Merge pull request #8 from Ad-squareops/gcp

ShibraAmin18 · web-flow · commit 08188b11a1bb · 2023-08-29T15:10:11.000+05:30
added app version, custom db, namespace enable/disable param
diff --git a/IAM.md b/IAM.md
@@ -82,4 +82,4 @@ permissions = [
     "resourcemanager.projects.getIamPolicy",
     "resourcemanager.projects.setIamPolicy"
   ]
-```
+```
diff --git a/README.md b/README.md
@@ -17,6 +17,32 @@ This module allows you to easily deploy a MySQL database on Kubernetes using Hel
 ## Usage Example
 
 ```hcl
+locals {
+  name        = "mysql"
+  region      = "us-east-2"
+  environment = "prod"
+  additional_tags = {
+    Owner      = "organization_name"
+    Expires    = "Never"
+    Department = "Engineering"
+  }
+  create_namespace                   = true
+  namespace                          = "mysql"
+  store_password_to_secret_manager   = false
+  mysqldb_custom_credentials_enabled = true
+  mysqldb_custom_credentials_config = {
+    root_user            = "root"
+    root_password        = "RJDRIFsYC8ZS1WQuV0ps"
+    custom_username      = "admin"
+    custom_user_password = "NCPFUKEMd7rrWuvMAa73"
+    replication_user     = "replicator"
+    replication_password = "nvAHhm1uGQNYWVw6ZyAH"
+    exporter_user        = "mysqld_exporter"
+    exporter_password    = "ZawhvpueAehRdKFlbjaq"
+  }
+  custom_user_username = "custom"
+}
+
 module "aws" {
   source                             = "squareops/mysql/kubernetes//modules/resources/aws"
   cluster_name                       = "prod-eks"
@@ -38,52 +64,48 @@ module "aws" {
 }
 
 module "mysql" {
-  source = "squareops/mysql/kubernetes"
+  source           = "squareops/mysql/kubernetes"
+  create_namespace = local.create_namespace
+  namespace        = local.namespace
   mysqldb_config = {
     name                             = "mysql"
-    values_yaml                      = ""
+    app_version                      = "8.0.29-debian-11-r9"
     environment                      = "prod"
+    values_yaml                      = ""
     architecture                     = "replication"
-    storage_class_name               = "gp3"
-    custom_user_username             = "admin"
+    custom_database                  = "test_db"
+    storage_class_name               = "gp2"
+    custom_user_username             = local.mysqldb_custom_credentials_enabled ? "" : local.custom_user_username
     primary_db_volume_size           = "10Gi"
     secondary_db_volume_size         = "10Gi"
     secondary_db_replica_count       = 2
     store_password_to_secret_manager = true
   }
-  mysqldb_custom_credentials_enabled = true
-  mysqldb_custom_credentials_config  = {
-    root_user            = "root"
-    root_password        = "RJDRIFsYC8ZS1WQuV0ps"
-    custom_username      = "admin"
-    custom_user_password = "NCPFUKEMd7rrWuvMAa73"
-    replication_user     = "replicator"
-    replication_password = "nvAHhm1uGQNYWVw6ZyAH"
-    exporter_user        = "mysqld_exporter"
-    exporter_password    = "ZawhvpueAehRdKFlbjaq"
-  }
-  root_password                      = mysqldb_custom_credentials_enabled ? "" : module.aws.root_password
-  metric_exporter_pasword            = mysqldb_custom_credentials_enabled ? "" : module.aws.metric_exporter_pasword
-  mysqldb_replication_user_password  = mysqldb_custom_credentials_enabled ? "" : module.aws.mysqldb_replication_user_password
-  custom_user_password               = mysqldb_custom_credentials_enabled ? "" : module.aws.custom_user_password
+  mysqldb_custom_credentials_enabled = local.mysqldb_custom_credentials_enabled
+  mysqldb_custom_credentials_config  = local.mysqldb_custom_credentials_config
+  root_password                      = local.mysqldb_custom_credentials_enabled ? "" : module.aws.root_password
+  metric_exporter_pasword            = local.mysqldb_custom_credentials_enabled ? "" : module.aws.metric_exporter_pasword
+  mysqldb_replication_user_password  = local.mysqldb_custom_credentials_enabled ? "" : module.aws.mysqldb_replication_user_password
+  custom_user_password               = local.mysqldb_custom_credentials_enabled ? "" : module.aws.custom_user_password
   bucket_provider_type               = "s3"
   iam_role_arn_backup                = module.aws.iam_role_arn_backup
   mysqldb_backup_enabled             = true
   mysqldb_backup_config = {
-    bucket_uri           = "backup-bucket-uri"
-    s3_bucket_region     = "backup-bucket-region"
-    cron_for_full_backup = "* */12 * * *"
+    bucket_uri           = "s3://bucket_name"
+    s3_bucket_region     = ""
+    cron_for_full_backup = "*/5 * * * *"
   }
   mysqldb_restore_enabled = true
   iam_role_arn_restore    = module.aws.iam_role_arn_restore
   mysqldb_restore_config = {
-    bucket_uri       = "restore-bucket-uri/restore-file-name"
-    file_name        = "restore-file-name"
-    s3_bucket_region = "restore-bucket-region"
+    bucket_uri       = "s3://bucket_name/mysqldump_20230710_120501.zip"
+    file_name        = "mysqldump_20230710_120501.zip"
+    s3_bucket_region = ""
   }
   mysqldb_exporter_enabled = true
 }
 
