cf-deployment

Author: MaxMB15

.github/workflows/cd.yml

@@ -29,12 +29,17 @@ jobs:
         python -m pip install --upgrade pip
         pip install -r requirements.txt
 
+    - name: Prepare Zappa and Terraform Configurations
+      run: |
+        sed -i "s/PLACEHOLDER_REGION/${{ secrets.AWS_REGION }}/g" zappa_settings.json
+        sed -i "s/zappa-PLACEHOLDER_PROJECT_NAME/zappa-${{ secrets.PROJECT_NAME }}/g" zappa_settings.json
+
     - name: Configure AWS credentials
       uses: aws-actions/configure-aws-credentials@v1
       with:
         aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
         aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-        aws-region: eu-central-1
+        aws-region: ${{ secrets.AWS_REGION }}
 
     - name: Setup up Requirements
       run: |

.github/workflows/cloudFormation.yml

@@ -0,0 +1,86 @@
+name: Create AWS Services and Deploy
+
+on:
+  workflow_dispatch:
+    inputs:
+      project_name:
+        description: 'Project Name'
+        required: true
+      secret_key:
+        description: 'Secret Key'
+        required: true
+      email_host:
+        description: 'Email Host'
+        required: true
+      email_port:
+        description: 'Email Port'
+        required: true
+      email_user:
+        description: 'Email User'
+        required: true
+      email_password:
+        description: 'Email Password'
+        required: true
+      frontend_url:
+        description: 'Frontend URL'
+        required: true
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Checkout
+      uses: actions/checkout@v2
+
+    - name: Setup up Python
+      uses: actions/setup-python@v2
+      with:
+        python-version: 3.10.8
+
+    - name: Set up virtual environment
+      run: |
+        python -m venv venv
+        source venv/bin/activate
+
+    - name: Install dependencies
+      run: |
+        source venv/bin/activate
+        python -m pip install --upgrade pip
+        pip install -r requirements.txt
+
+    - name: Prepare Zappa and Terraform Configurations
+      run: |
+        sed -i "s/PLACEHOLDER_REGION/${{ secrets.AWS_REGION }}/g" zappa_settings.json
+        sed -i "s/zappa-PLACEHOLDER_PROJECT_NAME/zappa-${{ github.event.inputs.project_name }}/g" zappa_settings.json
+        sed -i "s/PLACEHOLDER_REGION/${{ secrets.AWS_REGION }}/g" ./deployments/main.tf
+        sed -i "s/zappa-PLACEHOLDER_PROJECT_NAME/zappa-${{ github.event.inputs.project_name }}/g" ./deployments/main.tf
+
+    - name: Configure AWS credentials
+      uses: aws-actions/configure-aws-credentials@v1
+      with:
+        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+        aws-region: ${{ secrets.AWS_REGION }}
+
+
+    - name: Deploy CloudFormation Stack
+      run: |
+        aws cloudformation deploy \
+          --template-file ./.github/workflows/stacks/backendStackCF.yaml \
+          --stack-name ${{ github.event.inputs.project_name }}-backend \
+          --parameter-overrides ProjectName=${{ github.event.inputs.project_name }} SecretKey=${{ github.event.inputs.secret_key }} EmailHost=${{ github.event.inputs.email_host }} EmailPort=${{ github.event.inputs.email_port }} EmailUser=${{ github.event.inputs.email_user }} EmailPassword=${{ github.event.inputs.email_password }} FrontendUrl=${{ github.event.inputs.frontend_url }}
+          --capabilities CAPABILITY_IAM
+
+    - name: Setup up Requirements
+      run: |
+        source venv/bin/activate
+        chmod +x ./getEnv.sh && ./getEnv.sh
+        python load_env.py
+        zappa package prod -o package.zip
+
+    - name: Deploy
+      run: |
+        cd deployments
+        terraform init
+        terraform apply -auto-approve

