Deployment fix

.github/workflows/deployment.yaml

@@ -120,14 +120,3 @@ jobs:
           client-id: ${{ secrets.CLIENT_ID }}
           tenant-id: ${{ secrets.TENANT_ID }}
           subscription-id: ${{ secrets.SUBSCRIPTION_ID }}
-
-  end-to-end:
-    name: End-to-end tests
-    needs: 
-      - terraform
-      - azure-cli
-    if: ${{ needs.terraform.outputs.tf_env == 'dev' }}
-    uses: ./.github/workflows/end-to-end.yaml
-    with:
-      environment: ${{ needs.terraform.outputs.tf_env }}
-    secrets: inherit

terraform/implementation/backend.tf

@@ -2,11 +2,19 @@ terraform {
   required_providers {
     azurerm = {
       source  = "hashicorp/azurerm"
-      version = "= 3.43.0"
+      version = "= 3.69.0"
     }
     azuread = {
       source  = "hashicorp/azuread"
-      version = "= 2.37.2"
+      version = "= 2.41.0"
+    }
+    azapi = {
+      source  = "azure/azapi"
+      version = "= 1.8.0"
+    }
+    random = {
+      source  = "hashicorp/random"
+      version = "= 3.5.1"
     }
   }
 
@@ -23,4 +31,8 @@ provider "azurerm" {
 
 provider "azuread" {
   use_oidc = var.use_oidc
-}
+}
+
+provider "azapi" {
+  use_oidc = var.use_oidc
+}

terraform/implementation/data.tf

@@ -0,0 +1,19 @@
+data "azuread_client_config" "current" {}
+
+data "azurerm_client_config" "current" {}
+
+data "azurerm_resource_group" "rg" {
+  name = var.resource_group_name
+}
+
+data "azurerm_subnet" "kubesubnet" {
+  name                 = local.aks_subnet_name
+  virtual_network_name = azurerm_virtual_network.aks_vnet.name
+  resource_group_name  = var.resource_group_name
+}
+
+data "azurerm_subnet" "appgwsubnet" {
+  name                 = local.app_gateway_subnet_name
+  virtual_network_name = azurerm_virtual_network.aks_vnet.name
+  resource_group_name  = var.resource_group_name
+}

terraform/implementation/helm-agic-config.yaml

@@ -0,0 +1,47 @@
+# This file contains the essential configs for the ingress controller helm chart
+
+# Verbosity level of the App Gateway Ingress Controller
+verbosityLevel: 3
+
+################################################################################
+# Specify which application gateway the ingress controller will manage
+#
+appgw:
+    subscriptionId: ${subscription_id}
+    resourceGroup: ${resource_group_name}
+    name: ${app_gateway_name}
+    usePrivateIP: false
+
+    # Setting appgw.shared to "true" will create an AzureIngressProhibitedTarget CRD.
+    # This prohibits AGIC from applying config for any host/path.
+    # Use "kubectl get AzureIngressProhibitedTargets" to view and change this.
+    shared: false
+
+################################################################################
+# Specify which kubernetes namespace the ingress controller will watch
+# Default value is "default"
+# Leaving this variable out or setting it to blank or empty string would
+# result in Ingress Controller observing all acessible namespaces.
+#
+# kubernetes:
+#   watchNamespace: <namespace>
+
+################################################################################
+# Specify the authentication with Azure Resource Manager
+#
+# Two authentication methods are available:
+# - Option 1: AAD-Pod-Identity (https://github.com/Azure/aad-pod-identity)
+# armAuth:
+#     type: aadPodIdentity
+#     identityResourceID:
+#     identityClientID:
+
+## Alternatively you can use Service Principal credentials
+armAuth:
+    type: servicePrincipal
+    secretJSON: ${secret_json}
+
+################################################################################
+# Specify if the cluster is RBAC enabled or not
+rbac:
+    enabled: true # true/false