diff --git a/.docker/Dockerfile b/.docker/Dockerfile new file mode 100644 index 0000000..9b85ee7 --- /dev/null +++ b/.docker/Dockerfile @@ -0,0 +1,12 @@ +FROM alpine:3.14.0 + +WORKDIR /app + +RUN apk --no-cache add --repository=http://dl-cdn.alpinelinux.org/alpine/edge/community terraform \ + && addgroup -S infrastructure && adduser -S infrastructure -G infrastructure + +COPY --chown=infrastructure:infrastructure . . + +RUN ls -lha + +ENTRYPOINT [ "terraform" ] diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..d611bdf --- /dev/null +++ b/.dockerignore @@ -0,0 +1,13 @@ +.docker/ +.git/ +.github/ +.vscode/ +src/aws/.terraform/ +src/github/.terraform/ +src/heroku/.terraform/ + +*.toml +.*ignore +.env* +*.yml +*.md diff --git a/.env.example b/.env.example index 3c39091..f2b3ebc 100644 --- a/.env.example +++ b/.env.example @@ -3,13 +3,7 @@ export TF_VAR_DOCKERHUB_USERNAME=xxxx export TF_VAR_DOCKERHUB_TOKEN=xxxx export TF_VAR_HEROKU_EMAIL=xxxx export TF_VAR_HEROKU_API_KEY=xxxx -export TF_VAR_EMAIL_SERVICE_CODECOV_TOKEN=xxxx export TF_VAR_API_GATEWAY_CODECOV_TOKEN=xxxx -export TF_VAR_EMAIL_SERVICE_DATABASE_URL=xxxx -export TF_VAR_EMAIL_SERVICE_MAIL_PASSWORD=xxxx -export TF_VAR_EMAIL_SERVICE_MAIL_USERNAME=xxxx -export TF_VAR_EMAIL_SERVICE_REDIS_TLS_URL=xxxx -export TF_VAR_EMAIL_SERVICE_REDIS_URL=xxxx export TF_VAR_PROFILE_SERVICE_DATABASE_URL=xxxx export TF_VAR_PROFILE_SERVICE_REDIS_TLS_URL=xxxx export TF_VAR_PROFILE_SERVICE_REDIS_URL=xxxx @@ -23,3 +17,9 @@ export TF_VAR_TRUSTED_HOSTS=xxxx export TF_VAR_GAMBLEY_CD_USER_AWS_ACCESS_KEY=xxxx export TF_VAR_GAMBLEY_CD_USER_AWS_SECRET_KEY=xxxx export TF_VAR_SNYK_SECRET_KEY=xxxx +export TF_VAR_GAMBLEY_BACKEND_DEEPSOURCE_DSN=xxxx +export TF_VAR_GAMBLEY_BACKEND_MAIL_USERNAME=xxxx +export TF_VAR_GAMBLEY_BACKEND_MAIL_PASSWORD=xxxx +export TF_VAR_GAMBLEY_BACKEND_SUPPRESS_SEND=xxxx +export TF_VAR_GAMBLEY_BACKEND_SSH_USER=xxxx +export TF_VAR_GAMBLEY_BACKEND_SSH_HOST=xxxx diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml index e08687d..e8664e9 100644 --- a/.github/workflows/pipeline.yml +++ b/.github/workflows/pipeline.yml @@ -2,14 +2,16 @@ name: "Pipeline" on: pull_request: - branches: [ "main" ] + branches: + - main push: - branches: [ "main" ] + branches: + - main jobs: test: if: ${{ github.event_name == 'pull_request' }} - runs-on: "ubuntu-20.04" + runs-on: "ubuntu-18.04" steps: - uses: actions/checkout@v2 @@ -28,6 +30,14 @@ jobs: source scripts/pipeline_utils.sh format_terraform github heroku aws + - name: "Adds directory for infra data" + env: + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + run: | + source scripts/pipeline_utils.sh + setup_data + - name: "Run validation to check for issues" run: | source scripts/pipeline_utils.sh @@ -37,7 +47,7 @@ jobs: if: ${{ github.event_name == 'pull_request' }} needs: - test - runs-on: "ubuntu-20.04" + runs-on: "ubuntu-18.04" steps: - uses: actions/checkout@v2 @@ -51,6 +61,14 @@ jobs: source scripts/pipeline_utils.sh init_terraform github heroku aws + - name: "Adds directory for infra data" + env: + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + run: | + source scripts/pipeline_utils.sh + setup_data + - name: "Generate terraform plan" env: AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} @@ -60,13 +78,7 @@ jobs: TF_VAR_DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} TF_VAR_HEROKU_EMAIL: ${{ secrets.HEROKU_EMAIL }} TF_VAR_HEROKU_API_KEY: ${{ secrets.HEROKU_API_KEY }} - TF_VAR_EMAIL_SERVICE_CODECOV_TOKEN: ${{ secrets.EMAIL_SERVICE_CODECOV_TOKEN }} TF_VAR_API_GATEWAY_CODECOV_TOKEN: ${{ secrets.API_GATEWAY_CODECOV_TOKEN }} - TF_VAR_EMAIL_SERVICE_DATABASE_URL: ${{ secrets.EMAIL_SERVICE_DATABASE_URL }} - TF_VAR_EMAIL_SERVICE_MAIL_PASSWORD: ${{ secrets.EMAIL_SERVICE_MAIL_PASSWORD }} - TF_VAR_EMAIL_SERVICE_MAIL_USERNAME: ${{ secrets.EMAIL_SERVICE_MAIL_USERNAME }} - TF_VAR_EMAIL_SERVICE_REDIS_TLS_URL: ${{ secrets.EMAIL_SERVICE_REDIS_TLS_URL }} - TF_VAR_EMAIL_SERVICE_REDIS_URL: ${{ secrets.EMAIL_SERVICE_REDIS_URL }} TF_VAR_PROFILE_SERVICE_DATABASE_URL: ${{ secrets.PROFILE_SERVICE_DATABASE_URL }} TF_VAR_PROFILE_SERVICE_REDIS_TLS_URL: ${{ secrets.PROFILE_SERVICE_REDIS_TLS_URL }} TF_VAR_PROFILE_SERVICE_REDIS_URL: ${{ secrets.PROFILE_SERVICE_REDIS_URL }} @@ -80,13 +92,19 @@ jobs: TF_VAR_GAMBLEY_CD_USER_AWS_ACCESS_KEY: ${{ secrets.GAMBLEY_CD_USER_AWS_ACCESS_KEY }} TF_VAR_GAMBLEY_CD_USER_AWS_SECRET_KEY: ${{ secrets.GAMBLEY_CD_USER_AWS_SECRET_KEY }} TF_VAR_SNYK_SECRET_KEY: ${{ secrets.SNYK_SECRET_KEY }} + TF_VAR_GAMBLEY_BACKEND_DEEPSOURCE_DSN: ${{ secrets.GAMBLEY_BACKEND_DEEPSOURCE_DSN }} + TF_VAR_GAMBLEY_BACKEND_MAIL_USERNAME: ${{ secrets.GAMBLEY_BACKEND_MAIL_USERNAME }} + TF_VAR_GAMBLEY_BACKEND_MAIL_PASSWORD: ${{ secrets.GAMBLEY_BACKEND_MAIL_PASSWORD }} + TF_VAR_GAMBLEY_BACKEND_SUPPRESS_SEND: ${{ secrets.GAMBLEY_BACKEND_SUPPRESS_SEND }} + TF_VAR_GAMBLEY_BACKEND_SSH_USER: ${{ secrets.GAMBLEY_BACKEND_SSH_USER }} + TF_VAR_GAMBLEY_BACKEND_SSH_HOST: ${{ secrets.GAMBLEY_BACKEND_SSH_HOST }} run: | source scripts/pipeline_utils.sh plan_terraform github heroku aws deploy: if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }} - runs-on: "ubuntu-20.04" + runs-on: "ubuntu-18.04" steps: - uses: actions/checkout@v2 @@ -100,6 +118,14 @@ jobs: source scripts/pipeline_utils.sh init_terraform github heroku aws + - name: "Adds directory for infra data" + env: + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + run: | + source scripts/pipeline_utils.sh + setup_data + - name: "Apply terraform plan" env: AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} @@ -109,13 +135,7 @@ jobs: TF_VAR_DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} TF_VAR_HEROKU_EMAIL: ${{ secrets.HEROKU_EMAIL }} TF_VAR_HEROKU_API_KEY: ${{ secrets.HEROKU_API_KEY }} - TF_VAR_EMAIL_SERVICE_CODECOV_TOKEN: ${{ secrets.EMAIL_SERVICE_CODECOV_TOKEN }} TF_VAR_API_GATEWAY_CODECOV_TOKEN: ${{ secrets.API_GATEWAY_CODECOV_TOKEN }} - TF_VAR_EMAIL_SERVICE_DATABASE_URL: ${{ secrets.EMAIL_SERVICE_DATABASE_URL }} - TF_VAR_EMAIL_SERVICE_MAIL_PASSWORD: ${{ secrets.EMAIL_SERVICE_MAIL_PASSWORD }} - TF_VAR_EMAIL_SERVICE_MAIL_USERNAME: ${{ secrets.EMAIL_SERVICE_MAIL_USERNAME }} - TF_VAR_EMAIL_SERVICE_REDIS_TLS_URL: ${{ secrets.EMAIL_SERVICE_REDIS_TLS_URL }} - TF_VAR_EMAIL_SERVICE_REDIS_URL: ${{ secrets.EMAIL_SERVICE_REDIS_URL }} TF_VAR_PROFILE_SERVICE_DATABASE_URL: ${{ secrets.PROFILE_SERVICE_DATABASE_URL }} TF_VAR_PROFILE_SERVICE_REDIS_TLS_URL: ${{ secrets.PROFILE_SERVICE_REDIS_TLS_URL }} TF_VAR_PROFILE_SERVICE_REDIS_URL: ${{ secrets.PROFILE_SERVICE_REDIS_URL }} @@ -129,6 +149,12 @@ jobs: TF_VAR_GAMBLEY_CD_USER_AWS_ACCESS_KEY: ${{ secrets.GAMBLEY_CD_USER_AWS_ACCESS_KEY }} TF_VAR_GAMBLEY_CD_USER_AWS_SECRET_KEY: ${{ secrets.GAMBLEY_CD_USER_AWS_SECRET_KEY }} TF_VAR_SNYK_SECRET_KEY: ${{ secrets.SNYK_SECRET_KEY }} + TF_VAR_GAMBLEY_BACKEND_DEEPSOURCE_DSN: ${{ secrets.GAMBLEY_BACKEND_DEEPSOURCE_DSN }} + TF_VAR_GAMBLEY_BACKEND_MAIL_USERNAME: ${{ secrets.GAMBLEY_BACKEND_MAIL_USERNAME }} + TF_VAR_GAMBLEY_BACKEND_MAIL_PASSWORD: ${{ secrets.GAMBLEY_BACKEND_MAIL_PASSWORD }} + TF_VAR_GAMBLEY_BACKEND_SUPPRESS_SEND: ${{ secrets.GAMBLEY_BACKEND_SUPPRESS_SEND }} + TF_VAR_GAMBLEY_BACKEND_SSH_USER: ${{ secrets.GAMBLEY_BACKEND_SSH_USER }} + TF_VAR_GAMBLEY_BACKEND_SSH_HOST: ${{ secrets.GAMBLEY_BACKEND_SSH_HOST }} run: | source scripts/pipeline_utils.sh apply_terraform github heroku aws diff --git a/.gitignore b/.gitignore index c4d602e..98dacf5 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,5 @@ .terraform/ .vscode/ +data/ .env diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..0fb9470 --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,18 @@ +version: "3.8" + + +networks: + infrastructure: + name: infrastructure + + +services: + infrastructure: + image: infrastructure:development + build: + context: . + dockerfile: .docker/Dockerfile + networks: + - infrastructure + volumes: + - .:/usr/src/app diff --git a/scripts/pipeline_utils.sh b/scripts/pipeline_utils.sh index 3925c09..4e53603 100644 --- a/scripts/pipeline_utils.sh +++ b/scripts/pipeline_utils.sh @@ -37,3 +37,18 @@ apply_terraform() { terraform -chdir="src/$i" apply -auto-approve -input=false done } + +setup_data() { + echo "Created data directory" + mkdir -p src/aws/data + cd src/aws/data + + echo "Copying test data to data directory" + aws s3 cp s3://gambley-infra-data/public_keys/id_gambley.pub . + echo "Copying IAM Role Policy to data directory" + aws s3 cp s3://gambley-infra-data/iam/iam_role_policy.json . + echo "Copying IAM Role Instance Policy to data directory" + aws s3 cp s3://gambley-infra-data/iam/iam_role_instance_policy.json . + echo "Copying user data script data directory" + aws s3 cp s3://gambley-infra-data/user_data/user_data.sh . +} diff --git a/src/aws/container_registry.tf b/src/aws/container_registry.tf index 0943a46..37c2660 100644 --- a/src/aws/container_registry.tf +++ b/src/aws/container_registry.tf @@ -20,8 +20,8 @@ resource "aws_ecr_repository" "auth_service" { } } -resource "aws_ecr_repository" "email_service" { - name = "email_service" +resource "aws_ecr_repository" "gambley_backend" { + name = "gambley_backend" encryption_configuration { encryption_type = "AES256" } diff --git a/src/aws/elastic_ip.tf b/src/aws/elastic_ip.tf new file mode 100644 index 0000000..47f4094 --- /dev/null +++ b/src/aws/elastic_ip.tf @@ -0,0 +1,7 @@ +resource "aws_eip" "gambley_node1_eip" { + instance = aws_instance.gambley_swarm_master.id + tags = { + "Name" = "Gambley Node1 Elastic IP" + "Terraform" = "True" + } +} diff --git a/src/aws/iam.tf b/src/aws/iam.tf new file mode 100644 index 0000000..94fd3fc --- /dev/null +++ b/src/aws/iam.tf @@ -0,0 +1,21 @@ +resource "aws_iam_role" "gambley_instance_role" { + name = "gambley-instance-role" + assume_role_policy = file("${path.module}/data/iam_role_policy.json") + tags = { + "Terraform" = "True" + } +} + +resource "aws_iam_instance_profile" "gambley_iam_instance_profile" { + name = "gambley-iam-profile" + role = aws_iam_role.gambley_instance_role.name + tags = { + "Terraform" = "True" + } +} + +resource "aws_iam_role_policy" "gambley_iam_instance_policy" { + name = "gambley-iam-instance-policy" + role = aws_iam_role.gambley_instance_role.id + policy = file("${path.module}/data/iam_role_instance_policy.json") +} diff --git a/src/aws/main.tf b/src/aws/main.tf index 876a9cc..c9da539 100644 --- a/src/aws/main.tf +++ b/src/aws/main.tf @@ -4,10 +4,10 @@ provider "aws" { terraform { backend "s3" { - bucket = "aws-state-bucket" - key = "terraform.tfstate" + bucket = "terraform-gambley-state-bucket" + key = "aws/terraform.tfstate" region = "ap-south-1" - dynamodb_table = "aws-lock-table" + dynamodb_table = "terraform-gambley-lock-table" encrypt = true } required_providers { diff --git a/src/aws/virtual_machine.tf b/src/aws/virtual_machine.tf new file mode 100644 index 0000000..5581e46 --- /dev/null +++ b/src/aws/virtual_machine.tf @@ -0,0 +1,58 @@ +resource "aws_instance" "gambley_swarm_master" { + ami = "ami-0c1a7f89451184c8b" + instance_type = "t3a.small" + key_name = aws_key_pair.gambley_ssh_key.key_name + associate_public_ip_address = true + user_data = file("${path.module}/data/user_data.sh") + security_groups = [aws_security_group.gambley_security_group.name] + iam_instance_profile = aws_iam_instance_profile.gambley_iam_instance_profile.name + metadata_options { + http_tokens = "required" + } + tags = { + "Name" = "Gambley Node1" + "Terraform" = "True" + } +} + +resource "aws_key_pair" "gambley_ssh_key" { + key_name = "Gambley SSH Key" + public_key = file("${path.module}/data/id_gambley.pub") +} + +resource "aws_security_group" "gambley_security_group" { + name = "Gambley Security group" + description = "Security group for gambley host" + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = [ + "0.0.0.0/0" + ] + } + ingress { + from_port = 22 + to_port = 22 + protocol = "tcp" + cidr_blocks = [ + "0.0.0.0/0" + ] + } + ingress { + from_port = 80 + to_port = 80 + protocol = "tcp" + cidr_blocks = [ + "0.0.0.0/0" + ] + } + ingress { + from_port = 443 + to_port = 443 + protocol = "tcp" + cidr_blocks = [ + "0.0.0.0/0" + ] + } +} diff --git a/src/github/github_actions_secret.tf b/src/github/github_actions_secret.tf index 0eb5caa..d349092 100644 --- a/src/github/github_actions_secret.tf +++ b/src/github/github_actions_secret.tf @@ -1,11 +1,41 @@ -resource "github_actions_secret" "email_service_codecov_token" { - repository = github_repository.email_service.name - secret_name = "CODECOV_TOKEN" - plaintext_value = var.EMAIL_SERVICE_CODECOV_TOKEN -} - resource "github_actions_secret" "api_gateway_codecov_token" { repository = github_repository.api_gateway.name secret_name = "CODECOV_TOKEN" plaintext_value = var.API_GATEWAY_CODECOV_TOKEN } + +resource "github_actions_secret" "gambley_backend_deepsource_dsn" { + repository = github_repository.gambley_backend.name + secret_name = "DEEPSOURCE_DSN" + plaintext_value = var.GAMBLEY_BACKEND_DEEPSOURCE_DSN +} + +resource "github_actions_secret" "gambley_backend_mail_username" { + repository = github_repository.gambley_backend.name + secret_name = "MAIL_USERNAME" + plaintext_value = var.GAMBLEY_BACKEND_MAIL_USERNAME +} + +resource "github_actions_secret" "gambley_backend_mail_password" { + repository = github_repository.gambley_backend.name + secret_name = "MAIL_PASSWORD" + plaintext_value = var.GAMBLEY_BACKEND_MAIL_PASSWORD +} + +resource "github_actions_secret" "gambley_backend_supress_send" { + repository = github_repository.gambley_backend.name + secret_name = "SUPPRESS_SEND" + plaintext_value = var.GAMBLEY_BACKEND_SUPPRESS_SEND +} + +resource "github_actions_secret" "gambley_backend_ssh_user" { + repository = github_repository.gambley_backend.name + secret_name = "SSH_USER" + plaintext_value = var.GAMBLEY_BACKEND_SSH_USER +} + +resource "github_actions_secret" "gambley_backend_ssh_host" { + repository = github_repository.gambley_backend.name + secret_name = "SSH_HOST" + plaintext_value = var.GAMBLEY_BACKEND_SSH_HOST +} diff --git a/src/github/github_app_installation_repository.tf b/src/github/github_app_installation_repository.tf index ce1717b..95436f6 100644 --- a/src/github/github_app_installation_repository.tf +++ b/src/github/github_app_installation_repository.tf @@ -13,11 +13,6 @@ resource "github_app_installation_repository" "discord_bot_codecov_app" { repository = github_repository.discord_bot.name } -resource "github_app_installation_repository" "email_service_codecov_app" { - installation_id = "16927671" - repository = github_repository.email_service.name -} - resource "github_app_installation_repository" "gambley_backend_codecov_app" { installation_id = "16927671" repository = github_repository.gambley_backend.name @@ -48,11 +43,6 @@ resource "github_app_installation_repository" "discord_bot_codefactor_app" { repository = github_repository.discord_bot.name } -resource "github_app_installation_repository" "email_service_codefactor_app" { - installation_id = "16967095" - repository = github_repository.email_service.name -} - resource "github_app_installation_repository" "gambley_backend_codefactor_app" { installation_id = "16967095" repository = github_repository.gambley_backend.name @@ -88,11 +78,6 @@ resource "github_app_installation_repository" "discord_bot_deepsource_app" { repository = github_repository.discord_bot.name } -resource "github_app_installation_repository" "email_service_deepsource_app" { - installation_id = "16888192" - repository = github_repository.email_service.name -} - resource "github_app_installation_repository" "gambley_backend_deepsource_app" { installation_id = "16888192" repository = github_repository.gambley_backend.name diff --git a/src/github/github_branch.tf b/src/github/github_branch.tf index 845f082..b073441 100644 --- a/src/github/github_branch.tf +++ b/src/github/github_branch.tf @@ -23,16 +23,6 @@ resource "github_branch" "discord_bot_main" { branch = "main" } -resource "github_branch" "email_service_main" { - repository = github_repository.email_service.name - branch = "main" -} - -resource "github_branch" "email_service_release" { - repository = github_repository.email_service.name - branch = "release" -} - resource "github_branch" "gambley_backend_main" { repository = github_repository.gambley_backend.name branch = "main" diff --git a/src/github/github_branch_default.tf b/src/github/github_branch_default.tf index 34cd004..ca475a6 100644 --- a/src/github/github_branch_default.tf +++ b/src/github/github_branch_default.tf @@ -13,11 +13,6 @@ resource "github_branch_default" "discord_bot_default_branch" { branch = github_branch.discord_bot_main.branch } -resource "github_branch_default" "email_service_default_branch" { - repository = github_repository.email_service.name - branch = github_branch.email_service_release.branch -} - resource "github_branch_default" "gambley_backend_default_branch" { repository = github_repository.gambley_backend.name branch = github_branch.gambley_backend_release.branch diff --git a/src/github/github_branch_protection.tf b/src/github/github_branch_protection.tf index 261e2b8..bec1508 100644 --- a/src/github/github_branch_protection.tf +++ b/src/github/github_branch_protection.tf @@ -62,31 +62,6 @@ resource "github_branch_protection" "discord_bot_branch_protection_main" { } } -resource "github_branch_protection" "email_service_branch_protection_main" { - repository_id = github_repository.email_service.node_id - pattern = "main" - enforce_admins = false - require_signed_commits = false - required_status_checks { - strict = true - contexts = [ - "test", - "build" - ] - } -} - -resource "github_branch_protection" "email_service_branch_protection_release" { - repository_id = github_repository.email_service.node_id - pattern = "release" - enforce_admins = false - require_signed_commits = true - required_pull_request_reviews { - dismiss_stale_reviews = true - required_approving_review_count = 1 - } -} - resource "github_branch_protection" "gambley_backend_branch_protection_main" { repository_id = github_repository.gambley_backend.node_id pattern = "main" diff --git a/src/github/github_issue_label.tf b/src/github/github_issue_label.tf index bb38f0c..9d9e4ad 100644 --- a/src/github/github_issue_label.tf +++ b/src/github/github_issue_label.tf @@ -187,69 +187,6 @@ resource "github_issue_label" "discord_bot_wontfix" { description = "This will not be worked on" } -resource "github_issue_label" "email_service_bug" { - repository = github_repository.email_service.name - name = "bug" - color = "d73a4a" - description = "Something isn't working" -} - -resource "github_issue_label" "email_service_documentation" { - repository = github_repository.email_service.name - name = "documentation" - color = "0075ca" - description = "Improvements or additions to documentation" -} - -resource "github_issue_label" "email_service_duplicate" { - repository = github_repository.email_service.name - name = "duplicate" - color = "cfd3d7" - description = "This issue or pull request already exists" -} - -resource "github_issue_label" "email_service_enhancement" { - repository = github_repository.email_service.name - name = "enhancement" - color = "a2eeef" - description = "New feature or request" -} - -resource "github_issue_label" "email_service_good_first_issue" { - repository = github_repository.email_service.name - name = "good first issue" - color = "7057ff" - description = "Good for newcomers" -} - -resource "github_issue_label" "email_service_help_wanted" { - repository = github_repository.email_service.name - name = "help wanted" - color = "008672" - description = "Extra attention is needed" -} - -resource "github_issue_label" "email_service_invalid" { - repository = github_repository.email_service.name - name = "invalid" - color = "e4e669" - description = "This doesn't seem right" -} - -resource "github_issue_label" "email_service_question" { - repository = github_repository.email_service.name - name = "question" - color = "d876e3" - description = "Further information is requested" -} - -resource "github_issue_label" "email_service_wontfix" { - repository = github_repository.email_service.name - name = "wontfix" - color = "ffffff" - description = "This will not be worked on" -} - resource "github_issue_label" "gambley_backend_bug" { repository = github_repository.gambley_backend.name name = "bug" diff --git a/src/github/github_repository.tf b/src/github/github_repository.tf index 5fd105f..6ba7a09 100644 --- a/src/github/github_repository.tf +++ b/src/github/github_repository.tf @@ -49,23 +49,6 @@ resource "github_repository" "discord_bot" { vulnerability_alerts = true } -resource "github_repository" "email_service" { - name = "email_service" - description = "Codebase for email_service" - visibility = "public" - has_issues = true - has_projects = false - has_wiki = false - is_template = false - allow_merge_commit = false - allow_squash_merge = true - allow_rebase_merge = false - delete_branch_on_merge = true - has_downloads = true - auto_init = false - vulnerability_alerts = true -} - resource "github_repository" "gambley_backend" { name = "gambley_backend" description = "Codebase for gambley_backend" diff --git a/src/github/github_team_repository.tf b/src/github/github_team_repository.tf index 8043c02..cd75260 100644 --- a/src/github/github_team_repository.tf +++ b/src/github/github_team_repository.tf @@ -34,18 +34,6 @@ resource "github_team_repository" "discord_bot_backend_team" { permission = "push" } -resource "github_team_repository" "email_service_backend_team" { - team_id = github_team.backend_team.id - repository = github_repository.email_service.name - permission = "maintain" -} - -resource "github_team_repository" "email_service_ops_team" { - team_id = github_team.ops_team.id - repository = github_repository.email_service.name - permission = "push" -} - resource "github_team_repository" "gambley_backend_backend_team" { team_id = github_team.backend_team.id repository = github_repository.gambley_backend.name diff --git a/src/github/main.tf b/src/github/main.tf index f23bd22..568f946 100644 --- a/src/github/main.tf +++ b/src/github/main.tf @@ -9,10 +9,10 @@ provider "github" { terraform { backend "s3" { - bucket = "github-state-bucket" - key = "terraform.tfstate" + bucket = "terraform-gambley-state-bucket" + key = "github/terraform.tfstate" region = "ap-south-1" - dynamodb_table = "github-lock-table" + dynamodb_table = "terraform-gambley-lock-table" encrypt = true } required_providers { diff --git a/src/github/vars.tf b/src/github/vars.tf index bb4c78d..a4e3f19 100644 --- a/src/github/vars.tf +++ b/src/github/vars.tf @@ -26,12 +26,6 @@ variable "HEROKU_API_KEY" { sensitive = true } -variable "EMAIL_SERVICE_CODECOV_TOKEN" { - type = string - description = "Codecov token for email service" - sensitive = true -} - variable "API_GATEWAY_CODECOV_TOKEN" { type = string description = "Codecov token for API gateway" @@ -55,3 +49,39 @@ variable "SNYK_SECRET_KEY" { description = "Secret key for Snyk" sensitive = true } + +variable "GAMBLEY_BACKEND_DEEPSOURCE_DSN" { + type = string + description = "Deepsource DSN for gambley_backend" + sensitive = true +} + +variable "GAMBLEY_BACKEND_MAIL_USERNAME" { + type = string + description = "Username for SMTP server" + sensitive = true +} + +variable "GAMBLEY_BACKEND_MAIL_PASSWORD" { + type = string + description = "Password for SMTP