Skip to content

Commit

Permalink
feat!: removed require_ssl and change max provider to 6.X (#643)
Browse files Browse the repository at this point in the history
  • Loading branch information
imrannayer authored Sep 13, 2024
1 parent f2c91fa commit f75763b
Show file tree
Hide file tree
Showing 74 changed files with 160 additions and 151 deletions.
7 changes: 4 additions & 3 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@ The current version is 20.X. The following guides are available to assist with u
- [10.X -> 11.0](./docs/upgrading_to_sql_db_11.0.0.md)
- [11.X -> 12.0](./docs/upgrading_to_sql_db_12.0.0.md)
- [19.X -> 20.0](./docs/upgrading_to_sql_db_20.0.0.md)
- [20.X -> 21.0](./docs/upgrading_to_sql_db_21.0.0.md)

## Root module

Expand Down Expand Up @@ -79,7 +80,7 @@ For MySQL :
```
module "sql-db" {
source = "GoogleCloudPlatform/sql-db/google//modules/mysql"
version = "~> 21.0"
version = "~> 22.0"
}
```

Expand All @@ -88,7 +89,7 @@ or for PostgreSQL :
```
module "sql-db" {
source = "GoogleCloudPlatform/sql-db/google//modules/postgresql"
version = "~> 20.0"
version = "~> 22.0"
}
```

Expand All @@ -97,7 +98,7 @@ or for MSSQL Server :
```
module "sql-db" {
source = "GoogleCloudPlatform/sql-db/google//modules/mssql"
version = "~> 20.0"
version = "~> 22.0"
}
```

Expand Down
37 changes: 19 additions & 18 deletions build/int.cloudbuild.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,7 @@ steps:
args: ['/bin/bash', '-c', 'cft test run TestPostgreSqlCrossRegionFailover --stage teardown --verbose']

- id: apply mssql-failover-replica
waitFor: ["init-all", "wait for api activation"]
waitFor: ["init-all", "wait for api activation", "teardown postgresql-cross-region-failover"]
name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
args: ['/bin/bash', '-c', 'cft test run TestMsSqlFailoverReplica --stage apply --verbose']
- id: verify mssql-failover-replica
Expand All @@ -69,6 +69,23 @@ steps:
name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
args: ['/bin/bash', '-c', 'cft test run TestMsSqlFailoverReplica --stage teardown --verbose']

- id: apply mysql-private-local
waitFor: ["init-all", "wait for api activation", "teardown mssql-failover-replica"]
name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
args: ['/bin/bash', '-c', 'cft test run TestMySqlPrivateModule --stage apply --verbose']
- id: verify mysql-private-local
waitFor:
- apply mysql-private-local
name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
args: ['/bin/bash', '-c', 'cft test run TestMySqlPrivateModule --stage verify --verbose']

# Disabling due to issue: https://github.com/hashicorp/terraform-provider-google/issues/16275
- id: teardown mysql-private-local
waitFor:
- verify mysql-private-local
name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
args: ['/bin/bash', '-c', 'cft test run TestMySqlPrivateModule --stage teardown --verbose']

- id: apply mssql-ha-local
waitFor: ["init-all", "wait for api activation"]
name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
Expand Down Expand Up @@ -129,22 +146,6 @@ steps:
name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
args: ['/bin/bash', '-c', 'cft test run TestMySqlPscModule --stage teardown --verbose']

- id: apply mysql-private-local
waitFor: ["init-all", "wait for api activation"]
name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
args: ['/bin/bash', '-c', 'cft test run TestMySqlPrivateModule --stage apply --verbose']
- id: verify mysql-private-local
waitFor:
- apply mysql-private-local
name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
args: ['/bin/bash', '-c', 'cft test run TestMySqlPrivateModule --stage verify --verbose']

# Disabling due to issue: https://github.com/hashicorp/terraform-provider-google/issues/16275
# - id: teardown mysql-private-local
# waitFor:
# - verify mysql-private-local
# name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
# args: ['/bin/bash', '-c', 'cft test run TestMySqlPrivateModule --stage teardown --verbose']

- id: apply mysql-public-local
waitFor: ["init-all", "wait for api activation"]
Expand Down Expand Up @@ -257,4 +258,4 @@ tags:
substitutions:
_DOCKER_IMAGE_DEVELOPER_TOOLS: 'cft/developer-tools'
_DOCKER_TAG_VERSION_DEVELOPER_TOOLS: '1.20'
_API_ACTIVATION_SECONDS_WAIT: '900'
_API_ACTIVATION_SECONDS_WAIT: '300'
9 changes: 9 additions & 0 deletions docs/upgrading_to_sql_db_21.0.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
# Upgrading to SQL DB 21.0

The 21.0 release of SQL DB is a backward incompatible release.