+
 ```
 - Refer [AWS examples](https://github.com/squareops/terraform-kubernetes-mysql/tree/main/examples/complete/aws) for more details.
 - Refer [Azure examples](https://github.com/squareops/terraform-kubernetes-mysql/tree/main/examples/complete/azure) for more details.
diff --git a/examples/complete/aws/main.tf b/examples/complete/aws/main.tf
@@ -7,8 +7,10 @@ locals {
     Expires    = "Never"
     Department = "Engineering"
   }
-  store_password_to_secret_manager   = true
-  mysqldb_custom_credentials_enabled = false
+  create_namespace                   = false
+  namespace                          = "mysql"
+  store_password_to_secret_manager   = false
+  mysqldb_custom_credentials_enabled = true
   mysqldb_custom_credentials_config = {
     root_user            = "root"
     root_password        = "RJDRIFsYC8ZS1WQuV0ps"
@@ -24,7 +26,7 @@ locals {
 
 module "aws" {
   source                             = "squareops/mysql/kubernetes//modules/resources/aws"
-  cluster_name                       = ""
+  cluster_name                       = "cluster-name"
   environment                        = local.environment
   name                               = local.name
   store_password_to_secret_manager   = local.store_password_to_secret_manager
@@ -34,13 +36,17 @@ module "aws" {
 }
 
 module "mysql" {
-  source = "squareops/mysql/kubernetes"
+  source           = "squareops/mysql/kubernetes"
+  create_namespace = local.create_namespace
+  namespace        = local.namespace
   mysqldb_config = {
     name                             = local.name
     values_yaml                      = file("./helm/values.yaml")
+    app_version                      = "8.0.29-debian-11-r9"
     environment                      = local.environment
     architecture                     = "replication"
-    storage_class_name               = "gp3"
+    custom_database                  = "test_db"
+    storage_class_name               = "gp2"
     custom_user_username             = local.mysqldb_custom_credentials_enabled ? "" : local.custom_user_username
     primary_db_volume_size           = "10Gi"
     secondary_db_volume_size         = "10Gi"
diff --git a/examples/complete/azure/helm/values.yaml b/examples/complete/azure/helm/values.yaml
@@ -18,4 +18,4 @@ secondary:
                     - key: "Addons-Services"
                       operator: In
                       values:
-                      - "true"
+                      - "true"
diff --git a/examples/complete/azure/main.tf b/examples/complete/azure/main.tf
@@ -7,6 +7,8 @@ locals {
     Expires    = "Never"
     Department = "Engineering"
   }
+  create_namespace                   = true
+  namespace                          = "mysql"
   store_password_to_secret_manager   = true
   mysqldb_custom_credentials_enabled = false
   mysqldb_custom_credentials_config = {
@@ -40,12 +42,16 @@ module "azure" {
 }
 
 module "mysql" {
-  source = "squareops/mysql/kubernetes"
+  source           = "squareops/mysql/kubernetes"
+  create_namespace = local.create_namespace
+  namespace        = local.namespace
   mysqldb_config = {
     name                             = local.name
     values_yaml                      = file("./helm/values.yaml")
     environment                      = local.environment
+    app_version                      = "8.0.29-debian-11-r9"
     architecture                     = "replication"
+    custom_database                  = "test_db"
     storage_class_name               = "infra-service-sc"
     custom_user_username             = local.mysqldb_custom_credentials_enabled ? "" : local.custom_user_username
     primary_db_volume_size           = "10Gi"
diff --git a/examples/complete/azure/outputs.tf b/examples/complete/azure/outputs.tf
@@ -6,4 +6,4 @@ output "mysql_endpoints" {
 output "mysql_credential" {
   value       = local.store_password_to_secret_manager ? null : module.mysql.mysqldb_credential
   description = "MySQL credentials used for accessing the MySQL database."
-}
+}
diff --git a/examples/complete/gcp/main.tf b/examples/complete/gcp/main.tf
@@ -7,6 +7,8 @@ locals {
     Expires    = "Never"
     Department = "Engineering"
   }
+  create_namespace                   = true
+  namespace                          = "mysql"
   store_password_to_secret_manager   = true
   mysqldb_custom_credentials_enabled = false
   mysqldb_custom_credentials_config = {
@@ -34,12 +36,16 @@ module "gcp" {
 }
 
