duracloud · dbernstein · Mar 7, 2023 · Mar 8, 2023 · Mar 13, 2023 · Mar 13, 2023
diff --git a/.overcommit.yml b/.overcommit.yml
@@ -0,0 +1,6 @@
+PreCommit:
+  Terraform:
+    enabled: true
+    command: ['terraform', 'fmt']
+    flags: ['-check', '-recursive']
+    install_command: tfenv install
diff --git a/.ruby-version b/.ruby-version
@@ -0,0 +1 @@
+3.2.1
diff --git a/.terraform-version b/.terraform-version
@@ -0,0 +1 @@
+1.3.5
diff --git a/DTS.md b/DTS.md
@@ -0,0 +1,103 @@
+# DTS
+
+The [dts-hosting/duracloud-aws-deployer](https://github.com/dts-hosting/duracloud-aws-deployer)
+repository is a downstream fork of the [duracloud/duracloud-aws-deployer](https://github.com/duracloud/duracloud-aws-deployer)
+(upstream) project.
+
+The dts deployer `main` branch is kept in a one-to-one relationship with the upstream
+`main` branch. Upstream and DTS changes are integrated into the `deployments` branch,
+which is where the various DuraCloud environments are defined and is the default branch
+in GitHub (TODO).
+
+## Repository setup
+
+### Install local dependencies (optional)
+
+First install:
+
+- [Rbenv](https://github.com/rbenv/rbenv)
+- [Tfenv](https://github.com/tfutils/tfenv)
+
+Then run:
+
+```bash
+make install
+```
+
+### Sync with upstream
+
+To work with the upstream DuraCloud deployer project:
+
+```bash
+git clone https://github.com/dts-hosting/duracloud-aws-deployer.git
+git remote add upstream https://github.com/duracloud/duracloud-aws-deployer.git
+```
+
+Running `git remote -v` should show something like:
+
+```txt
+origin   https://github.com/dts-hosting/duracloud-aws-deployer.git (fetch)
+origin   https://github.com/dts-hosting/duracloud-aws-deployer.git (push)
+upstream https://github.com/duracloud/duracloud-aws-deployer.git (fetch)
+upstream https://github.com/duracloud/duracloud-aws-deployer.git (push)
+```
+
+To incorporate upstream changes into the dts downstream fork:
+
+```bash
+git fetch --all
+git checkout main
+git merge upstream/main
+git push origin main
+```
+
+The upstream and downstream main branches are now equivalent.
+
+### Update the deployments branch from main
+
+```bash
+git fetch --all
+git checkout deployments
+git checkout -b deployments-sync-$date
+git merge main
+git push origin deployments-sync-$date
+```
+
+Make a PR to the `deployments` branch.
+
+## AWS accounts / DuraCloud environments
+
+For general considerations around AWS profile configurations refer to the
+[infra](https://github.com/dts-hosting/infra/blob/main/docs/AWS.md) repository.
+
+For DuraCloud AWS cli interactions define profiles for dev, prod & test:
+
+```txt
+[duraclouddev]
+role_arn = arn:aws:iam::380144836391:role/OrganizationAccountAccessRole
+source_profile = default
+region = us-west-2
+
+[duracloudprod]
+role_arn = arn:aws:iam::863649442906:role/OrganizationAccountAccessRole
+source_profile = default
+region = us-east-1
+
+[duracloudtest]
+role_arn = arn:aws:iam::442366795148:role/OrganizationAccountAccessRole
+source_profile = default
+region = us-west-2
+```
+
+To use the profiles you'll generally need to add `--profile $profile` to
+any AWS command examples provided in the upstream documentation.
+
+For example, to check for a required parameter:
+
+```bash
+aws ssm get-parameter --name duracloud_artifact_bucket --profile duraclouddev
+```
+
+## Google reCAPTCHA
+
+TODO: add details for this here.
diff --git a/Makefile b/Makefile
@@ -0,0 +1,12 @@
+SHELL:=/bin/bash
+
+.PHONY: install
+install: ## make install # Install dependencies
+	@rbenv install -s
+	@gem install overcommit && overcommit --install && overcommit --sign pre-commit
+	@tfenv install
+
+help:
+	@grep -E '^[a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | sort | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}'
+
+.DEFAULT_GOAL := help
diff --git a/duracloud/main.tf b/duracloud/main.tf
@@ -1,10 +1,12 @@
+data "aws_region" "current" {}
+
 module "common_parameters" {
   source = "../modules/common_parameters"
 }
 
 locals {
   cloud_init_props = {
-    aws_region = var.aws_region
+    aws_region = data.aws_region.current.name
   }
 }
 
@@ -19,7 +21,7 @@ resource "aws_s3_object" "duracloud_config_properties" {
 }
 
 data "aws_iam_instance_profile" "duracloud" {
-  name = "duracloud-instance-profile"
+  name = "${var.stack_name}-dc-ip"
 }
 
 
@@ -143,7 +145,7 @@ data "aws_iam_role" "beanstalk_service" {
 }
 
 resource "aws_elastic_beanstalk_application" "duracloud" {
-  name        = "DuraCloud"
+  name        = "DuraCloud (${var.stack_name})"
   description = "DuraCloud Beanstalk Application (${var.stack_name})"
 
   appversion_lifecycle {
@@ -169,7 +171,7 @@ resource "aws_elastic_beanstalk_application_version" "default" {
 resource "aws_elastic_beanstalk_configuration_template" "config" {
   name                = "duracloud-config"
   application         = aws_elastic_beanstalk_application.duracloud.name
-  solution_stack_name = "64bit Amazon Linux 2 v4.2.16 running Tomcat 8.5 Corretto 11"
+  solution_stack_name = var.solution_stack
 
   setting {
     namespace = "aws:ec2:vpc"
@@ -212,8 +214,13 @@ resource "aws_elastic_beanstalk_configuration_template" "config" {
     name      = "LoadBalancerType"
     value     = "application"
   }
-}
 
