-
Notifications
You must be signed in to change notification settings - Fork 8
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: Create psql DB in the CF provisioner #3334
Conversation
|
||
"connectrpc.com/connect" | ||
"github.com/aws/aws-sdk-go-v2/service/cloudformation" | ||
"github.com/aws/aws-sdk-go-v2/service/cloudformation/types" | ||
"github.com/aws/aws-sdk-go-v2/service/secretsmanager" | ||
_ "github.com/lib/pq" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We use pgx, let's not have two PG drivers.
return fmt.Errorf("failed to group outputs by property name: %w", err) | ||
} | ||
|
||
fmt.Fprintf(os.Stderr, "byName: %v\n", byName) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
??
return fmt.Errorf("failed to get username and password from secret ARN: %w", err) | ||
} | ||
|
||
to.ReadDsn = endpointToDSN(*byName[PropertyDBReadEndpoint].OutputValue, resourceID, 5432, username, password) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
These blind pointer deferences are horrifying.
|
||
func endpointToDSN(endpoint, database string, port int, username, password string) string { | ||
urlEncodedPassword := url.QueryEscape(password) | ||
return fmt.Sprintf("postgres://%s:%d/%s?user=%s&password=%s", endpoint, port, database, username, urlEncodedPassword) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Would it be better to construct a url.URL
here, then stringify it, to ensure all escaping is correct?
Connects to the freshly created psql instance, and creates a database if it does not exist.
This closes #3117 with https://github.com/tbdeng/ftl-aws/pull/35
We should refactor the DB creation from the success step to be part of the actual provisioning flow. Thicket for this: #3333
We should also not use the root credentials when connecting to the DB from a module. However, we should change this when looking at DB migrations, when we won't expect modules to execute DDL anymore.