CodeBuild + CodePipeline + Nginx API Gateway #13
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…r creation The task is updated via a Code Pipeline deploy operation so once it's created that becomes the new source of truth for it
Terraform Run Output 🤖Format and Style 🖌
|
| Pusher | @hellais |
| Action | pull_request |
| Environment | dev |
| Workflow | .github/workflows/check_terraform.yml |
| Last updated | Thu, 14 Mar 2024 07:46:06 GMT |
Ansible Run Output 🤖Ansible Playbook Recap 🔍Ansible playbook output 📖
|
| Pusher | @hellais |
| Action | pull_request |
| Working Directory | |
| Workflow | .github/workflows/check_ansible.yml |
| Last updated | Thu, 14 Mar 2024 07:46:38 GMT |
This PR is to refactor the various resource groups into modules to make it easier to develop the test environment. See: #6 Also includes changes implemented by @DecFox feat: add OONI Dev User for GH actions (#17) This adds a new IAM user: ooni_dev_user which shall be used as the github user to run terraform apply. This IAM user has been given minimal ReadOnly permissions to resources which allow it to successfully run `terraform plan` --------- Co-authored-by: DecFox <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Convert to terraform the CodeBuild and CodePipeline projects that were previously created through the web UI (fixes: #12) and add support for an nginx based API gateway (fixes: #7)
To convert CodeBuild and CodePipeline to terraform I made use the of the terraformer tool running it like this:
The output of this tool cannot be used as-is, but instead required a bit of massaging to adapt it to the conventions used in the ooni terraform scripts and hook it up to the existing variables, however it was very helpful to bootstrap the config.
For the nginx API gateway, the actual configuration is still missing, but the general idea is that we will have a Elastic Load Balancer rule to forward requests to the nginx reverse proxy running in EC2 or the dataapi running on ECS.
Note:
As part of this work I also did some refactoring of the names of some of the resources and items inside of the terraform config. In doing so this triggered a destruction and re-creation of all relevant resources, which is I guess a nice lesson learned (I actually saw it from the plan, but was curious to see what would happen).
In the future if we would like to do this kind of refactoring we should be sure to make use of the
movedsyntax in terraform like this: https://developer.hashicorp.com/terraform/language/modules/develop/refactoring#moved-block-syntax or manually move the state by runningterraform mv.