Skip to content

Commit

Permalink
Merge pull request #290 from unity-sds/253-migrate-db
Browse files Browse the repository at this point in the history 
Migrate Airflow database during SPS deployment
  • Loading branch information
@LucaCinquini
LucaCinquini authored Jan 27, 2025
2 parents a6f0248 + 8834f77 commit dd2d53a
Show file tree
Hide file tree
Showing 10 changed files with 129 additions and 15 deletions.
19 changes: 19 additions & 0 deletions terraform-unity/.terraform.lock.hcl
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions terraform-unity/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -152,6 +152,7 @@ terraform apply -no-color 2>&1 | tee apply_output.txt
|------|---------|
| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | ~> 1.8.2 |
| <a name="requirement_aws"></a> [aws](#requirement\_aws) | 5.67.0 |
| <a name="requirement_external"></a> [external](#requirement\_external) | 2.3.4 |
| <a name="requirement_helm"></a> [helm](#requirement\_helm) | 2.15.0 |
| <a name="requirement_kubernetes"></a> [kubernetes](#requirement\_kubernetes) | 2.32.0 |
| <a name="requirement_null"></a> [null](#requirement\_null) | 3.2.3 |
Expand Down
22 changes: 21 additions & 1 deletion terraform-unity/modules/terraform-unity-sps-database/.terraform.lock.hcl
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

6 changes: 6 additions & 0 deletions terraform-unity/modules/terraform-unity-sps-database/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
|------|---------|
| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | ~> 1.8.2 |
| <a name="requirement_aws"></a> [aws](#requirement\_aws) | 5.67.0 |
| <a name="requirement_external"></a> [external](#requirement\_external) | 2.3.4 |
| <a name="requirement_kubernetes"></a> [kubernetes](#requirement\_kubernetes) | 2.32.0 |
| <a name="requirement_random"></a> [random](#requirement\_random) | 3.6.1 |

Expand All @@ -13,6 +14,7 @@
| Name | Version |
|------|---------|
| <a name="provider_aws"></a> [aws](#provider\_aws) | 5.67.0 |
| <a name="provider_external"></a> [external](#provider\_external) | 2.3.4 |
| <a name="provider_random"></a> [random](#provider\_random) | 3.6.1 |

## Modules
Expand All @@ -31,9 +33,12 @@ No modules.
| [aws_security_group_rule.eks_egress_to_rds](https://registry.terraform.io/providers/hashicorp/aws/5.67.0/docs/resources/security_group_rule) | resource |
| [aws_security_group_rule.rds_ingress_from_eks](https://registry.terraform.io/providers/hashicorp/aws/5.67.0/docs/resources/security_group_rule) | resource |
| [random_password.db](https://registry.terraform.io/providers/hashicorp/random/3.6.1/docs/resources/password) | resource |
| [aws_db_snapshot.latest_snapshot](https://registry.terraform.io/providers/hashicorp/aws/5.67.0/docs/data-sources/db_snapshot) | data source |
| [aws_eks_cluster.cluster](https://registry.terraform.io/providers/hashicorp/aws/5.67.0/docs/data-sources/eks_cluster) | data source |
| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/5.67.0/docs/data-sources/region) | data source |
| [aws_security_group.default](https://registry.terraform.io/providers/hashicorp/aws/5.67.0/docs/data-sources/security_group) | data source |
| [aws_ssm_parameter.subnet_ids](https://registry.terraform.io/providers/hashicorp/aws/5.67.0/docs/data-sources/ssm_parameter) | data source |
| [external_external.rds_final_snapshot_exists](https://registry.terraform.io/providers/hashicorp/external/2.3.4/docs/data-sources/external) | data source |

## Inputs

Expand All @@ -49,5 +54,6 @@ No modules.
| Name | Description |
|------|-------------|
| <a name="output_db_instance_identifier"></a> [db\_instance\_identifier](#output\_db\_instance\_identifier) | n/a |
| <a name="output_db_latest_snapshot"></a> [db\_latest\_snapshot](#output\_db\_latest\_snapshot) | n/a |
| <a name="output_db_secret_arn"></a> [db\_secret\_arn](#output\_db\_secret\_arn) | n/a |
<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
20 changes: 20 additions & 0 deletions terraform-unity/modules/terraform-unity-sps-database/check_rds_snapshot.sh
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
#!/bin/bash

db_id=$1
aws_region=$2

if [ -z ${db_id} ]; then
echo "usage : $0 <db_id>" >2
exit 1
fi

RESULT=($(aws rds describe-db-snapshots --db-instance-identifier $db_id --output text --region $aws_region 2> /dev/null))
aws_result=$?

