Skip to content
This repository has been archived by the owner on May 16, 2024. It is now read-only.

Commit

Permalink
Initial setup
Browse files Browse the repository at this point in the history
  • Loading branch information
wellyfrs-n26 committed Mar 13, 2024
1 parent 22eeba6 commit eae15e1
Show file tree
Hide file tree
Showing 6 changed files with 215 additions and 0 deletions.
66 changes: 66 additions & 0 deletions .github/workflows/rds.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,66 @@
name: "RDS"

on:
push:
branches:
- main
paths:
- .github/workflows/rds.yml
- 'terraform/**'
pull_request:
branches:
- main
paths:
- .github/workflows/rds.yml
- 'terraform/**'

jobs:
rds:
runs-on: ubuntu-latest
defaults:
run:
working-directory: ./terraform
permissions:
id-token: write
contents: read
pull-requests: write

steps:
- name: Checkout Repository
uses: actions/checkout@v4

- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: arn:aws:iam::202062340677:role/TechChallengeInfraDeployer
aws-region: ${{ vars.AWS_REGION }}

- name: Setup Terraform
uses: hashicorp/setup-terraform@v2
with:
cli_config_credentials_token: ${{ secrets.TF_CLOUD_USER_API_TOKEN }}

- name: Terraform fmt
id: fmt
run: terraform fmt -check
continue-on-error: true

- name: Terraform Init
id: init
run: terraform init

- name: Terraform Validate
id: validate
run: terraform validate

- name: Terraform Plan
id: plan
run: terraform plan

- name: Check Errors
if: steps.plan.outcome == 'failure'
run: exit 1

- name: Terraform Apply
if: github.ref == 'refs/heads/main' && github.event_name == 'push'
run: terraform apply -auto-approve -input=false
79 changes: 79 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,79 @@
# JETBRAINS

# Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio, WebStorm and Rider
# Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839

# User-specific stuff
.idea/**/workspace.xml
.idea/**/tasks.xml
.idea/**/usage.statistics.xml
.idea/**/dictionaries
.idea/**/shelf

# AWS User-specific
.idea/**/aws.xml

# Generated files
.idea/**/contentModel.xml

# Sensitive or high-churn files
.idea/**/dataSources/
.idea/**/dataSources.ids
.idea/**/dataSources.local.xml
.idea/**/sqlDataSources.xml
.idea/**/dynamic.xml
.idea/**/uiDesigner.xml
.idea/**/dbnavigator.xml

# Gradle
.idea/**/gradle.xml
.idea/**/libraries

# Gradle and Maven with auto-import
# When using Gradle or Maven with auto-import, you should exclude module files,
# since they will be recreated, and may cause churn. Uncomment if using
# auto-import.
# .idea/artifacts
# .idea/compiler.xml
# .idea/jarRepositories.xml
# .idea/modules.xml
# .idea/*.iml
# .idea/modules
# *.iml
# *.ipr

# CMake
cmake-build-*/

# Mongo Explorer plugin
.idea/**/mongoSettings.xml

# File-based project format
*.iws

# IntelliJ
out/

# mpeltonen/sbt-idea plugin
.idea_modules/

# JIRA plugin
atlassian-ide-plugin.xml

# Cursive Clojure plugin
.idea/replstate.xml

# SonarLint plugin
.idea/sonarlint/

# Crashlytics plugin (for Android Studio and IntelliJ)
com_crashlytics_export_strings.xml
crashlytics.properties
crashlytics-build.properties
fabric.properties

# Editor-based Rest Client
.idea/httpRequests

# Android studio 3.1+ serialized cache file
.idea/caches/build_file_checksums.ser
18 changes: 18 additions & 0 deletions terraform/providers.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 5.0.0"
}
}

backend "s3" {
bucket = "fiap-3soat-g15-infra-database-rds-state"
key = "live/terraform.tfstate"
region = "sa-east-1"
}
}

provider "aws" {
region = var.region
}
34 changes: 34 additions & 0 deletions terraform/rds.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
resource "aws_db_instance" "default" {
allocated_storage = 10
db_name = "selfordermanagement"
engine = "postgres"
engine_version = "16.0"
instance_class = "db.t3.micro"
parameter_group_name = "default.postgres16"
skip_final_snapshot = true
username = "admin"
password = data.aws_secretsmanager_secret_version.password
}

resource "random_password" "master" {
length = 16
special = true
override_special = "_!%^"
}

resource "aws_secretsmanager_secret" "password" {
name = "self-order-management-db-password"
}

resource "aws_secretsmanager_secret_version" "password" {
secret_id = aws_secretsmanager_secret.password.id
secret_string = random_password.master.result
}

data "aws_secretsmanager_secret" "password" {
name = "self-order-management-db-password"
}

data "aws_secretsmanager_secret_version" "password" {
secret_id = data.aws_secretsmanager_secret.password
}
7 changes: 7 additions & 0 deletions terraform/terraform.tfvars
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
region = "sa-east-1"

tags = {
managed_by_terraform = true
}

account_id = "202062340677"
11 changes: 11 additions & 0 deletions terraform/variables.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
variable "region" {
type = string
}

variable "tags" {
type = map(string)
}

variable "account_id" {
type = string
}

0 comments on commit eae15e1

Please sign in to comment.