Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cloudwatch event and sns modules #189

Closed
wants to merge 34 commits into from
Closed

Cloudwatch event and sns modules #189

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
34 commits
Select commit Hold shift + click to select a range
d5ecb2a
Standardizing OpenSearch Implementations
colemandevries Jan 17, 2024
b96ce13
removed some notes
colemandevries Jan 17, 2024
cd68df5
small modification to github actions for documentation, removed scan …
colemandevries Jan 17, 2024
c18c350
Merge pull request #182 from CBIIT/gha
colemandevries Jan 17, 2024
638a839
added basic usage
colemandevries Jan 17, 2024
dec8376
added basic usage
colemandevries Jan 17, 2024
f78e3f1
fixed errors with documentation
colemandevries Jan 17, 2024
2151f35
resolving terraform documentation errors
colemandevries Jan 17, 2024
eab5a94
terraform-docs: automated action
github-actions[bot] Jan 17, 2024
01f4c7e
Merge pull request #183 from CBIIT/gh-actions
colemandevries Jan 17, 2024
4da058f
added bento api queries
michael-fleming Jan 19, 2024
66a0d35
added bento api queries
michael-fleming Jan 19, 2024
047e168
updated synthetics update script
michael-fleming Jan 19, 2024
b7bb251
updated location selection for synthetics
michael-fleming Jan 22, 2024
c0810ab
removed debug
michael-fleming Jan 22, 2024
b1e7607
resolving issues related to instance parameters
colemandevries Jan 24, 2024
84cc7f6
Merge pull request #185 from CBIIT/neptune-params
colemandevries Jan 24, 2024
6de81b8
updated variable and resource naming conventions, modified iam policy…
colemandevries Jan 25, 2024
8d9eae8
removed references to var.domain_name
colemandevries Jan 25, 2024
f8bc3eb
added validation text for simple browser monitors
michael-fleming Feb 1, 2024
27cfb3f
Added validation text column, bento files monitors
michael-fleming Feb 1, 2024
e529729
added valus for validation text for CRDC hub
tracy18 Feb 13, 2024
7b76383
added non-ansible template deployment script and task definition temp…
tracy18 Feb 20, 2024
7ec746c
removed MTP lower tiers
michael-fleming Feb 21, 2024
b1ccbc6
added MTP API script
michael-fleming Feb 21, 2024
855eff4
fixed error with comment
michael-fleming Feb 21, 2024
5deae74
Merge pull request #181 from CBIIT/standard-opensearch
michael-fleming Feb 21, 2024
19d1850
updated deploy templates to use envsub, added yml template
michael-fleming Mar 1, 2024
058f241
updated to specify yaml input for task definition update
michael-fleming Mar 1, 2024
dc77a32
fixed spacing
michael-fleming Mar 1, 2024
7a0ecf9
Merge pull request #186 from CBIIT/deployment-without-ansible-template
michael-fleming Mar 1, 2024
fef8a09
Merge branch 'icdc-cloudwatch' into main
michael-fleming Mar 6, 2024
89af0a3
Revert "added cloudwatch module"
michael-fleming Mar 6, 2024
8c4fcf4
Merge pull request #188 from CBIIT/revert-184-icdc-cloudwatch
michael-fleming Mar 6, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions .github/workflows/documents.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
name: Documentation
name: Documentation for Terraform
on:
- pull_request
jobs:
Expand All @@ -8,7 +8,7 @@ jobs:
steps:
- name: Clone Repository
id: checkout
uses: actions/checkout@master
uses: actions/checkout@v3
with:
ref: ${{ github.event.pull_request.head.ref }}
- name: Terraform Documentation
Expand Down
21 changes: 0 additions & 21 deletions .github/workflows/scan-loadbalancer.yml
View file
Open in desktop

This file was deleted.

21 changes: 0 additions & 21 deletions .github/workflows/scan-opensearch.yml
View file
Open in desktop

This file was deleted.

106 changes: 106 additions & 0 deletions aws/templates/backend_task.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,106 @@
family: "$PROGRAM-$ENV-$PROJECT-backend"
networkMode: awsvpc
cpu: "512"
memory: "1024"
executionRoleArn: "arn:aws:iam::$AWS_ACCOUNT_ID:role/power-user-$PROJECT-$ENV-ecs-task-execution-role"
taskRoleArn: "arn:aws:iam::$AWS_ACCOUNT_ID:role/power-user-$PROJECT-$ENV-ecs-task-role"
requiresCompatibilities:
- FARGATE
containerDefinitions:

- name: sumologic-firelens
image: public.ecr.aws/aws-observability/aws-for-fluent-bit:stable
essential: true
firelensConfiguration:
type: fluentbit
options:
enable-ecs-log-metadata: "true"

