diff --git a/src/common/prod/locals.tf b/src/common/prod/locals.tf
index fd913e5c8..f1a816698 100644
--- a/src/common/prod/locals.tf
+++ b/src/common/prod/locals.tf
@@ -71,10 +71,10 @@ locals {
services_app_backend = data.azurerm_linux_function_app.services_app_backend_function_app.default_hostname
lollipop = data.azurerm_linux_function_app.lollipop_function.default_hostname
eucovidcert = data.azurerm_linux_function_app.eucovidcert.default_hostname
- cgn = "io-p-itn-cgn-card-func-01.azurewebsites.net"
+ cgn = "io-p-itn-cgn-card-func-02.azurewebsites.net"
iosign = data.azurerm_linux_function_app.io_sign_user.default_hostname
iofims = data.azurerm_linux_function_app.io_fims_user.default_hostname
- cgnonboarding = "io-p-itn-cgn-search-func-01.azurewebsites.net"
+ cgnonboarding = "io-p-itn-cgn-search-func-02.azurewebsites.net"
iowallet = data.azurerm_linux_function_app.wallet_user.default_hostname
}
diff --git a/src/domains/cgn/_modules/apim/named_values_cgn.tf b/src/domains/cgn/_modules/apim/named_values_cgn.tf
index 2b569b423..3d6247d31 100644
--- a/src/domains/cgn/_modules/apim/named_values_cgn.tf
+++ b/src/domains/cgn/_modules/apim/named_values_cgn.tf
@@ -3,7 +3,7 @@ resource "azurerm_api_management_named_value" "io_fn_cgnmerchant_url_v2" {
api_management_name = data.azurerm_api_management.apim.name
resource_group_name = data.azurerm_api_management.apim.resource_group_name
display_name = "io-fn-cgnmerchant-url"
- value = "https://io-p-itn-cgn-merchant-func-01.azurewebsites.net"
+ value = "https://io-p-itn-cgn-merchant-func-02.azurewebsites.net"
}
resource "azurerm_api_management_named_value" "io_fn_cgnmerchant_key_v2" {
diff --git a/src/domains/cgn/_modules/apim/named_values_cgn_os.tf b/src/domains/cgn/_modules/apim/named_values_cgn_os.tf
index f24a7b41a..eb2576850 100644
--- a/src/domains/cgn/_modules/apim/named_values_cgn_os.tf
+++ b/src/domains/cgn/_modules/apim/named_values_cgn_os.tf
@@ -3,7 +3,7 @@ resource "azurerm_api_management_named_value" "cgnonboardingportal_os_url_value_
api_management_name = data.azurerm_api_management.apim.name
resource_group_name = data.azurerm_api_management.apim.resource_group_name
display_name = "cgnonboardingportal-os-url"
- value = "https://io-p-itn-cgn-search-func-01.azurewebsites.net"
+ value = "https://io-p-itn-cgn-search-func-02.azurewebsites.net"
}
resource "azurerm_api_management_named_value" "cgnonboardingportal_os_key_v2" {
diff --git a/src/domains/cgn/_modules/apim/variables.tf b/src/domains/cgn/_modules/apim/variables.tf
index e9c850140..13bbb39ab 100644
--- a/src/domains/cgn/_modules/apim/variables.tf
+++ b/src/domains/cgn/_modules/apim/variables.tf
@@ -13,11 +13,6 @@ variable "env_short" {
description = "Short environment name"
}
-variable "function_cgn_merchant_hostname" {
- type = string
- description = "CGN Function App hostname to set in API groups"
-}
-
variable "apim" {
type = object({
name = string
diff --git a/src/domains/cgn/_modules/cosmos/cosmos_account_cgn.tf b/src/domains/cgn/_modules/cosmos/cosmos_account_cgn.tf
index 32999b3f6..d5fc3ce36 100644
--- a/src/domains/cgn/_modules/cosmos/cosmos_account_cgn.tf
+++ b/src/domains/cgn/_modules/cosmos/cosmos_account_cgn.tf
@@ -20,11 +20,11 @@ module "cosmos_account_cgn" {
max_staleness_prefix = null
}
- main_geo_location_location = var.location
+ main_geo_location_location = var.secondary_locations[0]
additional_geo_locations = [
{
- location = var.secondary_location
+ location = var.secondary_locations[1]
failover_priority = 1
zone_redundant = false
}
diff --git a/src/domains/cgn/_modules/cosmos/variables.tf b/src/domains/cgn/_modules/cosmos/variables.tf
index e515bbd86..4016fe5c1 100644
--- a/src/domains/cgn/_modules/cosmos/variables.tf
+++ b/src/domains/cgn/_modules/cosmos/variables.tf
@@ -8,9 +8,9 @@ variable "location" {
description = "Azure region"
}
-variable "secondary_location" {
- type = string
- description = "Secondary Azure region used for replication purposes"
+variable "secondary_locations" {
+ type = list(string)
+ description = "Secondary Azure regions used for replication purposes"
}
variable "tags" {
diff --git a/src/domains/cgn/_modules/functions_apps/alerts.tf b/src/domains/cgn/_modules/functions_apps/alerts.tf
