dagger/stdlib/aws/rds/rds.cue

package rds

import (
	"encoding/json"
	"dagger.io/dagger"
	"dagger.io/aws"
)

#CreateDB: {
	// AWS Config
	config: aws.#Config

	// DB name
	name: string @dagger(input)

	// ARN of the database instance
	dbArn: string @dagger(input)

	// ARN of the database secret (for connecting via rds api)
	secretArn: string @dagger(input)

	dbType: "mysql" | "postgres" @dagger(input)

	// Name of the DB created
	out: {
		@dagger(output)
		string

		#up: [
			op.#Load & {
				from: aws.#CLI & {
					"config": config
				}
			},

			op.#Exec & {
				args: [
					"/bin/bash",
					"--noprofile",
					"--norc",
					"-eo",
					"pipefail",
					#"""
    			echo "dbType: $DB_TYPE"

    			sql="CREATE DATABASE \`"$NAME" \`"
    			if [ "$DB_TYPE" = postgres ]; then
    			    sql="CREATE DATABASE \""$NAME"\""
    			fi

    			echo "$NAME" >> /db_created

    			aws rds-data execute-statement \
    			    --resource-arn "$DB_ARN" \
    			    --secret-arn "$SECRET_ARN" \
    			    --sql "$sql" \
    			    --database "$DB_TYPE" \
    			    --no-include-result-metadata \
    			|& tee /tmp/out
    			exit_code=${PIPESTATUS[0]}
    			if [ $exit_code -ne 0 ]; then
    			    grep -q "database exists\|already exists" /tmp/out || exit $exit_code
    			fi
						"""#,
				]
				env: {
					NAME:       name
					DB_ARN:     dbArn
					SECRET_ARN: secretArn
					DB_TYPE:    dbType
				}
			},

			op.#Export & {
				source: "/db_created"
				format: "string"
			},
		]
	}
}

#CreateUser: {
	// AWS Config
	config: aws.#Config

	// Username
	username: dagger.#Secret @dagger(input)

	// Password
	password: dagger.#Secret @dagger(input)

	// ARN of the database instance
	dbArn: string @dagger(input)

	// ARN of the database secret (for connecting via rds api)
	secretArn: string @dagger(input)

	grantDatabase: string | *"" @dagger(input)

	dbType: "mysql" | "postgres" @dagger(input)

	// Outputed username
	out: {
		@dagger(output)
		string

		#up: [
			op.#Load & {
				from: aws.#CLI & {
					"config": config
				}
			},

			op.#Exec & {
				args: [
					"/bin/bash",
					"--noprofile",
					"--norc",
					"-eo",
					"pipefail",
					#"""
    			echo "dbType: $DB_TYPE"
    
    			sql="CREATE USER '"$USERNAME"'@'%' IDENTIFIED BY '"$PASSWORD"'"
    			if [ "$DB_TYPE" = postgres ]; then
    			    sql="CREATE USER \""$USERNAME"\" WITH PASSWORD '"$PASSWORD"'"
    			fi
    
    			echo "$USERNAME" >> /username
    
    			aws rds-data execute-statement \
    			    --resource-arn "$DB_ARN" \
    			    --secret-arn "$SECRET_ARN" \
    			    --sql "$sql" \
    			    --database "$DB_TYPE" \
    			    --no-include-result-metadata \
    			|& tee tmp/out
    			exit_code=${PIPESTATUS[0]}
    			if [ $exit_code -ne 0 ]; then
    			    grep -q "Operation CREATE USER failed for\|ERROR" tmp/out || exit $exit_code
    			fi
    
    			sql="SET PASSWORD FOR '"$USERNAME"'@'%' = PASSWORD('"$PASSWORD"')"
    			if [ "$DB_TYPE" = postgres ]; then
    			    sql="ALTER ROLE \""$USERNAME"\" WITH PASSWORD '"$PASSWORD"'"
    			fi
    
    			aws rds-data execute-statement \
    			    --resource-arn "$DB_ARN" \
    			    --secret-arn "$SECRET_ARN" \
    			    --sql "$sql" \
    			    --database "$DB_TYPE" \
    			    --no-include-result-metadata
    
    			sql="GRANT ALL ON \`"$GRAND_DATABASE"\`.* to '"$USERNAME"'@'%'"
    			if [ "$DB_TYPE" = postgres ]; then
    			    sql="GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO \""$USERNAME"\"; GRANT ALL PRIVILEGES ON DATABASE \""$GRAND_DATABASE"\" to \""$USERNAME"\"; GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO \""$USERNAME"\"; ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL PRIVILEGES ON TABLES TO \""$USERNAME"\"; ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL PRIVILEGES ON SEQUENCES TO \""$USERNAME"\"; GRANT USAGE ON SCHEMA public TO \""$USERNAME"\";"
    			fi
    