- name: newrelic-infra
image: newrelic/nri-ecs:1.9.2
essential: true
environment:
- name: "FARGATE"
value: "true"
- name: "NRIA_IS_FORWARD_ONLY"
value: "true"
- name: "NEW_RELIC_DISTRIBUTED_TRACING_ENABLED"
value: "true"
- name: "NRIA_PASSTHROUGH_ENVIRONMENT"
value: "ECS_CONTAINER_METADATA_URI,ECS_CONTAINER_METADATA_URI_V4,FARGATE"
- name: "NEW_RELIC_HOST"
value: "gov-collector.newrelic.com"
- name: "NRIA_CUSTOM_ATTRIBUTES"
value: "{\"nrDeployMethod\":\"downloadPage\"}"
- name: "NEW_RELIC_APP_NAME"
value: "$SERVICE"
- name: "NRIA_OVERRIDE_HOST_ROOT"
value: ""
secrets:
- name: "NRIA_LICENSE_KEY"
valueFrom: "arn:aws:secretsmanager:$REGION:$AWS_ACCOUNT_ID:secret:monitoring/newrelic:api_key::"

- name: backend
image: "$IMAGE_ID"
portMappings:
- protocol: tcp
containerPort: 8080
hostPort: 8080
essential: true
environment:
- name: "PROJECT"
value: "$PROJECT"
- name: "BENTO_API_VERSION"
value: "$IMAGE_TAG"
- name: "NEO4J_URL"
value: "bolt://$NEO4J_HOST:7687"
- name: "NEO4J_GRAPHQL_ENDPOINT"
value: "http://$NEO4J_HOST:7474/graphql/"
- name: "ES_FILTER_ENABLED"
value: "true"
- name: "ES_SCHEMA"
value": "es-schema-ctdc.graphql"
- name: "REDIS_HOST"
value: "localhost"
- name: "REDIS_ENABLE"
value: "false"
- name: "REDIS_USE_CLUSTER"
value: "true"
- name: "REDIS_PORT"
value: "6379"
- name: "REDIS_FILTER_ENABLE"
value: "false"
- name: "NEW_RELIC_LOG_FILE_NAME"
value: "STDOUT"
- name: "NEW_RELIC_DISTRIBUTED_TRACING_ENABLED"
value: "true"
- name: "NEW_RELIC_HOST"
value: "gov-collector.newrelic.com"
- name: "NEW_RELIC_LABELS"
value: "Project:$PROJECT;Environment:$ENV"
- name: "NEW_RELIC_APP_NAME"
value: "$PROJECT-$ENV-backend"
- name: "JAVA_OPTS"
value: "-javaagent:/usr/local/tomcat/newrelic/newrelic.jar"
secrets:
- name: "NEO4J_USER"
valueFrom: "arn:aws:secretsmanager:us-east-1:$ACCOUNT_ID:secret:bento/$PROJECT/$ENV:neo4j_user::"
- name: "NEO4J_PASSWORD"
valueFrom: "arn:aws:secretsmanager:us-east-1:$ACCOUNT_ID:secret:bento/$PROJECT/$ENV:neo4j_password::"
- name: "ES_HOST"
valueFrom: "arn:aws:secretsmanager:us-east-1:$ACCOUNT_ID:secret:bento/$PROJECT/$ENV:es_host::"
- name: "NEW_RELIC_LICENSE_KEY"
valueFrom: "arn:aws:secretsmanager:us-east-1:$ACCOUNT_ID:secret:monitoring/newrelic:api_key::"
logConfiguration:
logDriver: awsfirelens
options:
Format: json_lines
Name: http
Port: "443"
URI: "/receiver/v1/http/$SUMO_COLLECTOR_TOKEN"
Retry_Limit: "2"
tls: "on"
tls.verify: "off"
secretOptions:
- name: "Host"
valueFrom: "arn:aws:secretsmanager:us-east-1:$AWS_ACCOUNT_ID:secret:bento/$PROJECT/$ENV:sumo_collector_endpoint::"
17 changes: 17 additions & 0 deletions docker/base_image_list.csv
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
Image,Project,Repo
tomcat:10.1.13-jdk17,"C3DC, CTDC","CCDI-C3DC-Backend (1.0.0), crdc-ctdc-backend (mvp)"
nginx:1.25.2,"C3DC, CCDI-HUB","bento-c3dc-frontend (1.0.0), CCDI-Portal-WebPortal (2.1.0)"
node:slim,CDS,bento-files (cds-multistage)
nginx:1.25-alpine,CDS,bento-cds-frontend (4.1.0)
node:18.18.2-alpine3.18,CRDC-DH,"crdc-datahub-authn (2.1.0), crdc-datahub-authz (2.0.0), crdc-datahub-backend (2.0.0)"
nginx:1.25.3-alpine3.18-slim,"CRDC-DH, CTDC","crdc-datahub-ui (mvp-2), crdc-ctdc-ui (mvp)"
node:16.20.2-alpine3.18,"CTDC, ICDC","crdc-ctdc-authn (CTDC-1205), crdc-ctdc-files (main), bento-files (2.3.1)"
node:16.17.0,GMB,"bento-auth (master), bento-files (main)"
tomcat:9.0.80-jdk11-temurin-jammy,GMB,gmb-backend (develop)
nginx:1.23.3-alpine,"GMB, ICDC","bento-gmb-frontend (bento-release-4.0.0-develop), bento-icdc-frontend (v4.0.0)"
node:16-alpine3.11,GMB,bento-users (master)
tomcat:10.1.15-jdk17,CCDI-HUB,CCDI-Portal-WebService (2.1.0)
tomcat:9.0.83-jdk11-temurin-jammy,ICDC,bento-icdc-backend (14.8.1)
node:16.17.0-alpine3.16,ICDC,bento-icdc-interoperation (idc-tcia-down-test)
openjdk:11,MTP,ccdi-mtp-backend (2.0.0)
rocker/r-ver:4.1.0,MTP,PediatricOpenTargets/OpenPedCan-api (main)
23 changes: 8 additions & 15 deletions jenkins/templates/DeployBackend.jenkinsfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -71,7 +71,7 @@ pipeline {
script {