+  setting {
+    namespace = "aws:elasticbeanstalk:environment:process:default"
+    name      = "StickinessEnabled"
+    value     = "true"
+  }
+}
 
 resource "aws_elastic_beanstalk_environment" "duracloud" {
   name          = "${var.stack_name}-core"
@@ -245,22 +252,22 @@ resource "aws_elastic_beanstalk_environment" "duracloud" {
     value     = var.duracloud_instance_class
   }
 
-}
+  setting {
+    namespace = "aws:autoscaling:asg"
+    name      = "MinSize"
+    value     = var.minimum_instance_count
+  }
 
-resource "aws_alb_target_group" "duracloud" {
-  name        = "duracloud-alb-target-group"
-  target_type = "alb"
-  port        = 80
-  protocol    = "TCP"
-  vpc_id      = data.aws_vpc.duracloud.id
-  stickiness {
-    type        = "app_cookie"
-    cookie_name = "jsessionid"
+  setting {
+    namespace = "aws:autoscaling:asg"
+    name      = "MaxSize"
+    value     = var.maximum_instance_count
   }
-}
 
-resource "aws_alb_target_group_attachment" "duracloud" {
-  target_group_arn = aws_alb_target_group.duracloud.arn
-  target_id        = aws_elastic_beanstalk_environment.duracloud.load_balancers[0]
-  port             = 80
+  setting {
+    namespace = "aws:elasticbeanstalk:environment:process:default"
+    name      = "HealthCheckPath"
+    value     = "/duradmin/login"
+  }
 }
+
diff --git a/duracloud/variables.tf b/duracloud/variables.tf
@@ -8,6 +8,11 @@ variable "duracloud_zip" {
 
 }
 
+variable "solution_stack" {
+  description = "The AWS Solution Stack to use with the Elastic Beanstalk."
+  default     = "64bit Amazon Linux 2 v4.3.7 running Tomcat 8.5 Corretto 11"
+}
+
 variable "duracloud_instance_class" {
   description = "The instance size of worker ec2 instance class"
   default     = "m5.large"
@@ -20,3 +25,13 @@ variable "ec2_keypair" {
 variable "stack_name" {
   description = "The name of the duracloud stack."
 }
+
+variable "minimum_instance_count" {
+  description = "The minimum number of instances to run"
+  default     = 2
+}
+
+variable "maximum_instance_count" {
+  description = "The minimum number of instances to run"
+  default     = 6
+}
diff --git a/env/development/duracloud/.terraform-version b/env/development/duracloud/.terraform-version
@@ -0,0 +1 @@
+../../../duracloud/.terraform-version
diff --git a/env/development/duracloud/.terraform.lock.hcl b/env/development/duracloud/.terraform.lock.hcl
diff --git a/env/development/duracloud/backend.tf b/env/development/duracloud/backend.tf
@@ -0,0 +1,39 @@
+# TERRAFORM BACKEND & PROVIDER CFG
+terraform {
+  required_version = "1.3.5"
+
+  cloud {
+    organization = "Lyrasis"
+    workspaces {
+      name = "duracloud-development-duracloud"
+    }
+  }
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "4.61.0"
+    }
+  }
+}
+
+provider "aws" {
+  region              = "us-west-2"
+  allowed_account_ids = ["380144836391"]
+
+  assume_role {
+    role_arn     = "arn:aws:iam::380144836391:role/OrganizationAccountAccessRole"
+    session_name = "duracloud-development-duracloud"
+    external_id  = "duracloud-development-duracloud"
+  }
+
+  default_tags {
+    tags = {
+      Service     = "duracloud"
+      Department  = "dts"
+      Environment = "development"
+      Project     = "duracloud"
+      Terraform   = true
+    }
+  }
+}
diff --git a/env/development/duracloud/duracloud.auto.tfvars b/env/development/duracloud/duracloud.auto.tfvars
@@ -0,0 +1 @@
+duracloud_zip = "duracloud-beanstalk-v7.2.0-SNAPSHOT-25f45e8.zip"
diff --git a/env/development/duracloud/main.tf b/env/development/duracloud/main.tf
@@ -0,0 +1 @@
+../../../duracloud/main.tf
diff --git a/env/development/duracloud/resources b/env/development/duracloud/resources
@@ -0,0 +1 @@
+../../../duracloud/resources
diff --git a/env/development/duracloud/shared.auto.tfvars b/env/development/duracloud/shared.auto.tfvars
@@ -0,0 +1 @@
+../shared/shared.auto.tfvars
diff --git a/env/development/duracloud/variables.tf b/env/development/duracloud/variables.tf
@@ -0,0 +1 @@
+../../../duracloud/variables.tf
diff --git a/env/development/management-console/.terraform-version b/env/development/management-console/.terraform-version
@@ -0,0 +1 @@
+../../../management-console/.terraform-version
diff --git a/env/development/management-console/.terraform.lock.hcl b/env/development/management-console/.terraform.lock.hcl
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		duracloud_zip = "duracloud-beanstalk-v7.2.0-SNAPSHOT-25f45e8.zip"