From d47068f0f93561922594ea0d528f647c948c4bd9 Mon Sep 17 00:00:00 2001
From: Ollie-Smith <oliver.smith@hmcts.net>
Date: Thu, 26 Oct 2023 11:20:33 +0100
Subject: [PATCH 1/5] PAY-6575_Flexible-DB-Setup

---
 infrastructure/aat.tfvars      |  1 +
 infrastructure/demo.tfvars     |  1 +
 infrastructure/ithc.tfvars     |  1 +
 infrastructure/main.tf         | 60 ++++++++++++++++++++++++++++++++++
 infrastructure/perftest.tfvars |  1 +
 infrastructure/prod.tfvars     |  1 +
 infrastructure/variables.tf    | 12 +++++++
 7 files changed, 77 insertions(+)

diff --git a/infrastructure/aat.tfvars b/infrastructure/aat.tfvars
index c3eb14125..8875cda56 100644
--- a/infrastructure/aat.tfvars
+++ b/infrastructure/aat.tfvars
@@ -1,3 +1,4 @@
 sku_name                                    = "GP_Gen5_4"
+flexible_sku_name                           = "GP_Standard_D4s_v3"
 sku_capacity                                = "4"
 feeregister_api_gateway_certificate_thumbprints = ["B1BF8007527F85085D7C4A3DC406A9A6D124D721", "E5F54E7BA2B780E2B1B1FFAC68F801251935BE80", "B9D9E70AC23EAF8EA094F6B59EF77FF77D977CBE","D36AC5686200258AE7C03CCCA70E14B69C17F94B"]
diff --git a/infrastructure/demo.tfvars b/infrastructure/demo.tfvars
index e4c132d13..161259b94 100644
--- a/infrastructure/demo.tfvars
+++ b/infrastructure/demo.tfvars
@@ -1,4 +1,5 @@
 sku_name                                    = "GP_Gen5_2"
+flexible_sku_name                           = "GP_Standard_D2s_v3"
 sku_capacity                                = "2"
 feeregister_api_gateway_certificate_thumbprints = ["B1BF8007527F85085D7C4A3DC406A9A6D124D721", "E5F54E7BA2B780E2B1B1FFAC68F801251935BE80", "B9D9E70AC23EAF8EA094F6B59EF77FF77D977CBE", "D36AC5686200258AE7C03CCCA70E14B69C17F94B"]
 aks_subscription_id = "d025fece-ce99-4df2-b7a9-b649d3ff2060"
diff --git a/infrastructure/ithc.tfvars b/infrastructure/ithc.tfvars
index 78b5d9057..43e5f5a5a 100644
--- a/infrastructure/ithc.tfvars
+++ b/infrastructure/ithc.tfvars
@@ -1,3 +1,4 @@
 sku_name                                    = "GP_Gen5_2"
+flexible_sku_name                           = "GP_Standard_D2s_v3"
 sku_capacity                                = "2"
 feeregister_api_gateway_certificate_thumbprints = ["B1BF8007527F85085D7C4A3DC406A9A6D124D721", "E5F54E7BA2B780E2B1B1FFAC68F801251935BE80", "B9D9E70AC23EAF8EA094F6B59EF77FF77D977CBE"]
diff --git a/infrastructure/main.tf b/infrastructure/main.tf
index 2a7e91907..d6aaf982c 100644
--- a/infrastructure/main.tf
+++ b/infrastructure/main.tf
@@ -99,6 +99,35 @@ module "fees-register-database-v11" {
   additional_databases = var.additional_databases
 }
 
+module "fees-register-database-v15" {
+  providers = {
+    azurerm.postgres_network = azurerm.postgres_network
+  }
+  source = "git@github.com:hmcts/terraform-module-postgresql-flexible?ref=master"
+  product = var.product
+  component = var.component
+  business_area = "cft"
+  name = join("-", [var.product, "postgres-db-v15"])
+  location = var.location
+  env = var.env
+  pgsql_admin_username = var.postgresql_user
+  pgsql_databases = [
+      {
+        name : var.database_name
+      }
+    ]
+    pgsql_server_configuration = [
+        {
+          name  = "azure.extensions"
+          value = "plpgsql,pg_stat_statements,pg_buffercache"
+        }
+      ]
+  pgsql_sku = var.flexible_sku_name
+  admin_user_object_id = var.jenkins_AAD_objectId
+  common_tags = var.common_tags
+  pgsql_version = var.postgresql_flexible_sql_version
+}
+
 resource "azurerm_key_vault_secret" "POSTGRES-PASS" {
   name         = join("-", [var.component, "POSTGRES-PASS"])
   value        = module.fees-register-database-v11.postgresql_password
@@ -129,6 +158,37 @@ resource "azurerm_key_vault_secret" "POSTGRES_DATABASE" {
   key_vault_id = data.azurerm_key_vault.fees_key_vault.id
 }
 
