Feat/adding git workflow (#1)

* Add Fargate health check parameters to ECS service construct
* Fix health check grace period to use Duration.seconds for ECS service
* Adding github action to sync aws infrastructure

Author: ajorquera

.github/workflows/infra-deployment.yml

@@ -0,0 +1,71 @@
+name: AWS CDK Deployment
+
+on:
+  push:
+    branches: longitude
+
+permissions:
+  contents: read
+  
+concurrency:
+  group: ci-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v4
+
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with: 
+          aws-region: ${{ secrets.AWS_REGION }}
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY }}
+          aws-secret-access-key: ${{ secrets.AWS_ACCESS_SECRET }}
+          aws-session-token: ${{ secrets.AWS_ACCESS_TOKEN }}
+        
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.13"
+
+      - name: Set up Node
+        uses: actions/setup-node@v4
+        with:
+          node-version: "20"
+
+      - name: Install and configure Poetry
+        uses: snok/install-poetry@v1
+        with:
+          virtualenvs-create: true
+          virtualenvs-in-project: true
+          installer-parallel: true
+
+      - name: Install Dependencies
+        working-directory: ./source
+        run: |
+          npm install -g aws-cdk
+          poetry install
+
+      - name: Run tests
+        working-directory: ./deployment
+        run: bash ./run-unit-tests.sh --in-venv 1
+      
+      - name: Build
+        working-directory: ./source
+        run: |
+          . $VENV
+          cd infrastructure
+          cdk bootstrap --cloudformation-execution-policies arn:aws:iam::aws:policy/AdministratorAccess
+          cdk synth
+      
+      - name: Deploy
+        working-directory: ./source
+
+        run: | 
+          . $VENV
+          cd infrastructure
+          cdk deploy --require-approval never

deployment/ecr/prebid-server/current/entrypoint.sh

@@ -0,0 +1,47 @@
+#!/usr/bin/env bash
+
+# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+# SPDX-License-Identifier: Apache-2.0
+
+# -----------------------------------------------------------------------------
+# PURPOSE:
+# This entrypoint script is used to start the Prebid Server container.
+#
+# An environment variable named ECS_CONTAINER_METADATA_URI_V4
+# is injected by ECS into each container. The variable contains a URI that
+# is used to retrieve container status and data.
+#
+# See:
+# https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-metadata-endpoint-v4.html    
+#
+# The entrypoint defined below retrieves the data and parses the
+# container's unique ID from it and uses the ID to ensure
+# log data is written to a unique directory under /mnt/efs/.
+# The container ID is also included with logs sent directly
+# to CloudWatch.
+#
+# If the environment variable ECS_CONTAINER_METADATA_URI_V4 is not set,
+# the string "default-container-id" is returned instead so that the
+# container can be run locally.
+#
+# Metrics are sent to /mnt/efs/metrics folder also using the container ID
+# in the path. Files have the name prebid-metrics.log.
+#
+# The default Java executable entry point specified in this script can be
+# customized or replaced with a different command or executable.
+# ------------------------------------------------------------------------------
+
+echo "entrypoint.sh starting"
+
+PREBID_CONFIGS_DIR="/prebid-configs"
+
+echo "prebid_configs_dir set"
+
+/usr/bin/java \
+    -DcontainerId=$(if [ -z "$ECS_CONTAINER_METADATA_URI_V4" ]; then echo "default-container-id"; else curl -s "${ECS_CONTAINER_METADATA_URI_V4}/task" | jq -r '.Containers[0].DockerId' 2>/dev/null | cut -d'-' -f1 || echo "default-container-id"; fi) \
+    -Dlogging.config=${PREBID_CONFIGS_DIR}/prebid-logging.xml \
+    -XX:+UseParallelGC \
+    -jar target/prebid-server.jar \
+    --spring.config.additional-location=${PREBID_CONFIGS_DIR}/prebid-config.yaml
+
+echo "actual shell script run"

