Skip to content

Merge pull request #1812 from ASFHyP3/develop #93

Merge pull request #1812 from ASFHyP3/develop

Merge pull request #1812 from ASFHyP3/develop #93

name: Deploy Enterprise Stacks to AWS
on:
push:
branches:
- main
concurrency: ${{ github.workflow }}-${{ github.ref }}
jobs:
deploy:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
include:
- environment: hyp3-its-live
domain: hyp3-its-live.asf.alaska.edu
template_bucket: cf-templates-3o5lnspmwmzg-us-west-2
image_tag: latest
product_lifetime_in_days: 45
quota: 0
job_files: >-
job_spec/AUTORIFT_ITS_LIVE.yml
job_spec/AUTORIFT_ITS_LIVE_TEST.yml
job_spec/S1_CORRECTION_ITS_LIVE.yml
instance_types: r6id.xlarge,r6idn.xlarge,r5dn.xlarge,r5d.xlarge
default_max_vcpus: 10000
expanded_max_vcpus: 10000
required_surplus: 0
security_environment: JPL-public
ami_id: /aws/service/ecs/optimized-ami/amazon-linux-2/recommended/image_id
distribution_url: ''
- environment: hyp3-a19-jpl
domain: hyp3-a19-jpl.asf.alaska.edu
template_bucket: cf-templates-v4pvone059de-us-west-2
image_tag: latest
product_lifetime_in_days: 180
quota: 0
job_files: job_spec/INSAR_ISCE.yml job_spec/INSAR_ISCE_TEST.yml
instance_types: c6id.xlarge,c6id.2xlarge,c6id.4xlarge,c6id.8xlarge
default_max_vcpus: 10000
expanded_max_vcpus: 10000
required_surplus: 0
security_environment: JPL-public
ami_id: /aws/service/ecs/optimized-ami/amazon-linux-2/recommended/image_id
distribution_url: ''
- environment: hyp3-tibet-jpl
domain: hyp3-tibet-jpl.asf.alaska.edu
template_bucket: cf-templates-1or0efwqffkgd-us-west-2
image_tag: latest
product_lifetime_in_days: 60
quota: 0
job_files: job_spec/INSAR_ISCE.yml job_spec/INSAR_ISCE_TEST.yml
instance_types: c6id.xlarge,c6id.2xlarge,c6id.4xlarge,c6id.8xlarge
default_max_vcpus: 0
expanded_max_vcpus: 0
required_surplus: 0
security_environment: JPL-public
ami_id: /aws/service/ecs/optimized-ami/amazon-linux-2/recommended/image_id
distribution_url: ''
- environment: hyp3-nisar-jpl
domain: hyp3-nisar-jpl.asf.alaska.edu
template_bucket: cf-templates-gdeyr9hh8rzs-us-west-2
image_tag: latest
product_lifetime_in_days: 14
quota: 0
job_files: job_spec/INSAR_ISCE.yml job_spec/INSAR_ISCE_TEST.yml
instance_types: c6id.xlarge,c6id.2xlarge,c6id.4xlarge,c6id.8xlarge
default_max_vcpus: 1600
expanded_max_vcpus: 1600
required_surplus: 0
security_environment: JPL-public
ami_id: /aws/service/ecs/optimized-ami/amazon-linux-2/recommended/image_id
distribution_url: ''
- environment: hyp3-avo
domain: hyp3-avo.asf.alaska.edu
template_bucket: cf-templates-1x4a21iq1cba7-us-west-2
image_tag: latest
product_lifetime_in_days: 365000
quota: 0
job_files: job_spec/INSAR_GAMMA.yml job_spec/INSAR_GAMMA_TEST.yml
instance_types: r6id.xlarge,r6id.2xlarge,r6id.4xlarge,r6id.8xlarge,r6idn.xlarge,r6idn.2xlarge,r6idn.4xlarge,r6idn.8xlarge
default_max_vcpus: 640
expanded_max_vcpus: 640
required_surplus: 0
security_environment: ASF
ami_id: /aws/service/ecs/optimized-ami/amazon-linux-2/recommended/image_id
distribution_url: ''
- environment: hyp3-watermap
domain: hyp3-watermap.asf.alaska.edu
template_bucket: cf-templates-1217di08q7vwl-us-west-2
image_tag: latest
product_lifetime_in_days: 14
