Skip to content

Commit

Permalink
chore(stacks.api): disable staging stage for now
Browse files Browse the repository at this point in the history 
Signed-off-by: Braden Mars <[email protected]>
  • Loading branch information
@BradenM
BradenM committed Aug 6, 2023
1 parent e9472a9 commit 327294f
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 178 deletions.
163 changes: 0 additions & 163 deletions .github/workflows/deploy.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,6 @@ jobs:
- name: Mask values
run: |-
echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}}
echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_STAGING}}
echo ::add-mask::${{secrets.AWS_PIPELINE_ACCOUNT_ID}}
- name: Install Helm
uses: azure/setup-helm@v3
Expand Down Expand Up @@ -88,7 +87,6 @@ jobs:
DESTINATION: s3://crisiscleanup-pipeline-assets/cdk-assets/${{github.run_id}}-${{github.run_attempt}}/cdk.out
run: |-
echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}}
echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_STAGING}}
echo ::add-mask::${{secrets.AWS_PIPELINE_ACCOUNT_ID}}
aws s3 sync $SOURCE $DESTINATION
Assets-FileAsset1:
Expand All @@ -115,7 +113,6 @@ jobs:
DESTINATION: cdk.out
run: |-
echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}}
echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_STAGING}}
echo ::add-mask::${{secrets.AWS_PIPELINE_ACCOUNT_ID}}
aws s3 sync $SOURCE $DESTINATION
- name: Install
Expand Down Expand Up @@ -147,7 +144,6 @@ jobs:
DESTINATION: cdk.out
run: |-
echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}}
echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_STAGING}}
echo ::add-mask::${{secrets.AWS_PIPELINE_ACCOUNT_ID}}
aws s3 sync $SOURCE $DESTINATION
- name: Install
Expand Down Expand Up @@ -179,7 +175,6 @@ jobs:
DESTINATION: cdk.out
run: |-
echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}}
echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_STAGING}}
echo ::add-mask::${{secrets.AWS_PIPELINE_ACCOUNT_ID}}
aws s3 sync $SOURCE $DESTINATION
- name: Install
Expand Down Expand Up @@ -211,7 +206,6 @@ jobs:
DESTINATION: cdk.out
run: |-
echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}}
echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_STAGING}}
echo ::add-mask::${{secrets.AWS_PIPELINE_ACCOUNT_ID}}
aws s3 sync $SOURCE $DESTINATION
- name: Install
Expand Down Expand Up @@ -243,110 +237,13 @@ jobs:
DESTINATION: cdk.out
run: |-
echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}}
echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_STAGING}}
echo ::add-mask::${{secrets.AWS_PIPELINE_ACCOUNT_ID}}
aws s3 sync $SOURCE $DESTINATION
- name: Install
run: npm install --no-save cdk-assets
- id: Publish
name: Publish Assets-FileAsset13
run: /bin/bash ./cdk.out/publish-Assets-FileAsset13-step.sh
Assets-FileAsset14:
name: Publish Assets Assets-FileAsset14
needs:
- Build-crisiscleanup-infra-pipeline-synth
permissions:
contents: read
id-token: write
runs-on: ubuntu-latest
outputs:
asset-hash: ${{ steps.Publish.outputs.asset-hash }}
steps:
- name: Authenticate Via OIDC Role
uses: aws-actions/configure-aws-credentials@v1-node16
with:
aws-region: us-east-1
role-duration-seconds: 1800
role-skip-session-tagging: true
role-to-assume: arn:aws:iam::${{secrets.AWS_PIPELINE_ACCOUNT_ID}}:role/GitHubActionRole
- name: Pull assets
env:
SOURCE: s3://crisiscleanup-pipeline-assets/cdk-assets/${{github.run_id}}-${{github.run_attempt}}/cdk.out
DESTINATION: cdk.out
run: |-
echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}}
echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_STAGING}}
echo ::add-mask::${{secrets.AWS_PIPELINE_ACCOUNT_ID}}
aws s3 sync $SOURCE $DESTINATION
- name: Install
run: npm install --no-save cdk-assets
- id: Publish
name: Publish Assets-FileAsset14
run: /bin/bash ./cdk.out/publish-Assets-FileAsset14-step.sh
Assets-FileAsset15:
name: Publish Assets Assets-FileAsset15
