add rustc-perf-one to bastion allow list

[marcoieni]

Merging this first to unblock the team. Then I also wrote #741 to avoid copy pasting the IPs, but for that one I need to ask a review.

[marcoieni]

even without the IP change, there's this diff which I'm not sure it's safe to apply:

  # postgresql_grant.rw_self_sequence["rustc_perf"] must be replaced
-/+ resource "postgresql_grant" "rw_self_sequence" {
      ~ id                = "rustc_perf_rustc_perf_public_sequence" -> (known after apply)
      ~ privileges        = [ # forces replacement
          + "SELECT",
          + "UPDATE",
          + "USAGE",
        ]
        # (5 unchanged attributes hidden)
    }

  # postgresql_grant.rw_self_tables["rustc_perf"] must be replaced
-/+ resource "postgresql_grant" "rw_self_tables" {
      ~ id                = "rustc_perf_rustc_perf_public_table" -> (known after apply)
      ~ privileges        = [ # forces replacement
          + "DELETE",
          + "INSERT",
          + "REFERENCES",
          + "SELECT",
          + "TRIGGER",
          + "TRUNCATE",
          + "UPDATE",
        ]
        # (5 unchanged attributes hidden)
    }

Plan: 2 to add, 0 to change, 2 to destroy.

[Kobzol]

I think that @Mark-Simulacrum bumped the instance some time ago. Not sure about the Postgres version upgrade.

[marcoieni]

probably the db is configured in a way that aws automatically updates to the latest version of postgres (minor version updates only)

[marcoieni]

applied complete. Hopefully there wasn't downtime:

postgresql_grant.rw_self_tables["rustc_perf"]: Destroying... [id=rustc_perf_rustc_perf_public_table]
postgresql_grant.rw_self_sequence["rustc_perf"]: Destroying... [id=rustc_perf_rustc_perf_public_sequence]
postgresql_grant.rw_self_tables["rustc_perf"]: Still destroying... [id=rustc_perf_rustc_perf_public_table, 10s elapsed]
postgresql_grant.rw_self_sequence["rustc_perf"]: Still destroying... [id=rustc_perf_rustc_perf_public_sequence, 10s elapsed]
postgresql_grant.rw_self_tables["rustc_perf"]: Destruction complete after 16s
postgresql_grant.rw_self_tables["rustc_perf"]: Creating...
postgresql_grant.rw_self_sequence["rustc_perf"]: Still destroying... [id=rustc_perf_rustc_perf_public_sequence, 20s elapsed]
postgresql_grant.rw_self_sequence["rustc_perf"]: Destruction complete after 21s
postgresql_grant.rw_self_sequence["rustc_perf"]: Creating...
aws_security_group.rust_prod_db: Modifying... [id=sg-096a21edf5cede038]
aws_security_group.rust_prod_db: Modifications complete after 2s [id=sg-096a21edf5cede038]
postgresql_grant.rw_self_tables["rustc_perf"]: Still creating... [10s elapsed]
postgresql_grant.rw_self_tables["rustc_perf"]: Creation complete after 13s [id=rustc_perf_rustc_perf_public_table]
postgresql_grant.rw_self_sequence["rustc_perf"]: Still creating... [10s elapsed]
postgresql_grant.rw_self_sequence["rustc_perf"]: Creation complete after 13s [id=rustc_perf_rustc_perf_public_sequence]
Releasing state lock. This may take a few moments...

Apply complete! Resources: 2 added, 1 changed, 2 destroyed.

[marcoieni]

confirmed with Jakub that there was some downtime. But at least now terraform plan is clean from master.