feat(infra): refactor rc-server Terraform files

apps/infra/rc/network/codedang/cloudfront.tf → apps/infra/rc/codedang/cloudfront.tf

@@ -67,19 +67,19 @@ resource "aws_cloudfront_distribution" "codedang" {
   }
 
   ordered_cache_behavior {
-    path_pattern    = "/api/*"
-    allowed_methods = ["GET", "HEAD", "OPTIONS", "PUT", "POST", "PATCH", "DELETE"]
-    cached_methods  = ["GET", "HEAD", "OPTIONS"]
+    path_pattern             = "/api/*"
+    allowed_methods          = ["GET", "HEAD", "OPTIONS", "PUT", "POST", "PATCH", "DELETE"]
+    cached_methods           = ["GET", "HEAD", "OPTIONS"]
     target_origin_id         = module.client_api_loadbalancer.aws_lb_id
     viewer_protocol_policy   = "redirect-to-https"
     cache_policy_id          = data.aws_cloudfront_cache_policy.disable.id
     origin_request_policy_id = data.aws_cloudfront_origin_request_policy.allow_all.id
   }
 
   ordered_cache_behavior {
-    path_pattern    = "/graphql"
-    allowed_methods = ["GET", "HEAD", "OPTIONS", "PUT", "POST", "PATCH", "DELETE"]
-    cached_methods  = ["GET", "HEAD", "OPTIONS"]
+    path_pattern             = "/graphql"
+    allowed_methods          = ["GET", "HEAD", "OPTIONS", "PUT", "POST", "PATCH", "DELETE"]
+    cached_methods           = ["GET", "HEAD", "OPTIONS"]
     target_origin_id         = module.admin_api_loadbalancer.aws_lb_id
     viewer_protocol_policy   = "redirect-to-https"
     cache_policy_id          = data.aws_cloudfront_cache_policy.disable.id
@@ -101,7 +101,7 @@ resource "aws_cloudfront_distribution" "codedang" {
 }
 
 resource "aws_route53_record" "codedang" {
-  count = var.env == "production" ? 1 : 0
+  count   = var.env == "production" ? 1 : 0
   name    = "codedang.com"
   type    = "A"
   zone_id = var.env == "rc" ? "" : local.network.route53_zone_id

apps/infra/rc/network/codedang/codedang_service_admin.tf → apps/infra/rc/codedang/codedang_service_admin.tf

@@ -6,7 +6,7 @@ module "admin_api_loadbalancer" {
   source = "./modules/loadbalancing"
 
   lb = {
-    name = "Codedang-Admin-Api-LB"
+    name    = "Codedang-Admin-Api-LB"
     subnets = ["public1", "public2"]
   }
 

apps/infra/rc/network/codedang/codedang_service_client.tf → apps/infra/rc/codedang/codedang_service_client.tf

@@ -6,7 +6,7 @@ module "client_api_loadbalancer" {
   source = "./modules/loadbalancing"
 
   lb = {
-    name = "Codedang-Client-Api-LB"
+    name    = "Codedang-Client-Api-LB"
     subnets = ["public1", "public2"]
   }
 

apps/infra/rc/network/codedang/modules/cluster_autoscaling/autoscaling.tf → apps/infra/rc/codedang/modules/cluster_autoscaling/autoscaling.tf

@@ -24,7 +24,7 @@ resource "aws_launch_template" "this" {
 }
 
 resource "aws_autoscaling_group" "this" {
-  name = var.autoscaling_group.name
+  name                = var.autoscaling_group.name
   vpc_zone_identifier = [for name in var.subnets : local.network.subnet_ids[name]]
 
   desired_capacity = var.autoscaling_group.desired_capacity

apps/infra/rc/network/codedang/modules/cluster_autoscaling/variables.tf → apps/infra/rc/codedang/modules/cluster_autoscaling/variables.tf

@@ -37,11 +37,11 @@ variable "ecs_capacity_provider_name" {
 }
 
 variable "subnets" {
-  type = list(string)
+  type        = list(string)
   description = "List of subnet names. e.g. ['private_api1', 'private_api2']"
 }
 
 variable "security_groups" {
-  type = list(string)
+  type        = list(string)
   description = "List of SG names. e.g. ['sg_db', 'sg_redis']"
 }

apps/infra/rc/network/codedang/modules/loadbalancing/loadbalancing.tf → apps/infra/rc/codedang/modules/loadbalancing/loadbalancing.tf

@@ -12,7 +12,7 @@ resource "aws_lb_target_group" "this" {
   target_type = "instance"
   port        = var.lb_target_group.port
   protocol    = "HTTP"
-  vpc_id = local.network.vpc_id
+  vpc_id      = local.network.vpc_id
 
   health_check {
     interval            = 30

apps/infra/rc/network/codedang/modules/loadbalancing/variables.tf → apps/infra/rc/codedang/modules/loadbalancing/variables.tf

