From 2ae1ffd0c376030b8e54d762ff194067d866567d Mon Sep 17 00:00:00 2001
From: Vitor Hideyoshi <vitor.h.n.batista@gmail.com>
Date: Thu, 30 Oct 2025 17:52:26 -0300
Subject: [PATCH] feat: better kubeconfig managment

---
 config.tf             | 17 +++++++++++++----
 github/config.tf      |  6 ++----
 github/github.tf      | 18 ++++++++----------
 instances/config.tf   | 10 +++++-----
 instances/instance.tf |  4 ++--
 main.tf               | 23 ++++++++++++-----------
 6 files changed, 42 insertions(+), 36 deletions(-)

diff --git a/config.tf b/config.tf
index f0e746a..250bc1f 100644
--- a/config.tf
+++ b/config.tf
@@ -39,7 +39,12 @@ variable "aws_secret" {
     sensitive = true  
 }
 
-variable "aws_instance_type" {
+variable "aws_main_instance_type" {
+    type = string
+    default = "t4g.small"
+}
+
+variable "aws_worker_instance_type" {
     type = string
     default = "t4g.micro"
 }
@@ -84,7 +89,11 @@ variable "github_token" {
     sensitive = true  
 }
 
-variable "github_repository" {
-    type = string
-    default = "infra-hideyoshi.com"  
+variable "github_repositories" {
+    type = list(string)
+    default = [
+        "frontend-hideyoshi.com",
+        "backend-hideyoshi.com",
+        "storage-hideyoshi.com",
+    ]  
 }
\ No newline at end of file
diff --git a/github/config.tf b/github/config.tf
index 88dbac1..cba3f0d 100644
--- a/github/config.tf
+++ b/github/config.tf
@@ -4,12 +4,10 @@ variable "environment_name" {
 
 variable "github_owner" {
     type = string
-    default = "HideyoshiSolutions"
 }
 
-variable "github_repository" {
-    type = string
-    default = "infra-hideyoshi.com"  
+variable "github_repositories" {
+    type = list(string)
 }
 
 
diff --git a/github/github.tf b/github/github.tf
index 0688a67..ccb8867 100644
--- a/github/github.tf
+++ b/github/github.tf
@@ -7,17 +7,15 @@ terraform {
   }
 }
 
-data "github_user" "current" {
-  username = ""
+
+data "github_repository" "repos" {
+  for_each = toset(var.github_repositories)
+  full_name = "${var.github_owner}/${each.value}"
 }
 
-data "github_repository" "infra_hideyoshi_com" {
-  full_name = "${var.github_owner}/${var.github_repository}"
-}
-
-resource "github_actions_environment_secret" "cluster_kubeconfig" {
-  repository = data.github_repository.infra_hideyoshi_com.name
-  environment = var.environment_name
-  secret_name = "KUBECONFIG"
+resource "github_actions_organization_secret" "cluster_kubeconfig" {
+  visibility = "selected"
+  selected_repository_ids = [for repo in data.github_repository.repos : repo.repo_id]
+  secret_name = "PORTFOLIO_KUBECONFIG"
   plaintext_value = chomp(var.cluster_kubeconfig)
 }
\ No newline at end of file
diff --git a/instances/config.tf b/instances/config.tf
index 6e66d8f..5f06e64 100644
--- a/instances/config.tf
+++ b/instances/config.tf
@@ -2,7 +2,6 @@
 
 variable "project_name" {
     type = string
-    default = "hideyoshi-portifolio"
 }
 
 variable "project_domain" {
@@ -20,17 +19,18 @@ variable "number_of_workers" {
 
 variable "aws_region" {
     type = string
-    default = "sa-east-1"
 }
 
-variable "aws_instance_type" {
+variable "aws_main_instance_type" {
+    type = string
+}
+
+variable "aws_worker_instance_type" {
     type = string
-    default = "t4g.micro"
 }
 
 variable "aws_ami" {
     type = string
-    default = "ami-06a17a87e19be286a"
 }
 
 variable "aws_spot_price" {
diff --git a/instances/instance.tf b/instances/instance.tf
index 5c8fac8..a3177c8 100644
--- a/instances/instance.tf
+++ b/instances/instance.tf
@@ -72,7 +72,7 @@ resource "aws_security_group" "project_pool" {
 
 resource "aws_instance" "main" {
   ami                    = var.aws_ami
-  instance_type          = var.aws_instance_type
+  instance_type          = var.aws_main_instance_type
   vpc_security_group_ids = [aws_security_group.project_pool.id]
 
   key_name = aws_key_pair.ssh_key_main.key_name
@@ -112,7 +112,7 @@ resource "aws_instance" "main" {
 
 resource "aws_instance" "worker" {
   ami                    = var.aws_ami
-  instance_type          = var.aws_instance_type
+  instance_type          = var.aws_worker_instance_type
   vpc_security_group_ids = [aws_security_group.project_pool.id]
   count                  = var.number_of_workers
 
diff --git a/main.tf b/main.tf
index 354f382..7c10689 100644
--- a/main.tf
+++ b/main.tf
@@ -57,16 +57,17 @@ module "instances" {
   providers = {
     aws.main = aws
   }
-  project_domain       = var.project_domain
-  project_name         = var.project_name
-  k3s_token            = var.k3s_token
-  number_of_workers    = var.number_of_workers
-  aws_region           = var.aws_region
-  ssh_public_key_main  = var.ssh_public_key_main
-  ssh_public_key_ci_cd = var.ssh_public_key_ci_cd
-  aws_instance_type    = var.aws_instance_type
-  aws_ami              = var.aws_ami
-  aws_spot_price       = var.aws_spot_price 
+  project_domain            = var.project_domain
+  project_name              = var.project_name
+  k3s_token                 = var.k3s_token
+  number_of_workers         = var.number_of_workers
+  aws_region                = var.aws_region
+  ssh_public_key_main       = var.ssh_public_key_main
+  ssh_public_key_ci_cd      = var.ssh_public_key_ci_cd
+  aws_main_instance_type    = var.aws_main_instance_type
+  aws_worker_instance_type  = var.aws_worker_instance_type
+  aws_ami                   = var.aws_ami
+  aws_spot_price            = var.aws_spot_price
 }
 
 module "dns" {
@@ -98,7 +99,7 @@ module "github" {
   }
   environment_name = var.environment_name
   github_owner = var.github_owner
-  github_repository = var.github_repository
+  github_repositories = var.github_repositories
   cluster_kubeconfig = module.kubernetes.cluster_kubeconfig
 }