cloud-gov · jameshochadel · Dec 3, 2024 · Dec 3, 2024
@@ -1,96 +1 @@
-data "cloudfoundry_space" "services" {
-  name     = var.space_name
-  org_name = var.org_name
-}
 
-resource "random_password" "csb_app_password" {
-  length      = 32
-  special     = false
-  min_special = 0
-  min_upper   = 5
-  min_numeric = 5
-  min_lower   = 5
-}
-
-resource "cloudfoundry_app" "csb" {
-  name  = "csb"
-  space = data.cloudfoundry_space.services.id
-
-  docker_image = "${var.docker_image_name}${var.docker_image_version}"
-  docker_credentials = {
-    "username" = var.ecr_access_key_id
-    "password" = var.ecr_secret_access_key
-  }
-
-  command    = "/app/csb serve"
-  instances  = var.instances
-  memory     = 1 * 1024 # 1GB
-  disk_quota = 7 * 1024 # 7GB
-
-  environment = {
-    # General broker configuration
-    BROKERPAK_UPDATES_ENABLED  = true
-    DB_HOST                    = var.rds_host
-    DB_NAME                    = var.rds_name
-    DB_PASSWORD                = var.rds_password
-    DB_PORT                    = var.rds_port
-    DB_TLS                     = true
-    DB_USERNAME                = var.rds_name
-    SECURITY_USER_NAME         = "broker"
-    SECURITY_USER_PASSWORD     = random_password.csb_app_password.result
-    TERRAFORM_UPGRADES_ENABLED = true
-
-    # Access keys for managing resources provisioned by brokerpaks
-    AWS_ACCESS_KEY_ID_GOVCLOUD       = var.aws_access_key_id_govcloud
-    AWS_SECRET_ACCESS_KEY_GOVCLOUD   = var.aws_secret_access_key_govcloud
-    AWS_REGION_GOVCLOUD              = var.aws_region_govcloud
-    AWS_ACCESS_KEY_ID_COMMERCIAL     = var.aws_access_key_id_commercial
-    AWS_SECRET_ACCESS_KEY_COMMERCIAL = var.aws_secret_access_key_commercial
-    AWS_REGION_COMMERCIAL            = var.aws_region_commercial
-
-    # Other values that are used by convention by all brokerpaks
-    CLOUD_GOV_ENVIRONMENT = var.stack_name
-
-    # Brokerpak-specific variables
-    CG_SMTP_AWS_ZONE = var.cg_smtp_aws_ses_zone
-  }
-
-  routes {
-    route = cloudfoundry_route.csb.id
-  }
-
-  health_check_type          = "http"
-  health_check_http_endpoint = "/ready"
-}
-
-data "cloudfoundry_domain" "platform_components" {
-  name = var.broker_route_domain
-}
-
-resource "cloudfoundry_route" "csb" {
-  domain   = data.cloudfoundry_domain.platform_components.id
-  hostname = "services"
-  space    = data.cloudfoundry_space.services.id
-}
-
-// The cloudfoundry-community provider does not wait appropriately for the broker to be ready.
-// Until we can switch to https://registry.terraform.io/providers/cloudfoundry/cloudfoundry/latest/docs,
-// use this workaround.
-resource "time_sleep" "wait_for_csb_ready" {
-  create_duration = "60s"
-  depends_on      = [cloudfoundry_app.csb]
-}
-
-resource "cloudfoundry_service_broker" "csb" {
-  name     = "csb"
-  password = random_password.csb_app_password.result
-  url      = "https://${cloudfoundry_route.csb.endpoint}"
-  username = "broker"
-
-  depends_on = [time_sleep.wait_for_csb_ready]
-}
-
-resource "cloudfoundry_service_plan_access" "smtp" {
-  plan   = cloudfoundry_service_broker.csb.service_plans["cg-smtp/base"]
-  public = true
-}
@@ -3,36 +3,29 @@ variable "stack_name" {
   description = "Like development, staging, or production."
 }
 
-# Database credentials
-
-variable "rds_host" {
-  type        = string
-  description = "Hostname of the RDS instance for the Cloud Service Broker."
-}
+# CSB CF Application Configuration
 
-variable "rds_port" {
+variable "org_name" {
   type        = string
-  description = "Port of the RDS instance for the Cloud Service Broker."
+  description = "The name of the Cloud Foundry organization in which the broker will be deployed."
 }
 
-variable "rds_name" {
+variable "space_name" {
   type        = string
-  description = "Database name within the RDS instance for the Cloud Service Broker."
+  description = "The name of the Cloud Foundry space in which the broker will be deployed."
 }
 
-variable "rds_username" {
+variable "docker_image_name" {
   type        = string
-  description = "Database username of the RDS instance for the Cloud Service Broker."
+  description = "Full name (but not tag or SHA) of the Docker image the broker will use."
 }
 
-variable "rds_password" {
+variable "docker_image_version" {
   type        = string
-  sensitive   = true
-  description = "Database password of the RDS instance for the Cloud Service Broker."
+  description = "Tag or SHA of the Docker image the broker will use. For example, ':latest' or '@sha256:abc123...'."
+  default     = ":latest"
 }
 
-# Application variables
-
 variable "ecr_access_key_id" {
   description = "For pulling the CSB image from ECR."
   type        = string
@@ -49,12 +42,46 @@ variable "instances" {
   type        = number
 }
 
+variable "broker_route_domain" {
+  type        = string
+  description = "The domain under which the broker's route will be created. For example, 'fr.cloud.gov'."
+}
+
+# Database credentials
+
+variable "rds_host" {
+  type        = string
+  description = "Hostname of the RDS instance for the Cloud Service Broker."
+}
+
+variable "rds_port" {
+  type        = string
+  description = "Port of the RDS instance for the Cloud Service Broker."
+}
+
+variable "rds_name" {
+  type        = string
+  description = "Database name within the RDS instance for the Cloud Service Broker."
+}
+
+variable "rds_username" {
+  type        = string
+  description = "Database username of the RDS instance for the Cloud Service Broker."
+}
+
+variable "rds_password" {
+  type        = string
+  sensitive   = true
+  description = "Database password of the RDS instance for the Cloud Service Broker."
+}
+
+# CSB Configuration
+
 variable "cg_smtp_aws_ses_zone" {
   type        = string
   description = "When the user does not provide a domain, a subdomain will be created for them under this DNS zone."
 }
 
-// Broker credentials
 variable "aws_access_key_id_govcloud" {
   type = string
 }
@@ -80,29 +107,3 @@ variable "aws_secret_access_key_commercial" {
 variable "aws_region_commercial" {
   type = string
 }
-
-variable "org_name" {
-  type        = string
-  description = "The name of the Cloud Foundry organization in which the broker will be deployed."
-}
-
-variable "space_name" {
-  type        = string
-  description = "The name of the Cloud Foundry space in which the broker will be deployed."
-}
-
-variable "docker_image_name" {
-  type        = string
-  description = "Full name (but not tag or SHA) of the Docker image the broker will use."
-}
-
-variable "docker_image_version" {
-  type        = string
-  description = "Tag or SHA of the Docker image the broker will use. For example, ':latest' or '@sha256:abc123...'."
-  default     = ":latest"
-}
-
-variable "broker_route_domain" {
-  type        = string
-  description = "The domain under which the broker's route will be created. For example, 'fr.cloud.gov'."
-}