From 2421fb7a68f197121c1d8d1912146558d5a89c87 Mon Sep 17 00:00:00 2001 From: Jo Date: Wed, 22 May 2024 10:31:39 -0400 Subject: [PATCH] IaC documentation update --- tofu/README.md | 61 ++++++++++++++++++++++++++++++++++++++++++-------- 1 file changed, 52 insertions(+), 9 deletions(-) diff --git a/tofu/README.md b/tofu/README.md index aa1711a20..eb7467906 100644 --- a/tofu/README.md +++ b/tofu/README.md @@ -53,7 +53,7 @@ All infrastructure should be deployed via terragrunt commands from the appropria ### Remote State -This is deployed individually before any other stacks and generally should not change with application or infrastructure deployments +This is deployed individually before any other stacks and generally should not change with application or infrastructure deployments. For the initial run in a new environment comment out the "generate "backend" block in tofu/environments/terragrunt.hcl. This is required to created the backend S3 state bucket and DynamoDB lock table. 1. tofu/environments/\/terraform/tfbackend 1. `cd tofu/environments//terraform/tfbackend` @@ -64,33 +64,58 @@ This is deployed individually before any other stacks and generally should not c ### Infrastructure Stacks -These should be deployed in the following order and generally will only be updated with infrastructure changes while remaining static for code changes +These should be deployed in the following order and generally will only be updated with infrastructure changes while remaining static for code changes. The Tofu files pull some information from environment variables. When Github Actions workflows are run these are populated by Github environment/repository variables. When running terragrunt commands locally the specified environment variables must be set/ 1. tofu/environments/\/network/vpc + Required Environment Variables: + - TF_VAR_name_prefix + - TF_VAR_environment + - TF_VAR_region + 1. `cd tofu/environments//network/vpc` 2. `terragrunt init` 3. `terragrunt validate` 4. `terragrunt plan -out tfplan` 5. `terragrunt apply tfplan` 2. tofu/environments/\/services/backend-infra + Required Environment Variables: + - TF_VAR_name_prefix + - TF_VAR_environment + - TF_VAR_region + 1. `cd tofu/environments//services/backend-infra` 2. `terragrunt init` 3. `terragrunt validate` 4. `terragrunt plan -out tfplan` 5. `terragrunt apply tfplan` 3. tofu/environments/\/data-store/cache + Required Environment Variables: + - TF_VAR_name_prefix + - TF_VAR_environment + - TF_VAR_region + 1. `cd tofu/environments//datastore/cache` 2. `terragrunt init` 3. `terragrunt validate` 4. `terragrunt plan -out tfplan` 5. `terragrunt apply tfplan` 4. tofu/environments/\/data-store/database + Required Environment Variables: + - TF_VAR_name_prefix + - TF_VAR_environment + - TF_VAR_region + 1. `cd tofu/environments//data-store/database` 2. `terragrunt init` 3. `terragrunt validate` 4. `terragrunt plan -out tfplan` 5. `terragrunt apply tfplan` 5. tofu/environments/\/services/frontend + Required Environment Variables: + - TF_VAR_name_prefix + - TF_VAR_environment + - TF_VAR_region + 1. `cd tofu/environments//services/frontend` 2. `terragrunt init` 3. `terragrunt validate` @@ -99,18 +124,36 @@ These should be deployed in the following order and generally will only be updat ### Application Stacks -1. tofu/environments/\/services/backend-service - 1. `cd tofu/environments//services/backend-service` - 2. `terragrunt init` - 3. `terragrunt validate` - 4. `terragrunt plan -out tfplan` - 5. `terragrunt apply tfplan` +#### Backend -### Application Stacks +The application backend is deployed as an ECS service via terragrunt 1. tofu/environments/\/services/backend-service + Required Environment Variables: + - TF_VAR_name_prefix + - TF_VAR_environment + - TF_VAR_region + - TF_VAR_name_frontend_url + - TF_VAR_short_base_url + - TF_VAR_app_env + - TF_VAR_sentry_dsn + - TF_VAR_zoom_callback + - TF_VAR_db_enc_secret + - TF_VAR_smtp_secret + - TF_VAR_google_oauth_secret + - TF_VAR_zoom_secret + - TF_VAR_fxa_secret + - TF_VAR_log_level + 1. `cd tofu/environments//services/backend-service` 2. `terragrunt init` 3. `terragrunt validate` 4. `terragrunt plan -out tfplan` 5. `terragrunt apply tfplan` + +#### Frontend + +The application frontend is deployed to an S3 bucket fronted by Cloudfront. As such it can be deployed by deploying files to S3 and creating a Cloudfront invalidation. + +- aws s3 sync frontend/dist \ +- aws cloudfront create-invalidation --distribution-id \ --paths "/*"