Merge pull request eventuate-tram#17 from pranaysahith/master

Deploy customer, order, orderhistory service to ECS using codepipeline

aws-fargate-terraform/buildspec.yml

@@ -0,0 +1,45 @@
+version: 0.2
+
+phases:
+  install:
+    runtime-versions:
+      java: openjdk8
+      docker: 18
+  pre_build:
+    commands:
+      - $(aws ecr get-login --region ${region} --no-include-email)
+      - REGISTRY_URI_CUSTOMER=${repository_url_customer}
+      - REGISTRY_URI_ORDER=${repository_url_order}
+      - REGISTRY_URI_ORDER_HISTORY=${repository_url_orderhistory}
+      - IMAGE_TAG=$(echo $CODEBUILD_RESOLVED_SOURCE_VERSION | cut -c 1-7)
+      - echo Finished the pre_build phase...
+  build:
+    commands:
+      - echo Build started on `date`
+      - echo Building the Docker image...
+      - export DOCKER_HOST_IP=`hostname -i`
+      - ./gradlew assemble
+      - docker build -t $REGISTRY_URI_CUSTOMER:$IMAGE_TAG customer-service
+      - docker build -t $REGISTRY_URI_ORDER:$IMAGE_TAG order-service
+      - docker build -t $REGISTRY_URI_ORDER_HISTORY:$IMAGE_TAG order-history-service
+
+  post_build:
+    commands:
+      - echo Build completed on `date`
+      - echo Pushing the Docker images...
+      - docker push $REGISTRY_URI_ORDER:$IMAGE_TAG
+      - docker push $REGISTRY_URI_CUSTOMER:$IMAGE_TAG
+      - docker push $REGISTRY_URI_ORDER_HISTORY:$IMAGE_TAG
+      - echo Writing image definitions file...
+      - printf '[{"name":"order","imageUri":"%s"}]' $REGISTRY_URI_ORDER:$IMAGE_TAG > imagedefinitions1.json
+      - printf '[{"name":"customer","imageUri":"%s"}]' $REGISTRY_URI_CUSTOMER:$IMAGE_TAG > imagedefinitions2.json
+      - printf '[{"name":"orderhistory","imageUri":"%s"}]' $REGISTRY_URI_ORDER_HISTORY:$IMAGE_TAG > imagedefinitions3.json
+      - ls -l
+      - cat imagedefinitions1.json
+      - cat imagedefinitions2.json
+      - cat imagedefinitions3.json
+artifacts:
+  files:
+    - imagedefinitions1.json
+    - imagedefinitions2.json
+    - imagedefinitions3.json

aws-fargate-terraform/codebuild_policy.json

@@ -0,0 +1,41 @@
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Effect": "Allow",
+      "Resource": [
+        "*"
+      ],
+      "Action": [
+        "logs:CreateLogGroup",
+        "logs:CreateLogStream",
+        "logs:PutLogEvents",
+        "ecr:GetAuthorizationToken",
+        "ecr:InitiateLayerUpload",
+        "ecr:UploadLayerPart",
+        "ecr:CompleteLayerUpload",
+        "ecr:BatchCheckLayerAvailability",
+        "ecr:PutImage",
+        "ecr:GetDownloadUrlForLayer",
+        "ecr:BatchGetImage",
+        "ecr:BatchCheckLayerAvailability",
+        "ecs:RunTask",
+        "iam:PassRole"
+      ]
+    },
+    {
+      "Effect":"Allow",
+      "Action": [
+        "s3:GetObject",
+        "s3:GetObjectVersion",
+        "s3:GetBucketVersioning",
+        "s3:List*",
+        "s3:PutObject"
+      ],
+      "Resource": [
+        "${aws_s3_bucket_arn}",
+        "${aws_s3_bucket_arn}/*"
+      ]
+    }
+  ]
+}

aws-fargate-terraform/codebuild_role.json

@@ -0,0 +1,12 @@
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Effect": "Allow",
+      "Principal": {
+        "Service": "codebuild.amazonaws.com"
+      },
+      "Action": "sts:AssumeRole"
+    }
+  ]
+}

aws-fargate-terraform/codepipeline.json

@@ -0,0 +1,103 @@
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Effect":"Allow",
+      "Action": [
+        "s3:GetObject",
+        "s3:GetObjectVersion",
+        "s3:GetBucketVersioning",
+        "s3:List*",
+        "s3:PutObject"
+      ],
+      "Resource": [
+        "${aws_s3_bucket_arn}",
+        "${aws_s3_bucket_arn}/*"
+      ]
+    },
+    {
+      "Effect": "Allow",
+      "Action": [
+        "codebuild:BatchGetBuilds",
+        "codebuild:StartBuild"
+      ],
+      "Resource": "*"
+    },
+    {
+      "Action": [
+        "ecs:*",
+        "events:DescribeRule",
+        "events:DeleteRule",
+        "events:ListRuleNamesByTarget",
+        "events:ListTargetsByRule",
+        "events:PutRule",
+        "events:PutTargets",
+        "events:RemoveTargets",
+        "iam:ListAttachedRolePolicies",
+        "iam:ListInstanceProfiles",
+        "iam:ListRoles",
+        "logs:CreateLogGroup",
+        "logs:DescribeLogGroups",
+        "logs:FilterLogEvents"
+      ],
+      "Resource": "*",
+      "Effect": "Allow"
+    },
+    {
+      "Action": "iam:PassRole",
+      "Effect": "Allow",
+      "Resource": [
+        "*"
+      ],
+      "Condition": {
+        "StringLike": {
+          "iam:PassedToService": "ecs-tasks.amazonaws.com"
+        }
+      }
+    },
+    {
+      "Action": "iam:PassRole",
+      "Effect": "Allow",
+      "Resource": [
+        "arn:aws:iam::*:role/ecsInstanceRole*"
+      ],
+      "Condition": {
+        "StringLike": {
+          "iam:PassedToService": [
+            "ec2.amazonaws.com",
+            "ec2.amazonaws.com.cn"
+          ]
+        }
+      }
+    },
+    {
+      "Action": "iam:PassRole",
+      "Effect": "Allow",
+      "Resource": [
+        "arn:aws:iam::*:role/ecsAutoscaleRole*"
+      ],
+      "Condition": {
+        "StringLike": {
+          "iam:PassedToService": [
+            "application-autoscaling.amazonaws.com",
+            "application-autoscaling.amazonaws.com.cn"
+          ]
+        }
+      }
+    },
+    {
+      "Effect": "Allow",
+      "Action": "iam:CreateServiceLinkedRole",
+      "Resource": "*",
+      "Condition": {
+        "StringLike": {
+          "iam:AWSServiceName": [
+            "ecs.amazonaws.com",
+            "spot.amazonaws.com",
+            "spotfleet.amazonaws.com"
+          ]
+        }
+      }
+    }
+  ]
+}