diff --git a/modules/mysql/README.md b/modules/mysql/README.md index fd20edd8..b9e9d66f 100644 --- a/modules/mysql/README.md +++ b/modules/mysql/README.md @@ -7,6 +7,8 @@ | Name | Description | Type | Default | Required | |------|-------------|:----:|:-----:|:-----:| | activation_policy | The activation policy for the master instance. Can be either `ALWAYS`, `NEVER` or `ON_DEMAND`. | string | `ALWAYS` | no | +| additional_databases | A list of databases to be created in your cluster | list | `` | no | +| additional_users | A list of users to be created in your cluster | list | `` | no | | authorized_gae_applications | The list of authorized App Engine project names | list | `` | no | | backup_configuration | The backup configuration block of the Cloud SQL resources This argument will be passed through the master instance directrly.

See [more details](https://www.terraform.io/docs/providers/google/r/sql_database_instance.html). | map | `` | no | | database_flags | The database flags for the master instance. See [more details](https://cloud.google.com/sql/docs/mysql/flags) | list | `` | no | diff --git a/modules/mysql/main.tf b/modules/mysql/main.tf index 1ab66b17..a591ceb0 100644 --- a/modules/mysql/main.tf +++ b/modules/mysql/main.tf @@ -97,3 +97,13 @@ resource "google_sql_user" "default" { password = "${var.user_password == "" ? random_id.user-password.hex : var.user_password}" depends_on = ["google_sql_database_instance.default"] } + +resource "google_sql_user" "additional_users" { + count = "${length(var.additional_users)}" + project = "${var.project_id}" + name = "${lookup(var.additional_users[count.index], "name")}" + password = "${lookup(var.additional_users[count.index], "password", random_id.user-password.hex)}" + host = "${lookup(var.additional_users[count.index], "host", var.user_host)}" + instance = "${google_sql_database_instance.default.name}" + depends_on = ["google_sql_database_instance.default"] +} diff --git a/modules/mysql/variables.tf b/modules/mysql/variables.tf index d7bf5c09..d92c8ff3 100644 --- a/modules/mysql/variables.tf +++ b/modules/mysql/variables.tf @@ -304,7 +304,7 @@ variable "db_collation" { } variable "additional_databases" { - description = "The list of databases for the instacne" + description = "A list of databases to be created in your cluster" default = [] } @@ -322,3 +322,8 @@ variable "user_password" { description = "The password for the default user. If not set, a random one will be generated and available in the generated_user_password output variable." default = "" } + +variable "additional_users" { + description = "A list of users to be created in your cluster" + default = [] +} diff --git a/modules/postgresql/README.md b/modules/postgresql/README.md index f397de45..1ef49750 100644 --- a/modules/postgresql/README.md +++ b/modules/postgresql/README.md @@ -7,6 +7,8 @@ | Name | Description | Type | Default | Required | |------|-------------|:----:|:-----:|:-----:| | activation_policy | The activation policy for the master instance.Can be either `ALWAYS`, `NEVER` or `ON_DEMAND`. | string | `ALWAYS` | no | +| additional_databases | A list of databases to be created in your cluster | list | `` | no | +| additional_users | A list of users to be created in your cluster | list | `` | no | | authorized_gae_applications | The authorized gae applications for the Cloud SQL instances | list | `` | no | | availability_type | The availability type for the master instance.This is only used to set up high availability for the PostgreSQL instance. Can be either `ZONAL` or `REGIONAL`. | string | `ZONAL` | no | | backup_configuration | The backup configuration block of the Cloud SQL resources This argument will be passed through the master instance directrly.