 module "mysql" {
-  source = "squareops/mysql/kubernetes"
+  source           = "squareops/mysql/kubernetes"
+  create_namespace = local.create_namespace
+  namespace        = local.namespace
   mysqldb_config = {
     name                             = local.name
     values_yaml                      = file("./helm/values.yaml")
     environment                      = local.environment
+    app_version                      = "8.0.29-debian-11-r9"
     architecture                     = "replication"
+    custom_database                  = "test_db"
     storage_class_name               = "standard"
     custom_user_username             = local.mysqldb_custom_credentials_enabled ? "" : local.custom_user_username
     primary_db_volume_size           = "10Gi"
diff --git a/helm/values/mysqldb/values.yaml b/helm/values/mysqldb/values.yaml
@@ -112,7 +112,7 @@ auth:
   ## @param auth.database Name for a custom database to create
   ## ref: https://github.com/bitnami/bitnami-docker-mysql/blob/master/README.md#creating-a-database-on-first-run
   ##
-  database: "my_database"
+  database: ${custom_database}
   ## @param auth.username Name for a custom user to create
   ## ref: https://github.com/bitnami/bitnami-docker-mysql/blob/master/README.md#creating-a-database-user-on-first-run
   ##
diff --git a/main.tf b/main.tf
@@ -18,6 +18,7 @@ resource "helm_release" "mysqldb" {
     templatefile("${path.module}/helm/values/mysqldb/values.yaml", {
       app_version                 = var.app_version,
       architecture                = var.mysqldb_config.architecture,
+      custom_database             = var.mysqldb_config.custom_database,
       primary_pod_size            = var.mysqldb_config.primary_db_volume_size,
       secondary_pod_size          = var.mysqldb_config.secondary_db_volume_size,
       storage_class_name          = var.mysqldb_config.storage_class_name,
@@ -26,7 +27,7 @@ resource "helm_release" "mysqldb" {
       replication_password        = var.mysqldb_custom_credentials_enabled ? var.mysqldb_custom_credentials_config.replication_password : var.mysqldb_replication_user_password,
       mysqldb_root_password       = var.mysqldb_custom_credentials_enabled ? var.mysqldb_custom_credentials_config.root_password : var.root_password,
       mysqldb_exporter_enabled    = var.mysqldb_exporter_enabled,
-      service_monitor_namespace   = var.namespace
+      service_monitor_namespace   = var.namespace,
       metrics_exporter_password   = var.mysqldb_custom_credentials_enabled ? var.mysqldb_custom_credentials_config.exporter_password : var.metric_exporter_pasword,
       secondary_pod_replica_count = var.mysqldb_config.secondary_db_replica_count
     }),
@@ -43,15 +44,15 @@ resource "helm_release" "mysqldb_backup" {
   namespace  = var.namespace
   values = [
     templatefile("${path.module}/helm/values/backup/values.yaml", {
-      bucket_uri           = var.mysqldb_backup_config.bucket_uri,
-      s3_bucket_region     = var.bucket_provider_type == "s3" ? var.mysqldb_backup_config.s3_bucket_region : "",
-      cron_for_full_backup = var.mysqldb_backup_config.cron_for_full_backup,
-      custom_user_username = "root",
-      bucket_provider_type = var.bucket_provider_type,
+      bucket_uri                 = var.mysqldb_backup_config.bucket_uri,
+      s3_bucket_region           = var.bucket_provider_type == "s3" ? var.mysqldb_backup_config.s3_bucket_region : "",
+      cron_for_full_backup       = var.mysqldb_backup_config.cron_for_full_backup,
+      custom_user_username       = "root",
+      bucket_provider_type       = var.bucket_provider_type,
       azure_storage_account_name = var.bucket_provider_type == "azure" ? var.azure_storage_account_name : ""
       azure_storage_account_key  = var.bucket_provider_type == "azure" ? var.azure_storage_account_key : ""
       azure_container_name       = var.bucket_provider_type == "azure" ? var.azure_container_name : ""
-      annotations          = var.bucket_provider_type == "s3" ? "eks.amazonaws.com/role-arn: ${var.iam_role_arn_backup}" : "iam.gke.io/gcp-service-account: ${var.service_account_backup}"
+      annotations                = var.bucket_provider_type == "s3" ? "eks.amazonaws.com/role-arn: ${var.iam_role_arn_backup}" : "iam.gke.io/gcp-service-account: ${var.service_account_backup}"
     })
   ]
 }
@@ -67,15 +68,15 @@ resource "helm_release" "mysqldb_restore" {
   namespace  = var.namespace
   values = [
     templatefile("${path.module}/helm/values/restore/values.yaml", {
-      bucket_uri           = var.mysqldb_restore_config.bucket_uri,
-      file_name            = var.mysqldb_restore_config.file_name,
-      s3_bucket_region     = var.bucket_provider_type == "s3" ? var.mysqldb_restore_config.s3_bucket_region : "",
-      custom_user_username = "root",
-      bucket_provider_type = var.bucket_provider_type,
+      bucket_uri                 = var.mysqldb_restore_config.bucket_uri,
+      file_name                  = var.mysqldb_restore_config.file_name,
+      s3_bucket_region           = var.bucket_provider_type == "s3" ? var.mysqldb_restore_config.s3_bucket_region : "",
+      custom_user_username       = "root",
+      bucket_provider_type       = var.bucket_provider_type,
       azure_storage_account_name = var.bucket_provider_type == "azure" ? var.azure_storage_account_name : ""
       azure_storage_account_key  = var.bucket_provider_type == "azure" ? var.azure_storage_account_key : ""
       azure_container_name       = var.bucket_provider_type == "azure" ? var.azure_container_name : ""
-      annotations          = var.bucket_provider_type == "s3" ? "eks.amazonaws.com/role-arn: ${var.iam_role_arn_restore}" : "iam.gke.io/gcp-service-account: ${var.service_account_restore}"
+      annotations                = var.bucket_provider_type == "s3" ? "eks.amazonaws.com/role-arn: ${var.iam_role_arn_restore}" : "iam.gke.io/gcp-service-account: ${var.service_account_restore}"
     })
   ]
 }
diff --git a/modules/backup/templates/service_account.yaml b/modules/backup/templates/service_account.yaml
@@ -2,6 +2,6 @@ apiVersion: v1
 kind: ServiceAccount
 metadata:
   name: sa-mysql-backup
-  namespace: mysqldb
+  namespace: {{ .Release.Namespace }}
   annotations:
     {{ toYaml .Values.annotations  | indent 4 }}
diff --git a/modules/resources/azure/main.tf b/modules/resources/azure/main.tf
@@ -54,7 +54,7 @@ resource "azurerm_key_vault" "mysql-secret" {
 }
 
