From b104cfcd77b744710757037a9d5c392782850b3e Mon Sep 17 00:00:00 2001 From: Steven Leighton Date: Wed, 6 Sep 2023 10:51:59 +0100 Subject: [PATCH 1/8] Swap to IRSA generated service account --- .circleci/config.yml | 51 ++++++++++--------- .../templates/deployment.yaml | 2 +- 2 files changed, 27 insertions(+), 26 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 2a21d278..c0775ef9 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -192,32 +192,33 @@ workflows: branches: only: - master + - s3-migration - deploy_to_test_dev: context: *moj-forms-context requires: - build_and_push_image - - deploy_to_test_production: - context: *moj-forms-context - requires: - - build_and_push_image - - acceptance_tests: - context: *moj-forms-context - requires: - - deploy_to_test_dev - - deploy_to_test_production - filters: - branches: - only: master - - deploy_to_live_dev: - context: *moj-forms-context - requires: - - acceptance_tests - - deploy_to_live_production: - context: *moj-forms-context - requires: - - acceptance_tests - - smoke_tests: - context: *moj-forms-context - requires: - - deploy_to_live_dev - - deploy_to_live_production + # - deploy_to_test_production: + # context: *moj-forms-context + # requires: + # - build_and_push_image + # - acceptance_tests: + # context: *moj-forms-context + # requires: + # - deploy_to_test_dev + # - deploy_to_test_production + # filters: + # branches: + # only: master + # - deploy_to_live_dev: + # context: *moj-forms-context + # requires: + # - acceptance_tests + # - deploy_to_live_production: + # context: *moj-forms-context + # requires: + # - acceptance_tests + # - smoke_tests: + # context: *moj-forms-context + # requires: + # - deploy_to_live_dev + # - deploy_to_live_production diff --git a/deploy-eks/fb-user-filestore-chart/templates/deployment.yaml b/deploy-eks/fb-user-filestore-chart/templates/deployment.yaml index 86330d84..ba81711f 100644 --- a/deploy-eks/fb-user-filestore-chart/templates/deployment.yaml +++ b/deploy-eks/fb-user-filestore-chart/templates/deployment.yaml @@ -22,7 +22,7 @@ spec: fb-service-token-cache-access: "true" tier: "frontend" spec: - serviceAccountName: "formbuilder-user-filestore-{{ .Values.environmentName }}" + serviceAccountName: "user-filestore-irsa-{{ .Values.environmentName }}" containers: - name: "fb-user-filestore-api-{{ .Values.environmentName }}" image: "754256621582.dkr.ecr.eu-west-2.amazonaws.com/formbuilder/fb-user-filestore-api:{{ .Values.circleSha1 }}" From 6b01291f676c2c5e87d297cf51a68111e6f685d0 Mon Sep 17 00:00:00 2001 From: Steven Leighton Date: Wed, 6 Sep 2023 11:27:24 +0100 Subject: [PATCH 2/8] Remove long lived creds --- config/application.rb | 16 +++++++-------- .../templates/deployment.yaml | 20 +++++++++---------- 2 files changed, 18 insertions(+), 18 deletions(-) diff --git a/config/application.rb b/config/application.rb index 1a15d1fd..7ca9bb4b 100644 --- a/config/application.rb +++ b/config/application.rb @@ -34,14 +34,14 @@ class Application < Rails::Application # Only loads a smaller set of middleware suitable for API only apps. # Middleware like session, flash, cookies can be added back manually. # Skip views, helpers and assets when generating a new resource. - config.x.s3_internal_bucket_config = { - access_key_id: ENV.fetch('AWS_ACCESS_KEY_ID'), - secret_access_key: ENV.fetch('AWS_SECRET_ACCESS_KEY') - } - config.x.s3_external_bucket_config = { - access_key_id: ENV.fetch('AWS_S3_EXTERNAL_BUCKET_ACCESS_KEY_ID'), - secret_access_key: ENV.fetch('AWS_S3_EXTERNAL_BUCKET_SECRET_ACCESS_KEY') - } + # config.x.s3_internal_bucket_config = { + # access_key_id: ENV.fetch('AWS_ACCESS_KEY_ID'), + # secret_access_key: ENV.fetch('AWS_SECRET_ACCESS_KEY') + # } + # config.x.s3_external_bucket_config = { + # access_key_id: ENV.fetch('AWS_S3_EXTERNAL_BUCKET_ACCESS_KEY_ID'), + # secret_access_key: ENV.fetch('AWS_S3_EXTERNAL_BUCKET_SECRET_ACCESS_KEY') + # } config.api_only = true end end diff --git a/deploy-eks/fb-user-filestore-chart/templates/deployment.yaml b/deploy-eks/fb-user-filestore-chart/templates/deployment.yaml index ba81711f..b5545d22 100644 --- a/deploy-eks/fb-user-filestore-chart/templates/deployment.yaml +++ b/deploy-eks/fb-user-filestore-chart/templates/deployment.yaml @@ -70,16 +70,16 @@ spec: secretKeyRef: name: fb-user-filestore-api-secrets-{{ .Values.environmentName }} key: key_encryption_iv - - name: AWS_ACCESS_KEY_ID - valueFrom: - secretKeyRef: - name: s3-formbuilder-user-filestore-{{ .Values.environmentName }} - key: access_key_id - - name: AWS_SECRET_ACCESS_KEY - valueFrom: - secretKeyRef: - name: s3-formbuilder-user-filestore-{{ .Values.environmentName }} - key: secret_access_key + # - name: AWS_ACCESS_KEY_ID + # valueFrom: + # secretKeyRef: + # name: s3-formbuilder-user-filestore-{{ .Values.environmentName }} + # key: access_key_id + # - name: AWS_SECRET_ACCESS_KEY + # valueFrom: + # secretKeyRef: + # name: s3-formbuilder-user-filestore-{{ .Values.environmentName }} + # key: secret_access_key - name: AWS_S3_BUCKET_NAME valueFrom: secretKeyRef: From e906f3d83d3d5b7e86b6d4ca0d9f9c0f3e8703d5 Mon Sep 17 00:00:00 2001 From: Steven Leighton Date: Wed, 6 Sep 2023 15:23:16 +0100 Subject: [PATCH 3/8] Use the IRSA for the json bucket --- config/environments/test.rb | 20 ++++++------- .../templates/deployment.yaml | 30 +++++++++---------- 2 files changed, 25 insertions(+), 25 deletions(-) diff --git a/config/environments/test.rb b/config/environments/test.rb index 8dabca29..f9aa68ec 100644 --- a/config/environments/test.rb +++ b/config/environments/test.rb @@ -47,16 +47,16 @@ # Annotate rendered view with file names. # config.action_view.annotate_rendered_view_with_filenames = true - config.x.s3_internal_bucket_config = { - access_key_id: ENV.fetch('AWS_ACCESS_KEY_ID'), - secret_access_key: ENV.fetch('AWS_SECRET_ACCESS_KEY'), - stub_responses: true - } - config.x.s3_external_bucket_config = { - access_key_id: ENV.fetch('AWS_S3_EXTERNAL_BUCKET_ACCESS_KEY_ID'), - secret_access_key: ENV.fetch('AWS_S3_EXTERNAL_BUCKET_SECRET_ACCESS_KEY'), - stub_responses: true - } + # config.x.s3_internal_bucket_config = { + # access_key_id: ENV.fetch('AWS_ACCESS_KEY_ID'), + # secret_access_key: ENV.fetch('AWS_SECRET_ACCESS_KEY'), + # stub_responses: true + # } + # config.x.s3_external_bucket_config = { + # access_key_id: ENV.fetch('AWS_S3_EXTERNAL_BUCKET_ACCESS_KEY_ID'), + # secret_access_key: ENV.fetch('AWS_S3_EXTERNAL_BUCKET_SECRET_ACCESS_KEY'), + # stub_responses: true + # } config.hosts.clear end diff --git a/deploy-eks/fb-user-filestore-chart/templates/deployment.yaml b/deploy-eks/fb-user-filestore-chart/templates/deployment.yaml index b5545d22..870db991 100644 --- a/deploy-eks/fb-user-filestore-chart/templates/deployment.yaml +++ b/deploy-eks/fb-user-filestore-chart/templates/deployment.yaml @@ -105,21 +105,21 @@ spec: secretKeyRef: name: json-output-attachments-s3-bucket-{{ .Values.environmentName }} key: bucket_name - - name: AWS_S3_EXTERNAL_BUCKET_ARN - valueFrom: - secretKeyRef: - name: json-output-attachments-s3-bucket-{{ .Values.environmentName }} - key: bucket_arn - - name: AWS_S3_EXTERNAL_BUCKET_ACCESS_KEY_ID - valueFrom: - secretKeyRef: - name: json-output-attachments-s3-bucket-{{ .Values.environmentName }} - key: access_key_id - - name: AWS_S3_EXTERNAL_BUCKET_SECRET_ACCESS_KEY - valueFrom: - secretKeyRef: - name: json-output-attachments-s3-bucket-{{ .Values.environmentName }} - key: secret_access_key + # - name: AWS_S3_EXTERNAL_BUCKET_ARN + # valueFrom: + # secretKeyRef: + # name: json-output-attachments-s3-bucket-{{ .Values.environmentName }} + # key: bucket_arn + # - name: AWS_S3_EXTERNAL_BUCKET_ACCESS_KEY_ID + # valueFrom: + # secretKeyRef: + # name: json-output-attachments-s3-bucket-{{ .Values.environmentName }} + # key: access_key_id + # - name: AWS_S3_EXTERNAL_BUCKET_SECRET_ACCESS_KEY + # valueFrom: + # secretKeyRef: + # name: json-output-attachments-s3-bucket-{{ .Values.environmentName }} + # key: secret_access_key volumes: - name: tmp-files emptyDir: {} From 17a2412182bb5d48d0ea2433075bfc1a8c929275 Mon Sep 17 00:00:00 2001 From: Steven Leighton Date: Wed, 6 Sep 2023 15:30:04 +0100 Subject: [PATCH 4/8] Skip unit tests, run ATs --- .circleci/config.yml | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index c0775ef9..c4827738 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -181,13 +181,14 @@ workflows: context: &moj-forms-context - moj-forms - moj-forms-platform-apps - - test: - requires: - - login-to-aws + # - test: + # requires: + # - login-to-aws - build_and_push_image: context: *moj-forms-context requires: - - test + # - test + - login-to-aws filters: branches: only: @@ -201,11 +202,11 @@ workflows: # context: *moj-forms-context # requires: # - build_and_push_image - # - acceptance_tests: - # context: *moj-forms-context - # requires: - # - deploy_to_test_dev - # - deploy_to_test_production + - acceptance_tests: + context: *moj-forms-context + requires: + - deploy_to_test_dev + # - deploy_to_test_production # filters: # branches: # only: master From 3801fc2a45b801b7111012bc130fa47a6dde10a8 Mon Sep 17 00:00:00 2001 From: Steven Leighton Date: Mon, 11 Sep 2023 15:20:10 +0100 Subject: [PATCH 5/8] Resolve tests and swap to short lived creds --- .circleci/config.yml | 8 +-- .../presigned_s3_urls_controller.rb | 9 ++- app/services/storage/s3/uploader.rb | 11 ++-- spec/services/storage/s3/uploader_spec.rb | 63 ++++++++++--------- 4 files changed, 44 insertions(+), 47 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index c4827738..d3c92827 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -181,13 +181,13 @@ workflows: context: &moj-forms-context - moj-forms - moj-forms-platform-apps - # - test: - # requires: - # - login-to-aws + - test: + requires: + - login-to-aws - build_and_push_image: context: *moj-forms-context requires: - # - test + - test - login-to-aws filters: branches: diff --git a/app/controllers/presigned_s3_urls_controller.rb b/app/controllers/presigned_s3_urls_controller.rb index 607e0659..6d1fc0f9 100644 --- a/app/controllers/presigned_s3_urls_controller.rb +++ b/app/controllers/presigned_s3_urls_controller.rb @@ -32,14 +32,13 @@ def downloader def uploader @uploader ||= Storage::S3::Uploader.new( key: SecureRandom.uuid, - bucket: public_bucket, - s3_config: external_bucket_s3_config + bucket: public_bucket ) end - def external_bucket_s3_config - Rails.configuration.x.s3_external_bucket_config - end + # def external_bucket_s3_config + # Rails.configuration.x.s3_external_bucket_config + # end def key @key ||= KeyForFile.new( diff --git a/app/services/storage/s3/uploader.rb b/app/services/storage/s3/uploader.rb index c3ef0215..6bc51c4e 100644 --- a/app/services/storage/s3/uploader.rb +++ b/app/services/storage/s3/uploader.rb @@ -3,10 +3,9 @@ module Storage module S3 class Uploader - def initialize(key:, bucket:, s3_config: default_s3_config) + def initialize(key:, bucket:) @key = key @bucket = bucket - @s3_config = s3_config end def upload(file_data:) @@ -38,14 +37,12 @@ def s3_url private - attr_accessor :key, :bucket, :s3_config + attr_accessor :key, :bucket - def default_s3_config - Rails.configuration.x.s3_internal_bucket_config - end + REGION = 'eu-west-2'.freeze def client - @client ||= Aws::S3::Client.new(s3_config) + @client ||= Aws::S3::Client.new(region: REGION) end end end diff --git a/spec/services/storage/s3/uploader_spec.rb b/spec/services/storage/s3/uploader_spec.rb index c3931937..a0873f06 100644 --- a/spec/services/storage/s3/uploader_spec.rb +++ b/spec/services/storage/s3/uploader_spec.rb @@ -66,35 +66,36 @@ end end - context 'when different S3 credentials are required' do - let(:bucket) { ENV['AWS_S3_EXTERNAL_BUCKET_NAME'] } - - context 