fix(azure-tf): use unique stack id instead of stack_name variable (#795)

helps fix tag lookup issues and improve readability

Author: davemooreuws

cloud/azure/deploytf/.nitric/modules/bucket/variables.tf

@@ -3,11 +3,6 @@ variable "name" {
   type        = string
 }
 
-variable "stack_name" {
-  description = "The name of the stack"
-  type        = string
-}
-
 variable "storage_account_id" {
   description = "The id of the storage account"
   type        = string

cloud/azure/deploytf/.nitric/modules/cdn/main.tf

@@ -1,14 +1,14 @@
 locals {
-  endpoint_name               = "${var.stack_name}-cdn"
-  default_origin_group_name   = "${var.stack_name}-default-origin-group"
-  default_origin_name         = "${var.stack_name}-default-origin"
+  endpoint_name               = "${var.stack_id}-cdn"
+  default_origin_group_name   = "${var.stack_id}-default-origin-group"
+  default_origin_name         = "${var.stack_id}-default-origin"
 
   changed_path_md5_hashes     = join("", sort(values(var.uploaded_files)))
 }
 
 # Create the CDN profile for the website
 resource "azurerm_cdn_frontdoor_profile" "cdn_profile" {
-  name                = "${var.stack_name}-cdn-profile"
+  name                = "${var.stack_id}-cdn-profile"
   resource_group_name = var.resource_group_name
   sku_name            = "Standard_AzureFrontDoor"
 }
@@ -126,7 +126,7 @@ resource "azurerm_cdn_frontdoor_rule_set" "api_ruleset" {
 
 # Create the CDN route
 resource "azurerm_cdn_frontdoor_route" "main_route" {
-  name                       = "${var.stack_name}-main-route"
+  name                       = "${var.stack_id}-main-route"
   cdn_frontdoor_endpoint_id =  azurerm_cdn_frontdoor_endpoint.cdn_endpoint.id
   cdn_frontdoor_origin_group_id = azurerm_cdn_frontdoor_origin_group.default_origin_group.id
   cdn_frontdoor_origin_ids = [

cloud/azure/deploytf/.nitric/modules/cdn/variables.tf

@@ -1,5 +1,5 @@
-variable "stack_name" {
-  description = "The name of the stack"
+variable "stack_id" {
+  description = "The id of the stack"
   type        = string
 }
 

cloud/azure/deploytf/.nitric/modules/cdn_subsites/main.tf

@@ -1,6 +1,6 @@
 locals {
-  subsite_origin_group_name = "${var.stack_name}-${var.name}-origin-group"
-  subsite_origin_name       = "${var.stack_name}-${var.name}-origin"
+  subsite_origin_group_name = "${var.stack_id}-${var.name}-origin-group"
+  subsite_origin_name       = "${var.stack_id}-${var.name}-origin"
   subsite_rule_name         = "subsiterule${var.name}"
 }
 

cloud/azure/deploytf/.nitric/modules/cdn_subsites/variables.tf

@@ -8,8 +8,8 @@ variable "base_path" {
   type        = string
 }
 
-variable "stack_name" {
-  description = "The name of the stack"
+variable "stack_id" {
+  description = "The id of the stack"
   type        = string
 }
 

cloud/azure/deploytf/.nitric/modules/roles/main.tf

@@ -2,7 +2,7 @@ data "azurerm_subscription" "current" {}
 
 resource "azurerm_role_definition" "nitric_role_kv_read" {
   description = "keyvalue read access"
-  name        = "${var.stack_name}-KeyValueStoreRead"
+  name        = "${var.stack_id}-KeyValueStoreRead"
   scope       = "/subscriptions/${data.azurerm_subscription.current.subscription_id}/resourceGroups/${var.resource_group_name}"
 
   permissions {
@@ -18,7 +18,7 @@ resource "azurerm_role_definition" "nitric_role_kv_read" {
 
 resource "azurerm_role_definition" "nitric_role_kv_write" {
   description = "nitric keyvalue write access"
-  name        = "${var.stack_name}-KeyValueStoreWrite"
+  name        = "${var.stack_id}-KeyValueStoreWrite"
   scope       = "/subscriptions/${data.azurerm_subscription.current.subscription_id}/resourceGroups/${var.resource_group_name}"
 
