The infrastructure only needs to be setup once for both node-express-rest-api template and react-mui-rtk, it's the same README for both
We are using pulumi to create our needed AWS infrastructure and deploy to it.
The Pulumi setup will use an s3 bucket as it's backend.
The Pulumi is divided into to 2 project with one stack each (a stack is like an environment).
- under the folder
node-express-rest-api/infrawe have thenode-rest-apiproject withrest-api-devstack - under the folder
react-mui-rtk/infrawe have thereact-frontendproject withfrontend-devstack, notice that the frontend stack refers to the rest-api stack, so api must be created first
Currently the following github actions exist for both frontend and backend
- build.yaml - will build the project each commit & PR to
mainbranch - release.yaml - will create the AWS resources needed and deploy to them when creating a tag with the following structure
v*.*.*
- Download pulumi cli from here
- Download aws cli from here
- An AWS account
- Cloning both
node-express-rest-apiandreact-mui-rtktemplates and renaming them for you project
-
Create an AWS user for pulumi to use (go to IAM)
call the user
pulumi-access-keyCheck "Access key - Programmatic access" checkbox Go to "attach existing policies directly" choose the following:- AmazonS3FullAccess
- CloudFrontFullAccess
- AmazonEC2FullAccess
- AmazonEC2ContainerRegistryFullAccess
- AmazonECS_FullAccess
- AmazonRDSFullAccess
- CloudWatchFullAccess
- IAMFullAccess
download the CSV or copy the Access key ID & Secret access key
-
Go to S3 and create a bucket named
{project-name}-pulumi-infra(it has to be globally unique) choose eu-west-1 region, then the "Create bucket" button
-
Go to
.github/release.yamlin both projects and replace thecloud-urlparam with the bucket name you just createds3://{project-name}-pulumi-infra -
Go to both your github repositories and in Settings tab -> Actions -> New repository secret and create the following secrets:
- AWS_ACCESS_KEY_ID - from the csv
- AWS_SECRET_ACCESS_KEY - from the csv
- AWS_REGION - preferably eu-west-1
- PULUMI_CONFIG_PASSPHRASE - whatever you want
- You can change the pulumi project name in
Pulumi.yaml,Pulumi.rest-api-dev.yaml&Pulumi.frontend-dev.yamlto match you project, it's preferable to do so before setting the secrets and environment variables - Setting up Pulumi locally and adding secrets
- In you terminal export the following environment variable same as above
$ export AWS_ACCESS_KEY_ID= $ export AWS_SECRET_ACCESS_KEY= $ export AWS_REGION= $ export PULUMI_CONFIG_PASSPHRASE=
- Connect pulumi to use our bucket as a backend
$ pulumi login s3://{project-name}-pulumi-infra $ cd node-express-rest-api/infra # path may vary depending on where you clone it $ pulumi stack init rest-api-dev $ cd react-mui-rtk/infra # path may vary depending on where you clone it $ pulumi stack init frontend-dev- Now set pulumi secrets
$ pulumi config set --secret dbPassword <some-password> # notice the -- and the '' otherwise setting an RSA key from terminal WILL NOT work $ pulumi config set --secret jwtPrivateKey -- '<some-rsa-private-key>' $ pulumi config set --secret jwtPublicKey -- '<some-rsa-public-key>'
- Notice that Pulumi has additional environment variable defined in
Pulumi.rest-api-dev.yaml&Pulumi.frontend-dev.yamlyou can change them manually in the yaml.