Add README and update files

QED-it · Jan 20, 2025 · 54e1d82 · 54e1d82
1 parent 2440589
commit 54e1d82
Show file tree

Hide file tree

Showing 10 changed files with 180 additions and 16 deletions.
diff --git a/.github/workflows/push-deploy.yaml b/.github/workflows/push-deploy.yaml
@@ -1,3 +1,7 @@
+# This GitHub Actions workflow automates the process of deploying a Dockerized application
+# to Amazon ECS. It triggers on any new tag, builds a Docker image, pushes it to Amazon
+# Elastic Container Registry (ECR), and updates the specified ECS service to use the
+# latest image.
 name: Deploy to Amazon ECS
 
 on:
@@ -32,18 +36,27 @@ jobs:
         id: login-ecr
         uses: aws-actions/amazon-ecr-login@62f4f872db3836360b72999f4b87f1ff13310f3a
 
+      - name: Get short commit hash
+        id: vars
+        run: echo "SHORT_SHA=$(git rev-parse --short HEAD)" >> $GITHUB_ENV
+
       - name: Build, tag, and push image to Amazon ECR
         id: build-image
         env:
           ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
-          IMAGE_TAG: latest
+          IMAGE_TAG_LATEST: latest
+          IMAGE_TAG_COMMIT: ${{ env.SHORT_SHA }}
         run: |
-          # Build a docker container and
-          # push it to ECR so that it can
-          # be deployed to ECS.
-          docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG -f demo-deploy/dockerfile .
-          docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
-          echo "image=$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG" >> $GITHUB_OUTPUT
+          # Build a docker container
+          docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG_LATEST -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG_COMMIT -f demo-deploy/dockerfile .
+          
+          # Push both tags to ECR
+          docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG_LATEST
+          docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG_COMMIT
+
+          # Output the image URIs
+          echo "image_latest=$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG_LATEST" >> $GITHUB_OUTPUT
+          echo "image_commit=$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG_COMMIT" >> $GITHUB_OUTPUT
 
