feat: #2396 prod infra

.github/workflows/delete-environment.yml

@@ -0,0 +1,40 @@
+name: Delete Environment
+
+on:
+  repository_dispatch:
+    types: [delete-environment]
+jobs:
+  delete-environment:
+    runs-on: ubuntu-latest
+    steps:
+      - name: checks out repository to $GITHUB_WORKSPACE
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+
+      - name: Setup Node Environment
+        uses: actions/setup-node@v1
+        with:
+          node-version: '12.x'
+
+      - name: Set up workspace experimental
+        run: |
+          yarn config set workspaces-experimental true
+
+      - name: Install dependencies
+        run: |
+          yarn global add [email protected]
+          yarn add isomorphic-fetch -W
+
+      - name: Remove Serverless
+        run: |
+          yarn workspace ${{ github.event.client_payload.package_name }} remove:${{ github.event.client_payload.environment }}
+
+env:
+  AWS_REGION: ${{secrets.AWS_REGION}}
+  AWS_ACCESS_KEY_ID: ${{secrets.AWS_ACCESS_KEY_ID}}
+  AWS_SECRET_ACCESS_KEY: ${{secrets.AWS_SECRET_ACCESS_KEY}}
+  RELEASE_SLACK_WEB_HOOK_URL: ${{secrets.RELEASE_SLACK_WEB_HOOK_URL}}
+  CYPRESS_USERNAME: ${{secrets.CYPRESS_USERNAME}}
+  CYPRESS_PASSWORD: ${{secrets.CYPRESS_PASSWORD}}
+  NPM_TOKEN: ${{secrets.NPM_TOKEN}}

.github/workflows/release-tag.yml

@@ -7,9 +7,6 @@ on:
 
 env:
   NPM_TOKEN: ${{secrets.NPM_TOKEN}}
-  AWS_ACCESS_KEY_ID: ${{secrets.AWS_ACCESS_KEY_ID}}
-  AWS_SECRET_ACCESS_KEY: ${{secrets.AWS_SECRET_ACCESS_KEY}}
-  AWS_REGION: ${{secrets.AWS_REGION}}
   GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
   SENTRY_AUTH_TOKEN: ${{secrets.SENTRY_AUTH_TOKEN}}
   RELEASE_SLACK_WEB_HOOK_URL: ${{secrets.RELEASE_SLACK_WEB_HOOK_URL}}
@@ -56,6 +53,14 @@ jobs:
       - name: Install dependencies
         run: yarn install --frozen-lockfile
 
+
+      - name: Configure AWS credentials to Production
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_PROD }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_PROD }}
+          aws-region: ${{secrets.AWS_REGION}}
+
       - name: Upload Artifact
         run: |
           yarn upload-artifact

.github/workflows/release.yml

@@ -26,14 +26,44 @@ jobs:
           yarn global add [email protected]
           yarn add isomorphic-fetch -W
 
+      - name: Configure AWS credentials to production
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_PROD }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_PROD }}
+          aws-region: ${{secrets.AWS_REGION}}
+
+      - name: Fetch artifact from prod
+        run: |
+          yarn fetch-artifact ${{ github.event.client_payload.package_name }} ${{ github.event.client_payload.current_tag }}
+
+      - name: Configure AWS credentials by environment
+        uses: aws-actions/configure-aws-credentials@v1
+        if: ${{ github.event.client_payload.environment == 'development' }}
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: ${{secrets.AWS_REGION}}
+        if: ${{ github.event.client_payload.environment == 'staging' }}
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: ${{secrets.AWS_REGION}}
+        if: ${{ github.event.client_payload.environment == 'production' }}
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_PROD }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_PROD }}
+          aws-region: ${{secrets.AWS_REGION}}
+
+      - name: Fetch config
+        run: |
+          yarn fetch-config --name ${{ github.event.client_payload.environment }}
+
       - name: Release Production
         run: |
-          yarn release ${{ github.event.client_payload.environment }} ${{ github.event.client_payload.package_name }} ${{ github.event.client_payload.current_tag }} ${{ github.event.client_payload.previous_tag }}
+          yarn release ${{ github.event.client_payload.environment }} ${{ github.event.client_payload.package_name }} ${{ github.event.client_payload.current_tag }}
 
