lambda-runtime-types 0.6.13

Common structures for lambda architecture
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112

#[derive(Clone, Debug, serde::Serialize, serde::Deserialize)]
struct Secret {
    host: String,
    port: u16,
    database: String,
    user: String,
    password: String,
}

struct Runner;

#[async_trait::async_trait]
impl<'a> lambda_runtime_types::rotate::RotateRunner<'a, (), Secret> for Runner {
    async fn setup(_region: &'a str) -> anyhow::Result<()> {
        simple_logger::SimpleLogger::new()
            .with_level(log::LevelFilter::Info)
            .init()
            .expect("Unable to setup logging");
        Ok(())
    }

    async fn create(
        _shared: &'a (),
        mut secret_cur: lambda_runtime_types::rotate::SecretContainer<Secret>,
        smc: &lambda_runtime_types::rotate::Smc,
    ) -> anyhow::Result<lambda_runtime_types::rotate::SecretContainer<Secret>> {
        let password = smc.generate_new_password(false, None).await?;
        secret_cur.password = password;
        Ok(secret_cur)
    }

    async fn set(
        _shared: &'a (),
        secret_cur: lambda_runtime_types::rotate::SecretContainer<Secret>,
        secret_new: lambda_runtime_types::rotate::SecretContainer<Secret>,
    ) -> anyhow::Result<()> {
        PgDatabase::new(&secret_cur)
            .await?
            .change_password(&secret_new)
            .await
    }

    async fn test(
        _shared: &'a (),
        secret_new: lambda_runtime_types::rotate::SecretContainer<Secret>,
    ) -> anyhow::Result<()> {
        PgDatabase::new(&secret_new).await?.test_connection().await
    }
}

pub fn main() -> anyhow::Result<()> {
    lambda_runtime_types::exec_tokio::<_, _, Runner, _>()
}

pub struct PgDatabase {
    client: tokio_postgres::Client,
}

impl PgDatabase {
    pub(crate) async fn new(secret: &Secret) -> anyhow::Result<Self> {
        use anyhow::Context;

        let connector = native_tls::TlsConnector::new()
            .context("Unable to prepare TLS Connection for Database")?;
        let connector = postgres_native_tls::MakeTlsConnector::new(connector);

        let (client, connection) = tokio_postgres::connect(
            &format!(
                "host={host} port={port} user={user} password={password} dbname={dbname} sslmode=require",
                host = secret.host,
                port = secret.port,
                user = secret.user,
                password = secret.password,
                dbname = secret.database,
            ),
            connector,
        )
        .await?;

        tokio::spawn(async move {
            if let Err(e) = connection.await {
                eprintln!("Unable to connecto to postgres database: {}", e);
            }
        });

        Ok(Self { client })
    }

    pub(crate) async fn change_password(&self, secret: &Secret) -> anyhow::Result<()> {
        use anyhow::Context;

        let query: &str = &format!(
            "ALTER USER {} WITH PASSWORD '{}'",
            secret.user, secret.password
        );
        self.client
            .execute(query, &[])
            .await
            .context("Unable to change user password")?;
        Ok(())
    }

    pub(crate) async fn test_connection(&self) -> anyhow::Result<()> {
        use anyhow::Context;

        self.client
            .execute("SELECT 1;", &[])
            .await
            .context("Connection to database failed")?;
        Ok(())
    }
}