Merge pull request #26 from 7SOATSquad30/feat/add-payments-db

feat: add payments-db
7SOATSquad30 · Nov 21, 2024 · 78f0a34 · 78f0a34
2 parents 1a8a2ff + c2a5704
commit 78f0a34
Show file tree

Hide file tree

Showing 6 changed files with 40 additions and 36 deletions.
diff --git a/.github/workflows/cd.yaml b/.github/workflows/cd.yaml
@@ -23,6 +23,7 @@ jobs:
         with:
           aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
           aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-session-token: ${{ secrets.AWS_SESSION_TOKEN }}
           aws-region: ${{ secrets.AWS_REGION }}
 
       # Passo 3: Instalar o Terraform
@@ -36,18 +37,18 @@ jobs:
       # Passo 5: Aplicar ou Destruir a Infraestrutura
       - name: Apply or Destroy Terraform
         env:
-          DB_NAME: ${{ secrets.DB_NAME }}
-          DB_USERNAME: ${{ secrets.DB_USERNAME }}
-          DB_PASSWORD: ${{ secrets.DB_PASSWORD }}
+          PAYMENTS_DB_NAME: ${{ secrets.PAYMENTS_DB_NAME }}
+          PAYMENTS_DB_USERNAME: ${{ secrets.PAYMENTS_DB_USERNAME }}
+          PAYMENTS_DB_PASSWORD: ${{ secrets.PAYMENTS_DB_PASSWORD }}
         run: |
           if [ "${{ github.event.inputs.destroy_flag }}" == "true" ]; then
             terraform destroy -auto-approve \
-              -var "db_name=${{ secrets.DB_NAME }}" \
-              -var "db_username=${{ secrets.DB_USERNAME }}" \
-              -var "db_password=${{ secrets.DB_PASSWORD }}"
+              -var "payments_db_name=${{ secrets.PAYMENTS_DB_NAME }}" \
+              -var "payments_db_username=${{ secrets.PAYMENTS_DB_USERNAME }}" \
+              -var "payments_db_password=${{ secrets.PAYMENTS_DB_PASSWORD }}"
           else
             terraform apply -auto-approve \
-              -var "db_name=${{ secrets.DB_NAME }}" \
-              -var "db_username=${{ secrets.DB_USERNAME }}" \
-              -var "db_password=${{ secrets.DB_PASSWORD }}"
+              -var "payments_db_name=${{ secrets.PAYMENTS_DB_NAME }}" \
+              -var "payments_db_username=${{ secrets.PAYMENTS_DB_USERNAME }}" \
+              -var "payments_db_password=${{ secrets.PAYMENTS_DB_PASSWORD }}"
           fi
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1,3 @@
+.terraform/
+.terraform*
+terraform.tfstate*
diff --git a/main.tf b/main.tf
@@ -4,7 +4,7 @@ provider "aws" {
 
 terraform {
   backend "s3" {
-    bucket = "aws-fastfood-terraform-tfstate"
+    bucket = "aws-fastfood-fiap-terraform-tfstate"
     key    = "fast-food-db/terraform.tfstate"
     region = "us-east-1"
   }
@@ -68,15 +68,15 @@ resource "aws_db_subnet_group" "rds_subnet_group" {
 }
 
 # Criar o banco de dados RDS PostgreSQL
-resource "aws_db_instance" "postgres" {
-  identifier              = "fast-food-db"  
+resource "aws_db_instance" "payments_db" {
+  identifier              = "payments-db"
   allocated_storage       = 20
   engine                  = "postgres"
   engine_version          = "13.14"
   instance_class          = "db.t3.micro"
-  db_name                 = var.db_name
-  username                = var.db_username
-  password                = var.db_password
+  db_name                 = var.payments_db_name
+  username                = var.payments_db_username
+  password                = var.payments_db_password
   parameter_group_name    = "default.postgres13"
   skip_final_snapshot     = true
   vpc_security_group_ids  = [aws_security_group.rds_sg.id]

diff --git a/outputs.tf b/outputs.tf
@@ -1,11 +1,11 @@
-output "db_endpoint" {
-  description = "Endpoint do banco de dados RDS"
-  value       = aws_db_instance.postgres.endpoint
+output "payments_db_endpoint" {
+  description = "Endpoint do banco de dados RDS payments_db"
+  value       = aws_db_instance.payments_db.endpoint
 }
 
-output "db_credentials_secret_arn" {
-  description = "ARN do segredo das credenciais do banco de dados"
-  value       = aws_secretsmanager_secret.db_credentials.arn
+output "payments_db_credentials_secret_arn" {
+  description = "ARN do segredo das credenciais do banco de dados payments_db"
+  value       = aws_secretsmanager_secret.payments_db_credentials.arn
 }
 
 output "security_group_id" {

diff --git a/secrets.tf b/secrets.tf
@@ -1,16 +1,16 @@
 # Criar o segredo no Secrets Manager
-resource "aws_secretsmanager_secret" "db_credentials" {
-  name = "rds-postgres-credentials"
+resource "aws_secretsmanager_secret" "payments_db_credentials" {
+  name = "rds-payments-db-credentials"
 }
 
 # Armazenar as credenciais e o endpoint no Secrets Manager
-resource "aws_secretsmanager_secret_version" "db_credentials" {
-  depends_on = [aws_db_instance.postgres]
-  secret_id     = aws_secretsmanager_secret.db_credentials.id
+resource "aws_secretsmanager_secret_version" "payments_db_credentials" {
+  depends_on = [aws_db_instance.payments_db]
+  secret_id     = aws_secretsmanager_secret.payments_db_credentials.id
   secret_string = jsonencode({
-    db_name   = var.db_name
-    db_username  = var.db_username
-    db_password  = var.db_password
-    db_endpoint  = aws_db_instance.postgres.endpoint
+    payments_db_name   = var.payments_db_name
+    payments_db_username  = var.payments_db_username
+    payments_db_password  = var.payments_db_password
+    payments_db_endpoint  = aws_db_instance.payments_db.endpoint
   })
 }
diff --git a/variables.tf b/variables.tf
@@ -16,20 +16,20 @@ variable "subnet_group_name" {
   default     = "rds-subnet-group"
 }
 
-variable "db_name" {
-  description = "Nome do banco de dados"
+variable "payments_db_name" {
+  description = "payments_db Nome do banco de dados"
   type        = string
   sensitive = true
 }
 
-variable "db_username" {
-  description = "Nome de usuário do banco de dados"
+variable "payments_db_username" {
+  description = "payments_db Nome de usuário do banco de dados"
   type        = string
   sensitive = true
 }
 
-variable "db_password" {
-  description = "Senha do banco de dados"
+variable "payments_db_password" {
+  description = "payments_db Senha do banco de dados"
   type        = string
   sensitive   = true
 }