From e00f019d2cd15ece4464f35a48429a41d8527602 Mon Sep 17 00:00:00 2001 From: Felisia Martini Date: Mon, 2 Sep 2024 14:31:06 +0100 Subject: [PATCH] feat: Enable passing admin username for Postgres Similar to MySQL this is required in order to be able to migrate instances from the legacy broker to CSB --- integration-tests/postgresql_test.go | 3 ++ terraform-tests/postgres_test.go | 45 +++++++++++++++++++++ terraform/postgresql/provision/main.tf | 3 +- terraform/postgresql/provision/variables.tf | 3 +- 4 files changed, 52 insertions(+), 2 deletions(-) diff --git a/integration-tests/postgresql_test.go b/integration-tests/postgresql_test.go index 7a26b553b..b3a651154 100644 --- a/integration-tests/postgresql_test.go +++ b/integration-tests/postgresql_test.go @@ -214,6 +214,7 @@ var _ = Describe("Postgresql", Label("Postgresql"), func() { "enable_export_upgrade_logs": true, "cloudwatch_upgrade_log_group_retention_in_days": 1, "cloudwatch_log_groups_kms_key_id": "arn:aws:kms:us-west-2:xxxxxxxxxxxx:key/xxxxxxxx-80b9-4afd-98c0-xxxxxxxxxxxx", + "admin_username": "some-other-username", }) Expect(err).NotTo(HaveOccurred()) @@ -255,6 +256,7 @@ var _ = Describe("Postgresql", Label("Postgresql"), func() { HaveKeyWithValue("enable_export_upgrade_logs", true), HaveKeyWithValue("cloudwatch_upgrade_log_group_retention_in_days", BeNumerically("==", 1)), HaveKeyWithValue("cloudwatch_log_groups_kms_key_id", "arn:aws:kms:us-west-2:xxxxxxxxxxxx:key/xxxxxxxx-80b9-4afd-98c0-xxxxxxxxxxxx"), + HaveKeyWithValue("admin_username", "some-other-username"), ), ) }) @@ -301,6 +303,7 @@ var _ = Describe("Postgresql", Label("Postgresql"), func() { const initialProvisionInvocation = 1 Expect(mockTerraform.ApplyInvocations()).To(HaveLen(initialProvisionInvocation)) }, + Entry("admin_username", "admin_username", "new-username"), Entry("update region", "region", "no-matter-what-region"), Entry("update kms_key_id", "kms_key_id", "no-matter-what-key"), Entry("update db_name", "db_name", "no-matter-what-name"), diff --git a/terraform-tests/postgres_test.go b/terraform-tests/postgres_test.go index 2514e20b5..73604c85b 100644 --- a/terraform-tests/postgres_test.go +++ b/terraform-tests/postgres_test.go @@ -67,6 +67,7 @@ var _ = Describe("postgres", Label("postgres-terraform"), Ordered, func() { "enable_export_upgrade_logs": false, "cloudwatch_upgrade_log_group_retention_in_days": 30, "cloudwatch_log_groups_kms_key_id": "", + "admin_username": "", } }) @@ -75,6 +76,50 @@ var _ = Describe("postgres", Label("postgres-terraform"), Ordered, func() { Init(terraformProvisionDir) }) + Context("admin username", func() { + When("admin username has been passed", func() { + BeforeAll(func() { + plan = ShowPlan(terraformProvisionDir, buildVars(defaultVars, map[string]any{ + "admin_username": "test-name", + })) + }) + + It("should use that admin username", func() { + Expect(ResourceChangesTypes(plan)).To(ConsistOf( + "aws_db_instance", + "random_password", + "aws_db_parameter_group", + "aws_db_subnet_group", + "aws_security_group", + "aws_security_group_rule", + )) + + Expect(AfterValuesForType(plan, "aws_db_instance")).To( + MatchKeys(IgnoreExtras, Keys{ + "username": Equal("test-name"), + })) + }) + }) + + When("admin username has not been passed", func() { + BeforeAll(func() { + plan = ShowPlan(terraformProvisionDir, buildVars(defaultVars, map[string]any{})) + }) + + It("should create a new random admin username", func() { + Expect(ResourceChangesTypes(plan)).To(ConsistOf( + "aws_db_instance", + "random_password", + "random_string", + "aws_db_parameter_group", + "aws_db_subnet_group", + "aws_security_group", + "aws_security_group_rule", + )) + }) + }) + }) + Context("cloud watch log groups", func() { When("no parameters passed", func() { BeforeAll(func() { diff --git a/terraform/postgresql/provision/main.tf b/terraform/postgresql/provision/main.tf index 2282a9075..94f05feb0 100644 --- a/terraform/postgresql/provision/main.tf +++ b/terraform/postgresql/provision/main.tf @@ -38,6 +38,7 @@ resource "random_string" "username" { length = 16 special = false numeric = false + count = length(var.admin_username) == 0 ? 1 : 0 } resource "random_password" "password" { @@ -57,7 +58,7 @@ resource "aws_db_instance" "db_instance" { instance_class = local.instance_class identifier = var.instance_name db_name = var.db_name - username = random_string.username.result + username = length(var.admin_username) == 0 ? random_string.username[0].result : var.admin_username password = random_password.password.result parameter_group_name = length(var.parameter_group_name) == 0 ? aws_db_parameter_group.db_parameter_group[0].name : var.parameter_group_name tags = var.labels diff --git a/terraform/postgresql/provision/variables.tf b/terraform/postgresql/provision/variables.tf index 4fd93d612..5f1a0ce6b 100644 --- a/terraform/postgresql/provision/variables.tf +++ b/terraform/postgresql/provision/variables.tf @@ -63,4 +63,5 @@ variable "enable_export_postgresql_logs" { type = bool } variable "enable_export_upgrade_logs" { type = bool } variable "cloudwatch_postgresql_log_group_retention_in_days" { type = number } variable "cloudwatch_upgrade_log_group_retention_in_days" { type = number } -variable "cloudwatch_log_groups_kms_key_id" { type = string } \ No newline at end of file +variable "cloudwatch_log_groups_kms_key_id" { type = string } +variable "admin_username" { type = string }