From 881b21d2b742ea8c97a370ea834e0fc4ca55f480 Mon Sep 17 00:00:00 2001 From: Zachary Deziel Date: Fri, 11 Oct 2024 11:42:46 -0700 Subject: [PATCH 01/32] Update adding staging mechanism --- space2stats_api/cdk/app.py | 10 ++++++++-- space2stats_api/cdk/aws_stack.py | 9 +++++++-- space2stats_api/cdk/settings.py | 1 + 3 files changed, 16 insertions(+), 4 deletions(-) diff --git a/space2stats_api/cdk/app.py b/space2stats_api/cdk/app.py index a531357..1fe64fd 100644 --- a/space2stats_api/cdk/app.py +++ b/space2stats_api/cdk/app.py @@ -1,8 +1,12 @@ +import os + from aws_cdk import App, Environment from aws_stack import Space2StatsStack from settings import DeploymentSettings -settings = DeploymentSettings(_env_file="aws_deployment.env") +settings = DeploymentSettings( + _env_file=f"aws_deployment_{os.environ.get("STAGE", "dev")}.env" +) env = Environment( account=settings.CDK_DEFAULT_ACCOUNT, region=settings.CDK_DEFAULT_REGION @@ -10,6 +14,8 @@ app = App() -Space2StatsStack(app, "Space2StatsStack", env=env) +Space2StatsStack( + app, f"Space2Stats-{settings.STAGE}", env=env, deployment_settings=settings +) app.synth() diff --git a/space2stats_api/cdk/aws_stack.py b/space2stats_api/cdk/aws_stack.py index 251edb2..b6b666d 100644 --- a/space2stats_api/cdk/aws_stack.py +++ b/space2stats_api/cdk/aws_stack.py @@ -10,11 +10,16 @@ class Space2StatsStack(Stack): - def __init__(self, scope: Construct, id: str, **kwargs) -> None: + def __init__( + self, + scope: Construct, + id: str, + deployment_settings: DeploymentSettings, + **kwargs, + ) -> None: super().__init__(scope, id, **kwargs) app_settings = AppSettings(_env_file="./aws_app.env") - deployment_settings = DeploymentSettings(_env_file="./aws_deployment.env") bucket = s3.Bucket( self, diff --git a/space2stats_api/cdk/settings.py b/space2stats_api/cdk/settings.py index 5934527..9589b6d 100644 --- a/space2stats_api/cdk/settings.py +++ b/space2stats_api/cdk/settings.py @@ -15,3 +15,4 @@ class DeploymentSettings(BaseSettings): CDK_DEFAULT_REGION: str CDK_CERTIFICATE_ARN: str CDK_DOMAIN_NAME: str + STAGE: str = "dev" From 8464ed8026436637a6224c056b6ac25ccf0cbd6e Mon Sep 17 00:00:00 2001 From: Zachary Deziel Date: Fri, 11 Oct 2024 12:36:04 -0700 Subject: [PATCH 02/32] Add CD pipeline --- .github/workflows/cd.yml | 49 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 49 insertions(+) create mode 100644 .github/workflows/cd.yml diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml new file mode 100644 index 0000000..1cbef9e --- /dev/null +++ b/.github/workflows/cd.yml @@ -0,0 +1,49 @@ +name: Deploy Space2Stats API Prod + +on: + pull_request: + branches: + - main + +permissions: + id-token: write + contents: read + +jobs: + build: + runs-on: ubuntu-latest + + steps: + - name: Check out repository code + uses: actions/checkout@v2 + + - name: Set up Node.js + uses: actions/setup-node@v2 + with: + node-version: '16' # Ensure compatibility with CDK + + - name: Install AWS CDK + run: npm install -g aws-cdk + + - name: Install dependencies + run: npm install + + - name: Build code + run: npm run build + + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + role-to-assume: arn:aws:iam::017820688988:role/Space2Stats-Deploy-Role + aws-region: ${{ env.CDK_DEFAULT_REGION }} + + - name: Bootstrap CDK (if not done yet) + run: cdk bootstrap aws://${{ env.CDK_DEFAULT_ACCOUNT }}/${{ env.CDK_DEFAULT_REGION }} + + - name: Deploy CDK stack + env: + CDK_CERTIFICATE_ARN: ${{ env.CDK_CERTIFICATE_ARN }} + CDK_DEFAULT_ACCOUNT: ${{ env.CDK_DEFAULT_ACCOUNT }} + CDK_DEFAULT_REGION: ${{ env.CDK_DEFAULT_REGION }} + CDK_DOMAIN_NAME: ${{ env.CDK_DOMAIN_NAME }} + run: cdk deploy --require-approval never \ No newline at end of file From 0249d8dc0a7dc8fd5fec57dff1f9442730f27039 Mon Sep 17 00:00:00 2001 From: Zachary Deziel Date: Fri, 11 Oct 2024 12:41:13 -0700 Subject: [PATCH 03/32] Solve f-string matching --- space2stats_api/cdk/app.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/space2stats_api/cdk/app.py b/space2stats_api/cdk/app.py index 1fe64fd..edc0eca 100644 --- a/space2stats_api/cdk/app.py +++ b/space2stats_api/cdk/app.py @@ -5,7 +5,7 @@ from settings import DeploymentSettings settings = DeploymentSettings( - _env_file=f"aws_deployment_{os.environ.get("STAGE", "dev")}.env" + _env_file=f"aws_deployment_{os.environ.get('STAGE', 'dev')}.env" ) env = Environment( From 59905e9ceb77d64a20e9927d84e3bb9a8b251ff1 Mon Sep 17 00:00:00 2001 From: Zachary Deziel Date: Fri, 11 Oct 2024 12:46:30 -0700 Subject: [PATCH 04/32] Update event to push on main --- .github/workflows/cd.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml index 1cbef9e..6d524b8 100644 --- a/.github/workflows/cd.yml +++ b/.github/workflows/cd.yml @@ -1,7 +1,7 @@ name: Deploy Space2Stats API Prod on: - pull_request: + push: branches: - main From 965fefeb8c2b14cc6dcd3dc8c36e65b8e71a94a4 Mon Sep 17 00:00:00 2001 From: Zachary Deziel Date: Fri, 11 Oct 2024 13:06:16 -0700 Subject: [PATCH 05/32] Add dev CD --- .github/workflows/cd-dev.yml | 50 +++++++++++++++++++++++ .github/workflows/{cd.yml => cd-prod.yml} | 1 + 2 files changed, 51 insertions(+) create mode 100644 .github/workflows/cd-dev.yml rename .github/workflows/{cd.yml => cd-prod.yml} (98%) diff --git a/.github/workflows/cd-dev.yml b/.github/workflows/cd-dev.yml new file mode 100644 index 0000000..f1ab1dc --- /dev/null +++ b/.github/workflows/cd-dev.yml @@ -0,0 +1,50 @@ +name: Deploy Space2Stats API Staging + +on: + pull_request: + branches: + - main # Trigger on PRs targeting the main branch + +permissions: + id-token: write + contents: read + +jobs: + build: + runs-on: ubuntu-latest + + steps: + - name: Check out repository code + uses: actions/checkout@v2 + + - name: Set up Node.js + uses: actions/setup-node@v2 + with: + node-version: '16' # Ensure compatibility with CDK + + - name: Install AWS CDK + run: npm install -g aws-cdk + + - name: Install dependencies + run: npm install + + - name: Build code + run: npm run build + + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + role-to-assume: arn:aws:iam::017820688988:role/Space2Stats-Staging-Deploy-Role # Staging-specific IAM role + aws-region: ${{ env.CDK_DEFAULT_REGION }} + + - name: Bootstrap CDK (if not done yet) + run: cdk bootstrap aws://${{ env.CDK_DEFAULT_ACCOUNT }}/${{ env.CDK_DEFAULT_REGION }} + + - name: Deploy CDK stack to staging + env: + STAGE: dev + CDK_CERTIFICATE_ARN: ${{ env.STAGING_CDK_CERTIFICATE_ARN }} # Staging-specific certificate + CDK_DEFAULT_ACCOUNT: ${{ env.STAGING_CDK_DEFAULT_ACCOUNT }} # Staging-specific AWS account + CDK_DEFAULT_REGION: ${{ env.CDK_DEFAULT_REGION }} + CDK_DOMAIN_NAME: ${{ env.STAGING_CDK_DOMAIN_NAME }} # Staging-specific domain + run: cdk deploy --require-approval never \ No newline at end of file diff --git a/.github/workflows/cd.yml b/.github/workflows/cd-prod.yml similarity index 98% rename from .github/workflows/cd.yml