Merge branch 'bob/que-33-build-out-query-building-write-functionality…

…-pt-3' of https://github.com/CDCgov/dibbs-query-connector into bob/que-33-build-out-query-building-write-functionality-pt-3
CDCgov · Jan 10, 2025 · 9302d82 · 9302d82
2 parents c5b1619 + 912f8e2
commit 9302d82
Show file tree

Hide file tree

Showing 4 changed files with 34 additions and 16 deletions.
diff --git a/.github/workflows/ecs_terraform.yaml b/.github/workflows/ecs_terraform.yaml
@@ -5,16 +5,16 @@ on:
   merge_group:
     types:
       - checks_requested
-  push:
-    branches:
-      - main
   workflow_dispatch:
     inputs:
       workspace:
-        description: "The workspace to terraform against"
+        description: "Choose terraform workspace for deployment"
         required: true
-        type: string
-        default: "dev"
+        type: choice
+        options:
+          - dev
+          - demo
+        default: dev
 
 concurrency:
   group: ${{ github.event.inputs.workspace }}-terraform
@@ -25,7 +25,7 @@ permissions:
   contents: read
 
 env:
-  workspace: dev
+  workspace: ${{ github.event.inputs.workspace }}
 
 jobs:
   terraform:

diff --git a/.github/workflows/terraform_plan.yaml b/.github/workflows/terraform_plan.yaml
@@ -2,13 +2,22 @@ name: Ad-hoc Terraform Plan
 run-name: Terraform plan ${{ inputs.workspace }} by @${{ github.actor }}
 
 on:
+  pull_request:
+    branches:
+      - shanice/deploy_demo_ecs
+  merge_group:
+    types:
+      - checks_requested
   workflow_dispatch:
     inputs:
       workspace:
-        description: "The workspace to terraform against"
+        description: "Choose terraform workspace for deployment"
         required: true
-        type: string
-        default: "dev"
+        type: choice
+        options:
+          - dev
+          - demo
+        default: dev
 
 concurrency:
   group: ${{ github.event.inputs.workspace }}-terraform
@@ -19,7 +28,7 @@ permissions:
   contents: read
 
 env:
-  workspace: dev
+  workspace: ${{ github.event.inputs.workspace }}
 
 jobs:
   terraform:
@@ -49,7 +58,6 @@ jobs:
 
       - name: Terraform
         env:
-          # ACTION: ${{ env.terraform_action }}
           BUCKET: ${{ secrets.TFSTATE_BUCKET }}
           DYNAMODB_TABLE: ${{ secrets.TFSTATE_DYNAMODB_TABLE }}
           REGION: ${{ vars.region }}
@@ -60,6 +68,7 @@ jobs:
           TLS_KEY: ${{ secrets.TLS_KEY}}
         shell: bash
         run: |
+          echo "Deploying to ${{ github.event.inputs.workspace }}..."
           rm -rf .terraform .terraform.lock.hcl
           terraform init \
             -var-file="$WORKSPACE.tfvars" \
@@ -68,6 +77,12 @@ jobs:
             -backend-config "region=$REGION" \
             || (echo "terraform init failed, exiting..." && exit 1)
           terraform workspace select "$WORKSPACE"
+          terraform apply -auto-approve -target=aws_acm_certificate.cloudflare_cert \
+            -var-file="$WORKSPACE.tfvars" \
+            -var "umls_api_key=${UMLS_API_KEY}" \
+            -var "ersd_api_key=${ERSD_API_KEY}" \
+            -var "qc_tls_key=${TLS_KEY}" \
+            -var "qc_tls_cert=${TLS_CERT}"          
           terraform plan \
             -var-file="$WORKSPACE.tfvars" \
             -var "umls_api_key=${UMLS_API_KEY}" \

diff --git a/terraform/implementation/ecs/demo.tfvars b/terraform/implementation/ecs/demo.tfvars
@@ -0,0 +1,3 @@
+owner = "skylight"
+project = "qc"
+region = "us-east-1"
diff --git a/terraform/implementation/ecs/main.tf b/terraform/implementation/ecs/main.tf
@@ -136,8 +136,8 @@ module "ecs" {
 
 resource "aws_db_instance" "qc_db" {
   allocated_storage = "10"
-  db_name = var.qc_db_name
-  identifier = var.db_identifier
+  db_name = "${var.qc_db_name}_${terraform.workspace}"
+  identifier = "${var.db_identifier}-${terraform.workspace}"
   engine               = var.db_engine_type
   engine_version       = var.db_engine_version
   enabled_cloudwatch_logs_exports = ["postgresql", "upgrade"]
@@ -152,14 +152,14 @@ resource "aws_db_instance" "qc_db" {
 
 # Create a DB subnet group
 resource "aws_db_subnet_group" "this" {
-  name       = "${var.db_identifier}-subnet-group"
+  name       = "${var.db_identifier}-subnet-group-${terraform.workspace}"
   subnet_ids = module.vpc.private_subnets
 
 }
 
 # Create a parameter group to configure Postgres RDS parameters
 resource "aws_db_parameter_group" "this" {
-  name   = "${var.db_identifier}-pg"
+  name   = "${var.db_identifier}-pg-${terraform.workspace}"
   family = var.db_family
 
   parameter {