Create database with separate script.

Creating the ATAT database requires a separate connection to one of the default Postgres databases, like `postgres`. This updates the scripts and secrets-tool command to handle creating the database. It also removes database creation from Terraform and updates the documentation.
2020-01-25 12:21:52 -05:00
parent a8f6befc17
commit 058ee57527
9 changed files with 105 additions and 28 deletions
--- a/terraform/secrets-tool/README.md
+++ b/terraform/secrets-tool/README.md
@@ -45,6 +45,17 @@ Requirements:
 - docker
 - A copy of the ATAT docker image. This can be built in the repo root with: `docker build . --build-arg CSP=azure -f ./Dockerfile -t atat:latest`
 - You need to know the hostname for the Postgres database. Your IP must either be whitelisted in its firewall rules or you must be behind the VPN.
+- You will need a YAML file listing all the CCPO users to be added to the database, with the format:
+
+```
+- dod_id: "2323232323"
+  first_name: "Luke"
+  last_name: "Skywalker"
+- dod_id: "5656565656"
+  first_name: "Han"
+  last_name: "Solo"
+```
+
 - There should be a password for the ATAT database user in the application Key Vault, preferably named `PGPASSWORD`. You can load this by running `secrets-tool --keyvault [operator key vault url] load -f postgres-user.yml` and supplying YAML like:

 ```
--- a/terraform/secrets-tool/commands/database.py
+++ b/terraform/secrets-tool/commands/database.py
@@ -116,19 +116,28 @@ def provision(

    logger.info("starting docker process")

-    cmd = (
-        f"docker run -e PGHOST={dbhost}"
-        +f" -e PGPASSWORD=\"{root_password}\""
+    create_database_cmd = (
+        f"docker run -e PGHOST='{dbhost}'"
+        +f" -e PGPASSWORD='{root_password}'"
        +f" -e PGUSER='{root_name}@{dbhost}'"
-        +f" -e PGDATABASE=\"{dbname}\""
-        +f" -e REDIS_HOST=host.docker.internal"
+        +f" -e PGDATABASE='{dbname}'"
+        +f" -e PGSSLMODE=require"
+        +f" {container}"
+        +f" .venv/bin/python script/create_database.py {dbname}"
+    )
+    _run_cmd(create_database_cmd)
+
+    seed_database_cmd = (
+        f"docker run -e PGHOST='{dbhost}'"
+        +f" -e PGPASSWORD='{root_password}'"
+        +f" -e PGUSER='{root_name}@{dbhost}'"
+        +f" -e PGDATABASE='{dbname}'"
        +f" -e PGSSLMODE=require"
        +f" -v {ccpo_users}:/opt/atat/atst/users.yml"
        +f" {container}"
        +f" .venv/bin/python script/database_setup.py {user_username} '{user_password}' users.yml"
    )
-    print(cmd)
-    _run_cmd(cmd)
+    _run_cmd(seed_database_cmd)


 database.add_command(provision)