Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
refactor (draft-)router-api to new deployment style
In PR #150, we refactored the way we deploy applications by outputting the application task definition json when applying the govuk platforming terraform. This json file is then diffed with previous version and if changes exist, a new task definition is created for the app using AWS cli. This PR refactors (draft-)router-api app to use this new deployment style. Similar PRs are #152, #153 and #154 for other apps. Ref: 1. [trello card](https://trello.com/c/HDvhDo1t/379-update-the-router-api-application-to-use-the-new-deployment-approach)
- Loading branch information
1 parent
d7879da
commit 268653b
Showing
17 changed files
with
171 additions
and
321 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
97 changes: 75 additions & 22 deletions
97
terraform/deployments/govuk-publishing-platform/app_router_api.tf
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,41 +1,94 @@ | ||
locals { | ||
router_api_defaults = { | ||
cpu = 512 # TODO parameterize this | ||
memory = 1024 # TODO parameterize this | ||
|
||
environment_variables = merge( | ||
local.defaults.environment_variables, | ||
{ | ||
GOVUK_APP_NAME = "router-api", | ||
GOVUK_APP_ROOT = "/var/apps/router-api", | ||
PLEK_SERVICE_SIGNON_URI = local.defaults.signon_uri, | ||
} | ||
) | ||
|
||
secrets_from_arns = local.defaults.secrets_from_arns | ||
|
||
mongodb_hosts = join(",", [ | ||
data.terraform_remote_state.govuk_aws_router_mongo.outputs.router_backend_1_service_dns_name, | ||
data.terraform_remote_state.govuk_aws_router_mongo.outputs.router_backend_2_service_dns_name, | ||
data.terraform_remote_state.govuk_aws_router_mongo.outputs.router_backend_3_service_dns_name, | ||
]) | ||
} | ||
} | ||
|
||
|
||
module "router_api" { | ||
source = "../../modules/app" | ||
|
||
service_name = "router-api" | ||
mesh_name = aws_appmesh_mesh.govuk.id | ||
service_discovery_namespace_id = aws_service_discovery_private_dns_namespace.govuk_publishing_platform.id | ||
service_discovery_namespace_name = aws_service_discovery_private_dns_namespace.govuk_publishing_platform.name | ||
subnets = local.private_subnets | ||
vpc_id = local.vpc_id | ||
cluster_id = aws_ecs_cluster.cluster.id | ||
source = "../../modules/app" | ||
vpc_id = local.vpc_id | ||
subnets = local.private_subnets | ||
desired_count = var.router_api_desired_count | ||
extra_security_groups = [local.govuk_management_access_security_group, aws_security_group.mesh_ecs_service.id] | ||
environment_variables = {} # TODO | ||
secrets_from_arns = {} # TODO | ||
log_group = local.log_group | ||
aws_region = data.aws_region.current.name | ||
cpu = 512 | ||
memory = 1024 | ||
task_role_arn = aws_iam_role.task.arn | ||
execution_role_arn = aws_iam_role.execution.arn | ||
environment_variables = merge( | ||
local.router_api_defaults.environment_variables, | ||
{ | ||
ROUTER_NODES = local.defaults.router_urls, | ||
MONGODB_URI = "mongodb://${local.router_api_defaults.mongodb_hosts}/router", | ||
}, | ||
) | ||
secrets_from_arns = merge( | ||
local.router_api_defaults.secrets_from_arns, | ||
{ | ||
GDS_SSO_OAUTH_ID = data.aws_secretsmanager_secret.router_api_oauth_id.arn, | ||
GDS_SSO_OAUTH_SECRET = data.aws_secretsmanager_secret.router_api_oauth_secret.arn, | ||
SECRET_KEY_BASE = data.aws_secretsmanager_secret.router_api_secret_key_base.arn, | ||
}, | ||
) | ||
log_group = local.log_group | ||
aws_region = data.aws_region.current.name | ||
cpu = local.router_api_defaults.cpu | ||
memory = local.router_api_defaults.memory | ||
task_role_arn = aws_iam_role.task.arn | ||
execution_role_arn = aws_iam_role.execution.arn | ||
} | ||
|
||
module "draft_router_api" { | ||
source = "../../modules/app" | ||
|
||
service_name = "draft-router-api" | ||
mesh_name = aws_appmesh_mesh.govuk.id | ||
service_discovery_namespace_id = aws_service_discovery_private_dns_namespace.govuk_publishing_platform.id | ||
service_discovery_namespace_name = aws_service_discovery_private_dns_namespace.govuk_publishing_platform.name | ||
subnets = local.private_subnets | ||
vpc_id = local.vpc_id | ||
cluster_id = aws_ecs_cluster.cluster.id | ||
source = "../../modules/app" | ||
vpc_id = local.vpc_id | ||
subnets = local.private_subnets | ||
desired_count = var.draft_router_api_desired_count | ||
extra_security_groups = [local.govuk_management_access_security_group, aws_security_group.mesh_ecs_service.id] | ||
environment_variables = {} # TODO | ||
secrets_from_arns = {} # TODO | ||
log_group = local.log_group | ||
aws_region = data.aws_region.current.name | ||
cpu = 512 | ||
memory = 1024 | ||
task_role_arn = aws_iam_role.task.arn | ||
execution_role_arn = aws_iam_role.execution.arn | ||
environment_variables = merge( | ||
local.router_api_defaults.environment_variables, | ||
{ | ||
ROUTER_NODES = local.defaults.draft_router_urls, | ||
MONGODB_URI = "mongodb://${local.router_api_defaults.mongodb_hosts}/draft_router", | ||
}, | ||
) | ||
secrets_from_arns = merge( | ||
local.router_api_defaults.secrets_from_arns, | ||
{ | ||
GDS_SSO_OAUTH_ID = data.aws_secretsmanager_secret.draft_router_api_oauth_id.arn, | ||
GDS_SSO_OAUTH_SECRET = data.aws_secretsmanager_secret.draft_router_api_oauth_secret.arn, | ||
SECRET_KEY_BASE = data.aws_secretsmanager_secret.draft_router_api_secret_key_base.arn, | ||
}, | ||
) | ||
log_group = local.log_group | ||
aws_region = data.aws_region.current.name | ||
cpu = local.router_api_defaults.cpu | ||
memory = local.router_api_defaults.memory | ||
task_role_arn = aws_iam_role.task.arn | ||
execution_role_arn = aws_iam_role.execution.arn | ||
} |
Oops, something went wrong.