add sql server

Signed-off-by: Jorge Turrado <[email protected]>

terraform/main.tf

@@ -305,6 +305,23 @@ module "azurerm_postgres_flexible_server" {
   tags = local.tags
 }
 
+module "azurerm_sql_server" {
+  source              = "./modules/azure/sql-server"
+  resource_group_name = var.azure_resource_group_name
+  unique_project_name = var.unique_project_name
+  location            = "northeurope"
+
+  sql_sku_name   = "GP_Gen5"
+  sql_storage_gb = 5
+
+  sql_database_name = "test_db"
+
+  user_managed_identity_sql_ad_admin = module.azuread_applications.identity_1
+  application_tenant_id              = data.azurerm_client_config.current.tenant_id
+
+  tags = local.tags
+}
+
 // ====== GITHUB SECRETS ======
 
 module "github_secrets" {
@@ -409,6 +426,22 @@ module "github_secrets" {
       name  = "TF_AZURE_POSTGRES_DB_NAME"
       value = module.azurerm_postgres_flexible_server.postgres_database_name
     },
+    {
+      name  = "TF_AZURE_SQL_SERVER_FQDN"
+      value = module.azurerm_sql_server.sql_server_fqdn
+    },
+    {
+      name  = "TF_AZURE_SQL_SERVER_ADMIN_USERNAME"
+      value = module.azurerm_sql_server.admin_username
+    },
+    {
+      name  = "TF_AZURE_SQL_SERVER_ADMIN_PASSWORD"
+      value = module.azurerm_sql_server.admin_password
+    },
+    {
+      name  = "TF_AZURE_SQL_SERVER_DB_NAME"
+      value = module.azurerm_sql_server.sql_database_name
+    },
     {
       name  = "TF_AZURE_KEYVAULT_URI"
       value = module.azure_key_vault.vault_uri

terraform/modules/azure/sql-server/main.tf

@@ -0,0 +1,76 @@
+provider "azurerm" {
+  features {}
+  skip_provider_registration = true
+}
+
+locals {
+  sql_server_name         = "${var.unique_project_name}-e2e-sql-server"
+  sql_server_network_name = "${var.unique_project_name}-e2e-sql-server-net"
+  sql_server_subnet_name  = "${var.unique_project_name}-e2e-sql-server-subnet"
+}
+
+data "azurerm_resource_group" "rg" {
+  name = var.resource_group_name
+}
+
+resource "azurerm_virtual_network" "network" {
+  name                = local.sql_server_network_name
+  resource_group_name = data.azurerm_resource_group.rg.name
+  location            = var.location
+  address_space       = ["10.0.0.0/16"]
+}
+
+resource "azurerm_subnet" "subnet" {
+  name                 = local.sql_server_subnet_name
+  resource_group_name  = data.azurerm_resource_group.rg.name
+  virtual_network_name = azurerm_virtual_network.network.name
+  address_prefixes     = ["10.0.2.0/24"]
+}
+
+resource "random_password" "admin_password" {
+  length      = 32
+  special     = false
+  min_lower   = 1
+  min_numeric = 1
+  min_upper   = 1
+}
+
+resource "random_string" "admin_username" {
+  length    = 8
+  special   = false
+  numeric   = false
+  min_lower = 1
+  min_upper = 1
+}
+
+resource "azurerm_mssql_managed_instance" "instance" {
+  name                = local.sql_server_name
+  resource_group_name = data.azurerm_resource_group.rg.name
+  location            = var.location
+
+  license_type       = "BasePrice"
+  sku_name           = var.sql_sku_name
+  storage_size_in_gb = var.sql_storage_gb
+  subnet_id          = azurerm_subnet.subnet.id
+  vcores             = var.sql_vcores
+
+  administrator_login          = random_string.admin_username.result
+  administrator_login_password = random_password.admin_password.result
+
+  identity {
+    type = "SystemAssigned"
+  }
+}
+
+resource "azurerm_mssql_managed_instance_active_directory_administrator" "admin" {
+  managed_instance_id = azurerm_mssql_managed_instance.instance.id
+  login_username      = "AzureAD Admin"
+  object_id           = var.user_managed_identity_sql_ad_admin
+  tenant_id           = var.application_tenant_id
+}
+
+
+resource "azurerm_mssql_managed_database" "database" {
+  name                = var.sql_database_name
+  managed_instance_id = azurerm_mssql_managed_instance.instance.id
+}

terraform/modules/azure/sql-server/outputs.tf

@@ -0,0 +1,16 @@
+output "sql_server_fqdn" {
+  value = azurerm_mssql_managed_instance.instance.fqdn
+}
+
+output "sql_database_name" {
+  value = var.sql_database_name
+}
+
+output "admin_username" {
+  value = random_string.admin_username.result
+}
+
+output "admin_password" {
+  value = random_password.admin_password.result
+}
+

terraform/modules/azure/sql-server/vars.tf

@@ -0,0 +1,60 @@
+variable "resource_group_name" {
+  type        = string
+  description = "Resource group name where event hub will be placed"
+}
+
+variable "location" {
+  type        = string
+  description = "Location to place the resource"
+  default     = "westeurope"
+}
+
+variable "unique_project_name" {
+  type        = string
+  description = "Value to make unique every resource name generated"
+}
+
+variable "tags" {
+  type        = map(any)
+  description = "Tags to apply on resources accepting it"
+}
+
+variable "sql_version" {
+  type        = string
+  description = "Sql version to use"
+  default     = "12"
+}
+
+variable "sql_sku_name" {
+  type        = string
+  description = "The SKU Name"
+  default     = "GP_Gen5"
+}
+
+variable "sql_storage_gb" {
+  type        = number
+  description = "The max storage allowed"
+  default     = 5
+}
+
+variable "sql_vcores" {
+  type        = number
+  description = "The vcores allowed"
+  default     = 1
+}
+
+variable "sql_database_name" {
+  type        = string
+  description = "Database name to create inside the server"
+  default     = "test_db"
+}
+
+variable "user_managed_identity_sql_ad_admin" {
+  type        = any
+  description = "User managed identitiy that will be granted admin access on the SQL server"
+}
+
+variable "application_tenant_id" {
+  type        = string
+  description = "TenantId of the application"
+}