From a7eaff35d317956ce46b3d014ca449d203d06cd0 Mon Sep 17 00:00:00 2001 From: Imran Nayer Date: Fri, 1 Nov 2024 20:26:08 +0000 Subject: [PATCH 1/8] added postgres 17 in example --- examples/postgresql-with-cross-region-failover/main.tf | 4 ++-- modules/postgresql/variables.tf | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/examples/postgresql-with-cross-region-failover/main.tf b/examples/postgresql-with-cross-region-failover/main.tf index ec047dbb..07ac5a87 100644 --- a/examples/postgresql-with-cross-region-failover/main.tf +++ b/examples/postgresql-with-cross-region-failover/main.tf @@ -52,7 +52,7 @@ module "pg1" { name = var.pg_name_1 random_instance_name = true project_id = var.project_id - database_version = "POSTGRES_14" + database_version = "POSTGRES_17" region = local.region_1 edition = local.edition @@ -164,7 +164,7 @@ module "pg2" { name = var.pg_name_2 random_instance_name = true project_id = var.project_id - database_version = "POSTGRES_14" + database_version = "POSTGRES_17" region = local.region_2 edition = local.edition diff --git a/modules/postgresql/variables.tf b/modules/postgresql/variables.tf index 0d50fd54..26453f2d 100644 --- a/modules/postgresql/variables.tf +++ b/modules/postgresql/variables.tf @@ -49,7 +49,7 @@ variable "database_version" { validation { condition = (length(var.database_version) >= 9 && ((upper(substr(var.database_version, 0, 9)) == "POSTGRES_") && can(regex("^\\d+(?:_?\\d)*$", substr(var.database_version, 9, -1))))) || can(regex("^\\d+(?:_?\\d)*$", var.database_version)) - error_message = "The specified database version is not a valid representaion of database version. Valid database versions should be like the following patterns:- \"9_6\", \"postgres_9_6\", \"POSTGRES_14\" or \"POSTGRES_15\"" + error_message = "The specified database version is not a valid representation of database version. Valid database versions should be like the following patterns:- \"9_6\", \"postgres_9_6\", \"POSTGRES_14\", \"POSTGRES_15\", \"POSTGRES_17\" or \"POSTGRES_17\"" } } From 01deb98152d72f272bdbdd6c3b791f7d151cac0f Mon Sep 17 00:00:00 2001 From: Imran Nayer Date: Fri, 1 Nov 2024 21:12:47 +0000 Subject: [PATCH 2/8] added variable maintenance_version --- modules/mssql/main.tf | 1 + modules/mssql/variables.tf | 5 +++++ modules/mysql/main.tf | 1 + modules/mysql/variables.tf | 5 +++++ modules/postgresql/main.tf | 1 + modules/postgresql/variables.tf | 5 +++++ .../postgresql_cross_region_failover_test.go | 2 +- 7 files changed, 19 insertions(+), 1 deletion(-) diff --git a/modules/mssql/main.tf b/modules/mssql/main.tf index 569ba30f..7464ce24 100644 --- a/modules/mssql/main.tf +++ b/modules/mssql/main.tf @@ -47,6 +47,7 @@ resource "google_sql_database_instance" "default" { project = var.project_id name = var.random_instance_name ? "${var.name}-${random_id.suffix[0].hex}" : var.name database_version = var.database_version + maintenance_version = var.maintenance_version region = var.region encryption_key_name = var.encryption_key_name root_password = coalesce(var.root_password, random_password.root-password.result) diff --git a/modules/mssql/variables.tf b/modules/mssql/variables.tf index 205e845d..967333e0 100644 --- a/modules/mssql/variables.tf +++ b/modules/mssql/variables.tf @@ -49,6 +49,11 @@ variable "database_version" { default = "SQLSERVER_2017_STANDARD" } +variable "maintenance_version" { + description = "The current software version on the instance. This attribute can not be set during creation. Refer to available_maintenance_versions attribute to see what maintenance_version are available for upgrade. When this attribute gets updated, it will cause an instance restart. Setting a maintenance_version value that is older than the current one on the instance will be ignored" + type = string +} + // required variable "region" { type = string diff --git a/modules/mysql/main.tf b/modules/mysql/main.tf index 1816747d..b7ae1379 100644 --- a/modules/mysql/main.tf +++ b/modules/mysql/main.tf @@ -56,6 +56,7 @@ resource "google_sql_database_instance" "default" { project = var.project_id name = local.master_instance_name database_version = var.database_version + maintenance_version = var.maintenance_version region = var.region master_instance_name = var.master_instance_name instance_type = var.instance_type diff --git a/modules/mysql/variables.tf b/modules/mysql/variables.tf index 2e3ef634..d7b729c8 100644 --- a/modules/mysql/variables.tf +++ b/modules/mysql/variables.tf @@ -42,6 +42,11 @@ variable "database_version" { type = string } +variable "maintenance_version" { + description = "The current software version on the instance. This attribute can not be set during creation. Refer to available_maintenance_versions attribute to see what maintenance_version are available for upgrade. When this attribute gets updated, it will cause an instance restart. Setting a maintenance_version value that is older than the current one on the instance will be ignored" + type = string +} + // required variable "region" { description = "The region of the Cloud SQL resources" diff --git a/modules/postgresql/main.tf b/modules/postgresql/main.tf index ca37538d..4adf4e4d 100644 --- a/modules/postgresql/main.tf +++ b/modules/postgresql/main.tf @@ -58,6 +58,7 @@ resource "google_sql_database_instance" "default" { project = var.project_id name = local.instance_name database_version = can(regex("\\d", substr(var.database_version, 0, 1))) ? format("POSTGRES_%s", var.database_version) : replace(var.database_version, substr(var.database_version, 0, 8), "POSTGRES") + maintenance_version = var.maintenance_version region = var.region encryption_key_name = var.encryption_key_name deletion_protection = var.deletion_protection diff --git a/modules/postgresql/variables.tf b/modules/postgresql/variables.tf index 26453f2d..54c98739 100644 --- a/modules/postgresql/variables.tf +++ b/modules/postgresql/variables.tf @@ -53,6 +53,11 @@ variable "database_version" { } } +variable "maintenance_version" { + description = "The current software