    			if [ -s "$GRAND_DATABASE ]; then
    			    aws rds-data execute-statement \
    			        --resource-arn "$DB_ARN" \
    			        --secret-arn "$SECRET_ARN" \
    			        --sql "$sql" \
    			        --database "$DB_TYPE" \
    			        --no-include-result-metadata
    			fi			
						"""#,
				]
				env: {
					USERNAME:       unsername
					PASSWORD:       password
					DB_ARN:         dbArn
					SECRET_ARN:     secretArn
					GRAND_DATABASE: grandDatabase
					DB_TYPE:        dbType
				}
			},

			op.#Export & {
				source: "/username"
				format: "string"
			},
		]
	}
}

#Instance: {
	// AWS Config
	config: aws.#Config

	// ARN of the database instance
	dbArn: string @dagger(input)

	// DB hostname
	hostname: info.hostname @dagger(output)

	// DB port
	port: info.port @dagger(output)

	info: {
		hostname: string
		port:     int
	}

	info: json.Unmarshal(out) @dagger(output)
	out: {
		string

		#up: [
			op.#Load & {
				from: aws.#CLI & {
					"config": config
				}
			},

			op.#Exec & {
				args: [
					"/bin/bash",
					"--noprofile",
					"--norc",
					"-eo",
					"pipefail",
					#"""
					data=$(aws rds describe-db-clusters --filters "Name=db-cluster-id,Values=$DB_URN" )
    			echo "$data" | jq -r '.DBClusters[].Endpoint' > /tmp/out
    			echo "$data" | jq -r '.DBClusters[].Port' >> /tmp/out
    			cat /tmp/out | jq -sR 'split("\n") | {hostname: .[0], port: (.[1] | tonumber)}' > /out
						"""#,
				]
				env: DB_ARN: dbArn
			},

			op.#Export & {
				source: "/out"
				format: "json"
			},
		]
	}
}
stdlib/aws: implemented rds Signed-off-by: Sam Alba <sam.alba@gmail.com> 2021-04-13 01:18:32 +02:00			`package rds`

			`import (`
			`"encoding/json"`
			`"dagger.io/dagger"`
			`"dagger.io/aws"`
			`)`

			`#CreateDB: {`
			`// AWS Config`
			`config: aws.#Config`

			`// DB name`
stdlib: added @dagger(input) and @dagger(output) attributes Signed-off-by: Sam Alba <sam.alba@gmail.com> 2021-05-26 12:23:44 +02:00			`name: string @dagger(input)`
stdlib/aws: implemented rds Signed-off-by: Sam Alba <sam.alba@gmail.com> 2021-04-13 01:18:32 +02:00
			`// ARN of the database instance`
stdlib: added @dagger(input) and @dagger(output) attributes Signed-off-by: Sam Alba <sam.alba@gmail.com> 2021-05-26 12:23:44 +02:00			`dbArn: string @dagger(input)`
stdlib/aws: implemented rds Signed-off-by: Sam Alba <sam.alba@gmail.com> 2021-04-13 01:18:32 +02:00
			`// ARN of the database secret (for connecting via rds api)`
stdlib: added @dagger(input) and @dagger(output) attributes Signed-off-by: Sam Alba <sam.alba@gmail.com> 2021-05-26 12:23:44 +02:00			`secretArn: string @dagger(input)`
stdlib/aws: implemented rds Signed-off-by: Sam Alba <sam.alba@gmail.com> 2021-04-13 01:18:32 +02:00
stdlib: added @dagger(input) and @dagger(output) attributes Signed-off-by: Sam Alba <sam.alba@gmail.com> 2021-05-26 12:23:44 +02:00			`dbType: "mysql" \| "postgres" @dagger(input)`
stdlib/aws: implemented rds Signed-off-by: Sam Alba <sam.alba@gmail.com> 2021-04-13 01:18:32 +02:00
			`// Name of the DB created`
update stdlib tests that use secrets Signed-off-by: Tom Chauveau <tom.chauveau@epitech.eu> 2021-05-27 18:22:41 +02:00			`out: {`
			`@dagger(output)`
			`string`

			`#up: [`
			`op.#Load & {`
			`from: aws.#CLI & {`
			`"config": config`
			`}`
			`},`

			`op.#Exec & {`
			`args: [`
			`"/bin/bash",`
			`"--noprofile",`
			`"--norc",`
			`"-eo",`
			`"pipefail",`
			`#"""`
			`echo "dbType: $DB_TYPE"`

			sql="CREATE DATABASE \`"$NAME" \`"
			`if [ "$DB_TYPE" = postgres ]; then`
			`sql="CREATE DATABASE \""$NAME"\""`
			`fi`

