Skip to content

Commit

Permalink
Infrastructure and GHA for Backend API (#419)
Browse files Browse the repository at this point in the history
* Infrastructure and GHA for Backend API

* change wording to middleware from backend

* get vault secrets ready

* merge main

* reconfigure cidr ranges

* change from backend to middleware

* change from backend to middleware

* test building and publishing middleware image

* cleanup

* rm vault data source secrets

* comment out vars

* clean-up

* rm middleware cicd

* wip

---------

Co-authored-by: Administrator <[email protected]>
  • Loading branch information
derekadombek and Administrator authored Dec 3, 2024
1 parent e563caf commit 3e66da6
Show file tree
Hide file tree
Showing 9 changed files with 135 additions and 37 deletions.
58 changes: 54 additions & 4 deletions .github/workflows/deploy-dev.yml
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,9 @@ on:
ocr-version:
description: 'Create a version for this OCR API image'
required: true
middleware-version:
description: 'Create a version for this middleware API image'
required: true

permissions:
contents: read
Expand All @@ -21,6 +24,33 @@ permissions:
id-token: write

jobs:
build-publish-middleware:
name: Build and Publish middleware
runs-on: ubuntu-latest
outputs:
docker_inspect: ${{ steps.image_check.outputs.docker_inspect }}
steps:
- uses: actions/checkout@v4
- name: Lowercase the repo name
run: echo "REPO=${GITHUB_REPOSITORY,,}" >>${GITHUB_ENV}
- name: Check if image exists
id: image_check
run: |
echo "docker_inspect=$(
docker manifest inspect ghcr.io/${{ env.REPO }}-middleware-api:${{ inputs.middleware-version }} > /dev/null ; echo $?
)" >> $GITHUB_OUTPUT
- name: Build and Push the middleware
if: ${{ steps.image_check.outputs.docker_inspect == 1 }}
uses: ./.github/actions/build-publish-api
with:
docker-registry: ghcr.io
docker-pw: ${{ secrets.GITHUB_TOKEN }}
docker-username: ${{ github.actor }}
docker-tag: ${{ inputs.middleware-version }}
dockerfile-path: ./backend/Dockerfile
docker-context-path: ./backend/
api-name: middleware-api

build-publish-ocr:
name: Build and Publish OCR
runs-on: ubuntu-latest
Expand All @@ -36,7 +66,7 @@ jobs:
echo "docker_inspect=$(
docker manifest inspect ghcr.io/${{ env.REPO }}-ocr-api:${{ inputs.ocr-version }} > /dev/null ; echo $?
)" >> $GITHUB_OUTPUT
- name: Build and Push backend
- name: Build and Push the OCR
if: ${{ steps.image_check.outputs.docker_inspect == 1 }}
uses: ./.github/actions/build-publish-api
with:
Expand All @@ -62,7 +92,7 @@ jobs:
frontend-build-path: ./frontend/dist/
node-version: 20

environment-setup:
az-environment-setup:
name: Setup Azure Environment
runs-on: ubuntu-latest
environment: ${{ inputs.deploy-env }}
Expand All @@ -83,11 +113,31 @@ jobs:
azure-subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
app-name: reportvision

deploy-middleware:
name: Deploy middleware
runs-on: ubuntu-latest
environment: ${{ inputs.deploy-env }}
needs: [build-publish-middleware, az-environment-setup]
steps:
- uses: actions/checkout@v4
- uses: azure/login@v2
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
- name: Deploy middleware-API
uses: ./.github/actions/deploy-api
with:
deploy-env: ${{ inputs.deploy-env }}
docker-tag: ${{ inputs.middleware-version }}
docker-registry: ghcr.io
api-name: middleware-api