version on the instance. This attribute can not be set during creation. Refer to available_maintenance_versions attribute to see what maintenance_version are available for upgrade. When this attribute gets updated, it will cause an instance restart. Setting a maintenance_version value that is older than the current one on the instance will be ignored" + type = string +} + // required variable "region" { type = string diff --git a/test/integration/postgresql-with-cross-region-failover/postgresql_cross_region_failover_test.go b/test/integration/postgresql-with-cross-region-failover/postgresql_cross_region_failover_test.go index fa2a5dd8..7e2bb046 100644 --- a/test/integration/postgresql-with-cross-region-failover/postgresql_cross_region_failover_test.go +++ b/test/integration/postgresql-with-cross-region-failover/postgresql_cross_region_failover_test.go @@ -59,7 +59,7 @@ func TestPostgreSqlCrossRegionFailover(t *testing.T) { assert.Equal(1, len(authNetworks), "Expected one auth network") /// assert standard database settings - assert.Equal("POSTGRES_14", op.Get("databaseVersion").String(), "Expected POSTGRES_14 databaseVersion") + assert.Equal("POSTGRES_17", op.Get("databaseVersion").String(), "Expected POSTGRES_17 databaseVersion") assert.Equal("SECOND_GEN", op.Get("backendType").String(), "Expected SECOND_GEN backendType") assert.Equal("RUNNABLE", op.Get("state").String(), "Expected RUNNABLE state") assert.Equal("us-central1", op.Get("region").String(), "Expected us-central1 region") From 7059631262a3b804c68e2484ee2b9e416b626c39 Mon Sep 17 00:00:00 2001 From: Imran Nayer Date: Fri, 1 Nov 2024 21:17:43 +0000 Subject: [PATCH 3/8] added variable maintenance_version --- modules/mssql/README.md | 1 + modules/mssql/variables.tf | 1 + modules/mysql/README.md | 1 + modules/mysql/variables.tf | 1 + modules/postgresql/README.md | 1 + modules/postgresql/variables.tf | 1 + modules/safer_mysql/README.md | 1 + modules/safer_mysql/main.tf | 1 + modules/safer_mysql/variables.tf | 6 ++++++ 9 files changed, 14 insertions(+) diff --git a/modules/mssql/README.md b/modules/mssql/README.md index 97c7d054..f845cf90 100644 --- a/modules/mssql/README.md +++ b/modules/mssql/README.md @@ -61,6 +61,7 @@ module "mssql" { | follow\_gae\_application | A Google App Engine application whose zone to remain in. Must be in the same region as this instance. | `string` | `null` | no | | instance\_type | The type of the instance. The supported values are SQL\_INSTANCE\_TYPE\_UNSPECIFIED, CLOUD\_SQL\_INSTANCE, ON\_PREMISES\_INSTANCE and READ\_REPLICA\_INSTANCE. Set to READ\_REPLICA\_INSTANCE when primary\_instance\_name is provided | `string` | `"CLOUD_SQL_INSTANCE"` | no | | ip\_configuration | The ip configuration for the Cloud SQL instances. | 
object({
    authorized_networks = optional(list(map(string)), [])
    ipv4_enabled        = optional(bool)
    private_network     = optional(string)
    allocated_ip_range  = optional(string)
    ssl_mode            = optional(string)
  })
| 
{
  "allocated_ip_range": null,
  "authorized_networks": [],
  "ipv4_enabled": true,
  "private_network": null,
  "ssl_mode": null
}
| no | +| maintenance\_version | The current software version on the instance. This attribute can not be set during creation. Refer to available\_maintenance\_versions attribute to see what maintenance\_version are available for upgrade. When this attribute gets updated, it will cause an instance restart. Setting a maintenance\_version value that is older than the current one on the instance will be ignored | `string` | `null` | no | | maintenance\_window\_day | The day of week (1-7) for the Cloud SQL maintenance. | `number` | `1` | no | | maintenance\_window\_hour | The hour of day (0-23) maintenance window for the Cloud SQL maintenance. | `number` | `23` | no | | maintenance\_window\_update\_track | The update track of maintenance window for the Cloud SQL maintenance.Can be either `canary` or `stable`. | `string` | `"canary"` | no | diff --git a/modules/mssql/variables.tf b/modules/mssql/variables.tf index 967333e0..6eeee7c4 100644 --- a/modules/mssql/variables.tf +++ b/modules/mssql/variables.tf @@ -52,6 +52,7 @@ variable "database_version" { variable "maintenance_version" { description = "The current software version on the instance. This attribute can not be set during creation. Refer to available_maintenance_versions attribute to see what maintenance_version are available for upgrade. When this attribute gets updated, it will cause an instance restart. Setting a maintenance_version value that is older than the current one on the instance will be ignored" type = string + default = null } // required diff --git a/modules/mysql/README.md b/modules/mysql/README.md index d488eacb..6804ed60 100644 --- a/modules/mysql/README.md +++ b/modules/mysql/README.md @@ -78,6 +78,7 @@ module "mysql-db" { | insights\_config | The insights\_config settings for the database. | 
object({
    query_plans_per_minute  = number
    query_string_length     = number
    record_application_tags = bool
    record_client_address   = bool
  })
| `null` | no | | instance\_type | Users can upgrade a read replica instance to a stand-alone Cloud SQL instance with the help of instance\_type. To promote, users have to set the instance\_type property as CLOUD\_SQL\_INSTANCE and remove/unset master\_instance\_name and replica\_configuration from instance configuration. This operation might cause your instance to restart. | `string` | `null` | no | | ip\_configuration | The ip\_configuration settings subblock | 
object({
    authorized_networks                           = optional(list(map(string)), [])
    ipv4_enabled                                  = optional(bool, true)
    private_network                               = optional(string)
    ssl_mode                                      = optional(string)
    allocated_ip_range                            = optional(string)
    enable_private_path_for_google_cloud_services = optional(bool, false)
