[#IOPID-757] add new required env variables in functions-fast-login (#…

…690) Co-authored-by: Greta Quadrati <[email protected]>
pagopa · Sep 28, 2023 · cee7130 · cee7130
1 parent 4616bd0
commit cee7130
Show file tree

Hide file tree

Showing 3 changed files with 26 additions and 0 deletions.
diff --git a/src/domains/citizen-auth-app/02_security.tf b/src/domains/citizen-auth-app/02_security.tf
@@ -3,6 +3,11 @@ data "azurerm_key_vault" "kv" {
   resource_group_name = "${local.product}-${var.domain}-sec-rg"
 }
 
+data "azurerm_key_vault" "kv_common" {
+  name                = "${local.product}-kv-common"
+  resource_group_name = "${local.product}-rg-common"
+}
+
 data "azurerm_key_vault_certificate_data" "lollipop_certificate_v1" {
   name         = "lollipop-certificate-v1"
   key_vault_id = data.azurerm_key_vault.kv.id

diff --git a/src/domains/citizen-auth-app/07_function_fast_login.tf b/src/domains/citizen-auth-app/07_function_fast_login.tf
@@ -3,6 +3,16 @@ data "azurerm_key_vault_secret" "fast_login_subscription_key" {
   key_vault_id = data.azurerm_key_vault.kv.id
 }
 
+data "azurerm_key_vault_secret" "backendli_api_key" {
+  name         = "appbackend-PRE-SHARED-KEY"
+  key_vault_id = data.azurerm_key_vault.kv_common.id
+}
+
+data "azurerm_app_service" "app_backend_li" {
+  name                = format("%s-app-appbackendli", local.product)
+  resource_group_name = format("%s-rg-linux", local.product)
+}
+
 locals {
   function_fast_login = {
     app_settings = {
@@ -30,6 +40,14 @@ locals {
       //  Fast login audit log storage
       // --------------------------
       FAST_LOGIN_AUDIT_CONNECTION_STRING = data.azurerm_storage_account.lv_audit_logs_storage.primary_connection_string
+
+
+      // --------------------------
+      //  Config for backendli connection
+      // --------------------------
+      BACKEND_INTERNAL_API_KEY  = data.azurerm_key_vault_secret.backendli_api_key.value
+      BACKEND_INTERNAL_BASE_URL = "https://${data.azurerm_app_service.app_backend_li.default_site_hostname}"
+
     }
   }
 }

diff --git a/src/domains/citizen-auth-app/README.md b/src/domains/citizen-auth-app/README.md
@@ -47,13 +47,16 @@
 | [azuread_group.adgroup_developers](https://registry.terraform.io/providers/hashicorp/azuread/latest/docs/data-sources/group) | data source |
 | [azuread_group.adgroup_externals](https://registry.terraform.io/providers/hashicorp/azuread/latest/docs/data-sources/group) | data source |
 | [azuread_group.adgroup_security](https://registry.terraform.io/providers/hashicorp/azuread/latest/docs/data-sources/group) | data source |
+| [azurerm_app_service.app_backend_li](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/app_service) | data source |
 | [azurerm_application_insights.application_insights](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/application_insights) | data source |
 | [azurerm_client_config.current](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/client_config) | data source |
 | [azurerm_cosmosdb_account.cosmos_citizen_auth](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/cosmosdb_account) | data source |
 | [azurerm_cosmosdb_account.cosmos_fims](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/cosmosdb_account) | data source |
 | [azurerm_cosmosdb_account.cosmosdb_mongo_fims](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/cosmosdb_account) | data source |
 | [azurerm_key_vault.kv](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/key_vault) | data source |
+| [azurerm_key_vault.kv_common](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/key_vault) | data source |
 | [azurerm_key_vault_certificate_data.lollipop_certificate_v1](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/key_vault_certificate_data) | data source |
+| [azurerm_key_vault_secret.backendli_api_key](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/key_vault_secret) | data source |
 | [azurerm_key_vault_secret.cookies_key_fims](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/key_vault_secret) | data source |
 | [azurerm_key_vault_secret.fast_login_subscription_key](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/key_vault_secret) | data source |
 | [azurerm_key_vault_secret.first_lollipop_consumer_subscription_key](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/key_vault_secret) | data source |