diff --git a/.github/actions/setup-opentofu/action.yaml b/.github/actions/setup-opentofu/action.yaml index 7e3aa60..7f7c782 100644 --- a/.github/actions/setup-opentofu/action.yaml +++ b/.github/actions/setup-opentofu/action.yaml @@ -35,12 +35,12 @@ runs: "consumer_container_max" "consumer_cpu" "consumer_memory" "consumer_message_threshold" "database_instance_count" "database_instance_type" "database_password_rotation_frequency" - "database_skip_final_snapshot" "deletion_protection" - "deployment_environments" "environment" "export_expiration" - "image_tags_mutable" "key_recovery_period" "log_level" "program" - "project" "queue_empty_threshold" "redoer_container_count" - "redoer_cpu" "redoer_memory" "region" "repository" - "senzing_license_base64" + "database_skip_final_snapshot" "database_admin_username" + "deletion_protection" "deployment_environments" "environment" + "export_expiration" "image_tags_mutable" "key_recovery_period" + "log_level" "program" "project" "queue_empty_threshold" + "redoer_container_count" "redoer_cpu" "redoer_memory" "region" + "repository" "senzing_license_base64" ) for var in ${variables[@]}; do name="TF_VAR_$(echo $var | tr '[:lower:]' '[:upper:]')" diff --git a/.github/workflows/deploy.yaml b/.github/workflows/deploy.yaml index d60190b..9c58e8c 100644 --- a/.github/workflows/deploy.yaml +++ b/.github/workflows/deploy.yaml @@ -47,6 +47,7 @@ jobs: TF_VAR_CONSUMER_CPU: ${{ secrets.TF_VAR_CONSUMER_CPU }} TF_VAR_CONSUMER_MEMORY: ${{ secrets.TF_VAR_CONSUMER_MEMORY }} TF_VAR_CONSUMER_MESSAGE_THRESHOLD: ${{ secrets.TF_VAR_CONSUMER_MESSAGE_THRESHOLD }} + TF_VAR_DATABASE_ADMIN_USERNAME: ${{ secrets.TF_VAR_DATABASE_ADMIN_USERNAME }} TF_VAR_DATABASE_INSTANCE_COUNT: ${{ secrets.TF_VAR_DATABASE_INSTANCE_COUNT }} TF_VAR_DATABASE_INSTANCE_TYPE: ${{ secrets.TF_VAR_DATABASE_INSTANCE_TYPE }} TF_VAR_DATABASE_PASSWORD_ROTATION_FREQUENCY: ${{ secrets.TF_VAR_DATABASE_PASSWORD_ROTATION_FREQUENCY }} @@ -107,6 +108,7 @@ jobs: TF_VAR_CONSUMER_CPU: ${{ secrets.TF_VAR_CONSUMER_CPU }} TF_VAR_CONSUMER_MEMORY: ${{ secrets.TF_VAR_CONSUMER_MEMORY }} TF_VAR_CONSUMER_MESSAGE_THRESHOLD: ${{ secrets.TF_VAR_CONSUMER_MESSAGE_THRESHOLD }} + TF_VAR_DATABASE_ADMIN_USERNAME: ${{ secrets.TF_VAR_DATABASE_ADMIN_USERNAME }} TF_VAR_DATABASE_INSTANCE_COUNT: ${{ secrets.TF_VAR_DATABASE_INSTANCE_COUNT }} TF_VAR_DATABASE_INSTANCE_TYPE: ${{ secrets.TF_VAR_DATABASE_INSTANCE_TYPE }} TF_VAR_DATABASE_PASSWORD_ROTATION_FREQUENCY: ${{ secrets.TF_VAR_DATABASE_PASSWORD_ROTATION_FREQUENCY }} diff --git a/.github/workflows/export.yaml b/.github/workflows/export.yaml index fae65a1..53472c3 100644 --- a/.github/workflows/export.yaml +++ b/.github/workflows/export.yaml @@ -42,6 +42,7 @@ jobs: TF_VAR_CONSUMER_CPU: ${{ secrets.TF_VAR_CONSUMER_CPU }} TF_VAR_CONSUMER_MEMORY: ${{ secrets.TF_VAR_CONSUMER_MEMORY }} TF_VAR_CONSUMER_MESSAGE_THRESHOLD: ${{ secrets.TF_VAR_CONSUMER_MESSAGE_THRESHOLD }} + TF_VAR_DATABASE_ADMIN_USERNAME: ${{ secrets.TF_VAR_DATABASE_ADMIN_USERNAME }} TF_VAR_DATABASE_INSTANCE_COUNT: ${{ secrets.TF_VAR_DATABASE_INSTANCE_COUNT }} TF_VAR_DATABASE_INSTANCE_TYPE: ${{ secrets.TF_VAR_DATABASE_INSTANCE_TYPE }} TF_VAR_DATABASE_PASSWORD_ROTATION_FREQUENCY: ${{ secrets.TF_VAR_DATABASE_PASSWORD_ROTATION_FREQUENCY }} diff --git a/.github/workflows/launch-tools.yaml b/.github/workflows/launch-tools.yaml index 7089de0..4883618 100644 --- a/.github/workflows/launch-tools.yaml +++ b/.github/workflows/launch-tools.yaml @@ -50,6 +50,7 @@ jobs: TF_VAR_CONSUMER_CPU: ${{ secrets.TF_VAR_CONSUMER_CPU }} TF_VAR_CONSUMER_MEMORY: ${{ secrets.TF_VAR_CONSUMER_MEMORY }} TF_VAR_CONSUMER_MESSAGE_THRESHOLD: ${{ secrets.TF_VAR_CONSUMER_MESSAGE_THRESHOLD }} + TF_VAR_DATABASE_ADMIN_USERNAME: ${{ secrets.TF_VAR_DATABASE_ADMIN_USERNAME }} TF_VAR_DATABASE_INSTANCE_COUNT: ${{ secrets.TF_VAR_DATABASE_INSTANCE_COUNT }} TF_VAR_DATABASE_INSTANCE_TYPE: ${{ secrets.TF_VAR_DATABASE_INSTANCE_TYPE }} TF_VAR_DATABASE_PASSWORD_ROTATION_FREQUENCY: ${{ secrets.TF_VAR_DATABASE_PASSWORD_ROTATION_FREQUENCY }} diff --git a/.github/workflows/plan.yaml b/.github/workflows/plan.yaml index ddabd79..c2fa4ea 100644 --- a/.github/workflows/plan.yaml +++ b/.github/workflows/plan.yaml @@ -38,6 +38,8 @@ on: required: false TF_VAR_CONSUMER_MESSAGE_THRESHOLD: required: false + TF_VAR_DATABASE_ADMIN_USERNAME: + required: false TF_VAR_DATABASE_INSTANCE_COUNT: required: false TF_VAR_DATABASE_INSTANCE_TYPE: @@ -132,6 +134,7 @@ jobs: TF_VAR_CONSUMER_CPU: ${{ secrets.TF_VAR_CONSUMER_CPU }} TF_VAR_CONSUMER_MEMORY: ${{ secrets.TF_VAR_CONSUMER_MEMORY }} TF_VAR_CONSUMER_MESSAGE_THRESHOLD: ${{ secrets.TF_VAR_CONSUMER_MESSAGE_THRESHOLD }} + TF_VAR_DATABASE_ADMIN_USERNAME: ${{ secrets.TF_VAR_DATABASE_ADMIN_USERNAME }} TF_VAR_DATABASE_INSTANCE_COUNT: ${{ secrets.TF_VAR_DATABASE_INSTANCE_COUNT }} TF_VAR_DATABASE_INSTANCE_TYPE: ${{ secrets.TF_VAR_DATABASE_INSTANCE_TYPE }} TF_VAR_DATABASE_PASSWORD_ROTATION_FREQUENCY: ${{ secrets.TF_VAR_DATABASE_PASSWORD_ROTATION_FREQUENCY }} diff --git a/.github/workflows/pull-request.yaml b/.github/workflows/pull-request.yaml index a614d00..0062683 100644 --- a/.github/workflows/pull-request.yaml +++ b/.github/workflows/pull-request.yaml @@ -52,6 +52,7 @@ jobs: TF_VAR_CONSUMER_CPU: ${{ secrets.TF_VAR_CONSUMER_CPU }} TF_VAR_CONSUMER_MEMORY: ${{ secrets.TF_VAR_CONSUMER_MEMORY }} TF_VAR_CONSUMER_MESSAGE_THRESHOLD: ${{ secrets.TF_VAR_CONSUMER_MESSAGE_THRESHOLD }} + TF_VAR_DATABASE_ADMIN_USERNAME: ${{ secrets.TF_VAR_DATABASE_ADMIN_USERNAME }} TF_VAR_DATABASE_INSTANCE_COUNT: ${{ secrets.TF_VAR_DATABASE_INSTANCE_COUNT }} TF_VAR_DATABASE_INSTANCE_TYPE: ${{ secrets.TF_VAR_DATABASE_INSTANCE_TYPE }} TF_VAR_DATABASE_PASSWORD_ROTATION_FREQUENCY: ${{ secrets.TF_VAR_DATABASE_PASSWORD_ROTATION_FREQUENCY }} diff --git a/tofu/config/service/main.tf b/tofu/config/service/main.tf index 8eb56f1..5f492ac 100644 --- a/tofu/config/service/main.tf +++ b/tofu/config/service/main.tf @@ -32,6 +32,7 @@ module "system" { database_subnets = split(",", module.inputs.values["vpc/private_subnets"]) apply_database_updates_immediately = var.apply_database_updates_immediately + database_admin_username = var.database_admin_username database_instance_count = var.database_instance_count database_instance_type = var.database_instance_type database_password_rotation_frequency = var.database_password_rotation_frequency diff --git a/tofu/config/service/variables.tf b/tofu/config/service/variables.tf index bf8293e..d41c15d 100644 --- a/tofu/config/service/variables.tf +++ b/tofu/config/service/variables.tf @@ -34,6 +34,12 @@ variable "consumer_message_threshold" { default = 250000 } +variable "database_admin_username" { + type = string + description = "Admin username for the database cluster." + default = "root" +} + variable "database_instance_count" { type = number description = "Number of instances in the database cluster." diff --git a/tofu/modules/system/database.tf b/tofu/modules/system/database.tf index 69ac10e..69e94c6 100644 --- a/tofu/modules/system/database.tf +++ b/tofu/modules/system/database.tf @@ -35,7 +35,7 @@ module "database" { kms_key_id = aws_kms_key.database.arn backup_retention_period = 35 - master_username = "root" + master_username = var.database_admin_username manage_master_user_password_rotation = true master_user_password_rotation_automatically_after_days = var.database_password_rotation_frequency diff --git a/tofu/modules/system/variables.tf b/tofu/modules/system/variables.tf index 7c1b1d2..ec85e0e 100644 --- a/tofu/modules/system/variables.tf +++ b/tofu/modules/system/variables.tf @@ -39,6 +39,12 @@ variable "consumer_message_threshold" { default = 250000 } +variable "database_admin_username" { + type = string + description = "Admin username for the database cluster." + default = "root" +} + variable "database_instance_count" { type = number description = "Number of instances in the database cluster."