From 887cfc05c53f01ef372179a9d443378a42af5bc2 Mon Sep 17 00:00:00 2001
From: Lucas Di Pentima <lucas.dipentima@curii.com>
Date: Tue, 11 Jun 2024 16:44:18 -0300
Subject: [PATCH] 21832: Fixes variable & output parameters naming.

The user created on RDS is not the service admin user (we don't have access
to it, actually), so we'll just use its credentials for setting up Arvados.

Arvados-DCO-1.1-Signed-off-by: Lucas Di Pentima <lucas.dipentima@curii.com>
---
 tools/salt-install/terraform/aws/services/locals.tf  |  4 ++--
 tools/salt-install/terraform/aws/services/main.tf    | 12 ++++++------
 tools/salt-install/terraform/aws/services/outputs.tf | 12 ++++++++----
 .../terraform/aws/services/terraform.tfvars          |  7 ++++---
 .../salt-install/terraform/aws/services/variables.tf |  8 ++++----
 5 files changed, 24 insertions(+), 19 deletions(-)

diff --git a/tools/salt-install/terraform/aws/services/locals.tf b/tools/salt-install/terraform/aws/services/locals.tf
index 16e877d35a..7512eb9df1 100644
--- a/tools/salt-install/terraform/aws/services/locals.tf
+++ b/tools/salt-install/terraform/aws/services/locals.tf
@@ -30,8 +30,8 @@ locals {
   eip_id = data.terraform_remote_state.vpc.outputs.eip_id
   keepstore_iam_role_name = data.terraform_remote_state.data-storage.outputs.keepstore_iam_role_name
   use_rds = (var.use_rds && data.terraform_remote_state.vpc.outputs.use_rds)
-  rds_admin_username = var.rds_admin_username != "" ? var.rds_admin_username : "${local.cluster_name}_arvados_admin"
-  rds_admin_password = var.rds_admin_password != "" ? var.rds_admin_password : one(random_string.default_rds_admin_password[*].result)
+  rds_username = var.rds_username != "" ? var.rds_username : "${local.cluster_name}_arvados"
+  rds_password = var.rds_password != "" ? var.rds_password : one(random_string.default_rds_password[*].result)
   rds_max_allocated_storage = max(var.rds_max_allocated_storage, 20)
   rds_instance_type = var.rds_instance_type
 }
diff --git a/tools/salt-install/terraform/aws/services/main.tf b/tools/salt-install/terraform/aws/services/main.tf
index 77dd82f4dd..de4cfc9d21 100644
--- a/tools/salt-install/terraform/aws/services/main.tf
+++ b/tools/salt-install/terraform/aws/services/main.tf
@@ -24,10 +24,10 @@ provider "aws" {
 
 provider "random" {}
 
-resource "random_string" "default_rds_admin_password" {
-  count = (local.use_rds && var.rds_admin_password == "") ? 1 : 0
-  length  = 24
-  special = true
+resource "random_string" "default_rds_password" {
+  count = (local.use_rds && var.rds_password == "") ? 1 : 0
+  length  = 32
+  special = false
 }
 
 resource "aws_iam_instance_profile" "keepstore_instance_profile" {
@@ -104,8 +104,8 @@ resource "aws_db_instance" "postgresql_service" {
   engine_version = "15"
   instance_class = local.rds_instance_type
   db_name = "${local.cluster_name}_arvados"
-  username = local.rds_admin_username
-  password = local.rds_admin_password
+  username = local.rds_username
+  password = local.rds_password
   skip_final_snapshot  = true
 
   vpc_security_group_ids = [local.arvados_sg_id]
diff --git a/tools/salt-install/terraform/aws/services/outputs.tf b/tools/salt-install/terraform/aws/services/outputs.tf
index 92b1a01da9..682ae09ea9 100644
--- a/tools/salt-install/terraform/aws/services/outputs.tf
+++ b/tools/salt-install/terraform/aws/services/outputs.tf
@@ -61,15 +61,19 @@ output "ssl_password_secret_name" {
   value = aws_secretsmanager_secret.ssl_password_secret.name
 }
 
-output "rds_service_endpoint" {
-  value = one(aws_db_instance.postgresql_service[*].endpoint)
+output "database_address" {
+  value = one(aws_db_instance.postgresql_service[*].address)
 }
 
-output "rds_service_admin_username" {
+output "database_name" {
+  value = one(aws_db_instance.postgresql_service[*].db_name)
+}
+
+output "database_username" {
   value = one(aws_db_instance.postgresql_service[*].username)
 }
 
-output "rds_service_admin_password" {
+output "database_password" {
   value = one(aws_db_instance.postgresql_service[*].password)
   sensitive = true
 }
diff --git a/tools/salt-install/terraform/aws/services/terraform.tfvars b/tools/salt-install/terraform/aws/services/terraform.tfvars
index 4e04cda8e1..a1b0bd1555 100644
--- a/tools/salt-install/terraform/aws/services/terraform.tfvars
+++ b/tools/salt-install/terraform/aws/services/terraform.tfvars
@@ -21,12 +21,13 @@
 #   controller = 300
 # }
 
-# Use an RDS instance for database.
+# Use an RDS instance for database. For this to work, make sure to also set
+# 'use_rds' to true in '../vpc/terraform.tfvars'.
 # use_rds = true
 #
 # Provide custom values if needed.
-# rds_admin_username = ""
-# rds_admin_password = ""
+# rds_username = ""
+# rds_password = ""
 # rds_instance_type = "db.m5.xlarge"
 # rds_max_allocated_storage = 1000
 
diff --git a/tools/salt-install/terraform/aws/services/variables.tf b/tools/salt-install/terraform/aws/services/variables.tf
index 279752772d..e9cebe6407 100644
--- a/tools/salt-install/terraform/aws/services/variables.tf
+++ b/tools/salt-install/terraform/aws/services/variables.tf
@@ -49,14 +49,14 @@ variable "use_rds" {
   default = false
 }
 
-variable "rds_admin_username" {
-  description = "RDS instance's admin username"
+variable "rds_username" {
+  description = "RDS instance's username. Default: <cluster_name>_arvados"
   type = string
   default = ""
 }
 
-variable "rds_admin_password" {
-  description = "RDS instance's admin password"
+variable "rds_password" {
+  description = "RDS instance's password. Default: randomly-generated 32 chars"
   type = string
   default = ""
 }
-- 
2.30.2