diff --git a/.github/workflows/_ci-infra-template.yml b/.github/workflows/_ci-infra-template.yml index 45ca45bc..1a324ece 100644 --- a/.github/workflows/_ci-infra-template.yml +++ b/.github/workflows/_ci-infra-template.yml @@ -1,4 +1,4 @@ -name: "Template: Deploy Infra" +name: "Template: Terraform CI" on: workflow_call: diff --git a/.github/workflows/_deploy-app-terraform.yml b/.github/workflows/_deploy-app-terraform.yml index 7e010e61..553cfbcf 100644 --- a/.github/workflows/_deploy-app-terraform.yml +++ b/.github/workflows/_deploy-app-terraform.yml @@ -1,4 +1,4 @@ -name: infra-cd-template.yml +name: "Template: Terraform CD" on: workflow_call: diff --git a/.github/workflows/ci-infra.yml b/.github/workflows/ci-infra.yml index 7b379784..e0d490ec 100644 --- a/.github/workflows/ci-infra.yml +++ b/.github/workflows/ci-infra.yml @@ -12,7 +12,7 @@ jobs: cert: name: Cert secrets: inherit - uses: ./.github/workflows/_deploy-infra-template.yml + uses: ./.github/workflows/_ci-infra-template.yml with: environment: at21 tf_state: cert.tfstate @@ -21,7 +21,7 @@ jobs: auth: name: Auth secrets: inherit - uses: ./.github/workflows/_deploy-infra-template.yml + uses: ./.github/workflows/_ci-infra-template.yml with: environment: at21 tf_state: auth.tfstate @@ -30,7 +30,7 @@ jobs: register: name: Altinn Register secrets: inherit - uses: ./.github/workflows/_deploy-infra-template.yml + uses: ./.github/workflows/_ci-infra-template.yml with: environment: at21 tf_state: Altinn.Register.tfstate diff --git a/infra/deploy/altinn-register/main.tf b/infra/deploy/altinn-register/main.tf index 4ab40ebd..dd2a97a0 100644 --- a/infra/deploy/altinn-register/main.tf +++ b/infra/deploy/altinn-register/main.tf @@ -90,7 +90,7 @@ resource "azurerm_role_assignment" "mass_transit_role" { scope = data.azurerm_servicebus_namespace.sb.id principal_type = "ServicePrincipal" skip_service_principal_aad_check = true - role_definition_name = "Azure Service Bus Mass Transit" + role_definition_name = "Azure Service Bus Mass Transit ${upper(var.environment)}" } resource "azurerm_role_assignment" "key_vault_secret_reader" { diff --git a/infra/modules/container_app/main.tf b/infra/modules/container_app/main.tf index d2afd143..99b24b47 100644 --- a/infra/modules/container_app/main.tf +++ b/infra/modules/container_app/main.tf @@ -66,7 +66,7 @@ resource "azurerm_role_assignment" "rbac" { { id = "service_bus_mass_transit" scope = data.azurerm_servicebus_namespace.sb.id - role_definition_name = "Azure Service Bus Mass Transit" + role_definition_name = "Azure Service Bus Mass Transit ${upper(var.environment)}" should_assign = var.can_use_service_bus }, { diff --git a/infra/modules/container_app_api/main.tf b/infra/modules/container_app_api/main.tf index 256a202d..cc8aebe2 100644 --- a/infra/modules/container_app_api/main.tf +++ b/infra/modules/container_app_api/main.tf @@ -67,7 +67,7 @@ resource "azurerm_role_assignment" "rbac" { { id = "service_bus_mass_transit" scope = data.azurerm_servicebus_namespace.sb.id - role_definition_name = "Azure Service Bus Mass Transit" + role_definition_name = "Azure Service Bus Mass Transit ${upper(var.environment)}" should_assign = var.can_use_auth_service_bus }, { diff --git a/infra/modules/service_bus/main.tf b/infra/modules/service_bus/main.tf index 7d20b926..b20638e4 100644 --- a/infra/modules/service_bus/main.tf +++ b/infra/modules/service_bus/main.tf @@ -74,7 +74,7 @@ resource "azurerm_private_endpoint" "service_bus_private_endpoint" { # Service bus Actions List: https://learn.microsoft.com/en-us/azure/role-based-access-control/permissions/integration#microsoftservicebus # https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/role_definition resource "azurerm_role_definition" "service_bus_masstransit" { - name = "Azure Service Bus Mass Transit" + name = "Azure Service Bus Mass Transit ${upper(var.metadata.environment)}" scope = azurerm_servicebus_namespace.service_bus.id description = "Allow C# Applications use MassTransit with Azure Service Bus"