Try to push to ecr (#2)

* Try to push to ecr

* Remove other actions for now

* Fix repo name

* pull image from ecr repo

* Setup pixi

* Fix image name

* Get working aws roles for github

* Make sure to deploy the service

* Try using family

* Add describe service perm

* Allow update service

* Add registry to image name

* only deploy on main

* Remove scripts

* Remove unused pixi

Author: singhals

.github/workflows/deploy.yml

@@ -3,107 +3,66 @@ on:
   push:
     branches:
       - main
-env:
-  TF_CLOUD_ORGANIZATION: "shughesuk"
-  CONFIG_DIRECTORY: "./"
+permissions:
+  id-token: write # This is required for requesting tghe JWT
+  contents: read # This is required for actions/checkout
 jobs:
-  deploy-backend:
-    outputs:
-      sha: ${{ steps.short_sha.outputs.sha }}
-    environment: backend-production
-    concurrency: backend-production
-    permissions:
-      id-token: write
-      contents: read
+  deploy-cube:
     runs-on: ubuntu-latest
     steps:
-      - name: Checkout code
+      - name: Checkout repo
         uses: actions/checkout@v4
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v3
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
-      - name: Login to Docker Hub
-        uses: docker/login-action@v3
+
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v4
         with:
-          username: ${{ secrets.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_TOKEN }}
-      - name: Get short SHA
-        id: short_sha
-        run: echo "sha=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
-      - name: Build and push Docker image
-        uses: docker/build-push-action@v5
+          role-to-assume: arn:aws:iam::471881062455:role/system/github_actions_role
+          role-session-name: GitHub_to_AWS_sync_svc_cube
+          aws-region: us-east-1
+
+      - name: Login to Amazon ECR
+        id: login-ecr
+        uses: aws-actions/[email protected]
         with:
-          context: .
-          push: true
-          tags: shughesuk/backend:${{ steps.short_sha.outputs.sha }}
-  run-migrations:
-    name: "Run Migrations"
-    runs-on: ubuntu-latest
-    needs: deploy-backend
-    permissions:
-      contents: read
-      id-token: write
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-      - name: configure aws credentials
-        uses: aws-actions/[email protected]
+          mask-password: "false"
+
+      - name: Build, tag, and push docker image to Amazon ECR
+        env:
+          REGISTRY: ${{ steps.login-ecr.outputs.registry }}
+          REPOSITORY: sync-svc-cube
+          IMAGE_TAG: "${{ github.sha }}"
+        run: |
+          docker build -t $REGISTRY/$REPOSITORY:$IMAGE_TAG .
+          docker push $REGISTRY/$REPOSITORY:$IMAGE_TAG
+
+      - name: Update cube-api Task Definition with latest image
+        id: cube-api-task-def
+        uses: aws-actions/[email protected]
         with:
-          role-to-assume: arn:aws:iam::905418398753:role/github-actions-role
-          role-session-name: GitHub_to_AWS_via_FederatedOIDC
-          aws-region: "us-east-1"
-      - uses: prefix-dev/[email protected]
+          task-definition-family: cube_api
+          container-name: cube-api
+          image: ${{ steps.login-ecr.outputs.registry }}/sync-svc-cube:${{ github.sha }}
+
+      - name: Update cube-refresh-worker Task Definition with latest image
+        id: cube-refresh-worker-task-def
+        uses: aws-actions/[email protected]
         with:
-          cache: true
-          locked: true
-      - name: Update task
-        run: pixi run python scripts/update_task.py --task-definition production --container-name backend-api --image shughesuk/backend:${{ needs.deploy-backend.outputs.sha }}
-      - name: Run migrations
-        run: pixi run python scripts/run_task.py --task-definition production --cluster production --command "pixi run python manage.py migrate"
-  terraform:
-    needs:
-      - deploy-backend
-      - run-migrations
-    name: "Terraform Apply"
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-      - name: terraform-apply
-        uses: dflook/[email protected]
+          task-definition-family: cube_refresh_worker
+          container-name: cube-refresh-worker
+          image: ${{ steps.login-ecr.outputs.registry }}/sync-svc-cube:${{ github.sha }}
+
+      - name: Deploy cube-api task definition
+        uses: aws-actions/[email protected]
         with:
-          path: ./terraform
-          auto_approve: true
-          workspace: resume-workspace
-          variables: |
-            app_image = "shughesuk/backend:${{ needs.deploy-backend.outputs.sha }}"
-        env:
-          TERRAFORM_CLOUD_TOKENS: app.terraform.io=${{ secrets.TF_API_TOKEN }}
-  deploy-frontend:
-    needs: terraform
-    environment: frontend-production
-    concurrency: frontend-production
-    permissions:
-      id-token: write
-      contents: read
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-      - name: configure aws credentials
-        uses: aws-actions/[email protected]
-        with:
-          role-to-assume: arn:aws:iam::905418398753:role/github-actions-role
-          role-session-name: GitHub_to_AWS_via_FederatedOIDC
-          aws-region: "us-east-1"
-      - uses: prefix-dev/[email protected]
-        env:
-          ACTIONS_STEP_DEBUG: true
+          task-definition: ${{ steps.cube-api-task-def.outputs.task-definition }}
+          service: cube_api
+          cluster: production
+          wait-for-service-stability: true
+
+      - name: Deploy cube-refresh-worker task definition
+        uses: aws-actions/[email protected]
         with:
-          cache: true
-          locked: true
-      - name: Deploy
-        run: pixi run frontend-deploy
+          task-definition: ${{ steps.cube-refresh-worker-task-def.outputs.task-definition }}
+          service: cube_refresh_worker
+          cluster: production
+          wait-for-service-stability: true

