From 945bfb8a1d8b76c8733ff875776aeca41be3d6db Mon Sep 17 00:00:00 2001 From: "0xThresh.eth" <0xthresh@protonmail.com> Date: Wed, 2 Jul 2025 20:58:56 -0600 Subject: [PATCH 1/6] feat: add CD to deploy ECS when new image is created --- .github/workflows/terraform-ecs.yml | 39 +++++++++++++++++++++++++++++ infra/opentofu/ecs/main.tf | 2 +- infra/opentofu/ecs/variables.tf | 6 +++++ 3 files changed, 46 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/terraform-ecs.yml diff --git a/.github/workflows/terraform-ecs.yml b/.github/workflows/terraform-ecs.yml new file mode 100644 index 0000000..5e50e3f --- /dev/null +++ b/.github/workflows/terraform-ecs.yml @@ -0,0 +1,39 @@ +name: Terraform ECS Deploy + +on: + workflow_dispatch: + repository_dispatch: + types: [docker-image-pushed] + +jobs: + terraform-apply: + runs-on: ubuntu-latest + defaults: + run: + working-directory: infra/opentofu/ecs + env: + AWS_REGION: us-east-2 + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Set up Terraform + uses: hashicorp/setup-terraform@v3 + with: + terraform_version: 1.8.5 + + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ env.AWS_REGION }} + + - name: Terraform Init + run: terraform init + + - name: Terraform Plan + run: terraform plan -var="rpc_image=${{ github.event.client_payload.image_tag }}" + + - name: Terraform Apply + run: terraform apply -auto-approve -var="rpc_image=${{ github.event.client_payload.image_tag }}" diff --git a/infra/opentofu/ecs/main.tf b/infra/opentofu/ecs/main.tf index 975d710..4b07913 100644 --- a/infra/opentofu/ecs/main.tf +++ b/infra/opentofu/ecs/main.tf @@ -85,7 +85,7 @@ module "ecs" { cpu = 512 memory = 1024 essential = true - image = "ghcr.io/developer-dao/rpc:latest" + image = var.rpc_image port_mappings = [ { name = "dd-rpc" diff --git a/infra/opentofu/ecs/variables.tf b/infra/opentofu/ecs/variables.tf index deece27..a12a40b 100644 --- a/infra/opentofu/ecs/variables.tf +++ b/infra/opentofu/ecs/variables.tf @@ -2,4 +2,10 @@ variable "region" { description = "The AWS region to deploy the VPC in." default = "us-east-2" type = string +} + +variable "rpc_image" { + description = "The image tag or URI for the dd-rpc container." + type = string + default = "ghcr.io/developer-dao/rpc:latest" } \ No newline at end of file From 3731a13c866762c21164c0764ea7facc5dc4f5d8 Mon Sep 17 00:00:00 2001 From: "0xThresh.eth" <0xthresh@protonmail.com> Date: Wed, 2 Jul 2025 21:25:29 -0600 Subject: [PATCH 2/6] enh: move jobs into a single workflow for simplicity --- .github/workflows/build-and-deploy.yml | 58 ++++++++++++++++++++++++++ .github/workflows/docker-build.yml | 43 ------------------- .github/workflows/terraform-ecs.yml | 39 ----------------- 3 files changed, 58 insertions(+), 82 deletions(-) create mode 100644 .github/workflows/build-and-deploy.yml delete mode 100644 .github/workflows/docker-build.yml delete mode 100644 .github/workflows/terraform-ecs.yml diff --git a/.github/workflows/build-and-deploy.yml b/.github/workflows/build-and-deploy.yml new file mode 100644 index 0000000..fe51be6 --- /dev/null +++ b/.github/workflows/build-and-deploy.yml @@ -0,0 +1,58 @@ +name: Build and Deploy dd-rpc to ECS + +on: + push: + branches: + - main + - dev + +jobs: + build-and-deploy: + runs-on: ubuntu-latest + defaults: + run: + working-directory: infra/opentofu/ecs + env: + AWS_REGION: us-east-2 + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Log in to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push dd-rpc image + uses: docker/build-push-action@v5 + with: + context: . + file: ./Dockerfile + push: true + tags: ghcr.io/developer-dao/rpc:${{ github.sha }} + + - name: Set up Terraform + uses: hashicorp/setup-terraform@v3 + with: + terraform_version: 1.8.5 + + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ env.AWS_REGION }} + + - name: Terraform Init + run: terraform init + + - name: Terraform Plan + run: terraform plan -var="rpc_image=ghcr.io/developer-dao/rpc:${{ github.sha }}" + + - name: Terraform Apply + run: terraform apply -auto-approve -var="rpc_image=ghcr.io/developer-dao/rpc:${{ github.sha }}" diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml deleted file mode 100644 index 094a58b..0000000 --- a/.github/workflows/docker-build.yml +++ /dev/null @@ -1,43 +0,0 @@ -name: docker-build-test - -on: - push: - branches: - - "**" - -jobs: - docker: - runs-on: ubuntu-latest - permissions: - packages: write - steps: - - - name: Login to Github Container Registry - uses: docker/login-action@v3 - with: - registry: https://ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - - name: Determine Docker tags - id: vars - run: | - if [ "${{ github.ref }}" == "refs/heads/main" ]; then - echo "TAGS=ghcr.io/developer-dao/rpc:latest,ghcr.io/developer-dao/rpc:${{ github.sha }}" >> $GITHUB_ENV - else - BRANCH_NAME=$(echo "${{ github.ref }}" | sed 's|refs/heads/||' | tr '/' '-' | tr '[:upper:]' '[:lower:]') - echo "TAGS=ghcr.io/developer-dao/rpc:${BRANCH_NAME}-${{ github.sha }}" >> $GITHUB_ENV - fi - - - name: Build and push - uses: docker/build-push-action@v6 - with: - push: true - load: false - tags: ${{ env.TAGS }} \ No newline at end of file diff --git a/.github/workflows/terraform-ecs.yml b/.github/workflows/terraform-ecs.yml deleted file mode 100644 index 5e50e3f..0000000 --- a/.github/workflows/terraform-ecs.yml +++ /dev/null @@ -1,39 +0,0 @@ -name: Terraform ECS Deploy - -on: - workflow_dispatch: - repository_dispatch: - types: [docker-image-pushed] - -jobs: - terraform-apply: - runs-on: ubuntu-latest - defaults: - run: - working-directory: infra/opentofu/ecs - env: - AWS_REGION: us-east-2 - steps: - - name: Checkout code - uses: actions/checkout@v4 - - - name: Set up Terraform - uses: hashicorp/setup-terraform@v3 - with: - terraform_version: 1.8.5 - - - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - aws-region: ${{ env.AWS_REGION }} - - - name: Terraform Init - run: terraform init - - - name: Terraform Plan - run: terraform plan -var="rpc_image=${{ github.event.client_payload.image_tag }}" - - - name: Terraform Apply - run: terraform apply -auto-approve -var="rpc_image=${{ github.event.client_payload.image_tag }}" From 068274af81574e22bed4498392a8032b4619116e Mon Sep 17 00:00:00 2001 From: "0xThresh.eth" <0xthresh@protonmail.com> Date: Wed, 2 Jul 2025 21:26:16 -0600 Subject: [PATCH 3/6] fix: add current branch to trigger list for testing --- .github/workflows/build-and-deploy.