database things

2026-06-08 11:17:27 +00:00 · 2026-02-09 22:10:27 +00:00 · 2026-02-09 22:10:27 +00:00 · 851432b357
commit 851432b357
parent 5a995c8443
4 changed files with 46 additions and 12 deletions
--- a/.github/workflows/_build_image.yml
+++ b/.github/workflows/_build_image.yml
@ -34,14 +34,19 @@ on:
        required: true
      DEV_DB_HOST:
        required: false
-      REAL_DB_HOST:
+      DEV_DB_PORT:
+        required: false
+      DEV_DB_NAME:
        required: false

 jobs:
  build:
    runs-on: ubuntu-latest
+
    env:
      DEV_DB_HOST: ${{ secrets.DEV_DB_HOST }}
+      DEV_DB_PORT: ${{ secrets.DEV_DB_PORT }}
+      DEV_DB_NAME: ${{ secrets.DEV_DB_NAME }}

    outputs:
      image_digest: ${{ steps.digest.outputs.image_digest }}
@ -82,11 +87,7 @@ jobs:
            temp=$(eval echo "$line")
            BUILD_ARGS="$BUILD_ARGS --build-arg $temp"
          done <<< "${{ inputs.build_args }}"
-
-          echo "dev db host: $DEV_DB_HOST"
-          echo "real db host: $REAL_DB_HOST"
-          echo "aws_key_id: $AWS_ACCESS_KEY_ID"
-      
+          
          docker build \
            -f ${{ inputs.dockerfile_path }} \
            $BUILD_ARGS \
@ -103,4 +104,4 @@ jobs:
            --image-ids imageTag=${GITHUB_SHA} \
            --query 'imageDetails[0].imageDigest' \
            --output text)
-          echo "image_digest=$DIGEST" >> "$GITHUB_OUTPUT"
+          echo "image_digest=$DIGEST" >> "$GITHUB_OUTPUT"
--- a/.github/workflows/deploy_terraform.yml
+++ b/.github/workflows/deploy_terraform.yml
@ -116,6 +116,10 @@ jobs:
      ecr_repo: postcode_splitter-${{ needs.determine_stage.outputs.stage }}
      dockerfile_path: backend/postcode_splitter/handler/Dockerfile
      build_context: .
+      build_args: |
+        DEV_DB_HOST=$DEV_DB_HOST
+        DEV_DB_PORT=$DEV_DB_PORT
+        DEV_DB_NAME=$DEV_DB_NAME
    secrets:
      AWS_ACCESS_KEY_ID: ${{ secrets.DEV_AWS_ACCESS_KEY_ID }}
      AWS_SECRET_ACCESS_KEY: ${{ secrets.DEV_AWS_SECRET_ACCESS_KEY }}
--- a/backend/postcode_splitter/handler/Dockerfile
+++ b/backend/postcode_splitter/handler/Dockerfile
@ -1,5 +1,13 @@
 FROM public.ecr.aws/lambda/python:3.11

+ARG DEV_DB_HOST
+ARG DEV_DB_PORT
+ARG DEV_DB_NAME
+
+ENV DB_HOST=${DEV_DB_HOST}
+ENV DB_PORT=${DEV_DB_PORT}
+ENV DB_NAME=${DEV_DB_NAME}
+
 # Set working directory (Lambda task root)
 WORKDIR /var/task

--- a/infrastructure/terraform/lambda/postcodeSplitter/main.tf
+++ b/infrastructure/terraform/lambda/postcodeSplitter/main.tf
@ -1,3 +1,20 @@
+data "terraform_remote_state" "shared" {
+  backend = "s3"
+  config = {
+    bucket = "assessment-model-terraform-state"
+    key = "env:/${var.stage}/terraform.tfstate" # TODO: dont hardcode this
+    region = "eu-west-2"
+  }
+}
+data "aws_secretsmanager_secret_version" "db_credentials" {
+  secret_id = "${var.stage}/assessment_model/db_credentials"
+}
+
+
+locals {
+  db_credentials = jsondecode(data.aws_secretsmanager_secret_version.db_credentials.secret_string)
+}
+
 module "lambda" {
  source = "../modules/lambda_with_sqs"

@ -7,8 +24,12 @@ module "lambda" {
  image_uri = local.image_uri


-  environment = {
-    STAGE = var.stage
-    LOG_LEVEL = "info"
-  }
-}
+  environment = merge(
+    {
+      STAGE     = var.stage
+      LOG_LEVEL = "info"
+      DB_USERNAME = local.db_credentials.db_assessment_model_username
+      DB_PASSWORD = local.db_credentials.db_assessment_model_password
+    },
+  )
+}