fix: decrypt postgres password for use in connection string

[qdzlug]

Proposed changes

This addresses a bug introduced with #30 - the password is part of the connection string, but pulumi does not decrypt it for use in the string concatenation needed to build it. This has been fixed by using the Output.unsecret method.

Checklist

Before creating a PR, run through this checklist and mark each as complete.

• I have written my commit messages in the Conventional Commits format.
• I have read the CONTRIBUTING doc
• I have added tests (when possible) that prove my fix is effective or that my feature works
• I have checked that all unit tests pass after adding my changes
• I have updated necessary documentation
• I have rebased my branch onto master
• I will ensure my PR is targeting the master branch and pulling from my branch from my own fork

[dekobon]

Consider modifying this such that Pulumi continues to use secrets:

def create_pg_uri(password_object):
    user = str(accounts_admin)
    password = str(password_object)
    database = str(accounts_db)
    uri = f'postgresql://{user}:{password}@accounts-db:5432/{database}'
    return pulumi.Output.secret(uri)


accounts_db_uri = pulumi.Output.unsecret(accounts_pwd).apply(create_pg_uri)

[qdzlug]

Fixed; that's a great example construct for this use case.

[dekobon]

Let's delete the demo_login and demo_pwd bits.

[qdzlug]

Done and updated in all other locations and configs.

[qdzlug]

Running full test overnight.