1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
|
# frozen_string_literal: true
module GoogleCloud
class SetupCloudsqlInstanceService < ::GoogleCloud::BaseService
INSTANCE_STATE_RUNNABLE = 'RUNNABLE'
OPERATION_STATE_DONE = 'DONE'
DEFAULT_DATABASE_NAME = 'main_db'
DEFAULT_DATABASE_USER = 'main_user'
def execute
return error('Unauthorized user') unless Ability.allowed?(current_user, :admin_project_google_cloud, project)
get_instance_response = google_api_client.get_cloudsql_instance(gcp_project_id, instance_name)
if get_instance_response.state != INSTANCE_STATE_RUNNABLE
return error("CloudSQL instance not RUNNABLE: #{get_instance_response.to_json}")
end
save_instance_ci_vars(get_instance_response)
list_database_response = google_api_client.list_cloudsql_databases(gcp_project_id, instance_name)
list_user_response = google_api_client.list_cloudsql_users(gcp_project_id, instance_name)
existing_database = list_database_response.items.find { |database| database.name == database_name }
existing_user = list_user_response.items.find { |user| user.name == username }
if existing_database && existing_user
save_database_ci_vars
save_user_ci_vars(existing_user)
return success
end
database_response = execute_database_setup(existing_database)
return database_response if database_response[:status] == :error
save_database_ci_vars
user_response = execute_user_setup(existing_user)
return user_response if user_response[:status] == :error
save_user_ci_vars(existing_user)
success
rescue Google::Apis::Error => err
error(message: err.to_json)
end
private
def instance_name
@params[:instance_name]
end
def database_version
@params[:database_version]
end
def database_name
@params.fetch(:database_name, DEFAULT_DATABASE_NAME)
end
def username
@params.fetch(:username, DEFAULT_DATABASE_USER)
end
def password
@password ||= SecureRandom.hex(16)
end
def save_ci_var(key, value, is_masked = false)
create_or_replace_project_vars(environment_name, key, value, @params[:is_protected], is_masked)
end
def save_instance_ci_vars(cloudsql_instance)
primary_ip_address = cloudsql_instance.ip_addresses.first.ip_address
connection_name = cloudsql_instance.connection_name
save_ci_var('GCP_PROJECT_ID', gcp_project_id)
save_ci_var('GCP_CLOUDSQL_INSTANCE_NAME', instance_name)
save_ci_var('GCP_CLOUDSQL_CONNECTION_NAME', connection_name)
save_ci_var('GCP_CLOUDSQL_PRIMARY_IP_ADDRESS', primary_ip_address)
save_ci_var('GCP_CLOUDSQL_VERSION', database_version)
end
def save_database_ci_vars
save_ci_var('GCP_CLOUDSQL_DATABASE_NAME', database_name)
end
def save_user_ci_vars(user_exists)
save_ci_var('GCP_CLOUDSQL_DATABASE_USER', username)
save_ci_var('GCP_CLOUDSQL_DATABASE_PASS', user_exists ? user_exists.password : password, true)
end
def execute_database_setup(database_exists)
return success if database_exists
database_response = google_api_client.create_cloudsql_database(gcp_project_id, instance_name, database_name)
if database_response.status != OPERATION_STATE_DONE
return error("Database creation failed: #{database_response.to_json}")
end
success
end
def execute_user_setup(existing_user)
return success if existing_user
user_response = google_api_client.create_cloudsql_user(gcp_project_id, instance_name, username, password)
if user_response.status != OPERATION_STATE_DONE
return error("User creation failed: #{user_response.to_json}")
end
success
end
end
end
|
