separate dev and prod dbs

[saanobhaai]

Summary by CodeRabbit

• Chores
  • Updated Docker Compose to use a newer PostGIS image version for the database service.
• Bug Fixes
  • Corrected the environment variable assignment for AWS secret access key in production settings.
• New Features
  • Introduced separate production and development databases with distinct configurations and improved security rules.

[coderabbitai]

Walkthrough

The changes introduce distinct production and development RDS database resources in the infrastructure code, updating references to these databases accordingly. The Docker Compose file updates the PostGIS image version for the database service. Additionally, a correction is made to the environment variable used for the AWS secret access key in the application settings.

Changes

File(s)	Change Summary
iac/stacks/common.py	Split the single RDS database into separate production and development instances with distinct secrets, instance types, and Postgres versions. Updated security group rules to accommodate both databases.
iac/app.py	Updated ApiStack instantiations to reference the new dev_database and prod_database attributes from CommonStack instead of the previous shared database.
docker-compose.yml	Updated the api_db service to use a newer PostGIS Docker image version (postgis/postgis:17-3.5-alpine instead of 13-3.2-alpine).
src/app/settings.py	Corrected the environment variable used for the AWS secret access key in production from IMAGE_BUCKET_AWS_ACCESS_KEY_ID to IMAGE_BUCKET_AWS_SECRET_ACCESS_KEY.

Sequence Diagram(s)

sequenceDiagram
    participant Dev_ApiStack
    participant Prod_ApiStack
    participant CommonStack
    participant Dev_Database
    participant Prod_Database

    Dev_ApiStack->>CommonStack: Request dev_database
    CommonStack->>Dev_Database: Return dev_database instance

    Prod_ApiStack->>CommonStack: Request prod_database
    CommonStack->>Prod_Database: Return prod_database instance

Loading

Tip

⚡️ Faster reviews with caching

• CodeRabbit now supports caching for code and dependencies, helping speed up reviews. This means quicker feedback, reduced wait times, and a smoother review experience overall. Cached data is encrypted and stored securely. This feature will be automatically enabled for all accounts on May 16th. To opt out, configure Review - Disable Cache at either the organization or repository level. If you prefer to disable all data retention across your organization, simply turn off the Data Retention setting under your Organization Settings.

Enjoy the performance boost—your workflow just got faster.

✨ Finishing Touches

• 📝 Generate Docstrings

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 14c45c7 and d46167f.

📒 Files selected for processing (4)

• docker-compose.yml (1 hunks)
• iac/app.py (2 hunks)
• iac/stacks/common.py (3 hunks)
• src/app/settings.py (1 hunks)

🔇 Additional comments (8)

iac/stacks/common.py (5)

66-76: Good refactoring of database resources - production database setup looks good.

The code properly renames the original database elements to clearly indicate they are for production use. The instance size upgrade from SMALL to MEDIUM is also a good improvement for production workloads.

Also applies to: 78-92

---

94-104: Development database credentials are properly isolated.

Good implementation of separate credentials for the development database with a distinct secret name path, which ensures proper isolation between environments.

---

215-216: Security group rules properly updated for both databases.

The security group configuration now correctly allows ECS tasks to connect to both production and development databases.

---

221-226: Subnet access properly configured for both databases.

Good implementation of allowing access from each private subnet CIDR block to both database instances.

---

106-120:

Details

❓ Verification inconclusive

Development database uses newer Postgres version - verify compatibility.

The development database uses Postgres 16.3 while production uses 13.7. This separation allows testing with newer versions before production adoption.

Consider testing application compatibility with both database versions to ensure there are no issues with the version difference. PostgreSQL 16 introduced some changes that could potentially affect application behavior.

---

🏁 Script executed:

#!/bin/bash
# Check versions and compatibility notes between the PostgreSQL versions used
echo "Comparing PostgreSQL 13.7 and 16.3 compatibility"
rg -A 5 "PostgreSQL (13|16)" src/

Length of output: 142

---

🏁 Script executed:

#!/bin/bash
echo "Listing all Postgres engine version usages in iac/stacks"
rg -n "DatabaseInstanceEngine\\.postgres" -A2 iac/stacks
echo
echo "Listing all PostgresEngineVersion constants in iac/stacks"
rg -n "PostgresEngineVersion\\.VER" -n iac/stacks

Length of output: 1149

---

Verify PostgreSQL Version Compatibility

The development RDS instance is using Postgres 16.3 (iac/stacks/common.py:110–112) while production remains on 13.7 (iac/stacks/common.py:82–84). Please ensure the application is fully compatible with both versions, particularly around any query syntax changes or deprecated features introduced in Postgres 16, before promoting 16.x to production.

• iac/stacks/common.py:82–84 – Production engine version: PostgresEngineVersion.VER_13_7
• iac/stacks/common.py:110–112 – Development engine version: PostgresEngineVersion.VER_16_3

docker-compose.yml (1)

14-14:

Details

❓ Verification inconclusive

Updated PostGIS image version to align with development database.

The PostGIS image has been updated from version 13-3.2-alpine to 17-3.5-alpine to align with the newer Postgres version used in the development environment.

Verify that your application works with this newer PostgreSQL version (17) as it's higher than even the development database version (16.3).

---

🏁 Script executed:

#!/bin/bash
# Check for PostgreSQL version-specific code or dependencies
echo "Searching for PostgreSQL version-specific dependencies or code..."
grep -r "postgresql.*version\|postgres.*version" --include="*.py" --include="*.json" --include="*.yml" ./src/

Length of output: 252

---

Verify PostgreSQL 17 compatibility

A recursive grep in ./src/ for version-specific Postgres references returned no matches, suggesting the app is largely DB-agnostic. However, because you’ve bumped from 13→17 (even beyond your dev DB’s 16.3), please manually confirm:

• Update your CI/workflow to pull postgis/postgis:17-3.5-alpine and run the full test suite.
• Spin up a local PostGIS 17 container and exercise all database migrations.
• Run integration/end-to-end tests against the new image to catch any SQL or driver incompatibilities.

iac/app.py (2)

57-57: Updated development API stack to use dev database.

Correctly updated the development API stack to reference the dedicated development database.

---

85-85: Updated production API stack to use production database.

Correctly updated the production API stack to reference the dedicated production database.

[michaelconnor00]

Looks good.