       - name: Update ECS Service to use the latest image
         run: |

diff --git a/demo-deploy/Makefile b/demo-deploy/Makefile
@@ -0,0 +1,44 @@
+# Define variables
+ACCOUNT_DIR := dev
+REGION := eu-central-1
+ENVIRONMENT := zsa
+AWS_PROFILE := qed-it
+BASE_DIR := /Users/arsenikalma/GIT/qed-it/zebra/demo-deploy/infra/terragrunt-aws-environments
+
+# Check prerequisites
+.PHONY: check-prerequisites plan-all apply-all destroy-all
+
+check-prerequisites:
+	@echo "Checking prerequisites..."
+	@if ! command -v aws >/dev/null 2>&1; then \
+		echo "Error: AWS CLI is not installed."; \
+		exit 1; \
+	fi
+	@if ! command -v terragrunt >/dev/null 2>&1; then \
+		echo "Error: Terragrunt is not installed."; \
+		exit 1; \
+	fi
+	@if ! grep -q "\[$(AWS_PROFILE)\]" ~/.aws/credentials; then \
+		echo "Error: AWS profile '$(AWS_PROFILE)' does not exist."; \
+		exit 1; \
+	fi
+	@echo "All prerequisites are met."
+
+# Plan changes for all modules in an environment
+plan-all: check-prerequisites
+	@echo "Planning changes for all modules in $(BASE_DIR)/$(ACCOUNT_DIR)/$(REGION)/$(ENVIRONMENT)..."
+	cd $(BASE_DIR)/$(ACCOUNT_DIR)/$(REGION)/$(ENVIRONMENT) && \
+	terragrunt plan-all
+
+# Apply changes for all modules in an environment
+apply-all: check-prerequisites
+	@echo "Applying changes for all modules in $(BASE_DIR)/$(ACCOUNT_DIR)/$(REGION)/$(ENVIRONMENT)..."
+	cd $(BASE_DIR)/$(ACCOUNT_DIR)/$(REGION)/$(ENVIRONMENT) && \
+	terragrunt apply-all
+
+# Destroy all resources in an environment
+destroy-all: check-prerequisites
+	@echo "Destroying all resources in $(BASE_DIR)/$(ACCOUNT_DIR)/$(REGION)/$(ENVIRONMENT)..."
+	cd $(BASE_DIR)/$(ACCOUNT_DIR)/$(REGION)/$(ENVIRONMENT) && \
+	terragrunt destroy-all
+
diff --git a/demo-deploy/README.md b/demo-deploy/README.md
@@ -1,3 +1,51 @@
-# Background
-This folder contains the dockerfile and the Terraform code that will be deployed to the ECS cluster.
-There is a github action that will build the docker image and push it to the ECR repository, updating the ECS service to use the latest image.
+# Infrastructure Deployment Makefile
+
+This repository includes a `Makefile` to streamline the deployment, management, and teardown of AWS infrastructure using Terragrunt. The script ensures all prerequisites are met and simplifies executing commands for planning, applying, and destroying infrastructure across all modules in a specific environment.
+
+## Prerequisites
+
+Before using this script, ensure the following:
+
+1. **AWS CLI**:
+   - Install the AWS CLI.
+   - Configure it with your credentials.
+   - Ensure the `qed-it` AWS profile exists in `~/.aws/credentials`.
+
+2. **Terragrunt**:
+   - Install Terragrunt: [Install Instructions](https://terragrunt.gruntwork.io/docs/getting-started/install/).
+
+3. **Make**:
+   - Ensure `make` is installed on your system.
+
+4. **Repository Structure**:
+   - The script expects the `infra/terragrunt-aws-environments` directory to exist at the following location:
+     ```
+     /Users/arsenikalma/GIT/qed-it/zebra/demo-deploy/infra/terragrunt-aws-environments
+     ```
+   - Update the `Makefile` if the directory structure changes.
+
+## Makefile Targets
+
+### 1. `check-prerequisites`
+- Verifies that the required tools and configurations are available:
+  - AWS CLI is installed.
+  - Terragrunt is installed.
+  - The `qed-it` AWS profile exists.
+
+### 2. `plan-all`
+- **Command**: `make plan-all`
+- Plans changes for all modules in the environment specified in the `Makefile`.
+
+### 3. `apply-all`
+- **Command**: `make apply-all`
+- Applies the planned changes for all modules in the environment.
+
+### 4. `destroy-all`
+- **Command**: `make destroy-all`
+- Destroys all resources in the specified environment.
+
+## Usage
+
+1. Navigate to the directory containing the `Makefile`:
+   ```bash
+   cd /Users/arsenikalma/GIT/qed-it/zebra/demo-deploy
diff --git a/demo-deploy/dockerfile b/demo-deploy/dockerfile
@@ -14,4 +14,4 @@ RUN cargo build --release --package zebrad --bin zebrad --features="getblocktemp
 EXPOSE 18232
 
 # Set the entrypoint
-ENTRYPOINT ["target/release/zebrad", "-c", "regtest-config.toml"]
+ENTRYPOINT ["target/release/zebrad", "-c", "regtest-config.toml"]
diff --git a/demo-deploy/infra/terraform-aws-modules/ecs/main.tf b/demo-deploy/infra/terraform-aws-modules/ecs/main.tf
@@ -118,6 +118,16 @@ resource "aws_ecs_task_definition" "task" {
           awslogs-stream-prefix = "ecs"
         }
       } : null
+      healthCheck = {
+        command = [
+          "CMD-SHELL",
+          "curl --silent --user myusername --data-binary '{\"jsonrpc\": \"1.0\", \"id\":\"curltest\", \"method\": \"getinfo\", \"params\": [] }' -H 'content-type: text/plain;' http://127.0.0.1:8232/ | grep 'version'"
+        ]
+        interval           = 15
+        timeout            = 10
+        retries            = 3
+        startPeriod        = 120
+      }
 
     mountPoints = var.enable_persistent ? [{
         sourceVolume  = "persistent-volume"
@@ -345,7 +355,7 @@ resource "aws_security_group" "efs_sg" {
 
 data "aws_route53_zone" "selected" {
   count        = var.enable_domain ? 1 : 0
-  name         = var.domain
+  name         = var.zone_name
   private_zone = false
 }
 

diff --git a/demo-deploy/infra/terraform-aws-modules/vpc/outputs.tf b/demo-deploy/infra/terraform-aws-modules/vpc/outputs.tf
@@ -34,4 +34,4 @@ output "private_route_table_ids" {
 output "vpc_default_security_group_id" {
   description = "The default security group id of the VPC"
   value       = data.aws_security_group.default.id
-}
+}
diff --git a/demo-deploy/infra/terraform-aws-modules/vpc/variables.tf b/demo-deploy/infra/terraform-aws-modules/vpc/variables.tf
@@ -25,4 +25,4 @@ variable "default_sg_allow_all_self" {
   description = "Security group allow all traffic to itself"
   type = bool
   default = false
-}
+}
diff --git a/...eploy/infra/terragrunt-aws-environments/dev/eu-central-1/zsa/ecr-logs/.terraform.lock.hcl b/...eploy/infra/terragrunt-aws-environments/dev/eu-central-1/zsa/ecr-logs/.terraform.lock.hcl
diff --git a/demo-deploy/infra/terragrunt-aws-environments/dev/eu-central-1/zsa/ecr-logs/terragrunt.hcl b/demo-deploy/infra/terragrunt-aws-environments/dev/eu-central-1/zsa/ecr-logs/terragrunt.hcl
@@ -0,0 +1,25 @@
+locals {
+  # Automatically load environment-level variables
+  environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
+
+region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
+account_vars = read_terragrunt_config(find_in_parent_folders("account.hcl"))
+# Extract out common variables for reuse
+env = local.environment_vars.locals.environment
+}
+
+# Terragrunt will copy the Terraform configurations specified by the source parameter, along with any files in the
+# working directory, into a temporary folder, and execute your Terraform commands in that folder.
+terraform {
+  source = "../../../../../terraform-aws-modules//ecr"
+}
+
+# Include all settings from the root terragrunt.hcl file
+include {
+path = find_in_parent_folders()
+}
+
+inputs = {
+  env = local.env
+  name = "zebra-logs"
+}
diff --git a/demo-deploy/infra/terragrunt-aws-environments/dev/eu-central-1/zsa/ecs/terragrunt.hcl b/demo-deploy/infra/terragrunt-aws-environments/dev/eu-central-1/zsa/ecs/terragrunt.hcl
@@ -45,8 +45,8 @@ inputs = {
   enable_logging = true
 
   enable_domain = true
-  domain = "zebra.qed-it.com"
-  zone_name = "zebra.qed-it.com"
+  domain = "zebra.zsa-test.net"
+  zone_name = "zsa-test.net"
 
   persistent_volume_size = 40