diff --git a/.git-crypt/.gitattributes b/.git-crypt/.gitattributes deleted file mode 100644 index 665b10e8..00000000 --- a/.git-crypt/.gitattributes +++ /dev/null @@ -1,4 +0,0 @@ -# Do not edit this file. To specify the files to encrypt, create your own -# .gitattributes file in the directory where your files are. -* !filter !diff -*.gpg binary diff --git a/.git-crypt/keys/default/0/04ED20CFC7112DE4E6C4070CED0E3AA9A664E742.gpg b/.git-crypt/keys/default/0/04ED20CFC7112DE4E6C4070CED0E3AA9A664E742.gpg deleted file mode 100644 index ca3b7d04..00000000 Binary files a/.git-crypt/keys/default/0/04ED20CFC7112DE4E6C4070CED0E3AA9A664E742.gpg and /dev/null differ diff --git a/.git-crypt/keys/default/0/2CBCDE40E6B92375882CAF869801BFBDC5D7F579.gpg b/.git-crypt/keys/default/0/2CBCDE40E6B92375882CAF869801BFBDC5D7F579.gpg deleted file mode 100644 index b249b343..00000000 Binary files a/.git-crypt/keys/default/0/2CBCDE40E6B92375882CAF869801BFBDC5D7F579.gpg and /dev/null differ diff --git a/.git-crypt/keys/default/0/41D2606F66C3FF28874362B61A16916844CE9D82.gpg b/.git-crypt/keys/default/0/41D2606F66C3FF28874362B61A16916844CE9D82.gpg deleted file mode 100644 index 0010349f..00000000 Binary files a/.git-crypt/keys/default/0/41D2606F66C3FF28874362B61A16916844CE9D82.gpg and /dev/null differ diff --git a/.git-crypt/keys/default/0/855982A11F55E25E97210243CC6B9299734DD558.gpg b/.git-crypt/keys/default/0/855982A11F55E25E97210243CC6B9299734DD558.gpg deleted file mode 100644 index f5cfe8e7..00000000 Binary files a/.git-crypt/keys/default/0/855982A11F55E25E97210243CC6B9299734DD558.gpg and /dev/null differ diff --git a/.git-crypt/keys/default/0/B14145CFE7938B456B337E514F2AE1DED258B20E.gpg b/.git-crypt/keys/default/0/B14145CFE7938B456B337E514F2AE1DED258B20E.gpg deleted file mode 100644 index 4df185eb..00000000 Binary files a/.git-crypt/keys/default/0/B14145CFE7938B456B337E514F2AE1DED258B20E.gpg and /dev/null differ diff --git a/.git-crypt/keys/default/0/CF76184B551B037240C4D457AFD792BACA20583D.gpg b/.git-crypt/keys/default/0/CF76184B551B037240C4D457AFD792BACA20583D.gpg deleted file mode 100644 index 7166b86b..00000000 Binary files a/.git-crypt/keys/default/0/CF76184B551B037240C4D457AFD792BACA20583D.gpg and /dev/null differ diff --git a/.gitattributes b/.gitattributes deleted file mode 100644 index 4f1503af..00000000 --- a/.gitattributes +++ /dev/null @@ -1 +0,0 @@ -config/secrets/** filter=git-crypt diff=git-crypt diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml new file mode 100644 index 00000000..53995e81 --- /dev/null +++ b/.github/workflows/main.yaml @@ -0,0 +1,65 @@ +name: Build and Deploy leptonite.io + +on: + push: + tags: + - 'v*' + pull_request: + branches: + - main + +jobs: + build-and-test: + name: Build and Test + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - uses: actions/setup-node@v2 + with: + node-version: '12' + cache: 'npm' + - run: npm install + - run: npm run app:lint + - run: npm run app:format + - run: npm run tests:lint + - run: npm run tests:format + - run: npm run tests:unit:coverage + - run: npm run tests:coverage:badge + + deploy: + name: Publish to CDN + runs-on: ubuntu-latest + needs: [build-and-test] + if: ${{ github.event_name == 'push' }} + steps: + - uses: actions/checkout@v2 + - uses: actions/setup-node@v2 + with: + node-version: '12' + cache: 'npm' + - run: npm install + - name: Build content + id: build + run: npm run build + env: + NODE_ENV: production + REACT_APP_BACKEND_BASE_URL: https://api.leptonite.io + REACT_APP_FRONT_END_LOCALSTORAGE_VERSION: 1.0 + CONTENT_WORK_DIRECTORY: build/content + GENERATE_SOURCEMAP: false + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: eu-west-2 + - id: install-aws-cli + uses: unfor19/install-aws-cli-action@v1 + with: + version: 2 + - run: aws s3 sync ./build/content s3://$BUCKET --delete + env: + BUCKET: ${{ secrets.S3_CONTENT_BUCKET }} + - run: aws cloudfront create-invalidation --distribution-id $CDN_ID --paths "/*" + env: + CDN_ID: ${{ secrets.CDN_ID }} diff --git a/.ruby-version b/.ruby-version deleted file mode 100644 index fbafd6b6..00000000 --- a/.ruby-version +++ /dev/null @@ -1 +0,0 @@ -2.7.2 \ No newline at end of file diff --git a/Gemfile b/Gemfile deleted file mode 100644 index ed8e27f2..00000000 --- a/Gemfile +++ /dev/null @@ -1,10 +0,0 @@ -source 'https://rubygems.org' - -gem 'aws-sdk', '~> 3.0' -gem 'confidante', '~> 0.27' -gem 'git', '~> 1.8' -gem 'mime-types', '~> 3.3' -gem 'rake', '~> 13.0' -gem 'rake_docker', '~> 2.13' -gem 'rake_fly', '~> 2.7' -gem 'rake_terraform', '~> 1.19' diff --git a/Gemfile.lock b/Gemfile.lock deleted file mode 100644 index a6f323b2..00000000 --- a/Gemfile.lock +++ /dev/null @@ -1,1231 +0,0 @@ -GEM - remote: https://rubygems.org/ - specs: - activesupport (6.1.3.2) - concurrent-ruby (~> 1.0, >= 1.0.2) - i18n (>= 1.6, < 2) - minitest (>= 5.1) - tzinfo (~> 2.0) - zeitwerk (~> 2.3) - aws-eventstream (1.1.1) - aws-partitions (1.465.0) - aws-sdk (3.0.2) - aws-sdk-resources (~> 3) - aws-sdk-accessanalyzer (1.19.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-acm (1.41.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-acmpca (1.36.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-alexaforbusiness (1.47.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-amplify (1.29.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-amplifybackend (1.3.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-apigateway (1.62.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-apigatewaymanagementapi (1.21.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-apigatewayv2 (1.32.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-appconfig (1.14.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-appflow (1.10.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-appintegrationsservice (1.2.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-applicationautoscaling (1.51.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-applicationcostprofiler (1.0.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-applicationdiscoveryservice (1.35.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-applicationinsights (1.18.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-appmesh (1.35.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-appregistry (1.5.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-apprunner (1.0.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-appstream (1.52.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-appsync (1.40.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-athena (1.37.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-auditmanager (1.7.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-augmentedairuntime (1.13.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-autoscaling (1.61.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-autoscalingplans (1.31.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-backup (1.28.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-batch (1.47.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-braket (1.7.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-budgets (1.38.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-chime (1.46.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-cloud9 (1.33.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-clouddirectory (1.31.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-cloudformation (1.52.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-cloudfront (1.51.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-cloudhsm (1.30.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-cloudhsmv2 (1.33.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-cloudsearch (1.29.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-cloudsearchdomain (1.24.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-cloudtrail (1.34.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-cloudwatch (1.51.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-cloudwatchevents (1.46.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-cloudwatchlogs (1.41.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-codeartifact (1.10.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-codebuild (1.72.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-codecommit (1.42.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-codedeploy (1.40.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-codeguruprofiler (1.15.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-codegurureviewer (1.17.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-codepipeline (1.44.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-codestar (1.29.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-codestarconnections (1.15.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-codestarnotifications (1.10.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-cognitoidentity (1.31.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-cognitoidentityprovider (1.51.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-cognitosync (1.27.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-comprehend (1.46.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-comprehendmedical (1.26.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-computeoptimizer (1.18.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-configservice (1.62.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-connect (1.44.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-connectcontactlens (1.2.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-connectparticipant (1.11.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-core (3.114.0) - aws-eventstream (~> 1, >= 1.0.2) - aws-partitions (~> 1, >= 1.239.0) - aws-sigv4 (~> 1.1) - jmespath (~> 1.0) - aws-sdk-costandusagereportservice (1.31.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-costexplorer (1.62.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-customerprofiles (1.7.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-databasemigrationservice (1.53.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-dataexchange (1.13.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-datapipeline (1.27.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-datasync (1.32.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-dax (1.29.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-detective (1.18.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-devicefarm (1.42.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-devopsguru (1.6.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-directconnect (1.41.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-directoryservice (1.39.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-dlm (1.40.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-docdb (1.30.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-dynamodb (1.60.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-dynamodbstreams (1.29.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-ebs (1.13.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-ec2 (1.240.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-ec2instanceconnect (1.14.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-ecr (1.42.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-ecrpublic (1.3.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-ecs (1.79.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-efs (1.40.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-eks (1.54.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-elasticache (1.57.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-elasticbeanstalk (1.42.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-elasticinference (1.12.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-elasticloadbalancing (1.31.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-elasticloadbalancingv2 (1.61.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-elasticsearchservice (1.52.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-elastictranscoder (1.29.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-emr (1.45.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-emrcontainers (1.3.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-eventbridge (1.24.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-finspace (1.2.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-finspacedata (1.1.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-firehose (1.37.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-fis (1.1.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-fms (1.36.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-forecastqueryservice (1.12.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-forecastservice (1.20.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-frauddetector (1.18.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-fsx (1.37.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-gamelift (1.44.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-glacier (1.37.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-globalaccelerator (1.30.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-glue (1.87.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-gluedatabrew (1.7.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-greengrass (1.40.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-greengrassv2 (1.3.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-groundstation (1.18.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-guardduty (1.45.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-health (1.35.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-healthlake (1.3.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-honeycode (1.6.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-iam (1.54.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-identitystore (1.5.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-imagebuilder (1.22.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-importexport (1.26.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv2 (~> 1.0) - aws-sdk-inspector (1.34.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-iot (1.69.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-iot1clickdevicesservice (1.28.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-iot1clickprojects (1.28.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-iotanalytics (1.38.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-iotdataplane (1.28.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-iotdeviceadvisor (1.3.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-iotevents (1.24.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-ioteventsdata (1.16.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-iotfleethub (1.2.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-iotjobsdataplane (1.27.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-iotsecuretunneling (1.11.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-iotsitewise (1.23.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-iotthingsgraph (1.14.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-iotwireless (1.10.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-ivs (1.9.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-kafka (1.36.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-kendra (1.25.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-kinesis (1.32.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-kinesisanalytics (1.31.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-kinesisanalyticsv2 (1.30.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-kinesisvideo (1.32.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-kinesisvideoarchivedmedia (1.34.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-kinesisvideomedia (1.28.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-kinesisvideosignalingchannels (1.10.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-kms (1.43.