 env:
-  AWS_REGION: ${{secrets.AWS_REGION}}
-  AWS_ACCESS_KEY_ID: ${{secrets.AWS_ACCESS_KEY_ID}}
-  AWS_SECRET_ACCESS_KEY: ${{secrets.AWS_SECRET_ACCESS_KEY}}
   RELEASE_SLACK_WEB_HOOK_URL: ${{secrets.RELEASE_SLACK_WEB_HOOK_URL}}
   CYPRESS_USERNAME: ${{secrets.CYPRESS_USERNAME}}
   CYPRESS_PASSWORD: ${{secrets.CYPRESS_PASSWORD}}

package.json

@@ -48,6 +48,7 @@
     "update-release-note": "node ./scripts/release/update-release-note.js",
     "upload-artifact": "node ./scripts/release/upload-artifact.js",
     "release": "node ./scripts/release/release.js",
+    "fetch-artifact": "node ./scripts/release/fetch-artifact.js",
     "test": "lerna run test:ci --parallel",
     "test-e2e:ci": "lerna run test-e2e:ci --stream",
     "update-doc": "node --unhandled-rejections=strict ./scripts/document-update/get-release-and-create-pr.js",
@@ -75,8 +76,8 @@
     "error-polyfill": "^0.1.2",
     "graphql": "^14.5.8",
     "hardtack": "^4.1.2",
-    "pell": "^1.0.6",
     "papaparse": "^5.1.1",
+    "pell": "^1.0.6",
     "react": "^16.12.0",
     "react-datepicker": "^2.9.6",
     "react-dom": "^16.12.0",
@@ -110,8 +111,8 @@
     "@types/enzyme": "^3.10.3",
     "@types/enzyme-adapter-react-16": "^1.0.5",
     "@types/jest": "^24.0.23",
-    "@types/papaparse": "^5.0.3",
     "@types/node": "10.17.13",
+    "@types/papaparse": "^5.0.3",
     "@types/query-string": "^6.3.0",
     "@types/react": "^16.9.0",
     "@types/react-copy-to-clipboard": "^4.3.0",
@@ -184,7 +185,10 @@
     "serialize-error": "^7.0.1",
     "serve": "^11.2.0",
     "serverless": "^1.70.1",
+    "serverless-deployment-bucket": "^1.1.2",
     "serverless-plugin-ifelse": "^1.0.5",
+    "serverless-s3-deploy": "^0.9.0",
+    "serverless-s3-remover": "^0.6.0",
     "serverless-single-page-app-plugin": "^1.0.2",
     "shelljs": "^0.8.4",
     "start-server-and-test": "^1.11.0",

packages/admin-portal/package.json

@@ -14,6 +14,10 @@
     "test:ci": "cross-env TZ=UTC jest --ci --colors --coverage --silent --forceExit --detectOpenHandles --runInBand",
     "test:dev": "cross-env TZ=UTC jest --watch --verbose",
     "release:dev": "node ../../scripts/release/release-dev.js admin-portal reapit-admin-portal-dev",
+    "release:development": "serverless deploy --stage dev",
+    "release:production": "serverless deploy --stage prod",
+    "remove:development": "serverless remove --stage dev",
+    "remove:production": "serverless remove --stage dev",
     "test-e2e:dev": "cypress open --project './src/tests'",
     "cypress:ci": "cypress run --project \"./src/tests\"",
     "test-e2e:ci": "start-server-and-test start:prod http://localhost:8080 cypress:ci",

packages/admin-portal/serverless.yml

@@ -1,26 +1,40 @@
 # https://www.npmjs.com/package/serverless-single-page-app-plugin
-service: admin-portal
+service: cloud-admin-portal
 
 plugins:
   - serverless-single-page-app-plugin
   - serverless-plugin-ifelse
+  - serverless-s3-remover
+  - serverless-s3-deploy
 
 custom:
-  s3Bucket: reapit-admin-portal-${self:provider.stage}
-
+  s3WebAppBucket: cloud-admin-portal-web-app-${opt:stage, 'dev'}
+  s3CloudFormBucket: cloud-deployment-cloudform-templates-${opt:stage, 'dev'}
+  remover:
+     buckets:
+       - ${self:custom.s3WebAppBucket}
+  assets:
+    auto: true
+    targets:
+      - bucket: ${self:custom.s3WebAppBucket}
+        files:
+          - source: ./public/dist/
+            globs: '**/*'
 provider:
   name: aws
   runtime: nodejs10.x
   stage: ${opt:stage, 'dev'}
   region: eu-west-2
+  deploymentBucket:
+    name: ${self:custom.s3CloudFormBucket}
 
