Skip to content

Commit

Permalink
provision aws resources (#41)
Browse files Browse the repository at this point in the history 
* provision aws resources

* fix
  • Loading branch information
@khanzadimahdi
khanzadimahdi authored Dec 28, 2024
1 parent a8550f4 commit 39e3e46
Show file tree
Hide file tree
Showing 18 changed files with 921 additions and 116 deletions.
104 changes: 54 additions & 50 deletions .github/workflows/backend.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,10 @@ on:
- .github/**
- backend/**

defaults:
run:
working-directory: ./backend

env:
REGISTRY: ghcr.io
IMAGE_NAME: backend
Expand All @@ -30,7 +34,7 @@ jobs:

- name: Run unit tests
run: |
cd ./backend && go test ./... -v -race -cover
go test ./... -v -race -cover
- name: Provide image name and version
run: |
Expand All @@ -41,52 +45,52 @@ jobs:
- name: Build image
run: |
cd ./backend && docker build . --file Dockerfile --target production --tag $IMAGE_ID:$IMAGE_VERSION --tag $IMAGE_ID:latest
cd:
runs-on: ubuntu-latest

# This job will be invoked only on default branch
if: ${{ always() && format('refs/heads/{0}', github.event.repository.default_branch) == github.ref }}

permissions:
packages: write
contents: read

needs:
- ci

steps:
- name: Checkout code
uses: actions/checkout@v4

- name: Provide image name and version
run: |
IMAGE_ID=$(echo $REGISTRY/${{ github.repository_owner }}/$IMAGE_NAME | tr '[A-Z]' '[a-z]')
IMAGE_VERSION=${{ github.sha }}
echo "IMAGE_ID=$IMAGE_ID" >> "$GITHUB_ENV"
echo "IMAGE_VERSION=$IMAGE_VERSION" >> "$GITHUB_ENV"
- name: Build image
run: |
cd ./backend && docker build . --file Dockerfile --target production --tag $IMAGE_ID:$IMAGE_VERSION --tag $IMAGE_ID:latest
- name: Log in to registry
run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin

- name: Push image
run: |
docker push $IMAGE_ID:$IMAGE_VERSION
docker push $IMAGE_ID:latest
- uses: actions/setup-node@v3
with:
node-version: "18"

- name: deploy to production
env:
LIARA_TOKEN: ${{ secrets.LIARA_API_TOKEN }}
LIARA_BACKEND_APP_NAME: ${{secrets.LIARA_BACKEND_APP_NAME}}
run: |
npm i -g @liara/cli@7
liara deploy --image $IMAGE_ID:$IMAGE_VERSION --platform=docker --port="80" --app="$LIARA_BACKEND_APP_NAME" --api-token="$LIARA_TOKEN" --detach
docker build . --file Dockerfile --target production --tag $IMAGE_ID:$IMAGE_VERSION --tag $IMAGE_ID:latest
# cd:
# runs-on: ubuntu-latest

# # This job will be invoked only on default branch
# if: ${{ always() && format('refs/heads/{0}', github.event.repository.default_branch) == github.ref }}

# permissions:
# packages: write
# contents: read

# needs:
# - ci

# steps:
# - name: Checkout code
# uses: actions/checkout@v4

# - name: Provide image name and version
# run: |
# IMAGE_ID=$(echo $REGISTRY/${{ github.repository_owner }}/$IMAGE_NAME | tr '[A-Z]' '[a-z]')
# IMAGE_VERSION=${{ github.sha }}
# echo "IMAGE_ID=$IMAGE_ID" >> "$GITHUB_ENV"
# echo "IMAGE_VERSION=$IMAGE_VERSION" >> "$GITHUB_ENV"

# - name: Build image
# run: |
# docker build . --file Dockerfile --target production --tag $IMAGE_ID:$IMAGE_VERSION --tag $IMAGE_ID:latest

# - name: Log in to registry
# run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin

# - name: Push image
# run: |
# docker push $IMAGE_ID:$IMAGE_VERSION
# docker push $IMAGE_ID:latest

# - uses: actions/setup-node@v3
# with:
# node-version: "18"

# - name: deploy to production
# env:
# LIARA_TOKEN: ${{ secrets.LIARA_API_TOKEN }}
# LIARA_BACKEND_APP_NAME: ${{secrets.LIARA_BACKEND_APP_NAME}}
# run: |
# npm i -g @liara/cli@7
# liara deploy --image $IMAGE_ID:$IMAGE_VERSION --platform=docker --port="80" --app="$LIARA_BACKEND_APP_NAME" --api-token="$LIARA_TOKEN" --detach
102 changes: 53 additions & 49 deletions .github/workflows/frontend.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,10 @@ on:
- .github/**
- frontend/**

defaults:
run:
working-directory: ./frontend

env:
REGISTRY: ghcr.io
IMAGE_NAME: frontend
Expand All @@ -36,52 +40,52 @@ jobs:
- name: Build image
run: |
cd ./frontend && docker build . --file Dockerfile --target production --tag $IMAGE_ID:$IMAGE_VERSION --tag $IMAGE_ID:latest
cd:
runs-on: ubuntu-latest

