Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: deploy ooniprobe service to prod #77

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
51 changes: 51 additions & 0 deletions tf/environments/prod/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -486,6 +486,57 @@ module "ooniapi_ooniauth" {
)
}

#### OONI Probe service

module "ooniapi_ooniprobe_deployer" {
source = "../../modules/ooniapi_service_deployer"

service_name = "ooniprobe"
repo = "ooni/backend"
branch_name = "master"
buildspec_path = "ooniprobe/services/ooniprobe/buildspec.yml"
codestar_connection_arn = aws_codestarconnections_connection.oonidevops.arn

codepipeline_bucket = aws_s3_bucket.ooniapi_codepipeline_bucket.bucket

ecs_service_name = module.ooniapi_ooniprobe.ecs_service_name
ecs_cluster_name = module.ooniapi_cluster.cluster_name
}

module "ooniapi_ooniprobe" {
source = "../../modules/ooniapi_service"

# First run should be set on first run to bootstrap the task definition
first_run = true
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Be sure to flip this after first deploy.


vpc_id = module.network.vpc_id
private_subnet_ids = module.network.vpc_subnet_private[*].id
public_subnet_ids = module.network.vpc_subnet_public[*].id

service_name = "ooniprobe"
default_docker_image_url = "ooni/api-ooniprobe:latest"
stage = local.environment
dns_zone_ooni_io = local.dns_zone_ooni_io
key_name = module.adm_iam_roles.oonidevops_key_name
ecs_cluster_id = module.ooniapi_cluster.cluster_id

service_desired_count = 2

task_secrets = {
POSTGRESQL_URL = aws_secretsmanager_secret_version.oonipg_url.arn
JWT_ENCRYPTION_KEY = aws_secretsmanager_secret_version.jwt_secret.arn
PROMETHEUS_METRICS_PASSWORD = aws_secretsmanager_secret_version.prometheus_metrics_password.arn
}

ooniapi_service_security_groups = [
module.ooniapi_cluster.web_security_group_id
]

tags = merge(
local.tags,
{ Name = "ooni-tier0-ooniprobe" }
)
}
#### OONI Tier0 API Frontend

module "ooniapi_frontend" {
Expand Down
Loading