deploy-ocr:
name: Deploy OCR
runs-on: ubuntu-latest
environment: ${{ inputs.deploy-env }}
needs: [build-publish-ocr, environment-setup]
needs: [build-publish-ocr, az-environment-setup]
steps:
- uses: actions/checkout@v4
- uses: azure/login@v2
Expand All @@ -107,7 +157,7 @@ jobs:
name: Deploy Frontend
runs-on: ubuntu-latest
environment: ${{ inputs.deploy-env }}
needs: [build-frontend, environment-setup]
needs: [build-frontend, az-environment-setup]
if: ${{ inputs.deploy-env != 'demo'}}
steps:
- uses: actions/checkout@v4
Expand Down
4 changes: 4 additions & 0 deletions backend/Dockerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
FROM amazoncorretto:17
ENV HOME=/app
RUN mkdir -p $HOME
WORKDIR $HOME
26 changes: 15 additions & 11 deletions ops/terraform/locals.tf
Original file line number Diff line number Diff line change
@@ -1,25 +1,29 @@
locals {
environment = terraform.workspace
environment = terraform.workspace
ocr-api = "ocr"
middleware-api = "middleware"
init = {
environment = local.environment
location = "eastus2"
}
dev = {
dev = {
vnetcidr = "10.0.0.0/16"
appsubnetcidr = "10.0.1.0/24"
websubnetcidr = "10.0.2.0/24"
lbsubnetcidr = "10.0.3.0/24"
dbsubnetcidr = "10.0.4.0/24"
vnetcidr = "10.0.0.0/16"
ocrsubnetcidr = "10.0.1.0/24"
middlewaresubnetcidr = "10.0.2.0/24"
websubnetcidr = "10.0.3.0/24"
lbsubnetcidr = "10.0.4.0/24"
dbsubnetcidr = "10.0.5.0/24"
}
}
demo = {
demo = {
vnetcidr = "10.1.0.0/16"
appsubnetcidr = "10.1.1.0/24"
websubnetcidr = "10.1.2.0/24"
lbsubnetcidr = "10.1.3.0/24"
dbsubnetcidr = "10.1.4.0/24"
vnetcidr = "10.1.0.0/16"
ocrsubnetcidr = "10.1.1.0/24"
middlewaresubnetcidr = "10.1.2.0/24"
websubnetcidr = "10.1.3.0/24"
lbsubnetcidr = "10.1.4.0/24"
dbsubnetcidr = "10.1.5.0/24"
}
}
}
43 changes: 30 additions & 13 deletions ops/terraform/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -9,16 +9,17 @@ locals {
}

module "networking" {
source = "./modules/network"
name = var.name
location = data.azurerm_resource_group.rg.location
resource_group = data.azurerm_resource_group.rg.name
vnetcidr = local.workspace["vnetcidr"]
websubnetcidr = local.workspace["websubnetcidr"]
lbsubnetcidr = local.workspace["lbsubnetcidr"]
appsubnetcidr = local.workspace["appsubnetcidr"]
dbsubnetcidr = local.workspace["dbsubnetcidr"]
env = local.environment
source = "./modules/network"
name = var.name
location = data.azurerm_resource_group.rg.location
resource_group = data.azurerm_resource_group.rg.name
vnetcidr = local.workspace["vnetcidr"]
websubnetcidr = local.workspace["websubnetcidr"]
lbsubnetcidr = local.workspace["lbsubnetcidr"]
ocrsubnetcidr = local.workspace["ocrsubnetcidr"]
middlewaresubnetcidr = local.workspace["middlewaresubnetcidr"]
dbsubnetcidr = local.workspace["dbsubnetcidr"]
env = local.environment
}

module "securitygroup" {
Expand Down Expand Up @@ -58,13 +59,29 @@ module "storage" {
web_subnet_id = module.networking.websubnet_id
}

module "middleware_api" {
source = "./modules/app_service"
service = local.middleware-api
name = var.name
location = data.azurerm_resource_group.rg.location
resource_group = data.azurerm_resource_group.rg.name
app_subnet_id = module.networking.middlewaresubnet_id

lb_subnet_id = module.networking.lbsubnet_id
env = local.environment
vnet = module.networking.network_name
sku_name = var.sku_name
https_only = true
}

