aws-global-variables.yml 8.55 KB
Newer Older
1
2
3
4
.aws_variables:      

  before_script:
    - |
5
      # A tag with format v0.15.0 or branch name with format release/0.15 will run on secondary environment
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
      # All negative matches will run on the primary environment
      TAG_REGEX="v?+[0-9]+\.[0-9]+\.[0-9]+"
      BRANCH_REGEX="release\/[0-9]+\.[0-9]+"

      if echo "$CI_COMMIT_TAG" | grep -Eq $TAG_REGEX; then
        echo "Tag: $CI_COMMIT_TAG - deploying on secondary environment."
        MAJOR=$(echo "$CI_COMMIT_TAG" | grep -Eo '([0-9]+)' | sed -n 1p)
        MINOR=$(echo "$CI_COMMIT_TAG" | grep -Eo '([0-9]+)' | sed -n 2p)

        RESOURCE_PREFIX="osdu-rel-${MAJOR}-${MINOR}"
        echo "Deploying to environment with resource prefix: ${RESOURCE_PREFIX}"

        export AWS_INFRA_STACK_NAME="${RESOURCE_PREFIX}-infra";
        export AWS_REGION="us-east-2";
        export AWS_DOMAIN="release-${MAJOR}-${MINOR}.${AWS_BASE_DOMAIN}";    

      elif echo "$CI_COMMIT_BRANCH" | grep -Eq $BRANCH_REGEX; then
        echo "Branch: $CI_COMMIT_BRANCH - deploying on secondary environment."
        MAJOR=$(echo "$CI_COMMIT_BRANCH" | grep -Eo '([0-9]+)' | sed -n 1p)
        MINOR=$(echo "$CI_COMMIT_BRANCH" | grep -Eo '([0-9]+)' | sed -n 2p)

        RESOURCE_PREFIX="osdu-rel-${MAJOR}-${MINOR}"
        echo "Deploying to environment with resource prefix: ${RESOURCE_PREFIX}"

        export AWS_INFRA_STACK_NAME="${RESOURCE_PREFIX}-infra";
        export AWS_REGION="us-east-2";
        export AWS_DOMAIN="release-${MAJOR}-${MINOR}.${AWS_BASE_DOMAIN}";   

      else
        echo "Release branch or tag is not used. Deploying to primary..."
36
37
38
39
40
41
42
43
44
45
46
47
        echo "##### DEPLOYING TO EKS ######"

        # echo "##### USING GREEN DEPLOYMENT ######"
        # export AWS_INFRA_STACK_NAME="$AWS_GREEN_INFRA_STACK_NAME";
        # export AWS_REGION="$AWS_GREEN_REGION";
        # export AWS_DOMAIN="${AWS_GREEN_SUBDOMAIN}.${AWS_BASE_DOMAIN}";        
        # export RESOURCE_PREFIX="$AWS_GREEN_RESOURCE_PREFIX";      

        echo "##### USING BLUE DEPLOYMENT ######"
        export AWS_INFRA_STACK_NAME="$AWS_BLUE_INFRA_STACK_NAME";
        export AWS_REGION="$AWS_BLUE_REGION";
        export AWS_DOMAIN="${AWS_BLUE_SUBDOMAIN}.${AWS_BASE_DOMAIN}";        
48
        export RESOURCE_PREFIX="$AWS_BLUE_RESOURCE_PREFIX";
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
        
      fi      

      export S3_LEGAL_CONFIG_BUCKET=$(aws ssm get-parameter --name /osdu/${RESOURCE_PREFIX}/tenants/shared/legal/s3DataBucket/name --query Parameter.Value  --output text --region $AWS_REGION);    
      export POLICY_BUCKET=$(aws ssm get-parameter --name /osdu/${RESOURCE_PREFIX}/policy/s3DataBucket/name --query Parameter.Value  --output text --region $AWS_REGION);          
      export AWS_COGNITO_CLIENT_ID=$(aws ssm get-parameter --name /osdu/${RESOURCE_PREFIX}/cognito-client-id --query Parameter.Value  --output text --region $AWS_REGION);
      export AWS_COGNITO_USER_POOL_ID=$(aws ssm get-parameter --name /osdu/${RESOURCE_PREFIX}/cognito-user-pool-id --query Parameter.Value  --output text --region $AWS_REGION);

