diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml index c44ec44..ed3fd85 100644 --- a/.github/workflows/pipeline.yml +++ b/.github/workflows/pipeline.yml @@ -14,6 +14,7 @@ env: AWS_SECRET_ACCESS_KEY: ${{ secrets.SCW_ACCESS_KEY }} CERT_CRT: ${{ secrets.CERT_CRT }} CERT_KEY: ${{ secrets.CERT_KEY }} + TMDB_API_KEY: ${{ secrets.TMDB_API_KEY }} jobs: frontend: @@ -148,7 +149,7 @@ jobs: run: | TAGS=(${{ steps.meta.outputs.tags }}) echo "image-tag=${TAGS[1]}" >> "$GITHUB_OUTPUT" - deployment: + terraform: name: "Terraform" runs-on: ubuntu-latest needs: @@ -193,6 +194,7 @@ jobs: run: | export TF_VAR_backend_image=${{ needs.backend.outputs.image-tag }} export TF_VAR_frontend_image=${{ needs.frontend.outputs.image-tag }} + export TF_VAR_backend_tmdb_api_key=${{ env.TMDB_API_KEY }} terraform plan -no-color -input=false continue-on-error: true working-directory: ${{ env.WORKING_DIRECTORY }} @@ -236,5 +238,6 @@ jobs: run: | export TF_VAR_backend_image=${{ needs.backend.outputs.image-tag }} export TF_VAR_frontend_image=${{ needs.frontend.outputs.image-tag }} + export TF_VAR_backend_tmdb_api_key=${{ env.TMDB_API_KEY }} terraform apply -auto-approve -input=false working-directory: ${{ env.WORKING_DIRECTORY }} diff --git a/packages/infrastructure/project/backend-deployment.tf b/packages/infrastructure/project/backend-deployment.tf index f1e4b98..76ce5ef 100644 --- a/packages/infrastructure/project/backend-deployment.tf +++ b/packages/infrastructure/project/backend-deployment.tf @@ -29,8 +29,50 @@ resource "kubernetes_deployment" "backend" { } env { - name = "MONGO_URI" - value = "mongodb://mongo-service:27017/your-database" + name = "HF_APP_PORT" + value = 3000 + } + + env { + name = "HF_APP_ENV" + value = "prod" + } + + env { + name = "HF_TMDB_API_KEY" + value_from { + secret_key_ref = kubernetes_secret.backend_tmdb_api_key.metadata.0.name + } + } + + env { + name = "HF_APP_URLS_WHITELIST" + value = "https://hollynetes.fr" + } + + env { + name = "HF_DB_NAME" + value = "hollynetes" + } + + env { + name = "HF_MAILS_USER" + value = "noreply@hollynetes.fr" + } + + env { + name = "HF_MAILS_HOST" + value = "mail.hollynetes.fr" + } + + env { + name = "HF_APP_VERBOSE" + value = 0 + } + + env { + name = "HF_SSL_ENABLED" + value = 0 } } } diff --git a/packages/infrastructure/project/secrets.tf b/packages/infrastructure/project/secrets.tf index 66f0e34..87c5420 100644 --- a/packages/infrastructure/project/secrets.tf +++ b/packages/infrastructure/project/secrets.tf @@ -10,3 +10,13 @@ resource "kubernetes_secret" "tls_cert" { type = "kubernetes.io/tls" } + +resource "kubernetes_secret" "backend_tmdb_api_key" { + metadata { + name = "backend-tmdb-api-key" + } + + data = var.backend_tmdb_api_key + + type = "Opaque" +} diff --git a/packages/infrastructure/project/variables.tf b/packages/infrastructure/project/variables.tf index 3767551..fa98f65 100644 --- a/packages/infrastructure/project/variables.tf +++ b/packages/infrastructure/project/variables.tf @@ -32,3 +32,23 @@ variable "frontend_image" { default = "rg.fr-par.scw.cloud/app-namespace/frontend:latest" description = "Frontend image tag to use." } + +variable "backend_tmdb_api_key" { + type = string + sensitive = true +} + +#variable "backend_admin_password" { +# type = string +# sensitive = true +#} +# +#variable "backend_google_auth_client_id" { +# type = string +# sensitive = true +#} +# +#variable "backend_google_auth_client_secret" { +# type = string +# sensitive = true +#}