feat: better kubeconfig managment

2025-10-30 17:52:26 -03:00
parent eeb3c1c916
commit 2ae1ffd0c3
6 changed files with 42 additions and 36 deletions
--- a/config.tf
+++ b/config.tf
@@ -39,7 +39,12 @@ variable "aws_secret" {
    sensitive = true  
 }

-variable "aws_instance_type" {
+variable "aws_main_instance_type" {
+    type = string
+    default = "t4g.small"
+}
+
+variable "aws_worker_instance_type" {
    type = string
    default = "t4g.micro"
 }
@@ -84,7 +89,11 @@ variable "github_token" {
    sensitive = true  
 }

-variable "github_repository" {
-    type = string
-    default = "infra-hideyoshi.com"  
+variable "github_repositories" {
+    type = list(string)
+    default = [
+        "frontend-hideyoshi.com",
+        "backend-hideyoshi.com",
+        "storage-hideyoshi.com",
+    ]  
 }
--- a/github/config.tf
+++ b/github/config.tf
@@ -4,12 +4,10 @@ variable "environment_name" {

 variable "github_owner" {
    type = string
-    default = "HideyoshiSolutions"
 }

-variable "github_repository" {
-    type = string
-    default = "infra-hideyoshi.com"  
+variable "github_repositories" {
+    type = list(string)
 }


--- a/github/github.tf
+++ b/github/github.tf
@@ -7,17 +7,15 @@ terraform {
  }
 }

-data "github_user" "current" {
-  username = ""
+
+data "github_repository" "repos" {
+  for_each = toset(var.github_repositories)
+  full_name = "${var.github_owner}/${each.value}"
 }

-data "github_repository" "infra_hideyoshi_com" {
-  full_name = "${var.github_owner}/${var.github_repository}"
-}
-
-resource "github_actions_environment_secret" "cluster_kubeconfig" {
-  repository = data.github_repository.infra_hideyoshi_com.name
-  environment = var.environment_name
-  secret_name = "KUBECONFIG"
+resource "github_actions_organization_secret" "cluster_kubeconfig" {
+  visibility = "selected"
+  selected_repository_ids = [for repo in data.github_repository.repos : repo.repo_id]
+  secret_name = "PORTFOLIO_KUBECONFIG"
  plaintext_value = chomp(var.cluster_kubeconfig)
 }
--- a/instances/config.tf
+++ b/instances/config.tf
@@ -2,7 +2,6 @@

 variable "project_name" {
    type = string
-    default = "hideyoshi-portifolio"
 }

 variable "project_domain" {
@@ -20,17 +19,18 @@ variable "number_of_workers" {

 variable "aws_region" {
    type = string
-    default = "sa-east-1"
 }

-variable "aws_instance_type" {
+variable "aws_main_instance_type" {
+    type = string
+}
+
+variable "aws_worker_instance_type" {
    type = string
-    default = "t4g.micro"
 }

 variable "aws_ami" {
    type = string
-    default = "ami-06a17a87e19be286a"
 }

 variable "aws_spot_price" {
--- a/instances/instance.tf
+++ b/instances/instance.tf
@@ -72,7 +72,7 @@ resource "aws_security_group" "project_pool" {

 resource "aws_instance" "main" {
  ami                    = var.aws_ami
-  instance_type          = var.aws_instance_type
+  instance_type          = var.aws_main_instance_type
  vpc_security_group_ids = [aws_security_group.project_pool.id]

  key_name = aws_key_pair.ssh_key_main.key_name
@@ -112,7 +112,7 @@ resource "aws_instance" "main" {

 resource "aws_instance" "worker" {
  ami                    = var.aws_ami
-  instance_type          = var.aws_instance_type
+  instance_type          = var.aws_worker_instance_type
  vpc_security_group_ids = [aws_security_group.project_pool.id]
  count                  = var.number_of_workers

--- a/main.tf
+++ b/main.tf
@@ -57,16 +57,17 @@ module "instances" {
  providers = {
    aws.main = aws
  }
-  project_domain       = var.project_domain
-  project_name         = var.project_name
-  k3s_token            = var.k3s_token
-  number_of_workers    = var.number_of_workers
-  aws_region           = var.aws_region
-  ssh_public_key_main  = var.ssh_public_key_main
-  ssh_public_key_ci_cd = var.ssh_public_key_ci_cd
-  aws_instance_type    = var.aws_instance_type
-  aws_ami              = var.aws_ami
-  aws_spot_price       = var.aws_spot_price 
+  project_domain            = var.project_domain
+  project_name              = var.project_name
+  k3s_token                 = var.k3s_token
+  number_of_workers         = var.number_of_workers
+  aws_region                = var.aws_region
+  ssh_public_key_main       = var.ssh_public_key_main
+  ssh_public_key_ci_cd      = var.ssh_public_key_ci_cd
+  aws_main_instance_type    = var.aws_main_instance_type
+  aws_worker_instance_type  = var.aws_worker_instance_type
+  aws_ami                   = var.aws_ami
+  aws_spot_price            = var.aws_spot_price
 }

 module "dns" {
@@ -98,7 +99,7 @@ module "github" {
  }
  environment_name = var.environment_name
  github_owner = var.github_owner
-  github_repository = var.github_repository
+  github_repositories = var.github_repositories
  cluster_kubeconfig = module.kubernetes.cluster_kubeconfig
 }