deleted file mode 100644
index a8b1bed6f..000000000
--- a/src/domains/cgn/_modules/functions_apps/alerts.tf
+++ /dev/null
@@ -1,45 +0,0 @@
-resource "azurerm_monitor_metric_alert" "function_cgn_health_check" {
- name = "${module.function_cgn.name}-health-check-failed"
- resource_group_name = var.resource_group_name
- scopes = [module.function_cgn.id]
- description = "${module.function_cgn.name} health check failed"
- severity = 1
- frequency = "PT5M"
- auto_mitigate = false
- enabled = true
-
- criteria {
- metric_namespace = "Microsoft.Web/sites"
- metric_name = "HealthCheckStatus"
- aggregation = "Average"
- operator = "LessThan"
- threshold = 50
- }
-
- action {
- action_group_id = data.azurerm_monitor_action_group.error_action_group.id
- }
-}
-
-resource "azurerm_monitor_metric_alert" "function_cgn_merchant_health_check" {
- name = "${module.function_cgn_merchant.name}-health-check-failed"
- resource_group_name = var.resource_group_name
- scopes = [module.function_cgn_merchant.id]
- description = "${module.function_cgn_merchant.name} health check failed"
- severity = 1
- frequency = "PT5M"
- auto_mitigate = false
- enabled = false # todo enable after deploy
-
- criteria {
- metric_namespace = "Microsoft.Web/sites"
- metric_name = "HealthCheckStatus"
- aggregation = "Average"
- operator = "LessThan"
- threshold = 50
- }
-
- action {
- action_group_id = data.azurerm_monitor_action_group.error_action_group.id
- }
-}
diff --git a/src/domains/cgn/_modules/functions_apps/app_service_plan_cgn_common.tf b/src/domains/cgn/_modules/functions_apps/app_service_plan_cgn_common.tf
deleted file mode 100644
index 8434639b6..000000000
--- a/src/domains/cgn/_modules/functions_apps/app_service_plan_cgn_common.tf
+++ /dev/null
@@ -1,16 +0,0 @@
-resource "azurerm_app_service_plan" "app_service_plan_cgn_common" {
- name = "${var.project}-plan-cgn-common"
- location = var.location
- resource_group_name = var.resource_group_name
-
- kind = "Linux"
- reserved = true
-
- sku {
- tier = "PremiumV3"
- size = "P1v3"
- capacity = 1
- }
-
- tags = var.tags
-}
diff --git a/src/domains/cgn/_modules/functions_apps/autoscalers.tf b/src/domains/cgn/_modules/functions_apps/autoscalers.tf
deleted file mode 100644
index a4ba9c6d5..000000000
--- a/src/domains/cgn/_modules/functions_apps/autoscalers.tf
+++ /dev/null
@@ -1,104 +0,0 @@
-resource "azurerm_monitor_autoscale_setting" "function_cgn" {
- name = format("%s-autoscale", module.function_cgn.name)
- resource_group_name = var.resource_group_name
- location = var.location
- target_resource_id = module.function_cgn.app_service_plan_id
-
- profile {
- name = "default"
-
- capacity {
- default = 10
- minimum = 1
- maximum = 30
- }
-
- rule {
- metric_trigger {
- metric_name = "Requests"
- metric_resource_id = module.function_cgn.id
- metric_namespace = "microsoft.web/sites"
- time_grain = "PT1M"
- statistic = "Average"
- time_window = "PT5M"
- time_aggregation = "Average"
- operator = "GreaterThan"
- threshold = 3000
- divide_by_instance_count = false
- }
-
- scale_action {
- direction = "Increase"
- type = "ChangeCount"
- value = "2"
- cooldown = "PT5M"
- }
- }
-
- rule {
- metric_trigger {
- metric_name = "CpuPercentage"
- metric_resource_id = module.function_cgn.app_service_plan_id
- metric_namespace = "microsoft.web/serverfarms"
- time_grain = "PT1M"
- statistic = "Average"
- time_window = "PT5M"
- time_aggregation = "Average"
- operator = "GreaterThan"
- threshold = 45
- divide_by_instance_count = false
- }
-
- scale_action {
- direction = "Increase"
- type = "ChangeCount"
- value = "2"
- cooldown = "PT5M"
- }
- }
-
- rule {
- metric_trigger {
- metric_name = "Requests"
- metric_resource_id = module.function_cgn.id
- metric_namespace = "microsoft.web/sites"
- time_grain = "PT1M"
- statistic = "Average"
- time_window = "PT5M"
- time_aggregation = "Average"
- operator = "LessThan"
- threshold = 2000
- divide_by_instance_count = false
- }
-
- scale_action {
- direction = "Decrease"
- type = "ChangeCount"
- value = "1"
- cooldown = "PT20M"
- }
- }
-
- rule {
- metric_trigger {
- metric_name = "CpuPercentage"
- metric_resource_id = module.function_cgn.app_service_plan_id
- metric_namespace = "microsoft.web/serverfarms"
- time_grain = "PT1M"