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-lakeformation (1.14.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-lambda (1.62.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-lambdapreview (1.26.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-lex (1.36.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-lexmodelbuildingservice (1.45.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-lexmodelsv2 (1.4.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-lexruntimev2 (1.2.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-licensemanager (1.27.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-lightsail (1.50.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-locationservice (1.4.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-lookoutequipment (1.0.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-lookoutforvision (1.3.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-lookoutmetrics (1.3.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-machinelearning (1.28.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-macie (1.28.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-macie2 (1.28.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-managedblockchain (1.22.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-marketplacecatalog (1.12.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-marketplacecommerceanalytics (1.32.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-marketplaceentitlementservice (1.26.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-marketplacemetering (1.34.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-mediaconnect (1.33.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-mediaconvert (1.67.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-medialive (1.70.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-mediapackage (1.40.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-mediapackagevod (1.23.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-mediastore (1.32.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-mediastoredata (1.29.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-mediatailor (1.38.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-mgn (1.0.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-migrationhub (1.31.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-migrationhubconfig (1.11.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-mobile (1.26.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-mq (1.36.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-mturk (1.31.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-mwaa (1.5.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-neptune (1.35.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-networkfirewall (1.4.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-networkmanager (1.11.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-nimblestudio (1.1.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-opsworks (1.32.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-opsworkscm (1.43.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-organizations (1.59.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-outposts (1.16.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-personalize (1.26.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-personalizeevents (1.17.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-personalizeruntime (1.22.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-pi (1.27.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-pinpoint (1.53.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-pinpointemail (1.26.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-pinpointsmsvoice (1.23.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-polly (1.41.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-pricing (1.27.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-prometheusservice (1.3.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-qldb (1.14.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-qldbsession (1.13.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-quicksight (1.46.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-ram (1.25.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-rds (1.118.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-rdsdataservice (1.25.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-redshift (1.62.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-redshiftdataapiservice (1.6.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-rekognition (1.51.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-resourcegroups (1.36.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-resourcegroupstaggingapi (1.37.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-resources (3.104.0) - aws-sdk-accessanalyzer (~> 1) - aws-sdk-acm (~> 1) - aws-sdk-acmpca (~> 1) - aws-sdk-alexaforbusiness (~> 1) - aws-sdk-amplify (~> 1) - aws-sdk-amplifybackend (~> 1) - aws-sdk-apigateway (~> 1) - aws-sdk-apigatewaymanagementapi (~> 1) - aws-sdk-apigatewayv2 (~> 1) - aws-sdk-appconfig (~> 1) - aws-sdk-appflow (~> 1) - aws-sdk-appintegrationsservice (~> 1) - aws-sdk-applicationautoscaling (~> 1) - aws-sdk-applicationcostprofiler (~> 1) - aws-sdk-applicationdiscoveryservice (~> 1) - aws-sdk-applicationinsights (~> 1) - aws-sdk-appmesh (~> 1) - aws-sdk-appregistry (~> 1) - aws-sdk-apprunner (~> 1) - aws-sdk-appstream (~> 1) - aws-sdk-appsync (~> 1) - aws-sdk-athena (~> 1) - aws-sdk-auditmanager (~> 1) - aws-sdk-augmentedairuntime (~> 1) - aws-sdk-autoscaling (~> 1) - aws-sdk-autoscalingplans (~> 1) - aws-sdk-backup (~> 1) - aws-sdk-batch (~> 1) - aws-sdk-braket (~> 1) - aws-sdk-budgets (~> 1) - aws-sdk-chime (~> 1) - aws-sdk-cloud9 (~> 1) - aws-sdk-clouddirectory (~> 1) - aws-sdk-cloudformation (~> 1) - aws-sdk-cloudfront (~> 1) - aws-sdk-cloudhsm (~> 1) - aws-sdk-cloudhsmv2 (~> 1) - aws-sdk-cloudsearch (~> 1) - aws-sdk-cloudsearchdomain (~> 1) - aws-sdk-cloudtrail (~> 1) - aws-sdk-cloudwatch (~> 1) - aws-sdk-cloudwatchevents (~> 1) - aws-sdk-cloudwatchlogs (~> 1) - aws-sdk-codeartifact (~> 1) - aws-sdk-codebuild (~> 1) - aws-sdk-codecommit (~> 1) - aws-sdk-codedeploy (~> 1) - aws-sdk-codeguruprofiler (~> 1) - aws-sdk-codegurureviewer (~> 1) - aws-sdk-codepipeline (~> 1) - aws-sdk-codestar (~> 1) - aws-sdk-codestarconnections (~> 1) - aws-sdk-codestarnotifications (~> 1) - aws-sdk-cognitoidentity (~> 1) - aws-sdk-cognitoidentityprovider (~> 1) - aws-sdk-cognitosync (~> 1) - aws-sdk-comprehend (~> 1) - aws-sdk-comprehendmedical (~> 1) - aws-sdk-computeoptimizer (~> 1) - aws-sdk-configservice (~> 1) - aws-sdk-connect (~> 1) - aws-sdk-connectcontactlens (~> 1) - aws-sdk-connectparticipant (~> 1) - aws-sdk-costandusagereportservice (~> 1) - aws-sdk-costexplorer (~> 1) - aws-sdk-customerprofiles (~> 1) - aws-sdk-databasemigrationservice (~> 1) - aws-sdk-dataexchange (~> 1) - aws-sdk-datapipeline (~> 1) - aws-sdk-datasync (~> 1) - aws-sdk-dax (~> 1) - aws-sdk-detective (~> 1) - aws-sdk-devicefarm (~> 1) - aws-sdk-devopsguru (~> 1) - aws-sdk-directconnect (~> 1) - aws-sdk-directoryservice (~> 1) - aws-sdk-dlm (~> 1) - aws-sdk-docdb (~> 1) - aws-sdk-dynamodb (~> 1) - aws-sdk-dynamodbstreams (~> 1) - aws-sdk-ebs (~> 1) - aws-sdk-ec2 (~> 1) - aws-sdk-ec2instanceconnect (~> 1) - aws-sdk-ecr (~> 1) - aws-sdk-ecrpublic (~> 1) - aws-sdk-ecs (~> 1) - aws-sdk-efs (~> 1) - aws-sdk-eks (~> 1) - aws-sdk-elasticache (~> 1) - aws-sdk-elasticbeanstalk (~> 1) - aws-sdk-elasticinference (~> 1) - aws-sdk-elasticloadbalancing (~> 1) - aws-sdk-elasticloadbalancingv2 (~> 1) - aws-sdk-elasticsearchservice (~> 1) - aws-sdk-elastictranscoder (~> 1) - aws-sdk-emr (~> 1) - aws-sdk-emrcontainers (~> 1) - aws-sdk-eventbridge (~> 1) - aws-sdk-finspace (~> 1) - aws-sdk-finspacedata (~> 1) - aws-sdk-firehose (~> 1) - aws-sdk-fis (~> 1) - aws-sdk-fms (~> 1) - aws-sdk-forecastqueryservice (~> 1) - aws-sdk-forecastservice (~> 1) - aws-sdk-frauddetector (~> 1) - aws-sdk-fsx (~> 1) - aws-sdk-gamelift (~> 1) - aws-sdk-glacier (~> 1) - aws-sdk-globalaccelerator (~> 1) - aws-sdk-glue (~> 1) - aws-sdk-gluedatabrew (~> 1) - aws-sdk-greengrass (~> 1) - aws-sdk-greengrassv2 (~> 1) - aws-sdk-groundstation (~> 1) - aws-sdk-guardduty (~> 1) - aws-sdk-health (~> 1) - aws-sdk-healthlake (~> 1) - aws-sdk-honeycode (~> 1) - aws-sdk-iam (~> 1) - aws-sdk-identitystore (~> 1) - aws-sdk-imagebuilder (~> 1) - aws-sdk-importexport (~> 1) - aws-sdk-inspector (~> 1) - aws-sdk-iot (~> 1) - aws-sdk-iot1clickdevicesservice (~> 1) - aws-sdk-iot1clickprojects (~> 1) - aws-sdk-iotanalytics (~> 1) - aws-sdk-iotdataplane (~> 1) - aws-sdk-iotdeviceadvisor (~> 1) - aws-sdk-iotevents (~> 1) - aws-sdk-ioteventsdata (~> 1) - aws-sdk-iotfleethub (~> 1) - aws-sdk-iotjobsdataplane (~> 1) - aws-sdk-iotsecuretunneling (~> 1) - aws-sdk-iotsitewise (~> 1) - aws-sdk-iotthingsgraph (~> 1) - aws-sdk-iotwireless (~> 1) - aws-sdk-ivs (~> 1) - aws-sdk-kafka (~> 1) - aws-sdk-kendra (~> 1) - aws-sdk-kinesis (~> 1) - aws-sdk-kinesisanalytics (~> 1) - aws-sdk-kinesisanalyticsv2 (~> 1) - aws-sdk-kinesisvideo (~> 1) - aws-sdk-kinesisvideoarchivedmedia (~> 1) - aws-sdk-kinesisvideomedia (~> 1) - aws-sdk-kinesisvideosignalingchannels (~> 1) - aws-sdk-kms (~> 1) - aws-sdk-lakeformation (~> 1) - aws-sdk-lambda (~> 1) - aws-sdk-lambdapreview (~> 1) - aws-sdk-lex (~> 1) - aws-sdk-lexmodelbuildingservice (~> 1) - aws-sdk-lexmodelsv2 (~> 1) - aws-sdk-lexruntimev2 (~> 1) - aws-sdk-licensemanager (~> 1) - aws-sdk-lightsail (~> 1) - aws-sdk-locationservice (~> 1) - aws-sdk-lookoutequipment (~> 1) - aws-sdk-lookoutforvision (~> 1) - aws-sdk-lookoutmetrics (~> 1) - aws-sdk-machinelearning (~> 1) - aws-sdk-macie (~> 1) - aws-sdk-macie2 (~> 1) - aws-sdk-managedblockchain (~> 1) - aws-sdk-marketplacecatalog (~> 1) - aws-sdk-marketplacecommerceanalytics (~> 1) - aws-sdk-marketplaceentitlementservice (~> 1) - aws-sdk-marketplacemetering (~> 1) - aws-sdk-mediaconnect (~> 1) - aws-sdk-mediaconvert (~> 1) - aws-sdk-medialive (~> 1) - aws-sdk-mediapackage (~> 1) - aws-sdk-mediapackagevod (~> 1) - aws-sdk-mediastore (~> 1) - aws-sdk-mediastoredata (~> 1) - aws-sdk-mediatailor (~> 1) - aws-sdk-mgn (~> 1) - aws-sdk-migrationhub (~> 1) - aws-sdk-migrationhubconfig (~> 1) - aws-sdk-mobile (~> 1) - aws-sdk-mq (~> 1) - aws-sdk-mturk (~> 1) - aws-sdk-mwaa (~> 1) - aws-sdk-neptune (~> 1) - aws-sdk-networkfirewall (~> 1) - aws-sdk-networkmanager (~> 1) - aws-sdk-nimblestudio (~> 1) - aws-sdk-opsworks (~> 1) - aws-sdk-opsworkscm (~> 1) - aws-sdk-organizations (~> 1) - aws-sdk-outposts (~> 1) - aws-sdk-personalize (~> 1) - aws-sdk-personalizeevents (~> 1) - aws-sdk-personalizeruntime (~> 1) - aws-sdk-pi (~> 1) - aws-sdk-pinpoint (~> 1) - aws-sdk-pinpointemail (~> 1) - aws-sdk-pinpointsmsvoice (~> 1) - aws-sdk-polly (~> 1) - aws-sdk-pricing (~> 1) - aws-sdk-prometheusservice (~> 1) - aws-sdk-qldb (~> 1) - aws-sdk-qldbsession (~> 1) - aws-sdk-quicksight (~> 1) - aws-sdk-ram (~> 1) - aws-sdk-rds (~> 1) - aws-sdk-rdsdataservice (~> 1) - aws-sdk-redshift (~> 1) - aws-sdk-redshiftdataapiservice (~> 1) - aws-sdk-rekognition (~> 1) - aws-sdk-resourcegroups (~> 1) - aws-sdk-resourcegroupstaggingapi (~> 1) - aws-sdk-robomaker (~> 1) - aws-sdk-route53 (~> 1) - aws-sdk-route53domains (~> 1) - aws-sdk-route53resolver (~> 1) - aws-sdk-s3 (~> 1) - aws-sdk-s3control (~> 1) - aws-sdk-s3outposts (~> 1) - aws-sdk-sagemaker (~> 1) - aws-sdk-sagemakeredgemanager (~> 1) - aws-sdk-sagemakerfeaturestoreruntime (~> 1) - aws-sdk-sagemakerruntime (~> 1) - aws-sdk-savingsplans (~> 1) - aws-sdk-schemas (~> 1) - aws-sdk-secretsmanager (~> 1) - aws-sdk-securityhub (~> 1) - aws-sdk-serverlessapplicationrepository (~> 1) - aws-sdk-servicecatalog (~> 1) - aws-sdk-servicediscovery (~> 1) - aws-sdk-servicequotas (~> 1) - aws-sdk-ses (~> 1) - aws-sdk-sesv2 (~> 1) - aws-sdk-shield (~> 1) - aws-sdk-signer (~> 1) - aws-sdk-simpledb (~> 1) - aws-sdk-sms (~> 1) - aws-sdk-snowball (~> 1) - aws-sdk-sns (~> 1) - aws-sdk-sqs (~> 1) - aws-sdk-ssm (~> 1) - aws-sdk-ssmcontacts (~> 1) - aws-sdk-ssmincidents (~> 1) - aws-sdk-ssoadmin (~> 1) - aws-sdk-ssooidc (~> 1) - aws-sdk-states (~> 1) - aws-sdk-storagegateway (~> 1) - aws-sdk-support (~> 1) - aws-sdk-swf (~> 1) - aws-sdk-synthetics (~> 1) - aws-sdk-textract (~> 1) - aws-sdk-timestreamquery (~> 1) - aws-sdk-timestreamwrite (~> 1) - aws-sdk-transcribeservice (~> 1) - aws-sdk-transcribestreamingservice (~> 1) - aws-sdk-transfer (~> 1) - aws-sdk-translate (~> 1) - aws-sdk-waf (~> 1) - aws-sdk-wafregional (~> 1) - aws-sdk-wafv2 (~> 1) - aws-sdk-wellarchitected (~> 1) - aws-sdk-workdocs (~> 1) - aws-sdk-worklink (~> 1) - aws-sdk-workmail (~> 1) - aws-sdk-workmailmessageflow (~> 1) - aws-sdk-workspaces (~> 1) - aws-sdk-xray (~> 1) - aws-sdk-robomaker (1.36.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-route53 (1.49.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-route53domains (1.30.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-route53resolver (1.25.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-s3 (1.95.1) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sdk-kms (~> 1) - aws-sigv4 (~> 1.1) - aws-sdk-s3control (1.33.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-s3outposts (1.2.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-sagemaker (1.87.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-sagemakeredgemanager (1.2.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-sagemakerfeaturestoreruntime (1.2.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-sagemakerruntime (1.31.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-savingsplans (1.15.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-schemas (1.12.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-secretsmanager (1.46.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-securityhub (1.46.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-serverlessapplicationrepository (1.34.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-servicecatalog (1.59.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-servicediscovery (1.36.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-servicequotas (1.14.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-ses (1.38.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-sesv2 (1.17.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-shield (1.37.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-signer (1.29.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-simpledb (1.26.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv2 (~> 1.0) - aws-sdk-sms (1.29.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-snowball (1.38.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-sns (1.41.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-sqs (1.39.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-ssm (1.110.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-ssmcontacts (1.0.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-ssmincidents (1.0.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-ssoadmin (1.7.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-ssooidc (1.10.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-states (1.39.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-storagegateway (1.55.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-support (1.31.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-swf (1.27.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-synthetics (1.12.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-textract (1.24.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-timestreamquery (1.4.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-timestreamwrite (1.4.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-transcribeservice (1.55.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-transcribestreamingservice (1.29.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-transfer (1.33.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-translate (1.31.