rename to .github/workflows/cd-prod.yml index 6d524b8..f5836e5 100644 --- a/.github/workflows/cd.yml +++ b/.github/workflows/cd-prod.yml @@ -42,6 +42,7 @@ jobs: - name: Deploy CDK stack env: + STAGING: prod CDK_CERTIFICATE_ARN: ${{ env.CDK_CERTIFICATE_ARN }} CDK_DEFAULT_ACCOUNT: ${{ env.CDK_DEFAULT_ACCOUNT }} CDK_DEFAULT_REGION: ${{ env.CDK_DEFAULT_REGION }} From 634333101ad82cc07bafc680d2903516328830f8 Mon Sep 17 00:00:00 2001 From: Zachary Deziel Date: Fri, 11 Oct 2024 13:12:12 -0700 Subject: [PATCH 06/32] Remove npm and node specific jobs --- .github/workflows/cd-dev.yml | 13 +------------ .github/workflows/cd-prod.yml | 11 ----------- 2 files changed, 1 insertion(+), 23 deletions(-) diff --git a/.github/workflows/cd-dev.yml b/.github/workflows/cd-dev.yml index f1ab1dc..5a9e7aa 100644 --- a/.github/workflows/cd-dev.yml +++ b/.github/workflows/cd-dev.yml @@ -3,7 +3,7 @@ name: Deploy Space2Stats API Staging on: pull_request: branches: - - main # Trigger on PRs targeting the main branch + - main permissions: id-token: write @@ -17,20 +17,9 @@ jobs: - name: Check out repository code uses: actions/checkout@v2 - - name: Set up Node.js - uses: actions/setup-node@v2 - with: - node-version: '16' # Ensure compatibility with CDK - - name: Install AWS CDK run: npm install -g aws-cdk - - name: Install dependencies - run: npm install - - - name: Build code - run: npm run build - - name: Configure AWS credentials uses: aws-actions/configure-aws-credentials@v1 with: diff --git a/.github/workflows/cd-prod.yml b/.github/workflows/cd-prod.yml index f5836e5..c1d320a 100644 --- a/.github/workflows/cd-prod.yml +++ b/.github/workflows/cd-prod.yml @@ -17,20 +17,9 @@ jobs: - name: Check out repository code uses: actions/checkout@v2 - - name: Set up Node.js - uses: actions/setup-node@v2 - with: - node-version: '16' # Ensure compatibility with CDK - - name: Install AWS CDK run: npm install -g aws-cdk - - name: Install dependencies - run: npm install - - - name: Build code - run: npm run build - - name: Configure AWS credentials uses: aws-actions/configure-aws-credentials@v1 with: From 7f52fe0e4a64817ad1d0a75bc71e4395dc0c890f Mon Sep 17 00:00:00 2001 From: Zachary Deziel Date: Fri, 11 Oct 2024 13:20:48 -0700 Subject: [PATCH 07/32] Update variables --- .github/workflows/cd-dev.yml | 22 ++++++++++++++-------- .github/workflows/cd-prod.yml | 16 +++++++++++----- 2 files changed, 25 insertions(+), 13 deletions(-) diff --git a/.github/workflows/cd-dev.yml b/.github/workflows/cd-dev.yml index 5a9e7aa..a47afdf 100644 --- a/.github/workflows/cd-dev.yml +++ b/.github/workflows/cd-dev.yml @@ -23,17 +23,23 @@ jobs: - name: Configure AWS credentials uses: aws-actions/configure-aws-credentials@v1 with: - role-to-assume: arn:aws:iam::017820688988:role/Space2Stats-Staging-Deploy-Role # Staging-specific IAM role - aws-region: ${{ env.CDK_DEFAULT_REGION }} + role-to-assume: arn:aws:iam::017820688988:role/Space2Stats-Staging-Deploy-Role + aws-region: ${{ vars.CDK_DEFAULT_REGION }} - name: Bootstrap CDK (if not done yet) - run: cdk bootstrap aws://${{ env.CDK_DEFAULT_ACCOUNT }}/${{ env.CDK_DEFAULT_REGION }} + run: cdk bootstrap aws://${{ vars.CDK_DEFAULT_ACCOUNT }}/${{ vars.CDK_DEFAULT_REGION }} - name: Deploy CDK stack to staging env: - STAGE: dev - CDK_CERTIFICATE_ARN: ${{ env.STAGING_CDK_CERTIFICATE_ARN }} # Staging-specific certificate - CDK_DEFAULT_ACCOUNT: ${{ env.STAGING_CDK_DEFAULT_ACCOUNT }} # Staging-specific AWS account - CDK_DEFAULT_REGION: ${{ env.CDK_DEFAULT_REGION }} - CDK_DOMAIN_NAME: ${{ env.STAGING_CDK_DOMAIN_NAME }} # Staging-specific domain + STAGE: dev + PGHOST: ${{ secrets.PGHOST }} + PGPORT: ${{ secrets.PGPORT }} + PGDATABASE: ${{ secrets.PGDATABASE }} + PGUSER: ${{ secrets.PGUSER }} + PGPASSWORD: ${{ secrets.PGPASSWORD }} + PGTABLENAME: ${{ secrets.PGTABLENAME }} + CDK_CERTIFICATE_ARN: ${{ vars.STAGING_CDK_CERTIFICATE_ARN }} + CDK_DEFAULT_ACCOUNT: ${{ vars.STAGING_CDK_DEFAULT_ACCOUNT }} + CDK_DEFAULT_REGION: ${{ vars.CDK_DEFAULT_REGION }} + CDK_DOMAIN_NAME: ${{ vars.STAGING_CDK_DOMAIN_NAME }} run: cdk deploy --require-approval never \ No newline at end of file diff --git a/.github/workflows/cd-prod.yml b/.github/workflows/cd-prod.yml index c1d320a..5609fe0 100644 --- a/.github/workflows/cd-prod.yml +++ b/.github/workflows/cd-prod.yml @@ -31,9 +31,15 @@ jobs: - name: Deploy CDK stack env: - STAGING: prod - CDK_CERTIFICATE_ARN: ${{ env.CDK_CERTIFICATE_ARN }} - CDK_DEFAULT_ACCOUNT: ${{ env.CDK_DEFAULT_ACCOUNT }} - CDK_DEFAULT_REGION: ${{ env.CDK_DEFAULT_REGION }} - CDK_DOMAIN_NAME: ${{ env.CDK_DOMAIN_NAME }} + STAGING: prod + PGHOST: ${{ secrets.PGHOST }} + PGPORT: ${{ secrets.PGPORT }} + PGDATABASE: ${{ secrets.PGDATABASE }} + PGUSER: ${{ secrets.PGUSER }} + PGPASSWORD: ${{ secrets.PGPASSWORD }} + PGTABLENAME: ${{ secrets.PGTABLENAME }} + CDK_CERTIFICATE_ARN: ${{ vars.STAGING_CDK_CERTIFICATE_ARN }} + CDK_DEFAULT_ACCOUNT: ${{ vars.STAGING_CDK_DEFAULT_ACCOUNT }} + CDK_DEFAULT_REGION: ${{ vars.CDK_DEFAULT_REGION }} + CDK_DOMAIN_NAME: ${{ vars.STAGING_CDK_DOMAIN_NAME }} run: cdk deploy --require-approval never \ No newline at end of file From 5e7a1a73358b2b29aa151da1e396aea14b9d5f59 Mon Sep 17 00:00:00 2001 From: Zachary Deziel Date: Fri, 11 Oct 2024 13:36:20 -0700 Subject: [PATCH 08/32] Update environment --- .github/workflows/cd-dev.yml | 1 + .github/workflows/cd-prod.yml | 5 +++-- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/workflows/cd-dev.yml b/.github/workflows/cd-dev.yml index a47afdf..cb38edb 100644 --- a/.github/workflows/cd-dev.yml +++ b/.github/workflows/cd-dev.yml @@ -11,6 +11,7 @@ permissions: jobs: build: + environment: "Space2Stats API Dev" runs-on: ubuntu-latest steps: diff --git a/.github/workflows/cd-prod.yml b/.github/workflows/cd-prod.yml index 5609fe0..423e9a6 100644 --- a/.github/workflows/cd-prod.yml +++ b/.github/workflows/cd-prod.yml @@ -11,6 +11,7 @@ permissions: jobs: build: + environment: "Space2Stats API Prod" runs-on: ubuntu-latest steps: @@ -24,10 +25,10 @@ jobs: uses: aws-actions/configure-aws-credentials@v1 with: role-to-assume: arn:aws:iam::017820688988:role/Space2Stats-Deploy-Role - aws-region: ${{ env.CDK_DEFAULT_REGION }} + aws-region: ${{ vars.CDK_DEFAULT_REGION }} - name: Bootstrap CDK (if not done yet) - run: cdk bootstrap aws://${{ env.CDK_DEFAULT_ACCOUNT }}/${{ env.CDK_DEFAULT_REGION }} + run: cdk bootstrap aws://${{ vars.CDK_DEFAULT_ACCOUNT }}/${{ vars.CDK_DEFAULT_REGION }} - name: Deploy CDK stack env: From 6753e28a396c242b36a5766b8de9abd83849fc84 Mon Sep 17 00:00:00 2001 From: Zachary Deziel Date: Fri, 11 Oct 2024 13:51:36 -0700 Subject: [PATCH 09/32] Update role --- .github/workflows/cd-dev.