needs:
- Build-crisiscleanup-infra-pipeline-synth
permissions:
contents: read
id-token: write
runs-on: ubuntu-latest
outputs:
asset-hash: ${{ steps.Publish.outputs.asset-hash }}
steps:
- name: Authenticate Via OIDC Role
uses: aws-actions/configure-aws-credentials@v1-node16
with:
aws-region: us-east-1
role-duration-seconds: 1800
role-skip-session-tagging: true
role-to-assume: arn:aws:iam::${{secrets.AWS_PIPELINE_ACCOUNT_ID}}:role/GitHubActionRole
- name: Pull assets
env:
SOURCE: s3://crisiscleanup-pipeline-assets/cdk-assets/${{github.run_id}}-${{github.run_attempt}}/cdk.out
DESTINATION: cdk.out
run: |-
echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}}
echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_STAGING}}
echo ::add-mask::${{secrets.AWS_PIPELINE_ACCOUNT_ID}}
aws s3 sync $SOURCE $DESTINATION
- name: Install
run: npm install --no-save cdk-assets
- id: Publish
name: Publish Assets-FileAsset15
run: /bin/bash ./cdk.out/publish-Assets-FileAsset15-step.sh
Assets-FileAsset16:
name: Publish Assets Assets-FileAsset16
needs:
- Build-crisiscleanup-infra-pipeline-synth
permissions:
contents: read
id-token: write
runs-on: ubuntu-latest
outputs:
asset-hash: ${{ steps.Publish.outputs.asset-hash }}
steps:
- name: Authenticate Via OIDC Role
uses: aws-actions/configure-aws-credentials@v1-node16
with:
aws-region: us-east-1
role-duration-seconds: 1800
role-skip-session-tagging: true
role-to-assume: arn:aws:iam::${{secrets.AWS_PIPELINE_ACCOUNT_ID}}:role/GitHubActionRole
- name: Pull assets
env:
SOURCE: s3://crisiscleanup-pipeline-assets/cdk-assets/${{github.run_id}}-${{github.run_attempt}}/cdk.out
DESTINATION: cdk.out
run: |-
echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}}
echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_STAGING}}
echo ::add-mask::${{secrets.AWS_PIPELINE_ACCOUNT_ID}}
aws s3 sync $SOURCE $DESTINATION
- name: Install
run: npm install --no-save cdk-assets
- id: Publish
name: Publish Assets-FileAsset16
run: /bin/bash ./cdk.out/publish-Assets-FileAsset16-step.sh
Assets-FileAsset2:
name: Publish Assets Assets-FileAsset2
needs:
Expand All @@ -371,7 +268,6 @@ jobs:
DESTINATION: cdk.out
run: |-
echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}}
echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_STAGING}}
echo ::add-mask::${{secrets.AWS_PIPELINE_ACCOUNT_ID}}
aws s3 sync $SOURCE $DESTINATION
- name: Install
Expand Down Expand Up @@ -403,7 +299,6 @@ jobs:
DESTINATION: cdk.out
run: |-
echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}}
echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_STAGING}}
echo ::add-mask::${{secrets.AWS_PIPELINE_ACCOUNT_ID}}
aws s3 sync $SOURCE $DESTINATION
- name: Install
Expand Down Expand Up @@ -435,7 +330,6 @@ jobs:
DESTINATION: cdk.out
run: |-
echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}}
echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_STAGING}}
echo ::add-mask::${{secrets.AWS_PIPELINE_ACCOUNT_ID}}
aws s3 sync $SOURCE $DESTINATION
- name: Install
Expand Down Expand Up @@ -467,7 +361,6 @@ jobs:
DESTINATION: cdk.out
run: |-
echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}}
echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_STAGING}}
echo ::add-mask::${{secrets.AWS_PIPELINE_ACCOUNT_ID}}
aws s3 sync $SOURCE $DESTINATION
- name: Install
Expand Down Expand Up @@ -499,7 +392,6 @@ jobs:
DESTINATION: cdk.out
run: |-
echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}}
echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_STAGING}}
echo ::add-mask::${{secrets.AWS_PIPELINE_ACCOUNT_ID}}
aws s3 sync $SOURCE $DESTINATION
- name: Install
Expand Down Expand Up @@ -531,7 +423,6 @@ jobs:
DESTINATION: cdk.out
run: |-
echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}}
echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_STAGING}}
echo ::add-mask::${{secrets.AWS_PIPELINE_ACCOUNT_ID}}
aws s3 sync $SOURCE $DESTINATION
- name: Install