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-waf (1.38.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-wafregional (1.39.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-wafv2 (1.20.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-wellarchitected (1.4.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-workdocs (1.30.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-worklink (1.23.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-workmail (1.37.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-workmailmessageflow (1.12.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-workspaces (1.53.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sdk-xray (1.37.0) - aws-sdk-core (~> 3, >= 3.112.0) - aws-sigv4 (~> 1.1) - aws-sigv2 (1.0.2) - aws-sigv4 (1.2.3) - aws-eventstream (~> 1, >= 1.0.2) - colored2 (3.1.2) - concourse.rb (0.4.0) - dry-schema (~> 0.5) - excon (~> 0.72) - semantic (~> 1.5) - concurrent-ruby (1.1.8) - confidante (0.27.0) - activesupport (>= 4) - hiera (~> 3.3, >= 3.3.1) - shikashi (~> 0.6) - docker-api (1.34.2) - excon (>= 0.47.0) - multi_json - dry-configurable (0.12.1) - concurrent-ruby (~> 1.0) - dry-core (~> 0.5, >= 0.5.0) - dry-container (0.7.2) - concurrent-ruby (~> 1.0) - dry-configurable (~> 0.1, >= 0.1.3) - dry-core (0.5.0) - concurrent-ruby (~> 1.0) - dry-equalizer (0.3.0) - dry-inflector (0.2.0) - dry-initializer (3.0.4) - dry-logic (1.2.0) - concurrent-ruby (~> 1.0) - dry-core (~> 0.5, >= 0.5) - dry-schema (0.6.0) - concurrent-ruby (~> 1.0) - dry-configurable (~> 0.8, >= 0.8.0) - dry-core (~> 0.4) - dry-equalizer (~> 0.2) - dry-initializer (~> 3.0) - dry-logic (~> 1.0) - dry-types (~> 1.0) - dry-types (1.5.1) - concurrent-ruby (~> 1.0) - dry-container (~> 0.3) - dry-core (~> 0.5, >= 0.5) - dry-inflector (~> 0.1, >= 0.1.2) - dry-logic (~> 1.0, >= 1.0.2) - evalhook (0.6.0) - partialruby (~> 0.3) - sexp_processor (~> 4.0) - excon (0.82.0) - getsource (0.2.2) - git (1.8.1) - rchardet (~> 1.8) - hamster (3.0.0) - concurrent-ruby (~> 1.0) - hiera (3.7.0) - i18n (1.8.10) - concurrent-ruby (~> 1.0) - immutable-struct (2.4.1) - jmespath (1.4.0) - lino (3.0.0) - hamster (~> 3.0) - open4 (~> 1.3) - mime-types (3.3.1) - mime-types-data (~> 3.2015) - mime-types-data (3.2021.0225) - minitar (0.9) - minitest (5.14.4) - multi_json (1.15.0) - open4 (1.3.4) - partialruby (0.3.0) - ruby2ruby (~> 2) - ruby_parser (~> 3) - rake (13.0.3) - rake_dependencies (2.11.0) - hamster (~> 3.0) - minitar (~> 0.9) - rake_factory (~> 0.23) - rubyzip (>= 1.3) - rake_docker (2.13.0) - aws-sdk-ecr (~> 1.2) - colored2 (~> 3.1) - docker-api (~> 1.34) - rake_factory (~> 0.23) - rake_factory (0.29.0) - activesupport (>= 4) - rake (~> 13.0) - rake_fly (2.7.0) - concourse.rb (>= 0.4) - rake_dependencies (~> 2, < 3) - rake_factory (>= 0.29, < 1) - ruby_fly (>= 0.35) - semantic (~> 1.6.1) - rake_terraform (1.19.0) - colored2 (~> 3.1) - rake_dependencies (~> 2.11) - rake_factory (~> 0.23) - ruby-terraform (~> 1.1) - rchardet (1.8.0) - ruby-terraform (1.2.0) - immutable-struct (~> 2.4) - lino (~> 3.0) - ruby2ruby (2.4.4) - ruby_parser (~> 3.1) - sexp_processor (~> 4.6) - ruby_fly (0.35.0) - lino (>= 1.5) - ruby_parser (3.16.0) - sexp_processor (~> 4.15, >= 4.15.1) - rubyzip (2.3.0) - semantic (1.6.1) - sexp_processor (4.15.3) - shikashi (0.6.0) - evalhook (>= 0.6.0) - getsource (>= 0.1.0) - tzinfo (2.0.4) - concurrent-ruby (~> 1.0) - zeitwerk (2.4.2) - -PLATFORMS - arm64-darwin-20 - x86_64-darwin-19 - x86_64-darwin-20 - x86_64-linux - -DEPENDENCIES - aws-sdk (~> 3.0) - confidante (~> 0.27) - git (~> 1.8) - mime-types (~> 3.3) - rake (~> 13.0) - rake_docker (~> 2.13) - rake_fly (~> 2.7) - rake_terraform (~> 1.19) - -BUNDLED WITH - 2.2.16 diff --git a/Rakefile b/Rakefile deleted file mode 100644 index 5ba4f8d4..00000000 --- a/Rakefile +++ /dev/null @@ -1,498 +0,0 @@ -require 'git' -require 'confidante' -require 'rake_fly' -require 'rake_terraform' -require 'ruby_terraform/output' -require 'aws-sdk' -require 'securerandom' -require 'mime/types' - -require_relative 'lib/s3_website' - -configuration = Confidante.configuration - -configuration.non_standard_mime_types.each do |mime_type, extensions| - MIME::Types.add(MIME::Type.new(mime_type.to_s) { |m| - m.extensions = extensions - }) -end - -RakeFly.define_installation_tasks(version: '6.7.2') -RakeTerraform.define_installation_tasks( - path: File.join(Dir.pwd, 'vendor', 'terraform'), - version: '0.15.4') - -task :default => [ - :build_fix, - :test -] - -task :build => [ - :"app:lint", - :"app:format", - :"tests:lint", - :"tests:format" -] - -task :build_fix => [ - :"app:lint_fix", - :"app:format_fix", - :"tests:lint_fix", - :"tests:format_fix" -] - -task :test => [:'tests:unit'] - -namespace :secrets do - desc 'Check if secrets are readable' - task :check do - if File.exist?('config/secrets') - puts 'Checking if secrets are accessible.' - unless File.read('config/secrets/.unlocked').strip == "true" - raise RuntimeError, Paint['Cannot access secrets.', :red] - end - puts 'Secrets accessible. Continuing.' - end - end - - desc 'Unlock secrets' - task :unlock do - if File.exist?('config/secrets') - puts 'Unlocking secrets.' - sh('git crypt unlock') - end - end -end - -namespace :bootstrap do - RakeTerraform.define_command_tasks( - configuration_name: 'bootstrap', - argument_names: [ - :deployment_type, - :deployment_label - ] - ) do |t, args| - configuration = configuration - .for_scope(args.to_h.merge(role: 'bootstrap')) - - vars = configuration.vars - deployment_identifier = configuration.deployment_identifier - - t.source_directory = 'infra/bootstrap' - t.work_directory = 'build' - - t.state_file = File.join( - Dir.pwd, "state/bootstrap/#{deployment_identifier}.tfstate") - t.vars = vars - end -end - -namespace :website do - RakeTerraform.define_command_tasks( - configuration_name: 'website', - argument_names: [ - :deployment_type, - :deployment_label - ] - ) do |t, args| - configuration = configuration - .for_scope(args.to_h.merge(role: 'website')) - - t.source_directory = 'infra/website' - t.work_directory = 'build' - - t.backend_config = configuration.backend_config - t.vars = configuration.vars - end -end - -namespace :dependencies do - desc 'Fetch dependencies' - task :install do - sh('npm', 'install') - end -end - -namespace :app do - desc 'Clean built content' - task :clean do - rm_rf 'src/dist' - rm_rf 'build/content' - end - - desc "Lint all app sources" - task :lint => [:'dependencies:install'] do - sh('npm', 'run', 'app:lint') - end - - desc "Lint & fix all app source" - task :lint_fix => [:'dependencies:install'] do - sh('npm', 'run', 'app:lint-fix') - end - - desc "Format all app sources" - task :format => [:'dependencies:install'] do - sh('npm', 'run', 'app:format') - end - - desc "Format & fix all app sources" - task :format_fix => [:'dependencies:install'] do - sh('npm', 'run', 'app:format-fix') - end - - desc "Run the app as a local process" - task :run => [:'dependencies:install'] do - configuration = configuration - .for_scope( - deployment_type: 'local', - deployment_label: 'development', - role: 'local-app' - ) - - environment = configuration - .environment - .map { |k, v| [k.to_s, v] } - .to_h - - sh(environment, 'npm', 'run', 'start:local') - end - - desc 'Build content for deployment identifier' - task :build, [ - :deployment_type, - :deployment_label - ] => [:'dependencies:install'] do |_, args| - default_deployment_identifier(args) - - configuration = configuration.for_scope(args.to_h) - - environment = configuration.environment - content_work_directory = configuration.content_work_directory - react_app_backend_base_url = configuration.react_app_backend_base_url - - sh({ - "NODE_ENV" => environment, - "REACT_APP_BACKEND_BASE_URL" => react_app_backend_base_url, - "REACT_APP_FRONT_END_LOCALSTORAGE_VERSION" => "1.0", - "CONTENT_WORK_DIRECTORY" => content_work_directory, - "GENERATE_SOURCEMAP" => "false" - }, "npm", "run", - "build") - end - - desc 'Publish content for deployment identifier' - task :publish, [ - :deployment_type, - :deployment_label - ] do |_, args| - configuration = configuration - .for_scope(args.to_h.merge(role: 'website')) - - region = configuration.region - max_ages = configuration.max_ages - content_work_directory = configuration.content_work_directory - bucket = configuration.website_bucket_name - - s3sync = S3Website.new( - region: region, - bucket: bucket, - max_ages: max_ages) - - s3sync.publish_from(content_work_directory) - end - - desc 'Invalidate content caches for deployment identifier' - task :invalidate, [ - :deployment_type, - :deployment_label - ] => [:'terraform:ensure'] do |_, args| - configuration = configuration - .for_scope(args.to_h.merge(role: 'website')) - - region = configuration.region - backend_config = configuration.backend_config - - distribution_id = JSON.parse( - RubyTerraform::Output.for( - name: 'cdn_id', - source_directory: 'infra/website', - work_directory: 'build', - backend_config: backend_config)) - - cloudfront = Aws::CloudFront::Client.new(region: region) - - cloudfront.create_invalidation( - distribution_id: distribution_id, - invalidation_batch: { - caller_reference: SecureRandom.uuid, - paths: { - quantity: 1, - items: ['/*'], - } - }) - end - - desc 'Deploy content' - task :deploy, [ - :deployment_type, - :deployment_label - ] => [:'terraform:ensure'] do |_, args| - Rake::Task['app:build'].invoke(*args) - Rake::Task['app:publish'].invoke(*args) - Rake::Task['app:invalidate'].invoke(*args) - end -end - -namespace :tests do - desc "Lint all tests" - task :lint => [:'dependencies:install'] do - sh('npm', 'run', 'tests:lint') - end - - desc "Lint & fix all tests" - task :lint_fix => [:'dependencies:install'] do - sh('npm', 'run', 'tests:lint-fix') - end - - desc "Format all test files" - task :format => [:'dependencies:install'] do - sh('npm', 'run', 'tests:format') - end - - desc "Format & fix all test files" - task :format_fix => [:'dependencies:install'] do - sh('npm', 'run', 'tests:format-fix') - end - - desc "Run all unit tests" - task :unit => [:'dependencies:install'] do - script_name = ENV["INCLUDE_COVERAGE"] == 'true' ? - 'tests:unit:coverage' : - 'tests:unit' - sh('npm', 'run', script_name) - end - - namespace :coverage do - desc "Run coverage badge creation" - task :badge => [:'dependencies:install'] do - sh('npm', 'run', 'tests:coverage:badge') - end - end -end - -namespace :ci do - RakeFly.define_authentication_tasks( - namespace: :authentication, - argument_names: [ - :ci_deployment_type, - :ci_deployment_label - ]) do |t, args| - configuration = configuration - .for_scope(args.to_h) - - t.target = configuration.concourse_team - t.concourse_url = configuration.concourse_url - t.team = configuration.concourse_team - t.username = configuration.concourse_username - t.password = configuration.concourse_password - - t.home_directory = 'build/fly' - end - - namespace :pipeline do - RakeFly.define_pipeline_tasks( - namespace: :develop, - argument_names: [ - :ci_deployment_type, - :ci_deployment_label - ] - ) do |t, args| - configuration = configuration - .for_scope(args.to_h.merge(role: 'develop-pipeline')) - ci_deployment_type = configuration.ci_deployment_identifier - - t.target = configuration.concourse_team - t.team = configuration.concourse_team - t.pipeline = "reference-frontend-develop" - - t.config = 'pipelines/develop/pipeline.yaml' - - t.vars = configuration.vars - t.var_files = [ - 'config/secrets/pipeline/constants.yaml', - "config/secrets/pipeline/#{ci_deployment_type}.yaml" - ] - - t.non_interactive = true - t.home_directory = 'build/fly' - end - - RakeFly.define_pipeline_tasks( - namespace: :demo, - argument_names: [ - :ci_deployment_type, - :ci_deployment_label - ] - ) do |t, args| - configuration = configuration - .for_scope(args.to_h.merge(role: 'demo-pipeline')) - ci_deployment_type = configuration.ci_deployment_identifier - - t.target = configuration.concourse_team - t.team = configuration.concourse_team - t.pipeline = "reference-frontend-demo" - - t.config = 'pipelines/demo/pipeline.yaml' - - t.vars = configuration.vars - t.var_files = [ - 'config/secrets/pipeline/constants.yaml', - "config/secrets/pipeline/#{ci_deployment_type}.yaml" - ] - - t.non_interactive = true - t.home_directory = 'build/fly' - end - - RakeFly.define_pipeline_tasks( - namespace: :production, - argument_names: [ - :ci_deployment_type, - :ci_deployment_label - ] - ) do |t, args| - configuration = configuration - .for_scope(args.to_h.merge(role: 'tag-pipeline')) - ci_deployment_type = configuration.ci_deployment_identifier - - t.target = configuration.concourse_team - t.team = configuration.concourse_team - t.pipeline = "reference-frontend-production" - - t.config = 'pipelines/tag/pipeline.yaml' - - t.vars = configuration.vars - t.var_files = [ - 'config/secrets/pipeline/constants.yaml', - "config/secrets/pipeline/#{ci_deployment_type}.yaml" - ] - - t.non_interactive = true - t.home_directory = 'build/fly' - end - - RakeFly.define_pipeline_tasks( - namespace: :builder, - argument_names: [ - :ci_deployment_type, - :ci_deployment_label] - ) do |t, args| - configuration = configuration - .for_scope(args.to_h.merge(role: 'builder-pipeline')) - ci_deployment_type = configuration.ci_deployment_identifier - - t.target = configuration.concourse_team - t.team = configuration.concourse_team - t.pipeline = "reference-frontend-builder" - - t.config = 'pipelines/builder/pipeline.yaml' - - t.vars = configuration.vars - t.var_files = [ - 'config/secrets/pipeline/constants.yaml', - "config/secrets/pipeline/#{ci_deployment_type}.yaml" - ] - - t.non_interactive = true - t.home_directory = 'build/fly' - end - - namespace :pr do - RakeFly.define_pipeline_tasks( - argument_names: [ - :ci_deployment_type, - :ci_deployment_label, - :branch - ] - ) do |t, args| - branch = args.branch || pr_metadata_branch - - configuration = configuration - .for_scope(args.to_h.merge(role: 'pr-pipeline')) - .for_overrides(source_repository_branch: branch) - - ci_deployment_type = configuration.ci_deployment_identifier - - t.target = configuration.concourse_team - t.team = configuration.concourse_team - t.pipeline = "reference-frontend-pr-#{to_pipeline_name(branch)}" - - t.config = 'pipelines/pr/pipeline.yaml' - - t.vars = configuration.vars - t.var_files = [ - 'config/secrets/pipeline/constants.yaml', - "config/secrets/pipeline/#{ci_deployment_type}.yaml" - ] - - t.non_interactive = true - t.home_directory = 'build/fly' - end - - task :handle, [ - :ci_deployment_type, - :ci_deployment_label, - :branch, - :state - ] do |_, args| - branch = args.branch || pr_metadata_branch - state = args.state || pr_metadata_state - - if state == "OPEN" - Rake::Task[:"ci:pipeline:pr:push"].invoke( - args.ci_deployment_type, - args.ci_deployment_label, - branch) - else - Rake::Task[:"ci:pipeline:pr:destroy"].invoke( - args.ci_deployment_type, - args.ci_deployment_label, - branch) - end - end - end - end - - namespace :pipelines do - desc "Push all pipelines" - task :push, [:ci_deployment_type, :ci_deployment_label] do |_, args| - Rake::Task[:"ci:pipeline:develop:push"].invoke(*args) - Rake::Task[:"ci:pipeline:demo:push"].invoke(*args) - Rake::Task[:"ci:pipeline:builder:push"].invoke(*args) - end - end -end - -def pr_metadata_value(key) - File.exist?(".git/resource/#{key}") ? - File.read(".git/resource/#{key}") : - nil -end - -def pr_metadata_branch - pr_metadata_value("head_name") -end - -def pr_metadata_state - pr_metadata_value("state") -end - -def to_pipeline_name(string) - string.gsub(/[^a-zA-Z0-9_-]/, "_") -end - -def default_deployment_identifier(args) - args.with_defaults( - deployment_type: "bsn-local", - deployment_label: "default") -end \ No newline at end of file diff --git a/config/ci/rdm-management-default.yaml b/config/ci/rdm-management-default.yaml deleted file mode 100644 index 6258f4a3..00000000 --- a/config/ci/rdm-management-default.yaml +++ /dev/null @@ -1,15 +0,0 @@ ---- -ci_account_id: "%{hiera('rdm_management_account_id')}" - -ci_deployment_identifier: "%{ci_deployment_type}-%{ci_deployment_label}" - -ci_storage_bucket_name: "rdm-%{hiera('component')}-%{hiera('ci_deployment_identifier')}" -ci_storage_bucket_region: "%{hiera('region')}" -ci_storage_bucket_encryption: "AES256" - -concourse_url: "https://ci-server.rdm-management.redeemeum.io" - -image_repository_base_url: "%{hiera('rdm_management_account_id')}.dkr.ecr.