'with default credentials' do - let(:subject) { described_class.new(key: key, bucket: bucket) } - let(:expected_config) do - { - access_key_id: ENV.fetch('AWS_ACCESS_KEY_ID'), - secret_access_key: ENV.fetch('AWS_SECRET_ACCESS_KEY'), - stub_responses: true - } - end - - it 'should create the S3 client with the default credentials' do - expect(Aws::S3::Client).to receive(:new).with(expected_config).and_call_original - subject.upload(file_data: "abc") - end - end - - context 'with alternative credentials' do - let(:subject) do - described_class.new(key: key, bucket: bucket, s3_config: external_config) - end - let(:external_config) { Rails.configuration.x.s3_external_bucket_config } - - it 'should create the S3 client with the injected credentials' do - expect(Aws::S3::Client).to receive(:new).with(external_config).and_call_original - subject.upload(file_data: "abc") - end - end - end + # context 'when different S3 credentials are required' do + # let(:bucket) { ENV['AWS_S3_EXTERNAL_BUCKET_NAME'] } + + # context 'with default credentials' do + # let(:subject) { described_class.new(key: key, bucket: bucket) } + # let(:expected_config) do + # { + # stub_responses: true + # } + # end + + # it 'should create the S3 client with the default credentials' do + # expect(Aws::S3::Client).to receive(:new) + # # expect(Aws::S3::Client).to receive(:new).with(expected_config).and_call_original + # subject.upload(file_data: "abc") + # end + # end + + # maybe skip this now as we let the SDK use the service account to connect to either bucket at will + # context 'with alternative credentials' do + # let(:subject) do + # described_class.new(key: key, bucket: bucket) + # end + # # let(:external_config) { Rails.configuration.x.s3_external_bucket_config } + + # it 'should create the S3 client with the injected credentials' do + # # expect(Aws::S3::Client).to receive(:new).with(external_config).and_call_original + # expect(Aws::S3::Client).to receive(:new) + # subject.upload(file_data: "abc") + # end + # end + # end end From 6ebb1c5d3bde2b4d41b60c81f4301681bfe68755 Mon Sep 17 00:00:00 2001 From: Steven Leighton Date: Mon, 11 Sep 2023 17:17:04 +0100 Subject: [PATCH 6/8] Cleanup --- .circleci/config.yml | 43 +++++++++---------- app/controllers/health_controller.rb | 2 +- .../presigned_s3_urls_controller.rb | 4 -- config/application.rb | 8 ---- config/environments/test.rb | 10 ----- .../templates/deployment.yaml | 30 +++---------- spec/services/storage/s3/uploader_spec.rb | 33 -------------- 7 files changed, 27 insertions(+), 103 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index d3c92827..1511f71e 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -193,33 +193,32 @@ workflows: branches: only: - master - - s3-migration - deploy_to_test_dev: context: *moj-forms-context requires: - build_and_push_image - # - deploy_to_test_production: - # context: *moj-forms-context - # requires: - # - build_and_push_image + - deploy_to_test_production: + context: *moj-forms-context + requires: + - build_and_push_image - acceptance_tests: context: *moj-forms-context requires: - deploy_to_test_dev - # - deploy_to_test_production - # filters: - # branches: - # only: master - # - deploy_to_live_dev: - # context: *moj-forms-context - # requires: - # - acceptance_tests - # - deploy_to_live_production: - # context: *moj-forms-context - # requires: - # - acceptance_tests - # - smoke_tests: - # context: *moj-forms-context - # requires: - # - deploy_to_live_dev - # - deploy_to_live_production + - deploy_to_test_production + filters: + branches: + only: master + - deploy_to_live_dev: + context: *moj-forms-context + requires: + - acceptance_tests + - deploy_to_live_production: + context: *moj-forms-context + requires: + - acceptance_tests + - smoke_tests: + context: *moj-forms-context + requires: + - deploy_to_live_dev + - deploy_to_live_production diff --git