[MAIN] Switch over to using serverless app on aws

.github/release-drafter.yml

@@ -0,0 +1,34 @@
+# For the https://github.com/marketplace/actions/release-drafter Action
+name-template: v$RESOLVED_VERSION Release
+tag-template: v$RESOLVED_VERSION
+categories:
+  - title: 🚀 Features
+    labels:
+      - feature
+      - enhancement
+  - title: 🐛 Bug Fixes
+    labels:
+      - fix
+      - bugfix
+      - bug
+  - title: 🧰 Maintenance
+    label: chore
+change-template: '- $TITLE @$AUTHOR (#$NUMBER)'
+# You can add # and @ to disable mentions, and add ` to disable code blocks.
+change-title-escapes: '\<*_&'
+version-resolver:
+  major:
+    labels:
+      - major
+  minor:
+    labels:
+      - minor
+  patch:
+    labels:
+      - patch
+  default: patch
+template: |
+  ## Changes
+  $CHANGES
+include-pre-releases: true
+prerelease: true

.github/workflows/deploy-prod-eu.yaml

@@ -0,0 +1,157 @@
+name: Deploy To Prod EU
+
+on:
+  release:
+    types:
+      - released
+
+permissions:
+  id-token: write
+  contents: write
+  pull-requests: write
+env:
+  GOLANG_VERSION: 1.23
+  REGION_NAME: eu-west-1
+  ACCOUNT_ID: 247286868737
+  ROLE_TO_ASSUME: arn:aws:iam::247286868737:role/firetail-prod-github-serverless-lambda-deployment
+  LAMBDA_SERVERLESS_REPO: firetail-prod-eu-west-1-serverless-applications
+  APP_NAME: firetail-appsync-logger
+  CFN_TEMPLATES_BUCKET: firetail-prod-us-east-1-cf-templates
+  CFN_TEMPLATES_BUCKET_REGION: us-east-1
+jobs:
+  setup:
+    runs-on: ubuntu-latest
+    outputs:
+      mymatrix: ${{ steps.matrixStep.outputs.matrixItems }}
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
+        with:
+          fetch-depth: 2
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@8c3f20df09ac63af7b3ae3d7c91f105f857d8497 # v4.0.0
+        with:
+          aws-region: ${{ env.REGION_NAME }}
+          role-to-assume: ${{env.ROLE_TO_ASSUME }}
+          role-session-name: github
+      - id: matrixStep
+        run: |
+          python3 -m pip install boto3
+          matrix=$(python3 build_setup/get_regions.py)
+          echo $matrix
+          echo "matrixItems=$(echo $matrix)" >> $GITHUB_ENV
+  download-artifact:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
+        with:
+          fetch-depth: 2
+      - name: Get Release
+        id: get_release
+        uses: bruceadams/get-release@74c3d60f5a28f358ccf241a00c9021ea16f0569f
+        env:
+          GITHUB_TOKEN: ${{ github.token }}
+      - name: Download zip from release
+        uses: robinraju/release-downloader@efa4cd07bd0195e6cc65e9e30c251b49ce4d3e51
+        with:
+          releaseId: ${{ steps.get_release.outputs.id }}
+          fileName: lambda.zip
+          out-file-path: "build"
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@8c3f20df09ac63af7b3ae3d7c91f105f857d8497 # v4.0.0
+        with:
+          aws-region: ${{ env.REGION_NAME }}
+          role-to-assume: ${{env.ROLE_TO_ASSUME }}
+          role-session-name: github
+      - run:
+          sam package --template-file template.yaml --output-template-file packaged.yaml --s3-bucket ${{
+          env.LAMBDA_SERVERLESS_REPO }} --region ${{env.REGION_NAME}}
+      - uses: actions/upload-artifact@v3
+        with:
+          name: packaged.yaml
+          path: packaged.yaml
+  release-application:
+    needs: download-artifact
+    runs-on: ubuntu-latest
+    strategy:
+      # matrix: ${{ fromJson(needs.setup.outputs.mymatrix) }}
+      fail-fast: false
+      matrix:
+        region:
+          [
+            "us-east-2",
+            "us-east-1",
+            "us-west-1",
+            "us-west-2",
+            "af-south-1",
+            "ap-east-1",
+            "ap-south-2",
+            "ap-southeast-3",
+            "ap-southeast-4",
+            "ap-south-1",
+            "ap-northeast-3",
+            "ap-northeast-2",
+            "ap-southeast-1",
+            "ap-southeast-2",
+            "ap-northeast-1",
+            "ca-central-1",
+            "eu-central-1",
+            "eu-west-1",
+            "eu-west-2",
+            "eu-south-1",
+            "eu-west-3",
+            "eu-south-2",
+            "eu-north-1",
+            "eu-central-2",
+            "il-central-1",
+            "me-south-1",
+            "me-central-1",
+            "sa-east-1",
+          ]
+    steps:
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@8c3f20df09ac63af7b3ae3d7c91f105f857d8497 # v4.0.0
+        with:
+          aws-region: ${{ env.REGION_NAME }}
+          role-to-assume: ${{env.ROLE_TO_ASSUME }}
+          role-session-name: github
+      - name: Get Release
+        id: get_release
+        uses: bruceadams/get-release@74c3d60f5a28f358ccf241a00c9021ea16f0569f
+        env:
+          GITHUB_TOKEN: ${{ github.token }}
+      - uses: actions/download-artifact@v4
+        with:
+          name: packaged.yaml
+      - run: |
+          version=$(echo "${{ steps.get_release.outputs.tag_name }}" | cut -c 2-)
+          sam publish --template packaged.yaml --region ${{ matrix.region }} --semantic-version $version
+          aws serverlessrepo put-application-policy --region ${{ matrix.region }} --application-id arn:aws:serverlessrepo:${{ matrix.region }}:${{env.ACCOUNT_ID}}:applications/${{env.APP_NAME}} --statements Principals=*,Actions=Deploy
+        continue-on-error: true
+  release-cloudformation:
+    needs: release-application
+    runs-on: ubuntu-latest
+    timeout-minutes: 15
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
+        with:
+          fetch-depth: 2
+      - name: Get Release
+        id: get_release
+        uses: bruceadams/get-release@74c3d60f5a28f358ccf241a00c9021ea16f0569f
+        env:
+          GITHUB_TOKEN: ${{ github.token }}
+      - run: |
+          version=$(echo "${{ steps.get_release.outputs.tag_name }}" | cut -c 2-)
+          sed -i -e "s/0.0.1/${version}/g" cfn_templates/appsync_logging_template.yaml
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@8c3f20df09ac63af7b3ae3d7c91f105f857d8497 # v4.0.0
+        with:
+          aws-region: ${{ env.REGION_NAME }}
+          role-to-assume: ${{env.ROLE_TO_ASSUME }}
+          role-session-name: github
+      - name: copy new cfn to s3
+        run: |
+          aws s3 cp ./cfn_templates/ s3://${{env.CFN_TEMPLATES_BUCKET}}/applications/cfn/ --acl public-read --region ${{env.CFN_TEMPLATES_BUCKET_REGION}}  --recursive