    psc_enabled                                   = optional(bool, false)
    psc_allowed_consumer_projects                 = optional(list(string), [])
  })
| `{}` | no | +| maintenance\_version | The current software version on the instance. This attribute can not be set during creation. Refer to available\_maintenance\_versions attribute to see what maintenance\_version are available for upgrade. When this attribute gets updated, it will cause an instance restart. Setting a maintenance\_version value that is older than the current one on the instance will be ignored | `string` | `null` | no | | maintenance\_window\_day | The day of week (1-7) for the master instance maintenance. | `number` | `1` | no | | maintenance\_window\_hour | The hour of day (0-23) maintenance window for the master instance maintenance. | `number` | `23` | no | | maintenance\_window\_update\_track | The update track of maintenance window for the master instance maintenance. Can be either `canary` or `stable`. | `string` | `"canary"` | no | diff --git a/modules/mysql/variables.tf b/modules/mysql/variables.tf index d7b729c8..a2b3e578 100644 --- a/modules/mysql/variables.tf +++ b/modules/mysql/variables.tf @@ -45,6 +45,7 @@ variable "database_version" { variable "maintenance_version" { description = "The current software version on the instance. This attribute can not be set during creation. Refer to available_maintenance_versions attribute to see what maintenance_version are available for upgrade. When this attribute gets updated, it will cause an instance restart. Setting a maintenance_version value that is older than the current one on the instance will be ignored" type = string + default = null } // required diff --git a/modules/postgresql/README.md b/modules/postgresql/README.md index ff7afe61..55106c4c 100644 --- a/modules/postgresql/README.md +++ b/modules/postgresql/README.md @@ -150,6 +150,7 @@ module "pg" { | insights\_config | The insights\_config settings for the database. | 
object({
    query_plans_per_minute  = optional(number, 5)
    query_string_length     = optional(number, 1024)
    record_application_tags = optional(bool, false)
    record_client_address   = optional(bool, false)
  })
| `null` | no | | instance\_type | The type of the instance. The supported values are SQL\_INSTANCE\_TYPE\_UNSPECIFIED, CLOUD\_SQL\_INSTANCE, ON\_PREMISES\_INSTANCE and READ\_REPLICA\_INSTANCE. Set to READ\_REPLICA\_INSTANCE if master\_instance\_name value is provided | `string` | `"CLOUD_SQL_INSTANCE"` | no | | ip\_configuration | The ip configuration for the Cloud SQL instances. | 
object({
    authorized_networks                           = optional(list(map(string)), [])
    ipv4_enabled                                  = optional(bool, true)
    private_network                               = optional(string)
    ssl_mode                                      = optional(string)
    allocated_ip_range                            = optional(string)
    enable_private_path_for_google_cloud_services = optional(bool, false)
    psc_enabled                                   = optional(bool, false)
    psc_allowed_consumer_projects                 = optional(list(string), [])
  })
| `{}` | no | +| maintenance\_version | The current software version on the instance. This attribute can not be set during creation. Refer to available\_maintenance\_versions attribute to see what maintenance\_version are available for upgrade. When this attribute gets updated, it will cause an instance restart. Setting a maintenance\_version value that is older than the current one on the instance will be ignored | `string` | `null` | no | | maintenance\_window\_day | The day of week (1-7) for the Cloud SQL instance maintenance. | `number` | `1` | no | | maintenance\_window\_hour | The hour of day (0-23) maintenance window for the Cloud SQL instance maintenance. | `number` | `23` | no | | maintenance\_window\_update\_track | The update track of maintenance window for the Cloud SQL instance maintenance.Can be either `canary` or `stable`. | `string` | `"canary"` | no | diff --git a/modules/postgresql/variables.tf b/modules/postgresql/variables.tf index 54c98739..e9201ef6 100644 --- a/modules/postgresql/variables.tf +++ b/modules/postgresql/variables.tf @@ -56,6 +56,7 @@ variable "database_version" { variable "maintenance_version" { description = "The current software version on the instance. This attribute can not be set during creation. Refer to available_maintenance_versions attribute to see what maintenance_version are available for upgrade. When this attribute gets updated, it will cause an instance restart. Setting a maintenance_version value that is older than the current one on the instance will be ignored" type = string + default = null } // required diff --git a/modules/safer_mysql/README.md b/modules/safer_mysql/README.md index 6bbd94ad..7c9e8350 100644 --- a/modules/safer_mysql/README.md +++ b/modules/safer_mysql/README.md @@ -265,6 +265,7 @@ module "safer-mysql-db" { | follow\_gae\_application | A Google App Engine application whose zone to remain in. Must be in the same region as this instance. | `string` | `null` | no | | iam\_users | A list of IAM users to be created in your CloudSQL instance. iam.users.type can be CLOUD\_IAM\_USER, CLOUD\_IAM\_SERVICE\_ACCOUNT, CLOUD\_IAM\_GROUP and is required for type CLOUD\_IAM\_GROUP (IAM groups) | 
list(object({
    id    = string,
    email = string,
    type  = optional(string)
  }))
| `[]` | no | | insights\_config | The insights\_config settings for the database. | 
object({
    query_plans_per_minute  = number
    query_string_length     = number
    record_application_tags = bool
    record_client_address   = bool
  })