+# Populate Vault with Flexible DB info
+
+resource "azurerm_key_vault_secret" "POSTGRES-PASS-V15" {
+  name         = join("-", [var.component, "POSTGRES-PASS-V15"])
+  value        = module.fees-register-database-v15.password
+  key_vault_id = data.azurerm_key_vault.fees_key_vault.id
+}
+
+resource "azurerm_key_vault_secret" "POSTGRES-USER-V15" {
+  name         = join("-", [var.component, "POSTGRES-USER-V15"])
+  value        = module.fees-register-database-v15.username
+  key_vault_id = data.azurerm_key_vault.fees_key_vault.id
+}
+
+resource "azurerm_key_vault_secret" "POSTGRES_HOST-V15" {
+  name         = join("-", [var.component, "POSTGRES-HOST-V15"])
+  value        = module.fees-register-database-v15.fqdn
+  key_vault_id = data.azurerm_key_vault.fees_key_vault.id
+}
+
+resource "azurerm_key_vault_secret" "POSTGRES_PORT-V15" {
+  name         = join("-", [var.component, "POSTGRES-PORT-V15"])
+  value        = var.postgresql_flexible_server_port
+  key_vault_id = data.azurerm_key_vault.fees_key_vault.id
+}
+
+resource "azurerm_key_vault_secret" "POSTGRES_DATABASE-V15" {
+  name         = join("-", [var.component, "POSTGRES-DATABASE-V15"])
+  value        = var.database_name
+  key_vault_id = data.azurerm_key_vault.fees_key_vault.id
+}
 
 data "azurerm_key_vault" "s2s_key_vault" {
   name                = local.s2s_key_vault_name
diff --git a/infrastructure/perftest.tfvars b/infrastructure/perftest.tfvars
index b7859a5e9..94acb5a22 100644
--- a/infrastructure/perftest.tfvars
+++ b/infrastructure/perftest.tfvars
@@ -1,3 +1,4 @@
 sku_name                                    = "GP_Gen5_4"
+flexible_sku_name                           = "GP_Standard_D4s_v3"
 sku_capacity                                = "4"
 feeregister_api_gateway_certificate_thumbprints = ["B1BF8007527F85085D7C4A3DC406A9A6D124D721", "E5F54E7BA2B780E2B1B1FFAC68F801251935BE80", "B9D9E70AC23EAF8EA094F6B59EF77FF77D977CBE"]
diff --git a/infrastructure/prod.tfvars b/infrastructure/prod.tfvars
index 23e83cdae..9b9b08d35 100644
--- a/infrastructure/prod.tfvars
+++ b/infrastructure/prod.tfvars
@@ -1,3 +1,4 @@
 sku_name                                    = "GP_Gen5_4"
+flexible_sku_name                           = "GP_Standard_D4s_v3"
 sku_capacity                                = "4"
 feeregister_api_gateway_certificate_thumbprints = ["B9D9E70AC23EAF8EA094F6B59EF77FF77D977CBE","68EDF481C5394D65962E9810913455D3EC635FA5","B1BF8007527F85085D7C4A3DC406A9A6D124D721","B49BDDE7818B78058AC7401BE0284A40845031E3","C6E2FBAB5FED58FD86C10A3BD212CF44668FD1A3","7744A2F56BD3B73C0D7FED61309E1C65AF08538C"]
diff --git a/infrastructure/variables.tf b/infrastructure/variables.tf
index b686913d2..153ddefbc 100644
--- a/infrastructure/variables.tf
+++ b/infrastructure/variables.tf
@@ -54,6 +54,18 @@ variable "core_product" {
   default = "ccpay"
 }
 
+variable flexible_sku_name {
+  default = "GP_Standard_D2s_v3"
+}
+
 variable "postgresql_version" {
   default = "11"
 }
+
+variable "postgresql_flexible_sql_version" {
+  default = "15"
+}
+
+variable "postgresql_flexible_server_port" {
+  default = "5432"
+}

From 2ef6446875035419ea9a1d091e74087b8c8011d6 Mon Sep 17 00:00:00 2001
From: Ollie-Smith <oliver.smith@hmcts.net>
Date: Thu, 26 Oct 2023 11:53:28 +0100
Subject: [PATCH 2/5] PAY-6575_Flexible-DB-Setup

