Skip to content

Commit

Permalink
Merge pull request #124 from dimagi/sk/deploy-updates
Browse files Browse the repository at this point in the history
deploy updates
  • Loading branch information
snopoke authored Sep 20, 2023
2 parents 6d56d26 + f02065f commit b4d80ff
Show file tree
Hide file tree
Showing 8 changed files with 15 additions and 93 deletions.
4 changes: 2 additions & 2 deletions deploy/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -79,8 +79,8 @@ Note: If you used a different profile name you will need to set the `AWS_PROFILE
## Updating Django Settings

The Django settings are configured using the `deploy/roles/connect/templates/docker.env.j2` file. The plain text
settings values are in the `deploy/roles/connect/vars/main.yml` file. Secrets are stored in the Ansible vault file
`deploy/vault.yml`.
settings values are in the `deploy/roles/connect/vars/main.yml` file. Secrets are stored in the 1Password under the
`Ansible Secrets` entry.

To update the Django settings:

Expand Down
2 changes: 2 additions & 0 deletions deploy/play.yml
Original file line number Diff line number Diff line change
@@ -1,5 +1,7 @@
- hosts: web0
become: true
strategy: free
vars:
- secrets: "{{ lookup('community.general.onepassword', 'Ansible Secrets', subdomain='dimagi', vault='CommCare Connect', field='secrets_yaml') | from_yaml }}"
roles:
- role: connect
6 changes: 6 additions & 0 deletions deploy/registry_password.sh
Original file line number Diff line number Diff line change
Expand Up @@ -10,4 +10,10 @@ if [ -z "$CI" ]; then
# if not in github actions, specify the profile
PROFILE_ARG=" --profile ${AWS_PROFILE:-commcare-connect}"
fi

aws sts get-caller-identity $PROFILE_ARG &> /dev/null
EXIT_CODE="$?" # $? is the exit code of the last statement
if [ $EXIT_CODE != 0 ]; then
aws sso login $PROFILE_ARG
fi
aws ecr get-login-password --region=$REGION $PROFILE_ARG
2 changes: 1 addition & 1 deletion deploy/roles/connect/templates/docker.env.j2
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ SENTRY_ENVIRONMENT={{ sentry_environment }}

# Secrets
CELERY_BROKER_URL={{ secrets.celery_broker_url }}
CSRF_TRUSTED_ORIGINS={{ secrets.csrf_trusted_origins }}
CSRF_TRUSTED_ORIGINS={{ secrets.csrf_trusted_origins|join(",") }}
cid_client_secret={{ secrets.cid_client_secret }}
cid_client_id={{ secrets.cid_client_id }}
DJANGO_ALLOWED_HOSTS={{ secrets.django_allowed_hosts|join(",") }}
Expand Down
12 changes: 0 additions & 12 deletions deploy/utils.yml

This file was deleted.

67 changes: 0 additions & 67 deletions deploy/vault.yml

This file was deleted.

7 changes: 0 additions & 7 deletions deploy/vault_password.sh

This file was deleted.

8 changes: 4 additions & 4 deletions tasks.py
Original file line number Diff line number Diff line change
Expand Up @@ -78,10 +78,10 @@ def setup_ec2(c: Context, verbose=False, diff=False):
def django_settings(c: Context, verbose=False, diff=False):
"""Update the Django settings file on prod servers"""
run_ansible(c, tags="django_settings", verbose=verbose, diff=diff)

val = input("Do you want to restart the Django services? [y/N] ")
print("\nSettings updated. A re-deploy is required to have the services use the new settings.")
val = input("Do you want to re-deploy the Django services? [y/N] ")
if val.lower() == "y":
restart_django(c, verbose=verbose, diff=diff)
deploy(c)


@task
Expand All @@ -91,7 +91,7 @@ def restart_django(c: Context, verbose=False, diff=False):


def run_ansible(c: Context, play="play.yml", tags=None, verbose=False, diff=False):
ansible_cmd = f"ansible-playbook {play} -i inventory.yml -e @vault.yml --vault-password-file=vault_password.sh"
ansible_cmd = f"ansible-playbook {play} -i inventory.yml"
if tags:
ansible_cmd += f" --tags {tags}"
if verbose:
Expand Down

0 comments on commit b4d80ff

Please sign in to comment.