- statistic = "Average"
- time_window = "PT5M"
- time_aggregation = "Average"
- operator = "LessThan"
- threshold = 30
- divide_by_instance_count = false
- }
-
- scale_action {
- direction = "Decrease"
- type = "ChangeCount"
- value = "1"
- cooldown = "PT20M"
- }
- }
- }
-}
diff --git a/src/domains/cgn/_modules/functions_apps/data.tf b/src/domains/cgn/_modules/functions_apps/data.tf
deleted file mode 100644
index 90a49e356..000000000
--- a/src/domains/cgn/_modules/functions_apps/data.tf
+++ /dev/null
@@ -1,101 +0,0 @@
-data "azurerm_application_insights" "application_insights" {
- name = format("%s-ai-common", var.project)
- resource_group_name = local.resource_group_name_common
-}
-
-data "azurerm_subnet" "snet_apim_v2" {
- name = "apimv2api"
- virtual_network_name = local.vnet_name_common
- resource_group_name = local.resource_group_name_common
-}
-
-data "azurerm_subnet" "apim_itn_snet" {
- name = "io-p-itn-apim-snet-01"
- virtual_network_name = local.vnet_common_name_itn
- resource_group_name = local.vnet_common_resource_group_name_itn
-}
-
-data "azurerm_subnet" "snet_azdoa" {
- name = "azure-devops"
- virtual_network_name = local.vnet_name_common
- resource_group_name = local.resource_group_name_common
-}
-
-data "azurerm_subnet" "snet_backendl1" {
- name = "appbackendl1"
- virtual_network_name = local.vnet_name_common
- resource_group_name = local.resource_group_name_common
-}
-
-data "azurerm_subnet" "snet_backendl2" {
- name = "appbackendl2"
- virtual_network_name = local.vnet_name_common
- resource_group_name = local.resource_group_name_common
-}
-
-data "azurerm_subnet" "snet_backendli" {
- name = "appbackendli"
- virtual_network_name = local.vnet_name_common
- resource_group_name = local.resource_group_name_common
-}
-
-data "azurerm_private_dns_zone" "privatelink_blob_core" {
- name = "privatelink.blob.core.windows.net"
- resource_group_name = local.resource_group_name_common
-}
-
-data "azurerm_private_dns_zone" "privatelink_queue_core" {
- name = "privatelink.queue.core.windows.net"
- resource_group_name = local.resource_group_name_common
-}
-
-data "azurerm_private_dns_zone" "privatelink_table_core" {
- name = "privatelink.table.core.windows.net"
- resource_group_name = local.resource_group_name_common
-}
-
-data "azurerm_key_vault" "key_vault_common" {
- name = "${var.project}-kv-common"
- resource_group_name = local.resource_group_name_common
-}
-
-data "azurerm_key_vault_secret" "fn_cgn_SERVICES_API_KEY" {
- name = "apim-CGN-SERVICE-KEY"
- key_vault_id = data.azurerm_key_vault.key_vault_common.id
-}
-
-data "azurerm_key_vault_secret" "fn_cgn_EYCA_API_USERNAME" {
- name = "funccgn-EYCA-API-USERNAME"
- key_vault_id = data.azurerm_key_vault.key_vault_common.id
-}
-
-data "azurerm_key_vault_secret" "fn_cgn_EYCA_API_PASSWORD" {
- name = "funccgn-EYCA-API-PASSWORD"
- key_vault_id = data.azurerm_key_vault.key_vault_common.id
-}
-
-data "azurerm_key_vault_secret" "fn_cgn_CGN_SERVICE_ID" {
- name = "funccgn-CGN-SERVICE-ID"
- key_vault_id = data.azurerm_key_vault.key_vault_common.id
-}
-
-data "azurerm_key_vault_secret" "fn_cgn_CGN_DATA_BACKUP_CONNECTION" {
- name = "cgn-legalbackup-storage-connection-string"
- key_vault_id = data.azurerm_key_vault.key_vault_common.id
-}
-
-data "azurerm_monitor_action_group" "error_action_group" {
- name = "${replace("${var.project}", "-", "")}error"
- resource_group_name = local.resource_group_name_common
-}
-
-data "azurerm_subnet" "private_endpoints_subnet" {
- name = "pendpoints"
- virtual_network_name = local.vnet_name_common
- resource_group_name = local.resource_group_name_common
-}
-
-data "azurerm_private_dns_zone" "function_app" {
- name = "privatelink.azurewebsites.net"
- resource_group_name = local.resource_group_name_common
-}
diff --git a/src/domains/cgn/_modules/functions_apps/function_app_cgn.tf b/src/domains/cgn/_modules/functions_apps/function_app_cgn.tf
deleted file mode 100644
index 68199e909..000000000
--- a/src/domains/cgn/_modules/functions_apps/function_app_cgn.tf
+++ /dev/null
@@ -1,138 +0,0 @@
-#tfsec:ignore:azure-storage-queue-services-logging-enabled:exp:2022-05-01 # already ignored, maybe a bug in tfsec
-module "function_cgn" {
- source = "github.com/pagopa/terraform-azurerm-v3//function_app?ref=v7.69.1"
