Fixed process of updating app on running instances

2025-05-21 16:16:02 -05:00
parent 5767124031
commit be719a6e34
5 changed files with 21 additions and 4 deletions
--- a/.gitea/workflows/aws_deploy_on_push.yml
+++ b/.gitea/workflows/aws_deploy_on_push.yml
@@ -57,7 +57,8 @@ jobs:
      - name: Update application on instance
        run: |
          INSTANCE_IDS=$(aws ec2 describe-instances \
-            --filters "Name=tag:Name,Values=IptvUpdater/IptvUpdaterInstance" \
+            --region us-east-2 \
+            --filters "Name=tag:Name,Values=IptvUpdaterStack/IptvUpdaterInstance" \
                      "Name=instance-state-name,Values=running" \
            --query "Reservations[].Instances[].InstanceId" \
            --output text)
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@@ -25,6 +25,8 @@
        "pycache",
        "pyjwt",
        "pytest",
+        "PYTHONDONTWRITEBYTECODE",
+        "PYTHONUNBUFFERED",
        "reloadcmd",
        "roomodes",
        "ruru",
--- a/app/utils/database.py
+++ b/app/utils/database.py
@@ -1,5 +1,6 @@
 import os
 import boto3
+from .constants import AWS_REGION
 from sqlalchemy import create_engine
 from sqlalchemy.ext.declarative import declarative_base
 from sqlalchemy.orm import sessionmaker
@@ -7,8 +8,14 @@ from functools import lru_cache

@lru_cache(maxsize=1)
 def get_db_credentials():
-    """Fetch and cache DB credentials from SSM Parameter Store"""
-    ssm = boto3.client('ssm')
+    """Fetch and cache DB credentials from environment or SSM Parameter Store"""
+    if os.getenv("MOCK_AUTH", "").lower() == "true":
+        return (
+            f"postgresql://{os.getenv('DB_USER')}:{os.getenv('DB_PASSWORD')}"
+            f"@{os.getenv('DB_HOST')}/{os.getenv('DB_NAME')}"
+        )
+    
+    ssm = boto3.client('ssm', region_name=AWS_REGION)
    try:
        host = ssm.get_parameter(Name='/iptv-updater/DB_HOST', WithDecryption=True)['Parameter']['Value']
        user = ssm.get_parameter(Name='/iptv-updater/DB_USER', WithDecryption=True)['Parameter']['Value']
--- a/infrastructure/stack.py
+++ b/infrastructure/stack.py
@@ -86,6 +86,12 @@ class IptvUpdaterStack(Stack):
            )
        )

+        # Add EC2 describe permissions
+        role.add_to_policy(iam.PolicyStatement(
+            actions=["ec2:DescribeInstances"],
+            resources=["*"]
+        ))
+
        # Add Cognito permissions to instance role
        role.add_managed_policy(
            iam.ManagedPolicy.from_aws_managed_policy_name(
--- a/scripts/deploy.sh
+++ b/scripts/deploy.sh
@@ -24,7 +24,8 @@ cdk deploy --app="python3 ${PWD}/app.py"

 # Update application on running instances
 INSTANCE_IDS=$(aws ec2 describe-instances \
-  --filters "Name=tag:Name,Values=IptvUpdater/IptvUpdaterInstance" \
+  --region us-east-2 \
+  --filters "Name=tag:Name,Values=IptvUpdaterStack/IptvUpdaterInstance" \
            "Name=instance-state-name,Values=running" \
  --query "Reservations[].Instances[].InstanceId" \
  --output text)