feat: release (#82)

mishraomp · Copilot · web-flow · commit 5253b17c071f · 2025-06-09T14:39:47.000-07:00
* feat: prod release

* chore: fix the external action call

* good catch

Co-authored-by: Copilot &lt;175728472+Copilot@users.noreply.github.com&gt;

* good catch

Co-authored-by: Copilot &lt;175728472+Copilot@users.noreply.github.com&gt;

* good catch

Co-authored-by: Copilot &lt;175728472+Copilot@users.noreply.github.com&gt;

---------

Co-authored-by: Copilot &lt;175728472+Copilot@users.noreply.github.com&gt;
diff --git a/.github/workflows/merge.yml b/.github/workflows/merge.yml
@@ -43,6 +43,20 @@ jobs:
       tag: ${{ needs.vars.outputs.pr }}
       app_env: dev
     secrets: inherit
+  retag-images-dev:
+    name: Retag Images Dev
+    needs: [deploy_stack_dev, vars]
+    runs-on: ubuntu-24.04
+    steps:
+      - name: retag
+        uses: shrink/actions-docker-registry-tag@f04afd0559f66b288586792eb150f45136a927fa # v4
+        with:
+          registry: ghcr.io
+          repository: ${{ github.repository }}
+          target:  ${{ needs.vars.outputs.pr }}
+          tags: |
+            dev
+
   e2e:
     name: E2E Tests
     needs: [deploy_stack_dev]
@@ -59,6 +73,19 @@ jobs:
       tag: ${{ needs.vars.outputs.pr }}
       app_env: test
     secrets: inherit
+  retag-images-test:
+    name: Retag Images Test
+    needs: [deploy_stack_test, vars]
+    runs-on: ubuntu-24.04
+    steps:
+      - name: retag
+        uses: shrink/actions-docker-registry-tag@f04afd0559f66b288586792eb150f45136a927fa # v4
+        with:
+          registry: ghcr.io
+          repository: ${{ github.repository }}
+          target:  ${{ needs.vars.outputs.pr }}
+          tags: |
+            test
   pause-resources:
     name: Pause Resources # This job pauses resources for the merged PR which is needed if the resources were not paused, this is to save money, remove it after cloning.
     needs: [deploy_stack_test]
diff --git a/.github/workflows/pause-resources.yml b/.github/workflows/pause-resources.yml
@@ -93,4 +93,46 @@ jobs:
             aws rds stop-db-cluster --db-cluster-identifier ${{ needs.stack-prefix.outputs.stack_prefix }}-aurora-test --no-cli-pager --output json
           else
             echo "DB cluster is not in an available state. Current state: $DB_CLUSTER_STATUS"
+          fi        
+          pause-resources-test:
+  pause-resources-prod:
+    name: Pause Resources PROD
+    environment: prod
+    needs: [stack-prefix]
+    runs-on: ubuntu-24.04
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4
+        with:
+          role-to-assume: ${{ secrets.AWS_DEPLOY_ROLE_ARN }}
+          role-session-name: gha-pause-resources
+          aws-region: ca-central-1
+      - name: Pause AWS Resources
+        shell: bash
+        run: |
+          DB_CLUSTER_STATUS=$(aws rds describe-db-clusters --db-cluster-identifier ${{ needs.stack-prefix.outputs.stack_prefix }}-aurora-prod --query 'DBClusters[0].Status' --output text 2>/dev/null || echo "false")
+          if [ "$DB_CLUSTER_STATUS" = "false" ]; then
+            echo "skipping pause operation, DB cluster does not exist"
+            exit 0
+          fi
+          CLUSTER_NAME="ecs-cluster-${{ needs.stack-prefix.outputs.stack_prefix }}-node-api-prod"
+          SERVICE_NAME="${{ needs.stack-prefix.outputs.stack_prefix }}-node-api-prod-service"
+          CLUSTER_EXISTS=$(aws ecs describe-clusters --clusters $CLUSTER_NAME --query 'clusters[0].status' --output text)
+          if [ "$CLUSTER_EXISTS" = "ACTIVE" ]; then
+          SERVICE_EXISTS=$(aws ecs describe-services --cluster $CLUSTER_NAME --services $SERVICE_NAME --query 'services[0].status' --output text)
+          if [ "$SERVICE_EXISTS" = "ACTIVE" ]; then
+            aws application-autoscaling register-scalable-target --service-namespace ecs --resource-id service/$CLUSTER_NAME/$SERVICE_NAME --scalable-dimension ecs:service:DesiredCount --min-capacity 0 --max-capacity 0 --no-cli-pager --output json
+          else
+            echo "ECS service $SERVICE_NAME does not exist in cluster $CLUSTER_NAME."
+          fi
+          else
+          echo "ECS cluster $CLUSTER_NAME does not exist."
+          fi
+          DB_CLUSTER_STATUS=$(aws rds describe-db-clusters --db-cluster-identifier ${{ needs.stack-prefix.outputs.stack_prefix }}-aurora-prod --query 'DBClusters[0].Status' --output text)
+          if [ "$DB_CLUSTER_STATUS" = "available" ]; then
+            aws rds stop-db-cluster --db-cluster-identifier ${{ needs.stack-prefix.outputs.stack_prefix }}-aurora-prod --no-cli-pager --output json
+          else
+            echo "DB cluster is not in an available state. Current state: $DB_CLUSTER_STATUS"
           fi        
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -0,0 +1,79 @@
+name: PROD
+on:
+  workflow_dispatch:
+
+permissions:
+    id-token: write # This is required for requesting the JWT
+    contents: write # This is required for actions/checkout
+    packages: write
+jobs:
+  vars:
+    name: Vars
+    runs-on: ubuntu-24.04
+    outputs:
+      tag: ${{ steps.changelog.outputs.tag }}
+      version: ${{ steps.changelog.outputs.version }}
+      clean_changelog: ${{ steps.changelog.outputs.clean_changelog }}
+    steps:
+      - uses: actions/checkout@v4
+      - name: Conventional Changelog Update
+        uses: TriPSs/conventional-changelog-action@v6
+        id: changelog
+        continue-on-error: true
