Skip to content

Commit

Permalink
Move to lambda module
Browse files Browse the repository at this point in the history
Remove iam module

Add remaining lambdas
  • Loading branch information
Jack Plowman committed Oct 20, 2023
1 parent ac80bca commit a955334
Show file tree
Hide file tree
Showing 21 changed files with 1,285 additions and 1,247 deletions.
28 changes: 6 additions & 22 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ deploy: # Deploys whole project - mandatory: PROFILE

undeploy: # Undeploys whole project - mandatory: PROFILE
eval "$$(make -s populate-deployment-variables)"
make terraform-destroy-auto-approve STACKS=blue-green-link,application,shared-resources
make terraform-destroy-auto-approve STACKS=blue-green-link,application,shared-resources VERSION=any
if [ "$(PROFILE)" != "live" ]; then
make terraform-destroy-auto-approve STACKS=api-key
fi
Expand All @@ -45,27 +45,16 @@ build-and-deploy: # Builds and Deploys whole project - mandatory: PROFILE

populate-deployment-variables:
echo "unset AWS_PROFILE"
echo "export DB_WRITER_SERVER=$(DB_WRITER_ROUTE_53)"
echo "export DB_READER_SERVER=$(DB_READER_ROUTE_53)"
DEPLOYMENT_SECRETS=$$(make -s secret-get-existing-value NAME=$(DEPLOYMENT_SECRETS))
echo "export DB_READ_AND_WRITE_USER_NAME=$$(echo $$DEPLOYMENT_SECRETS | jq -r '.$(DB_USER_NAME_SECRET_KEY)')"
echo "export DB_READ_ONLY_USER_NAME=$$(echo $$DEPLOYMENT_SECRETS | jq -r '.$(DB_READ_ONLY_USER_NAME_SECRET_KEY)')"
echo "export SLACK_WEBHOOK_URL=$$(echo $$DEPLOYMENT_SECRETS | jq -r '.$(SLACK_WEBHOOK_SECRET_KEY)')"
echo "export PROJECT_SYSTEM_EMAIL_ADDRESS=$$(echo $$DEPLOYMENT_SECRETS | jq -r '.$(SYSTEM_EMAIL_KEY)')"
echo "export PROJECT_TEAM_EMAIL_ADDRESS=$$(echo $$DEPLOYMENT_SECRETS | jq -r '.$(TEAM_EMAIL_KEY)')"
echo "export PROJECT_SERVICE_CATEGORY=$$(echo $$DEPLOYMENT_SECRETS | jq -r '.$(SERVICE_CATEGORY_KEY)')"
echo "export PROJECT_DATA_CLASSIFICATION=$$(echo $$DEPLOYMENT_SECRETS | jq -r '.$(DATA_CLASSIFICATION_KEY)')"
echo "export PROJECT_DISTRIBUTION_LIST=$$(echo $$DEPLOYMENT_SECRETS | jq -r '.$(DISTRIBUTION_LIST_KEY)')"
echo "export TF_VAR_service_category=$$(echo $$DEPLOYMENT_SECRETS | jq -r '.$(SERVICE_CATEGORY_KEY)')"
echo "export TF_VAR_data_classification=$$(echo $$DEPLOYMENT_SECRETS | jq -r '.$(DATA_CLASSIFICATION_KEY)')"
echo "export TF_VAR_distribution_list=$$(echo $$DEPLOYMENT_SECRETS | jq -r '.$(DISTRIBUTION_LIST_KEY)')"
echo "export TF_VAR_aws_sso_role=$$(echo $$DEPLOYMENT_SECRETS | jq -r '.$(AWS_SSO_ROLE_KEY)')"

unit-test-local:
pyenv local .venv
pip install -r application/requirements-dev.txt -r application/service_matcher/requirements.txt -r application/event_replay/requirements.txt -r application/service_sync/requirements.txt -r application/change_event_dlq_handler/requirements.txt
cd application
python -m pytest --junitxml=./testresults.xml --cov-report term-missing --cov-report xml:coverage.xml --cov=. -vv
echo "export TF_VAR_dos_db_read_and_write_user_name=$$(echo $$DEPLOYMENT_SECRETS | jq -r '.$(DB_USER_NAME_SECRET_KEY)')"
echo "export TF_VAR_dos_db_read_only_user_name=$$(echo $$DEPLOYMENT_SECRETS | jq -r '.$(DB_READ_ONLY_USER_NAME_SECRET_KEY)')"

unit-test:
make -s docker-run-tester \
Expand Down Expand Up @@ -207,6 +196,7 @@ quality-checker-build-and-deploy: ### Build and deploy quality checker lambda do
quick-build-and-deploy: # Build and deploy lambdas only (meant to for fast redeployment of existing lambdas) - mandatory: PROFILE, ENVIRONMENT
make -s build VERSION=$(BUILD_TAG)
make -s push-images VERSION=$(BUILD_TAG)
eval "$$(make -s populate-deployment-variables)"
make terraform-apply-auto-approve STACKS=application VERSION=$(BUILD_TAG)