server" + sensitive = true +} + +variable "GAMBLEY_BACKEND_SUPPRESS_SEND" { + type = string + description = "Flag to disable sending mail" + sensitive = true +} + +variable "GAMBLEY_BACKEND_SSH_USER" { + type = string + description = "User for SSHing to master node" + sensitive = true +} + +variable "GAMBLEY_BACKEND_SSH_HOST" { + type = string + description = "Host for SSHing to swarm cluster" + sensitive = true +} diff --git a/src/heroku/heroku_addon.tf b/src/heroku/heroku_addon.tf index 215c5b9..5670285 100644 --- a/src/heroku/heroku_addon.tf +++ b/src/heroku/heroku_addon.tf @@ -1,13 +1,3 @@ -resource "heroku_addon" "email_service_database_addon" { - app = heroku_app.email_service_app.name - plan = "heroku-postgresql:hobby-dev" -} - -resource "heroku_addon" "email_service_redis_addon" { - app = heroku_app.email_service_app.name - plan = "heroku-redis:hobby-dev" -} - resource "heroku_addon" "profile_service_redis_addon" { app = heroku_app.profile_service_app.name plan = "heroku-redis:hobby-dev" diff --git a/src/heroku/heroku_app.tf b/src/heroku/heroku_app.tf index 16b244f..9218b55 100644 --- a/src/heroku/heroku_app.tf +++ b/src/heroku/heroku_app.tf @@ -32,27 +32,6 @@ resource "heroku_app" "discord_bot_app" { } } -resource "heroku_app" "email_service_app" { - name = "email-service-web" - region = "us" - stack = "container" - config_vars = { - DB_REVISION = "001" - DEPLOYMENT_PLATFORM = "heroku" - FLASK_APP = "src.app:create_app" - FLASK_DEBUG = false - FLASK_ENV = "production" - PROCESS_TYPE = "web" - } - sensitive_config_vars = { - DATABASE_URL = var.EMAIL_SERVICE_DATABASE_URL - MAIL_PASSWORD = var.EMAIL_SERVICE_MAIL_PASSWORD - MAIL_USERNAME = var.EMAIL_SERVICE_MAIL_USERNAME - REDIS_TLS_URL = var.EMAIL_SERVICE_REDIS_TLS_URL - REDIS_URL = var.EMAIL_SERVICE_REDIS_URL - } -} - resource "heroku_app" "gambley_backend_app" { name = "gambley-backend-web" region = "us" diff --git a/src/heroku/main.tf b/src/heroku/main.tf index 811950d..70463e6 100644 --- a/src/heroku/main.tf +++ b/src/heroku/main.tf @@ -9,10 +9,10 @@ provider "heroku" { terraform { backend "s3" { - bucket = "heroku-state-bucket" - key = "terraform.tfstate" + bucket = "terraform-gambley-state-bucket" + key = "heroku/terraform.tfstate" region = "ap-south-1" - dynamodb_table = "heroku-lock-table" + dynamodb_table = "terraform-gambley-lock-table" encrypt = true } required_providers { diff --git a/src/heroku/vars.tf b/src/heroku/vars.tf index 3d401c4..eb6185d 100644 --- a/src/heroku/vars.tf +++ b/src/heroku/vars.tf @@ -9,36 +9,6 @@ variable "HEROKU_API_KEY" { sensitive = true } -variable "EMAIL_SERVICE_DATABASE_URL" { - type = string - description = "Database URI for Email Service" - sensitive = true -} - -variable "EMAIL_SERVICE_MAIL_PASSWORD" { - type = string - description = "Email password for Email Service" - sensitive = true -} - -variable "EMAIL_SERVICE_MAIL_USERNAME" { - type = string - description = "Email address for Email Service" - sensitive = true -} - -variable "EMAIL_SERVICE_REDIS_TLS_URL" { - type = string - description = "Redis(secure) URI for Email Service" - sensitive = true -} - -variable "EMAIL_SERVICE_REDIS_URL" { - type = string - description = "Redis URI for Email Service" - sensitive = true -} - variable "PROFILE_SERVICE_DATABASE_URL" { type = string description = "Database URI for Profile Service"