natdeanlewissoftwire
1 year ago
34 changed files with 469 additions and 930 deletions
@ -1,92 +1,64 @@ |
|||||||
name: Review app teardown pipeline |
name: Review app teardown pipeline |
||||||
|
|
||||||
|
concurrency: |
||||||
|
group: review-${{ github.event.pull_request.number }} |
||||||
|
|
||||||
on: |
on: |
||||||
pull_request: |
pull_request: |
||||||
types: |
types: |
||||||
- closed |
- closed |
||||||
workflow_dispatch: |
workflow_dispatch: |
||||||
|
|
||||||
defaults: |
env: |
||||||
run: |
app_repo_role: arn:aws:iam::815624722760:role/core-application-repo |
||||||
shell: bash |
aws_account_id: 837698168072 |
||||||
|
aws_region: eu-west-2 |
||||||
|
aws_role_prefix: core-dev |
||||||
|
aws_task_prefix: core-review-${{ github.event.pull_request.number }} |
||||||
|
|
||||||
jobs: |
jobs: |
||||||
app: |
database: |
||||||
name: Teardown app |
name: Drop database |
||||||
runs-on: ubuntu-latest |
runs-on: ubuntu-latest |
||||||
environment: review |
permissions: |
||||||
|
id-token: write |
||||||
|
|
||||||
steps: |
steps: |
||||||
- name: Install Cloud Foundry CLI |
- name: Configure AWS credentials |
||||||
run: | |
uses: aws-actions/configure-aws-credentials@v3 |
||||||
wget --user-agent "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.3 Safari/605.1.15" -q -O - https://packages.cloudfoundry.org/debian/cli.cloudfoundry.org.key | sudo apt-key add - |
with: |
||||||
echo "deb https://packages.cloudfoundry.org/debian stable main" | sudo tee /etc/apt/sources.list.d/cloudfoundry-cli.list |
aws-region: ${{ env.aws_region }} |
||||||
sudo apt-get update |
role-to-assume: ${{ env.app_repo_role }} |
||||||
sudo apt-get install cf8-cli |
|
||||||
|
|
||||||
- name: Teardown app |
- name: Configure AWS credentials for review environment |
||||||
env: |
uses: aws-actions/configure-aws-credentials@v3 |
||||||
CF_USERNAME: ${{ secrets.CF_USERNAME }} |
with: |
||||||
CF_PASSWORD: ${{ secrets.CF_PASSWORD }} |
aws-region: ${{ env.aws_region }} |
||||||
CF_API_ENDPOINT: ${{ secrets.CF_API_ENDPOINT }} |
role-to-assume: arn:aws:iam::${{ env.aws_account_id }}:role/${{ env.aws_role_prefix }}-deployment |
||||||
CF_SPACE: dev |
role-chaining: true |
||||||
CF_ORG: ${{ secrets.CF_ORG }} |
|
||||||
run: | |
|
||||||
cf api $CF_API_ENDPOINT |
|
||||||
cf auth |
|
||||||
cf target -o $CF_ORG -s $CF_SPACE |
|
||||||
cf delete dluhc-core-review-${{ github.event.pull_request.number }} -f -r |
|
||||||
|
|
||||||
postgres: |
- name: Drop Database |
||||||
name: Teardown postgres |
|
||||||
runs-on: ubuntu-latest |
|
||||||
environment: review |
|
||||||
needs: [app] |
|
||||||
|
|
||||||
steps: |
|
||||||
- name: Install Cloud Foundry CLI |
|
||||||
run: | |
|
||||||
wget --user-agent "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.3 Safari/605.1.15" -q -O - https://packages.cloudfoundry.org/debian/cli.cloudfoundry.org.key | sudo apt-key add - |
|
||||||
echo "deb https://packages.cloudfoundry.org/debian stable main" | sudo tee /etc/apt/sources.list.d/cloudfoundry-cli.list |
|
||||||
sudo apt-get update |
|
||||||
sudo apt-get install cf8-cli |
|
||||||
|
|
||||||
- name: Teardown postgres |
|
||||||
env: |
env: |
||||||
CF_USERNAME: ${{ secrets.CF_USERNAME }} |
ad_hoc_task_definition: ${{ env.aws_task_prefix }}-ad-hoc |
||||||
CF_PASSWORD: ${{ secrets.CF_PASSWORD }} |
