Skip to content

Commit

Permalink
Merge pull request #12 from Real-Life-IaC/refactor-api
Browse files Browse the repository at this point in the history 
Merge refactor-api
  • Loading branch information
@andresionek91
andresionek91 authored Dec 29, 2024
2 parents 009867a + f65f621 commit a03ba30
Show file tree
Hide file tree
Showing 109 changed files with 11,722 additions and 4,445 deletions.
102 changes: 51 additions & 51 deletions .checkov.baseline
View file
Original file line number Diff line number Diff line change
@@ -1,53 +1,53 @@
{
"failed_checks": [
{
"file": "/Api-production.template.json",
"file": "/Microservices-production.template.json",
"findings": [
{
"resource": "AWS::ApiGateway::Method.ApiRealLifeIacApidocsGETD91195AC",
"resource": "AWS::ApiGatewayV2::Stage.RestHttpApiDefaultStageB1763296",
"check_ids": [
"CKV_AWS_59"
"CKV_AWS_95"
]
},
{
"resource": "AWS::ApiGateway::Method.ApiRealLifeIacApidownloadsPOST4F856444",
"resource": "AWS::IAM::Policy.BucketNotificationsHandler050a0587b7544547bf325f094a3db834RoleDefaultPolicy2CF63D36",
"check_ids": [
"CKV_AWS_59"
"CKV_AWS_111"
]
},
{
"resource": "AWS::ApiGateway::Method.ApiRealLifeIacApidownloadscountGET970DE9C6",
"resource": "AWS::IAM::Policy.EmailServiceEventsLambdaFunctionServiceRoleDefaultPolicy2F1E71B5",
"check_ids": [
"CKV_AWS_59"
"CKV_AWS_111"
]
},
{
"resource": "AWS::ApiGateway::Method.ApiRealLifeIacApiopenapijsonGET2BAA4320",
"resource": "AWS::IAM::Policy.LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRoleDefaultPolicyADDA7DEB",
"check_ids": [
"CKV_AWS_59"
"CKV_AWS_111"
]
},
{
"resource": "AWS::ApiGateway::Stage.ApiRealLifeIacApiDeploymentStageproduction2FD0064B",
"resource": "AWS::Lambda::Function.BucketNotificationsHandler050a0587b7544547bf325f094a3db8347ECC3691",
"check_ids": [
"CKV_AWS_120",
"CKV_AWS_76"
"CKV_AWS_115",
"CKV_AWS_117"
]
},
{
"resource": "AWS::DynamoDB::GlobalTable.ApiRealLifeIacDownloads86E08529",
"resource": "AWS::Lambda::Function.DownloadServiceApiLambdaFunctionCA18871D",
"check_ids": [
"CKV_AWS_165"
"CKV_AWS_115"
]
},
{
"resource": "AWS::IAM::Policy.LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRoleDefaultPolicyADDA7DEB",
"resource": "AWS::Lambda::Function.EmailServiceApiLambdaFunction37E8A0E1",
"check_ids": [
"CKV_AWS_111"
"CKV_AWS_115"
]
},
{
"resource": "AWS::Lambda::Function.ApiRealLifeIacFunctionC21E83FE",
"resource": "AWS::Lambda::Function.EmailServiceEventsLambdaFunctionB395B436",
"check_ids": [
"CKV_AWS_115"
]
Expand All @@ -62,53 +62,53 @@
]
},
{
"file": "/Api-sandbox.template.json",
"file": "/Microservices-sandbox.template.json",
"findings": [
{
"resource": "AWS::ApiGateway::Method.ApiRealLifeIacApidocsGETD91195AC",
"resource": "AWS::ApiGatewayV2::Stage.RestHttpApiDefaultStageB1763296",
"check_ids": [
"CKV_AWS_59"
"CKV_AWS_95"
]
},
{
"resource": "AWS::ApiGateway::Method.ApiRealLifeIacApidownloadsPOST4F856444",
"resource": "AWS::IAM::Policy.BucketNotificationsHandler050a0587b7544547bf325f094a3db834RoleDefaultPolicy2CF63D36",
"check_ids": [
"CKV_AWS_59"
"CKV_AWS_111"
]
},
{
"resource": "AWS::ApiGateway::Method.ApiRealLifeIacApidownloadscountGET970DE9C6",
"resource": "AWS::IAM::Policy.EmailServiceEventsLambdaFunctionServiceRoleDefaultPolicy2F1E71B5",
"check_ids": [
"CKV_AWS_59"
"CKV_AWS_111"
]
},
{
"resource": "AWS::ApiGateway::Method.ApiRealLifeIacApiopenapijsonGET2BAA4320",