%{hiera('region')}.amazonaws.com" - -node_builder_image_repository_name: "rdm/node-12-builder" -node_builder_image_repository_url: "%{hiera('image_repository_base_url')}/%{hiera('node_builder_image_repository_name')}" diff --git a/config/defaults.yaml b/config/defaults.yaml deleted file mode 100644 index e5601d83..00000000 --- a/config/defaults.yaml +++ /dev/null @@ -1,43 +0,0 @@ ---- -region: "eu-west-2" - -development_group: "bsn" - -component: "reference-frontend" -deployment_identifier: "%{deployment_type}-%{deployment_label}" - -source_repository_name: "bosonprotocol/reference-frontend" -source_repository_url: "git@github.com:%{hiera('source_repository_name')}.git" -source_repository_branch: "develop" - -storage_bucket_name: "%{hiera('development_group')}-%{hiera('component')}-%{hiera('deployment_identifier')}-storage" -website_bucket_name: "%{hiera('development_group')}-%{hiera('component')}-%{hiera('deployment_identifier')}-content" - -storage_bucket_encryption: "AES256" - -admin_role_name: "cross-account-admin-role" - -rdm_management_account_id: "031036423983" - -bsn_parent_account_id: "915981965568" -bsn_development_potassium_account_id: "384010198059" -bsn_production_lutetium_account_id: "371854298993" - -bsn_parent_account_admin_role: "arn:aws:iam::%{hiera('bsn_parent_account_id')}:role/%{hiera('admin_role_name')}" - -non_standard_mime_types: - font/woff2: - - woff2 - application/manifest+json: - - webmanifest - -max_ages: - image/jpeg: 300 - image/png: 300 - image/gif: 300 - image/svg+xml: 300 - text/html: 0 - text/css: 300 - application/javascript: 300 - application/font-woff: 2592000 - font/woff2: 2592000 diff --git a/config/deployments/bsn-demo-copernicium.yaml b/config/deployments/bsn-demo-copernicium.yaml deleted file mode 100644 index 7b1d12a6..00000000 --- a/config/deployments/bsn-demo-copernicium.yaml +++ /dev/null @@ -1,31 +0,0 @@ ---- -# General -environment: "production" # use full asset pipeline for all deployed environments - -parent_role_arn: "%{hiera('bsn_parent_account_admin_role')}" - -content_work_directory: "build/content/%{hiera('deployment_identifier')}" - -parent_domain_name: "bosonprotocol.io" -primary_domain_name: "bsn-development-potassium.%{hiera('parent_domain_name')}" -certificate_domain_name: "%{hiera('primary_domain_name')}" - -primary_address: "%{hiera('component')}-%{deployment_label}.%{hiera('primary_domain_name')}" -other_addresses: - - "reference-frontend-uat.%{hiera('parent_domain_name')}" - -# State -parent_common_state_bucket_name: "bsn-aws-parent-account-bsn-parent-default" -parent_common_state_key: "common/deployment-state/default.tfstate" -parent_common_state_bucket_region: "%{hiera('region')}" -parent_common_state_bucket_is_encrypted: "true" - -common_state_bucket_name: "bsn-aws-application-account-bsn-development-potassium" -common_state_key: "common/deployment-state/default.tfstate" -common_state_bucket_region: "%{hiera('region')}" -common_state_bucket_is_encrypted: "true" - -website_state_bucket_name: "%{hiera('storage_bucket_name')}" -website_state_key: "website/deployment-state/default.tfstate" -website_state_bucket_region: "%{hiera('region')}" -website_state_bucket_is_encrypted: "true" diff --git a/config/deployments/bsn-development-hassium.yaml b/config/deployments/bsn-development-hassium.yaml deleted file mode 100644 index c479ace2..00000000 --- a/config/deployments/bsn-development-hassium.yaml +++ /dev/null @@ -1,31 +0,0 @@ ---- -# General -environment: "production" # use full asset pipeline for all deployed environments - -parent_role_arn: "%{hiera('bsn_parent_account_admin_role')}" - -content_work_directory: "build/content/%{hiera('deployment_identifier')}" - -parent_domain_name: "bosonprotocol.io" -primary_domain_name: "bsn-development-potassium.%{hiera('parent_domain_name')}" -certificate_domain_name: "%{hiera('primary_domain_name')}" - -primary_address: "%{hiera('component')}-%{deployment_label}.%{hiera('primary_domain_name')}" -other_addresses: - - "reference-frontend-preview.%{hiera('parent_domain_name')}" - -# State -parent_common_state_bucket_name: "bsn-aws-parent-account-bsn-parent-default" -parent_common_state_key: "common/deployment-state/default.tfstate" -parent_common_state_bucket_region: "%{hiera('region')}" -parent_common_state_bucket_is_encrypted: "true" - -common_state_bucket_name: "bsn-aws-application-account-bsn-development-potassium" -common_state_key: "common/deployment-state/default.tfstate" -common_state_bucket_region: "%{hiera('region')}" -common_state_bucket_is_encrypted: "true" - -website_state_bucket_name: "%{hiera('storage_bucket_name')}" -website_state_key: "website/deployment-state/default.tfstate" -website_state_bucket_region: "%{hiera('region')}" -website_state_bucket_is_encrypted: "true" diff --git a/config/deployments/bsn-local-default.yaml b/config/deployments/bsn-local-default.yaml deleted file mode 100644 index e11cc20a..00000000 --- a/config/deployments/bsn-local-default.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -# General -environment: "development" diff --git a/config/deployments/bsn-production-vanadium.yaml b/config/deployments/bsn-production-vanadium.yaml deleted file mode 100644 index 2a90f10e..00000000 --- a/config/deployments/bsn-production-vanadium.yaml +++ /dev/null @@ -1,30 +0,0 @@ ---- -# General -environment: "production" # use full asset pipeline for all deployed environments - -parent_role_arn: "%{hiera('bsn_parent_account_admin_role')}" - -content_work_directory: "build/content/%{hiera('deployment_identifier')}" - -parent_domain_name: "bosonprotocol.io" -primary_domain_name: "bsn-production-lutetium.%{hiera('parent_domain_name')}" -certificate_domain_name: "%{hiera('primary_domain_name')}" - -primary_address: "%{hiera('component')}-%{deployment_label}.%{hiera('primary_domain_name')}" -other_addresses: [] - -# State -parent_common_state_bucket_name: "bsn-aws-parent-account-bsn-parent-default" -parent_common_state_key: "common/deployment-state/default.tfstate" -parent_common_state_bucket_region: "%{hiera('region')}" -parent_common_state_bucket_is_encrypted: "true" - -common_state_bucket_name: "bsn-aws-application-account-bsn-production-lutetium" -common_state_key: "common/deployment-state/default.tfstate" -common_state_bucket_region: "%{hiera('region')}" -common_state_bucket_is_encrypted: "true" - -website_state_bucket_name: "%{hiera('storage_bucket_name')}" -website_state_key: "website/deployment-state/default.tfstate" -website_state_bucket_region: "%{hiera('region')}" -website_state_bucket_is_encrypted: "true" diff --git a/config/deployments/local-development.yaml b/config/deployments/local-development.yaml deleted file mode 100644 index 84ce22c7..00000000 --- a/config/deployments/local-development.yaml +++ /dev/null @@ -1,3 +0,0 @@ ---- -app_port: "3002" -react_app_backend_base_url: "" \ No newline at end of file diff --git a/config/deployments/local-testing.yaml b/config/deployments/local-testing.yaml deleted file mode 100644 index ed97d539..00000000 --- a/config/deployments/local-testing.yaml +++ /dev/null @@ -1 +0,0 @@ ---- diff --git a/config/deployments/rdm-management-default.yaml b/config/deployments/rdm-management-default.yaml deleted file mode 100644 index ed97d539..00000000 --- a/config/deployments/rdm-management-default.yaml +++ /dev/null @@ -1 +0,0 @@ ---- diff --git a/config/hiera.yaml b/config/hiera.yaml deleted file mode 100644 index dd80ef61..00000000 --- a/config/hiera.yaml +++ /dev/null @@ -1,16 +0,0 @@ ---- -:backends: - - "overrides" - - "env" - - "yaml" -:logger: "noop" -:yaml: - :datadir: "config" -:hierarchy: - - "roles/%{role}" - - "deployments/%{deployment_type}-%{deployment_label}" - - "pipelines/defaults" - - "ci/%{ci_deployment_type}-%{ci_deployment_label}" - - "secrets/pipeline/%{ci_deployment_type}-%{ci_deployment_label}" - - "secrets/website/%{deployment_type}-%{deployment_label}" - - "defaults" diff --git a/config/pipelines/defaults.yaml b/config/pipelines/defaults.yaml deleted file mode 100644 index fb60f1a2..00000000 --- a/config/pipelines/defaults.yaml +++ /dev/null @@ -1,18 +0,0 @@ ---- -concourse_team: "bosonprotocol" - -ci_provisioning_role_arn: "arn:aws:iam::%{hiera('rdm_management_account_id')}:role/cross-account-admin-role" -ci_deployment_type: "%{ci_deployment_type}" -ci_deployment_label: "%{ci_deployment_label}" - -development_hassium_provisioning_role_arn: "arn:aws:iam::%{hiera('bsn_development_potassium_account_id')}:role/cross-account-admin-role" -development_hassium_deployment_type: "bsn-development" -development_hassium_deployment_label: "hassium" - -demo_copernicium_provisioning_role_arn: "arn:aws:iam::%{hiera('bsn_development_potassium_account_id')}:role/cross-account-admin-role" -demo_copernicium_deployment_type: "bsn-demo" -demo_copernicium_deployment_label: "copernicium" - -production_vanadium_provisioning_role_arn: "arn:aws:iam::%{hiera('bsn_production_lutetium_account_id')}:role/cross-account-admin-role" -production_vanadium_deployment_type: "bsn-production" -production_vanadium_deployment_label: "vanadium" diff --git a/config/roles/bootstrap.yaml b/config/roles/bootstrap.yaml deleted file mode 100644 index 486fea23..00000000 --- a/config/roles/bootstrap.yaml +++ /dev/null @@ -1,9 +0,0 @@ ---- -vars: - region: "%{hiera('region')}" - - deployment_type: "%{deployment_type}" - deployment_label: "%{deployment_label}" - deployment_identifier: "%{hiera('deployment_identifier')}" - - storage_bucket_name: "%{hiera('storage_bucket_name')}" diff --git a/config/roles/builder-pipeline.yaml b/config/roles/builder-pipeline.yaml deleted file mode 100644 index f7cb38c5..00000000 --- a/config/roles/builder-pipeline.yaml +++ /dev/null @@ -1,20 +0,0 @@ ---- -vars: - source_repository_name: "%{hiera('source_repository_name')}" - source_repository_url: "%{hiera('source_repository_url')}" - source_repository_branch: "%{hiera('source_repository_branch')}" - - node_builder_image_repository_url: "%{hiera('node_builder_image_repository_url')}" - - ci_provisioning_role_arn: "%{hiera('ci_provisioning_role_arn')}" - ci_deployment_type: "%{hiera('ci_deployment_type')}" - ci_deployment_label: "%{hiera('ci_deployment_label')}" - - slack_success_channel: "#builds" - slack_success_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> _successful_! :clap:." - slack_error_channel: "#engineering" - slack_error_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *errored*! :cry:." - slack_failure_channel: "#engineering" - slack_failure_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *failed*! :cry:." - slack_abort_channel: "#engineering" - slack_abort_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *aborted*! :warning:." \ No newline at end of file diff --git a/config/roles/demo-pipeline.yaml b/config/roles/demo-pipeline.yaml deleted file mode 100644 index 6ec1c00f..00000000 --- a/config/roles/demo-pipeline.yaml +++ /dev/null @@ -1,27 +0,0 @@ ---- -vars: - source_repository_url: "%{hiera('source_repository_url')}" - source_repository_branch: "%{hiera('source_repository_branch')}" - - node_builder_image_repository_url: "%{hiera('node_builder_image_repository_url')}" - - ci_provisioning_role_arn: "%{hiera('ci_provisioning_role_arn')}" - ci_deployment_type: "%{hiera('ci_deployment_type')}" - ci_deployment_label: "%{hiera('ci_deployment_label')}" - - storage_bucket_name: "%{hiera('ci_storage_bucket_name')}" - storage_bucket_region: "%{hiera('ci_storage_bucket_region')}" - storage_bucket_encryption: "%{hiera('ci_storage_bucket_encryption')}" - - demo_copernicium_provisioning_role_arn: "%{hiera('demo_copernicium_provisioning_role_arn')}" - demo_copernicium_deployment_type: "%{hiera('demo_copernicium_deployment_type')}" - demo_copernicium_deployment_label: "%{hiera('demo_copernicium_deployment_label')}" - - slack_success_channel: "#builds" - slack_success_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> _successful_! :clap:." - slack_error_channel: "#engineering" - slack_error_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *errored*! :cry:." - slack_failure_channel: "#engineering" - slack_failure_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *failed*! :cry:." - slack_abort_channel: "#engineering" - slack_abort_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *aborted*! :warning:." diff --git a/config/roles/develop-pipeline.yaml b/config/roles/develop-pipeline.yaml deleted file mode 100644 index 1741b9d9..00000000 --- a/config/roles/develop-pipeline.yaml +++ /dev/null @@ -1,27 +0,0 @@ ---- -vars: - source_repository_url: "%{hiera('source_repository_url')}" - source_repository_branch: "%{hiera('source_repository_branch')}" - - node_builder_image_repository_url: "%{hiera('node_builder_image_repository_url')}" - - ci_provisioning_role_arn: "%{hiera('ci_provisioning_role_arn')}" - ci_deployment_type: "%{hiera('ci_deployment_type')}" - ci_deployment_label: "%{hiera('ci_deployment_label')}" - - storage_bucket_name: "%{hiera('ci_storage_bucket_name')}" - storage_bucket_region: "%{hiera('ci_storage_bucket_region')}" - storage_bucket_encryption: "%{hiera('ci_storage_bucket_encryption')}" - - development_hassium_provisioning_role_arn: "%{hiera('development_hassium_provisioning_role_arn')}" - development_hassium_deployment_type: "%{hiera('development_hassium_deployment_type')}" - development_hassium_deployment_label: "%{hiera('development_hassium_deployment_label')}" - - slack_success_channel: "#builds" - slack_success_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> _successful_! :clap:." - slack_error_channel: "#engineering" - slack_error_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *errored*! :cry:." - slack_failure_channel: "#engineering" - slack_failure_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *failed*! :cry:." - slack_abort_channel: "#engineering" - slack_abort_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *aborted*! :warning:." diff --git a/config/roles/local-app.yaml b/config/roles/local-app.yaml deleted file mode 100644 index a70ef92a..00000000 --- a/config/roles/local-app.yaml +++ /dev/null @@ -1,4 +0,0 @@ -environment: - PORT: "%{hiera('app_port')}" - - REACT_APP_BACKEND_BASE_URL: "http://localhost:%{hiera('app_port')}" diff --git a/config/roles/pr-pipeline.yaml b/config/roles/pr-pipeline.yaml deleted file mode 100644 index f7cb38c5..00000000 --- a/config/roles/pr-pipeline.yaml +++ /dev/null @@ -1,20 +0,0 @@ ---- -vars: - source_repository_name: "%{hiera('source_repository_name')}" - source_repository_url: "%{hiera('source_repository_url')}" - source_repository_branch: "%{hiera('source_repository_branch')}" - - node_builder_image_repository_url: "%{hiera('node_builder_image_repository_url')}" - - ci_provisioning_role_arn: "%{hiera('ci_provisioning_role_arn')}" - ci_deployment_type: "%{hiera('ci_deployment_type')}" - ci_deployment_label: "%{hiera('ci_deployment_label')}" - - slack_success_channel: "#builds" - slack_success_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> _successful_! :clap:." - slack_error_channel: "#engineering" - slack_error_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *errored*! :cry:." - slack_failure_channel: "#engineering" - slack_failure_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *failed*! :cry:." - slack_abort_channel: "#engineering" - slack_abort_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *aborted*! :warning:." \ No newline at end of file diff --git a/config/roles/tag-pipeline.yaml