-
- resource_group_name = var.resource_group_name
- name = "${var.project}-cgn-fn"
- location = var.location
- app_service_plan_id = azurerm_app_service_plan.app_service_plan_cgn_common.id
- health_check_path = "/api/v1/cgn/info"
- health_check_maxpingfailures = 2
-
- node_version = "18"
- runtime_version = "~4"
-
- always_on = "true"
- application_insights_instrumentation_key = data.azurerm_application_insights.application_insights.instrumentation_key
-
- app_settings = merge(
- local.function_cgn.app_settings_common, {
- "AzureWebJobs.ContinueEycaActivation.Disabled" = "1",
- "AzureWebJobs.UpdateExpiredCgn.Disabled" = "1",
- "AzureWebJobs.UpdateExpiredEyca.Disabled" = "1"
- }
- )
-
- sticky_app_setting_names = [
- ]
-
- internal_storage = {
- "enable" = true,
- "private_endpoint_subnet_id" = var.subnet_private_endpoints_id,
- "private_dns_zone_blob_ids" = [data.azurerm_private_dns_zone.privatelink_blob_core.id],
- "private_dns_zone_queue_ids" = [data.azurerm_private_dns_zone.privatelink_queue_core.id],
- "private_dns_zone_table_ids" = [data.azurerm_private_dns_zone.privatelink_table_core.id],
- "queues" = [],
- "containers" = [],
- "blobs_retention_days" = 0,
- }
-
- subnet_id = var.subnet_id
-
- allowed_subnets = [
- var.subnet_id,
- data.azurerm_subnet.snet_backendl1.id,
- data.azurerm_subnet.snet_backendl2.id,
- data.azurerm_subnet.snet_backendli.id,
- data.azurerm_subnet.snet_apim_v2.id,
- data.azurerm_subnet.apim_itn_snet.id,
- ]
-
- tags = var.tags
-}
-
-module "function_cgn_staging_slot" {
- source = "github.com/pagopa/terraform-azurerm-v3//function_app_slot?ref=v7.64.0"
-
- name = "staging"
- location = var.location
- resource_group_name = var.resource_group_name
- function_app_id = module.function_cgn.id
- app_service_plan_id = azurerm_app_service_plan.app_service_plan_cgn_common.id
- health_check_path = "/api/v1/cgn/info"
- health_check_maxpingfailures = 2
-
- storage_account_name = module.function_cgn.storage_account_name
- storage_account_access_key = module.function_cgn.storage_account.primary_access_key
-
- internal_storage_connection_string = module.function_cgn.storage_account_internal_function.primary_connection_string
-
- node_version = "18"
- always_on = "true"
- runtime_version = "~4"
- application_insights_instrumentation_key = data.azurerm_application_insights.application_insights.instrumentation_key
-
- app_settings = merge(
- local.function_cgn.app_settings_common, {
- "AzureWebJobs.ContinueEycaActivation.Disabled" = "1",
- "AzureWebJobs.UpdateExpiredCgn.Disabled" = "1",
- "AzureWebJobs.UpdateExpiredEyca.Disabled" = "1"
- }
- )
-
- subnet_id = var.subnet_id
-
- allowed_subnets = [
- var.subnet_id,
- data.azurerm_subnet.snet_azdoa.id,
- data.azurerm_subnet.snet_backendl1.id,
- data.azurerm_subnet.snet_backendl2.id,
- data.azurerm_subnet.snet_backendli.id,
- data.azurerm_subnet.snet_apim_v2.id,
- data.azurerm_subnet.apim_itn_snet.id,
- ]
-
- tags = var.tags
-}
-
-resource "azurerm_private_endpoint" "function_sites" {
- name = "${var.project}-cgn-fn-pep"
- location = var.location
- resource_group_name = var.resource_group_name
- subnet_id = data.azurerm_subnet.private_endpoints_subnet.id
-
- private_service_connection {
- name = "${var.project}-cgn-fn-pep"
- private_connection_resource_id = module.function_cgn.id
- is_manual_connection = false
- subresource_names = ["sites"]
- }
-
- private_dns_zone_group {
- name = "private-dns-zone-group"
- private_dns_zone_ids = [data.azurerm_private_dns_zone.function_app.id]
- }
-
- tags = var.tags
-}
-
-resource "azurerm_private_endpoint" "staging_function_sites" {
- name = "${var.project}-cgn-fn-staging-pep"
- location = var.location
- resource_group_name = var.resource_group_name
- subnet_id = data.azurerm_subnet.private_endpoints_subnet.id
-
- private_service_connection {
- name = "${var.project}-cgn-fn-pep"
- private_connection_resource_id = module.function_cgn.id
- is_manual_connection = false
- subresource_names = ["sites-${module.function_cgn_staging_slot.name}"]
- }
-
- private_dns_zone_group {
- name = "private-dns-zone-group"
- private_dns_zone_ids = [data.azurerm_private_dns_zone.function_app.id]
- }
-
- tags = var.tags
-}
