rds

Merge branch 'cdk-aq1' of https://github.com/SyncrowIOT/backend into cdk-aq1
add build.sh command
2025-07-09 22:57:24 +00:00 · 2025-07-08 13:46:04 +03:00 · 2025-07-08 04:26:51 -06:00 · 2025-07-08 04:26:19 -06:00 · 2025-07-08 13:25:23 +03:00 · 2025-07-08 12:44:10 +03:00
3 changed files with 41 additions and 24 deletions
--- a/build.sh
+++ b/build.sh
@ -0,0 +1,21 @@
+#!/bin/bash
+set -e
+
+ACCOUNT_ID=$(aws sts get-caller-identity --query Account --output text)
+REGION=${AWS_DEFAULT_REGION:-me-central-1}
+
+
+aws ecr get-login-password --region $REGION | docker login --username AWS --password-stdin $ACCOUNT_ID.dkr.ecr.$REGION.amazonaws.com
+
+docker build --platform=linux/amd64 -t syncrow-backend .
+docker tag syncrow-backend:latest $ACCOUNT_ID.dkr.ecr.$REGION.amazonaws.com/syncrow-backend:latest
+docker push $ACCOUNT_ID.dkr.ecr.$REGION.amazonaws.com/syncrow-backend:latest
+
+SERVICE_ARN=$(aws ecs list-services --cluster syncrow-backend-cluster --query 'serviceArns[0]' --output text --region $REGION 2>/dev/null || echo "")
+
+if [ "$SERVICE_ARN" != "" ] && [ "$SERVICE_ARN" != "None" ]; then
+    SERVICE_NAME=$(echo $SERVICE_ARN | cut -d'/' -f3)
+    aws ecs update-service --cluster syncrow-backend-cluster --service $SERVICE_NAME --force-new-deployment --region $REGION
+else
+    npx cdk deploy SyncrowBackendStack --context certificateArn=arn:aws:acm:me-central-1:482311766496:certificate/bea1e2ae-84a1-414e-8dbf-4599397e7ed0 --require-approval never
+fi
--- a/infrastructure/stack.ts
+++ b/infrastructure/stack.ts
@ -100,29 +100,26 @@ export class BackendStack extends cdk.Stack {
      'Allow HTTPS traffic'
    );

-    // RDS Aurora Serverless v2 PostgreSQL
-    const dbCluster = new rds.DatabaseCluster(this, 'SyncrowDatabase', {
+    const dbCluster = rds.DatabaseCluster.fromDatabaseClusterAttributes(this, 'SyncrowDatabase', {
+      clusterIdentifier: 'syncrow-backend',
+      instanceIdentifiers: ['syncrowdatabase-instance-1'],
      engine: rds.DatabaseClusterEngine.auroraPostgres({
-        version: rds.AuroraPostgresEngineVersion.VER_15_4,
+        version: rds.AuroraPostgresEngineVersion.VER_16_6,
      }),
-      vpc: this.vpc,
-      securityGroups: [dbSecurityGroup],
-      serverlessV2MinCapacity: 0.5,
-      serverlessV2MaxCapacity: 4,
-      writer: rds.ClusterInstance.serverlessV2('writer'),
-      defaultDatabaseName: props?.databaseName || 'syncrow',
-      credentials: rds.Credentials.fromGeneratedSecret('syncrowadmin', {
-        secretName: 'syncrow-db-credentials',
-      }),
-      removalPolicy: cdk.RemovalPolicy.DESTROY,
+      port: 5432,
+      securityGroups: [
+        ec2.SecurityGroup.fromSecurityGroupId(this, 'ImportedDbSecurityGroup', 'sg-07e163f588b2bac25')
+      ],
+      clusterEndpointAddress: 'syncrow-backend.cluster-criskv1sdkq4.me-central-1.rds.amazonaws.com',
    });

-    // ECR Repository for Docker images - ensure it's in the correct region
-    const ecrRepository = new ecr.Repository(this, 'SyncrowBackendRepo', {
-      repositoryName: 'syncrow-backend',
-      removalPolicy: cdk.RemovalPolicy.DESTROY,
-      emptyOnDelete: true,
-    });
+    // Import the existing database secret separately
+    const dbSecret = rds.DatabaseSecret.fromSecretCompleteArn(this, 'ImportedDbSecret', 
+      'arn:aws:secretsmanager:me-central-1:482311766496:secret:rds!cluster-43ec14cd-9301-43e2-aa79-d330a429a126-v0JDQN'
+    );
+
+    // ECR Repository for Docker images - import existing repository
+    const ecrRepository = ecr.Repository.fromRepositoryName(this, 'SyncrowBackendRepo', 'syncrow-backend');

    // Output the correct ECR URI for this region
    new cdk.CfnOutput(this, 'EcrRepositoryUriRegional', {
@ -179,7 +176,7 @@ export class BackendStack extends cdk.Stack {
          AZURE_POSTGRESQL_HOST: dbCluster.clusterEndpoint.hostname,
          AZURE_POSTGRESQL_PORT: '5432',
          AZURE_POSTGRESQL_DATABASE: props?.databaseName || 'syncrow',
-          AZURE_POSTGRESQL_USER: 'syncrowadmin',
+          AZURE_POSTGRESQL_USER: 'postgres',
          AZURE_POSTGRESQL_SSL: process.env.AZURE_POSTGRESQL_SSL || 'false',
          AZURE_POSTGRESQL_SYNC: process.env.AZURE_POSTGRESQL_SYNC || 'false',
          
@ -256,7 +253,7 @@ export class BackendStack extends cdk.Stack {
        },
        secrets: {
          AZURE_POSTGRESQL_PASSWORD: ecs.Secret.fromSecretsManager(
-            dbCluster.secret!,
+            dbSecret,
            'password'
          ),
        },
@ -301,9 +298,7 @@ export class BackendStack extends cdk.Stack {
    });

    // Grant ECS task access to RDS credentials
-    if (dbCluster.secret) {
-      dbCluster.secret.grantRead(fargateService.taskDefinition.taskRole);
-    }
+    dbSecret.grantRead(fargateService.taskDefinition.taskRole);

    this.apiUrl = 'https://api.syncrow.me';
    this.databaseEndpoint = dbCluster.clusterEndpoint.hostname;
--- a/package.json
+++ b/package.json
@ -22,6 +22,7 @@
    "test:debug": "node --inspect-brk -r tsconfig-paths/register -r ts-node/register node_modules/.bin/jest --runInBand",
    "test:e2e": "jest --config ./apps/backend/test/jest-e2e.json",
    "deploy": "./deploy.sh",
+    "infra:build": "./build.sh",
    "infra:deploy": "cdk deploy SyncrowBackendStack",
    "infra:destroy": "cdk destroy SyncrowBackendStack"
  },
Author	SHA1	Message	Date
Ammar Qaffaf	ef21b589c0	rds	2025-07-08 13:46:04 +03:00
faris Aljohari	44f83ea54e	Merge branch 'cdk-aq1' of https://github.com/SyncrowIOT/backend into cdk-aq1	2025-07-08 04:26:51 -06:00
faris Aljohari	e4694db79c	add build.sh command	2025-07-08 04:26:19 -06:00
Ammar Qaffaf	13064296a7	import db	2025-07-08 13:25:23 +03:00
Ammar Qaffaf	a269f833bc	Updates ECR repository handling to import existing repo	2025-07-08 12:44:10 +03:00