Added AWS Setups (#3)

* added terraform templates and bootstrap cdk templates

* updated folder

* updated depencency

* updated trigger

* added PR template

* updated folder

---------

Co-authored-by: AC <[email protected]>

.devcontainer/devcontainer.json

@@ -8,7 +8,9 @@
     "ghcr.io/devcontainers/features/dotnet:2": {},
     "ghcr.io/devcontainers/features/aws-cli:1": {},
     "ghcr.io/devcontainers/features/terraform:1": {},
-    "ghcr.io/devcontainers/features/docker-in-docker:2": {}
+    "ghcr.io/devcontainers/features/docker-in-docker:2": {},
+    "ghcr.io/devcontainers-contrib/features/aws-cdk:2": {}
+
   },
   "postCreateCommand": "./docker/manage build",
   "customizations": {

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,49 @@
+
+# Pull Request for JIRA Ticket: ----**put ticket number here**----    
+
+## Issue ticket number and link  
+Include the JIRA ticket # and link here  
+
+## Description
+
+Please include a summary of the changes and the related issue. Please also include relevant motivation and context. List any dependencies that are required for this change.
+
+Fixes # (issue)  
+
+## Type of change
+
+Please delete options that are not relevant.
+
+- [ ] Bug fix (non-breaking change which fixes an issue)
+- [ ] New feature (non-breaking change which adds functionality)
+- [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
+- [ ] This change requires a documentation update    
+
+
+
+
+
+## How Has This Been Tested?
+
+Please describe the tests that you ran to verify your changes. Provide instructions so we can reproduce. Please also list any relevant details for your test configuration
+
+- [ ] Test A
+- [ ] Test B  
+
+**Test Configuration**:
+If applicable
+
+## Checklist:
+
+- [ ] My code follows the style guidelines of this project
+- [ ] I have performed a self-review of my code
+- [ ] I have commented my code, particularly in hard-to-understand areas
+- [ ] My changes generate no new warnings
+- [ ] I have added tests that prove my fix is effective or that my feature works
+- [ ] New and existing unit tests pass locally with my changes
+- [ ] Any dependent changes have been merged and published in downstream modules   
+
+
+## Documentation References  
+
+Put any doc references here

