From 6354bc02dbde855dc37a6010dd1418e8ea1c46fb Mon Sep 17 00:00:00 2001 From: Martyn Inglis Date: Thu, 7 Jan 2016 15:28:21 +0000 Subject: [PATCH 1/4] Make repo be owned by ubuntu not root post code deploy deployment. --- appspec.yml | 4 ++++ scripts/aws_change_ownership.sh | 5 +++++ 2 files changed, 9 insertions(+) create mode 100755 scripts/aws_change_ownership.sh diff --git a/appspec.yml b/appspec.yml index cefddcb1d..8d617ca3d 100644 --- a/appspec.yml +++ b/appspec.yml @@ -9,6 +9,10 @@ hooks: location: scripts/aws_install_dependencies.sh runas: root timeout: 300 + - + location: scripts/aws_change_ownership.sh + runas: root + timeout: 300 ApplicationStart: - location: scripts/aws_start_app.sh diff --git a/scripts/aws_change_ownership.sh b/scripts/aws_change_ownership.sh new file mode 100755 index 000000000..411d380b1 --- /dev/null +++ b/scripts/aws_change_ownership.sh @@ -0,0 +1,5 @@ +#!/bin/bash + +echo "Chown application to be owned by ubuntu" +cd /home/ubuntu/; +chown -R ubuntu:ubuntu notifications-api From 48347f32f9b05b945d07f5ac3c9b149d07a4b5ed Mon Sep 17 00:00:00 2001 From: Martyn Inglis Date: Fri, 8 Jan 2016 16:18:34 +0000 Subject: [PATCH 2/4] Updated aws accesskey/secret --- .travis.yml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/.travis.yml b/.travis.yml index 0e1b69fee..0c99e6a14 100644 --- a/.travis.yml +++ b/.travis.yml @@ -16,9 +16,9 @@ notifications: secure: vCmpAjdXkprqGzSnQzcco1lNiFuj/nRQdlVTGSnvg2HEqZUM5vzmWtQYw3WNS/bcgbVxV/nLgza17cdsmFqOuaZll4kDM0swnmk17eynImAHPFF/flGsNcw4oRV7WzWrq7j1TvGzJzxJkHYOjJFk0iMLM7+P76sWHI6Oa5NHQYH2l7a4hqzqmuUKaloHeZX/Ro2RmFE+/t/SfNr0pmtTRO4CfLfPUdUs9D8Mx0cyc1Z9Ke4Cq+R2Lsp8BwH0nye6pb9cI4h1YmUY/Xt8O1Z0QbncHZviWojSB2vV0V5WQPzqjjseAznJ1depK/LPOlRHlqddkEbGK28rDwsxbzY1q3DCZZiZZTXBD80HyNr/J4rfRAXhoCafwR57cqqIQ7G/fb5A/ckUM8TFKqUPh7wvu67OAiSWJmO78C8fumF3HxcoGp7DQOQPFLtWGuCfh2zjI9WbUhiHQwWl9/9qpgMEuXH7LOJAzgQbEp1A7XRmT2GupYEkGdFMwT8ojp8OXds08diEy1FNonWAtFZs8pO92urK862pCRB8WRQZWMjpcnif1Ht4QtwYFO9iVp5ygReTEoFuiQPMAypCVCzKgHe/W8LX55xzSnlUQqDU2NzN37LfC4ctS1h3BfIIU5KP9PmdgkKRUWcrFE3eMXPG36OdU4hRj4FMURzmAOZYhaSXuP8= deploy: - provider: s3 - access_key_id: AKIAI37IS2VAC5PJHHDA + access_key_id: AKIAJQPPNM6P6V53SWKA secret_access_key: &1 - secure: Ztj8D7S7YQAarbdF7T0XFRNDTzop/vrPdZL5e07L7c5TwXqr3Dy2ZcKDZMCDTkjgsx7cVu5OhtRtG/+k2FbfQqDrvyYI6jssSIokTdWdXLVdbtI4BqgEcoxouLgOIgAdqV1BzqfDVPiu9GUIlDIT1f/VjU3sRQGw5ioWXvwYkdzuqI+bXir8/Y1Vzcupqn7BoP2iyhB3FZ4HxHUjqau1g2g++17jfFgIghg6zaAuLWB3raGjWo6H+BvieZqIma0p643rs39fXjr8lIfvP8FGlKSTXzQX2+KGSjdTJx64KRSdO9iFuiedL1dkSbEXNebh2Q9M1FDdWmrO6PsgRFtQI0Kgy/3CATqlEEOjgPjBSyDIfzPGE+HBDyTId1hy2u/0BekDQRfJeCikV8ebcWRTjyr+j2EvUhhmDDQrZusyz25UA7IuurVEPVT/mzAEFseu4dMcKTlmk4Jo8eFqcrtyLcFpH7QPCwwIj7MjUlzwepvgxuhGR/UHIMDH7R8QLVuT3beE+AyumyJb0QHt4yLlg6WHxaK5ayNQBVm20yD64dRKQsEMvdewVz9fLhoa4sV5PNqBn0yghdiKnQA2XynBen8hEbpuraN/wvX9z+STMoR/fG33X2XwAn3f08qO1RzMy4mxsq75tkD8yR8i/JAMtawARuBzSk3asXol/EtwlbQ= + secure: irusc9JdTbXhKPMYUEHIOPXk7cCCleRsXXW/ZOAEWcHtdtuF6YNACsN3pywwyZ9UU+MqZb8lD3UH77o3u7BtuyPPv5JDy7cB7AoIX6EAaZIdxAS4v2tTpLPh6oS2QtfI1U5giI2g2C5IkRZIIrqiWtT63y0eReL5z5r5x7kEY5U7UOMrIL0w2m/frate0a4Q380ZbjRA1X0PcQ3IeavxQbTEYug+XEaKcpjqIFFwxeNYu814Ox7fMm+bqpG7TuwDF2i1+jAlX3NZSiuUBBYpHqgK6EARnCNwi8Yr2+CBO6ykXY1lcVn13+cSsFXDP7lgkK/BJUewWIrkQ6EL28ntTaG3cpZhSMB2fc21VRNnVzNDfzf9R+bI/Xy45fyraTVZ2Xun8j262SAM+F8D6Ivt1Y+n8aRHN0U8P//Yhfx2TMTFoHLhGUp076FDPKmcWRWpYikMzmTR/oVu6yE5OacntYBp8dE1QGrVSR//rRHK6QkQeDbnp/cSbOiZY92PeYeDjCLbZMrqASONWtzR6V0CPu/++iLw0mODd2xRlpsnFcpF8ygxFtAgOUrKXbAdu9JNdNE1pPE2FMDb6DKAuIxrRQT8ceUwhEChR7UGERTtbr2deyc+4f+MpmUK59uaqdG6y5q0KsiXhUTyzmKVLGxr/dyA5cATtsFDCx8caM0Qx6I= local_dir: dpl_cd_upload skip_cleanup: true region: eu-west-1 @@ -26,7 +26,7 @@ deploy: repo: alphagov/notifications-api bucket: notifications-api-codedeploy - provider: codedeploy - access_key_id: AKIAI37IS2VAC5PJHHDA + access_key_id: AKIAJQPPNM6P6V53SWKA secret_access_key: *1 bucket: notifications-api-codedeploy key: notifications-api.zip @@ -39,3 +39,5 @@ before_deploy: - zip -r notifications-api * - mkdir -p dpl_cd_upload - mv notifications-api.zip dpl_cd_upload/notifications-api.zip + + From e21fbbbb189b2767417980046b9f29d7c5ff094a Mon Sep 17 00:00:00 2001 From: Martyn Inglis Date: Mon, 11 Jan 2016 14:48:14 +0000 Subject: [PATCH 3/4] Added build numbers to S3 artifacts --- .travis.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.travis.yml b/.travis.yml index 0c99e6a14..68f1e1881 100644 --- a/.travis.yml +++ b/.travis.yml @@ -29,7 +29,7 @@ deploy: access_key_id: AKIAJQPPNM6P6V53SWKA secret_access_key: *1 bucket: notifications-api-codedeploy - key: notifications-api.zip + key: notifications-api-$TRAVIS_BRANCH-$TRAVIS_BUILD_NUMBER-$TRAVIS_COMMIT.zip bundle_type: zip application: notifications-api deployment_group: notifications_api_deployment_group @@ -38,6 +38,6 @@ deploy: before_deploy: - zip -r notifications-api * - mkdir -p dpl_cd_upload -- mv notifications-api.zip dpl_cd_upload/notifications-api.zip +- mv notifications-api.zip dpl_cd_upload/notifications-api-$TRAVIS_BRANCH-$TRAVIS_BUILD_NUMBER-$TRAVIS_COMMIT.zip From 7f9e73b009bd404268eff09c37ee14ba64ed88ec Mon Sep 17 00:00:00 2001 From: Martyn Inglis Date: Mon, 11 Jan 2016 15:24:41 +0000 Subject: [PATCH 4/4] wsgi scripts always in live mode --- wsgi.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/wsgi.py b/wsgi.py index 358d76c0b..febb098ce 100644 --- a/wsgi.py +++ b/wsgi.py @@ -1,7 +1,6 @@ from app import create_app -import os -application = create_app(os.getenv('NOTIFICATIONS_API_ENVIRONMENT') or 'development') +application = create_app('live') if __name__ == "__main__": application.run()