.github/workflows/pre-commit.yml

@@ -1,8 +1,6 @@
-FROM ghcr.io/prefix-dev/pixi:0.18.0-bookworm-slim
+FROM cubejs/cube:v1.1.9
 
-COPY ./backend /opt/backend
-COPY ./pixi.lock /opt/backend/pixi.lock
-COPY ./pixi.toml /opt/backend/pixi.toml
-WORKDIR /opt/backend/
-RUN pixi install
-CMD pixi run uvicorn --port 80 --host 0.0.0.0 resume.asgi:application --log-config logging.yaml
+COPY cube.js cube.js
+COPY fetch.js fetch.js
+RUN mkdir model
+COPY model/ model/

.github/workflows/terraform-plan.yml

@@ -1,36 +1,42 @@
-# Samantha Hughes's Resume
+# sync-svc-cube
+A cube dev deployment creating a semantic layer for serving up a connected data model.
 
-[![Deployment](https://github.com/shughes-uk/resume/actions/workflows/deploy.yml/badge.svg)](https://d3k3m107rwvrzt.cloudfront.net/)
+## Standing up Cube locally
+### Prerequisites
+- Your machine is running docker
+- You have an Auth0 user
 
-## Getting Started
+### Standing up Cube locally
+1. Create a .env file at the root repo directory and add the following properties and get their values from dev:
 
-The repo uses [pixi](https://prefix.dev/docs/pixi/overview). Install it with
+    1.1. Add properties and values to setup authentication for auth0:
+    ```
+    CUBEJS_JWK_URL
+    CUBEJS_JWT_AUDIENCE
+    CUBEJS_JWT_ISSUER
+    CUBEJS_JWT_ALGS
+    CUBEJS_JWT_CLAIMS_NAMESPACE
+    ```
 
-```shell
-curl -fsSL https://pixi.sh/install.sh | bash
-```
+    1.2. Add properties to connect to different Sync datastores like Postgres and Databricks Delta Tables
+    ```
+    CUBEJS_DB_HOST
+    CUBEJS_DB_PORT
+    CUBEJS_DB_NAME
+    CUBEJS_DB_USER
+    CUBEJS_DB_PASS
+    CUBEJS_DB_TYPE
+    ```
 
-Then install everything you'll need
+2. Build docker image `docker build -t sync-cube-image .`
 
-```shell
-pixi install
-pixi run frontend-install
-```
+3. Run `docker compose up`
 
-Add the precommit with
+4. Run `curl -X GET 'http://localhost:4000/livez'` to ensure cube is properly running
 
-```shell
-pre-commit install
-```
+5. You should now have a running cube server! Happy cubing! You can navigate to `http://localhost:4000/` to play with the cube playground.
 
-Start the frontend dev server with
 
-```shell
-pixi run frontend-dev
-```
-
-Start hacking!
-
-## Deployment
-
-All pushes to main are immediately deployed!
+## Helpful Cube Dev documentation:
+* https://cube.dev/
+* https://github.com/cube-js/cube