This repository contains Ansible playbooks and GitHub Actions workflow to automate the setup and deployment of services on EC2 instances for both pre-production and production environments for Techronomicon.
-
.github/workflows/ansible.yml: GitHub Actions workflow file that automates the deployment process based on pull request events. It triggers the appropriate Ansible playbooks depending on whether the pull request is opened, synchronized, or merged.
-
preprod_deploy.yml: Ansible playbook to configure EC2 instances for the pre-production environment. This includes setting up ECS, Nginx, CloudWatch Agent, and obtaining SSL certificates.
-
prod_deploy.yml: Ansible playbook to configure EC2 instances for the production environment. Similar to the pre-production playbook but configured for the production environment.
-
files/: Directory containing configuration files for Nginx and CloudWatch Agent, which are copied to the EC2 instances during the playbook execution.
The GitHub Actions workflow is defined in .github/workflows/ansible.yml and has two main jobs:
-
ansible_preprod: This job runs when a pull request is opened or updated (but not closed). It applies the
preprod_deploy.ymlplaybook to the EC2 instances in the pre-production environment. -
ansible_prod: This job runs only when a pull request is closed and merged. It applies the
prod_deploy.ymlplaybook to the EC2 instances in the production environment.
- The workflow is triggered by pull requests that modify
.ymlfiles. - The
ansible_preprodjob runs only if the pull request is not closed. - The
ansible_prodjob runs only if the pull request is both closed and merged.
The workflow uses AWS Systems Manager (SSM) to send commands to the EC2 instances. It retrieves instance IDs from SSM Parameter Store and assumes an IAM role using OIDC federation to access AWS resources.
This playbook sets up an EC2 instance in the pre-production environment by:
- Creating the
/etc/ecsdirectory and configuring the ECS cluster. - Installing necessary packages like
ecs-init,nginx,amazon-cloudwatch-agent, andcollectd. - Configuring Nginx and SSL certificates for the pre-production domain.
- Setting up and starting the CloudWatch Agent.
This playbook sets up an EC2 instance in the production environment by:
- Creating the
/etc/ecsdirectory and configuring the ECS cluster. - Installing necessary packages like
ecs-init,nginx,amazon-cloudwatch-agent, andcollectd. - Configuring Nginx and SSL certificates for the production domain.
- Setting up and starting the CloudWatch Agent.
-
Pre-production deployment:
- Open or update a pull request that modifies
.ymlfiles. - The
ansible_preprodjob will run automatically, applying thepreprod_deploy.ymlplaybook to the pre-production EC2 instance.
- Open or update a pull request that modifies
-
Production deployment:
- Merge the pull request after review.
- The
ansible_prodjob will run automatically, applying theprod_deploy.ymlplaybook to the production EC2 instance.
To run the playbooks manually, use the following commands:
ansible-playbook preprod_deploy.yml -i <inventory_file> --ask-become-pass
ansible-playbook prod_deploy.yml -i <inventory_file> --ask-become-passReplace <inventory_file> with your Ansible inventory file.
Feel free to open issues or submit pull requests if you have any suggestions for improvements or if you encounter any bugs.
This project is licensed under the MIT License. See the LICENSE file for more details.