[EC-135] Add Terraform configuration to manage repository settings (#172

)

.dockerignore

@@ -0,0 +1,12 @@
+**/.dockerignore
+**/.git
+**/bin
+**/docker-compose*
+**/Dockerfile*
+**/node_modules
+**/npm-debug.log
+**/obj
+**/secrets.dev.yaml
+**/values.dev.yaml
+LICENSE
+README.md

.github/workflows/pr_ms.yml

@@ -0,0 +1,37 @@
+name: Code Review ms-party-registry-proxy
+on:
+  workflow_dispatch:
+
+  pull_request:
+    types:
+      - synchronize
+      - reopened
+      - ready_for_review
+    paths:
+      - '.github/workflows/pr_ms.yml'
+      - '.github/workflows/release_ms.yml'
+      - '.github/workflows/release_ms_pnpg.yml'
+      - '!.devops/**'
+      - '!helm/**'
+      - '!**.md'
+      - '!**ignore'
+      - '!infra/**'
+      - '!.terraform-version'
+      - '!CODEOWNERS'
+
+jobs:
+
+  code_review:
+    uses: pagopa/selfcare-commons/.github/workflows/call_code_review_spring.yml@EC-149-template-git-hub-workflows
+    name: 'Code Review'
+    secrets: inherit
+    if: github.base_ref == 'main' && github.event_name == 'pull_request'
+    with:
+      pr_number: ${{ github.event.pull_request.number }}
+      source_branch: ${{ github.head_ref }}
+      target_branch: ${{ github.base_ref }}
+      sonar_key: 'pagopa_selfcare-ms-party-registry-proxy'
+
+  docker_build:
+    uses: pagopa/selfcare-commons/.github/workflows/call_code_review_docker.yml@EC-149-template-git-hub-workflows
+    name: 'Docker'

.github/workflows/release_ms.yml

@@ -0,0 +1,46 @@
+name: Release ms-party-registry-proxy
+
+on:
+  workflow_dispatch:
+
+  push:
+    branches:
+      - main
+      - releases/*
+    paths:
+      - '!.devops/**'
+      - '!helm/**'
+      - '!**.md'
+      - '!**ignore'
+      - '!infra/**'
+      - '!.terraform-version'
+      - '!CODEOWNERS'
+
+jobs:
+
+  release_dev:
+    uses: pagopa/selfcare-commons/.github/workflows/call_release_docker.yml@EC-149-template-git-hub-workflows
+    name: '[Dev] PartyRegistryProxy ms Release'
+    if: startsWith(github.ref_name, 'releases/') != true
+    secrets: inherit
+    with:
+      environment: dev
+      dir: 'infra'
+
+  release_uat:
+    uses: pagopa/selfcare-commons/.github/workflows/call_release_docker.yml@EC-149-template-git-hub-workflows
+    name: '[UAT] PartyRegistryProxy ms Release'
+    if: startsWith(github.ref_name, 'releases/')
+    secrets: inherit
+    with:
+      environment: uat
+      dir: 'infra'
+
+  release_prod:
+    uses: pagopa/selfcare-commons/.github/workflows/call_release_docker.yml@EC-149-template-git-hub-workflows
+    name: '[Prod] PartyRegistryProxy ms Release'
+    if: startsWith(github.ref_name, 'releases/')
+    secrets: inherit
+    with:
+      environment: prod
+      dir: 'infra'

.gitignore

@@ -32,3 +32,12 @@ build/
 ### VS Code ###
 .vscode/
 .DS_Store
+
+**/.terraform/*
+*.tfstate
+*.tfstate.*
+**/.tfsec/*
+override.tf
+override.tf.json
+*_override.tf
+*_override.tf.json

.pre-commit-config.yaml

@@ -0,0 +1,10 @@
+repos:
+  - repo: https://github.com/antonbabenko/pre-commit-terraform
+    rev: v1.86.0
+    hooks:
+      - id: terraform_fmt
+      - id: terraform_docs
+      - id: terraform_validate
+        args:
+          - --args=-json
+          - --args=-no-color

.terraform-version

@@ -0,0 +1 @@
+1.6.6

Dockerfile.new

@@ -0,0 +1,20 @@
+FROM maven:3-eclipse-temurin-17 AS builder
+
+COPY . .
+
+RUN mvn clean package -DskipTests=true
+
+FROM openjdk:17-jdk AS runtime
+
+ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en'
+
+WORKDIR /app
+
+COPY --from=builder ./target/*.jar ./app.jar
+
+ADD https://github.com/microsoft/ApplicationInsights-Java/releases/download/3.1.1/applicationinsights-agent-3.1.1.jar /applicationinsights-agent.jar
+
+EXPOSE 8080
+USER 1001
+
+ENTRYPOINT ["java", "-jar", "app.jar"]