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/cd-dev.yml b/.github/workflows/cd-dev.yml index cb38edb..6a1cafc 100644 --- a/.github/workflows/cd-dev.yml +++ b/.github/workflows/cd-dev.yml @@ -24,7 +24,7 @@ jobs: - name: Configure AWS credentials uses: aws-actions/configure-aws-credentials@v1 with: - role-to-assume: arn:aws:iam::017820688988:role/Space2Stats-Staging-Deploy-Role + role-to-assume: arn:aws:iam::017820688988:role/Space2Stats-Deploy-Role aws-region: ${{ vars.CDK_DEFAULT_REGION }} - name: Bootstrap CDK (if not done yet) From 0f315b82182189da9b3406d92d444d00efb84463 Mon Sep 17 00:00:00 2001 From: Zachary Deziel Date: Fri, 11 Oct 2024 13:55:41 -0700 Subject: [PATCH 10/32] Remove cdk bootstrap --- .github/workflows/cd-dev.yml | 3 --- .github/workflows/cd-prod.yml | 3 --- 2 files changed, 6 deletions(-) diff --git a/.github/workflows/cd-dev.yml b/.github/workflows/cd-dev.yml index 6a1cafc..746525e 100644 --- a/.github/workflows/cd-dev.yml +++ b/.github/workflows/cd-dev.yml @@ -27,9 +27,6 @@ jobs: role-to-assume: arn:aws:iam::017820688988:role/Space2Stats-Deploy-Role aws-region: ${{ vars.CDK_DEFAULT_REGION }} - - name: Bootstrap CDK (if not done yet) - run: cdk bootstrap aws://${{ vars.CDK_DEFAULT_ACCOUNT }}/${{ vars.CDK_DEFAULT_REGION }} - - name: Deploy CDK stack to staging env: STAGE: dev diff --git a/.github/workflows/cd-prod.yml b/.github/workflows/cd-prod.yml index 423e9a6..120762a 100644 --- a/.github/workflows/cd-prod.yml +++ b/.github/workflows/cd-prod.yml @@ -27,9 +27,6 @@ jobs: role-to-assume: arn:aws:iam::017820688988:role/Space2Stats-Deploy-Role aws-region: ${{ vars.CDK_DEFAULT_REGION }} - - name: Bootstrap CDK (if not done yet) - run: cdk bootstrap aws://${{ vars.CDK_DEFAULT_ACCOUNT }}/${{ vars.CDK_DEFAULT_REGION }} - - name: Deploy CDK stack env: STAGING: prod From 6399e79c972f349d2b62c548eb680660a7851ce9 Mon Sep 17 00:00:00 2001 From: Zachary Deziel Date: Fri, 11 Oct 2024 14:01:10 -0700 Subject: [PATCH 11/32] Add working directory for cdk deployment --- .github/workflows/cd-dev.yml | 1 + .github/workflows/cd-prod.yml | 1 + 2 files changed, 2 insertions(+) diff --git a/.github/workflows/cd-dev.yml b/.github/workflows/cd-dev.yml index 746525e..967096e 100644 --- a/.github/workflows/cd-dev.yml +++ b/.github/workflows/cd-dev.yml @@ -28,6 +28,7 @@ jobs: aws-region: ${{ vars.CDK_DEFAULT_REGION }} - name: Deploy CDK stack to staging + working-directory: ./space2stats_api/cdk env: STAGE: dev PGHOST: ${{ secrets.PGHOST }} diff --git a/.github/workflows/cd-prod.yml b/.github/workflows/cd-prod.yml index 120762a..7078406 100644 --- a/.github/workflows/cd-prod.yml +++ b/.github/workflows/cd-prod.yml @@ -28,6 +28,7 @@ jobs: aws-region: ${{ vars.CDK_DEFAULT_REGION }} - name: Deploy CDK stack + working-directory: ./space2stats_api/cdk env: STAGING: prod PGHOST: ${{ secrets.PGHOST }} From 222255a8001280cbf7e506821c380e3107e7f6a5 Mon Sep 17 00:00:00 2001 From: Zachary Deziel Date: Fri, 11 Oct 2024 14:07:05 -0700 Subject: [PATCH 12/32] Add cdk requirements --- .github/workflows/cd-dev.yml | 5 +++++ .github/workflows/cd-prod.yml | 5 +++++ 2 files changed, 10 insertions(+) diff --git a/.github/workflows/cd-dev.yml b/.github/workflows/cd-dev.yml index 967096e..a7b42d1 100644 --- a/.github/workflows/cd-dev.yml +++ b/.github/workflows/cd-dev.yml @@ -26,6 +26,11 @@ jobs: with: role-to-assume: arn:aws:iam::017820688988:role/Space2Stats-Deploy-Role aws-region: ${{ vars.CDK_DEFAULT_REGION }} + + - name: Install CDK dependencies + working-directory: ./space2stats_api/cdk + run: | + pip install -r requirements-cdk.txt - name: Deploy CDK stack to staging working-directory: ./space2stats_api/cdk diff --git a/.github/workflows/cd-prod.yml b/.github/workflows/cd-prod.yml index 7078406..7cf1fc8 100644 --- a/.github/workflows/cd-prod.yml +++ b/.github/workflows/cd-prod.yml @@ -26,6 +26,11 @@ jobs: with: role-to-assume: arn:aws:iam::017820688988:role/Space2Stats-Deploy-Role aws-region: ${{ vars.CDK_DEFAULT_REGION }} + + - name: Install CDK dependencies + working-directory: ./space2stats_api/cdk + run: | + pip install -r requirements-cdk.txt - name: Deploy CDK stack working-directory: ./space2stats_api/cdk From bd5cc2b34d251d774ef5a988b4ebdc721d0e8b3e Mon Sep 17 00:00:00 2001 From: Zachary Deziel Date: Fri, 11 Oct 2024 14:13:53 -0700 Subject: [PATCH 13/32] Update cdk requirements --- space2stats_api/cdk/requirements-cdk.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/space2stats_api/cdk/requirements-cdk.txt b/space2stats_api/cdk/requirements-cdk.txt index 1221d73..2fb220d 100644 --- a/space2stats_api/cdk/requirements-cdk.txt +++ b/space2stats_api/cdk/requirements-cdk.txt @@ -1,4 +1,5 @@ aws-cdk-lib==2.130.0 +aws-cdk.aws-lambda-python-alpha==2.130.0-alpha.0 constructs==10.3.0 pydantic_settings>=2.0 \ No newline at end of file From 4131cfdda55d2768677e52f5335572c86c588578 Mon Sep 17 00:00:00 2001 From: Zachary Deziel Date: Fri, 11 Oct 2024 14:17:58 -0700 Subject: [PATCH 14/32] Update deployment variables --- .github/workflows/cd-dev.yml | 6 +++--- .github/workflows/cd-prod.yml | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/cd-dev.yml b/.github/workflows/cd-dev.yml index a7b42d1..e332a40 100644 --- a/.github/workflows/cd-dev.yml +++ b/.github/workflows/cd-dev.yml @@ -42,8 +42,8 @@ jobs: PGUSER: ${{ secrets.PGUSER }} PGPASSWORD: ${{ secrets.PGPASSWORD }} PGTABLENAME: ${{ secrets.PGTABLENAME }} - CDK_CERTIFICATE_ARN: ${{ vars.STAGING_CDK_CERTIFICATE_ARN }} - CDK_DEFAULT_ACCOUNT: ${{ vars.STAGING_CDK_DEFAULT_ACCOUNT }} + CDK_CERTIFICATE_ARN: ${{ vars.CDK_CERTIFICATE_ARN }} + CDK_DEFAULT_ACCOUNT: ${{ vars.CDK_DEFAULT_ACCOUNT }} CDK_DEFAULT_REGION: ${{ vars.CDK_DEFAULT_REGION }} - CDK_DOMAIN_NAME: ${{ vars.STAGING_CDK_DOMAIN_NAME }} + CDK_DOMAIN_NAME: ${{ vars.CDK_DOMAIN_NAME }} run: cdk deploy --require-approval never \ No newline at end of file diff --git a/.github/workflows/cd-prod.yml b/.github/workflows/cd-prod.yml index 7cf1fc8..78d2c16 100644 --- a/.github/workflows/cd-prod.yml +++ b/.github/workflows/cd-prod.yml @@ -42,8 +42,8 @@ jobs: PGUSER: ${{ secrets.PGUSER }} PGPASSWORD: ${{ secrets.PGPASSWORD }} PGTABLENAME: ${{ secrets.PGTABLENAME }} - CDK_CERTIFICATE_ARN: ${{ vars.STAGING_CDK_CERTIFICATE_ARN }} - CDK_DEFAULT_ACCOUNT: ${{ vars.STAGING_CDK_DEFAULT_ACCOUNT }} + CDK_CERTIFICATE_ARN: ${{ vars.CDK_CERTIFICATE_ARN }} + CDK_DEFAULT_ACCOUNT: ${{ vars.CDK_DEFAULT_ACCOUNT }} CDK_DEFAULT_REGION: ${{ vars.CDK_DEFAULT_REGION }} - CDK_DOMAIN_NAME: ${{ vars.STAGING_CDK_DOMAIN_NAME }} + CDK_DOMAIN_NAME: ${{ vars.CDK_DOMAIN_NAME }} run: cdk deploy --require-approval never \ No newline at end of file From 5e933c20f854e32579a74b20df6a6611ea29499e Mon Sep 17 00:00:00 2001 From: Anthony Lukach Date: Tue, 5 Nov 2024 14:57:59 -0800 Subject: [PATCH 15/32] Refactor deployment tooling (#85) * Migrate to reusable workflow * Add tooling for PR preview URL * Add runs-on * Pre-commit * Refactor triggers * Bump version * Add permissions * Fix working dir * Fix URL output * Fix comment find * Add tooling to tear down PR preview * Fix commenting * Fix * Run tests on all pushes * Refactor * Fix * Expand events --- .github/workflows/cd-dev.yml | 49 -------------- .github/workflows/cd-prod.yml | 49 -------------- .github/workflows/ci.yml | 113 ++++++++++++++++++++----------- .github/workflows/deploy.yml | 85 +++++++++++++++++++++++ .github/workflows/destroy.yml | 78 +++++++++++++++++++++ space2stats_api/cdk/aws_stack.py | 33 +++++---- space2stats_api/cdk/settings.py | 4 +- 7 files changed, 260 insertions(+), 151 deletions(-) delete mode 100644 .github/workflows/cd-dev.yml delete mode 100644 .github/workflows/cd-prod.yml create mode 100644 .github/workflows/deploy.yml create mode 100644 .github/workflows/destroy.yml diff --git a/.github/workflows/cd-dev.yml b/.github/workflows/cd-dev.yml deleted file mode 100644 index e332a40..0000000 --- a/.github/workflows/cd-dev.yml +++ /dev/null @@ -1,49 +0,0 @@ -name: Deploy Space2Stats API Staging - -on: - pull_request: - branches: - - main - -permissions: - id-token: write - contents: read - -jobs: - build: - environment: "Space2Stats API Dev" - runs-on: ubuntu-latest - - steps: - - name: Check out repository code - uses: actions/checkout@v2 - - - name: Install AWS CDK - run: npm install -g aws-cdk - - - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v1 - with: - role-to-assume: arn:aws:iam::017820688988:role/Space2Stats-Deploy-Role - aws-region: ${{ vars.CDK_DEFAULT_REGION }} - - - name: Install CDK dependencies - working-directory: ./space2stats_api/cdk - run: | - pip install -r requirements-cdk.txt - - - name: Deploy CDK stack to staging - working-directory: ./space2stats_api/cdk - env: - STAGE: dev - PGHOST: ${{ secrets.PGHOST }} - PGPORT: ${{ secrets.PGPORT }} - PGDATABASE: ${{ secrets.PGDATABASE }} - PGUSER: ${{ secrets.PGUSER }} - PGPASSWORD: ${{ secrets.PGPASSWORD }} - PGTABLENAME: ${{ secrets.PGTABLENAME }} - CDK_CERTIFICATE_ARN: ${{ vars.CDK_CERTIFICATE_ARN }} - CDK_DEFAULT_ACCOUNT: ${{ vars.CDK_DEFAULT_ACCOUNT }} - CDK_DEFAULT_REGION: ${{ vars.CDK_DEFAULT_REGION }} - CDK_DOMAIN_NAME: ${{ vars.CDK_DOMAIN_NAME }} - run: cdk deploy --require-approval never \ No newline at end of file diff --git a/.github/workflows/cd-prod.yml b/.github/workflows/cd-prod.yml deleted file mode 100644 index 78d2c16..0000000 --- a/.github/workflows/cd-prod.yml +++ /dev/null @@ -1,49 +0,0 @@ -name: Deploy Space2Stats API Prod - -on: - push: - branches: - - main - -permissions: - id-token: write - contents: read - -jobs: - build: - environment: "Space2Stats API Prod" - runs-on: ubuntu-latest - - steps: - - name: Check out repository code - uses: actions/checkout@v2 - - - name: Install AWS CDK - run: npm install -g aws-cdk - - - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v1 - with: - role-to-assume: arn:aws:iam::017820688988:role/Space2Stats-Deploy-Role - aws-region: ${{ vars.CDK_DEFAULT_REGION }} - - - name: Install CDK dependencies - working-directory: ./space2stats_api/cdk - run: | - pip install -r requirements-cdk.txt - - - name: Deploy CDK stack - working-directory: ./space2stats_api/cdk - env: - STAGING: prod - PGHOST: ${{ secrets.PGHOST }} - PGPORT: ${{ secrets.PGPORT }} - PGDATABASE: ${{ secrets.PGDATABASE }} - PGUSER: ${{ secrets.PGUSER }} - PGPASSWORD: ${{ secrets.PGPASSWORD }} - PGTABLENAME: ${{ secrets.PGTABLENAME }} - CDK_CERTIFICATE_ARN: ${{ vars.CDK_CERTIFICATE_ARN }} - CDK_DEFAULT_ACCOUNT: ${{ vars.CDK_DEFAULT_ACCOUNT }} - CDK_DEFAULT_REGION: ${{ vars.CDK_DEFAULT_REGION }} - CDK_DOMAIN_NAME: ${{ vars.CDK_DOMAIN_NAME }} - run: cdk deploy --require-approval never \ No newline at end of file diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 0328da9..3be9e3a 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,47 +1,82 @@ name: Run Tests -on: [push, pull_request] +on: + push: + pull_request: + types: + - opened + - synchronize + - reopened + - closed jobs: test: runs-on: ubuntu-latest steps: - - name: Checkout code - uses: actions/checkout@v4 - - - name: Set up Python - uses: actions/setup-python@v5 - with: - python-version: 3.11 - - - name: Install Poetry - run: | - python -m pip install --upgrade pip - python -m pip install poetry - - - name: Install dependencies - working-directory: ./space2stats_api/src - run: | - poetry install --with test - - - name: install lib postgres - uses: nyurik/action-setup-postgis@v2 - - - name: Run pre-commit - working-directory: ./space2stats_api/src - run: | - poetry run pre-commit run --all-files - - - name: Run tests - working-directory: ./space2stats_api/src - run: | - poetry run python -m pytest --benchmark-skip tests - env: - PGHOST: localhost - PGPORT: 5432 - PGDATABASE: mydatabase - PGUSER: myuser - PGPASSWORD: mypassword - PGTABLENAME: space2stats - S3_BUCKET_NAME: test-bucket \ No newline at end of file + - name: Checkout code + uses: actions/checkout@v4 + + - name: Set up Python + uses: actions/setup-python@v5 + with: + python-version: 3.11 + + - name: Install Poetry + run: | + python -m pip install --upgrade pip + python -m pip install poetry + + - name: Install dependencies + working-directory: ./space2stats_api/src + run: | + poetry install --with test + + - name: install lib postgres + uses: nyurik/action-setup-postgis@v2 + + - name: Run pre-commit + working-directory: ./space2stats_api/src + run: | + poetry run pre-commit run --all-files + + - name: Run tests + working-directory: ./space2stats_api/src + run: | + poetry run python -m pytest --benchmark-skip tests + env: + PGHOST: localhost + PGPORT: 5432 + PGDATABASE: mydatabase + PGUSER: myuser + PGPASSWORD: mypassword + PGTABLENAME: space2stats + S3_BUCKET_NAME: test-bucket + + deploy-to-dev: + if: ${{ github.event_name == 'pull_request' }} + uses: "./.github/workflows/deploy.yml" + needs: test + with: + environment: Space2Stats API Dev + stage: pr-${{ github.event.pull_request.number }} + pr-number: ${{ github.event.pull_request.number }} + secrets: inherit + + deploy-to-production: + if: ${{ github.event_name == 'push' && github.ref_name == 'main' }} + uses: "./.github/workflows/deploy.yml" + needs: test + with: + environment: Space2Stats API Prod + stage: prod + secrets: inherit + + destroy-pr-preview: + if: ${{ github.event.action == 'closed' }} + uses: "./.github/workflows/deploy.yml" + with: + environment: Space2Stats API Dev + stage: pr-${{ github.event.pull_request.number }} + + secrets: inherit diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml new file mode 100644 index 0000000..4c6c9b2 --- /dev/null +++ b/.github/workflows/deploy.yml @@ -0,0 +1,85 @@ +name: Deploy + +on: + workflow_call: + inputs: + environment: + type: string + required: true + stage: + type: string + required: true + pr-number: + type: number + required: false + +permissions: + id-token: write + contents: read + pull-requests: write + +jobs: + build: + concurrency: ${{ inputs.environment }} + environment: ${{ inputs.environment }} + runs-on: ubuntu-latest + + steps: + - name: Check out repository code + uses: actions/checkout@v2 + + - name: Install AWS CDK + run: npm install -g aws-cdk + + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: arn:aws:iam::017820688988:role/Space2Stats-Deploy-Role + aws-region: ${{ vars.CDK_DEFAULT_REGION }} + + - name: Install CDK dependencies + working-directory: ./space2stats_api/cdk + run: | + pip install -r requirements-cdk.txt + + - name: Deploy CDK stack to staging + working-directory: ./space2stats_api/cdk + env: + STAGE: ${{ inputs.stage }} + PGHOST: ${{ secrets.PGHOST }} + PGPORT: ${{ secrets.PGPORT }} + PGDATABASE: ${{ secrets.PGDATABASE }} + PGUSER: ${{ secrets.PGUSER }} + PGPASSWORD: ${{ secrets.PGPASSWORD }} + PGTABLENAME: ${{ secrets.PGTABLENAME }} + CDK_CERTIFICATE_ARN: ${{ vars.CDK_CERTIFICATE_ARN }} + CDK_DEFAULT_ACCOUNT: ${{ vars.CDK_DEFAULT_ACCOUNT }} + CDK_DEFAULT_REGION: ${{ vars.CDK_DEFAULT_REGION }} + CDK_DOMAIN_NAME: ${{ vars.CDK_DOMAIN_NAME }} + run: cdk deploy --require-approval never --outputs-file outputs.json + + - name: Get API URL + id: get-api-url + working-directory: ./space2stats_api/cdk + run: | + echo "api-url=$(jq -r '."Space2Stats-${{ inputs.stage }}".ApiGatewayUrl' outputs.json)" >> $GITHUB_OUTPUT + + - name: Find Comment + uses: peter-evans/find-comment@v3 + id: find-comment + if: ${{ inputs.pr-number }} + with: + issue-number: ${{ inputs.pr-number }} + comment-author: "github-actions[bot]" + body-includes: "PR Deployment Details:" + + - name: Create or update comment with URL + uses: peter-evans/create-or-update-comment@v4 + if: ${{ inputs.pr-number }} + with: + issue-number: ${{ inputs.pr-number }} + comment-id: ${{ steps.find-comment.outputs.comment-id }} + body: | + PR Deployment Details: + 🚀 PR deployed to ${{ steps.get-api-url.outputs.api-url }} + edit-mode: replace diff --git a/.github/workflows/destroy.yml b/.github/workflows/destroy.yml new file mode 100644 index 0000000..d4b59bc --- /dev/null +++ b/.github/workflows/destroy.yml @@ -0,0 +1,78 @@ +name: Destroy Preview Environment + +on: + workflow_call: + inputs: + environment: + type: string + required: true + stage: + type: string + required: true + pr-number: + type: number + required: false + +permissions: + id-token: write + contents: read + pull-requests: write + +jobs: + build: + concurrency: ${{ inputs.environment }} + environment: ${{ inputs.environment }} + runs-on: ubuntu-latest + + steps: + - name: Check out repository code + uses: actions/checkout@v2 + + - name: Install AWS CDK + run: npm install -g aws-cdk + + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: arn:aws:iam::017820688988:role/Space2Stats-Deploy-Role + aws-region: ${{ vars.CDK_DEFAULT_REGION }} + + - name: Install CDK dependencies + working-directory: ./space2stats_api/cdk + run: | + pip install -r requirements-cdk.txt + + - name: Deploy CDK stack to staging + working-directory: ./space2stats_api/cdk + env: + STAGE: ${{ inputs.stage }} + PGHOST: ${{ secrets.PGHOST }} + PGPORT: ${{ secrets.PGPORT }} + PGDATABASE: ${{ secrets.PGDATABASE }} + PGUSER: ${{ secrets.PGUSER }} + PGPASSWORD: ${{ secrets.PGPASSWORD }} + PGTABLENAME: ${{ secrets.PGTABLENAME }} + CDK_CERTIFICATE_ARN: ${{ vars.CDK_CERTIFICATE_ARN }} + CDK_DEFAULT_ACCOUNT: ${{ vars.CDK_DEFAULT_ACCOUNT }} + CDK_DEFAULT_REGION: ${{ vars.CDK_DEFAULT_REGION }} + CDK_DOMAIN_NAME: ${{ vars.CDK_DOMAIN_NAME }} + run: cdk destroy --require-approval never + + - name: Find Comment + uses: peter-evans/find-comment@v3 + id: find-comment + if: ${{ inputs.pr-number }} + with: + issue-number: ${{ inputs.pr-number }} + comment-author: "github-actions[bot]" + body-includes: "PR Deployment Details:" + + - name: Create or update comment with URL + uses: peter-evans/create-or-update-comment@v4 + if: ${{ inputs.pr-number }} + with: + issue-number: ${{ inputs.pr-number }} + comment-id: ${{ steps.find-comment.outputs.comment-id }} + body: | + Removed PR Preview Environment. + edit-mode: append diff --git a/space2stats_api/cdk/aws_stack.py b/space2stats_api/cdk/aws_stack.py index b6b666d..66aaf2f 100644 --- a/space2stats_api/cdk/aws_stack.py +++ b/space2stats_api/cdk/aws_stack.py @@ -1,4 +1,4 @@ -from aws_cdk import Duration, Stack +from aws_cdk import CfnOutput, Duration, Stack from aws_cdk import aws_apigatewayv2 as apigatewayv2 from aws_cdk import aws_apigatewayv2_integrations as integrations from aws_cdk import aws_certificatemanager as acm @@ -48,13 +48,6 @@ def __init__( self, "Certificate", deployment_settings.CDK_CERTIFICATE_ARN ) - domain_name = apigatewayv2.DomainName( - self, - "DomainName", - domain_name=deployment_settings.CDK_DOMAIN_NAME, - certificate=certificate, - ) - http_api = apigatewayv2.HttpApi( self, "Space2StatsHttpApi", @@ -63,10 +56,24 @@ def __init__( ), ) - apigatewayv2.ApiMapping( + CfnOutput( self, - "ApiMapping", - api=http_api, - domain_name=domain_name, - stage=http_api.default_stage, + "ApiGatewayUrl", + key="ApiGatewayUrl", + value=http_api.url, ) + + if deployment_settings.CDK_DOMAIN_NAME: + domain_name = apigatewayv2.DomainName( + self, + "DomainName", + domain_name=deployment_settings.CDK_DOMAIN_NAME, + certificate=certificate, + ) + apigatewayv2.ApiMapping( + self, + "ApiMapping", + api=http_api, + domain_name=domain_name, + stage=http_api.default_stage, + ) diff --git a/space2stats_api/cdk/settings.py b/space2stats_api/cdk/settings.py index 9589b6d..83044aa 100644 --- a/space2stats_api/cdk/settings.py +++ b/space2stats_api/cdk/settings.py @@ -1,3 +1,5 @@ +from typing import Optional + from pydantic_settings import BaseSettings @@ -14,5 +16,5 @@ class DeploymentSettings(BaseSettings): CDK_DEFAULT_ACCOUNT: str CDK_DEFAULT_REGION: str CDK_CERTIFICATE_ARN: str - CDK_DOMAIN_NAME: str + CDK_DOMAIN_NAME: Optional[str] STAGE: str = "dev" From 324c3cb7cabac9c9119287766a5f17e606ebf258 Mon Sep 17 00:00:00 2001 From: Anthony Lukach Date: Tue, 5 Nov 2024 15:00:03 -0800 Subject: [PATCH 16/32] Fix destroy --- .github/workflows/ci.yml | 2 +- .github/workflows/destroy.yml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 3be9e3a..7fdddf1 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -74,7 +74,7 @@ jobs: destroy-pr-preview: if: ${{ github.event.action == 'closed' }} - uses: "./.github/workflows/deploy.yml" + uses: "./.github/workflows/destroy.yml" with: environment: Space2Stats API Dev stage: pr-${{ github.event.pull_request.number }} diff --git a/.github/workflows/destroy.yml b/.github/workflows/destroy.yml index d4b59bc..193b7f8 100644 --- a/.github/workflows/destroy.yml +++ b/.github/workflows/destroy.yml @@ -42,7 +42,7 @@ jobs: run: | pip install -r requirements-cdk.txt - - name: Deploy CDK stack to staging + - name: Tear down CDK stack working-directory: ./space2stats_api/cdk env: STAGE: ${{ inputs.stage }} @@ -67,7 +67,7 @@ jobs: comment-author: "github-actions[bot]" body-includes: "PR Deployment Details:" - - name: Create or update comment with URL + - name: Create or update comment with removal