Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update prod deployment github action to align with mcp-dev github action #266

Closed
4 tasks done
chuckwondo opened this issue Jan 16, 2024 · 4 comments
Closed
4 tasks done

Update prod deployment github action to align with mcp-dev github action #266

chuckwondo opened this issue Jan 16, 2024 · 4 comments
Assignees
@chuckwondo

Comments

@chuckwondo
Copy link
Collaborator

chuckwondo commented Jan 16, 2024
edited
Loading

Tasks

Repo: https://github.com/NASA-IMPACT/hls-orchestration

  • Create bucket replication for Prod (like for mcp-dev). Update bucket policy (which bucket?) to allow s2 downloader to write directly to the MCP bucket, rather than setting up bucket replication. (see https://github.com/NASA-IMPACT/hls_development/issues/235)
  • Update production-deployment.yml to align with mcp-dev-deployment.yml
  • Create mcp-production GitHub env to align with mcp-dev GitHub env
  • Temporarily disable listening to Landsat SNS topic to avoid initially listening in MCP Prod deployment when first deployed
@chuckwondo chuckwondo self-assigned this Jan 16, 2024
@chuckwondo
Copy link
Collaborator Author

@sharkinsspatial:

  • I've created the mcp-production GitHub env. Where I wasn't sure what the correct prod value should be, I simply copied the value from the mcp-dev env. Please take a look and let me know what should be updated (or just go ahead and update them): https://github.com/NASA-IMPACT/hls-orchestration/settings/environments/2213726465/edit
  • Regarding the bucket that we want to allow the s2 downloader to write to directly, just to confirm, the bucket is based upon the stack name (i.e., it is not an env var), so for mcp-production, HLS_STACKNAME is hls-mcp-production, so the bucket would be hls-mcp-production-sentinel-input-files (created upon initial deployment). Is this the bucket that we want to add cross-account permissions?
  • For the cross-account permissions, I know we discussed manually applying the permissions, but given that the bucket is managed by the stack (assuming the previous item is correct), I'm thinking it might be better for us to include the permissions as part of the stack. What do you think?

@sharkinsspatial
Copy link
Collaborator

sharkinsspatial commented Feb 7, 2024
edited
Loading

  • @chuckwondo I'll try to review the mcp-production environment settings today. The ECR image tags we use in production are different and I will update them accordingly 👍

  • Correct. The bucket has the stack name as a prefix so hls-mcp-production-sentinel-input-files is the bucket we want to add cross account permissions to so that the s2 downloader can write to it directly.

  • I'm not sure on this front, I don't know in MCP if we have rights to change a bucket policy (even on a resource we create as part of our stack).

@sharkinsspatial
Copy link
Collaborator

@chuckwondo I've updated the ECR image values for the mcp-production environment so this environment should be correct now and ready when we want to deploy the stack.

@chuckwondo
Copy link
Collaborator Author

Completed via #269

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@chuckwondo chuckwondo

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@sharkinsspatial @chuckwondo