+        with:
+          github-token: ${{ github.token }}
+          output-file: "CHANGELOG.md"
+          skip-version-file: "true"
+          skip-commit: "true"
+          git-push: "true"
+  retag-images:
+    name: Retag Images
+    needs: [vars]
+    runs-on: ubuntu-24.04
+    steps:
+      - name: retag
+        uses: shrink/actions-docker-registry-tag@f04afd0559f66b288586792eb150f45136a927fa # v4
+        with:
+          registry: ghcr.io
+          repository: ${{ github.repository }}
+          target:  test # this is the tag of the containers to deploy
+          tags: |
+            prod
+            ${{ needs.vars.outputs.version}}
+  resume-resources:
+    name: Resume Resources # This job resumes resources for the merged PR which is needed if the resources were paused.
+    needs: [vars]
+    uses: ./.github/workflows/resume-resources.yml
+    secrets: inherit
+  deploy:
+    name: Deploy Stack
+    needs: [vars, resume-resources, retag-images]
+    uses: ./.github/workflows/.deploy_stack.yml
+    secrets: inherit
+    with:
+      environment_name: dev # since we only have one namespace dev, update this to PROD
+      command: apply
+      tag: ${{ needs.vars.outputs.version}} # this is the tag of the containers to deploy
+      app_env: prod
+  release:
+    name: Github Release
+    runs-on: ubuntu-24.04
+    needs: [vars, deploy]
+    if: ${{ needs.vars.outputs.tag != '' }}
+    steps:
+      - name: Create Release
+        uses: softprops/action-gh-release@v2
+        if: ${{ needs.vars.outputs.tag != ''}}
+        continue-on-error: true
+        env:
+          GITHUB_TOKEN: ${{ github.token }}
+        with:
+          token: ${{ github.token }}
+          tag_name: ${{ needs.vars.outputs.tag }}
+          name: ${{ needs.vars.outputs.tag }}
+          body: ${{ needs.vars.outputs.clean_changelog }}
+  pause-resources:
+    name: Pause Resources # This job pauses resources for the merged PR which is needed if the resources were not paused, this is to save money, remove it after cloning.
+    needs: [release]
+    uses: ./.github/workflows/pause-resources.yml
+    secrets: inherit
diff --git a/.github/workflows/resume-resources.yml b/.github/workflows/resume-resources.yml
@@ -103,4 +103,49 @@ jobs:
           fi
           aws application-autoscaling register-scalable-target --service-namespace ecs --resource-id service/ecs-cluster-${{ needs.stack-prefix.outputs.stack_prefix }}-node-api-test/${{ needs.stack-prefix.outputs.stack_prefix }}-node-api-test-service --scalable-dimension ecs:service:DesiredCount --min-capacity 1 --max-capacity 2 --no-cli-pager --output json
           aws ecs update-service --cluster ecs-cluster-${{ needs.stack-prefix.outputs.stack_prefix }}-node-api-test --service ${{ needs.stack-prefix.outputs.stack_prefix }}-node-api-test-service --desired-count 1 --no-cli-pager --output json
+  resume-resources-prod:
+    name: Resume Resources PROD
+    environment: prod
+    needs: [stack-prefix]
+    runs-on: ubuntu-24.04
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4
+        with:
+          role-to-assume: ${{ secrets.AWS_DEPLOY_ROLE_ARN }}
+          role-session-name: gha-resume-resources
+          aws-region: ca-central-1
+      - name: Resume AWS Resources
+        shell: bash
+        run: |
+          # check if resources exist first
+          DB_CLUSTER_STATUS=$(aws rds describe-db-clusters --db-cluster-identifier ${{ needs.stack-prefix.outputs.stack_prefix }}-aurora-prod --query 'DBClusters[0].Status' --output text 2>/dev/null || echo "false")
+          if [ "$DB_CLUSTER_STATUS" = "false" ]; then
+            echo "skipping pause operation, DB cluster does not exist"
+            exit 0
+          fi
+          if [ "$DB_CLUSTER_STATUS" = "stopped" ]; then
+            aws rds start-db-cluster --db-cluster-identifier ${{ needs.stack-prefix.outputs.stack_prefix }}-aurora-prod --no-cli-pager --output json
+            # wait for the cluster to be available
+            attempt=1
+            max_attempts=20
+            until [[ $(aws rds describe-db-clusters --db-cluster-identifier ${{ needs.stack-prefix.outputs.stack_prefix }}-aurora-prod --query 'DBClusters[0].Status' --output text) == "available" ]] || [[ $attempt -gt $max_attempts ]]
+            do
+              echo "Waiting for DB cluster to be available... Attempt $attempt of $max_attempts"
+              sleep 60
+              ((attempt++))
+            done
+
+            if [[ $attempt -gt $max_attempts ]]; then
+              echo "Timeout waiting for DB cluster to become available"
+              exit 1
+            fi
+            echo "DB cluster is now available"
+          else
+            echo "DB cluster is not in a stopped state. Current state: $DB_CLUSTER_STATUS"
+          fi
+          aws application-autoscaling register-scalable-target --service-namespace ecs --resource-id service/ecs-cluster-${{ needs.stack-prefix.outputs.stack_prefix }}-node-api-prod/${{ needs.stack-prefix.outputs.stack_prefix }}-node-api-prod-service --scalable-dimension ecs:service:DesiredCount --min-capacity 1 --max-capacity 2 --no-cli-pager --output json
+          aws ecs update-service --cluster ecs-cluster-${{ needs.stack-prefix.outputs.stack_prefix }}-node-api-prod --service ${{ needs.stack-prefix.outputs.stack_prefix }}-node-api-prod-service --desired-count 1 --no-cli-pager --output json
           
