-
Notifications
You must be signed in to change notification settings - Fork 9
112 lines (102 loc) · 4.32 KB
/
deploy-daac.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
name: Deploy DAAC Stacks to AWS
on:
push:
branches:
- main
- develop
concurrency: ${{ github.workflow }}-${{ github.ref }}
jobs:
deploy:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
include:
- environment: hyp3-edc-prod
domain: ''
api_name: hyp3
template_bucket: cf-templates-118mtzosmrltk-us-west-2
image_tag: latest
product_lifetime_in_days: 14
default_credits_per_user: 10000
default_application_status: APPROVED
cost_profile: EDC
deploy_ref: refs/heads/main
job_files: job_spec/AUTORIFT.yml job_spec/INSAR_GAMMA.yml job_spec/RTC_GAMMA.yml job_spec/INSAR_ISCE_BURST.yml
instance_types: r6id.xlarge,r6id.2xlarge,r6id.4xlarge,r6id.8xlarge,r6idn.xlarge,r6idn.2xlarge,r6idn.4xlarge,r6idn.8xlarge
default_max_vcpus: 1500
expanded_max_vcpus: 3000
required_surplus: 2000
security_environment: EDC
ami_id: image_id_ecs_amz2
distribution_url: 'https://d3gm2hf49xd6jj.cloudfront.net'
- environment: hyp3-edc-uat
domain: ''
api_name: hyp3-test
template_bucket: cf-templates-118ylv0o6jp2n-us-west-2
image_tag: test
product_lifetime_in_days: 14
default_credits_per_user: 10000
default_application_status: APPROVED
cost_profile: EDC
deploy_ref: refs/heads/develop
job_files: >-
job_spec/AUTORIFT.yml
job_spec/INSAR_GAMMA.yml
job_spec/RTC_GAMMA.yml
job_spec/INSAR_ISCE_BURST.yml
instance_types: r6id.xlarge,r6id.2xlarge,r6id.4xlarge,r6id.8xlarge,r6idn.xlarge,r6idn.2xlarge,r6idn.4xlarge,r6idn.8xlarge
default_max_vcpus: 1500
expanded_max_vcpus: 3000
required_surplus: 2000
security_environment: EDC
ami_id: image_id_ecs_amz2
distribution_url: 'https://d1riv60tezqha9.cloudfront.net'
environment:
name: ${{ matrix.environment }}
url: https://${{ matrix.domain }}
steps:
- uses: actions/[email protected]
- uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.V2_AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.V2_AWS_SECRET_ACCESS_KEY }}
aws-session-token: ${{ secrets.V2_AWS_SESSION_TOKEN }}
aws-region: ${{ secrets.AWS_REGION }}
- uses: actions/setup-python@v5
with:
python-version: 3.9
- uses: ./.github/actions/deploy-hyp3
if: github.ref == matrix.deploy_ref
with:
TEMPLATE_BUCKET: ${{ matrix.template_bucket }}
STACK_NAME: ${{ matrix.environment }}
DOMAIN_NAME: ${{ matrix.domain }}
API_NAME: ${{ matrix.api_name }}
CERTIFICATE_ARN: ${{ secrets.CERTIFICATE_ARN }}
IMAGE_TAG: ${{ matrix.image_tag }}
PRODUCT_LIFETIME: ${{ matrix.product_lifetime_in_days }}
VPC_ID: ${{ secrets.VPC_ID }}
SUBNET_IDS: ${{ secrets.SUBNET_IDS }}
SECRET_ARN: ${{ secrets.SECRET_ARN }}
CLOUDFORMATION_ROLE_ARN: ${{ secrets.CLOUDFORMATION_ROLE_ARN }}
DEFAULT_CREDITS_PER_USER: ${{ matrix.default_credits_per_user }}
DEFAULT_APPLICATION_STATUS: ${{ matrix.default_application_status }}
COST_PROFILE: ${{ matrix.cost_profile }}
JOB_FILES: ${{ matrix.job_files }}
DEFAULT_MAX_VCPUS: ${{ matrix.default_max_vcpus }}
EXPANDED_MAX_VCPUS: ${{ matrix.expanded_max_vcpus }}
MONTHLY_BUDGET: ${{ secrets.MONTHLY_BUDGET }}
REQUIRED_SURPLUS: ${{ matrix.required_surplus }}
ORIGIN_ACCESS_IDENTITY_ID: ${{ secrets.ORIGIN_ACCESS_IDENTITY_ID }}
SECURITY_ENVIRONMENT: ${{ matrix.security_environment }}
AMI_ID: ${{ matrix.ami_id }}
INSTANCE_TYPES: ${{ matrix.instance_types }}
DISTRIBUTION_URL: ${{ matrix.distribution_url }}
AUTH_PUBLIC_KEY: ${{ secrets.AUTH_PUBLIC_KEY }}
call-bump-version-workflow:
if: github.ref == 'refs/heads/main'
needs: deploy
uses: ASFHyP3/actions/.github/workflows/[email protected]
secrets:
USER_TOKEN: ${{ secrets.TOOLS_BOT_PAK }}