setup tefca jdbc database connection strings and update db url name

terraform/aws/implementation/main.tf

@@ -31,24 +31,27 @@ module "vpc" {
 }
 
 module "eks" {
-  source                     = "./modules/eks"
-  region                     = var.region
-  eks_name                   = local.name
-  vpc_id                     = module.vpc.vpc_id
-  public_subnet_ids          = module.vpc.public_subnets
-  private_subnet_ids         = module.vpc.private_subnets
-  smarty_auth_id             = var.smarty_auth_id
-  smarty_auth_token          = var.smarty_auth_token
-  aws_acm_certificate_arn    = module.route53.aws_acm_certificate_arn
-  ecr_viewer_s3_role_arn     = module.s3.ecr_viewer_s3_role_arn
-  tefca_viewer_db_role_arn   = module.rds.tefca_viewer_db_role_arn
-  tefca_db_connection_string = module.rds.tefca_db_connection_string
-  domain_name                = local.domain_name
-  ecr_bucket_name            = module.s3.ecr_bucket_name
-  enable_cognito             = var.enable_cognito
-  cognito_user_pool_arn      = module.cognito.cognito_user_pool_arn
-  cognito_client_id          = module.cognito.cognito_client_id
-  cognito_domain             = module.cognito.cognito_domain
+  source                          = "./modules/eks"
+  region                          = var.region
+  eks_name                        = local.name
+  vpc_id                          = module.vpc.vpc_id
+  public_subnet_ids               = module.vpc.public_subnets
+  private_subnet_ids              = module.vpc.private_subnets
+  smarty_auth_id                  = var.smarty_auth_id
+  smarty_auth_token               = var.smarty_auth_token
+  aws_acm_certificate_arn         = module.route53.aws_acm_certificate_arn
+  ecr_viewer_s3_role_arn          = module.s3.ecr_viewer_s3_role_arn
+  tefca_viewer_db_role_arn        = module.rds.tefca_viewer_db_role_arn
+  tefca_db_connection_string      = module.rds.tefca_db_connection_string
+  tefca_jdbc_db_url               = module.rds.tefca_jdbc_db_url
+  tefca_jdbc_db_password          = module.rds.tefca_jdbc_db_password
+  tefca_jdbc_db_user              = module.rds.tefca_jdbc_db_user
+  domain_name                     = local.domain_name
+  ecr_bucket_name                 = module.s3.ecr_bucket_name
+  enable_cognito                  = var.enable_cognito
+  cognito_user_pool_arn           = module.cognito.cognito_user_pool_arn
+  cognito_client_id               = module.cognito.cognito_client_id
+  cognito_domain                  = module.cognito.cognito_domain
 }
 
 module "route53" {

terraform/aws/implementation/modules/eks/main.tf

@@ -298,7 +298,7 @@ data "external" "latest_phdi_release" {
 resource "helm_release" "building_blocks" {
   depends_on      = [terraform_data.wait_for_load_balancer_controller]
   for_each        = var.services_to_chart
-  repository      = "https://github.com/CDCgov/phdi-charts/tree/alis/upgrades/2565/85"
+  repository      = "https://cdcgov.github.io/phdi-charts/"
   name            = "phdi-playground-${terraform.workspace}-${each.key}"
   chart           = each.value
   version         = data.external.chart_versions.result[each.value]
@@ -307,7 +307,22 @@ resource "helm_release" "building_blocks" {
   cleanup_on_fail = true
 
   set {
-    name  = "databaseUrl"
+    name  = "jdbcDatabaseUrl"
+    value = var.tefca_jdbc_db_url
+  }
+
+  set {
+    name  = "jdbcDatabasePassword"
+    value = var.tefca_jdbc_db_password
+  }
+
+  set {
+    name  = "jdbcDatabaseUser"
+    value = var.tefca_jdbc_db_user
+  }
+
+  set {
+    name  = "databaseConnectionString"
     value = var.tefca_db_connection_string
   }
 
@@ -337,6 +352,8 @@ resource "helm_release" "building_blocks" {
   }
 
   #  Values needed for orchestration service
+  # "phdi-playground-${terraform.workspace}-${each.key}-${each.key}-service"
+  # phdi-playground-dev-ecr-viewer-ecr-viewer-service
   set {
     name  = "fhirConverterUrl"
     value = "https://${var.domain_name}/fhir-converter"

terraform/aws/implementation/modules/eks/variables.tf

@@ -89,4 +89,16 @@ variable "cognito_domain" {
 
 variable "tefca_db_connection_string" {
   description = "Connection string to the tefca database"
+}
+
+variable "tefca_jdbc_db_url" {
+  description = "JDBC connection string for flyway to the tefca database"
+}
+
+variable "tefca_jdbc_db_password" {
+  description = "JDBC password for flyway to the tefca database"
+}
+
+variable "tefca_jdbc_db_user" {
+  description = "JDBC username for flyway to the tefca database"
 }

terraform/aws/implementation/modules/rds/main.tf

@@ -40,7 +40,7 @@ resource "aws_security_group" "ds_sg" {
     from_port   = 5432
     to_port     = 5432
     protocol    = "tcp"
-    cidr_blocks = ["10.0.0.0/16"]
+    cidr_blocks = ["176.24.0.0/16"]
   }
 
   # Allow all outbound traffic
@@ -69,5 +69,5 @@ resource "random_string" "setup_rds_password" {
   length = 13 #update as needed
 
   # Character set that excludes problematic characters like quotes, backslashes, etc.
-  override_special = "_!@#-$%^&*()[]{}"
+  override_special = "^()[]{}"
 }

terraform/aws/implementation/modules/rds/output.tf

@@ -3,6 +3,19 @@ output "tefca_viewer_db_role_arn" {
 }
 
 output "tefca_db_connection_string" {
-  value     = "postgresql://${aws_db_instance.tefca-viewer-db.username}:${aws_db_instance.tefca-viewer-db.password}@${aws_db_instance.tefca-viewer-db.endpoint}:5432/${aws_db_instance.tefca-viewer-db.db_name}"
+  value     = "postgresql://${aws_db_instance.tefca-viewer-db.username}:${aws_db_instance.tefca-viewer-db.password}@${aws_db_instance.tefca-viewer-db.endpoint}/${aws_db_instance.tefca-viewer-db.db_name}"
   sensitive = true
 }
+
+output "tefca_jdbc_db_url" {
+  value     = "jdbc:postgresql://${aws_db_instance.tefca-viewer-db.endpoint}/${aws_db_instance.tefca-viewer-db.db_name}"
+  sensitive = true
+}
+
+output "tefca_jdbc_db_user" {
+  value = aws_db_instance.tefca-viewer-db.username
+}
+
+output "tefca_jdbc_db_password" {
+  value = aws_db_instance.tefca-viewer-db.password
+}