module "ocr_api" {
source = "./modules/app_service"
service = local.ocr-api
name = var.name
location = data.azurerm_resource_group.rg.location
resource_group = data.azurerm_resource_group.rg.name
app_subnet_id = module.networking.appsubnet_id
lb_subnet_id = module.networking.lbsubnet_id
app_subnet_id = module.networking.ocrsubnet_id
lb_subnet_id = module.networking.middlewaresubnet_id
env = local.environment
vnet = module.networking.network_name
sku_name = var.sku_name
Expand All @@ -73,7 +90,7 @@ module "ocr_api" {

module "ocr_autoscale" {
source = "./modules/app_service_autoscale"
service = "ocr"
service = local.ocr-api
name = var.name
location = data.azurerm_resource_group.rg.location
env = local.environment
Expand Down
4 changes: 2 additions & 2 deletions ops/terraform/modules/app_service/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -3,15 +3,15 @@ locals {
}

resource "azurerm_service_plan" "asp" {
name = "${var.name}-ocr-appserviceplan-${var.env}"
name = "${var.name}-${var.service}-appserviceplan-${var.env}"
location = var.location
os_type = "Linux"
resource_group_name = var.resource_group
sku_name = var.sku_name
}

resource "azurerm_linux_web_app" "linux_webapp" {
name = "${var.name}-ocr-${var.env}"
name = "${var.name}-${var.service}-${var.env}"
https_only = var.https_only
location = var.location
resource_group_name = var.resource_group
Expand Down
1 change: 1 addition & 0 deletions ops/terraform/modules/app_service/variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ variable "app_subnet_id" {}
variable "sku_name" {
default = "S2"
}
variable "service" {}


variable "https_only" {
Expand Down
22 changes: 19 additions & 3 deletions ops/terraform/modules/network/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -17,11 +17,11 @@ resource "azurerm_subnet" "web-subnet" {
depends_on = [azurerm_virtual_network.vnet]
}

resource "azurerm_subnet" "app-subnet" {
name = "${var.name}-app-subnet-${var.env}"
resource "azurerm_subnet" "ocr-subnet" {
name = "${var.name}-ocr-subnet-${var.env}"
virtual_network_name = azurerm_virtual_network.vnet.name
resource_group_name = var.resource_group
address_prefixes = [var.appsubnetcidr]
address_prefixes = [var.ocrsubnetcidr]

delegation {
name = "delegation"
Expand All @@ -45,6 +45,22 @@ resource "azurerm_subnet" "lb-subnet" {
depends_on = [azurerm_virtual_network.vnet]
}

resource "azurerm_subnet" "middleware-subnet" {
name = "${var.name}-middleware-subnet-${var.env}"
virtual_network_name = azurerm_virtual_network.vnet.name
resource_group_name = var.resource_group
address_prefixes = [var.middlewaresubnetcidr]

delegation {
name = "delegation"

service_delegation {
name = "Microsoft.Web/serverFarms"
actions = ["Microsoft.Network/virtualNetworks/subnets/action"]
}
}
}


resource "azurerm_subnet" "db-subnet" {
name = "${var.name}-db-subnet-${var.env}"
Expand Down
9 changes: 7 additions & 2 deletions ops/terraform/modules/network/outputs.tf
Original file line number Diff line number Diff line change
Expand Up @@ -18,8 +18,13 @@ output "lbsubnet_id" {
description = "Id of lbsubnet in the network"
}

output "appsubnet_id" {
value = azurerm_subnet.app-subnet.id
output "ocrsubnet_id" {
value = azurerm_subnet.ocr-subnet.id
description = "Id of lbsubnet in the network"
}

output "middlewaresubnet_id" {
value = azurerm_subnet.middleware-subnet.id
description = "Id of lbsubnet in the network"
}

Expand Down
5 changes: 3 additions & 2 deletions ops/terraform/modules/network/variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -3,9 +3,10 @@ variable "name" {}
variable "vnetcidr" {}
variable "websubnetcidr" {}
variable "lbsubnetcidr" {}
variable "dbsubnetcidr" {}
variable "appsubnetcidr" {}
variable "ocrsubnetcidr" {}
variable "env" {}
variable "middlewaresubnetcidr" {}
variable "dbsubnetcidr" {}

variable "location" {
default = "eastus2"
Expand Down

0 comments on commit 3e66da6

Please sign in to comment.