Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adjust admin-login module to handle replica #6

Open
wants to merge 7 commits into
base: main
Choose a base branch
from
Open

Adjust admin-login module to handle replica #6

wants to merge 7 commits into from

Conversation

minaslater
Copy link

Saves the replica database url to the same secrets so its value can be exposed as env variable when needed.

@minaslater minaslater force-pushed the ms-update-with-replica branch from b2a0351 to 3ebd728 Compare November 10, 2022 18:40
@minaslater minaslater marked this pull request as ready for review November 10, 2022 18:41
@minaslater minaslater force-pushed the ms-update-with-replica branch 2 times, most recently from 0d2ff99 to 8305127 Compare November 10, 2022 18:57
@minaslater minaslater force-pushed the ms-update-with-replica branch from 8305127 to 4934f65 Compare November 10, 2022 19:35
@minaslater
Adjust admin-login module to handle replica
77f560c 
Saves the replica database url to the same secrets so its value can be exposed as env variable when needed.
@minaslater minaslater force-pushed the ms-update-with-replica branch from 4934f65 to 77f560c Compare November 10, 2022 19:37
minaslater and others added 5 commits November 10, 2022 13:41
@minaslater
use can to eval replica to bool
ceaf276
@minaslater
Pass in replica hostname
3692ea8 
The only thing we need to know about the replica is the
hostname/address. Doing this will eliminate the need to read from the
instance.
@OlamideOl1
Update replica url in RDs secret rotation script
44d9ce6
@minaslater
Pass REPLICA_HOST address in as env var
78b9e06 
The initial_values for the postgres login secrets doesn't seem to be
tracked as changes, so when the replica database host name is changes,
terraform doesn't recognize anything has changed. Olamide suggested
changing this module to pass replica host as an env var to the python
lambda rotation script to correct this.
@minaslater
fixes indentation
7ffe6c3
minaslater
minaslater commented Nov 14, 2022
View reviewed changes
rds-postgres/admin-login/main.tf
# username = var.username
# }

# initial_secret_value = can(var.replica_host) ? merge(local.base_value, { replica_host = var.replica_host }) : local.base_value
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Removed so that we're passing the replica DB host address in only one way; as an environment variable rather than also as part of the secrets.

minaslater
minaslater commented Nov 14, 2022
View reviewed changes
rds-postgres/admin-login/rotation/lambda_function.py
if replica:
host = secret['host']
else:
host = REPLICA_HOST
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Updated this rotation script to use the env var REPLICA_HOST, rather than passing the host address of the replica DB in two ways, in response to @jferris's comment here.

@OlamideOl1
Update lambda_function.py
2729d2f 
Review dict_to_url function when replica is set
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jferris jferris jferris approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@minaslater @jferris @OlamideOl1