// set sumo vars for logging
env.SUMO_COLLECTOR_ENDPOINT = sh(label: 'Get Sumo Endpoint', returnStdout: true, script: "aws secretsmanager get-secret-value --region $REGION --secret-id bento/$PROJECT/$ENV --query SecretString --output text | jq -r '.sumo_collector_endpoint'").trim()
//env.SUMO_COLLECTOR_ENDPOINT = sh(label: 'Get Sumo Endpoint', returnStdout: true, script: "aws secretsmanager get-secret-value --region $REGION --secret-id bento/$PROJECT/$ENV --query SecretString --output text | jq -r '.sumo_collector_endpoint'").trim()
env.SUMO_COLLECTOR_TOKEN = sh(label: 'Get Sumo Token', returnStdout: true, script: "aws secretsmanager get-secret-value --region $REGION --secret-id bento/$PROJECT/$ENV --query SecretString --output text | jq -r '.sumo_collector_token_$APP'").trim()

// set neo4j vars
Expand All @@ -84,7 +84,7 @@ pipeline {
env.REPO_URL = "${ECR_ACCOUNT}.dkr.ecr.${REGION}.amazonaws.com/${ECR_REPO}"

// set template file name
env.TEMPLATE_FILE="${PROJECT}-deployments/aws/${APP}_task.json"
env.TEMPLATE_FILE="${PROJECT}-deployments/aws/${APP}_task.yml"

}

Expand Down Expand Up @@ -140,19 +140,12 @@ pipeline {

# create new revision for $PROJECT-$APP Task Definition
echo "Updating Task Defintion to Use: $ECR_REPO:$IMAGE_TAG"
ACCOUNT_ID=$(aws sts get-caller-identity --query "Account" --output text)
IMAGE_ID="$REPO_URL:$IMAGE_TAG"

sed -i "s|{{account_id}}|$ACCOUNT_ID|" $TEMPLATE_FILE
sed -i "s|{{image_id}}|$IMAGE_ID|" $TEMPLATE_FILE
sed -i "s|{{image_tag}}|$IMAGE_TAG|" $TEMPLATE_FILE
sed -i "s|{{environment}}|$ENV|" $TEMPLATE_FILE
sed -i "s|{{project}}|$PROJECT|" $TEMPLATE_FILE
sed -i "s|{{sumo_collector_endpoint}}|$SUMO_COLLECTOR_ENDPOINT|" $TEMPLATE_FILE
sed -i "s|{{sumo_collector_token}}|$SUMO_COLLECTOR_TOKEN|" $TEMPLATE_FILE
sed -i "s|{{neo4j_host}}|$NEO4J_HOST|" $TEMPLATE_FILE

aws ecs register-task-definition --cli-input-json file://$TEMPLATE_FILE
export ACCOUNT_ID=$(aws sts get-caller-identity --query "Account" --output text)
export IMAGE_ID="$REPO_URL:$IMAGE_TAG"

# Update and register task definition
envsubst < $TEMPLATE_FILE > $TEMPLATE_FILE
aws ecs register-task-definition --cli-input-yaml file://$TEMPLATE_FILE

'''

