From be719a6e34ee696a6da2ad5ddcc3bc93fd46dc73 Mon Sep 17 00:00:00 2001
From: Stefano <stefano@fiorinis.com>
Date: Wed, 21 May 2025 16:16:02 -0500
Subject: [PATCH] Fixed process of updating app on running instances

---
 .gitea/workflows/aws_deploy_on_push.yml |  3 ++-
 .vscode/settings.json                   |  2 ++
 app/utils/database.py                   | 11 +++++++++--
 infrastructure/stack.py                 |  6 ++++++
 scripts/deploy.sh                       |  3 ++-
 5 files changed, 21 insertions(+), 4 deletions(-)

diff --git a/.gitea/workflows/aws_deploy_on_push.yml b/.gitea/workflows/aws_deploy_on_push.yml
index c969d31..77820bb 100644
--- a/.gitea/workflows/aws_deploy_on_push.yml
+++ b/.gitea/workflows/aws_deploy_on_push.yml
@@ -57,7 +57,8 @@ jobs:
       - name: Update application on instance
         run: |
           INSTANCE_IDS=$(aws ec2 describe-instances \
-            --filters "Name=tag:Name,Values=IptvUpdater/IptvUpdaterInstance" \
+            --region us-east-2 \
+            --filters "Name=tag:Name,Values=IptvUpdaterStack/IptvUpdaterInstance" \
                       "Name=instance-state-name,Values=running" \
             --query "Reservations[].Instances[].InstanceId" \
             --output text)
diff --git a/.vscode/settings.json b/.vscode/settings.json
index ee41b14..f97cfee 100644
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@@ -25,6 +25,8 @@
         "pycache",
         "pyjwt",
         "pytest",
+        "PYTHONDONTWRITEBYTECODE",
+        "PYTHONUNBUFFERED",
         "reloadcmd",
         "roomodes",
         "ruru",
diff --git a/app/utils/database.py b/app/utils/database.py
index d278d30..c453dfd 100644
--- a/app/utils/database.py
+++ b/app/utils/database.py
@@ -1,5 +1,6 @@
 import os
 import boto3
+from .constants import AWS_REGION
 from sqlalchemy import create_engine
 from sqlalchemy.ext.declarative import declarative_base
 from sqlalchemy.orm import sessionmaker
@@ -7,8 +8,14 @@ from functools import lru_cache
 
 @lru_cache(maxsize=1)
 def get_db_credentials():
-    """Fetch and cache DB credentials from SSM Parameter Store"""
-    ssm = boto3.client('ssm')
+    """Fetch and cache DB credentials from environment or SSM Parameter Store"""
+    if os.getenv("MOCK_AUTH", "").lower() == "true":
+        return (
+            f"postgresql://{os.getenv('DB_USER')}:{os.getenv('DB_PASSWORD')}"
+            f"@{os.getenv('DB_HOST')}/{os.getenv('DB_NAME')}"
+        )
+    
+    ssm = boto3.client('ssm', region_name=AWS_REGION)
     try:
         host = ssm.get_parameter(Name='/iptv-updater/DB_HOST', WithDecryption=True)['Parameter']['Value']
         user = ssm.get_parameter(Name='/iptv-updater/DB_USER', WithDecryption=True)['Parameter']['Value']
diff --git a/infrastructure/stack.py b/infrastructure/stack.py
index 84bc320..1238207 100644
--- a/infrastructure/stack.py
+++ b/infrastructure/stack.py
@@ -86,6 +86,12 @@ class IptvUpdaterStack(Stack):
             )
         )
 
+        # Add EC2 describe permissions
+        role.add_to_policy(iam.PolicyStatement(
+            actions=["ec2:DescribeInstances"],
+            resources=["*"]
+        ))
+
         # Add Cognito permissions to instance role
         role.add_managed_policy(
             iam.ManagedPolicy.from_aws_managed_policy_name(
diff --git a/scripts/deploy.sh b/scripts/deploy.sh
index 450247d..55e1347 100755
--- a/scripts/deploy.sh
+++ b/scripts/deploy.sh
@@ -24,7 +24,8 @@ cdk deploy --app="python3 ${PWD}/app.py"
 
 # Update application on running instances
 INSTANCE_IDS=$(aws ec2 describe-instances \
-  --filters "Name=tag:Name,Values=IptvUpdater/IptvUpdaterInstance" \
+  --region us-east-2 \
+  --filters "Name=tag:Name,Values=IptvUpdaterStack/IptvUpdaterInstance" \
             "Name=instance-state-name,Values=running" \
   --query "Reservations[].Instances[].InstanceId" \
   --output text)