Skip to content

feat(infra): AWS IaC deployment with Terraform + Helm + CLI#861

Closed
Dr0p42 wants to merge 2 commits into
mainfrom
claude/flamboyant-euclid-8428db
Closed

feat(infra): AWS IaC deployment with Terraform + Helm + CLI#861
Dr0p42 wants to merge 2 commits into
mainfrom
claude/flamboyant-euclid-8428db

Conversation

@Dr0p42

@Dr0p42 Dr0p42 commented Apr 23, 2026

Copy link
Copy Markdown
Contributor

Summary

  • Terraform modules for full AWS stack: VPC, EKS, ECR, RDS Postgres with pgvector, Neptune, ElastiCache, Amazon MQ, S3+KMS, IRSA, platform-addons (AWS Load Balancer Controller + External Secrets Operator)
  • Helm umbrella chart (infra/helm/abi) rendering abi-api, dagster, mcp-server, nexus-web, service-portal + optional Synapse, multi-tenant via namespace, ESO-backed secrets, ALB ingress
  • New CLI: abi deploy aws {init,plan,apply,destroy,output,kubeconfig,ecr-login,build-push,deploy-apps} with Jinja-templated Terraform scaffolding
  • GitHub Actions workflows (OIDC): terraform-plan, terraform-apply, build-images-ecr
  • Bootstrap stack (S3 state + DynamoDB lock + GitHub OIDC role), infra/Makefile, and infra/E2E.md runbook
  • Architecture diagram: docs/architecture-aws.drawio

Design decisions

  • Neptune (not Fuseki) for graph on AWS; pgvector on RDS (not Qdrant); multi-tenant via k8s namespaces; Synapse optional, disabled by default
  • Community Terraform modules preferred (terraform-aws-modules/vpc, eks, iam, rds)
  • S3 + DynamoDB remote state; GitHub Actions via OIDC (no long-lived keys)

Test plan

  • pytest naas_abi_cli/cli/deploy/aws_test.py — 11 passed
  • make -C infra bootstrap on a sandbox account
  • abi deploy aws init -e dev then make -C infra e2e ENV=dev
  • Confirm ALB ingress hostname resolves and pods reach Ready

Known gaps (documented in infra/E2E.md)

  • pgvector extension must be enabled manually on RDS
  • build-push only wires Dockerfiles for abi and nexus-web
  • No ACM/Route 53 Terraform module yet
  • staging/prod env dirs are placeholders

🤖 Generated with Claude Code

Dr0p42 and others added 2 commits April 23, 2026 12:47
@Dr0p42 @claude
feat(infra): AWS IaC deployment with Terraform + Helm + CLI
5f89e82 
Adds end-to-end AWS deployment scaffolding: Terraform modules (VPC, EKS,
RDS+pgvector, Neptune, ElastiCache, Amazon MQ, S3, ECR, platform-addons),
Helm umbrella chart with multi-tenant namespace support and optional
Synapse, `abi deploy aws` CLI commands, GitHub Actions OIDC workflows,
and an E2E runbook.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
@Dr0p42
Merge remote-tracking branch 'origin/main' into claude/flamboyant-euc…
3b1b81a 
…lid-8428db

# Conflicts:
#	.gitignore
@cloudflare-workers-and-pages

cloudflare-workers-and-pages Bot commented Apr 23, 2026
edited
Loading

Copy link
Copy Markdown

Deploying abi-docs with  Cloudflare Pages  Cloudflare Pages

Latest commit: 3b1b81a
Status: ✅  Deploy successful!
Preview URL: https://74319a83.abi-docs-76c.pages.dev
Branch Preview URL: https://claude-flamboyant-euclid-842.abi-docs-76c.pages.dev

View logs

@Dr0p42

Dr0p42 commented Jun 3, 2026

Copy link
Copy Markdown
Contributor Author

this is being done on a per project basis for now

@Dr0p42 Dr0p42 closed this Jun 3, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Dr0p42