CUMULUS-3642: modify scripts and tf vars to try and connect to restor…

…ed db
nasa · charleshuang80 · May 8, 2024 · May 10, 2024 · May 13, 2024 · May 17, 2024
commit 36c53aa407d6e22fb6e15c212285e4af756566bb
diff --git a/bamboo/bootstrap-tf-deployment.sh b/bamboo/bootstrap-tf-deployment.sh
@@ -96,7 +96,8 @@ echo "Deploying Cumulus example to $DEPLOYMENT"
   -var "token_secret=$TOKEN_SECRET" \
   -var "permissions_boundary_arn=arn:aws:iam::$AWS_ACCOUNT_ID:policy/$ROLE_BOUNDARY" \
   -var "pdr_node_name_provider_bucket=$PDR_NODE_NAME_PROVIDER_BUCKET" \
-  -var "rds_admin_access_secret_arn=$RDS_ADMIN_ACCESS_SECRET_ARN" \
+  -var "rds_security_group=$OTHER_DB_RDS_SECURITY_GROUP"\
+  -var "rds_admin_access_secret_arn=$OTHER_DB_RDS_ADMIN_ACCESS_SECRET_ARN" \
   -var "orca_db_user_password=$ORCA_DATABASE_USER_PASSWORD" \
   -var "orca_s3_access_key=$AWS_ACCESS_KEY_ID" \
   -var "orca_s3_secret_key=$AWS_SECRET_ACCESS_KEY" \
diff --git a/bamboo/set-bamboo-env-variables.sh b/bamboo/set-bamboo-env-variables.sh
@@ -146,6 +146,8 @@ if [[ $bamboo_NGAP_ENV = "SIT" ]]; then
   export PDR_NODE_NAME_PROVIDER_BUCKET=$bamboo_SIT_PDR_NODE_NAME_PROVIDER_BUCKET
   export ORCA_DATABASE_USER_PASSWORD=$bamboo_SECRET_SIT_ORCA_DATABASE_USER_PASSWORD
   DEPLOYMENT=$bamboo_SIT_DEPLOYMENT
+  export OTHER_DB_RDS_SECURITY_GROUP=$bamboo_SECRET_SIT_OTHER_DB_RDS_SECURITY_GROUP
+  export OTHER_DB_RDS_ADMIN_ACCESS_SECRET_ARN=$bamboo_SECRET_SIT_OTHER_DB_RDS_ADMIN_ACCESS_SECRET_ARN
 fi
 
 ## Run detect-pr script and set flag to true/false

diff --git a/example/cumulus-tf/main.tf b/example/cumulus-tf/main.tf
@@ -38,8 +38,8 @@ locals {
   elasticsearch_security_group_id = lookup(data.terraform_remote_state.data_persistence.outputs, "elasticsearch_security_group_id", "")
   protected_bucket_names          = [for k, v in var.buckets : v.name if v.type == "protected"]
   public_bucket_names             = [for k, v in var.buckets : v.name if v.type == "public"]
-  rds_security_group              = lookup(data.terraform_remote_state.data_persistence.outputs, "rds_security_group", "")
-  rds_credentials_secret_arn      = lookup(data.terraform_remote_state.data_persistence.outputs, "database_credentials_secret_arn", "")
+  rds_security_group              = var.rds_security_group
+  rds_credentials_secret_arn      = var.rds_admin_access_secret_arn
 
   vpc_id     = var.vpc_id != null ? var.vpc_id : data.aws_vpc.application_vpc[0].id
   subnet_ids = length(var.lambda_subnet_ids) > 0 ? var.lambda_subnet_ids : data.aws_subnets.subnet_ids[0].ids

diff --git a/example/data-persistence-tf/main.tf b/example/data-persistence-tf/main.tf
@@ -36,7 +36,7 @@ module "provision_database" {
   permissions_boundary_arn               = var.permissions_boundary_arn
   rds_user_password                      = var.rds_user_password == "" ? random_string.db_pass.result : var.rds_user_password
   rds_connection_timing_configuration    = var.rds_connection_timing_configuration
-  dbRecreation                           = true
+  dbRecreation                           = false
   lambda_timeouts                        = var.lambda_timeouts
   lambda_memory_sizes                    = var.lambda_memory_sizes
 }