Create lambdas with terraform

.github/workflows/deploy-prod.yml

@@ -112,13 +112,7 @@ jobs:
       - uses: actions/checkout@v4
         env:
           HUSKY: "0"
-      - uses: aws-actions/setup-sam@v2
-        with:
-          use-installer: true
-      - name: Set up Python 3.11
-        uses: actions/setup-python@v5
-        with:
-          python-version: 3.11
+
       - name: Download Build files
         uses: actions/download-artifact@v4
         with:

.github/workflows/deploy-qa.yml

@@ -126,14 +126,6 @@ jobs:
         with:
           name: build
 
-      - uses: aws-actions/setup-sam@v2
-        with:
-          use-installer: true
-
-      - name: Set up Python 3.11
-        uses: actions/setup-python@v5
-        with:
-          python-version: 3.11
 
       - uses: aws-actions/configure-aws-credentials@v4
         with:

.github/workflows/manual-prod.yml

@@ -97,7 +97,7 @@ jobs:
       - build
     environment: "AWS PROD"
     steps:
-      - name: Set up Node for testing
+      - name: Setup Node
         uses: actions/setup-node@v4
         with:
           node-version: 22.x
@@ -110,13 +110,7 @@ jobs:
       - uses: actions/checkout@v4
         env:
           HUSKY: "0"
-      - uses: aws-actions/setup-sam@v2
-        with:
-          use-installer: true
-      - name: Set up Python 3.11
-        uses: actions/setup-python@v5
-        with:
-          python-version: 3.11
+
       - name: Download Build files
         uses: actions/download-artifact@v4
         with:

.github/workflows/review.yml

@@ -27,7 +27,7 @@ jobs:
             - name: Cloud provider files
               paths:
                 - '.github/'
-                - 'cloudformation/'
+                - 'terraform/'
               teams:
                 - "officers"
                 - "infra-chairs"

Makefile

@@ -1,38 +1,12 @@
-run_env = ParameterKey=RunEnvironment,ParameterValue
-set_application_prefix = ParameterKey=ApplicationPrefix,ParameterValue
-set_application_name = ParameterKey=ApplicationFriendlyName,ParameterValue
-
 prod_aws_account = 298118738376
 dev_aws_account = 427040638965
 current_aws_account := $(shell aws sts get-caller-identity --query Account --output text)
 
 src_directory_root = src/
 dist_ui_directory_root = dist_ui/
 integration_test_directory_root = tests/live_integration/
-
-# CHANGE ME (as needed)
-application_key=infra-core-api
-application_name="InfraCoreApi"
-techlead="[email protected]"
-region="us-east-1"
-
-# DO NOT CHANGE
-common_params = --no-confirm-changeset \
-								--no-fail-on-empty-changeset \
-								--capabilities CAPABILITY_IAM CAPABILITY_NAMED_IAM CAPABILITY_AUTO_EXPAND \
-								--region $(region) \
-								--stack-name $(application_key) \
-				--tags "project=$(application_key)" "techlead=$(techlead)" \
-				--s3-prefix $(application_key) \
-				--resolve-s3
-
-s3_bucket_prefix = "$(current_aws_account)-$(region)-$(application_key)"
-ui_s3_bucket = "$(s3_bucket_prefix)-ui"
-docs_s3_bucket = "$(s3_bucket_prefix)-docs"
-
-
+npm_install_params = --omit=dev --target_arch=arm64 --target_platform=linux --target_libc=glibc --cpu arm64 --os linux --arch=arm64
 GIT_HASH := $(shell git rev-parse --short HEAD)
-ORIGIN_SECRET := $(shell openssl rand -hex 32)
 
 .PHONY: clean
 
@@ -60,80 +34,49 @@ clean:
 build_swagger:
 	cd src/api && npx tsx --experimental-loader=./mockLoader.mjs createSwagger.ts && cd ../..
 
-build: src/ cloudformation/
+build: src/
 	yarn -D
 	yarn build
 	make build_swagger
 	cp -r src/api/resources/ dist/api/resources
 	rm -rf dist/lambda/sqs
-	sam build --template-file cloudformation/main.yml --use-container --parallel
-	mkdir -p .aws-sam/build/AppApiLambdaFunction/node_modules/aws-crt/
-	cp -r node_modules/aws-crt/dist .aws-sam/build/AppApiLambdaFunction/node_modules/aws-crt
-## IF WE EVER CHANGE THE LAMBDA ARCH, BE SURE TO CHANGE THESE ##
-	rm -rf .aws-sam/build/AppApiLambdaFunction/node_modules/aws-crt/dist/bin/darwin*
-	rm -rf .aws-sam/build/AppApiLambdaFunction/node_modules/aws-crt/dist/bin/linux-x64*
-	rm -rf .aws-sam/build/AppApiLambdaFunction/node_modules/aws-crt/dist/bin/linux-arm64-musl
-	rm -rf .aws-sam/build/AppApiLambdaFunction/node_modules/argon2/prebuilds/darwin*
-	rm -rf .aws-sam/build/AppApiLambdaFunction/node_modules/argon2/prebuilds/freebsd*
-	rm -rf .aws-sam/build/AppApiLambdaFunction/node_modules/argon2/prebuilds/linux-arm
-	rm -rf .aws-sam/build/AppApiLambdaFunction/node_modules/argon2/prebuilds/linux-x64*
-	rm -rf .aws-sam/build/AppApiLambdaFunction/node_modules/argon2/prebuilds/win32-x64*
-	rm -rf .aws-sam/build/AppApiLambdaFunction/node_modules/argon2/prebuilds/linux-arm64/argon2.armv8.musl.node
+	docker run --rm -v "$(shell pwd)/dist/lambda":/var/task public.ecr.aws/sam/build-nodejs22.x:latest \
+	sh -c "npm install $(npm_install_params) && \
+			rm -rf node_modules/aws-crt/dist/bin/{darwin*,linux-x64*,linux-arm64-musl} && \
+			rm -rf node_modules/argon2/prebuilds/{darwin*,freebsd*,linux-arm,linux-x64*,win32-x64*} && \
+			rm -rf node_modules/argon2/prebuilds/linux-arm64/argon2.armv8.musl.node"
+
+	docker run --rm -v "$(shell pwd)/dist/sqsConsumer":/var/task public.ecr.aws/sam/build-nodejs22.x:latest \
+	sh -c "npm install $(npm_install_params) && \
+				rm -rf node_modules/aws-crt/dist/bin/{darwin*,linux-x64*,linux-arm64-musl} && \
+				rm -rf node_modules/argon2/prebuilds/{darwin*,freebsd*,linux-arm,linux-x64*,win32-x64*} && \
+				rm -rf node_modules/argon2/prebuilds/linux-arm64/argon2.armv8.musl.node"
 