b/config/roles/tag-pipeline.yaml deleted file mode 100644 index 13e584bb..00000000 --- a/config/roles/tag-pipeline.yaml +++ /dev/null @@ -1,27 +0,0 @@ ---- -vars: - source_repository_url: "%{hiera('source_repository_url')}" - source_repository_branch: "%{hiera('source_repository_branch')}" - - node_builder_image_repository_url: "%{hiera('node_builder_image_repository_url')}" - - ci_provisioning_role_arn: "%{hiera('ci_provisioning_role_arn')}" - ci_deployment_type: "%{hiera('ci_deployment_type')}" - ci_deployment_label: "%{hiera('ci_deployment_label')}" - - storage_bucket_name: "%{hiera('ci_storage_bucket_name')}" - storage_bucket_region: "%{hiera('ci_storage_bucket_region')}" - storage_bucket_encryption: "%{hiera('ci_storage_bucket_encryption')}" - - production_vanadium_provisioning_role_arn: "%{hiera('production_vanadium_provisioning_role_arn')}" - production_vanadium_deployment_type: "%{hiera('production_vanadium_deployment_type')}" - production_vanadium_deployment_label: "%{hiera('production_vanadium_deployment_label')}" - - slack_success_channel: "#builds" - slack_success_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> _successful_! :clap:." - slack_error_channel: "#engineering" - slack_error_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *errored*! :cry:." - slack_failure_channel: "#engineering" - slack_failure_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *failed*! :cry:." - slack_abort_channel: "#engineering" - slack_abort_message: "<%{hiera('concourse_url')}/builds/$BUILD_ID|$BUILD_TEAM_NAME:$BUILD_PIPELINE_NAME:$BUILD_JOB_NAME [$BUILD_NAME]> *aborted*! :warning:." diff --git a/config/roles/website.yaml b/config/roles/website.yaml deleted file mode 100644 index 6e8aa9c0..00000000 --- a/config/roles/website.yaml +++ /dev/null @@ -1,33 +0,0 @@ ---- -vars: - region: "%{hiera('region')}" - - deployment_identifier: "%{hiera('deployment_identifier')}" - - bucket_name: "%{hiera('website_bucket_name')}" - bucket_secret: "%{hiera('website_bucket_secret')}" - - parent_role_arn: "%{hiera('parent_role_arn')}" - - parent_domain_name: "%{hiera('parent_domain_name')}" - primary_domain_name: "%{hiera('primary_domain_name')}" - certificate_domain_name: "%{hiera('certificate_domain_name')}" - - primary_address: "%{hiera('primary_address')}" - other_addresses: "%{hiera('other_addresses')}" - - common_state_bucket_name: "%{hiera('common_state_bucket_name')}" - common_state_key: "%{hiera('common_state_key')}" - common_state_bucket_region: "%{hiera('common_state_bucket_region')}" - common_state_bucket_is_encrypted: "%{hiera('common_state_bucket_is_encrypted')}" - - parent_common_state_bucket_name: "%{hiera('parent_common_state_bucket_name')}" - parent_common_state_key: "%{hiera('parent_common_state_key')}" - parent_common_state_bucket_region: "%{hiera('parent_common_state_bucket_region')}" - parent_common_state_bucket_is_encrypted: "%{hiera('parent_common_state_bucket_is_encrypted')}" - -backend_config: - bucket: "%{hiera('website_state_bucket_name')}" - key: "%{hiera('website_state_key')}" - region: "%{hiera('website_state_bucket_region')}" - encrypt: "%{hiera('website_state_bucket_is_encrypted')}" diff --git a/config/secrets/.unlocked b/config/secrets/.unlocked deleted file mode 100644 index ca7ddb8d..00000000 Binary files a/config/secrets/.unlocked and /dev/null differ diff --git a/config/secrets/pipeline/constants.yaml b/config/secrets/pipeline/constants.yaml deleted file mode 100644 index 8569e6cc..00000000 Binary files a/config/secrets/pipeline/constants.yaml and /dev/null differ diff --git a/config/secrets/pipeline/rdm-management-default.yaml b/config/secrets/pipeline/rdm-management-default.yaml deleted file mode 100644 index 79d4dfbc..00000000 Binary files a/config/secrets/pipeline/rdm-management-default.yaml and /dev/null differ diff --git a/config/secrets/website/bsn-demo-copernicium.yaml b/config/secrets/website/bsn-demo-copernicium.yaml deleted file mode 100644 index 972e9976..00000000 Binary files a/config/secrets/website/bsn-demo-copernicium.yaml and /dev/null differ diff --git a/config/secrets/website/bsn-development-hassium.yaml b/config/secrets/website/bsn-development-hassium.yaml deleted file mode 100644 index b5d5c2cc..00000000 Binary files a/config/secrets/website/bsn-development-hassium.yaml and /dev/null differ diff --git a/config/secrets/website/bsn-production-vanadium.yaml b/config/secrets/website/bsn-production-vanadium.yaml deleted file mode 100644 index 15663be9..00000000 Binary files a/config/secrets/website/bsn-production-vanadium.yaml and /dev/null differ diff --git a/go b/go deleted file mode 100755 index 11934444..00000000 --- a/go +++ /dev/null @@ -1,82 +0,0 @@ -#!/usr/bin/env bash - -[ -n "$GO_DEBUG" ] && set -x -set -e - -project_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" - -verbose="no" -offline="no" -skip_checks="no" - -missing_dependency="no" - -[ -n "$GO_DEBUG" ] && verbose="yes" -[ -n "$GO_SKIP_CHECKS" ] && skip_checks="yes" -[ -n "$GO_OFFLINE" ] && offline="yes" - -function loose_version() { - local version="$1" - - IFS="." read -r -a version_parts <<<"$version" - - echo "${version_parts[0]}.${version_parts[1]}" -} - -ruby_full_version="$(cat "$project_dir"/.ruby-version)" -ruby_loose_version="$(loose_version "$ruby_full_version")" -node_full_version="$(cat "$project_dir"/.nvmrc)" -node_loose_version="$(loose_version "$node_full_version")" - -if [[ "$skip_checks" == "no" ]]; then - echo "Checking for system dependencies." - if ! type ruby >/dev/null 2>&1 || ! ruby -v | grep -q "$ruby_loose_version"; then - echo "This codebase requires Ruby $ruby_loose_version." - missing_dependency="yes" - fi - - if ! type bundler >/dev/null 2>&1; then - echo "This codebase requires Bundler." - missing_dependency="yes" - fi - - if ! type node >/dev/null 2>&1 || ! node --version | grep -q "$node_loose_version"; then - echo "This codebase requires Node $node_loose_version" - missing_dependency="yes" - fi - - if ! type npm >/dev/null 2>&1; then - echo "This codebase requires NPM." - missing_dependency="yes" - fi - - if [[ "$missing_dependency" == "yes" ]]; then - echo "Please install missing dependencies to continue." - exit 1 - fi - - echo "All system dependencies present. Continuing." -fi - -if [[ "$offline" == "no" ]]; then - echo "Installing bundler." - if [[ "$verbose" == "yes" ]]; then - gem install --no-document bundler - else - gem install --no-document bundler >/dev/null - fi - - echo "Installing ruby dependencies." - if [[ "$verbose" == "yes" ]]; then - bundle install - else - bundle install >/dev/null - fi -fi - -echo "Starting rake." -if [[ "$verbose" == "yes" ]]; then - time bundle exec rake --verbose "$@" -else - time bundle exec rake "$@" -fi diff --git a/lib/s3_website.rb b/lib/s3_website.rb deleted file mode 100644 index 9ac489fe..00000000 --- a/lib/s3_website.rb +++ /dev/null @@ -1,165 +0,0 @@ -require 'pathname' -require 'forwardable' -require 'mime/types' -require 'digest/md5' -require 'pp' - -class S3Website - class Item - attr_reader :key, :hash, :mime_type, :max_age - - def initialize(key, hash, mime_type, max_age) - @key = key - @hash = hash - @mime_type = mime_type - @max_age = max_age - end - - def ==(o) - o.key == self.key && - o.hash == self.hash && - o.mime_type == self.mime_type && - o.max_age == self.max_age - end - end - - class ItemSet - include Enumerable - extend Forwardable - - attr_reader :items - - def_delegators :@items, :each, :<< - - def initialize(items) - @items = items - end - - def missing(other) - self_keys = Set.new(self.items.collect(&:key)) - other_keys = Set.new(other.items.collect(&:key)) - - difference = self_keys.difference(other_keys) - - ItemSet.new(self.items.select {|i| difference.include?(i.key)}) - end - - def different(other) - self_keys = Set.new(self.items.collect(&:key)) - other_keys = Set.new(other.items.collect(&:key)) - - intersection = self_keys.intersection(other_keys) - modified = intersection.reject do |key| - self_item = self.items.find {|i| i.key == key} - other_item = other.items.find {|i| i.key == key} - - self_item == other_item - end - - ItemSet.new(self.items.select {|i| modified.include?(i.key)}) - end - end - - class DirectorySource - def initialize(path) - @source = Pathname.new(path) - end - - def traverse(&block) - @source.find - .select {|e| e.file?} - .collect {|e| block.call(e.to_s)} - end - end - - class BucketDestination - def initialize(bucket, region) - @destination = Aws::S3::Resource.new(region: region).bucket(bucket) - end - - def traverse(&block) - @destination.objects - .collect {|o| block.call(o)} - end - end - - def initialize(configuration) - @configuration = configuration - @s3 = Aws::S3::Resource.new(region: configuration[:region]) - end - - def publish_from(directory) - source_item_set = directory_item_set_for(directory) - destination_item_set = bucket_item_set_for( - @configuration[:bucket], - @configuration[:region]) - - added = source_item_set.missing(destination_item_set) - modified = source_item_set.different(destination_item_set) - removed = destination_item_set.missing(source_item_set) - - bucket = @s3.bucket(@configuration[:bucket]) - added.each do |entry| - bucket.put_object( - key: entry.key, - body: File.read(File.join(directory, entry.key)), - content_type: entry.mime_type, - cache_control: "max-age=#{entry.max_age}") - end - modified.each do |entry| - bucket.put_object( - key: entry.key, - body: File.read(File.join(directory, entry.key)), - content_type: entry.mime_type, - cache_control: "max-age=#{entry.max_age}") - # invalidate - end - removed.each do |entry| - bucket.delete_objects( - delete: { - objects: [{key: entry.key}] - }) - # invalidate - end - end - - private - - def directory_item_set_for(directory) - items = DirectorySource.new(directory) - .traverse do |f| - Item.new( - Pathname.new(f).relative_path_from(Pathname.new(directory)).to_s, - md5_hash_for(f), - mime_type_for(f), - max_age_for(f)) - end - - ItemSet.new(items) - end - - def bucket_item_set_for(bucket, region) - items = BucketDestination.new(bucket, region) - .traverse do |o| - Item.new( - o.key, - o.etag.gsub('"', ''), - o.get.content_type, - o.get.cache_control && o.get.cache_control.gsub('max-age=', '').to_i) - end - - ItemSet.new(items) - end - - def md5_hash_for(f) - Digest::MD5.file(f).to_s - end - - def mime_type_for(f) - MIME::Types.type_for(f).first.simplified - end - - def max_age_for(f) - @configuration[:max_ages][mime_type_for(f)] - end -end diff --git a/pipelines/builder/handle-pr-event/task.sh b/pipelines/builder/handle-pr-event/task.sh deleted file mode 100755 index 6e561a3f..00000000 --- a/pipelines/builder/handle-pr-event/task.sh +++ /dev/null @@ -1,15 +0,0 @@ -#!/usr/bin/env bash - -[ -n "$TRACE" ] && set -x -set -e -set -o pipefail - -SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" -PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )" - -cd "$PROJECT_DIR" - -echo "$GPG_KEY" | gpg --import - -git crypt unlock - -./go "ci:pipeline:pr:handle[${CI_DEPLOYMENT_TYPE},${CI_DEPLOYMENT_LABEL}]" diff --git a/pipelines/builder/handle-pr-event/task.yaml b/pipelines/builder/handle-pr-event/task.yaml deleted file mode 100644 index 405879ee..00000000 --- a/pipelines/builder/handle-pr-event/task.yaml +++ /dev/null @@ -1,8 +0,0 @@ ---- -platform: linux - -inputs: - - name: source -run: - dir: /source - path: ./pipelines/builder/handle-pr-event/task.sh diff --git a/pipelines/builder/pipeline.yaml b/pipelines/builder/pipeline.yaml deleted file mode 100644 index 99fca14a..00000000 --- a/pipelines/builder/pipeline.yaml +++ /dev/null @@ -1,39 +0,0 @@ -resource_types: - - name: pull-request - type: docker-image - source: - repository: teliaoss/github-pr-resource - -resources: - - name: source - type: pull-request - check_every: 1h - webhook_token: ((webhook_token)) - source: - repository: ((source_repository_name)) - access_token: ((github_access_token)) - states: - - OPEN - - MERGED - - CLOSED - - - name: node-builder-image - type: docker-image - source: - repository: ((node_builder_image_repository_url)) - -jobs: - - name: handle-pr-event - plan: - - in_parallel: - - get: source - trigger: true - version: every - - get: node-builder-image - - task: handle-pr-event - image: node-builder-image - file: source/pipelines/builder/handle-pr-event/task.yaml - params: - GPG_KEY: ((gpg_key)) - CI_DEPLOYMENT_TYPE: ((ci_deployment_type)) - CI_DEPLOYMENT_LABEL: ((ci_deployment_label)) diff --git a/pipelines/demo/pipeline.yaml b/pipelines/demo/pipeline.yaml deleted file mode 100644 index 931e4205..00000000 --- a/pipelines/demo/pipeline.yaml +++ /dev/null @@ -1,148 +0,0 @@ -resource_types: - - name: slack-notification - type: docker-image - source: - repository: cfcommunity/slack-notification-resource - tag: latest - -resources: - - name: source - type: git - source: - uri: ((source_repository_url)) - branch: demo - private_key: ((git_ssh_key)) - - - name: updated-source - type: git - source: - uri: ((source_repository_url)) - branch: demo - private_key: ((git_ssh_key)) - - - name: node-builder-image - type: docker-image - source: - repository: ((node_builder_image_repository_url)) - aws_access_key_id: ((aws_access_key_id)) - aws_secret_access_key: ((aws_secret_access_key)) - - - name: notify-success - type: slack-notification - source: - url: ((slack_builds_webhook_url)) - - - name: notify-failure - type: slack-notification - source: - url: ((slack_engineering_webhook_url)) - -groups: - - name: demo-copernicium - jobs: - - build - - test - - provision-demo-copernicium-website - - provision-demo-copernicium-content - -jobs: - - name: build - serial: true - plan: - - in_parallel: - - get: source - trigger: true - - get: node-builder-image - - task: build - image: node-builder-image - file: source/pipelines/shared/build/task.yaml - - on_success: &on_success - put: notify-success - params: - text: ((slack_success_message)) - channel: ((slack_success_channel)) - - on_failure: &on_failure - put: notify-failure - params: - text: ((slack_failure_message)) - channel: ((slack_failure_channel)) - - on_error: &on_error - put: notify-failure - params: - text: ((slack_error_message)) - channel: ((slack_error_channel)) - - on_abort: &on_abort - put: notify-failure - params: - text: ((slack_abort_message)) - channel: ((slack_abort_channel)) - - - name: test - plan: - - in_parallel: - - get: source - trigger: true - passed: - - build - - get: updated-source - - get: node-builder-image - - task: test - image: node-builder-image - file: source/pipelines/shared/coverage/task.yaml - - put: updated-source - params: - repository: source - - on_success: *on_success - on_failure: *on_failure - on_error: *on_error - on_abort: *on_abort - - - name: provision-demo-copernicium-website - serial: true - plan: - - in_parallel: - - get: source - trigger: true - passed: - - test - - get: node-builder-image - - task: provision-website - image: node-builder-image - file: source/pipelines/demo/provision-website/task.yaml - params: - GPG_KEY: ((gpg_key)) - PROVISIONING_ROLE_ARN: ((demo_copernicium_provisioning_role_arn)) - DEPLOYMENT_TYPE: ((demo_copernicium_deployment_type)) - DEPLOYMENT_LABEL: ((demo_copernicium_deployment_label)) - - on_success: *on_success - on_failure: *on_failure - on_error: *on_error - on_abort: *on_abort - - - name: provision-demo-copernicium-content - plan: - - in_parallel: - - get: source - trigger: true - passed: - - provision-demo-copernicium-website - - get: node-builder-image - - task: provision-content - image: node-builder-image - file: source/pipelines/demo/provision-content/task.yaml - params: - GPG_KEY: ((gpg_key)) - PROVISIONING_ROLE_ARN: ((demo_copernicium_provisioning_role_arn)) - DEPLOYMENT_TYPE: ((demo_copernicium_deployment_type)) - DEPLOYMENT_LABEL: ((demo_copernicium_deployment_label)) - - on_success: *on_success - on_failure: *on_failure - on_error: *on_error - on_abort: *on_abort diff --git a/pipelines/demo/provision-content/task.sh b/pipelines/demo/provision-content/task.sh deleted file mode 100755 index 153908f3..00000000 --- a/pipelines/demo/provision-content/task.