From dbeaebd15bbf45f01c4d1f932039e5f77a4719b9 Mon Sep 17 00:00:00 2001
From: just-a-node <eye1717@gmail.com>
Date: Thu, 11 May 2023 18:07:27 -0600
Subject: [PATCH 1/3] Use explicit parameter group dependency

---
 ops/modules/db/main.tf           | 2 +-
 ops/modules/db/variables.tf      | 8 +-------
 ops/testnet/prod/backend/main.tf | 4 +---
 3 files changed, 3 insertions(+), 11 deletions(-)

diff --git a/ops/modules/db/main.tf b/ops/modules/db/main.tf
index 662f663b71..90b51894a2 100755
--- a/ops/modules/db/main.tf
+++ b/ops/modules/db/main.tf
@@ -16,7 +16,7 @@ resource "aws_db_instance" "db" {
 
   vpc_security_group_ids       = [var.db_security_group_id]
   db_subnet_group_name         = aws_db_subnet_group.default.name
-  parameter_group_name         = var.parameter_group_name
+  parameter_group_name         = aws_db_parameter_group.rds_postgres.name
   performance_insights_enabled = var.performance_insights_enabled
 
   availability_zone = var.availability_zone
diff --git a/ops/modules/db/variables.tf b/ops/modules/db/variables.tf
index 77c991fd06..849127ee61 100755
--- a/ops/modules/db/variables.tf
+++ b/ops/modules/db/variables.tf
@@ -40,12 +40,6 @@ variable "db_security_group_id" {
   type        = string
 }
 
-
-variable "parameter_group_name" {
-  description = "Name of the DB parameter group to associate"
-  type        = string
-}
-
 variable "availability_zone" {
   description = "The Availability Zone of the RDS instance"
   type        = string
@@ -110,4 +104,4 @@ variable "publicly_accessible" {
 
 variable "performance_insights_enabled" {
   default = true
-}
\ No newline at end of file
+}
diff --git a/ops/testnet/prod/backend/main.tf b/ops/testnet/prod/backend/main.tf
index 52b52fcdcf..c0c9c36203 100755
--- a/ops/testnet/prod/backend/main.tf
+++ b/ops/testnet/prod/backend/main.tf
@@ -30,7 +30,6 @@ module "cartographer_db" {
   allocated_storage     = 150
   max_allocated_storage = 180
 
-
   name     = "connext" // db name
   username = var.postgres_user
   password = var.postgres_password
@@ -43,8 +42,7 @@ module "cartographer_db" {
     Domain      = var.domain
   }
 
-  parameter_group_name = module.db.rds_parameter_group_name
-  vpc_id               = module.network.vpc_id
+  vpc_id = module.network.vpc_id
 
   hosted_zone_id             = data.aws_route53_zone.primary.zone_id
   stage                      = var.stage

From 70da85746765c47e2230ba9f6842fff24c88fb41 Mon Sep 17 00:00:00 2001
From: just-a-node <eye1717@gmail.com>
Date: Thu, 11 May 2023 18:36:38 -0600
Subject: [PATCH 2/3] Ops readme update

---
 ops/README.md | 34 +++++++++++++++++++++-------------
 1 file changed, 21 insertions(+), 13 deletions(-)

diff --git a/ops/README.md b/ops/README.md
index 99ae7be63c..c079dea8c0 100644
--- a/ops/README.md
+++ b/ops/README.md
@@ -8,38 +8,49 @@ ecs cluster, with its required dependencies. Namely:
 - testnet/staging/mainnet environment automatic set up and deployment with GH Actions
 - Reusable Infrastructure as Code, modularized as Terraform components
 
-
 ## Scaffolding
 
 ```text
  ├── infra           <- Cross-environment infrastructure
- ├── tesnet          <- Tesnet set up 
- └── modules        
+ ├── testnet          <- Testnet set up
+ └── modules
       ├── service    <- Generic, configurable ECS service
       ├── ecs        <- ECS cluster definition
       ├── iam        <- IAM roles needed for ECS
-      ├── redis      <- ElastiCache cluster       
+      ├── redis      <- ElastiCache cluster
       └── networking <- VPCs, Subnets and all those shenanigans
 
 ```
 
-
 ## Deployment & Usage
 
 Deployment should occur only via CICD with Github Actions. However, it is also possible to deploy the infra
 from a local set up. Ensure you have the right AWS credentials and `terraform 1.1.7` installed
-([instructions](https://learn.hashicorp.com/tutorials/terraform/install-cli))
+([instructions](https://learn.hashicorp.com/tutorials/terraform/install-cli)).
 
-Then, navigate to the `environment` you'd like to operate on (`testnet`, `staging`, `mainnet`), and do:
+Grab vars from `sops` based on the `environment` you will operate on:
 
 ```shell
->>> terraform init
+sops -d ops/env/testnet/backend/secrets.prod.json > ops/testnet/prod/backend/tfvars.json
 ```
 
-Make your changes,
+Copy env vars from CI job:
 
 ```shell
->>> terraform plan
+export AWS_PROFILE=aws-deployer-connext
+export TF_VAR_cartographer_image_tag=3a8dea29cf8f413e627589606f1af52c3691e5f2
+```
+
+Then, navigate to the `environment` you're targeting (e.g. `/ops/testnet/prod/backend`), and do:
+
+```shell
+terraform init
+```
+
+Make your changes, then:
+
+```shell
+terraform plan -var-file=tfvars.json
 ```
 
 To set custom variables, you can set them with `export TF_ENV_<variable_name>=<variable value>`
@@ -50,6 +61,3 @@ To set custom variables, you can set them with `export TF_ENV_<variable_name>=<v
 
 **sequencer**: https://sequencer.testnet.connext.ninja  
 **router**: https://router.testnet.connext.ninja
-
-
-

From 48c235426d83d985016fd7e2aef8ae3f8c3b2da8 Mon Sep 17 00:00:00 2001
From: just-a-node <eye1717@gmail.com>
Date: Thu, 11 May 2023 19:02:28 -0600
Subject: [PATCH 3/3] Mirror the param group change to mainnet

---
 ops/mainnet/prod/backend/main.tf | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/ops/mainnet/prod/backend/main.tf b/ops/mainnet/prod/backend/main.tf
index 0354e385ba..155b6b675b 100755
--- a/ops/mainnet/prod/backend/main.tf
+++ b/ops/mainnet/prod/backend/main.tf
@@ -43,8 +43,7 @@ module "cartographer_db" {
     Domain      = var.domain
   }
 
-  parameter_group_name = module.db.rds_parameter_group_name
-  vpc_id               = module.network.vpc_id
+  vpc_id = module.network.vpc_id
 
   hosted_zone_id             = data.aws_route53_zone.primary.zone_id
   stage                      = var.stage