Skip to content

Commit 877d8b9

Browse files
Adding files required to run terraform and action (#1)
Adding initial structure and files to run terraform for the backend
2 parents 510f4e5 + e8a4a3c commit 877d8b9

16 files changed

+377
-0
lines changed

.github/workflows/main.yml

+15
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,15 @@
1+
name: Terraform Apply
2+
3+
on:
4+
push:
5+
branches:
6+
- main
7+
workflow_dispatch:
8+
9+
jobs:
10+
terraform_apply:
11+
name: Terraform Apply
12+
uses: soat-tech-challenge/github-workflows/.github/workflows/terraform-apply.yml@main
13+
secrets: inherit
14+
with:
15+
cloud_workspace: database-staging

.github/workflows/pull-request.yml

+30
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,30 @@
1+
name: Pull Request
2+
3+
on:
4+
pull_request:
5+
branches:
6+
- main
7+
workflow_dispatch:
8+
9+
jobs:
10+
tflint:
11+
name: TFLint
12+
uses: soat-tech-challenge/github-workflows/.github/workflows/tflint.yml@main
13+
14+
tfsec:
15+
uses: soat-tech-challenge/github-workflows/.github/workflows/tfsec.yml@main
16+
17+
permissions:
18+
contents: read
19+
pull-requests: write
20+
21+
terraform-plan:
22+
name: Terraform Plan
23+
uses: soat-tech-challenge/github-workflows/.github/workflows/terraform-plan.yml@main
24+
secrets: inherit
25+
with:
26+
cloud_workspace: computing-staging
27+
28+
permissions:
29+
contents: read
30+
pull-requests: write
+9
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,9 @@
1+
name: Terraform Destroy
2+
3+
on:
4+
workflow_dispatch:
5+
6+
jobs:
7+
terraform_destroy:
8+
uses: soat-tech-challenge/github-workflows/.github/workflows/terraform-destroy.yml@main
9+
secrets: inherit

.gitignore

+77
Original file line numberDiff line numberDiff line change
@@ -32,3 +32,80 @@ override.tf.json
3232
# Ignore CLI configuration files
3333
.terraformrc
3434
terraform.rc
35+
# Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio, WebStorm and Rider
36+
# Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839
37+
38+
# User-specific stuff
39+
.idea/**/workspace.xml
40+
.idea/**/tasks.xml
41+
.idea/**/usage.statistics.xml
42+
.idea/**/dictionaries
43+
.idea/**/shelf
44+
45+
# AWS User-specific
46+
.idea/**/aws.xml
47+
48+
# Generated files
49+
.idea/**/contentModel.xml
50+
51+
# Sensitive or high-churn files
52+
.idea/**/dataSources/
53+
.idea/**/dataSources.ids
54+
.idea/**/dataSources.local.xml
55+
.idea/**/sqlDataSources.xml
56+
.idea/**/dynamic.xml
57+
.idea/**/uiDesigner.xml
58+
.idea/**/dbnavigator.xml
59+
60+
# Gradle
61+
.idea/**/gradle.xml
62+
.idea/**/libraries
63+
64+
# Gradle and Maven with auto-import
65+
# When using Gradle or Maven with auto-import, you should exclude module files,
66+
# since they will be recreated, and may cause churn. Uncomment if using
67+
# auto-import.
68+
# .idea/artifacts
69+
# .idea/compiler.xml
70+
# .idea/jarRepositories.xml
71+
# .idea/modules.xml
72+
# .idea/*.iml
73+
# .idea/modules
74+
# *.iml
75+
# *.ipr
76+
77+
# CMake
78+
cmake-build-*/
79+
80+
# Mongo Explorer plugin
81+
.idea/**/mongoSettings.xml
82+
83+
# File-based project format
84+
*.iws
85+
86+
# IntelliJ
87+
out/
88+
89+
# mpeltonen/sbt-idea plugin
90+
.idea_modules/
91+
92+
# JIRA plugin
93+
atlassian-ide-plugin.xml
94+
95+
# Cursive Clojure plugin
96+
.idea/replstate.xml
97+
98+
# SonarLint plugin
99+
.idea/sonarlint/
100+
101+
# Crashlytics plugin (for Android Studio and IntelliJ)
102+
com_crashlytics_export_strings.xml
103+
crashlytics.properties
104+
crashlytics-build.properties
105+
fabric.properties
106+
107+
# Editor-based Rest Client
108+
.idea/httpRequests
109+
110+
# Android studio 3.1+ serialized cache file
111+
.idea/caches/build_file_checksums.ser