push-images: # Use VERSION=[] to push a perticular version otherwise with default to latest
Expand Down Expand Up @@ -447,10 +437,7 @@ deploy-shared-resources: # Deploys shared resources (Only intended to run in pip

deploy-blue-green-environment: # Deploys blue/green resources (Only intended to run in pipeline) - mandatory: PROFILE, ENVIRONMENT, SHARED_ENVIRONMENT, BLUE_GREEN_ENVIRONMENT
eval "$$(make -s populate-deployment-variables)"
make terraform-apply-auto-approve STACKS=before-lambda-deployment
eval "$$(make -s populate-serverless-variables)"
make serverless-deploy
make terraform-apply-auto-approve STACKS=after-lambda-deployment
make terraform-apply-auto-approve STACKS=application

build-and-deploy-blue-green-environment: # Deploys blue/green resources - mandatory: PROFILE, ENVIRONMENT, SHARED_ENVIRONMENT, BLUE_GREEN_ENVIRONMENT
make build-and-push VERSION=$(BUILD_TAG)
Expand All @@ -469,10 +456,7 @@ undeploy-shared-resources: # Undeploys shared resources (Only intended to run in

undeploy-blue-green-environment: # Undeploys blue/green resources (Only intended to run in pipeline) - mandatory: PROFILE, ENVIRONMENT, SHARED_ENVIRONMENT, BLUE_GREEN_ENVIRONMENT
eval "$$(make -s populate-deployment-variables)"
make terraform-destroy-auto-approve STACKS=after-lambda-deployment
eval "$$(make -s populate-serverless-variables)"
make serverless-remove VERSION="any"
make terraform-destroy-auto-approve STACKS=before-lambda-deployment
make terraform-destroy-auto-approve STACKS=application

unlink-blue-green-environment: # Un-Links blue green environment - mandatory: PROFILE, ENVIRONMENT, SHARED_ENVIRONMENT, BLUE_GREEN_ENVIRONMENT
eval "$$(make -s populate-deployment-variables)"
Expand Down
2 changes: 1 addition & 1 deletion build/automation/var/profile/dev.mk
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ LOG_LEVEL:= DEBUG
# DB Name
DB_CLUSTER_NAME := uec-core-dos-regression-cluster-14
DB_WRITER_NAME := uec-core-dos-regression-cluster-14-one
DB_READER_NAME := ec-core-dos-regression-cluster-14-two
DB_READER_NAME := uec-core-dos-regression-cluster-14-two

# DB Route 53s
DB_WRITER_ROUTE_53 := core-dos-regression-master.dos-db-rds
Expand Down
47 changes: 26 additions & 21 deletions build/automation/var/project.mk
Original file line number Diff line number Diff line change
Expand Up @@ -30,11 +30,6 @@ TF_VAR_github_owner = nhsd-exeter
TF_VAR_github_repo = dos-integration
PARALLEL_TEST_COUNT := $(or $(PARALLEL_TEST_COUNT), auto)

# DOS DB (Aurora)
TF_VAR_dos_db_cluster_name:= $(DB_CLUSTER_NAME)
TF_VAR_dos_db_writer_name := $(DB_WRITER_NAME)
TF_VAR_dos_db_reader_name := $(DB_READER_NAME)

UNACCEPTABLE_VULNERABILITY_LEVELS = CRITICAL,HIGH,MEDIUM

BLUE_GREEN_ENVIRONMENT := $(or $(BLUE_GREEN_ENVIRONMENT), $(ENVIRONMENT))
Expand Down Expand Up @@ -67,8 +62,6 @@ TF_VAR_nightly_rule_name := $(PROJECT_ID)-$(ENVIRONMENT)-performance-pipeline-ni

# General
TF_VAR_docker_registry := $(DOCKER_REGISTRY)
TF_VAR_log_level := $(LOG_LEVEL)
TF_VAR_lambda_powertools_service_name := $(PROGRAMME)-$(TEAM_ID)-$(PROFILE)-$(BLUE_GREEN_ENVIRONMENT)

# Tags
TF_VAR_tags_secret_manager = $(TAG_SECRET_MANAGER)
Expand Down Expand Up @@ -199,27 +192,15 @@ TF_VAR_service_sync_lambda := $(PROJECT_ID)-$(BLUE_GREEN_ENVIRONMENT)-$(SERVICE_
TF_VAR_slack_messenger_lambda := $(PROJECT_ID)-$(BLUE_GREEN_ENVIRONMENT)-$(SLACK_MESSENGER)
TF_VAR_quality_checker_lambda := $(PROJECT_ID)-$(BLUE_GREEN_ENVIRONMENT)-$(QUALITY_CHECKER)

