added command to check managed identity of akscluster

Author: sivarkpocrk

.github/workflows/deploy.yml

@@ -33,10 +33,27 @@ jobs:
         echo "AKS_VERSION=1.32.0" >> $GITHUB_ENV
         echo "Variables set successfully."
 
+    # - name: Set up Azure CLI with owner subscription
+    #   uses: azure/login@v1
+    #   with:
+    #     creds: |
+    #       {
+    #         "clientId": "${{ secrets.AZURE_CLIENT_ID }}",
+    #         "clientSecret": "${{ secrets.AZURE_CLIENT_SECRET }}",
+    #         "subscriptionId": "${{ secrets.AZURE_SUBSCRIPTION_ID }}",
+    #         "tenantId": "${{ secrets.AZURE_TENANT_ID }}"
+    #       }
+
     # Checkout the code
     - name: Checkout code
       uses: actions/checkout@v3
 
+            # Install Terraform
+    - name: Install Terraform
+      uses: hashicorp/setup-terraform@v2
+      with:
+        terraform_version: 1.5.7
+
     # Set up Azure CLI
     - name: Set up Azure CLI
       uses: azure/login@v1
@@ -136,11 +153,18 @@ jobs:
         docker build -t $ACR_NAME.azurecr.io/transaction-processor:latest ./app
         docker push $ACR_NAME.azurecr.io/transaction-processor:latest
 
-    # Deploy Service Bus Resources
-    - name: Run Terraform
-      working-directory: ./terraform
+    - name: Terraform Init
       run: |
         terraform init
+
+      # Terraform Plan
+    - name: Terraform Plan
+      run: |
+        terraform plan
+
+    # Terraform Apply
+    - name: Terraform Apply
+      run: |
         terraform apply -auto-approve
 
     # Run Azure CLI scripts for Service Bus setup

scripts/aks-deploy.sh

@@ -1,12 +1,31 @@
 #!/bin/bash
-AKS_CLUSTER="MyAKSCluster"
-RESOURCE_GROUP="MyResourceGroup"
-ACR_NAME="myregistry"
-NAMESPACE="transaction-namespace"
 
-az aks create --resource-group $RESOURCE_GROUP --name $AKS_CLUSTER --node-count 3 --enable-addons monitoring --generate-ssh-keys
+# Use environment variables set in the GitHub workflow
+AKS_CLUSTER="${AKS_CLUSTER_NAME:-AKSSivaCluster}"
+RESOURCE_GROUP="${RESOURCE_GROUP:-MyResourceGroup}"
+ACR_NAME="${ACR_NAME:-akssivarg01}"
+NAMESPACE="${NAMESPACE:-transaction-namespace}"
+
+# Get AKS credentials to manage the cluster
+echo "Retrieving AKS credentials..."
 az aks get-credentials --resource-group $RESOURCE_GROUP --name $AKS_CLUSTER
-kubectl create namespace $NAMESPACE
-kubectl create secret generic servicebus-secrets --from-literal=primary-connection="<primary_connection_string>" --from-literal=secondary-connection="<secondary_connection_string>" -n $NAMESPACE
+
+# Create the namespace if it does not exist
+if ! kubectl get namespace $NAMESPACE &> /dev/null; then
+  echo "Creating namespace: $NAMESPACE"
+  kubectl create namespace $NAMESPACE
+else
+  echo "Namespace $NAMESPACE already exists."
+fi
+
+# Create or update the Kubernetes secret for Service Bus connection strings
+echo "Creating or updating secrets in namespace: $NAMESPACE"
+kubectl create secret generic servicebus-secrets \
+  --from-literal=primary-connection="<primary_connection_string>" \
+  --from-literal=secondary-connection="<secondary_connection_string>" \
+  -n $NAMESPACE --dry-run=client -o yaml | kubectl apply -f -
+
+# Apply the Kubernetes deployment and service configurations
+echo "Deploying application to AKS..."
 kubectl apply -f k8s/deployment.yaml -n $NAMESPACE
 echo "Application deployed successfully to AKS."

terraform/Dockerfile

@@ -1,7 +1,7 @@
 # Use a lightweight base image with Terraform
 FROM hashicorp/terraform:1.5.7
 
-# Install Azure CLI
+# Install Azure CLI and other necessary tools
 RUN apk update && \
     apk add --no-cache curl bash jq && \
     curl -sL https://aka.ms/InstallAzureCLIDeb | bash

terraform/docker-compose.yml

@@ -0,0 +1,17 @@
+services:
+  terraform:
+    image: hashicorp/terraform:1.6.2
+    volumes:
+      - ./setup:/tf/setup
+      - ./deploy:/tf/deploy
+    working_dir: /tf
+    environment:
+      - AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID}
+      - AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY}
+      - AWS_SESSION_TOKEN=${AWS_SESSION_TOKEN}
+      - AWS_DEFAULT_REGION=us-east-1
+      - TF_WORKSPACE=${TF_WORKSPACE}
+      - TF_VAR_db_password=${TF_VAR_db_password}
+      - TF_VAR_django_secret_key=${TF_VAR_django_secret_key}
+      - TF_VAR_ecr_proxy_image=${TF_VAR_ecr_proxy_image}
+      - TF_VAR_ecr_app_image=${TF_VAR_ecr_app_image}

terraform/main.tf

@@ -1,52 +1,59 @@
+# Unified main.tf
+
 terraform {
+  backend "azurerm" {
+    resource_group_name  = "MyResourceGroup"
+    storage_account_name = "akssiva"
+    container_name       = "tfstate"
+    key                  = "terraform.tfstate"
+  }
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
       version = "3.74.0"
     }
   }
-  required_version = ">= 1.0"
 }
 
 provider "azurerm" {
   features {}
   subscription_id = var.subscription_id
 }
 
-# Create Resource Group
+# Resource Group (already exists, so use import if not in state)
 resource "azurerm_resource_group" "example" {
   name     = var.resource_group_name
   location = var.primary_location
   tags     = var.tags
 }
 
-# Create Primary Service Bus Namespace
+# Primary Service Bus Namespace
 resource "azurerm_servicebus_namespace" "primary" {
   name                = var.primary_namespace
   location            = var.primary_location
   resource_group_name = azurerm_resource_group.example.name
   sku                 = "Standard"
 }
 
-# Create Secondary Service Bus Namespace
+# Secondary Service Bus Namespace
 resource "azurerm_servicebus_namespace" "secondary" {
   name                = var.secondary_namespace
   location            = var.secondary_location
   resource_group_name = azurerm_resource_group.example.name
   sku                 = "Standard"
 }
 
-# Create Service Bus Queue in Primary Namespace
+# Service Bus Queue
 resource "azurerm_servicebus_queue" "transaction" {
-  name                = var.queue_name
-  namespace_id        = azurerm_servicebus_namespace.primary.id
+  name         = var.queue_name
+  namespace_id = azurerm_servicebus_namespace.primary.id
 }
 
-# Geo Disaster Recovery Alias
+# Geo-Disaster Recovery Alias
 resource "azurerm_servicebus_georecovery_alias" "geo_dr" {
-  name                    = "TransactionAlias"
-  resource_group_name     = azurerm_resource_group.example.name
-  namespace_name          = azurerm_servicebus_namespace.primary.name
-  partner_namespace_id    = azurerm_servicebus_namespace.secondary.id
+  name                     = "TransactionAlias"
+  resource_group_name      = azurerm_resource_group.example.name
+  namespace_name           = azurerm_servicebus_namespace.primary.name
+  partner_namespace_id     = azurerm_servicebus_namespace.secondary.id
   requires_manual_failover = true
 }