-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #1055 from DFE-Digital/1840-update-makefile
Clean up Makefile
- Loading branch information
Showing
4 changed files
with
2 additions
and
152 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -10,7 +10,6 @@ help: ## Show this help | |
|
||
SERVICE_SHORT=faltrn | ||
|
||
|
||
.PHONY: aks | ||
aks: ## Sets environment variables for aks deployment | ||
$(eval PLATFORM=aks) | ||
|
@@ -80,50 +79,6 @@ install-fetch-config: ## Install the fetch-config script, for viewing/editing se | |
&& chmod +x bin/fetch_config.rb \ | ||
|| true | ||
|
||
edit-keyvault-secret: read-keyvault-config install-fetch-config set-azure-account | ||
bin/fetch_config.rb -s azure-key-vault-secret:${KEY_VAULT_NAME}/${KEY_VAULT_SECRET_NAME} \ | ||
-e -d azure-key-vault-secret:${KEY_VAULT_NAME}/${KEY_VAULT_SECRET_NAME} -f yaml -c | ||
|
||
print-keyvault-secret: read-keyvault-config install-fetch-config set-azure-account | ||
bin/fetch_config.rb -s azure-key-vault-secret:${KEY_VAULT_NAME}/${KEY_VAULT_SECRET_NAME} -f yaml | ||
|
||
validate-keyvault-secret: read-keyvault-config install-fetch-config set-azure-account | ||
bin/fetch_config.rb -s azure-key-vault-secret:${KEY_VAULT_NAME}/${KEY_VAULT_SECRET_NAME} -d quiet \ | ||
&& echo Data in ${KEY_VAULT_NAME}/${KEY_VAULT_SECRET_NAME} looks valid | ||
|
||
.PHONY: set-space-developer | ||
set-space-developer: read-deployment-config ## make dev set-space-developer [email protected] | ||
$(if $(USER_ID), , $(error Missing environment variable "USER_ID", USER_ID required for this command to run)) | ||
cf set-space-role ${USER_ID} dfe ${SPACE} SpaceDeveloper | ||
|
||
.PHONY: unset-space-developer | ||
unset-space-developer: read-deployment-config ## make dev unset-space-developer [email protected] | ||
$(if $(USER_ID), , $(error Missing environment variable "USER_ID", USER_ID required for this command to run)) | ||
cf unset-space-role ${USER_ID} dfe ${SPACE} SpaceDeveloper | ||
|
||
stop-app: read-deployment-config ## Stops api app, make dev stop-app CONFIRM_STOP=1 | ||
$(if $(CONFIRM_STOP), , $(error stop-app can only run with CONFIRM_STOP)) | ||
cf target -s ${SPACE} | ||
cf stop ${FLT_APP_NAME} | ||
|
||
get-postgres-instance-guid: read-deployment-config ## Gets the postgres service instance's guid | ||
cf target -s ${SPACE} > /dev/null | ||
cf service ${POSTGRES_DATABASE_NAME} --guid | ||
$(eval DB_INSTANCE_GUID=$(shell cf service ${POSTGRES_DATABASE_NAME} --guid)) | ||
|
||
rename-postgres-service: read-deployment-config ## make dev rename-postgres-service NEW_NAME_SUFFIX=old CONFIRM_RENAME | ||
$(if $(CONFIRM_RENAME), , $(error can only run with CONFIRM_RENAME)) | ||
$(if $(NEW_NAME_SUFFIX), , $(error NEW_NAME_SUFFIX is required)) | ||
cf target -s ${SPACE} > /dev/null | ||
cf rename-service ${POSTGRES_DATABASE_NAME} ${POSTGRES_DATABASE_NAME}-$(NEW_NAME_SUFFIX) | ||
|
||
restore-data-from-backup: read-deployment-config # make production restore-data-from-backup CONFIRM_RESTORE=YES BACKUP_FILENAME="find-a-lost-trn-production-pg-svc-2022-04-28-01" | ||