quota: 0
job_files: job_spec/RTC_GAMMA.yml job_spec/WATER_MAP.yml job_spec/WATER_MAP_EQ.yml
instance_types: r6id.xlarge,r6id.2xlarge,r6id.4xlarge,r6id.8xlarge,r6idn.xlarge,r6idn.2xlarge,r6idn.4xlarge,r6idn.8xlarge
default_max_vcpus: 640
expanded_max_vcpus: 640
required_surplus: 0
security_environment: ASF
ami_id: /aws/service/ecs/optimized-ami/amazon-linux-2/recommended/image_id
distribution_url: ''
- environment: hyp3-streamflow
domain: hyp3-streamflow.asf.alaska.edu
template_bucket: cf-templates-15gmiot9prm67-us-west-2
image_tag: latest
product_lifetime_in_days: 90
quota: 0
job_files: job_spec/RTC_GAMMA.yml job_spec/WATER_MAP.yml job_spec/WATER_MAP_EQ.yml
instance_types: r6id.xlarge,r6id.2xlarge,r6id.4xlarge,r6id.8xlarge,r6idn.xlarge,r6idn.2xlarge,r6idn.4xlarge,r6idn.8xlarge
default_max_vcpus: 1600
expanded_max_vcpus: 1600
required_surplus: 0
security_environment: ASF
ami_id: /aws/service/ecs/optimized-ami/amazon-linux-2/recommended/image_id
distribution_url: ''
- environment: azdwr-hyp3
domain: azdwr-hyp3.asf.alaska.edu
template_bucket: cf-templates-xlga17noink6-us-west-2
image_tag: latest
product_lifetime_in_days: 30
quota: 0
job_files: job_spec/INSAR_GAMMA_HIGH_MEMORY.yml
instance_types: r6id.xlarge,r6id.2xlarge,r6id.4xlarge,r6id.8xlarge,r6idn.xlarge,r6idn.2xlarge,r6idn.4xlarge,r6idn.8xlarge
default_max_vcpus: 640
expanded_max_vcpus: 640
required_surplus: 0
security_environment: ASF
ami_id: /aws/service/ecs/optimized-ami/amazon-linux-2/recommended/image_id
distribution_url: ''
- environment: hyp3-cargill
domain: hyp3-cargill.asf.alaska.edu
template_bucket: cf-templates-j4kd746vpsuv-us-east-1
image_tag: latest
product_lifetime_in_days: 14
quota: 0
job_files: job_spec/INSAR_GAMMA.yml job_spec/RTC_GAMMA.yml
instance_types: r6id.xlarge,r6id.2xlarge,r6id.4xlarge,r6id.8xlarge,r6idn.xlarge,r6idn.2xlarge,r6idn.4xlarge,r6idn.8xlarge
default_max_vcpus: 640
expanded_max_vcpus: 640
required_surplus: 0
security_environment: ASF
ami_id: /aws/service/ecs/optimized-ami/amazon-linux-2/recommended/image_id
distribution_url: ''
- environment: hyp3-bgc-engineering
domain: hyp3-bgc-engineering.asf.alaska.edu
template_bucket: cf-templates-ez0805f6vy20-us-west-2
image_tag: latest
product_lifetime_in_days: 14
quota: 0
job_files: job_spec/INSAR_GAMMA.yml job_spec/RTC_GAMMA.yml
instance_types: r6id.xlarge,r6id.2xlarge,r6id.4xlarge,r6id.8xlarge,r6idn.xlarge,r6idn.2xlarge,r6idn.4xlarge,r6idn.8xlarge
default_max_vcpus: 640
expanded_max_vcpus: 640
required_surplus: 0
security_environment: ASF
ami_id: /aws/service/ecs/optimized-ami/amazon-linux-2/recommended/image_id
distribution_url: ''
- environment: hyp3-carter
domain: hyp3-carter.asf.alaska.edu
template_bucket: cf-templates-1qx2mwia5g4kh-us-west-2
image_tag: latest
product_lifetime_in_days: 30
quota: 0
job_files: job_spec/INSAR_GAMMA.yml job_spec/RTC_GAMMA.yml
instance_types: r6id.xlarge,r6id.2xlarge,r6id.4xlarge,r6id.8xlarge,r6idn.xlarge,r6idn.2xlarge,r6idn.4xlarge,r6idn.8xlarge
default_max_vcpus: 640
expanded_max_vcpus: 640
required_surplus: 0
security_environment: ASF
ami_id: /aws/service/ecs/optimized-ami/amazon-linux-2/recommended/image_id
distribution_url: ''
