jordan/rdev
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1790afd0ee
rdev/internal/adapter/cockroach/provisioner.go
jordan f6ced22e06 fix: Use FQDN for k8s service hostnames and remove broken commonLabels 
Short-form DNS names (e.g. postgres.databases.svc) fail to resolve in
new pods due to k8s DNS search domain limitations. Switch all service
hostnames to FQDNs (*.svc.cluster.local).

Remove commonLabels from kustomization.yaml — it injected labels into
all selectors including NetworkPolicy egress rules (blocking DNS to
CoreDNS) and Deployment selectors (causing immutability errors).

Add OTEL_EXPORTER_OTLP_ENDPOINT env var to deployment YAML so the
telemetry collector endpoint uses the FQDN without requiring a binary
rebuild.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-31 20:46:04 -07:00

246 lines
7.4 KiB
Go
Raw Blame History

// Package cockroach provides CockroachDB database provisioning for projects.
// Creates isolated databases and users for each project.
package cockroach
import (
"context"
"crypto/rand"
"database/sql"
"encoding/hex"
"fmt"
"log/slog"
"strings"
"time"
_ "github.com/lib/pq" // PostgreSQL driver (CockroachDB is PG-compatible)
"github.com/orchard9/rdev/internal/domain"
)
// Provisioner implements port.DatabaseProvisioner using CockroachDB.
type Provisioner struct {
db *sql.DB
host string
port int
logger *slog.Logger
}
// Config holds CockroachDB provisioner configuration.
type Config struct {
Host string // e.g., "cockroachdb-public.databases.svc.cluster.local"
Port int // e.g., 26257
User string // e.g., "root" (for insecure mode)
SSLMode string // e.g., "disable" (for insecure mode)
}
// NewProvisioner creates a new CockroachDB database provisioner.
func NewProvisioner(cfg Config, logger *slog.Logger) (*Provisioner, error) {
if cfg.SSLMode == "" {
cfg.SSLMode = "disable"
}
dsn := fmt.Sprintf("postgresql://%s@%s:%d/defaultdb?sslmode=%s",
cfg.User, cfg.Host, cfg.Port, cfg.SSLMode)
db, err := sql.Open("postgres", dsn)
if err != nil {
return nil, fmt.Errorf("open connection: %w", err)
}
// Configure connection pool
db.SetMaxOpenConns(5)
db.SetMaxIdleConns(2)
db.SetConnMaxLifetime(5 * time.Minute)
// Verify connection
ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
defer cancel()
if err := db.PingContext(ctx); err != nil {
return nil, fmt.Errorf("cockroachdb connection failed: %w", err)
}
return &Provisioner{
db: db,
host: cfg.Host,
port: cfg.Port,
logger: logger,
}, nil
}
// CreateProjectDatabase provisions an isolated database for a project.
func (p *Provisioner) CreateProjectDatabase(ctx context.Context, projectID string) (*domain.DatabaseCredentials, error) {
dbName := p.databaseNameFor(projectID)
username := p.usernameFor(projectID)
password, err := generateToken(32)
if err != nil {
return nil, fmt.Errorf("generate password: %w", err)
}
// Check if database already exists
var exists bool
err = p.db.QueryRowContext(ctx,
"SELECT EXISTS(SELECT 1 FROM information_schema.schemata WHERE catalog_name = $1)",
dbName).Scan(&exists)
if err != nil {
return nil, fmt.Errorf("check database exists: %w", err)
}
if exists {
p.logger.Warn("database already exists, recreating user",
"project_id", projectID,
"database", dbName)
// Drop existing user to recreate with new password
_, _ = p.db.ExecContext(ctx, fmt.Sprintf("DROP USER IF EXISTS %s", quoteIdent(username)))
}
// Create database
if _, err := p.db.ExecContext(ctx, fmt.Sprintf("CREATE DATABASE IF NOT EXISTS %s", quoteIdent(dbName))); err != nil {
return nil, fmt.Errorf("create database: %w", err)
}
// Create user
// In CockroachDB insecure mode, passwords are not enforced but we store one for future TLS mode
if _, err := p.db.ExecContext(ctx, fmt.Sprintf("CREATE USER IF NOT EXISTS %s", quoteIdent(username))); err != nil {
return nil, fmt.Errorf("create user: %w", err)
}
// Grant permissions
if _, err := p.db.ExecContext(ctx, fmt.Sprintf("GRANT ALL ON DATABASE %s TO %s", quoteIdent(dbName), quoteIdent(username))); err != nil {
return nil, fmt.Errorf("grant permissions: %w", err)
}
// Build connection URL