if [ ${aws_result} -eq 0 ] && [[ ${RESULT[0]} == "DBSNAPSHOTS" ]]; then
result='true'
else
result='false'
fi

jq -n --arg exists ${result} '{"db_exists": $exists }'
17 changes: 17 additions & 0 deletions terraform-unity/modules/terraform-unity-sps-database/data.tf
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
data "aws_region" "current" {}

data "aws_eks_cluster" "cluster" {
name = format(local.resource_name_prefix, "eks")
}
Expand All @@ -13,3 +15,18 @@ data "aws_security_group" "default" {
values = ["${format(local.resource_name_prefix, "eks")}-node"]
}
}

data "aws_db_snapshot" "latest_snapshot" {
count = data.external.rds_final_snapshot_exists.result.db_exists ? 1 : 0
db_instance_identifier = format(local.resource_name_prefix, "db")
most_recent = true

}

data "external" "rds_final_snapshot_exists" {
program = [
"${path.module}/check_rds_snapshot.sh",
format(local.resource_name_prefix, "db"),
data.aws_region.current.name
]
}
47 changes: 33 additions & 14 deletions terraform-unity/modules/terraform-unity-sps-database/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -61,24 +61,43 @@ resource "aws_security_group_rule" "eks_egress_to_rds" {
source_security_group_id = aws_security_group.rds_sg.id
}


resource "aws_db_instance" "sps_db" {
identifier = format(local.resource_name_prefix, "db")
allocated_storage = 100
storage_type = "gp3"
engine = "postgres"
engine_version = "16.4"
instance_class = "db.m5d.large"
db_name = "sps_db"
username = "db_user"
password = aws_secretsmanager_secret_version.db.secret_string
parameter_group_name = "default.postgres16"
skip_final_snapshot = true
publicly_accessible = false
db_subnet_group_name = aws_db_subnet_group.db.name
vpc_security_group_ids = [aws_security_group.rds_sg.id]
identifier = format(local.resource_name_prefix, "db")
allocated_storage = 100
storage_type = "gp3"
engine = "postgres"
engine_version = "16.4"
instance_class = "db.m5d.large"
db_name = "sps_db"
username = "db_user"
password = aws_secretsmanager_secret_version.db.secret_string
parameter_group_name = "default.postgres16"

backup_retention_period = 7
# 07:00-08:00 GMT = 01:00-02:00 PST
backup_window = "07:00-08:00"
storage_encrypted = true
copy_tags_to_snapshot = true

skip_final_snapshot = false
# rds:unity-luca-1-dev-sps-db-2025-01-26-12-14
# unity-luca-1-dev-sps-20250122213608
final_snapshot_identifier = "${terraform.workspace}-db-${formatdate("YYYY-MM-DD-hh-mm", timestamp())}"
snapshot_identifier = try(data.aws_db_snapshot.latest_snapshot[0].id, null)
publicly_accessible = false
db_subnet_group_name = aws_db_subnet_group.db.name
vpc_security_group_ids = [aws_security_group.rds_sg.id]
tags = merge(local.common_tags, {
Name = format(local.resource_name_prefix, "db")
Component = "processing"
Stack = "processing"
})

lifecycle {
ignore_changes = [
snapshot_identifier,
final_snapshot_identifier
]
}
}
4 changes: 4 additions & 0 deletions terraform-unity/modules/terraform-unity-sps-database/outputs.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,3 +5,7 @@ output "db_instance_identifier" {
output "db_secret_arn" {
value = aws_secretsmanager_secret_version.db.arn
}

output "db_latest_snapshot" {
value = data.external.rds_final_snapshot_exists.result.db_exists ? data.aws_db_snapshot.latest_snapshot[0].db_snapshot_arn : null
}
4 changes: 4 additions & 0 deletions terraform-unity/modules/terraform-unity-sps-database/versions.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,5 +13,9 @@ terraform {
source = "hashicorp/random"
version = "3.6.1"
}
external = {
source = "hashicorp/external"
version = "2.3.4"
}
}
}
4 changes: 4 additions & 0 deletions terraform-unity/versions.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,10 @@ terraform {
source = "hashicorp/null"
version = "3.2.3"
}
external = {
source = "hashicorp/external"
version = "2.3.4"
}
aws = {
source = "hashicorp/aws"
version = "5.67.0"
Expand Down

0 comments on commit dd2d53a

Please sign in to comment.