 resources:
   Resources:
     ## Specifying the S3 Bucket
     WebAppS3Bucket:
       Type: AWS::S3::Bucket
       Properties:
-        BucketName: ${self:custom.s3Bucket}
+        BucketName: ${self:custom.s3WebAppBucket}
         AccessControl: PublicRead
         WebsiteConfiguration:
           IndexDocument: index.html
@@ -61,7 +75,7 @@ resources:
                     ".s3.amazonaws.com"
                   ]
                 ]
-              Id: S3-${self:custom.s3Bucket}
+              Id: S3-${self:custom.s3WebAppBucket}
               CustomOriginConfig:
                 HTTPPort: 80
                 HTTPSPort: 443
@@ -93,7 +107,7 @@ resources:
               - GET
               - HEAD
               - OPTIONS
-            TargetOriginId: S3-${self:custom.s3Bucket}
+            TargetOriginId: S3-${self:custom.s3WebAppBucket}
             ForwardedValues:
               QueryString: 'false'
               Cookies:
@@ -108,4 +122,4 @@ resources:
   Outputs:
     WebAppCloudFrontDistributionOutput:
       Value:
-        'Fn::GetAtt': [ WebAppCloudFrontDistribution, DomainName ]
+        'Fn::GetAtt': [ WebAppCloudFrontDistribution, DomainName ]

packages/aml-checklist/package.json

@@ -17,6 +17,10 @@
     "test:ci": "cross-env TZ=UTC jest --ci --colors --coverage --silent --forceExit --detectOpenHandles --runInBand",
     "test:dev": "cross-env TZ=UTC jest --watch --verbose",
     "release:dev": "node ../../scripts/release/release-dev.js aml-checklist reapit-aml-checklist-dev",
+    "release:development": "serverless deploy --stage dev",
+    "release:production": "serverless deploy --stage prod",
+    "remove:development": "serverless remove --stage dev",
+    "remove:production": "serverless remove --stage dev",
     "test:update-badges": "yarn test:ci && jest-coverage-badges --input src/tests/coverage/coverage-summary.json --output src/tests/badges",
     "lint": "concurrently \"tsc --noEmit\" \"eslint --cache --ext=ts,tsx,js src\"",
     "lint:fix": "eslint --cache --ext=ts,tsx,js src --fix",
@@ -26,7 +30,6 @@
   },
   "dependencies": {
     "@reapit/elements": "^0.5.60",
-    "@reapit/connect-session": "1.0.0-alpha.1",
     "@reapit/utils": "^0.0.1",
     "react-to-print": "^2.4.0",
     "snyk": "^1.341.1"

packages/aml-checklist/serverless.yml

@@ -1,26 +1,40 @@
 # https://www.npmjs.com/package/serverless-single-page-app-plugin
-service: aml-checklist
+service: cloud-aml-checklist
 
 plugins:
   - serverless-single-page-app-plugin
   - serverless-plugin-ifelse
+  - serverless-s3-remover
+  - serverless-s3-deploy
 
 custom:
-  s3Bucket: reapit-aml-checklist-${self:provider.stage}
-
+  s3WebAppBucket: cloud-aml-checklist-web-app-${opt:stage, 'dev'}
+  s3CloudFormBucket: cloud-deployment-cloudform-templates-${opt:stage, 'dev'}
+  remover:
+     buckets:
+       - ${self:custom.s3WebAppBucket}
+  assets:
+    auto: true
+    targets:
+      - bucket: ${self:custom.s3WebAppBucket}
+        files:
+          - source: ./public/dist/
+            globs: '**/*'
 provider:
   name: aws
   runtime: nodejs10.x
   stage: ${opt:stage, 'dev'}
   region: eu-west-2
+  deploymentBucket:
+    name: ${self:custom.s3CloudFormBucket}
 
 resources:
   Resources:
     ## Specifying the S3 Bucket
     WebAppS3Bucket:
       Type: AWS::S3::Bucket
       Properties:
-        BucketName: ${self:custom.s3Bucket}
+        BucketName: ${self:custom.s3WebAppBucket}
         AccessControl: PublicRead
         WebsiteConfiguration:
           IndexDocument: index.html
@@ -61,7 +75,7 @@ resources:
                     ".s3.amazonaws.com"
                   ]
                 ]
-              Id: S3-${self:custom.s3Bucket}
+              Id: S3-${self:custom.s3WebAppBucket}
               CustomOriginConfig:
                 HTTPPort: 80
                 HTTPSPort: 443
@@ -93,7 +107,7 @@ resources:
               - GET
               - HEAD
               - OPTIONS
-            TargetOriginId: S3-${self:custom.s3Bucket}
+            TargetOriginId: S3-${self:custom.s3WebAppBucket}
             ForwardedValues:
               QueryString: 'false'
               Cookies:

