From 7d7f6ed04ac484b81b05d8454eead41e84e9d3e1 Mon Sep 17 00:00:00 2001 From: Piyush Jain <122745947+d3vb0ox@users.noreply.github.com> Date: Tue, 22 Apr 2025 21:41:16 +0530 Subject: [PATCH] chore(terraform): add valkey and rds for staging env (#5471) --- infra/terraform/cloudwatch.tf | 12 +++--- infra/terraform/elasticache.tf | 71 ++++++++++------------------------ infra/terraform/main.tf | 22 ++++++++++- infra/terraform/rds.tf | 26 +++++++++---- infra/terraform/secrets.tf | 29 +++++++------- 5 files changed, 80 insertions(+), 80 deletions(-) diff --git a/infra/terraform/cloudwatch.tf b/infra/terraform/cloudwatch.tf index f2e4f3e257..7803ebb4c6 100644 --- a/infra/terraform/cloudwatch.tf +++ b/infra/terraform/cloudwatch.tf @@ -96,7 +96,7 @@ locals { metric_name = "CPUUtilization" statistic = "Average" dimensions = { - DBInstanceIdentifier = module.rds-aurora.cluster_instances["one"].id + DBInstanceIdentifier = module.rds-aurora["prod"].cluster_instances["one"].id } } RDS_FreeStorageSpace = { @@ -110,7 +110,7 @@ locals { metric_name = "FreeStorageSpace" statistic = "Average" dimensions = { - DBInstanceIdentifier = module.rds-aurora.cluster_instances["one"].id + DBInstanceIdentifier = module.rds-aurora["prod"].cluster_instances["one"].id } } RDS_FreeableMemory = { @@ -124,7 +124,7 @@ locals { metric_name = "FreeableMemory" statistic = "Average" dimensions = { - DBInstanceIdentifier = module.rds-aurora.cluster_instances["one"].id + DBInstanceIdentifier = module.rds-aurora["prod"].cluster_instances["one"].id } } RDS_DiskQueueDepth = { @@ -138,7 +138,7 @@ locals { metric_name = "DiskQueueDepth" statistic = "Average" dimensions = { - DBInstanceIdentifier = module.rds-aurora.cluster_instances["one"].id + DBInstanceIdentifier = module.rds-aurora["prod"].cluster_instances["one"].id } } RDS_ReadIOPS = { @@ -152,7 +152,7 @@ locals { metric_name = "ReadIOPS" statistic = "Average" dimensions = { - DBInstanceIdentifier = module.rds-aurora.cluster_instances["one"].id + DBInstanceIdentifier = module.rds-aurora["prod"].cluster_instances["one"].id } } RDS_WriteIOPS = { @@ -166,7 +166,7 @@ locals { metric_name = "WriteIOPS" statistic = "Average" dimensions = { - DBInstanceIdentifier = module.rds-aurora.cluster_instances["one"].id + DBInstanceIdentifier = module.rds-aurora["prod"].cluster_instances["one"].id } } SQS_ApproximateAgeOfOldestMessage = { diff --git a/infra/terraform/elasticache.tf b/infra/terraform/elasticache.tf index 7426c02ca5..c2fdba2084 100644 --- a/infra/terraform/elasticache.tf +++ b/infra/terraform/elasticache.tf @@ -5,13 +5,15 @@ locals { valkey_major_version = 8 } -resource "random_password" "valkey" { - length = 20 - special = false +moved { + from = random_password.valkey + to = random_password.valkey["prod"] } -resource "random_password" "valkey_default_user" { - length = 20 - special = false + +resource "random_password" "valkey" { + for_each = local.envs + length = 20 + special = false } module "valkey_sg" { @@ -28,40 +30,24 @@ module "valkey_sg" { tags = local.tags } -module "elasticache_user_group" { - source = "terraform-aws-modules/elasticache/aws//modules/user-group" - version = "1.4.1" - - user_group_id = "${local.name}-valkey" - create_default_user = false - default_user = { - user_id = "formbricks-default" - passwords = [random_password.valkey_default_user.result] - } - users = { - formbricks = { - access_string = "on ~* +@all" - passwords = [random_password.valkey.result] - } - } - engine = "redis" - tags = merge(local.tags, { - terraform-aws-modules = "elasticache" - }) +moved { + from = module.valkey + to = module.valkey["prod"] } module "valkey" { - source = "terraform-aws-modules/elasticache/aws" - version = "1.4.1" + for_each = local.envs + source = "terraform-aws-modules/elasticache/aws" + version = "1.4.1" - replication_group_id = "${local.name}-valkey" + replication_group_id = "${each.value}-valkey" engine = "valkey" engine_version = "8.0" node_type = "cache.m7g.large" transit_encryption_enabled = true - auth_token = random_password.valkey.result + auth_token = random_password.valkey[each.key].result maintenance_window = "sun:05:00-sun:09:00" apply_immediately = true @@ -85,15 +71,15 @@ module "valkey" { } # Subnet Group - subnet_group_name = "${local.name}-valkey" - subnet_group_description = "${title(local.name)} subnet group" + subnet_group_name = "${each.value}-valkey" + subnet_group_description = "${title(each.value)} subnet group" subnet_ids = module.vpc.database_subnets # Parameter Group create_parameter_group = true - parameter_group_name = "${local.name}-valkey-${local.valkey_major_version}" + parameter_group_name = "${each.value}-valkey-${local.valkey_major_version}" parameter_group_family = "valkey8" - parameter_group_description = "${title(local.name)} parameter group" + parameter_group_description = "${title(each.value)} parameter group" parameters = [ { name = "latency-tracking" @@ -101,20 +87,5 @@ module "valkey" { } ] - tags = local.tags -} - -module "valkey_serverless" { - source = "terraform-aws-modules/elasticache/aws//modules/serverless-cache" - version = "1.4.1" - - engine = "valkey" - cache_name = "${local.name}-valkey-serverless" - major_engine_version = 8 - subnet_ids = module.vpc.database_subnets - - security_group_ids = [ - module.valkey_sg.security_group_id - ] - user_group_id = module.elasticache_user_group.group_id + tags = local.tags_map[each.key] } diff --git a/infra/terraform/main.tf b/infra/terraform/main.tf index 7b46b9c021..93240df7d0 100644 --- a/infra/terraform/main.tf +++ b/infra/terraform/main.tf @@ -2,14 +2,32 @@ locals { project = "formbricks" environment = "prod" name = "${local.project}-${local.environment}" - vpc_cidr = "10.0.0.0/16" - azs = slice(data.aws_availability_zones.available.names, 0, 3) + envs = { + prod = "${local.project}-prod" + stage = "${local.project}-stage" + } + vpc_cidr = "10.0.0.0/16" + azs = slice(data.aws_availability_zones.available.names, 0, 3) tags = { Project = local.project Environment = local.environment MangedBy = "Terraform" Blueprint = local.name } + tags_map = { + prod = { + Project = local.project + Environment = "prod" + MangedBy = "Terraform" + Blueprint = "${local.project}-prod" + } + stage = { + Project = local.project + Environment = "stage" + MangedBy = "Terraform" + Blueprint = "${local.project}-stage" + } + } domain = "k8s.formbricks.com" karpetner_helm_version = "1.3.1" karpenter_namespace = "karpenter" diff --git a/infra/terraform/rds.tf b/infra/terraform/rds.tf index cd7f9f3bc3..6b3d63cb8a 100644 --- a/infra/terraform/rds.tf +++ b/infra/terraform/rds.tf @@ -6,22 +6,34 @@ data "aws_rds_engine_version" "postgresql" { version = "16.4" } +moved { + from = random_password.postgres + to = random_password.postgres["prod"] +} + resource "random_password" "postgres" { - length = 20 - special = false + for_each = local.envs + length = 20 + special = false +} + +moved { + from = module.rds-aurora + to = module.rds-aurora["prod"] } module "rds-aurora" { - source = "terraform-aws-modules/rds-aurora/aws" - version = "9.12.0" + for_each = local.envs + source = "terraform-aws-modules/rds-aurora/aws" + version = "9.12.0" - name = "${local.name}-postgres" + name = "${each.value}-postgres" engine = data.aws_rds_engine_version.postgresql.engine engine_mode = "provisioned" engine_version = data.aws_rds_engine_version.postgresql.version storage_encrypted = true master_username = "formbricks" - master_password = random_password.postgres.result + master_password = random_password.postgres[each.key].result manage_master_user_password = false create_db_cluster_parameter_group = true db_cluster_parameter_group_family = data.aws_rds_engine_version.postgresql.parameter_group_family @@ -63,6 +75,6 @@ module "rds-aurora" { one = {} } - tags = local.tags + tags = local.tags_map[each.key] } diff --git a/infra/terraform/secrets.tf b/infra/terraform/secrets.tf index 6f49794d2d..e9bfa5cb31 100644 --- a/infra/terraform/secrets.tf +++ b/infra/terraform/secrets.tf @@ -1,25 +1,24 @@ # Create the first AWS Secrets Manager secret for environment variables -resource "aws_secretsmanager_secret" "formbricks_app_secrets" { - name = "prod/formbricks/secrets" +moved { + from = aws_secretsmanager_secret.formbricks_app_secrets + to = aws_secretsmanager_secret.formbricks_app_secrets["prod"] } -resource "aws_secretsmanager_secret" "formbricks_app_secrets_temp" { - name = "prod/formbricks/secrets_temp" +resource "aws_secretsmanager_secret" "formbricks_app_secrets" { + for_each = local.envs + name = "${each.key}/formbricks/secrets" +} + +moved { + from = aws_secretsmanager_secret_version.formbricks_app_secrets + to = aws_secretsmanager_secret_version.formbricks_app_secrets["prod"] } resource "aws_secretsmanager_secret_version" "formbricks_app_secrets" { - secret_id = aws_secretsmanager_secret.formbricks_app_secrets.id + for_each = local.envs + secret_id = aws_secretsmanager_secret.formbricks_app_secrets[each.key].id secret_string = jsonencode({ - # DATABASE_URL = "postgres://formbricks:${random_password.postgres.result}@${module.rds-aurora.cluster_endpoint}/formbricks" - REDIS_URL = "rediss://:${random_password.valkey.result}@${module.valkey.replication_group_primary_endpoint_address}:6379" - # REDIS_URL = "rediss://formbricks:${random_password.valkey.result}@${module.valkey_serverless.serverless_cache_endpoint[0].address}:6379" + REDIS_URL = "rediss://:${random_password.valkey[each.key].result}@${module.valkey[each.key].replication_group_primary_endpoint_address}:6379" }) } -resource "aws_secretsmanager_secret_version" "formbricks_app_secrets_temp" { - secret_id = aws_secretsmanager_secret.formbricks_app_secrets_temp.id - secret_string = jsonencode({ - DATABASE_URL = "postgres://formbricks:${random_password.postgres.result}@${module.rds-aurora.cluster_endpoint}/formbricks" - # REDIS_URL = "rediss://formbricks:${random_password.valkey.result}@${module.valkey_serverless.serverless_cache_endpoint[0].address}:6379" - }) -}