# Lambda IAM Roles
TF_VAR_change_event_dlq_handler_role := $(CHANGE_EVENT_DLQ_HANDLER_LAMBDA)-role
TF_VAR_dos_db_handler_role := $(DOS_DB_HANDLER_LAMBDA)-role
TF_VAR_dos_db_update_dlq_handler_role := $(DOS_DB_UPDATE_DLQ_HANDLER_LAMBDA)-role
TF_VAR_event_replay_role := $(EVENT_REPLAY_LAMBDA)-role
TF_VAR_ingest_change_event_role := $(INGEST_CHANGE_EVENT_LAMBDA)-role
TF_VAR_send_email_role := $(SEND_EMAIL_LAMBDA)-role
TF_VAR_service_matcher_role := $(SERVICE_MATCHER_LAMBDA)-role
TF_VAR_service_sync_role := $(SERVICE_SYNC_LAMBDA)-role
TF_VAR_slack_messenger_role := $(SLACK_MESSENGER_LAMBDA)-role
TF_VAR_quality_checker_role := $(QUALITY_CHECKER_LAMBDA)-role

# Lambda Versions
TF_VAR_change_event_dlq_handler_version := $(or $(CHANGE_EVENT_DLQ_HANDLER_VERSION), $(VERSION))
TF_VAR_dos_db_handlerversion := $(or $(DOS_DB_HANDLER_VERSION), $(VERSION))
TF_VAR_dos_db_handler_version := $(or $(DOS_DB_HANDLER_VERSION), $(VERSION))
TF_VAR_dos_db_update_dlq_handler_version := $(or $(DOS_DB_UPDATE_DLQ_HANDLER_VERSION), $(VERSION))
TF_VAR_event_replay_version := $(or $(EVENT_REPLAY_VERSION), $(VERSION))
TF_VAR_ingest_change_event_version := $(or $(INGEST_CHANGE_EVENT_VERSION), $(VERSION))
TF_VAR_send_email_version := $(or $(SEND_EMAIL_VERSION), $(VERSION))
TF_VAR_service_matcher_version := $(or $(SERVICE_MATCHER_VERSION), $(VERSION))
TF_VAR_service_sync_lambda_version := $(or $(SERVICE_SYNC_VERSION), $(VERSION))
TF_VAR_service_sync_version := $(or $(SERVICE_SYNC_VERSION), $(VERSION))
TF_VAR_slack_messenger_version := $(or $(SLACK_MESSENGER_VERSION), $(VERSION))
TF_VAR_quality_checker_version := $(or $(QUALITY_CHECKER_VERSION), $(VERSION))

Expand All @@ -241,3 +222,27 @@ TF_VAR_sqs_dlq_recieved_msg_alert_name := $(PROJECT_ID)-$(BLUE_GREEN_ENVIRONMENT
TF_VAR_sns_topic_app_alerts_for_slack_default_region := $(PROJECT_ID)-$(BLUE_GREEN_ENVIRONMENT)-topic-app-alerts-for-slack-default-region
TF_VAR_sns_topic_app_alerts_for_slack_route53_health_check_alarm_region := $(PROJECT_ID)-$(BLUE_GREEN_ENVIRONMENT)-topic-app-alerts-for-slack-route53-health-check-alarm-region
SQS_QUEUE_URL:= https://sqs.$(AWS_REGION).amazonaws.com/$(AWS_ACCOUNT_ID)/$(TF_VAR_change_event_queue)

# Lambda Concurrency
TF_VAR_service_matcher_max_concurrency := $(SERVICE_MATCHER_MAX_CONCURRENCY)
TF_VAR_service_sync_max_concurrency := $(SERVICE_SYNC_MAX_CONCURRENCY)

# Lambda Variables
TF_VAR_log_level := $(LOG_LEVEL)
TF_VAR_lambda_powertools_service_name := $(PROGRAMME)-$(TEAM_ID)-$(PROFILE)-$(BLUE_GREEN_ENVIRONMENT)
TF_VAR_dos_db_cluster_name := $(DB_CLUSTER_NAME)
TF_VAR_dos_db_writer_name := $(DB_WRITER_NAME)
TF_VAR_dos_db_reader_name := $(DB_READER_NAME)
TF_VAR_dos_db_writer_route_53 := $(DB_WRITER_ROUTE_53)
TF_VAR_dos_db_reader_route_53 := $(DB_READER_ROUTE_53)
TF_VAR_dos_db_port := $(DB_PORT)
TF_VAR_dos_db_name := $(DB_NAME)
TF_VAR_dos_db_schema := $(DB_SCHEMA)
TF_VAR_dos_db_writer_security_group_name := $(DB_WRITER_SG_NAME)
TF_VAR_dos_db_reader_security_group_name := $(DB_READER_SG_NAME)
TF_VAR_dos_db_writer_secret_name := $(DB_WRITER_SECRET_NAME)
TF_VAR_dos_db_writer_secret_key := $(DB_WRITER_SECRET_KEY)
TF_VAR_dos_db_reader_secret_name := $(DB_READER_SECRET_NAME)
TF_VAR_dos_db_reader_secret_key := $(DB_READER_SECRET_KEY)
TF_VAR_dos_db_read_only_user_name_secret_name := $(DB_READ_ONLY_USER_NAME_SECRET_NAME)
TF_VAR_dos_db_read_only_user_name_secret_key := $(DB_READ_ONLY_USER_NAME_SECRET_KEY)
Loading

0 comments on commit a955334

Please sign in to comment.