From 6b738b5ad638483b6a52d0fc86395a071bf95774 Mon Sep 17 00:00:00 2001 From: Cameron Showalter Date: Thu, 30 Jan 2025 14:05:02 -0900 Subject: [PATCH 1/5] Made one of the variables optional, that couldn't be set to a empty string manually --- .github/actions/deploy-hyp3/action.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/actions/deploy-hyp3/action.yml b/.github/actions/deploy-hyp3/action.yml index d096c7e8c..a4dd60781 100644 --- a/.github/actions/deploy-hyp3/action.yml +++ b/.github/actions/deploy-hyp3/action.yml @@ -62,6 +62,7 @@ inputs: ORIGIN_ACCESS_IDENTITY_ID: description: "ID of the CloudFront Origin Access Identity used to access data in S3 for Earthdata Cloud deployments" required: true + default: "" SECURITY_ENVIRONMENT: description: "Modify resources/configurations for ASF (default), EDC, or JPL security environments" required: true From 29733f53b522764e0e84c91da693b98339313805 Mon Sep 17 00:00:00 2001 From: Cameron Showalter Date: Thu, 30 Jan 2025 14:05:19 -0900 Subject: [PATCH 2/5] Changed to a custom deployment, to test --- .github/workflows/deploy-daac.yml | 52 +++++++++---------------------- 1 file changed, 15 insertions(+), 37 deletions(-) diff --git a/.github/workflows/deploy-daac.yml b/.github/workflows/deploy-daac.yml index 160055119..c3d1f2780 100644 --- a/.github/workflows/deploy-daac.yml +++ b/.github/workflows/deploy-daac.yml @@ -5,6 +5,7 @@ on: branches: - main - develop + - cs/hyp3-testing concurrency: ${{ github.workflow }}-${{ github.ref }} @@ -15,52 +16,28 @@ jobs: fail-fast: false matrix: include: - - environment: hyp3-edc-prod + - environment: hyp3-testing domain: '' api_name: hyp3 - template_bucket: cf-templates-118mtzosmrltk-us-west-2 + template_bucket: services-hyp3-artifacts image_tag: latest product_lifetime_in_days: 14 default_credits_per_user: 10000 default_application_status: APPROVED - cost_profile: EDC + cost_profile: DEFAULT deploy_ref: refs/heads/main job_files: >- job_spec/AUTORIFT.yml - job_spec/INSAR_GAMMA.yml - job_spec/RTC_GAMMA.yml job_spec/INSAR_ISCE_BURST.yml instance_types: r6id.xlarge,r6id.2xlarge,r6id.4xlarge,r6id.8xlarge,r6idn.xlarge,r6idn.2xlarge,r6idn.4xlarge,r6idn.8xlarge - default_max_vcpus: 1500 - expanded_max_vcpus: 3000 - required_surplus: 2000 - security_environment: EDC - ami_id: /ngap/amis/image_id_ecs_al2023_x86 - distribution_url: 'https://d3gm2hf49xd6jj.cloudfront.net' - - - environment: hyp3-edc-uat - domain: '' - api_name: hyp3-test - template_bucket: cf-templates-118ylv0o6jp2n-us-west-2 - image_tag: test - product_lifetime_in_days: 14 - default_credits_per_user: 10000 - default_application_status: APPROVED - cost_profile: EDC - deploy_ref: refs/heads/develop - job_files: >- - job_spec/AUTORIFT.yml - job_spec/INSAR_GAMMA.yml - job_spec/RTC_GAMMA.yml - job_spec/INSAR_ISCE_BURST.yml - job_spec/OPERA_DISP_TMS.yml - instance_types: r6id.xlarge,r6id.2xlarge,r6id.4xlarge,r6id.8xlarge,r6idn.xlarge,r6idn.2xlarge,r6idn.4xlarge,r6idn.8xlarge - default_max_vcpus: 1500 - expanded_max_vcpus: 3000 - required_surplus: 2000 - security_environment: EDC - ami_id: /ngap/amis/image_id_ecs_al2023_x86 - distribution_url: 'https://d1riv60tezqha9.cloudfront.net' + default_max_vcpus: 1500 # If these are the same, you don't have to worry about MONTHLY_BUDGET. + expanded_max_vcpus: 1500 + required_surplus: 0 + security_environment: ASF + ami_id: /aws/service/ecs/optimized-ami/amazon-linux-2023/recommended/image_id + # ami_id: /ngap/amis/image_id_ecs_al2023_x86 + distribution_url: '' + # distribution_url: 'https://d3gm2hf49xd6jj.cloudfront.net' environment: name: ${{ matrix.environment }} @@ -73,7 +50,7 @@ jobs: