From 203f2bcc35feadf4d5be7045a24248acc408ef76 Mon Sep 17 00:00:00 2001 From: Seun Ogunbiyi Date: Tue, 2 Jul 2024 16:09:43 +0100 Subject: [PATCH 1/8] Added new services and the code --- .github/PULL_REQUEST_TEMPLATE.md | 16 ++ .github/dependabot.yml | 16 ++ .github/workflows/codeql-analysis.yml | 75 +++++++ .github/workflows/copilot_deploy.yml | 161 +++++++++++++++ copilot/.workspace | 1 + .../addons/fsd-self-serve-cluster.yml | 183 ++++++++++++++++++ copilot/fsd-self-serve/manifest.yml | 109 +++++++++++ 7 files changed, 561 insertions(+) create mode 100644 .github/PULL_REQUEST_TEMPLATE.md create mode 100644 .github/dependabot.yml create mode 100644 .github/workflows/codeql-analysis.yml create mode 100644 .github/workflows/copilot_deploy.yml create mode 100644 copilot/.workspace create mode 100644 copilot/fsd-self-serve/addons/fsd-self-serve-cluster.yml create mode 100644 copilot/fsd-self-serve/manifest.yml diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md new file mode 100644 index 0000000..960d2fa --- /dev/null +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -0,0 +1,16 @@ +_Add ticket reference to Pull Request title: e.g. 'FS-123: Add content', if there is no ticket prefix with BAU_ + + +### Change description +_A brief description of the pull request_ + +- [ ] Unit tests and other appropriate tests added or updated +- [ ] README and other documentation has been updated / added (if needed) +- [ ] Commit messages are meaningful and follow good commit message guidelines (e.g. "FS-XXXX: Add margin to nav items preventing overlapping of logo") + + +### How to test +_If manual testing is needed, give suggested testing steps_ + + +### Screenshots of UI changes (if applicable) diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..759ba39 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,16 @@ +version: 2 +updates: + - package-ecosystem: "pip" + directory: "/" + schedule: + interval: "weekly" + pull-request-branch-name: + separator: "-" + rebase-strategy: "auto" + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "weekly" + pull-request-branch-name: + separator: "-" + rebase-strategy: "auto" diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml new file mode 100644 index 0000000..911728b --- /dev/null +++ b/.github/workflows/codeql-analysis.yml @@ -0,0 +1,75 @@ +# For most projects, this workflow file will not need changing; you simply need +# to commit it to your repository. +# +# You may wish to alter this file to override the set of languages analyzed, +# or to provide custom queries or build logic. +# +# ******** NOTE ******** +# We have attempted to detect the languages in your repository. Please check +# the `language` matrix defined below to confirm you have the correct set of +# supported CodeQL languages. +# +name: "CodeQL" + +on: + push: + paths-ignore: + - "**/README.md" + branches: [ main ] + pull_request: + # The branches below must be a subset of the branches above + branches: [ main ] + paths-ignore: + - "**/README.md" + + schedule: + - cron: '44 9 * * 2' + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + + strategy: + fail-fast: false + matrix: + language: [ 'python' ] + # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ] + # Learn more about CodeQL language support at https://git.io/codeql-language-support + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@v3 + with: + languages: ${{ matrix.language }} + # If you wish to specify custom queries, you can do so here or in a config file. + # By default, queries listed here will override any specified in a config file. + # Prefix the list here with "+" to use these queries and those in the config file. + # queries: ./path/to/local/query, your-org/your-repo/queries@main + + # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). + # If this step fails, then you should remove it and run the build manually (see below) + - name: Autobuild + uses: github/codeql-action/autobuild@v3 + + # ℹī¸ Command-line programs to run using the OS shell. + # 📚 https://git.io/JvXDl + + # ✏ī¸ If the Autobuild fails above, remove it and uncomment the following three lines + # and modify them (or add more) to build your code if your project + # uses a compiled language + + #- run: | + # make bootstrap + # make release + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v3 diff --git a/.github/workflows/copilot_deploy.yml b/.github/workflows/copilot_deploy.yml new file mode 100644 index 0000000..d01edcf --- /dev/null +++ b/.github/workflows/copilot_deploy.yml @@ -0,0 +1,161 @@ +name: Deploy to AWS +run-name: AWS Deploy ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.environment || (github.ref == 'refs/heads/main' && 'Dev-Test-UAT-Prod' || 'Dev') }} + +on: + workflow_dispatch: + inputs: + environment: + description: Which AWS Account to use + type: choice + required: true + options: + - dev + - test + - uat + - prod + run_performance_tests: + required: false + default: false + type: boolean + description: Run performance tests + run_e2e_tests_assessment: + required: false + default: false + type: boolean + description: Run e2e tests (assessment) + run_e2e_tests_application: + required: false + default: true + type: boolean + description: Run e2e tests (application) + push: + # Ignore README markdown and the docs folder + # Only automatically deploy when something in the app or tests folder has changed + paths: + - '!**/README.md' + - '!docs/**' + - 'app/**' + - 'config/**' + - 'tests/**' + - 'requirements-dev.in' + - 'requirements-dev.txt' + - 'requirements.in' + - 'requirements.txt' + - '.github/workflows/copilot_deploy.yml' + +jobs: + setup: + uses: communitiesuk/funding-service-design-workflows/.github/workflows/determine-jobs.yml@main + with: + environment: ${{ inputs.environment }} + + pre_deploy_tests: + uses: communitiesuk/funding-service-design-workflows/.github/workflows/pre-deploy.yml@main + with: + postgres_unit_testing: false + + paketo_build: + needs: [ setup ] + concurrency: build-frontend-pack + permissions: + packages: write + uses: communitiesuk/funding-service-design-workflows/.github/workflows/package.yml@main + with: + version_to_build: sha-${{ github.sha }} + owner: ${{ github.repository_owner }} + application: funding-service-design-frontend + assets_required: true + + dev_deploy: + needs: [ pre_deploy_tests, paketo_build, setup ] + if: ${{ contains(fromJSON(needs.setup.outputs.jobs_to_run), 'dev') }} + uses: communitiesuk/funding-service-design-workflows/.github/workflows/standard-deploy.yml@main + secrets: + AWS_ACCOUNT: ${{ secrets.AWS_ACCOUNT }} + with: + environment: dev + app_name: frontend + version: sha-${{ github.sha }} + + post_dev_deploy_tests: + needs: dev_deploy + concurrency: + group: 'fsd-preaward-dev' + cancel-in-progress: false + secrets: + FSD_GH_APP_ID: ${{ secrets.FSD_GH_APP_ID }} + FSD_GH_APP_KEY: ${{ secrets.FSD_GH_APP_KEY }} + uses: communitiesuk/funding-service-design-workflows/.github/workflows/post-deploy.yml@main + with: + run_performance_tests: ${{ inputs.run_performance_tests || true }} + run_e2e_tests_assessment: ${{ inputs.run_e2e_tests_assessment || false }} + run_e2e_tests_application: ${{ inputs.run_e2e_tests_application || false }} + app_name: frontend + environment: dev + + test_deploy: + needs: [ dev_deploy, post_dev_deploy_tests, paketo_build, setup ] + if: ${{ always() && contains(fromJSON(needs.setup.outputs.jobs_to_run), 'test') && (! contains(needs.*.result, 'failure') ) && (! contains(needs.*.result, 'cancelled') )}} + uses: communitiesuk/funding-service-design-workflows/.github/workflows/standard-deploy.yml@main + secrets: + AWS_ACCOUNT: ${{ secrets.AWS_ACCOUNT }} + with: + environment: test + app_name: frontend + version: sha-${{ github.sha }} + + post_test_deploy_tests: + needs: test_deploy + if: ${{ always() && contains(fromJSON(needs.setup.outputs.jobs_to_run), 'test') && (! contains(needs.