@if [[ "$(CONFIRM_RESTORE)" != YES ]]; then echo "Please enter "CONFIRM_RESTORE=YES" to run workflow"; exit 1; fi | ||
$(eval export AZURE_BACKUP_STORAGE_ACCOUNT_NAME=$(AZURE_BACKUP_STORAGE_ACCOUNT_NAME)) | ||
$(if $(BACKUP_FILENAME), , $(error can only run with BACKUP_FILENAME, eg BACKUP_FILENAME="find-a-lost-trn-production-pg-svc-2022-04-28-01")) | ||
bin/download-db-backup ${AZURE_BACKUP_STORAGE_ACCOUNT_NAME} ${AZURE_BACKUP_STORAGE_CONTAINER_NAME} ${BACKUP_FILENAME}.tar.gz | ||
bin/restore-db ${DEPLOY_ENV} ${CONFIRM_RESTORE} ${SPACE} ${BACKUP_FILENAME}.sql ${POSTGRES_DATABASE_NAME} | ||
|
||
terraform-init: bin/terrafile | ||
[[ "${SP_AUTH}" != "true" ]] && az account set -s $(AZURE_SUBSCRIPTION) || true | ||
./bin/terrafile -p terraform/aks/vendor/modules -f terraform/aks/workspace_variables/$(CONFIG)_Terrafile | ||
|
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -34,57 +34,9 @@ tail -f /app/log/production.log | |
|
||
## Updating environment variables | ||
|
||
Make sure you have the `az` command line tool: | ||
The app keyvaults for Find can be found in the Azure devops portal. The development one, for example, is found [here](https://portal.azure.com/#@platform.education.gov.uk/resource/subscriptions/20da9d12-7ee1-42bb-b969-3fe9112964a7/resourceGroups/s189t01-faltrn-dv-rg/providers/Microsoft.KeyVault/vaults/s189t01-faltrn-dv-app-kv/secrets). | ||
|
||
```bash | ||
asdf plugin add azure-cli | ||
|
||
asdf install | ||
``` | ||
|
||
Login to Azure and make sure it gets the right subscriptions: | ||
|
||
```bash | ||
$ az login | ||
A web browser has been opened at https://login.microsoftonline.com/organizations/oauth2/v2.0/authorize. Please continue the login in the web browser. If no | ||
web browser is available or if the web browser fails to open, use device code | ||
flow with `az login --use-device-code`. | ||
The following tenants don't contain accessible subscriptions. Use 'az login --allow-no-subscriptions' to have tenant level access. | ||
xxxxxxxx-yyyy-zzzz-xxxx-yyyyyyyyyyyy 'digital.education.gov.uk' | ||
[ | ||
{ | ||
"cloudName": "AzureCloud", | ||
"homeTenantId": "xxxxxxxx-yyyy-zzzz-xxxx-yyyyyyyyyyyy", | ||
"id": "xxxxxxxx-yyyy-zzzz-xxxx-yyyyyyyyyyyy", | ||
"isDefault": true, | ||
"managedByTenants": [ | ||
{ | ||
"tenantId": "xxxxxxxx-yyyy-zzzz-xxxx-yyyyyyyyyyyy" | ||
} | ||
], | ||
"name": "s189-teacher-services-cloud-test", | ||
"state": "Enabled", | ||
"tenantId": "xxxxxxxx-yyyy-zzzz-xxxx-yyyyyyyyyyyy", | ||
"user": { | ||
"name": "[email protected]", | ||
"type": "user" | ||
} | ||
}, | ||
... | ||
] | ||
``` | ||
To view all environment variables on the `dev` environment: | ||
```bash | ||
make dev print-keyvault-secret | ||
``` | ||
To edit environment variables on the `dev` environment (opens `$EDITOR`): | ||
```bash | ||
make dev edit-keyvault-secret | ||
``` | ||
Assuming you have the correct permissions, the environment variables can be edited via the portal UI. Check with the infrastructure team if you don't have access. | ||
|
||
## Logit | ||
|
||
|