add gocardless secrets to finance-app env [ci skip]

2023-06-21 15:45:27 +00:00 · 2023-06-21 15:45:27 +00:00 · c39393dbb1
commit c39393dbb1
parent 87f1b1ed7b
3 changed files with 21 additions and 3 deletions
--- a/main.tf
+++ b/main.tf
@ -59,6 +59,8 @@ variable "finance_app_imap_directory" {}
 variable "finance_app_oauth_google_client_id" {}
 variable "finance_app_oauth_google_client_secret" {}
 variable "finance_app_graphql_api_secret" {}
+variable "finance_app_gocardless_secret_id" {}
+variable "finance_app_gocardless_secret_key" {}

 variable "ansible_prefix" {
  default     = "ANSIBLE_VAULT_PASSWORD_FILE=~/.ansible/vault_pass.txt ansible-playbook -i playbook/hosts.yaml playbook/linux.yml -t linux/initial_setup"
@ -282,6 +284,8 @@ module "kubernetes_cluster" {
  finance_app_oauth_google_client_secret = var.finance_app_oauth_google_client_secret
  finance_app_graphql_api_secret         = var.finance_app_graphql_api_secret
  finance_app_db_connection_string       = var.finance_app_db_connection_string
+  finance_app_gocardless_secret_id       = var.finance_app_gocardless_secret_id
+  finance_app_gocardless_secret_key      = var.finance_app_gocardless_secret_key
 }


--- a/modules/kubernetes/finance_app/main.tf
+++ b/modules/kubernetes/finance_app/main.tf
@ -14,6 +14,8 @@ variable "oauth_google_client_secret" {}
 variable "graphql_api_secret" {}
 variable "db_connection_string" {
 }
+variable "gocardless_secret_id" {}
+variable "gocardless_secret_key" {}


 resource "kubernetes_namespace" "finance_app" {
@ -159,6 +161,14 @@ resource "kubernetes_deployment" "finance_app" {
            name  = "DEBUG_METRICS"
            value = 1
          }
+          env {
+            name  = "GOCARDLESS_SECRET_ID"
+            value = var.gocardless_secret_id
+          }
+          env {
+            name  = "GOCARDLESS_SECRET_KEY"
+            value = var.gocardless_secret_key
+          }
          volume_mount {
            name       = "data"
            mount_path = "/data"
--- a/modules/kubernetes/main.tf
+++ b/modules/kubernetes/main.tf
@ -47,6 +47,8 @@ variable "finance_app_imap_directory" {}
 variable "finance_app_oauth_google_client_id" {}
 variable "finance_app_oauth_google_client_secret" {}
 variable "finance_app_graphql_api_secret" {}
+variable "finance_app_gocardless_secret_id" {}
+variable "finance_app_gocardless_secret_key" {}

 resource "null_resource" "core_services" {
  # List all the core modules that must be provisioned first
@ -273,6 +275,8 @@ module "finance_app" {
  oauth_google_client_secret = var.finance_app_oauth_google_client_secret
  graphql_api_secret         = var.finance_app_graphql_api_secret
  db_connection_string       = var.finance_app_db_connection_string
+  gocardless_secret_id       = var.finance_app_gocardless_secret_id
+  gocardless_secret_key      = var.finance_app_gocardless_secret_key
 }

 module "excalidraw" {
@ -281,9 +285,9 @@ module "excalidraw" {
 }

 module "infra-maintenance" {
-  source = "./infra-maintenance"
-  git_user        = var.webhook_handler_git_user
-  git_token        = var.webhook_handler_git_token
+  source    = "./infra-maintenance"
+  git_user  = var.webhook_handler_git_user
+  git_token = var.webhook_handler_git_token
 }

 # module "metrics_api" {