| `null` | no | +| maintenance\_version | The current software version on the instance. This attribute can not be set during creation. Refer to available\_maintenance\_versions attribute to see what maintenance\_version are available for upgrade. When this attribute gets updated, it will cause an instance restart. Setting a maintenance\_version value that is older than the current one on the instance will be ignored | `string` | `null` | no | | maintenance\_window\_day | The day of week (1-7) for the master instance maintenance. | `number` | `1` | no | | maintenance\_window\_hour | The hour of day (0-23) maintenance window for the master instance maintenance. | `number` | `23` | no | | maintenance\_window\_update\_track | The update track of maintenance window for the master instance maintenance. Can be either `canary` or `stable`. | `string` | `"stable"` | no | diff --git a/modules/safer_mysql/main.tf b/modules/safer_mysql/main.tf index 2aaada4a..e1b333f7 100644 --- a/modules/safer_mysql/main.tf +++ b/modules/safer_mysql/main.tf @@ -20,6 +20,7 @@ module "safer_mysql" { name = var.name random_instance_name = var.random_instance_name database_version = var.database_version + maintenance_version = var.maintenance_version region = var.region zone = var.zone secondary_zone = var.secondary_zone diff --git a/modules/safer_mysql/variables.tf b/modules/safer_mysql/variables.tf index 1d3afc6b..4f5efc8b 100644 --- a/modules/safer_mysql/variables.tf +++ b/modules/safer_mysql/variables.tf @@ -36,6 +36,12 @@ variable "database_version" { type = string } +variable "maintenance_version" { + description = "The current software version on the instance. This attribute can not be set during creation. Refer to available_maintenance_versions attribute to see what maintenance_version are available for upgrade. When this attribute gets updated, it will cause an instance restart. Setting a maintenance_version value that is older than the current one on the instance will be ignored" + type = string + default = null +} + // required variable "region" { description = "The region of the Cloud SQL resources" From 0d13696dbb4c35c1d18921c6c7ac63dce983bbfc Mon Sep 17 00:00:00 2001 From: Imran Nayer Date: Mon, 4 Nov 2024 23:50:59 +0000 Subject: [PATCH 4/8] updated description of variable --- modules/postgresql/README.md | 2 +- modules/postgresql/variables.tf | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/modules/postgresql/README.md b/modules/postgresql/README.md index 55106c4c..d63e871a 100644 --- a/modules/postgresql/README.md +++ b/modules/postgresql/README.md @@ -127,7 +127,7 @@ module "pg" { | database\_deletion\_policy | The deletion policy for the database. Setting ABANDON allows the resource to be abandoned rather than deleted. This is useful for Postgres, where databases cannot be deleted from the API if there are users other than cloudsqlsuperuser with access. Possible values are: "ABANDON". | `string` | `null` | no | | database\_flags | The database flags for the Cloud SQL instance. See [more details](https://cloud.google.com/sql/docs/postgres/flags) | 
list(object({
    name  = string
    value = string
  }))
| `[]` | no | | database\_integration\_roles | The roles required by default database instance service account for integration with GCP services | `list(string)` | `[]` | no | -| database\_version | The database version to use | `string` | n/a | yes | +| database\_version | The database version to use. Can be 9\_6, 14, 15, 16, 17. | `string` | n/a | yes | | db\_charset | The charset for the default database | `string` | `""` | no | | db\_collation | The collation for the default database. Example: 'en\_US.UTF8' | `string` | `""` | no | | db\_name | The name of the default database to create | `string` | `"default"` | no | diff --git a/modules/postgresql/variables.tf b/modules/postgresql/variables.tf index e9201ef6..c2b7bdf2 100644 --- a/modules/postgresql/variables.tf +++ b/modules/postgresql/variables.tf @@ -44,12 +44,12 @@ variable "random_instance_name" { // required variable "database_version" { - description = "The database version to use" + description = "The database version to use. Can be 9_6, 14, 15, 16, 17." type = string validation { condition = (length(var.database_version) >= 9 && ((upper(substr(var.database_version, 0, 9)) == "POSTGRES_") && can(regex("^\\d+(?:_?\\d)*$", substr(var.database_version, 9, -1))))) || can(regex("^\\d+(?:_?\\d)*$", var.database_version)) - error_message = "The specified database version is not a valid representation of database version. Valid database versions should be like the following patterns:- \"9_6\", \"postgres_9_6\", \"POSTGRES_14\", \"POSTGRES_15\", \"POSTGRES_17\" or \"POSTGRES_17\"" + error_message = "The specified database version is not a valid representation of database version. Valid database versions should be like the following patterns:- \"9_6\", \"postgres_9_6\", \"14\", \"POSTGRES_14\", \"15\", \"POSTGRES_15\", \"16\", \"POSTGRES_16\" or \"17\", \"POSTGRES_17\"" } } From 3e661257a78144ce6d20a1dd988a36ce73ccde95 Mon Sep 17 00:00:00 2001 From: Imran Nayer Date: Tue, 5 Nov 2024 03:21:46 +0000 Subject: [PATCH 5/8] fixed issue 634 --- modules/postgresql/main.tf | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/modules/postgresql/main.tf b/modules/postgresql/main.tf index 4adf4e4d..ab7897c1 100644 --- a/modules/postgresql/main.tf +++ b/modules/postgresql/main.tf @@ -137,14 +137,14 @@ resource "google_sql_database_instance" "default" { } } dynamic "insights_config" { - for_each = var.insights_config != null ? [var.insights_config] : [] + for_each = var.insights_config != null ? [var.insights_config] : ["1"] content { - query_insights_enabled = true - query_plans_per_minute = lookup(insights_config.value, "query_plans_per_minute", 5) - query_string_length = lookup(insights_config.value, "query_string_length", 1024) - record_application_tags = lookup(insights_config.value, "record_application_tags", false) - record_client_address = lookup(insights_config.value, "record_client_address", false) + query_insights_enabled = var.insights_config != null ? true : false + query_plans_per_minute = var.insights_config != null ? lookup(insights_config.value, "query_plans_per_minute", 5) : null + query_string_length = var.insights_config != null ? lookup(insights_config.value, "query_string_length", 