diff --git a/.github/workflows/cicd v2.yml b/.github/workflows/cicd v2.yml new file mode 100644 index 00000000..5250228e --- /dev/null +++ b/.github/workflows/cicd v2.yml @@ -0,0 +1,187 @@ +name: CI / CD v2 +on: + workflow_dispatch: + push: + branches: + - chore/infrastructure-migration + paths: + - "api/**" + - ".github/workflows/*" + +jobs: + build-and-test: + name: Build and Test + runs-on: ubuntu-latest + steps: + - name: Check out the repository + uses: actions/checkout@v2 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v1 + + - name: Build and run tests + run: docker compose up --build --exit-code-from test test + + - name: Clean up + run: docker compose down + + # BUILD AND DEPLOY + set_environment: + runs-on: ubuntu-latest + name: Set Deployment Environment + # if: ${{ github.event_name == 'workflow_dispatch' || github.ref_name == 'develop' || github.ref_name == 'main' }} + outputs: + env_name: ${{ steps.set_env.outputs.env_name }} + steps: + - id: set_env + run: echo "env_name=develop" >> $GITHUB_OUTPUT + # run: echo "env_name=${{ github.ref_name }}" >> $GITHUB_OUTPUT + + build_api: + name: build-api + needs: [ set_environment ] + runs-on: ubuntu-latest + environment: + name: ${{ needs.set_environment.outputs.env_name }} + steps: + - name: Debug env_name + run: | + echo "Environment name is: ${{ needs.set_environment.outputs.env_name }}" + + - name: Checkout code + uses: actions/checkout@v4 + + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + aws-access-key-id: ${{ secrets.TF_PIPELINE_USER_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.TF_PIPELINE_USER_SECRET_ACCESS_KEY }} + aws-region: ${{ vars.TF_AWS_REGION }} + + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v2 + with: + mask-password: 'true' + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Build, tag, and push Client image to Amazon ECR + uses: docker/build-push-action@v5 + with: + context: api + cache-from: type=gha + cache-to: type=gha,mode=max + file: ./api/Dockerfile + push: true + tags: | + ${{ steps.login-ecr.outputs.registry }}/${{ secrets.TF_API_REPOSITORY_NAME }}:${{ github.sha }} + ${{ steps.login-ecr.outputs.registry }}/${{ secrets.TF_API_REPOSITORY_NAME }}:${{ needs.set_environment.outputs.env_name }} + deploy: + name: deploy + needs: [ set_environment, build_api ] + runs-on: ubuntu-latest + environment: + name: ${{ needs.set_environment.outputs.env_name }} + steps: + - name: Checkout code + uses: actions/checkout@v3 + + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + aws-access-key-id: ${{ secrets.TF_PIPELINE_USER_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.TF_PIPELINE_USER_SECRET_ACCESS_KEY }} + aws-region: ${{ vars.TF_AWS_REGION }} + + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v2 + + - name: Generate docker compose file + working-directory: infrastructure/v2/source_bundle + env: + ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} + ECR_REPOSITORY_API: ${{ secrets.TF_API_REPOSITORY_NAME }} + IMAGE_TAG: ${{ needs.set_environment.outputs.env_name }} + AUTH_TOKEN: ${{ secrets.TF_AUTH_TOKEN }} + TIFF_PATH: ${{ vars.TF_TIFF_PATH }} + run: | + cat <> docker-compose.yml + version: '3.9' + services: + api: + image: $ECR_REGISTRY/$ECR_REPOSITORY_API:$IMAGE_TAG + ports: + - "8000:8000" + environment: + - AUTH_TOKEN=${AUTH_TOKEN} + - TIFF_PATH=${TIFF_PATH} + - GRID_TILES_PATH=${GRID_TILES_PATH} + volumes: + - ./data:/opt/api/data + networks: + - amazonia360-network + restart: always + nginx: + image: nginx + restart: always + networks: + - amazonia360-network + volumes: + - ./proxy/conf.d:/etc/nginx/conf.d + - "\${EB_LOG_BASE_DIR}/nginx:/var/log/nginx" + ports: + - 80:80 + depends_on: + - api + networks: + amazonia360-network: + driver: bridge + EOF + + - name: Generate .ebextensions/20_sync_data.config + working-directory: infrastructure/v2/source_bundle + env: + PROJECT_NAME: ${{ vars.TF_PROJECT_NAME }} + ENV_NAME: ${{ needs.set_environment.outputs.env_name }} + AWS_REGION: ${{ vars.TF_AWS_REGION }} + run: | + mkdir -p .ebextensions + cat <> .ebextensions/20_sync_data.config + commands: + 20_install_awscli: + command: | + sudo apt-get update -y + sudo apt-get install -y awscli + sudo apt-get clean + sudo rm -rf /var/lib/apt/lists/* + + 21_create_data_folder: + command: mkdir -p /var/app/current/api/data + cwd: /home/ec2-user + + 22_sync_s3_bucket: + command: aws s3 sync s3://${PROJECT_NAME}-${ENV_NAME}-bucket /var/app/current/api/data + cwd: /home/ec2-user + env: + AWS_DEFAULT_REGION: ${AWS_REGION} + EOF + + - name: Generate zip file + working-directory: infrastructure/v2/source_bundle + run: | + zip -r deploy.zip * .[^.]* + + - name: Deploy to Amazon EB + uses: einaregilsson/beanstalk-deploy@v21 + with: + aws_access_key: ${{ secrets.TF_PIPELINE_USER_ACCESS_KEY_ID }} + aws_secret_key: ${{ secrets.TF_PIPELINE_USER_SECRET_ACCESS_KEY }} + application_name: ${{ vars.TF_PROJECT_NAME }}-${{ needs.set_environment.outputs.env_name }} + environment_name: ${{ vars.TF_PROJECT_NAME }}-${{ needs.set_environment.outputs.env_name }}-environment + region: ${{ vars.TF_AWS_REGION }} + version_label: ${{ github.sha }}-${{ github.run_id }}-${{ github.run_attempt }} + deployment_package: infrastructure/v2/source_bundle/deploy.zip + wait_for_deployment: true \ No newline at end of file diff --git a/infrastructure/v2/main.tf b/infrastructure/v2/main.tf index ee3f7681..1c06353d 100644 --- a/infrastructure/v2/main.tf +++ b/infrastructure/v2/main.tf @@ -96,7 +96,7 @@ module api_ecr { module "github" { source = "./modules/github" - repo_name = "amazonia-360" + repo_name = var.repo_name github_owner = var.github_owner github_token = var.github_token global_secret_map = { @@ -129,7 +129,7 @@ module "dev" { beanstalk_tier = "WebServer" ec2_instance_type = "t3.medium" elasticbeanstalk_iam_service_linked_role_name = aws_iam_service_linked_role.elasticbeanstalk.name - repo_name = "amazonia-360" + repo_name = var.repo_name cname_prefix = "amazonia360-dev-environment" github_owner = var.github_owner github_token = var.github_token diff --git a/infrastructure/v2/modules/env/main.tf b/infrastructure/v2/modules/env/main.tf index fb87f69e..0807ead2 100644 --- a/infrastructure/v2/modules/env/main.tf +++ b/infrastructure/v2/modules/env/main.tf @@ -20,7 +20,7 @@ module "beanstalk" { module "github" { source = "../github" - repo_name = "amazonia-360" + repo_name = var.repo_name github_owner = var.github_owner github_token = var.github_token github_environment = var.environment diff --git a/infrastructure/v2/variables.tf b/infrastructure/v2/variables.tf index 79d1fbc0..3593d939 100644 --- a/infrastructure/v2/variables.tf +++ b/infrastructure/v2/variables.tf @@ -23,6 +23,11 @@ variable "project_name" { description = "Short name of the project, will be used to prefix created resources" } +variable "repo_name" { + type = string + description = "Name of the Github repository where the code is hosted" +} + variable "github_owner" { type = string description = "Owner of the Github repository where the code is hosted" diff --git a/infrastructure/v2/vars/terraform.tfvars b/infrastructure/v2/vars/terraform.tfvars index f4fd98a0..743d84b7 100644 --- a/infrastructure/v2/vars/terraform.tfvars +++ b/infrastructure/v2/vars/terraform.tfvars @@ -3,6 +3,7 @@ aws_dev_region="eu-west-3" aws_prod_region="sa-east-1" allowed_account_id="851725508245" project_name="amazonia360" +repo_name="amazonia-360" github_owner="Vizzuality" github_token="" api_auth_token=""