From 585a8a2a5ab78099fadcd062624dc97d0c179c8e Mon Sep 17 00:00:00 2001
From: alexisVLRT <alexisvlrt@gmail.com>
Date: Fri, 21 May 2021 11:25:28 +0200
Subject: [PATCH] refacto: moved db password gen away from top level

---
 IaC/main.tf                                    | 5 -----
 IaC/modules/mlflow/main.tf                     | 2 +-
 IaC/modules/mlflow/secret_manager/main.tf      | 8 ++++++--
 IaC/modules/mlflow/secret_manager/variables.tf | 4 ----
 IaC/modules/mlflow/variables.tf                | 4 ----
 IaC/variables.tf                               | 4 ----
 6 files changed, 7 insertions(+), 20 deletions(-)

diff --git a/IaC/main.tf b/IaC/main.tf
index 9942215..10c1496 100644
--- a/IaC/main.tf
+++ b/IaC/main.tf
@@ -36,10 +36,6 @@ resource "random_id" "artifacts_bucket_name_suffix" {
   byte_length = 5
 }
 
-resource "random_password" "password" {
-  length = 16
-}
-
 module "network" {
   source       = "./modules/network"
   network_name = var.network_name
@@ -49,7 +45,6 @@ module "mlflow" {
   source                       = "./modules/mlflow"
   mlflow_server                = var.mlflow_server
   artifacts_bucket_name        = "${var.artifacts_bucket}-${random_id.artifacts_bucket_name_suffix.hex}"
-  db_password_value            = random_password.password.result
   server_docker_image          = var.mlflow_docker_image
   project_id                   = var.project_id
   consent_screen_support_email = var.consent_screen_support_email
diff --git a/IaC/modules/mlflow/main.tf b/IaC/modules/mlflow/main.tf
index 03aca8a..2dfdbb7 100644
--- a/IaC/modules/mlflow/main.tf
+++ b/IaC/modules/mlflow/main.tf
@@ -15,6 +15,7 @@
 # You should have received a copy of the GNU Lesser General Public License
 # along with this program; if not, write to the Free Software Foundation,
 # Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+
 module "artifacts" {
   source            = "./artifacts"
   bucket_name       = var.artifacts_bucket_name
@@ -26,7 +27,6 @@ module "artifacts" {
 module "db_secret" {
   source       = "./secret_manager"
   secret_id    = var.db_password_name
-  secret_value = var.db_password_value
 }
 
 module "database" {
diff --git a/IaC/modules/mlflow/secret_manager/main.tf b/IaC/modules/mlflow/secret_manager/main.tf
index 8d70846..4c63e16 100644
--- a/IaC/modules/mlflow/secret_manager/main.tf
+++ b/IaC/modules/mlflow/secret_manager/main.tf
@@ -15,6 +15,11 @@
 # You should have received a copy of the GNU Lesser General Public License
 # along with this program; if not, write to the Free Software Foundation,
 # Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+
+resource "random_password" "password" {
+  length = 16
+}
+
 resource "google_secret_manager_secret" "secret" {
   provider = google-beta
 
@@ -25,12 +30,11 @@ resource "google_secret_manager_secret" "secret" {
   }
 }
 
-
 resource "google_secret_manager_secret_version" "secret-version" {
   provider = google-beta
 
   secret = google_secret_manager_secret.secret.id
 
-  secret_data = var.secret_value
+  secret_data = random_password.password.result
   depends_on  = [google_secret_manager_secret.secret]
 }
diff --git a/IaC/modules/mlflow/secret_manager/variables.tf b/IaC/modules/mlflow/secret_manager/variables.tf
index 3ff069a..2ca3206 100644
--- a/IaC/modules/mlflow/secret_manager/variables.tf
+++ b/IaC/modules/mlflow/secret_manager/variables.tf
@@ -19,10 +19,6 @@ variable "secret_id" {
   type        = string
   description = "Name of the secret you want to create"
 }
-variable "secret_value" {
-  type        = string
-  description = "value of the secret you want to create"
-}
 variable "module_depends_on" {
   type    = any
   default = null
diff --git a/IaC/modules/mlflow/variables.tf b/IaC/modules/mlflow/variables.tf
index b7c9955..f55a0b4 100644
--- a/IaC/modules/mlflow/variables.tf
+++ b/IaC/modules/mlflow/variables.tf
@@ -39,10 +39,6 @@ variable "db_password_name" {
   type        = string
   default     = "mlflow-db-pwd"
 }
-variable "db_password_value" {
-  description = "Value of the database password stored in secret manager"
-  type        = string
-}
 variable "db_username" {
   description = "Value of the database username"
   type        = string
diff --git a/IaC/variables.tf b/IaC/variables.tf
index 9ffd82a..d706639 100644
--- a/IaC/variables.tf
+++ b/IaC/variables.tf
@@ -24,10 +24,6 @@ variable "artifacts_bucket" {
   type        = string
   default     = "oneclick-mlflow-store"
 }
-variable "db_password_value" {
-  description = "Database password to connect to your instance"
-  type        = string
-}
 variable "mlflow_docker_image" {
   description = "Docker image used in container registry"
   type        = string