(fix): fix database bootstrap

developmentseed · Mar 12, 2024 · 6df5681 · 6df5681
1 parent 4425253
commit 6df5681
Show file tree

Hide file tree

Showing 4 changed files with 63 additions and 62 deletions.
diff --git a/lib/database/bootstrapper_runtime/Dockerfile b/lib/database/bootstrapper_runtime/Dockerfile
@@ -17,4 +17,4 @@ RUN rm -rf /asset/asyncio*
 
 # A command must be present avoid the following error on CDK deploy:
 # Error response from daemon: No command specified
-CMD [ "echo", "ready to go!" ]
+CMD [ "echo", "ready to go!" ]
diff --git a/lib/database/bootstrapper_runtime/handler.py b/lib/database/bootstrapper_runtime/handler.py
@@ -119,8 +119,8 @@ def create_user(cursor, username: str, password: str) -> None:
     )
 
 
-def create_permissions(cursor, db_name: str, username: str) -> None:
-    """Add permissions."""
+def update_user_permissions(cursor, db_name: str, username: str) -> None:
+    """Update eoAPI user permissions."""
     cursor.execute(
         sql.SQL(
             "GRANT CONNECT ON DATABASE {db_name} TO {username};"
@@ -181,94 +181,95 @@ def handler(event, context):
 
     try:
         params = event["ResourceProperties"]
-        connection_params = get_secret(params["conn_secret_arn"])
-        user_params = get_secret(params["new_user_secret_arn"])
-
-        print("Connecting to admin DB...")
-        admin_db_conninfo = make_conninfo(
-            dbname=connection_params.get("dbname", "postgres"),
-            user=connection_params["username"],
-            password=connection_params["password"],
-            host=connection_params["host"],
-            port=connection_params["port"],
+
+        # Admin (AWS RDS) user/password/dbname parameters
+        admin_params = get_secret(params["conn_secret_arn"])
+
+        # Custom eoAPI user/password/dbname parameters
+        eoapi_params = get_secret(params["new_user_secret_arn"])
+
+        print("Connecting to RDS...")
+        rds_conninfo = make_conninfo(
+            dbname=admin_params.get("dbname", "postgres"),
+            user=admin_params["username"],
+            password=admin_params["password"],
+            host=admin_params["host"],
+            port=admin_params["port"],
         )
-        with psycopg.connect(admin_db_conninfo, autocommit=True) as conn:
+        with psycopg.connect(rds_conninfo, autocommit=True) as conn:
             with conn.cursor() as cur:
-                print("Creating database...")
+                print(f"Creating eoAPI *{eoapi_params['dbname']}* database...")
                 create_db(
                     cursor=cur,
-                    db_name=user_params["dbname"],
+                    db_name=eoapi_params["dbname"],
                 )
 
-                print("Creating user...")
+                print(f"Creating eoAPI *{eoapi_params['username']}* user...")
                 create_user(
                     cursor=cur,
-                    username=user_params["username"],
-                    password=user_params["password"],
+                    username=eoapi_params["username"],
+                    password=eoapi_params["password"],
                 )
 
-        # Install extensions on the user DB with
-        # superuser permissions, since they will
-        # otherwise fail to install when run as
-        # the non-superuser within the pgstac
-        # migrations.
-        print("Connecting to STAC DB...")
-        stac_db_conninfo = make_conninfo(
-            dbname=user_params["dbname"],
-            user=connection_params["username"],
-            password=connection_params["password"],
-            host=connection_params["host"],
-            port=connection_params["port"],
+        # Install postgis and pgstac on the eoapi database with
+        # superuser permissions
+        print(f"Connecting to eoAPI *{eoapi_params['dbname']}* database...")
+        eoapi_db_admin_conninfo = make_conninfo(
+            dbname=eoapi_params["dbname"],
+            user=admin_params["username"],
+            password=admin_params["password"],
+            host=admin_params["host"],
+            port=admin_params["port"],
         )
-        with psycopg.connect(stac_db_conninfo, autocommit=True) as conn:
+        with psycopg.connect(eoapi_db_admin_conninfo, autocommit=True) as conn:
             with conn.cursor() as cur:
-                print("Registering PostGIS ...")
+                print(
+                    f"Registering Extension in *{eoapi_params['dbname']}* database..."
+                )
                 register_extensions(cursor=cur)
 
