-# VDI Login Guide for the BEARS Team Members
+
+## Cloud.gov Infrastructure
+
+### Environments/Spaces:
+#### Benefit-finder-dev : Sandbox environment for the tech team.
+      CMS App main page URL: 
+
+      https://benefit-finder-waf-dev.app.cloud.gov
+#### Benefit-finder-main : The main/pre-release environment.
+      CMS App main page URL: 
+
+      https://benefit-finder-waf-main.app.cloud.gov
+
+## How to use terraform to manage the infrastructure
+
+1. Make sure you login cloud.gov on your terminal and target your org and `benefit-finder-dev` space
+
+```
+cf login -a api.fr.cloud.gov --sso
+```
+
+2. Change directory to infra/benefit-finder-infra directory.
+
+```
+cd infra/benefit-finder-infra
+```
+
+3. Set bucket_name variable.
+
+```
+export bucket_name="terraform-backend" 
+```
+
+4. Execute the script to authenticate to use terraform backend
+
+```
+source scripts/cloudgov-aws-creds.sh
+```
+
+5. Get `terraform.tfvars` file in a secure way and put it in the `infra/benefit-finder-infra` directory.
+
+6. Initialize your local terraform folder.
+
+```
+terraform init
+```
+7. Make sure you see terraform workspaces
+
+```
+terraform workspace list
+```
+![terraform workspace list](image-2.png)
+
+8. Choose the workspace you need to work on
+
+```
+terraform workspace select dev
+```
+9. Plan
+
+```
+terraform plan
+```
+
+
+
+
+
+# VDI Login Guide for the Benefit-finder Team Members
 
 ## What is VDI?
 

infra/benefit-finder-infra/.gitignore

@@ -0,0 +1,52 @@
+## Terraform
+terraform.tfstate.d
+**terraform*
+**.tfvars*
+**tfplan*
+provider.tf
+
+## Other files/folders
+*.bak
+*.jq
+*.log
+*.txt
+.DS_Store
+
+# Applications
+*.app
+*.exe
+*.war
+
+# Large media files
+*.mp4
+*.tiff
+*.avi
+*.flv
+*.mov
+*.wmv
+
+# Ignore override files as they are usually used to override resources locally and so
+# are not checked in
+override.tf
+override.tf.json
+*_override.tf
+*_override.tf.json
+
+# Ignore CLI configuration files
+.terraformrc
+terraform.rc
+
+!.terraform.lock.hcl
+!.terraform-docs*
+!TERRAFORM.MD
+!terraform.tfvars.tmpl
+
+## Caddy application
+applications/caddy-proxy/caddy
+applications/caddy-proxy/Caddyfile
+applications/caddy-proxy/*.acl
+
+## WAF application
+applications/nginx-waf/modules/*
+applications/nginx-waf/nginx/snippets/*.conf
+!applications/nginx-waf/nginx/snippets/owasp*.conf

infra/benefit-finder-infra/.terraform-docs.yaml

@@ -0,0 +1,2 @@
+header-from: .terraform-docs/header.md
+footer-from: .terraform-docs/footer.md

infra/benefit-finder-infra/.terraform-docs/footer.md

@@ -0,0 +1,76 @@
+### locals.tf Overview
+
+This is a high level overview of the `locals.tf` file. The locals.tf file itself is heavily commented and will go into detail about individual settings if further information is required.
+
+The locals.tf is the main file that needs to be edited to configure your infrastructure.
+
+####  Global variables
+
+##### project
+
+This variable holds the prefix of your resource names. For example, this project uses `vote` as a prefix for service names.
+
+##### project_full
+
+This variable is a longer, alternative name used in the project. For example, CircleCI calls this project `vote-gov`.
+
+##### bootstrap_workspace
+
+The name of the `bootstrap` workspace in Terraform. By default, it's `bootstrap`.
+
+##### global
+
+An object that sets commonly used applications and services (i.e. the WAF and the database), making configuration easier.
+
+##### egress
+
+Settings for the egress proxy that is deployed to the DMZ space.
+
+##### external_applications
+
+Settings for applications that aren't managed by Terraform. This is used to save pipeline variables to dynamically configure the other application.
+
+##### envs
+
+Settings for the majority of the deployment, that is then merged into a single `object`. The sub-object, `all` are configurations for every environment. The other sub-objects should be the name of your Terraform workspaces.
+
+### local.env.apps
+This is a `map` of `objects`.
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| buildpack | The admin buildpack name or Git URL | `string` | `null` | no |
+| buildpacks | A list of buildpack names and/or Git URLs | `list(string)` | `null` | no |
+| command | A custom start command for the application. A custom start command for the application. | `string` | `null` | no |
+| disk_quota | The size of the buildpack's ephemeral disk in megabytes. | `number` | `1024` | no |
+| docker_credentials | A custom start command for the application. | `map` | `null` | no |
+| docker_image | The URL to the docker image with tag. | `string` | `null` | no |
+| enable_ssh | Whether to enable or disable SSH access to the container. | `bool` | `true` | no |
+| environment | Key/value pairs of custom environment variables to set in your app. | `map` | `null` | no |
+| health_check_http_endpoint | The endpoint for the http health check type. | `string` | `"/"` | no |
+| health_check_invocation_timeout | The timeout in seconds for individual health check requests for "http" and "port" health checks. | `number` | `5` | no |
+| health_check_timeout | The timeout in seconds for the health check. | `number` | `180` | no |
+| health_check_type | The timeout in seconds for individual health check requests for "http" and "port" health checks. | `string` | `"port"` | no |
+| instances | The number of app instances that you want to start. | `number` | `1` | no |
+| labels | Adds labels to the application. | `map` | `null` | no |
+| memory | The memory limit for each application instance in megabytes. | `number` | `64` | no |
+| name | The name of the application. | `string` | n/a | yes |
+| path | An URI or path to target a zip file. If the path is a directory, the module will create a zip file. | `string` | n/a | yes |
+| space | The GUID of the associated Cloud Foundry space. | `string` | n/a | yes |
+| stack | The name of the stack the application will be deployed to. `cf stacks` will list valid options. | `string` | `"cflinuxfs4"` | no |
+| stopped | Defines the desired application state. Set to true to have the application remain in a stopped state. | `bool` | `false` | no |
+| strategy | Strategy ("none", "blue-green", or "rolling") to use for creating/updating application. | `string` | `"none"` | no |
+| timeout | Max wait time for app instance startup, in seconds. | `number` | `60` | no |
+
+### local.env.services
+This is a `map` of `objects`.
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| name                           | The name of the service instance. | `string` | n/a | yes |
+| json_params                    | A json string of arbitrary parameters. | `string` | `null` | no |
+| replace_on_params_change       | Cloud Foundry will replace the resource on any params change. | `bool` | `false` | no |
+| replace_on_service_plan_change | Cloud Foundry will replace the resource on any service plan changes | `bool` | `false` | no |
+| space                          | The ID of the space. | `string` | n/a | yes |
+| service_plan                   | The ID of the service plan. | `string` | n/a | yes |
+| tags                           | List of instance tags. | `list(string)` | `[]` | no |

infra/benefit-finder-infra/.terraform-docs/header.md

@@ -0,0 +1 @@
+# Cloud.gov Drupal Infrastructure