Heroku IaC

orbs-network · Mar 15, 2024 · 2869c4a · 2869c4a
1 parent 35e4678
commit 2869c4a
Show file tree

Hide file tree

Showing 11 changed files with 330 additions and 89 deletions.
diff --git a/.github/actions/terraform/action.yml b/.github/actions/terraform/action.yml
@@ -0,0 +1,109 @@
+name: AWS Terraform
+description: Runs Terraform against AWS
+inputs:
+  terraform_state_s3_bucket:
+    description: "S3 bucket for Terraform state"
+    required: true
+  terraform_state_s3_key_prefix:
+    description: "S3 key prefix for Terraform state"
+    required: true
+  terraform_state_dynamodb_table:
+    description: "DynamoDB table for Terraform state"
+    required: true
+  build_path:
+    description: "Build path that contains the source"
+    required: true
+  environment:
+    description: "Name of the environemnt e.g. dev, staging, prod"
+    required: true
+  branch:
+    description: "Git branch being ran against"
+    required: true
+  image_tag:
+    description: "Docker image tag to deploy"
+    required: false
+
+runs:
+  using: "composite"
+  steps:
+    - name: Check permissions
+      id: permissions
+      run: |
+        chmod 777 *.sh
+        chmod +x *.sh
+        echo -e "\n"
+      shell: bash
+      working-directory: "${{ github.action_path }}"
+
+    - name: Setup build environment
+      id: setup
+      run: |
+        ${{ github.action_path }}/box.sh "Setting up build environment"
+        echo -e "Installing TFLint"
+        curl -L "$(curl -Ls https://api.github.com/repos/terraform-linters/tflint/releases/latest | grep -o -E "https://.+?_linux_amd64.zip")" -o tflint.zip && unzip tflint.zip && rm tflint.zip
+        curl -L "$(curl -Ls https://api.github.com/repos/terraform-linters/tflint-ruleset-aws/releases/latest | grep -o -E "https://.+?_linux_amd64.zip")" -o tflint-ruleset.zip && unzip tflint-ruleset.zip && rm tflint-ruleset.zip
+        mkdir -p ./.tflint.d/plugins/
+        mv tflint-ruleset-aws ./.tflint.d/plugins/
+        echo -e "\n"
+      shell: bash
+      working-directory: "${{ inputs.build_path }}/infrastructure"
+
+    - name: Terraform Init
+      id: init
+      run: |
+        ${{ github.action_path }}/box.sh "Running Terraform init"
+        terraform init -backend-config="region=eu-west-1" -backend-config="dynamodb_table=${{ inputs.terraform_state_dynamodb_table }}" -backend-config="encrypt=true" -backend-config="workspace_key_prefix=${{ inputs.terraform_state_s3_key_prefix }}" -backend-config="bucket=${{ inputs.terraform_state_s3_bucket }}" -backend-config="key=${{ inputs.terraform_state_s3_key_prefix }}/${{ inputs.environment }}/terraform.tfstate"
+        echo -e "Terraform S3 bucket: ${{ inputs.terraform_state_s3_bucket }}"
+        echo -e "Terraform state file: ${{ inputs.terraform_state_s3_key_prefix }}/${{ inputs.environment }}/terraform.tfstate"
+        echo -e "\n"
+      shell: bash
+      working-directory: "${{ inputs.build_path }}/infrastructure"
+
+    - name: Terraform Validate
+      id: validate
+      run: |
+        ${{ github.action_path }}/box.sh "Running Terraform validate"
+        terraform validate
+        echo -e "\n"
+      shell: bash
+      working-directory: "${{ inputs.build_path }}/infrastructure"
+
+    - name: TFLint
+      id: lint
+      run: |
+        ${{ github.action_path }}/box.sh "Running TFLint"
+        ./tflint --init
+        export TFLINT_LOG=info
+        ./tflint --var-file='./environments/${{ inputs.environment }}/${{ inputs.environment }}.tfvars' --module --config=./.tflint.hcl || true
+        # echo -e "\n"
+      shell: bash
+      working-directory: "${{ inputs.build_path }}/infrastructure"
+
+    - name: Terraform Plan
+      id: plan
+      run: |
+        export TF_VAR_environment=${environment}
+          ${{ github.action_path }}/box.sh "Running Terraform plan"
+          plan_command="terraform plan -var-file='./environments/${{ inputs.environment }}/${{ inputs.environment }}.tfvars' -var 'region=${{ inputs.aws_deploy_region }}' -var 'image_tag=${{ inputs.image_tag }}' -input=false -out=plan.out"
+          if [ "${{ inputs.branch }}" == "main" ]; then
+            eval $plan_command
+          else
+            plan_command+=" -lock=false"
+            eval $plan_command
+          fi
+          echo -e "\n"
+      shell: bash
+      working-directory: "${{ inputs.build_path }}/infrastructure"
+
+    - name: Terraform Apply
+      id: apply
+      run: |
+        if [ "${{ inputs.branch }}" == "main" ]; then
+          ${{ github.action_path }}/box.sh "Running Terraform apply"
+          terraform apply -auto-approve -input=false plan.out
+        else
+          echo -e "Not on dev, staging or main branch, so skipping Terraform apply."
+        fi
+        echo -e "Terraform run completed successfully."
+      shell: bash
+      working-directory: "${{ inputs.build_path }}/infrastructure"
diff --git a/.github/actions/terraform/box.sh b/.github/actions/terraform/box.sh
@@ -0,0 +1,4 @@
+#!/usr/bin/env bash
+echo $1 | sed -e 's/^/../' -e 's/$/../' -e 's/./*/g'
+echo $1 | sed -e 's/^/* /' -e 's/$/ */'
+echo $1 | sed -e 's/^/../' -e 's/$/../' -e 's/./*/g'
diff --git a/cmd/order-book/main.go b/cmd/order-book/main.go
@@ -18,24 +18,22 @@ import (
 	"github.com/orbs-network/order-book/transport/rest"
 )
 
