Merge pull request #27 from namusyaka/enable-multiple-users

enable multiple users

Author: danisla

modules/mysql/README.md

@@ -7,6 +7,8 @@
 | Name | Description | Type | Default | Required |
 |------|-------------|:----:|:-----:|:-----:|
 | activation_policy | The activation policy for the master instance. Can be either `ALWAYS`, `NEVER` or `ON_DEMAND`. | string | `ALWAYS` | no |
+| additional_databases | A list of databases to be created in your cluster | list | `<list>` | no |
+| additional_users | A list of users to be created in your cluster | list | `<list>` | no |
 | authorized_gae_applications | The list of authorized App Engine project names | list | `<list>` | no |
 | backup_configuration | The backup configuration block of the Cloud SQL resources This argument will be passed through the master instance directrly.<br><br>See [more details](https://www.terraform.io/docs/providers/google/r/sql_database_instance.html). | map | `<map>` | no |
 | database_flags | The database flags for the master instance. See [more details](https://cloud.google.com/sql/docs/mysql/flags) | list | `<list>` | no |

modules/mysql/main.tf

@@ -97,3 +97,13 @@ resource "google_sql_user" "default" {
   password   = "${var.user_password == "" ? random_id.user-password.hex : var.user_password}"
   depends_on = ["google_sql_database_instance.default"]
 }
+
+resource "google_sql_user" "additional_users" {
+  count      = "${length(var.additional_users)}"
+  project    = "${var.project_id}"
+  name       = "${lookup(var.additional_users[count.index], "name")}"
+  password   = "${lookup(var.additional_users[count.index], "password", random_id.user-password.hex)}"
+  host       = "${lookup(var.additional_users[count.index], "host", var.user_host)}"
+  instance   = "${google_sql_database_instance.default.name}"
+  depends_on = ["google_sql_database_instance.default"]
+}

modules/mysql/variables.tf

@@ -304,7 +304,7 @@ variable "db_collation" {
 }
 
 variable "additional_databases" {
-  description = "The list of databases for the instacne"
+  description = "A list of databases to be created in your cluster"
   default     = []
 }
 
@@ -322,3 +322,8 @@ variable "user_password" {
   description = "The password for the default user. If not set, a random one will be generated and available in the generated_user_password output variable."
   default     = ""
 }
+
+variable "additional_users" {
+  description = "A list of users to be created in your cluster"
+  default     = []
+}

modules/postgresql/README.md

@@ -7,6 +7,8 @@
 | Name | Description | Type | Default | Required |
 |------|-------------|:----:|:-----:|:-----:|
 | activation_policy | The activation policy for the master instance.Can be either `ALWAYS`, `NEVER` or `ON_DEMAND`. | string | `ALWAYS` | no |
+| additional_databases | A list of databases to be created in your cluster | list | `<list>` | no |
+| additional_users | A list of users to be created in your cluster | list | `<list>` | no |
 | authorized_gae_applications | The authorized gae applications for the Cloud SQL instances | list | `<list>` | no |
 | availability_type | The availability type for the master instance.This is only used to set up high availability for the PostgreSQL instance. Can be either `ZONAL` or `REGIONAL`. | string | `ZONAL` | no |
 | backup_configuration | The backup configuration block of the Cloud SQL resources This argument will be passed through the master instance directrly.<br><br>See [more details](https://www.terraform.io/docs/providers/google/r/sql_database_instance.html). | map | `<map>` | no |
@@ -45,7 +47,6 @@
 | read_replica_zones | The zones for the read replica instancess, it should be something like: `a,b,c`. Given zones are used rotationally for creating read replicas. | string | `` | no |
 | region | The region of the Cloud SQL resources | string | `us-central1` | no |
 | tier | The tier for the master instance. | string | `db-f1-micro` | no |
-| user_host | The host for the default user | string | `%` | no |
 | user_labels | The key/value labels for the master instances. | map | `<map>` | no |
 | user_name | The name of the default user | string | `default` | no |
 | user_password | The password for the default user. If not set, a random one will be generated and available in the generated_user_password output variable. | string | `` | no |

modules/postgresql/main.tf

@@ -15,7 +15,6 @@
  */
 
 locals {
-  default_user_host        = ""
   ip_configuration_enabled = "${length(keys(var.ip_configuration)) > 0 ? true : false}"
 
