From c39393dbb1d38805d9952ee1bc40939c7b425a3e Mon Sep 17 00:00:00 2001
From: Viktor Barzin <vbarzin@gmail.com>
Date: Wed, 21 Jun 2023 15:45:27 +0000
Subject: [PATCH] add gocardless secrets to finance-app env [ci skip]

---
 main.tf                                |  4 ++++
 modules/kubernetes/finance_app/main.tf | 10 ++++++++++
 modules/kubernetes/main.tf             | 10 +++++++---
 3 files changed, 21 insertions(+), 3 deletions(-)

diff --git a/main.tf b/main.tf
index 989a4450..33f82405 100644
--- a/main.tf
+++ b/main.tf
@@ -59,6 +59,8 @@ variable "finance_app_imap_directory" {}
 variable "finance_app_oauth_google_client_id" {}
 variable "finance_app_oauth_google_client_secret" {}
 variable "finance_app_graphql_api_secret" {}
+variable "finance_app_gocardless_secret_id" {}
+variable "finance_app_gocardless_secret_key" {}
 
 variable "ansible_prefix" {
   default     = "ANSIBLE_VAULT_PASSWORD_FILE=~/.ansible/vault_pass.txt ansible-playbook -i playbook/hosts.yaml playbook/linux.yml -t linux/initial_setup"
@@ -282,6 +284,8 @@ module "kubernetes_cluster" {
   finance_app_oauth_google_client_secret = var.finance_app_oauth_google_client_secret
   finance_app_graphql_api_secret         = var.finance_app_graphql_api_secret
   finance_app_db_connection_string       = var.finance_app_db_connection_string
+  finance_app_gocardless_secret_id       = var.finance_app_gocardless_secret_id
+  finance_app_gocardless_secret_key      = var.finance_app_gocardless_secret_key
 }
 
 
diff --git a/modules/kubernetes/finance_app/main.tf b/modules/kubernetes/finance_app/main.tf
index 8fd69d6a..44aa22eb 100644
--- a/modules/kubernetes/finance_app/main.tf
+++ b/modules/kubernetes/finance_app/main.tf
@@ -14,6 +14,8 @@ variable "oauth_google_client_secret" {}
 variable "graphql_api_secret" {}
 variable "db_connection_string" {
 }
+variable "gocardless_secret_id" {}
+variable "gocardless_secret_key" {}
 
 
 resource "kubernetes_namespace" "finance_app" {
@@ -159,6 +161,14 @@ resource "kubernetes_deployment" "finance_app" {
             name  = "DEBUG_METRICS"
             value = 1
           }
+          env {
+            name  = "GOCARDLESS_SECRET_ID"
+            value = var.gocardless_secret_id
+          }
+          env {
+            name  = "GOCARDLESS_SECRET_KEY"
+            value = var.gocardless_secret_key
+          }
           volume_mount {
             name       = "data"
             mount_path = "/data"
diff --git a/modules/kubernetes/main.tf b/modules/kubernetes/main.tf
index 047849d3..d623b9cc 100644
--- a/modules/kubernetes/main.tf
+++ b/modules/kubernetes/main.tf
@@ -47,6 +47,8 @@ variable "finance_app_imap_directory" {}
 variable "finance_app_oauth_google_client_id" {}
 variable "finance_app_oauth_google_client_secret" {}
 variable "finance_app_graphql_api_secret" {}
+variable "finance_app_gocardless_secret_id" {}
+variable "finance_app_gocardless_secret_key" {}
 
 resource "null_resource" "core_services" {
   # List all the core modules that must be provisioned first
@@ -273,6 +275,8 @@ module "finance_app" {
   oauth_google_client_secret = var.finance_app_oauth_google_client_secret
   graphql_api_secret         = var.finance_app_graphql_api_secret
   db_connection_string       = var.finance_app_db_connection_string
+  gocardless_secret_id       = var.finance_app_gocardless_secret_id
+  gocardless_secret_key      = var.finance_app_gocardless_secret_key
 }
 
 module "excalidraw" {
@@ -281,9 +285,9 @@ module "excalidraw" {
 }
 
 module "infra-maintenance" {
-  source = "./infra-maintenance"
-  git_user        = var.webhook_handler_git_user
-  git_token        = var.webhook_handler_git_token
+  source    = "./infra-maintenance"
+  git_user  = var.webhook_handler_git_user
+  git_token = var.webhook_handler_git_token
 }
 
 # module "metrics_api" {