From 0768f8c0abeb7785e9fb3172e3429bf2396d8c06 Mon Sep 17 00:00:00 2001 From: Luca Consalvi Date: Fri, 22 Nov 2024 15:54:24 +0100 Subject: [PATCH] fix --- .../repository/ActivationDBRepository.java | 1 - .../repository/ActivationMapper.java | 1 - src/main/terraform/container_app.tf | 24 +++++++++++++++++++ src/main/terraform/data.tf | 10 ++++++++ src/main/terraform/locals.tf | 5 ++++ src/main/terraform/variables.tf | 10 ++++++++ 6 files changed, 49 insertions(+), 2 deletions(-) diff --git a/src/main/java/it/gov/pagopa/rtp/activator/repository/ActivationDBRepository.java b/src/main/java/it/gov/pagopa/rtp/activator/repository/ActivationDBRepository.java index e117fc0..3f562e2 100644 --- a/src/main/java/it/gov/pagopa/rtp/activator/repository/ActivationDBRepository.java +++ b/src/main/java/it/gov/pagopa/rtp/activator/repository/ActivationDBRepository.java @@ -1,6 +1,5 @@ package it.gov.pagopa.rtp.activator.repository; -import java.util.Optional; import org.springframework.stereotype.Repository; diff --git a/src/main/java/it/gov/pagopa/rtp/activator/repository/ActivationMapper.java b/src/main/java/it/gov/pagopa/rtp/activator/repository/ActivationMapper.java index 4bca1e7..f78f25b 100644 --- a/src/main/java/it/gov/pagopa/rtp/activator/repository/ActivationMapper.java +++ b/src/main/java/it/gov/pagopa/rtp/activator/repository/ActivationMapper.java @@ -1,6 +1,5 @@ package it.gov.pagopa.rtp.activator.repository; -import java.time.Instant; import java.util.UUID; import org.springframework.stereotype.Component; diff --git a/src/main/terraform/container_app.tf b/src/main/terraform/container_app.tf index f3adba2..10d2bef 100644 --- a/src/main/terraform/container_app.tf +++ b/src/main/terraform/container_app.tf @@ -47,6 +47,21 @@ resource "azurerm_container_app" "rtp-activator" { secret_name = "identity-client-id" } + dynamic "env" { + for_each = var.rtp_environment_configs + content { + name = env.key + value = env.value + } + } + + dynamic "env" { + for_each = var.rtp_environment_secrets + content { + name = env.key + secret_name = replace(lower(env.key), "_", "-") + } + } } max_replicas = var.rtp_activator_max_replicas @@ -58,6 +73,15 @@ resource "azurerm_container_app" "rtp-activator" { value = "${data.azurerm_user_assigned_identity.rtp-activator.client_id}" } + dynamic "secret" { + for_each = var.rtp_environment_secrets + content { + name = replace(lower(secret.key), "_", "-") + key_vault_secret_id = "${data.azurerm_key_vault.rtp-kv.vault_uri}secrets/${secret.value}" + identity = data.azurerm_user_assigned_identity.rtp-activator.id + } + } + identity { type = "UserAssigned" identity_ids = [data.azurerm_user_assigned_identity.rtp-activator.id] diff --git a/src/main/terraform/data.tf b/src/main/terraform/data.tf index b11a715..e634f67 100644 --- a/src/main/terraform/data.tf +++ b/src/main/terraform/data.tf @@ -13,3 +13,13 @@ data "azurerm_user_assigned_identity" "rtp-activator" { name = var.id_name resource_group_name = var.id_resource_group_name } + + + +# ------------------------------------------------------------------------------ +# General purpose key vault used to protect secrets. +# ------------------------------------------------------------------------------ +data "azurerm_key_vault" "rtp-kv" { + name = local.rtp_kv_name + resource_group_name = local.rtp_kv_resource_group_name +} \ No newline at end of file diff --git a/src/main/terraform/locals.tf b/src/main/terraform/locals.tf index dea9445..515c44b 100644 --- a/src/main/terraform/locals.tf +++ b/src/main/terraform/locals.tf @@ -3,4 +3,9 @@ locals { # Project label. # project = var.domain == "" ? "${var.prefix}-${var.env_short}" : "${var.prefix}-${var.env_short}-${var.domain}" + + + + rtp_kv_name = "${var.prefix}-${var.env_short}-${var.location_short}-${var.domain}-kv" + rtp_kv_resource_group_name = "${var.prefix}-${var.env_short}-${var.location_short}-${var.domain}-sec-rg" } \ No newline at end of file diff --git a/src/main/terraform/variables.tf b/src/main/terraform/variables.tf index 14caa68..98aab26 100644 --- a/src/main/terraform/variables.tf +++ b/src/main/terraform/variables.tf @@ -107,3 +107,13 @@ variable "rtp_activator_memory" { variable "rtp_activator_image" { type = string } + +variable "rtp_environment_configs" { + type = map(any) + default = {} +} + +variable "rtp_environment_secrets" { + type = map(any) + default = {} +}