From c363cab9bd3bdfe13055aaf6b3a0b513c16afe37 Mon Sep 17 00:00:00 2001 From: Paulo Nonato Date: Mon, 20 Apr 2026 16:54:09 -0300 Subject: [PATCH] Structure OpenTofu environments --- README.md | 25 +++++++++++++- environments/dev/main.tf | 6 ++++ environments/dev/outputs.tf | 34 +++++++++++++++++++ provider.tf => environments/dev/provider.tf | 0 variables.tf => environments/dev/variables.tf | 6 ---- versions.tf => environments/dev/versions.tf | 0 environments/prd/main.tf | 6 ++++ environments/prd/outputs.tf | 34 +++++++++++++++++++ environments/prd/provider.tf | 22 ++++++++++++ environments/prd/variables.tf | 17 ++++++++++ environments/prd/versions.tf | 14 ++++++++ environments/stg/main.tf | 6 ++++ environments/stg/outputs.tf | 34 +++++++++++++++++++ environments/stg/provider.tf | 22 ++++++++++++ environments/stg/variables.tf | 17 ++++++++++ environments/stg/versions.tf | 14 ++++++++ {build => modules/quantum/build}/.gitkeep | 0 {lambda => modules/quantum/lambda}/handler.py | 0 main.tf => modules/quantum/main.tf | 8 ++--- outputs.tf => modules/quantum/outputs.tf | 5 --- modules/quantum/variables.tf | 10 ++++++ modules/quantum/versions.tf | 14 ++++++++ 22 files changed, 278 insertions(+), 16 deletions(-) create mode 100644 environments/dev/main.tf create mode 100644 environments/dev/outputs.tf rename provider.tf => environments/dev/provider.tf (100%) rename variables.tf => environments/dev/variables.tf (77%) rename versions.tf => environments/dev/versions.tf (100%) create mode 100644 environments/prd/main.tf create mode 100644 environments/prd/outputs.tf create mode 100644 environments/prd/provider.tf create mode 100644 environments/prd/variables.tf create mode 100644 environments/prd/versions.tf create mode 100644 environments/stg/main.tf create mode 100644 environments/stg/outputs.tf create mode 100644 environments/stg/provider.tf create mode 100644 environments/stg/variables.tf create mode 100644 environments/stg/versions.tf rename {build => modules/quantum/build}/.gitkeep (100%) rename {lambda => modules/quantum/lambda}/handler.py (100%) rename main.tf => modules/quantum/main.tf (95%) rename outputs.tf => modules/quantum/outputs.tf (85%) create mode 100644 modules/quantum/variables.tf create mode 100644 modules/quantum/versions.tf diff --git a/README.md b/README.md index 3392331..055dc0c 100644 --- a/README.md +++ b/README.md @@ -18,6 +18,21 @@ https://localstack.paulononato.com.br - Secrets Manager secret with simulated credentials. - Event source mapping SQS -> Lambda. +## Repository Layout + +```text +. ++-- environments +| +-- dev +| +-- stg +| +-- prd ++-- examples ++-- modules + +-- quantum +``` + +Each environment is an independent OpenTofu root module. The shared infrastructure code lives in `modules/quantum`. + ## Prerequisites - OpenTofu installed. @@ -42,6 +57,14 @@ $env:AWS_DEFAULT_REGION="us-east-1" ## Usage +Choose an environment first: + +```bash +cd environments/dev +``` + +Use `environments/stg` or `environments/prd` for the other simulated stages. + Initialize: ```bash @@ -79,7 +102,7 @@ Send a message to the Quantum queue: ```bash aws --endpoint-url https://localstack.paulononato.com.br sqs send-message \ --queue-url "$(tofu output -raw quantum_queue_url)" \ - --message-body '{"event":"quantum.order.created","orderId":"QTM-1001"}' + --message-body file://../../examples/quantum-message.json ``` Read the secret: diff --git a/environments/dev/main.tf b/environments/dev/main.tf new file mode 100644 index 0000000..df78007 --- /dev/null +++ b/environments/dev/main.tf @@ -0,0 +1,6 @@ +module "quantum" { + source = "../../modules/quantum" + + project_name = var.project_name + environment = "dev" +} diff --git a/environments/dev/outputs.tf b/environments/dev/outputs.tf new file mode 100644 index 0000000..2ca6cab --- /dev/null +++ b/environments/dev/outputs.tf @@ -0,0 +1,34 @@ +output "localstack_endpoint" { + description = "LocalStack endpoint used by the provider." + value = var.localstack_endpoint +} + +output "quantum_bucket_name" { + description = "S3 bucket for the Quantum application." + value = module.quantum.quantum_bucket_name +} + +output "quantum_queue_url" { + description = "Main SQS queue URL." + value = module.quantum.quantum_queue_url +} + +output "quantum_dlq_url" { + description = "DLQ URL." + value = module.quantum.quantum_dlq_url +} + +output "quantum_lambda_name" { + description = "Processor Lambda function name." + value = module.quantum.quantum_lambda_name +} + +output "quantum_log_group_name" { + description = "CloudWatch Log Group for the Lambda function." + value = module.quantum.quantum_log_group_name +} + +output "quantum_secret_name" { + description = "Secrets Manager secret name." + value = module.quantum.quantum_secret_name +} diff --git a/provider.tf b/environments/dev/provider.tf similarity index 100% rename from provider.tf rename to environments/dev/provider.tf diff --git a/variables.tf b/environments/dev/variables.tf similarity index 77% rename from variables.tf rename to environments/dev/variables.tf index ad2d1e5..4437f06 100644 --- a/variables.tf +++ b/environments/dev/variables.tf @@ -15,9 +15,3 @@ variable "project_name" { type = string default = "quantum" } - -variable "environment" { - description = "Fictional application environment." - type = string - default = "dev" -} diff --git a/versions.tf b/environments/dev/versions.tf similarity index 100% rename from versions.tf rename to environments/dev/versions.tf diff --git a/environments/prd/main.tf b/environments/prd/main.tf new file mode 100644 index 0000000..621c60f --- /dev/null +++ b/environments/prd/main.tf @@ -0,0 +1,6 @@ +module "quantum" { + source = "../../modules/quantum" + + project_name = var.project_name + environment = "prd" +} diff --git a/environments/prd/outputs.tf b/environments/prd/outputs.tf new file mode 100644 index 0000000..2ca6cab --- /dev/null +++ b/environments/prd/outputs.tf @@ -0,0 +1,34 @@ +output "localstack_endpoint" { + description = "LocalStack endpoint used by the provider." + value = var.localstack_endpoint +} + +output "quantum_bucket_name" { + description = "S3 bucket for the Quantum application." + value = module.quantum.quantum_bucket_name +} + +output "quantum_queue_url" { + description = "Main SQS queue URL." + value = module.quantum.quantum_queue_url +} + +output "quantum_dlq_url" { + description = "DLQ URL." + value = module.quantum.quantum_dlq_url +} + +output "quantum_lambda_name" { + description = "Processor Lambda function name." + value = module.quantum.quantum_lambda_name +} + +output "quantum_log_group_name" { + description = "CloudWatch Log Group for the Lambda function." + value = module.quantum.quantum_log_group_name +} + +output "quantum_secret_name" { + description = "Secrets Manager secret name." + value = module.quantum.quantum_secret_name +} diff --git a/environments/prd/provider.tf b/environments/prd/provider.tf new file mode 100644 index 0000000..1aa5a1d --- /dev/null +++ b/environments/prd/provider.tf @@ -0,0 +1,22 @@ +provider "aws" { + region = var.aws_region + access_key = "test" + secret_key = "test" + s3_use_path_style = true + skip_credentials_validation = true + skip_metadata_api_check = true + skip_requesting_account_id = true + + endpoints { + apigateway = var.localstack_endpoint + cloudformation = var.localstack_endpoint + cloudwatch = var.localstack_endpoint + iam = var.localstack_endpoint + lambda = var.localstack_endpoint + logs = var.localstack_endpoint + s3 = var.localstack_endpoint + secretsmanager = var.localstack_endpoint + sqs = var.localstack_endpoint + sts = var.localstack_endpoint + } +} diff --git a/environments/prd/variables.tf b/environments/prd/variables.tf new file mode 100644 index 0000000..4437f06 --- /dev/null +++ b/environments/prd/variables.tf @@ -0,0 +1,17 @@ +variable "aws_region" { + description = "Simulated AWS region in LocalStack." + type = string + default = "us-east-1" +} + +variable "localstack_endpoint" { + description = "LocalStack HTTPS endpoint." + type = string + default = "https://localstack.paulononato.com.br" +} + +variable "project_name" { + description = "Short name of the fictional project." + type = string + default = "quantum" +} diff --git a/environments/prd/versions.tf b/environments/prd/versions.tf new file mode 100644 index 0000000..fe40e1d --- /dev/null +++ b/environments/prd/versions.tf @@ -0,0 +1,14 @@ +terraform { + required_version = ">= 1.6.0" + + required_providers { + aws = { + source = "hashicorp/aws" + version = "~> 5.0" + } + archive = { + source = "hashicorp/archive" + version = "~> 2.4" + } + } +} diff --git a/environments/stg/main.tf b/environments/stg/main.tf new file mode 100644 index 0000000..8fb41f8 --- /dev/null +++ b/environments/stg/main.tf @@ -0,0 +1,6 @@ +module "quantum" { + source = "../../modules/quantum" + + project_name = var.project_name + environment = "stg" +} diff --git a/environments/stg/outputs.tf b/environments/stg/outputs.tf new file mode 100644 index 0000000..2ca6cab --- /dev/null +++ b/environments/stg/outputs.tf @@ -0,0 +1,34 @@ +output "localstack_endpoint" { + description = "LocalStack endpoint used by the provider." + value = var.localstack_endpoint +} + +output "quantum_bucket_name" { + description = "S3 bucket for the Quantum application." + value = module.quantum.quantum_bucket_name +} + +output "quantum_queue_url" { + description = "Main SQS queue URL." + value = module.quantum.quantum_queue_url +} + +output "quantum_dlq_url" { + description = "DLQ URL." + value = module.quantum.quantum_dlq_url +} + +output "quantum_lambda_name" { + description = "Processor Lambda function name." + value = module.quantum.quantum_lambda_name +} + +output "quantum_log_group_name" { + description = "CloudWatch Log Group for the Lambda function." + value = module.quantum.quantum_log_group_name +} + +output "quantum_secret_name" { + description = "Secrets Manager secret name." + value = module.quantum.quantum_secret_name +} diff --git a/environments/stg/provider.tf b/environments/stg/provider.tf new file mode 100644 index 0000000..1aa5a1d --- /dev/null +++ b/environments/stg/provider.tf @@ -0,0 +1,22 @@ +provider "aws" { + region = var.aws_region + access_key = "test" + secret_key = "test" + s3_use_path_style = true + skip_credentials_validation = true + skip_metadata_api_check = true + skip_requesting_account_id = true + + endpoints { + apigateway = var.localstack_endpoint + cloudformation = var.localstack_endpoint + cloudwatch = var.localstack_endpoint + iam = var.localstack_endpoint + lambda = var.localstack_endpoint + logs = var.localstack_endpoint + s3 = var.localstack_endpoint + secretsmanager = var.localstack_endpoint + sqs = var.localstack_endpoint + sts = var.localstack_endpoint + } +} diff --git