The infrastructure running the workflows is mainly based on a Kubernetes (AWS EKS) cluster and Argo Workflows.
Generally all Kubernetes resources are defined with cdk8s and anything that needs AWS interactions such as service accounts are defined with aws-cdk.
The EKS Cluster base configuration is defined in ./cdk.ts using aws-cdk.
The additional components (or Kubernetes resources) running on the EKS cluster are defined in ./cdk8s.ts using cdk8s.
Main entry point: app
- ArgoWorkflows - Main Workflow engine
- Karpenter - Autoscale EC2 Nodes
- FluentBit - Forward logs to AWS CloudWatch
-
Ensure all dependencies are installed
npm install
-
Login to AWS
To deploy with AWS CDK a few context values need to be set:
aws-account-id: Account ID to deploy into. This can be set withexport CDK_DEFAULT_ACCOUNT="$(aws sts get-caller-identity --query Account --output text)".maintainer-arns: Comma-separated list of AWS Role ARNs for the stack maintainers.
Then a deployment can be made with cdk:
ci_role="$(aws iam list-roles | jq --raw-output '.Roles[] | select(.RoleName | contains("CiTopo")) | select(.RoleName | contains("-CiRole")).Arn')"
admin_role="arn:aws:iam::$(aws sts get-caller-identity --query Account --output text):role/AccountAdminRole"
workflow_maintainer_role="$(aws cloudformation describe-stacks --stack-name=TopographicSharedResourcesProd | jq --raw-output .Stacks[0].Outputs[0].OutputValue)"
npx cdk deploy --context=maintainer-arns="${ci_role},${admin_role},${workflow_maintainer_role}" WorkflowsGenerate the kubernetes configuration yaml into dist/
npx cdk8s synthApply the generated yaml files
kubectl apply --filename=dist/To debug use the following as cdk8s synth swallows the errors
npx tsx infra/cdk8s.tsThe deployment of the K8s config is managed by GithubActions in main.