   permissions {
@@ -35,7 +35,7 @@ resource "azurerm_role_definition" "nitric_role_kv_write" {
 
 resource "azurerm_role_definition" "nitric_role_kv_delete" {
   description = "nitric keyvalue delete access"
-  name        = "${var.stack_name}-KeyValueStoreDelete"
+  name        = "${var.stack_id}-KeyValueStoreDelete"
   scope       = "/subscriptions/${data.azurerm_subscription.current.subscription_id}/resourceGroups/${var.resource_group_name}"
 
   permissions {
@@ -51,7 +51,7 @@ resource "azurerm_role_definition" "nitric_role_kv_delete" {
 
 resource "azurerm_role_definition" "nitric_role_queue_enqueue" {
   description = "nitric queue enqueue access"
-  name        = "${var.stack_name}-QueueEnqueue"
+  name        = "${var.stack_id}-QueueEnqueue"
   scope       = "/subscriptions/${data.azurerm_subscription.current.subscription_id}/resourceGroups/${var.resource_group_name}"
 
   permissions {
@@ -69,7 +69,7 @@ resource "azurerm_role_definition" "nitric_role_queue_enqueue" {
 
 resource "azurerm_role_definition" "nitric_role_queue_dequeue" {
   description = "nitric queue dequeue access"
-  name        = "${var.stack_name}-QueueDequeue"
+  name        = "${var.stack_id}-QueueDequeue"
   scope       = "/subscriptions/${data.azurerm_subscription.current.subscription_id}/resourceGroups/${var.resource_group_name}"
 
   permissions {
@@ -88,7 +88,7 @@ resource "azurerm_role_definition" "nitric_role_queue_dequeue" {
 
 resource "azurerm_role_definition" "nitric_role_allow_user_delegation_key_generation" {
   description = "Allow user delegation key generation, enabling actions such as pre-signed file access URLs"
-  name        = "${var.stack_name}-AllowUserDelegationKeyGeneration"
+  name        = "${var.stack_id}-AllowUserDelegationKeyGeneration"
   scope       = "/subscriptions/${data.azurerm_subscription.current.subscription_id}/resourceGroups/${var.resource_group_name}"
 
   permissions {
@@ -104,7 +104,7 @@ resource "azurerm_role_definition" "nitric_role_allow_user_delegation_key_genera
 
 resource "azurerm_role_definition" "nitric_role_bucket_file_get" {
   description = "nitric bucket file get access"
-  name        = "${var.stack_name}-BucketFileGet"
+  name        = "${var.stack_id}-BucketFileGet"
   scope       = "/subscriptions/${data.azurerm_subscription.current.subscription_id}/resourceGroups/${var.resource_group_name}"
 
   permissions {
@@ -122,7 +122,7 @@ resource "azurerm_role_definition" "nitric_role_bucket_file_get" {
 
 resource "azurerm_role_definition" "nitric_role_bucket_file_put" {
   description = "nitric bucket file put access"
-  name        = "${var.stack_name}-BucketFilePut"
+  name        = "${var.stack_id}-BucketFilePut"
   scope       = "/subscriptions/${data.azurerm_subscription.current.subscription_id}/resourceGroups/${var.resource_group_name}"
 
   permissions {
@@ -138,7 +138,7 @@ resource "azurerm_role_definition" "nitric_role_bucket_file_put" {
 
 resource "azurerm_role_definition" "nitric_role_bucket_file_delete" {
   description = "nitric bucket file delete access"
-  name        = "${var.stack_name}-BucketFileDelete"
+  name        = "${var.stack_id}-BucketFileDelete"
   scope       = "/subscriptions/${data.azurerm_subscription.current.subscription_id}/resourceGroups/${var.resource_group_name}"
 
   permissions {
@@ -154,7 +154,7 @@ resource "azurerm_role_definition" "nitric_role_bucket_file_delete" {
 
 resource "azurerm_role_definition" "nitric_role_bucket_file_list" {
   description = "nitric bucket file list access"
-  name        = "${var.stack_name}-BucketFileList"
+  name        = "${var.stack_id}-BucketFileList"
   scope       = "/subscriptions/${data.azurerm_subscription.current.subscription_id}/resourceGroups/${var.resource_group_name}"
 
   permissions {
@@ -170,7 +170,7 @@ resource "azurerm_role_definition" "nitric_role_bucket_file_list" {
 
