Skip to content

Commit

Permalink
Merge pull request #17 from futurice/add-prod-env
Browse files Browse the repository at this point in the history
Add prod env
  • Loading branch information
jareware authored Mar 23, 2020
2 parents 0c8ec7d + bb6f320 commit 931ffae
Show file tree
Hide file tree
Showing 6 changed files with 56 additions and 4 deletions.
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# https://help.github.com/en/actions/automating-your-workflow-with-github-actions/configuring-a-workflow

name: Deployment
name: Deploy DEV

on:
push:
Expand Down
30 changes: 30 additions & 0 deletions .github/workflows/deploy-prod.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
# https://help.github.com/en/actions/automating-your-workflow-with-github-actions/configuring-a-workflow

name: Deploy PROD

on:
release:
types:
- created # ...but not e.g. "edited", "deleted" etc

jobs:
deploy:
runs-on: ubuntu-latest
steps:
- name: Check out code
uses: actions/checkout@v2
- name: Set up node
uses: actions/setup-node@v1
with:
node-version: '12.16'
- name: Deploy
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_DEFAULT_REGION: eu-west-1
REACT_APP_API_ENDPOINT: https://api.oiretutka.fi/
run: |
sudo apt-get install -y awscli
npm install
./scripts/deploy-frontend prod
./scripts/deploy-backend prod
14 changes: 14 additions & 0 deletions infra/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,20 @@ module "env_dev" {
name_prefix = "${var.name_prefix}-dev"
tags = merge(var.tags, { Environment = "dev" })
frontend_password = var.frontend_password
frontend_domain = "dev.oiretutka.fi"
backend_domain = "api.dev.oiretutka.fi"
}

# Implements an instance of the app, for a specific env
module "env_prod" {
source = "./modules/main"
providers = { aws.us_east_1 = aws.us_east_1 } # this alias is needed because ACM is only available in the "us-east-1" region

name_prefix = "${var.name_prefix}-prod"
tags = merge(var.tags, { Environment = "prod" })
frontend_password = var.frontend_password
frontend_domain = "www.oiretutka.fi"
backend_domain = "api.oiretutka.fi"
}

# Pass along any output from the instantiated module
Expand Down
2 changes: 1 addition & 1 deletion infra/modules/main/backend.tf
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ module "backend_api" {

name_prefix = "${var.name_prefix}-backend-api"
tags = local.tags_backend
api_domain = "api.dev.oiretutka.fi"
api_domain = var.backend_domain
function_s3_bucket = aws_s3_bucket.backend_code.id
function_zipfile = "backend-lambda.zip"
function_handler = "index.apiEntrypoint"
Expand Down
4 changes: 2 additions & 2 deletions infra/modules/main/frontend.tf
Original file line number Diff line number Diff line change
Expand Up @@ -61,8 +61,8 @@ module "frontend" {
origin_url = "http://${aws_s3_bucket.frontend_code.website_endpoint}/" # S3 website endpoints are only available over plain HTTP
origin_custom_header_name = "User-Agent" # our S3 bucket will only allow requests containing this custom header
origin_custom_header_value = random_string.s3_read_password.result # somewhat perplexingly, this is the "correct" way to ensure users can't bypass CloudFront on their way to S3 resources; https://abridge2devnull.com/posts/2018/01/restricting-access-to-a-cloudfront-s3-website-origin/
site_domain = "dev.oiretutka.fi"
site_domain = var.frontend_domain
viewer_https_only = true
basic_auth_username = "dev"
basic_auth_username = "symptomradar"
basic_auth_password = var.frontend_password
}
8 changes: 8 additions & 0 deletions infra/modules/main/variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,14 @@ variable "name_prefix" {
description = "Name prefix to use for objects that need to be created (only lowercase alphanumeric characters and hyphens allowed, for S3 bucket name compatibility)"
}

variable "frontend_domain" {
description = "Full domain name under which the frontend should be made available on the Internet"
}

variable "backend_domain" {
description = "Full domain name under which the backend should be made available on the Internet"
}

variable "tags" {
description = "AWS Tags to add to all resources created (where possible); see https://aws.amazon.com/answers/account-management/aws-tagging-strategies/"
type = map(string)
Expand Down

0 comments on commit 931ffae

Please sign in to comment.