*.result, 'failure') ) && (! contains(needs.*.result, 'cancelled') )}} + concurrency: + group: 'fsd-preaward-test' + cancel-in-progress: false + secrets: + FSD_GH_APP_ID: ${{ secrets.FSD_GH_APP_ID }} + FSD_GH_APP_KEY: ${{ secrets.FSD_GH_APP_KEY }} + uses: communitiesuk/funding-service-design-workflows/.github/workflows/post-deploy.yml@main + with: + run_performance_tests: ${{ inputs.run_performance_tests || false }} + run_e2e_tests_assessment: ${{ inputs.run_e2e_tests_assessment || false }} + run_e2e_tests_application: ${{ inputs.run_e2e_tests_application || true }} + app_name: frontend + environment: test + + uat_deploy: + needs: [ dev_deploy, post_dev_deploy_tests, test_deploy, post_test_deploy_tests, paketo_build, setup ] + if: ${{ always() && contains(fromJSON(needs.setup.outputs.jobs_to_run), 'uat') && (! contains(needs.*.result, 'failure') ) && (! contains(needs.*.result, 'cancelled') )}} + uses: communitiesuk/funding-service-design-workflows/.github/workflows/standard-deploy.yml@main + secrets: + AWS_ACCOUNT: ${{ secrets.AWS_ACCOUNT }} + with: + environment: uat + app_name: frontend + version: sha-${{ github.sha }} + + post_uat_deploy_tests: + needs: uat_deploy + if: ${{ always() && contains(fromJSON(needs.setup.outputs.jobs_to_run), 'uat') && (! contains(needs.*.result, 'failure') ) && (! contains(needs.*.result, 'cancelled') )}} + concurrency: + group: 'fsd-preaward-uat' + cancel-in-progress: false + secrets: + FSD_GH_APP_ID: ${{ secrets.FSD_GH_APP_ID }} + FSD_GH_APP_KEY: ${{ secrets.FSD_GH_APP_KEY }} + uses: communitiesuk/funding-service-design-workflows/.github/workflows/post-deploy.yml@main + with: + run_performance_tests: ${{ inputs.run_performance_tests || false }} + run_e2e_tests_assessment: ${{ inputs.run_e2e_tests_assessment || false }} + run_e2e_tests_application: ${{ inputs.run_e2e_tests_application || true }} + app_name: frontend + environment: uat + + prod_deploy: + needs: [ dev_deploy, post_dev_deploy_tests, test_deploy, post_test_deploy_tests, uat_deploy, post_uat_deploy_tests, paketo_build, setup ] + if: ${{ always() && contains(fromJSON(needs.setup.outputs.jobs_to_run), 'prod') && (! contains(needs.*.result, 'failure') ) && (! contains(needs.*.result, 'cancelled') )}} + uses: communitiesuk/funding-service-design-workflows/.github/workflows/standard-deploy.yml@main + secrets: + AWS_ACCOUNT: ${{ secrets.AWS_ACCOUNT }} + with: + environment: prod + app_name: frontend + version: sha-${{ github.sha }} diff --git a/copilot/.workspace b/copilot/.workspace new file mode 100644 index 0000000..92b2058 --- /dev/null +++ b/copilot/.workspace @@ -0,0 +1 @@ +application: pre-award diff --git a/copilot/fsd-self-serve/addons/fsd-self-serve-cluster.yml b/copilot/fsd-self-serve/addons/fsd-self-serve-cluster.yml new file mode 100644 index 0000000..7d8b7b0 --- /dev/null +++ b/copilot/fsd-self-serve/addons/fsd-self-serve-cluster.yml @@ -0,0 +1,183 @@ +Parameters: + App: + Type: String + Description: Your application's name. + Env: + Type: String + Description: The environment name your service, job, or workflow is being deployed to. + Name: + Type: String + Description: The name of the service, job, or workflow being deployed. + # Customize your Aurora Serverless cluster by setting the default value of the following parameters. + fsdselfserveclusterDBName: + Type: String + Description: The name of the initial database to be created in the Aurora Serverless v2 cluster. + Default: fsd_self_serve + # Cannot have special characters + # Naming constraints: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints +Mappings: + fsdselfserveclusterEnvScalingConfigurationMap: + All: + "DBMinCapacity": 0.5 # AllowedValues: from 0.5 through 128 + "DBMaxCapacity": 8 # AllowedValues: from 0.5 through 128 + BastionMap: + dev: + "SecurityGroup": "sg-0b6c7aabb95bf14a9" + test: + "SecurityGroup": "sg-0cf75a004dbade7b8" + uat: + "SecurityGroup": "sg-04017abfef2079894" + prod: + "SecurityGroup": "sg-08cecea8f9b8a4ec9" + +Resources: + fsdselfserveclusterDBSubnetGroup: + Type: 'AWS::RDS::DBSubnetGroup' + Properties: + DBSubnetGroupDescription: Group of Copilot private subnets for Aurora Serverless v2 cluster. + SubnetIds: + !Split [',', { 'Fn::ImportValue': !Sub '${App}-${Env}-PrivateSubnets' }] + fsdselfserveclusterSecurityGroup: + Metadata: + 'aws:copilot:description': 'A security group for your workload to access the Aurora Serverless v2 cluster fsdselfservecluster' + Type: 'AWS::EC2::SecurityGroup' + Properties: + GroupDescription: !Sub 'The Security Group for ${Name} to access Aurora Serverless v2 cluster fsdselfservecluster.' + VpcId: + Fn::ImportValue: + !Sub '${App}-${Env}-VpcId' + Tags: + - Key: Name + Value: !Sub 'copilot-${App}-${Env}-${Name}-Aurora' + fsdselfserveclusterDBClusterSecurityGroup: + Metadata: + 'aws:copilot:description': 'A security group for your Aurora Serverless v2 cluster fsdselfservecluster' + Type: AWS::EC2::SecurityGroup + Properties: + GroupDescription: The Security Group for the Aurora Serverless v2 cluster. + SecurityGroupIngress: + - ToPort: 5432 + FromPort: 5432 + IpProtocol: tcp + Description: !Sub 'From the Aurora Security Group of the workload ${Name}.' + SourceSecurityGroupId: !Ref fsdselfserveclusterSecurityGroup + - ToPort: 5432 + FromPort: 5432 + IpProtocol: tcp + Description: !Sub 'From the Bastion Security Group.' + SourceSecurityGroupId: !FindInMap [BastionMap, !Ref Env, 'SecurityGroup'] + VpcId: + Fn::ImportValue: + !Sub '${App}-${Env}-VpcId' + Tags: + - Key: Name + Value: !Sub 'copilot-${App}-${Env}-${Name}-Aurora' + fsdselfserveclusterAuroraSecret: + Metadata: + 'aws:copilot:description': 'A Secrets Manager secret to store your DB credentials' + Type: AWS::SecretsManager::Secret + Properties: + Description: !Sub Aurora main user secret for ${AWS::StackName} + GenerateSecretString: + SecretStringTemplate: '{"username": "postgres"}' + GenerateStringKey: "password" + ExcludePunctuation: true + IncludeSpace: false + PasswordLength: 16 + fsdselfserveclusterDBClusterParameterGroup: + Metadata: + 'aws:copilot:description': 'A DB parameter group for engine configuration values' + Type: 'AWS::RDS::DBClusterParameterGroup' + Properties: + Description: !Ref 'AWS::StackName' + Family: 'aurora-postgresql14' + Parameters: + client_encoding: 'UTF8' + fsdselfserveclusterDBCluster: + Metadata: + 'aws:copilot:description': 'The fsdselfservecluster Aurora Serverless v2 database cluster' + Type: 'AWS::RDS::DBCluster' + Properties: + MasterUsername: + !Join [ "", [ '{{resolve:secretsmanager:', !Ref fsdselfserveclusterAuroraSecret, ":SecretString:username}}" ]] # pragma: allowlist secret + MasterUserPassword: + !Join [ "", [ '{{resolve:secretsmanager:', !Ref fsdselfserveclusterAuroraSecret, ":SecretString:password}}" ]] # pragma: allowlist secret + DatabaseName: !Ref fsdselfserveclusterDBName + Engine: 'aurora-postgresql' + EngineVersion: '14.4' + DBClusterParameterGroupName: !Ref fsdselfserveclusterDBClusterParameterGroup + DBSubnetGroupName: !Ref fsdselfserveclusterDBSubnetGroup + Port: 5432 + StorageEncrypted: true + BackupRetentionPeriod: 8 + VpcSecurityGroupIds: + - !Ref fsdselfserveclusterDBClusterSecurityGroup + ServerlessV2ScalingConfiguration: + # Replace "All" below with "!Ref Env" to set different autoscaling limits per environment. + MinCapacity: !FindInMap [fsdselfserveclusterEnvScalingConfigurationMap, All, DBMinCapacity] + MaxCapacity: !FindInMap [fsdselfserveclusterEnvScalingConfigurationMap, All, DBMaxCapacity] + fsdselfserveclusterDBWriterInstance: + Metadata: + 'aws:copilot:description': 'The fsdselfservecluster