diff --git a/.aws/adminapi/TaskDefinition.production.json b/.aws/adminapi/TaskDefinition.production.json new file mode 100644 index 000000000..58f25bff0 --- /dev/null +++ b/.aws/adminapi/TaskDefinition.production.json @@ -0,0 +1,289 @@ +{ + "volumes": [ + { + "name": "config-mount", + "host": {} + } + ], + "containerDefinitions": [ + { + "name": "adminapi", + "image": "460116816372.dkr.ecr.eu-west-1.amazonaws.com/@[templar;replace;incoming_domain]-@[templar;replace;incoming_application]:@[templar;replace;version]", + "portMappings": [ + { + "containerPort": 11004, + "hostPort": 11004, + "protocol": "tcp" + } + ], + "essential": true, + "environment": [ + { + "name": "Serilog__Properties__Application", + "value": "basisregisters-staging-association-registry-admin-api" + }, + { + "name": "ASPNETCORE_ENVIRONMENT", + "value": "staging" + }, + { + "name": "Serilog__MinimumLevel__Default", + "value": "Information" + }, + { + "name": "Serilog__WriteTo__0__Name", + "value": "Console" + }, + { + "name": "Serilog__WriteTo__0__Args__formatter", + "value": "Serilog.Formatting.Compact.RenderedCompactJsonFormatter, Serilog.Formatting.Compact" + }, + { + "name": "PostgreSQLOptions__Host", + "value": "pverenigingsregisterdatabase-postgres.crygspapdm1x.eu-west-1.rds.amazonaws.com:5432" + }, + { + "name": "PostgreSQLOptions__database", + "value": "verenigingsregister" + }, + { + "name": "BaseUrl", + "value": "https://beheer.new.verenigingen.staging-vlaanderen.be/" + }, + { + "name": "PublicApiBaseUrl", + "value": "https://publiek.new.verenigingen.staging-vlaanderen.be/" + }, + { + "name": "OAuth2IntrospectionOptions__Authority", + "value": "https://authenticatie-ti.vlaanderen.be" + }, + { + "name": "OAuth2IntrospectionOptions__IntrospectionEndpoint", + "value": "https://authenticatie-ti.vlaanderen.be/op/v1/introspect" + }, + { + "name": "ElasticClientOptions__Uri", + "value": "https://7fbcd3c2c56a49e6ae3fae309036c531.es.ops.vl.be:9243/" + }, + { + "name": "ElasticClientOptions__Indices__Verenigingen", + "value": "verenigingsregister-staging-admin-verenigingen" + }, + { + "name": "MagdaOptions__Afzender", + "value": "kbbj.vlaanderen.be/dv/verenigingsregister-aip" + }, + { + "name": "MagdaOptions__Ontvanger", + "value": "vip.vlaanderen.be" + }, + { + "name": "MagdaOptions__GeefOndernemingEndpoint", + "value": "https://magdaondernemingdienst-aip.vlaanderen.be/GeefOndernemingDienst-02.00/soap/WebService" + }, + { + "name": "MagdaOptions__Hoedanigheid", + "value": "7001" + } + ], + "dockerLabels": { + "contact": "aiv.systemteam@kb.vlaanderen.be", + "environment": "@[templar;replace;incoming_environment]", + "productcode": "P009", + "programma": "AGB" + }, + "ulimits": [ + { + "name": "nofile", + "softLimit": 65536, + "hardLimit": 65536 + } + ], + "logConfiguration": { + "logDriver": "awslogs", + "options": { + "awslogs-group": "/ecs-logs/@[templar;replace;incoming_environment]/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/app", + "awslogs-region": "eu-west-1", + "awslogs-stream-prefix": "ecs" + } + }, + "linuxParameters": { + "initProcessEnabled": true + }, + "secrets": [ + { + "name": "PostgreSQLOptions__username", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/postgres-user" + }, + { + "name": "PostgreSQLOptions__password", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/postgres-password" + }, + { + "name": "OAuth2IntrospectionOptions__ClientId", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/OAuth2IntrospectionOptions__ClientId" + }, + { + "name": "OAuth2IntrospectionOptions__ClientSecret", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/OAuth2IntrospectionOptions__ClientSecret" + }, + { + "name": "ElasticClientOptions__Username", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/elasticsearch-username" + }, + { + "name": "ElasticClientOptions__Password", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/elasticsearch-password" + }, + { + "name": "MagdaOptions__ClientCertificate", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/magda-client-cert" + }, + { + "name": "MagdaOptions__ClientCertificatePassword", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/magda-client-cert-password" + }, + { + "name": "TemporaryMagdaVertegenwoordigers", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/magda-temp-vertegenwoordigers" + } + ] + }, + { + "name": "init-container", + "image": "460116816372.dkr.ecr.eu-west-1.amazonaws.com/verenigingsregister-amazon/aws-cli:2.11.2", + "essential": false, + "command": [ + "s3", "cp", "s3://@[templar;replace;incoming_domain]-@[templar;replace;incoming_application]-production/otlp.yml", "/etc/config/otlp.yml"], + "mountPoints": [ + { + "sourceVolume": "config-mount", + "containerPath": "/etc/config/" + } + ], + "environment": [], + "dockerLabels": { + "contact": "aiv.systemteam@kb.vlaanderen.be", + "environment": "@[templar;replace;incoming_environment]", + "productcode": "P009", + "programma": "AGB" + }, + "logConfiguration": { + "logDriver": "awslogs", + "options": { + "awslogs-group": "/ecs-logs/@[templar;replace;incoming_environment]/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/init", + "awslogs-region": "eu-west-1", + "awslogs-stream-prefix": "ecs" + } + }, + "secrets": [] + }, + { + "name": "otel-collector", + "dependsOn": [ + { + "containerName": "init-container", + "condition": "COMPLETE" + } + ], + "image": "460116816372.dkr.ecr.eu-west-1.amazonaws.com/verenigingsregister-otel/opentelemetry-collector", + "command": [ + "--config=/etc/config/otlp.yml" + ], + "portMappings": [ + { + "containerPort": 4317, + "hostPort": 4317, + "protocol": "tcp" + }, + { + "containerPort": 4318, + "hostPort": 4318, + "protocol": "tcp" + }, + { + "containerPort": 13133, + "hostPort": 13133, + "protocol": "tcp" + } + ], + "essential": false, + "mountPoints": [ + { + "sourceVolume": "config-mount", + "containerPath": "/etc/config/" + } + ], + "environment": [], + "dockerLabels": { + "contact": "aiv.systemteam@kb.vlaanderen.be", + "environment": "@[templar;replace;incoming_environment]", + "productcode": "P009", + "programma": "AGB" + }, + "logConfiguration": { + "logDriver": "awslogs", + "options": { + "awslogs-group": "/ecs-logs/@[templar;replace;incoming_environment]/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/otel-collector", + "awslogs-region": "eu-west-1", + "awslogs-stream-prefix": "ecs", + "awslogs-create-group": "True" + } + }, + "secrets": [] + }, + { + "name": "elastic-agent", + "dependsOn": [ + { + "containerName": "init-container", + "condition": "COMPLETE" + } + ], + "image": "docker.elastic.co/beats/elastic-agent:8.8.2", + "command": [ + "elastic-agent container -h" + ], + "essential": false, + "dockerLabels": { + "contact": "aiv.systemteam@kb.vlaanderen.be", + "environment": "@[templar;replace;incoming_environment]", + "productcode": "P009", + "programma": "AGB" + }, + "logConfiguration": { + "logDriver": "awslogs", + "options": { + "awslogs-group": "/ecs-logs/@[templar;replace;incoming_environment]/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/elastic-agent", + "awslogs-region": "eu-west-1", + "awslogs-stream-prefix": "ecs", + "awslogs-create-group": "True" + } + }, + "environment": [ + { + "name": "FLEET_URL", + "value": "https://85f01854f72640c996587ced2d56fa73.fleet.es.ops.vl.be:9243" + }, + { + "name": "FLEET_ENROLLMENT_TOKEN", + "value": "SERCaHo0c0ItSGxOQVBjaUh1T3c6ZGx4WlVfUnFRVHE4RjNaeWhrVmhLdw==" + }, + { + "name": "FLEET_ENROLL", + "value": "1" + } + ] + } + ], + "family": "ecs-@[templar;replace;incoming_environment]-@[templar;replace;incoming_domain]-@[templar;replace;incoming_application]", + "executionRoleArn": "arn:aws:iam::@[templar;replace;incoming_aws_account_id]:role/rl-ecs-task-exec-@[templar;replace;incoming_environment]-@[templar;replace;incoming_domain]-@[templar;replace;incoming_application]", + "taskRoleArn": "arn:aws:iam::@[templar;replace;incoming_aws_account_id]:role/rl-ecs-task-@[templar;replace;incoming_environment]-@[templar;replace;incoming_domain]-@[templar;replace;incoming_application]", + "networkMode": "awsvpc", + "requiresCompatibilities": [ + "FARGATE" + ], + "cpu": "512", + "memory": "2048" +} \ No newline at end of file diff --git a/.aws/adminapi/TaskDefinition.staging.json b/.aws/adminapi/TaskDefinition.staging.json new file mode 100644 index 000000000..58fec33d8 --- /dev/null +++ b/.aws/adminapi/TaskDefinition.staging.json @@ -0,0 +1,293 @@ +{ + "volumes": [ + { + "name": "config-mount", + "host": {} + } + ], + "containerDefinitions": [ + { + "name": "adminapi", + "image": "460116816372.dkr.ecr.eu-west-1.amazonaws.com/@[templar;replace;incoming_domain]-@[templar;replace;incoming_application]:@[templar;replace;version]", + "portMappings": [ + { + "containerPort": 11004, + "hostPort": 11004, + "protocol": "tcp" + } + ], + "essential": true, + "environment": [ + { + "name": "Serilog__Properties__Application", + "value": "basisregisters-staging-association-registry-admin-api" + }, + { + "name": "ASPNETCORE_ENVIRONMENT", + "value": "staging" + }, + { + "name": "Serilog__MinimumLevel__Default", + "value": "Information" + }, + { + "name": "Serilog__WriteTo__0__Name", + "value": "Console" + }, + { + "name": "Serilog__WriteTo__0__Args__formatter", + "value": "Serilog.Formatting.Compact.RenderedCompactJsonFormatter, Serilog.Formatting.Compact" + }, + { + "name": "PostgreSQLOptions__Host", + "value": "sverenigingsregisterdatabase-postgres.cbepriyj7vem.eu-west-1.rds.amazonaws.com:5432" + }, + { + "name": "PostgreSQLOptions__database", + "value": "verenigingsregister" + }, + { + "name": "BaseUrl", + "value": "https://beheer.new.verenigingen.staging-vlaanderen.be/" + }, + { + "name": "PublicApiBaseUrl", + "value": "https://publiek.new.verenigingen.staging-vlaanderen.be/" + }, + { + "name": "OAuth2IntrospectionOptions__Authority", + "value": "https://authenticatie-ti.vlaanderen.be" + }, + { + "name": "OAuth2IntrospectionOptions__IntrospectionEndpoint", + "value": "https://authenticatie-ti.vlaanderen.be/op/v1/introspect" + }, + { + "name": "ElasticClientOptions__Uri", + "value": "https://7fbcd3c2c56a49e6ae3fae309036c531.es.ops.vl.be:9243/" + }, + { + "name": "ElasticClientOptions__Indices__Verenigingen", + "value": "@[templar;replace;incoming_domain]-staging-admin-verenigingen" + }, + { + "name": "ElasticClientOptions__Indices__DuplicateDetection", + "value": "@[templar;replace;incoming_domain]-staging-admin-duplicatedetection" + }, + { + "name": "MagdaOptions__Afzender", + "value": "kbbj.vlaanderen.be/dv/verenigingsregister-aip" + }, + { + "name": "MagdaOptions__Ontvanger", + "value": "vip.vlaanderen.be" + }, + { + "name": "MagdaOptions__GeefOndernemingEndpoint", + "value": "https://magdaondernemingdienst-aip.vlaanderen.be/GeefOndernemingDienst-02.00/soap/WebService" + }, + { + "name": "MagdaOptions__Hoedanigheid", + "value": "7001" + } + ], + "dockerLabels": { + "contact": "aiv.systemteam@kb.vlaanderen.be", + "environment": "@[templar;replace;incoming_environment]", + "productcode": "P009", + "programma": "AGB" + }, + "ulimits": [ + { + "name": "nofile", + "softLimit": 65536, + "hardLimit": 65536 + } + ], + "logConfiguration": { + "logDriver": "awslogs", + "options": { + "awslogs-group": "/ecs-logs/@[templar;replace;incoming_environment]/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/app", + "awslogs-region": "eu-west-1", + "awslogs-stream-prefix": "ecs" + } + }, + "linuxParameters": { + "initProcessEnabled": true + }, + "secrets": [ + { + "name": "PostgreSQLOptions__username", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/postgres-user" + }, + { + "name": "PostgreSQLOptions__password", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/postgres-password" + }, + { + "name": "OAuth2IntrospectionOptions__ClientId", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/OAuth2IntrospectionOptions__ClientId" + }, + { + "name": "OAuth2IntrospectionOptions__ClientSecret", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/OAuth2IntrospectionOptions__ClientSecret" + }, + { + "name": "ElasticClientOptions__Username", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/elasticsearch-username" + }, + { + "name": "ElasticClientOptions__Password", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/elasticsearch-password" + }, + { + "name": "MagdaOptions__ClientCertificate", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/magda-client-cert" + }, + { + "name": "MagdaOptions__ClientCertificatePassword", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/magda-client-cert-password" + }, + { + "name": "TemporaryMagdaVertegenwoordigers", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/magda-temp-vertegenwoordigers" + } + ] + }, + { + "name": "init-container", + "image": "460116816372.dkr.ecr.eu-west-1.amazonaws.com/verenigingsregister-amazon/aws-cli:2.11.2", + "essential": false, + "command": [ + "s3", "cp", "s3://@[templar;replace;incoming_domain]-@[templar;replace;incoming_application]-staging/otlp.yml", "/etc/config/otlp.yml"], + "mountPoints": [ + { + "sourceVolume": "config-mount", + "containerPath": "/etc/config/" + } + ], + "environment": [], + "dockerLabels": { + "contact": "aiv.systemteam@kb.vlaanderen.be", + "environment": "@[templar;replace;incoming_environment]", + "productcode": "P009", + "programma": "AGB" + }, + "logConfiguration": { + "logDriver": "awslogs", + "options": { + "awslogs-group": "/ecs-logs/@[templar;replace;incoming_environment]/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/init", + "awslogs-region": "eu-west-1", + "awslogs-stream-prefix": "ecs" + } + }, + "secrets": [] + }, + { + "name": "otel-collector", + "dependsOn": [ + { + "containerName": "init-container", + "condition": "COMPLETE" + } + ], + "image": "460116816372.dkr.ecr.eu-west-1.amazonaws.com/verenigingsregister-otel/opentelemetry-collector", + "command": [ + "--config=/etc/config/otlp.yml" + ], + "portMappings": [ + { + "containerPort": 4317, + "hostPort": 4317, + "protocol": "tcp" + }, + { + "containerPort": 4318, + "hostPort": 4318, + "protocol": "tcp" + }, + { + "containerPort": 13133, + "hostPort": 13133, + "protocol": "tcp" + } + ], + "essential": false, + "mountPoints": [ + { + "sourceVolume": "config-mount", + "containerPath": "/etc/config/" + } + ], + "environment": [], + "dockerLabels": { + "contact": "aiv.systemteam@kb.vlaanderen.be", + "environment": "@[templar;replace;incoming_environment]", + "productcode": "P009", + "programma": "AGB" + }, + "logConfiguration": { + "logDriver": "awslogs", + "options": { + "awslogs-group": "/ecs-logs/@[templar;replace;incoming_environment]/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/otel-collector", + "awslogs-region": "eu-west-1", + "awslogs-stream-prefix": "ecs", + "awslogs-create-group": "True" + } + }, + "secrets": [] + }, + { + "name": "elastic-agent", + "dependsOn": [ + { + "containerName": "init-container", + "condition": "COMPLETE" + } + ], + "image": "docker.elastic.co/beats/elastic-agent:8.8.2", + "command": [ + "elastic-agent container -h" + ], + "essential": false, + "dockerLabels": { + "contact": "aiv.systemteam@kb.vlaanderen.be", + "environment": "@[templar;replace;incoming_environment]", + "productcode": "P009", + "programma": "AGB" + }, + "logConfiguration": { + "logDriver": "awslogs", + "options": { + "awslogs-group": "/ecs-logs/@[templar;replace;incoming_environment]/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/elastic-agent", + "awslogs-region": "eu-west-1", + "awslogs-stream-prefix": "ecs", + "awslogs-create-group": "True" + } + }, + "environment": [ + { + "name": "FLEET_URL", + "value": "https://bb9eb4dbb675464882c5d235ed053673.fleet.es.ops.vl.be:9243" + }, + { + "name": "FLEET_ENROLLMENT_TOKEN", + "value": "NXRIbGdJc0JZX3M2MUNrOF9EMHA6am9Xa2JwbURUcXFzVzlINWptbFpVUQ==" + }, + { + "name": "FLEET_ENROLL", + "value": "1" + } + ] + } + ], + "family": "ecs-@[templar;replace;incoming_environment]-@[templar;replace;incoming_domain]-@[templar;replace;incoming_application]", + "executionRoleArn": "arn:aws:iam::@[templar;replace;incoming_aws_account_id]:role/rl-ecs-task-exec-@[templar;replace;incoming_environment]-@[templar;replace;incoming_domain]-@[templar;replace;incoming_application]", + "taskRoleArn": "arn:aws:iam::@[templar;replace;incoming_aws_account_id]:role/rl-ecs-task-@[templar;replace;incoming_environment]-@[templar;replace;incoming_domain]-@[templar;replace;incoming_application]", + "networkMode": "awsvpc", + "requiresCompatibilities": [ + "FARGATE" + ], + "cpu": "512", + "memory": "2048" +} \ No newline at end of file diff --git a/.aws/adminapi/TaskDefinition.test.json b/.aws/adminapi/TaskDefinition.test.json new file mode 100644 index 000000000..6c4f1e6e1 --- /dev/null +++ b/.aws/adminapi/TaskDefinition.test.json @@ -0,0 +1,293 @@ +{ + "volumes": [ + { + "name": "config-mount", + "host": {} + } + ], + "containerDefinitions": [ + { + "name": "adminapi", + "image": "460116816372.dkr.ecr.eu-west-1.amazonaws.com/@[templar;replace;incoming_domain]-@[templar;replace;incoming_application]:@[templar;replace;version]", + "portMappings": [ + { + "containerPort": 11004, + "hostPort": 11004, + "protocol": "tcp" + } + ], + "essential": true, + "environment": [ + { + "name": "Serilog__Properties__Application", + "value": "basisregisters-test-organisation-registry-admin-api" + }, + { + "name": "ASPNETCORE_ENVIRONMENT", + "value": "test" + }, + { + "name": "Serilog__MinimumLevel__Default", + "value": "Information" + }, + { + "name": "Serilog__WriteTo__0__Name", + "value": "Console" + }, + { + "name": "Serilog__WriteTo__0__Args__formatter", + "value": "Serilog.Formatting.Compact.RenderedCompactJsonFormatter, Serilog.Formatting.Compact" + }, + { + "name": "PostgreSQLOptions__Host", + "value": "tverenigingsregisterdatabase-postgres.convsdyilb2g.eu-west-1.rds.amazonaws.com:5432" + }, + { + "name": "PostgreSQLOptions__database", + "value": "verenigingsregister" + }, + { + "name": "BaseUrl", + "value": "https://beheer.new.verenigingen.test-vlaanderen.be/" + }, + { + "name": "PublicApiBaseUrl", + "value": "https://publiek.new.verenigingen.test-vlaanderen.be/" + }, + { + "name": "OAuth2IntrospectionOptions__Authority", + "value": "https://authenticatie-ti.vlaanderen.be" + }, + { + "name": "OAuth2IntrospectionOptions__IntrospectionEndpoint", + "value": "https://authenticatie-ti.vlaanderen.be/op/v1/introspect" + }, + { + "name": "ElasticClientOptions__Uri", + "value": "https://7fbcd3c2c56a49e6ae3fae309036c531.es.ops.vl.be:9243/" + }, + { + "name": "ElasticClientOptions__Indices__Verenigingen", + "value": "@[templar;replace;incoming_domain]-@[templar;replace;incoming_environment]-admin-verenigingen" + }, + { + "name": "ElasticClientOptions__Indices__DuplicateDetection", + "value": "@[templar;replace;incoming_domain]-@[templar;replace;incoming_environment]-admin-duplicatedetection" + }, + { + "name": "MagdaOptions__Afzender", + "value": "kbbj.vlaanderen.be/dv/verenigingsregister-aip" + }, + { + "name": "MagdaOptions__Ontvanger", + "value": "vip.vlaanderen.be" + }, + { + "name": "MagdaOptions__GeefOndernemingEndpoint", + "value": "https://magdaondernemingdienst-aip.vlaanderen.be/GeefOndernemingDienst-02.00/soap/WebService" + }, + { + "name": "MagdaOptions__Hoedanigheid", + "value": "7001" + } + ], + "dockerLabels": { + "contact": "aiv.systemteam@kb.vlaanderen.be", + "environment": "@[templar;replace;incoming_environment]", + "productcode": "P009", + "programma": "AGB" + }, + "ulimits": [ + { + "name": "nofile", + "softLimit": 65536, + "hardLimit": 65536 + } + ], + "logConfiguration": { + "logDriver": "awslogs", + "options": { + "awslogs-group": "/ecs-logs/@[templar;replace;incoming_environment]/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/app", + "awslogs-region": "eu-west-1", + "awslogs-stream-prefix": "ecs" + } + }, + "linuxParameters": { + "initProcessEnabled": true + }, + "secrets": [ + { + "name": "PostgreSQLOptions__username", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/postgres-user" + }, + { + "name": "PostgreSQLOptions__password", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/postgres-password" + }, + { + "name": "OAuth2IntrospectionOptions__ClientId", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/OAuth2IntrospectionOptions__ClientId" + }, + { + "name": "OAuth2IntrospectionOptions__ClientSecret", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/OAuth2IntrospectionOptions__ClientSecret" + }, + { + "name": "ElasticClientOptions__Username", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/elasticsearch-username" + }, + { + "name": "ElasticClientOptions__Password", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/elasticsearch-password" + }, + { + "name": "MagdaOptions__ClientCertificate", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/magda-client-cert" + }, + { + "name": "MagdaOptions__ClientCertificatePassword", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/magda-client-cert-password" + }, + { + "name": "TemporaryMagdaVertegenwoordigers", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/magda-temp-vertegenwoordigers" + } + ] + }, + { + "name": "init-container", + "image": "460116816372.dkr.ecr.eu-west-1.amazonaws.com/verenigingsregister-amazon/aws-cli:2.11.2", + "essential": false, + "command": [ + "s3", "cp", "s3://@[templar;replace;incoming_domain]-@[templar;replace;incoming_application]-@[templar;replace;incoming_environment]/otlp.yml", "/etc/config/otlp.yml"], + "mountPoints": [ + { + "sourceVolume": "config-mount", + "containerPath": "/etc/config/" + } + ], + "environment": [], + "dockerLabels": { + "contact": "aiv.systemteam@kb.vlaanderen.be", + "environment": "@[templar;replace;incoming_environment]", + "productcode": "P009", + "programma": "AGB" + }, + "logConfiguration": { + "logDriver": "awslogs", + "options": { + "awslogs-group": "/ecs-logs/@[templar;replace;incoming_environment]/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/init", + "awslogs-region": "eu-west-1", + "awslogs-stream-prefix": "ecs" + } + }, + "secrets": [] + }, + { + "name": "otel-collector", + "dependsOn": [ + { + "containerName": "init-container", + "condition": "COMPLETE" + } + ], + "image": "460116816372.dkr.ecr.eu-west-1.amazonaws.com/verenigingsregister-otel/opentelemetry-collector", + "command": [ + "--config=/etc/config/otlp.yml" + ], + "portMappings": [ + { + "containerPort": 4317, + "hostPort": 4317, + "protocol": "tcp" + }, + { + "containerPort": 4318, + "hostPort": 4318, + "protocol": "tcp" + }, + { + "containerPort": 13133, + "hostPort": 13133, + "protocol": "tcp" + } + ], + "essential": false, + "mountPoints": [ + { + "sourceVolume": "config-mount", + "containerPath": "/etc/config/" + } + ], + "environment": [], + "dockerLabels": { + "contact": "aiv.systemteam@kb.vlaanderen.be", + "environment": "@[templar;replace;incoming_environment]", + "productcode": "P009", + "programma": "AGB" + }, + "logConfiguration": { + "logDriver": "awslogs", + "options": { + "awslogs-group": "/ecs-logs/@[templar;replace;incoming_environment]/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/otel-collector", + "awslogs-region": "eu-west-1", + "awslogs-stream-prefix": "ecs", + "awslogs-create-group": "True" + } + }, + "secrets": [] + }, + { + "name": "elastic-agent", + "dependsOn": [ + { + "containerName": "init-container", + "condition": "COMPLETE" + } + ], + "image": "docker.elastic.co/beats/elastic-agent:8.8.2", + "command": [ + "elastic-agent container -h" + ], + "essential": false, + "dockerLabels": { + "contact": "aiv.systemteam@kb.vlaanderen.be", + "environment": "@[templar;replace;incoming_environment]", + "productcode": "P009", + "programma": "AGB" + }, + "logConfiguration": { + "logDriver": "awslogs", + "options": { + "awslogs-group": "/ecs-logs/@[templar;replace;incoming_environment]/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/elastic-agent", + "awslogs-region": "eu-west-1", + "awslogs-stream-prefix": "ecs", + "awslogs-create-group": "True" + } + }, + "environment": [ + { + "name": "FLEET_URL", + "value": "https://bb9eb4dbb675464882c5d235ed053673.fleet.es.ops.vl.be:9243" + }, + { + "name": "FLEET_ENROLLMENT_TOKEN", + "value": "NXRIbGdJc0JZX3M2MUNrOF9EMHA6am9Xa2JwbURUcXFzVzlINWptbFpVUQ==" + }, + { + "name": "FLEET_ENROLL", + "value": "1" + } + ] + } + ], + "family": "ecs-@[templar;replace;incoming_environment]-@[templar;replace;incoming_domain]-@[templar;replace;incoming_application]", + "executionRoleArn": "arn:aws:iam::@[templar;replace;incoming_aws_account_id]:role/rl-ecs-task-exec-@[templar;replace;incoming_environment]-@[templar;replace;incoming_domain]-@[templar;replace;incoming_application]", + "taskRoleArn": "arn:aws:iam::@[templar;replace;incoming_aws_account_id]:role/rl-ecs-task-@[templar;replace;incoming_environment]-@[templar;replace;incoming_domain]-@[templar;replace;incoming_application]", + "networkMode": "awsvpc", + "requiresCompatibilities": [ + "FARGATE" + ], + "cpu": "512", + "memory": "2048" +} \ No newline at end of file diff --git a/.aws/task-definitions/adminapi.production.json b/.aws/task-definitions/adminapi.production.json new file mode 100644 index 000000000..58f25bff0 --- /dev/null +++ b/.aws/task-definitions/adminapi.production.json @@ -0,0 +1,289 @@ +{ + "volumes": [ + { + "name": "config-mount", + "host": {} + } + ], + "containerDefinitions": [ + { + "name": "adminapi", + "image": "460116816372.dkr.ecr.eu-west-1.amazonaws.com/@[templar;replace;incoming_domain]-@[templar;replace;incoming_application]:@[templar;replace;version]", + "portMappings": [ + { + "containerPort": 11004, + "hostPort": 11004, + "protocol": "tcp" + } + ], + "essential": true, + "environment": [ + { + "name": "Serilog__Properties__Application", + "value": "basisregisters-staging-association-registry-admin-api" + }, + { + "name": "ASPNETCORE_ENVIRONMENT", + "value": "staging" + }, + { + "name": "Serilog__MinimumLevel__Default", + "value": "Information" + }, + { + "name": "Serilog__WriteTo__0__Name", + "value": "Console" + }, + { + "name": "Serilog__WriteTo__0__Args__formatter", + "value": "Serilog.Formatting.Compact.RenderedCompactJsonFormatter, Serilog.Formatting.Compact" + }, + { + "name": "PostgreSQLOptions__Host", + "value": "pverenigingsregisterdatabase-postgres.crygspapdm1x.eu-west-1.rds.amazonaws.com:5432" + }, + { + "name": "PostgreSQLOptions__database", + "value": "verenigingsregister" + }, + { + "name": "BaseUrl", + "value": "https://beheer.new.verenigingen.staging-vlaanderen.be/" + }, + { + "name": "PublicApiBaseUrl", + "value": "https://publiek.new.verenigingen.staging-vlaanderen.be/" + }, + { + "name": "OAuth2IntrospectionOptions__Authority", + "value": "https://authenticatie-ti.vlaanderen.be" + }, + { + "name": "OAuth2IntrospectionOptions__IntrospectionEndpoint", + "value": "https://authenticatie-ti.vlaanderen.be/op/v1/introspect" + }, + { + "name": "ElasticClientOptions__Uri", + "value": "https://7fbcd3c2c56a49e6ae3fae309036c531.es.ops.vl.be:9243/" + }, + { + "name": "ElasticClientOptions__Indices__Verenigingen", + "value": "verenigingsregister-staging-admin-verenigingen" + }, + { + "name": "MagdaOptions__Afzender", + "value": "kbbj.vlaanderen.be/dv/verenigingsregister-aip" + }, + { + "name": "MagdaOptions__Ontvanger", + "value": "vip.vlaanderen.be" + }, + { + "name": "MagdaOptions__GeefOndernemingEndpoint", + "value": "https://magdaondernemingdienst-aip.vlaanderen.be/GeefOndernemingDienst-02.00/soap/WebService" + }, + { + "name": "MagdaOptions__Hoedanigheid", + "value": "7001" + } + ], + "dockerLabels": { + "contact": "aiv.systemteam@kb.vlaanderen.be", + "environment": "@[templar;replace;incoming_environment]", + "productcode": "P009", + "programma": "AGB" + }, + "ulimits": [ + { + "name": "nofile", + "softLimit": 65536, + "hardLimit": 65536 + } + ], + "logConfiguration": { + "logDriver": "awslogs", + "options": { + "awslogs-group": "/ecs-logs/@[templar;replace;incoming_environment]/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/app", + "awslogs-region": "eu-west-1", + "awslogs-stream-prefix": "ecs" + } + }, + "linuxParameters": { + "initProcessEnabled": true + }, + "secrets": [ + { + "name": "PostgreSQLOptions__username", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/postgres-user" + }, + { + "name": "PostgreSQLOptions__password", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/postgres-password" + }, + { + "name": "OAuth2IntrospectionOptions__ClientId", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/OAuth2IntrospectionOptions__ClientId" + }, + { + "name": "OAuth2IntrospectionOptions__ClientSecret", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/OAuth2IntrospectionOptions__ClientSecret" + }, + { + "name": "ElasticClientOptions__Username", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/elasticsearch-username" + }, + { + "name": "ElasticClientOptions__Password", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/elasticsearch-password" + }, + { + "name": "MagdaOptions__ClientCertificate", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/magda-client-cert" + }, + { + "name": "MagdaOptions__ClientCertificatePassword", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/magda-client-cert-password" + }, + { + "name": "TemporaryMagdaVertegenwoordigers", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/magda-temp-vertegenwoordigers" + } + ] + }, + { + "name": "init-container", + "image": "460116816372.dkr.ecr.eu-west-1.amazonaws.com/verenigingsregister-amazon/aws-cli:2.11.2", + "essential": false, + "command": [ + "s3", "cp", "s3://@[templar;replace;incoming_domain]-@[templar;replace;incoming_application]-production/otlp.yml", "/etc/config/otlp.yml"], + "mountPoints": [ + { + "sourceVolume": "config-mount", + "containerPath": "/etc/config/" + } + ], + "environment": [], + "dockerLabels": { + "contact": "aiv.systemteam@kb.vlaanderen.be", + "environment": "@[templar;replace;incoming_environment]", + "productcode": "P009", + "programma": "AGB" + }, + "logConfiguration": { + "logDriver": "awslogs", + "options": { + "awslogs-group": "/ecs-logs/@[templar;replace;incoming_environment]/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/init", + "awslogs-region": "eu-west-1", + "awslogs-stream-prefix": "ecs" + } + }, + "secrets": [] + }, + { + "name": "otel-collector", + "dependsOn": [ + { + "containerName": "init-container", + "condition": "COMPLETE" + } + ], + "image": "460116816372.dkr.ecr.eu-west-1.amazonaws.com/verenigingsregister-otel/opentelemetry-collector", + "command": [ + "--config=/etc/config/otlp.yml" + ], + "portMappings": [ + { + "containerPort": 4317, + "hostPort": 4317, + "protocol": "tcp" + }, + { + "containerPort": 4318, + "hostPort": 4318, + "protocol": "tcp" + }, + { + "containerPort": 13133, + "hostPort": 13133, + "protocol": "tcp" + } + ], + "essential": false, + "mountPoints": [ + { + "sourceVolume": "config-mount", + "containerPath": "/etc/config/" + } + ], + "environment": [], + "dockerLabels": { + "contact": "aiv.systemteam@kb.vlaanderen.be", + "environment": "@[templar;replace;incoming_environment]", + "productcode": "P009", + "programma": "AGB" + }, + "logConfiguration": { + "logDriver": "awslogs", + "options": { + "awslogs-group": "/ecs-logs/@[templar;replace;incoming_environment]/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/otel-collector", + "awslogs-region": "eu-west-1", + "awslogs-stream-prefix": "ecs", + "awslogs-create-group": "True" + } + }, + "secrets": [] + }, + { + "name": "elastic-agent", + "dependsOn": [ + { + "containerName": "init-container", + "condition": "COMPLETE" + } + ], + "image": "docker.elastic.co/beats/elastic-agent:8.8.2", + "command": [ + "elastic-agent container -h" + ], + "essential": false, + "dockerLabels": { + "contact": "aiv.systemteam@kb.vlaanderen.be", + "environment": "@[templar;replace;incoming_environment]", + "productcode": "P009", + "programma": "AGB" + }, + "logConfiguration": { + "logDriver": "awslogs", + "options": { + "awslogs-group": "/ecs-logs/@[templar;replace;incoming_environment]/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/elastic-agent", + "awslogs-region": "eu-west-1", + "awslogs-stream-prefix": "ecs", + "awslogs-create-group": "True" + } + }, + "environment": [ + { + "name": "FLEET_URL", + "value": "https://85f01854f72640c996587ced2d56fa73.fleet.es.ops.vl.be:9243" + }, + { + "name": "FLEET_ENROLLMENT_TOKEN", + "value": "SERCaHo0c0ItSGxOQVBjaUh1T3c6ZGx4WlVfUnFRVHE4RjNaeWhrVmhLdw==" + }, + { + "name": "FLEET_ENROLL", + "value": "1" + } + ] + } + ], + "family": "ecs-@[templar;replace;incoming_environment]-@[templar;replace;incoming_domain]-@[templar;replace;incoming_application]", + "executionRoleArn": "arn:aws:iam::@[templar;replace;incoming_aws_account_id]:role/rl-ecs-task-exec-@[templar;replace;incoming_environment]-@[templar;replace;incoming_domain]-@[templar;replace;incoming_application]", + "taskRoleArn": "arn:aws:iam::@[templar;replace;incoming_aws_account_id]:role/rl-ecs-task-@[templar;replace;incoming_environment]-@[templar;replace;incoming_domain]-@[templar;replace;incoming_application]", + "networkMode": "awsvpc", + "requiresCompatibilities": [ + "FARGATE" + ], + "cpu": "512", + "memory": "2048" +} \ No newline at end of file diff --git a/.aws/task-definitions/adminapi.staging.json b/.aws/task-definitions/adminapi.staging.json new file mode 100644 index 000000000..58fec33d8 --- /dev/null +++ b/.aws/task-definitions/adminapi.staging.json @@ -0,0 +1,293 @@ +{ + "volumes": [ + { + "name": "config-mount", + "host": {} + } + ], + "containerDefinitions": [ + { + "name": "adminapi", + "image": "460116816372.dkr.ecr.eu-west-1.amazonaws.com/@[templar;replace;incoming_domain]-@[templar;replace;incoming_application]:@[templar;replace;version]", + "portMappings": [ + { + "containerPort": 11004, + "hostPort": 11004, + "protocol": "tcp" + } + ], + "essential": true, + "environment": [ + { + "name": "Serilog__Properties__Application", + "value": "basisregisters-staging-association-registry-admin-api" + }, + { + "name": "ASPNETCORE_ENVIRONMENT", + "value": "staging" + }, + { + "name": "Serilog__MinimumLevel__Default", + "value": "Information" + }, + { + "name": "Serilog__WriteTo__0__Name", + "value": "Console" + }, + { + "name": "Serilog__WriteTo__0__Args__formatter", + "value": "Serilog.Formatting.Compact.RenderedCompactJsonFormatter, Serilog.Formatting.Compact" + }, + { + "name": "PostgreSQLOptions__Host", + "value": "sverenigingsregisterdatabase-postgres.cbepriyj7vem.eu-west-1.rds.amazonaws.com:5432" + }, + { + "name": "PostgreSQLOptions__database", + "value": "verenigingsregister" + }, + { + "name": "BaseUrl", + "value": "https://beheer.new.verenigingen.staging-vlaanderen.be/" + }, + { + "name": "PublicApiBaseUrl", + "value": "https://publiek.new.verenigingen.staging-vlaanderen.be/" + }, + { + "name": "OAuth2IntrospectionOptions__Authority", + "value": "https://authenticatie-ti.vlaanderen.be" + }, + { + "name": "OAuth2IntrospectionOptions__IntrospectionEndpoint", + "value": "https://authenticatie-ti.vlaanderen.be/op/v1/introspect" + }, + { + "name": "ElasticClientOptions__Uri", + "value": "https://7fbcd3c2c56a49e6ae3fae309036c531.es.ops.vl.be:9243/" + }, + { + "name": "ElasticClientOptions__Indices__Verenigingen", + "value": "@[templar;replace;incoming_domain]-staging-admin-verenigingen" + }, + { + "name": "ElasticClientOptions__Indices__DuplicateDetection", + "value": "@[templar;replace;incoming_domain]-staging-admin-duplicatedetection" + }, + { + "name": "MagdaOptions__Afzender", + "value": "kbbj.vlaanderen.be/dv/verenigingsregister-aip" + }, + { + "name": "MagdaOptions__Ontvanger", + "value": "vip.vlaanderen.be" + }, + { + "name": "MagdaOptions__GeefOndernemingEndpoint", + "value": "https://magdaondernemingdienst-aip.vlaanderen.be/GeefOndernemingDienst-02.00/soap/WebService" + }, + { + "name": "MagdaOptions__Hoedanigheid", + "value": "7001" + } + ], + "dockerLabels": { + "contact": "aiv.systemteam@kb.vlaanderen.be", + "environment": "@[templar;replace;incoming_environment]", + "productcode": "P009", + "programma": "AGB" + }, + "ulimits": [ + { + "name": "nofile", + "softLimit": 65536, + "hardLimit": 65536 + } + ], + "logConfiguration": { + "logDriver": "awslogs", + "options": { + "awslogs-group": "/ecs-logs/@[templar;replace;incoming_environment]/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/app", + "awslogs-region": "eu-west-1", + "awslogs-stream-prefix": "ecs" + } + }, + "linuxParameters": { + "initProcessEnabled": true + }, + "secrets": [ + { + "name": "PostgreSQLOptions__username", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/postgres-user" + }, + { + "name": "PostgreSQLOptions__password", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/postgres-password" + }, + { + "name": "OAuth2IntrospectionOptions__ClientId", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/OAuth2IntrospectionOptions__ClientId" + }, + { + "name": "OAuth2IntrospectionOptions__ClientSecret", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/OAuth2IntrospectionOptions__ClientSecret" + }, + { + "name": "ElasticClientOptions__Username", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/elasticsearch-username" + }, + { + "name": "ElasticClientOptions__Password", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/elasticsearch-password" + }, + { + "name": "MagdaOptions__ClientCertificate", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/magda-client-cert" + }, + { + "name": "MagdaOptions__ClientCertificatePassword", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/magda-client-cert-password" + }, + { + "name": "TemporaryMagdaVertegenwoordigers", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/magda-temp-vertegenwoordigers" + } + ] + }, + { + "name": "init-container", + "image": "460116816372.dkr.ecr.eu-west-1.amazonaws.com/verenigingsregister-amazon/aws-cli:2.11.2", + "essential": false, + "command": [ + "s3", "cp", "s3://@[templar;replace;incoming_domain]-@[templar;replace;incoming_application]-staging/otlp.yml", "/etc/config/otlp.yml"], + "mountPoints": [ + { + "sourceVolume": "config-mount", + "containerPath": "/etc/config/" + } + ], + "environment": [], + "dockerLabels": { + "contact": "aiv.systemteam@kb.vlaanderen.be", + "environment": "@[templar;replace;incoming_environment]", + "productcode": "P009", + "programma": "AGB" + }, + "logConfiguration": { + "logDriver": "awslogs", + "options": { + "awslogs-group": "/ecs-logs/@[templar;replace;incoming_environment]/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/init", + "awslogs-region": "eu-west-1", + "awslogs-stream-prefix": "ecs" + } + }, + "secrets": [] + }, + { + "name": "otel-collector", + "dependsOn": [ + { + "containerName": "init-container", + "condition": "COMPLETE" + } + ], + "image": "460116816372.dkr.ecr.eu-west-1.amazonaws.com/verenigingsregister-otel/opentelemetry-collector", + "command": [ + "--config=/etc/config/otlp.yml" + ], + "portMappings": [ + { + "containerPort": 4317, + "hostPort": 4317, + "protocol": "tcp" + }, + { + "containerPort": 4318, + "hostPort": 4318, + "protocol": "tcp" + }, + { + "containerPort": 13133, + "hostPort": 13133, + "protocol": "tcp" + } + ], + "essential": false, + "mountPoints": [ + { + "sourceVolume": "config-mount", + "containerPath": "/etc/config/" + } + ], + "environment": [], + "dockerLabels": { + "contact": "aiv.systemteam@kb.vlaanderen.be", + "environment": "@[templar;replace;incoming_environment]", + "productcode": "P009", + "programma": "AGB" + }, + "logConfiguration": { + "logDriver": "awslogs", + "options": { + "awslogs-group": "/ecs-logs/@[templar;replace;incoming_environment]/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/otel-collector", + "awslogs-region": "eu-west-1", + "awslogs-stream-prefix": "ecs", + "awslogs-create-group": "True" + } + }, + "secrets": [] + }, + { + "name": "elastic-agent", + "dependsOn": [ + { + "containerName": "init-container", + "condition": "COMPLETE" + } + ], + "image": "docker.elastic.co/beats/elastic-agent:8.8.2", + "command": [ + "elastic-agent container -h" + ], + "essential": false, + "dockerLabels": { + "contact": "aiv.systemteam@kb.vlaanderen.be", + "environment": "@[templar;replace;incoming_environment]", + "productcode": "P009", + "programma": "AGB" + }, + "logConfiguration": { + "logDriver": "awslogs", + "options": { + "awslogs-group": "/ecs-logs/@[templar;replace;incoming_environment]/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/elastic-agent", + "awslogs-region": "eu-west-1", + "awslogs-stream-prefix": "ecs", + "awslogs-create-group": "True" + } + }, + "environment": [ + { + "name": "FLEET_URL", + "value": "https://bb9eb4dbb675464882c5d235ed053673.fleet.es.ops.vl.be:9243" + }, + { + "name": "FLEET_ENROLLMENT_TOKEN", + "value": "NXRIbGdJc0JZX3M2MUNrOF9EMHA6am9Xa2JwbURUcXFzVzlINWptbFpVUQ==" + }, + { + "name": "FLEET_ENROLL", + "value": "1" + } + ] + } + ], + "family": "ecs-@[templar;replace;incoming_environment]-@[templar;replace;incoming_domain]-@[templar;replace;incoming_application]", + "executionRoleArn": "arn:aws:iam::@[templar;replace;incoming_aws_account_id]:role/rl-ecs-task-exec-@[templar;replace;incoming_environment]-@[templar;replace;incoming_domain]-@[templar;replace;incoming_application]", + "taskRoleArn": "arn:aws:iam::@[templar;replace;incoming_aws_account_id]:role/rl-ecs-task-@[templar;replace;incoming_environment]-@[templar;replace;incoming_domain]-@[templar;replace;incoming_application]", + "networkMode": "awsvpc", + "requiresCompatibilities": [ + "FARGATE" + ], + "cpu": "512", + "memory": "2048" +} \ No newline at end of file diff --git a/.aws/task-definitions/adminapi.test.json b/.aws/task-definitions/adminapi.test.json new file mode 100644 index 000000000..6c4f1e6e1 --- /dev/null +++ b/.aws/task-definitions/adminapi.test.json @@ -0,0 +1,293 @@ +{ + "volumes": [ + { + "name": "config-mount", + "host": {} + } + ], + "containerDefinitions": [ + { + "name": "adminapi", + "image": "460116816372.dkr.ecr.eu-west-1.amazonaws.com/@[templar;replace;incoming_domain]-@[templar;replace;incoming_application]:@[templar;replace;version]", + "portMappings": [ + { + "containerPort": 11004, + "hostPort": 11004, + "protocol": "tcp" + } + ], + "essential": true, + "environment": [ + { + "name": "Serilog__Properties__Application", + "value": "basisregisters-test-organisation-registry-admin-api" + }, + { + "name": "ASPNETCORE_ENVIRONMENT", + "value": "test" + }, + { + "name": "Serilog__MinimumLevel__Default", + "value": "Information" + }, + { + "name": "Serilog__WriteTo__0__Name", + "value": "Console" + }, + { + "name": "Serilog__WriteTo__0__Args__formatter", + "value": "Serilog.Formatting.Compact.RenderedCompactJsonFormatter, Serilog.Formatting.Compact" + }, + { + "name": "PostgreSQLOptions__Host", + "value": "tverenigingsregisterdatabase-postgres.convsdyilb2g.eu-west-1.rds.amazonaws.com:5432" + }, + { + "name": "PostgreSQLOptions__database", + "value": "verenigingsregister" + }, + { + "name": "BaseUrl", + "value": "https://beheer.new.verenigingen.test-vlaanderen.be/" + }, + { + "name": "PublicApiBaseUrl", + "value": "https://publiek.new.verenigingen.test-vlaanderen.be/" + }, + { + "name": "OAuth2IntrospectionOptions__Authority", + "value": "https://authenticatie-ti.vlaanderen.be" + }, + { + "name": "OAuth2IntrospectionOptions__IntrospectionEndpoint", + "value": "https://authenticatie-ti.vlaanderen.be/op/v1/introspect" + }, + { + "name": "ElasticClientOptions__Uri", + "value": "https://7fbcd3c2c56a49e6ae3fae309036c531.es.ops.vl.be:9243/" + }, + { + "name": "ElasticClientOptions__Indices__Verenigingen", + "value": "@[templar;replace;incoming_domain]-@[templar;replace;incoming_environment]-admin-verenigingen" + }, + { + "name": "ElasticClientOptions__Indices__DuplicateDetection", + "value": "@[templar;replace;incoming_domain]-@[templar;replace;incoming_environment]-admin-duplicatedetection" + }, + { + "name": "MagdaOptions__Afzender", + "value": "kbbj.vlaanderen.be/dv/verenigingsregister-aip" + }, + { + "name": "MagdaOptions__Ontvanger", + "value": "vip.vlaanderen.be" + }, + { + "name": "MagdaOptions__GeefOndernemingEndpoint", + "value": "https://magdaondernemingdienst-aip.vlaanderen.be/GeefOndernemingDienst-02.00/soap/WebService" + }, + { + "name": "MagdaOptions__Hoedanigheid", + "value": "7001" + } + ], + "dockerLabels": { + "contact": "aiv.systemteam@kb.vlaanderen.be", + "environment": "@[templar;replace;incoming_environment]", + "productcode": "P009", + "programma": "AGB" + }, + "ulimits": [ + { + "name": "nofile", + "softLimit": 65536, + "hardLimit": 65536 + } + ], + "logConfiguration": { + "logDriver": "awslogs", + "options": { + "awslogs-group": "/ecs-logs/@[templar;replace;incoming_environment]/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/app", + "awslogs-region": "eu-west-1", + "awslogs-stream-prefix": "ecs" + } + }, + "linuxParameters": { + "initProcessEnabled": true + }, + "secrets": [ + { + "name": "PostgreSQLOptions__username", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/postgres-user" + }, + { + "name": "PostgreSQLOptions__password", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/postgres-password" + }, + { + "name": "OAuth2IntrospectionOptions__ClientId", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/OAuth2IntrospectionOptions__ClientId" + }, + { + "name": "OAuth2IntrospectionOptions__ClientSecret", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/OAuth2IntrospectionOptions__ClientSecret" + }, + { + "name": "ElasticClientOptions__Username", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/elasticsearch-username" + }, + { + "name": "ElasticClientOptions__Password", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/elasticsearch-password" + }, + { + "name": "MagdaOptions__ClientCertificate", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/magda-client-cert" + }, + { + "name": "MagdaOptions__ClientCertificatePassword", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/magda-client-cert-password" + }, + { + "name": "TemporaryMagdaVertegenwoordigers", + "valueFrom": "arn:aws:ssm:eu-west-1:@[templar;replace;incoming_aws_account_id]:parameter/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/@[templar;replace;incoming_environment]/magda-temp-vertegenwoordigers" + } + ] + }, + { + "name": "init-container", + "image": "460116816372.dkr.ecr.eu-west-1.amazonaws.com/verenigingsregister-amazon/aws-cli:2.11.2", + "essential": false, + "command": [ + "s3", "cp", "s3://@[templar;replace;incoming_domain]-@[templar;replace;incoming_application]-@[templar;replace;incoming_environment]/otlp.yml", "/etc/config/otlp.yml"], + "mountPoints": [ + { + "sourceVolume": "config-mount", + "containerPath": "/etc/config/" + } + ], + "environment": [], + "dockerLabels": { + "contact": "aiv.systemteam@kb.vlaanderen.be", + "environment": "@[templar;replace;incoming_environment]", + "productcode": "P009", + "programma": "AGB" + }, + "logConfiguration": { + "logDriver": "awslogs", + "options": { + "awslogs-group": "/ecs-logs/@[templar;replace;incoming_environment]/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/init", + "awslogs-region": "eu-west-1", + "awslogs-stream-prefix": "ecs" + } + }, + "secrets": [] + }, + { + "name": "otel-collector", + "dependsOn": [ + { + "containerName": "init-container", + "condition": "COMPLETE" + } + ], + "image": "460116816372.dkr.ecr.eu-west-1.amazonaws.com/verenigingsregister-otel/opentelemetry-collector", + "command": [ + "--config=/etc/config/otlp.yml" + ], + "portMappings": [ + { + "containerPort": 4317, + "hostPort": 4317, + "protocol": "tcp" + }, + { + "containerPort": 4318, + "hostPort": 4318, + "protocol": "tcp" + }, + { + "containerPort": 13133, + "hostPort": 13133, + "protocol": "tcp" + } + ], + "essential": false, + "mountPoints": [ + { + "sourceVolume": "config-mount", + "containerPath": "/etc/config/" + } + ], + "environment": [], + "dockerLabels": { + "contact": "aiv.systemteam@kb.vlaanderen.be", + "environment": "@[templar;replace;incoming_environment]", + "productcode": "P009", + "programma": "AGB" + }, + "logConfiguration": { + "logDriver": "awslogs", + "options": { + "awslogs-group": "/ecs-logs/@[templar;replace;incoming_environment]/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/otel-collector", + "awslogs-region": "eu-west-1", + "awslogs-stream-prefix": "ecs", + "awslogs-create-group": "True" + } + }, + "secrets": [] + }, + { + "name": "elastic-agent", + "dependsOn": [ + { + "containerName": "init-container", + "condition": "COMPLETE" + } + ], + "image": "docker.elastic.co/beats/elastic-agent:8.8.2", + "command": [ + "elastic-agent container -h" + ], + "essential": false, + "dockerLabels": { + "contact": "aiv.systemteam@kb.vlaanderen.be", + "environment": "@[templar;replace;incoming_environment]", + "productcode": "P009", + "programma": "AGB" + }, + "logConfiguration": { + "logDriver": "awslogs", + "options": { + "awslogs-group": "/ecs-logs/@[templar;replace;incoming_environment]/@[templar;replace;incoming_domain]/@[templar;replace;incoming_application]/elastic-agent", + "awslogs-region": "eu-west-1", + "awslogs-stream-prefix": "ecs", + "awslogs-create-group": "True" + } + }, + "environment": [ + { + "name": "FLEET_URL", + "value": "https://bb9eb4dbb675464882c5d235ed053673.fleet.es.ops.vl.be:9243" + }, + { + "name": "FLEET_ENROLLMENT_TOKEN", + "value": "NXRIbGdJc0JZX3M2MUNrOF9EMHA6am9Xa2JwbURUcXFzVzlINWptbFpVUQ==" + }, + { + "name": "FLEET_ENROLL", + "value": "1" + } + ] + } + ], + "family": "ecs-@[templar;replace;incoming_environment]-@[templar;replace;incoming_domain]-@[templar;replace;incoming_application]", + "executionRoleArn": "arn:aws:iam::@[templar;replace;incoming_aws_account_id]:role/rl-ecs-task-exec-@[templar;replace;incoming_environment]-@[templar;replace;incoming_domain]-@[templar;replace;incoming_application]", + "taskRoleArn": "arn:aws:iam::@[templar;replace;incoming_aws_account_id]:role/rl-ecs-task-@[templar;replace;incoming_environment]-@[templar;replace;incoming_domain]-@[templar;replace;incoming_application]", + "networkMode": "awsvpc", + "requiresCompatibilities": [ + "FARGATE" + ], + "cpu": "512", + "memory": "2048" +} \ No newline at end of file diff --git a/.github/workflows/test-manual-ecs-ik4.yml b/.github/workflows/test-manual-ecs-ik4.yml new file mode 100644 index 000000000..e69de29bb