confirmation uses: peter-evans/create-or-update-comment@v4 if: ${{ inputs.pr-number }} with: From 0f58c07a553136b4f54c5de720ab11bec93c97f7 Mon Sep 17 00:00:00 2001 From: Anthony Lukach Date: Tue, 5 Nov 2024 15:08:17 -0800 Subject: [PATCH 17/32] Prevent unnecessary deployments --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 7fdddf1..9999ede 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -54,7 +54,7 @@ jobs: S3_BUCKET_NAME: test-bucket deploy-to-dev: - if: ${{ github.event_name == 'pull_request' }} + if: ${{ github.event_name == 'pull_request' && github.event.action != 'closed' }} uses: "./.github/workflows/deploy.yml" needs: test with: From bf068fcaf5506c8ce5635639fa05fea1ca3f2cd8 Mon Sep 17 00:00:00 2001 From: Anthony Lukach Date: Tue, 5 Nov 2024 15:08:57 -0800 Subject: [PATCH 18/32] Pass in PR number --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 9999ede..02242d8 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -78,5 +78,5 @@ jobs: with: environment: Space2Stats API Dev stage: pr-${{ github.event.pull_request.number }} - + pr-number: ${{ github.event.pull_request.number }} secrets: inherit From 544387a3cd22884f02fc9956b9bcf208cc235604 Mon Sep 17 00:00:00 2001 From: Anthony Lukach Date: Tue, 5 Nov 2024 15:24:49 -0800 Subject: [PATCH 19/32] Prevent testing on closed PRs --- .github/workflows/ci.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 02242d8..1dad54f 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -12,6 +12,7 @@ on: jobs: test: runs-on: ubuntu-latest + if: ${{ github.event.action != 'closed' }} steps: - name: Checkout code From 7d97095e6585b64741aabdfc7007e51f88ca4822 Mon Sep 17 00:00:00 2001 From: Anthony Lukach Date: Tue, 5 Nov 2024 15:35:38 -0800 Subject: [PATCH 20/32] Refactor --- .github/workflows/ci.yml | 32 +------- .github/workflows/deploy.yml | 103 ++++++-------------------- .github/workflows/destroy.yml | 14 +--- .github/workflows/reusable/deploy.yml | 85 +++++++++++++++++++++ 4 files changed, 113 insertions(+), 121 deletions(-) create mode 100644 .github/workflows/reusable/deploy.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 1dad54f..e473462 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -2,17 +2,17 @@ name: Run Tests on: push: + branches: + - main pull_request: types: - opened - synchronize - reopened - - closed jobs: test: runs-on: ubuntu-latest - if: ${{ github.event.action != 'closed' }} steps: - name: Checkout code @@ -53,31 +53,3 @@ jobs: PGPASSWORD: mypassword PGTABLENAME: space2stats S3_BUCKET_NAME: test-bucket - - deploy-to-dev: - if: ${{ github.event_name == 'pull_request' && github.event.action != 'closed' }} - uses: "./.github/workflows/deploy.yml" - needs: test - with: - environment: Space2Stats API Dev - stage: pr-${{ github.event.pull_request.number }} - pr-number: ${{ github.event.pull_request.number }} - secrets: inherit - - deploy-to-production: - if: ${{ github.event_name == 'push' && github.ref_name == 'main' }} - uses: "./.github/workflows/deploy.yml" - needs: test - with: - environment: Space2Stats API Prod - stage: prod - secrets: inherit - - destroy-pr-preview: - if: ${{ github.event.action == 'closed' }} - uses: "./.github/workflows/destroy.yml" - with: - environment: Space2Stats API Dev - stage: pr-${{ github.event.pull_request.number }} - pr-number: ${{ github.event.pull_request.number }} - secrets: inherit diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 4c6c9b2..6643c52 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -1,85 +1,28 @@ name: Deploy on: - workflow_call: - inputs: - environment: - type: string - required: true - stage: - type: string - required: true - pr-number: - type: number - required: false - -permissions: - id-token: write - contents: read - pull-requests: write + workflow_run: + workflows: + - Run Tests + types: + - completed jobs: - build: - concurrency: ${{ inputs.environment }} - environment: ${{ inputs.environment }} - runs-on: ubuntu-latest - - steps: - - name: Check out repository code - uses: actions/checkout@v2 - - - name: Install AWS CDK - run: npm install -g aws-cdk - - - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - role-to-assume: arn:aws:iam::017820688988:role/Space2Stats-Deploy-Role - aws-region: ${{ vars.CDK_DEFAULT_REGION }} - - - name: Install CDK dependencies - working-directory: ./space2stats_api/cdk - run: | - pip install -r requirements-cdk.txt - - - name: Deploy CDK stack to staging - working-directory: ./space2stats_api/cdk - env: - STAGE: ${{ inputs.stage }} - PGHOST: ${{ secrets.PGHOST }} - PGPORT: ${{ secrets.PGPORT }} - PGDATABASE: ${{ secrets.PGDATABASE }} - PGUSER: ${{ secrets.PGUSER }} - PGPASSWORD: ${{ secrets.PGPASSWORD }} - PGTABLENAME: ${{ secrets.PGTABLENAME }} - CDK_CERTIFICATE_ARN: ${{ vars.CDK_CERTIFICATE_ARN }} - CDK_DEFAULT_ACCOUNT: ${{ vars.CDK_DEFAULT_ACCOUNT }} - CDK_DEFAULT_REGION: ${{ vars.CDK_DEFAULT_REGION }} - CDK_DOMAIN_NAME: ${{ vars.CDK_DOMAIN_NAME }} - run: cdk deploy --require-approval never --outputs-file outputs.json - - - name: Get API URL - id: get-api-url - working-directory: ./space2stats_api/cdk - run: | - echo "api-url=$(jq -r '."Space2Stats-${{ inputs.stage }}".ApiGatewayUrl' outputs.json)" >> $GITHUB_OUTPUT - - - name: Find Comment - uses: peter-evans/find-comment@v3 - id: find-comment - if: ${{ inputs.pr-number }} - with: - issue-number: ${{ inputs.pr-number }} - comment-author: "github-actions[bot]" - body-includes: "PR Deployment Details:" - - - name: Create or update comment with URL - uses: peter-evans/create-or-update-comment@v4 - if: ${{ inputs.pr-number }} - with: - issue-number: ${{ inputs.pr-number }} - comment-id: ${{ steps.find-comment.outputs.comment-id }} - body: | - PR Deployment Details: - 🚀 PR deployed to ${{ steps.get-api-url.outputs.api-url }} - edit-mode: replace + deploy-to-dev: + if: ${{ github.event.workflow_run.conclusion == 'success' && github.event_name == 'pull_request' && github.event.action != 'closed' }} + uses: "./.github/workflows/reusable/deploy.yml" + needs: test + with: + environment: Space2Stats API Dev + stage: pr-${{ github.event.pull_request.number }} + pr-number: ${{ github.event.pull_request.number }} + secrets: inherit + + deploy-to-production: + if: ${{ github.event.workflow_run.conclusion == 'success' && github.event_name == 'push' && github.ref_name == 'main' }} + uses: "./.github/workflows/reusable/deploy.yml" + needs: test + with: + environment: Space2Stats API Prod + stage: prod + secrets: inherit diff --git a/.github/workflows/destroy.yml b/.github/workflows/destroy.yml index 193b7f8..cd75eec 100644 --- a/.github/workflows/destroy.yml +++ b/.github/workflows/destroy.yml @@ -1,17 +1,9 @@ name: Destroy Preview Environment on: - workflow_call: - inputs: - environment: - type: string - required: true - stage: - type: string - required: true - pr-number: - type: number - required: false + pull_request: + types: + - closed