Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Release/new infrastructure/0001 (#93)
* Initial work to make create jenkins job configurable. * added new job to update config.xml to s3 * added new global properties to pass variables from centralized location to ( terraform and user-scripts ). * removed local parameters from create jenkins job * updated names for variables to more meaningful names * updated cidr terraform vars to be list. * grouped terraform security group ingress rules to be list instead of strings. Grouped by ingress rule function ( http, https, etc.. ) * making the jenkins git repo a global parameter * update to add dsm-url to user-script ( install-docker.sh ) * update to variable name in user-script * removing quotes for ami-id so it can pass variable * config updates for repos and git hashes * adding script to initialize jenkins * rework done on jenkins configurations and deployment * making maven more agnostic to version being deployed * making terraform configurable * IAC imporovements to Docker, Terraform and Jenkins * cleaning up variable naming standards for configurations * will be doing cleanup on jobs to use naming standard for variables * removing the .12 terraform experimental variable validation =( * removing a sg * fixing up some variable naming standards * updating maven variable name * more naming standards. * and some more... * updating location of user-script to more configurable * removing line terminator * user-script update * pulling some naming standards into user-script * docker args clean up * changing some things for it to be more environment agnostic * keystore is fine * missing xml closure * Update for destroy job to use new vars * useful gitignore to update jobs * gitignore * Latest jobs from dev work * Adding Maven apt-get work to ICA work * Minor naming convention update and deactivating non-fisma provider to prevent it from being applied. * Adding a script that should be able to initialize a jenkins server from an ec2. * latest state of jobs for configuring dev * changes to initialize jenkins * Latest jobs before * cleanup user-data, lookup AMI * more changes for deploy * more cleanup * fix * fixes * boolean -> bool * syntax * pass git commit * syntax * use git repo * update destroy job * fix jenkins creation * aws binary * more job changes * quotes * combine into one policy statement * fix assume role code * fix jobs * bucket policy * fix hpds job * more fix * Add open access param * Syncing jobs with current open-pic-sure state * update aws cli path shouldn't need to use an explicit path * Removing unused variable * Workaround for python introducing externally-managed-environment * Updating Script Approvals to be sha512 * Add missing IDP provider in teardown * [ALS-4884] Add analytics_id to terraform destroy and apply (#68) * [ALS-4998] Add new env vars to terraform * syncing jenkins jobs from current state to test in auth * update for analytics, open access and project id * syncing job changes. * rebase off open-picsure * add more changes * merge conflict * duplication * cleanup * declaring program variable * fix path * Add proj to name * program * Remove ssh * Feature/swap stacks (#72) * Update for including aws-cli functionality to perform swapping the green blue environments. * no need to use /usr/bin * Some logging for clarity in console. * forcing a new hash for some reason Terraform does not like the previous commit. No terraform changes were made. This commit terraform works 8964fee This commit terraform breaks 43fe6ac --------- Co-authored-by: Tom <[email protected]> * global var for httpd staging vhost * remove unused var * Feature/fix jenkins state (#75) * Initial changes for fixing jenkins destroying itself * removing git commit from sg name - will be a random string * wget for jenkins archive fix * resource not data * create before destroying. * need to handle tags better. * Should create this tag even if we use aws cli to update it. * if terraform refreshes tags it will delete unmanaged tags. * just var * cap * moving to a green / blue stack method. * Green will be auto-promoted to blue on successful init * blue should remain functional until successful init * blue should be demoted to a * destroy job will always just destroy green. * leaving blue / green explict for now. * fixes * improving initcomplete tag lookup * method to rollback blue to green. * lowercase true * using arguments * pkcs12 as env var in container instead of user-script * removing build and just loading and running image * one dollar sign * remove misc code * moving build to jenkins job and out of user-script * config.xml.override didn't override.. * testing new create new jenkins job * removing bucket policy job * deleting unused jobs * bye bye update bucket policy * this is no longer used * Feature/build container in jenkins job (#76) * using arguments * pkcs12 as env var in container instead of user-script * removing build and just loading and running image * one dollar sign * remove misc code * moving build to jenkins job and out of user-script * config.xml.override didn't override.. * testing new create new jenkins job * removing bucket policy job * deleting unused jobs * bye bye update bucket policy * this is no longer used * added automatic dns swap for rollback and checking condition of green state while rolling back and deploying new server * fixing json flag --------- Co-authored-by: Tom <[email protected]> * fixing conditional should be true statements for conditional * Removing reliance in jenkins to use the stack_s3_bucket. * This way the CI state is not bound to the application's s3 bucket. --------- Co-authored-by: Tom <[email protected]> * latest updates: (#83) * tga priv_ips need to be stored in an Array not string to iterate over * adding tag_manager_id variable Co-authored-by: Tom <[email protected]> * removing unused variable * Sync last open release with auth-migration release (#88) * [ALS-5164] Create new open access job (#86) [ALS-5164] Update deployment pipeline Our deployment pipeline to conditionally run the Open Access build. [ALS-5164] Add logic to handle potential errors These cases can happen if its not open access or a version of open access is used that doesn't contain psamaui. * Need to stage this file so it's always available for open. (#87) * Fence mapping is now needed for all environments. --------- Co-authored-by: Gcolon021 <[email protected]> * [ALS-5279] - Adding Role Strategy Plugin (#89) * # Disable plugin. Making dockerfile more configurable. * added configuration to disable setup wizard * added configurations to make args optional in order to make container more portable. * Swap user around * moving debian sources * some bash cleanup * trying this way * Should do that stuff as entrypoints removing * adding cleanup and some ideas * adding role-strategy plugin * removing auto skip setup wizard. * Syncing jobs from auth-dev --------- Co-authored-by: Tom <[email protected]> * ALS-5153 (#90) # improving RDS strategies * added functions to dynamically handle different scenarios for managing RDS instances. * Strategies are stubs atm for standalone. Should add functionality to these blocks. * added continous assume role to await init to avoid assumed role timeout. The job itself will handle init timeout. set to 4 hrs currently. Build out timer in the job. --------- Co-authored-by: Tom <[email protected]> * Sourcing scripts to rollback jenkins (#91) --------- Co-authored-by: Tom <[email protected]> * [ALS-5344] Banner config now uploads to S3 (#92) [ALS-5344] Banner config now uploads to S3 (#92) * Updating readme documentation --------- Co-authored-by: Tom <[email protected]> Co-authored-by: bp85 <[email protected]> Co-authored-by: gcolon021 <[email protected]> Co-authored-by: Gcolon021 <[email protected]>
- Loading branch information
5 people
authored
Dec 7, 2023
1 parent
10929e8
commit c210705