Skip to content

Commit

Permalink
Merge pull request #1544 from alphagov/samsimpson1/remove-shared-redis
Browse files Browse the repository at this point in the history 
Use local variable instead of file for amazonmq schema
  • Loading branch information
@samsimpson1
samsimpson1 authored Dec 3, 2024
2 parents b2f0f9c + 563c36b commit b9083d7
Showing 1 changed file with 9 additions and 23 deletions.
32 changes: 9 additions & 23 deletions terraform/deployments/govuk-publishing-infrastructure/amazonmq.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,14 @@ locals {
ACTIVE_STANDBY_MULTI_AZ = 2
CLUSTER_MULTI_AZ = 3
}[var.amazonmq_deployment_mode]

amazonmq_schema = templatefile("amazonmq_schema.json.tpl", {
publishing_amazonmq_passwords = {
for user, pw in random_password.mq_user : user => pw.result
}
publishing_amazonmq_broker_name = "PublishingMQ"
govuk_chat_retry_message_ttl = var.amazonmq_govuk_chat_retry_message_ttl
})
}

resource "random_password" "mq_user" {
Expand Down Expand Up @@ -235,28 +243,6 @@ resource "aws_route53_record" "publishing_amazonmq_internal_root_domain_name" {
# Create and invoke a Lambda function to POST the full RabbitMQ config to the
# management API in the target environment.

# TODO: replace this with something less horrible
resource "local_sensitive_file" "amazonmq_rabbitmq_definitions" {
filename = join(".", [
"/tmp/amazonmq_rabbitmq_definitions",
formatdate("YYYY-MM-DD-hhmm-ZZZ", timestamp()),
"json",
])
content = templatefile("amazonmq_schema.json.tpl", {
publishing_amazonmq_passwords = {
for user, pw in random_password.mq_user : user => pw.result
}
publishing_amazonmq_broker_name = "PublishingMQ"
govuk_chat_retry_message_ttl = var.amazonmq_govuk_chat_retry_message_ttl
})
}

data "local_sensitive_file" "amazonmq_rabbitmq_definitions_interpolated" {
depends_on = [local_sensitive_file.amazonmq_rabbitmq_definitions]
filename = local_sensitive_file.amazonmq_rabbitmq_definitions.filename
}


data "aws_iam_policy" "lambda_vpc_access" {
name = "AWSLambdaVPCAccessExecutionRole"
}
Expand Down Expand Up @@ -310,6 +296,6 @@ data "aws_lambda_invocation" "post_config_to_amazonmq" {
url = "${aws_mq_broker.publishing_amazonmq.instances[0].console_url}/api/definitions"
username = "root"
password = random_password.mq_user["root"].result
json_b64 = base64encode(data.local_sensitive_file.amazonmq_rabbitmq_definitions_interpolated.content)
json_b64 = base64encode(local.amazonmq_schema)
})
}

0 comments on commit b9083d7

Please sign in to comment.