deployment/ecr/prebid-server/current/prebid-config.yaml

@@ -0,0 +1,169 @@
+# Sets the response for a status check; used for simple health checks.
+status-response: "ok"
+
+externalUrl: https://s2s.lngtd.com/
+
+analytics: 
+  log: 
+    enabled: true
+
+adapters:
+
+  medianet:
+    enabled: true
+
+  appnexus:
+    enabled: true
+    endpoint: https://ib.adnxs.com/openrtb2 # essential to most bidders, need to verify that the endpoint is correct
+
+  triplelift:
+    enabled: true
+    endpoint: https://tlx.3lift.com/s2s/auction?supplier_id=68
+
+  kargo: 
+    enabled: true
+
+  conversant:
+    enabled: true
+  
+  sharethrough:
+    enabled: true
+  
+  generic: 
+    aliases:
+      nativo: 
+        endpoint:  https://exchange.postrelease.com/esi.json?ntv_epid=7
+        enabled: true
+
+  openx:
+    enabled: true
+
+  ix: 
+    enabled: true
+    endpoint: http://longitude-ads-us-east.lb.indexww.com/pbs?p=192251
+    
+  epsilon:
+    enabled: true
+
+  rubicon:
+    enabled: true
+    endpoint: http://exapi-us-east.rubiconproject.com/a/api/exchange.json?tk_sdc=us-east
+    usersync:
+      redirect:
+        url: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-longitude&gdpr={{gdpr}}&gdpr_consent={{gdpr_consent}}&us_privacy={{us_privacy}}&gpp={{gpp}}&gpp_sid={{gpp_sid}
+    XAPI:
+      Username: pb_longitude_ads
+      Password: LK0Y31N2B5
+      
+  pubmatic:
+    enabled: true
+
+  gumgum:
+    enabled: true
+
+debug: true # enables logging for debugging requests
+
+price-floors:
+  # May need this to enforce price flooring on Prebid Server. Does it require an explicit minimum?
+  enforce-floors: true      # Enable floor enforcement globally on the server
+  enforce-deal-floors: true # Ensure deal bids also respect floors (optional)
+  # enhance-bid-floors: true # Indicates that there is server-side dynamic flooring in custom logic, which is all handled server-side.
+  # bid-floor-fallback: 0.63  # Fallback floor if no floor is set in client payload 
+  # floor-minimum: 0.63       # The minimum floor Prebid Server should enforce
+
+metrics:
+  # Metrics collection configuration.
+
+  # Enables logging of metrics to the logging backend specified (e.g., for debugging purposes).
+  logback:
+    enabled: true
+    # Name of the metrics logger, can be customized based on logging system setup.
+    name: METRICS
+    # Frequency of logging the metrics in seconds.
+    interval: 30
+
+cache:
+  # Cache configuration to store responses for faster retrieval.
+
+  # Specifies the caching protocol (typically http or https).
+  scheme: http
+  # The host where the cache is stored (use localhost for local setup).
+  host: localhost # We need a dedicated caching server accessible to all sites
+  # Path on the server where cache data can be accessed.
+  path: /cache
+  # Query parameter used by the cache to retrieve specific cached data.
+  query: uuid=
+
+settings:
+  # Settings configuration for Prebid Server behavior.
+
+  # Enforces the validation of account IDs. Setting this to false allows requests with non-validated accounts.
+  enforce-valid-account: false
+  # Generates a unique ID for bid requests if one is not provided.
+  generate-storedrequest-bidrequest-id: true
+
+  # Configures settings for stored configurations (often useful in testing or non-production setups).
+  filesystem:
+    # Path to the primary settings file.
+    settings-filename: sample/configs/sample-app-settings.yaml
+    # Directory for stored requests (input from publishers).
+    stored-requests-dir: sample
+    # Directory for stored impressions.
+    stored-imps-dir: sample
+    # Directory for stored responses.
+    stored-responses-dir: sample
+    # Directory for categories used in bid filtering.
+    categories-dir: 
+
+accounts:
+  # Placeholder account configuration
+  - id: "bookrags" # Replace with your actual account ID
+    name: "Bookrags"
+    # Additional optional fields can be added as needed
+    # currency: "USD"
+    # defaultTtl: 3600 # TTL in seconds for bid responses, if required
+
+gdpr:
+  # GDPR settings for handling user consent and privacy.
+
+  # Default GDPR consent value if none is provided (1 = consent, 0 = no consent).
+  default-value: 0
+
+  # Vendor lists for GDPR compliance, organized by TCF versions (2 and 3 in this case).
+  vendorlist:
+    v2:
+      # Directory to store the cached vendor list for TCF version 2.
+      cache-dir: /var/tmp/vendor2
+    v3:
+      # Directory to store the cached vendor list for TCF version 3.
+      cache-dir: /var/tmp/vendor3
+
+admin-endpoints:
+  # Administrative endpoints for controlling Prebid Server.
+  logging-httpinteraction:
+    enabled: true
+    path: /logging/httpinteraction
+    on-application-port: true
+    protected: false
+
+
+  # Allows changing log levels dynamically.
+  logging-changelevel:
+    enabled: true
+    # Path to access the logging level change endpoint.
+    path: /logging/changelevel
+    # Whether this endpoint is accessible on the main application port.
+    on-application-port: true
+    # Sets the endpoint as unprotected; consider adding protection in production.
+    protected: false
+
+# Logging Configuration for Verbose Debugging
+logging:
+  sampling-rate: 0.01
+  level:
+    root: ERROR # Set the default log level for all packages
+  change-level:
+    max-duration-ms: 3600000 # 1h
+  output:
+    stdout: true # Output logs to console
+    file: /var/log/prebid-server.log # Output logs to file

