Added API deployment to AWS

alliance-genome · May 23, 2024 · 95b1450 · 95b1450
1 parent a70699b
commit 95b1450
Show file tree

Hide file tree

Showing 3 changed files with 73 additions and 6 deletions.
diff --git a/.github/workflows/PR-validation.yml b/.github/workflows/PR-validation.yml
@@ -425,4 +425,4 @@ jobs:
         role-session-name: gh-actions-${{github.run_id}}.${{github.run_number}}.${{github.run_attempt}}-cdk-test
         aws-region: us-east-1
     - name: Validate production CDK stack code
-      run: make validate
+      run: make validate-all
diff --git a/.github/workflows/main-build-and-deploy.yml b/.github/workflows/main-build-and-deploy.yml
@@ -79,7 +79,7 @@ jobs:
         role-session-name: gh-actions-${{github.run_id}}.${{github.run_number}}.${{github.run_attempt}}-cdk-deploy
         aws-region: us-east-1
     - name: CDK validations (resource assertions and cdk diff)
-      run: make validate
+      run: make validate-image-stack
     - name: cdk deploy
       run: cdk deploy PaviApiImageRepoCdkStack --require-approval never
   pipeline-seq-retrieval-build-and-push-docker-image:
@@ -189,3 +189,50 @@ jobs:
           ${{ steps.login-ecr.outputs.registry }}/agr_pavi/api:${{ env.tagname }}
           ${{ steps.login-ecr.outputs.registry }}/agr_pavi/api:${{ github.event.pull_request.base.ref }}
         platforms: linux/amd64
+  api-deploy-application:
+    name: Deploy application (version) for API
+    needs:
+      - on-merge-and-deploy
+      - api-build-and-push-docker-image
+      - pipeline-alignment-build-and-push-docker-image
+      - pipeline-seq-retrieval-build-and-push-docker-image
+    permissions:
+      id-token: write # This is required for requesting the JWT for gaining permissions to assume the IAM role to perform AWS actions
+    runs-on: ubuntu-22.04
+    defaults:
+      run:
+        working-directory: api/aws_infra
+    steps:
+    - name: Check out repository code
+      uses: actions/checkout@v4
+      with:
+        fetch-depth: 0
+    - name: Store release tag in env
+      shell: bash
+      run: |
+        echo "tagname=$(git describe --tags)" >> $GITHUB_ENV
+    - name: Setup node.js (CDK requirement)
+      uses: actions/setup-node@v4
+      with:
+        node-version: "18"
+    - name: Install CDK
+      run: npm install -g aws-cdk
+    - name: Setup Python
+      uses: actions/setup-python@v5
+      with:
+        python-version: "3.12"
+    - name: Install CDK stack dependencies
+      run: pip install -r requirements.txt
+    - name: AWS credentials configuration
+      uses: aws-actions/configure-aws-credentials@v4
+      with:
+        role-to-assume: ${{secrets.GH_ACTIONS_AWS_ROLE}}
+        role-session-name: gh-actions-${{github.run_id}}.${{github.run_number}}.${{github.run_attempt}}-api-cdk-deploy
+        aws-region: us-east-1
+    - name: CDK validations (resource assertions and cdk diff)
+      run: make validate-application-stack validate-environment-stack
+    - name: Deploy application (and version)
+      run: make deploy-application PAVI_DEPLOY_VERSION_LABEL="${{ env.tagname }}" ADD_CDK_ARGS="--require-approval never"
+    - name: Deploy to main environment
+      run: make deploy-environment PAVI_DEPLOY_VERSION_LABEL="${{ env.tagname }}" PAVI_IMAGE_TAG="${{ env.tagname }}" \
+            DEPLOY_ENVIRONMENT=PaviApiEbMainStack ADD_CDK_ARGS="--require-approval never"
diff --git a/api/aws_infra/Makefile b/api/aws_infra/Makefile
@@ -9,6 +9,7 @@ PAVI_DEPLOY_VERSION_LABEL ?= $(shell git describe --tags --dirty)-$(shell git re
 DEPLOY_ENVIRONMENT ?= PaviApiEbDevStack
 PAVI_IMAGE_TAG ?= main
 PAVI_IMAGE_REGISTRY ?= ${AWS_ACCT_NR}.dkr.ecr.${AWS_DEFAULT_REGION}.amazonaws.com/
+ADD_CDK_ARGS ?=
 
 check-venv-active:
 ifeq ($(VIRTUAL_ENV),)
@@ -48,14 +49,33 @@ run-python-type-check: python-dependencies python-test-dependencies
 run-python-style-check: python-dependencies python-test-dependencies
 	flake8 ./
 
-validate: check-node run-unit-tests
-# Validate production stack code
+validate-image-stack: check-node run-unit-tests
 	cdk diff PaviApiImageRepoCdkStack
+
+validate-application-stack: check-node run-unit-tests
 	cdk diff PaviApiEbApplicationCdkStack
+
+validate-environment-stack: check-node run-unit-tests
 	export PAVI_DEPLOY_VERSION_LABEL=${PAVI_DEPLOY_VERSION_LABEL} && \
 	  export PAVI_IMAGE_TAG=${PAVI_IMAGE_TAG} && \
 	  export PAVI_IMAGE_REGISTRY=${PAVI_IMAGE_REGISTRY} && \
-	  cdk diff PaviApiEbMainStack
+	  cdk diff PaviApiEbDevStack
 
-validate-dev: check-venv-active validate
+validate-all: check-node run-unit-tests validate-image-stack validate-application-stack validate-environment-stack
 	@:
+
+validate-all-dev: check-venv-active validate-all
+	@:
+
+deploy-application:
+	cdk deploy PaviApiEbApplicationCdkStack ${ADD_CDK_ARGS}
+	python -m aws_helpers.deploy_eb_app_version --eb_app_name PAVI-api --version_label ${PAVI_DEPLOY_VERSION_LABEL}
+
+deploy-environment:
+	export PAVI_DEPLOY_VERSION_LABEL=${PAVI_DEPLOY_VERSION_LABEL} && \
+	  export PAVI_IMAGE_TAG=${PAVI_IMAGE_TAG} && \
+	  export PAVI_IMAGE_REGISTRY=${PAVI_IMAGE_REGISTRY} && \
+	  cdk deploy ${DEPLOY_ENVIRONMENT} ${ADD_CDK_ARGS}
+
+print-deploy-version-label:
+	@echo ${PAVI_DEPLOY_VERSION_LABEL}