feat: add owner-creds to graphql bootstrap (#18)

Author: scarmuega

bootstrap/feature/creds.tf

@@ -0,0 +1,27 @@
+resource "kubernetes_secret" "dbcreds" {
+  metadata {
+    namespace = var.namespace
+    name      = var.dbcreds_secret_name
+  }
+
+  data = {
+    username = var.dbcreds.username
+    password = var.dbcreds.password
+  }
+
+  type = "Opaque"
+}
+
+resource "kubernetes_secret" "ownercreds" {
+  metadata {
+    namespace = var.namespace
+    name      = var.ownercreds_secret_name
+  }
+
+  data = {
+    username = var.ownercreds.username
+    password = var.ownercreds.password
+  }
+
+  type = "Opaque"
+}

bootstrap/feature/dbcreds.tf

@@ -21,11 +21,23 @@ variable "dbcreds" {
   })
 }
 
+variable "ownercreds" {
+  type = object({
+    username = string
+    password = string
+  })
+}
+
 variable "dbcreds_secret_name" {
   type    = string
   default = "scrolls-dbcreds"
 }
 
+variable "ownercreds_secret_name" {
+  type    = string
+  default = "scrolls-ownercreds"
+}
+
 variable "metrics_delay" {
   description = "The inverval for polling metrics data (in seconds)"
   default     = "30"

bootstrap/feature/main.tf

@@ -49,6 +49,14 @@ resource "kubernetes_deployment_v1" "scrolls" {
           image             = "${var.image}:${var.image_tag}"
           image_pull_policy = "IfNotPresent"
 
+          args = [
+            "--schema",
+            "collections",
+            "--watch",
+            "--owner-connection",
+            "postgres://$(POSTGRES_OWNER_USER):$(POSTGRES_OWNER_PASSWORD)@$(POSTGRES_HOST):5432/${var.postgres_database}"
+          ]
+
           resources {
             limits = {
               cpu    = var.resources.limits.cpu
@@ -86,6 +94,26 @@ resource "kubernetes_deployment_v1" "scrolls" {
             }
           }
 
+          env {
+            name = "POSTGRES_OWNER_USER"
+            value_from {
+              secret_key_ref {
+                key  = "username"
+                name = var.ownercreds_secret_name
+              }
+            }
+          }
+
+          env {
+            name = "POSTGRES_OWNER_PASSWORD"
+            value_from {
+              secret_key_ref {
+                key  = "password"
+                name = var.ownercreds_secret_name
+              }
+            }
+          }
+
           env {
             name  = "POSTGRES_HOST"
             value = var.postgres_host

bootstrap/instance/instance.tf

@@ -30,6 +30,11 @@ variable "dbcreds_secret_name" {
   default = "scrolls-dbcreds"
 }
 
+variable "ownercreds_secret_name" {
+  type    = string
+  default = "scrolls-ownercreds"
+}
+
 variable "port" {
   type    = number
   default = 8000

bootstrap/instance/main.tf

@@ -18,6 +18,7 @@ module "scrolls_v1_feature" {
   source             = "./feature"
   namespace          = var.namespace
   dbcreds            = var.dbcreds
+  ownercreds         = var.ownercreds
   operator_image_tag = var.operator_image_tag
   metrics_delay      = var.metrics_delay
   dns_zone           = var.dns_zone
@@ -51,7 +52,7 @@ module "scrolls_instances" {
   network           = each.value.network
   port              = var.scrolls_port
   postgres_host     = each.value.postgres_host
-  postgres_database = "collections-cardano-${each.value.network}"
+  postgres_database = "cardano-${each.value.network}"
   replicas          = coalesce(each.value.replicas, 1)
   resources = coalesce(each.value.resources, {
     limits : {

bootstrap/main.tf

@@ -34,6 +34,13 @@ variable "dbcreds" {
   })
 }
 
+variable "ownercreds" {
+  type = object({
+    username = string
+    password = string
+  })
+}
+
 // Operator
 variable "operator_image_tag" {
   type = string