feat: active property

infra-pipeline.yaml

@@ -70,6 +70,13 @@ parameters:
         destroy: false
         deploy: true
         dependsOn: []
+      - deployment: prod_vpn_gateway
+        environment: prod
+        component: cloud-vpn-gateway
+        destroy: false
+        deploy: true
+        dependsOn:
+          - test_vpn_gateway
       - deployment: test_gameserver
         environment: test
         component: gameserver

terraform/components/cloud-vpn-gateway/inputs-optional.tf

@@ -3,17 +3,3 @@ variable "location" {
   type        = string
   default     = "uksouth"
 }
-
-variable "cloud_vpn_gateway" {
-  type = object({
-    name                         = string
-    existing_resource_group_name = optional(string)
-    tags                         = optional(map(string))
-    networking = object({
-      address_space                 = string
-      gateway_subnet_address_prefix = string
-    })
-  })
-  description = "Object describing the configuration for the VPN Gateway and associated resources."
-  default     = {}
-}

terraform/components/cloud-vpn-gateway/inputs-required.tf

@@ -2,3 +2,17 @@ variable "env" {
   description = "The name of the environment"
   type        = string
 }
+
+variable "cloud_vpn_gateway" {
+  type = object({
+    name                         = string
+    active                       = optional(bool, true)
+    existing_resource_group_name = optional(string)
+    tags                         = optional(map(string))
+    networking = object({
+      address_space                 = string
+      gateway_subnet_address_prefix = string
+    })
+  })
+  description = "Object describing the configuration for the VPN Gateway and associated resources."
+}

terraform/components/cloud-vpn-gateway/networking.tf

@@ -1,5 +1,5 @@
 module "networking" {
-  count  = var.cloud_vpn_gateway != null && var.cloud_vpn_gateway != {} ? 1 : 0
+  count  = var.cloud_vpn_gateway.active ? 1 : 0
   source = "github.com/hmcts/terraform-module-azure-virtual-networking?ref=main"
 
   env                          = var.env
@@ -26,7 +26,7 @@ module "networking" {
 }
 
 resource "azurerm_public_ip" "this" {
-  count               = var.cloud_vpn_gateway != null && var.cloud_vpn_gateway != {} ? 1 : 0
+  count               = var.cloud_vpn_gateway.active ? 1 : 0
   name                = "${local.name}-public-ip"
   location            = var.location
   resource_group_name = local.resource_group_name

terraform/components/cloud-vpn-gateway/resource-group.tf

@@ -1,5 +1,5 @@
 resource "azurerm_resource_group" "this" {
-  count    = var.cloud_vpn_gateway != null && var.cloud_vpn_gateway != {} && var.cloud_vpn_gateway.existing_resource_group_name == null ? 1 : 0
+  count    = var.cloud_vpn_gateway.active && var.cloud_vpn_gateway.existing_resource_group_name == null ? 1 : 0
   name     = "${local.name}-rg"
   location = var.location
 }

terraform/components/cloud-vpn-gateway/vpn-gateway.tf

@@ -1,5 +1,5 @@
 resource "azurerm_virtual_network_gateway" "this" {
-  count               = var.cloud_vpn_gateway != null && var.cloud_vpn_gateway != {} ? 1 : 0
+  count               = var.cloud_vpn_gateway.active ? 1 : 0
   name                = "${local.name}-gateway"
   location            = var.location
   resource_group_name = local.resource_group_name

terraform/environments/prod/prod.tfvars

@@ -204,8 +204,16 @@ adguard_user_rules = [
   "@@||whattoexpect.com^$important",
   "@@||analytics.twingate.com^$important",
   "@@||msmetrics.ws.sonos.com^$important",
-  "@@||graph.facebook.com^$important",
-  "@@||b-graph.facebook.com^$important",
-  "@@||web.facebook.com^$important",
+  "@@||graph.facebook.com^$important",
+  "@@||b-graph.facebook.com^$important",
+  "@@||web.facebook.com^$important",
   "@@||graph.instagram.com^$important",
 ]
+
+cloud_vpn_gateway = {
+  name = "lab-vpn"
+  networking = {
+    address_space                 = "10.151.200.0/24"
+    gateway_subnet_address_prefix = "10.151.200.0/24"
+  }
+}