Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[SCHEMATIC-139] Deploy prod and staging EKS clusters #50

Merged
merged 1 commit into from
Nov 21, 2024
Merged

[SCHEMATIC-139] Deploy prod and staging EKS clusters #50

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
90 changes: 81 additions & 9 deletions deployments/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,13 @@ resource "spacelift_space" "development" {
inherit_entities = true
}

resource "spacelift_space" "staging" {
name = "staging"
parent_space_id = var.parent_space_id
description = "Contains all the resources to deploy out to the staging enviornment."
inherit_entities = true
}

resource "spacelift_space" "production" {
name = "production"
parent_space_id = var.parent_space_id
Expand Down Expand Up @@ -82,6 +89,62 @@ module "dpe-sandbox-spacelift-development" {
smtp_from = "aws-dpe-dev@sagebase.org"
}

module "dpe-sandbox-spacelift-staging" {
source = "./spacelift/dpe-k8s"
parent_space_id = spacelift_space.staging.id
admin_stack_id = var.admin_stack_id
spotinst_account = "act-ac6522b4"

aws_integration_id = var.org_sagebase_dpe_prod_aws_integration_id
auto_deploy = false
git_branch = var.git_branch

space_name = "dpe-staging"

k8s_stack_name = "DPE Staging Kubernetes Infrastructure"
k8s_stack_project_root = "deployments/stacks/dpe-k8s"

k8s_stack_deployments_name = "DPE Staging Kubernetes Deployments"
k8s_stack_deployments_project_root = "deployments/stacks/dpe-k8s-deployments"

auth0_stack_name = "DPE Staging Auth0"
auth0_stack_project_root = "deployments/stacks/dpe-auth0"
auth0_domain = "staging-sage-dpe.us.auth0.com"
auth0_clients = [
{
name = "schematic - Staging"
description = "Client for schematic deployed to AWS Staging to export telemetry data"
app_type = "non_interactive"
scopes = ["write:telemetry"]
},
]
auth0_identifier = "https://staging.sagedpe.org"

aws_account_id = "766808016710"
region = "us-east-1"

cluster_name = "dpe-k8-staging"
vpc_name = "dpe-k8-staging"

vpc_cidr_block = "10.52.32.0/20"
# A public subnet is required for each AZ in which the worker nodes are deployed
public_subnet_cidrs = ["10.52.32.0/24", "10.52.33.0/24", "10.52.34.0/24"]
private_subnet_cidrs_eks_control_plane = ["10.52.35.0/28", "10.52.35.16/28"]
azs_eks_control_plane = ["us-east-1a", "us-east-1b"]

private_subnet_cidrs_eks_worker_nodes = ["10.52.36.0/22", "10.52.40.0/22", "10.52.44.0/22"]
azs_eks_worker_nodes = ["us-east-1c", "us-east-1b", "us-east-1a"]

enable_cluster_ingress = true
enable_otel_ingress = true
ssl_hostname = "staging.sagedpe.org"
auth0_jwks_uri = "https://staging-sage-dpe.us.auth0.com/.well-known/jwks.json"
deploy_auth0 = true

ses_email_identities = []
smtp_from = ""
}

module "dpe-sandbox-spacelift-production" {
source = "./spacelift/dpe-k8s"
parent_space_id = spacelift_space.production.id
Expand All @@ -102,9 +165,16 @@ module "dpe-sandbox-spacelift-production" {

auth0_stack_name = "DPE Auth0"
auth0_stack_project_root = "deployments/stacks/dpe-auth0"
auth0_domain = ""
auth0_clients = []
auth0_identifier = ""
auth0_domain = "prod-sage-dpe.us.auth0.com"
auth0_clients = [
{
name = "schematic - Prod"
description = "Client for schematic deployed to AWS Prod to export telemetry data"
app_type = "non_interactive"
scopes = ["write:telemetry"]
},
]
auth0_identifier = "https://prod.sagedpe.org"

aws_account_id = "766808016710"
region = "us-east-1"
Expand All @@ -121,11 +191,13 @@ module "dpe-sandbox-spacelift-production" {
private_subnet_cidrs_eks_worker_nodes = ["10.52.12.0/22", "10.52.8.0/22", "10.52.4.0/22"]
azs_eks_worker_nodes = ["us-east-1c", "us-east-1b", "us-east-1a"]

enable_cluster_ingress = false
enable_otel_ingress = false
ssl_hostname = ""
auth0_jwks_uri = ""
deploy_auth0 = false
enable_cluster_ingress = true
enable_otel_ingress = true
ssl_hostname = "prod.sagedpe.org"
auth0_jwks_uri = "https://prod-sage-dpe.us.auth0.com/.well-known/jwks.json"
deploy_auth0 = true

ses_email_identities = []
ses_email_identities = ["dpe@sagebase.org"]
# Defines the email address that will be used as the sender of the email alerts
smtp_from = "dpe@sagebase.org"
}