# Maximum provider version
This update requires upgrading the minimum Terraform version `1.3`. Minimum provider version for `private_service_access` sub-module is `5.38`

# Removed settings.ip_configuration.require_ssl
Removed `settings.ip_configuration.require_ssl` from all the modules (`google_sql_database_instance`) in favor of `settings.ip_configuration.ssl_mode`. This field is not available in [provider version 6+](https://github.com/hashicorp/terraform-provider-google/pull/19263)
9 changes: 9 additions & 0 deletions docs/upgrading_to_sql_db_22.0.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
# Upgrading to SQL DB 22.0

The 22.0 release of SQL DB is a backward incompatible release.

# Maximum provider version
This update requires upgrading the minimum Terraform version `1.3`. Maximum provider version is relaxed to use provider version 6.X+

# Removed settings.ip_configuration.require_ssl
Removed `settings.ip_configuration.require_ssl` from all the modules (`google_sql_database_instance`) in favor of `settings.ip_configuration.ssl_mode`. This field is not available in [provider version 6+](https://registry.terraform.io/providers/hashicorp/google/5.43.0/docs/guides/version_6_upgrade#resource-google_sql_database_instance)
4 changes: 2 additions & 2 deletions examples/mssql-failover-replica/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ Promote instance 2 as primary and change instance 1 as failover replica
```diff
module "mssql2" {
source = "terraform-google-modules/sql-db/google//modules/mssql"
version = "~> 21.0"
version = "~> 22.0"

- master_instance_name = module.mssql1.instance_name

Expand All @@ -36,7 +36,7 @@ module "mssql2" {
```diff
- module "mssql1" {
- source = "terraform-google-modules/sql-db/google//modules/mssql"
- version = "~> 20.0"
- version = "~> 22.0"
- region = local.region_1
- name = "tf-mssql-public-1"
- random_instance_name = true
Expand Down
2 changes: 1 addition & 1 deletion examples/mssql-failover-replica/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,7 @@ module "mssql1" {

module "mssql2" {
source = "terraform-google-modules/sql-db/google//modules/mssql"
version = "~> 21.0"
version = "~> 22.0"

master_instance_name = module.mssql1.instance_name

Expand Down
2 changes: 1 addition & 1 deletion examples/mssql-public/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@

module "mssql" {
source = "terraform-google-modules/sql-db/google//modules/mssql"
version = "~> 21.0"
version = "~> 22.0"

name = var.name
random_instance_name = true
Expand Down
6 changes: 3 additions & 3 deletions examples/mysql-backup-create-service-account/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@

module "mysql" {
source = "terraform-google-modules/sql-db/google//modules/mysql"
version = "~> 21.0"
version = "~> 22.0"

name = "example-mysql-public"
database_version = "MYSQL_8_0"
Expand All @@ -29,7 +29,7 @@ module "mysql" {
ip_configuration = {
ipv4_enabled = true
private_network = null
require_ssl = true
ssl_mode = "ALLOW_UNENCRYPTED_AND_ENCRYPTED"
allocated_ip_range = null
authorized_networks = []
}
Expand All @@ -45,7 +45,7 @@ resource "google_storage_bucket" "backup" {

module "backup" {
source = "terraform-google-modules/sql-db/google//modules/backup"
version = "~> 21.0"
version = "~> 22.0"

region = "us-central1"
project_id = var.project_id
Expand Down
6 changes: 3 additions & 3 deletions examples/mysql-ha/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@
locals {
read_replica_ip_configuration = {
ipv4_enabled = true
require_ssl = false
ssl_mode = "ALLOW_UNENCRYPTED_AND_ENCRYPTED"
private_network = null
allocated_ip_range = null
authorized_networks = [
Expand All @@ -33,7 +33,7 @@ locals {

module "mysql" {
source = "terraform-google-modules/sql-db/google//modules/mysql"
version = "~> 21.0"
version = "~> 22.0"

name = var.mysql_ha_name
random_instance_name = true
Expand All @@ -59,7 +59,7 @@ module "mysql" {

ip_configuration = {
ipv4_enabled = true
require_ssl = true
ssl_mode = "ALLOW_UNENCRYPTED_AND_ENCRYPTED"
private_network = null
allocated_ip_range = null
authorized_networks = [
Expand Down
9 changes: 5 additions & 4 deletions examples/mysql-private/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -39,15 +39,16 @@ module "network-safer-mysql-simple" {

module "private-service-access" {
source = "terraform-google-modules/sql-db/google//modules/private_service_access"
version = "~> 21.0"
version = "~> 22.0"

project_id = var.project_id
vpc_network = module.network-safer-mysql-simple.network_name
project_id = var.project_id
vpc_network = module.network-safer-mysql-simple.network_name
deletion_policy = "ABANDON"
}

module "safer-mysql-db" {
source = "terraform-google-modules/sql-db/google//modules/safer_mysql"
version = "~> 21.0"
version = "~> 22.0"

name = var.db_name
random_instance_name = true
Expand Down
4 changes: 2 additions & 2 deletions examples/mysql-psc/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@
locals {
read_replica_ip_configuration = {
ipv4_enabled = false
require_ssl = false
ssl_mode = "ALLOW_UNENCRYPTED_AND_ENCRYPTED"
psc_enabled = true
psc_allowed_consumer_projects = [var.project_id]
}
Expand All @@ -27,7 +27,7 @@ locals {

