From 1d98a3546d4b4174f845a63e425e0b42275c8aa0 Mon Sep 17 00:00:00 2001 From: Alexandra Kirk Date: Thu, 10 Oct 2024 15:20:50 -0600 Subject: [PATCH 1/3] remove automated deployment to staging from merge into main branch --- .github/workflows/main.yml | 144 ------------------------------------- .github/workflows/pr.yml | 4 +- 2 files changed, 1 insertion(+), 147 deletions(-) delete mode 100644 .github/workflows/main.yml diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml deleted file mode 100644 index 7541f92b..00000000 --- a/.github/workflows/main.yml +++ /dev/null @@ -1,144 +0,0 @@ -name: Main - Lint, Test, and Deploy Workflow - -on: - push: - branches: - - main - -jobs: - lint: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - name: Set up Python - uses: actions/setup-python@v5 - with: - python-version: '3.9' - - - uses: actions/cache@v4 - with: - path: ${{ env.pythonLocation }} - key: ${{ env.pythonLocation }}-${{ hashFiles('setup.py') }} - - - name: Install python dependencies - run: | - python -m pip install --upgrade pip - python -m pip install -e .[dev,deploy,test] - - - name: Run pre-commit - run: pre-commit run --all-files - - test: - needs: [lint] - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - name: Set up Python - uses: actions/setup-python@v5 - with: - python-version: '3.9' - - - uses: actions/cache@v4 - with: - path: ${{ env.pythonLocation }} - key: ${{ env.pythonLocation }}-${{ hashFiles('setup.py') }} - - - name: Install python dependencies - run: | - python -m pip install --upgrade pip - python -m pip install -e .[dev,deploy,test] - - - name: Launch services - run: AWS_ACCESS_KEY_ID=${{ secrets.AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY=${{secrets.AWS_SECRET_ACCESS_KEY}} docker compose up --build -d - - - name: Ingest Stac Items/Collection - run: | - ./scripts/load-data-container.sh - - - name: Sleep for 10 seconds - run: sleep 10s - shell: bash - - - name: Integrations tests - run: python -m pytest .github/workflows/tests/ -vv -s - - - name: Install reqs for ingest api - run: python -m pip install -r ingest_api/runtime/requirements_dev.txt - - - name: Install veda auth for ingest api - run: python -m pip install common/auth - - - name: Ingest unit tests - run: NO_PYDANTIC_SSM_SETTINGS=1 python -m pytest ingest_api/runtime/tests/ -vv -s - - - name: Stop services - run: docker compose stop - - release: - needs: [test] - runs-on: ubuntu-latest - concurrency: release - permissions: - id-token: write - contents: write - - steps: - - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - name: Python Semantic Release - uses: python-semantic-release/python-semantic-release@master - with: - changelog: "false" - github_token: ${{ secrets.GITHUB_TOKEN }} - - deploy: - needs: [release] - - runs-on: ubuntu-latest - steps: - - - uses: actions/checkout@v4 - - name: Set up Python - uses: actions/setup-python@v5 - with: - python-version: '3.9' - - - name: Setup Node - uses: actions/setup-node@v4 - with: - node-version: 20 - - - name: Configure awscli - uses: aws-actions/configure-aws-credentials@v4 - with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - aws-region: us-west-2 - - - uses: actions/cache@v4 - with: - path: ~/.npm - key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('**/package-lock.json') }} - - - name: Install CDK - run: npm install -g aws-cdk@2 - - - uses: actions/cache@v4 - with: - path: ${{ env.pythonLocation }} - key: ${{ env.pythonLocation }}-${{ hashFiles('setup.py') }} - - - name: Install python dependencies - run: | - python -m pip install --upgrade pip - python -m pip install -e .