1024) : null + record_application_tags = var.insights_config != null ? lookup(insights_config.value, "record_application_tags", false) : null + record_client_address = var.insights_config != null ? lookup(insights_config.value, "record_client_address", false) : null } } From 69afdc19607de507436efa5b2a078b3477e4b419 Mon Sep 17 00:00:00 2001 From: Imran Nayer Date: Tue, 5 Nov 2024 03:36:27 +0000 Subject: [PATCH 6/8] updated --- modules/postgresql/main.tf | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/modules/postgresql/main.tf b/modules/postgresql/main.tf index ab7897c1..ceb991ba 100644 --- a/modules/postgresql/main.tf +++ b/modules/postgresql/main.tf @@ -44,7 +44,8 @@ locals { // Force the usage of connector_enforcement connector_enforcement = var.connector_enforcement ? "REQUIRED" : "NOT_REQUIRED" - database_name = var.enable_default_db ? var.db_name : (length(var.additional_databases) > 0 ? var.additional_databases[0].name : "") + database_name = var.enable_default_db ? var.db_name : (length(var.additional_databases) > 0 ? var.additional_databases[0].name : "") + insights_config = var.insights_config != null ? merge({ query_insights_enabled = true }, var.insights_config) : { query_insights_enabled = false } } resource "random_id" "suffix" { @@ -137,14 +138,15 @@ resource "google_sql_database_instance" "default" { } } dynamic "insights_config" { - for_each = var.insights_config != null ? [var.insights_config] : ["1"] + # for_each = var.insights_config != null ? [var.insights_config] : ["1"] + for_each = [local.insights_config] content { - query_insights_enabled = var.insights_config != null ? true : false - query_plans_per_minute = var.insights_config != null ? lookup(insights_config.value, "query_plans_per_minute", 5) : null - query_string_length = var.insights_config != null ? lookup(insights_config.value, "query_string_length", 1024) : null - record_application_tags = var.insights_config != null ? lookup(insights_config.value, "record_application_tags", false) : null - record_client_address = var.insights_config != null ? lookup(insights_config.value, "record_client_address", false) : null + query_insights_enabled = lookup(insights_config.value, "query_insights_enabled", false) + query_plans_per_minute = lookup(insights_config.value, "query_plans_per_minute", 5) + query_string_length = lookup(insights_config.value, "query_string_length", 1024) + record_application_tags = lookup(insights_config.value, "record_application_tags", false) + record_client_address = lookup(insights_config.value, "record_client_address", false) } } From b6ed36b8e27198570263f48c05f1267dcb10dd56 Mon Sep 17 00:00:00 2001 From: Imran Nayer Date: Tue, 5 Nov 2024 03:50:41 +0000 Subject: [PATCH 7/8] fixed query inishgts --- modules/postgresql/README.md | 4 ++-- modules/postgresql/main.tf | 6 ++---- modules/postgresql/read_replica.tf | 2 +- modules/postgresql/variables.tf | 10 +++++++++- 4 files changed, 14 insertions(+), 8 deletions(-) diff --git a/modules/postgresql/README.md b/modules/postgresql/README.md index d63e871a..fa0217e9 100644 --- a/modules/postgresql/README.md +++ b/modules/postgresql/README.md @@ -147,7 +147,7 @@ module "pg" { | encryption\_key\_name | The full path to the encryption key used for the CMEK disk encryption | `string` | `null` | no | | follow\_gae\_application | A Google App Engine application whose zone to remain in. Must be in the same region as this instance. | `string` | `null` | no | | iam\_users | A list of IAM users to be created in your CloudSQL instance. iam.users.type can be CLOUD\_IAM\_USER, CLOUD\_IAM\_SERVICE\_ACCOUNT, CLOUD\_IAM\_GROUP and is required for type CLOUD\_IAM\_GROUP (IAM groups) | 
list(object({
    id    = string,
    email = string,
    type  = optional(string)
  }))
| `[]` | no | -| insights\_config | The insights\_config settings for the database. | 
object({
    query_plans_per_minute  = optional(number, 5)
    query_string_length     = optional(number, 1024)
    record_application_tags = optional(bool, false)
    record_client_address   = optional(bool, false)
  })
| `null` | no | +| insights\_config | The insights\_config settings for the database. | 
object({
    query_insights_enabled  = optional(bool, false)
    query_plans_per_minute  = optional(number, 5)
    query_string_length     = optional(number, 1024)
    record_application_tags = optional(bool, false)
    record_client_address   = optional(bool, false)
  })
| 
{
  "query_insights_enabled": false,
  "query_plans_per_minute": 5,
  "query_string_length": 1024,
  "record_application_tags": false,
  "record_client_address": false
}
| no | | instance\_type | The type of the instance. The supported values are SQL\_INSTANCE\_TYPE\_UNSPECIFIED, CLOUD\_SQL\_INSTANCE, ON\_PREMISES\_INSTANCE and READ\_REPLICA\_INSTANCE. Set to READ\_REPLICA\_INSTANCE if master\_instance\_name value is provided | `string` | `"CLOUD_SQL_INSTANCE"` | no | | ip\_configuration | The ip configuration for the Cloud SQL instances. | 
object({
    authorized_networks                           = optional(list(map(string)), [])
    ipv4_enabled                                  = optional(bool, true)
    private_network                               = optional(string)
    ssl_mode                                      = optional(string)
    allocated_ip_range                            = optional(string)
    enable_private_path_for_google_cloud_services = optional(bool, false)
    psc_enabled                                   = optional(bool, false)
    psc_allowed_consumer_projects                 = optional(list(string), [])
  })