.github/workflows/stacks/backendStackCF.yaml

@@ -0,0 +1,81 @@
+AWSTemplateFormatVersion: '2010-09-09'
+Description: Backend Infrastructure
+Parameters:
+  ProjectName:
+    Type: String
+    Description: The project name to use for resource naming
+  SecretKey:
+    Type: String
+    Description: Application secret key
+  EmailHost:
+    Type: String
+  EmailPort:
+    Type: Number
+  EmailUser:
+    Type: String
+  EmailPassword:
+    Type: String
+  FrontendUrl:
+    Type: String
+Resources:
+  RDSDatabase:
+    Type: AWS::RDS::DBInstance
+    Properties:
+      # Specify other properties as required for your use case
+      DBName: !Sub '${ProjectName}-db'
+      MasterUsername: admin
+      Engine: postgres # Example, adjust based on your requirements
+      MasterUserPassword: !Ref DBPassword # This parameter will be auto-generated; see Outputs below
+      DBInstanceClass: db.t3.micro # Example, adjust based on your requirements
+      AllocatedStorage: 20 # Example, adjust based on your requirements
+  Secrets:
+    Type: AWS::SecretsManager::Secret
+    Properties:
+      Name: !Sub '${ProjectName}-backend-secrets'
+      Description: 'Backend secrets'
+      SecretString: !Sub |
+        {
+          "SECRET_KEY": "${SecretKey}",
+          "DB_NAME": "${RDSDatabase.DBName}",
+          "DB_HOST": "${RDSDatabase.Endpoint.Address}",
+          "DB_USER": "${RDSDatabase.MasterUsername}",
+          "DB_PORT": "5432", # Example, adjust based on your RDS engine
+          "DB_PASSWORD": "${RDSDatabase.MasterUserPassword}",
+          "EMAIL_HOST": "${EmailHost}",
+          "EMAIL_PORT": "${EmailPort}",
+          "EMAIL_USER": "${EmailUser}",
+          "EMAIL_PASSWORD": "${EmailPassword}",
+          "FRONTEND_URL": "${FrontendUrl}"
+        }
+
+  BackendBucket:
+    Type: 'AWS::S3::Bucket'
+    Properties:
+      BucketName: !Sub '${ProjectName}-backend'
+
+  TerraformStateBucket:
+    Type: 'AWS::S3::Bucket'
+    Properties:
+      BucketName: !Sub '${ProjectName}-terraform'
+      VersioningConfiguration:
+        Status: Enabled
+
+  RedirectBucket:
+    Type: 'AWS::S3::Bucket'
+    Properties:
+      BucketName: !Sub '${ProjectName}-redirect'
+      WebsiteConfiguration:
+        RedirectAllRequestsTo:
+          HostName: "www.example.com"
+
+  ZappaBucket:
+    Type: 'AWS::S3::Bucket'
+    Properties:
+      BucketName: !Sub 'zappa-${ProjectName}'
+Outputs:
+  DBPassword:
+    Description: "The RDS database master user password"
+    Value: !Ref MasterUserPassword
+  RDSEndpoint:
+    Description: "The RDS database endpoint"
+    Value: !GetAtt RDSDatabase.Endpoint.Address

deployments/main.tf

@@ -6,15 +6,15 @@ terraform {
     }
   }
   backend "s3" {
-    bucket = "attendunce-terraform"
+    bucket = "PLACEHOLDER_PROJECT_NAME-terraform"
     key    = "terraform.tfstate"
-    region = "eu-central-1"
+    region = "PLACEHOLDER_REGION"
     acl = "bucket-owner-full-control"
   }
 }
 
 provider "aws" {
-  region = "eu-central-1"
+  region = "PLACEHOLDER_REGION"
 }
 
 resource "aws_iam_role" "lambda_role" {
@@ -37,7 +37,7 @@ EOF
 }
 
 resource "aws_lambda_function" "app" {
-  function_name = "attendunce-tf"
+  function_name = "PLACEHOLDER_PROJECT_NAME-tf"
   handler       = "handler.lambda_handler"
   runtime       = "python3.10"
   timeout       = 30
@@ -151,10 +151,10 @@ EOF
 }
 
 resource "aws_s3_bucket_website_configuration" "redirect_bucket" {
-  bucket = "attendunce-redirect"
+  bucket = "PLACEHOLDER_PROJECT_NAME-redirect"
 
   redirect_all_requests_to {
-    host_name = "${aws_api_gateway_rest_api.api.id}.execute-api.eu-central-1.amazonaws.com"
+    host_name = "${aws_api_gateway_rest_api.api.id}.execute-api.PLACEHOLDER_REGION.amazonaws.com"
     protocol = "https"
   }
 }
@@ -165,6 +165,6 @@ resource "aws_iam_role_policy_attachment" "cloudwatch_logs_attachment" {
 }
 
 output "api_url" {
-  value       = "https://${aws_api_gateway_rest_api.api.id}.execute-api.eu-central-1.amazonaws.com/${aws_api_gateway_deployment.deployment.stage_name}"
+  value       = "https://${aws_api_gateway_rest_api.api.id}.execute-api.PLACEHOLDER_REGION.amazonaws.com/${aws_api_gateway_deployment.deployment.stage_name}"
   description = "The URL of the API endpoint"
 }

zappa_settings.json

@@ -1,9 +1,10 @@
 {
     "prod": {
-        "aws_region": "eu-central-1",
+        "app_function": "your_application.app",
+        "aws_region": "PLACEHOLDER_REGION",
+        "s3_bucket": "zappa-PLACEHOLDER_PROJECT_NAME",
         "django_settings": "api.settings",
         "project_name": "api",
         "runtime": "python3.10",
-        "s3_bucket": "zappa-attendunce"
     }
-}
+}