@percepta/create 3.6.2 → 4.0.0

package/templates/webapp/terraform/outputs.tf

@@ -1,102 +0,0 @@
-################################################################################
-# Database Outputs
-################################################################################
-
-output "rds_cluster_endpoint" {
-  description = "RDS cluster endpoint"
-  value       = module.rds.host
-}
-
-output "rds_cluster_port" {
-  description = "RDS cluster port"
-  value       = module.rds.port
-}
-
-output "rds_database_name" {
-  description = "RDS database name"
-  value       = module.rds.database_name
-}
-
-output "app_service_account_role_arn" {
-  description = "The ARN of the IAM role for the application service account."
-  value       = aws_iam_role.app_service_account_role.arn
-}
-
-################################################################################
-# Networking Outputs
-################################################################################
-
-output "vpc_endpoint_security_group_id" {
-  description = "Security group ID for VPC endpoints"
-  value       = module.networking.vpc_endpoint_security_group_id
-}
-
-
-
-output "s3_vpc_endpoint_id" {
-  description = "S3 VPC endpoint ID"
-  value       = module.networking.s3_vpc_endpoint_id
-}
-
-output "ingress_cidr_blocks" {
-  description = "Map of dynamically created security groups for ingress"
-  value       = module.networking.ingress_cidr_blocks
-}
-
-output "rds_username" {
-  description = "RDS username for __APP_NAME__-db-user"
-  value       = module.rds.username
-}
-
-################################################################################
-# Secrets Outputs
-################################################################################
-
-output "database_secret_name" {
-  description = "Name of the Kubernetes secret containing database credentials"
-  value       = module.secrets.database_secret_name
-}
-
-output "postgresql_secret_name" {
-  description = "Name of the Kubernetes secret containing PostgreSQL credentials (Langfuse-style)"
-  value       = module.secrets.postgresql_secret_name
-}
-
-################################################################################
-# Networking Outputs
-################################################################################
-
-output "vpc_id" {
-  description = "VPC ID used for resources"
-  value       = module.networking.vpc_id
-}
-
-output "subnet_ids" {
-  description = "Subnet IDs used for resources"
-  value       = module.networking.subnet_ids
-}
-
-################################################################################
-# EDW Access Outputs
-################################################################################
-
-output "edw_readonly_username" {
-  description = "Readonly database username for EDW access"
-  value       = module.rds.readonly_username
-}
-
-output "edw_readonly_secret_arn" {
-  description = "ARN of the Secrets Manager secret containing readonly user credentials for EDW"
-  value       = module.rds.readonly_user_secret_arn
-}
-
-output "edw_readonly_secret_name" {
-  description = "Name of the Secrets Manager secret containing readonly user credentials for EDW"
-  value       = module.rds.readonly_user_secret_name
-}
-
-output "edw_secret_reader_role_arn" {
-  description = "ARN of the IAM role that EDW can assume to read the readonly credentials secret"
-  value       = module.rds.readonly_user_secret_reader_role_arn
-}
-

package/templates/webapp/terraform/providers.tf

@@ -1,32 +0,0 @@
-terraform {
-  required_version = ">= 1.5.0"
-  required_providers {
-    aws = {
-      source  = "hashicorp/aws"
-      version = "~> 5.0"
-    }
-    kubernetes = {
-      source  = "hashicorp/kubernetes"
-      version = "~> 2.0"
-    }
-    random = {
-      source  = "hashicorp/random"
-      version = "~> 3.1"
-    }
-    http = {
-      source  = "hashicorp/http"
-      version = "~> 3.0"
-    }
-  }
-  backend "kubernetes" {}
-}
-
-provider "aws" {
-  region = var.region
-}
-
-provider "kubernetes" {
-  # The Kubernetes provider will be configured by the backend
-  # No explicit configuration needed here
-}
-

package/templates/webapp/terraform/schema/main.tf

@@ -1,4 +0,0 @@
-resource "postgresql_schema" "demo" {
-  database = var.database_name
-  name     = var.schema_name
-}

package/templates/webapp/terraform/schema/outputs.tf

@@ -1,9 +0,0 @@
-output "database_name" {
-  description = "Database containing the demo schema."
-  value       = var.database_name
-}
-
-output "schema_name" {
-  description = "Created demo schema name."
-  value       = postgresql_schema.demo.name
-}

package/templates/webapp/terraform/schema/variables.tf

@@ -1,19 +0,0 @@
-variable "aws_region" {
-  description = "AWS region containing the shared Percepta internal database secret."
-  type        = string
-}
-
-variable "database_secret_name" {
-  description = "AWS Secrets Manager secret name containing shared Postgres credentials."
-  type        = string
-}
-
-variable "database_name" {
-  description = "Database where the demo app schema should be created."
-  type        = string
-}
-
-variable "schema_name" {
-  description = "Postgres schema name for this demo app."
-  type        = string
-}

package/templates/webapp/terraform/schema/versions.tf

@@ -1,38 +0,0 @@
-terraform {
-  required_version = ">= 1.5.0"
-
-  required_providers {
-    aws = {
-      source  = "hashicorp/aws"
-      version = "~> 5.0"
-    }
-    postgresql = {
-      source  = "cyrilgdn/postgresql"
-      version = "~> 1.22"
-    }
-  }
-
-  backend "kubernetes" {}
-}
-
-provider "aws" {
-  region = var.aws_region
-}
-
-data "aws_secretsmanager_secret_version" "database" {
-  secret_id = var.database_secret_name
-}
-
-locals {
-  database_credentials = jsondecode(data.aws_secretsmanager_secret_version.database.secret_string)
-}
-
-provider "postgresql" {
-  host            = local.database_credentials.host
-  port            = tonumber(local.database_credentials.port)
-  username        = local.database_credentials.username
-  password        = local.database_credentials.password
-  sslmode         = "require"
-  connect_timeout = 15
-  superuser       = false
-}