module "mysql" {
source = "terraform-google-modules/sql-db/google//modules/mysql"
version = "~> 21.0"
version = "~> 22.0"

name = var.mysql_ha_name
random_instance_name = true
Expand Down
4 changes: 2 additions & 2 deletions examples/mysql-public/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ resource "random_id" "name" {

module "mysql-db" {
source = "terraform-google-modules/sql-db/google//modules/mysql"
version = "~> 21.0"
version = "~> 22.0"

name = var.db_name
random_instance_name = true
Expand All @@ -35,7 +35,7 @@ module "mysql-db" {
ip_configuration = {
ipv4_enabled = true
private_network = null
require_ssl = true
ssl_mode = "ALLOW_UNENCRYPTED_AND_ENCRYPTED"
allocated_ip_range = null
authorized_networks = var.authorized_networks
}
Expand Down
6 changes: 3 additions & 3 deletions examples/postgresql-backup-provided-service-account/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@

module "postgresql" {
source = "terraform-google-modules/sql-db/google//modules/postgresql"
version = "~> 21.0"
version = "~> 22.0"

name = "example-postgres"
random_instance_name = true
Expand All @@ -31,7 +31,7 @@ module "postgresql" {
ip_configuration = {
ipv4_enabled = true
private_network = null
require_ssl = true
ssl_mode = "ALLOW_UNENCRYPTED_AND_ENCRYPTED"
allocated_ip_range = null
authorized_networks = []
}
Expand All @@ -56,7 +56,7 @@ resource "google_monitoring_notification_channel" "email" {

module "backup" {
source = "terraform-google-modules/sql-db/google//modules/backup"
version = "~> 21.0"
version = "~> 22.0"

region = "us-central1"
project_id = var.project_id
Expand Down
7 changes: 3 additions & 4 deletions examples/postgresql-ha/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -18,8 +18,7 @@
locals {
read_replica_ip_configuration = {
ipv4_enabled = true
require_ssl = false
ssl_mode = "ENCRYPTED_ONLY"
ssl_mode = "ALLOW_UNENCRYPTED_AND_ENCRYPTED"
private_network = null
allocated_ip_range = null
authorized_networks = [
Expand All @@ -33,7 +32,7 @@ locals {

module "pg" {
source = "terraform-google-modules/sql-db/google//modules/postgresql"
version = "~> 21.0"
version = "~> 22.0"

name = var.pg_ha_name
random_instance_name = true
Expand All @@ -59,7 +58,7 @@ module "pg" {

ip_configuration = {
ipv4_enabled = true
require_ssl = true
ssl_mode = "ALLOW_UNENCRYPTED_AND_ENCRYPTED"
private_network = null
allocated_ip_range = null
authorized_networks = [
Expand Down
6 changes: 3 additions & 3 deletions examples/postgresql-psc/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -18,16 +18,15 @@
locals {
read_replica_ip_configuration = {
ipv4_enabled = false
require_ssl = false
ssl_mode = "ENCRYPTED_ONLY"
ssl_mode = "ALLOW_UNENCRYPTED_AND_ENCRYPTED"
psc_enabled = true
psc_allowed_consumer_projects = [var.project_id]
}
}

module "pg" {
source = "terraform-google-modules/sql-db/google//modules/postgresql"
version = "~> 21.0"
version = "~> 22.0"

name = var.pg_psc_name
random_instance_name = true
Expand Down Expand Up @@ -59,6 +58,7 @@ module "pg" {
ipv4_enabled = false
psc_enabled = true
psc_allowed_consumer_projects = [var.project_id]
ssl_mode = "ALLOW_UNENCRYPTED_AND_ENCRYPTED"
}

backup_configuration = {
Expand Down
4 changes: 2 additions & 2 deletions examples/postgresql-public-iam/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@

module "postgresql-db" {
source = "terraform-google-modules/sql-db/google//modules/postgresql"
version = "~> 21.0"
version = "~> 22.0"

name = var.db_name
random_instance_name = true
Expand All @@ -32,7 +32,7 @@ module "postgresql-db" {
ip_configuration = {
ipv4_enabled = true
private_network = null
require_ssl = true
ssl_mode = "ALLOW_UNENCRYPTED_AND_ENCRYPTED"
allocated_ip_range = null
authorized_networks = var.authorized_networks
}
Expand Down
4 changes: 2 additions & 2 deletions examples/postgresql-public/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@

module "postgresql-db" {
source = "terraform-google-modules/sql-db/google//modules/postgresql"
version = "~> 21.0"
version = "~> 22.0"

name = var.db_name
random_instance_name = true
Expand All @@ -34,7 +34,7 @@ module "postgresql-db" {
ip_configuration = {
ipv4_enabled = true
private_network = null
require_ssl = true
ssl_mode = "ALLOW_UNENCRYPTED_AND_ENCRYPTED"
allocated_ip_range = null
authorized_networks = var.authorized_networks
}
Expand Down
Loading

0 comments on commit f75763b

Please sign in to comment.