a/environments/stg/variables.tf b/environments/stg/variables.tf new file mode 100644 index 0000000..4437f06 --- /dev/null +++ b/environments/stg/variables.tf @@ -0,0 +1,17 @@ +variable "aws_region" { + description = "Simulated AWS region in LocalStack." + type = string + default = "us-east-1" +} + +variable "localstack_endpoint" { + description = "LocalStack HTTPS endpoint." + type = string + default = "https://localstack.paulononato.com.br" +} + +variable "project_name" { + description = "Short name of the fictional project." + type = string + default = "quantum" +} diff --git a/environments/stg/versions.tf b/environments/stg/versions.tf new file mode 100644 index 0000000..fe40e1d --- /dev/null +++ b/environments/stg/versions.tf @@ -0,0 +1,14 @@ +terraform { + required_version = ">= 1.6.0" + + required_providers { + aws = { + source = "hashicorp/aws" + version = "~> 5.0" + } + archive = { + source = "hashicorp/archive" + version = "~> 2.4" + } + } +} diff --git a/build/.gitkeep b/modules/quantum/build/.gitkeep similarity index 100% rename from build/.gitkeep rename to modules/quantum/build/.gitkeep diff --git a/lambda/handler.py b/modules/quantum/lambda/handler.py similarity index 100% rename from lambda/handler.py rename to modules/quantum/lambda/handler.py diff --git a/main.tf b/modules/quantum/main.tf similarity index 95% rename from main.tf rename to modules/quantum/main.tf index 8b3f938..98f206b 100644 --- a/main.tf +++ b/modules/quantum/main.tf @@ -34,7 +34,7 @@ resource "aws_s3_bucket_versioning" "quantum_artifacts" { resource "aws_s3_object" "sample_config" { bucket = aws_s3_bucket.quantum_artifacts.id - key = "config/quantum-dev.json" + key = "config/quantum-${var.environment}.json" content_type = "application/json" content = jsonencode({ @@ -84,9 +84,9 @@ resource "aws_secretsmanager_secret_version" "quantum_app" { secret_id = aws_secretsmanager_secret.quantum_app.id secret_string = jsonencode({ - databaseUrl = "postgres://quantum_user:fake_password@quantum-db.local:5432/quantum" - apiKey = "qtm_dev_fake_123456" - jwtSecret = "localstack-only-secret" + databaseUrl = "postgres://quantum_user:fake_password@quantum-${var.environment}-db.local:5432/quantum" + apiKey = "qtm_${var.environment}_fake_123456" + jwtSecret = "localstack-only-secret-${var.environment}" }) } diff --git a/outputs.tf b/modules/quantum/outputs.tf similarity index 85% rename from outputs.tf rename to modules/quantum/outputs.tf index a76fafc..05cff5f 100644 --- a/outputs.tf +++ b/modules/quantum/outputs.tf @@ -1,8 +1,3 @@ -output "localstack_endpoint" { - description = "LocalStack endpoint used by the provider." - value = var.localstack_endpoint -} - output "quantum_bucket_name" { description = "S3 bucket for the Quantum application." value = aws_s3_bucket.quantum_artifacts.bucket diff --git a/modules/quantum/variables.tf b/modules/quantum/variables.tf new file mode 100644 index 0000000..a57ce36 --- /dev/null +++ b/modules/quantum/variables.tf @@ -0,0 +1,10 @@ +variable "project_name" { + description = "Short name of the fictional project." + type = string + default = "quantum" +} + +variable "environment" { + description = "Fictional application environment." + type = string +} diff --git a/modules/quantum/versions.tf b/modules/quantum/versions.tf new file mode 100644 index 0000000..fe40e1d --- /dev/null +++ b/modules/quantum/versions.tf @@ -0,0 +1,14 @@ +terraform { + required_version = ">= 1.6.0" + + required_providers { + aws = { + source = "hashicorp/aws" + version = "~> 5.0" + } + archive = { + source = "hashicorp/archive" + version = "~> 2.4" + } + } +}