From d341b81ed3c71f5856eaf5af3e3b5f54b435d831 Mon Sep 17 00:00:00 2001
From: Decfox <mehul@openobservatory.org>
Date: Sun, 19 May 2024 12:19:25 +0530
Subject: [PATCH 1/2] add trigger filters to ooniapi pipeline

---
 tf/environments/dev/main.tf                    |  5 ++++-
 tf/modules/ooniapi_service_deployer/main.tf    | 18 ++++++++++++++++++
 .../ooniapi_service_deployer/variables.tf      |  4 ++++
 3 files changed, 26 insertions(+), 1 deletion(-)

diff --git a/tf/environments/dev/main.tf b/tf/environments/dev/main.tf
index 75ec2c6c..f7219004 100644
--- a/tf/environments/dev/main.tf
+++ b/tf/environments/dev/main.tf
@@ -67,6 +67,7 @@ module "adm_iam_roles" {
   source = "../../modules/adm_iam_roles"
 
   authorized_accounts = [
+    "arn:aws:iam::${local.ooni_main_org_id}:user/mehul",
     "arn:aws:iam::${local.ooni_dev_org_id}:user/mehul",
     "arn:aws:iam::${local.ooni_dev_org_id}:user/art",
     "arn:aws:iam::${local.ooni_main_org_id}:user/art"
@@ -317,6 +318,7 @@ module "ooniapi_ooniprobe_deployer" {
   repo                    = "ooni/backend"
   branch_name             = "master"
   buildspec_path          = "ooniapi/services/ooniprobe/buildspec.yml"
+  trigger_path            = "ooniapi/services/ooniprobe/**"
   codestar_connection_arn = aws_codestarconnections_connection.oonidevops.arn
 
   codepipeline_bucket = aws_s3_bucket.ooniapi_codepipeline_bucket.bucket
@@ -358,7 +360,6 @@ module "ooniapi_ooniprobe" {
   )
 }
 
-
 #### OONI Run service
 
 module "ooniapi_oonirun_deployer" {
@@ -368,6 +369,7 @@ module "ooniapi_oonirun_deployer" {
   repo                    = "ooni/backend"
   branch_name             = "master"
   buildspec_path          = "ooniapi/services/oonirun/buildspec.yml"
+  trigger_path            = "ooniapi/services/oonirun/**"
   codestar_connection_arn = aws_codestarconnections_connection.oonidevops.arn
 
   codepipeline_bucket = aws_s3_bucket.ooniapi_codepipeline_bucket.bucket
@@ -415,6 +417,7 @@ module "ooniapi_ooniauth_deployer" {
   repo                    = "ooni/backend"
   branch_name             = "master"
   buildspec_path          = "ooniapi/services/ooniauth/buildspec.yml"
+  trigger_path            = "ooniapi/services/ooniauth/**"
   codestar_connection_arn = aws_codestarconnections_connection.oonidevops.arn
 
   codepipeline_bucket = aws_s3_bucket.ooniapi_codepipeline_bucket.bucket
diff --git a/tf/modules/ooniapi_service_deployer/main.tf b/tf/modules/ooniapi_service_deployer/main.tf
index 15e8c429..a4b36200 100755
--- a/tf/modules/ooniapi_service_deployer/main.tf
+++ b/tf/modules/ooniapi_service_deployer/main.tf
@@ -201,6 +201,24 @@ resource "aws_codepipeline" "ooniapi" {
     aws_codebuild_project.ooniapi
   ]
 
+  trigger {
+    provider_type = "CodeStarSourceConnection"
+
+    git_configuration {
+      source_action_name = "Source"
+      
+      push {
+        branches {
+          includes = ["master"]
+        }
+        file_paths {
+          includes = [var.trigger_path]
+          excludes = ["**/README.md"]
+        }
+      }
+    }
+  }
+
   stage {
     action {
 
diff --git a/tf/modules/ooniapi_service_deployer/variables.tf b/tf/modules/ooniapi_service_deployer/variables.tf
index ff2b7c4c..f35a57bc 100644
--- a/tf/modules/ooniapi_service_deployer/variables.tf
+++ b/tf/modules/ooniapi_service_deployer/variables.tf
@@ -26,6 +26,10 @@ variable "repo" {
   default = "ooni/backend"
 }
 
+variable "trigger_path" {
+  description = "path filter for push changes which trigger the codepipeline eg. ooniapi/services/oonirun/**"
+}
+
 variable "ecs_cluster_name" {
   description = "id of the cluster to deploy into"
 }

From e61a2e67d255f19486382d5bcef4148102fdbefc Mon Sep 17 00:00:00 2001
From: Decfox <mehul@openobservatory.org>
Date: Sun, 19 May 2024 12:57:01 +0530
Subject: [PATCH 2/2] feat: add trigger filters for oonith service deployer

---
 tf/environments/dev/main.tf                     |  1 +
 tf/modules/oonith_service_deployer/main.tf      | 17 +++++++++++++++++
 tf/modules/oonith_service_deployer/variables.tf |  4 ++++
 3 files changed, 22 insertions(+)

diff --git a/tf/environments/dev/main.tf b/tf/environments/dev/main.tf
index f7219004..892b70b3 100644
--- a/tf/environments/dev/main.tf
+++ b/tf/environments/dev/main.tf
@@ -510,6 +510,7 @@ module "oonith_oohelperd_deployer" {
   repo                    = "ooni/probe-cli"
   branch_name             = "master"
   buildspec_path          = "oonith/buildspec.yml"
+  trigger_tag             = "release*"
   codestar_connection_arn = aws_codestarconnections_connection.oonidevops.arn
 
   codepipeline_bucket = aws_s3_bucket.oonith_codepipeline_bucket.bucket
diff --git a/tf/modules/oonith_service_deployer/main.tf b/tf/modules/oonith_service_deployer/main.tf
index 2989c4da..6a4db048 100644
--- a/tf/modules/oonith_service_deployer/main.tf
+++ b/tf/modules/oonith_service_deployer/main.tf
@@ -201,6 +201,23 @@ resource "aws_codepipeline" "oonith" {
     aws_codebuild_project.oonith
   ]
 
+  trigger {
+    provider_type = "CodeStarSourceConnection"
+
+    git_configuration {
+      source_action_name = "Source"
+
+      push {
+        branches {
+          includes = ["master"]
+        }
+        tags {
+          includes = [var.trigger_tag]
+        }
+      }
+    }
+  }
+
   stage {
     action {
 
diff --git a/tf/modules/oonith_service_deployer/variables.tf b/tf/modules/oonith_service_deployer/variables.tf
index ff2b7c4c..2100338b 100644
--- a/tf/modules/oonith_service_deployer/variables.tf
+++ b/tf/modules/oonith_service_deployer/variables.tf
@@ -22,6 +22,10 @@ variable "branch_name" {
   default = "main"
 }
 
+variable "trigger_tag" {
+  description = "tag filters to use to trigger pipeline eg. release-1.0"
+}
+
 variable "repo" {
   default = "ooni/backend"
 }