Aurora Serverless v2 writer instance' + Type: 'AWS::RDS::DBInstance' + Properties: + DBClusterIdentifier: !Ref fsdselfserveclusterDBCluster + DBInstanceClass: db.serverless + Engine: 'aurora-postgresql' + PromotionTier: 1 + AvailabilityZone: !Select + - 0 + - !GetAZs + Ref: AWS::Region + + fsdselfserveclusterSecretAuroraClusterAttachment: + Type: AWS::SecretsManager::SecretTargetAttachment + Properties: + SecretId: !Ref fsdselfserveclusterAuroraSecret + TargetId: !Ref fsdselfserveclusterDBCluster + TargetType: AWS::RDS::DBCluster + + FormRunnerFormUploadsBucketAccessPolicy: + Type: AWS::IAM::ManagedPolicy + Properties: + PolicyDocument: + Version: "2012-10-17" + Statement: + - Sid: S3FormUploadBucketActions + Effect: Allow + Action: + - s3:Get* + - s3:List* + - s3:Describe* + - s3:PutObject + - s3:PutObjectACL + - s3:DeleteObject + - s3:ReplicateObject + Resource: + - Fn::ImportValue: !Sub ${App}-${Env}-FormUploadsBucketARN + - !Sub + - "${FullBucketARN}/*" + - FullBucketARN: + Fn::ImportValue: !Sub "${App}-${Env}-FormUploadsBucketARN" + +Outputs: + DatabaseUrl: + Description: "The URL of this database." + Value: + !Sub + - "postgres://${USERNAME}:${PASSWORD}@${HOSTNAME}:${PORT}/${DBNAME}" + - USERNAME: !Join [ "", [ '{{resolve:secretsmanager:', !Ref fsdselfserveclusterAuroraSecret, ":SecretString:username}}" ]] # pragma: allowlist secret + PASSWORD: !Join [ "", [ '{{resolve:secretsmanager:', !Ref fsdselfserveclusterAuroraSecret, ":SecretString:password}}" ]] # pragma: allowlist secret + HOSTNAME: !Join [ "", [ '{{resolve:secretsmanager:', !Ref fsdselfserveclusterAuroraSecret, ":SecretString:host}}" ]] # pragma: allowlist secret + PORT: !Join [ "", [ '{{resolve:secretsmanager:', !Ref fsdselfserveclusterAuroraSecret, ":SecretString:port}}" ]] # pragma: allowlist secret + DBNAME: !Join [ "", [ '{{resolve:secretsmanager:', !Ref fsdselfserveclusterAuroraSecret, ":SecretString:dbname}}" ]] # pragma: allowlist secret + + fsdselfserveclusterSecret: # injected as FSDselfserveCLUSTER_SECRET environment variable by Copilot. + Description: "The JSON secret that holds the database username and password. Fields are 'host', 'port', 'dbname', 'username', 'password', 'dbClusterIdentifier' and 'engine'" + Value: !Ref fsdselfserveclusterAuroraSecret + fsdselfserveclusterSecurityGroup: + Description: "The security group to attach to the workload." + Value: !Ref fsdselfserveclusterSecurityGroup + FormRunnerFormUploadsBucketAccessPolicyArn: + Description: "The ARN of the ManagedPolicy to attach to the task role." + Value: !Ref FormRunnerFormUploadsBucketAccessPolicy diff --git a/copilot/fsd-self-serve/manifest.yml b/copilot/fsd-self-serve/manifest.yml new file mode 100644 index 0000000..b7d7ffd --- /dev/null +++ b/copilot/fsd-self-serve/manifest.yml @@ -0,0 +1,109 @@ +# The manifest for the "fsd-assessment" service. +# Read the full specification for the "Load Balanced Web Service" type at: +# https://aws.github.io/copilot-cli/docs/manifest/lb-web-service/ + +# Your service name will be used in naming your resources like log groups, ECS services, etc. +name: fsd-self-serve +type: Load Balanced Web Service + +# Distribute traffic to your service. +http: + # Requests to this path will be forwarded to your service. + # To match all requests you can use the "/" path. + path: '/' + # You can specify a custom health check path. The default is "/". + healthcheck: '/healthcheck' + #alias: self-serve.