.github/workflows/aws-bootstrap-template.yml

@@ -0,0 +1,134 @@
+name: AWS Bootstrap Workflow
+
+on:
+  workflow_call:
+    inputs:
+      CONTEXT_FOLDER:
+        required: true
+        type: string
+      ENVIRONMENT_NAME:
+        required: true
+        type: string
+      TOOLKIT_STACK_NAME:
+        required: true
+        type: string
+      QUALIFIER:
+        required: true
+        type: string      
+
+permissions:
+  id-token: write
+  contents: read
+
+jobs:
+  check_changes:
+    name: Check Changes
+    runs-on: ubuntu-20.04
+    outputs:
+      infra_changed: ${{ steps.check_changes.outputs.infra_changed }}
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 2
+      - name: Check modified folders
+        id: check_changes
+        env:
+          CONTEXT_FOLDER: ${{ inputs.CONTEXT_FOLDER }}
+          CHANGE_FOLDER_NAME: ${{ inputs.CHANGE_FOLDER_NAME }}
+        run: |            
+          echo "=============== list modified files ==============="
+          git diff --name-only HEAD^ HEAD
+          
+          echo "========== check paths of modified files =========="
+          git diff --name-only HEAD^ HEAD >> files.txt
+          infra_changed=false
+          while IFS= read -r file
+          do
+            echo $file
+            if [[ $file == $CHANGE_FOLDER_NAME/* ]]; then
+              infra_changed=true
+              break
+            fi
+          done < files.txt
+          echo "infra_changed=$infra_changed" >> "$GITHUB_OUTPUT"
+
+  
+
+  synth_deploy_state_components:
+    name: Synth and Deploy Terraform State Components
+    runs-on: ubuntu-20.04
+    environment: ${{ inputs.ENVIRONMENT_NAME }}
+    needs: [check_changes, build_push_api_auth_lambda, build_push_cdc_events_lambda, build_push_cdc_auth_lambda]
+    # if: needs.check_changes.outputs.infra_changed == 'true'
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Get AWS Account ID
+        run: echo "CDK_DEFAULT_ACCOUNT=${{ vars.AWS_ACCOUNT }}" >> $GITHUB_ENV
+
+      - name: Get AWS Region
+        run: echo "CDK_DEFAULT_REGION=${{ vars.AWS_REGION }}" >> $GITHUB_ENV
+
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          role-skip-session-tagging: true
+          aws-region: ${{ vars.AWS_REGION }}
+          role-to-assume: ${{ vars.AWS_ROLE_ARN }}
+          role-duration-seconds: 1800
+          role-session-name: ci-deployment
+
+
+
+      - name: Install Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20.12.2'
+
+      - name: Install NPM Modules
+        run: "npm config set engine-strict true && npm ci"
+        working-directory: ${{ inputs.CONTEXT_FOLDER }}
+
+      - name: Build
+        run: "npm run build"
+        working-directory: ${{ inputs.CONTEXT_FOLDER }}
+
+      - name: Install AWS CDK
+        run: "npm install -g [email protected]"
+
+      - name: CDK Bootstrap
+        env:
+          TOOLKIT_STACK_NAME: ${{ inputs.TOOLKIT_STACK_NAME }}
+          QUALIFIER: ${{ inputs.QUALIFIER }}
+          BRANCH_NAME: ${{ inputs.BRANCH_NAME }}
+          ENV_NAME: ${{ inputs.ENVIRONMENT_NAME }}          
+        run: |
+          echo "Running CDK Bootstrap"
+          npx cdk bootstrap --toolkit-stack-name $TOOLKIT_STACK_NAME --qualifier $QUALIFIER --context branch-name=$BRANCH_NAME
+        working-directory: ${{ inputs.CONTEXT_FOLDER }}
+
+      - name: CDK Synth
+        env:
+          TOOLKIT_STACK_NAME: ${{ inputs.TOOLKIT_STACK_NAME }}
+          QUALIFIER: ${{ inputs.QUALIFIER }}
+          BRANCH_NAME: ${{ inputs.BRANCH_NAME }}
+          ENV_NAME: ${{ inputs.BRANCH_NAME }}          
+        run: |
+          echo "Running CDK Synth"
+          npx cdk synth --toolkit-stack-name $TOOLKIT_STACK_NAME --qualifier $QUALIFIER --context branch-name=$BRANCH_NAME
+        working-directory: ${{ inputs.CONTEXT_FOLDER }}
+
+
+
+      - name: CDK Deploy
+        id: cdk_deploy
+        env:
+          TOOLKIT_STACK_NAME: ${{ inputs.TOOLKIT_STACK_NAME }}
+          QUALIFIER: ${{ inputs.QUALIFIER }}
+          BRANCH_NAME: ${{ inputs.BRANCH_NAME }}
+          ENV_NAME: ${{ inputs.BRANCH_NAME }}          
+        run: |
+          npx cdk deploy --toolkit-stack-name $TOOLKIT_STACK_NAME --qualifier $QUALIFIER --require-approval never --all
+        working-directory: ${{ inputs.CONTEXT_FOLDER }}
+
+

