remove grafana instance

.github/workflows/infra-pipeline.yml

@@ -104,8 +104,6 @@ jobs:
           cat << EOF > .env
           ROOT_PASSWD=${{ secrets.GITLAB_ROOT_PASSWD }}
           RUNNER_REGISTRATION_TOKEN=${{ secrets.GITLAB_RUNNER_REGISTRATION_TOKEN }}
-          GF_SECURITY_ADMIN_USER=${{ secrets.GF_SECURITY_ADMIN_USER }}
-          GF_SECURITY_ADMIN_PASSWORD=${{ secrets.GF_SECURITY_ADMIN_PASSWORD }}
           GITLAB_URL=http://$(cat virtual_machines.ini | grep main_vm | awk -F' = "' '{print $2}' | sed 's/"$//' | tr -d '\n')
           EOF
           cat << EOF > inventory.ini

README.md

@@ -12,6 +12,7 @@
 - In CodeGuard, I use Terraform to create the Azure infrastructure for the project by configuring the ```tfstate``` in Azure Blob Storage and creating the necessary resources for the infrastructure, such as VMs, NICs, security groups, and virtual networks.
 - For the GitLab-EE configuration, I use Ansible to install GitLab-EE and all its dependencies, configure it, and also configure the GitLab Runner on the second VM, linking it to the GitLab instance so it's ready to execute jobs.
 - All of this is automated, which is why I use GitHub Actions to create a pipeline that validates the code, scans for potential security risks, plans and applies the Terraform configuration, and then runs the Ansible playbooks to configure GitLab-EE and the GitLab Runner on the infrastructure VMs.
+- Enable GitLab promethues and exporter for components like Nginx, Redis and Postgres.
 
 ## Resources
 ### Storing terraform state in azure storage:
@@ -24,3 +25,6 @@ https://groups.google.com/g/ansible-project/c/OZPu-b17n_w?pli=1
 ![img1](./imgs/img3.png)
 ![img1](./imgs/img4.png)
 ![img1](./imgs/img2.png)
+
+
+- **CodeGuard** 

infrastructure/main.tf

@@ -161,18 +161,6 @@ resource "azurerm_network_security_group" "default" {
     source_address_prefix      = "*"
     destination_address_prefix = "*"
   }
-
-  security_rule {
-    name                       = "Allow-GRAFANA"
-    priority                   = 1003
-    direction                  = "Inbound"
-    access                     = "Allow"
-    protocol                   = "Tcp"
-    source_port_range          = "*"
-    destination_port_range     = "3000"
-    source_address_prefix      = "*"
-    destination_address_prefix = "*"
-  }
 }
 
 # associate the nsg with the network subnet

playbooks/Gitlab-instance.yml

@@ -46,48 +46,4 @@
       apt:
         name: gitlab-ee
         state: present
-        update_cache: yes
-
-    - name: Add Grafana GPG key
-      shell: wget -q -O - https://apt.grafana.com/gpg.key | gpg --dearmor | sudo tee /usr/share/keyrings/grafana.gpg > /dev/null
-
-    - name: Add Grafana repository
-      apt_repository:
-        repo: "deb [signed-by=/usr/share/keyrings/grafana.gpg] https://apt.grafana.com stable main"
-        state: present
-        filename: grafana
-
-    - name: Install Grafana
-      apt:
-        name: grafana
-        state: present
-        update_cache: yes
-
-    - name: Configure Grafana security settings
-      blockinfile:
-        path: /etc/grafana/grafana.ini
-        insertafter: "[security]"
-        block: |
-          disable_initial_admin_creation = false
-          admin_user = {{ env_vars['GF_SECURITY_ADMIN_USER'] }}
-          admin_password = {{ env_vars['GF_SECURITY_ADMIN_PASSWORD'] }}
-        marker: "# {mark} ANSIBLE MANAGED BLOCK - ADMIN CREDENTIALS"
-
-    - name: Remove duplicate admin settings
-      replace:
-        path: /etc/grafana/grafana.ini
-        regexp: '^;?(admin_user|admin_password).*\n'
-        replace: ''
-        before: '# {mark} ANSIBLE MANAGED BLOCK - ADMIN CREDENTIALS'
-
-    - name: Ensure proper section spacing
-      replace:
-        path: /etc/grafana/grafana.ini
-        regexp: '\n\n\n+'
-        replace: '\n\n'
-
-    - name: restart grafana service
-      systemd:
-        name: grafana-server
-        state: restarted
-        daemon_reload: yes 
+        update_cache: yes