Terraform

[Zhiyuan-Amos]

Also consider:

1. What happens when Creating, Updating & Deleting resources both outside & inside of existing Resource Groups managed by Terraform, are made through the UI?
2. Can the UI be disabled for modifications? If so, should we do it?
3. How to create a Test Environment to test new configurations?
4. Azure Static Web App doesn't gel well with Test Environments, because Azure Static Web App by default creates up to 3 staging environments. We can ignore these though.

• [ ] TF upgrade to OIDC
• [ ] Documentation for why states are managed in a seperate resource group
• [ ] Concurrency Management for workflows Supporting docs
• [ ] How to cater for multiple branches, to seperate by multiple publish profile in the key vault --> to create a seperate issue

[Zhiyuan-Amos]

[Enhancement] Rollback is required to support the scenario:

1. Push SWA updates
2. Push Azure Fn updates
3. Push Infrastructure updates

Such that when any of these steps fail, it should rollback to the previous version.

[Zhiyuan-Amos]

[Enhancement] How do we spin up a new environment & run tests after new commits are merged into master?

[Zhiyuan-Amos]

[Enhancement] Do we spin up a new env on PR created?

[Zhiyuan-Amos]

Likely have 3 environments: Dev, Test, Prod. Test environment will be dynamically created after new commits are merged into master.

[Zhiyuan-Amos]

Does monolithic deployment consisting of several steps a good practice? As each service is being updated individually, this can lead to bugs occurring if the caller service is updated but the callee service hasn't been updated. Should it be rectified on the code level where the code provides backward compatibility?

[gohyk]

Currently, we're performing Azure Login with OpenID Connect(OIDC) and use it in a GitHub Actions. However, Terraform have yet to support OIDC in their Terraform configurations here: https://github{dot}com/hashicorp/terraform-provider-azurerm/issues/16554