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/usr/bin/env bash - -[ -n "$TRACE" ] && set -x -set -e -set -o pipefail - -SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" -PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )" - -cd "$PROJECT_DIR" - -echo "$GPG_KEY" | gpg --import - -git crypt unlock - -mkdir build -aws sts assume-role \ - --role-arn "${PROVISIONING_ROLE_ARN}" \ - --role-session-name CI \ - > build/session - -export AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)" -export AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)" -export AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)" - -./go "app:deploy[${DEPLOYMENT_TYPE},${DEPLOYMENT_LABEL}]" diff --git a/pipelines/demo/provision-content/task.yaml b/pipelines/demo/provision-content/task.yaml deleted file mode 100644 index bb823fcd..00000000 --- a/pipelines/demo/provision-content/task.yaml +++ /dev/null @@ -1,9 +0,0 @@ ---- -platform: linux - -inputs: - - name: source - -run: - dir: /source - path: ./pipelines/demo/provision-content/task.sh diff --git a/pipelines/demo/provision-website/task.sh b/pipelines/demo/provision-website/task.sh deleted file mode 100755 index f602f418..00000000 --- a/pipelines/demo/provision-website/task.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/usr/bin/env bash - -[ -n "$TRACE" ] && set -x -set -e -set -o pipefail - -SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" -PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )" - -cd "$PROJECT_DIR" - -echo "$GPG_KEY" | gpg --import - -git crypt unlock - -mkdir build -aws sts assume-role \ - --role-arn "${PROVISIONING_ROLE_ARN}" \ - --role-session-name CI \ - > build/session - -export AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)" -export AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)" -export AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)" - -./go "website:provision[${DEPLOYMENT_TYPE},${DEPLOYMENT_LABEL}]" diff --git a/pipelines/demo/provision-website/task.yaml b/pipelines/demo/provision-website/task.yaml deleted file mode 100644 index f1e6a0e7..00000000 --- a/pipelines/demo/provision-website/task.yaml +++ /dev/null @@ -1,9 +0,0 @@ ---- -platform: linux - -inputs: - - name: source - -run: - dir: /source - path: ./pipelines/demo/provision-website/task.sh diff --git a/pipelines/develop/pipeline.yaml b/pipelines/develop/pipeline.yaml deleted file mode 100644 index 2a76035e..00000000 --- a/pipelines/develop/pipeline.yaml +++ /dev/null @@ -1,148 +0,0 @@ -resource_types: - - name: slack-notification - type: docker-image - source: - repository: cfcommunity/slack-notification-resource - tag: latest - -resources: - - name: source - type: git - source: - uri: ((source_repository_url)) - branch: ((source_repository_branch)) - private_key: ((git_ssh_key)) - - - name: updated-source - type: git - source: - uri: ((source_repository_url)) - branch: ((source_repository_branch)) - private_key: ((git_ssh_key)) - - - name: node-builder-image - type: docker-image - source: - repository: ((node_builder_image_repository_url)) - aws_access_key_id: ((aws_access_key_id)) - aws_secret_access_key: ((aws_secret_access_key)) - - - name: notify-success - type: slack-notification - source: - url: ((slack_builds_webhook_url)) - - - name: notify-failure - type: slack-notification - source: - url: ((slack_engineering_webhook_url)) - -groups: - - name: development-hassium - jobs: - - build - - test - - provision-development-hassium-website - - provision-development-hassium-content - -jobs: - - name: build - serial: true - plan: - - in_parallel: - - get: source - trigger: true - - get: node-builder-image - - task: build - image: node-builder-image - file: source/pipelines/shared/build/task.yaml - - on_success: &on_success - put: notify-success - params: - text: ((slack_success_message)) - channel: ((slack_success_channel)) - - on_failure: &on_failure - put: notify-failure - params: - text: ((slack_failure_message)) - channel: ((slack_failure_channel)) - - on_error: &on_error - put: notify-failure - params: - text: ((slack_error_message)) - channel: ((slack_error_channel)) - - on_abort: &on_abort - put: notify-failure - params: - text: ((slack_abort_message)) - channel: ((slack_abort_channel)) - - - name: test - plan: - - in_parallel: - - get: source - trigger: true - passed: - - build - - get: updated-source - - get: node-builder-image - - task: test - image: node-builder-image - file: source/pipelines/shared/coverage/task.yaml - - put: updated-source - params: - repository: source - - on_success: *on_success - on_failure: *on_failure - on_error: *on_error - on_abort: *on_abort - - - name: provision-development-hassium-website - serial: true - plan: - - in_parallel: - - get: source - trigger: true - passed: - - test - - get: node-builder-image - - task: provision-website - image: node-builder-image - file: source/pipelines/develop/provision-website/task.yaml - params: - GPG_KEY: ((gpg_key)) - PROVISIONING_ROLE_ARN: ((development_hassium_provisioning_role_arn)) - DEPLOYMENT_TYPE: ((development_hassium_deployment_type)) - DEPLOYMENT_LABEL: ((development_hassium_deployment_label)) - - on_success: *on_success - on_failure: *on_failure - on_error: *on_error - on_abort: *on_abort - - - name: provision-development-hassium-content - plan: - - in_parallel: - - get: source - trigger: true - passed: - - provision-development-hassium-website - - get: node-builder-image - - task: provision-content - image: node-builder-image - file: source/pipelines/develop/provision-content/task.yaml - params: - GPG_KEY: ((gpg_key)) - PROVISIONING_ROLE_ARN: ((development_hassium_provisioning_role_arn)) - DEPLOYMENT_TYPE: ((development_hassium_deployment_type)) - DEPLOYMENT_LABEL: ((development_hassium_deployment_label)) - - on_success: *on_success - on_failure: *on_failure - on_error: *on_error - on_abort: *on_abort diff --git a/pipelines/develop/provision-content/task.sh b/pipelines/develop/provision-content/task.sh deleted file mode 100755 index 153908f3..00000000 --- a/pipelines/develop/provision-content/task.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/usr/bin/env bash - -[ -n "$TRACE" ] && set -x -set -e -set -o pipefail - -SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" -PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )" - -cd "$PROJECT_DIR" - -echo "$GPG_KEY" | gpg --import - -git crypt unlock - -mkdir build -aws sts assume-role \ - --role-arn "${PROVISIONING_ROLE_ARN}" \ - --role-session-name CI \ - > build/session - -export AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)" -export AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)" -export AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)" - -./go "app:deploy[${DEPLOYMENT_TYPE},${DEPLOYMENT_LABEL}]" diff --git a/pipelines/develop/provision-content/task.yaml b/pipelines/develop/provision-content/task.yaml deleted file mode 100644 index 714834e8..00000000 --- a/pipelines/develop/provision-content/task.yaml +++ /dev/null @@ -1,9 +0,0 @@ ---- -platform: linux - -inputs: - - name: source - -run: - dir: /source - path: ./pipelines/develop/provision-content/task.sh diff --git a/pipelines/develop/provision-website/task.sh b/pipelines/develop/provision-website/task.sh deleted file mode 100755 index f602f418..00000000 --- a/pipelines/develop/provision-website/task.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/usr/bin/env bash - -[ -n "$TRACE" ] && set -x -set -e -set -o pipefail - -SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" -PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )" - -cd "$PROJECT_DIR" - -echo "$GPG_KEY" | gpg --import - -git crypt unlock - -mkdir build -aws sts assume-role \ - --role-arn "${PROVISIONING_ROLE_ARN}" \ - --role-session-name CI \ - > build/session - -export AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)" -export AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)" -export AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)" - -./go "website:provision[${DEPLOYMENT_TYPE},${DEPLOYMENT_LABEL}]" diff --git a/pipelines/develop/provision-website/task.yaml b/pipelines/develop/provision-website/task.yaml deleted file mode 100644 index d5a1c0f1..00000000 --- a/pipelines/develop/provision-website/task.yaml +++ /dev/null @@ -1,9 +0,0 @@ ---- -platform: linux - -inputs: - - name: source - -run: - dir: /source - path: ./pipelines/develop/provision-website/task.sh diff --git a/pipelines/pr/pipeline.yaml b/pipelines/pr/pipeline.yaml deleted file mode 100644 index 693de5d2..00000000 --- a/pipelines/pr/pipeline.yaml +++ /dev/null @@ -1,167 +0,0 @@ -resource_types: - - name: slack-notification - type: docker-image - source: - repository: cfcommunity/slack-notification-resource - tag: latest - - - name: github-status - type: docker-image - source: - repository: resource/github-status - -resources: - - name: source - type: git - source: - uri: ((source_repository_url)) - branch: ((source_repository_branch)) - private_key: ((git_ssh_key)) - - - name: status - type: github-status - source: - repo: ((source_repository_name)) - access_token: ((github_access_token)) - - - name: node-builder-image - type: docker-image - source: - repository: ((node_builder_image_repository_url)) - - - name: notify-success - type: slack-notification - source: - url: ((slack_builds_webhook_url)) - - - name: notify-failure - type: slack-notification - source: - url: ((slack_engineering_webhook_url)) - -jobs: - - name: build - serial: true - plan: - - in_parallel: - - get: source - trigger: true - - get: node-builder-image - - put: status - params: - path: source - state: pending - context: "CI Pipeline" - description: "Running build..." - - task: build - image: node-builder-image - file: source/pipelines/shared/build/task.yaml - - on_success: - put: notify-success - params: - text: ((slack_success_message)) - channel: ((slack_success_channel)) - - on_failure: - do: - - put: status - params: - path: source - state: failure - context: "CI Pipeline" - description: "Build failed." - - put: notify-failure - params: - text: ((slack_failure_message)) - channel: ((slack_failure_channel)) - - on_error: - do: - - put: status - params: - path: source - state: failure - context: "CI Pipeline" - description: "Build errored." - - put: notify-failure - params: - text: ((slack_error_message)) - channel: ((slack_error_channel)) - - on_abort: - do: - - put: status - params: - path: source - state: failure - context: "CI Pipeline" - description: "Build aborted." - - put: notify-failure - params: - text: ((slack_abort_message)) - channel: ((slack_abort_channel)) - - - name: test - plan: - - in_parallel: - - get: source - trigger: true - passed: - - build - - get: node-builder-image - - task: test - image: node-builder-image - file: source/pipelines/shared/test/task.yaml - - on_success: - do: - - put: status - params: - path: source - state: success - context: "CI Pipeline" - description: "Pipeline succeeded." - - put: notify-success - params: - text: ((slack_success_message)) - channel: ((slack_success_channel)) - - on_failure: - do: - - put: status - params: - path: source - state: failure - context: "CI Pipeline" - description: "Test failed." - - put: notify-failure - params: - text: ((slack_failure_message)) - channel: ((slack_failure_channel)) - - on_error: - do: - - put: status - params: - path: source - state: failure - context: "CI Pipeline" - description: "Test errored." - - put: notify-failure - params: - text: ((slack_error_message)) - channel: ((slack_error_channel)) - - on_abort: - do: - - put: status - params: - path: source - state: failure - context: "CI Pipeline" - description: "Test aborted." - - put: notify-failure - params: - text: ((slack_abort_message)) - channel: ((slack_abort_channel)) diff --git a/pipelines/shared/build/task.sh b/pipelines/shared/build/task.sh deleted file mode 100755 index 31589dde..00000000 --- a/pipelines/shared/build/task.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/usr/bin/env bash - -[ -n "$TRACE" ] && set -x -set -e -set -o pipefail - -SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" -PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )" - -cd "$PROJECT_DIR" - -./go build diff --git a/pipelines/shared/build/task.yaml b/pipelines/shared/build/task.yaml deleted file mode 100644 index fc3f0096..00000000 --- a/pipelines/shared/build/task.yaml +++ /dev/null @@ -1,9 +0,0 @@ ---- -platform: linux - -inputs: - - name: source - -run: - dir: /source - path: ./pipelines/shared/build/task.sh diff --git a/pipelines/shared/coverage/task.sh b/pipelines/shared/coverage/task.sh deleted file mode 100755 index 75ea2785..00000000 --- a/pipelines/shared/coverage/task.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/usr/bin/env bash - -[ -n "$TRACE" ] && set -x -set -e -set -o pipefail - -SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" -PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )" - -cd "$PROJECT_DIR" - -export INCLUDE_COVERAGE="true" - -./go "test" -./go "tests:coverage:badge" - -git config --global user.email "ci@redeemeum.com" -git config --global user.name "Redeemeum CI" -git add . -git diff --staged --quiet || git commit -m "Update coverage badge [ci skip]" diff --git a/pipelines/shared/coverage/task.yaml b/pipelines/shared/coverage/task.yaml deleted file mode 100644 index 984bfab8..00000000 --- a/pipelines/shared/coverage/task.yaml +++ /dev/null @@ -1,12 +0,0 @@ ---- -platform: linux - -inputs: - - name: source - -outputs: - - name: source - -run: - dir: /source - path: ./pipelines/shared/coverage/task.sh diff --git a/pipelines/shared/test/task.sh b/pipelines/shared/test/task.sh deleted file mode 100755 index c64c5a1e..00000000 --- a/pipelines/shared/test/task.