Dockerfile and pulumi stack for infra

2025-09-05 18:02:43 -03:00
parent 180a639bdb
commit 32f4607c4b
7 changed files with 72 additions and 42 deletions
--- a/infra/main.py
+++ b/infra/main.py
@@ -1,22 +1,34 @@
 """An AWS Python Pulumi program"""

 import pulumi
-from pulumi_aws import aws
+import pulumi_aws as aws
 from pulumi_aws import s3
-import pulumi_aws_apigateway as apigateway
 import json
-role = aws.iam.Role("mylambda-role",
-    assume_role_policy=json.dumps({
-        "Version": "2012-10-17",
-        "Statement": [{
-            "Effect": "Allow",
-            "Principal": { "Service": "lambda.amazonaws.com" },
-            "Action": "sts:AssumeRole"
-        }]
-    })
-)
+caller_identity = aws.get_caller_identity()
+account_id = caller_identity.account_id
+
+config = pulumi.Config()
+project = config.require("project")
+environment = config.require("environment")
+
+ecr_config = config.require_object("ecr")["entity_extraction"]
+
+ecr_repo = aws.ecr.Repository(ecr_config['name'],
+    name=ecr_config['name'],
+    encryption_configurations=[{
+        "encryption_type": "AES256",
+    }],
+    image_scanning_configuration={
+        "scan_on_push": False,
+    },
+    image_tag_mutability=ecr_config['image_mutability'],
+    opts = pulumi.ResourceOptions(protect=True))
+
+
+pulumi.export("url", pulumi.Output.concat("ECR REPO ID:", ecr_repo.id))
+
 # Create an AWS resource (S3 Bucket)
-bucket = s3.Bucket('br-edu-ifsp-ifsp-ret-s3-bucket-chatbot-editais-d',
+"""bucket = s3.Bucket('br-edu-ifsp-ifsp-ret-s3-bucket-chatbot-editais-d',
                   tags={
                       "nome":"bucket-chatbot-editais",
                       "ambiente":"dev",
@@ -31,20 +43,7 @@ bucket = s3.Bucket('br-edu-ifsp-ifsp-ret-s3-bucket-chatbot-editais-d',
                       "ia":"sim",
                       "modelo":"claude-sonnet-4"
                   })
-f = aws.lambda_.Function("mylambda",
-    runtime=aws.lambda_.Runtime.PYTHON3D8,
-    code=pulumi.AssetArchive({
-        ".": pulumi.FileArchive("./handler"),
-    }),
-    timeout=300,
-    handler="handler.handler",
-    role=role.arn,
-    opts=pulumi.ResourceOptions(depends_on=[policy]),
-)

-api = apigateway.RestAPI('api', routes=[
-    apigateway.RouteArgs(path="/", method="GET", event_handler=f),
-])

 # Export the name of the bucket
-pulumi.export('bucket_name', bucket.id)
+pulumi.export('bucket_name', bucket.id)"""