with: aws-access-key-id: ${{ secrets.V2_AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.V2_AWS_SECRET_ACCESS_KEY }} - aws-session-token: ${{ secrets.V2_AWS_SESSION_TOKEN }} + # aws-session-token: ${{ secrets.V2_AWS_SESSION_TOKEN }} aws-region: ${{ secrets.AWS_REGION }} - uses: actions/setup-python@v5 @@ -102,7 +79,8 @@ jobs: EXPANDED_MAX_VCPUS: ${{ matrix.expanded_max_vcpus }} MONTHLY_BUDGET: ${{ secrets.MONTHLY_BUDGET }} REQUIRED_SURPLUS: ${{ matrix.required_surplus }} - ORIGIN_ACCESS_IDENTITY_ID: ${{ secrets.ORIGIN_ACCESS_IDENTITY_ID }} + ## Made default "", since actions don't allow empty secrets in console: + # ORIGIN_ACCESS_IDENTITY_ID: ${{ secrets.ORIGIN_ACCESS_IDENTITY_ID }} SECURITY_ENVIRONMENT: ${{ matrix.security_environment }} AMI_ID: ${{ matrix.ami_id }} INSTANCE_TYPES: ${{ matrix.instance_types }} From e68b11f7e9b7d55e1f5e9c093d08883f67e0cc8b Mon Sep 17 00:00:00 2001 From: Cameron Showalter Date: Thu, 30 Jan 2025 14:06:25 -0900 Subject: [PATCH 3/5] Removed IF blocking the deploy --- .github/workflows/deploy-daac.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/deploy-daac.yml b/.github/workflows/deploy-daac.yml index c3d1f2780..0d1606449 100644 --- a/.github/workflows/deploy-daac.yml +++ b/.github/workflows/deploy-daac.yml @@ -58,7 +58,7 @@ jobs: python-version: 3.13 - uses: ./.github/actions/deploy-hyp3 - if: github.ref == matrix.deploy_ref + # if: github.ref == matrix.deploy_ref with: TEMPLATE_BUCKET: ${{ matrix.template_bucket }} STACK_NAME: ${{ matrix.environment }} From fa57c3cd88ae55ee9d29b5994ca2deb3902b2bf8 Mon Sep 17 00:00:00 2001 From: Cameron Showalter Date: Thu, 30 Jan 2025 14:30:54 -0900 Subject: [PATCH 4/5] Removed role for cloudformation for now --- .github/actions/deploy-hyp3/action.yml | 1 + .github/workflows/deploy-daac.yml | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/actions/deploy-hyp3/action.yml b/.github/actions/deploy-hyp3/action.yml index a4dd60781..e5e6cc14b 100644 --- a/.github/actions/deploy-hyp3/action.yml +++ b/.github/actions/deploy-hyp3/action.yml @@ -35,6 +35,7 @@ inputs: CLOUDFORMATION_ROLE_ARN: description: "The CloudFormation role to use for this deployment" required: true + default: "" DEFAULT_CREDITS_PER_USER: description: "The default number of credits given to a new user" required: true diff --git a/.github/workflows/deploy-daac.yml b/.github/workflows/deploy-daac.yml index 0d1606449..dbabb3005 100644 --- a/.github/workflows/deploy-daac.yml +++ b/.github/workflows/deploy-daac.yml @@ -70,7 +70,8 @@ jobs: VPC_ID: ${{ secrets.VPC_ID }} SUBNET_IDS: ${{ secrets.SUBNET_IDS }} SECRET_ARN: ${{ secrets.SECRET_ARN }} - CLOUDFORMATION_ROLE_ARN: ${{ secrets.CLOUDFORMATION_ROLE_ARN }} + ## Made default "", since actions don't allow empty secrets in console: + # CLOUDFORMATION_ROLE_ARN: ${{ secrets.CLOUDFORMATION_ROLE_ARN }} DEFAULT_CREDITS_PER_USER: ${{ matrix.default_credits_per_user }} DEFAULT_APPLICATION_STATUS: ${{ matrix.default_application_status }} COST_PROFILE: ${{ matrix.cost_profile }} From 630576e800d949ddbddf601a5f70c5782ad2bad2 Mon Sep 17 00:00:00 2001 From: Cameron Showalter Date: Thu, 30 Jan 2025 14:34:54 -0900 Subject: [PATCH 5/5] Updating domain name --- .github/workflows/deploy-daac.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/deploy-daac.yml b/.github/workflows/deploy-daac.yml index dbabb3005..2c8dd2fd5 100644 --- a/.github/workflows/deploy-daac.yml +++ b/.github/workflows/deploy-daac.yml @@ -17,7 +17,7 @@ jobs: matrix: include: - environment: hyp3-testing - domain: '' + domain: services-hyp3.asf.alaska.edu api_name: hyp3 template_bucket: services-hyp3-artifacts image_tag: latest