feat: PPABV-106 add secret for fdr-kpi (#2691)

infantesimone · web-flow · commit 032220ba21a4 · 2024-12-23T10:50:33.000+01:00
feat: add secret for fdr-kpi
diff --git a/src/domains/qi-app/README.md b/src/domains/qi-app/README.md
@@ -18,8 +18,10 @@
 |------|--------|---------|
 | <a name="module___v3__"></a> [\_\_v3\_\_](#module\_\_\_v3\_\_) | git::https://github.com/pagopa/terraform-azurerm-v3 | 3fc1dafaf4354e24ca8673005ec0caf4106343a3 |
 | <a name="module_apim_pagopa_qi_fdr_kpi_service_api"></a> [apim\_pagopa\_qi\_fdr\_kpi\_service\_api](#module\_apim\_pagopa\_qi\_fdr\_kpi\_service\_api) | ./.terraform/modules/__v3__/api_management_api | n/a |
+| <a name="module_apim_pagopa_qi_smo_jira_tickets_service_api"></a> [apim\_pagopa\_qi\_smo\_jira\_tickets\_service\_api](#module\_apim\_pagopa\_qi\_smo\_jira\_tickets\_service\_api) | ./.terraform/modules/__v3__/api_management_api | n/a |
 | <a name="module_apim_qi_fdr_product"></a> [apim\_qi\_fdr\_product](#module\_apim\_qi\_fdr\_product) | ./.terraform/modules/__v3__/api_management_product | n/a |
 | <a name="module_apim_qi_product"></a> [apim\_qi\_product](#module\_apim\_qi\_product) | ./.terraform/modules/__v3__/api_management_product | n/a |
+| <a name="module_apim_qi_smo_jira_tickets_product"></a> [apim\_qi\_smo\_jira\_tickets\_product](#module\_apim\_qi\_smo\_jira\_tickets\_product) | ./.terraform/modules/__v3__/api_management_product | n/a |
 | <a name="module_pod_identity"></a> [pod\_identity](#module\_pod\_identity) | ./.terraform/modules/__v3__/kubernetes_pod_identity | n/a |
 | <a name="module_tls_checker"></a> [tls\_checker](#module\_tls\_checker) | ./.terraform/modules/__v3__/tls_checker | n/a |
 
@@ -28,6 +30,7 @@
 | Name | Type |
 |------|------|
 | [azurerm_api_management_api_version_set.pagopa_qi_fdr_kpi_service_api](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/api_management_api_version_set) | resource |
+| [azurerm_api_management_api_version_set.pagopa_qi_smo_jira_tickets_service_api](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/api_management_api_version_set) | resource |
 | [azurerm_key_vault_secret.aks_apiserver_url](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret) | resource |
 | [azurerm_key_vault_secret.azure_devops_sa_cacrt](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret) | resource |
 | [azurerm_key_vault_secret.azure_devops_sa_token](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret) | resource |
diff --git a/src/domains/qi-common/02_security.tf b/src/domains/qi-common/02_security.tf
@@ -170,3 +170,31 @@ module "letsencrypt_qi" {
   key_vault_name    = "${local.product}-${var.domain}-kv"
   subscription_name = local.subscription_name
 }
+
+### TODO migrate in SOPS
+resource "azurerm_key_vault_secret" "azure_data_explorer_re_client_id" {
+  name         = "azure-data-explorer-re-client-id"
+  value        = "<TO UPDATE MANUALLY ON PORTAL>"
+  content_type = "text/plain"
+  key_vault_id = module.key_vault.id
+
+  lifecycle {
+    ignore_changes = [
+      value,
+    ]
+  }
+}
+
+### TODO migrate in SOPS
+resource "azurerm_key_vault_secret" "azure_data_explorer_re_application_key" {
+  name         = "azure-data-explorer-re-application-key"
+  value        = "<TO UPDATE MANUALLY ON PORTAL>"
+  content_type = "text/plain"
+  key_vault_id = module.key_vault.id
+
+  lifecycle {
+    ignore_changes = [
+      value,
+    ]
+  }
+}
diff --git a/src/domains/qi-common/README.md b/src/domains/qi-common/README.md
@@ -27,6 +27,8 @@
 | [azurerm_key_vault_access_policy.azdevops_iac_managed_identities](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_access_policy) | resource |
 | [azurerm_key_vault_access_policy.azdevops_iac_policy](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_access_policy) | resource |
 | [azurerm_key_vault_secret.ai_connection_string](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret) | resource |
+| [azurerm_key_vault_secret.azure_data_explorer_re_application_key](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret) | resource |
+| [azurerm_key_vault_secret.azure_data_explorer_re_client_id](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret) | resource |
 | [azurerm_key_vault_secret.ehub_alert_qi_rx_connection_string](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret) | resource |
 | [azurerm_key_vault_secret.ehub_alert_qi_rx_debug_connection_string](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret) | resource |
 | [azurerm_key_vault_secret.ehub_alert_qi_rx_pdnd_connection_string](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault_secret) | resource |