.idea/.gitignore

+8
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

.idea/vcs.xml

+6
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

.terraform.lock.hcl

+26
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

datasources.tf

+18
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,18 @@
1+
data "aws_subnets" "private_subnets" {
2+
filter {
3+
name = "tag:Name"
4+
values = ["soat-tech-challenge-subnet-public*"]
5+
}
6+
}
7+
8+
data "aws_security_group" "sg_default" {
9+
name = "default"
10+
}
11+
12+
data "aws_alb_target_group" "tg_alb" {
13+
name = "soat-alb-target-group"
14+
}
15+
16+
data "aws_db_instance" "db_instance" {
17+
db_instance_identifier = "soat-tc-rds-db"
18+
}

main.tf

+87
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,87 @@
1+
resource "aws_ecs_cluster" "this" {
2+
name = "soat-tech-challenge-ecs-cluster"
3+
}
4+
5+
resource "aws_ecs_task_definition" "this" {
6+
family = "soat-ecs-cluster-task"
7+
network_mode = "awsvpc"
8+
task_role_arn = "arn:aws:iam::381717072124:role/ecsTaskExecutionRole"
9+
execution_role_arn = "arn:aws:iam::381717072124:role/ecsTaskExecutionRole"
10+
cpu = 256
11+
memory = 512
12+
requires_compatibilities = ["FARGATE"]
13+
container_definitions = jsonencode(
14+
[
15+
{
16+
name : "soat-ecs-cluster-task",
17+
image : "registry.hub.docker.com/g0tn/soat-tech-challenge-backend",
18+
cpu : 256,
19+
memory : 512,
20+
essential : true,
21+
portMappings : [
22+
{
23+
containerPort : 8080,
24+
hostPort : 8080
25+
}
26+
],
27+
environment : [
28+
{
29+
name : "DB_USERNAME",
30+
value : var.ecs_container_db_username
31+
},
32+
{
33+
name : "DB_PASSWORD",
34+
value : var.ecs_container_db_password
35+
},
36+
{
37+
name : "DB_NAME",
38+
value : var.ecs_container_db_name
39+
},
40+
{
41+
name : "DB_HOST",
42+
value : data.aws_db_instance.db_instance.endpoint
43+
},
44+
{
45+
name : "JWT_PUBLIC_KEY",
46+
value : var.ecs_container_jwt_public_key
47+
}
48+
]
49+
logConfiguration : {
50+
logDriver : "awslogs",
51+
options : {
52+
awslogs-create-group : "true",
53+
awslogs-group : "awslogs-backend",
54+
awslogs-region : "us-east-2",
55+
awslogs-stream-prefix : "awslogs-backend"
56+
}
57+
},
58+
}
59+
])
60+
61+
runtime_platform {
62+
cpu_architecture = "X86_64"
63+
operating_system_family = "LINUX"
64+
}
65+
}
66+
67+
resource "aws_ecs_service" "this" {
68+
name = "soat-ecs-service"
69+
cluster = aws_ecs_cluster.this.id
70+
task_definition = aws_ecs_task_definition.this.arn
71+
desired_count = 1
72+
launch_type = "FARGATE"
73+
scheduling_strategy = "REPLICA"
74+
force_new_deployment = true
75+
76+
network_configuration {
77+
assign_public_ip = true
78+
subnets = data.aws_subnets.private_subnets.ids
79+
security_groups = [data.aws_security_group.sg_default.id]
80+
}
81+
82+
load_balancer {
83+
container_name = "soat-ecs-cluster-task"
84+
container_port = var.port
85+
target_group_arn = data.aws_alb_target_group.tg_alb.arn
86+
}
87+
}