| `{}` | no | | maintenance\_version | The current software version on the instance. This attribute can not be set during creation. Refer to available\_maintenance\_versions attribute to see what maintenance\_version are available for upgrade. When this attribute gets updated, it will cause an instance restart. Setting a maintenance\_version value that is older than the current one on the instance will be ignored | `string` | `null` | no | @@ -164,7 +164,7 @@ module "pg" { | read\_replica\_deletion\_protection | Used to block Terraform from deleting replica SQL Instances. | `bool` | `false` | no | | read\_replica\_deletion\_protection\_enabled | Enables protection of replica instance from accidental deletion across all surfaces (API, gcloud, Cloud Console and Terraform). | `bool` | `false` | no | | read\_replica\_name\_suffix | The optional suffix to add to the read instance name | `string` | `""` | no | -| read\_replicas | List of read replicas to create. Encryption key is required for replica in different region. For replica in same region as master set encryption\_key\_name = null | 
list(object({
    name                  = string
    name_override         = optional(string)
    tier                  = optional(string)
    edition               = optional(string)
    availability_type     = optional(string)
    zone                  = optional(string)
    disk_type             = optional(string)
    disk_autoresize       = optional(bool)
    disk_autoresize_limit = optional(number)
    disk_size             = optional(string)
    user_labels           = map(string)
    database_flags = optional(list(object({
      name  = string
      value = string
    })), [])
    insights_config = optional(object({
      query_plans_per_minute  = optional(number, 5)
      query_string_length     = optional(number, 1024)
      record_application_tags = optional(bool, false)
      record_client_address   = optional(bool, false)
    }), null)
    ip_configuration = object({
      authorized_networks                           = optional(list(map(string)), [])
      ipv4_enabled                                  = optional(bool)
      private_network                               = optional(string, )
      ssl_mode                                      = optional(string)
      allocated_ip_range                            = optional(string)
      enable_private_path_for_google_cloud_services = optional(bool, false)
      psc_enabled                                   = optional(bool, false)
      psc_allowed_consumer_projects                 = optional(list(string), [])
    })
    encryption_key_name = optional(string)
    data_cache_enabled  = optional(bool)
  }))
| `[]` | no | +| read\_replicas | List of read replicas to create. Encryption key is required for replica in different region. For replica in same region as master set encryption\_key\_name = null | 
list(object({
    name                  = string
    name_override         = optional(string)
    tier                  = optional(string)
    edition               = optional(string)
    availability_type     = optional(string)
    zone                  = optional(string)
    disk_type             = optional(string)
    disk_autoresize       = optional(bool)
    disk_autoresize_limit = optional(number)
    disk_size             = optional(string)
    user_labels           = map(string)
    database_flags = optional(list(object({
      name  = string
      value = string
    })), [])
    insights_config = optional(object({
      query_insights_enabled  = optional(bool, false)
      query_plans_per_minute  = optional(number, 5)
      query_string_length     = optional(number, 1024)
      record_application_tags = optional(bool, false)
      record_client_address   = optional(bool, false)
    }), null)
    ip_configuration = object({
      authorized_networks                           = optional(list(map(string)), [])
      ipv4_enabled                                  = optional(bool)
      private_network                               = optional(string, )
      ssl_mode                                      = optional(string)
      allocated_ip_range                            = optional(string)
      enable_private_path_for_google_cloud_services = optional(bool, false)
      psc_enabled                                   = optional(bool, false)
      psc_allowed_consumer_projects                 = optional(list(string), [])
    })
    encryption_key_name = optional(string)
    data_cache_enabled  = optional(bool)
  }))
| `[]` | no | | region | The region of the Cloud SQL resources | `string` | `"us-central1"` | no | | root\_password | Initial root password during creation | `string` | `null` | no | | secondary\_zone | The preferred zone for the replica instance, it should be something like: `us-central1-a`, `us-east1-c`. | `string` | `null` | no | diff --git a/modules/postgresql/main.tf b/modules/postgresql/main.tf index ceb991ba..854a05c9 100644 --- a/modules/postgresql/main.tf +++ b/modules/postgresql/main.tf @@ -44,8 +44,7 @@ locals { // Force the usage of connector_enforcement connector_enforcement = var.connector_enforcement ? "REQUIRED" : "NOT_REQUIRED" - database_name = var.enable_default_db ? var.db_name : (length(var.additional_databases) > 0 ? var.additional_databases[0].name : "") - insights_config = var.insights_config != null ? merge({ query_insights_enabled = true }, var.insights_config) : { query_insights_enabled = false } + database_name = var.enable_default_db ? var.db_name : (length(var.additional_databases) > 0 ? var.additional_databases[0].name : "") } resource "random_id" "suffix" { @@ -138,8 +137,7 @@ resource "google_sql_database_instance" "default" { } } dynamic "insights_config" { - # for_each = var.insights_config != null ? [var.insights_config] : ["1"] - for_each = [local.insights_config] + for_each = [var.insights_config] content { query_insights_enabled = lookup(insights_config.value, "query_insights_enabled", false) diff --git a/modules/postgresql/read_replica.tf b/modules/postgresql/read_replica.tf index c4fce644..2e64ad80 100644 --- a/modules/postgresql/read_replica.tf +++ b/modules/postgresql/read_replica.tf @@ -76,7 +76,7 @@ resource "google_sql_database_instance" "replicas" { for_each = lookup(each.value, "insights_config") != null ? [lookup(each.value, "insights_config")] : var.insights_config != null ? [var.insights_config] : [] content { - query_insights_enabled = true + query_insights_enabled = lookup(insights_config.value, "query_insights_enabled", false) query_plans_per_minute = lookup(insights_config.value, "query_plans_per_minute", 5) query_string_length = lookup(insights_config.value, "query_string_length", 1024) record_application_tags = lookup(insights_config.value, "record_application_tags", false) diff --git a/modules/postgresql/variables.tf b/modules/postgresql/variables.tf index c2b7bdf2..04a4ee48 100644 --- a/modules/postgresql/variables.tf +++ b/modules/postgresql/variables.tf @@ -210,12 +210,19 @@ variable "backup_configuration" { variable "insights_config" { description = "The insights_config settings for the database." type = object({ + query_insights_enabled = optional(bool, false) query_plans_per_minute = optional(number, 5) query_string_length = optional(number, 1024) record_application_tags = optional(bool, false) record_client_address = optional(bool, false) }) - default = null + default = { + query_insights_enabled = false + query_plans_per_minute = 5 + query_string_length = 1024 + record_application_tags = false + record_client_address = false + } } variable "password_validation_policy_config" { @@ -265,6 +272,7 @@ variable "read_replicas" { value = string })), []) insights_config = optional(object({ + query_insights_enabled = optional(bool, false) query_plans_per_minute = optional(number, 5) query_string_length = optional(number, 1024) record_application_tags = optional(bool, false) From e8974f208931b009381a8e7d704687c330fcdd06 Mon Sep 17 00:00:00 2001 From: Imran Nayer Date: Tue, 17 Dec 2024 19:03:44 +0000 Subject: [PATCH 8/8] updated --- modules/postgresql/README.md | 4 ++-- modules/postgresql/main.tf | 5 +++-- modules/postgresql/read_replica.tf | 2 +- modules/postgresql/variables.tf | 10 +--------- 4 files changed, 7 insertions(+), 14 deletions(-) diff --git a/modules/postgresql/README.md b/modules/postgresql/README.md index fa0217e9..d63e871a 100644 --- a/modules/postgresql/README.md +++ b/modules/postgresql/README.md @@ -147,7 +147,7 @@ module "pg" { | encryption\_key\_name | The full path to the encryption key used for the CMEK disk encryption | `string` | `null` | no | | follow\_gae\_application | A Google App Engine application whose zone to remain in. Must be in the same region as this instance. | `string` | `null` | no | | iam\_users | A list of IAM users to be created in your CloudSQL instance. iam.users.type can be CLOUD\_IAM\_USER, CLOUD\_IAM\_SERVICE\_ACCOUNT, CLOUD\_IAM\_GROUP and is required for type CLOUD\_IAM\_GROUP (IAM groups) | 
list(object({
    id    = string,
    email = string,
    type  = optional(string)
  }))
| `[]` | no | -| insights\_config | The insights\_config settings for the database. | 
object({
    query_insights_enabled  = optional(bool, false)
    query_plans_per_minute  = optional(number, 5)
    query_string_length     = optional(number, 1024)
    record_application_tags = optional(bool, false)
    record_client_address   = optional(bool, false)
  })
| 
{
  "query_insights_enabled": false,
  "query_plans_per_minute": 5,
  "query_string_length": 1024,
  "record_application_tags": false,
  "record_client_address": false
}
| no | +| insights\_config | The insights\_config settings for the database. | 
object({
    query_plans_per_minute  = optional(number, 5)
    query_string_length     = optional(number, 1024)
    record_application_tags = optional(bool, false)
    record_client_address   = optional(bool, false)
  })
| `null` | no | | instance\_type | The type of the instance. The supported values are SQL\_INSTANCE\_TYPE\_UNSPECIFIED, CLOUD\_SQL\_INSTANCE, ON\_PREMISES\_INSTANCE and READ\_REPLICA\_INSTANCE. Set to READ\_REPLICA\_INSTANCE if master\_instance\_name value is provided | `string` | `"CLOUD_SQL_INSTANCE"` | no | | ip\_configuration | The ip configuration for the Cloud SQL instances. | 
object({
    authorized_networks                           = optional(list(map(string)), [])
    ipv4_enabled                                  = optional(bool, true)
    private_network                               = optional(string)
    ssl_mode                                      = optional(string)
    allocated_ip_range                            = optional(string)
    enable_private_path_for_google_cloud_services = optional(bool, false)
    psc_enabled                                   = optional(bool, false)
    psc_allowed_consumer_projects                 = optional(list(string), [])
  })
| `{}` | no | | maintenance\_version | The current software version on the instance. This attribute can not be set during creation. Refer to available\_maintenance\_versions attribute to see what maintenance\_version are available for upgrade. When this attribute gets updated, it will cause an instance restart. Setting a maintenance\_version value that is older than the current one on the instance will be ignored | `string` | `null` | no | @@ -164,7 +164,7 @@ module "pg" { | read\_replica\_deletion\_protection | Used to block Terraform from deleting replica SQL Instances. | `bool` | `false` | no | | read\_replica\_deletion\_protection\_enabled | Enables protection of replica instance from accidental deletion across all surfaces (API, gcloud, Cloud Console and Terraform). | `bool` | `false` | no | | read\_replica\_name\_suffix | The optional suffix to add to the read instance name | `string` | `""` | no | -| read\_replicas | List of read replicas to create. Encryption key is required for replica in different region. For replica in same region as master set encryption\_key\_name = null | 
list(object({
    name                  = string
    name_override         = optional(string)
    tier                  = optional(string)
    edition               = optional(string)
    availability_type     = optional(string)
    zone                  = optional(string)
    disk_type             = optional(string)
    disk_autoresize       = optional(bool)
    disk_autoresize_limit = optional(number)
    disk_size             = optional(string)
