Merge pull request #2431 from ASFHyP3/develop #136
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Deploy Enterprise Stacks to AWS | |
on: | |
push: | |
branches: | |
- main | |
concurrency: ${{ github.workflow }}-${{ github.ref }} | |
jobs: | |
deploy: | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
include: | |
- environment: hyp3-its-live | |
domain: hyp3-its-live.asf.alaska.edu | |
template_bucket: cf-templates-3o5lnspmwmzg-us-west-2 | |
image_tag: latest | |
product_lifetime_in_days: 14 | |
default_credits_per_user: 0 | |
default_application_status: APPROVED | |
cost_profile: DEFAULT | |
job_files: >- | |
job_spec/AUTORIFT_ITS_LIVE.yml | |
job_spec/S1_CORRECTION_ITS_LIVE.yml | |
instance_types: r6id.xlarge,r6idn.xlarge,r5dn.xlarge,r5d.xlarge | |
default_max_vcpus: 2000 # Max: 10,406 | |
expanded_max_vcpus: 2000 # Max: 10,406 | |
required_surplus: 0 | |
security_environment: JPL-public | |
ami_id: /aws/service/ecs/optimized-ami/amazon-linux-2023/recommended/image_id | |
distribution_url: '' | |
- environment: hyp3-a19-jpl | |
domain: hyp3-a19-jpl.asf.alaska.edu | |
template_bucket: cf-templates-v4pvone059de-us-west-2 | |
image_tag: latest | |
product_lifetime_in_days: 14 | |
default_credits_per_user: 0 | |
default_application_status: APPROVED | |
cost_profile: DEFAULT | |
job_files: >- | |
job_spec/ARIA_AUTORIFT.yml | |
job_spec/ARIA_RAIDER.yml | |
job_spec/INSAR_ISCE.yml | |
instance_types: m6id.xlarge,m6id.2xlarge,m6id.4xlarge,m6id.8xlarge,m6idn.xlarge,m6idn.2xlarge,m6idn.4xlarge,m6idn.8xlarge | |
default_max_vcpus: 4000 # Max: 13000 | |
expanded_max_vcpus: 4000 # Max: 13000 | |
required_surplus: 0 | |
security_environment: JPL-public | |
ami_id: /aws/service/ecs/optimized-ami/amazon-linux-2023/recommended/image_id | |
distribution_url: '' | |
- environment: hyp3-tibet-jpl | |
domain: hyp3-tibet-jpl.asf.alaska.edu | |
template_bucket: cf-templates-1or0efwqffkgd-us-west-2 | |
image_tag: latest | |
product_lifetime_in_days: 30 | |
default_credits_per_user: 0 | |
default_application_status: APPROVED | |
cost_profile: DEFAULT | |
job_files: >- | |
job_spec/ARIA_AUTORIFT.yml | |
job_spec/ARIA_RAIDER.yml | |
job_spec/INSAR_ISCE.yml | |
instance_types: m6id.xlarge,m6id.2xlarge,m6id.4xlarge,m6id.8xlarge,m6idn.xlarge,m6idn.2xlarge,m6idn.4xlarge,m6idn.8xlarge | |
default_max_vcpus: 1000 # Max: 10316 | |
expanded_max_vcpus: 1000 # Max: 10316 | |
required_surplus: 0 | |
security_environment: JPL-public | |
ami_id: /aws/service/ecs/optimized-ami/amazon-linux-2023/recommended/image_id | |
distribution_url: '' | |
- environment: hyp3-nisar-jpl | |
domain: hyp3-nisar-jpl.asf.alaska.edu | |
template_bucket: cf-templates-gdeyr9hh8rzs-us-west-2 | |
image_tag: latest | |
product_lifetime_in_days: 14 | |
default_credits_per_user: 0 | |
default_application_status: APPROVED | |
cost_profile: DEFAULT | |
job_files: >- | |
job_spec/ARIA_AUTORIFT.yml | |
