From 9ce451046877b6f56b53bb1a0c83e1b7eb062b85 Mon Sep 17 00:00:00 2001 From: Marcus Aspin Date: Wed, 29 May 2024 17:50:24 +0100 Subject: [PATCH] Testing --- .github/dependabot.yml | 12 +++--- .github/workflows/build.yml | 1 - .github/workflows/deploy.yml | 29 +++++++++++---- deploy/values-dev.yml | 12 +++++- deploy/values.yml | 27 ++++++++++++-- task-definition.json | 72 ------------------------------------ 6 files changed, 61 insertions(+), 92 deletions(-) delete mode 100644 task-definition.json diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 1bd0134a..8999b194 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,16 +1,16 @@ -# To get started with Dependabot version updates, you'll need to specify which -# package ecosystems to update and where the package manifests are located. -# Please see the documentation for all configuration options: -# https://help.github.com/github/administering-a-repository/configuration-options-for-dependency-updates - version: 2 updates: - package-ecosystem: "gradle" directory: "/" schedule: interval: "daily" + - package-ecosystem: "npm" directory: "/ui" - open-pull-requests-limit: 0 # Disable version updates for npm dependencies + schedule: + interval: "monthly" # to reduce frequency of npm updates + + - package-ecosystem: "github-actions" + directory: "/" schedule: interval: "daily" diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 29571ecf..fd31cf8c 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -19,7 +19,6 @@ jobs: env: ecr_image_name: 374269020027.dkr.ecr.eu-west-2.amazonaws.com/delius-core-user-management ghcr_image_name: ghcr.io/${{ github.repository_owner }}/delius-core-user-management - version: ${{ github.event.release.tag_name }} steps: - uses: actions/checkout@v3 diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 9a6b7b69..b91e2a68 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -1,6 +1,19 @@ name: Deploy -on: push +on: + push: + workflow_dispatch: + inputs: + version: + description: Version + required: true + environment: + description: Environment + required: true + type: choice + options: + - dev + - test permissions: id-token: write # Required for OIDC @@ -9,22 +22,21 @@ permissions: jobs: deploy: runs-on: ubuntu-latest - steps: - uses: actions/checkout@v3 - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@v4 with: + aws-region: eu-west-2 role-to-assume: arn:aws:iam::326912278139:role/modernisation-platform-oidc-cicd role-session-name: delius-user-management-deploy-${{ github.run_number }} - aws-region: eu-west-2 - name: Render values shell: bash - run: yq eval-all 'select(fileIndex == 0) *d select(fileIndex == 1)' deploy/values.yml deploy/values-dev.yml | tee deploy/merged.yml + run: yq eval-all 'select(fileIndex == 0) *d select(fileIndex == 1)' "deploy/values.yml" "deploy/values-$ENV.yml" | tee deploy/merged.yml - - name: Update task definition + - name: Render task definition run: | eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)" brew install gomplate @@ -33,7 +45,8 @@ jobs: merged_task_definition_json=$(yq eval-all 'select(fileIndex == 0) *d select(fileIndex == 1)' <(echo "${old_task_definition}") <(echo "${new_task_definition}") --output-format json | tee task-definition.json) echo "Deploying new task definition: ${merged_task_definition_json}" env: - VERSION: dev + ENV: dev # ${{ inputs.environment }} + VERSION: dev # ${{ inputs.version }} TASK_DEFINITION: umt - name: Deploy Amazon ECS task definition @@ -41,5 +54,5 @@ jobs: with: task-definition: task-definition.json service: umt - cluster: delius-core-dev-cluster - wait-for-service-stability: true \ No newline at end of file + cluster: delius-core-dev-cluster #cluster: delius-core-${{ inputs.environment }}-cluster + wait-for-service-stability: true diff --git a/deploy/values-dev.yml b/deploy/values-dev.yml index a3e679d5..67e96292 100644 --- a/deploy/values-dev.yml +++ b/deploy/values-dev.yml @@ -2,4 +2,14 @@ image: name: 374269020027.dkr.ecr.eu-west-2.amazonaws.com/delius-core-user-management env: - LOGGING_LEVEL: DEBUG \ No newline at end of file + LOGGING_LEVEL_UK_CO_BCONLINE_NDELIUS: DEBUG + DELIUS_PASSWORD-RESET_URL: https://pwm.dev.delius-core.hmpps-development.modernisation-platform.service.justice.gov.uk/public/forgottenpassword + SPRING_DATASOURCE_URL: jdbc:oracle:thin:@(DESCRIPTION=(LOAD_BALANCE=OFF)(CONNECT_TIMEOUT=10)(RETRY_COUNT=3)(ADDRESS_LIST=(ADDRESS=(PROTOCOL=tcp)(HOST=delius-db-1.mis-dev.delius.probation.hmpps.dsd.io)(PORT=1521)))(CONNECT_DATA=(SERVICE_NAME=DMDNDA_TAF))) + SPRING_LDAP_URLS: ldap://ldap.mis-dev.delius.probation.hmpps.dsd.io:389 +# SPRING_REDIS_HOST: aws_route53_record.token_store_private_dns.fqdn +# SPRING_REDIS_PORT: aws_elasticache_replication_group.token_store_replication_group.port +# SPRING_REDIS_CLUSTER_NODES: "${aws_route53_record.token_store_private_dns.fqdn}:${aws_elasticache_replication_group.token_store_replication_group.port}" + +secrets: + SPRING_DATASOURCE_PASSWORD: "arn:aws:secretsmanager:eu-west-2:326912278139:secret:delius-core-dev-oracle-db-application-passwords-kRyWVh:delius_app_schema::" + SPRING_LDAP_PASSWORD: "arn:aws:ssm:eu-west-2:326912278139:parameter/delius-core-dev/LDAP_PASSWORD" diff --git a/deploy/values.yml b/deploy/values.yml index 52327b04..d806cf2d 100644 --- a/deploy/values.yml +++ b/deploy/values.yml @@ -2,13 +2,32 @@ image: name: 374269020027.dkr.ecr.eu-west-2.amazonaws.com/delius-core-user-management healthcheck: - command: "curl -f http://localhost:8080/actuator/health || exit 1" + command: "curl -f http://localhost:8080/umt/actuator/health || exit 1" resources: cpu: 1024 # = 1 vCPU memory: 4096 # = 4GB env: - TZ: Europe/London - -secrets: \ No newline at end of file + JAVA_OPTS: "-XX:MaxMetaspaceSize=512M -XX:MaxDirectMemorySize=128M" + TZ: "Europe/London" + SERVER_USE-FORWARD-HEADERS: "true" + SERVER_FORWARD-HEADERS-STRATEGY: "native" + SPRING_DATASOURCE_USERNAME: "delius_app_schema" + SPRING_DATASOURCE_TYPE: "com.zaxxer.hikari.HikariDataSource" + SPRING_DATASOURCE_HIKARI_MAXIMUM-POOL-SIZE: "50" + SPRING_JPA_PROPERTIES_HIBERNATE_DIALECT: "org.hibernate.dialect.Oracle12cDialect" + SPRING_JPA_HIBERNATE_DDL-AUTO: "none" + SPRING_LDAP_EXPORT_USERNAME: "cn=root,dc=moj,dc=com" + SPRING_LDAP_USERNAME: "cn=root,dc=moj,dc=com" + SPRING_LDAP_USEORACLEATTRIBUTES: "false" + REDIS_CONFIGURE_NO-OP: "true" + SPRING_LDAP_BASE: "dc=moj,dc=com" + DELIUS_LDAP_BASE_USERS: "ou=Users" + DELIUS_LDAP_BASE_CLIENTS: "cn=EISUsers,ou=Users" + DELIUS_LDAP_BASE_ROLES: "cn=ndRoleCatalogue,ou=Users" + DELIUS_LDAP_BASE_ROLE-GROUPS: "cn=ndRoleGroups,ou=Users" + DELIUS_LDAP_BASE_GROUPS: "ou=Groups" + # TODO add to SSM: + JWT_SECRET: "testing" + DELIUS_SECRET: "testing" diff --git a/task-definition.json b/task-definition.json deleted file mode 100644 index 5cc81e01..00000000 --- a/task-definition.json +++ /dev/null @@ -1,72 +0,0 @@ -{ - "family": "umt", - "containerDefinitions": [ - { - "name": "umt", - "image": "374269020027.dkr.ecr.eu-west-2.amazonaws.com/delius-core-user-management:0.0.0", - "cpu": 1024, - "memory": 4096, - "portMappings": [ - { - "containerPort": 8080, - "hostPort": 8080, - "protocol": "tcp" - } - ], - "essential": true, - "environment": [ - ], - "mountPoints": [], - "volumesFrom": [], - "secrets": [], - "readonlyRootFilesystem": false, - "logConfiguration": { - "logDriver": "awslogs", - "options": { - "awslogs-group": "dev-umt", - "awslogs-region": "eu-west-2", - "awslogs-stream-prefix": "dev-umt" - } - }, - "systemControls": [] - } - ], - "taskRoleArn": "arn:aws:iam::326912278139:role/dev-umt-ecs-task", - "executionRoleArn": "arn:aws:iam::326912278139:role/dev-umt-ecs-task-exec", - "networkMode": "awsvpc", - "cpu": "1024", - "memory": "4096", - "ephemeralStorage": { - "sizeInGiB": 30 - }, - "tags": [ - { - "key": "owner", - "value": "probation-webops@digital.justice.gov.uk" - }, - { - "key": "environment-name", - "value": "delius-core-development" - }, - { - "key": "source-code", - "value": "https://github.com/ministryofjustice/modernisation-platform-environments" - }, - { - "key": "application", - "value": "delius" - }, - { - "key": "is-production", - "value": "false" - }, - { - "key": "business-unit", - "value": "HMPPS" - }, - { - "key": "infrastructure-support", - "value": "probation-webops@digital.justice.gov.uk" - } - ] -} \ No newline at end of file