Skip to content

Commit 62d200b

Browse files
adskyiprogeradskyiproger
committed
fix: Properly distribute analytics postgres user
1 parent 6c4e78c commit 62d200b

File tree

7 files changed

+19
-53
lines changed

7 files changed

+19
-53
lines changed

.github/workflows/provision.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -126,8 +126,8 @@ jobs:
126126
dockerhub_password: ${{ secrets.DOCKER_TOKEN }}
127127
mongodb_admin_username: ${{ secrets.MONGODB_ADMIN_USER }}
128128
mongodb_admin_password: ${{ secrets.MONGODB_ADMIN_PASSWORD }}
129-
postgres_user: ${{ secrets.ANALYTICS_POSTGRES_USER }}
130-
postgres_password: ${{ secrets.ANALYTICS_POSTGRES_PASSWORD }}
129+
postgres_user: ${{ secrets.POSTGRES_USER }}
130+
postgres_password: ${{ secrets.POSTGRES_PASSWORD }}
131131
backup_encryption_passphrase: ${{ secrets.BACKUP_ENCRYPTION_PASSPHRASE }}
132132
elasticsearch_superuser_password: ${{ secrets.ELASTICSEARCH_SUPERUSER_PASSWORD }}
133133
# SSH_HOST was moved from a secret to a variable in OpenCRVS 1.5.0

infrastructure/backups/backup.sh

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -202,22 +202,22 @@ done
202202

203203
echo "Backing up PostgreSQL 'events' database"
204204
docker run --rm \
205-
-e PGPASSWORD=$ANALYTICS_POSTGRES_PASSWORD \
205+
-e PGPASSWORD=$POSTGRES_PASSWORD \
206206
-v $ROOT_PATH/backups/postgres:/backups \
207207
--network=$NETWORK \
208208
postgres:17 \
209-
bash -c "pg_dump -h postgres -U $ANALYTICS_POSTGRES_USER -d events -F c -f /backups/events-${LABEL:-$BACKUP_DATE}.dump"
209+
bash -c "pg_dump -h postgres -U $POSTGRES_USER -d events -F c -f /backups/events-${LABEL:-$BACKUP_DATE}.dump"
210210

211211
# Backup PostgreSQL
212212
# -----------------
213213

214214
echo "Backing up PostgreSQL 'events' database"
215215
docker run --rm \
216-
-e PGPASSWORD=$ANALYTICS_POSTGRES_PASSWORD \
216+
-e PGPASSWORD=$POSTGRES_PASSWORD \
217217
-v $ROOT_PATH/backups/postgres:/backups \
218218
--network=$NETWORK \
219219
postgres:17 \
220-
bash -c "pg_dump -h postgres -U $ANALYTICS_POSTGRES_USER -d events -F c -f /backups/events-${LABEL:-$BACKUP_DATE}.dump"
220+
bash -c "pg_dump -h postgres -U $POSTGRES_USER -d events -F c -f /backups/events-${LABEL:-$BACKUP_DATE}.dump"
221221

222222
#-------------------------------------------------------------------------------------
223223

infrastructure/backups/restore.sh

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -190,10 +190,10 @@ db.getSiblingDB('webhooks').dropDatabase();"
190190
##
191191

192192
docker run --rm \
193-
-e PGPASSWORD=$ANALYTICS_POSTGRES_PASSWORD \
193+
-e PGPASSWORD=$POSTGRES_PASSWORD \
194194
--network=$NETWORK \
195195
postgres:17.6 \
196-
bash -c "psql -h postgres -U $ANALYTICS_POSTGRES_USER -c 'DROP DATABASE IF EXISTS events;'"
196+
bash -c "psql -h postgres -U $POSTGRES_USER -c 'DROP DATABASE IF EXISTS events;'"
197197

198198
#####
199199
#
@@ -222,11 +222,11 @@ docker run --rm -v $ROOT_PATH/backups/mongo:/data/backups/mongo --network=$NETWO
222222

223223
echo "Restoring PostgreSQL 'events' database"
224224
docker run --rm \
225-
-e PGPASSWORD=$ANALYTICS_POSTGRES_PASSWORD \
225+
-e PGPASSWORD=$POSTGRES_PASSWORD \
226226
-v $ROOT_PATH/backups/postgres:/backups \
227227
--network=$NETWORK \
228228
postgres:17.6 \
229-
bash -c "createdb -h postgres -U $ANALYTICS_POSTGRES_USER events && pg_restore -h postgres -U $ANALYTICS_POSTGRES_USER -d events /backups/events-${LABEL}.dump"
229+
bash -c "createdb -h postgres -U $POSTGRES_USER events && pg_restore -h postgres -U $POSTGRES_USER -d events /backups/events-${LABEL}.dump"
230230

231231
##
232232
# ------ ELASTICSEARCH -----

infrastructure/deployment/deploy.sh

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -358,7 +358,7 @@ export EVENTS_APP_POSTGRES_PASSWORD=`generate_password`
358358
export EVENTS_MIGRATOR_POSTGRES_PASSWORD=`generate_password`
359359
export ANALYTICS_POSTGRES_PASSWORD=`generate_password`
360360