      export ELASTIC_HOST=$(aws ssm get-parameter --name /osdu/${RESOURCE_PREFIX}/elasticsearch/end-point --query Parameter.Value  --output text --region $AWS_REGION);
      export ELASTIC_SECRET_STRING=$(aws secretsmanager get-secret-value --secret-id /osdu/${RESOURCE_PREFIX}/elasticsearch/credentials --query SecretString  --output json --region $AWS_REGION | sed -e 's/\\\"/\"/g' -e 's/^.//g' -e 's/.$//g');
      export ELASTIC_USER_NAME=$(echo $ELASTIC_SECRET_STRING | jq -r '.username');
      export ELASTIC_PASSWORD=$(echo $ELASTIC_SECRET_STRING | jq -r '.password');

      export AWS_BASE_URL="https://${AWS_DOMAIN}";
      export HOST_URL="${AWS_BASE_URL}/api/legal/v1/"
      export LEGALTAG_BASE_URL="${AWS_DOMAIN}"
      export STORAGE_URL="${AWS_BASE_URL}/api/storage/v2/"
      export LEGAL_URL="${AWS_BASE_URL}/api/legal/v1/"
      export SEARCH_HOST="${AWS_BASE_URL}/api/search/v2/"
      export STORAGE_HOST="${AWS_BASE_URL}/api/storage/v2/"
      export LEGAL_HOST="${AWS_BASE_URL}/api/legal/v1/"
      export DELIVERY_HOST="${AWS_BASE_URL}/api/delivery/v2/"
      export INDEXER_HOST="${AWS_BASE_URL}/api/indexer/v2/"
      export ENTITLEMENTS_URL="${AWS_BASE_URL}/api/entitlements/v2/"
      export VIRTUAL_SERVICE_HOST_NAME="${AWS_DOMAIN}"
      export HOST="${AWS_BASE_URL}"
      # needs trailing slash
      export PARTITION_BASE_URL="${AWS_BASE_URL}/"
      export WORKFLOW_HOST="${AWS_BASE_URL}/api/workflow/"
      export DATA_WORKFLOW_HOST="${AWS_BASE_URL}/api/data-workflow/v1"
      export REGISTER_CUSTOM_PUSH_URL="${AWS_BASE_URL}/api/register/v1/awstest/aws/challenge"
      export REGISTER_CUSTOM_PUSH_URL1="${AWS_BASE_URL}/api/register/v1/awstest/aws/challenge/1"
      # needs trailing slash
      export REGISTER_BASE_URL="${AWS_BASE_URL}/"
      export REGISTER_CUSTOM_PUSH_URL_HMAC="${AWS_BASE_URL}/api/register/v1/awstest/aws/challenge/1"
      export NOTIFICATION_BASE_URL="${AWS_BASE_URL}/api/notification/v1/"
      export NOTIFICATION_REGISTER_BASE_URL="${AWS_BASE_URL}"
      export FILE_SERVICE_HOST="${AWS_BASE_URL}/api/file/v2"
      export STORAGE_BASE_URL="${AWS_BASE_URL}/api/storage/v2/"
      export DATASET_BASE_URL="${AWS_BASE_URL}/api/dataset/v1/"
      export LEGAL_BASE_URL="${AWS_BASE_URL}/api/legal/v1/"
      export ENTITLEMENTS_BASE_URL="${AWS_BASE_URL}/api/entitlements/v2/"
      export FILEDMS_BASE_URL="${AWS_BASE_URL}/api/dms/file/v1/"
      export SEISMICSTORE_SVC_URL="${AWS_BASE_URL}/api/seismic-store/v3"
      export WELLBORE_DDMS_URL="${AWS_BASE_URL}/api/os-wellbore-ddms"
      export EDSDMS_BASE_URL="${AWS_BASE_URL}/api/dms/eds/v1/"
      export SCHEMA_BASE_URL="${AWS_BASE_URL}/api/schema-service/v1/"
      export ENTITLEMENT_V2_URL="${AWS_BASE_URL}/api/entitlements/v2/"
      export LEGAL_QUEUE="https://sqs.${AWS_REGION}.amazonaws.com/${AWS_ACCOUNT_ID}/${RESOURCE_PREFIX}-legal-queue"
      # for well-delivery service
      export SCHEMA_HOST="${AWS_BASE_URL}/api/schema-service/v1"
      export WELL_DELIVERY_URL="${AWS_BASE_URL}/api/well-delivery/"


      export AWS_COGNITO_REGION="$AWS_REGION"
      export AWS_S3_ENDPOINT="s3.${AWS_REGION}.amazonaws.com"
      export AWS_S3_REGION="$AWS_REGION"

      export DYNAMO_DB_REGION="$AWS_REGION"
      export DYNAMO_DB_ENDPOINT="dynamodb.${AWS_REGION}.amazonaws.com"
      export WORKFLOW_DYNAMODB_ENDPOINT=${DYNAMO_DB_ENDPOINT}
   
      export TABLE_PREFIX="$RESOURCE_PREFIX"
      export AWS_CLUSTER_NAME="${RESOURCE_PREFIX}-core-cluster"

      echo "#### USING OSDU BASE URL: $AWS_BASE_URL ####"

