Finishing up RDS bootstrap for multi-container

Author: brtrvn

resources/custom-resources/rds-bootstrap/src/main/java/com/amazon/aws/partners/saasfactory/saasboost/RdsBootstrap.java

@@ -203,7 +203,7 @@ private static boolean databaseExists(Connection conn, String engine, String dat
     }
 
     public static void createdb(Connection conn, String engine, String database) throws SQLException {
-        LOGGER.info("Creating {} database", engine);
+        LOGGER.info("Creating {} database {}", engine, database);
         try (Statement create = conn.createStatement()) {
             if (engine.contains("postgresql")) {
                 // Postgres has no real way of doing CREATE DATABASE IF NOT EXISTS...

resources/saas-boost-svc-onboarding.yaml

@@ -560,6 +560,12 @@ Resources:
       PolicyDocument:
         Version: 2012-10-17
         Statement:
+          - Effect: Allow
+            Action:
+              - logs:CreateLogGroup
+              - logs:PutRetentionPolicy
+            Resource:
+              - !Sub arn:aws:logs:${AWS::Region}:${AWS::AccountId}:log-group:*
           - Effect: Allow
             Action:
               - rds:AddTagsToResource

resources/saas-boost-svc-settings.yaml

@@ -555,6 +555,13 @@ Resources:
       Targets:
         - Arn: !GetAtt AppConfigEventHandler.Arn
           Id: !Sub sb-${Environment}-settings-app-config-file-event
+  AppConfigResourceFilesEventPermission:
+    Type: AWS::Lambda::Permission
+    Properties:
+      Action: lambda:InvokeFunction
+      FunctionName: !Ref AppConfigEventHandler
+      Principal: events.amazonaws.com
+      SourceArn: !GetAtt AppConfigResourceFilesEventRule.Arn
 Outputs:
   SettingsServiceGetAllArn:
     Description: Settings Service get all settings Lambda ARN

resources/saas-boost.yaml

@@ -854,7 +854,7 @@ Resources:
     Properties:
       Name: !Sub /saas-boost/${Environment}/CFN_UTILS_LAYER
       Type: String
-      Value: !Ref SaaSBoostUtilsLayer
+      Value: !Ref CloudFormationUtilsLayer
 Outputs:
   SaaSBoostBucket:
     Description: S3 bucket with Saas Boost resources

resources/tenant-onboarding-rds.yaml

@@ -305,7 +305,7 @@ Resources:
                 Action:
                   - s3:GetObject
                 Resource:
-                  - !Sub arn:aws:s3:::${SaaSBoostBucket}/bootstrap.sql
+                  - !Sub 'arn:aws:s3:::{{resolve:ssm:/saas-boost/${Environment}/RESOURCES_BUCKET}}/services/*'
               - Effect: Allow
                 Action:
                   - ssm:GetParameter
@@ -352,6 +352,9 @@ Resources:
       Layers:
          - !Sub '{{resolve:ssm:/saas-boost/${Environment}/UTILS_LAYER}}'
          - !Sub '{{resolve:ssm:/saas-boost/${Environment}/CFN_UTILS_LAYER}}'
+      Environment:
+        Variables:
+          SAAS_BOOST_EVENT_BUS: !Sub '{{resolve:ssm:/saas-boost/${Environment}/EVENT_BUS}}'
       Tags:
         - Key: Tenant
           Value: !Ref TenantId
@@ -384,8 +387,8 @@ Resources:
       Database: !Ref RDSDatabase
       User: !Ref RDSUsername
       Password: !Ref RDSPasswordParam # CloudFormation doesn't allow auto decrypting of secure params here...
-      BootstrapFileBucket: !Ref SaaSBoostBucket
-      BootstrapFileKey: !If [BootstrapFile, 'bootstrap.sql', '']
+      BootstrapFileBucket: !Sub '{{resolve:ssm:/saas-boost/${Environment}/RESOURCES_BUCKET}}'
+      BootstrapFileKey: !Ref RDSBootstrap
 Outputs:
   RdsEndpoint:
     Description: RDS endpoint

services/onboarding-service/src/main/java/com/amazon/aws/partners/saasfactory/saasboost/OnboardingService.java

@@ -845,9 +845,10 @@ protected void handleOnboardingBaseProvisioned(Map<String, Object> event, Contex
                             dbVersion = (String) database.get("version");
                             dbFamily = (String) database.get("family");
                             dbInstanceClass = (String) database.get("instanceClass");
+                            dbDatabase = (String) database.get("database");
                             dbUsername = (String) database.get("username");
                             dbPort = (Integer) database.get("port");
-                            // TODO fix this dbBootstrap = (String) database.get("DB_BOOTSTRAP_FILE");
+                            dbBootstrap = (String) database.get("bootstrapFilename");
                             dbPasswordRef = (String) database.get("passwordParam");
                         }
 

services/settings-service/src/main/java/com/amazon/aws/partners/saasfactory/saasboost/SettingsService.java

@@ -597,7 +597,9 @@ protected void handleAppConfigResourceChanged(Map<String, Object> event, Context
             AppConfig changedAppConfig = Utils.fromJson(json, AppConfig.class);
             if (changedAppConfig != null) {
                 AppConfig existingAppConfig = dal.getAppConfig();
-                if (AppConfigHelper.isHostedZoneChanged(existingAppConfig, changedAppConfig)) {
+                // Only updated the hosted zone if it was passed in
+                if (json.contains("hostedZone")
+                        && AppConfigHelper.isHostedZoneChanged(existingAppConfig, changedAppConfig)) {
                     LOGGER.info("Updating hosted zone from {} to {}", existingAppConfig.getHostedZone(),
                             changedAppConfig.getHostedZone());
                     // TODO be nice to fix this so you don't have to know the secret path
@@ -607,7 +609,8 @@ protected void handleAppConfigResourceChanged(Map<String, Object> event, Context
                             .build()
                     );
                 }
-                if (changedAppConfig.getServices() != null) {
+                // Only update the services if they were passed in
+                if (json.contains("services") && changedAppConfig.getServices() != null) {
                     for (Map.Entry<String, ServiceConfig> changedService : changedAppConfig.getServices().entrySet()) {
                         String changedServiceName = changedService.getKey();
                         ServiceConfig changedServiceConfig = changedService.getValue();