- environment: hyp3-pdc
domain: hyp3-pdc.asf.alaska.edu
template_bucket: cf-templates-tlsr0tnnqt5t-us-west-2
image_tag: latest
# TODO product lifetime could be much shorter since they all get transferred to a separate
# S3 bucket, but maybe we want to allow for a backlog of products-to-be-transferred?
product_lifetime_in_days: 14
quota: 0
job_files: job_spec/WATER_MAP.yml
instance_types: r6id.xlarge,r6id.2xlarge,r6id.4xlarge,r6id.8xlarge,r6idn.xlarge,r6idn.2xlarge,r6idn.4xlarge,r6idn.8xlarge
default_max_vcpus: 640
expanded_max_vcpus: 640
required_surplus: 0
security_environment: ASF
ami_id: /aws/service/ecs/optimized-ami/amazon-linux-2/recommended/image_id
distribution_url: ''
environment:
name: ${{ matrix.environment }}
url: https://${{ matrix.domain }}
steps:
- uses: actions/[email protected]
- uses: aws-actions/configure-aws-credentials@v3
with:
aws-access-key-id: ${{ secrets.V2_AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.V2_AWS_SECRET_ACCESS_KEY }}
aws-session-token: ${{ secrets.V2_AWS_SESSION_TOKEN }}
aws-region: ${{ secrets.AWS_REGION }}
- uses: actions/setup-python@v4
with:
python-version: 3.9
- uses: ./.github/actions/deploy-hyp3
with:
TEMPLATE_BUCKET: ${{ matrix.template_bucket }}
STACK_NAME: ${{ matrix.environment }}
DOMAIN_NAME: ${{ matrix.domain }}
API_NAME: ${{ matrix.environment }}
CERTIFICATE_ARN: ${{ secrets.CERTIFICATE_ARN }}
IMAGE_TAG: ${{ matrix.image_tag }}
PRODUCT_LIFETIME: ${{ matrix.product_lifetime_in_days }}
VPC_ID: ${{ secrets.VPC_ID }}
SUBNET_IDS: ${{ secrets.SUBNET_IDS }}
SECRET_ARN: ${{ secrets.SECRET_ARN }}
CLOUDFORMATION_ROLE_ARN: ${{ secrets.CLOUDFORMATION_ROLE_ARN }}
MONTHLY_JOB_QUOTA_PER_USER: ${{ matrix.quota }}
JOB_FILES: ${{ matrix.job_files }}
DEFAULT_MAX_VCPUS: ${{ matrix.default_max_vcpus }}
EXPANDED_MAX_VCPUS: ${{ matrix.expanded_max_vcpus }}
MONTHLY_BUDGET: ${{ secrets.MONTHLY_BUDGET }}
REQUIRED_SURPLUS: ${{ matrix.required_surplus }}
ORIGIN_ACCESS_IDENTITY_ID: ${{ secrets.ORIGIN_ACCESS_IDENTITY_ID }}
SECURITY_ENVIRONMENT: ${{ matrix.security_environment }}
AMI_ID: ${{ matrix.ami_id }}
INSTANCE_TYPES: ${{ matrix.instance_types }}
DISTRIBUTION_URL: ${{ matrix.distribution_url }}
AUTH_PUBLIC_KEY: ${{ secrets.AUTH_PUBLIC_KEY }}