${COPILOT_ENVIRONMENT_NAME}.access-funding.test.levellingup.gov.uk + +# Configuration for your containers and service. +image: + # Docker build arguments. For additional overrides: https://aws.github.io/copilot-cli/docs/manifest/lb-web-service/#image-location + location: ghcr.io/communitiesuk/funding-service-design-self-serve:latest + # Port exposed through your container to route traffic to it. + port: 8080 + +# Valid values: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-cpu-memory-error.html +# Number of CPU units for the task. +cpu: 1024 +# Amount of memory in MiB used by the task. +memory: 2048 + +# See https://aws.github.io/copilot-cli/docs/manifest/lb-web-service/#platform +platform: linux/x86_64 +# Number of tasks that should be running in your service. +count: 2 +# Enable running commands in your container. +exec: true + +network: + connect: true # Enable Service Connect for intra-environment traffic between services. + +# storage: + # readonly_fs: true # Limit to read-only access to mounted root filesystems. + +# Optional fields for more advanced use-cases. +# +# Pass environment variables as key value pairs. +# variables: +# ACCOUNT_STORE_API_HOST: "http://fsd-account-store:8080" +# APPLICANT_self-serve_HOST: "https://self-serve.${COPILOT_ENVIRONMENT_NAME}.access-funding.test.levellingup.gov.uk" +# APPLICATION_STORE_API_HOST: "http://fsd-application-store:8080" +# AUTHENTICATOR_HOST: "https://authenticator.${COPILOT_ENVIRONMENT_NAME}.access-funding.test.levellingup.gov.uk" +# COOKIE_DOMAIN: ".test.levellingup.gov.uk" +# FLASK_ENV: ${COPILOT_ENVIRONMENT_NAME} +# FORMS_SERVICE_PUBLIC_HOST: "https://forms.${COPILOT_ENVIRONMENT_NAME}.access-funding.test.levellingup.gov.uk" +# FUND_STORE_API_HOST: "http://fsd-fund-store:8080" +# NOTIFICATION_SERVICE_HOST: http://fsd-notification:8080 +# REDIS_INSTANCE_URI: +# from_cfn: ${COPILOT_APPLICATION_NAME}-${COPILOT_ENVIRONMENT_NAME}-MagicLinksRedisInstanceURI +# SENTRY_DSN: "https://3c6d2fd1e3824aecb3826a7d640b29a9@o1432034.ingest.sentry.io/4503897449103360" +# MAINTENANCE_MODE: false + +secrets: + RSA256_PUBLIC_KEY_BASE64: /copilot/${COPILOT_APPLICATION_NAME}/${COPILOT_ENVIRONMENT_NAME}/secrets/RSA256_PUBLIC_KEY_BASE64 + +# You can override any of the values defined above by environment. +# environments: +# dev: +# count: +# spot: 1 +# test: +# deployment: +# rolling: 'recreate' +# count: +# spot: 2 +# uat: +# http: +# alias: "self-serve.${COPILOT_ENVIRONMENT_NAME}.access-funding.test.levellingup.gov.uk" +# count: +# range: 2-4 +# cooldown: +# in: 60s +# out: 30s +# cpu_percentage: +# value: 70 +# memory_percentage: +# value: 80 +# requests: 30 +# response_time: 2s +# prod: +# http: +# alias: ["self-serve.prod.access-funding.levellingup.gov.uk", "self-serve.access-funding.levellingup.gov.uk"] +# hosted_zone: Z0686469NF3ZJTU9I02M +# variables: +# COOKIE_DOMAIN: ".levellingup.gov.uk" +# AUTHENTICATOR_HOST: "https://authenticator.access-funding.levellingup.gov.uk" +# APPLICANT_self-serve_HOST: "https://self-serve.access-funding.levellingup.gov.uk" +# ASSESSMENT_self-serve_HOST: "https://assessment.access-funding.levellingup.gov.uk" +# FORMS_SERVICE_PUBLIC_HOST: "https://forms.access-funding.levellingup.gov.uk" +# FLASK_ENV: production +# count: +# range: 2-4 +# cooldown: +# in: 60s +# out: 30s +# cpu_percentage: +# value: 70 +# memory_percentage: +# value: 80 +# requests: 30 From 97ad923ac8c323c9b7046fc2c7b0b922cc4f0c7b Mon Sep 17 00:00:00 2001 From: Seun Ogunbiyi Date: Tue, 2 Jul 2024 16:55:13 +0100 Subject: [PATCH 2/8] edited the manifest file --- copilot/fsd-self-serve/manifest.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/copilot/fsd-self-serve/manifest.yml b/copilot/fsd-self-serve/manifest.yml index b7d7ffd..cb265ea 100644 --- a/copilot/fsd-self-serve/manifest.yml +++ b/copilot/fsd-self-serve/manifest.yml @@ -18,7 +18,8 @@ http: # Configuration for your containers and service. image: # Docker build arguments. For additional overrides: https://aws.github.io/copilot-cli/docs/manifest/lb-web-service/#image-location - location: ghcr.io/communitiesuk/funding-service-design-self-serve:latest + build: Dockerfile + #location: ghcr.io/communitiesuk/funding-service-design-self-serve:latest # Port exposed through your container to route traffic to it. port: 8080 