def deploy(
context: "Context",
eks_system_masters_roles_changes: Optional["ListChangeset"],
) -> None:
_logger.debug("Stack name: %s", context.env_stack_name)
if eks_system_masters_roles_changes and (
eks_system_masters_roles_changes.added_values or eks_system_masters_roles_changes.removed_values
):
iam.update_assume_role_roles(
account_id=context.account_id,
role_name=f"orbit-{context.name}-admin",
roles_to_add=eks_system_masters_roles_changes.added_values,
roles_to_remove=eks_system_masters_roles_changes.removed_values,
)
args: List[str] = [context.name]
cdk.deploy(
context=context,
stack_name=context.env_stack_name,
app_filename=os.path.join(ORBIT_CLI_ROOT, "remote_files", "cdk", "env.py"),
args=args,
)
context.fetch_env_data()
def deploy_team(context: "Context", manifest: Manifest,
team_manifest: TeamManifest) -> None:
# Pull team spacific custom cfn plugin, trigger pre_hook
team_context: Optional["TeamContext"] = create_team_context_from_manifest(
manifest=manifest, team_manifest=team_manifest)
_logger.debug(f"team_context={team_context}")
if team_context:
_logger.debug(f"team_context.plugins={team_context.plugins}")
_logger.debug("Calling team pre_hook")
for plugin in team_context.plugins:
hook: plugins.HOOK_TYPE = plugins.PLUGINS_REGISTRIES.get_hook(
context=context,
team_name=team_context.name,
plugin_name=plugin.plugin_id,
hook_name="pre_hook",
)
if hook is not None:
_logger.debug(f"Found pre_hook for plugin_id {plugin}")
hook(plugin.plugin_id, context, team_context,
plugin.parameters)
_logger.debug("End of pre_hook plugin execution")
else:
_logger.debug(
f"Skipping pre_hook for unknown Team: {team_manifest.name}")
args = [context.name, team_manifest.name]
cdk.deploy(
context=context,
stack_name=f"orbit-{manifest.name}-{team_manifest.name}",
app_filename=os.path.join(ORBIT_CLI_ROOT, "remote_files", "cdk",
"team.py"),
args=args,
)
team_context = context.get_team_by_name(name=team_manifest.name)
if team_context:
team_context.fetch_team_data()
else:
team_context = create_team_context_from_manifest(
manifest=manifest, team_manifest=team_manifest)
team_context.fetch_team_data()
context.teams.append(team_context)
_logger.debug(
f"team_context.helm_repository: s3://{context.toolkit.s3_bucket}/helm/repositories/teams/{team_context.name}"
)
team_context.team_helm_repository = f"s3://{context.toolkit.s3_bucket}/helm/repositories/teams/{team_context.name}"
team_context.user_helm_repository = f"s3://{context.toolkit.s3_bucket}/helm/repositories/user/{team_context.name}"
ContextSerDe.dump_context_to_ssm(context=context)
def deploy(context: "FoundationContext") -> None:
stack_name: str = cast(str, context.stack_name)
_logger.debug("Deploying self signed cert...")
ssl_cert_arn = check_cert(context=context)
_logger.debug("Deploying %s Foundation...", stack_name)
cdk.deploy(
context=context,
stack_name=stack_name,
app_filename=os.path.join(ORBIT_CLI_ROOT, "remote_files", "cdk", "foundation.py"),
args=[context.name, ssl_cert_arn],
)
_logger.debug("Enabling private dns for codeartifact vpc endpoints")
vpc_id: str = _fetch_vpc_id(context=context)
vpc.modify_vpc_endpoint(vpc_id=vpc_id, service_name="codeartifact.repositories", private_dns_enabled=True)
vpc.modify_vpc_endpoint(vpc_id=vpc_id, service_name="codeartifact.api", private_dns_enabled=True)