Skip to content

Commit e8ce28b

Browse files
davidsmejiadavidsmejia
authored
Merge pull request #994 from AlexsLemonade/dev
Production Deploy
2 parents 273a692 + 4dea7a9 commit e8ce28b

File tree

8 files changed

+84
-40
lines changed

8 files changed

+84
-40
lines changed

infrastructure/api.tf

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -50,9 +50,7 @@ resource "aws_instance" "api_server_1" {
5050
database_host = aws_db_instance.postgres_db.address
5151
database_port = aws_db_instance.postgres_db.port
5252
database_user = aws_db_instance.postgres_db.username
53-
database_name = aws_db_instance.postgres_db.name
54-
# TODO: enable after upgrade
55-
# database_name = aws_db_instance.postgres_db.db_name
53+
database_name = aws_db_instance.postgres_db.db_name
5654
database_password = var.database_password
5755
# TODO: enable batch
5856
# aws_batch_job_queue_name = module.batch.job_queue_name

infrastructure/database.tf

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -35,9 +35,7 @@ resource "aws_db_instance" "postgres_db" {
3535
engine_version = "12.19"
3636
auto_minor_version_upgrade = false
3737
instance_class = var.database_instance_type
38-
name = "scpca_portal"
39-
# TODO: replace db_name with name after upgrade
40-
# db_name = "scpca_portal"
38+
db_name = "scpca_portal"
4139
port = "5432"
4240
username = "scpcapostgresuser"
4341
password = var.database_password

infrastructure/deploy.py

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,7 @@
88
import time
99

1010
from init_terraform import init_terraform
11+
from replace_provider import replace_provider
1112

1213
PRIVATE_KEY_FILE_PATH = "scpca-portal-key.pem"
1314
PUBLIC_KEY_FILE_PATH = "scpca-portal-key.pub"
@@ -240,6 +241,11 @@ def restart_api_if_still_running(args, api_ip_address):
240241
if init_code != 0:
241242
exit(init_code)
242243

244+
replace_provider_code = replace_provider("hashicorp", "aws")
245+
246+
if replace_provider_code != 0:
247+
exit(replace_provider_code)
248+
243249
terraform_code, terraform_output = run_terraform(args)
244250
if terraform_code != 0:
245251
exit(terraform_code)

infrastructure/provider.tf

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,9 @@
11
terraform {
22
required_providers {
33
aws = {
4-
source = "-/aws"
4+
source = "hashicorp/aws"
55
version = ">= 4.9.0, < 5.0.0"
6+
# version = "~> 5.0.0"
67
}
78
}
89
required_version = "0.13.0"

infrastructure/replace_provider.py

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,28 @@
1+
import signal
2+
import subprocess
3+
4+
5+
def replace_provider(org, provider):
6+
"""
7+
Replaces the aws provider.
8+
Takes an org name, and a provider,
9+
and changes the terraform state to use the new qualified provider.
10+
"""
11+
12+
# Make sure that Terraform is allowed to shut down gracefully.
13+
try:
14+
command = [
15+
"terraform",
16+
"state",
17+
"replace-provider",
18+
"-auto-approve",
19+
f"registry.terraform.io/-/{provider}",
20+
f"registry.terraform.io/{org}/{provider}",
21+
]
22+
terraform_process = subprocess.Popen(command)
23+
terraform_process.wait()
24+
except KeyboardInterrupt:
25+
terraform_process.send_signal(signal.SIGINT)
26+
terraform_process.wait()
27+
28+
return terraform_process.returncode

infrastructure/s3.tf

Lines changed: 23 additions & 30 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,5 @@
11
resource "aws_s3_bucket" "scpca_portal_bucket" {
22
bucket = "scpca-portal-${var.user}-${var.stage}"
3-
# TODO: remove this when upgrading aws_provider version
4-
acl = "private"
53
force_destroy = var.stage == "prod" ? false : true
64

75
tags = merge(
@@ -13,21 +11,19 @@ resource "aws_s3_bucket" "scpca_portal_bucket" {
1311
)
1412
}
1513

16-
# TODO: enable after upgrade
17-
# resource "aws_s3_bucket_ownership_controls" "scpca_portal_bucket" {
18-
# bucket = aws_s3_bucket.scpca_portal_bucket.id
19-
# rule {
20-
# object_ownership = "BucketOwnerPreferred"
21-
# }
22-
#}
14+
resource "aws_s3_bucket_ownership_controls" "scpca_portal_bucket" {
15+
bucket = aws_s3_bucket.scpca_portal_bucket.id
16+
rule {
17+
object_ownership = "BucketOwnerPreferred"
18+
}
19+
}
2320

