Merge branch 'main' into B-21983

.gitlab-ci.yml

@@ -1249,7 +1249,7 @@ push_otel_collector_image_dp3:
 
 deploy_migrations_dp3:
   stage: deploy
-  resource_group: $DP3_ENV
+  resource_group: $DP3_ENV_migration
   tags:
     - $RUNNER_TAG
   environment: $DP3_ENV
@@ -1281,7 +1281,7 @@ deploy_migrations_dp3:
 
 deploy_tasks_dp3:
   stage: deploy
-  resource_group: $DP3_ENV
+  resource_group: $DP3_ENV_task
   tags:
     - $RUNNER_TAG
   environment: $DP3_ENV
@@ -1310,7 +1310,7 @@ deploy_tasks_dp3:
 
 deploy_app_client_tls_dp3:
   stage: deploy
-  resource_group: $DP3_ENV
+  resource_group: $DP3_ENV_client
   tags:
     - $RUNNER_TAG
   environment: $DP3_ENV
@@ -1352,7 +1352,7 @@ deploy_app_client_tls_dp3:
 
 deploy_app_dp3:
   stage: deploy
-  resource_group: $DP3_ENV
+  resource_group: $DP3_ENV_app
   tags:
     - $RUNNER_TAG
   environment: $DP3_ENV
@@ -1515,7 +1515,7 @@ push_otel_collector_image_stg:
 
 deploy_migrations_stg:
   stage: deploy
-  resource_group: staging
+  resource_group: staging_migration
   tags:
     - $RUNNER_TAG
   environment: stg
@@ -1547,7 +1547,7 @@ deploy_migrations_stg:
 
 deploy_tasks_stg:
   stage: deploy
-  resource_group: staging
+  resource_group: staging_task
   tags:
     - $RUNNER_TAG
   environment: stg
@@ -1576,7 +1576,7 @@ deploy_tasks_stg:
 
 deploy_app_client_tls_stg:
   stage: deploy
-  resource_group: staging
+  resource_group: staging_client
   environment: stg
   image:
     name: $DOCKER_APP_IMAGE
@@ -1617,7 +1617,7 @@ deploy_app_client_tls_stg:
 
 deploy_app_stg:
   stage: deploy
-  resource_group: staging
+  resource_group: staging_app
   tags:
     - $RUNNER_TAG
   environment: stg
@@ -1690,7 +1690,7 @@ prod_approval:
 
 build_push_app_prd:
   stage: push_prd
-  resource_group: production
+  resource_group: production_app
   environment: prd
   image:
     name: gcr.io/kaniko-project/executor:v1.14.0-debug
@@ -1713,7 +1713,7 @@ build_push_app_prd:
 
 build_push_migrations_prd:
   stage: push_prd
-  resource_group: production
+  resource_group: production_migration
   tags:
     - $RUNNER_TAG
   environment: prd
@@ -1738,7 +1738,7 @@ build_push_migrations_prd:
 
 build_push_tasks_prd:
   stage: push_prd
-  resource_group: production
+  resource_group: production_task
   environment: prd
   tags:
     - $RUNNER_TAG
@@ -1763,7 +1763,7 @@ build_push_tasks_prd:
 
 push_otel_collector_image_prd:
   stage: push_prd
-  resource_group: production
+  resource_group: production_otel
   tags:
     - $RUNNER_TAG
   environment: prd
@@ -1800,7 +1800,7 @@ push_otel_collector_image_prd:
 
 deploy_migrations_prd:
   stage: deploy_prd
-  resource_group: production
+  resource_group: production_migration
   environment: prd
   tags:
     - $RUNNER_TAG
@@ -1832,7 +1832,7 @@ deploy_migrations_prd:
 
 deploy_tasks_prd:
   stage: deploy_prd
-  resource_group: production
+  resource_group: production_task
   environment: prd
   tags:
     - $RUNNER_TAG
@@ -1861,7 +1861,7 @@ deploy_tasks_prd:
 