diff --git a/src/domains/cgn/_modules/functions_apps/function_app_cgn_merchant.tf b/src/domains/cgn/_modules/functions_apps/function_app_cgn_merchant.tf
deleted file mode 100644
index 8af82d513..000000000
--- a/src/domains/cgn/_modules/functions_apps/function_app_cgn_merchant.tf
+++ /dev/null
@@ -1,66 +0,0 @@
-#tfsec:ignore:azure-storage-queue-services-logging-enabled:exp:2022-05-01 # already ignored, maybe a bug in tfsec
-module "function_cgn_merchant" {
- source = "github.com/pagopa/terraform-azurerm-v3//function_app?ref=v7.69.1"
-
- resource_group_name = var.resource_group_name
- name = "${var.project}-cgn-merchant-fn"
- location = var.location
- app_service_plan_id = azurerm_app_service_plan.app_service_plan_cgn_common.id
- health_check_path = "/api/v1/merchant/cgn/info"
- health_check_maxpingfailures = 2
-
- node_version = "18"
- runtime_version = "~4"
-
- always_on = "true"
- application_insights_instrumentation_key = data.azurerm_application_insights.application_insights.instrumentation_key
-
- app_settings = merge(
- local.function_cgn_merchant.app_settings_common,
- )
-
- subnet_id = var.subnet_id
-
- allowed_subnets = [
- var.subnet_id,
- data.azurerm_subnet.snet_apim_v2.id,
- data.azurerm_subnet.apim_itn_snet.id,
- ]
-
- tags = var.tags
-}
-
-module "function_cgn_merchant_staging_slot" {
- source = "github.com/pagopa/terraform-azurerm-v3//function_app_slot?ref=v7.64.0"
-
- name = "staging"
- location = var.location
- resource_group_name = var.resource_group_name
- function_app_id = module.function_cgn_merchant.id
- app_service_plan_id = azurerm_app_service_plan.app_service_plan_cgn_common.id
- health_check_path = "/api/v1/merchant/cgn/info"
- health_check_maxpingfailures = 2
-
- storage_account_name = module.function_cgn_merchant.storage_account_name
- storage_account_access_key = module.function_cgn_merchant.storage_account.primary_access_key
-
- node_version = "18"
- always_on = "true"
- runtime_version = "~4"
- application_insights_instrumentation_key = data.azurerm_application_insights.application_insights.instrumentation_key
-
- app_settings = merge(
- local.function_cgn_merchant.app_settings_common,
- )
-
- subnet_id = var.subnet_id
-
- allowed_subnets = [
- var.subnet_id,
- data.azurerm_subnet.snet_azdoa.id,
- data.azurerm_subnet.snet_apim_v2.id,
- data.azurerm_subnet.apim_itn_snet.id,
- ]
-
- tags = var.tags
-}
diff --git a/src/domains/cgn/_modules/functions_apps/locals.tf b/src/domains/cgn/_modules/functions_apps/locals.tf
deleted file mode 100644
index 454d7226b..000000000
--- a/src/domains/cgn/_modules/functions_apps/locals.tf
+++ /dev/null
@@ -1,102 +0,0 @@
-locals {
-
- resource_group_name_common = "${var.project}-rg-common"
- vnet_name_common = "${var.project}-vnet-common"
-
- function_cgn_merchant = {
- app_settings_common = {
- FUNCTIONS_WORKER_RUNTIME = "node"
- WEBSITE_RUN_FROM_PACKAGE = "1"
- WEBSITE_DNS_SERVER = "168.63.129.16"
- FUNCTIONS_WORKER_PROCESS_COUNT = 4
- NODE_ENV = "production"
-
- COSMOSDB_CGN_URI = var.cosmos_db.endpoint
- COSMOSDB_CGN_KEY = var.cosmos_db.primary_key
- COSMOSDB_CGN_DATABASE_NAME = "db"
- COSMOSDB_CONNECTION_STRING = format("AccountEndpoint=%s;AccountKey=%s;", var.cosmos_db.endpoint, var.cosmos_db.primary_key)
-
- // Keepalive fields are all optionals
- FETCH_KEEPALIVE_ENABLED = "true"
- FETCH_KEEPALIVE_SOCKET_ACTIVE_TTL = "110000"
- FETCH_KEEPALIVE_MAX_SOCKETS = "40"
- FETCH_KEEPALIVE_MAX_FREE_SOCKETS = "10"
- FETCH_KEEPALIVE_FREE_SOCKET_TIMEOUT = "30000"
- FETCH_KEEPALIVE_TIMEOUT = "60000"
-
- # Storage account connection string:
- CGN_STORAGE_CONNECTION_STRING = var.cgn_storage_account_connection_string
-
- // REDIS
- REDIS_URL = var.redis.hostname
- REDIS_PORT = var.redis.ssl_port
- REDIS_PASSWORD = var.redis.primary_access_key
- }
- }
-
- function_cgn = {
-
-
- app_settings_common = {
- FUNCTIONS_WORKER_RUNTIME = "node"
- WEBSITE_RUN_FROM_PACKAGE = "1"
- WEBSITE_DNS_SERVER = "168.63.129.16"
- FUNCTIONS_WORKER_PROCESS_COUNT = 4
- NODE_ENV = "production"
-
- COSMOSDB_CGN_URI = var.cosmos_db.endpoint
- COSMOSDB_CGN_KEY = var.cosmos_db.primary_key
- COSMOSDB_CGN_DATABASE_NAME = "db"
- COSMOSDB_CONNECTION_STRING = format("AccountEndpoint=%s;AccountKey=%s;", var.cosmos_db.endpoint, var.cosmos_db.primary_key)
