feat: support multiple environment with workspace

2025-03-06 07:52:32 +01:00 · 2025-03-06 07:52:32 +01:00 · 2a96d470e0
commit 2a96d470e0
parent 2a54e1d4ab
2 changed files with 55 additions and 15 deletions
--- a/main.tf
+++ b/main.tf
@ -12,6 +12,7 @@ terraform {
    endpoints = {
      s3 = "http://s3.localdomain"
    }
+    //@formatter:off
    key                         = "postgres.tfstate"
    bucket                      = "terraform"
    region                      = "FR"
@ -22,15 +23,34 @@ terraform {
    shared_credentials_files    = ["~/.aws/credentials"]
    profile                     = "minio"
    use_path_style              = true
+    //@formatter:on
+  }
+}
+
+locals {
+  # because merge function didn't support deep merging
+  # order matter because otherwise typing contained in var.connections is set as value in the result local.connection
+  connection = {for key, config in var.connections : key => merge(config, local.private_connection[key])}
+  private_connection = {
+    "default" = {
+      db   = "postgres"
+      host = "database.localdomain"
+      port = 5432
+    },
+    "prod" = {
+      db   = "postgres"
+      host = "database-trusted-primate.localdomain"
+      port = 5432
+    }
  }
 }

 provider "postgresql" {
-  host            = "database.localdomain"
-  port            = 5432
-  database        = var.postgres.db
-  username        = var.postgres.user
-  password        = var.postgres.secret
+  host            = local.connection[terraform.workspace].host
+  port            = local.connection[terraform.workspace].port
+  database        = local.connection[terraform.workspace].db
+  username        = local.connection[terraform.workspace].username
+  password        = local.connection[terraform.workspace].password
  sslmode         = "disable"
  connect_timeout = 15
 }
@ -55,7 +75,7 @@ module "gitea" {
  username      = "gitea"
  collate       = "fr_FR.UTF-8"
  ctype         = "fr_FR.UTF-8"
-  privileges    = ["CREATE", "CONNECT", "TEMPORARY"]
+  privileges = ["CREATE", "CONNECT", "TEMPORARY"]
 }

 module "keycloak" {
@ -64,7 +84,7 @@ module "keycloak" {
  username      = "keycloak"
  collate       = "fr_FR.utf8"
  ctype         = "fr_FR.utf8"
-  privileges    = ["CREATE", "CONNECT", "TEMPORARY"]
+  privileges = ["CREATE", "CONNECT", "TEMPORARY"]
 }

 module "nextcloud" {
@ -73,13 +93,13 @@ module "nextcloud" {
  username      = "nextcloud"
  collate       = "fr_FR.utf8"
  ctype         = "fr_FR.utf8"
-  privileges    = ["CREATE", "CONNECT", "TEMPORARY"]
+  privileges = ["CREATE", "CONNECT", "TEMPORARY"]
 }

 module "favorite_link" {
-  source = "./generic-database"
+  source        = "./generic-database"
  database_name = "favorite-link"
-  username = "favorite-link"
+  username      = "favorite-link"
 }

 output "ampere_account" {
@ -103,6 +123,6 @@ output "nextcloud_account" {
  sensitive = true
 }
 output "favorite_link_account" {
-  value = module.favorite_link.account
+  value     = module.favorite_link.account
  sensitive = true
 }
--- a/variables.tf
+++ b/variables.tf
@ -1,9 +1,29 @@
+variable "connections" {
+  description = "postgres configuration map by environment"
+  sensitive   = true
+  type = object({
+    default : object({
+      db : optional(string)
+      host : optional(string)
+      port : optional(number)
+      username : optional(string, "postgres")
+      password : string
+    })
+    prod : object({
+      db : optional(string)
+      host : optional(string)
+      port : optional(number)
+      username : optional(string, "postgres")
+      password : string
+    })
+  })
+}
+
 variable "postgres" {
  description = "postgres configuration"
-  sensitive   = true
-  type        = object({
-    user   = optional(string, "postgres")
+  type = object({
+    user = optional(string, "postgres")
    secret = string
-    db     = optional(string, "postgres")
+    db = optional(string, "postgres")
  })
 }