Merge pull request #1 from data-platform-hq/add-module

kharkevich · web-flow · commit e4e9e5201e34 · 2022-10-18T18:16:43.000-04:00
feat: add module
diff --git a/README.md b/README.md
@@ -1,12 +1,60 @@
-# Azure <> Terraform module
-Terraform module for creation Azure <>
+# Azure Linux Web App Terraform module
+Terraform module for creation Azure Linux Web App
 
 ## Usage
 
 <!-- BEGIN_TF_DOCS -->
+## Requirements
 
+| Name | Version |
+|------|---------|
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0.0 |
+| <a name="requirement_azurerm"></a> [azurerm](#requirement\_azurerm) | >= 3.23.0 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_azurerm"></a> [azurerm](#provider\_azurerm) | 3.27.0 |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_app_service_virtual_network_swift_connection.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service_virtual_network_swift_connection) | resource |
+| [azurerm_application_insights.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/application_insights) | resource |
+| [azurerm_linux_web_app.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_web_app) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_app_settings"></a> [app\_settings](#input\_app\_settings) | Application setting | `map(string)` | `{}` | no |
+| <a name="input_application_type"></a> [application\_type](#input\_application\_type) | Application type (java, python, etc) | `string` | `"java"` | no |
+| <a name="input_env"></a> [env](#input\_env) | Environment | `string` | n/a | yes |
+| <a name="input_ip_restriction"></a> [ip\_restriction](#input\_ip\_restriction) | Firewall settings for the function app | <pre>list(object({<br>    name                      = string<br>    ip_address                = string<br>    service_tag               = string<br>    virtual_network_subnet_id = string<br>    priority                  = string<br>    action                    = string<br>    headers = list(object({<br>      x_azure_fdid      = list(string)<br>      x_fd_health_probe = list(string)<br>      x_forwarded_for   = list(string)<br>      x_forwarded_host  = list(string)<br>    }))<br>  }))</pre> | <pre>[<br>  {<br>    "action": "Allow",<br>    "headers": null,<br>    "ip_address": null,<br>    "name": "allow_azure",<br>    "priority": "100",<br>    "service_tag": "AzureCloud",<br>    "virtual_network_subnet_id": null<br>  }<br>]</pre> | no |
+| <a name="input_java_version"></a> [java\_version](#input\_java\_version) | Java version | `string` | `"8"` | no |
+| <a name="input_location"></a> [location](#input\_location) | Location | `string` | n/a | yes |
+| <a name="input_name"></a> [name](#input\_name) | Function index/name (like 007) | `string` | n/a | yes |
+| <a name="input_project"></a> [project](#input\_project) | Project name | `string` | n/a | yes |
+| <a name="input_resource_group"></a> [resource\_group](#input\_resource\_group) | Resource group name | `string` | n/a | yes |
+| <a name="input_service_plan_id"></a> [service\_plan\_id](#input\_service\_plan\_id) | App Service plan ID | `string` | n/a | yes |
+| <a name="input_subnet_id"></a> [subnet\_id](#input\_subnet\_id) | Subnet ID for the function app | `string` | `null` | no |
+| <a name="input_tags"></a> [tags](#input\_tags) | Tags | `map(string)` | n/a | yes |
+| <a name="input_use_private_net"></a> [use\_private\_net](#input\_use\_private\_net) | Use private network injection | `bool` | `false` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_id"></a> [id](#output\_id) | Linux Web App ID |
+| <a name="output_identity"></a> [identity](#output\_identity) | Function app Managed Identity |
 <!-- END_TF_DOCS -->
 
