diff --git a/.github/workflows/deploy-infra-dev.yml b/.github/workflows/deploy-infra-dev.yml new file mode 100644 index 00000000..d6497a50 --- /dev/null +++ b/.github/workflows/deploy-infra-dev.yml @@ -0,0 +1,14 @@ +name: Deploy AWS Infra to Dev + +on: + workflow_dispatch: + +jobs: + infrastructure_deploy_snd: + uses: ./.github/workflows/aws-template-terraform.yml + with: + CONTEXT_FOLDER: ./infrastructure/cloud/environments/dev + CHANGE_FOLDER_NAME: environments/dev + ENVIRONMENT_NAME: dev + TEST_BUCKET_NAME: jasper-test-bucket + secrets: inherit diff --git a/infrastructure/cloud/README.md b/infrastructure/cloud/README.md new file mode 100644 index 00000000..96f5fd1d --- /dev/null +++ b/infrastructure/cloud/README.md @@ -0,0 +1,44 @@ +# JASPER's AWS Infrastructure Setup + +This repository includes Terraform scripts for provisioning and managing JASPER's AWS infrastructure. The team has adopted a modularized folder structure to enhance reusability, maintainability, and separation of concerns. The infrastructure-as-code is organized into reusable, encapsulated components known as modules, along with environment-specific configurations. This structure enables consistent and efficient management of infrastructure across various environments, such as development, testing, and production. + +## Prerequisites + +1. Navigate to [BC Gov's AWS instance](https://login.nimbus.cloud.gov.bc.ca/api). +2. Configure AWS CLI + +``` +aws configure sso +``` + +3. Follow instructions from CLI. + +## Running Terraform Scripts Locally + +1. Navigate to the desired environment (`/dev` or `/test`) where you want the Terraform scripts to be executed. +2. Initialize the working directory. + +``` +terraform init -backend-config=backend.tfvars +``` + +3. Preview the changes that Terraform plans to deploy. + +``` +terraform plan -var-file="./.tfvars" +``` + +4. If everything looks good, execute the actions propsed Terraform plan. + +``` +terraform apply -var-file="./.tfvars" +``` + +## Deploying Terraform changes via Github Actions + +1. Commit and push your working branch to Github. +2. Navigate to [Actions](https://github.com/bcgov/jasper/actions) tab. +3. Select the desired workflow (Deploy AWS Infra to ``). +4. Click `Run workflow` dropdown. +5. Select working branch +6. Click `Run workflow` button. diff --git a/infrastructure/cloud/environments/dev/.gitkeep b/infrastructure/cloud/environments/dev/.gitkeep deleted file mode 100644 index e69de29b..00000000 diff --git a/infrastructure/cloud/environments/dev/backend.tfvars b/infrastructure/cloud/environments/dev/backend.tfvars new file mode 100644 index 00000000..ae3a4b7a --- /dev/null +++ b/infrastructure/cloud/environments/dev/backend.tfvars @@ -0,0 +1,4 @@ +bucket = "terraform-remote-state-dev" +dynamodb_table = "terraform-remote-state-lock" +key = "terraform.tfstate" +region = "ca-central-1" diff --git a/infrastructure/cloud/environments/dev/dev.tfvars b/infrastructure/cloud/environments/dev/dev.tfvars new file mode 100644 index 00000000..18c4dec8 --- /dev/null +++ b/infrastructure/cloud/environments/dev/dev.tfvars @@ -0,0 +1,5 @@ +app_name = "jasper" +environment = "dev" +kms_key_name = "jasper-kms-key" +region = "ca-central-1" +test_s3_bucket_name = "test-s3-bucket" diff --git a/infrastructure/cloud/environments/dev/providers.tf b/infrastructure/cloud/environments/dev/providers.tf new file mode 100644 index 00000000..4cafa436 --- /dev/null +++ b/infrastructure/cloud/environments/dev/providers.tf @@ -0,0 +1,21 @@ +terraform { + required_version = "~> 1.9.0" + required_providers { + aws = { + source = "hashicorp/aws" + version = "~> 5.0" + } + + tls = { + source = "hashicorp/tls" + version = "4.0.5" + } + } + + backend "s3" { + } +} + +provider "aws" { + region = var.region +} diff --git a/infrastructure/cloud/environments/dev/variables.tf b/infrastructure/cloud/environments/dev/variables.tf new file mode 100644 index 00000000..95616419 --- /dev/null +++ b/infrastructure/cloud/environments/dev/variables.tf @@ -0,0 +1,24 @@ +variable "test_s3_bucket_name" { + description = "The name of the S3 bucket to create for testing" + type = string +} + +variable "region" { + description = "The AWS region" + type = string +} + +variable "kms_key_name" { + description = "Name of KMS key" + type = string +} + +variable "app_name" { + description = "The name of the application" + type = string +} + +variable "environment" { + description = "The AWS environment to deploy to" + type = string +} diff --git a/infrastructure/cloud/environments/dev/webapp.tf b/infrastructure/cloud/environments/dev/webapp.tf new file mode 100644 index 00000000..09e5baed --- /dev/null +++ b/infrastructure/cloud/environments/dev/webapp.tf @@ -0,0 +1,41 @@ +module "security" { + source = "../../modules/security" + environment = var.environment + app_name = var.app_name + kms_key_name = var.kms_key_name +} + +module "storage" { + source = "../../modules/storage" + environment = var.environment + app_name = var.app_name + kms_key_name = module.security.kms_key_alias + test_s3_bucket_name = var.test_s3_bucket_name + depends_on = [module.security] +} + +module "networking" { + source = "../../modules/networking" + environment = var.environment + app_name = var.app_name + region = var.region + subnet_ids = module.networking.subnet_ids +} + +module "container" { + source = "../../modules/container" + environment = var.environment + app_name = var.app_name + region = var.region + ecs_execution_role_arn = module.security.ecs_execution_role_arn + subnet_ids = module.networking.subnet_ids + sg_id = module.networking.sg_id + lb_tg_arn = module.networking.lb_tg_arn + ecs_web_log_group_name = module.monitoring.ecs_web_log_group_name +} + +module "monitoring" { + source = "../../modules/monitoring" + environment = var.environment + app_name = var.app_name +}