Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Provide DB instance server CA pem as terraform output [DEVOP-5018] #47

Merged
merged 1 commit into from
Sep 3, 2024
Merged

feat: Provide DB instance server CA pem as terraform output [DEVOP-5018] #47

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions modules/google_sql_database_instance/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,12 @@ locals {

tmp_database_flags = local.is_postgres ? local.postgres_database_flags : local.mysql_database_flags
custom_database_flags = merge(var.settings_database_flags, local.tmp_database_flags)

primary_db_server_ca_furthest_expiration_time = reverse(sort([for k, v in google_sql_database_instance.instance.server_ca_cert : v.expiration_time]))[0]
primary_db_server_ca = [for v in google_sql_database_instance.instance.server_ca_cert : v.cert if v.expiration_time == local.primary_db_server_ca_furthest_expiration_time][0]

read_replica_db_server_ca_furthest_expiration_time = var.enable_read_replica ? reverse(sort([for k, v in google_sql_database_instance.read_replica[0].server_ca_cert : v.expiration_time]))[0] : ""
read_replica_db_server_ca = var.enable_read_replica ? [for v in google_sql_database_instance.read_replica[0].server_ca_cert : v.cert if v.expiration_time == local.read_replica_db_server_ca_furthest_expiration_time][0] : ""
}

#These setting will override from code
Expand Down
6 changes: 6 additions & 0 deletions modules/google_sql_database_instance/outputs.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -42,3 +42,9 @@ output "database_version" {
description = "Database version, such as MYSQL_8_0 or POSTGRES_*"
value = google_sql_database_instance.instance.database_version
}

output "primary_db_server_ca" {
description = "Latest CA certificate used by the primary database server"
value = local.primary_db_server_ca
sensitive = true
}
6 changes: 6 additions & 0 deletions modules/google_sql_database_instance/read_replica_outputs.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,3 +37,9 @@ output "read_replica_private_ip_address" {
description = "The first private (`PRIVATE`) IPv4 address assigned. This is a workaround for an issue fixed in Terraform 0.12 but also provides a convenient way to access an IP of a specific type without performing filtering in a Terraform config."
value = try(google_sql_database_instance.read_replica[0].private_ip_address, "")
}

output "read_replica_db_server_ca" {
description = "Latest CA certificate used by the read replica database server"
value = local.read_replica_db_server_ca
sensitive = true
}
Loading