From 90cc54087ddb8821f76804bb8482fc5da93e8a4b Mon Sep 17 00:00:00 2001 From: tjololo <1145298+tjololo@users.noreply.github.com> Date: Fri, 7 Mar 2025 14:33:09 +0100 Subject: [PATCH 1/7] add health probes --- .../altinn-apim-test-rg/backend.tf | 38 +++++++++++++++++++ 1 file changed, 38 insertions(+) diff --git a/infrastructure/adminservices-test/altinn-apim-test-rg/backend.tf b/infrastructure/adminservices-test/altinn-apim-test-rg/backend.tf index 5d738b2f..6d27e842 100644 --- a/infrastructure/adminservices-test/altinn-apim-test-rg/backend.tf +++ b/infrastructure/adminservices-test/altinn-apim-test-rg/backend.tf @@ -34,6 +34,15 @@ resource "azurerm_container_app" "container_app" { identity = azurerm_user_assigned_identity.acaghr_managed_identity.id server = data.azurerm_container_registry.altinncr.login_server } + ingress { + allow_insecure_connections = false + target_port = 8080 + transport = "HTTP" + external_enabled = true + traffic_weight { + percentage = 100 + } + } template { container { name = "dis-demo-pgsql" @@ -44,9 +53,38 @@ resource "azurerm_container_app" "container_app" { "webserver", "--auth-enabled" ] + startup_probe { + path = "/swagger/swagger.json" + initial_delay = 0 + interval_seconds = 1 + failure_count_threshold = 10 + timeout = 1 + port = 8080 + transport = "HTTP" + } + readiness_probe { + path = "/swagger/swagger.json" + initial_delay = 0 + interval_seconds = 1 + failure_count_threshold = 3 + success_count_threshold = 1 + timeout = 1 + port = 8080 + transport = "HTTP" + } + liveness_probe { + path = "/swagger/swagger.json" + initial_delay = 0 + interval_seconds = 1 + failure_count_threshold = 3 + timeout = 1 + port = 8080 + transport = "HTTP" + } } min_replicas = 0 max_replicas = 1 + http_scale_rule { name = "http-scale-rule" concurrent_requests = 1000 From b6331525cfdbb5ab99608f66e6abfe6f9ab3c53e Mon Sep 17 00:00:00 2001 From: tjololo <1145298+tjololo@users.noreply.github.com> Date: Fri, 7 Mar 2025 14:34:20 +0100 Subject: [PATCH 2/7] terraform fmt --- .../altinn-apim-test-rg/backend.tf | 44 +++++++++---------- 1 file changed, 22 insertions(+), 22 deletions(-) diff --git a/infrastructure/adminservices-test/altinn-apim-test-rg/backend.tf b/infrastructure/adminservices-test/altinn-apim-test-rg/backend.tf index 6d27e842..72aeb9e9 100644 --- a/infrastructure/adminservices-test/altinn-apim-test-rg/backend.tf +++ b/infrastructure/adminservices-test/altinn-apim-test-rg/backend.tf @@ -36,11 +36,11 @@ resource "azurerm_container_app" "container_app" { } ingress { allow_insecure_connections = false - target_port = 8080 - transport = "HTTP" - external_enabled = true + target_port = 8080 + transport = "HTTP" + external_enabled = true traffic_weight { - percentage = 100 + percentage = 100 } } template { @@ -54,32 +54,32 @@ resource "azurerm_container_app" "container_app" { "--auth-enabled" ] startup_probe { - path = "/swagger/swagger.json" - initial_delay = 0 - interval_seconds = 1 + path = "/swagger/swagger.json" + initial_delay = 0 + interval_seconds = 1 failure_count_threshold = 10 - timeout = 1 - port = 8080 - transport = "HTTP" + timeout = 1 + port = 8080 + transport = "HTTP" } readiness_probe { - path = "/swagger/swagger.json" - initial_delay = 0 - interval_seconds = 1 + path = "/swagger/swagger.json" + initial_delay = 0 + interval_seconds = 1 failure_count_threshold = 3 success_count_threshold = 1 - timeout = 1 - port = 8080 - transport = "HTTP" + timeout = 1 + port = 8080 + transport = "HTTP" } liveness_probe { - path = "/swagger/swagger.json" - initial_delay = 0 - interval_seconds = 1 + path = "/swagger/swagger.json" + initial_delay = 0 + interval_seconds = 1 failure_count_threshold = 3 - timeout = 1 - port = 8080 - transport = "HTTP" + timeout = 1 + port = 8080 + transport = "HTTP" } } min_replicas = 0 From b985fadb6b044fb376c0e49bc6ede21eaeaf49f6 Mon Sep 17 00:00:00 2001 From: tjololo <1145298+tjololo@users.noreply.github.com> Date: Fri, 7 Mar 2025 14:36:08 +0100 Subject: [PATCH 3/7] fix transport --- .../adminservices-test/altinn-apim-test-rg/backend.tf | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/infrastructure/adminservices-test/altinn-apim-test-rg/backend.tf b/infrastructure/adminservices-test/altinn-apim-test-rg/backend.tf index 72aeb9e9..e8d5750d 100644 --- a/infrastructure/adminservices-test/altinn-apim-test-rg/backend.tf +++ b/infrastructure/adminservices-test/altinn-apim-test-rg/backend.tf @@ -37,7 +37,7 @@ resource "azurerm_container_app" "container_app" { ingress { allow_insecure_connections = false target_port = 8080 - transport = "HTTP" + transport = "http" external_enabled = true traffic_weight { percentage = 100 @@ -60,7 +60,7 @@ resource "azurerm_container_app" "container_app" { failure_count_threshold = 10 timeout = 1 port = 8080 - transport = "HTTP" + transport = "http" } readiness_probe { path = "/swagger/swagger.json" @@ -70,7 +70,7 @@ resource "azurerm_container_app" "container_app" { success_count_threshold = 1 timeout = 1 port = 8080 - transport = "HTTP" + transport = "http" } liveness_probe { path = "/swagger/swagger.json" @@ -79,7 +79,7 @@ resource "azurerm_container_app" "container_app" { failure_count_threshold = 3 timeout = 1 port = 8080 - transport = "HTTP" + transport = "http" } } min_replicas = 0 From ee15e7587aa349da48b85c58a201dc99fa40bab4 Mon Sep 17 00:00:00 2001 From: tjololo <1145298+tjololo@users.noreply.github.com> Date: Fri, 7 Mar 2025 14:40:39 +0100 Subject: [PATCH 4/7] fix uppercase for other transports --- .../adminservices-test/altinn-apim-test-rg/backend.tf | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/infrastructure/adminservices-test/altinn-apim-test-rg/backend.tf b/infrastructure/adminservices-test/altinn-apim-test-rg/backend.tf index e8d5750d..aa413975 100644 --- a/infrastructure/adminservices-test/altinn-apim-test-rg/backend.tf +++ b/infrastructure/adminservices-test/altinn-apim-test-rg/backend.tf @@ -60,7 +60,7 @@ resource "azurerm_container_app" "container_app" { failure_count_threshold = 10 timeout = 1 port = 8080 - transport = "http" + transport = "HTTP" } readiness_probe { path = "/swagger/swagger.json" @@ -70,7 +70,7 @@ resource "azurerm_container_app" "container_app" { success_count_threshold = 1 timeout = 1 port = 8080 - transport = "http" + transport = "HTTP" } liveness_probe { path = "/swagger/swagger.json" @@ -79,7 +79,7 @@ resource "azurerm_container_app" "container_app" { failure_count_threshold = 3 timeout = 1 port = 8080 - transport = "http" + transport = "HTTP" } } min_replicas = 0 From a293ec9ee7e0e16da728379aba142ae720fc6a56 Mon Sep 17 00:00:00 2001 From: tjololo <1145298+tjololo@users.noreply.github.com> Date: Fri, 7 Mar 2025 14:44:45 +0100 Subject: [PATCH 5/7] set latest_revision --- infrastructure/adminservices-test/altinn-apim-test-rg/backend.tf | 1 + 1 file changed, 1 insertion(+) diff --git a/infrastructure/adminservices-test/altinn-apim-test-rg/backend.tf b/infrastructure/adminservices-test/altinn-apim-test-rg/backend.tf index aa413975..0288923f 100644 --- a/infrastructure/adminservices-test/altinn-apim-test-rg/backend.tf +++ b/infrastructure/adminservices-test/altinn-apim-test-rg/backend.tf @@ -41,6 +41,7 @@ resource "azurerm_container_app" "container_app" { external_enabled = true traffic_weight { percentage = 100 + latest_revision = true } } template { From e46441d5ecf1b6872cd2d614e911ab993bee577b Mon Sep 17 00:00:00 2001 From: tjololo <1145298+tjololo@users.noreply.github.com> Date: Fri, 7 Mar 2025 14:45:40 +0100 Subject: [PATCH 6/7] terraform fmt --- .../adminservices-test/altinn-apim-test-rg/backend.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/infrastructure/adminservices-test/altinn-apim-test-rg/backend.tf b/infrastructure/adminservices-test/altinn-apim-test-rg/backend.tf index 0288923f..e0248266 100644 --- a/infrastructure/adminservices-test/altinn-apim-test-rg/backend.tf +++ b/infrastructure/adminservices-test/altinn-apim-test-rg/backend.tf @@ -40,7 +40,7 @@ resource "azurerm_container_app" "container_app" { transport = "http" external_enabled = true traffic_weight { - percentage = 100 + percentage = 100 latest_revision = true } } From 35912a64f932794a20a5d8bf06d25289796e5114 Mon Sep 17 00:00:00 2001 From: tjololo <1145298+tjololo@users.noreply.github.com> Date: Fri, 7 Mar 2025 14:48:18 +0100 Subject: [PATCH 7/7] add client_certificate_mode --- .../adminservices-test/altinn-apim-test-rg/backend.tf | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/infrastructure/adminservices-test/altinn-apim-test-rg/backend.tf b/infrastructure/adminservices-test/altinn-apim-test-rg/backend.tf index e0248266..80070f61 100644 --- a/infrastructure/adminservices-test/altinn-apim-test-rg/backend.tf +++ b/infrastructure/adminservices-test/altinn-apim-test-rg/backend.tf @@ -37,8 +37,9 @@ resource "azurerm_container_app" "container_app" { ingress { allow_insecure_connections = false target_port = 8080 - transport = "http" + transport = "auto" external_enabled = true + client_certificate_mode = "ignore" traffic_weight { percentage = 100 latest_revision = true