"resource": "AWS::IAM::Policy.LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRoleDefaultPolicyADDA7DEB",
"check_ids": [
"CKV_AWS_59"
"CKV_AWS_111"
]
},
{
"resource": "AWS::ApiGateway::Stage.ApiRealLifeIacApiDeploymentStagesandbox21263C96",
"resource": "AWS::Lambda::Function.BucketNotificationsHandler050a0587b7544547bf325f094a3db8347ECC3691",
"check_ids": [
"CKV_AWS_120",
"CKV_AWS_76"
"CKV_AWS_115",
"CKV_AWS_117"
]
},
{
"resource": "AWS::DynamoDB::GlobalTable.ApiRealLifeIacDownloads86E08529",
"resource": "AWS::Lambda::Function.DownloadServiceApiLambdaFunctionCA18871D",
"check_ids": [
"CKV_AWS_165"
"CKV_AWS_115"
]
},
{
"resource": "AWS::IAM::Policy.LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRoleDefaultPolicyADDA7DEB",
"resource": "AWS::Lambda::Function.EmailServiceApiLambdaFunction37E8A0E1",
"check_ids": [
"CKV_AWS_111"
"CKV_AWS_115"
]
},
{
"resource": "AWS::Lambda::Function.ApiRealLifeIacFunctionC21E83FE",
"resource": "AWS::Lambda::Function.EmailServiceEventsLambdaFunctionB395B436",
"check_ids": [
"CKV_AWS_115"
]
Expand All @@ -123,53 +123,53 @@
]
},
{
"file": "/Api-staging.template.json",
"file": "/Microservices-staging.template.json",
"findings": [
{
"resource": "AWS::ApiGateway::Method.ApiRealLifeIacApidocsGETD91195AC",
"resource": "AWS::ApiGatewayV2::Stage.RestHttpApiDefaultStageB1763296",
"check_ids": [
"CKV_AWS_59"
"CKV_AWS_95"
]
},
{
"resource": "AWS::ApiGateway::Method.ApiRealLifeIacApidownloadsPOST4F856444",
"resource": "AWS::IAM::Policy.BucketNotificationsHandler050a0587b7544547bf325f094a3db834RoleDefaultPolicy2CF63D36",
"check_ids": [
"CKV_AWS_59"
"CKV_AWS_111"
]
},
{
"resource": "AWS::ApiGateway::Method.ApiRealLifeIacApidownloadscountGET970DE9C6",
"resource": "AWS::IAM::Policy.EmailServiceEventsLambdaFunctionServiceRoleDefaultPolicy2F1E71B5",
"check_ids": [
"CKV_AWS_59"
"CKV_AWS_111"
]
},
{
"resource": "AWS::ApiGateway::Method.ApiRealLifeIacApiopenapijsonGET2BAA4320",
"resource": "AWS::IAM::Policy.LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRoleDefaultPolicyADDA7DEB",
"check_ids": [
"CKV_AWS_59"
"CKV_AWS_111"
]
},
{
"resource": "AWS::ApiGateway::Stage.ApiRealLifeIacApiDeploymentStagestaging0074A202",
"resource": "AWS::Lambda::Function.BucketNotificationsHandler050a0587b7544547bf325f094a3db8347ECC3691",
"check_ids": [
"CKV_AWS_120",
"CKV_AWS_76"
"CKV_AWS_115",
"CKV_AWS_117"
]
},
{
"resource": "AWS::DynamoDB::GlobalTable.ApiRealLifeIacDownloads86E08529",
"resource": "AWS::Lambda::Function.DownloadServiceApiLambdaFunctionCA18871D",
"check_ids": [
"CKV_AWS_165"
"CKV_AWS_115"
]
},
{
"resource": "AWS::IAM::Policy.LogRetentionaae0aa3c5b4d4f87b02d85b201efdd8aServiceRoleDefaultPolicyADDA7DEB",
"resource": "AWS::Lambda::Function.EmailServiceApiLambdaFunction37E8A0E1",
"check_ids": [
"CKV_AWS_111"
"CKV_AWS_115"
]
},
{
"resource": "AWS::Lambda::Function.ApiRealLifeIacFunctionC21E83FE",
"resource": "AWS::Lambda::Function.EmailServiceEventsLambdaFunctionB395B436",
"check_ids": [
"CKV_AWS_115"
]
Expand Down
6 changes: 6 additions & 0 deletions .dockerignore
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
*
!code
!alembic.ini
!poetry.lock
!pyproject.toml
!poetry.toml
2 changes: 1 addition & 1 deletion .github/actions/setup/action.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ inputs:
poetry_version:
description: Poetry version
required: false
default: 1.7.1
default: 1.8.3

