Skip to content
This repository was archived by the owner on Dec 11, 2023. It is now read-only.

Latest commit

 

History

History
40 lines (35 loc) · 1.44 KB

pipeline.md

File metadata and controls

40 lines (35 loc) · 1.44 KB

OpenTUNA Pipeline

OpenTUNA pipeline is a DevOps process to deploy OpenTUNA across accounts/regions for multiple stages.

See below deployment workflow grahic, workflow

Prerequisites

  • Create deployment IAM role that trusted deployment account, run below command against UAT and PROD account
npm run deploy-pipeline-cross-account-setup -- -c trustedAccount=<account id running the pipeline>
  • AWS CLI installed
  • Create configuration parameters for different stages in SSM parameter store. The stage configuration is a json string, which looks like below,
{
  "name": "UAT",
  "deployContexts": {
    "vpcId": "vpc-id",
    "iamCertId": "iam-cert-id",
    "domainName": "mydomain.com",
    "domainZone": "mydomain.com",
    "additionalOptions": ""
  },
  "assumeRoleContexts": {
    "account": "the account id to be deployed",
    "roleName": "role name created by cross account step"
  }
}

By default the parameter name is /opentuna/pipeline/stage/uat and /opentuna/pipeline/stage/prod.

How to deploy it

npm run install-deps
npm run deploy-pipeline

Post deployment

There is a CDK output named IAMCertChangedTopicOutput that is a ARN of SNS topic, the cross accounts can send the notification when the new SSL cert is issued.