outputs.tf

+11
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,11 @@
1+
output "ecs_cluster_name" {
2+
value = aws_ecs_cluster.this.name
3+
}
4+
5+
output "ecs_service_name" {
6+
value = aws_ecs_service.this.name
7+
}
8+
9+
output "ecs_task_definition_arn" {
10+
value = aws_ecs_task_definition.this.arn
11+
}

soat-tech-challenge-infra-ecs.iml

+9
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,9 @@
1+
<?xml version="1.0" encoding="UTF-8"?>
2+
<module type="WEB_MODULE" version="4">
3+
<component name="NewModuleRootManager" inherit-compiler-output="true">
4+
<exclude-output />
5+
<content url="file://$MODULE_DIR$" />
6+
<orderEntry type="inheritedJdk" />
7+
<orderEntry type="sourceFolder" forTests="false" />
8+
</component>
9+
</module>

terraform-aws-ecs.iml

+9
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,9 @@
1+
<?xml version="1.0" encoding="UTF-8"?>
2+
<module type="WEB_MODULE" version="4">
3+
<component name="NewModuleRootManager" inherit-compiler-output="true">
4+
<exclude-output />
5+
<content url="file://$MODULE_DIR$" />
6+
<orderEntry type="inheritedJdk" />
7+
<orderEntry type="sourceFolder" forTests="false" />
8+
</component>
9+
</module>

terraform.tfvars.example

+8
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,8 @@
1+
aws_access_key = ""
2+
aws_secret_key = ""
3+
4+
subnet_a_id = ""
5+
subnet_b_id = ""
6+
7+
vpc_id = ""
8+
port = 0

variables.tf

+40
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,40 @@
1+
variable "aws_region" {
2+
description = "Região AWS onde criar a instância RDS"
3+
type = string
4+
default = "us-east-2"
5+
}
6+
7+
variable "port" {
8+
description = "Port"
9+
type = string
10+
}
11+
12+
variable "ecs_container_db_username" {
13+
default = "postgres"
14+
type = string
15+
}
16+
17+
variable "ecs_container_db_password" {
18+
default = "postgres"
19+
type = string
20+
}
21+
22+
variable "ecs_container_db_name" {
23+
default = "backend"
24+
type = string
25+
}
26+
27+
variable "ecs_container_jwt_public_key" {
28+
default = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqStd8n4SGNM0eZhV/hzU+urHA5/IMZPoP9YQ9ZcLKWiX33nI6bSuZMCrLZcJExf63xS+uxDpGxM8Mnk2zOdl+lPwANXLzP1us5P1PyA3YPycW9J7C5YTQW0GiEL3M93ZX7vMJiVoBYblP3JPlYnoYlBORuc0JPk33KtfEZP+78qXpPHM8imYrJLe8ceiDLLFDU/nh5KC2dWAy3ci1ahoJ1Q9ELhp3IZLvOTX57H/T2VKOYOya5+ST41h+JjzI+qGTVnLcKaW+k25YLlVnkSspvdx98+yQDi7kbOTS6yRZHUPD6wPk/nUozpD0nZKccoH4W+zMwmQVtsAA6JCA9gfGwIDAQAB"
29+
type = string
30+
}
31+
32+
variable "aws_access_key" {
33+
description = "AWS Access Key"
34+
type = string
35+
}
36+
37+
variable "aws_secret_key" {
38+
description = "AWS Secret Key"
39+
type = string
40+
}

versions.tf

+24
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,24 @@
1+
terraform {
2+
required_version = ">= 0.12.26"
3+
cloud {
4+
organization = "soat-tech-challenge"
5+
6+
workspaces {
7+
name = "computing-staging"
8+
}
9+
}
10+
11+
12+
required_providers {
13+
aws = {
14+
source = "hashicorp/aws"
15+
version = "4.67.0"
16+
}
17+
}
18+
}
19+
20+
provider "aws" {
21+
region = var.aws_region
22+
access_key = var.aws_access_key
23+
secret_key = var.aws_secret_key
24+
}

vpc.tf

Whitespace-only changes.

0 commit comments

Comments
 (0)