From 169a20393e8b704e9b326ab0fb07df4e4835099e Mon Sep 17 00:00:00 2001 From: Seun Ogunbiyi Date: Mon, 8 Jul 2024 12:28:09 +0100 Subject: [PATCH 3/8] edited --- copilot/fsd-self-serve/manifest.yml | 21 ++++++++++----------- 1 file changed, 10 insertions(+), 11 deletions(-) diff --git a/copilot/fsd-self-serve/manifest.yml b/copilot/fsd-self-serve/manifest.yml index cb265ea..6d41de2 100644 --- a/copilot/fsd-self-serve/manifest.yml +++ b/copilot/fsd-self-serve/manifest.yml @@ -18,8 +18,7 @@ http: # Configuration for your containers and service. image: # Docker build arguments. For additional overrides: https://aws.github.io/copilot-cli/docs/manifest/lb-web-service/#image-location - build: Dockerfile - #location: ghcr.io/communitiesuk/funding-service-design-self-serve:latest + location: ghcr.io/communitiesuk/fsd-base-dev/frontend:sha-68d9e31a4ff4adc9b5ead035e1a82203ec93d919 # Port exposed through your container to route traffic to it. port: 8080 @@ -64,15 +63,15 @@ secrets: RSA256_PUBLIC_KEY_BASE64: /copilot/${COPILOT_APPLICATION_NAME}/${COPILOT_ENVIRONMENT_NAME}/secrets/RSA256_PUBLIC_KEY_BASE64 # You can override any of the values defined above by environment. -# environments: -# dev: -# count: -# spot: 1 -# test: -# deployment: -# rolling: 'recreate' -# count: -# spot: 2 +environments: + dev: + count: + spot: 1 + test: + deployment: + rolling: 'recreate' + count: + spot: 2 # uat: # http: # alias: "self-serve.${COPILOT_ENVIRONMENT_NAME}.access-funding.test.levellingup.gov.uk" From fb834a74202a7c851488f40455d8d2161bb78007 Mon Sep 17 00:00:00 2001 From: Seun Ogunbiyi Date: Thu, 18 Jul 2024 09:19:20 +0100 Subject: [PATCH 4/8] edited the files --- .github/workflows/copilot_deploy.yml | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/.github/workflows/copilot_deploy.yml b/.github/workflows/copilot_deploy.yml index d01edcf..0e29d43 100644 --- a/.github/workflows/copilot_deploy.yml +++ b/.github/workflows/copilot_deploy.yml @@ -56,14 +56,13 @@ jobs: paketo_build: needs: [ setup ] - concurrency: build-frontend-pack permissions: packages: write uses: communitiesuk/funding-service-design-workflows/.github/workflows/package.yml@main with: version_to_build: sha-${{ github.sha }} owner: ${{ github.repository_owner }} - application: funding-service-design-frontend + application: funding-service-design-self-serve assets_required: true dev_deploy: @@ -74,7 +73,7 @@ jobs: AWS_ACCOUNT: ${{ secrets.AWS_ACCOUNT }} with: environment: dev - app_name: frontend + app_name: self-serve version: sha-${{ github.sha }} post_dev_deploy_tests: @@ -90,7 +89,7 @@ jobs: run_performance_tests: ${{ inputs.run_performance_tests || true }} run_e2e_tests_assessment: ${{ inputs.run_e2e_tests_assessment || false }} run_e2e_tests_application: ${{ inputs.run_e2e_tests_application || false }} - app_name: frontend + app_name: self-serve environment: dev test_deploy: @@ -101,7 +100,7 @@ jobs: AWS_ACCOUNT: ${{ secrets.AWS_ACCOUNT }} with: environment: test - app_name: frontend + app_name: self-serve version: sha-${{ github.sha }} post_test_deploy_tests: @@ -118,7 +117,7 @@ jobs: run_performance_tests: ${{ inputs.run_performance_tests || false }} run_e2e_tests_assessment: ${{ inputs.run_e2e_tests_assessment || false }} run_e2e_tests_application: ${{ inputs.run_e2e_tests_application || true }} - app_name: frontend + app_name: self-serve environment: test uat_deploy: @@ -129,7 +128,7 @@ jobs: AWS_ACCOUNT: ${{ secrets.AWS_ACCOUNT }} with: environment: uat - app_name: frontend + app_name: self-serve version: sha-${{ github.sha }} post_uat_deploy_tests: @@ -146,7 +145,7 @@ jobs: run_performance_tests: ${{ inputs.run_performance_tests || false }} run_e2e_tests_assessment: ${{ inputs.run_e2e_tests_assessment || false }} run_e2e_tests_application: ${{ inputs.run_e2e_tests_application || true }} - app_name: frontend + app_name: self-serve environment: uat prod_deploy: @@ -157,5 +156,5 @@ jobs: AWS_ACCOUNT: ${{ secrets.AWS_ACCOUNT }} with: environment: prod - app_name: frontend + app_name: self-serve version: sha-${{ github.sha }} From 0ad4fe7cae95601e1163d7e8278d27c38293ce2a Mon Sep 17 00:00:00 2001 From: Seun Ogunbiyi Date: Thu, 18 Jul 2024 10:08:35 +0100 Subject: [PATCH 5/8] edited the flag --- .github/workflows/copilot_deploy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/copilot_deploy.yml b/.github/workflows/copilot_deploy.yml index 0e29d43..f9b3315 100644 --- a/.github/workflows/copilot_deploy.yml +++ b/.github/workflows/copilot_deploy.yml @@ -63,7 +63,7 @@ jobs: version_to_build: sha-${{ github.sha }} owner: ${{ github.repository_owner }} application: funding-service-design-self-serve - assets_required: true + assets_required: false dev_deploy: needs: [ pre_deploy_tests, paketo_build, setup ] From b2beec0a2474752d894799a378eabe82fa2d3613 Mon Sep 17 00:00:00 2001 From: Sarah Sloan Date: Thu, 18 Jul 2024 09:26:19 +0000 Subject: [PATCH 6/8] fix unit tests --- .github/workflows/copilot_deploy.yml | 3 ++- config/envs/unit_test.py | 5 ++++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/.github/workflows/copilot_deploy.yml b/.github/workflows/copilot_deploy.yml index f9b3315..769f6e5 100644 --- a/.github/workflows/copilot_deploy.yml +++ b/.github/workflows/copilot_deploy.yml @@ -52,7 +52,8 @@ jobs: pre_deploy_tests: uses: communitiesuk/funding-service-design-workflows/.github/workflows/pre-deploy.yml@main with: - postgres_unit_testing: false + postgres_unit_testing: true + db_name: fab_unit_test paketo_build: needs: [ setup ] diff --git a/config/envs/unit_test.py b/config/envs/unit_test.py index 0703936..8d6177b 100644 --- a/config/envs/unit_test.py +++ b/config/envs/unit_test.py @@ -1,4 +1,5 @@ import logging +from os import getenv from fsd_utils import configclass @@ -11,4 +12,6 @@ class UnitTestConfig(Config): # Logging FSD_LOG_LEVEL = logging.DEBUG - SQLALCHEMY_DATABASE_URI = "postgresql://postgres:password@fab-db:5432/fab_unit_test" # pragma: allowlist secret + SQLALCHEMY_DATABASE_URI = getenv( + "DATABASE_URL", "postgresql://postgres:password@fab-db:5432/fab_unit_test" # pragma: allowlist secret + ) From 6cdb8baa686e0357be6b56730938bab7e433fd96 Mon Sep 17 00:00:00 2001 From: Sarah Sloan Date: Thu, 18 Jul 2024 09:29:49 +0000 Subject: [PATCH 7/8] default db url --- config/envs/unit_test.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/envs/unit_test.py b/config/envs/unit_test.py index 8d6177b..526846e 100644 --- a/config/envs/unit_test.py +++ b/config/envs/unit_test.py @@ -13,5 +13,5 @@ class UnitTestConfig(Config): FSD_LOG_LEVEL = logging.DEBUG SQLALCHEMY_DATABASE_URI = getenv( - "DATABASE_URL", "postgresql://postgres:password@fab-db:5432/fab_unit_test" # pragma: allowlist secret + "DATABASE_URL", "postgresql://postgres:postgres@127.0.0.1:5432/fab_unit_test" # pragma: allowlist secret ) From cda551eba9cc39fb50430e50e33592ba15b48edd Mon Sep 17 00:00:00 2001 From: Seun Ogunbiyi Date: Thu, 18 Jul 2024 10:49:40 +0100 Subject: [PATCH 8/8] added the latest image --- copilot/fsd-self-serve/manifest.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/copilot/fsd-self-serve/manifest.yml b/copilot/fsd-self-serve/manifest.yml index 6d41de2..e583b78 100644 --- a/copilot/fsd-self-serve/manifest.yml +++ b/copilot/fsd-self-serve/manifest.yml @@ -18,7 +18,7 @@ http: # Configuration for your containers and service. image: # Docker build arguments. For additional overrides: https://aws.github.io/copilot-cli/docs/manifest/lb-web-service/#image-location - location: ghcr.io/communitiesuk/fsd-base-dev/frontend:sha-68d9e31a4ff4adc9b5ead035e1a82203ec93d919 + location: ghcr.io/communitiesuk/funding-service-design-self-serve:sha-6cdb8baa686e0357be6b56730938bab7e433fd96 # Port exposed through your container to route traffic to it. port: 8080