Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Migrate to common-services #1207

Merged
merged 41 commits into from
Sep 6, 2024
Merged

Migrate to common-services #1207

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
41 commits
Select commit Hold shift + click to select a range
f73facc
Migrate to common-services
faergestad Jun 27, 2024
bbea1c4
Update terraform
faergestad Jun 27, 2024
0786059
Add terraform lock
faergestad Jun 27, 2024
e93f9be
Update path to dockerfile
faergestad Jun 28, 2024
ed0eb48
update docker job with dockerfile parameter
faergestad Jun 28, 2024
65e508f
Change docker image in circleCI config
faergestad Jun 28, 2024
b774ec7
add esbuild to dockerfile
faergestad Jun 28, 2024
fb38f2a
Merge branch 'refs/heads/main' into migrate-to-common-services
faergestad Jul 29, 2024
ee7e0b2
update build config
faergestad Jul 29, 2024
294ae9c
Add turbo to step in dockerfile
faergestad Jul 29, 2024
44fe914
Remove turbo from dockerfile
faergestad Jul 29, 2024
98e1308
Fix linting warning in dockerfile
faergestad Jul 29, 2024
c5089c6
Add back entrypoint script to match main branch
faergestad Jul 30, 2024
ac815a8
Update circleci config
faergestad Jul 30, 2024
c0a653c
Add path to dockerfile in docker job
faergestad Jul 30, 2024
446bf9e
Add build path to build_and_push_image step
faergestad Jul 30, 2024
85b85dc
Remove setup of remote docker
faergestad Jul 30, 2024
6502cd0
Run docker commands from the path of the dockerfile
faergestad Jul 30, 2024
1f171ff
merge old and new circleci config
faergestad Jul 30, 2024
c88a6d7
update deployment config
faergestad Jul 30, 2024
cac45db
fix indentation in circleci config
faergestad Jul 30, 2024
5e7591c
Add image tagging as expected by the deployment pipeline
faergestad Jul 30, 2024
82edee9
test terraform module bugfix for auto scaling configuration name
faergestad Jul 30, 2024
4dbfe9b
remove kms key alias
faergestad Jul 30, 2024
0598236
Fix typo in aws iam policy document
faergestad Jul 30, 2024
2083d8c
Remove entrypoint.sh from Dockerfile
faergestad Jul 30, 2024
a9458cd
Disable vpc connector, since spor is meant to be publicly accessible
faergestad Jul 31, 2024
e256bcc
place spor in public subnet
faergestad Jul 31, 2024
a691394
Remove subnet placement
faergestad Jul 31, 2024
60fbde3
Add security group rule to allow all outgoing traffic from spor
faergestad Jul 31, 2024
b84471f
Update branch triggers to main branch
faergestad Jul 31, 2024
ec55a24
Update apprunner module version
faergestad Aug 1, 2024
ef3e637
Deploy route53 hosted zone change to the new account, so we can acces…
faergestad Aug 1, 2024
68e0499
Update version for remote docker in circleCi config, due to deprecati…
faergestad Aug 22, 2024
45da6a4
Update app runner module version
faergestad Aug 22, 2024
4af674d
Merge branch 'refs/heads/main' into migrate-to-common-services
faergestad Sep 5, 2024
3a7d812
Upgrade app runner module
faergestad Sep 5, 2024
aa0d4f3
Bump circleci orbs
faergestad Sep 5, 2024
4f6d324
Cleanup moved statement
faergestad Sep 5, 2024
0572848
Change back urls to spor.vy.no
faergestad Sep 6, 2024
33cdfd7
Update branch filter to main
faergestad Sep 6, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
92 changes: 68 additions & 24 deletions .circleci/config.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,28 +1,33 @@
version: 2.1
orbs:
deployment: vydev/[email protected]
terraform: circleci/[email protected]
aws-ecr: circleci/[email protected]
aws-cli: circleci/[email protected]

parameters:
ecr_repo_name:
type: string
default: "digitalekanaler-spor"
default: "spor"
ecr_endpoint:
type: string
default: "635004941268.dkr.ecr.eu-west-1.amazonaws.com"
default: "637423315721.dkr.ecr.eu-west-1.amazonaws.com"
pipeline_name:
type: string
default: "spor-delivery-pipeline"
terraform_version:
type: string
default: "1.8.4"
terraform_artifact_name:
type: string
default: "spor-tf"

