2021-06-15 10:46:56 +02:00
// AWS Relational Database Service (RDS)
2021-04-13 01:18:32 +02:00
package rds
import (
2021-06-04 16:32:46 +02:00
" dagger.io/dagger/op "
2021-04-13 01:18:32 +02:00
" encoding/json "
" dagger.io/aws "
)
2021-06-15 10:46:56 +02:00
// Creates a new Database on an existing RDS Instance
2021-04-13 01:18:32 +02:00
#CreateDB : {
// AWS Config
config : aws . #Config
// DB name
2021-05-26 12:23:44 +02:00
name : string @ dagger ( input )
2021-04-13 01:18:32 +02:00
// ARN of the database instance
2021-05-26 12:23:44 +02:00
dbArn : string @ dagger ( input )
2021-04-13 01:18:32 +02:00
// ARN of the database secret (for connecting via rds api)
2021-05-26 12:23:44 +02:00
secretArn : string @ dagger ( input )
2021-04-13 01:18:32 +02:00
2021-06-15 10:46:56 +02:00
// Database type MySQL or PostgreSQL (Aurora Serverless only)
2021-05-26 12:23:44 +02:00
dbType : " mysql " | " postgres " @ dagger ( input )
2021-04-13 01:18:32 +02:00
// Name of the DB created
2021-05-27 18:22:41 +02:00
out : {
@ dagger ( output )
string
#up : [
op . #Load & {
from : aws . #CLI & {
" config " : config
}
} ,
op . #Exec & {
args : [
" /bin/bash " ,
" --noprofile " ,
" --norc " ,
" -eo " ,
" pipefail " ,
#"""
2021-06-04 16:39:07 +02:00
echo " dbType: $DB_TYPE "
sql = " CREATE DATABASE \ ` " $NAME " \ ` "
if [ " $DB_TYPE " = postgres ] ; then
sql = " CREATE DATABASE \" " $NAME " \" "
fi
echo " $NAME " > > / db_created
aws rds - data execute - statement \
- - resource - arn " $DB_ARN " \
- - secret - arn " $SECRET_ARN " \
- - sql " $sql " \
- - database " $DB_TYPE " \
- - no - include - result - metadata \
| & tee / tmp / out
exit_code = $ { PIPESTATUS [ 0 ] }
if [ $exit_code - ne 0 ] ; then
grep - q " database exists \ |already exists " / tmp / out || exit $exit_code
fi
""" #,
2021-05-27 18:22:41 +02:00
]
env : {
NAME : name
DB_ARN : dbArn
SECRET_ARN : secretArn
DB_TYPE : dbType
}
} ,
op . #Export & {
source : " /db_created "
format : " string "
} ,
]
2021-04-13 01:18:32 +02:00
}
}
2021-06-15 10:46:56 +02:00
// Creates a new user credentials on an existing RDS Instance
2021-04-13 01:18:32 +02:00
#CreateUser : {
// AWS Config
config : aws . #Config
// Username
2021-06-04 16:32:46 +02:00
username : string @ dagger ( input )
2021-04-13 01:18:32 +02:00
// Password
2021-06-04 16:32:46 +02:00
password : string @ dagger ( input )
2021-04-13 01:18:32 +02:00
// ARN of the database instance
2021-05-27 18:22:41 +02:00
dbArn : string @ dagger ( input )
2021-04-13 01:18:32 +02:00
// ARN of the database secret (for connecting via rds api)
2021-05-27 18:22:41 +02:00
secretArn : string @ dagger ( input )
2021-04-13 01:18:32 +02:00
2021-06-15 10:46:56 +02:00
// Name of the database to grants access to
2021-05-27 18:22:41 +02:00
grantDatabase : string | * "" @dagger(input)
2021-04-13 01:18:32 +02:00
2021-06-15 10:46:56 +02:00
// Database type MySQL or PostgreSQL (Aurora Serverless only)
2021-05-27 18:22:41 +02:00
dbType : " mysql " | " postgres " @ dagger ( input )
2021-04-13 01:18:32 +02:00
// Outputed username
2021-05-27 18:22:41 +02:00
out : {
@ dagger ( output )
string
#up : [
op . #Load & {
from : aws . #CLI & {
" config " : config
}
} ,
op . #Exec & {
args : [
" /bin/bash " ,
" --noprofile " ,
" --norc " ,
" -eo " ,
" pipefail " ,
#"""
2021-06-04 16:39:07 +02:00
echo " dbType: $DB_TYPE "
sql = " CREATE USER ' " $USERNAME " '@'%' IDENTIFIED BY ' " $PASSWORD " ' "
