From 3d74197ce08f48089c2d0243ec8cf03324d9f933 Mon Sep 17 00:00:00 2001
From: Marco Mari <130982006+mamari90@users.noreply.github.com>
Date: Tue, 28 May 2024 17:13:57 +0200
Subject: [PATCH] feat: Added redis secrets (#2086)

added redis secrets
---
 src/domains/mock-common/02_security.tf  | 31 +++++++++++++++++++++++++
 src/domains/mock-common/99_variables.tf |  7 ++++++
 src/domains/mock-common/README.md       |  5 ++++
 3 files changed, 43 insertions(+)

diff --git a/src/domains/mock-common/02_security.tf b/src/domains/mock-common/02_security.tf
index 33b2209d53..2af13ed83f 100644
--- a/src/domains/mock-common/02_security.tf
+++ b/src/domains/mock-common/02_security.tf
@@ -1,3 +1,15 @@
+data "azurerm_redis_cache" "redis_cache" {
+  name                = "${var.prefix}-${var.env_short}-redis"
+  resource_group_name = "${var.prefix}-${var.env_short}-data-rg"
+}
+
+data "azurerm_redis_cache" "redis_cache_ha" {
+  count               = var.redis_ha_enabled ? 1 : 0
+  name                = "${var.prefix}-${var.env_short}-${var.location_short}-redis"
+  resource_group_name = "${var.prefix}-${var.env_short}-data-rg"
+}
+
+
 resource "azurerm_resource_group" "sec_rg" {
   name     = "${local.product}-${var.domain}-sec-rg"
   location = var.location
@@ -80,3 +92,22 @@ resource "azurerm_key_vault_secret" "mocker_cosmosdb_connection_string" {
 
   key_vault_id = module.key_vault.id
 }
+
+resource "azurerm_key_vault_secret" "redis_password" {
+  name  = "redis-password"
+  value = var.redis_ha_enabled ? data.azurerm_redis_cache.redis_cache_ha[0].primary_access_key : data.azurerm_redis_cache.redis_cache.primary_access_key
+
+  content_type = "text/plain"
+
+  key_vault_id = module.key_vault.id
+}
+
+
+resource "azurerm_key_vault_secret" "redis_hostname" {
+  name  = "redis-hostname"
+  value = var.redis_ha_enabled ? data.azurerm_redis_cache.redis_cache_ha[0].hostname : data.azurerm_redis_cache.redis_cache.hostname
+
+  content_type = "text/plain"
+
+  key_vault_id = module.key_vault.id
+}
diff --git a/src/domains/mock-common/99_variables.tf b/src/domains/mock-common/99_variables.tf
index 68ffaf750a..f3dd502e1f 100644
--- a/src/domains/mock-common/99_variables.tf
+++ b/src/domains/mock-common/99_variables.tf
@@ -235,3 +235,10 @@ variable "cosmosdb_mongodb_max_throughput" {
   default     = 5000
 }
 
+
+variable "redis_ha_enabled" {
+  type        = bool
+  description = "(Required) If true, enables the usage of HA redis instance"
+  default     = false
+}
+
diff --git a/src/domains/mock-common/README.md b/src/domains/mock-common/README.md
index 34c38e16ab..eef764ac70 100644
--- a/src/domains/mock-common/README.md
+++ b/src/domains/mock-common/README.md
@@ -35,6 +35,8 @@
 | [azurerm_key_vault_access_policy.azdevops_iac_policy](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_access_policy) | resource |
 | [azurerm_key_vault_secret.ai_connection_string](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret) | resource |
 | [azurerm_key_vault_secret.mocker_cosmosdb_connection_string](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret) | resource |
+| [azurerm_key_vault_secret.redis_hostname](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret) | resource |
+| [azurerm_key_vault_secret.redis_password](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret) | resource |
 | [azurerm_private_dns_a_record.ingress](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_a_record) | resource |
 | [azurerm_resource_group.mock_ec_rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
 | [azurerm_resource_group.mock_payment_gateway_rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
@@ -59,6 +61,8 @@
 | [azurerm_monitor_action_group.slack](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/monitor_action_group) | data source |
 | [azurerm_private_dns_zone.cosmos](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/private_dns_zone) | data source |
 | [azurerm_private_dns_zone.internal](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/private_dns_zone) | data source |
+| [azurerm_redis_cache.redis_cache](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/redis_cache) | data source |
+| [azurerm_redis_cache.redis_cache_ha](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/redis_cache) | data source |
 | [azurerm_resource_group.identity_rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/resource_group) | data source |
 | [azurerm_resource_group.monitor_rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/resource_group) | data source |
 | [azurerm_subnet.aks_subnet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/subnet) | data source |
@@ -104,6 +108,7 @@
 | <a name="input_mocker_cosmosdb_params"></a> [mocker\_cosmosdb\_params](#input\_mocker\_cosmosdb\_params) | n/a | <pre>object({<br>    kind           = string<br>    capabilities   = list(string)<br>    offer_type     = string<br>    server_version = string<br>    consistency_policy = object({<br>      consistency_level       = string<br>      max_interval_in_seconds = number<br>      max_staleness_prefix    = number<br>    })<br>    main_geo_location_zone_redundant = bool<br>    enable_free_tier                 = bool<br>    additional_geo_locations = list(object({<br>      location          = string<br>      failover_priority = number<br>      zone_redundant    = bool<br>    }))<br>    private_endpoint_enabled          = bool<br>    public_network_access_enabled     = bool<br>    is_virtual_network_filter_enabled = bool<br>    backup_continuous_enabled         = bool<br>    container_default_ttl             = number<br>  })</pre> | n/a | yes |
 | <a name="input_monitor_resource_group_name"></a> [monitor\_resource\_group\_name](#input\_monitor\_resource\_group\_name) | Monitor resource group name | `string` | n/a | yes |
 | <a name="input_prefix"></a> [prefix](#input\_prefix) | n/a | `string` | n/a | yes |
+| <a name="input_redis_ha_enabled"></a> [redis\_ha\_enabled](#input\_redis\_ha\_enabled) | (Required) If true, enables the usage of HA redis instance | `bool` | `false` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | n/a | `map(any)` | <pre>{<br>  "CreatedBy": "Terraform"<br>}</pre> | no |
 
 ## Outputs