---
 infrastructure/variables.tf | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/infrastructure/variables.tf b/infrastructure/variables.tf
index 153ddefbc..62566151b 100644
--- a/infrastructure/variables.tf
+++ b/infrastructure/variables.tf
@@ -54,10 +54,18 @@ variable "core_product" {
   default = "ccpay"
 }
 
+variable sku_name {
+  default = "GP_Gen5_2"
+}
+
 variable flexible_sku_name {
   default = "GP_Standard_D2s_v3"
 }
 
+variable "sku_capacity" {
+  default = "2"
+}
+
 variable "postgresql_version" {
   default = "11"
 }

From 69ca44b7a559b484e1346de13005364f9df37d49 Mon Sep 17 00:00:00 2001
From: Ollie-Smith <oliver.smith@hmcts.net>
Date: Thu, 26 Oct 2023 12:04:49 +0100
Subject: [PATCH 3/5] PAY-6575_Flexible-DB-Setup

---
 infrastructure/provider.tf | 6 ++++++
 1 file changed, 6 insertions(+)
 create mode 100644 infrastructure/provider.tf

diff --git a/infrastructure/provider.tf b/infrastructure/provider.tf
new file mode 100644
index 000000000..4cbc37f84
--- /dev/null
+++ b/infrastructure/provider.tf
@@ -0,0 +1,6 @@
+provider "azurerm" {
+  features {}
+  skip_provider_registration = true
+  alias                      = "postgres_network"
+  subscription_id            = var.aks_subscription_id
+}

From a8edb677c4e6351a99cd0f66dca41a14fd9fdbda Mon Sep 17 00:00:00 2001
From: Ollie-Smith <oliver.smith@hmcts.net>
Date: Fri, 3 Nov 2023 10:52:30 +0000
Subject: [PATCH 4/5] PAY-6575_secrets

---
 charts/fees-register-api/values.yaml | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/charts/fees-register-api/values.yaml b/charts/fees-register-api/values.yaml
index 09f45b93d..5f88a2a59 100644
--- a/charts/fees-register-api/values.yaml
+++ b/charts/fees-register-api/values.yaml
@@ -3,10 +3,10 @@ java:
   applicationPort: 8080
   ingressHost: fees-register-api-{{ .Values.global.environment }}.service.core-compute-{{ .Values.global.environment }}.internal
   environment:
-    POSTGRES_PORT: 5432
-    POSTGRES_HOST: fees-register-postgres-db-v11-{{ .Values.global.environment }}.postgres.database.azure.com
+   # POSTGRES_PORT: 5432
+   # POSTGRES_HOST: fees-register-postgres-db-v11-{{ .Values.global.environment }}.postgres.database.azure.com
     POSTGRES_NAME: fees_register
-    POSTGRES_USERNAME: fees_register@fees-register-postgres-db-v11-{{ .Values.global.environment }}
+   # POSTGRES_USERNAME: fees_register@fees-register-postgres-db-v11-{{ .Values.global.environment }}
     POSTGRES_CONNECTION_OPTIONS: ?sslmode=require
     SPRING_LIQUIBASE_ENABLED: false
     REFORM_SERVICE_NAME: fees-register-api
@@ -24,6 +24,12 @@ java:
       secrets:
         - name: api-POSTGRES-PASS
           alias: POSTGRES_PASSWORD
+        - name: api-POSTGRES-HOST
+          alias: POSTGRES_HOST
+        - name: api-POSTGRES-PORT
+          alias: POSTGRES_PORT
+        - name: api-POSTGRES-USER
+          alias: POSTGRES_USERNAME
     ccpay:
       secrets:
         - name: app-insights-connection-string

From 0eadf8094dfb483f758eb9403443fa9da1aa8e88 Mon Sep 17 00:00:00 2001
From: hmcts-jenkins-a-to-c
 <62422075+hmcts-jenkins-a-to-c[bot]@users.noreply.github.com>
Date: Fri, 3 Nov 2023 10:57:56 +0000
Subject: [PATCH 5/5] Bumping chart version/ fixing aliases

---
 charts/fees-register-api/Chart.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/charts/fees-register-api/Chart.yaml b/charts/fees-register-api/Chart.yaml
index 7d50b66cf..bf2d86cdf 100644
--- a/charts/fees-register-api/Chart.yaml
+++ b/charts/fees-register-api/Chart.yaml
@@ -3,7 +3,7 @@ appVersion: "2.0"
 description: Helm chart for the HMCTS fees-register api
 name: fees-register-api
 home: https://github.com/hmcts/ccfr-fees-register-app
-version: 0.4.2
+version: 0.4.3
 maintainers:
   - name: HMCTS Fees & Payments Dev Team
     email: ccpay@hmcts.net