commerce-platform-public/terraform-modules
4
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

- Adjusted Observability module to work with external secret maanger module

Browse source 
- disabled alerts and dashboards for now
This commit is contained in:
Stanislav_Kopp 2025-06-24 15:04:05 +02:00
parent c3bc6ab806
commit 878ecba717
6 changed files with 61 additions and 63 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
observability/alerts.tf → observability/alerts.tf.off
View file

@ -1,9 +1,9 @@
locals { locals {
basic_auth = base64encode("${stackit_observability_credential.observability_credentials.username}:${stackit_observability_credential.observability_credentials.password}") basic_auth = base64encode("${stackit_observability_credential.this.username}:${stackit_observability_credential.this.password}")
} }
resource "local_sensitive_file" "alert_configs" { resource "local_sensitive_file" "alert_configs" {
content = templatefile("../../monitoring/alerts/dev/alertconfigs.json", { content = templatefile("../../../../monitoring/alerts/dev/alertconfigs.json", {
msTeamWebhook = var.msTeamWebhook msTeamWebhook = var.msTeamWebhook
}) })
filename = ".temp/alertconfigs.json" filename = ".temp/alertconfigs.json"
@ -26,7 +26,7 @@ resource "null_resource" "alert_configs" {
} }
resource "local_file" "alert_groups" { resource "local_file" "alert_groups" {
content = templatefile("../../monitoring/alerts/dev/alertgroups.json", { content = templatefile("../../../../monitoring/alerts/dev/alertgroups.json", {
}) })
filename = ".temp/alertgroups.json" filename = ".temp/alertgroups.json"

0
observability/dashboards.tf → observability/dashboards.tf.off
View file

56
observability/observability.tf
View file

@ -1,36 +1,36 @@
// Observability Instance // Observability Instance
resource "stackit_observability_instance" "observability" { resource "stackit_observability_instance" "this" {
project_id = var.stackit_project_id project_id = var.stackit_project_id
name = var.instance_name name = var.obs_instance_name
plan_name = var.service_plan plan_name = var.obs_service_plan
} }
// Observability Credentials // Observability Credentials
resource "stackit_observability_credential" "observability_credentials" { resource "stackit_observability_credential" "this" {
project_id = var.stackit_project_id project_id = var.stackit_project_id
instance_id = stackit_observability_instance.observability.instance_id instance_id = stackit_observability_instance.this.instance_id
} }
// Configure Secret Manager Provider #// Configure Secret Manager Provider
provider "vault" { #provider "vault" {
address = "https://prod.sm.eu01.stackit.cloud" # address = "https://prod.sm.eu01.stackit.cloud"
skip_child_token = true # skip_child_token = true
auth_login_userpass { # auth_login_userpass {
username = var.secret_manager_username # username = var.secret_manager_username
password = var.secret_manager_password # password = var.secret_manager_password
} # }
} #}
#
// Store Observability Credentials in Secret Manager #// Store Observability Credentials in Secret Manager
resource "vault_kv_secret_v2" "secret_manager_cred_save" { #resource "vault_kv_secret_v2" "secret_manager_cred_save" {
mount = var.secret_manager_instance_id # mount = var.secret_manager_instance_id
name = "observability" # name = "observability"
cas = 1 # cas = 1
delete_all_versions = true # delete_all_versions = true
data_json = jsonencode( # data_json = jsonencode(
{ # {
username = stackit_observability_credential.observability_credentials.username, # username = stackit_observability_credential.observability_credentials.username,
password = stackit_observability_credential.observability_credentials.password # password = stackit_observability_credential.observability_credentials.password
} # }
) # )
} #}

28
observability/outputs.tf
View file

@ -1,27 +1,43 @@
output "obervability-username" { output "obervability-username" {
value = stackit_observability_credential.observability_credentials.username value = stackit_observability_credential.this.username
sensitive = true sensitive = true
} }
output "obervability-password" { output "obervability-password" {
value = stackit_observability_credential.observability_credentials.password value = stackit_observability_credential.this.password
sensitive = true sensitive = true
} }
output "observability-instance-id" { output "observability-instance-id" {
value = stackit_observability_instance.observability.instance_id value = stackit_observability_instance.this.instance_id
}
output "observability-logs-push-url" {
value = stackit_observability_instance.this.logs_push_url
}
output "observability-metrics-push-url" {
value = stackit_observability_instance.this.metrics_push_url
}
output "observability-otlp-traces-url" {
value = stackit_observability_instance.this.otlp_traces_url
}
output "observability-dashboard-url" {
value = stackit_observability_instance.this.dashboard_url
} }
output "grafana-password" { output "grafana-password" {
value = stackit_observability_instance.observability.grafana_initial_admin_password value = stackit_observability_instance.this.grafana_initial_admin_password
sensitive = true sensitive = true
} }
output "grafana-username" { output "grafana-username" {
value = stackit_observability_instance.observability.grafana_initial_admin_user value = stackit_observability_instance.this.grafana_initial_admin_user
sensitive = true sensitive = true
} }
output "grafana-url" { output "grafana-url" {
value = stackit_observability_instance.observability.grafana_url value = stackit_observability_instance.this.grafana_url
} }

2
observability/providers.tf
View file

@ -2,7 +2,7 @@ terraform {
required_providers { required_providers {
stackit = { stackit = {
source = "stackitcloud/stackit" source = "stackitcloud/stackit"
version = "0.43.3" version = "~> 0.50.0"
} }
grafana = { grafana = {
source = "grafana/grafana" source = "grafana/grafana"

32
observability/variables.tf
View file

@ -3,39 +3,21 @@ variable "stackit_project_id" {
type = string type = string
} }
variable "instance_name" { variable "obs_instance_name" {
description = "name of the observability instance" description = "name of the observability instance"
type = string type = string
} }
variable "service_plan" { variable "obs_service_plan" {
description = "serviceplan of the observability instance" description = "serviceplan of the observability instance"
type = string type = string
} }
variable "secret_manager_instance_id" { #variable "msTeamWebhook" {
description = "instance id of the secret mangert to store credentials" # description = "webhook for msTeams alert channel"
type = string # type = string
} # sensitive = true
#}
variable "secret_manager_username" {
description = "username of the secret mangert to store credentials"
type = string
sensitive = true
}
variable "secret_manager_password" {
description = "password of the secret mangert to store credentials"
type = string
sensitive = true
}
variable "msTeamWebhook" {
description = "webhook for msTeams alert channel"
type = string
sensitive = true
}
variable "observability_url" { variable "observability_url" {
description = "observability api url to push configs" description = "observability api url to push configs"