Automatically set the api backend address to the kubernetes address

.github/workflows/release-microservices.yml

@@ -121,3 +121,22 @@ jobs:
             ${{ vars.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ vars.AZURE_PROJECT_NAME }}-advertisements:${{ github.event.release.tag_name }}
           imagepullsecrets: |
             ${{ vars.PROJECT_NAME }}
+
+      - name: "Install azure-frontdoor extension"
+        run: az extension add --name front-door
+
+      - name: "Get AKS public ip"
+        uses: sergeysova/jq-action@v2
+        id: aks-ip
+        with:
+          cmd: "run: kubectl get ingress gateway-ingress -o json | wsl jq -r .status.loadBalancer.ingress[0].ip"
+
+      - name: "Set api ip-address"
+        run: |
+          az network front-door backend-pool backend update \
+            -g squaremarket-group \
+            -f squaremarket-frontdoor \
+            --pool-name api \
+            --index 1 \
+            --backend-host-header ${{ steps.aks-ip.outputs.value }} \
+            --address ${{ steps.aks-ip.outputs.value }}

main.tf

@@ -127,10 +127,10 @@ resource "azurerm_frontdoor" "frontdoor" {
     name = "api"
 
     backend {
-      host_header = azurerm_dns_zone.api.name
+      host_header = azurerm_kubernetes_cluster.api.fqdn
       address = azurerm_kubernetes_cluster.api.fqdn
       http_port = 80
-      https_port = 443
+      https_port = 80
     }
 
     load_balancing_name = "api"
@@ -154,7 +154,7 @@ resource "azurerm_frontdoor" "frontdoor" {
     patterns_to_match = ["/*"]
     frontend_endpoints = ["api"]
     forwarding_configuration {
-      forwarding_protocol = "HttpsOnly"
+      forwarding_protocol = "HttpOnly"
       backend_pool_name = "api"
     }
   }
@@ -203,13 +203,13 @@ resource "azurerm_frontdoor_custom_https_configuration" "frontend-https" {
   }
 }
 
-# resource "azurerm_frontdoor_custom_https_configuration" "api-https" {
-#   frontend_endpoint_id              = azurerm_frontdoor.frontdoor.frontend_endpoints.api
-#   custom_https_provisioning_enabled = true
-#   custom_https_configuration {
-#     certificate_source = "FrontDoor"
-#   }
-# }
+resource "azurerm_frontdoor_custom_https_configuration" "api-https" {
+  frontend_endpoint_id              = azurerm_frontdoor.frontdoor.frontend_endpoints.api
+  custom_https_provisioning_enabled = true
+  custom_https_configuration {
+    certificate_source = "FrontDoor"
+  }
+}
 
 resource "azurerm_storage_account" "frontend-account" {
   name                = "squaremarketfrontend"

terraform.tfstate

@@ -1,7 +1,7 @@
 {
   "version": 4,
   "terraform_version": "1.6.4",
-  "serial": 192,
+  "serial": 195,
   "lineage": "b638d247-bec4-7079-c94c-62b1fc867340",
   "outputs": {
     "api_fqdn": {
@@ -192,9 +192,9 @@
                   {
                     "address": "squaremarket-aks-ksbz9v07.hcp.northeurope.azmk8s.io",
                     "enabled": true,
-                    "host_header": "sq.api.rikdenbreejen.nl",
+                    "host_header": "squaremarket-aks-ksbz9v07.hcp.northeurope.azmk8s.io",
                     "http_port": 80,
-                    "https_port": 443,
+                    "https_port": 80,
                     "priority": 1,
                     "weight": 50
                   }
@@ -335,7 +335,7 @@
                     "cache_duration": "",
                     "cache_enabled": false,
                     "cache_query_parameter_strip_directive": "StripAll",
-                    "cache_query_parameters": null,
+                    "cache_query_parameters": [],
                     "cache_use_dynamic_compression": false,
                     "custom_forwarding_path": "",
                     "forwarding_protocol": "HttpsOnly"
@@ -362,10 +362,10 @@
                     "cache_duration": "",
                     "cache_enabled": false,
                     "cache_query_parameter_strip_directive": "StripAll",
-                    "cache_query_parameters": null,
+                    "cache_query_parameters": [],
                     "cache_use_dynamic_compression": false,
                     "custom_forwarding_path": "",
-                    "forwarding_protocol": "HttpsOnly"
+                    "forwarding_protocol": "HttpOnly"
                   }
                 ],
                 "frontend_endpoints": [
@@ -410,7 +410,7 @@
               "https-frontend": "/subscriptions/a210845b-25ae-4bcf-8aea-919dfd0a4467/resourceGroups/squaremarket-group/providers/Microsoft.Network/frontDoors/squaremarket-frontdoor/routingRules/https-frontend",
               "https-redirect": "/subscriptions/a210845b-25ae-4bcf-8aea-919dfd0a4467/resourceGroups/squaremarket-group/providers/Microsoft.Network/frontDoors/squaremarket-frontdoor/routingRules/https-redirect"
             },
-            "tags": null,
+            "tags": {},
             "timeouts": null
           },
           "sensitive_attributes": [],
@@ -425,6 +425,44 @@
         }
       ]
     },
+    {
+      "mode": "managed",
+      "type": "azurerm_frontdoor_custom_https_configuration",
+      "name": "api-https",
+      "provider": "provider[\"registry.terraform.io/hashicorp/azurerm\"]",
+      "instances": [
+        {
+          "schema_version": 1,
+          "attributes": {
+            "custom_https_configuration": [
+              {
+                "azure_key_vault_certificate_secret_name": "",
+                "azure_key_vault_certificate_secret_version": "",
+                "azure_key_vault_certificate_vault_id": "",
+                "certificate_source": "FrontDoor",
+                "minimum_tls_version": "1.2",
+                "provisioning_state": "Enabled",
+                "provisioning_substate": "CertificateDeployed"
+              }
+            ],
+            "custom_https_provisioning_enabled": true,
+            "frontend_endpoint_id": "/subscriptions/a210845b-25ae-4bcf-8aea-919dfd0a4467/resourceGroups/squaremarket-group/providers/Microsoft.Network/frontDoors/squaremarket-frontdoor/frontendEndpoints/api",
+            "id": "/subscriptions/a210845b-25ae-4bcf-8aea-919dfd0a4467/resourceGroups/squaremarket-group/providers/Microsoft.Network/frontDoors/squaremarket-frontdoor/customHttpsConfiguration/api",
+            "timeouts": null
+          },
+          "sensitive_attributes": [],
+          "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoyMTYwMDAwMDAwMDAwMCwiZGVsZXRlIjoyMTYwMDAwMDAwMDAwMCwicmVhZCI6MzAwMDAwMDAwMDAwLCJ1cGRhdGUiOjIxNjAwMDAwMDAwMDAwfSwic2NoZW1hX3ZlcnNpb24iOiIxIn0=",
+          "dependencies": [
+            "azurerm_dns_zone.api",
+            "azurerm_dns_zone.frontend",
+            "azurerm_frontdoor.frontdoor",
+            "azurerm_kubernetes_cluster.api",
+            "azurerm_resource_group.squaremarket-group",
+            "azurerm_storage_account.frontend-account"
+          ]
+        }
+      ]
+    },
     {
       "mode": "managed",
       "type": "azurerm_frontdoor_custom_https_configuration",