Skip to content

Commit

Permalink
Added logging to setup handling
Browse files Browse the repository at this point in the history
  • Loading branch information
BSick7 committed Aug 15, 2023
1 parent 0230b21 commit 312d348
Show file tree
Hide file tree
Showing 2 changed files with 11 additions and 2 deletions.
8 changes: 6 additions & 2 deletions aws/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -27,11 +27,15 @@ func main() {
ctx, cancel := context.WithTimeout(context.Background(), 2*time.Second)
defer cancel()

dbSetupConnUrl, err := secrets.GetString(ctx, os.Getenv(dbSetupConnUrlSecretIdEnvVar))
setupConnUrlSecretId := os.Getenv(dbSetupConnUrlSecretIdEnvVar)
log.Printf("Retrieving setup connection url secret (%s)\n", setupConnUrlSecretId)
dbSetupConnUrl, err := secrets.GetString(ctx, setupConnUrlSecretId)
if err != nil {
log.Println(err.Error())
}
dbAdminConnUrl, err := secrets.GetString(ctx, os.Getenv(dbAdminConnUrlSecretIdEnvVar))
adminConnUrlSecretId := os.Getenv(dbAdminConnUrlSecretIdEnvVar)
log.Printf("Retrieving admin connection url secret (%s)\n", adminConnUrlSecretId)
dbAdminConnUrl, err := secrets.GetString(ctx, adminConnUrlSecretId)
if err != nil {
log.Println(err.Error())
}
Expand Down
5 changes: 5 additions & 0 deletions setup/handle.go
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ import (
"fmt"
"github.com/nullstone-modules/pg-db-admin/aws/secrets"
"github.com/nullstone-modules/pg-db-admin/postgresql"
"log"
"net/url"
)

Expand Down Expand Up @@ -37,14 +38,17 @@ func IsEvent(rawEvent json.RawMessage) (bool, Event) {
// In short, db_admin attempts the following membership chain (creating a cycle) <admin-role> -> <app-role> -> <admin-role>
// This admin user alters the membership chain to be <admin-role> -> <app-role> -> <database-owner>
func Handle(ctx context.Context, event Event, store *postgresql.Store, adminConnUrlSecretId string) (*EventResult, error) {
log.Println("Generating admin role")
toCreate, err := generateAdminRole(ctx, adminConnUrlSecretId)
if err != nil {
return nil, fmt.Errorf("unable to generate admin role: %w", err)
}
log.Println("Creating admin role in database")
adminRole, err := store.Roles.Create(toCreate)
if err != nil {
return nil, fmt.Errorf("error ensure admin role: %w", err)
} else if adminRole.Password == "" {
log.Println("Admin role already exists")
// The role already exists, we're done
versionId, err := secrets.GetLatestVersionId(ctx, adminConnUrlSecretId)
if err != nil {
Expand All @@ -53,6 +57,7 @@ func Handle(ctx context.Context, event Event, store *postgresql.Store, adminConn
return &EventResult{SecretVersionId: versionId}, nil
}

log.Printf("Saving admin role credentials to admin connection url secret (%s)\n", adminConnUrlSecretId)
// Build a connection url using the setup url, but with the admin role credentials
adminConnUrl := urlWithUserinfo(store.ConnectionUrl(), adminRole.Name, adminRole.Password)
// Set the value of the secret in secrets manager that holds the admin credentials
Expand Down

0 comments on commit 312d348

Please sign in to comment.