cluster: ${{ env.aws_task_prefix }}-app |
||||||
CF_API_ENDPOINT: ${{ secrets.CF_API_ENDPOINT }} |
service: ${{ env.aws_task_prefix }}-app |
||||||
CF_SPACE: dev |
|
||||||
CF_ORG: ${{ secrets.CF_ORG }} |
|
||||||
run: | |
|
||||||
cf api $CF_API_ENDPOINT |
|
||||||
cf auth |
|
||||||
cf target -o $CF_ORG -s $CF_SPACE |
|
||||||
cf delete-service dluhc-core-review-${{ github.event.pull_request.number }}-postgres --wait -f |
|
||||||
|
|
||||||
redis: |
|
||||||
name: Teardown redis |
|
||||||
runs-on: ubuntu-latest |
|
||||||
environment: review |
|
||||||
needs: [app] |
|
||||||
|
|
||||||
steps: |
|
||||||
- name: Install Cloud Foundry CLI |
|
||||||
run: | |
run: | |
||||||
wget --user-agent "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.3 Safari/605.1.15" -q -O - https://packages.cloudfoundry.org/debian/cli.cloudfoundry.org.key | sudo apt-key add - |
network=$(aws ecs describe-services --cluster $cluster --services $service --query services[0].networkConfiguration) |
||||||
echo "deb https://packages.cloudfoundry.org/debian stable main" | sudo tee /etc/apt/sources.list.d/cloudfoundry-cli.list |
overrides='{ "containerOverrides" : [{ "name" : "app", "command" : ["bundle", "exec", "rake", "db:drop"]}]}' |
||||||
sudo apt-get update |
arn=$(aws ecs run-task --cluster $cluster --task-definition $ad_hoc_task_definition --network-configuration "$network" --overrides "$overrides" --group migrations --launch-type FARGATE --query tasks[0].taskArn) |
||||||
sudo apt-get install cf8-cli |
echo "Waiting for db prepare task to complete" |
||||||
|
temp=${arn##*/} |
||||||
|
id=${temp%*\"} |
||||||
|
aws ecs wait tasks-stopped --cluster $cluster --tasks $id |
||||||
|
succeeded=$(aws ecs describe-tasks --cluster $cluster --tasks $id --query "tasks[0].stopCode == 'EssentialContainerExited' && to_string(tasks[0].containers[0].exitCode) == '0'") |
||||||
|
if [ $succeeded == true ]; then exit 0; else exit 1; fi |
||||||
|
|
||||||
- name: Teardown redis |
infra: |
||||||
env: |
name: Teardown review app |
||||||
CF_USERNAME: ${{ secrets.CF_USERNAME }} |
needs: [database] |
||||||
CF_PASSWORD: ${{ secrets.CF_PASSWORD }} |
uses: communitiesuk/submit-social-housing-lettings-and-sales-data-infrastructure/.github/workflows/destroy_review_app_infra.yml@main |
||||||
CF_API_ENDPOINT: ${{ secrets.CF_API_ENDPOINT }} |
with: |
||||||
CF_SPACE: dev |
key: ${{ github.event.pull_request.number }} |
||||||
CF_ORG: ${{ secrets.CF_ORG }} |
app_repo_role: arn:aws:iam::815624722760:role/core-application-repo |
||||||
run: | |
permissions: |
||||||
cf api $CF_API_ENDPOINT |
id-token: write |
||||||
cf auth |
|
||||||
cf target -o $CF_ORG -s $CF_SPACE |
|
||||||
cf delete-service dluhc-core-review-${{ github.event.pull_request.number }}-redis --wait -f |
|
||||||
|
@ -0,0 +1,9 @@ |
|||||||
|
--- |
||||||
|
parent: Architecture decisions |
||||||
|
--- |
||||||
|
|
||||||
|
# 020: Migration to AWS |
||||||
|
|
||||||
|
GOV.UK PaaS is being decomissioned at the end of this year and by 23 December 2023 all services hosted on GOV.UK PaaS will need to have migrated to an alternate hosting platform. |
||||||
|
|
||||||
|
Like other DLUHC services, we are moving our service directly to DLUHC-owned AWS infrastructure. |
Before Width: | Height: | Size: 144 KiB |
Loading…
Reference in new issue