permissions: id-token: write diff --git a/.github/workflows/reusable/deploy.yml b/.github/workflows/reusable/deploy.yml new file mode 100644 index 0000000..4c6c9b2 --- /dev/null +++ b/.github/workflows/reusable/deploy.yml @@ -0,0 +1,85 @@ +name: Deploy + +on: + workflow_call: + inputs: + environment: + type: string + required: true + stage: + type: string + required: true + pr-number: + type: number + required: false + +permissions: + id-token: write + contents: read + pull-requests: write + +jobs: + build: + concurrency: ${{ inputs.environment }} + environment: ${{ inputs.environment }} + runs-on: ubuntu-latest + + steps: + - name: Check out repository code + uses: actions/checkout@v2 + + - name: Install AWS CDK + run: npm install -g aws-cdk + + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: arn:aws:iam::017820688988:role/Space2Stats-Deploy-Role + aws-region: ${{ vars.CDK_DEFAULT_REGION }} + + - name: Install CDK dependencies + working-directory: ./space2stats_api/cdk + run: | + pip install -r requirements-cdk.txt + + - name: Deploy CDK stack to staging + working-directory: ./space2stats_api/cdk + env: + STAGE: ${{ inputs.stage }} + PGHOST: ${{ secrets.PGHOST }} + PGPORT: ${{ secrets.PGPORT }} + PGDATABASE: ${{ secrets.PGDATABASE }} + PGUSER: ${{ secrets.PGUSER }} + PGPASSWORD: ${{ secrets.PGPASSWORD }} + PGTABLENAME: ${{ secrets.PGTABLENAME }} + CDK_CERTIFICATE_ARN: ${{ vars.CDK_CERTIFICATE_ARN }} + CDK_DEFAULT_ACCOUNT: ${{ vars.CDK_DEFAULT_ACCOUNT }} + CDK_DEFAULT_REGION: ${{ vars.CDK_DEFAULT_REGION }} + CDK_DOMAIN_NAME: ${{ vars.CDK_DOMAIN_NAME }} + run: cdk deploy --require-approval never --outputs-file outputs.json + + - name: Get API URL + id: get-api-url + working-directory: ./space2stats_api/cdk + run: | + echo "api-url=$(jq -r '."Space2Stats-${{ inputs.stage }}".ApiGatewayUrl' outputs.json)" >> $GITHUB_OUTPUT + + - name: Find Comment + uses: peter-evans/find-comment@v3 + id: find-comment + if: ${{ inputs.pr-number }} + with: + issue-number: ${{ inputs.pr-number }} + comment-author: "github-actions[bot]" + body-includes: "PR Deployment Details:" + + - name: Create or update comment with URL + uses: peter-evans/create-or-update-comment@v4 + if: ${{ inputs.pr-number }} + with: + issue-number: ${{ inputs.pr-number }} + comment-id: ${{ steps.find-comment.outputs.comment-id }} + body: | + PR Deployment Details: + 🚀 PR deployed to ${{ steps.get-api-url.outputs.api-url }} + edit-mode: replace From 80f788f90ad216903faf26b1aa142277a52da838 Mon Sep 17 00:00:00 2001 From: Anthony Lukach Date: Tue, 5 Nov 2024 15:36:40 -0800 Subject: [PATCH 21/32] Mv to workflows --- .github/workflows/deploy.yml | 4 ++-- .../workflows/{reusable/deploy.yml => reusable-deploy.yml} | 0 2 files changed, 2 insertions(+), 2 deletions(-) rename .github/workflows/{reusable/deploy.yml => reusable-deploy.yml} (100%) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 6643c52..7980826 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -10,7 +10,7 @@ on: jobs: deploy-to-dev: if: ${{ github.event.workflow_run.conclusion == 'success' && github.event_name == 'pull_request' && github.event.action != 'closed' }} - uses: "./.github/workflows/reusable/deploy.yml" + uses: "./.github/workflows/reusable-deploy.yml" needs: test with: environment: Space2Stats API Dev @@ -20,7 +20,7 @@ jobs: deploy-to-production: if: ${{ github.event.workflow_run.conclusion == 'success' && github.event_name == 'push' && github.ref_name == 'main' }} - uses: "./.github/workflows/reusable/deploy.yml" + uses: "./.github/workflows/reusable-deploy.yml" needs: test with: environment: Space2Stats API Prod diff --git a/.github/workflows/reusable/deploy.yml b/.github/workflows/reusable-deploy.yml similarity index 100% rename from .github/workflows/reusable/deploy.yml rename to .github/workflows/reusable-deploy.yml From ad97522dabbc3d7547ec771bb1508b2b6b260b9d Mon Sep 17 00:00:00 2001 From: Anthony Lukach Date: Tue, 5 Nov 2024 15:42:59 -0800 Subject: [PATCH 22/32] Fix destroy --- .github/workflows/destroy.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/destroy.yml b/.github/workflows/destroy.yml index cd75eec..61e357a 100644 --- a/.github/workflows/destroy.yml +++ b/.github/workflows/destroy.yml @@ -12,8 +12,8 @@ permissions: jobs: build: - concurrency: ${{ inputs.environment }} - environment: ${{ inputs.environment }} + concurrency: Space2Stats API Dev + environment: Space2Stats API Dev runs-on: ubuntu-latest steps: @@ -37,7 +37,7 @@ jobs: - name: Tear down CDK stack working-directory: ./space2stats_api/cdk env: - STAGE: ${{ inputs.stage }} + STAGE: pr-${{ github.event.pull_request.number }} PGHOST: ${{ secrets.PGHOST }} PGPORT: ${{ secrets.PGPORT }} PGDATABASE: ${{ secrets.PGDATABASE }} @@ -53,17 +53,17 @@ jobs: - name: Find Comment uses: peter-evans/find-comment@v3 id: find-comment - if: ${{ inputs.pr-number }} + if: ${{ github.event.pull_request.number }} with: - issue-number: ${{ inputs.pr-number }} + issue-number: ${{ github.event.pull_request.number }} comment-author: "github-actions[bot]" body-includes: "PR Deployment Details:" - name: Create or update comment with removal confirmation uses: peter-evans/create-or-update-comment@v4 - if: ${{ inputs.pr-number }} + if: ${{ github.event.pull_request.number }} with: - issue-number: ${{ inputs.pr-number }} + issue-number: ${{ github.event.pull_request.number }} comment-id: ${{ steps.find-comment.outputs.comment-id }} body: | Removed PR Preview Environment. From c092e6359e9464597e7ca08ba47fa0c92d5b7d27 Mon Sep 17 00:00:00 2001 From: Anthony Lukach Date: Tue, 5 Nov 2024 15:47:28 -0800 Subject: [PATCH 23/32] Rework trigger --- .github/workflows/deploy.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 7980826..e7a5e10 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -2,8 +2,7 @@ name: Deploy on: workflow_run: - workflows: - - Run Tests + workflows: ["Run Tests"] types: - completed From a2e2096d45895678185f3fad1c67ebc2cd830624 Mon Sep 17 00:00:00 2001 From: Anthony Lukach Date: Tue, 5 Nov 2024 15:51:05 -0800 Subject: [PATCH 24/32] Refine --- .github/workflows/deploy.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index e7a5e10..4411dcb 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -1,4 +1,4 @@ -name: Deploy +name: Deploy to appropriate environment on: workflow_run: @@ -8,7 +8,7 @@ on: jobs: deploy-to-dev: - if: ${{ github.event.workflow_run.conclusion == 'success' && github.event_name == 'pull_request' && github.event.action != 'closed' }} + if: ${{ github.event.workflow_run.conclusion == 'success' && github.event_name == 'pull_request' }} uses: "./.github/workflows/reusable-deploy.yml" needs: test with: From d04b313104facbcda452c92d20ddd73790dd1aa1 Mon Sep 17 00:00:00 2001 From: Anthony Lukach Date: Wed, 6 Nov 2024 09:07:10 -0800 Subject: [PATCH 25/32] Rm old needs --- .github/workflows/deploy.