Merge pull request #554 from kids-first/feature/standard-deploy

🔧 Migrated to the standard deploy
kids-first · Sep 6, 2020 · 46edfde · 46edfde
2 parents 1c04fed + 77c5a2d
commit 46edfde
Show file tree

Hide file tree

Showing 3 changed files with 21 additions and 55 deletions.
diff --git a/Jenkinsfile b/Jenkinsfile
@@ -1,6 +1,22 @@
 @Library(value='kids-first/aws-infra-jenkins-shared-libraries', changelog=false) _
-
-ecs_service_type_1 {
+ecs_service_type_1_standard {
     projectName = "kf-api-dataservice"
-    agentLabel = "terraform-testing"
+    create_sns_topic = "1"
+    create_additional_internal_alb = "1"
+    internal_app = "false"
+    environments = "dev,qa,prd"
+    docker_image_type = "alpine"
+    entrypoint_command = "/app/bin/run.sh"
+    deploy_scripts_version = "master"
+    quick_deploy = "true"
+    external_config_repo = "false"
+    container_port = "80"
+    vcpu_container             = "2048"
+    memory_container           = "4096"
+    vcpu_task                  = "2048"
+    memory_task                = "4096"
+    health_check_path = "/"
+    dependencies = "ecr"
+    friendly_dns_name = "dataservice"
+    additional_ssl_cert_domain_name = "*.kidsfirstdrc.org"
 }
diff --git a/config.py b/config.py
@@ -59,57 +59,7 @@ class TestingConfig(Config):
 
 
 class ProductionConfig(Config):
-    @staticmethod
-    def init_app(app):
-        import hvac
-
-        vault_url = os.environ.get('VAULT_URL', 'https://vault:8200/')
-        # Role to authenticate with
-        vault_role = os.environ.get('VAULT_ROLE', 'DataserviceRole')
-        # Paths for secrets in vault
-        pg_secret = os.environ.get('DB_SECRET', 'secret/postgres')
-        indexd_secret = os.environ.get('INDEXD_SECRET', 'secret/indexd')
-        bucket_token = os.environ.get('BUCKET_SERVICE_TOKEN_SECRET', None)
-        bucket_url = os.environ.get('BUCKET_SERVICE_URL_SECRET', None)
-        # Retrieve secrets
-        client = hvac.Client(url=vault_url)
-        client.auth_iam(vault_role)
-        pg_secrets = client.read(pg_secret)
-        indexd_secrets = client.read(indexd_secret)
-        bucket_token = client.read(bucket_token) if bucket_token else None
-        bucket_url = client.read(bucket_url) if bucket_url else None
-        client.logout()
-
-        # Construct postgres connection string
-        pg_user = pg_secrets['data']['user']
-        pg_pass = pg_secrets['data']['password']
-        connection_str = 'postgres://{}:{}@{}:{}/{}'.format(
-            pg_user,
-            pg_pass,
-            Config.PG_HOST,
-            Config.PG_PORT,
-            Config.PG_NAME)
-
-        app.config['SQLALCHEMY_DATABASE_URI'] = connection_str
-
-        # Extract indexd auth
-        app.config['INDEXD_USER'] = indexd_secrets['data']['user']
-        app.config['INDEXD_PASS'] = indexd_secrets['data']['password']
-
-        # Get the bucket service's token for auth
-        if (bucket_token and
-            'data' in bucket_token and
-                'token' in bucket_token['data']):
-            app.config['BUCKET_SERVICE_TOKEN'] = \
-                bucket_token['data']['token']
-
-        # Get the bucket service's url
-        if (bucket_url and
-            'data' in bucket_url and
-                'invoke_url' in bucket_url['data']):
-            # All environments use the /api stage in api gateway
-            app.config['BUCKET_SERVICE_URL'] = \
-                bucket_url['data']['invoke_url'] + 'api'
+    pass
 
 
 class UnixConfig(ProductionConfig):

diff --git a/requirements.txt b/requirements.txt
@@ -19,8 +19,8 @@ flask-marshmallow==0.8.0
 marshmallow==2.16.0
 marshmallow-sqlalchemy==0.13.2
 psycopg2==2.7.3.2
--e git+https://github.com/dankolbman/hvac#egg=hvac
 webargs==5.3.0
 boto3==1.7.8
 botocore==1.10.8
 Jinja2==2.10
+requests==2.24.0