packages/cognito-custom-mail-lambda/package.json

@@ -11,8 +11,10 @@
     "test:dev": "cross-env TZ=UTC jest --watch --verbose",
     "build:prod": "rimraf dist && tsc --p tsconfig.json && rimraf dist/mailer/templates/ejs && ncp ./src/mailer/templates/ejs ./dist/mailer/templates/ejs",
     "release:dev": "serverless deploy --stage dev",
-    "release:development": "serverless deploy --stage prod",
+    "release:development": "serverless deploy --stage dev",
     "release:production": "serverless deploy --stage prod",
+    "remove:development": "serverless remove --stage dev",
+    "remove:production": "serverless remove --stage dev",
     "test:update-badges": "yarn test:ci && jest-coverage-badges --input src/tests/coverage/coverage-summary.json --output src/tests/badges",
     "lint": "concurrently \"tsc --noEmit\" \"eslint --cache --ext=ts,tsx,js src\"",
     "lint:fix": "eslint --cache --ext=ts,tsx,js src --fix",

packages/connect-session/src/browser/index.ts

@@ -41,7 +41,6 @@ export class ReapitConnectBrowserSession {
     }`
     this.fetching = false
     this.session = null
-    // this.connectInternalRedirect = null
     this.connectBindPublicMethods()
   }
 

packages/deploy-slack-bot/src/index.ts

@@ -64,8 +64,9 @@ export type GenerateMessageParams = {
 const generateMessage = ({ packageName, environment, currentTag, previousTag }: GenerateMessageParams) => {
   return {
     'release-note': `Generating release note for \`${packageName}\` tag \`${currentTag}\`. Roll back version is \`${previousTag}\``,
-    release: `Releasing ${environment} \`${packageName}\` environment \`${currentTag}\`. Roll back version is \`${previousTag}\``,
+    release: `Releasing \`${packageName}\` ${environment} \`${currentTag}\``,
     'update-release-note': `Updating release note for \`${packageName}\` tag \`${currentTag}\`.`,
+    'delete-environment': `Teardown serverless environment for \`${packageName}\``,
   }
 }
 
@@ -88,13 +89,14 @@ app.post('/release', async (req: Request, res: Response) => {
 \`@Reapit Cloud Releases release-note <package_name> <release_tag> <roll_back_tag>\` <= The command will generate the release note\n
 \`@Reapit Cloud Releases release <package_name> <release_tag> <roll_back_tag> <environment>\` <= The command will do the release and environment is development by default\n
 \`@Reapit Cloud Releases update-release-note <package_name> <release_tag> <roll_back_tag>\` <= The command will do update the release note in github and document\n
+\`@Reapit Cloud Releases delete-environment <package_name>\` <= The command will do update the release note in github and document\n
     `)
     return res.send({ challenge: req.body.challenge, status: 200 })
   }
 
-  const isValidEnvironment = environment === 'development' || environment === 'production'
+  const isValidEnvironment = environment === 'development' || environment === 'production' || environment === 'staging'
   if (!isValidEnvironment) {
-    await sendMessageToSlack('Environment should be production or development')
+    await sendMessageToSlack('Environment should be development, staging or production')
     return res.send({ challenge: req.body.challenge, status: 200 })
   }
 

packages/developer-portal/package.json

@@ -14,6 +14,10 @@
     "test:ci": "cross-env TZ=UTC jest --ci --colors --coverage --silent --forceExit --detectOpenHandles --runInBand",
     "test:dev": "cross-env TZ=UTC jest --watch --verbose",
     "release:dev": "node ../../scripts/release/release-dev.js developer-portal reapit-developer-portal-dev",
+    "release:development": "serverless deploy --stage dev",
+    "release:production": "serverless deploy --stage prod",
+    "remove:development": "serverless remove --stage dev",
+    "remove:production": "serverless remove --stage dev",
     "test-e2e:dev": "cypress open --project './src/tests'",
     "cypress:ci": "cypress run --project \"./src/tests\"",
     "test-e2e:ci": "start-server-and-test start:prod http://localhost:8080 cypress:ci",