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/usr/bin/env bash - -[ -n "$TRACE" ] && set -x -set -e -set -o pipefail - -SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" -PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )" - -cd "$PROJECT_DIR" - -./go test diff --git a/pipelines/shared/test/task.yaml b/pipelines/shared/test/task.yaml deleted file mode 100644 index 10068508..00000000 --- a/pipelines/shared/test/task.yaml +++ /dev/null @@ -1,9 +0,0 @@ ---- -platform: linux - -inputs: - - name: source - -run: - dir: /source - path: ./pipelines/shared/test/task.sh diff --git a/pipelines/tag/pipeline.yaml b/pipelines/tag/pipeline.yaml deleted file mode 100644 index 0f0968f3..00000000 --- a/pipelines/tag/pipeline.yaml +++ /dev/null @@ -1,142 +0,0 @@ -resource_types: - - name: slack-notification - type: docker-image - source: - repository: cfcommunity/slack-notification-resource - tag: latest - - - name: git-tag - type: docker-image - source: - repository: sarquella/concourse-git-tag-resource - -resources: - - name: source - type: git-tag - source: - uri: ((source_repository_url)) - tag_filter: v* - private_key: ((git_ssh_key)) - - - name: node-builder-image - type: docker-image - source: - repository: ((node_builder_image_repository_url)) - aws_access_key_id: ((aws_access_key_id)) - aws_secret_access_key: ((aws_secret_access_key)) - - - name: notify-success - type: slack-notification - source: - url: ((slack_builds_webhook_url)) - - - name: notify-failure - type: slack-notification - source: - url: ((slack_engineering_webhook_url)) - -groups: - - name: production-vanadium - jobs: - - build - - test - - provision-production-vanadium-website - - provision-production-vanadium-content - -jobs: - - name: build - serial: true - plan: - - in_parallel: - - get: source - trigger: true - - get: node-builder-image - - task: build - image: node-builder-image - file: source/pipelines/shared/build/task.yaml - - on_success: &on_success - put: notify-success - params: - text: ((slack_success_message)) - channel: ((slack_success_channel)) - - on_failure: &on_failure - put: notify-failure - params: - text: ((slack_failure_message)) - channel: ((slack_failure_channel)) - - on_error: &on_error - put: notify-failure - params: - text: ((slack_error_message)) - channel: ((slack_error_channel)) - - on_abort: &on_abort - put: notify-failure - params: - text: ((slack_abort_message)) - channel: ((slack_abort_channel)) - - - name: test - plan: - - in_parallel: - - get: source - trigger: true - passed: - - build - - get: node-builder-image - - task: test - image: node-builder-image - file: source/pipelines/shared/coverage/task.yaml - - on_success: *on_success - on_failure: *on_failure - on_error: *on_error - on_abort: *on_abort - - - name: provision-production-vanadium-website - serial: true - plan: - - in_parallel: - - get: source - trigger: true - passed: - - test - - get: node-builder-image - - task: provision-website - image: node-builder-image - file: source/pipelines/tag/provision-website/task.yaml - params: - GPG_KEY: ((gpg_key)) - PROVISIONING_ROLE_ARN: ((production_vanadium_provisioning_role_arn)) - DEPLOYMENT_TYPE: ((production_vanadium_deployment_type)) - DEPLOYMENT_LABEL: ((production_vanadium_deployment_label)) - - on_success: *on_success - on_failure: *on_failure - on_error: *on_error - on_abort: *on_abort - - - name: provision-production-vanadium-content - plan: - - in_parallel: - - get: source - trigger: true - passed: - - provision-production-vanadium-website - - get: node-builder-image - - task: provision-content - image: node-builder-image - file: source/pipelines/tag/provision-content/task.yaml - params: - GPG_KEY: ((gpg_key)) - PROVISIONING_ROLE_ARN: ((production_vanadium_provisioning_role_arn)) - DEPLOYMENT_TYPE: ((production_vanadium_deployment_type)) - DEPLOYMENT_LABEL: ((production_vanadium_deployment_label)) - - on_success: *on_success - on_failure: *on_failure - on_error: *on_error - on_abort: *on_abort diff --git a/pipelines/tag/provision-content/task.sh b/pipelines/tag/provision-content/task.sh deleted file mode 100755 index 153908f3..00000000 --- a/pipelines/tag/provision-content/task.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/usr/bin/env bash - -[ -n "$TRACE" ] && set -x -set -e -set -o pipefail - -SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" -PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )" - -cd "$PROJECT_DIR" - -echo "$GPG_KEY" | gpg --import - -git crypt unlock - -mkdir build -aws sts assume-role \ - --role-arn "${PROVISIONING_ROLE_ARN}" \ - --role-session-name CI \ - > build/session - -export AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)" -export AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)" -export AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)" - -./go "app:deploy[${DEPLOYMENT_TYPE},${DEPLOYMENT_LABEL}]" diff --git a/pipelines/tag/provision-content/task.yaml b/pipelines/tag/provision-content/task.yaml deleted file mode 100644 index c9d6fa01..00000000 --- a/pipelines/tag/provision-content/task.yaml +++ /dev/null @@ -1,9 +0,0 @@ ---- -platform: linux - -inputs: - - name: source - -run: - dir: /source - path: ./pipelines/tag/provision-content/task.sh diff --git a/pipelines/tag/provision-website/task.sh b/pipelines/tag/provision-website/task.sh deleted file mode 100755 index f602f418..00000000 --- a/pipelines/tag/provision-website/task.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/usr/bin/env bash - -[ -n "$TRACE" ] && set -x -set -e -set -o pipefail - -SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" -PROJECT_DIR="$( cd "$SCRIPT_DIR/../../.." && pwd )" - -cd "$PROJECT_DIR" - -echo "$GPG_KEY" | gpg --import - -git crypt unlock - -mkdir build -aws sts assume-role \ - --role-arn "${PROVISIONING_ROLE_ARN}" \ - --role-session-name CI \ - > build/session - -export AWS_ACCESS_KEY_ID="$(jq -M -r .Credentials.AccessKeyId build/session)" -export AWS_SECRET_ACCESS_KEY="$(jq -M -r .Credentials.SecretAccessKey build/session)" -export AWS_SESSION_TOKEN="$(jq -M -r .Credentials.SessionToken build/session)" - -./go "website:provision[${DEPLOYMENT_TYPE},${DEPLOYMENT_LABEL}]" diff --git a/pipelines/tag/provision-website/task.yaml b/pipelines/tag/provision-website/task.yaml deleted file mode 100644 index a80c8e7f..00000000 --- a/pipelines/tag/provision-website/task.yaml +++ /dev/null @@ -1,9 +0,0 @@ ---- -platform: linux - -inputs: - - name: source - -run: - dir: /source - path: ./pipelines/tag/provision-website/task.sh diff --git a/state/bootstrap/bsn-demo-copernicium.tfstate b/state/bootstrap/bsn-demo-copernicium.tfstate deleted file mode 100644 index 323cf140..00000000 --- a/state/bootstrap/bsn-demo-copernicium.tfstate +++ /dev/null @@ -1,186 +0,0 @@ -{ - "version": 4, - "terraform_version": "0.15.4", - "serial": 3, - "lineage": "7b841f34-8540-d1c9-0def-bea3471a6195", - "outputs": { - "storage_bucket_name": { - "value": "bsn-reference-frontend-bsn-demo-copernicium-storage", - "type": "string" - } - }, - "resources": [ - { - "module": "module.storage_bucket", - "mode": "data", - "type": "aws_iam_policy_document", - "name": "encrypted_bucket_policy_document", - "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", - "instances": [ - { - "schema_version": 0, - "attributes": { - "id": "504972537", - "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"DenyUnEncryptedObjectUploads\",\n \"Effect\": \"Deny\",\n \"Action\": [\n \"s3:PutObject\"\n ],\n \"Resource\": [\n \"arn:aws:s3:::bsn-reference-frontend-bsn-demo-copernicium-storage/*\"\n ],\n \"Principal\": \"*\",\n \"Condition\": {\n \"StringNotEquals\": {\n \"s3:x-amz-server-side-encryption\": [\n \"AES256\"\n ]\n }\n }\n },\n {\n \"Sid\": \"DenyUnEncryptedInflightOperations\",\n \"Effect\": \"Deny\",\n \"Action\": [\n \"s3:*\"\n ],\n \"Resource\": [\n \"arn:aws:s3:::bsn-reference-frontend-bsn-demo-copernicium-storage/*\"\n ],\n \"Principal\": \"*\",\n \"Condition\": {\n \"Bool\": {\n \"aws:SecureTransport\": [\n \"false\"\n ]\n }\n }\n }\n ]\n}", - "override_json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"DenyUnEncryptedObjectUploads\",\n \"Effect\": \"Deny\",\n \"Action\": [\"s3:PutObject\"],\n \"Resource\": [\"arn:aws:s3:::bsn-reference-frontend-bsn-demo-copernicium-storage/*\"],\n\n \"Condition\": {\n \"StringNotEquals\": {\n \"s3:x-amz-server-side-encryption\": \"AES256\"\n }\n },\n\n \"Principal\": \"*\"\n},\n {\n \"Sid\": \"DenyUnEncryptedInflightOperations\",\n \"Effect\": \"Deny\",\n \"Action\": [\"s3:*\"],\n \"Resource\": [\"arn:aws:s3:::bsn-reference-frontend-bsn-demo-copernicium-storage/*\"],\n\n \"Condition\": {\n \"Bool\": {\n \"aws:SecureTransport\": \"false\"\n }\n },\n\n \"Principal\": \"*\"\n}\n ]\n}", - "override_policy_documents": null, - "policy_id": null, - "source_json": null, - "source_policy_documents": null, - "statement": null, - "version": "2012-10-17" - }, - "sensitive_attributes": [] - } - ] - }, - { - "module": "module.storage_bucket", - "mode": "data", - "type": "template_file", - "name": "deny_unencrypted_inflight_operations_fragment", - "provider": "provider[\"registry.terraform.io/hashicorp/template\"]", - "instances": [ - { - "schema_version": 0, - "attributes": { - "filename": null, - "id": "8675376b65854e0459bb59ff293badda284a8764c148914248231f0570290c24", - "rendered": "{\n \"Sid\": \"DenyUnEncryptedInflightOperations\",\n \"Effect\": \"Deny\",\n \"Action\": [\"s3:*\"],\n \"Resource\": [\"arn:aws:s3:::bsn-reference-frontend-bsn-demo-copernicium-storage/*\"],\n\n \"Condition\": {\n \"Bool\": {\n \"aws:SecureTransport\": \"false\"\n }\n },\n\n \"Principal\": \"*\"\n}", - "template": "{\n \"Sid\": \"DenyUnEncryptedInflightOperations\",\n \"Effect\": \"Deny\",\n \"Action\": [\"s3:*\"],\n \"Resource\": [\"arn:aws:s3:::${bucket_name}/*\"],\n\n \"Condition\": {\n \"Bool\": {\n \"aws:SecureTransport\": \"false\"\n }\n },\n\n \"Principal\": \"*\"\n}", - "vars": { - "bucket_name": "bsn-reference-frontend-bsn-demo-copernicium-storage" - } - }, - "sensitive_attributes": [] - } - ] - }, - { - "module": "module.storage_bucket", - "mode": "data", - "type": "template_file", - "name": "deny_unencrypted_object_uploads_fragment", - "provider": "provider[\"registry.terraform.io/hashicorp/template\"]", - "instances": [ - { - "schema_version": 0, - "attributes": { - "filename": null, - "id": "9d6e6c5cdf885c441a1023f19316e08215bc03d4742220f291ea9f28a0082069", - "rendered": "{\n \"Sid\": \"DenyUnEncryptedObjectUploads\",\n \"Effect\": \"Deny\",\n \"Action\": [\"s3:PutObject\"],\n \"Resource\": [\"arn:aws:s3:::bsn-reference-frontend-bsn-demo-copernicium-storage/*\"],\n\n \"Condition\": {\n \"StringNotEquals\": {\n \"s3:x-amz-server-side-encryption\": \"AES256\"\n }\n },\n\n \"Principal\": \"*\"\n}", - "template": "{\n \"Sid\": \"DenyUnEncryptedObjectUploads\",\n \"Effect\": \"Deny\",\n \"Action\": [\"s3:PutObject\"],\n \"Resource\": [\"arn:aws:s3:::${bucket_name}/*\"],\n\n \"Condition\": {\n \"StringNotEquals\": {\n \"s3:x-amz-server-side-encryption\": \"AES256\"\n }\n },\n\n \"Principal\": \"*\"\n}", - "vars": { - "bucket_name": "bsn-reference-frontend-bsn-demo-copernicium-storage" - } - }, - "sensitive_attributes": [] - } - ] - }, - { - "module": "module.storage_bucket", - "mode": "data", - "type": "template_file", - "name": "encrypted_bucket_policy", - "provider": "provider[\"registry.terraform.io/hashicorp/template\"]", - "instances": [ - { - "schema_version": 0, - "attributes": { - "filename": null, - "id": "62dc4ef5d53acfe91fea2471b8dbc34de03ebc62d7c473e3a3f8364937270a92", - "rendered": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"DenyUnEncryptedObjectUploads\",\n \"Effect\": \"Deny\",\n \"Action\": [\"s3:PutObject\"],\n \"Resource\": [\"arn:aws:s3:::bsn-reference-frontend-bsn-demo-copernicium-storage/*\"],\n\n \"Condition\": {\n \"StringNotEquals\": {\n \"s3:x-amz-server-side-encryption\": \"AES256\"\n }\n },\n\n \"Principal\": \"*\"\n},\n {\n \"Sid\": \"DenyUnEncryptedInflightOperations\",\n \"Effect\": \"Deny\",\n \"Action\": [\"s3:*\"],\n \"Resource\": [\"arn:aws:s3:::bsn-reference-frontend-bsn-demo-copernicium-storage/*\"],\n\n \"Condition\": {\n \"Bool\": {\n \"aws:SecureTransport\": \"false\"\n }\n },\n\n \"Principal\": \"*\"\n}\n ]\n}", - "template": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n ${deny_unencrypted_object_upload_fragment},\n ${deny_unencrypted_inflight_operations_fragment}\n ]\n}", - "vars": { - "bucket_name": "bsn-reference-frontend-bsn-demo-copernicium-storage", - "deny_unencrypted_inflight_operations_fragment": "{\n \"Sid\": \"DenyUnEncryptedInflightOperations\",\n \"Effect\": \"Deny\",\n \"Action\": [\"s3:*\"],\n \"Resource\": [\"arn:aws:s3:::bsn-reference-frontend-bsn-demo-copernicium-storage/*\"],\n\n \"Condition\": {\n \"Bool\": {\n \"aws:SecureTransport\": \"false\"\n }\n },\n\n \"Principal\": \"*\"\n}", - "deny_unencrypted_object_upload_fragment": "{\n \"Sid\": \"DenyUnEncryptedObjectUploads\",\n \"Effect\": \"Deny\",\n \"Action\": [\"s3:PutObject\"],\n \"Resource\": [\"arn:aws:s3:::bsn-reference-frontend-bsn-demo-copernicium-storage/*\"],\n\n \"Condition\": {\n \"StringNotEquals\": {\n \"s3:x-amz-server-side-encryption\": \"AES256\"\n }\n },\n\n \"Principal\": \"*\"\n}" - } - }, - "sensitive_attributes": [] - } - ] - }, - { - "module": "module.storage_bucket", - "mode": "managed", - "type": "aws_s3_bucket", - "name": "encrypted_bucket", - "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", - "instances": [ - { - "schema_version": 0, - "attributes": { - "acceleration_status": "", - "acl": "private", - "arn": "arn:aws:s3:::bsn-reference-frontend-bsn-demo-copernicium-storage", - "bucket": "bsn-reference-frontend-bsn-demo-copernicium-storage", - "bucket_domain_name": "bsn-reference-frontend-bsn-demo-copernicium-storage.s3.amazonaws.com", - "bucket_prefix": null, - "bucket_regional_domain_name": "bsn-reference-frontend-bsn-demo-copernicium-storage.s3.eu-west-2.amazonaws.com", - "cors_rule": [], - "force_destroy": false, - "grant": [], - "hosted_zone_id": "Z3GKZC51ZF0DB4", - "id": "bsn-reference-frontend-bsn-demo-copernicium-storage", - "lifecycle_rule": [], - "logging": [], - "object_lock_configuration": [], - "policy": null, - "region": "eu-west-2", - "replication_configuration": [], - "request_payer": "BucketOwner", - "server_side_encryption_configuration": [], - "tags": { - "DeploymentIdentifier": "bsn-demo-copernicium", - "DeploymentLabel": "copernicium", - "DeploymentType": "bsn-demo", - "Name": "bsn-reference-frontend-bsn-demo-copernicium-storage" - }, - "tags_all": { - "DeploymentIdentifier": "bsn-demo-copernicium", - "DeploymentLabel": "copernicium", - "DeploymentType": "bsn-demo", - "Name": "bsn-reference-frontend-bsn-demo-copernicium-storage" - }, - "versioning": [ - { - "enabled": true, - "mfa_delete": false - } - ], - "website": [], - "website_domain": null, - "website_endpoint": null - }, - "sensitive_attributes": [], - "private": "bnVsbA==" - } - ] - }, - { - "module": "module.storage_bucket", - "mode": "managed", - "type": "aws_s3_bucket_policy", - "name": "encrypted_bucket", - "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", - "instances": [ - { - "schema_version": 0, - "attributes": { - "bucket": "bsn-reference-frontend-bsn-demo-copernicium-storage", - "id": "bsn-reference-frontend-bsn-demo-copernicium-storage", - "policy": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"DenyUnEncryptedObjectUploads\",\n \"Effect\": \"Deny\",\n \"Action\": [\n \"s3:PutObject\"\n ],\n \"Resource\": [\n \"arn:aws:s3:::bsn-reference-frontend-bsn-demo-copernicium-storage/*\"\n ],\n \"Principal\": \"*\",\n \"Condition\": {\n \"StringNotEquals\": {\n \"s3:x-amz-server-side-encryption\": [\n \"AES256\"\n ]\n }\n }\n },\n {\n \"Sid\": \"DenyUnEncryptedInflightOperations\",\n \"Effect\": \"Deny\",\n \"Action\": [\n \"s3:*\"\n ],\n \"Resource\": [\n \"arn:aws:s3:::bsn-reference-frontend-bsn-demo-copernicium-storage/*\"\n ],\n \"Principal\": \"*\",\n \"Condition\": {\n \"Bool\": {\n \"aws:SecureTransport\": [\n \"false\"\n ]\n }\n }\n }\n ]\n}" - }, - "sensitive_attributes": [], - "private": "bnVsbA==", - "dependencies": [ - "module.storage_bucket.aws_s3_bucket.encrypted_bucket", - "module.storage_bucket.data.aws_iam_policy_document.encrypted_bucket_policy_document" - ] - } - ] - } - ] -} diff --git a/state/bootstrap/bsn-development-hassium.tfstate b/state/bootstrap/bsn-development-hassium.tfstate deleted file mode 100644 index 7d75e12b..00000000 --- a/state/bootstrap/bsn-development-hassium.tfstate +++ /dev/null @@ -1,156 +0,0 @@ -{ - "version": 4, - "terraform_version": "0.14.7", - "serial": 4, - "lineage": "d3fb04c6-48ff-a927-c349-12b1f9b31961", - "outputs": { - "storage_bucket_name": { - "value": "bsn-reference-frontend-bsn-development-hassium-storage", - "type": "string" - } - }, - "resources": [ - { - "module": "module.storage_bucket", - "mode": "data", - "type": "template_file", - "name": "deny_unencrypted_inflight_operations_fragment", - "provider": "provider[\"registry.terraform.io/hashicorp/template\"]", - "instances": [ - { - "schema_version": 0, - "attributes": { - "filename": null, - "id": "b698d2d85d19b180d4ff23279d343bbb0f7efdd2166086d85a8aa56bcfda87cc", - "rendered": "{\n \"Sid\": \"DenyUnEncryptedInflightOperations\",\n \"Effect\": \"Deny\",\n \"Action\": [\"s3:*\"],\n \"Resource\": [\"arn:aws:s3:::bsn-reference-frontend-bsn-development-hassium-storage/*\"],\n\n \"Condition\": {\n \"Bool\": {\n \"aws:SecureTransport\": \"false\"\n }\n },\n\n \"Principal\": \"*\"\n}", - "template": "{\n \"Sid\": \"DenyUnEncryptedInflightOperations\",\n \"Effect\": \"Deny\",\n \"Action\": [\"s3:*\"],\n \"Resource\": [\"arn:aws:s3:::${bucket_name}/*\"],\n\n \"Condition\": {\n \"Bool\": {\n \"aws:SecureTransport\": \"false\"\n }\n },\n\n \"Principal\": \"*\"\n}", - "vars": { - "bucket_name": "bsn-reference-frontend-bsn-development-hassium-storage" - } - }, - "sensitive_attributes": [] - } - ] - }, - { - "module": "module.storage_bucket", - "mode": "data", - "type": "template_file", - "name": "deny_unencrypted_object_uploads_fragment", - "provider": "provider[\"registry.terraform.io/hashicorp/template\"]", - "instances": [ - { - "schema_version": 0, - "attributes": { - "filename": null, - "id": "57ac9db9d85dc265150c435b84488837f6f447a8b6c95310b315334c4b6c9d04", - "rendered": "{\n \"Sid\": \"DenyUnEncryptedObjectUploads\",\n \"Effect\": \"Deny\",\n \"Action\": [\"s3:PutObject\"],\n \"Resource\": [\"arn:aws:s3:::bsn-reference-frontend-bsn-development-hassium-storage/*\"],\n\n \"Condition\": {\n \"StringNotEquals\": {\n \"s3:x-amz-server-side-encryption\": \"AES256\"\n }\n },\n\n \"Principal\": \"*\"\n}", - "template": "{\n \"Sid\": \"DenyUnEncryptedObjectUploads\",\n \"Effect\": \"Deny\",\n \"Action\": [\"s3:PutObject\"],\n \"Resource\": [\"arn:aws:s3:::${bucket_name}/*\"],\n\n \"Condition\": {\n \"StringNotEquals\": {\n \"s3:x-amz-server-side-encryption\": \"AES256\"\n }\n },\n\n \"Principal\": \"*\"\n}", - "vars": { - "bucket_name": "bsn-reference-frontend-bsn-development-hassium-storage" - } - }, - "sensitive_attributes": [] - } - ] - }, - { - "module": "module.storage_bucket", - "mode": "data", - "type": "template_file", - "name": "encrypted_bucket_policy", - "provider": "provider[\"registry.terraform.io/hashicorp/template\"]", - "instances": [ - { - "schema_version": 0, - "attributes": { - "filename": null, - "id": "a85df4e415f6c3fa9a5d297c83378facc8c416a9b6da18b09b09f9ab9b1e8794", - "rendered": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"DenyUnEncryptedObjectUploads\",\n \"Effect\": \"Deny\",\n \"Action\": [\"s3:PutObject\"],\n \"Resource\": [\"arn:aws:s3:::bsn-reference-frontend-bsn-development-hassium-storage/*\"],\n\n \"Condition\": {\n \"StringNotEquals\": {\n \"s3:x-amz-server-side-encryption\": \"AES256\"\n }\n },\n\n \"Principal\": \"*\"\n},\n {\n \"Sid\": \"DenyUnEncryptedInflightOperations\",\n \"Effect\": \"Deny\",\n \"Action\": [\"s3:*\"],\n \"Resource\": [\"arn:aws:s3:::bsn-reference-frontend-bsn-development-hassium-storage/*\"],\n\n \"Condition\": {\n \"Bool\": {\n \"aws:SecureTransport\": \"false\"\n }\n },\n\n \"Principal\": \"*\"\n}\n ]\n}", - "template": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n ${deny_unencrypted_object_upload_fragment},\n ${deny_unencrypted_inflight_operations_fragment}\n ]\n}", - "vars": { - "bucket_name": "bsn-reference-frontend-bsn-development-hassium-storage", - "deny_unencrypted_inflight_operations_fragment": "{\n \"Sid\": \"DenyUnEncryptedInflightOperations\",\n \"Effect\": \"Deny\",\n \"Action\": [\"s3:*\"],\n \"Resource\": [\"arn:aws:s3:::bsn-reference-frontend-bsn-development-hassium-storage/*\"],\n\n \"Condition\": {\n \"Bool\": {\n \"aws:SecureTransport\": \"false\"\n }\n },\n\n \"Principal\": \"*\"\n}", - "deny_unencrypted_object_upload_fragment": "{\n \"Sid\": \"DenyUnEncryptedObjectUploads\",\n \"Effect\": \"Deny\",\n \"Action\": [\"s3:PutObject\"],\n \"Resource\": [\"arn:aws:s3:::bsn-reference-frontend-bsn-development-hassium-storage/*\"],\n\n \"Condition\": {\n \"StringNotEquals\": {\n \"s3:x-amz-server-side-encryption\": \"AES256\"\n }\n },\n\n \"Principal\": \"*\"\n}" - } - }, - "sensitive_attributes": [] - } - ] - }, - { - "module": "module.storage_bucket", - "mode": "managed", - "type": "aws_s3_bucket", - "name": "encrypted_bucket", - "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", - "instances": [ - { - "schema_version": 0, - "attributes": { - "acceleration_status": "", - "acl": "private", - "arn": "arn:aws:s3:::bsn-reference-frontend-bsn-development-hassium-storage", - "bucket": "bsn-reference-frontend-bsn-development-hassium-storage", - "bucket_domain_name": "bsn-reference-frontend-bsn-development-hassium-storage.s3.amazonaws.com", - "bucket_prefix": null, - "bucket_regional_domain_name": "bsn-reference-frontend-bsn-development-hassium-storage.s3.eu-west-2.amazonaws.com", - "cors_rule": [], - "force_destroy": false, - "grant": [], - "hosted_zone_id": "Z3GKZC51ZF0DB4", - "id": "bsn-reference-frontend-bsn-development-hassium-storage", - "lifecycle_rule": [], - "logging": [], - "object_lock_configuration": [], - "policy": null, - "region": "eu-west-2", - "replication_configuration": [], - "request_payer": "BucketOwner", - "server_side_encryption_configuration": [], - "tags": { - "DeploymentIdentifier": "bsn-development-hassium", - "DeploymentLabel": "hassium", - "DeploymentType": "bsn-development", - "Name": "bsn-reference-frontend-bsn-development-hassium-storage" - }, - "versioning": [ - { - "enabled": true, - "mfa_delete": false - } - ], - "website": [], - "website_domain": null, - "website_endpoint": null - }, - "sensitive_attributes": [], - "private": "bnVsbA==" - } - ] - }, - { - "module": "module.storage_bucket", - "mode": "managed", - "type": "aws_s3_bucket_policy", - "name": "encrypted_bucket", - "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", - "instances": [ - { - "schema_version": 0, - "attributes": { - "bucket": "bsn-reference-frontend-bsn-development-hassium-storage", - "id": "bsn-reference-frontend-bsn-development-hassium-storage", - "policy": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"DenyUnEncryptedObjectUploads\",\n \"Effect\": \"Deny\",\n \"Action\": [\"s3:PutObject\"],\n \"Resource\": [\"arn:aws:s3:::bsn-reference-frontend-bsn-development-hassium-storage/*\"],\n\n \"Condition\": {\n \"StringNotEquals\": {\n \"s3:x-amz-server-side-encryption\": \"AES256\"\n }\n },\n\n \"Principal\": \"*\"\n},\n {\n \"Sid\": \"DenyUnEncryptedInflightOperations\",\n \"Effect\": \"Deny\",\n \"Action\": [\"s3:*\"],\n \"Resource\": [\"arn:aws:s3:::bsn-reference-frontend-bsn-development-hassium-storage/*\"],\n\n \"Condition\": {\n \"Bool\": {\n \"aws:SecureTransport\": \"false\"\n }\n },\n\n \"Principal\": \"*\"\n}\n ]\n}" - }, - "sensitive_attributes": [], - "private": "bnVsbA==", - "dependencies": [ - "module.storage_bucket.aws_s3_bucket.encrypted_bucket", - "module.storage_bucket.data.template_file.encrypted_bucket_policy" - ] - } - ] - } - ] -} diff --git a/state/bootstrap/bsn-production-vanadium.tfstate b/state/bootstrap/bsn-production-vanadium.tfstate deleted file mode 100644 index 4525078b..00000000 --- a/state/bootstrap/bsn-production-vanadium.tfstate +++ /dev/null @@ -1,186 +0,0 @@ -{ - "version": 4, - "terraform_version": "0.15.4", - "serial": 13, - "lineage": "12d8d528-fe65-b035-9610-75d5785f7848", - "outputs": { - "storage_bucket_name": { - "value": "bsn-reference-frontend-bsn-production-vanadium-storage", - "type": "string" - } - }, - "resources": [ - { - "module": "module.storage_bucket", - "mode": "data", - "type": "aws_iam_policy_document", - "name": "encrypted_bucket_policy_document", - "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", - "instances": [ - { - "schema_version": 0, - "attributes": { - "id": "1195316757", - "json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"DenyUnEncryptedObjectUploads\",\n \"Effect\": \"Deny\",\n \"Action\": [\n \"s3:PutObject\"\n ],\n \"Resource\": [\n \"arn:aws:s3:::bsn-reference-frontend-bsn-production-vanadium-storage/*\"\n ],\n \"Principal\": \"*\",\n \"Condition\": {\n \"StringNotEquals\": {\n \"s3:x-amz-server-side-encryption\": [\n \"AES256\"\n ]\n }\n }\n },\n {\n \"Sid\": \"DenyUnEncryptedInflightOperations\",\n \"Effect\": \"Deny\",\n \"Action\": [\n \"s3:*\"\n ],\n \"Resource\": [\n \"arn:aws:s3:::bsn-reference-frontend-bsn-production-vanadium-storage/*\"\n ],\n \"Principal\": \"*\",\n \"Condition\": {\n \"Bool\": {\n \"aws:SecureTransport\": [\n \"false\"\n ]\n }\n }\n }\n ]\n}", - "override_json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"DenyUnEncryptedObjectUploads\",\n \"Effect\": \"Deny\",\n \"Action\": [\"s3:PutObject\"],\n \"Resource\": [\"arn:aws:s3:::bsn-reference-frontend-bsn-production-vanadium-storage/*\"],\n\n \"Condition\": {\n \"StringNotEquals\": {\n \"s3:x-amz-server-side-encryption\": \"AES256\"\n }\n },\n\n \"Principal\": \"*\"\n},\n {\n \"Sid\": \"DenyUnEncryptedInflightOperations\",\n \"Effect\": \"Deny\",\n \"Action\": [\"s3:*\"],\n \"Resource\": [\"arn:aws:s3:::bsn-reference-frontend-bsn-production-vanadium-storage/*\"],\n\n \"Condition\": {\n \"Bool\": {\n \"aws:SecureTransport\": \"false\"\n }\n },\n\n \"Principal\": \"*\"\n}\n ]\n}", - "override_policy_documents": null, - "policy_id": null, - "source_json": null, - "source_policy_documents": null, - "statement": null, - "version": "2012-10-17" - }, - "sensitive_attributes": [] - } - ] - }, - { - "module": "module.storage_bucket", - "mode": "data", - "type": "template_file", - "name": "deny_unencrypted_inflight_operations_fragment", - "provider": "provider[\"registry.terraform.io/hashicorp/template\"]", - "instances": [ - { - "schema_version": 0, - "attributes": { - "filename": null, - "id": "9d66db5fbe91f12da7b9110f5b81d188bf096a4d89d9a2f98381113c2646c35d", - "rendered": "{\n \"Sid\": \"DenyUnEncryptedInflightOperations\",\n \"Effect\": \"Deny\",\n \"Action\": [\"s3:*\"],\n \"Resource\": [\"arn:aws:s3:::bsn-reference-frontend-bsn-production-vanadium-storage/*\"],\n\n \"Condition\": {\n \"Bool\": {\n \"aws:SecureTransport\": \"false\"\n }\n },\n\n \"Principal\": \"*\"\n}", - "template": "{\n \"Sid\": \"DenyUnEncryptedInflightOperations\",\n \"Effect\": \"Deny\",\n \"Action\": [\"s3:*\"],\n \"Resource\": [\"arn:aws:s3:::${bucket_name}/*\"],\n\n \"Condition\": {\n \"Bool\": {\n \"aws:SecureTransport\": \"false\"\n }\n },\n\n \"Principal\": \"*\"\n}", - "vars": { - "bucket_name": "bsn-reference-frontend-bsn-production-vanadium-storage" - } - }, - "sensitive_attributes": [] - } - ] - }, - { - "module": "module.storage_bucket", - "mode": "data", - "type": "template_file", - "name": "deny_unencrypted_object_uploads_fragment", - "provider": "provider[\"registry.terraform.io/hashicorp/template\"]", - "instances": [ - { - "schema_version": 0, - "attributes": { - "filename": null, - "id": "e2e181cf31c54264d2a836ad5e29f372dc6394c86153244248eed0c1b3695886", - "rendered": "{\n \"Sid\": \"DenyUnEncryptedObjectUploads\",\n \"Effect\": \"Deny\",\n \"Action\": [\"s3:PutObject\"],\n \"Resource\": [\"arn:aws:s3:::bsn-reference-frontend-bsn-production-vanadium-storage/*\"],\n\n \"Condition\": {\n \"StringNotEquals\": {\n \"s3:x-amz-server-side-encryption\": \"AES256\"\n }\n },\n\n \"Principal\": \"*\"\n}", - "template": "{\n \"Sid\": \"DenyUnEncryptedObjectUploads\",\n \"Effect\": \"Deny\",\n \"Action\": [\"s3:PutObject\"],\n \"Resource\": [\"arn:aws:s3:::${bucket_name}/*\"],\n\n \"Condition\": {\n \"StringNotEquals\": {\n \"s3:x-amz-server-side-encryption\": \"AES256\"\n }\n },\n\n \"Principal\": \"*\"\n}", - "vars": { - "bucket_name": "bsn-reference-frontend-bsn-production-vanadium-storage" - } - }, - "sensitive_attributes": [] - } - ] - }, - { - "module": "module.storage_bucket", - "mode": "data", - "type": "template_file", - "name": "encrypted_bucket_policy", - "provider": "provider[\"registry.terraform.io/hashicorp/template\"]", - "instances": [ - { - "schema_version": 0, - "attributes": { - "filename": null, - "id": "b06cfc0924f0f36375698629c9b5c296e83fb6a7fb7eaef83d9996b38126f839", - "rendered": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"DenyUnEncryptedObjectUploads\",\n \"Effect\": \"Deny\",\n \"Action\": [\"s3:PutObject\"],\n \"Resource\": [\"arn:aws:s3:::bsn-reference-frontend-bsn-production-vanadium-storage/*\"],\n\n \"Condition\": {\n \"StringNotEquals\": {\n \"s3:x-amz-server-side-encryption\": \"AES256\"\n }\n },\n\n \"Principal\": \"*\"\n},\n {\n \"Sid\": \"DenyUnEncryptedInflightOperations\",\n \"Effect\": \"Deny\",\n \"Action\": [\"s3:*\"],\n \"Resource\": [\"arn:aws:s3:::bsn-reference-frontend-bsn-production-vanadium-storage/*\"],\n\n \"Condition\": {\n \"Bool\": {\n \"aws:SecureTransport\": \"false\"\n }\n },\n\n \"Principal\": \"*\"\n}\n ]\n}", - "template": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n ${deny_unencrypted_object_upload_fragment},\n ${deny_unencrypted_inflight_operations_fragment}\n ]\n}", - "vars": { - "bucket_name": "bsn-reference-frontend-bsn-production-vanadium-storage", - "deny_unencrypted_inflight_operations_fragment": "{\n \"Sid\": \"DenyUnEncryptedInflightOperations\",\n \"Effect\": \"Deny\",\n \"Action\": [\"s3:*\"],\n \"Resource\": [\"arn:aws:s3:::bsn-reference-frontend-bsn-production-vanadium-storage/*\"],\n\n \"Condition\": {\n \"Bool\": {\n \"aws:SecureTransport\": \"false\"\n }\n },\n\n \"Principal\": \"*\"\n}", - "deny_unencrypted_object_upload_fragment": "{\n \"Sid\": \"DenyUnEncryptedObjectUploads\",\n \"Effect\": \"Deny\",\n \"Action\": [\"s3:PutObject\"],\n \"Resource\": [\"arn:aws:s3:::bsn-reference-frontend-bsn-production-vanadium-storage/*\"],\n\n \"Condition\": {\n \"StringNotEquals\": {\n \"s3:x-amz-server-side-encryption\": \"AES256\"\n }\n },\n\n \"Principal\": \"*\"\n}" - } - }, - "sensitive_attributes": [] - } - ] - }, - { - "module": "module.storage_bucket", - "mode": "managed", - "type": "aws_s3_bucket", - "name": "encrypted_bucket", - "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", - "instances": [ - { - "schema_version": 0, - "attributes": { - "acceleration_status": "", - "acl": "private", - "arn": "arn:aws:s3:::bsn-reference-frontend-bsn-production-vanadium-storage", - "bucket": "bsn-reference-frontend-bsn-production-vanadium-storage", - "bucket_domain_name": "bsn-reference-frontend-bsn-production-vanadium-storage.s3.amazonaws.com", - "bucket_prefix": null, - "bucket_regional_domain_name": "bsn-reference-frontend-bsn-production-vanadium-storage.s3.eu-west-2.amazonaws.com", - "cors_rule": [], - "force_destroy": false, - "grant": [], - "hosted_zone_id": "Z3GKZC51ZF0DB4", - "id": "bsn-reference-frontend-bsn-production-vanadium-storage", - "lifecycle_rule": [], - "logging": [], - "object_lock_configuration": [], - "policy": null, - "region": "eu-west-2", - "replication_configuration": [], - "request_payer": "BucketOwner", - "server_side_encryption_configuration": [], - "tags": { - "DeploymentIdentifier": "bsn-production-vanadium", - "DeploymentLabel": "vanadium", - "DeploymentType": "bsn-production", - "Name": "bsn-reference-frontend-bsn-production-vanadium-storage" - }, - "tags_all": { - "DeploymentIdentifier": "bsn-production-vanadium", - "DeploymentLabel": "vanadium", - "DeploymentType": "bsn-production", - "Name": "bsn-reference-frontend-bsn-production-vanadium-storage" - }, - "versioning": [ - { - "enabled": true, - "mfa_delete": false - } - ], - "website": [], - "website_domain": null, - "website_endpoint": null - }, - "sensitive_attributes": [], - "private": "bnVsbA==" - } - ] - }, - { - "module": "module.storage_bucket", - "mode": "managed", - "type": "aws_s3_bucket_policy", - "name": "encrypted_bucket", - "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", - "instances": [ - { - "schema_version": 0, - "attributes": { - "bucket": "bsn-reference-frontend-bsn-production-vanadium-storage", - "id": "bsn-reference-frontend-bsn-production-vanadium-storage", - "policy": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"DenyUnEncryptedObjectUploads\",\n \"Effect\": \"Deny\",\n \"Action\": [\n \"s3:PutObject\"\n ],\n \"Resource\": [\n \"arn:aws:s3:::bsn-reference-frontend-bsn-production-vanadium-storage/*\"\n ],\n \"Principal\": \"*\",\n \"Condition\": {\n \"StringNotEquals\": {\n \"s3:x-amz-server-side-encryption\": [\n \"AES256\"\n ]\n }\n }\n },\n {\n \"Sid\": \"DenyUnEncryptedInflightOperations\",\n \"Effect\": \"Deny\",\n \"Action\": [\n \"s3:*\"\n ],\n \"Resource\": [\n \"arn:aws:s3:::bsn-reference-frontend-bsn-production-vanadium-storage/*\"\n ],\n \"Principal\": \"*\",\n \"Condition\": {\n \"Bool\": {\n \"aws:SecureTransport\": [\n \"false\"\n ]\n }\n }\n }\n ]\n}" - }, - "sensitive_attributes": [], - "private": "bnVsbA==", - "dependencies": [ - "module.storage_bucket.aws_s3_bucket.encrypted_bucket", - "module.storage_bucket.data.aws_iam_policy_document.encrypted_bucket_policy_document" - ] - } - ] - } - ] -}