Remove single servers (#3264)

* Test|

* remove single server

infrastructure/main.tf

@@ -28,40 +28,6 @@ data "azurerm_subnet" "postgres" {
   virtual_network_name = "core-infra-vnet-${var.env}"
 }
 
-module "bulk-scan-db-v11" {
-  source             = "git@github.com:hmcts/cnp-module-postgres?ref=postgresql_tf"
-  product            = var.product
-  component          = var.component
-  name               = join("-", [var.product, var.component, "postgres-db-v11"])
-  location           = var.location_db
-  env                = var.env
-  database_name      = var.database_name
-  postgresql_user    = var.postgresql_user
-  postgresql_version = "11"
-  subnet_id          = data.azurerm_subnet.postgres.id
-  sku_name           = "GP_Gen5_2"
-  sku_tier           = "GeneralPurpose"
-  common_tags        = var.common_tags
-  subscription       = var.subscription
-}
-
-# Staging DB to be used by AAT staging pod for functional tests
-module "bulk-scan-staging-db" {
-  source             = "git@github.com:hmcts/cnp-module-postgres?ref=master"
-  name               = "${var.product}-${var.component}-staging"
-  product            = var.product
-  component          = var.component
-  location           = var.location_db
-  env                = var.env
-  database_name      = var.database_name
-  postgresql_user    = var.postgresql_user
-  postgresql_version = "11"
-  sku_name           = "GP_Gen5_2"
-  sku_tier           = "GeneralPurpose"
-  common_tags        = var.common_tags
-  subscription       = var.subscription
-}
-
 # region: key vault definitions
 data "azurerm_key_vault" "key_vault" {
   name                = local.vaultName
@@ -79,77 +45,6 @@ data "azurerm_key_vault" "reform_scan_key_vault" {
 }
 # endregion
 
-# region DB secrets
-resource "azurerm_key_vault_secret" "POSTGRES-USER" {
-  key_vault_id = data.azurerm_key_vault.key_vault.id
-  name         = "${var.component}-POSTGRES-USER"
-  value        = module.bulk-scan-db-v11.user_name
-}
-
-resource "azurerm_key_vault_secret" "POSTGRES-PASS" {
-  key_vault_id = data.azurerm_key_vault.key_vault.id
-  name         = "${var.component}-POSTGRES-PASS"
-  value        = module.bulk-scan-db-v11.postgresql_password
-}
-
-resource "azurerm_key_vault_secret" "POSTGRES_HOST" {
-  key_vault_id = data.azurerm_key_vault.key_vault.id
-  name         = "${var.component}-POSTGRES-HOST"
-  value        = module.bulk-scan-db-v11.host_name
-}
-
-resource "azurerm_key_vault_secret" "POSTGRES_PORT" {
-  key_vault_id = data.azurerm_key_vault.key_vault.id
-  name         = "${var.component}-POSTGRES-PORT"
-  value        = module.bulk-scan-db-v11.postgresql_listen_port
-}
-
-resource "azurerm_key_vault_secret" "POSTGRES_DATABASE" {
-  key_vault_id = data.azurerm_key_vault.key_vault.id
-  name         = "${var.component}-POSTGRES-DATABASE"
-  value        = module.bulk-scan-db-v11.postgresql_database
-}
-# endregion
-
-# Copy postgres password for flyway migration
-resource "azurerm_key_vault_secret" "flyway_password" {
-  key_vault_id = data.azurerm_key_vault.key_vault.id
-  name         = "flyway-password"
-  value        = module.bulk-scan-db-v11.postgresql_password
-}
-# endregion
-
-# region staging DB secrets
-resource "azurerm_key_vault_secret" "staging_db_user" {
-  key_vault_id = data.azurerm_key_vault.key_vault.id
-  name         = "${var.component}-staging-db-user"
-  value        = module.bulk-scan-staging-db.user_name
-}
-
-resource "azurerm_key_vault_secret" "staging_db_password" {
-  key_vault_id = data.azurerm_key_vault.key_vault.id
-  name         = "${var.component}-staging-db-password"
-  value        = module.bulk-scan-staging-db.postgresql_password
-}
-
-resource "azurerm_key_vault_secret" "staging_db_host" {
-  key_vault_id = data.azurerm_key_vault.key_vault.id
-  name         = "${var.component}-staging-db-host"
-  value        = module.bulk-scan-staging-db.host_name
-}
-
-resource "azurerm_key_vault_secret" "staging_db_port" {
-  key_vault_id = data.azurerm_key_vault.key_vault.id
-  name         = "${var.component}-staging-db-port"
-  value        = module.bulk-scan-staging-db.postgresql_listen_port
-}
-
-resource "azurerm_key_vault_secret" "staging_db_name" {
-  key_vault_id = data.azurerm_key_vault.key_vault.id
-  name         = "${var.component}-staging-db-name"
-  value        = module.bulk-scan-staging-db.postgresql_database
-}
-# endregion
 
 # region: notification queue access key
 resource "azurerm_key_vault_secret" "notifications_queue_send_access_key" {

infrastructure/tf-db-flexible-secrets.tf

@@ -2,6 +2,7 @@
 locals {
   flexible_secret_prefix         = "${var.component}-POSTGRES-FLEXIBLE"
   flexible_secret_prefix_staging = "${var.component}-staging-db-flexible"
+  standard_secret_prefix = "${var.component}-POSTGRES"
 
   flexible_secrets = [
     {
@@ -65,6 +66,18 @@ resource "azurerm_key_vault_secret" "flexible_secret" {
   expiration_date = timeadd(timestamp(), "17520h")
 }
 
+resource "azurerm_key_vault_secret" "flexible_secret_standard_format" {
+  for_each     = { for secret in local.flexible_secrets : secret.name_suffix => secret }
+  key_vault_id = data.azurerm_key_vault.key_vault.id
+  name         = "${local.standard_secret_prefix}-${each.value.name_suffix}"
+  value        = each.value.value
+  tags = merge(var.common_tags, {
+    "source" : "${var.component} PostgreSQL"
+  })
+  content_type    = ""
+  expiration_date = timeadd(timestamp(), "17520h")
+}
+
 resource "azurerm_key_vault_secret" "flexible_secret_staging" {
   for_each     = { for secret in local.flexible_secrets_staging : secret.name_suffix => secret }
   key_vault_id = data.azurerm_key_vault.key_vault.id