XIN-241: Add access point for EFS on devnet

2026-06-19 21:31:37 +00:00 · 2022-10-03 15:35:00 +11:00 · 2022-10-03 15:35:00 +11:00 · 8bbb320ad2
commit 8bbb320ad2
parent 9ece2ddb32
3 changed files with 58 additions and 16 deletions
--- a/cicd/devnet/terraform/efs.tf
+++ b/cicd/devnet/terraform/efs.tf
@ -0,0 +1,39 @@
+
+# EFS
+resource "aws_efs_file_system" "devnet_efs" {
+   creation_token = "efs"
+   performance_mode = "generalPurpose"
+   throughput_mode = "bursting"
+   encrypted = "true"
+   tags = {
+       Name = "TfDevnetEfs"
+   }
+ }
+
+resource "aws_efs_mount_target" "devnet_efs_efs_mount_target" {
+  file_system_id = aws_efs_file_system.devnet_efs.id
+  subnet_id      = aws_subnet.devnet_subnet.id
+  security_groups = [aws_security_group.devnet_efs_security_group.id]
+}
+
+resource "aws_efs_access_point" "devnet_efs_access_point" {
+  file_system_id = aws_efs_file_system.devnet_efs.id
+  for_each = var.devnet_node_kyes
+  root_directory {
+    path = "/${each.key}/database"
+    creation_info {
+      owner_gid = 1001
+      owner_uid = 1001
+      permissions = 777
+    }
+  }
+  posix_user {
+    gid = 1001
+    uid = 1001
+    secondary_gids = [0]
+  }
+  
+  tags = {
+       Name = "TfDevnetEfsAccessPoint-${each.key}"
+   }
+}
--- a/cicd/devnet/terraform/main.tf
+++ b/cicd/devnet/terraform/main.tf
@ -150,19 +150,3 @@ resource "aws_iam_role_policy_attachment" "devnet_xdc_ecs_tasks_execution_role"
  role       = aws_iam_role.devnet_xdc_ecs_tasks_execution_role.name
  policy_arn = each.value
 }
-
-# EFS
-resource "aws_efs_file_system" "devnet_efs" {
-   creation_token = "efs"
-   performance_mode = "generalPurpose"
-   throughput_mode = "bursting"
-   encrypted = "true"
-   tags = {
-       Name = "TfDevnetEfs"
-   }
- }
-
-resource "aws_efs_mount_target" "alpha" {
-  file_system_id = aws_efs_file_system.devnet_efs.id
-  subnet_id      = aws_subnet.devnet_subnet.id
-}
--- a/cicd/devnet/terraform/variables.tf
+++ b/cicd/devnet/terraform/variables.tf
@ -0,0 +1,19 @@
+variable "devnet_node_kyes" {
+  description = "Array of nodes keys."
+  type        = map(any)
+  
+  /**
+    Below is the list of private keys you need to specify. It follows the pattern of 
+    {{Name of the node}}: {
+      pk: {{Value of the node private key}},
+      ... any other configuration we want to pass.
+    }
+    Note: No `n` is allowed in the node name
+  **/
+  default = {
+    xdc-1 = {
+      pk  = "3efdb44088929167487da052125162b48d8d54fe8f7b7db11b5d5cc3b9a1c14b",
+      isChaosNode = false # This is a placeholder, config not supported yet
+    }
+  }
+}