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/build-and-deploy.yml b/.github/workflows/build-and-deploy.yml index fe51be6..8f2315c 100644 --- a/.github/workflows/build-and-deploy.yml +++ b/.github/workflows/build-and-deploy.yml @@ -5,6 +5,7 @@ on: branches: - main - dev + - ecs-cd jobs: build-and-deploy: From e75dbfacbfeb225d36759bd7edeab8e9ab4eef0b Mon Sep 17 00:00:00 2001 From: "0xThresh.eth" <0xthresh@protonmail.com> Date: Thu, 3 Jul 2025 16:53:04 -0600 Subject: [PATCH 4/6] enh: move to s3 state storage --- infra/opentofu/ecs/backend.tf | 13 ++++++------- infra/opentofu/vpc/backend.tf | 13 ++++++------- 2 files changed, 12 insertions(+), 14 deletions(-) diff --git a/infra/opentofu/ecs/backend.tf b/infra/opentofu/ecs/backend.tf index c98f272..4bfcf4c 100644 --- a/infra/opentofu/ecs/backend.tf +++ b/infra/opentofu/ecs/backend.tf @@ -1,11 +1,10 @@ terraform { - # backend "s3" { # TODO: Migrate to S3 when AWS account and S3 bucket is set up - # bucket = "dd-rpc-terraform-state" - # key = "ecs/terraform.tfstate" - # region = var.region - # encrypt = true - # } - backend "local" {} + backend "s3" { + bucket = "dd-test-rpc-terraform-state" + key = "ecs/terraform.tfstate" + region = "us-east-2" + encrypt = true + } required_version = ">= 1.0.0" required_providers { diff --git a/infra/opentofu/vpc/backend.tf b/infra/opentofu/vpc/backend.tf index ab90e58..fc025a0 100644 --- a/infra/opentofu/vpc/backend.tf +++ b/infra/opentofu/vpc/backend.tf @@ -1,11 +1,10 @@ terraform { - # backend "s3" { # TODO: Migrate to S3 when AWS account and S3 bucket is set up - # bucket = "dd-rpc-terraform-state" - # key = "vpc/terraform.tfstate" - # region = var.region - # encrypt = true - # } - backend "local" {} + backend "s3" { + bucket = "dd-test-rpc-terraform-state" + key = "vpc/terraform.tfstate" + region = "us-east-2" + encrypt = true + } required_version = ">= 1.0.0" required_providers { From fad366a00a36121cb6840893a2ce3fb46483486f Mon Sep 17 00:00:00 2001 From: "0xThresh.eth" <0xthresh@protonmail.com> Date: Thu, 3 Jul 2025 17:25:46 -0600 Subject: [PATCH 5/6] fix: update data block to use S3 state --- infra/opentofu/ecs/main.tf | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/infra/opentofu/ecs/main.tf b/infra/opentofu/ecs/main.tf index 4b07913..9c85030 100644 --- a/infra/opentofu/ecs/main.tf +++ b/infra/opentofu/ecs/main.tf @@ -1,9 +1,11 @@ # Reference VPC outputs from the vpc folder's state # TODO: Migrate to S3 when AWS account and S3 bucket is set up data "terraform_remote_state" "vpc" { - backend = "local" + backend = "s3" config = { - path = "../vpc/terraform.tfstate" + bucket = "dd-test-rpc-terraform-state" + key = "vpc/terraform.tfstate" + region = "us-east-2" } } From cb067cbc37ab087269a578b486bbbfb6c1721d7a Mon Sep 17 00:00:00 2001 From: "0xThresh.eth" <0xthresh@protonmail.com> Date: Thu, 3 Jul 2025 17:58:18 -0600 Subject: [PATCH 6/6] test: trigger CD with new image --- .env.example | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.env.example b/.env.example index 5a8e916..80ee8da 100644 --- a/.env.example +++ b/.env.example @@ -1,5 +1,5 @@ DATABASE_URL=postgres://ddrpcdev:ddrpc123@host.docker.internal:5432/ddrpc SMTP_USERNAME=test@asdlfknason.com -SMTP_PASSWORD=test! +SMTP_PASSWORD=test!! ETHEREUM_ENDPOINT=http://host.docker.internal:8545 JWT_KEY=