jobs:
validate-terraform:
docker:
- image: vydev/terraform:1.0.8
steps:
- checkout:
path: ~/repo
- run:
name: Validate terraform code
command: |
printf "Validating terraform code\n"
cd ~/repo/apps/docs/terraform/prod
terraform init -backend=false && terraform validate

build-docker:
build-and-push-docker:
parameters:
tags:
type: string
default: "${CIRCLE_SHA1:0:7}"
ecr_repo_name:
type: string
description: "The name of the ECR repository to push Docker images to"
Expand All @@ -39,7 +44,6 @@ jobs:
steps:
- setup_remote_docker:
version: docker24
docker_layer_caching: true
- checkout:
path: ../../
- run:
Expand All @@ -52,26 +56,66 @@ jobs:
fi
aws ecr get-login-password --region eu-west-1 \
| docker login --username AWS --password-stdin "$ECR_ENDPOINT"
SHORT_SHA1=`echo ${CIRCLE_SHA1}|cut -c1-7`
docker build -t ${ECR_ENDPOINT}/<< parameters.ecr_repo_name >> -f Dockerfile .
docker tag ${ECR_ENDPOINT}/<< parameters.ecr_repo_name >> "${ECR_ENDPOINT}/<< parameters.ecr_repo_name >>:commit-${SHORT_SHA1}"
docker push "${ECR_ENDPOINT}/<< parameters.ecr_repo_name >>:commit-${SHORT_SHA1}"
docker tag ${ECR_ENDPOINT}/<< parameters.ecr_repo_name >> "${ECR_ENDPOINT}/<< parameters.ecr_repo_name >>:latest"
docker push "${ECR_ENDPOINT}/<< parameters.ecr_repo_name >>:latest"
docker tag ${ECR_ENDPOINT}/<< parameters.ecr_repo_name >> "${ECR_ENDPOINT}/<< parameters.ecr_repo_name >>:commit-${CIRCLE_SHA1:0:7}"
docker push "${ECR_ENDPOINT}/<< parameters.ecr_repo_name >>:commit-${CIRCLE_SHA1:0:7}"
docker tag ${ECR_ENDPOINT}/<< parameters.ecr_repo_name >> "${ECR_ENDPOINT}/<< parameters.ecr_repo_name >>:<< pipeline.git.branch >>-branch"
docker push "${ECR_ENDPOINT}/<< parameters.ecr_repo_name >>:<< pipeline.git.branch >>-branch"
docker tag ${ECR_ENDPOINT}/<< parameters.ecr_repo_name >> "${ECR_ENDPOINT}/<< parameters.ecr_repo_name >>:${CIRCLE_SHA1:0:7}"
docker push "${ECR_ENDPOINT}/<< parameters.ecr_repo_name >>:${CIRCLE_SHA1:0:7}"

upload-terraform-artifacts:
docker:
- image: cimg/base:stable
steps:
- checkout
- deployment/zip-and-upload-artifact:
application-name: << pipeline.parameters.terraform_artifact_name >>
source-directory: ./apps/docs/
source: terraform

workflows:
version: 2
build:
jobs:
- validate-terraform
- build-docker:
context: omnikanal
- terraform/validate:
tag: << pipeline.parameters.terraform_version >>
checkout: true
backend: false
matrix:
parameters:
path:
- apps/docs/terraform/service
- apps/docs/terraform/prod

- build-and-push-docker:
context: digital-common-services
ecr_repo_name: << pipeline.parameters.ecr_repo_name >>
ecr_endpoint: << pipeline.parameters.ecr_endpoint >>
requires:
- validate-terraform
- terraform/validate
filters:
branches:
only:
- main

- upload-terraform-artifacts:
context:
- digital-common-services
requires:
- build-and-push-docker
filters:
branches:
only: main

- deployment/trigger-deployment:
context:
- digital-common-services
requires:
- upload-terraform-artifacts
- build-and-push-docker
filters:
branches:
only: main
16 changes: 16 additions & 0 deletions .deployment/config.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
artifacts:
- name: spor-tf
branch: migrate-to-common-services
location: s3
- name: spor
branch: migrate-to-common-services
location: ecr

steps:
- terraform:
artifact: spor-tf
version: 1.8.4

environments:
- [service]
- [prod]
9 changes: 4 additions & 5 deletions apps/docs/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# base node image
FROM node:20-alpine as base
FROM node:20-alpine AS base

