feat: allow default database name different from root user name

berenddeboer · Oct 13, 2023 · 8f6e4ee · 8f6e4ee
1 parent cdd2cca
commit 8f6e4ee
Show file tree

Hide file tree

Showing 14 changed files with 140 additions and 76 deletions.
diff --git a/.projen/deps.json b/.projen/deps.json
diff --git a/.projenrc.ts b/.projenrc.ts
@@ -19,11 +19,12 @@ const project = new awscdk.AwsCdkConstructLibrary({
     workflow: false,
   },
   constructsVersion: "10.1.168",
-  cdkVersion: "2.51.1",
+  cdkVersion: "2.64.0",
   disableTsconfig: true,
   tsconfigDev: {
     compilerOptions: {
       esModuleInterop: true,
+      noUnusedLocals: false,
     },
   },
   eslint: true,

diff --git a/README.md b/README.md
@@ -44,7 +44,7 @@ const cluster = new rds.ServerlessCluster(this, "Cluster", {
   parameterGroup: rds.ParameterGroup.fromParameterGroupName(
     this,
     "ParameterGroup",
-    "default.aurora-postgresql10"
+    "default.aurora-postgresql11"
   ),
   removalPolicy: RemovalPolicy.DESTROY,
   scaling: {
@@ -227,6 +227,14 @@ Test code via projen with:
 
 You can run the sample stack with:
 
+    npx cdk deploy --context vpc-id=vpc-0123456789 TestServerlessV1Stack
+
+Or for v2:
+
+    npx cdk deploy TestServerlessV2Stack
+
+If you want to use an existing vpc:
+
     npx cdk deploy --context vpc-id=vpc-0123456789 TestServerlessV2Stack
 
 # To do

diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
diff --git a/src/handler.ts b/src/handler.ts
@@ -206,12 +206,12 @@ export const handler = async (
     | CloudFormationCustomResourceUpdateEvent
     | CloudFormationCustomResourceDeleteEvent
 ): Promise<any> => {
-  //console.debug("EVENT", event)
+  console.log("event", event)
 
   const requestType = event.RequestType
   const resource: RdsSqlResource = event.ResourceProperties.Resource
   const resourceId = event.ResourceProperties.ResourceId
-  const database = event.ResourceProperties.Database
+  const databaseName = event.ResourceProperties.DatabaseName
 
   if (!Object.keys(jumpTable).includes(event.ResourceProperties.Resource)) {
     throw `Resource type '${resource}' not recognised.`
@@ -250,8 +250,12 @@ export const handler = async (
   }
 
   if (sql) {
-    //console.debug("DATABASE", database)
-    console.debug("SQL", sql)
+    let database: string
+    if (resource === RdsSqlResource.ROLE) {
+      database = secretValues.dbname
+    } else {
+      database = databaseName ?? secretValues.dbname // connect to given database if possible, else to database mentioned in secret
+    }
     const params = {
       host: secretValues.host,
       port: secretValues.port,
@@ -261,6 +265,10 @@ export const handler = async (
       connectionTimeoutMillis: 2000, // return an error if a connection could not be established within 2 seconds
     }
     //console.debug ("PARAMS", params)
+    console.debug(
+      `Connecting to host ${params.host}:${params.port}, database ${params.database} as ${params.user}`
+    )
+    console.debug("Executing SQL", sql)
     const pg_client = new Client(params)
     await pg_client.connect()
     try {

diff --git a/src/provider.ts b/src/provider.ts
@@ -11,7 +11,11 @@ import { Construct } from "constructs"
 
 export interface RdsSqlProps {
   /**
-   * VPC of your cluster.
+   * VPC network to place the provider lambda.
+   *
+   * Normally this is the VPC of your database.
+   *
+   * @default - Function is not placed within a VPC.
    */
   readonly vpc: IVpc
 
@@ -26,6 +30,13 @@ export interface RdsSqlProps {
    * Usually this is your cluster's master secret.
    */
   readonly secret: ISecret
+
+  /**
+   * Timeout for lambda to do its work.
+   *
+   * @default - 5 minutes
+   */
+  readonly timeout?: Duration
 }
 
 export class Provider extends Construct {
@@ -76,7 +87,7 @@ export class Provider extends Construct {
       vpc: props.vpc,
       entry: entry,
       runtime: Runtime.NODEJS_18_X,
-      timeout: Duration.seconds(300),
+      timeout: props.timeout ?? Duration.seconds(300),
       bundling: {
         sourceMap: true,
         externalModules: ["pg-native"],

diff --git a/src/schema.ts b/src/schema.ts
@@ -33,7 +33,7 @@ export class Schema extends CustomResource {
         Resource: RdsSqlResource.SCHEMA,
         ResourceId: props.schemaName,
         SecretArn: props.provider.secret.secretArn,
-        Database: props.database ? props.database.databaseName : undefined,
+        DatabaseName: props.database ? props.database.databaseName : undefined,
       },
     })
     this.node.addDependency(props.provider)

diff --git a/src/sql.ts b/src/sql.ts
@@ -30,7 +30,7 @@ export class Sql extends CustomResource {
       properties: {
         Resource: RdsSqlResource.SQL,
         SecretArn: props.provider.secret.secretArn,
-        Database: props.database ? props.database.databaseName : undefined,
+        DatabaseName: props.database ? props.database.databaseName : undefined,
         Statement: props.statement,
       },
     })

diff --git a/test/handler.test.ts b/test/handler.test.ts
@@ -20,9 +20,9 @@ const SecretsManagerClientMock = SecretsManagerClient as jest.MockedClass<
 >
 
 const DB_PORT = 5432
-const DB_MASTER_USERNAME = "postgres"
+const DB_MASTER_USERNAME = "pgroot"
 const DB_MASTER_PASSWORD = "masterpwd"
-const DB_DEFAULT_DB = "postgres"
+const DB_DEFAULT_DB = "dummy"
 
 let pgContainer: StartedTestContainer
 let pgHost: string
@@ -31,7 +31,9 @@ let pgPort: number
 beforeEach(async () => {
   pgContainer = await new GenericContainer("postgres")
     .withExposedPorts(DB_PORT)
+    .withEnv("POSTGRES_USER", DB_MASTER_USERNAME)
     .withEnv("POSTGRES_PASSWORD", DB_MASTER_PASSWORD)
+    .withEnv("POSTGRES_DB", DB_DEFAULT_DB)
     .start()
   pgHost = pgContainer.getHost()
   pgPort = pgContainer.getMappedPort(DB_PORT)
@@ -50,6 +52,9 @@ SecretsManagerClientMock.prototype.send.mockImplementation(() => {
       port: pgPort,
       username: DB_MASTER_USERNAME,
       password: DB_MASTER_PASSWORD,
+      dbname: DB_DEFAULT_DB,
+      engine: "postgres",
+      dbClusterIdentifier: "dummy",
     }),
   }
 })
@@ -189,7 +194,7 @@ test("database with owner", async () => {
     expect(await databaseExists(client, databaseName)).toEqual(true)
     expect(await databaseOwnerIs(client, databaseName, roleName)).toEqual(true)
     const create_table = createRequest("sql", "", {
-      Database: databaseName,
+      DatabaseName: databaseName,
       Statement: "create table t(i int)",
     })
     await handler(create_table)