Fix typos, add back in butler registry and make it conditional per en…

…vironment. Cleanup of variable descriptions.
lsst · Sep 13, 2024 · 75c65a6 · 75c65a6
1 parent 701bd31
commit 75c65a6
Show file tree

Hide file tree

Showing 3 changed files with 169 additions and 15 deletions.
diff --git a/environment/deployments/science-platform/cloudsql/main.tf b/environment/deployments/science-platform/cloudsql/main.tf
@@ -1,3 +1,44 @@
+resource "google_service_account_iam_member" "sqlproxy_butler_int_sa" {
+  count              = var.environment != "stable" ? 1 : 0
+  service_account_id = google_service_account.sqlproxy_butler_int_sa[count.index].name
+  role               = "roles/iam.workloadIdentityUser"
+  member             = "serviceAccount:${module.project_factory.project_id}.svc.id.goog[sqlproxy-cross-project/sqlproxy-butler-int]"
+}
+
+# Butler Registry Original.  Conditionally enabled with enable_butler_registry variable.  Remove after migration to Butler Registry DP02
+module "butler_registry" {
+  source = "../../../../modules/cloudsql/postgres-private"
+  count = var.enable_butler_registry ? 1 : 0
+  authorized_networks = [
+    {
+      "name" : "sample-gcp-health-checkers-range",
+      "value" : "130.211.0.0/28"
+    }
+  ]
+  database_version                = var.butler_registry_database_version
+  db_name                         = var.butler_registry_db_name
+  tier                            = var.butler_registry_tier
+  database_flags                  = var.butler_registry_database_flags
+  disk_size                       = var.butler_registry_disk_size
+  maintenance_window_day          = var.butler_registry_db_maintenance_window_day
+  maintenance_window_hour         = var.butler_registry_db_maintenance_window_hour
+  maintenance_window_update_track = var.butler_registry_db_maintenance_window_update_track
+  names                           = ["service-account"]
+  project_roles                   = ["${var.project_id}=>roles/cloudsql.client"]
+  project_id                      = var.project_id
+  vpc_network                     = var.network
+  ipv4_enabled                    = var.butler_registry_ipv4_enabled
+  require_ssl                     = var.butler_registry_require_ssl
+  deletion_protection             = true
+
+  backup_configuration = {
+    enabled                        = var.butler_registry_backups_enabled
+    start_time                     = var.butler_registry_backups_start_time
+    location                       = "us-central1"
+    point_in_time_recovery_enabled = var.butler_registry_backups_point_in_time_recovery_enabled
+  }
+}
+
 # Butler Registry DP02
 module "db_butler_registry_dp02" {
   source = "../../../../modules/cloudsql/postgres-private"

diff --git a/environment/deployments/science-platform/cloudsql/variables.tf b/environment/deployments/science-platform/cloudsql/variables.tf
@@ -31,11 +31,108 @@ variable "maximum_cutouts_age" {
   default     = 30
 }
 
+// Butler Registry Originally Deployed with Google Cloud
+
+variable "enable_butler_registry" {
+  description = "Enables the Butler Registry originally deployed with Google Cloud"
+  type        = bool
+  default     = true
+}
+
+variable "butler_registry_db_name" {
+  description = "The name of the SQL Database instance"
+}
+
+variable "butler_registry_database_version" {
+  description = "The database version to use for the Butler registry"
+  type        = string
+  default     = "POSTGRES_16"
+}
+
+variable "butler_registry_tier" {
+  description = "The tier for the instance."
+  type        = string
+  default     = "db-f1-micro"
+}
+
+variable "butler_registry_database_flags" {
+  description = "List of Cloud SQL flags that are applied to the database server. See [more details](https://cloud.google.com/sql/docs/mysql/flags)"
+  type = list(object({
+    name  = string
+    value = string
+  }))
+  default = []
+}
+
+variable "butler_registry_disk_size" {
+  description = "The disk size for the instance in GB.  This value is ignored after initial provisioning with a terraform lifecycle policy in Google module.  This is needed because of auto storage increase is enabled."
+  type        = number
+}
+
+variable "butler_registry_disk_type" {
+  description = "The disk type for the master instance."
+  type        = string
+  default     = "PD_SSD"
+}
+
+variable "butler_registry_require_ssl" {
+  description = "True if the instance should require SSL/TLS for users connecting over IP. Note: SSL/TLS is needed to provide security when you connect to Cloud SQL using IP addresses. If you are connecting to your instance only by using the Cloud SQL Proxy or the Java Socket Library, you do not need to configure your instance to use SSL/TLS."
+  type        = bool
+  default     = true
+}
+
+variable "butler_registry_ipv4_enabled" {
+  type        = bool
+  description = "True if enabling public IP on database"
+  default     = false
+}
+
+variable "butler_registry_database_tier" {
+  description = "The tier for general database"
+  type        = string
+  default     = "db-g1-small"
+}
+
+variable "butler_registry_db_maintenance_window_day" {
+  type        = number
+  description = "The day of week (1-7) for the master instance maintenance."
+  default     = 1
+}
+
+variable "butler_registry_db_maintenance_window_hour" {
+  type        = number
+  description = "The hour of day (0-23) maintenance window for the master instance maintenance."
+  default     = 23
+}
+
+variable "butler_registry_db_maintenance_window_update_track" {
+  type        = string
+  description = "The update track of maintenance window for the master instance maintenance. Can be either `canary` or `stable`."
+  default     = "stable"
+}
+
+variable "butler_registry_backups_enabled" {
+  type        = bool
+  description = "True if backup configuration is enabled"
+  default     = false
+}
+
+variable "butler_registry_backups_start_time" {
+  type        = string
+  description = "Start time for backups"
+  default     = "09:00"
+}
+
+variable "butler_registry_backups_point_in_time_recovery_enabled" {
+  type        = bool
+  description = "Enable Point in Time Recovery for backups"
+  default     = true
+}
+
 // Butler Registry DP02 Database variables
 
