Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: Create psql DB in the CF provisioner #3334

Merged
merged 4 commits into from
Nov 6, 2024
Merged

Conversation

jvmakine
Copy link
Contributor

@jvmakine jvmakine commented Nov 6, 2024

Connects to the freshly created psql instance, and creates a database if it does not exist.

This closes #3117 with https://github.com/tbdeng/ftl-aws/pull/35

We should refactor the DB creation from the success step to be part of the actual provisioning flow. Thicket for this: #3333

We should also not use the root credentials when connecting to the DB from a module. However, we should change this when looking at DB migrations, when we won't expect modules to execute DDL anymore.

@jvmakine jvmakine requested a review from alecthomas as a code owner November 6, 2024 04:23
@github-actions github-actions bot changed the title Create psql DB in the CF provisioner feat: Create psql DB in the CF provisioner Nov 6, 2024
@ftl-robot ftl-robot mentioned this pull request Nov 6, 2024
@jvmakine jvmakine merged commit e4b72b5 into main Nov 6, 2024
93 checks passed
@jvmakine jvmakine deleted the juho/db-pw-secret-arn branch November 6, 2024 23:37

"connectrpc.com/connect"
"github.com/aws/aws-sdk-go-v2/service/cloudformation"
"github.com/aws/aws-sdk-go-v2/service/cloudformation/types"
"github.com/aws/aws-sdk-go-v2/service/secretsmanager"
_ "github.com/lib/pq"
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We use pgx, let's not have two PG drivers.

return fmt.Errorf("failed to group outputs by property name: %w", err)
}

fmt.Fprintf(os.Stderr, "byName: %v\n", byName)
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

??

return fmt.Errorf("failed to get username and password from secret ARN: %w", err)
}

to.ReadDsn = endpointToDSN(*byName[PropertyDBReadEndpoint].OutputValue, resourceID, 5432, username, password)
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These blind pointer deferences are horrifying.


func endpointToDSN(endpoint, database string, port int, username, password string) string {
urlEncodedPassword := url.QueryEscape(password)
return fmt.Sprintf("postgres://%s:%d/%s?user=%s&password=%s", endpoint, port, database, username, urlEncodedPassword)
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would it be better to construct a url.URL here, then stringify it, to ensure all escaping is correct?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Deploy provisioner to dev environment with cloudformation plugin
2 participants