Added TMDB api key secret

DELTSV · Dec 2, 2023 · 3d0a514 · 3d0a514
1 parent aef9589
commit 3d0a514
Show file tree

Hide file tree

Showing 4 changed files with 78 additions and 3 deletions.
diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml
@@ -14,6 +14,7 @@ env:
   AWS_SECRET_ACCESS_KEY: ${{ secrets.SCW_ACCESS_KEY }}
   CERT_CRT: ${{ secrets.CERT_CRT }}
   CERT_KEY: ${{ secrets.CERT_KEY }}
+  TMDB_API_KEY: ${{ secrets.TMDB_API_KEY }}
 
 jobs:
   frontend:
@@ -148,7 +149,7 @@ jobs:
         run: |
           TAGS=(${{ steps.meta.outputs.tags }})
           echo "image-tag=${TAGS[1]}" >> "$GITHUB_OUTPUT"
-  deployment:
+  terraform:
     name: "Terraform"
     runs-on: ubuntu-latest
     needs:
@@ -193,6 +194,7 @@ jobs:
         run: |
           export TF_VAR_backend_image=${{ needs.backend.outputs.image-tag }}
           export TF_VAR_frontend_image=${{ needs.frontend.outputs.image-tag }}
+          export TF_VAR_backend_tmdb_api_key=${{ env.TMDB_API_KEY }}
           terraform plan -no-color -input=false
         continue-on-error: true
         working-directory: ${{ env.WORKING_DIRECTORY }}
@@ -236,5 +238,6 @@ jobs:
         run: |
           export TF_VAR_backend_image=${{ needs.backend.outputs.image-tag }}
           export TF_VAR_frontend_image=${{ needs.frontend.outputs.image-tag }}
+          export TF_VAR_backend_tmdb_api_key=${{ env.TMDB_API_KEY }}
           terraform apply -auto-approve -input=false
         working-directory: ${{ env.WORKING_DIRECTORY }}
diff --git a/packages/infrastructure/project/backend-deployment.tf b/packages/infrastructure/project/backend-deployment.tf
@@ -29,8 +29,50 @@ resource "kubernetes_deployment" "backend" {
           }
 
           env {
-            name  = "MONGO_URI"
-            value = "mongodb://mongo-service:27017/your-database"
+            name  = "HF_APP_PORT"
+            value = 3000
+          }
+
+          env {
+            name  = "HF_APP_ENV"
+            value = "prod"
+          }
+
+          env {
+            name  = "HF_TMDB_API_KEY"
+            value_from {
+              secret_key_ref = kubernetes_secret.backend_tmdb_api_key.metadata.0.name
+            }
+          }
+
+          env {
+            name  = "HF_APP_URLS_WHITELIST"
+            value = "https://hollynetes.fr"
+          }
+
+          env {
+            name  = "HF_DB_NAME"
+            value = "hollynetes"
+          }
+
+          env {
+            name  = "HF_MAILS_USER"
+            value = "[email protected]"
+          }
+
+          env {
+            name  = "HF_MAILS_HOST"
+            value = "mail.hollynetes.fr"
+          }
+
+          env {
+            name  = "HF_APP_VERBOSE"
+            value = 0
+          }
+
+          env {
+            name  = "HF_SSL_ENABLED"
+            value = 0
           }
         }
       }

diff --git a/packages/infrastructure/project/secrets.tf b/packages/infrastructure/project/secrets.tf
@@ -10,3 +10,13 @@ resource "kubernetes_secret" "tls_cert" {
 
   type = "kubernetes.io/tls"
 }
+
+resource "kubernetes_secret" "backend_tmdb_api_key" {
+  metadata {
+    name = "backend-tmdb-api-key"
+  }
+
+  data = var.backend_tmdb_api_key
+
+  type = "Opaque"
+}
diff --git a/packages/infrastructure/project/variables.tf b/packages/infrastructure/project/variables.tf
@@ -32,3 +32,23 @@ variable "frontend_image" {
   default     = "rg.fr-par.scw.cloud/app-namespace/frontend:latest"
   description = "Frontend image tag to use."
 }
+
+variable "backend_tmdb_api_key" {
+  type        = string
+  sensitive   = true
+}
+
+#variable "backend_admin_password" {
+#  type        = string
+#  sensitive   = true
+#}
+#
+#variable "backend_google_auth_client_id" {
+#  type        = string
+#  sensitive   = true
+#}
+#
+#variable "backend_google_auth_client_secret" {
+#  type        = string
+#  sensitive   = true
+#}