package/templates/webapp/terraform/terraform.tfvars.example

@@ -1,65 +0,0 @@
-# __APP_NAME_UPPER__ Terraform Configuration Example
-# Copy this file to terraform.tfvars and customize for your environment
-
-################################################################################
-# Required Variables
-################################################################################
-
-# Environment name (e.g. dev, staging, prod)
-environment = "dev"
-
-# Base name for resources - will be used as prefix for all resources
-name = "__APP_NAME__"
-
-# AWS region where resources will be deployed
-region = "us-west-2"
-
-# EKS cluster name where secrets will be created
-cluster_name = "my-eks-cluster"
-
-# VPC ID where resources will be deployed
-vpc_id = "vpc-12345678"
-
-################################################################################
-# Optional Variables
-################################################################################
-
-# Kubernetes namespace for secrets (default: "__APP_NAME__")
-# namespace = "__APP_NAME__"
-
-# Subnet IDs for RDS and other resources (auto-discovered if not provided)
-# subnet_ids = ["subnet-12345678", "subnet-87654321"]
-
-# Custom subnet tags for auto-discovery (default shown below)
-# subnet_tags = {
-#   "kubernetes.io/role/internal-elb" = "1"
-# }
-
-################################################################################
-# RDS Configuration
-################################################################################
-
-# Use existing RDS cluster (optional)
-# existing_rds_cluster_name = "my-existing-cluster"
-
-# Whether to create new RDS if existing cluster not specified (default: true)
-# create_new_rds = true
-
-# PostgreSQL engine version (default: "16.6")
-# rds_engine_version = "16.6"
-
-# RDS port (default: 5432)
-# rds_port = 5432
-
-# RDS instance class (default: "db.serverless")
-# rds_instance_class = "db.serverless"
-
-################################################################################
-# S3 Configuration
-################################################################################
-
-# Number of days after which S3 objects expire (null to disable expiration)
-# s3_bucket_expiration_days = 90
-# s3_bucket_expiration_days = null  # Disable S3 object expiration
-
-

package/templates/webapp/terraform/variables.tf

@@ -1,129 +0,0 @@
-################################################################################
-# Common Variables
-################################################################################
-
-variable "environment" {
-  description = "Environment name (e.g. dev, staging, prod)"
-  type        = string
-}
-
-variable "name" {
-  description = "Base name for resources"
-  type        = string
-}
-
-variable "region" {
-  description = "AWS region for resources"
-  type        = string
-}
-
-variable "namespace" {
-  description = "Kubernetes namespace for resources"
-  type        = string
-  default     = "__APP_NAME__"
-}
-
-variable "kubernetes_service_account" {
-  description = "The name of the Kubernetes service account to associate with the IAM role."
-  type        = string
-  default     = "__APP_NAME__-sa"
-}
-
-################################################################################
-# EKS Variables
-################################################################################
-
-variable "cluster_name" {
-  description = "EKS cluster name"
-  type        = string
-}
-
-variable "vpc_id" {
-  description = "VPC ID where resources will be deployed"
-  type        = string
-}
-
-variable "subnet_ids" {
-  description = "List of subnet IDs for resources"
-  type        = list(string)
-  default     = null
-}
-
-variable "subnet_tags" {
-  description = "Tags for subnet selection"
-  type        = map(string)
-  default = {
-    "kubernetes.io/role/internal-elb" = "1"
-  }
-}
-
-################################################################################
-# Networking Variables
-################################################################################
-
-variable "ingress_cidr_blocks" {
-  description = "A map of security group names to a list of CIDR blocks to allow access from."
-  type        = map(list(string))
-  default     = {}
-}
-
-################################################################################
-# RDS Variables
-################################################################################
-
-variable "existing_rds_cluster_name" {
-  description = "Name of existing RDS cluster to use (optional)"
-  type        = string
-  default     = null
-}
-
-variable "create_new_rds" {
-  description = "Whether to create a new RDS cluster if existing_rds_cluster_name is not provided"
-  type        = bool
-  default     = true
-}
-
-variable "rds_engine_version" {
-  description = "PostgreSQL engine version"
-  type        = string
-  default     = "16.8"
-}
-
-variable "rds_port" {
-  description = "Port for RDS"
-  type        = number
-  default     = 5432
-}
-
-variable "rds_instance_class" {
-  description = "RDS instance class"
-  type        = string
-  default     = "db.serverless"
-}
-
-################################################################################
-# S3 Variables
-################################################################################
-
-variable "s3_bucket_expiration_days" {
-  description = "Number of days after which S3 objects expire (null to disable expiration)"
-  type        = number
-  default     = null
-}
-
-################################################################################
-# EDW Variables
-################################################################################
-
-variable "edw_allowed_principals" {
-  description = "List of IAM principal ARNs allowed to assume the EDW secret reader role (e.g., SSO permission sets, IAM roles). Example: ['arn:aws:iam::123456789012:role/aws-reserved/sso.amazonaws.com/us-west-2/AWSReservedSSO_DbaPermissionSet_abc123']"
-  type        = list(string)
-  default     = []
-}
-
-variable "edw_vpc_cidr_blocks" {
-  description = "List of CIDR blocks from EDW VPC to allow database access via VPC peering"
-  type        = list(string)
-  default     = []
-}
-