.github/workflows/aws-template-terraform.yml

@@ -0,0 +1,108 @@
+name: AWS Bootstrap Workflow
+
+on:
+  workflow_call:
+    inputs:
+      CONTEXT_FOLDER:
+        required: true
+        type: string
+      ENVIRONMENT_NAME:
+        required: true
+        type: string
+      CHANGE_FOLDER_NAME:
+        required: true
+        type: string
+      TEST_BUCKET_NAME:
+        required: true
+        type: string 
+
+permissions:
+  id-token: write
+  contents: read
+
+jobs:
+  check_changes:
+    name: Check Changes
+    runs-on: ubuntu-20.04
+    outputs:
+      infra_changed: ${{ steps.check_changes.outputs.infra_changed }}
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 2
+      - name: Check modified folders
+        id: check_changes
+        env:
+          CONTEXT_FOLDER: ${{ inputs.CONTEXT_FOLDER }}
+          CHANGE_FOLDER_NAME: ${{ inputs.CHANGE_FOLDER_NAME }}
+        run: |            
+          echo "=============== list modified files ==============="
+          git diff --name-only HEAD^ HEAD
+          
+          echo "========== check paths of modified files =========="
+          git diff --name-only HEAD^ HEAD >> files.txt
+          infra_changed=false
+          while IFS= read -r file
+          do
+            echo $file
+            if [[ $file == $CHANGE_FOLDER_NAME/* ]]; then
+              infra_changed=true
+              break
+            fi
+          done < files.txt
+          echo "infra_changed=$infra_changed" >> "$GITHUB_OUTPUT"
+
+  deploy_infra:
+    name: Deploy Infra
+    runs-on: ubuntu-latest
+    environment: 
+      name: ${{ inputs.ENVIRONMENT_NAME }}
+    needs: [check_changes]
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4    
+
+    - name: Configure AWS credentials
+      uses: aws-actions/configure-aws-credentials@v4
+      with:
+        role-skip-session-tagging: true
+        aws-region: ${{ vars.AWS_REGION }}
+        role-to-assume: ${{ vars.AWS_ROLE_ARN }}
+        role-duration-seconds: 1800
+        role-session-name: ci-deployment
+
+    - name: Setup Terraform
+      uses: hashicorp/setup-terraform@v3
+      with:
+        terraform_version: 1.9.0
+    - name: Terraform Init
+      id: init
+      env: 
+        CONTEXT_FOLDER: ${{ inputs.CONTEXT_FOLDER }}
+      run: |
+        terraform init -input=false
+      working-directory: ${{ inputs.CONTEXT_FOLDER }}
+    - name: Terraform Plan
+      id: plan
+      env: 
+        CONTEXT_FOLDER: ${{ inputs.CONTEXT_FOLDER }}
+        TF_VAR_test_s3_bucket_name: ${{ inputs.TEST_BUCKET_NAME }}
+      run: |
+        terraform plan -no-color -input=false
+      continue-on-error: true
+      working-directory: ${{ inputs.CONTEXT_FOLDER }}
+    - name: Terraform Plan Status
+      if: steps.plan.outcome == 'failure'
+      run: exit 1
+    - name: Terraform Apply
+      env: 
+        CONTEXT_FOLDER: ${{ inputs.CONTEXT_FOLDER }}
+        TF_VAR_test_s3_bucket_name: ${{ inputs.TEST_BUCKET_NAME }}
+      run: |
+        terraform apply --auto-approve -input=false
+      working-directory: ${{ inputs.CONTEXT_FOLDER }}
+
+
+
+
+

.github/workflows/deploy-infra-sandbox.yml

@@ -0,0 +1,16 @@
+name: Deploy AWS Infra to Sandbox
+
+on:
+  workflow_dispatch:
+
+jobs:        
+  infrastructure_deploy_snd:
+    uses: ./.github/workflows/aws-template-terraform.yml
+    with:
+      CONTEXT_FOLDER: ./infrastructure/cloud/environments/sandbox
+      CHANGE_FOLDER_NAME: environments/sandbox
+      ENVIRONMENT_NAME: sandbox
+      TEST_BUCKET_NAME: jasper-test-bucket      
+    secrets: inherit
+
+

Makefile

@@ -0,0 +1,16 @@
+#!make
+
+
+export AWS_PROFILE ?= jasperlocal
+export AWS_DEFAULT_REGION ?= ca-central-1
+export AWS_ACCOUNT ?= 381491824201
+export TOOLKIT_STACK_NAME= CDK-Bootstrap-jasper-dev
+export QUALIFIER= jasperdev
+export BRANCH_NAME= dev
+export ENV_NAME= dev
+
+
+
+run-bootstrap-jasper:
+	@echo "Running bootstrap"
+	@cd infrastructure/jasper-aws-bootstrap && cdk bootstrap aws://$(AWS_ACCOUNT)/$(AWS_DEFAULT_REGION) --toolkit-stack-name $TOOLKIT_STACK_NAME --qualifier $QUALIFIER --profile $(AWS_PROFILE)

infrastructure/cloud/environments/sandbox/providers.tf

@@ -0,0 +1,28 @@
+terraform {
+  required_version = "~> 1.9.0"
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 5.0"
+    }
+
+    tls = {
+      source  = "hashicorp/tls"
+      version = "4.0.5"
+    }
+  }
+
+  backend "s3" {
+    bucket         = "terraform-remote-state-sandbox-12345"
+    key            = "terraform.tfstate"
+    region         = "ca-central-1"
+    dynamodb_table = "terraform-remote-state-lock-12345"
+  }
+
+}
+
+
+
+provider "aws" {
+  region = "ca-central-1"
+}

infrastructure/cloud/environments/sandbox/variables.tf

@@ -0,0 +1,6 @@
+
+
+variable test_s3_bucket_name {
+  type = string
+  description = "The name of the S3 bucket to create for testing"
+}