# This job will be invoked only on default branch
if: ${{ always() && format('refs/heads/{0}', github.event.repository.default_branch) == github.ref }}

permissions:
packages: write
contents: read

needs:
- ci

steps:
- name: Checkout code
uses: actions/checkout@v4

- name: Provide image name and version
run: |
IMAGE_ID=$(echo $REGISTRY/${{ github.repository_owner }}/$IMAGE_NAME | tr '[A-Z]' '[a-z]')
IMAGE_VERSION=${{ github.sha }}
echo "IMAGE_ID=$IMAGE_ID" >> "$GITHUB_ENV"
echo "IMAGE_VERSION=$IMAGE_VERSION" >> "$GITHUB_ENV"
- name: Build image
run: |
cd ./frontend && docker build . --file Dockerfile --target production --tag $IMAGE_ID:$IMAGE_VERSION --tag $IMAGE_ID:latest
- name: Log in to registry
run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin

- name: Push image
run: |
docker push $IMAGE_ID:$IMAGE_VERSION
docker push $IMAGE_ID:latest
- uses: actions/setup-node@v3
with:
node-version: "18"

- name: deploy to production
env:
LIARA_TOKEN: ${{ secrets.LIARA_API_TOKEN }}
LIARA_FRONTEND_APP_NAME: ${{secrets.LIARA_FRONTEND_APP_NAME}}
run: |
npm i -g @liara/cli@7
liara deploy --image $IMAGE_ID:$IMAGE_VERSION --platform=docker --port="3000" --app="$LIARA_FRONTEND_APP_NAME" --api-token="$LIARA_TOKEN" --detach
docker build . --file Dockerfile --target production --tag $IMAGE_ID:$IMAGE_VERSION --tag $IMAGE_ID:latest
# cd:
# runs-on: ubuntu-latest

# # This job will be invoked only on default branch
# if: ${{ always() && format('refs/heads/{0}', github.event.repository.default_branch) == github.ref }}

# permissions:
# packages: write
# contents: read

# needs:
# - ci

# steps:
# - name: Checkout code
# uses: actions/checkout@v4

# - name: Provide image name and version
# run: |
# IMAGE_ID=$(echo $REGISTRY/${{ github.repository_owner }}/$IMAGE_NAME | tr '[A-Z]' '[a-z]')
# IMAGE_VERSION=${{ github.sha }}
# echo "IMAGE_ID=$IMAGE_ID" >> "$GITHUB_ENV"
# echo "IMAGE_VERSION=$IMAGE_VERSION" >> "$GITHUB_ENV"

# - name: Build image
# run: |
# docker build . --file Dockerfile --target production --tag $IMAGE_ID:$IMAGE_VERSION --tag $IMAGE_ID:latest

# - name: Log in to registry
# run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin

# - name: Push image
# run: |
# docker push $IMAGE_ID:$IMAGE_VERSION
# docker push $IMAGE_ID:latest

# - uses: actions/setup-node@v3
# with:
# node-version: "18"

# - name: deploy to production
# env:
# LIARA_TOKEN: ${{ secrets.LIARA_API_TOKEN }}
# LIARA_FRONTEND_APP_NAME: ${{secrets.LIARA_FRONTEND_APP_NAME}}
# run: |
# npm i -g @liara/cli@7
# liara deploy --image $IMAGE_ID:$IMAGE_VERSION --platform=docker --port="3000" --app="$LIARA_FRONTEND_APP_NAME" --api-token="$LIARA_TOKEN" --detach
147 changes: 147 additions & 0 deletions .github/workflows/infrastructure.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,147 @@
name: Infrastructure CI and CD
on:
push:
branches:
- main
paths:
- .github/**
- infrastructure/**
pull_request:
paths:
- .github/**
- infrastructure/**

defaults:
run:
working-directory: ./infrastructure

env:
TF_VAR_project_name: tarhche
TF_VAR_instance_name: backend

EC2_SSH_ADDRESS: ${{ secrets.EC2_SSH_ADDRESS }}

jobs:
ci:
runs-on: ubuntu-latest

steps:
- name: Checkout
uses: actions/checkout@v3

- name: Set up AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.AWS_REGION }}

- name: Setup Terraform
uses: hashicorp/setup-terraform@v3

- name: Terraform Format
id: fmt
run: terraform fmt -check

- name: Terraform Init
id: init
run: terraform init

- name: Terraform Validate
id: validate
run: terraform validate -no-color

- name: Terraform Plan
run: terraform plan -no-color -input=false
continue-on-error: false

cd:
runs-on: ubuntu-latest

# This job will be invoked only on default branch
if: ${{ always() && format('refs/heads/{0}', github.event.repository.default_branch) == github.ref }}

needs:
- ci

steps:
- name: Checkout
uses: actions/checkout@v3

- name: Set up AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.AWS_REGION }}

