From 74ded11a2b047f9fa7f8d40dfa9311aec2a0d310 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kalle=20Ahlstr=C3=B6m?= <kalle.ahlstrom@iki.fi>
Date: Sun, 30 Jun 2024 01:10:54 +0300
Subject: [PATCH] feat: add github domain challenge module

---
 main.tf                    |  8 ++++++++
 modules/dns/github/main.tf | 22 ++++++++++++++++++++++
 modules/keyvault/main.tf   |  5 +++++
 modules/keyvault/output.tf |  5 +++++
 4 files changed, 40 insertions(+)
 create mode 100644 modules/dns/github/main.tf

diff --git a/main.tf b/main.tf
index 11aab8f..0dc2a58 100644
--- a/main.tf
+++ b/main.tf
@@ -68,7 +68,15 @@ module "dns_staging" {
   resource_group_location = local.resource_group_location
   zone_name               = "tietokila.fi"
 }
+module "dns_github" {
+  source = "./modules/dns/github"
 
+  resource_group_name = module.dns_prod.resource_group_name
+  zone_name           = module.dns_prod.root_zone_name
+  challenge_name      = "_github-challenge-Tietokilta-org"
+  challenge_value     = module.keyvault.github_challenge_value
+
+}
 module "mailman" {
   source = "./modules/dns/mailman"
 
diff --git a/modules/dns/github/main.tf b/modules/dns/github/main.tf
new file mode 100644
index 0000000..8a26835
--- /dev/null
+++ b/modules/dns/github/main.tf
@@ -0,0 +1,22 @@
+variable "resource_group_name" {
+  type = string
+}
+
+variable "zone_name" {
+  type = string
+}
+variable "challenge_name" {
+  type = string
+}
+variable "challenge_value" {
+  type = string
+}
+resource "azurerm_dns_txt_record" "github_challenge" {
+  name                = var.challenge_name
+  resource_group_name = var.resource_group_name
+  zone_name           = var.zone_name
+  ttl                 = 60
+  record {
+    value = var.challenge_value
+  }
+}
diff --git a/modules/keyvault/main.tf b/modules/keyvault/main.tf
index a38ee75..5190e37 100644
--- a/modules/keyvault/main.tf
+++ b/modules/keyvault/main.tf
@@ -165,3 +165,8 @@ data "azurerm_key_vault_secret" "mongodb_atlas_private_key" {
   name         = "mongodb-atlas-private-key"
   key_vault_id = azurerm_key_vault.keyvault.id
 }
+
+data "azurerm_key_vault_secret" "github_challenge_value" {
+  name         = "github-challenge-value"
+  key_vault_id = azurerm_key_vault.keyvault.id
+}
diff --git a/modules/keyvault/output.tf b/modules/keyvault/output.tf
index 8425fc3..3548986 100644
--- a/modules/keyvault/output.tf
+++ b/modules/keyvault/output.tf
@@ -91,3 +91,8 @@ output "mongodb_atlas_private_key" {
   value     = data.azurerm_key_vault_secret.mongodb_atlas_private_key.value
   sensitive = true
 }
+
+output "github_challenge_value" {
+  value     = data.azurerm_key_vault_secret.github_challenge_value.value
+  sensitive = true
+}