feat(infra): setting different domain and hostred zone for public.sco…

…rer.gitcon.co
passportxyz · Sep 11, 2023 · 934472b · 934472b
1 parent 100594f
commit 934472b
Show file tree

Hide file tree

Showing 5 changed files with 21 additions and 18 deletions.
diff --git a/.github/workflows/api-promote-prod.yml b/.github/workflows/api-promote-prod.yml
@@ -193,6 +193,7 @@ jobs:
           DOCKER_GTC_PASSPORT_SCORER_IMAGE: public.ecr.aws/c8n6v8e9/passport-scorer:${{ needs.build-api.outputs.dockerTag }}
           DOCKER_GTC_PASSPORT_VERIFIER_IMAGE: public.ecr.aws/c8n6v8e9/passport-verifier:${{ needs.build-verifier.outputs.dockerTag }}
           ROUTE_53_ZONE: ${{ secrets.ROUTE53_ZONE_ID }}
+          ROUTE_53_ZONE_FOR_PUBLIC_DATA: ${{ secrets.ROUTE_53_ZONE_FOR_PUBLIC_DATA }}
           DOMAIN: ${{ secrets.DOMAIN }}
           SCORER_SERVER_SSM_ARN: ${{ secrets.SCORER_SERVER_SSM_ARN }}
           FLOWER_USER: ${{ secrets.FLOWER_USER }}

diff --git a/.github/workflows/api-promote-staging.yml b/.github/workflows/api-promote-staging.yml
@@ -202,6 +202,7 @@ jobs:
           DOCKER_GTC_PASSPORT_SCORER_IMAGE: public.ecr.aws/t1g3k9q8/passport-scorer:${{ needs.build-api.outputs.dockerTag }}
           DOCKER_GTC_PASSPORT_VERIFIER_IMAGE: public.ecr.aws/t1g3k9q8/passport-verifier:${{ needs.build-verifier.outputs.dockerTag }}
           ROUTE_53_ZONE: ${{ secrets.ROUTE53_ZONE_ID }}
+          ROUTE_53_ZONE_FOR_PUBLIC_DATA: ${{ secrets.ROUTE_53_ZONE_FOR_PUBLIC_DATA }}
           DOMAIN: ${{ secrets.DOMAIN_STAGING }}
           SCORER_SERVER_SSM_ARN: ${{ secrets.SCORER_SERVER_SSM_ARN }}
           FLOWER_USER: ${{ secrets.FLOWER_USER }}

diff --git a/infra/lib/scorer/service.ts b/infra/lib/scorer/service.ts
@@ -310,11 +310,10 @@ export function createScorerECSService(
 
 export async function createScoreExportBucketAndDomain(
   domain: string,
-  route53Zone: string,
-  alb: LoadBalancer
+  route53Zone: string
 ) {
-  const scoreBucket = new aws.s3.Bucket(`public.${domain}`, {
-    bucket: `public.${domain}`,
+  const scoreBucket = new aws.s3.Bucket(domain, {
+    bucket: domain,
     website: {
       indexDocument: "registry_score.jsonl",
     },
@@ -363,23 +362,19 @@ export async function createScoreExportBucketAndDomain(
   });
 
   const exportCertificate = new aws.acm.Certificate(
-    `public.${domain}`,
+    domain,
     {
-      domainName: `public.${domain}`,
+      domainName: domain,
       validationMethod: "DNS",
     },
     { provider: eastRegion }
   );
 
-  const hostedZoneId = aws.route53
-    .getZone({ name: domain }, { async: true })
-    .then((zone) => zone.zoneId);
-
   const publicExportCertificateValidationDomain = new aws.route53.Record(
-    `public.${domain}-validation`,
+    `${domain}-validation`,
     {
       name: exportCertificate.domainValidationOptions[0].resourceRecordName,
-      zoneId: hostedZoneId,
+      zoneId: route53Zone,
       type: exportCertificate.domainValidationOptions[0].resourceRecordType,
       records: [
         exportCertificate.domainValidationOptions[0].resourceRecordValue,
@@ -447,9 +442,9 @@ export async function createScoreExportBucketAndDomain(
     {}
   );
 
-  new aws.route53.Record(`public.${domain}`, {
-    name: `public.${domain}`,
-    zoneId: hostedZoneId,
+  new aws.route53.Record(domain, {
+    name: domain,
+    zoneId: route53Zone,
     type: "A",
     aliases: [
       {
@@ -461,7 +456,6 @@ export async function createScoreExportBucketAndDomain(
   });
 
   return {
-    hostedZoneId,
     exportCertificate,
     publicExportCertificateValidationDomain,
     publicCertificateValidation,

diff --git a/infra/prod/index.ts b/infra/prod/index.ts
@@ -16,7 +16,9 @@ import { createScheduledTask } from "../lib/scorer/scheduledTasks";
 // The following vars are not allowed to be undefined, hence the `${...}` magic
 
 let route53Zone = `${process.env["ROUTE_53_ZONE"]}`;
+let route53ZoneForPublicData = `${process.env["ROUTE_53_ZONE_FOR_PUBLIC_DATA"]}`;
 export const domain = `api.scorer.${process.env["DOMAIN"]}`;
+export const publicDataDomain = `public.scorer.${process.env["DOMAIN"]}`;
 export const publicServiceUrl = `https://${domain}`;
 
 let SCORER_SERVER_SSM_ARN = `${process.env["SCORER_SERVER_SSM_ARN"]}`;
@@ -1277,4 +1279,7 @@ export const frequentAlloScorerDataDumpTaskDefinition = createScheduledTask(
   envConfig
 );
 
-const exportVals = createScoreExportBucketAndDomain(domain, route53Zone, alb);
+const exportVals = createScoreExportBucketAndDomain(
+  publicDataDomain,
+  route53ZoneForPublicData
+);
diff --git a/infra/staging/index.ts b/infra/staging/index.ts
@@ -16,7 +16,9 @@ import { createScheduledTask } from "../lib/scorer/scheduledTasks";
 // The following vars are not allowed to be undefined, hence the `${...}` magic
 
 let route53Zone = `${process.env["ROUTE_53_ZONE"]}`;
+let route53ZoneForPublicData = `${process.env["ROUTE_53_ZONE_FOR_PUBLIC_DATA"]}`;
 export const domain = `api.staging.scorer.${process.env["DOMAIN"]}`;
+export const publicDataDomain = `public.staging.scorer.${process.env["DOMAIN"]}`;
 export const publicServiceUrl = `https://${domain}`;
 
 let SCORER_SERVER_SSM_ARN = `${process.env["SCORER_SERVER_SSM_ARN"]}`;
@@ -1169,4 +1171,4 @@ export const frequentAlloScorerDataDumpTaskDefinition = createScheduledTask(
   envConfig
 );
 
-const exportVals = createScoreExportBucketAndDomain(domain, route53Zone, alb);
+const exportVals = createScoreExportBucketAndDomain(publicDataDomain, route53ZoneForPublicData);