fix

pagopa · Nov 22, 2024 · 0768f8c · 0768f8c
1 parent 3d6318d
commit 0768f8c
Show file tree

Hide file tree

Showing 6 changed files with 49 additions and 2 deletions.
diff --git a/src/main/java/it/gov/pagopa/rtp/activator/repository/ActivationDBRepository.java b/src/main/java/it/gov/pagopa/rtp/activator/repository/ActivationDBRepository.java
@@ -1,6 +1,5 @@
 package it.gov.pagopa.rtp.activator.repository;
 
-import java.util.Optional;
 
 import org.springframework.stereotype.Repository;
 

diff --git a/src/main/java/it/gov/pagopa/rtp/activator/repository/ActivationMapper.java b/src/main/java/it/gov/pagopa/rtp/activator/repository/ActivationMapper.java
@@ -1,6 +1,5 @@
 package it.gov.pagopa.rtp.activator.repository;
 
-import java.time.Instant;
 import java.util.UUID;
 
 import org.springframework.stereotype.Component;

diff --git a/src/main/terraform/container_app.tf b/src/main/terraform/container_app.tf
@@ -47,6 +47,21 @@ resource "azurerm_container_app" "rtp-activator" {
         secret_name = "identity-client-id"
       }
 
+      dynamic "env" {
+        for_each = var.rtp_environment_configs
+        content {
+          name = env.key
+          value = env.value
+        }
+      }
+
+      dynamic "env" {
+        for_each = var.rtp_environment_secrets
+        content {
+          name = env.key
+          secret_name = replace(lower(env.key), "_", "-")
+        }
+      }
     }
 
     max_replicas = var.rtp_activator_max_replicas
@@ -58,6 +73,15 @@ resource "azurerm_container_app" "rtp-activator" {
     value = "${data.azurerm_user_assigned_identity.rtp-activator.client_id}"
   }
 
+  dynamic "secret" {
+    for_each = var.rtp_environment_secrets
+    content {
+      name = replace(lower(secret.key), "_", "-")
+      key_vault_secret_id = "${data.azurerm_key_vault.rtp-kv.vault_uri}secrets/${secret.value}"
+      identity            = data.azurerm_user_assigned_identity.rtp-activator.id
+    }
+  }
+
   identity {
     type = "UserAssigned"
     identity_ids = [data.azurerm_user_assigned_identity.rtp-activator.id]

diff --git a/src/main/terraform/data.tf b/src/main/terraform/data.tf
@@ -13,3 +13,13 @@ data "azurerm_user_assigned_identity" "rtp-activator" {
   name                = var.id_name
   resource_group_name = var.id_resource_group_name
 }
+
+
+
+# ------------------------------------------------------------------------------
+# General purpose key vault used to protect secrets.
+# ------------------------------------------------------------------------------
+data "azurerm_key_vault" "rtp-kv" {
+  name                = local.rtp_kv_name
+  resource_group_name = local.rtp_kv_resource_group_name
+}
diff --git a/src/main/terraform/locals.tf b/src/main/terraform/locals.tf
@@ -3,4 +3,9 @@ locals {
   # Project label.
   #
   project = var.domain == "" ? "${var.prefix}-${var.env_short}" : "${var.prefix}-${var.env_short}-${var.domain}"
+
+
+
+  rtp_kv_name = "${var.prefix}-${var.env_short}-${var.location_short}-${var.domain}-kv"
+  rtp_kv_resource_group_name = "${var.prefix}-${var.env_short}-${var.location_short}-${var.domain}-sec-rg"
 }
diff --git a/src/main/terraform/variables.tf b/src/main/terraform/variables.tf
@@ -107,3 +107,13 @@ variable "rtp_activator_memory" {
 variable "rtp_activator_image" {
   type = string
 }
+
+variable "rtp_environment_configs" {
+  type = map(any)
+  default = {}
+}
+
+variable "rtp_environment_secrets" {
+  type = map(any)
+  default = {}
+}