 variable "butler_registry_dp02_db_name" {
   description = "The name of the SQL Database instance"
-  default     = "example-postgresql-public"
 }
 
 variable "butler_registry_dp02_database_version" {
@@ -60,12 +157,12 @@ variable "butler_registry_dp02_database_flags" {
 }
 
 variable "butler_registry_dp02_disk_size" {
-  description = "The disk size for the instance"
+  description = "The disk size for the instance in GB.  This value is ignored after initial provisioning with a terraform lifecycle policy in Google module.  This is needed because of auto storage increase is enabled."
   type        = number
 }
 
 variable "butler_registry_dp02_disk_type" {
-  description = "The disk type for the master instance."
+  description = "The disk type for the instance."
   type        = string
   default     = "PD_SSD"
 }
@@ -90,19 +187,19 @@ variable "butler_registry_dp02_database_tier" {
 
 variable "butler_registry_dp02_db_maintenance_window_day" {
   type        = number
-  description = "The day of week (1-7) for the master instance maintenance."
+  description = "The day of week (1-7) for the instance maintenance."
   default     = 1
 }
 
 variable "butler_registry_dp02_db_maintenance_window_hour" {
   type        = number
-  description = "The hour of day (0-23) maintenance window for the master instance maintenance."
+  description = "The hour of day (0-23) maintenance window for the instance maintenance."
   default     = 23
 }
 
 variable "butler_registry_dp02_db_maintenance_window_update_track" {
   type        = string
-  description = "The update track of maintenance window for the master instance maintenance. Can be either `canary` or `stable`."
+  description = "The update track of maintenance window for the instance maintenance. Can be either `canary` or `stable`."
   default     = "stable"
 }
 
@@ -140,19 +237,19 @@ variable "science_platform_database_tier" {
 
 variable "science_platform_db_maintenance_window_day" {
   type        = number
-  description = "The day of week (1-7) for the master instance maintenance."
+  description = "The day of week (1-7) for the instance maintenance."
   default     = 1
 }
 
 variable "science_platform_db_maintenance_window_hour" {
   type        = number
-  description = "The hour of day (0-23) maintenance window for the master instance maintenance."
+  description = "The hour of day (0-23) maintenance window for the instance maintenance."
   default     = 23
 }
 
 variable "science_platform_db_maintenance_window_update_track" {
   type        = string
-  description = "The update track of maintenance window for the master instance maintenance. Can be either `canary` or `stable`."
+  description = "The update track of maintenance window for the instance maintenance. Can be either `canary` or `stable`."
   default     = "stable"
 }
 

diff --git a/environment/deployments/science-platform/env/dev-cloudsql.tfvars b/environment/deployments/science-platform/env/dev-cloudsql.tfvars
@@ -3,12 +3,29 @@ environment      = "dev"
 application_name = "science-platform"
 project_id       = "science-platform-dev-7696"
 
+# Butler Registry Original Database
+enable_butler_registry           = true
+butler_registry_db_name          = ""
+butler_registry_database_version = "POSTGRES_13"
+butler_registry_tier             = "db-n1-standard-2"
+butler_registry_require_ssl      = false
+butler_registry_disk_size        = 10
+butler_registry_database_flags = [
+  { name = "password_encryption", value = "scram-sha-256" }
+]
+butler_registry_ipv4_enabled                           = true
+butler_registry_db_maintenance_window_day              = 1
+butler_registry_db_maintenance_window_hour             = 23
+butler_registry_db_maintenance_window_update_track     = "stable"
+butler_registry_backups_enabled                        = true
+butler_registry_backups_point_in_time_recovery_enabled = true
+
 # Butler Registry DP02 Database
-butler_db_name                         = "butler-registry-dp02-dev"
-butler_registry_dpo02_database_version = "POSTGRES_16"
-butler_registry_dp02_tier              = "db-n1-standard-2"
-butler_registry_dp02_require_ssl       = false
-butler_registry_dp02_disk_size         = 700
+butler_registry_dp02_db_name          = "butler-registry-dp02-dev"
+butler_registry_dp02_database_version = "POSTGRES_16"
+butler_registry_dp02_tier             = "db-n1-standard-2"
+butler_registry_dp02_require_ssl      = false
+butler_registry_dp02_disk_size        = 700
 butler_registry_dp02_database_flags = [
   { name = "max_connections", value = "400" },
   { name = "password_encryption", value = "scram-sha-256" }
@@ -21,7 +38,6 @@ butler_registry_dp02_backups_enabled                        = false
 butler_registry_dp02_backups_point_in_time_recovery_enabled = false
 
 # Science Platform Database
-
 science_platform_maintenance_window_day             = 1
 science_platform_db_maintenance_window_hour         = 22
 science_platform_db_maintenance_window_update_track = "canary"