ipv4 secrets (#1683)

* ipv4 secrets [review] * fixing repo name [review] * newline [review]
cds-snc · Nov 28, 2024 · 3e91b6e · 3e91b6e
1 parent fc12b61
commit 3e91b6e
Show file tree

Hide file tree

Showing 3 changed files with 23 additions and 1 deletion.
diff --git a/aws/github/ipv4-geolocate-secrets.tf b/aws/github/ipv4-geolocate-secrets.tf
@@ -0,0 +1,13 @@
+resource "github_actions_secret" "ipv4_maxmind_license_key" {
+  count           = var.env == "production" ? 1 : 0
+  repository      = data.github_repository.ipv4_geolocate.name
+  secret_name     = "MAXMIND_LICENSE_KEY"
+  plaintext_value = var.ipv4_maxmind_license_key
+}
+
+resource "github_actions_secret" "ipv4_op_service_account_token" {
+  count           = var.env == "production" || var.env == "staging" ? 1 : 0
+  repository      = data.github_repository.ipv4_geolocate.name
+  secret_name     = "${upper(var.env)}_OP_SERVICE_ACCOUNT_TOKEN"
+  plaintext_value = var.op_service_account_token
+}
diff --git a/aws/github/respositories.tf b/aws/github/respositories.tf
@@ -20,4 +20,8 @@ data "github_repository" "notification_documentation" {
 
 data "github_repository" "notification_document_download" {
   name = "notification-document-download-api"
-}
+}
+
+data "github_repository" "ipv4_geolocate" {
+  name = "ipv4-geolocate-webservice"
+}
diff --git a/env/variables.tf b/env/variables.tf
@@ -1060,3 +1060,8 @@ variable "admin_a11y_tracker_key" {
   default   = "prodonly"
 }
 
+variable "ipv4_maxmind_license_key" {
+  type      = string
+  sensitive = true
+  default   = "prodonly"
+}