job_spec/ARIA_RAIDER.yml | |
job_spec/INSAR_ISCE.yml | |
instance_types: m6id.xlarge,m6id.2xlarge,m6id.4xlarge,m6id.8xlarge,m6idn.xlarge,m6idn.2xlarge,m6idn.4xlarge,m6idn.8xlarge | |
default_max_vcpus: 1600 # Max 1652 | |
expanded_max_vcpus: 1600 # Max 1652 | |
required_surplus: 0 | |
security_environment: JPL-public | |
ami_id: /aws/service/ecs/optimized-ami/amazon-linux-2023/recommended/image_id | |
distribution_url: '' | |
- environment: hyp3-avo | |
domain: hyp3-avo.asf.alaska.edu | |
template_bucket: cf-templates-1x4a21iq1cba7-us-west-2 | |
image_tag: latest | |
product_lifetime_in_days: 365000 | |
default_credits_per_user: 0 | |
default_application_status: APPROVED | |
cost_profile: DEFAULT | |
job_files: job_spec/INSAR_GAMMA.yml | |
instance_types: r6id.xlarge,r6id.2xlarge,r6id.4xlarge,r6id.8xlarge,r6idn.xlarge,r6idn.2xlarge,r6idn.4xlarge,r6idn.8xlarge | |
default_max_vcpus: 640 | |
expanded_max_vcpus: 640 | |
required_surplus: 0 | |
security_environment: ASF | |
ami_id: /aws/service/ecs/optimized-ami/amazon-linux-2023/recommended/image_id | |
distribution_url: '' | |
- environment: hyp3-watermap | |
domain: hyp3-watermap.asf.alaska.edu | |
template_bucket: cf-templates-1217di08q7vwl-us-west-2 | |
image_tag: latest | |
product_lifetime_in_days: 14 | |
default_credits_per_user: 0 | |
default_application_status: APPROVED | |
cost_profile: DEFAULT | |
job_files: job_spec/RTC_GAMMA.yml job_spec/WATER_MAP.yml job_spec/WATER_MAP_EQ.yml | |
instance_types: r6id.xlarge,r6id.2xlarge,r6id.4xlarge,r6id.8xlarge,r6idn.xlarge,r6idn.2xlarge,r6idn.4xlarge,r6idn.8xlarge | |
default_max_vcpus: 640 | |
expanded_max_vcpus: 640 | |
required_surplus: 0 | |
security_environment: ASF | |
ami_id: /aws/service/ecs/optimized-ami/amazon-linux-2023/recommended/image_id | |
distribution_url: '' | |
- environment: hyp3-streamflow | |
domain: hyp3-streamflow.asf.alaska.edu | |
template_bucket: cf-templates-15gmiot9prm67-us-west-2 | |
image_tag: latest | |
product_lifetime_in_days: 90 | |
default_credits_per_user: 0 | |
default_application_status: APPROVED | |
cost_profile: DEFAULT | |
job_files: job_spec/RTC_GAMMA.yml job_spec/WATER_MAP.yml job_spec/WATER_MAP_EQ.yml | |
instance_types: r6id.xlarge,r6id.2xlarge,r6id.4xlarge,r6id.8xlarge,r6idn.xlarge,r6idn.2xlarge,r6idn.4xlarge,r6idn.8xlarge | |
default_max_vcpus: 1600 | |
expanded_max_vcpus: 1600 | |
required_surplus: 0 | |
security_environment: ASF | |
ami_id: /aws/service/ecs/optimized-ami/amazon-linux-2023/recommended/image_id | |
distribution_url: '' | |
- environment: azdwr-hyp3 | |
domain: azdwr-hyp3.asf.alaska.edu | |
template_bucket: cf-templates-xlga17noink6-us-west-2 | |
image_tag: latest | |
product_lifetime_in_days: 30 | |
default_credits_per_user: 0 | |
default_application_status: APPROVED | |
cost_profile: DEFAULT | |
job_files: job_spec/INSAR_GAMMA.yml job_spec/INSAR_ISCE_BURST.yml | |