# set for base and all that inherit from it
ENV NODE_ENV=production
Expand All @@ -16,7 +16,7 @@ ADD package.json ./
RUN npm install --production=false

# Setup production node_modules
FROM base as production-deps
FROM base AS production-deps

RUN mkdir /app
WORKDIR /app
Expand All @@ -28,7 +28,7 @@ ADD package.json ./
RUN npm prune --omit=dev

# Build the app
FROM base as build
FROM base AS build

RUN mkdir /app
WORKDIR /app
Expand All @@ -39,7 +39,7 @@ ADD . .
RUN npm run build

# Finally, build the production image with minimal footprint
FROM base as final
FROM base AS final

ENV NODE_ENV=production

Expand All @@ -57,5 +57,4 @@ COPY --from=build /app/build/server /app/build/server
COPY --from=build /app/build/client /app/build/client
ADD . .

ENTRYPOINT ["./entrypoint.sh"]
CMD ["npm", "run", "start"]
5 changes: 0 additions & 5 deletions apps/docs/entrypoint.sh
View file
Open in desktop

This file was deleted.

2 changes: 1 addition & 1 deletion apps/docs/terraform/prod/.envrc
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,2 +1,2 @@
export AWS_PROFILE=omni-admin
export AWS_PROFILE=common-prod-admin
export AWS_REGION=eu-west-1
65 changes: 37 additions & 28 deletions apps/docs/terraform/prod/.terraform.lock.hcl
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

42 changes: 25 additions & 17 deletions apps/docs/terraform/prod/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,42 +1,50 @@
terraform {
required_version = "1.0.8"
required_version = "1.8.4"

required_providers {
aws = {
source = "hashicorp/aws"
version = "3.65.0"
version = "5.54.1"
}
vy = {
source = "nsbno/vy"
version = "0.4.0"
}
}

backend "s3" {
key = "spor/prod/main.tfstate"
bucket = "635004941268-terraform-state"
dynamodb_table = "635004941268-terraform-state"
key = "spor/main.tfstate"
bucket = "471112960535-terraform-state"
dynamodb_table = "471112960535-terraform-state"
acl = "bucket-owner-full-control"
encrypt = "true"
kms_key_id = "arn:aws:kms:eu-central-1:635004941268:alias/635004941268-terraform-state-encryption-key"
region = "eu-central-1"
region = "eu-west-1"
}
}

provider "aws" {
region = "eu-west-1"
allowed_account_ids = ["635004941268"]
allowed_account_ids = ["471112960535"]
default_tags {
tags = {
repo = local.application_name
application = local.application_name
terraform = true
}
}
region = "eu-west-1"
}

provider "vy" {
environment = local.environment
}

locals {
name_prefix = "digitalekanaler"
application_name = "spor"
environment = "prod"
}

module "app" {
source = "../template"
name_prefix = local.name_prefix
application_name = local.application_name

tags = {
environment = "prod"
application = local.application_name
terraform = "True"
}
environment = local.environment
}
2 changes: 2 additions & 0 deletions apps/docs/terraform/service/.envrc
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
export AWS_PROFILE=common-service-admin
export AWS_REGION=eu-west-1
24 changes: 24 additions & 0 deletions apps/docs/terraform/service/.terraform.lock.hcl
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

23 changes: 23 additions & 0 deletions apps/docs/terraform/service/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
terraform {
backend "s3" {
key = "spor/terraform.tfstate"
bucket = "637423315721-terraform-state"
dynamodb_table = "637423315721-terraform-state"
acl = "bucket-owner-full-control"
encrypt = "true"
region = "eu-west-1"
}
}

locals {
ecr_repository_name = "spor"
service_account = "637423315721"
prod_account = "471112960535"
}

module "ecr" {
source = "github.com/nsbno/terraform-aws-ecr?ref=1.4.1"
name_prefix = local.ecr_repository_name
trusted_accounts = [local.prod_account, local.service_account]
max_images_retained = 10
}
Loading
Loading