Skip to content

Commit

Permalink
feat: bastion replacement (#7328)
Browse files Browse the repository at this point in the history 
Co-authored-by: Nayib Gloria <[email protected]>
  • Loading branch information
@ebezzi @nayib-jose-gloria
ebezzi and nayib-jose-gloria authored Sep 4, 2024
1 parent 0442ec7 commit c0abc8f
Showing 1 changed file with 4 additions and 9 deletions.
13 changes: 4 additions & 9 deletions backend/Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,7 @@ db/check:
# Check if the database needs to be migrated due to changes in the schema.
PYTHONPATH=.. alembic -c=./database/database.ini check

# Ensure that make/db/tunnel/up is run before running this
# interactive mode usage: AWS_PROFILE=single-cell-dev DEPLOYMENT_STAGE=dev make db/connect
# ARGS usage: AWS_PROFILE=single-cell-dev DEPLOYMENT_STAGE=dev make db/connect ARGS="-c \"select * from dataset_artifact where filetype='CXG'\""
db/connect:
Expand All @@ -61,9 +62,7 @@ endif

db/connect_internal:
$(eval DB_PW = $(shell aws secretsmanager get-secret-value --secret-id corpora/backend/${DEPLOYMENT_STAGE}/database --region us-west-2 | jq -r '.SecretString | match(":([^:]*)@").captures[0].string'))
$(MAKE) db/tunnel/up
PGOPTIONS='-csearch_path=persistence_schema' PGPASSWORD=${DB_PW} psql --dbname ${DB_NAME} --username ${DB_USER} --host 0.0.0.0 $(ARGS)
$(MAKE) db/tunnel/down

db/console: db/connect # alias

Expand Down Expand Up @@ -123,15 +122,11 @@ endif
# - add db/tunnel as a dependency for all targets so that a tunnel is automatically opened if not already
db/tunnel/up:
$(eval endpoint=$(shell aws rds describe-db-cluster-endpoints --db-cluster-identifier ${CLUSTER_NAME} | jq -r '.DBClusterEndpoints[] | select(.EndpointType | contains("WRITER")) | .Endpoint'))
ssh -f -T -N -M -S $(SSH_SOCKET)\
-o ServerAliveInterval=${SSH_SERVER_ALIVE_INTERVAL_IN_SECONDS} -o ServerAliveCountMax=${SSH_SERVER_ALIVE_COUNT_MAX} \
-o ExitOnForwardFailure=yes \
-L 5432:${endpoint}:5432 $(SSH_BASTION_HOST)
$(eval instance_id=$(shell aws ec2 describe-instances --filters "Name=tag:Name,Values=dp-${DEPLOYMENT_STAGE}-happy" --query "Reservations[*].Instances[*].InstanceId" --output text))

db/tunnel: db/tunnel/up # alias for backwards compatibility
aws ssm start-session --target ${instance_id} --document-name AWS-StartPortForwardingSessionToRemoteHost --parameters '{"portNumber":["5432"],"localPortNumber":["5432"],"host":["${endpoint}"]}'

db/tunnel/down:
ssh -S $(SSH_SOCKET) -O exit $(SSH_BASTION_HOST) || true
db/tunnel: db/tunnel/up # alias for backwards compatibility

SRC_ENV := prod
mirror_env_data:
Expand Down

0 comments on commit c0abc8f

Please sign in to comment.