Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: ensure db bootstrapper runs on each deploy #124

Merged
merged 2 commits into from
Feb 6, 2025
Merged

fix: ensure db bootstrapper runs on each deploy #124

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
4c69c96
fix: ensure db bootstrapper runs on each deploy
hrodmn Feb 5, 2025
fe124d2
set upper version for pydantic_ssm_settings
vincentsarago Feb 6, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13 changes: 9 additions & 4 deletions integration_tests/cdk/app.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -81,28 +81,33 @@ def __init__(
instance_type=aws_ec2.InstanceType(app_config.db_instance_type),
add_pgbouncer=True,
removal_policy=RemovalPolicy.DESTROY,
pgstac_version="0.9.2",
)

assert pgstac_db.security_group

# make sure we can get the secret value!
assert pgstac_db.pgstac_secret.secret_value_from_json("host").to_string()

pgstac_db.security_group.add_ingress_rule(
aws_ec2.Peer.any_ipv4(), aws_ec2.Port.tcp(5432)
)

PgStacApiLambda(
stac_api = PgStacApiLambda(
self,
"pgstac-api",
db=pgstac_db.connection_target,
db_secret=pgstac_db.pgstac_secret,
api_env={
"NAME": app_config.build_service_name("STAC API"),
"description": f"{app_config.stage} STAC API",
# test that we can use the pgbouncer secret in downstream resources
"POSTGRES_HOST": pgstac_db.pgstac_secret.secret_value_from_json(
"host"
).to_string(),
},
)

# make sure stac_api does not try to build before the secret has been boostrapped
stac_api.node.add_dependency(pgstac_db.secret_bootstrapper)

TitilerPgstacApiLambda(
self,
"titiler-pgstac-api",
Expand Down
22 changes: 14 additions & 8 deletions lib/database/index.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,7 @@ export class PgStacDatabase extends Construct {

public readonly connectionTarget: rds.IDatabaseInstance | ec2.Instance;
public readonly securityGroup?: ec2.SecurityGroup;
public readonly secretBootstrapper?: CustomResource;

constructor(scope: Construct, id: string, props: PgStacDatabaseProps) {
super(scope, id);
Expand Down Expand Up @@ -79,7 +80,7 @@ export class PgStacDatabase extends Construct {
code: aws_lambda.Code.fromDockerBuild(__dirname, {
file: "bootstrapper_runtime/Dockerfile",
buildArgs: {
PYTHON_VERSION: "3.11"
PYTHON_VERSION: "3.11",
},
}),
vpc: hasVpc(this.db) ? this.db.vpc : props.vpc,
Expand Down Expand Up @@ -130,16 +131,20 @@ export class PgStacDatabase extends Construct {

// if props.lambdaFunctionOptions doesn't have 'code' defined, update pgstac_version (needed for default runtime)
if (!props.bootstrapperLambdaFunctionOptions?.code) {
customResourceProperties["pgstac_version"] = props.pgstacVersion || DEFAULT_PGSTAC_VERSION;
customResourceProperties["pgstac_version"] =
props.pgstacVersion || DEFAULT_PGSTAC_VERSION;
}
// this.connections = props.database.connections;

// add timestamp to properties to ensure the Lambda gets re-executed on each deploy
customResourceProperties["timestamp"] = new Date().toISOString();

const bootstrapper = new CustomResource(this, "bootstrapper", {
serviceToken: handler.functionArn,
properties: customResourceProperties,
removalPolicy: RemovalPolicy.RETAIN, // This retains the custom resource (which doesn't really exist), not the database
});

// PgBouncer: connection pooler
// PgBouncer: connection poolercustomresource trigger on redeploy
const addPgbouncer = props.addPgbouncer ?? true;
if (addPgbouncer) {
this._pgBouncerServer = new PgBouncer(this, "pgbouncer", {
Expand Down Expand Up @@ -172,6 +177,7 @@ export class PgStacDatabase extends Construct {
this.pgstacSecret = this._pgBouncerServer.pgbouncerSecret;
this.connectionTarget = this._pgBouncerServer.instance;
this.securityGroup = this._pgBouncerServer.securityGroup;
this.secretBootstrapper = this._pgBouncerServer.secretUpdateComplete;
} else {
this.connectionTarget = this.db;
}
Expand Down Expand Up @@ -226,10 +232,10 @@ export interface PgStacDatabaseProps extends rds.DatabaseInstanceProps {
readonly pgstacDbName?: string;

/**
* Version of pgstac to install on the database
*
* @default 0.8.5
*/
* Version of pgstac to install on the database
*
* @default 0.8.5
*/
readonly pgstacVersion?: string;

/**
Expand Down
Loading