@@ -16,6 +16,6 @@ variable "lb_target_group" {
 }
 
 variable "security_groups" {
-  type = list(string)
+  type        = list(string)
   description = "List of SG names. e.g. ['sg_db', 'sg_redis']"
 }

apps/infra/rc/network/network/outputs.tf → apps/infra/rc/network/outputs.tf

@@ -1,20 +1,20 @@
 output "vpc_id" {
-  value = aws_vpc.main.id
+  value     = aws_vpc.main.id
   sensitive = true
 }
 
 output "private_route_table_id" {
-  value = aws_route_table.private.id
+  value     = aws_route_table.private.id
   sensitive = true
 }
 
 output "public_ip" {
-  value = aws_eip.nat_instance.public_ip
+  value     = aws_eip.nat_instance.public_ip
   sensitive = true
 }
 
 output "mq_subnet_id" {
-  value = aws_subnet.private_mq.id
+  value     = aws_subnet.private_mq.id
   sensitive = true
 }
 

apps/infra/rc/network/storage/ecr.tf → apps/infra/rc/storage/ecr.tf

@@ -1,6 +1,6 @@
 data "aws_ecr_repository" "repositories" {
   for_each = toset(var.repository_names)
-  name = each.value
+  name     = each.value
 }
 
 resource "aws_ecr_lifecycle_policy" "repository_policy" {

apps/infra/rc/network/storage/outputs.tf → apps/infra/rc/storage/outputs.tf

@@ -4,37 +4,37 @@ output "db_url" {
 }
 
 output "redis_host" {
-  value = aws_elasticache_cluster.db_cache.cache_nodes[0].address
+  value     = aws_elasticache_cluster.db_cache.cache_nodes[0].address
   sensitive = true
 }
 
 output "mq_host_id" {
-  value = aws_mq_broker.judge_queue.id
+  value     = aws_mq_broker.judge_queue.id
   sensitive = true
 }
 
 output "mq_api_url" {
-  value = aws_mq_broker.judge_queue.instances.0.console_url
+  value     = aws_mq_broker.judge_queue.instances.0.console_url
   sensitive = true
 }
 
 output "mq_password" {
-  value = random_password.rabbitmq_password.result
+  value     = random_password.rabbitmq_password.result
   sensitive = true
 }
 
 output "s3_media_bucket" {
   value = {
     name = aws_s3_bucket.media.bucket
-    arn = aws_s3_bucket.media.arn
+    arn  = aws_s3_bucket.media.arn
   }
   sensitive = true
 }
 
 output "s3_testcase_bucket" {
-  value =  {
+  value = {
     name = aws_s3_bucket.testcase.bucket
-    arn = aws_s3_bucket.testcase.arn
+    arn  = aws_s3_bucket.testcase.arn
   }
   sensitive = true
 }
@@ -44,7 +44,7 @@ output "media_access_key" {
 }
 
 output "media_secret_access_key" {
-  value = aws_iam_access_key.media.secret
+  value     = aws_iam_access_key.media.secret
   sensitive = true
 }
 
@@ -53,6 +53,6 @@ output "testcase_access_key" {
 }
 
 output "testcase_secret_access_key" {
-  value = aws_iam_access_key.testcase.secret
+  value     = aws_iam_access_key.testcase.secret
   sensitive = true
 }

apps/infra/rc/network/terraform-configuration/key_pair.tf → apps/infra/rc/terraform-configuration/key_pair.tf

@@ -6,6 +6,6 @@ module "key_pairs" {
   source = "./modules/key_pair"
 
   bucket_name = aws_s3_bucket.key_pair.bucket
-  key_names = ["bastion-host", "nat-instance", "codedang-ecs-api-instance", "codedang-ecs-iris-instance"]
-  env = var.env
+  key_names   = ["bastion-host", "nat-instance", "codedang-ecs-api-instance", "codedang-ecs-iris-instance"]
+  env         = var.env
 }

apps/infra/rc/terraform-configuration/modules/key_pair/key_pair.tf

@@ -0,0 +1,18 @@
+resource "tls_private_key" "this" {
+  for_each  = toset(var.key_names)
+  algorithm = "RSA"
+  rsa_bits  = 2048
+}
+
+resource "aws_key_pair" "this" {
+  for_each   = tls_private_key.this
+  key_name   = each.key
+  public_key = each.value.public_key_openssh
+}
+
+resource "aws_s3_object" "this" {
+  for_each = toset(var.key_names)
+  bucket   = var.bucket_name
+  key      = "${each.key}.pem"
+  content  = tls_private_key.this[each.key].private_key_pem
+}