deployment/ecr/prebid-server/current/prebid-logging.xml

@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration>
+    <include resource="org/springframework/boot/logging/logback/defaults.xml" />
+    <include resource="org/springframework/boot/logging/logback/console-appender.xml" />
+
+    <!-- Get the ECS container id -->
+    <property name="CONTAINER_ID" value="${containerId}" />
+
+    <!-- Define the stdout appender for INFO and lower levels -->
+    <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+        <target>System.out</target>
+        <encoder>
+            <pattern>{"timestamp":"%d{yyyy-MM-dd'T'HH:mm:ss.SSSZ}", "level":"%p", "logger":"%logger", "thread":"%t", "message":"%msg", "exception":"%ex", "containerId":"${CONTAINER_ID}"}%n</pattern>
+        </encoder>
+    </appender>
+
+    <!-- Async wrapper for stdout -->
+    <appender name="LOG_ASYNC" class="ch.qos.logback.classic.AsyncAppender">
+        <appender-ref ref="STDOUT" />
+    </appender>
+
+    <!-- Define the metrics appender -->
+    <appender name="METRICS_APPENDER" class="ch.qos.logback.core.rolling.RollingFileAppender">
+        <file>/mnt/efs/metrics/${CONTAINER_ID}/prebid-test-metrics.log</file>
+        <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
+            <!-- Rollover at the top of each hour -->
+            <fileNamePattern>
+                /mnt/efs/metrics/${CONTAINER_ID}/archived/prebid-test-metrics.%d{yyyy-MM-dd_HH}.%i.log.gz</fileNamePattern>
+            <maxFileSize>100MB</maxFileSize>
+        </rollingPolicy>
+        <encoder>
+            <pattern>{"timestamp":"%d{yyyy-MM-dd'T'HH:mm:ss.SSSZ}", "level":"%p", "logger":"%logger", "thread":"%t", "message":"%msg", "containerId":"${CONTAINER_ID}"}%n</pattern>
+        </encoder>
+    </appender>
+
+    <appender name="METRICS_ASYNC" class="ch.qos.logback.classic.AsyncAppender">
+        <appender-ref ref="METRICS_APPENDER" />
+    </appender>
+
+    <!-- Logger for metrics with no additivity -->
+    <logger name="METRICS" additivity="false">
+        <appender-ref ref="METRICS_ASYNC" />
+    </logger>
+
+    <logger name="http-interaction" level="INFO"/>
+
+    <!-- Root logger to output logs to stdout and stderr -->
+    <root level="info">
+        <appender-ref ref="LOG_ASYNC" /> <!-- Sends logs to stdout for info and below -->
+    </root>
+</configuration>

solution-manifest.yaml

@@ -1,5 +1,5 @@
 id: SO0248
-name: prebid-server-deployment-on-aws
+name: longitude-s2s
 version: v1.1.1
 cloudformation_templates:
   - template: prebid-server-deployment-on-aws.template

source/infrastructure/cdk.json

@@ -28,10 +28,10 @@
             "aws-cn"
         ],
         "@aws-cdk/aws-s3:serverAccessLogsUseBucketPolicy": true,
-        "SOLUTION_NAME": "Prebid Server Deployment on AWS",
+        "SOLUTION_NAME": "longitude-s2s",
         "SOLUTION_ID": "SO0248",
         "SOLUTION_VERSION": "v1.1.1",
         "METRICS_NAMESPACE": "prebid-server-deployment-on-aws-metrics",
         "BUCKET_NAME": "BUCKET_NAME"
     }
-}
+}

source/infrastructure/prebid_server/ecs_service_construct.py

@@ -33,6 +33,9 @@ def __init__(
             cluster=prebid_cluster,
             task_definition=prebid_task_definition,
             vpc_subnets=ec2.SubnetSelection(subnets=prebid_task_subnets),
+            min_healthy_percent=globals.FARGATE_MIN_HEALTHY_PERCENT,
+            max_healthy_percent=globals.FARGATE_MAX_HEALTHY_PERCENT,
+            health_check_grace_period=Duration.seconds(globals.HEALTH_CHECK_GRACE_PERIOD),
             capacity_provider_strategies=[
                 ecs.CapacityProviderStrategy(
                     capacity_provider="FARGATE",

source/infrastructure/prebid_server/prebid_server_stack.py

@@ -25,7 +25,7 @@
 
 
 class PrebidServerStack(SolutionStack):
-    name = "prebid-server-deployment-on-aws"
+    name = "longitude-s2s"
     description = "Prebid Server Deployment on AWS"
     template_filename = "prebid-server-deployment-on-aws.template"