[dev,deploy,test] - - - name: Get dev environment configuration for staging branch - run: ./scripts/get-env.sh "veda-backend-uah-staging-env" - - - name: Deploy - run: | - echo $STAGE - cdk deploy --require-approval never --outputs-file ${HOME}/cdk-outputs.json - \ No newline at end of file diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index 32a62f98..7222a93b 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -136,9 +136,7 @@ jobs: - name: Get environment configuration for target branch run: | - if [ "${{ github.base_ref }}" == "main" ]; then - ./scripts/get-env.sh "veda-backend-uah-staging-env" - elif [ "${{ github.base_ref }}" == "develop" ]; then + if [ "${{ github.base_ref }}" == "develop" ]; then ./scripts/get-env.sh "veda-backend-uah-dev-env" else echo "No environment associated with ${GITHUB_REF##*/} branch. Test changes against dev stack" From 247fa9b28de0fc563b5d714bdf038ef51e846844 Mon Sep 17 00:00:00 2001 From: Alexandra Kirk Date: Thu, 10 Oct 2024 15:43:44 -0600 Subject: [PATCH 2/3] ci: use shared cdk-deploy action for dev branch deployment --- .github/actions/cdk-deploy/action.yml | 2 +- .github/workflows/cicd.yml | 55 ++++++++++ .github/workflows/develop.yml | 143 -------------------------- 3 files changed, 56 insertions(+), 144 deletions(-) create mode 100644 .github/workflows/cicd.yml delete mode 100644 .github/workflows/develop.yml diff --git a/.github/actions/cdk-deploy/action.yml b/.github/actions/cdk-deploy/action.yml index 14fab9c3..893f4949 100644 --- a/.github/actions/cdk-deploy/action.yml +++ b/.github/actions/cdk-deploy/action.yml @@ -1,4 +1,4 @@ -name: Pre-Production - Test, and Deploy Workflow from Veda-Deploy +name: Test and Deploy Workflow inputs: env_aws_secret_name: diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml new file mode 100644 index 00000000..242d86be --- /dev/null +++ b/.github/workflows/cicd.yml @@ -0,0 +1,55 @@ +name: CDK Deploy Dev Workflow 🚀 + +permissions: + id-token: write + contents: read + +on: + push: + branches: + - dev + +jobs: + define-environment: + name: Set ✨ environment ✨ + runs-on: ubuntu-latest + steps: + - name: Set the environment based on the branch + id: define_environment + run: | + if [ "${{ github.ref }}" = "refs/heads/dev" ]; then + echo "env_name=dev" >> $GITHUB_OUTPUT + fi + - name: Print the environment + run: echo "The environment is ${{ steps.define_environment.outputs.env_name }}" + + outputs: + env_name: ${{ steps.define_environment.outputs.env_name }} + + deploy: + + name: Deploy to ${{ needs.define-environment.outputs.env_name }} 🚀 + runs-on: ubuntu-latest + if: ${{ needs.define-environment.outputs.env_name }} + needs: [define-environment] + environment: ${{ needs.define-environment.outputs.env_name }} + concurrency: ${{ needs.define-environment.outputs.env_name }} + + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + lfs: "true" + submodules: "false" + + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ secrets.DEPLOYMENT_ROLE_ARN }} + role-session-name: "veda-backend-github-${{ needs.define-environment.outputs.env_name }}-deployment" + aws-region: us-west-2 + + - name: Run veda-routes deployment + uses: "./.github/actions/cdk-deploy" + with: + env_aws_secret_name: ${{ vars.ENV_AWS_SECRET_NAME }} \ No newline at end of file diff --git a/.github/workflows/develop.yml b/.github/workflows/develop.yml deleted file mode 100644 index f3c12243..00000000 --- a/.github/workflows/develop.yml +++ /dev/null @@ -1,143 +0,0 @@ -name: Develop - Lint, Test, and Deploy Workflow - -on: - push: - branches: - - develop - -jobs: - lint-dev: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - name: Set up Python - uses: actions/setup-python@v5 - with: - python-version: '3.9' - - - uses: actions/cache@v4 - with: - path: ${{ env.pythonLocation }} - key: ${{ env.pythonLocation }}-${{ hashFiles('setup.py') }} - - - name: Install python dependencies - run: | - python -m pip install --upgrade pip - python -m pip install -e .