|
1 | 1 | version: 2.1 |
| 2 | +orbs: |
| 3 | + aws-cli: circleci/[email protected] |
| 4 | + |
2 | 5 | commands: |
3 | 6 | deploy: |
4 | 7 | description: "Deployment of rules server" |
@@ -62,6 +65,24 @@ commands: |
62 | 65 | VAULT_PASSWORD_FILE=~/.vault-pass.txt app_zip_path=~/artifacts/ make rules-server-<< parameters.env >> |
63 | 66 |
|
64 | 67 | - run: rm ~/.vault-pass.txt |
| 68 | + setup_server_access: |
| 69 | + description: Generate and copy temporary keys to server |
| 70 | + parameters: |
| 71 | + instance-id: |
| 72 | + type: string |
| 73 | + os-user: |
| 74 | + type: string |
| 75 | + default: ubuntu |
| 76 | + availability-zone: |
| 77 | + type: string |
| 78 | + default: ap-south-1a |
| 79 | + steps: |
| 80 | + - run: rm -rf /tmp/temp_rsa_key* |
| 81 | + - run: ssh-keygen -b 2048 -t rsa -f /tmp/temp_rsa_key -q -N "" |
| 82 | + - run: eval `ssh-agent -s` |
| 83 | + - run: ssh-add /tmp/temp_rsa_key |
| 84 | + - run: | |
| 85 | + aws ec2-instance-connect send-ssh-public-key --instance-id << parameters.instance-id >> --availability-zone << parameters.availability-zone >> --instance-os-user << parameters.os-user >> --no-paginate --ssh-public-key file:///tmp/temp_rsa_key.pub --output text | head -1 |
65 | 86 |
|
66 | 87 | jobs: |
67 | 88 | app_test: |
@@ -205,7 +226,32 @@ jobs: |
205 | 226 | steps: |
206 | 227 | - deploy_ansible: |
207 | 228 | env: "prod" |
208 | | - |
| 229 | + RWB_STAGING_deploy: |
| 230 | + docker: |
| 231 | + - image: cimg/deploy:2023.09-node |
| 232 | + working_directory: ~/ |
| 233 | + steps: |
| 234 | + - aws-cli/setup: |
| 235 | + role_arn: "arn:aws:iam::730335671779:role/avni_circleci_instance_connect" |
| 236 | + - setup_server_access: |
| 237 | + instance-id: "i-00b50ac6e8413fdca" |
| 238 | + availability-zone: "ap-south-1b" |
| 239 | + - deploy_ansible: |
| 240 | + env: "rwb-staging" |
| 241 | + |
| 242 | + RWB_PRODUCTION_deploy: |
| 243 | + docker: |
| 244 | + - image: cimg/deploy:2023.09-node |
| 245 | + working_directory: ~/ |
| 246 | + steps: |
| 247 | + - aws-cli/setup: |
| 248 | + role_arn: "arn:aws:iam::730335671779:role/avni_circleci_instance_connect" |
| 249 | + - setup_server_access: |
| 250 | + instance-id: "i-015a3839bfe137346" |
| 251 | + availability-zone: "ap-south-1a" |
| 252 | + - deploy_ansible: |
| 253 | + env: "rwb-prod" |
| 254 | + |
209 | 255 | tags_filter: &tags_filter |
210 | 256 | filters: |
211 | 257 | tags: |
@@ -267,6 +313,27 @@ workflows: |
267 | 313 | context: non-prod-deploy |
268 | 314 | requires: |
269 | 315 | - PERF_approve |
| 316 | + - RWB_STAGING_approve: |
| 317 | + type: approval |
| 318 | + requires: |
| 319 | + - app_build |
| 320 | + - RWB_STAGING_deploy: |
| 321 | + context: |
| 322 | + - RWB_AWS_OIDC |
| 323 | + - non-prod-deploy |
| 324 | + requires: |
| 325 | + - RWB_STAGING_approve |
| 326 | + - RWB_PRODUCTION_approve: |
| 327 | + type: approval |
| 328 | + requires: |
| 329 | + - app_build |
| 330 | + - RWB_PRODUCTION_deploy: |
| 331 | + context: |
| 332 | + - RWB_AWS_OIDC |
| 333 | + - prod-deploy |
| 334 | + requires: |
| 335 | + - RWB_PRODUCTION_approve |
| 336 | + |
270 | 337 | notify: |
271 | 338 | webhooks: |
272 | 339 | - url: https://webhooks.gitter.im/e/0fdffde721194986f2a0 |
0 commit comments