			`echo "$NAME" >> /db_created`

			`aws rds-data execute-statement \`
			`--resource-arn "$DB_ARN" \`
			`--secret-arn "$SECRET_ARN" \`
			`--sql "$sql" \`
			`--database "$DB_TYPE" \`
			`--no-include-result-metadata \`
			`\|& tee /tmp/out`
			`exit_code=${PIPESTATUS[0]}`
			`if [ $exit_code -ne 0 ]; then`
			`grep -q "database exists\\|already exists" /tmp/out \|\| exit $exit_code`
			`fi`
			`"""#,`
			`]`
			`env: {`
			`NAME: name`
			`DB_ARN: dbArn`
			`SECRET_ARN: secretArn`
			`DB_TYPE: dbType`
			`}`
			`},`

			`op.#Export & {`
			`source: "/db_created"`
			`format: "string"`
			`},`
			`]`
stdlib/aws: implemented rds Signed-off-by: Sam Alba <sam.alba@gmail.com> 2021-04-13 01:18:32 +02:00			`}`
			`}`

			`#CreateUser: {`
			`// AWS Config`
			`config: aws.#Config`

			`// Username`
update stdlib tests that use secrets Signed-off-by: Tom Chauveau <tom.chauveau@epitech.eu> 2021-05-27 18:22:41 +02:00			`username: dagger.#Secret @dagger(input)`
stdlib/aws: implemented rds Signed-off-by: Sam Alba <sam.alba@gmail.com> 2021-04-13 01:18:32 +02:00
			`// Password`
update stdlib tests that use secrets Signed-off-by: Tom Chauveau <tom.chauveau@epitech.eu> 2021-05-27 18:22:41 +02:00			`password: dagger.#Secret @dagger(input)`
stdlib/aws: implemented rds Signed-off-by: Sam Alba <sam.alba@gmail.com> 2021-04-13 01:18:32 +02:00
			`// ARN of the database instance`
update stdlib tests that use secrets Signed-off-by: Tom Chauveau <tom.chauveau@epitech.eu> 2021-05-27 18:22:41 +02:00			`dbArn: string @dagger(input)`
stdlib/aws: implemented rds Signed-off-by: Sam Alba <sam.alba@gmail.com> 2021-04-13 01:18:32 +02:00
			`// ARN of the database secret (for connecting via rds api)`
update stdlib tests that use secrets Signed-off-by: Tom Chauveau <tom.chauveau@epitech.eu> 2021-05-27 18:22:41 +02:00			`secretArn: string @dagger(input)`
stdlib/aws: implemented rds Signed-off-by: Sam Alba <sam.alba@gmail.com> 2021-04-13 01:18:32 +02:00
update stdlib tests that use secrets Signed-off-by: Tom Chauveau <tom.chauveau@epitech.eu> 2021-05-27 18:22:41 +02:00			`grantDatabase: string \| *"" @dagger(input)`
stdlib/aws: implemented rds Signed-off-by: Sam Alba <sam.alba@gmail.com> 2021-04-13 01:18:32 +02:00
update stdlib tests that use secrets Signed-off-by: Tom Chauveau <tom.chauveau@epitech.eu> 2021-05-27 18:22:41 +02:00			`dbType: "mysql" \| "postgres" @dagger(input)`
stdlib/aws: implemented rds Signed-off-by: Sam Alba <sam.alba@gmail.com> 2021-04-13 01:18:32 +02:00
			`// Outputed username`
update stdlib tests that use secrets Signed-off-by: Tom Chauveau <tom.chauveau@epitech.eu> 2021-05-27 18:22:41 +02:00			`out: {`
			`@dagger(output)`
			`string`

			`#up: [`
			`op.#Load & {`
			`from: aws.#CLI & {`
			`"config": config`
			`}`
			`},`

			`op.#Exec & {`
			`args: [`
			`"/bin/bash",`
			`"--noprofile",`
			`"--norc",`
			`"-eo",`
			`"pipefail",`
			`#"""`
			`echo "dbType: $DB_TYPE"`

			`sql="CREATE USER '"$USERNAME"'@'%' IDENTIFIED BY '"$PASSWORD"'"`
			`if [ "$DB_TYPE" = postgres ]; then`
			`sql="CREATE USER \""$USERNAME"\" WITH PASSWORD '"$PASSWORD"'"`
			`fi`

			`echo "$USERNAME" >> /username`

			`aws rds-data execute-statement \`
			`--resource-arn "$DB_ARN" \`
			`--secret-arn "$SECRET_ARN" \`
			`--sql "$sql" \`
			`--database "$DB_TYPE" \`
			`--no-include-result-metadata \`
			`\|& tee tmp/out`
			`exit_code=${PIPESTATUS[0]}`
			`if [ $exit_code -ne 0 ]; then`
			`grep -q "Operation CREATE USER failed for\\|ERROR" tmp/out \|\| exit $exit_code`
			`fi`