-
- // Keepalive fields are all optionals
- FETCH_KEEPALIVE_ENABLED = "true"
- FETCH_KEEPALIVE_SOCKET_ACTIVE_TTL = "110000"
- FETCH_KEEPALIVE_MAX_SOCKETS = "40"
- FETCH_KEEPALIVE_MAX_FREE_SOCKETS = "10"
- FETCH_KEEPALIVE_FREE_SOCKET_TIMEOUT = "30000"
- FETCH_KEEPALIVE_TIMEOUT = "60000"
-
- CGN_EXPIRATION_TABLE_NAME = "cardexpiration"
- EYCA_EXPIRATION_TABLE_NAME = "eycacardexpiration"
-
- # Storage account connection string:
- CGN_STORAGE_CONNECTION_STRING = var.cgn_storage_account_connection_string
-
- SERVICES_API_URL = "http://api-app.internal.io.pagopa.it/"
-
- WEBSITE_TIME_ZONE = "Central Europe Standard Time"
- EYCA_API_BASE_URL = "https://ccdb.eyca.org/api"
-
- // REDIS
- REDIS_URL = var.redis.hostname
- REDIS_PORT = var.redis.ssl_port
- REDIS_PASSWORD = var.redis.primary_access_key
-
- OTP_TTL_IN_SECONDS = 600
-
- CGN_UPPER_BOUND_AGE = 36
- EYCA_UPPER_BOUND_AGE = 31
-
- CGN_CARDS_DATA_BACKUP_CONTAINER_NAME = "cgn-legalbackup-blob"
- CGN_CARDS_DATA_BACKUP_FOLDER_NAME = "cgn"
-
- #
- # SECRETS VALUES
- #
- SERVICES_API_KEY = data.azurerm_key_vault_secret.fn_cgn_SERVICES_API_KEY.value
- EYCA_API_USERNAME = data.azurerm_key_vault_secret.fn_cgn_EYCA_API_USERNAME.value
- EYCA_API_PASSWORD = data.azurerm_key_vault_secret.fn_cgn_EYCA_API_PASSWORD.value
- CGN_SERVICE_ID = data.azurerm_key_vault_secret.fn_cgn_CGN_SERVICE_ID.value
- CGN_DATA_BACKUP_CONNECTION = data.azurerm_key_vault_secret.fn_cgn_CGN_DATA_BACKUP_CONNECTION.value
- }
- }
-}
-
-# Region ITN
-locals {
- itn_location_short = "itn"
-
- vnet_common_name_itn = "${var.project}-${local.itn_location_short}-common-vnet-01"
- vnet_common_resource_group_name_itn = "${var.project}-${local.itn_location_short}-common-rg-01"
-}
diff --git a/src/domains/cgn/_modules/functions_apps/main.tf b/src/domains/cgn/_modules/functions_apps/main.tf
deleted file mode 100644
index fe3796d05..000000000
--- a/src/domains/cgn/_modules/functions_apps/main.tf
+++ /dev/null
@@ -1,8 +0,0 @@
-terraform {
-
- required_providers {
- azurerm = {
- source = "hashicorp/azurerm"
- }
- }
-}
diff --git a/src/domains/cgn/_modules/functions_apps/outputs.tf b/src/domains/cgn/_modules/functions_apps/outputs.tf
deleted file mode 100644
index daf8ab7ce..000000000
--- a/src/domains/cgn/_modules/functions_apps/outputs.tf
+++ /dev/null
@@ -1,23 +0,0 @@
-output "app_service_plan_common" {
- value = {
- id = azurerm_app_service_plan.app_service_plan_cgn_common.id
- name = azurerm_app_service_plan.app_service_plan_cgn_common.name
- location = azurerm_app_service_plan.app_service_plan_cgn_common.location
- }
-}
-
-output "function_app_cgn_merchant" {
- value = {
- id = module.function_cgn_merchant.id
- name = module.function_cgn_merchant.name
- hostname = module.function_cgn_merchant.default_hostname
- }
-}
-
-output "function_app_cgn" {
- value = {
- id = module.function_cgn.id
- name = module.function_cgn.name
- hostname = module.function_cgn.default_hostname
- }
-}
diff --git a/src/domains/cgn/_modules/functions_apps/variables.tf b/src/domains/cgn/_modules/functions_apps/variables.tf
deleted file mode 100644
index 97fd8fe23..000000000
--- a/src/domains/cgn/_modules/functions_apps/variables.tf
+++ /dev/null
@@ -1,56 +0,0 @@
-variable "project" {
- type = string
- description = "IO prefix and short environment"
-}
-
-variable "location" {
- type = string
- description = "Azure region"
-}
-
-variable "tags" {
- type = map(any)
- description = "Resource tags"
-}
-
-variable "resource_group_name" {
- type = string
- description = "Name of the resource group where resources will be created"
-}
-
-variable "subnet_id" {
- type = string
- description = "Id of the subnet to use for Function Apps"
-}
-
-variable "subnet_private_endpoints_id" {
- type = string
- description = "Id of the subnet which holds private endpoints"
-}
-
-variable "cosmos_db" {
- type = object({
- endpoint = string
- primary_key = string
- })
-
- sensitive = true
- description = "Cosmos Account endpoint and primary key that Function Apps must use"
-}
-
-variable "cgn_storage_account_connection_string" {
- type = string
- sensitive = true
- description = "CGN Storage Account blob connection string"
-}
-
-variable "redis" {
- type = object({
- hostname = string