See [more details](https://www.terraform.io/docs/providers/google/r/sql_database_instance.html). | map | `` | no | @@ -45,7 +47,6 @@ | read_replica_zones | The zones for the read replica instancess, it should be something like: `a,b,c`. Given zones are used rotationally for creating read replicas. | string | `` | no | | region | The region of the Cloud SQL resources | string | `us-central1` | no | | tier | The tier for the master instance. | string | `db-f1-micro` | no | -| user_host | The host for the default user | string | `%` | no | | user_labels | The key/value labels for the master instances. | map | `` | no | | user_name | The name of the default user | string | `default` | no | | user_password | The password for the default user. If not set, a random one will be generated and available in the generated_user_password output variable. | string | `` | no | diff --git a/modules/postgresql/main.tf b/modules/postgresql/main.tf index 8e4fae00..a78594e4 100644 --- a/modules/postgresql/main.tf +++ b/modules/postgresql/main.tf @@ -15,7 +15,6 @@ */ locals { - default_user_host = "" ip_configuration_enabled = "${length(keys(var.ip_configuration)) > 0 ? true : false}" ip_configurations = { @@ -93,7 +92,15 @@ resource "google_sql_user" "default" { name = "${var.user_name}" project = "${var.project_id}" instance = "${google_sql_database_instance.default.name}" - host = "${var.user_host}" password = "${var.user_password == "" ? random_id.user-password.hex : var.user_password}" depends_on = ["google_sql_database_instance.default"] } + +resource "google_sql_user" "additional_users" { + count = "${length(var.additional_users)}" + project = "${var.project_id}" + name = "${lookup(var.additional_users[count.index], "name")}" + password = "${lookup(var.additional_users[count.index], "password", random_id.user-password.hex)}" + instance = "${google_sql_database_instance.default.name}" + depends_on = ["google_sql_database_instance.default"] +} diff --git a/modules/postgresql/variables.tf b/modules/postgresql/variables.tf index 312c5fcf..a3f2ed8c 100644 --- a/modules/postgresql/variables.tf +++ b/modules/postgresql/variables.tf @@ -224,7 +224,7 @@ variable "db_collation" { } variable "additional_databases" { - description = "The list of databases for the instacne" + description = "A list of databases to be created in your cluster" default = [] } @@ -233,12 +233,12 @@ variable "user_name" { default = "default" } -variable "user_host" { - description = "The host for the default user" - default = "%" -} - variable "user_password" { description = "The password for the default user. If not set, a random one will be generated and available in the generated_user_password output variable." default = "" } + +variable "additional_users" { + description = "A list of users to be created in your cluster" + default = [] +} diff --git a/test/fixtures/mysql-ha/main.tf b/test/fixtures/mysql-ha/main.tf index adf6a033..6becc333 100644 --- a/test/fixtures/mysql-ha/main.tf +++ b/test/fixtures/mysql-ha/main.tf @@ -133,17 +133,29 @@ module "mysql" { }] } - user_name = "tftest" - user_password = "foobar" - db_name = "${var.mysql_ha_name}" - db_charset = "utf8mb4" - db_collation = "utf8mb4_general_ci" + db_name = "${var.mysql_ha_name}" + db_charset = "utf8mb4" + db_collation = "utf8mb4_general_ci" additional_databases = [ { name = "${var.mysql_ha_name}-additional" charset = "utf8mb4" collation = "utf8mb4_general_ci" - } + }, + ] + + user_name = "tftest" + user_password = "foobar" + + additional_users = [ + { + name = "tftest2" + password = "abcdefg" + }, + { + name = "tftest3" + host = "localhost" + }, ] } diff --git a/test/fixtures/postgresql-ha/main.tf b/test/fixtures/postgresql-ha/main.tf index e77ed409..4f9aa008 100644 --- a/test/fixtures/postgresql-ha/main.tf +++ b/test/fixtures/postgresql-ha/main.tf @@ -98,17 +98,29 @@ module "pg" { }] } - user_name = "tftest" - user_password = "foobar" - db_name = "${var.pg_ha_name}" - db_charset = "UTF8" - db_collation = "en_US.UTF8" + db_name = "${var.pg_ha_name}" + db_charset = "UTF8" + db_collation = "en_US.UTF8" additional_databases = [ { name = "${var.pg_ha_name}-additional" charset = "UTF8" collation = "en_US.UTF8" - } + }, + ] + + user_name = "tftest" + user_password = "foobar" + + additional_users = [ + { + name = "tftest2" + password = "abcdefg" + }, + { + name = "tftest3" + host = "localhost" + }, ] } diff --git a/test/integration/mysql-ha/controls/mysql.rb b/test/integration/mysql-ha/controls/mysql.rb index 3a3f229f..05b42bbf 100644 --- a/test/integration/mysql-ha/controls/mysql.rb +++ b/test/integration/mysql-ha/controls/mysql.rb @@ -130,6 +130,11 @@ end end -describe google_sql_users(project: project_id, database: basename).where(user_name: /\Atftest\z/) do +describe google_sql_users(project: project_id, database: basename).where(user_name: /\Atftest/) do + its(:count) { should be 3 } + it { should exist } +end + +describe google_sql_users(project: project_id, database: basename).where(user_host: 'localhost') do it { should exist } end diff --git a/test/integration/postgresql-ha/controls/pg.rb b/test/integration/postgresql-ha/controls/pg.rb index 7998f8d5..11f12d98 100644 --- a/test/integration/postgresql-ha/controls/pg.rb +++ b/test/integration/postgresql-ha/controls/pg.rb @@ -96,6 +96,8 @@ end end -describe google_sql_users(project: project_id, database: basename).where(user_name: /\Atftest\z/) do +describe google_sql_users(project: project_id, database: basename).where(user_name: /\Atftest/) do + # NOTE: postgresql has `postgres` as a default user. + its(:count) { should be 4 } it { should exist } end