Dockerfile.new.dockerignore

@@ -0,0 +1,117 @@
+**/.dockerignore
+**/.git
+**/bin
+**/docker-compose*
+**/Dockerfile*
+**/node_modules
+**/npm-debug.log
+**/obj
+**/secrets.dev.yaml
+**/values.dev.yaml
+LICENSE
+README.md
+
+**/.idea
+.idea
+**/.mvn
+.mvn
+
+**/target
+
+# Created by .ignore support plugin (hsz.mobi)
+### Maven template
+target/
+pom.xml.tag
+pom.xml.releaseBackup
+pom.xml.versionsBackup
+pom.xml.next
+release.properties
+dependency-reduced-pom.xml
+buildNumber.properties
+.mvn/timing.properties
+.mvn/wrapper/maven-wrapper.jar
+### Java template
+# Compiled class file
+*.class
+
+# Log file
+*.log
+
+# BlueJ files
+*.ctxt
+
+# Mobile Tools for Java (J2ME)
+.mtj.tmp/
+
+# Package Files #
+*.jar
+*.war
+*.nar
+*.ear
+*.zip
+*.tar.gz
+*.rar
+
+# virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
+hs_err_pid*
+### JetBrains template
+# Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio and WebStorm
+# Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839
+
+# User-specific stuff
+.idea/**/workspace.xml
+.idea/**/tasks.xml
+.idea/**/usage.statistics.xml
+.idea/**/dictionaries
+.idea/**/shelf
+
+# Sensitive or high-churn files
+.idea/**/dataSources/
+.idea/**/dataSources.ids
+.idea/**/dataSources.local.xml
+.idea/**/sqlDataSources.xml
+.idea/**/dynamic.xml
+.idea/**/uiDesigner.xml
+.idea/**/dbnavigator.xml
+
+# Gradle
+.idea/**/gradle.xml
+.idea/**/libraries
+
+# Gradle and Maven with auto-import
+# When using Gradle or Maven with auto-import, you should exclude module files,
+# since they will be recreated, and may cause churn.  Uncomment if using
+# auto-import.
+# .idea/modules.xml
+# .idea/*.iml
+# .idea/modules
+
+# CMake
+cmake-build-*/
+
+# Mongo Explorer plugin
+.idea/**/mongoSettings.xml
+
+# File-based project format
+*.iws
+
+# IntelliJ
+out/
+
+# mpeltonen/sbt-idea plugin
+.idea_modules/
+
+# JIRA plugin
+atlassian-ide-plugin.xml
+
+# Cursive Clojure plugin
+.idea/replstate.xml
+
+# Crashlytics plugin (for Android Studio and IntelliJ)
+com_crashlytics_export_strings.xml
+crashlytics.properties
+crashlytics-build.properties
+fabric.properties
+
+# Editor-based Rest Client
+.idea/httpRequests

infra/repository/README.md

@@ -0,0 +1,43 @@
+# Repository Settings
+
+Define settings of this GitHub repository.
+
+## How to use
+
+Make sure your PAT has access to this repository. Then, follow these steps:
+
+- set the subscription: `az account set --subscription "PROD-SelfCare"`
+- run `terraform init -backend-config="backend.tfvars"`
+- run `terraform plan`
+- run `terraform apply`
+
+<!-- markdownlint-disable -->
+<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.6.0 |
+
+## Providers
+
+No providers.
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| <a name="module_repository"></a> [repository](#module\_repository) | github.com/pagopa/selfcare-commons//infra/terraform-modules/github_repository_settings | main |
+
+## Resources
+
+No resources.
+
+## Inputs
+
+No inputs.
+
+## Outputs
+
+No outputs.
+<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->

infra/repository/backend.tfvars

@@ -0,0 +1,4 @@
+resource_group_name  = "terraform-state-rg"
+storage_account_name = "tfinfprodselfcare"
+container_name       = "terraform-state"
+key                  = "selfcare-party-registry-proxy.repository.tfstate"

infra/repository/main.tf

@@ -0,0 +1,17 @@
+terraform {
+  required_version = ">= 1.6.0"
+
+  backend "azurerm" {}
+}
+
+provider "azurerm" {
+  features {}
+}
+
+module "repository" {
+  source = "github.com/pagopa/selfcare-commons//infra/terraform-modules/github_repository_settings?ref=main"
+
+  github = {
+    repository = "selfcare-ms-party-registry-proxy"
+  }
+}