if [ " $DB_TYPE " = postgres ] ; then
sql = " CREATE USER \" " $USERNAME " \" WITH PASSWORD ' " $PASSWORD " ' "
fi
echo " $USERNAME " > > / username
aws rds - data execute - statement \
- - resource - arn " $DB_ARN " \
- - secret - arn " $SECRET_ARN " \
- - sql " $sql " \
- - database " $DB_TYPE " \
- - no - include - result - metadata \
| & tee tmp / out
exit_code = $ { PIPESTATUS [ 0 ] }
if [ $exit_code - ne 0 ] ; then
grep - q " Operation CREATE USER failed for \ |ERROR " tmp / out || exit $exit_code
fi
sql = " SET PASSWORD FOR ' " $USERNAME " '@'%' = PASSWORD(' " $PASSWORD " ') "
if [ " $DB_TYPE " = postgres ] ; then
sql = " ALTER ROLE \" " $USERNAME " \" WITH PASSWORD ' " $PASSWORD " ' "
fi
aws rds - data execute - statement \
- - resource - arn " $DB_ARN " \
- - secret - arn " $SECRET_ARN " \
- - sql " $sql " \
- - database " $DB_TYPE " \
- - no - include - result - metadata
sql = " GRANT ALL ON \ ` " $GRAND_DATABASE " \ `.* to ' " $USERNAME " '@'%' "
if [ " $DB_TYPE " = postgres ] ; then
sql = " GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO \" " $USERNAME " \" ; GRANT ALL PRIVILEGES ON DATABASE \" " $GRAND_DATABASE " \" to \" " $USERNAME " \" ; GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO \" " $USERNAME " \" ; ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL PRIVILEGES ON TABLES TO \" " $USERNAME " \" ; ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL PRIVILEGES ON SEQUENCES TO \" " $USERNAME " \" ; GRANT USAGE ON SCHEMA public TO \" " $USERNAME " \" ; "
fi
if [ - s " $GRAND_DATABASE ]; then
aws rds - data execute - statement \
- - resource - arn " $DB_ARN " \
- - secret - arn " $SECRET_ARN " \
- - sql " $sql " \
- - database " $DB_TYPE " \
- - no - include - result - metadata
fi
""" #,
2021-05-27 18:22:41 +02:00
]
env : {
2021-06-04 16:32:46 +02:00
USERNAME : username
2021-05-27 18:22:41 +02:00
PASSWORD : password
DB_ARN : dbArn
SECRET_ARN : secretArn
2021-06-04 16:32:46 +02:00
GRAND_DATABASE : grantDatabase
2021-05-27 18:22:41 +02:00
DB_TYPE : dbType
}
} ,
op . #Export & {
source : " /username "
format : " string "
} ,
]
2021-04-13 01:18:32 +02:00
}
}
2021-06-15 10:46:56 +02:00
// Fetches information on an existing RDS Instance
2021-04-13 01:18:32 +02:00
#Instance : {
// AWS Config
config : aws . #Config
// ARN of the database instance
2021-05-27 18:22:41 +02:00
dbArn : string @ dagger ( input )
2021-04-13 01:18:32 +02:00
// DB hostname
2021-05-27 18:22:41 +02:00
hostname : info . hostname @ dagger ( output )
2021-04-13 01:18:32 +02:00
// DB port
2021-05-27 18:22:41 +02:00
port : info . port @ dagger ( output )
2021-04-13 01:18:32 +02:00
info : {
hostname : string
port : int
}
2021-05-27 18:22:41 +02:00
info : json . Unmarshal ( out ) @ dagger ( output )
out : {
string
#up : [
op . #Load & {
from : aws . #CLI & {
" config " : config
}
} ,
op . #Exec & {
args : [
" /bin/bash " ,
" --noprofile " ,
" --norc " ,
" -eo " ,
" pipefail " ,
#"""
2021-06-04 16:39:07 +02:00
data = $ ( aws rds describe - db - clusters - - filters " Name=db-cluster-id,Values=$DB_URN " )
echo " $data " | jq - r '.DBClusters[].Endpoint' > / tmp / out
echo " $data " | jq - r '.DBClusters[].Port' > > / tmp / out
cat / tmp / out | jq - sR 'split("\n") | {hostname: .[0], port: (.[1] | tonumber)}' > / out
""" #,
2021-05-27 18:22:41 +02:00
]
env : DB_ARN : dbArn
} ,
op . #Export & {
source : " /out "
format : " json "
} ,
]
2021-04-13 01:18:32 +02:00
}
}
