From 63e05cf768bf69902da2a95cae832914a1298efd Mon Sep 17 00:00:00 2001
From: Edoardo Rosa <6991986+notdodo@users.noreply.github.com>
Date: Wed, 25 Sep 2024 09:00:18 +0200
Subject: [PATCH] rename table (#27)

* rename table

* debug

* debug

* debug

* rename table

* enh: pulumi up

* enh: pulumi up
---
 .github/workflows/pulumi-preview.yml |  5 ++
 .github/workflows/pulumi-up.yml      | 81 ++++++++++++++++++++++++++++
 pulumi/__main__.py                   |  8 +--
 3 files changed, 90 insertions(+), 4 deletions(-)
 create mode 100644 .github/workflows/pulumi-up.yml

diff --git a/.github/workflows/pulumi-preview.yml b/.github/workflows/pulumi-preview.yml
index b66f182..e67f2d1 100644
--- a/.github/workflows/pulumi-preview.yml
+++ b/.github/workflows/pulumi-preview.yml
@@ -66,6 +66,11 @@ jobs:
         with:
           role-to-assume: arn:aws:iam::841162699174:role/erfiume-oidc-read
           aws-region: eu-west-1
+          retry-max-attempts: 2
+      - uses: aws-actions/aws-secretsmanager-get-secrets@4e95aaf6ba8028772f5384971d4fedccfaab8621
+        # v2.0.6
+        with:
+          secret-ids: CLOUDFLARE_API_TOKEN, erfiume-gha-cloudflare-read-only
       - uses: pulumi/actions@cd99a7f8865434dd3532b586a26f9ebea596894f
         # v5.5.1
         with:
diff --git a/.github/workflows/pulumi-up.yml b/.github/workflows/pulumi-up.yml
new file mode 100644
index 0000000..7d1aae3
--- /dev/null
+++ b/.github/workflows/pulumi-up.yml
@@ -0,0 +1,81 @@
+name: Pulumi Up
+on:
+  push:
+    branches:
+      - master
+    paths:
+      - pulumi/**
+      - .github/workflows/pulumi-up.yml
+
+concurrency:
+  group: ghas-erfiume-pulumi-up-${{ github.ref }}
+
+jobs:
+  pulumi-up:
+    name: Pulumi Up
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      id-token: write
+    defaults:
+      run:
+        working-directory: ./pulumi
+    steps:
+      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
+        # v4.1.7
+        with:
+          fetch-depth: 0
+      - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3
+        # v5.2.0
+        with:
+          python-version: 3.12
+      - uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9
+        # v4.0.2
+        with:
+          path: ~/.local
+          key: poetry-latest
+      - uses: snok/install-poetry@76e04a911780d5b312d89783f7b1cd627778900a
+        # v1.4.1
+        with:
+          virtualenvs-create: true
+          virtualenvs-in-project: true
+          installer-parallel: true
+      - id: cache-deps
+        uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9
+        # v4.0.2
+        with:
+          path: .venv
+          key: python-3.12-poetry-${{ hashFiles('**/poetry.lock') }}
+      - run: poetry install
+        if: steps.cache-deps.outputs.cache-hit != 'true'
+      - uses: pulumi/auth-actions@80dec0d5e009a11565cbf87d9ef9103fc7d24198
+        # v1.0.0
+        with:
+          organization: notdodo
+          requested-token-type: urn:pulumi:token-type:access_token:personal
+          scope: user:notdodo
+      - uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9
+        # v4.0.2
+        with:
+          path: ~/.pulumi/plugins
+          key: python-3.12-pulumi-${{ hashFiles('**/poetry.lock') }}
+          restore-keys: |
+            python-3.12-pulumi-
+      - uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502
+        # v4.0.2
+        with:
+          role-to-assume: arn:aws:iam::841162699174:role/erfiume-oidc-write
+          aws-region: eu-west-1
+          retry-max-attempts: 2
+      - uses: aws-actions/aws-secretsmanager-get-secrets@4e95aaf6ba8028772f5384971d4fedccfaab8621
+        # v2.0.6
+        with:
+          secret-ids: CLOUDFLARE_API_TOKEN, erfiume-gha-cloudflare-read-write
+      - uses: pulumi/actions@cd99a7f8865434dd3532b586a26f9ebea596894f
+        # v5.5.1
+        with:
+          command: up
+          stack-name: notdodo/erfiume/production
+          work-dir: ./pulumi
+          color: always
+          suppress-progress: true
diff --git a/pulumi/__main__.py b/pulumi/__main__.py
index 211c43c..81deecc 100644
--- a/pulumi/__main__.py
+++ b/pulumi/__main__.py
@@ -35,9 +35,9 @@
     ],
 )
 
-utenti_table = dynamodb.Table(
+chats_table = dynamodb.Table(
     f"{RESOURCES_PREFIX}-users",
-    name="Utenti",
+    name="Chats",
     billing_mode="PAY_PER_REQUEST",
     hash_key="chatid",
     attributes=[
@@ -131,14 +131,14 @@
                             "dynamodb:Query",
                             "dynamodb:GetItem",
                         ],
-                        "Resources": [stazioni_table.arn, utenti_table.arn],
+                        "Resources": [stazioni_table.arn, chats_table.arn],
                     },
                     {
                         "Effect": "Allow",
                         "Actions": [
                             "dynamodb:PutItem",
                         ],
-                        "Resources": [utenti_table.arn],
+                        "Resources": [chats_table.arn],
                     },
                     {
                         "Effect": "Allow",