chore: Postgres only EU

.github/workflows/sub-validate.yml

@@ -98,15 +98,7 @@ jobs:
       - name: Yarn Install
         run: yarn install
 
-      # Temporary ignoring `Sessions tests` for staging until IRN peering for staging is ready
-      - name: Run Yarn Integration Tests (no IRN tests)
-        if: ${{ inputs.stage == 'staging' }}
-        run: yarn integration --testPathIgnorePatterns='sessions.test.ts'
-        env:
-          PROJECT_ID: ${{ secrets.PROJECT_ID }}
-          RPC_URL: ${{ inputs.stage-url }}
       - name: Yarn Integration Tests
-        if: ${{ inputs.stage == 'prod' }}
         run: yarn integration
         env:
           PROJECT_ID: ${{ secrets.PROJECT_ID }}

terraform/region/output.tf

@@ -0,0 +1,19 @@
+output "database_url" {
+  description = "The URL used to connect to the cluster"
+  value       = module.postgres[0].database_url
+}
+
+output "database_vpc_id" {
+  description = "ID of the database VPC"
+  value       = module.vpc.vpc_id
+}
+
+output "database_vpc_cidr" {
+  description = "CIDR block of the database VPC"
+  value       = module.vpc.intra_subnets_cidr_blocks
+}
+
+output "database_client_vpc_peering_connection" {
+  description = "Peering connection of database client VPCs"
+  value       = aws_vpc_peering_connection.database[0].id
+}

terraform/region/res_db.tf

@@ -9,6 +9,8 @@ module "db_context" {
 }
 
 module "postgres" {
+  count = var.database_url != null ? 1 : 0
+
   source     = "./postgres"
   context    = module.db_context
   attributes = ["postgres"]

terraform/region/res_db_peering.tf

@@ -0,0 +1,37 @@
+resource "aws_vpc_peering_connection" "database" {
+  count = var.database_vpc_id != null && var.database_vpc_region != null ? 1 : 0
+
+  vpc_id      = module.vpc.vpc_id
+  peer_vpc_id = var.database_vpc_id
+  peer_region = var.database_vpc_region
+  # peer_owner_id = var.database_aws_account_id
+}
+
+resource "aws_route" "database" {
+  count = var.database_vpc_cidr != null ? length(module.vpc.private_route_table_ids) : 0
+
+  route_table_id            = module.vpc.private_route_table_ids[count.index]
+  vpc_peering_connection_id = aws_vpc_peering_connection.irn.id
+  destination_cidr_block    = var.database_vpc_cidr
+}
+
+resource "aws_vpc_peering_connection_accepter" "database_client" {
+  for_each = var.database_client_vpc_peering_connections
+
+  vpc_peering_connection_id = each.key
+  auto_accept               = true
+}
+
+resource "aws_route" "database_client" {
+  for_each = flatten(
+    [for route in module.vpc.private_route_table_ids :
+      [for id, cidr in var.database_client_vpc_peering_connections : {
+        route_table_id            = route
+        vpc_peering_connection_id = id
+        destination_cidr_block    = cidr
+  }]])
+
+  route_table_id            = each.value.route_table_id
+  vpc_peering_connection_id = each.value.vpc_peering_connection_id
+  destination_cidr_block    = each.value.destination_cidr_block
+}

terraform/region/res_ecs.tf

@@ -63,7 +63,7 @@ module "ecs" {
   rate_limiting_cache_endpoint_read  = module.redis.endpoint
   rate_limiting_cache_endpoint_write = module.redis.endpoint
   ofac_blocked_countries             = var.ofac_blocked_countries
-  postgres_url                       = module.postgres.database_url
+  postgres_url                       = var.database_url != null ? var.database_url : module.postgres.database_url
 
   # Providers
   infura_project_id      = var.infura_project_id

terraform/region/res_network.tf

@@ -1,5 +1,19 @@
 locals {
   vpc_cidr                = "10.0.0.0/16"
+  # https://www.notion.so/walletconnect/Private-IP-range-allocation-5fba8350d0a9453ca589dfa73affd508?pvs=4
+  # vpc_cidr = (
+  #   module.this.stage == "prod" ? {
+  #     "eu-central-1"   = "10.0.0.0/16" # "10.7.0.0/16"
+  #     "us-east-1"      = "10.8.0.0/16"
+  #     "ap-southeast-1" = "10.9.0.0/16"
+  #   }
+  #   : {
+  #     "eu-central-1"   = "10.10.0.0/16"
+  #     "us-east-1"      = "10.11.0.0/16"
+  #     "ap-southeast-1" = "10.12.0.0/16"
+  #   }
+  # )[module.this.region]
+
   vpc_azs                 = slice(data.aws_availability_zones.available.names, 0, 3)
   vpc_flow_s3_bucket_name = substr("vpc-flow-logs-${module.this.id}-${random_pet.this.id}", 0, 63)
 }

terraform/region/variables.tf

@@ -236,3 +236,34 @@ variable "irn_namespace_secret" {
   type        = string
 }
 
+# Postgres VPC peering
+
+variable "database_url" {
+  description = "The URL used to connect to the cluster"
+  type        = string
+  default     = null
+}
+
+variable "database_vpc_id" {
+  description = "ID of the database VPC"
+  type        = string
+  default     = null
+}
+
+variable "database_vpc_cidr" {
+  description = "CIDR block of the database VPC"
+  type        = string
+  default     = null
+}
+
+variable "database_vpc_region" {
+  description = "Region of the database VPC"
+  type        = string
+  default     = null
+}
+
+variable "database_client_vpc_peering_connections" {
+  description = "Peering connections of database client VPCs"
+  type        = map(string)
+  default     = {}
+}