Infrastructure as Code for the GC Forms environment.
Pull Requests in this repository require all commits to be signed before they can be merged. Please see this guide for more information.
-
-
Install Docker
brew install docker docker-compose docker-credential-helper
-
Modify the docker config file to use mac os keychain as
credStorenano ~/.docker/config.json { ... "credsStore": "osxkeychain", ... }
-
Install Colima:
brew install colima -
Add symlink to
/var/run# as /var/ is a protected directory, we will need sudo sudo ln ~/.colima/default/docker.sock /var/run # we can verify this has worked by running ls /var/run # and confirming that docker.sock is now in the directory
-
Colima can be set as a service to start on login:
brew services start colima
-
-
Homebrew:
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" -
Terragrunt:
brew install warrensbox/tap/tfswitchtfswitch 1.10.5brew install warrensbox/tap/tgswitchtgswitch 0.72.5
-
Yarn (chances are you already have this if working on the app):
$ brew install yarn
-
- Install AWS CLI
curl "https://awscli.amazonaws.com/AWSCLIV2.pkg" -o "AWSCLIV2.pkg" sudo installer -pkg AWSCLIV2.pkg -target /
-
$ brew install openvpn- In
.zprofileadd bin to Path:export PATH="/usr/local/opt/openvpn/sbin:$PATH"
Create an .env file at the root of the project and use the .env.example as a template. You can find some of the values in 1Password > Local Development .ENV secure note.
AWS_ACCOUNT_ID=YOUR_AWS_SCRATCH_ACCOUNT_ID
STAGING_AWS_ACCOUNT_ID=CURRENT_STAGING_ACCOUNT_IDAdd the following configuration to your ~/.aws/config file
- The
sso_start_urlvalue can be found by asking one or your colleages - The
sso_account_idis your AWS Scratch Account ID
[sso-session CDS]
sso_start_url = https://***********.awsapps.com/start#
sso_region = ca-central-1
sso_registration_scopes = sso:account:access
[profile development]
sso_session = CDS
sso_account_id = ************
sso_role_name = AWSAdministratorAccess
region = ca-central-1
output = json
Once the configuration above is entered into the AWS CLI configuration a developer can generate credentials for the terminal by running:
aws sso login --profile development
This will open a browser window and ask you to go through the regular AWS Console login process. Once completed, or if you have already logged in that day, you will be presented with a message notifying you that the credentials have been supplied to the CLI.
The first time you set up the development environment you will need to create PKI certificates in order to connect into the AWS VPC. This step is only needed the first time you build the environment or you delete the certificate folders.
$ make create_certsPlease ensure you have run aws sso login --profile development before continuing.
$ make build_envCopy the variables at the end of the output, as seen below, into your application folder's .env file.
All infratructure initialized: Ready for requests
=> Please copy the following to your app .env file:
AWS_PROFILE=development
DATABASE_URL=postgres://postgres:*********@forms-db-cluster.cluster-************.ca-central-1.rds.amazonaws.com:5432/forms?connect_timeout=60
REDIS_URL=gcforms-redis-rep-group-001.******.0001.cac1.cache.amazonaws.com:6379
RELIABILITY_FILE_STORAGE=forms-************-reliability-file-storageThe following command creates a vpn tunnel from your local machine into the VPC of the scratch account. This allows your local development environment to connect to backend services like RDS, SQS, Lambdas, and all the other AWS services the GCForms app leverages.
$ make connect_envTo remove all infrastructure as code that was deployed you can simply run the following:
$ make destroy_envThis will remove all infrastructure created by terraform as well as terraform state and terraform lock resources. This will not remove any resources created by click ops in the AWS Console.
The deps.sh script allows you to download required dependencies for all Lambda packages available under /lambda-code.
$ cd lambda-code/
$ ./deps.sh installOnce you have changed the code in one or multiple Lambda packages, you can leverage the make lambdas or make lambda name=LAMBDA_NAME commands. They will build, tag and push either all Lambda images or a specific image to your ECR as well as letting the Lambda service know that a new version of the code should be used.
This Index supports the future feature of the GCForms API. Essentially the ability to retrieve responses without using the Application Interface.