Expand Down
24 changes: 8 additions & 16 deletions jenkins/templates/DeployFiles.jenkinsfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -91,7 +91,7 @@ pipeline {
env.REPO_URL = "${ECR_ACCOUNT}.dkr.ecr.${REGION}.amazonaws.com/${ECR_REPO}"

// set template file name
env.TEMPLATE_FILE="${PROJECT}-deployments/aws/${APP}_task.json"
env.TEMPLATE_FILE="${PROJECT}-deployments/aws/${APP}_task.yml"

}

Expand Down Expand Up @@ -145,21 +145,13 @@ pipeline {

# create new revision for $PROJECT-$APP Task Definition
echo "Updating Task Defintion to Use: $ECR_REPO:$IMAGE_TAG"
ACCOUNT_ID=$(aws sts get-caller-identity --query "Account" --output text)
IMAGE_ID="$REPO_URL:$IMAGE_TAG"
DATE=$(date '+%m/%d/%Y')

sed -i "s|{{account_id}}|$ACCOUNT_ID|" $TEMPLATE_FILE
sed -i "s|{{image_id}}|$IMAGE_ID|" $TEMPLATE_FILE
sed -i "s|{{image_tag}}|$IMAGE_TAG|" $TEMPLATE_FILE
sed -i "s|{{environment}}|$ENV|" $TEMPLATE_FILE
sed -i "s|{{project}}|$PROJECT|" $TEMPLATE_FILE
sed -i "s|{{domain_name}}|$DOMAIN_NAME|" $TEMPLATE_FILE
sed -i "s|{{sumo_collector_endpoint}}|$SUMO_COLLECTOR_ENDPOINT|" $TEMPLATE_FILE
sed -i "s|{{sumo_collector_token}}|$SUMO_COLLECTOR_TOKEN|" $TEMPLATE_FILE
sed -i "s|{{date}}|$DATE|" $TEMPLATE_FILE

aws ecs register-task-definition --cli-input-json file://$TEMPLATE_FILE
export ACCOUNT_ID=$(aws sts get-caller-identity --query "Account" --output text)
export IMAGE_ID="$REPO_URL:$IMAGE_TAG"
export DATE=$(date '+%m/%d/%Y')

# Update and register task definition
envsubst < $TEMPLATE_FILE > $TEMPLATE_FILE
aws ecs register-task-definition --cli-input-yaml file://$TEMPLATE_FILE

'''

Expand Down
23 changes: 6 additions & 17 deletions jenkins/templates/DeployFrontend.jenkinsfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -103,7 +103,7 @@ pipeline {
env.REPO_URL = "${ECR_ACCOUNT}.dkr.ecr.${REGION}.amazonaws.com/${ECR_REPO}"

// set template file name
env.TEMPLATE_FILE="${PROJECT}-deployments/aws/${APP}_task.json"
env.TEMPLATE_FILE="${PROJECT}-deployments/aws/${APP}_task.yml"

}

Expand Down Expand Up @@ -158,23 +158,12 @@ pipeline {

# create new revision for $PROJECT-$APP Task Definition
echo "Updating Task Defintion to Use: $ECR_REPO:$IMAGE_TAG"
ACCOUNT_ID=$(aws sts get-caller-identity --query "Account" --output text)
IMAGE_ID="$REPO_URL:$IMAGE_TAG"
export ACCOUNT_ID=$(aws sts get-caller-identity --query "Account" --output text)
export IMAGE_ID="$REPO_URL:$IMAGE_TAG"

sed -i "s|{{project}}|$PROJECT|" $TEMPLATE_FILE
sed -i "s|{{environment}}|$ENV|" $TEMPLATE_FILE
sed -i "s|{{account_id}}|$ACCOUNT_ID|" $TEMPLATE_FILE

sed -i "s|{{image_id}}|$IMAGE_ID|" $TEMPLATE_FILE
sed -i "s|{{image_tag}}|$IMAGE_TAG|" $TEMPLATE_FILE

sed -i "s|{{sumo_collector_endpoint}}|$SUMO_COLLECTOR_ENDPOINT|" $TEMPLATE_FILE
sed -i "s|{{sumo_collector_token}}|$SUMO_COLLECTOR_TOKEN|" $TEMPLATE_FILE

sed -i "s|{{domain_name}}|$DOMAIN_NAME|" $TEMPLATE_FILE
sed -i "s|{{be_version}}|$BE_VERSION|" $TEMPLATE_FILE

aws ecs register-task-definition --cli-input-json file://$TEMPLATE_FILE
# Update and register task definition
envsubst < $TEMPLATE_FILE > $TEMPLATE_FILE
aws ecs register-task-definition --cli-input-yaml file://$TEMPLATE_FILE

'''

Expand Down
Loading
Loading