diff --git a/terraform/api/prod/terragrunt.hcl b/terraform/api/prod/terragrunt.hcl
@@ -0,0 +1,23 @@
+include {
+  path = find_in_parent_folders()
+}
+locals {
+  app_env          = get_env("app_env")
+  flyway_image              = get_env("flyway_image")
+  api_image          = get_env("api_image")
+  target_env              = get_env("target_env")
+  
+}
+
+# Include the common terragrunt configuration for all modules
+generate "prod_tfvars" {
+  path              = "prod.auto.tfvars"
+  if_exists         = "overwrite"
+  disable_signature = true
+  contents          = <<-EOF
+  target_env = "prod"
+  flyway_image="${local.flyway_image}"
+  api_image="${local.api_image}"
+  app_env="${local.app_env}"
+EOF
+}
diff --git a/terraform/api/test/terragrunt.hcl b/terraform/api/test/terragrunt.hcl
@@ -10,8 +10,8 @@ locals {
 }
 
 # Include the common terragrunt configuration for all modules
-generate "dev_tfvars" {
-  path              = "dev.auto.tfvars"
+generate "test_tfvars" {
+  path              = "test.auto.tfvars"
   if_exists         = "overwrite"
   disable_signature = true
   contents          = <<-EOF
diff --git a/terraform/database/prod/terragrunt.hcl b/terraform/database/prod/terragrunt.hcl
@@ -0,0 +1,18 @@
+include {
+  path = find_in_parent_folders()
+}
+locals {
+  app_env              = get_env("app_env")
+}
+
+# Include the common terragrunt configuration for all modules
+generate "prod_tfvars" {
+  path              = "prod.auto.tfvars"
+  if_exists         = "overwrite"
+  disable_signature = true
+  contents          = <<-EOF
+  target_env = "prod"
+  backup_retention_period=1
+  ha_enabled=false
+EOF
+}
diff --git a/terraform/database/test/terragrunt.hcl b/terraform/database/test/terragrunt.hcl
@@ -6,8 +6,8 @@ locals {
 }
 
 # Include the common terragrunt configuration for all modules
-generate "dev_tfvars" {
-  path              = "dev.auto.tfvars"
+generate "test_tfvars" {
+  path              = "test.auto.tfvars"
   if_exists         = "overwrite"
   disable_signature = true
   contents          = <<-EOF
diff --git a/terraform/frontend/prod/terragrunt.hcl b/terraform/frontend/prod/terragrunt.hcl
@@ -0,0 +1,18 @@
+include {
+  path = find_in_parent_folders()
+}
+locals {
+  app_env          = get_env("app_env")
+  target_env              = get_env("target_env")
+  
+}
+
+# Include the common terragrunt configuration for all modules
+generate "prod_tfvars" {
+  path              = "prod.auto.tfvars"
+  if_exists         = "overwrite"
+  disable_signature = true
+  contents          = <<-EOF
+  target_env = "prod"
+EOF
+}
diff --git a/terraform/frontend/test/terragrunt.hcl b/terraform/frontend/test/terragrunt.hcl
@@ -8,8 +8,8 @@ locals {
 }
 
 # Include the common terragrunt configuration for all modules
-generate "dev_tfvars" {
-  path              = "dev.auto.tfvars"
+generate "test_tfvars" {
+  path              = "test.auto.tfvars"
   if_exists         = "overwrite"
   disable_signature = true
   contents          = <<-EOF