- ssl_port = string
- primary_access_key = string
- })
-
- sensitive = true
- description = "Redis hostname, port and access key that Function Apps must use"
-}
diff --git a/src/domains/cgn/_modules/redis/data.tf b/src/domains/cgn/_modules/redis/data.tf
deleted file mode 100644
index 143eed7e5..000000000
--- a/src/domains/cgn/_modules/redis/data.tf
+++ /dev/null
@@ -1,4 +0,0 @@
-data "azurerm_private_dns_zone" "privatelink_redis_cache" {
- name = "privatelink.redis.cache.windows.net"
- resource_group_name = "${var.project}-rg-common"
-}
diff --git a/src/domains/cgn/_modules/redis/main.tf b/src/domains/cgn/_modules/redis/main.tf
deleted file mode 100644
index fe3796d05..000000000
--- a/src/domains/cgn/_modules/redis/main.tf
+++ /dev/null
@@ -1,8 +0,0 @@
-terraform {
-
- required_providers {
- azurerm = {
- source = "hashicorp/azurerm"
- }
- }
-}
diff --git a/src/domains/cgn/_modules/redis/outputs.tf b/src/domains/cgn/_modules/redis/outputs.tf
deleted file mode 100644
index 90667c3ba..000000000
--- a/src/domains/cgn/_modules/redis/outputs.tf
+++ /dev/null
@@ -1,15 +0,0 @@
-output "redis_cgn" {
- value = {
- id = module.redis_cgn.id
- name = module.redis_cgn.name
- resource_group_name = module.redis_cgn.resource_group_name
- location = module.redis_cgn.location
- hostname = module.redis_cgn.hostname
- ssl_port = module.redis_cgn.ssl_port
- }
-}
-
-output "redis_cgn_primary_access_key" {
- value = module.redis_cgn.primary_access_key
- sensitive = true
-}
diff --git a/src/domains/cgn/_modules/redis/redis_cgn.tf b/src/domains/cgn/_modules/redis/redis_cgn.tf
deleted file mode 100644
index b3ac443e9..000000000
--- a/src/domains/cgn/_modules/redis/redis_cgn.tf
+++ /dev/null
@@ -1,46 +0,0 @@
-module "redis_cgn" {
- source = "github.com/pagopa/terraform-azurerm-v3//redis_cache?ref=v7.64.0"
-
- name = "${var.project}-redis-cgn-std"
- resource_group_name = var.resource_group_name
- location = var.location
-
- capacity = 1
- family = "C"
- sku_name = "Standard"
- enable_authentication = true
- zones = null
- redis_version = "6"
-
- // when azure can apply patch?
- patch_schedules = [{
- day_of_week = "Sunday"
- start_hour_utc = 23
- },
- {
- day_of_week = "Monday"
- start_hour_utc = 23
- },
- {
- day_of_week = "Tuesday"
- start_hour_utc = 23
- },
- {
- day_of_week = "Wednesday"
- start_hour_utc = 23
- },
- {
- day_of_week = "Thursday"
- start_hour_utc = 23
- },
- ]
-
- private_endpoint = {
- enabled = true
- virtual_network_id = var.vnet_redis_id
- subnet_id = var.subnet_redis_id
- private_dns_zone_ids = [data.azurerm_private_dns_zone.privatelink_redis_cache.id]
- }
-
- tags = var.tags
-}
diff --git a/src/domains/cgn/_modules/redis/variables.tf b/src/domains/cgn/_modules/redis/variables.tf
deleted file mode 100644
index d5e17e769..000000000
--- a/src/domains/cgn/_modules/redis/variables.tf
+++ /dev/null
@@ -1,29 +0,0 @@
-variable "project" {
- type = string
- description = "IO prefix and short environment"
-}
-
-variable "tags" {
- type = map(any)
- description = "Resource tags"
-}
-
-variable "location" {
- type = string
- description = "Azure region"
-}
-
-variable "resource_group_name" {
- type = string
- description = "Name of the resource group where resources will be created"
-}
-
-variable "subnet_redis_id" {
- type = string
- description = "Id of the subnet to use for Redis"
-}
-
-variable "vnet_redis_id" {
- type = string
- description = "Id of the vnet to use for Redis"
-}
diff --git a/src/domains/cgn/prod/README.md b/src/domains/cgn/prod/README.md
index bcbd881dd..1a1b07ec2 100644
--- a/src/domains/cgn/prod/README.md
+++ b/src/domains/cgn/prod/README.md
@@ -17,9 +17,7 @@ No providers.
| [apim](#module\_apim) | ../_modules/apim | n/a |
| [apim\_itn](#module\_apim\_itn) | ../_modules/apim | n/a |
| [cosmos](#module\_cosmos) | ../_modules/cosmos | n/a |
-| [functions](#module\_functions) | ../_modules/functions_apps | n/a |
| [networking](#module\_networking) | ../_modules/networking | n/a |
-| [redis](#module\_redis) | ../_modules/redis | n/a |
| [resource\_groups](#module\_resource\_groups) | ../_modules/resource_groups | n/a |
| [storage\_accounts](#module\_storage\_accounts) | ../_modules/storage_accounts | n/a |
@@ -36,9 +34,6 @@ No inputs.