361-
#
361+
362362
# Elasticsearch credentials
363363
#
364364
# Notice that all of these passwords change on each deployment.

infrastructure/docker-compose.deploy.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -590,7 +590,7 @@ services:
590590
- INFOBIP_API_KEY=${INFOBIP_API_KEY:-}
591591
- INFOBIP_SENDER_ID=${INFOBIP_SENDER_ID:-}
592592
- DOMAIN={{hostname}}
593-
- ANALYTICS_DATABASE_URL=postgres://${ANALYTICS_POSTGRES_USER}:${ANALYTICS_POSTGRES_PASSWORD}@postgres/events
593+
- ANALYTICS_DATABASE_URL=postgres://events_analytics:${ANALYTICS_POSTGRES_PASSWORD}@postgres/events
594594
networks:
595595
- overlay_net
596596
logging:
@@ -1002,7 +1002,7 @@ services:
10021002
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
10031003
- POSTGRES_HOST=postgres
10041004
- POSTGRES_PORT=5432
1005-
- ANALYTICS_POSTGRES_USER=${ANALYTICS_POSTGRES_USER}
1005+
- ANALYTICS_POSTGRES_USER=events_analytics
10061006
- ANALYTICS_POSTGRES_PASSWORD=${ANALYTICS_POSTGRES_PASSWORD}
10071007
- EVENTS_APP_POSTGRES_PASSWORD=${EVENTS_APP_POSTGRES_PASSWORD}
10081008
- EVENTS_MIGRATOR_POSTGRES_PASSWORD=${EVENTS_MIGRATOR_POSTGRES_PASSWORD}

infrastructure/environments/setup-environment.ts

Lines changed: 4 additions & 38 deletions
Original file line numberDiff line numberDiff line change
@@ -702,15 +702,15 @@ const derivedVariables = [
702702
scope: 'ENVIRONMENT'
703703
},
704704
{
705-
name: 'ANALYTICS_POSTGRES_USER',
706-
valueLabel: 'ANALYTICS_POSTGRES_USER',
705+
name: 'POSTGRES_USER',
706+
valueLabel: 'POSTGRES_USER',
707707
valueType: 'SECRET',
708708
type: 'disabled',
709709
scope: 'ENVIRONMENT'
710710
},
711711
{
712-
name: 'ANALYTICS_POSTGRES_PASSWORD',
713-
valueLabel: 'ANALYTICS_POSTGRES_PASSWORD',
712+
name: 'POSTGRES_PASSWORD',
713+
valueLabel: 'POSTGRES_PASSWORD',
714714
valueType: 'SECRET',
715715
type: 'disabled',
716716
scope: 'ENVIRONMENT'
@@ -1224,40 +1224,6 @@ const SPECIAL_NON_APPLICATION_ENVIRONMENTS = ['jump', 'backup']
12241224
),
12251225
scope: 'ENVIRONMENT' as const
12261226
},
1227-
{
1228-
name: 'ANALYTICS_POSTGRES_USER',
1229-
type: 'SECRET' as const,
1230-
didExist: findExistingValue(
1231-
'ANALYTICS_POSTGRES_USER',
1232-
'SECRET',
1233-
'ENVIRONMENT',
1234-
existingValues
1235-
),
1236-
value: findExistingOrDefine(
1237-
'ANALYTICS_POSTGRES_USER',
1238-
'SECRET',
1239-
'ENVIRONMENT',
1240-
generateLongPassword()
1241-
),
1242-
scope: 'ENVIRONMENT' as const
1243-
},
1244-
{
1245-
name: 'ANALYTICS_POSTGRES_PASSWORD',
1246-
type: 'SECRET' as const,
1247-
didExist: findExistingValue(
1248-
'ANALYTICS_POSTGRES_PASSWORD',
1249-
'SECRET',
1250-
'ENVIRONMENT',
1251-
existingValues
1252-
),
1253-
value: findExistingOrDefine(
1254-
'ANALYTICS_POSTGRES_PASSWORD',
1255-
'SECRET',
1256-
'ENVIRONMENT',
1257-
generateLongPassword()
1258-
),
1259-
scope: 'ENVIRONMENT' as const
1260-
},
12611227
{
12621228
name: 'POSTGRES_USER',
12631229
type: 'SECRET' as const,

infrastructure/server-setup/tasks/data-partition.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -256,7 +256,7 @@
256256
content: |
257257
MONGODB_ADMIN_PASSWORD={{ mongodb_admin_password }}
258258
MONGODB_ADMIN_USER={{ mongodb_admin_username }}
259-
ANALYTICS_POSTGRES_USER={{ postgres_user }}
260-
ANALYTICS_POSTGRES_PASSWORD={{ postgres_password }}
259+
POSTGRES_USER={{ postgres_user }}
260+
POSTGRES_PASSWORD={{ postgres_password }}
261261
ELASTICSEARCH_ADMIN_PASSWORD={{elasticsearch_superuser_password}}
262262
ELASTICSEARCH_ADMIN_USER=elastic

0 commit comments

Comments
 (0)