diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index 9ddf005..9934150 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -9,6 +9,7 @@ env: TF_API_TOKEN: "${{ secrets.TF_API_TOKEN }}" TF_WORKSPACE: "${{ vars.TF_WORKSPACE }}" CONFIG_DIRECTORY: "./" + ENVIRONMENT: dev permissions: contents: read @@ -29,7 +30,7 @@ jobs: uses: actions/checkout@v4 - name: Setup Terraform - uses: hashicorp/setup-terraform@v1 + uses: hashicorp/setup-terraform@v3 with: cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }} @@ -55,38 +56,124 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + plan: + needs: [test] + if: github.event_name == 'pull_request' + name: "Terraform Plan" + runs-on: ubuntu-latest" + environment: ${{ env.ENVIRONMENT }} + permissions: + contents: read + pull-requests: write + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: Create .auto.tfvars file + run: | + cat < eks.auto.tfvars + vpc_name = "${{ secrets.BMB_EKS_CLUSTER_VPC }}" + cluster_name = "${{ vars.BMB_MYSQL_CLUSTER }}" + database_name = "${{ vars.BMB_MYSQL_DATABASE }}" + username = "${{ secrets.BMB_MYSQL_USER }}" + password = "${{ secrets.BMB_MYSQL_PASSWORD }}" + environment = "${{ env.ENVIRONMENT }}" + EOF + + - name: Upload Configuration + uses: hashicorp/tfc-workflows-github/actions/upload-configuration@v1.3.1 + id: plan-upload + with: + workspace: ${{ env.TF_WORKSPACE }} + directory: ${{ env.CONFIG_DIRECTORY }} + speculative: true + + - name: Create Plan Run + uses: hashicorp/tfc-workflows-github/actions/create-run@v1.3.1 + id: plan-run + with: + workspace: ${{ env.TF_WORKSPACE }} + configuration_version: ${{ steps.plan-upload.outputs.configuration_version_id }} + plan_only: true + + - name: Get Plan Output + uses: hashicorp/tfc-workflows-github/actions/plan-output@v1.3.1 + id: plan-output + with: + plan: ${{ fromJSON(steps.plan-run.outputs.payload).data.relationships.plan.data.id }} + + - name: Update PR + uses: actions/github-script@v7 + id: plan-comment + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + script: | + // 1. Retrieve existing bot comments for the PR + const { data: comments } = await github.rest.issues.listComments({ + owner: context.repo.owner, + repo: context.repo.repo, + issue_number: context.issue.number, + }); + const botComment = comments.find(comment => { + return comment.user.type === 'Bot' && comment.body.includes('Terraform Cloud Plan Output') + }); + const output = `#### Terraform Cloud Plan Output + \`\`\` + Plan: ${{ steps.plan-output.outputs.add }} to add, ${{ steps.plan-output.outputs.change }} to change, ${{ steps.plan-output.outputs.destroy }} to destroy. + \`\`\` + [Terraform Cloud Plan](${{ steps.plan-run.outputs.run_link }}) + `; + // 3. Delete previous comment so PR timeline makes sense + if (botComment) { + github.rest.issues.deleteComment({ + owner: context.repo.owner, + repo: context.repo.repo, + comment_id: botComment.id, + }); + } + github.rest.issues.createComment({ + issue_number: context.issue.number, + owner: context.repo.owner, + repo: context.repo.repo, + body: output + }); + + + deploy: needs: [test] if: github.ref == 'refs/heads/main' name: "Terraform Apply" runs-on: ubuntu-latest - environment: dev + environment: ${{ env.ENVIRONMENT }} permissions: contents: read steps: - name: Checkout uses: actions/checkout@v3 + - name: Create .auto.tfvars file + run: | + cat < eks.auto.tfvars + vpc_name = "${{ secrets.BMB_EKS_CLUSTER_VPC }}" + cluster_name = "${{ vars.BMB_MYSQL_CLUSTER }}" + database_name = "${{ vars.BMB_MYSQL_DATABASE }}" + username = "${{ secrets.BMB_MYSQL_USER }}" + password = "${{ secrets.BMB_MYSQL_PASSWORD }}" + environment = "${{ env.ENVIRONMENT }}" + EOF + - name: Upload Configuration uses: hashicorp/tfc-workflows-github/actions/upload-configuration@v1.3.1 id: apply-upload with: workspace: ${{ env.TF_WORKSPACE }} directory: ${{ env.CONFIG_DIRECTORY }} - + - name: Create Apply Run uses: hashicorp/tfc-workflows-github/actions/create-run@v1.3.1 id: apply-run with: workspace: ${{ env.TF_WORKSPACE }} configuration_version: ${{ steps.apply-upload.outputs.configuration_version_id }} - message: "Plan Run from GitHub Actions CI ${{ github.sha }}" - TF_VAR_vpc_name: "\"teste\"" - - - name: Apply - uses: hashicorp/tfc-workflows-github/actions/apply-run@v1.3.1 - if: fromJSON(steps.apply-run.outputs.payload).data.attributes.actions.IsConfirmable && false - id: apply - with: - run: ${{ steps.apply-run.outputs.run_id }} - comment: "Apply Run from GitHub Actions CI ${{ github.sha }}" \ No newline at end of file + message: "Create Run from GitHub Actions CI ${{ github.sha }}" \ No newline at end of file diff --git a/init/schema.sql b/init/schema.sql new file mode 100644 index 0000000..1460bb0 --- /dev/null +++ b/init/schema.sql @@ -0,0 +1,57 @@ +use techchallenge; + +create table IF NOT EXISTS Customers +( + Id char(36) not null + primary key, + Cpf varchar(11) not null, + Name varchar(100) null, + Email varchar(100) null +); + + +create table IF NOT EXISTS Products +( + Id char(36) not null comment 'product id' + primary key, + Name varchar(100) not null, + Description varchar(200) not null, + Category int not null, + Price decimal(10,2) not null, + Images varchar(1000) null +); + + +create table IF NOT EXISTS Orders +( + Id char(36) not null, + CustomerId char(36) null, + PaymentId char(36) null, + Status int not null, + Created datetime null, + Updated datetime null, + TrackingCode varchar(7) null +); + + +create table IF NOT EXISTS OrderItems +( + OrderId char(36) not null, + ProductId char(36) not null, + ProductName varchar(200) not null, + UnitPrice decimal not null, + Quantity int null +); + +create table IF NOT EXISTS Payments +( + Id char(36) not null, + OrderId char(36) not null, + Status int not null, + Created datetime null, + Updated datetime null, + PaymentType int not null, + ExternalReference varchar(36) not null, + Amount decimal(10,2) not null, + PRIMARY KEY (Id, OrderId) +); \ No newline at end of file diff --git a/main.tf b/main.tf index 55740f5..b3d5206 100644 --- a/main.tf +++ b/main.tf @@ -46,7 +46,7 @@ data "aws_subnets" "public_subnets" { } data "aws_subnet" "subnet" { - for_each = toset(concat(data.aws_subnets.public_subnets.ids, data.aws_subnets.private_subnets.ids)) + for_each = toset(concat(data.aws_subnets.private_subnets.ids)) id = each.value } @@ -54,8 +54,8 @@ module "aurora_db_serverless_cluster" { source = "terraform-aws-modules/rds-aurora/aws" version = "~> 9.9.0" - name = "${var.cluster_name}" - database_name = "techchallenge" + name = var.cluster_name + database_name = var.database_name engine = "aurora-mysql" engine_mode = "serverless" storage_encrypted = true @@ -69,7 +69,7 @@ module "aurora_db_serverless_cluster" { master_password = var.password manage_master_user_password = false - autoscaling_enabled = false + autoscaling_enabled = false vpc_id = data.aws_vpc.vpc.id db_subnet_group_name = var.vpc_name security_group_rules = { @@ -78,12 +78,12 @@ module "aurora_db_serverless_cluster" { } } - publicly_accessible = true - apply_immediately = true + publicly_accessible = true + apply_immediately = true # enabled_cloudwatch_logs_exports = ["general"] - enable_http_endpoint = true - monitoring_interval = 0 - skip_final_snapshot = true + enable_http_endpoint = true + monitoring_interval = 0 + skip_final_snapshot = true serverlessv2_scaling_configuration = { min_capacity = 1 @@ -91,7 +91,7 @@ module "aurora_db_serverless_cluster" { } tags = { - Terraform = "true" + Terraform = "true" + Environment = var.environment } - -} \ No newline at end of file +} diff --git a/output.tf b/output.tf index 52f847e..806ec9b 100644 --- a/output.tf +++ b/output.tf @@ -7,7 +7,7 @@ output "subnet_cidr_blocks" { } output "cluster" { - value = module.aurora_db_serverless_cluster + value = module.aurora_db_serverless_cluster sensitive = true } diff --git a/providers.tf b/providers.tf index 8f78e40..3a469ce 100644 --- a/providers.tf +++ b/providers.tf @@ -12,10 +12,11 @@ provider "aws" { profile = var.profile region = var.region alias = "us-east-1" - + default_tags { - tags = { + tags = { ManagedBy = "Terraform" + "teste" = "teste" } } -} \ No newline at end of file +} diff --git a/variables.tf b/variables.tf index b464d4a..a4a9e58 100644 --- a/variables.tf +++ b/variables.tf @@ -21,6 +21,11 @@ variable "cluster_name" { default = "techchallenge-mysql" } +variable "database_name" { + type = string + default = "techchallenge" +} + variable "username" { type = string sensitive = true @@ -32,3 +37,8 @@ variable "password" { sensitive = true default = "F#P9ia-3" } + +variable "environment" { + default = "dev" + type = string +}