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 4411dcb..c76c046 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -10,7 +10,6 @@ jobs: deploy-to-dev: if: ${{ github.event.workflow_run.conclusion == 'success' && github.event_name == 'pull_request' }} uses: "./.github/workflows/reusable-deploy.yml" - needs: test with: environment: Space2Stats API Dev stage: pr-${{ github.event.pull_request.number }} @@ -20,7 +19,6 @@ jobs: deploy-to-production: if: ${{ github.event.workflow_run.conclusion == 'success' && github.event_name == 'push' && github.ref_name == 'main' }} uses: "./.github/workflows/reusable-deploy.yml" - needs: test with: environment: Space2Stats API Prod stage: prod From f50fd0b031221dab120efc140d880f22b5f2b945 Mon Sep 17 00:00:00 2001 From: Anthony Lukach Date: Wed, 6 Nov 2024 09:14:18 -0800 Subject: [PATCH 26/32] Rework trigger --- .github/workflows/ci.yml | 14 +++----------- 1 file changed, 3 insertions(+), 11 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index e473462..30c7610 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,14 +1,6 @@ -name: Run Tests - -on: - push: - branches: - - main - pull_request: - types: - - opened - - synchronize - - reopened +name: "Run Tests" + +on: [push] jobs: test: From e4a2a0908e11f2f8a9878431eb86b1ce46246ee8 Mon Sep 17 00:00:00 2001 From: Anthony Lukach Date: Thu, 7 Nov 2024 08:17:45 -0800 Subject: [PATCH 27/32] Try fix if condition --- .github/workflows/deploy.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index c76c046..dc96bcc 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -8,7 +8,7 @@ on: jobs: deploy-to-dev: - if: ${{ github.event.workflow_run.conclusion == 'success' && github.event_name == 'pull_request' }} + if: ${{ github.event.workflow_run.conclusion == 'success' && github.event.workflow_run.event == 'pull_request' }} uses: "./.github/workflows/reusable-deploy.yml" with: environment: Space2Stats API Dev @@ -17,7 +17,7 @@ jobs: secrets: inherit deploy-to-production: - if: ${{ github.event.workflow_run.conclusion == 'success' && github.event_name == 'push' && github.ref_name == 'main' }} + if: ${{ github.event.workflow_run.conclusion == 'success' && github.event.workflow_run.event == 'push' && github.ref_name == 'main' }} uses: "./.github/workflows/reusable-deploy.yml" with: environment: Space2Stats API Prod From ab4bd0d7a9f72e1985f2d9ba6c83244a0ceadab5 Mon Sep 17 00:00:00 2001 From: Anthony Lukach Date: Thu, 7 Nov 2024 08:25:54 -0800 Subject: [PATCH 28/32] Mv deployment trigger back to ci.yml --- .github/workflows/ci.yml | 19 +++++++++++++++++++ .github/workflows/deploy.yml | 25 ------------------------- 2 files changed, 19 insertions(+), 25 deletions(-) delete mode 100644 .github/workflows/deploy.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 30c7610..8806bc9 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -45,3 +45,22 @@ jobs: PGPASSWORD: mypassword PGTABLENAME: space2stats S3_BUCKET_NAME: test-bucket + + deploy-to-dev: + if: ${{ github.event_name == 'pull_request' }} + needs: test + uses: "./.github/workflows/reusable-deploy.yml" + with: + environment: Space2Stats API Dev + stage: pr-${{ github.event.pull_request.number }} + pr-number: ${{ github.event.pull_request.number }} + secrets: inherit + + deploy-to-production: + if: ${{ github.event_name == 'push' && github.ref_name == 'main' }} + needs: test + uses: "./.github/workflows/reusable-deploy.yml" + with: + environment: Space2Stats API Prod + stage: prod + secrets: inherit diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml deleted file mode 100644 index dc96bcc..0000000 --- a/.github/workflows/deploy.yml +++ /dev/null @@ -1,25 +0,0 @@ -name: Deploy to appropriate environment - -on: - workflow_run: - workflows: ["Run Tests"] - types: - - completed - -jobs: - deploy-to-dev: - if: ${{ github.event.workflow_run.conclusion == 'success' && github.event.workflow_run.event == 'pull_request' }} - uses: "./.github/workflows/reusable-deploy.yml" - with: - environment: Space2Stats API Dev - stage: pr-${{ github.event.pull_request.number }} - pr-number: ${{ github.event.pull_request.number }} - secrets: inherit - - deploy-to-production: - if: ${{ github.event.workflow_run.conclusion == 'success' && github.event.workflow_run.event == 'push' && github.ref_name == 'main' }} - uses: "./.github/workflows/reusable-deploy.yml" - with: - environment: Space2Stats API Prod - stage: prod - secrets: inherit From e15f20713297d6182a56920c42c05a5c0ca09355 Mon Sep 17 00:00:00 2001 From: Anthony Lukach Date: Thu, 7 Nov 2024 08:31:23 -0800 Subject: [PATCH 29/32] Rework triggers --- .github/workflows/ci.yml | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 8806bc9..a38c818 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,6 +1,13 @@ name: "Run Tests" -on: [push] +on: + push: + pull_request: + types: + - opened + - synchronize + - reopened + - closed jobs: test: From 090f1da4724b869ea28514aa518beecc747f75e2 Mon Sep 17 00:00:00 2001 From: Anthony Lukach Date: Thu, 7 Nov 2024 08:40:22 -0800 Subject: [PATCH 30/32] Rename jobs --- .github/workflows/destroy.yml | 2 +- .github/workflows/reusable-deploy.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/destroy.yml b/.github/workflows/destroy.yml index 61e357a..fae8ffa 100644 --- a/.github/workflows/destroy.yml +++ b/.github/workflows/destroy.yml @@ -11,7 +11,7 @@ permissions: pull-requests: write jobs: - build: + destroy: concurrency: Space2Stats API Dev environment: Space2Stats API Dev runs-on: ubuntu-latest diff --git a/.github/workflows/reusable-deploy.yml b/.github/workflows/reusable-deploy.yml index 4c6c9b2..2305cf8 100644 --- a/.github/workflows/reusable-deploy.yml +++ b/.github/workflows/reusable-deploy.yml @@ -19,7 +19,7 @@ permissions: pull-requests: write jobs: - build: + deploy: concurrency: ${{ inputs.environment }} environment: ${{ inputs.environment }} runs-on: ubuntu-latest From d7d3f4c7cc7dde7d2785baf2b4e32c80b5022c98 Mon Sep 17 00:00:00 2001 From: Anthony Lukach Date: Thu, 7 Nov 2024 08:53:44 -0800 Subject: [PATCH 31/32] Set concurrency to stage --- .github/workflows/reusable-deploy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/reusable-deploy.yml b/.github/workflows/reusable-deploy.yml index 2305cf8..f25b3e3 100644 --- a/.github/workflows/reusable-deploy.yml +++ b/.github/workflows/reusable-deploy.yml @@ -20,7 +20,7 @@ permissions: jobs: deploy: - concurrency: ${{ inputs.environment }} + concurrency: ${{ inputs.stage }} environment: ${{ inputs.environment }} runs-on: ubuntu-latest From 38c9a95d8436bc5a7e6395048b36a0d10ac18236 Mon Sep 17 00:00:00 2001 From: Anthony Lukach Date: Thu, 7 Nov 2024 08:55:39 -0800 Subject: [PATCH 32/32] Only trigger on pushes to main --- .github/workflows/ci.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index a38c818..11d69ac 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -2,6 +2,8 @@ name: "Run Tests" on: push: + branches: + - main pull_request: types: - opened