runs:
using: composite
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/deploy.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ jobs:
with:
role-to-assume: ${{ vars.ROLE_TO_ASSUME }}
aws-region: ${{ vars.AWS_REGION }}
stack-name: Api-sandbox
stack-name: Microservices-sandbox

deploy-staging:
if: github.ref_name == 'main'
Expand All @@ -47,7 +47,7 @@ jobs:
with:
role-to-assume: ${{ vars.ROLE_TO_ASSUME }}
aws-region: ${{ vars.AWS_REGION }}
stack-name: Api-staging
stack-name: Microservices-staging

deploy-production:
if: github.ref_name == 'main'
Expand All @@ -66,4 +66,4 @@ jobs:
with:
role-to-assume: ${{ vars.ROLE_TO_ASSUME }}
aws-region: ${{ vars.AWS_REGION }}
stack-name: Api-production
stack-name: Microservices-production
69 changes: 52 additions & 17 deletions .github/workflows/status-checks.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,43 +1,76 @@
---
name: Status Checks

on:
push:
branches-ignore:
- main
on: push

permissions:
contents: read

jobs:
install-dependencies:
name: Install Deps
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4

- name: Set Up Environment and Cache Dependencies
uses: ./.github/actions/setup
with:
github-token: ${{ secrets.MACHINE_USER_PAT }}

test:
name: Test
runs-on: ubuntu-latest
strategy:
matrix:
path:
- functions/download_service
- functions/email_service
- .
needs:
- install-dependencies
concurrency:
group: test-${{ matrix.path }}-${{ github.workflow }}-${{ github.actor }}-${{ github.ref }}
cancel-in-progress: true
steps:
- uses: actions/checkout@v4

- name: Set Up Environment
- name: Set Up Environment and load Cached Dependencies
uses: ./.github/actions/setup

- name: Install Test Dependencies
- name: Install Dependencies
shell: bash
run: poetry install --with test
run: |
cd ${{ matrix.path }}
poetry install --with test
- name: Pytest
shell: bash
run: poetry run python -m pytest
run: |
cd ${{ matrix.path }}
poetry run python -m pytest
- name: Coverage
shell: bash
run: poetry run coverage lcov
run: |
cd ${{ matrix.path }}
poetry run coverage lcov
lint:
name: Lint
runs-on: ubuntu-latest
needs:
- install-dependencies
concurrency:
group: lint-${{ github.workflow }}-${{ github.actor }}-${{ github.ref }}
cancel-in-progress: true
steps:
- uses: actions/checkout@v4

- name: Set Up Environment
- name: Set Up Environment and load Cached Dependencies
uses: ./.github/actions/setup

- name: Install Lint Dependencies
- name: Install Dependencies
shell: bash
run: poetry install --with lint

Expand All @@ -48,13 +81,18 @@ jobs:
checkov:
name: Checkov
runs-on: ubuntu-latest
needs:
- install-dependencies
concurrency:
group: checkov-${{ github.workflow }}-${{ github.actor }}-${{ github.ref }}
cancel-in-progress: true
steps:
- uses: actions/checkout@v4

- name: Set Up Environment
- name: Set Up Environment and load Cached Dependencies
uses: ./.github/actions/setup

- name: Install Checkov Dependencies
- name: Install Dependencies
shell: bash
run: poetry install --with checkov

Expand All @@ -64,7 +102,4 @@ jobs:

- name: Checkov
shell: bash
run: |
poetry run checkov \
--config-file .checkov \
--baseline .checkov.baseline
run: poetry run checkov --config-file .checkov --baseline .checkov.baseline
6 changes: 1 addition & 5 deletions .gitignore
View file
Original file line number Diff line number Diff line change
Expand Up @@ -358,11 +358,6 @@ fabric.properties

### VisualStudioCode template
.vscode/*
!.vscode/settings.json
!.vscode/tasks.json
!.vscode/launch.json
!.vscode/extensions.json
*.code-workspace

# Local History for Visual Studio Code
.history/
Expand Down Expand Up @@ -476,6 +471,7 @@ celerybeat.pid
# Environments
.env
.venv
.venv.docker
env/
venv/
ENV/
Expand Down
Loading

0 comments on commit a03ba30

Please sign in to comment.