[dev,deploy,test] - - - name: Run pre-commit - run: pre-commit run --all-files - - test-dev: - needs: [lint-dev] - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - name: Set up Python - uses: actions/setup-python@v5 - with: - python-version: '3.9' - - - uses: actions/cache@v4 - with: - path: ${{ env.pythonLocation }} - key: ${{ env.pythonLocation }}-${{ hashFiles('setup.py') }} - - - name: Install python dependencies - run: | - python -m pip install --upgrade pip - python -m pip install -e .[dev,deploy,test] - - - name: Launch services - run: AWS_ACCESS_KEY_ID=${{ secrets.AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY=${{secrets.AWS_SECRET_ACCESS_KEY}} docker compose up --build -d - - - name: Ingest Stac Items/Collection - run: | - ./scripts/load-data-container.sh - - - name: Sleep for 10 seconds - run: sleep 10s - shell: bash - - - name: Integrations tests - run: python -m pytest .github/workflows/tests/ -vv -s - - - name: Install reqs for ingest api - run: python -m pip install -r ingest_api/runtime/requirements_dev.txt - - - name: Install veda auth for ingest api - run: python -m pip install common/auth - - - name: Ingest unit tests - run: NO_PYDANTIC_SSM_SETTINGS=1 python -m pytest ingest_api/runtime/tests/ -vv -s - - - name: Stop services - run: docker compose stop - - pre-release: - needs: [test-dev] - runs-on: ubuntu-latest - concurrency: release - permissions: - id-token: write - contents: write - - steps: - - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - name: Python Semantic Release - uses: python-semantic-release/python-semantic-release@master - with: - changelog: "false" - github_token: ${{ secrets.GITHUB_TOKEN }} - - deploy-dev: - needs: [pre-release] - - runs-on: ubuntu-latest - steps: - - - uses: actions/checkout@v4 - - name: Set up Python - uses: actions/setup-python@v5 - with: - python-version: '3.9' - - - name: Setup Node - uses: actions/setup-node@v4 - with: - node-version: 20 - - - name: Configure awscli - uses: aws-actions/configure-aws-credentials@v4 - with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - aws-region: us-west-2 - - - uses: actions/cache@v4 - with: - path: ~/.npm - key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('**/package-lock.json') }} - - - name: Install CDK - run: npm install -g aws-cdk@2 - - - uses: actions/cache@v4 - with: - path: ${{ env.pythonLocation }} - key: ${{ env.pythonLocation }}-${{ hashFiles('setup.py') }} - - - name: Install python dependencies - run: | - python -m pip install --upgrade pip - python -m pip install -e .[dev,deploy,test] - - - name: Get dev environment configuration for develop branch - run: ./scripts/get-env.sh "veda-backend-uah-dev-env" - - - name: Deploy - run: | - echo $STAGE - cdk deploy --require-approval never --outputs-file ${HOME}/cdk-outputs.json \ No newline at end of file From 65a74dacfca423c5c1f3c1bb6475c01e5a1cc938 Mon Sep 17 00:00:00 2001 From: Alexandra Kirk Date: Fri, 11 Oct 2024 15:07:00 -0600 Subject: [PATCH 3/3] Update .github/workflows/cicd.yml Co-authored-by: Jennifer Tran <12633533+botanical@users.noreply.github.com> --- .github/workflows/cicd.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml index 242d86be..98f9a60e 100644 --- a/.github/workflows/cicd.yml +++ b/.github/workflows/cicd.yml @@ -49,7 +49,7 @@ jobs: role-session-name: "veda-backend-github-${{ needs.define-environment.outputs.env_name }}-deployment" aws-region: us-west-2 - - name: Run veda-routes deployment + - name: Run veda-backend deployment uses: "./.github/actions/cdk-deploy" with: env_aws_secret_name: ${{ vars.ENV_AWS_SECRET_NAME }} \ No newline at end of file