 ## License
 
-Apache 2 Licensed. For more information please see [LICENSE](https://github.com/data-platform-hq/terraform-azurerm<>/tree/master/LICENSE)
+Apache 2 Licensed. For more information please see [LICENSE](https://github.com/data-platform-hq/terraform-azurerm-linux-web-app/tree/main/LICENSE)
diff --git a/main.tf b/main.tf
@@ -0,0 +1,53 @@
+resource "azurerm_application_insights" "this" {
+  name                = "fn-${var.project}-${var.env}-${var.location}-${var.name}"
+  location            = var.location
+  resource_group_name = var.resource_group
+  application_type    = var.application_type
+  tags                = var.tags
+}
+
+locals {
+  app_settings = {
+    WEBSITES_ENABLE_APP_SERVICE_STORAGE = "true"
+    WEBSITE_ENABLE_SYNC_UPDATE_SITE     = "true"
+    JAVA_OPTS                           = "-Dlog4j2.formatMsgNoLookups=true"
+    LOG4J_FORMAT_MSG_NO_LOOKUPS         = "true"
+    WEBSITE_USE_PLACEHOLDER             = "0"
+    AZURE_LOG_LEVEL                     = "info"
+    APPINSIGHTS_INSTRUMENTATIONKEY      = azurerm_application_insights.this.instrumentation_key
+  }
+}
+
+resource "azurerm_linux_web_app" "this" {
+  depends_on          = [azurerm_application_insights.this]
+  name                = "web-${var.project}-${var.env}-${var.location}-${var.name}"
+  location            = var.location
+  resource_group_name = var.resource_group
+  service_plan_id     = var.service_plan_id
+  https_only          = true
+  enabled             = true
+  tags                = var.tags
+  app_settings        = merge(local.app_settings, var.app_settings)
+
+  identity {
+    type = "SystemAssigned"
+  }
+  site_config {
+    always_on          = true
+    ftps_state         = "Disabled"
+    http2_enabled      = true
+    websockets_enabled = false
+    use_32_bit_worker  = false
+    ip_restriction     = var.ip_restriction
+    scm_ip_restriction = var.ip_restriction
+    application_stack {
+      java_version = var.java_version
+    }
+  }
+}
+
+resource "azurerm_app_service_virtual_network_swift_connection" "this" {
+  count          = var.use_private_net == null ? 0 : 1
+  app_service_id = azurerm_linux_web_app.this.id
+  subnet_id      = var.subnet_id
+}
diff --git a/outputs.tf b/outputs.tf
@@ -0,0 +1,9 @@
+output "id" {
+  value       = azurerm_linux_web_app.this.id
+  description = "Linux Web App ID"
+}
+
+output "identity" {
+  value       = azurerm_linux_web_app.this.identity.*
+  description = "Function app Managed Identity"
+}
diff --git a/variables.tf b/variables.tf
@@ -0,0 +1,94 @@
+variable "project" {
+  type        = string
+  description = "Project name"
+}
+
+variable "env" {
+  type        = string
+  description = "Environment"
+}
+
+variable "location" {
+  type        = string
+  description = "Location"
+}
+
+variable "tags" {
+  type        = map(string)
+  description = "Tags"
+}
+
+variable "resource_group" {
+  type        = string
+  description = "Resource group name"
+}
+
+
+variable "service_plan_id" {
+  type        = string
+  description = "App Service plan ID"
+}
+
+variable "name" {
+  type        = string
+  description = "Function index/name (like 007)"
+}
+
+variable "application_type" {
+  type        = string
+  description = "Application type (java, python, etc)"
+  default     = "java"
+}
+
+variable "java_version" {
+  type        = string
+  description = "Java version"
+  default     = "8"
+}
+
+variable "ip_restriction" {
+  description = "Firewall settings for the function app"
+  type = list(object({
+    name                      = string
+    ip_address                = string
+    service_tag               = string
+    virtual_network_subnet_id = string
+    priority                  = string
+    action                    = string
+    headers = list(object({
+      x_azure_fdid      = list(string)
+      x_fd_health_probe = list(string)
+      x_forwarded_for   = list(string)
+      x_forwarded_host  = list(string)
+    }))
+  }))
+  default = [
+    {
+      name                      = "allow_azure"
+      ip_address                = null
+      service_tag               = "AzureCloud"
+      virtual_network_subnet_id = null
+      priority                  = "100"
+      action                    = "Allow"
+      headers                   = null
+    }
+  ]
+}
+
+variable "app_settings" {
+  type        = map(string)
+  default     = {}
+  description = "Application setting"
+}
+
+variable "subnet_id" {
+  type        = string
+  description = "Subnet ID for the function app"
+  default     = null
+}
+
+variable "use_private_net" {
+  type        = bool
+  description = "Use private network injection"
+  default     = false
+}
diff --git a/versions.tf b/versions.tf
@@ -0,0 +1,10 @@
+terraform {
+  required_version = ">= 1.0.0"
+
+  required_providers {
+    azurerm = {
+      source  = "hashicorp/azurerm"
+      version = ">= 3.23.0"
+    }
+  }
+}