- name: Setup Terraform
uses: hashicorp/setup-terraform@v3

- name: Terraform Apply
run: terraform apply -auto-approve -input=false
continue-on-error: false

- name: Deploy services
run: |
# setup ssh key
echo "${{ secrets.EC2_SSH_PRIVATE_KEY }}" | base64 --decode > ~/ec2-key.pem
chmod 400 ~/ec2-key.pem
# copy files
scp -i ~/ec2-key.pem -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null ./* ubuntu@${{ secrets.EC2_PUBLIC_IP }}:/opt/deployment/
# connect and deploy services
ssh -i ~/ec2-key.pem -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null ubuntu@${{ secrets.EC2_PUBLIC_IP }} << 'EOF'
VOLUME_PATH="${{ secrets.VOLUME_PATH }}"
MONGO_USERNAME="${{ secrets.MONGO_USERNAME }}"
MONGO_PASSWORD="${{ secrets.MONGO_PASSWORD }}"
DASHBOARD_MONGO_USERNAME="${{ secrets.DASHBOARD_MONGO_USERNAME }}"
DASHBOARD_MONGO_PASSWORD="${{ secrets.DASHBOARD_MONGO_PASSWORD }}"
DASHBOARD_MONGO_MONGODB_URL="mongodb://${{ secrets.MONGO_USERNAME }}:${{ secrets.MONGO_PASSWORD }}@mongodb:27017"
BACKEND_NATS_URL="${{ secrets.BACKEND_NATS_URL }}"
BACKEND_PRIVATE_KEY="${{ secrets.BACKEND_PRIVATE_KEY }}"
BACKEND_MONGO_HOST="mongodb"
BACKEND_MONGO_PORT="27017"
BACKEND_MONGO_SCHEME="mongodb"
BACKEND_MONGO_DATABASE_NAME="${{ secrets.BACKEND_MONGO_DATABASE_NAME }}"
BACKEND_MONGO_USERNAME="${{ secrets.MONGO_USERNAME }}"
BACKEND_MONGO_PASSWORD="${{ secrets.MONGO_PASSWORD }}"
BACKEND_MAIL_SMTP_PASSWORD="${{ secrets.BACKEND_MAIL_SMTP_PASSWORD }}"
BACKEND_MAIL_SMTP_HOST="${{ secrets.BACKEND_MAIL_SMTP_HOST }}"
BACKEND_MAIL_SMTP_FROM="${{ secrets.BACKEND_MAIL_SMTP_FROM }}"
BACKEND_MAIL_SMTP_USERNAME="${{ secrets.BACKEND_MAIL_SMTP_USERNAME }}"
BACKEND_MAIL_SMTP_PORT="${{ secrets.BACKEND_MAIL_SMTP_PORT }}"
BACKEND_S3_ENDPOINT="${{ secrets.BACKEND_S3_ENDPOINT }}"
BACKEND_S3_SECRET_KEY="${{ secrets.BACKEND_S3_SECRET_KEY }}"
BACKEND_S3_ACCESS_KEY="${{ secrets.BACKEND_S3_ACCESS_KEY }}"
BACKEND_S3_USE_SSL="${{ secrets.BACKEND_S3_USE_SSL }}"
BACKEND_S3_BUCKET_NAME="${{ secrets.BACKEND_S3_BUCKET_NAME }}"
APP_IMAGE="${{ secrets.APP_IMAGE }}"
PORTAINER_ADMIN_PASSWORD="${{ secrets.PORTAINER_ADMIN_PASSWORD }}"
FRONTEND_IMAGE="${{ secrets.FRONTEND_IMAGE }}"
NEXT_PUBLIC_EXTERNAL_BACKEND_BASE_URL="${{ secrets.NEXT_PUBLIC_EXTERNAL_BACKEND_BASE_URL }}"
INTERNAL_BACKEND_BASE_URL="${{ secrets.INTERNAL_BACKEND_BASE_URL }}"
NEXT_PUBLIC_FILES_BASE_URL="${{ secrets.NEXT_PUBLIC_FILES_BASE_URL }}"
# Run Docker Compose
cd /opt/deployment/
docker compose \
-f compose.mongodb.yaml \
-f compose.nats.yaml \
-f compose.docker.yaml \
-f compose.backend.yaml \
-f compose.frontend.yaml \
-f compose.proxy.yaml \
up -d
EOF
3 changes: 2 additions & 1 deletion .gitignore
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
.idea
.DS_Store
.vscode
.idea

/private
/private.pub
1 change: 1 addition & 0 deletions backend/.gitignore
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
.DS_Store
.vscode
.idea
/tmp
Loading

0 comments on commit 39e3e46

Please sign in to comment.