fix(infra): align bot runtime config with terraform

2026-03-31 10:24:02 +00:00 · 2026-03-08 20:10:28 +04:00
parent 3675079a4c
commit 082d0f7dcc
6 changed files with 69 additions and 14 deletions
--- a/infra/terraform/README.md
+++ b/infra/terraform/README.md
@@ -29,7 +29,7 @@ This directory contains baseline IaC for deploying the household bot platform on
 1. Initialize:

 ```bash
-terraform -chdir=infra/terraform init
+terraform -chdir=infra/terraform init -backend-config="bucket=<terraform-state-bucket>"
 ```

 2. Prepare variables:
@@ -53,10 +53,14 @@ terraform -chdir=infra/terraform apply
 5. Add secret values (after apply):

 ```bash
+echo -n "<telegram-bot-token>" | gcloud secrets versions add telegram-bot-token --data-file=- --project <project_id>
 echo -n "<value>" | gcloud secrets versions add telegram-webhook-secret --data-file=- --project <project_id>
 echo -n "<value>" | gcloud secrets versions add scheduler-shared-secret --data-file=- --project <project_id>
 ```

+If you configure optional secret IDs such as `database_url_secret_id` or
+`openai_api_key_secret_id`, add versions for those secrets as well.
+
 ## Environments

 Recommended approach:
@@ -64,6 +68,11 @@ Recommended approach:
 - Keep one state per environment (dev/prod) using separate backend configs or workspaces
 - Use `terraform.tfvars` per environment (`dev.tfvars`, `prod.tfvars`)
 - Keep `project_id` separate for dev/prod when possible
+- Keep non-secret bot config in `*.tfvars`:
+  - `bot_household_id`
+  - `bot_household_chat_id`
+  - `bot_purchase_topic_id`
+  - optional `bot_parser_model`

 ## CI validation

--- a/infra/terraform/locals.tf
+++ b/infra/terraform/locals.tf
@@ -19,7 +19,6 @@ locals {
    var.supabase_publishable_key_secret_id,
    var.database_url_secret_id,
    var.telegram_bot_token_secret_id,
-    var.telegram_bot_username_secret_id,
    var.openai_api_key_secret_id
  ]))

--- a/infra/terraform/main.tf
+++ b/infra/terraform/main.tf
@@ -77,9 +77,23 @@ module "bot_api_service" {
  max_instance_count    = var.bot_max_instances
  labels                = local.common_labels

-  env = {
-    NODE_ENV = var.environment
-  }
+  env = merge(
+    {
+      NODE_ENV = var.environment
+    },
+    var.bot_household_id == null ? {} : {
+      HOUSEHOLD_ID = var.bot_household_id
+    },
+    var.bot_household_chat_id == null ? {} : {
+      TELEGRAM_HOUSEHOLD_CHAT_ID = var.bot_household_chat_id
+    },
+    var.bot_purchase_topic_id == null ? {} : {
+      TELEGRAM_PURCHASE_TOPIC_ID = tostring(var.bot_purchase_topic_id)
+    },
+    var.bot_parser_model == null ? {} : {
+      PARSER_MODEL = var.bot_parser_model
+    }
+  )

  secret_env = merge(
    {
@@ -98,9 +112,6 @@ module "bot_api_service" {
    var.telegram_bot_token_secret_id == null ? {} : {
      TELEGRAM_BOT_TOKEN = var.telegram_bot_token_secret_id
    },
-    var.telegram_bot_username_secret_id == null ? {} : {
-      TELEGRAM_BOT_USERNAME = var.telegram_bot_username_secret_id
-    },
    var.openai_api_key_secret_id == null ? {} : {
      OPENAI_API_KEY = var.openai_api_key_secret_id
    }
--- a/infra/terraform/terraform.tfvars.example
+++ b/infra/terraform/terraform.tfvars.example
@@ -5,8 +5,13 @@ service_prefix = "household"

 artifact_repository_id = "household-bot"

-bot_api_image   = "europe-west1-docker.pkg.dev/my-gcp-project/household-bot/bot-api:latest"
-mini_app_image  = "europe-west1-docker.pkg.dev/my-gcp-project/household-bot/mini-app:latest"
+bot_api_image   = "europe-west1-docker.pkg.dev/my-gcp-project/household-bot/bot:latest"
+mini_app_image  = "europe-west1-docker.pkg.dev/my-gcp-project/household-bot/miniapp:latest"
+
+bot_household_id       = "11111111-1111-4111-8111-111111111111"
+bot_household_chat_id  = "-1001234567890"
+bot_purchase_topic_id  = 777
+bot_parser_model       = "gpt-4.1-mini"

 scheduler_cron     = "0 9 * * *"
 scheduler_timezone = "Asia/Tbilisi"
--- a/infra/terraform/variables.tf
+++ b/infra/terraform/variables.tf
@@ -78,14 +78,34 @@ variable "database_url_secret_id" {
 }

 variable "telegram_bot_token_secret_id" {
-  description = "Optional Secret Manager ID for TELEGRAM_BOT_TOKEN"
+  description = "Secret Manager ID for TELEGRAM_BOT_TOKEN"
+  type        = string
+  default     = "telegram-bot-token"
+}
+
+variable "bot_household_id" {
+  description = "Optional HOUSEHOLD_ID value for bot runtime"
  type        = string
  default     = null
  nullable    = true
 }

-variable "telegram_bot_username_secret_id" {
-  description = "Optional Secret Manager ID for TELEGRAM_BOT_USERNAME"
+variable "bot_household_chat_id" {
+  description = "Optional TELEGRAM_HOUSEHOLD_CHAT_ID value for bot runtime"
+  type        = string
+  default     = null
+  nullable    = true
+}
+
+variable "bot_purchase_topic_id" {
+  description = "Optional TELEGRAM_PURCHASE_TOPIC_ID value for bot runtime"
+  type        = number
+  default     = null
+  nullable    = true
+}
+
+variable "bot_parser_model" {
+  description = "Optional PARSER_MODEL override for bot runtime"
  type        = string
  default     = null
  nullable    = true