Feat/web app deployments (#4)

* Add core variables for GCP infrastructure and remove obsolete network variables

* Refactor variable descriptions in variables.tf for clarity and consistency

* Add core GCP infrastructure modules for Cloud SQL and VPC networking

* Refactor GCP infrastructure setup: consolidate modules, add lifecycle config, and enhance variable definitions

* Refactor variables in variables.tf: remove obsolete network_self_link variable and reorder authorized_networks definition for clarity

* Refactor variable descriptions in variables.tf for consistency and clarity; remove obsolete network_self_link variable.

* Add provider configuration and refactor Cloud SQL module: replace obsolete network_self_link with direct reference to VPC network; remove outputs.tf file.

* Add Cloud Run and GCS infrastructure: create service accounts, build triggers, storage buckets, and IAM bindings; enhance variable definitions and descriptions for clarity.

* Update GCS bucket names in backend configuration for dev and prod environments

* Refactor init script for environment setup: improve error handling, streamline variable loading, and enhance bucket creation logic.

* Fix formatting in backend.tf: add newline at end of file for consistency

* Remove .env files from .gitignore to allow environment variable management

* Add environment configuration files and update Terraform templates for core infrastructure

- Create dev.env and prod.env for environment variable management
- Enhance init.sh to validate additional variables and create environment directories
- Add main.tf, provider.tf, and variables.tf templates for core module configuration
- Update backend.tf for GCS state management with dynamic prefixes

* Update terraform.tfvars generation to include network and database configuration variables

* Add terraform.tfvars.template for environment configuration in init directory

* Add lifecycle configuration for GCS bucket and update age and versioning rules

* Add 'env' variable to Terraform configuration for environment specification

* Add dependency on network peering routes for SQL database instance

* Add initial Terraform configuration for shared services environment

* Add GCS web app module and Cloud Build trigger configuration

* Add GCS web app load balancer configuration and update variables

* Add GCS web app module configuration and enable service account dependencies

* Refactor IAM resource names for consistency and add dependencies for Cloud Build service account

* Fix dependency order for service networking connection in network module

* Add template.env for environment configuration and remove lifecycle-config.json

* Remove shared services Terraform configuration files

Author: jwaspin

.gitignore

@@ -1,5 +1,3 @@
-*.env
-
 # Local .terraform directories
 .terraform/
 

terraform/dev/backend.tf

@@ -1,6 +1,6 @@
 terraform {
   backend "gcs" {
-    bucket = "lf-dev-tf-state"
+    bucket = "luca-ledger-dev-tf-state"
     prefix = "tf-state/dev"
   }
-}
+}

terraform/dev/lifecycle-config.json

@@ -1,35 +1,41 @@
-provider "google" {
-  project   = "luca-ledger-dev"
-  region    = "us-central1"
-}
-
-module "network" {
-  source          = "../modules/network"
-
-  project_id      = "luca-ledger-dev"
-  region          = "us-central1"
-
-  network_name    = "luca-ledger-dev-vpc-network"
-  subnet_name     = "luca-ledger-dev-subnet"
-  subnet_ip       = "10.1.1.0/24"
-}
-
-module "sql" {
-  source                = "../modules/sql"
-
-  region                = "us-central1"
-
-  db_instance_name      = "luca-ledger-dev-sql"
-  db_version            = "POSTGRES_16"
-  db_name               = "ledger"
-  deletion_protection   = true
-  network_self_link     = module.network.network_self_link
-
+module "core" {
+  source = "../modules/core"
+
+  project_id            = var.project_id
+  region                = var.region
+  
+  network_name          = var.network_name
+  subnet_name           = var.subnet_name
+  subnet_ip             = var.subnet_ip
+  
+  db_version            = var.db_version
+  db_instance_name      = var.db_instance_name
+  db_name               = var.db_name
+  
   db_admin_username     = var.db_admin_username
   db_admin_password     = var.db_admin_password
+  
   db_user_username      = var.db_user_username
   db_user_password      = var.db_user_password
+  
+  deletion_protection   = var.deletion_protection
   authorized_networks   = var.authorized_networks
+}
+
+module "web-app-gcs" {
+  source = "../modules/web-app-gcs"
+
+  env           = var.env
+  project_id    = var.project_id
+  region        = var.region
 