 deploy_app_client_tls_prd:
   stage: deploy_prd
-  resource_group: production
+  resource_group: production_client
   environment: prd
   tags:
     - $RUNNER_TAG
@@ -1892,19 +1892,19 @@ deploy_app_client_tls_prd:
     - ./scripts/ecs-deploy-service-container app-client-tls "${ECR_REPOSITORY_URI}/app@${ECR_DIGEST}" "${APP_ENVIRONMENT}" "/bin/milmove serve"
     #TODO: fix domain make dynamic and pass in preferred
     - echo "Running Health Check"
-    - bin/health-checker --schemes https --hosts api.$APP_ENVIRONMENT.move.mil --key ${TLS_KEY} --cert ${TLS_CERT} --ca ${TLS_CA} --tries 10 --backoff 3 --log-level info --timeout 5m
+    - bin/health-checker --schemes https --hosts api.move.mil --key ${TLS_KEY} --cert ${TLS_CERT} --ca ${TLS_CA} --tries 10 --backoff 3 --log-level info --timeout 5m
     - echo "Running TLS Check"
-    - bin/tls-checker --schemes https --hosts api.$APP_ENVIRONMENT.move.mil --key ${TLS_KEY} --cert ${TLS_CERT} --ca ${TLS_CA} --log-level info --timeout 15m
+    - bin/tls-checker --schemes https --hosts api.move.mil --key ${TLS_KEY} --cert ${TLS_CERT} --ca ${TLS_CA} --log-level info --timeout 15m
     - echo "Checking deployed commits"
-    - ./scripts/check-deployed-commit "api.$APP_ENVIRONMENT.move.mil" "$CI_COMMIT_SHA" ${TLS_KEY} ${TLS_CERT} ${TLS_CA}
+    - ./scripts/check-deployed-commit "api.move.mil" "$CI_COMMIT_SHA" ${TLS_KEY} ${TLS_CERT} ${TLS_CA}
   after_script:
     - *announce_failure
   rules:
     - *check_main
 
 deploy_app_prd:
   stage: deploy_prd
-  resource_group: production
+  resource_group: production_app
   tags:
     - $RUNNER_TAG
   environment: prd
@@ -1944,11 +1944,11 @@ deploy_app_prd:
     - ./scripts/ecs-deploy-service-container app "${ECR_REPOSITORY_URI}/app@${ECR_DIGEST}" "${APP_ENVIRONMENT}" "/bin/milmove serve"
     #TODO: fix domain make dynamic and pass in preferred
     - echo "Running Health Check"
-    - bin/health-checker --schemes https --hosts my.$APP_ENVIRONMENT.move.mil,office.$APP_ENVIRONMENT.move.mil,admin.$APP_ENVIRONMENT.move.mil --tries 10 --backoff 3 --log-level info --timeout 5m
+    - bin/health-checker --schemes https --hosts my.move.mil,office.move.mil,admin.move.mil --tries 10 --backoff 3 --log-level info --timeout 5m
     - echo "Running TLS Check"
-    - bin/tls-checker --schemes https --hosts my.$APP_ENVIRONMENT.move.mil,office.$APP_ENVIRONMENT.move.mil,admin.$APP_ENVIRONMENT.move.mil --log-level info --timeout 15m
+    - bin/tls-checker --schemes https --hosts my.move.mil,office.move.mil,admin.move.mil --log-level info --timeout 15m
     - echo "Checking deployed commits"
-    - ./scripts/check-deployed-commit "my.$APP_ENVIRONMENT.move.mil,office.$APP_ENVIRONMENT.move.mil,admin.$APP_ENVIRONMENT.move.mil" "$CI_COMMIT_SHA"
+    - ./scripts/check-deployed-commit "my.move.mil,office.move.mil,admin.move.mil" "$CI_COMMIT_SHA"
   after_script:
     - *announce_failure
   rules:

Makefile

@@ -1209,44 +1209,6 @@ anti_virus: ## Scan repo with anti-virus service
 
 .PHONY: nonato_deploy_prepare
 nonato_deploy_prepare:  ## Replace placeholders in config to deploy to a non-ATO env. Requires DEPLOY_ENV to be set to exp, loadtest, or demo.
-ifeq ($(DEPLOY_ENV), exp)
-	@echo "Preparing for deploy to experimental"
-else ifeq ($(DEPLOY_ENV), loadtest)
-	@echo "Preparing for deploy to loadtest"
-else ifeq ($(DEPLOY_ENV), demo)
-	@echo "Preparing for deploy to demo"
-else
-	$(error DEPLOY_ENV must be exp, loadtest, or demo)
-endif
-	sed -E -i '' "s#(&dp3-branch) placeholder_branch_name#\1 $(GIT_BRANCH)#" .circleci/config.yml
-	sed -E -i '' "s#(&integration-ignore-branch) placeholder_branch_name#\1 $(GIT_BRANCH)#" .circleci/config.yml
-	sed -E -i '' "s#(&integration-mtls-ignore-branch) placeholder_branch_name#\1 $(GIT_BRANCH)#" .circleci/config.yml
-	sed -E -i '' "s#(&client-ignore-branch) placeholder_branch_name#\1 $(GIT_BRANCH)#" .circleci/config.yml
-	sed -E -i '' "s#(&server-ignore-branch) placeholder_branch_name#\1 $(GIT_BRANCH)#" .circleci/config.yml
-	sed -E -i '' "s#(&dp3-env) placeholder_env#\1 $(DEPLOY_ENV)#" .circleci/config.yml
-	@git --no-pager diff .circleci/config.yml
-	@echo "Please make sure to commit the changes in .circleci/config.yml in order to have CircleCI deploy $(GIT_BRANCH) to the Non-ATO $(DEPLOY_ENV) environment."
-
-.PHONY: nonato_deploy_restore
-nonato_deploy_restore:  ## Restore placeholders in config after deploy to a non-ATO env
-	sed -E -i '' "s#(&dp3-branch) $(GIT_BRANCH)#\1 placeholder_branch_name#" .circleci/config.yml
-	sed -E -i '' "s#(&integration-ignore-branch) $(GIT_BRANCH)#\1 placeholder_branch_name#" .circleci/config.yml
-	sed -E -i '' "s#(&integration-mtls-ignore-branch) $(GIT_BRANCH)#\1 placeholder_branch_name#" .circleci/config.yml
-	sed -E -i '' "s#(&client-ignore-branch) $(GIT_BRANCH)#\1 placeholder_branch_name#" .circleci/config.yml
-	sed -E -i '' "s#(&server-ignore-branch) $(GIT_BRANCH)#\1 placeholder_branch_name#" .circleci/config.yml
-	sed -E -i '' "s#(&dp3-env) (exp|loadtest|demo)#\1 placeholder_env#" .circleci/config.yml
-
-#
-# ----- END NON-ATO DEPLOYMENT TARGETS -----
-#
-
-
-#
-# ----- START NON-ATO DEPLOYMENT TARGETS -----
-#
-
-.PHONY: nonato_gitlab_deploy_prepare
-nonato_gitlab_deploy_prepare:  ## Replace placeholders in config to deploy to a non-ATO env. Requires DEPLOY_ENV to be set to exp, loadtest, or demo.
 ifeq ($(DEPLOY_ENV), exp)
 	@echo "Preparing for deploy to experimental"
 else ifeq ($(DEPLOY_ENV), loadtest)
@@ -1263,10 +1225,10 @@ endif
 	sed -E -i '' "s#(&server_ignore_branch) placeholder_branch_name#\1 $(GIT_BRANCH)#" .gitlab-ci.yml
 	sed -E -i '' "s#(&dp3_env) placeholder_env#\1 $(DEPLOY_ENV)#" .gitlab-ci.yml
 	@git --no-pager diff .gitlab-ci.yml
-	@echo "Please make sure to commit the changes in .gitlab-ci.yml in order to have CircleCI deploy $(GIT_BRANCH) to the Non-ATO $(DEPLOY_ENV) environment."
+	@echo "Please make sure to commit the changes in .gitlab-ci.yml in order to have Gitlab deploy $(GIT_BRANCH) to the Non-ATO $(DEPLOY_ENV) environment."
 
-.PHONY: nonato_gitlab_deploy_restore
-nonato_gitlab_deploy_restore:  ## Restore placeholders in config after deploy to a non-ATO env
+.PHONY: nonato_deploy_restore
+nonato_deploy_restore:  ## Restore placeholders in config after deploy to a non-ATO env
 	sed -E -i '' "s#(&dp3_branch) $(GIT_BRANCH)#\1 placeholder_branch_name#" .gitlab-ci.yml
 	sed -E -i '' "s#(&integration_ignore_branch) $(GIT_BRANCH)#\1 placeholder_branch_name#" .gitlab-ci.yml
 	sed -E -i '' "s#(&integration_mtls_ignore_branch) $(GIT_BRANCH)#\1 placeholder_branch_name#" .gitlab-ci.yml

scripts/rds-snapshot-app-db

@@ -25,7 +25,7 @@ time aws rds wait db-snapshot-completed --db-instance-identifier "$db_instance_i
 
 echo
 echo "Create database snapshot for ${db_instance_identifier} with identifier ${db_snapshot_identifier}"
-aws rds create-db-snapshot --cli-read-timeout 1200 --db-instance-identifier "$db_instance_identifier" --db-snapshot-identifier "$db_snapshot_identifier" --tags "${tags[@]}"
+aws rds create-db-snapshot --cli-read-timeout 0 --cli-connect-timeout 0 --db-instance-identifier "$db_instance_identifier" --db-snapshot-identifier "$db_snapshot_identifier" --tags "${tags[@]}"
 
 echo
 echo "Wait for current database snapshot ${db_snapshot_identifier} to complete before continuing ..."