-// TODO: handle build version better
-const VERSION = "1.0.1"
-
 func main() {
 	setup()
 }
 
 func setup() {
-	log.Print("Order book version: ", VERSION)
-
 	redisAddress, found := os.LookupEnv("REDIS_URL")
 	if !found {
-		panic("REDIS_URL not set")
+		redisAddress, found = os.LookupEnv("REDISCLOUD_URL")
+		if !found {
+			panic("Neither REDIS_URL nor REDISCLOUD_URL is set")
+		}
 	}
 
 	opt, err := redis.ParseURL(redisAddress)
 	if err != nil {
-		panic(fmt.Errorf("failed to parse redis url: %v", err))
+		panic(fmt.Errorf("failed to parse redis URL: %v", err))
 	}
 
 	log.Printf("Redis address: %s", opt.Addr)

diff --git a/infrastructure/.terraform.lock.hcl b/infrastructure/.terraform.lock.hcl
diff --git a/infrastructure/environments/dev/dev.tfvars b/infrastructure/environments/dev/dev.tfvars
@@ -0,0 +1,4 @@
+environment_name       = "development"
+log_level              = "info"
+maker_mock_api_key     = "test"
+maker_mock_private_key = "0xtest"
diff --git a/infrastructure/environments/prod/prod.tfvars b/infrastructure/environments/prod/prod.tfvars
@@ -1,3 +1,2 @@
-environment_name = "prod"
-image_tag        = "0.0.1"
-az_count         = 1
+environment_name = "production"
+log_level        = "info"
diff --git a/infrastructure/environments/staging/staging.tfvars b/infrastructure/environments/staging/staging.tfvars
@@ -0,0 +1,2 @@
+environment_name = "staging"
+log_level        = "info"
diff --git a/infrastructure/locals.tf b/infrastructure/locals.tf
@@ -0,0 +1,7 @@
+locals {
+  redis_plan = {
+    development = "rediscloud"
+    staging     = "rediscloud:100"
+    production  = "rediscloud:500"
+  }
+}