instance_types: r6id.xlarge,r6id.2xlarge,r6id.4xlarge,r6id.8xlarge,r6idn.xlarge,r6idn.2xlarge,r6idn.4xlarge,r6idn.8xlarge | |
default_max_vcpus: 640 | |
expanded_max_vcpus: 640 | |
required_surplus: 0 | |
security_environment: ASF | |
ami_id: /aws/service/ecs/optimized-ami/amazon-linux-2023/recommended/image_id | |
distribution_url: '' | |
- environment: hyp3-cargill | |
domain: hyp3-cargill.asf.alaska.edu | |
template_bucket: cf-templates-j4kd746vpsuv-us-east-1 | |
image_tag: latest | |
product_lifetime_in_days: 14 | |
default_credits_per_user: 0 | |
default_application_status: APPROVED | |
cost_profile: DEFAULT | |
job_files: job_spec/INSAR_GAMMA.yml job_spec/RTC_GAMMA.yml | |
instance_types: r6id.xlarge,r6id.2xlarge,r6id.4xlarge,r6id.8xlarge,r6idn.xlarge,r6idn.2xlarge,r6idn.4xlarge,r6idn.8xlarge | |
default_max_vcpus: 640 | |
expanded_max_vcpus: 640 | |
required_surplus: 0 | |
security_environment: ASF | |
ami_id: /aws/service/ecs/optimized-ami/amazon-linux-2023/recommended/image_id | |
distribution_url: '' | |
- environment: hyp3-bgc-engineering | |
domain: hyp3-bgc-engineering.asf.alaska.edu | |
template_bucket: cf-templates-ez0805f6vy20-us-west-2 | |
image_tag: latest | |
product_lifetime_in_days: 14 | |
default_credits_per_user: 0 | |
default_application_status: APPROVED | |
cost_profile: DEFAULT | |
job_files: job_spec/INSAR_GAMMA.yml job_spec/RTC_GAMMA.yml | |
instance_types: r6id.xlarge,r6id.2xlarge,r6id.4xlarge,r6id.8xlarge,r6idn.xlarge,r6idn.2xlarge,r6idn.4xlarge,r6idn.8xlarge | |
default_max_vcpus: 640 | |
expanded_max_vcpus: 640 | |
required_surplus: 0 | |
security_environment: ASF | |
ami_id: /aws/service/ecs/optimized-ami/amazon-linux-2023/recommended/image_id | |
distribution_url: '' | |
- environment: hyp3-carter | |
domain: hyp3-carter.asf.alaska.edu | |
template_bucket: cf-templates-1qx2mwia5g4kh-us-west-2 | |
image_tag: latest | |
product_lifetime_in_days: 30 | |
default_credits_per_user: 0 | |
default_application_status: APPROVED | |
cost_profile: DEFAULT | |
job_files: job_spec/INSAR_GAMMA.yml job_spec/RTC_GAMMA.yml | |
instance_types: r6id.xlarge,r6id.2xlarge,r6id.4xlarge,r6id.8xlarge,r6idn.xlarge,r6idn.2xlarge,r6idn.4xlarge,r6idn.8xlarge | |
default_max_vcpus: 640 | |
expanded_max_vcpus: 640 | |
required_surplus: 0 | |
security_environment: ASF | |
ami_id: /aws/service/ecs/optimized-ami/amazon-linux-2023/recommended/image_id | |
distribution_url: '' | |
- environment: hyp3-pdc | |
domain: hyp3-pdc.asf.alaska.edu | |
template_bucket: cf-templates-tlsr0tnnqt5t-us-west-2 | |
image_tag: latest | |
# TODO product lifetime could be much shorter since they all get transferred to a separate | |
# S3 bucket, but maybe we want to allow for a backlog of products-to-be-transferred? | |
product_lifetime_in_days: 14 | |
default_credits_per_user: 0 | |
default_application_status: APPROVED | |
cost_profile: DEFAULT | |