   ip_configurations = {
@@ -93,7 +92,15 @@ resource "google_sql_user" "default" {
   name       = "${var.user_name}"
   project    = "${var.project_id}"
   instance   = "${google_sql_database_instance.default.name}"
-  host       = "${var.user_host}"
   password   = "${var.user_password == "" ? random_id.user-password.hex : var.user_password}"
   depends_on = ["google_sql_database_instance.default"]
 }
+
+resource "google_sql_user" "additional_users" {
+  count      = "${length(var.additional_users)}"
+  project    = "${var.project_id}"
+  name       = "${lookup(var.additional_users[count.index], "name")}"
+  password   = "${lookup(var.additional_users[count.index], "password", random_id.user-password.hex)}"
+  instance   = "${google_sql_database_instance.default.name}"
+  depends_on = ["google_sql_database_instance.default"]
+}

modules/postgresql/variables.tf

@@ -224,7 +224,7 @@ variable "db_collation" {
 }
 
 variable "additional_databases" {
-  description = "The list of databases for the instacne"
+  description = "A list of databases to be created in your cluster"
   default     = []
 }
 
@@ -233,12 +233,12 @@ variable "user_name" {
   default     = "default"
 }
 
-variable "user_host" {
-  description = "The host for the default user"
-  default     = "%"
-}
-
 variable "user_password" {
   description = "The password for the default user. If not set, a random one will be generated and available in the generated_user_password output variable."
   default     = ""
 }
+
+variable "additional_users" {
+  description = "A list of users to be created in your cluster"
+  default     = []
+}

test/fixtures/mysql-ha/main.tf

@@ -133,17 +133,29 @@ module "mysql" {
     }]
   }
 
-  user_name     = "tftest"
-  user_password = "foobar"
-  db_name       = "${var.mysql_ha_name}"
-  db_charset    = "utf8mb4"
-  db_collation  = "utf8mb4_general_ci"
+  db_name      = "${var.mysql_ha_name}"
+  db_charset   = "utf8mb4"
+  db_collation = "utf8mb4_general_ci"
 
   additional_databases = [
     {
       name      = "${var.mysql_ha_name}-additional"
       charset   = "utf8mb4"
       collation = "utf8mb4_general_ci"
-    }
+    },
+  ]
+
+  user_name     = "tftest"
+  user_password = "foobar"
+
+  additional_users = [
+    {
+      name     = "tftest2"
+      password = "abcdefg"
+    },
+    {
+      name = "tftest3"
+      host = "localhost"
+    },
   ]
 }

test/fixtures/postgresql-ha/main.tf

@@ -98,17 +98,29 @@ module "pg" {
     }]
   }
 
-  user_name     = "tftest"
-  user_password = "foobar"
-  db_name       = "${var.pg_ha_name}"
-  db_charset    = "UTF8"
-  db_collation  = "en_US.UTF8"
+  db_name      = "${var.pg_ha_name}"
+  db_charset   = "UTF8"
+  db_collation = "en_US.UTF8"
 
   additional_databases = [
     {
       name      = "${var.pg_ha_name}-additional"
       charset   = "UTF8"
       collation = "en_US.UTF8"
-    }
+    },
+  ]
+
+  user_name     = "tftest"
+  user_password = "foobar"
+
+  additional_users = [
+    {
+      name     = "tftest2"
+      password = "abcdefg"
+    },
+    {
+      name = "tftest3"
+      host = "localhost"
+    },
   ]
 }

test/integration/mysql-ha/controls/mysql.rb

@@ -130,6 +130,11 @@
   end
 end
 
-describe google_sql_users(project: project_id, database: basename).where(user_name: /\Atftest\z/) do
+describe google_sql_users(project: project_id, database: basename).where(user_name: /\Atftest/) do
+  its(:count) { should be 3 }
+  it { should exist }
+end
+
+describe google_sql_users(project: project_id, database: basename).where(user_host: 'localhost') do
   it { should exist }
 end

test/integration/postgresql-ha/controls/pg.rb

@@ -96,6 +96,8 @@
   end
 end
 
-describe google_sql_users(project: project_id, database: basename).where(user_name: /\Atftest\z/) do
+describe google_sql_users(project: project_id, database: basename).where(user_name: /\Atftest/) do
+  # NOTE: postgresql has `postgres` as a default user.
+  its(:count) { should be 4 }
   it { should exist }
 end