From fb7234c93f149e8ea82292320d01c1c24033b1d6 Mon Sep 17 00:00:00 2001
From: Jerome <wjrjerome@gmail.com>
Date: Sat, 12 Nov 2022 12:29:23 +1100
Subject: [PATCH] Rename s3 bucket (#206)

* make EFS bucket per node

* Rename S3 bucket to td-devnet-bucket
---
 cicd/README.md                     |  4 +++-
 cicd/devnet/terraform/ecs.tf       | 10 ++++++----
 cicd/devnet/terraform/efs.tf       | 23 ++++++++++++++---------
 cicd/devnet/terraform/s3.tf        | 11 ++---------
 cicd/devnet/terraform/variables.tf |  1 +
 5 files changed, 26 insertions(+), 23 deletions(-)

diff --git a/cicd/README.md b/cicd/README.md
index 15106703cf..68d3b362ac 100644
--- a/cicd/README.md
+++ b/cicd/README.md
@@ -23,7 +23,9 @@ Each PR merged into `dev-upgrade` will trigger below actions:
   "xdc{{NUMBER}}: {...}
 }
 ```
-2. Access to aws console, create a bucket with name `terraform-devnet-bucket`
+2. Access to aws console, create a bucket with name `tf-devnet-bucket`:
+  - You can choose any name, just make sure update the name in the s3 bucket name variable in `variables.tf`
+  - And update the name of the terraform.backend.s3.bucket from `s3.tf`
 3. Upload the file from step 1 into the above bucket with name `node-config.json`
 4. In order to allow pipeline able to push and deploy via ECR and ECS, we require below environment variables to be injected into the CI pipeline:
   1. DOCKER_USERNAME
diff --git a/cicd/devnet/terraform/ecs.tf b/cicd/devnet/terraform/ecs.tf
index 8f7285a10e..869a23c01e 100644
--- a/cicd/devnet/terraform/ecs.tf
+++ b/cicd/devnet/terraform/ecs.tf
@@ -24,14 +24,16 @@ resource "aws_ecs_task_definition" "devnet_task_definition_group" {
   # New nodes will consume a lot more CPU usage than existing nodes. 
   # This is due to sync is resource heavy. Recommending set to below if doing sync:
   # CPU = 2048, Memory = 4096
-  # Please set it back to cpu 512 and memory of 2048 after sync is done to save the cost
-  cpu = 256
-  memory = 2048
+  # Please set it back to cpu 256 and memory of 2048 after sync is done to save the cost
+  # cpu = 256
+  # memory = 2048
+  cpu = 2048
+  memory = 4096
   volume {
     name = "efs"
 
     efs_volume_configuration {
-      file_system_id          = aws_efs_file_system.devnet_efs.id
+      file_system_id          = aws_efs_file_system.devnet_efs[each.key].id
       root_directory          = "/"
       transit_encryption      = "ENABLED"
       authorization_config {
diff --git a/cicd/devnet/terraform/efs.tf b/cicd/devnet/terraform/efs.tf
index bae9e2daa7..f4dabe5e29 100644
--- a/cicd/devnet/terraform/efs.tf
+++ b/cicd/devnet/terraform/efs.tf
@@ -24,24 +24,29 @@ resource "aws_security_group" "devnet_efs_security_group" {
 }
 
 resource "aws_efs_file_system" "devnet_efs" {
-   creation_token = "efs"
-   performance_mode = "generalPurpose"
-   throughput_mode = "bursting"
-   encrypted = "true"
-   tags = {
-       Name = "TfDevnetEfs"
-   }
+  for_each = local.devnetNodeKyes
+  creation_token = "efs-${each.key}"
+  performance_mode = "generalPurpose"
+  throughput_mode = "bursting"
+  encrypted = "true"
+  lifecycle_policy {
+    transition_to_ia = "AFTER_30_DAYS"
+  }
+  tags = {
+    Name = "TfDevnetEfs${each.key}"
+  }
  }
 
 resource "aws_efs_mount_target" "devnet_efs_efs_mount_target" {
-  file_system_id = aws_efs_file_system.devnet_efs.id
+  for_each = local.devnetNodeKyes
+  file_system_id = aws_efs_file_system.devnet_efs[each.key].id
   subnet_id      = aws_subnet.devnet_subnet.id
   security_groups = [aws_security_group.devnet_efs_security_group.id]
 }
 
 resource "aws_efs_access_point" "devnet_efs_access_point" {
   for_each = local.devnetNodeKyes
-  file_system_id = aws_efs_file_system.devnet_efs.id
+  file_system_id = aws_efs_file_system.devnet_efs[each.key].id
   root_directory {
     path = "/${each.key}/database"
     creation_info {
diff --git a/cicd/devnet/terraform/s3.tf b/cicd/devnet/terraform/s3.tf
index ce955302f8..29820c995a 100644
--- a/cicd/devnet/terraform/s3.tf
+++ b/cicd/devnet/terraform/s3.tf
@@ -1,17 +1,10 @@
 
 
-# This bucket had to be created before you can run the terraform init
-resource "aws_s3_bucket" "terraform_s3_bucket" {
-  bucket = "terraform-devnet-bucket"
-  versioning {
-    enabled = true
-  }
-}
 
 # Bucket need to be created first. If first time run terraform init, need to comment out the below section
 terraform {
   backend "s3" {
-    bucket = "terraform-devnet-bucket"
+    bucket = "tf-devnet-bucket" // This name need to be updated to be the same as local.s3BucketName. We can't use variable here.
     key    = "tf/terraform.tfstate"
     region = "us-east-1"
     encrypt = true
@@ -19,6 +12,6 @@ terraform {
 }
 
 data "aws_s3_bucket_object" "devnet_xdc_node_config" {
-  bucket = "terraform-devnet-bucket"
+  bucket = local.s3BucketName
   key    = "node-config.json"
 }
\ No newline at end of file
diff --git a/cicd/devnet/terraform/variables.tf b/cicd/devnet/terraform/variables.tf
index 62fd689b09..a3c7c59c5d 100644
--- a/cicd/devnet/terraform/variables.tf
+++ b/cicd/devnet/terraform/variables.tf
@@ -15,4 +15,5 @@ locals {
     devnetNodeKyes = {
       for i in local.keyNames: i => local.predefinedNodesConfig[i]
     }
+    s3BucketName = "tf-devnet-bucket"
 }
\ No newline at end of file