			`sql="SET PASSWORD FOR '"$USERNAME"'@'%' = PASSWORD('"$PASSWORD"')"`
			`if [ "$DB_TYPE" = postgres ]; then`
			`sql="ALTER ROLE \""$USERNAME"\" WITH PASSWORD '"$PASSWORD"'"`
			`fi`

			`aws rds-data execute-statement \`
			`--resource-arn "$DB_ARN" \`
			`--secret-arn "$SECRET_ARN" \`
			`--sql "$sql" \`
			`--database "$DB_TYPE" \`
			`--no-include-result-metadata`

			sql="GRANT ALL ON \`"$GRAND_DATABASE"\`.* to '"$USERNAME"'@'%'"
			`if [ "$DB_TYPE" = postgres ]; then`
			`sql="GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO \""$USERNAME"\"; GRANT ALL PRIVILEGES ON DATABASE \""$GRAND_DATABASE"\" to \""$USERNAME"\"; GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO \""$USERNAME"\"; ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL PRIVILEGES ON TABLES TO \""$USERNAME"\"; ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL PRIVILEGES ON SEQUENCES TO \""$USERNAME"\"; GRANT USAGE ON SCHEMA public TO \""$USERNAME"\";"`
			`fi`

			`if [ -s "$GRAND_DATABASE ]; then`
			`aws rds-data execute-statement \`
			`--resource-arn "$DB_ARN" \`
			`--secret-arn "$SECRET_ARN" \`
			`--sql "$sql" \`
			`--database "$DB_TYPE" \`
			`--no-include-result-metadata`
			`fi`
			`"""#,`
			`]`
			`env: {`
			`USERNAME: unsername`
			`PASSWORD: password`
			`DB_ARN: dbArn`
			`SECRET_ARN: secretArn`
			`GRAND_DATABASE: grandDatabase`
			`DB_TYPE: dbType`
			`}`
			`},`

			`op.#Export & {`
			`source: "/username"`
			`format: "string"`
			`},`
			`]`
stdlib/aws: implemented rds Signed-off-by: Sam Alba <sam.alba@gmail.com> 2021-04-13 01:18:32 +02:00			`}`
			`}`

			`#Instance: {`
			`// AWS Config`
			`config: aws.#Config`

			`// ARN of the database instance`
update stdlib tests that use secrets Signed-off-by: Tom Chauveau <tom.chauveau@epitech.eu> 2021-05-27 18:22:41 +02:00			`dbArn: string @dagger(input)`
stdlib/aws: implemented rds Signed-off-by: Sam Alba <sam.alba@gmail.com> 2021-04-13 01:18:32 +02:00
			`// DB hostname`
update stdlib tests that use secrets Signed-off-by: Tom Chauveau <tom.chauveau@epitech.eu> 2021-05-27 18:22:41 +02:00			`hostname: info.hostname @dagger(output)`
stdlib/aws: implemented rds Signed-off-by: Sam Alba <sam.alba@gmail.com> 2021-04-13 01:18:32 +02:00
			`// DB port`
update stdlib tests that use secrets Signed-off-by: Tom Chauveau <tom.chauveau@epitech.eu> 2021-05-27 18:22:41 +02:00			`port: info.port @dagger(output)`
stdlib/aws: implemented rds Signed-off-by: Sam Alba <sam.alba@gmail.com> 2021-04-13 01:18:32 +02:00
			`info: {`
			`hostname: string`
			`port: int`
			`}`

update stdlib tests that use secrets Signed-off-by: Tom Chauveau <tom.chauveau@epitech.eu> 2021-05-27 18:22:41 +02:00			`info: json.Unmarshal(out) @dagger(output)`
			`out: {`
			`string`

			`#up: [`
			`op.#Load & {`
			`from: aws.#CLI & {`
			`"config": config`
			`}`
			`},`

			`op.#Exec & {`
			`args: [`
			`"/bin/bash",`
			`"--noprofile",`
			`"--norc",`
			`"-eo",`
			`"pipefail",`
			`#"""`
			`data=$(aws rds describe-db-clusters --filters "Name=db-cluster-id,Values=$DB_URN" )`
			`echo "$data" \| jq -r '.DBClusters[].Endpoint' > /tmp/out`
			`echo "$data" \| jq -r '.DBClusters[].Port' >> /tmp/out`
			`cat /tmp/out \| jq -sR 'split("\n") \| {hostname: .[0], port: (.[1] \| tonumber)}' > /out`
			`"""#,`
			`]`
			`env: DB_ARN: dbArn`
			`},`

			`op.#Export & {`
			`source: "/out"`
			`format: "json"`
			`},`
			`]`
stdlib/aws: implemented rds Signed-off-by: Sam Alba <sam.alba@gmail.com> 2021-04-13 01:18:32 +02:00			`}`
			`}`