search

EngineerBetter / concourse-up

Deprecated - used Control Tower instead
https://github.com/EngineerBetter/control-tower
Apache License 2.0
203 stars 28 forks source link

concourse-up fails on GCP because DB instance connection name is hard-coded #82

Closed gerhard closed 5 years ago

gerhard commented 5 years ago

I am using a dev release against GCP, built from ac867fc7fc77830f7eb9b0488ab338c5f2a6870f (0.17.0 fails because 9147dbbb9c95c46f67c5cfc1e47cae90678ced30):

After the BOSH Director deploys, concourse-up deploy fails with:

ensure that the account has access to "concourse-up:europe-west1:bosh-sxfzulpl" (and make sure there's no typo in that name). Error during createEphemeral for concourse-up:europe-west1:bosh-sxfzulpl: googleapi: Error 403: The client is not authorized to make this request., notAuthorized

I've tracked the failure to *GCPProvider.CreateDatabases, specifically: https://github.com/EngineerBetter/concourse-up/blob/ac867fc7fc77830f7eb9b0488ab338c5f2a6870f/iaas/gcp.go#L451

The first part of the host connection is hard-coded to concourse-up, it should be g.Attr("project")

The issue is trivial, I didn't think a PR was worth the hassle:

cat 0001-Do-not-hard-code-GCP-project-name-in-instance-connec.patch

From cda2c4563c0c94c90c3f6ef236455a15415bcf8e Mon Sep 17 00:00:00 2001
From: Gerhard Lazu <gerhard@lazu.co.uk>
Date: Mon, 21 Jan 2019 15:45:21 +0000
Subject: [PATCH] Do not hard-code GCP project name in instance connection name

GCP SQL instance connection name has the following structure:
[project]:[region]:[instance_id]
---
 iaas/gcp.go | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/iaas/gcp.go b/iaas/gcp.go
index c0671db2..7deca09d 100644
--- a/iaas/gcp.go
+++ b/iaas/gcp.go
@@ -448,7 +448,11 @@ func (g *GCPProvider) WorkerType(w string) {}

 // CreateDatabases creates databases on the server
 func (g *GCPProvider) CreateDatabases(name, username, password string) error {
-   conn := fmt.Sprintf("host=concourse-up:%s:%s user=%s dbname=postgres password=%s sslmode=disable", g.Region(), name, username, password)
+   project, err := g.Attr("project")
+   if err != nil {
+       return err
+   }
+   conn := fmt.Sprintf("host=%s:%s:%s user=%s dbname=postgres password=%s sslmode=disable", project, g.Region(), name, username, password)
    gcpDB, err := sql.Open("cloudsqlpostgres", conn)
    if err != nil {
        return err
--
2.19.1
crsimmons commented 5 years ago

We've implemented your fix. Thanks for raising it!