From a019a1a4f0e2837172da8857de76fadaf09020fd Mon Sep 17 00:00:00 2001 From: Alis Akers Date: Wed, 18 Sep 2024 11:56:49 -0700 Subject: [PATCH] setup tefca jdbc database connection strings and update db url name --- terraform/aws/implementation/main.tf | 3 +++ .../aws/implementation/modules/eks/README.md | 3 +++ .../aws/implementation/modules/eks/main.tf | 21 +++++++++++++++++-- .../implementation/modules/eks/variables.tf | 12 +++++++++++ .../aws/implementation/modules/rds/README.md | 3 +++ .../aws/implementation/modules/rds/main.tf | 4 ++-- .../aws/implementation/modules/rds/output.tf | 15 ++++++++++++- 7 files changed, 56 insertions(+), 5 deletions(-) diff --git a/terraform/aws/implementation/main.tf b/terraform/aws/implementation/main.tf index 11d83268..82279a33 100644 --- a/terraform/aws/implementation/main.tf +++ b/terraform/aws/implementation/main.tf @@ -43,6 +43,9 @@ module "eks" { ecr_viewer_s3_role_arn = module.s3.ecr_viewer_s3_role_arn tefca_viewer_db_role_arn = module.rds.tefca_viewer_db_role_arn tefca_db_connection_string = module.rds.tefca_db_connection_string + tefca_jdbc_db_url = module.rds.tefca_jdbc_db_url + tefca_jdbc_db_password = module.rds.tefca_jdbc_db_password + tefca_jdbc_db_user = module.rds.tefca_jdbc_db_user domain_name = local.domain_name ecr_bucket_name = module.s3.ecr_bucket_name enable_cognito = var.enable_cognito diff --git a/terraform/aws/implementation/modules/eks/README.md b/terraform/aws/implementation/modules/eks/README.md index 791059ad..780fffbe 100644 --- a/terraform/aws/implementation/modules/eks/README.md +++ b/terraform/aws/implementation/modules/eks/README.md @@ -79,6 +79,9 @@ | [smarty\_auth\_id](#input\_smarty\_auth\_id) | value of the SmartyStreets Auth ID | `any` | n/a | yes | | [smarty\_auth\_token](#input\_smarty\_auth\_token) | value of the SmartyStreets Auth Token | `any` | n/a | yes | | [tefca\_db\_connection\_string](#input\_tefca\_db\_connection\_string) | Connection string to the tefca database | `any` | n/a | yes | +| [tefca\_jdbc\_db\_password](#input\_tefca\_jdbc\_db\_password) | JDBC password for flyway to the tefca database | `any` | n/a | yes | +| [tefca\_jdbc\_db\_url](#input\_tefca\_jdbc\_db\_url) | JDBC connection string for flyway to the tefca database | `any` | n/a | yes | +| [tefca\_jdbc\_db\_user](#input\_tefca\_jdbc\_db\_user) | JDBC username for flyway to the tefca database | `any` | n/a | yes | | [tefca\_viewer\_db\_role\_arn](#input\_tefca\_viewer\_db\_role\_arn) | The db Role ARN for the Tefca Viewer Service | `any` | n/a | yes | | [vpc\_id](#input\_vpc\_id) | ID of the VPC | `string` | n/a | yes | diff --git a/terraform/aws/implementation/modules/eks/main.tf b/terraform/aws/implementation/modules/eks/main.tf index c125dbf4..73f076a9 100644 --- a/terraform/aws/implementation/modules/eks/main.tf +++ b/terraform/aws/implementation/modules/eks/main.tf @@ -298,7 +298,7 @@ data "external" "latest_phdi_release" { resource "helm_release" "building_blocks" { depends_on = [terraform_data.wait_for_load_balancer_controller] for_each = var.services_to_chart - repository = "https://github.com/CDCgov/phdi-charts/tree/alis/upgrades/2565/85" + repository = "https://cdcgov.github.io/phdi-charts/" name = "phdi-playground-${terraform.workspace}-${each.key}" chart = each.value version = data.external.chart_versions.result[each.value] @@ -307,7 +307,22 @@ resource "helm_release" "building_blocks" { cleanup_on_fail = true set { - name = "databaseUrl" + name = "jdbcDatabaseUrl" + value = var.tefca_jdbc_db_url + } + + set { + name = "jdbcDatabasePassword" + value = var.tefca_jdbc_db_password + } + + set { + name = "jdbcDatabaseUser" + value = var.tefca_jdbc_db_user + } + + set { + name = "databaseConnectionString" value = var.tefca_db_connection_string } @@ -337,6 +352,8 @@ resource "helm_release" "building_blocks" { } # Values needed for orchestration service + # "phdi-playground-${terraform.workspace}-${each.key}-${each.key}-service" + # phdi-playground-dev-ecr-viewer-ecr-viewer-service set { name = "fhirConverterUrl" value = "https://${var.domain_name}/fhir-converter" diff --git a/terraform/aws/implementation/modules/eks/variables.tf b/terraform/aws/implementation/modules/eks/variables.tf index e2d39816..b2dae9c3 100644 --- a/terraform/aws/implementation/modules/eks/variables.tf +++ b/terraform/aws/implementation/modules/eks/variables.tf @@ -89,4 +89,16 @@ variable "cognito_domain" { variable "tefca_db_connection_string" { description = "Connection string to the tefca database" +} + +variable "tefca_jdbc_db_url" { + description = "JDBC connection string for flyway to the tefca database" +} + +variable "tefca_jdbc_db_password" { + description = "JDBC password for flyway to the tefca database" +} + +variable "tefca_jdbc_db_user" { + description = "JDBC username for flyway to the tefca database" } \ No newline at end of file diff --git a/terraform/aws/implementation/modules/rds/README.md b/terraform/aws/implementation/modules/rds/README.md index fbf40593..9013a061 100644 --- a/terraform/aws/implementation/modules/rds/README.md +++ b/terraform/aws/implementation/modules/rds/README.md @@ -48,5 +48,8 @@ No modules. | Name | Description | |------|-------------| | [tefca\_db\_connection\_string](#output\_tefca\_db\_connection\_string) | n/a | +| [tefca\_jdbc\_db\_password](#output\_tefca\_jdbc\_db\_password) | n/a | +| [tefca\_jdbc\_db\_url](#output\_tefca\_jdbc\_db\_url) | n/a | +| [tefca\_jdbc\_db\_user](#output\_tefca\_jdbc\_db\_user) | n/a | | [tefca\_viewer\_db\_role\_arn](#output\_tefca\_viewer\_db\_role\_arn) | n/a | \ No newline at end of file diff --git a/terraform/aws/implementation/modules/rds/main.tf b/terraform/aws/implementation/modules/rds/main.tf index 2fb83299..f7e9c0d4 100644 --- a/terraform/aws/implementation/modules/rds/main.tf +++ b/terraform/aws/implementation/modules/rds/main.tf @@ -40,7 +40,7 @@ resource "aws_security_group" "ds_sg" { from_port = 5432 to_port = 5432 protocol = "tcp" - cidr_blocks = ["10.0.0.0/16"] + cidr_blocks = ["176.24.0.0/16"] } # Allow all outbound traffic @@ -69,5 +69,5 @@ resource "random_string" "setup_rds_password" { length = 13 #update as needed # Character set that excludes problematic characters like quotes, backslashes, etc. - override_special = "_!@#-$%^&*()[]{}" + override_special = "^()[]{}" } diff --git a/terraform/aws/implementation/modules/rds/output.tf b/terraform/aws/implementation/modules/rds/output.tf index 5a47f3dd..19cc2c7b 100644 --- a/terraform/aws/implementation/modules/rds/output.tf +++ b/terraform/aws/implementation/modules/rds/output.tf @@ -3,6 +3,19 @@ output "tefca_viewer_db_role_arn" { } output "tefca_db_connection_string" { - value = "postgresql://${aws_db_instance.tefca-viewer-db.username}:${aws_db_instance.tefca-viewer-db.password}@${aws_db_instance.tefca-viewer-db.endpoint}:5432/${aws_db_instance.tefca-viewer-db.db_name}" + value = "postgresql://${aws_db_instance.tefca-viewer-db.username}:${aws_db_instance.tefca-viewer-db.password}@${aws_db_instance.tefca-viewer-db.endpoint}/${aws_db_instance.tefca-viewer-db.db_name}" sensitive = true } + +output "tefca_jdbc_db_url" { + value = "jdbc:postgresql://${aws_db_instance.tefca-viewer-db.endpoint}/${aws_db_instance.tefca-viewer-db.db_name}" + sensitive = true +} + +output "tefca_jdbc_db_user" { + value = aws_db_instance.tefca-viewer-db.username +} + +output "tefca_jdbc_db_password" { + value = aws_db_instance.tefca-viewer-db.password +} \ No newline at end of file