-  depends_on            = [module.network]
+  service_account_name_gcs = "cloud-build-sa-gcs"
+  service_name_gcs  = "luca-ledger-dev-web-app-gcs"
+
+  branch_pattern  = ".*"
+  bucket_name     = "luca-ledger-dev-web-app"
+
+  ssl_domains = ["dev.lucaledger.app"]
 }
+
+#module "web-app-cloud-run" {}

terraform/dev/main.tf

@@ -0,0 +1,14 @@
+terraform {
+  required_providers {
+    google = {
+      source  = "hashicorp/google"
+      version = ">= 4.46.0"
+    }
+  }
+  required_version = ">= 1.3.0"
+}
+
+provider "google" {
+  project = var.project_id
+  region  = var.region
+}

terraform/dev/provider.tf

@@ -1,28 +1,77 @@
-variable "db_user_username" {
-  description = "Database user username"
+variable "env" {
   type        = string
+  description = "The environment"
 }
 
-variable "db_user_password" {
-  description = "Database user password"
+variable "project_id" {
   type        = string
-  sensitive   = true
+  description = "The ID of the GCP project"
+}
+
+variable "region" {
+  type        = string
+  description = "The region where resources will be deployed"
+}
+
+variable "network_name" {
+  type        = string
+  description = "The name of the VPC network"
+}
+
+variable "subnet_name" {
+  type        = string
+  description = "The name of the subnet within the VPC"
+}
+
+variable "subnet_ip" {
+  type        = string
+  description = "The IP CIDR range of the subnet (e.g., 10.0.0.0/24)"
+}
+
+variable "db_version" {
+  type        = string
+  description = "The Cloud SQL database version (e.g., POSTGRES_13)"
+}
+
+variable "db_instance_name" {
+  type        = string
+  description = "The name to assign to the Cloud SQL instance"
+}
+
+variable "db_name" {
+  type        = string
+  description = "The name of the initial database to create"
 }
 
 variable "db_admin_username" {
-  description = "Database admin user name"
   type        = string
-  sensitive   = true
+  description = "The admin username for the Cloud SQL instance"
 }
 
 variable "db_admin_password" {
-  description = "Database admin password"
   type        = string
+  description = "The password for the database admin user"
+  sensitive   = true
+}
+
+variable "db_user_username" {
+  type        = string
+  description = "The username for the application-level database user"
+}
+
+variable "db_user_password" {
+  type        = string
+  description = "The password for the application-level database user"
   sensitive   = true
 }
 
+variable "deletion_protection" {
+  type        = bool
+  description = "Whether to enable deletion protection on the Cloud SQL instance"
+}
+
 variable "authorized_networks" {
-  description = "Networks to add to the white list for allowed access"
+  description = "List of external networks authorized to connect to the database"
   type = list(object({
     name  = string
     value = string

terraform/dev/variables.tf

@@ -0,0 +1,5 @@
+ENV=dev
+GCP_PROJECT=luca-ledger-dev
+TF_STATE_BUCKET=luca-ledger-dev-tf-state
+TF_STATE_PATH=tf-state/dev
+REGION=us-central1

terraform/init/env/dev.env

@@ -0,0 +1,5 @@
+ENV=prod
+GCP_PROJECT=luca-ledger-prod
+TF_STATE_BUCKET=luca-ledger-prod-tf-state
+TF_STATE_PATH=tf-state/prod
+REGION=us-central1

terraform/init/env/prod.env

@@ -0,0 +1,5 @@
+ENV=shared-services
+GCP_PROJECT=luca-ledger-shared-services
+TF_STATE_BUCKET=luca-ledger-shared-services-tf-state
+TF_STATE_PATH=tf-state/shared-services
+REGION=us-central1

terraform/init/env/shared-services.env

@@ -0,0 +1,4 @@
+PROJECT_ID=
+BUCKET_NAME=lf-dev-tf-state
+BUCKET_REGION=us-central1
+ENABLE_VERSIONING=true