24-
# TODO: enable after upgrade
25-
# resource "aws_s3_bucket_acl" "scpca_portal_bucket" {
26-
# depends_on = [aws_s3_bucket_ownership_controls.scpca_portal_bucket]
27-
#
28-
# bucket = aws_s3_bucket.scpca_portal_bucket.id
29-
# acl = "private"
30-
#}
21+
resource "aws_s3_bucket_acl" "scpca_portal_bucket" {
22+
depends_on = [aws_s3_bucket_ownership_controls.scpca_portal_bucket]
23+
24+
bucket = aws_s3_bucket.scpca_portal_bucket.id
25+
acl = "private"
26+
}
3127

3228
resource "aws_s3_bucket_public_access_block" "scpca_portal_bucket" {
3329
bucket = aws_s3_bucket.scpca_portal_bucket.id
@@ -38,8 +34,6 @@ resource "aws_s3_bucket_public_access_block" "scpca_portal_bucket" {
3834

3935
resource "aws_s3_bucket" "scpca_portal_cert_bucket" {
4036
bucket = "scpca-portal-cert-${var.user}-${var.stage}"
41-
# TODO: remove this when upgrading aws_provider version
42-
acl = "private"
4337
force_destroy = var.stage == "prod" ? false : true
4438

4539
# TODO: remove lifecycle rule when we upgrade aws_provider version
@@ -63,19 +57,18 @@ resource "aws_s3_bucket" "scpca_portal_cert_bucket" {
6357
)
6458
}
6559

66-
# TODO: enable after upgrade
67-
# resource "aws_s3_bucket_ownership_controls" "scpca_portal_cert_bucket" {
68-
# bucket = aws_s3_bucket.scpca_portal_cert_bucket.id
69-
# rule {
70-
# object_ownership = "BucketOwnerPreferred"
71-
# }
72-
#}
60+
resource "aws_s3_bucket_ownership_controls" "scpca_portal_cert_bucket" {
61+
bucket = aws_s3_bucket.scpca_portal_cert_bucket.id
62+
rule {
63+
object_ownership = "BucketOwnerPreferred"
64+
}
65+
}
7366

74-
# resource "aws_s3_bucket_acl" "scpca_portal_cert_bucket" {
75-
# depends_on = [aws_s3_bucket_ownership_controls.scpca_portal_cert_bucket]
76-
# bucket = aws_s3_bucket.scpca_portal_cert_bucket.id
77-
# acl = "private"
78-
#}
67+
resource "aws_s3_bucket_acl" "scpca_portal_cert_bucket" {
68+
depends_on = [aws_s3_bucket_ownership_controls.scpca_portal_cert_bucket]
69+
bucket = aws_s3_bucket.scpca_portal_cert_bucket.id
70+
acl = "private"
71+
}
7972

8073
# resource "aws_s3_bucket_lifecycle_configuration" "scpca_portal_cert_bucket" {
8174
# bucket = aws_s3_bucket.scpca_portal_cert_bucket.id

infrastructure/unlock_state.py

Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,22 @@
1+
import signal
2+
import subprocess
3+
4+
5+
def unlock_state(lock_id):
6+
"""
7+
Replaces the aws provider.
8+
Takes an org name, and a provider,
9+
and changes the terraform state to use the new qualified provider.
10+
"""
11+
12+
# Make sure that Terraform is allowed to shut down gracefully.
13+
try:
14+
command = ["terraform", "force-unlock", "-force", lock_id]
15+
terraform_process = subprocess.Popen(command)
16+
terraform_process.wait()
17+
except KeyboardInterrupt:
18+
terraform_process.send_signal(signal.SIGINT)
19+
terraform_process.wait()
20+
21+
# ignore error
22+
return 1

infrastructure/variables.tf

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -71,9 +71,7 @@ variable "ssh_public_key" {
7171
output "environment_variables" {
7272
value = [
7373
{name = "DATABASE_NAME"
74-
value = aws_db_instance.postgres_db.name},
75-
# TODO: replace db_name with name after upgrade
76-
# value = aws_db_instance.postgres_db.db_name},
74+
value = aws_db_instance.postgres_db.db_name},
7775
{name = "DATABASE_HOST"
7876
value = aws_db_instance.postgres_db.address},
7977
{name = "DATABASE_USER"

0 commit comments

Comments
 (0)