| Name | Description |
|------|-------------|
| [cosmos\_cgn](#output\_cosmos\_cgn) | n/a |
-| [function\_app\_cgn](#output\_function\_app\_cgn) | n/a |
-| [function\_app\_cgn\_merchant](#output\_function\_app\_cgn\_merchant) | n/a |
-| [redis](#output\_redis) | n/a |
| [resource\_group\_cgn](#output\_resource\_group\_cgn) | n/a |
| [resource\_group\_cgn\_be](#output\_resource\_group\_cgn\_be) | n/a |
| [storage\_account\_cgn](#output\_storage\_account\_cgn) | n/a |
diff --git a/src/domains/cgn/prod/apim.tf b/src/domains/cgn/prod/apim.tf
index 0afcb71b8..5c0a7b2c0 100644
--- a/src/domains/cgn/prod/apim.tf
+++ b/src/domains/cgn/prod/apim.tf
@@ -1,9 +1,8 @@
module "apim" {
source = "../_modules/apim"
- project = local.project
- env_short = local.env_short
- function_cgn_merchant_hostname = module.functions.function_app_cgn_merchant.hostname
+ project = local.project
+ env_short = local.env_short
apim = {
name = local.apim_v2_name
resource_group_name = local.apim_resource_group_name
@@ -15,9 +14,8 @@ module "apim" {
module "apim_itn" {
source = "../_modules/apim"
- project = local.project
- env_short = local.env_short
- function_cgn_merchant_hostname = module.functions.function_app_cgn_merchant.hostname
+ project = local.project
+ env_short = local.env_short
apim = {
name = local.apim_itn_name
resource_group_name = local.apim_itn_resource_group_name
diff --git a/src/domains/cgn/prod/cosmos.tf b/src/domains/cgn/prod/cosmos.tf
index 9b5bd8e49..234c7dcb2 100644
--- a/src/domains/cgn/prod/cosmos.tf
+++ b/src/domains/cgn/prod/cosmos.tf
@@ -2,8 +2,8 @@ module "cosmos" {
source = "../_modules/cosmos"
project = local.project
- location = "italynorth"
- secondary_location = "spaincentral"
+ location = "westeurope"
+ secondary_locations = ["italynorth", "spaincentral"]
resource_group_name = module.resource_groups.resource_group_cgn.name
private_endpoint_subnet_id = module.networking.subnet_pendpoints.id
diff --git a/src/domains/cgn/prod/functions_apps.tf b/src/domains/cgn/prod/functions_apps.tf
deleted file mode 100644
index acef1cb6e..000000000
--- a/src/domains/cgn/prod/functions_apps.tf
+++ /dev/null
@@ -1,25 +0,0 @@
-module "functions" {
- source = "../_modules/functions_apps"
-
- project = local.project
- location = local.location
- resource_group_name = module.resource_groups.resource_group_cgn_be.name
-
- subnet_id = module.networking.subnet_cgn.id
- subnet_private_endpoints_id = module.networking.subnet_pendpoints.id
-
- cosmos_db = {
- endpoint = module.cosmos.cosmos_account_cgn_endpoint
- primary_key = module.cosmos.cosmos_account_cgn_primary_key
- }
-
- redis = {
- hostname = module.redis.redis_cgn.hostname
- ssl_port = module.redis.redis_cgn.ssl_port
- primary_access_key = module.redis.redis_cgn_primary_access_key
- }
-
- cgn_storage_account_connection_string = module.storage_accounts.storage_account_cgn_primary_connection_string
-
- tags = local.tags
-}
diff --git a/src/domains/cgn/prod/outputs.tf b/src/domains/cgn/prod/outputs.tf
index 2e631704e..40b3341d3 100644
--- a/src/domains/cgn/prod/outputs.tf
+++ b/src/domains/cgn/prod/outputs.tf
@@ -19,27 +19,6 @@ output "cosmos_cgn" {
}
}
-output "function_app_cgn" {
- value = {
- id = module.functions.function_app_cgn.id
- name = module.functions.function_app_cgn.name
- }
-}
-
-output "function_app_cgn_merchant" {
- value = {
- id = module.functions.function_app_cgn_merchant.id
- name = module.functions.function_app_cgn_merchant.name
- }
-}
-
-output "redis" {
- value = {
- id = module.redis.redis_cgn.id
- name = module.redis.redis_cgn.name
- }
-}
-
output "storage_account_cgn" {
value = {
id = module.storage_accounts.storage_account_cgn.id
diff --git a/src/domains/cgn/prod/redis.tf b/src/domains/cgn/prod/redis.tf
deleted file mode 100644
index 30d13881d..000000000
--- a/src/domains/cgn/prod/redis.tf
+++ /dev/null
@@ -1,12 +0,0 @@
-module "redis" {
- source = "../_modules/redis"
-
- project = local.project
- location = local.location
- resource_group_name = module.resource_groups.resource_group_cgn.name
-
- vnet_redis_id = module.networking.vnet_common.id
- subnet_redis_id = module.networking.subnet_redis.id
-
- tags = local.tags
-}