job_files: job_spec/WATER_MAP.yml | |
instance_types: r6id.xlarge,r6id.2xlarge,r6id.4xlarge,r6id.8xlarge,r6idn.xlarge,r6idn.2xlarge,r6idn.4xlarge,r6idn.8xlarge | |
default_max_vcpus: 640 | |
expanded_max_vcpus: 640 | |
required_surplus: 0 | |
security_environment: ASF | |
ami_id: /aws/service/ecs/optimized-ami/amazon-linux-2023/recommended/image_id | |
distribution_url: '' | |
- environment: hyp3-lavas | |
domain: hyp3-lavas.asf.alaska.edu | |
template_bucket: cf-templates-10a5pjrsv3cgo-us-west-2 | |
image_tag: latest | |
product_lifetime_in_days: 14 | |
default_credits_per_user: 0 | |
default_application_status: APPROVED | |
cost_profile: DEFAULT | |
job_files: >- | |
job_spec/INSAR_ISCE_BURST.yml | |
job_spec/SRG_GSLC.yml | |
instance_types: r6id.xlarge,r6id.2xlarge,r6id.4xlarge,r6id.8xlarge,r6idn.xlarge,r6idn.2xlarge,r6idn.4xlarge,r6idn.8xlarge | |
default_max_vcpus: 640 | |
expanded_max_vcpus: 640 | |
required_surplus: 0 | |
security_environment: ASF | |
ami_id: /aws/service/ecs/optimized-ami/amazon-linux-2023/recommended/image_id | |
distribution_url: '' | |
environment: | |
name: ${{ matrix.environment }} | |
url: https://${{ matrix.domain }} | |
steps: | |
- uses: actions/[email protected] | |
- uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-access-key-id: ${{ secrets.V2_AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.V2_AWS_SECRET_ACCESS_KEY }} | |
aws-session-token: ${{ secrets.V2_AWS_SESSION_TOKEN }} | |
aws-region: ${{ secrets.AWS_REGION }} | |
- uses: actions/setup-python@v5 | |
with: | |
python-version: 3.9 | |
- uses: ./.github/actions/deploy-hyp3 | |
with: | |
TEMPLATE_BUCKET: ${{ matrix.template_bucket }} | |
STACK_NAME: ${{ matrix.environment }} | |
DOMAIN_NAME: ${{ matrix.domain }} | |
API_NAME: ${{ matrix.environment }} | |
CERTIFICATE_ARN: ${{ secrets.CERTIFICATE_ARN }} | |
IMAGE_TAG: ${{ matrix.image_tag }} | |
PRODUCT_LIFETIME: ${{ matrix.product_lifetime_in_days }} | |
VPC_ID: ${{ secrets.VPC_ID }} | |
SUBNET_IDS: ${{ secrets.SUBNET_IDS }} | |
SECRET_ARN: ${{ secrets.SECRET_ARN }} | |
CLOUDFORMATION_ROLE_ARN: ${{ secrets.CLOUDFORMATION_ROLE_ARN }} | |
DEFAULT_CREDITS_PER_USER: ${{ matrix.default_credits_per_user }} | |
DEFAULT_APPLICATION_STATUS: ${{ matrix.default_application_status }} | |
COST_PROFILE: ${{ matrix.cost_profile }} | |
JOB_FILES: ${{ matrix.job_files }} | |
DEFAULT_MAX_VCPUS: ${{ matrix.default_max_vcpus }} | |
EXPANDED_MAX_VCPUS: ${{ matrix.expanded_max_vcpus }} | |
MONTHLY_BUDGET: ${{ secrets.MONTHLY_BUDGET }} | |
REQUIRED_SURPLUS: ${{ matrix.required_surplus }} | |
ORIGIN_ACCESS_IDENTITY_ID: ${{ secrets.ORIGIN_ACCESS_IDENTITY_ID }} | |
SECURITY_ENVIRONMENT: ${{ matrix.security_environment }} | |
AMI_ID: ${{ matrix.ami_id }} | |
INSTANCE_TYPES: ${{ matrix.instance_types }} | |
DISTRIBUTION_URL: ${{ matrix.distribution_url }} | |
AUTH_PUBLIC_KEY: ${{ secrets.AUTH_PUBLIC_KEY }} |