a/app/controllers/health_controller.rb b/app/controllers/health_controller.rb index f4b97247..aab08769 100644 --- a/app/controllers/health_controller.rb +++ b/app/controllers/health_controller.rb @@ -13,6 +13,6 @@ def readiness private def internal_bucket_client - Aws::S3::Client.new(Rails.configuration.x.s3_internal_bucket_config) + Aws::S3::Client.new end end diff --git a/app/controllers/presigned_s3_urls_controller.rb b/app/controllers/presigned_s3_urls_controller.rb index 6d1fc0f9..d3b8070f 100644 --- a/app/controllers/presigned_s3_urls_controller.rb +++ b/app/controllers/presigned_s3_urls_controller.rb @@ -36,10 +36,6 @@ def uploader ) end - # def external_bucket_s3_config - # Rails.configuration.x.s3_external_bucket_config - # end - def key @key ||= KeyForFile.new( user_id: params[:user_id], diff --git a/config/application.rb b/config/application.rb index 7ca9bb4b..cc82396d 100644 --- a/config/application.rb +++ b/config/application.rb @@ -34,14 +34,6 @@ class Application < Rails::Application # Only loads a smaller set of middleware suitable for API only apps. # Middleware like session, flash, cookies can be added back manually. # Skip views, helpers and assets when generating a new resource. - # config.x.s3_internal_bucket_config = { - # access_key_id: ENV.fetch('AWS_ACCESS_KEY_ID'), - # secret_access_key: ENV.fetch('AWS_SECRET_ACCESS_KEY') - # } - # config.x.s3_external_bucket_config = { - # access_key_id: ENV.fetch('AWS_S3_EXTERNAL_BUCKET_ACCESS_KEY_ID'), - # secret_access_key: ENV.fetch('AWS_S3_EXTERNAL_BUCKET_SECRET_ACCESS_KEY') - # } config.api_only = true end end diff --git a/config/environments/test.rb b/config/environments/test.rb index f9aa68ec..4963598e 100644 --- a/config/environments/test.rb +++ b/config/environments/test.rb @@ -47,16 +47,6 @@ # Annotate rendered view with file names. # config.action_view.annotate_rendered_view_with_filenames = true - # config.x.s3_internal_bucket_config = { - # access_key_id: ENV.fetch('AWS_ACCESS_KEY_ID'), - # secret_access_key: ENV.fetch('AWS_SECRET_ACCESS_KEY'), - # stub_responses: true - # } - # config.x.s3_external_bucket_config = { - # access_key_id: ENV.fetch('AWS_S3_EXTERNAL_BUCKET_ACCESS_KEY_ID'), - # secret_access_key: ENV.fetch('AWS_S3_EXTERNAL_BUCKET_SECRET_ACCESS_KEY'), - # stub_responses: true - # } config.hosts.clear end diff --git a/deploy-eks/fb-user-filestore-chart/templates/deployment.yaml b/deploy-eks/fb-user-filestore-chart/templates/deployment.yaml index 870db991..ac707e9f 100644 --- a/deploy-eks/fb-user-filestore-chart/templates/deployment.yaml +++ b/deploy-eks/fb-user-filestore-chart/templates/deployment.yaml @@ -70,16 +70,6 @@ spec: secretKeyRef: name: fb-user-filestore-api-secrets-{{ .Values.environmentName }} key: key_encryption_iv - # - name: AWS_ACCESS_KEY_ID - # valueFrom: - # secretKeyRef: - # name: s3-formbuilder-user-filestore-{{ .Values.environmentName }} - # key: access_key_id - # - name: AWS_SECRET_ACCESS_KEY - # valueFrom: - # secretKeyRef: - # name: s3-formbuilder-user-filestore-{{ .Values.environmentName }} - # key: secret_access_key - name: AWS_S3_BUCKET_NAME valueFrom: secretKeyRef: @@ -105,21 +95,11 @@ spec: secretKeyRef: name: json-output-attachments-s3-bucket-{{ .Values.environmentName }} key: bucket_name - # - name: AWS_S3_EXTERNAL_BUCKET_ARN - # valueFrom: - # secretKeyRef: - # name: json-output-attachments-s3-bucket-{{ .Values.environmentName }} - # key: bucket_arn - # - name: AWS_S3_EXTERNAL_BUCKET_ACCESS_KEY_ID - # valueFrom: - # secretKeyRef: - # name: json-output-attachments-s3-bucket-{{ .Values.environmentName }} - # key: access_key_id - # - name: AWS_S3_EXTERNAL_BUCKET_SECRET_ACCESS_KEY - # valueFrom: - # secretKeyRef: - # name: json-output-attachments-s3-bucket-{{ .Values.environmentName }} - # key: secret_access_key + - name: AWS_S3_EXTERNAL_BUCKET_ARN + valueFrom: + secretKeyRef: + name: json-output-attachments-s3-bucket-{{ .Values.environmentName }} + key: bucket_arn volumes: - name: tmp-files emptyDir: {} diff --git a/spec/services/storage/s3/uploader_spec.rb b/spec/services/storage/s3/uploader_spec.rb index a0873f06..43e06493 100644 --- a/spec/services/storage/s3/uploader_spec.rb +++ b/spec/services/storage/s3/uploader_spec.rb @@ -65,37 +65,4 @@ end end end - - # context 'when different S3 credentials are required' do - # let(:bucket) { ENV['AWS_S3_EXTERNAL_BUCKET_NAME'] } - - # context 'with default credentials' do - # let(:subject) { described_class.new(key: key, bucket: bucket) } - # let(:expected_config) do - # { - # stub_responses: true - # } - # end - - # it 'should create the S3 client with the default credentials' do - # expect(Aws::S3::Client).to receive(:new) - # # expect(Aws::S3::Client).to receive(:new).with(expected_config).and_call_original - # subject.upload(file_data: "abc") - # end - # end - - # maybe skip this now as we let the SDK use the service account to connect to either bucket at will - # context 'with alternative credentials' do - # let(:subject) do - # described_class.new(key: key, bucket: bucket) - # end - # # let(:external_config) { Rails.configuration.x.s3_external_bucket_config } - - # it 'should create the S3 client with the injected credentials' do - # # expect(Aws::S3::Client).to receive(:new).with(external_config).and_call_original - # expect(Aws::S3::Client).to receive(:new) - # subject.upload(file_data: "abc") - # end - # end - # end end From 2e89b48584a3b11ca36bad2fc2a1240a289a4a08 Mon Sep 17 00:00:00 2001 From: Steven Leighton Date: Tue, 12 Sep 2023 10:19:54 +0100 Subject: [PATCH 7/8] Deploy to test-prod --- .circleci/config.yml | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 1511f71e..56badd0a 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -188,11 +188,11 @@ workflows: context: *moj-forms-context requires: - test - - login-to-aws filters: branches: only: - master + - s3-migration - deploy_to_test_dev: context: *moj-forms-context requires: @@ -209,16 +209,16 @@ workflows: filters: branches: only: master - - deploy_to_live_dev: - context: *moj-forms-context - requires: - - acceptance_tests - - deploy_to_live_production: - context: *moj-forms-context - requires: - - acceptance_tests - - smoke_tests: - context: *moj-forms-context - requires: - - deploy_to_live_dev - - deploy_to_live_production + # - deploy_to_live_dev: + # context: *moj-forms-context + # requires: + # - acceptance_tests + # - deploy_to_live_production: + # context: *moj-forms-context + # requires: + # - acceptance_tests + # - smoke_tests: + # context: *moj-forms-context + # requires: + # - deploy_to_live_dev + # - deploy_to_live_production From c83d03966fe96c2a939adcbeeeab19e334c0910f Mon Sep 17 00:00:00 2001 From: Steven Leighton Date: Wed, 13 Sep 2023 13:49:33 +0100 Subject: [PATCH 8/8] Ready to merge --- .circleci/config.yml | 27 +++++++++++++-------------- 1 file changed, 13 insertions(+), 14 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 56badd0a..2a21d278 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -192,7 +192,6 @@ workflows: branches: only: - master - - s3-migration - deploy_to_test_dev: context: *moj-forms-context requires: @@ -209,16 +208,16 @@ workflows: filters: branches: only: master - # - deploy_to_live_dev: - # context: *moj-forms-context - # requires: - # - acceptance_tests - # - deploy_to_live_production: - # context: *moj-forms-context - # requires: - # - acceptance_tests - # - smoke_tests: - # context: *moj-forms-context - # requires: - # - deploy_to_live_dev - # - deploy_to_live_production + - deploy_to_live_dev: + context: *moj-forms-context + requires: + - acceptance_tests + - deploy_to_live_production: + context: *moj-forms-context + requires: + - acceptance_tests + - smoke_tests: + context: *moj-forms-context + requires: + - deploy_to_live_dev + - deploy_to_live_production