.aws_common_variables:
  variables:
Elsi Abraham's avatar
Elsi Abraham committed
118
    AWS: 'true'
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
    ACCESS_KEY_ID: $AWS_ACCOUNT_ACCESS_KEY_ID
    SECRET_ACCESS_KEY: $AWS_ACCOUNT_SECRET_ACCESS_KEY
    AWS_ACCESS_KEY_ID: $AWS_ACCOUNT_ACCESS_KEY_ID
    AWS_SECRET_ACCESS_KEY: $AWS_ACCOUNT_SECRET_ACCESS_KEY
    INTEGRATION_TEST_DIR: $AWS_TEST_SUBDIR
    SERVICE_NAME: $AWS_SERVICE
    BUILD_DIR: $AWS_BUILD_SUBDIR
    ENVIRONMENT: $AWS_ENVIRONMENT
    APPLICATION_NAME: os-$AWS_SERVICE
    LOCAL_IMAGE_TAG: $CI_REGISTRY_IMAGE/$CI_COMMIT_REF_SLUG:$CI_COMMIT_SHA
    AWS_IMAGE_TAG_BASE: ${AWS_ACCOUNT_ID}.dkr.ecr.${AWS_ECR_REGION}.amazonaws.com/os-${AWS_SERVICE}    
    OTHER_RELEVANT_DATA_COUNTRIES: $AWS_OTHER_RELEVANT_DATA_COUNTRIES
    LEGAL_TAG : $AWS_LEGAL_TAG
    TENANT_NAME : $AWS_TENANT_NAME
    PRIVATE_TENANT1: $AWS_DEFAULT_DATA_PARTITION_ID_TENANT1
    PRIVATE_TENANT2: tenant2
    SHARED_TENANT: $AWS_DEFAULT_DATA_PARTITION_ID_TENANT2
    VENDOR: aws
    DOMAIN: example.com
    AWS_COGNITO_AUTH_FLOW: $AWS_COGNITO_AUTH_FLOW
    AWS_COGNITO_AUTH_PARAMS_PASSWORD: $AWS_COGNITO_AUTH_PARAMS_PASSWORD
    AWS_COGNITO_AUTH_PARAMS_USER: $AWS_COGNITO_AUTH_PARAMS_USER
    AWS_COGNITO_AUTH_PARAMS_USER_NO_ACCESS: $AWS_COGNITO_AUTH_PARAMS_USER_NO_ACCESS    
    AWS_ACCOUNT_ID: $AWS_ACCOUNT_ID
    DEPLOY_ENV: empty    
    MY_TENANT: $AWS_TENANT_NAME
    ENTITLEMENTS_TEST_TENANT: $AWS_ENTITLEMENTS_TEST_TENANT
    LOG_LEVEL: INFO
    SKIP_HTTP_TESTS: 'true'    
    DELIVERY_INT_TEST_BUCKET_NAME: $AWS_DELIVERY_INT_TEST_BUCKET_NAME
    DEFAULT_DATA_PARTITION_ID_TENANT1: $AWS_DEFAULT_DATA_PARTITION_ID_TENANT1
    DEFAULT_DATA_PARTITION_ID_TENANT2: $AWS_DEFAULT_DATA_PARTITION_ID_TENANT2
    #used by file->delivery int tests
    DATA_PARTITION_ID: int-test-file    
    ENTITLEMENTS_DOMAIN: example.com    
    ELASTIC_PORT: 9200    
    TEST_DAG_NAME: my_first_dag    
    SUBSCRIBER_SECRET: $AWS_SUBSCRIBER_SECRET
    HMAC_SECRET: $AWS_HMAC_SECRET    
    PROVIDER_KEY: AWS_S3    
    #File Service Variables
    TIME_ZONE: UTC
    USER_ID: $AWS_COGNITO_AUTH_PARAMS_USER
    #Entitlements V2 variables--start--    
    TENANT: opendes
    SERVICE_PRINCIPAL_EMAIL: serviceprincipal@testing.com
165
    #Entitlements V2 variables--end--