 resource "azurerm_role_definition" "nitric_role_topic_publish" {
   description = "nitric topic publish access"
-  name        = "${var.stack_name}-TopicPublish"
+  name        = "${var.stack_id}-TopicPublish"
   scope       = "/subscriptions/${data.azurerm_subscription.current.subscription_id}/resourceGroups/${var.resource_group_name}"
 
   permissions {
@@ -189,7 +189,7 @@ resource "azurerm_role_definition" "nitric_role_topic_publish" {
 
 resource "azurerm_role_definition" "nitric_role_secret_access" {
   description = "nitric secret access access"
-  name        = "${var.stack_name}-SecretAccess"
+  name        = "${var.stack_id}-SecretAccess"
   scope       = "/subscriptions/${data.azurerm_subscription.current.subscription_id}/resourceGroups/${var.resource_group_name}"
 
   permissions {
@@ -205,7 +205,7 @@ resource "azurerm_role_definition" "nitric_role_secret_access" {
 
 resource "azurerm_role_definition" "nitric_role_secret_put" {
   description = "nitric secret put access"
-  name        = "${var.stack_name}-SecretPut"
+  name        = "${var.stack_id}-SecretPut"
   scope       = "/subscriptions/${data.azurerm_subscription.current.subscription_id}/resourceGroups/${var.resource_group_name}"
 
   permissions {

cloud/azure/deploytf/.nitric/modules/roles/variables.tf

@@ -3,7 +3,7 @@ variable "resource_group_name" {
   description = "The name of the resource group"
 }
 
-variable "stack_name" {
+variable "stack_id" {
   type = string
-  description = "The name of the stack"
+  description = "The id of the stack"
 }

cloud/azure/deploytf/.nitric/modules/service/main.tf

@@ -17,7 +17,7 @@ terraform {
 # }
 
 locals {
-  remote_image_name = "${var.registry_login_server}/${var.stack_name}-${var.name}"
+  remote_image_name = "${var.registry_login_server}/${var.stack_id}-${var.name}"
 }
 
 # Tag the provided docker image with the ECR repository url
@@ -45,7 +45,7 @@ data "azurerm_client_config" "current" {}
 
 locals {
   app_role_id    = "4962773b-9cdb-44cf-a8bf-237846a00ab7"
-  repository_url = "${var.registry_login_server}/${var.stack_name}-${var.name}"
+  repository_url = "${var.registry_login_server}/${var.stack_id}-${var.name}"
   role_definitions = {
     "TagContributor" = "4a9ae827-6dc8-4573-8ac7-8239d42aa03f"
   }
@@ -168,7 +168,7 @@ resource "azurerm_container_app" "container_app" {
 
       env {
         name  = "NITRIC_STACK_ID"
-        value = var.stack_name
+        value = var.stack_id
       }
 
       env {

cloud/azure/deploytf/.nitric/modules/service/variables.tf

@@ -3,8 +3,8 @@ variable "name" {
   type        = string
 }
 
-variable "stack_name" {
-  description = "The name of the stack"
+variable "stack_id" {
+  description = "The id of the stack"
   type        = string
 }
 

cloud/azure/deploytf/.nitric/modules/sql/main.tf

@@ -18,7 +18,7 @@ resource "azurerm_postgresql_flexible_server_database" "db" {
 locals {
   count = var.migration_image_uri != "" ? 1 : 0
 
-  remote_image_name = "${var.image_registry_server}/${var.stack_name}-${var.name}:latest"
+  remote_image_name = "${var.image_registry_server}/${var.stack_id}-${var.name}:latest"
 
   db_url = "postgres://nitric:${var.database_master_password}@${var.database_server_fqdn}:5432/${var.name}"
 }
@@ -66,7 +66,7 @@ resource "azurerm_container_group" "migration" {
   container {
     name   = "${var.name}-migration"
     # point to the pushed image sha256 digest to ensure container is updated when image changes
-    image  = "${var.image_registry_server}/${var.stack_name}-${var.name}@${docker_registry_image.push[count.index].sha256_digest}"
+    image  = "${var.image_registry_server}/${var.stack_id}-${var.name}@${docker_registry_image.push[count.index].sha256_digest}"
     cpu    = 1
     memory = 1