diff --git a/infrastructure/terraform/lambda/engine/README.md b/infrastructure/terraform/lambda/engine/README.md new file mode 100644 index 00000000..5bb10627 --- /dev/null +++ b/infrastructure/terraform/lambda/engine/README.md @@ -0,0 +1,50 @@ +## Checklist for adding a new Lambda + +### 1. Create the Lambda scaffold +- Copy the template: + + `cp -r lambda/_template lambda/` + +--- + +### 2. Add infrastructure prerequisites (shared stack) +- Add a new ECR repository in: + + infrastructure/terraform/shared/main.tf + +- Create a PR to deploy this to main then dev in order to deploy the shared stack + +- Verify the ECR repository exists in AWS + +--- + +### 3. Add Docker build configuration +- Create a `Dockerfile` for the Lambda +- Verify the Dockerfile path and build context +- Add a new image build job in `deploy_terraform.yml` using `_build_image.yml` + +--- + +### 4. Wire the Lambda deploy job (CI) +- Add a deploy job using `_deploy_lambda.yml` +- Ensure the deploy job depends on the image build job + +--- + +### 5. Deploy +- Push changes to GitHub +- CI will: + 1. Build and push the Docker image + 2. Deploy the Lambda + 3. Verify everything deployed. Good things to check: + - ECR with image + - SQS + - Trigger SQS + - Cloud watch logs +--- +### 5. Delete + 1. Delete README if you used cp -r + +--- + +## Please feel free to update this document to make it easier for the next person \ No newline at end of file diff --git a/infrastructure/terraform/lambda/engine/main.tf b/infrastructure/terraform/lambda/engine/main.tf new file mode 100644 index 00000000..c1cff8a3 --- /dev/null +++ b/infrastructure/terraform/lambda/engine/main.tf @@ -0,0 +1,25 @@ +data "terraform_remote_state" "shared" { + backend = "s3" + config = { + bucket = "assessment-model-terraform-state" + key = "env:/${var.stage}/terraform.tfstate" + region = "eu-west-2" + } +} + +module "lambda" { + source = "../modules/lambda_with_sqs" + + name = "engine" + stage = var.stage + + image_uri = local.image_uri + + # Optional: Set maximum_concurrency to limit concurrent SQS-triggered invocations (2-1000) + maximum_concurrency = var.maximum_concurrency + + environment = { + STAGE = var.stage + LOG_LEVEL = "info" + } +} \ No newline at end of file diff --git a/infrastructure/terraform/lambda/engine/provider.tf b/infrastructure/terraform/lambda/engine/provider.tf new file mode 100644 index 00000000..37c412ce --- /dev/null +++ b/infrastructure/terraform/lambda/engine/provider.tf @@ -0,0 +1,16 @@ +terraform { + required_providers { + aws = { + source = "hashicorp/aws" + version = "~> 4.16" + } + } + + backend "s3" { + bucket = REPLACE_ME + key = "terraform.tfstate" + region = "eu-west-2" + } + + required_version = ">= 1.2.0" +} \ No newline at end of file diff --git a/infrastructure/terraform/lambda/engine/variables.tf b/infrastructure/terraform/lambda/engine/variables.tf new file mode 100644 index 00000000..503bf6c8 --- /dev/null +++ b/infrastructure/terraform/lambda/engine/variables.tf @@ -0,0 +1,32 @@ +variable "lambda_name" { + type = string + description = "Logical name of the lambda (e.g. address2uprn)" +} + +variable "stage" { + description = "Deployment stage (e.g. dev, prod)" + type = string +} +variable "ecr_repo_url" { + type = string + description = "ECR repository URL (no tag, no digest)" +} + +variable "image_digest" { + type = string + description = "Image digest (sha256:...)" +} + +variable "maximum_concurrency" { + type = number + default = 12 + description = "Maximum number of concurrent Lambda invocations from SQS (2-1000). null = no limit." +} + +locals { + image_uri = "${var.ecr_repo_url}@${var.image_digest}" +} + +output "resolved_image_uri" { + value = local.image_uri +} diff --git a/infrastructure/terraform/shared/main.tf b/infrastructure/terraform/shared/main.tf index cca3394f..e7eaaf96 100644 --- a/infrastructure/terraform/shared/main.tf +++ b/infrastructure/terraform/shared/main.tf @@ -414,4 +414,19 @@ module "categorisation_registry" { source = "../modules/container_registry" name = "categorisation" stage = var.stage +} + +################################################ +# Engine – Lambda ECR +################################################ +module "engine_state_bucket" { + source = "../modules/tf_state_bucket" + bucket_name = "engine-terraform-state" + +} + +module "engine_registry" { + source = "../modules/container_registry" + name = "engine" + stage = var.stage } \ No newline at end of file