.github/workflows/deploy-sandbox.yaml

@@ -0,0 +1,65 @@
+env:
+  SANDBOX_AWS_ACCT_ID: 453671210445
+  SANDBOX_AWS_ACCT_NAME: firetail-sandbox
+  AWS_REGION: eu-west-1
+  ROLE_TO_ASSUME: arn:aws:iam::453671210445:role/firetail-sandbox-github-serverless-lambda-deployment
+  LAMBDA_SERVERLESS_REPO: firetail-sandbox-eu-west-1-serverless-applications
+  CFN_TEMPLATES_BUCKET: firetail-sandbox-us-east-1-cf-templates
+  CFN_TEMPLATES_BUCKET_REGION: us-east-1
+  APP_NAME: aws-appsync-logging-lambda
+  SEMANTIC_VERSION: 1.2.2
+name: Deploy to Sandbox
+run-name: "@${{ github.triggering_actor }}: ${{ github.ref_name }}: ${{ github.event_name }}"
+on:
+  push:
+    branches:
+      - dev
+      - dev-preview
+defaults:
+  run:
+    shell: bash
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref_name }}
+  cancel-in-progress: true
+permissions:
+  id-token: write
+  contents: read
+  pull-requests: read
+jobs:
+  deploy-sandbox:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
+        with:
+          fetch-depth: 2
+      - name: Set Environment
+        run: |
+          git_hash="$(git rev-parse --short "${{ github.sha }}")"
+          RELEASE_VERSION="sandbox-${git_hash}-${{ github.run_id }}-${{ github.run_number }}-${{ github.run_attempt }}"
+          IMAGE_TAG="${{ env.SANDBOX_ECR_HOSTNAME }}/${{ env.ECR_REPO }}:${RELEASE_VERSION}"
+
+          cat <<EOF >>"${GITHUB_ENV}"
+          RELEASE_VERSION=${RELEASE_VERSION}
+          IMAGE_TAG=${IMAGE_TAG}
+          EOF
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@8c3f20df09ac63af7b3ae3d7c91f105f857d8497 # v4.0.0
+        with:
+          aws-region: ${{ env.AWS_REGION }}
+          role-to-assume: ${{env.ROLE_TO_ASSUME }}
+          role-session-name: github
+      - name: Run build docker image
+        run: docker build -t lambda-image:latest --target runtime-image -f build_setup/Dockerfile .
+      - name: create build dir
+        run: mkdir build -p
+      - name: extract docker build zip
+        run: docker run --rm --entrypoint cat lambda-image:latest /src/lambda.zip > build/lambda.zip
+      - name: sam
+        run: |
+          sam package --template-file template.yaml --output-template-file packaged.yaml --s3-bucket ${{ env.LAMBDA_SERVERLESS_REPO }}
+          sam publish --template packaged.yaml --region ${{env.AWS_REGION}} --semantic-version ${{env.SEMANTIC_VERSION}}
+      - name: copy new cfn to s3
+        run: |
+          sed -i -e "s/0.0.1/${{env.SEMANTIC_VERSION}}/g" cfn_templates/appsync_logging_template.yaml
+          aws s3 cp ./cfn_templates/ s3://${{env.CFN_TEMPLATES_BUCKET}}/applications/cfn/ --acl public-read --region ${{env.CFN_TEMPLATES_BUCKET_REGION}}  --recursive