 local:
 	VITE_BUILD_HASH=$(GIT_HASH) yarn run dev
 
-
-postdeploy:
-	@echo "Syncing S3 UI bucket..."
-	aws s3 sync $(dist_ui_directory_root) s3://$(ui_s3_bucket)/ --delete
-	make invalidate_cloudfront
-
 deploy_prod: check_account_prod
-	@echo "Deploying CloudFormation stack..."
-	@sam deploy $(common_params) --parameter-overrides $(run_env)=prod $(set_application_prefix)=$(application_key) $(set_application_name)="$(application_name)" S3BucketPrefix="$(s3_bucket_prefix)" CloudfrontOriginSecret="$(ORIGIN_SECRET)"
 	@echo "Deploying Terraform..."
-	$(eval MAIN_DISTRIBUTION_ID := $(shell aws cloudformation describe-stacks --stack-name $(application_key) --query "Stacks[0].Outputs[?OutputKey=='CloudfrontDistributionId'].OutputValue" --output text))
 	terraform -chdir=terraform/envs/prod init -lockfile=readonly
-	terraform -chdir=terraform/envs/prod apply -auto-approve -var main_cloudfront_distribution_id="$(MAIN_DISTRIBUTION_ID)"
-	make postdeploy
+	terraform -chdir=terraform/envs/prod apply -auto-approve
 
 deploy_dev: check_account_dev
-	@echo "Deploying CloudFormation stack..."
-	@sam deploy $(common_params) --parameter-overrides $(run_env)=dev $(set_application_prefix)=$(application_key) $(set_application_name)="$(application_name)" S3BucketPrefix="$(s3_bucket_prefix)" CloudfrontOriginSecret="$(ORIGIN_SECRET)"
 	@echo "Deploying Terraform..."
-	$(eval MAIN_DISTRIBUTION_ID := $(shell aws cloudformation describe-stacks --stack-name $(application_key) --query "Stacks[0].Outputs[?OutputKey=='CloudfrontDistributionId'].OutputValue" --output text))
 	terraform -chdir=terraform/envs/qa init -lockfile=readonly
-	terraform -chdir=terraform/envs/qa apply -auto-approve -var main_cloudfront_distribution_id="$(MAIN_DISTRIBUTION_ID)"
-	make postdeploy
-
-invalidate_cloudfront:
-	@echo "Creating CloudFront invalidation..."
-	$(eval DISTRIBUTION_ID := $(shell aws cloudformation describe-stacks --stack-name $(application_key) --query "Stacks[0].Outputs[?OutputKey=='CloudfrontDistributionId'].OutputValue" --output text))
-	$(eval DISTRIBUTION_ID_2 := $(shell aws cloudformation describe-stacks --stack-name $(application_key) --query "Stacks[0].Outputs[?OutputKey=='CloudfrontIcalDistributionId'].OutputValue" --output text))
-	$(eval INVALIDATION_ID := $(shell aws cloudfront create-invalidation --distribution-id $(DISTRIBUTION_ID) --paths "/*" --query 'Invalidation.Id' --output text --no-cli-page))
-	$(eval INVALIDATION_ID_2 := $(shell aws cloudfront create-invalidation --distribution-id $(DISTRIBUTION_ID_2) --paths "/*" --query 'Invalidation.Id' --output text --no-cli-page))
-	@echo "Triggered invalidation jobs $(INVALIDATION_ID) and $(INVALIDATION_ID_2)..."
-	@echo "Waiting on job $(INVALIDATION_ID)..."
-	aws cloudfront wait invalidation-completed --distribution-id $(DISTRIBUTION_ID) --id $(INVALIDATION_ID)
-	@echo "Waiting on job $(INVALIDATION_ID_2)..."
-	aws cloudfront wait invalidation-completed --distribution-id $(DISTRIBUTION_ID_2) --id $(INVALIDATION_ID_2)
-	@echo "CloudFront invalidation completed!"
+	terraform -chdir=terraform/envs/qa apply -auto-approve
 
 init_terraform:
 	terraform -chdir=terraform/envs/qa init
 	terraform -chdir=terraform/envs/prod init
 
 install:
 	yarn -D
-	pip install cfn-lint
 
 test_live_integration: install
 	yarn test:live
 
 test_unit: install
 	yarn lint
-	cfn-lint cloudformation/**/*
 	terraform -chdir=terraform/envs/qa init -reconfigure -backend=false -upgrade
 	terraform -chdir=terraform/envs/qa fmt -check
 	terraform -chdir=terraform/envs/qa validate