// In insecure mode, password is not used in connection, but we store it for future TLS migration
url := fmt.Sprintf("postgresql://%s@%s:%d/%s?sslmode=disable",
username, p.host, p.port, dbName)
p.logger.Info("created project database",
"project_id", projectID,
"database", dbName,
"username", username)
return &domain.DatabaseCredentials{
ProjectID: projectID,
DatabaseName: dbName,
Username: username,
Password: password,
Host: p.host,
Port: p.port,
SSLMode: "disable",
URL: url,
URLStaging: url, // Same for now; separate staging cluster in future
CreatedAt: time.Now().UTC(),
}, nil
}
// DeleteProjectDatabase removes database access for a project.
func (p *Provisioner) DeleteProjectDatabase(ctx context.Context, projectID string) error {
dbName := p.databaseNameFor(projectID)
username := p.usernameFor(projectID)
// Revoke permissions first
_, _ = p.db.ExecContext(ctx, fmt.Sprintf("REVOKE ALL ON DATABASE %s FROM %s", quoteIdent(dbName), quoteIdent(username)))
// Drop database (CASCADE drops all tables, indexes, etc.)
if _, err := p.db.ExecContext(ctx, fmt.Sprintf("DROP DATABASE IF EXISTS %s CASCADE", quoteIdent(dbName))); err != nil {
p.logger.Warn("failed to drop database", "database", dbName, "error", err)
}
// Drop user
if _, err := p.db.ExecContext(ctx, fmt.Sprintf("DROP USER IF EXISTS %s", quoteIdent(username))); err != nil {
p.logger.Warn("failed to drop user", "username", username, "error", err)
}
p.logger.Info("deleted project database",
"project_id", projectID,
"database", dbName,
"username", username)
return nil
}
// GetProjectDatabase retrieves database credentials for a project.
// Note: Password cannot be retrieved from CockroachDB; use stored credentials.
func (p *Provisioner) GetProjectDatabase(ctx context.Context, projectID string) (*domain.DatabaseCredentials, error) {
dbName := p.databaseNameFor(projectID)
username := p.usernameFor(projectID)
// Check if database exists
var exists bool
err := p.db.QueryRowContext(ctx,
"SELECT EXISTS(SELECT 1 FROM information_schema.schemata WHERE catalog_name = $1)",
dbName).Scan(&exists)
if err != nil {
return nil, fmt.Errorf("check database exists: %w", err)
}
if !exists {
return nil, nil // Database not provisioned
}
// Database exists; construct credentials without password
url := fmt.Sprintf("postgresql://%s@%s:%d/%s?sslmode=disable",
username, p.host, p.port, dbName)
return &domain.DatabaseCredentials{
ProjectID: projectID,
DatabaseName: dbName,
Username: username,
Password: "", // Not available; use credential store
Host: p.host,
Port: p.port,
SSLMode: "disable",
URL: url,
URLStaging: url,
}, nil
}
// TestConnection verifies CockroachDB connectivity.
func (p *Provisioner) TestConnection(ctx context.Context) error {
return p.db.PingContext(ctx)
}
// Close closes the database connection.
func (p *Provisioner) Close() error {
return p.db.Close()
}
// databaseNameFor returns the database name for a project.
func (p *Provisioner) databaseNameFor(projectID string) string {
return "project_" + sanitizeIdentifier(projectID)
}
// usernameFor returns the database username for a project.
func (p *Provisioner) usernameFor(projectID string) string {
return "project_" + sanitizeIdentifier(projectID)
}
// sanitizeIdentifier sanitizes a string for use as a SQL identifier.
// Replaces non-alphanumeric characters with underscores and lowercases.
func sanitizeIdentifier(s string) string {
return strings.Map(func(r rune) rune {
if (r >= 'a' && r <= 'z') || (r >= '0' && r <= '9') || r == '_' {
return r
}
if r >= 'A' && r <= 'Z' {
return r + 32 // lowercase
}
return '_'
}, s)
}
// quoteIdent quotes a SQL identifier to prevent injection.
// CockroachDB uses double quotes for identifiers.
func quoteIdent(s string) string {
return `"` + strings.ReplaceAll(s, `"`, `""`) + `"`
}
// generateToken generates a cryptographically secure random token.
func generateToken(length int) (string, error) {
bytes := make([]byte, length)
if _, err := rand.Read(bytes); err != nil {
return "", err
}
return hex.EncodeToString(bytes), nil
}
Reference in New Issue View Git Blame Copy Permalink