Expand Down Expand Up @@ -563,7 +454,6 @@ jobs:
DESTINATION: cdk.out
run: |-
echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}}
echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_STAGING}}
echo ::add-mask::${{secrets.AWS_PIPELINE_ACCOUNT_ID}}
aws s3 sync $SOURCE $DESTINATION
- name: Install
Expand Down Expand Up @@ -595,7 +485,6 @@ jobs:
DESTINATION: cdk.out
run: |-
echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}}
echo ::add-mask::${{secrets.AWS_ACCOUNT_ID_STAGING}}
echo ::add-mask::${{secrets.AWS_PIPELINE_ACCOUNT_ID}}
aws s3 sync $SOURCE $DESTINATION
- name: Install
Expand Down Expand Up @@ -656,58 +545,6 @@ jobs:
no-fail-on-empty-changeset: "1"
capabilities: CAPABILITY_IAM,CAPABILITY_NAMED_IAM
role-arn: arn:aws:iam::${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}}:role/cdk-hnb659fds-cfn-exec-role-${{secrets.AWS_ACCOUNT_ID_DEVELOPMENT}}-us-east-1
staging-staging-blueprint-Deploy:
name: Deploy crisiscleanupinfrapipelinestackstagingstagingblueprint5D1F778A
permissions:
contents: read
id-token: write
environment:
name: staging
url: https://app.staging.crisiscleanup.io
needs:
- Build-crisiscleanup-infra-pipeline-synth
- Assets-FileAsset14
- Assets-FileAsset2
- Assets-FileAsset3
- Assets-FileAsset4
- Assets-FileAsset5
- Assets-FileAsset6
- Assets-FileAsset7
- Assets-FileAsset8
- Assets-FileAsset9
- Assets-FileAsset10
- Assets-FileAsset15
- Assets-FileAsset16
- development-development-blueprint-Deploy
runs-on: ${{inputs.runner || 'ubuntu-latest'}}
steps:
- name: Authenticate Via OIDC Role
uses: aws-actions/configure-aws-credentials@v1-node16
with:
aws-region: us-east-1
role-duration-seconds: 1800
role-skip-session-tagging: true
role-to-assume: arn:aws:iam::${{secrets.AWS_PIPELINE_ACCOUNT_ID}}:role/GitHubActionRole
- name: Assume CDK Deploy Role
uses: aws-actions/configure-aws-credentials@v1-node16
with:
aws-region: us-east-1
role-duration-seconds: 1800
role-skip-session-tagging: true
aws-access-key-id: ${{ env.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ env.AWS_SECRET_ACCESS_KEY }}
aws-session-token: ${{ env.AWS_SESSION_TOKEN }}
role-to-assume: arn:aws:iam::${{secrets.AWS_ACCOUNT_ID_STAGING}}:role/cdk-hnb659fds-deploy-role-${{secrets.AWS_ACCOUNT_ID_STAGING}}-us-east-1
role-external-id: Pipeline
- id: Deploy
uses: aws-actions/[email protected]
with:
name: staging-staging-blueprint
template: https://cdk-hnb659fds-assets-${{secrets.AWS_ACCOUNT_ID_STAGING}}-us-east-1.s3.us-east-1.amazonaws.com/${{
needs.Assets-FileAsset14.outputs.asset-hash }}.json
no-fail-on-empty-changeset: "1"
capabilities: CAPABILITY_IAM,CAPABILITY_NAMED_IAM
role-arn: arn:aws:iam::${{secrets.AWS_ACCOUNT_ID_STAGING}}:role/cdk-hnb659fds-cfn-exec-role-${{secrets.AWS_ACCOUNT_ID_STAGING}}-us-east-1
concurrency:
group: deploy-infra
cancel-in-progress: false
30 changes: 15 additions & 15 deletions packages/stacks/api/src/main.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -169,21 +169,21 @@ const pipeline = Pipeline.builder({
url: 'https://app.dev.crisiscleanup.io',
},
})
.target({
name: 'staging',
stackBuilder: stagingStack,
environment: config.$env.staging.cdkEnvironment,
platformTeam: new blueprints.PlatformTeam({
name: 'platform',
users: config.$env.staging.apiStack.eks.platformArns.map(
(arn) => new iam.ArnPrincipal(arn),
),
}),
githubEnvironment: {
name: 'staging',
url: 'https://app.staging.crisiscleanup.io',
},
})
// .target({
// name: 'staging',
// stackBuilder: stagingStack,
// environment: config.$env.staging.cdkEnvironment,
// platformTeam: new blueprints.PlatformTeam({
// name: 'platform',
// users: config.$env.staging.apiStack.eks.platformArns.map(
// (arn) => new iam.ArnPrincipal(arn),
// ),
// }),
// githubEnvironment: {
// name: 'staging',
// url: 'https://app.staging.crisiscleanup.io',
// },
// })
.build(app, {
env: {
account: String(config.cdkEnvironment.account),
Expand Down

0 comments on commit 327294f

Please sign in to comment.