    user_labels           = map(string)
    database_flags = optional(list(object({
      name  = string
      value = string
    })), [])
    insights_config = optional(object({
      query_insights_enabled  = optional(bool, false)
      query_plans_per_minute  = optional(number, 5)
      query_string_length     = optional(number, 1024)
      record_application_tags = optional(bool, false)
      record_client_address   = optional(bool, false)
    }), null)
    ip_configuration = object({
      authorized_networks                           = optional(list(map(string)), [])
      ipv4_enabled                                  = optional(bool)
      private_network                               = optional(string, )
      ssl_mode                                      = optional(string)
      allocated_ip_range                            = optional(string)
      enable_private_path_for_google_cloud_services = optional(bool, false)
      psc_enabled                                   = optional(bool, false)
      psc_allowed_consumer_projects                 = optional(list(string), [])
    })
    encryption_key_name = optional(string)
    data_cache_enabled  = optional(bool)
  }))
| `[]` | no | +| read\_replicas | List of read replicas to create. Encryption key is required for replica in different region. For replica in same region as master set encryption\_key\_name = null | 
list(object({
    name                  = string
    name_override         = optional(string)
    tier                  = optional(string)
    edition               = optional(string)
    availability_type     = optional(string)
    zone                  = optional(string)
    disk_type             = optional(string)
    disk_autoresize       = optional(bool)
    disk_autoresize_limit = optional(number)
    disk_size             = optional(string)
    user_labels           = map(string)
    database_flags = optional(list(object({
      name  = string
      value = string
    })), [])
    insights_config = optional(object({
      query_plans_per_minute  = optional(number, 5)
      query_string_length     = optional(number, 1024)
      record_application_tags = optional(bool, false)
      record_client_address   = optional(bool, false)
    }), null)
    ip_configuration = object({
      authorized_networks                           = optional(list(map(string)), [])
      ipv4_enabled                                  = optional(bool)
      private_network                               = optional(string, )
      ssl_mode                                      = optional(string)
      allocated_ip_range                            = optional(string)
      enable_private_path_for_google_cloud_services = optional(bool, false)
      psc_enabled                                   = optional(bool, false)
      psc_allowed_consumer_projects                 = optional(list(string), [])
    })
    encryption_key_name = optional(string)
    data_cache_enabled  = optional(bool)
  }))
| `[]` | no | | region | The region of the Cloud SQL resources | `string` | `"us-central1"` | no | | root\_password | Initial root password during creation | `string` | `null` | no | | secondary\_zone | The preferred zone for the replica instance, it should be something like: `us-central1-a`, `us-east1-c`. | `string` | `null` | no | diff --git a/modules/postgresql/main.tf b/modules/postgresql/main.tf index 854a05c9..956c77ac 100644 --- a/modules/postgresql/main.tf +++ b/modules/postgresql/main.tf @@ -136,11 +136,12 @@ resource "google_sql_database_instance" "default" { } } + dynamic "insights_config" { - for_each = [var.insights_config] + for_each = var.insights_config != null ? [var.insights_config] : [] content { - query_insights_enabled = lookup(insights_config.value, "query_insights_enabled", false) + query_insights_enabled = true query_plans_per_minute = lookup(insights_config.value, "query_plans_per_minute", 5) query_string_length = lookup(insights_config.value, "query_string_length", 1024) record_application_tags = lookup(insights_config.value, "record_application_tags", false) diff --git a/modules/postgresql/read_replica.tf b/modules/postgresql/read_replica.tf index 2e64ad80..c4fce644 100644 --- a/modules/postgresql/read_replica.tf +++ b/modules/postgresql/read_replica.tf @@ -76,7 +76,7 @@ resource "google_sql_database_instance" "replicas" { for_each = lookup(each.value, "insights_config") != null ? [lookup(each.value, "insights_config")] : var.insights_config != null ? [var.insights_config] : [] content { - query_insights_enabled = lookup(insights_config.value, "query_insights_enabled", false) + query_insights_enabled = true query_plans_per_minute = lookup(insights_config.value, "query_plans_per_minute", 5) query_string_length = lookup(insights_config.value, "query_string_length", 1024) record_application_tags = lookup(insights_config.value, "record_application_tags", false) diff --git a/modules/postgresql/variables.tf b/modules/postgresql/variables.tf index 04a4ee48..c2b7bdf2 100644 --- a/modules/postgresql/variables.tf +++ b/modules/postgresql/variables.tf @@ -210,19 +210,12 @@ variable "backup_configuration" { variable "insights_config" { description = "The insights_config settings for the database." type = object({ - query_insights_enabled = optional(bool, false) query_plans_per_minute = optional(number, 5) query_string_length = optional(number, 1024) record_application_tags = optional(bool, false) record_client_address = optional(bool, false) }) - default = { - query_insights_enabled = false - query_plans_per_minute = 5 - query_string_length = 1024 - record_application_tags = false - record_client_address = false - } + default = null } variable "password_validation_policy_config" { @@ -272,7 +265,6 @@ variable "read_replicas" { value = string })), []) insights_config = optional(object({ - query_insights_enabled = optional(bool, false) query_plans_per_minute = optional(number, 5) query_string_length = optional(number, 1024) record_application_tags = optional(bool, false)