diff --git a/.github/skills/commit-message-generator/SKILL.md b/.github/skills/commit-message-generator/SKILL.md index 19ff1f1..7a41080 100644 --- a/.github/skills/commit-message-generator/SKILL.md +++ b/.github/skills/commit-message-generator/SKILL.md @@ -6,7 +6,6 @@ description: Generate appropriate commit messages based on Git diffs ## Prerequisites - This Skill retrieves Git diffs and suggests meaningful commit messages - Message format should follow Conventional Commits -- Commit messages should have a one-line Conventional Commits header, an optional blank second line, and from the third line onward include a bulleted list summarizing the changes - Commit messages should be in English - **Never perform Git commit or Git push** diff --git a/ci/buildspec.yml b/ci/buildspec.yml index 37b41cf..0c1b314 100644 --- a/ci/buildspec.yml +++ b/ci/buildspec.yml @@ -16,6 +16,3 @@ phases: - set -e - docker push ${REPOSITORY_URI}:${GIT_TAG} - docker push ${REPOSITORY_URI}:latest - - printf '[{"name":"forgejo","imageUri":"%s"}]' $REPOSITORY_URI:$GIT_TAG > imagedefinitions.json -artifacts: - files: imagedefinitions.json diff --git a/infra/cfn/forgejo-cl.yaml b/infra/cfn/forgejo-cl.yaml index ec1142a..0712008 100644 --- a/infra/cfn/forgejo-cl.yaml +++ b/infra/cfn/forgejo-cl.yaml @@ -10,10 +10,6 @@ Parameters: Type: String Default: forgejo-source.zip - ArtifactBucketName: - Type: String - Default: forgejo-artifact-bucket - ForgejoRepositoryName: Type: String Default: forgejo-repository @@ -33,49 +29,12 @@ Resources: EventBridgeConfiguration: EventBridgeEnabled: true - ArtifactBucket: - Type: AWS::S3::Bucket - Properties: - BucketName: !Sub "${AWS::Region}-${AWS::AccountId}-${ArtifactBucketName}" - Tags: - - Key: Project - Value: Git-server - VersioningConfiguration: - Status: Enabled - BucketEncryption: - ServerSideEncryptionConfiguration: - - ServerSideEncryptionByDefault: - SSEAlgorithm: AES256 - PublicAccessBlockConfiguration: - BlockPublicAcls: true - BlockPublicPolicy: true - IgnorePublicAcls: true - RestrictPublicBuckets: true - ForgejoRepository: Type: AWS::ECR::Repository Properties: RepositoryName: !Ref ForgejoRepositoryName ImageScanningConfiguration: ScanOnPush: true - LifecyclePolicy: - LifecyclePolicyText: | - { - "rules": [ - { - "rulePriority": 1, - "description": "Expire images to keep maximum 5", - "selection": { - "tagStatus": "any", - "countType": "imageCountMoreThan", - "countNumber": 5 - }, - "action": { - "type": "expire" - } - } - ] - } CodeBuildRole: Type: AWS::IAM::Role @@ -117,8 +76,8 @@ Resources: - s3:PutObject - s3:ListBucket Resource: - - !Sub "arn:aws:s3:::${AWS::Region}-${AWS::AccountId}-${ArtifactBucketName}" - - !Sub "arn:aws:s3:::${AWS::Region}-${AWS::AccountId}-${ArtifactBucketName}/*" + - !Sub "arn:aws:s3:::codebuild-${AWS::Region}-${AWS::AccountId}-input-bucket" + - !Sub "arn:aws:s3:::codebuild-${AWS::Region}-${AWS::AccountId}-input-bucket/*" - !Sub "arn:aws:s3:::${AWS::Region}-${AWS::AccountId}-${SourceBucketName}" - !Sub "arn:aws:s3:::${AWS::Region}-${AWS::AccountId}-${SourceBucketName}/*" @@ -168,8 +127,8 @@ Resources: - s3:GetBucketLocation - s3:GetBucketVersioning Resource: - - !Sub "arn:aws:s3:::${AWS::Region}-${AWS::AccountId}-${ArtifactBucketName}" - - !Sub "arn:aws:s3:::${AWS::Region}-${AWS::AccountId}-${ArtifactBucketName}/*" + - !Sub "arn:aws:s3:::codebuild-${AWS::Region}-${AWS::AccountId}-input-bucket" + - !Sub "arn:aws:s3:::codebuild-${AWS::Region}-${AWS::AccountId}-input-bucket/*" - !Sub "arn:aws:s3:::${AWS::Region}-${AWS::AccountId}-${SourceBucketName}" - !Sub "arn:aws:s3:::${AWS::Region}-${AWS::AccountId}-${SourceBucketName}/*" - Effect: Allow @@ -184,41 +143,6 @@ Resources: - codepipeline:PutApprovalResult - codepipeline:StartPipelineExecution Resource: !Sub "arn:aws:codepipeline:${AWS::Region}:${AWS::AccountId}:*" - - Sid: TaskDefinitionPermissions - Effect: Allow - Action: - - ecs:DescribeTaskDefinition - - ecs:RegisterTaskDefinition - Resource: - - "*" - - Sid: ECSServicePermissions - Effect: Allow - Action: - - ecs:DescribeServices - - ecs:UpdateService - Resource: - - !Sub "arn:aws:ecs:${AWS::Region}:${AWS::AccountId}:service/*/*" - - Sid: ECSTagResource - Effect: Allow - Action: - - ecs:TagResource - Resource: - - !Sub "arn:aws:ecs:${AWS::Region}:${AWS::AccountId}:task-definition/*:*" - Condition: - StringEquals: - ecs:CreateAction: - - RegisterTaskDefinition - - Sid: IamPassRolePermissions - Effect: Allow - Action: - - iam:PassRole - Resource: - - !Sub "arn:aws:iam::${AWS::AccountId}:role/*" - Condition: - StringEquals: - iam:PassedToService: - - ecs.amazonaws.com - - ecs-tasks.amazonaws.com ForgejoPipeline: Type: AWS::CodePipeline::Pipeline @@ -227,7 +151,7 @@ Resources: RoleArn: !GetAtt CodePipelineRole.Arn ArtifactStore: Type: S3 - Location: !Ref ArtifactBucket + Location: !Sub "codebuild-ap-northeast-1-${AWS::AccountId}-input-bucket" Stages: - Name: Source Actions: @@ -253,23 +177,8 @@ Resources: Version: "1" InputArtifacts: - Name: SourceOutput - OutputArtifacts: - - Name: BuildOutput Configuration: ProjectName: !Ref ForgejoBuildProject - - Name: Deploy - Actions: - - Name: DeployECS - ActionTypeId: - Category: Deploy - Owner: AWS - Provider: ECS - Version: "1" - InputArtifacts: - - Name: BuildOutput - Configuration: - ClusterName: my-forgejo-cluster - ServiceName: forgejo-service S3SourceChangeRule: Type: AWS::Events::Rule diff --git a/infra/cfn/forgejo-ecs-service.yaml b/infra/cfn/forgejo-ecs-service.yaml index 8e3e96d..6401f5c 100644 --- a/infra/cfn/forgejo-ecs-service.yaml +++ b/infra/cfn/forgejo-ecs-service.yaml @@ -35,7 +35,6 @@ Parameters: Resources: - ECSService: Type: AWS::ECS::Service Properties: @@ -57,18 +56,13 @@ Resources: - TargetGroupArn: !ImportValue forgejo-network-TargetGroupArn ContainerName: forgejo ContainerPort: 3000 - HealthCheckGracePeriodSeconds: 300 - DeploymentController: - Type: ECS + HealthCheckGracePeriodSeconds: 0 DeploymentConfiguration: - Strategy: ROLLING MaximumPercent: 100 MinimumHealthyPercent: 0 - Alarms: - AlarmNames: - - myAlarm - Rollback: true + DeploymentCircuitBreaker: Enable: true + Rollback: true SchedulingStrategy: REPLICA EnableECSManagedTags: true PropagateTags: TASK_DEFINITION diff --git a/infra/cfn/forgejo-network.yaml b/infra/cfn/forgejo-network.yaml index f1faa67..01cc151 100644 --- a/infra/cfn/forgejo-network.yaml +++ b/infra/cfn/forgejo-network.yaml @@ -70,7 +70,9 @@ Resources: Weight: 1 Priority: 1 Conditions: - - HostHeaderConfig: + - Values: + - "git.n-daisuke897.com" + HostHeaderConfig: Values: - "git.n-daisuke897.com" Field: "host-header" @@ -79,13 +81,7 @@ Resources: Outputs: TargetGroupArn: - Description: ARN of the Forgejo blue target group + Description: ARN of the Forgejo target group Value: !Ref ElasticLoadBalancingV2TargetGroupForgejo Export: Name: !Sub "${AWS::StackName}-TargetGroupArn" - - ListenerRuleForgejoArn: - Description: ARN of the Forgejo listener rule - Value: !GetAtt ElasticLoadBalancingV2ListenerRuleForgejo.RuleArn - Export: - Name: !Sub "${AWS::StackName}-ListenerRuleForgejoArn"