 resource "azurerm_key_vault_secret" "mysql-secret" {
-  count  = var.store_password_to_secret_manager ? 1 : 0
+  count      = var.store_password_to_secret_manager ? 1 : 0
   depends_on = [azurerm_key_vault.mysql-secret[0]]
   name       = format("%s-%s-%s", var.environment, var.name, "secret")
   value = var.mysqldb_custom_credentials_enabled ? jsonencode(
diff --git a/modules/resources/azure/outputs.tf b/modules/resources/azure/outputs.tf
@@ -16,4 +16,4 @@ output "mysqldb_replication_user_password" {
 output "custom_user_password" {
   value       = var.mysqldb_custom_credentials_enabled ? null : nonsensitive(random_password.mysqldb_custom_user_password[0].result)
   description = "custom user's password of mysqldb"
-}
+}
diff --git a/modules/resources/azure/variables.tf b/modules/resources/azure/variables.tf
@@ -69,4 +69,4 @@ variable "custom_user_username" {
 variable "storage_account_name" {
   type    = string
   default = ""
-}
+}
diff --git a/output.tf b/output.tf
@@ -5,7 +5,7 @@ output "mysqldb_endpoints" {
     mysql_primary_endpoint            = "mysqldb-primary.${var.namespace}.svc.cluster.local",
     mysql_primary_headless_endpoint   = "mysqldb-primary-headless.${var.namespace}.svc.cluster.local",
     mysql_secondary_endpoint          = "mysqldb-secondary.${var.namespace}.svc.cluster.local",
-    mysql_secondary_headless_endpoint = "mysqldb-secondary-headless.${var.namespace}.svc.cluster.local",
+    mysql_secondary_headless_endpoint = "mysqldb-secondary-headless.${var.namespace}.svc.cluster.local"
   }
 }
 
diff --git a/variables.tf b/variables.tf
@@ -5,6 +5,7 @@ variable "mysqldb_config" {
     environment                      = ""
     values_yaml                      = ""
     architecture                     = ""
+    custom_database                  = ""
     storage_class_name               = ""
     custom_user_username             = ""
     primary_db_volume_size           = ""

Original file line number	Diff line number	Diff line change
`@@ -82,4 +82,4 @@ permissions = [`
`82`	`82`	`"resourcemanager.projects.getIamPolicy",`
`83`	`83`	`"resourcemanager.projects.setIamPolicy"`
`84`	`84`	`]`
`85`		-```
	`85`	+```