Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Github action CD #110

Merged
merged 10 commits into from
Sep 6, 2024
Merged

Github action CD #110

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
4d0a5fc
feat: configured github action CD
paulobressan Sep 5, 2024
3710cb6
Merge branch 'main' into 109-implement-cicd-that-updates-staging-env
paulobressan Sep 5, 2024
9ee38d3
chore: allow temp build ci to validate deploy
paulobressan Sep 5, 2024
d4c0d76
chore: disabled build ci to validate deploy
paulobressan Sep 5, 2024
0ae3e05
chore: disabled build ci to validate deploy
paulobressan Sep 5, 2024
8d57b37
chore: adjusted build ci to validate deploy
paulobressan Sep 5, 2024
ccae37a
chore: adjusted build ci to validate deploy
paulobressan Sep 5, 2024
742f65c
chore: adjusted build ci to validate deploy
paulobressan Sep 5, 2024
814a706
feat: configured terraform to deploy to staging
paulobressan Sep 6, 2024
24762cd
chore: removed queue and service
paulobressan Sep 6, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
82 changes: 82 additions & 0 deletions .github/iac/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,82 @@
terraform {
backend "s3" {
bucket = "demeter-tf"
key = "github/demeter-fabric.tfstate"
region = "us-west-2"
}
required_providers {
kubernetes = {
source = "hashicorp/kubernetes"
}
}
}

provider "kubernetes" {
config_path = "~/.kube/config"
config_context = "arn:aws:eks:us-west-2:295114534192:cluster/m2-prod-7xjh33"
}

provider "helm" {
kubernetes {
config_path = "~/.kube/config"
config_context = "arn:aws:eks:us-west-2:295114534192:cluster/m2-prod-7xjh33"
}
}

variable "rpc_image" {}
variable "kafka_rpc_password" {}
variable "secret" {}
variable "auth0_client_id" {}
variable "auth0_client_secret" {}
variable "auth0_audience" {}
variable "stripe_api_key" {}
variable "email_ses_access_key_id" {}
variable "email_ses_secret_access_key" {}

locals {
namespace = "fabric-stg"
replicas = 1
broker_urls = "redpanda.stg-fabric-queue.demeter.run:31092"
secret = var.secret
kafka_rpc_username = "rpc"
kafka_rpc_password = var.kafka_rpc_password
kafka_topic = "stg"
auth0_client_id = var.auth0_client_id
auth0_client_secret = var.auth0_client_secret
auth0_audience = var.auth0_audience
stripe_api_key = var.stripe_api_key
email_invite_ttl_min = 15
email_ses_region = "us-west-2"
email_ses_access_key_id = var.email_ses_access_key_id
email_ses_secret_access_key = var.email_ses_secret_access_key
email_ses_verified_email = "[email protected]"
}

resource "kubernetes_namespace_v1" "fabric_namespace" {
metadata {
name = local.namespace
}
}

module "fabric_rpc" {
source = "../../../fabric/bootstrap/rpc"

namespace = local.namespace
image = var.rpc_image
broker_urls = local.broker_urls
consumer_name = "rpc"
gonzalezzfelipe marked this conversation as resolved.
Show resolved Hide resolved
kafka_username = local.kafka_rpc_username
kafka_password = local.kafka_rpc_password
kafka_topic = local.kafka_topic
secret = local.secret
auth0_client_id = local.auth0_client_id
auth0_client_secret = local.auth0_client_secret
auth0_audience = local.auth0_audience
stripe_api_key = local.stripe_api_key
email_invite_ttl_min = local.email_invite_ttl_min
email_ses_region = local.email_ses_region
email_ses_access_key_id = local.email_ses_access_key_id
email_ses_secret_access_key = local.email_ses_secret_access_key
email_ses_verified_email = local.email_ses_verified_email
}

2 changes: 1 addition & 1 deletion .github/workflows/build.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
name: build
name: Build

on:
workflow_dispatch: {}
Expand Down
52 changes: 52 additions & 0 deletions .github/workflows/deploy.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,52 @@
name: Deploy

on:
workflow_dispatch: {}
workflow_run:
workflows: [Build]
types: [completed]

jobs:
rpc:
runs-on: ubuntu-latest
env:
TF_VAR_rpc_image: rpc_image=ghcr.io/demeter-run/fabric-rpc:${{ github.sha }}
TF_VAR_kafka_rpc_password: ${{ secrets.KAFKA_RPC_PASSWORD }}
TF_VAR_secret: ${{ secrets.SECRET }}
TF_VAR_auth0_client_id: ${{ secrets.AUTH0_CLIENT_ID }}
TF_VAR_auth0_client_secret: ${{ secrets.AUTH0_CLIENT_SECRET }}
TF_VAR_auth0_audience: ${{ secrets.AUTH0_AUDIENCE }}
TF_VAR_stripe_api_key: ${{ secrets.STRIPE_API_KEY }}
TF_VAR_email_ses_access_key_id: ${{ secrets.EMAIL_SES_ACCESS_KEY_ID }}
TF_VAR_email_ses_secret_access_key: ${{ secrets.EMAIL_SES_SECRET_ACCESS_KEY }}
steps:
- uses: actions/checkout@v2

- uses: aws-actions/configure-aws-credentials@v1
with:
aws-region: ${{ secrets.AWS_REGION }}
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/ClusterAdminRole
role-session-name: Github-Actions-Demeter
role-duration-seconds: 1200

- name: setup kubeconfig
run: aws eks update-kubeconfig --name ${{ secrets.AWS_CLUSTER_NAME }}

- name: setup terraform
uses: hashicorp/setup-terraform@v3

- name: init terraform
working-directory: .github/iac
run: terraform init

- name: validate terraform
working-directory: .github/iac
run: terraform validate

- name: apply terraform
working-directory: .github/iac
env:
IMAGE_TAG: ${{ github.sha }}
run: terraform apply -auto-approve -input=false
1 change: 1 addition & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,3 +7,4 @@ rpc.toml
test/.terraform*
test/local.tfstate*
crds-path/
.github/iac/.terraform*
Loading