-        stac_db_admin_dsn = (
-            "postgresql://{user}:{password}@{host}:{port}/{dbname}".format(
-                dbname=user_params.get("dbname", "postgres"),
-                user=connection_params["username"],
-                password=connection_params["password"],
-                host=connection_params["host"],
-                port=connection_params["port"],
-            )
-        )
-
-        with PgstacDB(dsn=stac_db_admin_dsn, debug=True) as pgdb:
-            print(f"Current {pgdb.version=}")
+            print("Starting PgSTAC Migration ")
+            with PgstacDB(connection=conn, debug=True) as pgdb:
+                print(f"Current PgSTAC Version: {pgdb.version}")
 
-            # As admin, run migrations
-            print("Running migrations...")
-            Migrate(pgdb).run_migration(params["pgstac_version"])
+                print(f"Running migrations to PgSTAC {params['pgstac_version']}...")
+                Migrate(pgdb).run_migration(params["pgstac_version"])
 
-        # Assign appropriate permissions to user (requires pgSTAC migrations to have run)
-        with psycopg.connect(admin_db_conninfo, autocommit=True) as conn:
+            # Update permissions to eoAPI user to assume pgstac_* roles
             with conn.cursor() as cur:
-                print("Setting permissions...")
-                create_permissions(
+                print(f"Update *{eoapi_params['username']}* permissions...")
+                update_user_permissions(
                     cursor=cur,
-                    db_name=user_params["dbname"],
-                    username=user_params["username"],
+                    db_name=eoapi_params["dbname"],
+                    username=eoapi_params["username"],
                 )
 
-        print("Customize PgSTAC database...")
+        stac_db_admin_dsn = (
+            "postgresql://{user}:{password}@{host}:{port}/{dbname}".format(
+                dbname=eoapi_params["dbname"],
+                user=admin_params["username"],
+                password=admin_params["password"],
+                host=admin_params["host"],
+                port=admin_params["port"],
+            )
+        )
         with psycopg.connect(
             stac_db_admin_dsn,
             autocommit=True,
             options="-c search_path=pgstac,public -c application_name=pgstac",
         ) as conn:
+            print("Customize PgSTAC database...")
             with conn.cursor() as cur:
                 customization(cursor=cur, params=params)
 
         # Make sure the user can access the database
         stac_db_user_dsn = (
             "postgresql://{user}:{password}@{host}:{port}/{dbname}".format(
-                dbname=user_params.get("dbname", "postgres"),
-                user=user_params["username"],
-                password=user_params["password"],
-                host=connection_params["host"],
-                port=connection_params["port"],
+                dbname=eoapi_params["dbname"],
+                user=eoapi_params["username"],
+                password=eoapi_params["password"],
+                host=admin_params["host"],
+                port=admin_params["port"],
             )
         )
         with PgstacDB(dsn=stac_db_user_dsn, debug=True) as pgdb:

diff --git a/lib/database/index.ts b/lib/database/index.ts
@@ -14,7 +14,7 @@ import { Construct } from "constructs";
 import { CustomLambdaFunctionProps } from "../utils";
 
 const instanceSizes: Record<string, number> = require("./instance-memory.json");
-const DEFAULT_PGSTAC_VERSION = "0.7.1";
+const DEFAULT_PGSTAC_VERSION = "0.8.4";
 
 let defaultPgSTACCustomOptions :{ [key: string]: any } = {
   "context": "FALSE",

diff --git a/lib/ingestor-api/runtime/requirements.txt b/lib/ingestor-api/runtime/requirements.txt
@@ -5,7 +5,7 @@ orjson>=3.6.8
 psycopg[binary,pool]>=3.0.15
 pydantic_ssm_settings>=0.2.0
 pydantic>=1.9.0
-pypgstac==0.7.1
+pypgstac==0.8.4
 requests>=2.27.1
 # Waiting for https://github.com/stac-utils/stac-pydantic/pull/116
 stac-pydantic @ git+https://github.com/alukach/stac-pydantic.git@patch-1