10x, in partnership with the Department of Justice (DOJ), is piloting a new managed forms solution, 10x Forms Platform.
- server/ - A node.js package that consumes the platform packages, providing custom configuration. This package is run in the deployed environment via a container.
This repository defines a demo cloud configuration for Forms Platform, using DOJ's preferred tech stack. This stack includes:
- AWS CodeCommit - This repository is provided as a reference for DOJ. Its own internal deployment will be managed via a git repository stored in CodeCommit.
- AWS CodeBuild - Provides continuous integration.
- AWS CloudFormation - The CloudFormation configuration in this repository consumes a reusable template provided by the platform.
- AWS App Runner - App Runner hosts the Forms Platform node.js web server. App Runner was chosen for its ease of configuration and FedRAMP authorization.
- AWS Relational Database Service (RDS) - RDS hosts the platform's Postgres database.
- AWS Secrets Manager - Secrets storage.
Follow the instructions in the AWS documentation to create a policy for CodeBuild:
https://docs.aws.amazon.com/codebuild/latest/userguide/setting-up-service-role.html
To initialize the deployment, you must manually create an AWS CodeConnection pointing to the git repository where this project is stored.
Next, you must deploy the AWS CDK stack, FormsPipelineStack, which creates an AWS CodeBuild project that will pull this repository, build and push a Docker image to ECR, and deploy via a second CDK stack, FormsPlatformStack.
To initialize CI/CD, deploy the FormsPipelineStack with the corresponding AWS CodeConnection ARN:
cd server/node_modules/@gsa-tts/forms-infra-aws-cdk
pnpm cdk deploy \
--ci FormsPipelineStack \
--parameters "codeConnectionArn=arn:aws:codeconnections:${AWS_REGION}:${AWS_ACCOUNT_ID}:connection/${AWS_CODE_CONNECTION_ARN}"pnpm cdk deploy --ci FormsDatabaseStackcd server/node_modules/@gsa-tts/forms-infra-aws-cdk
pnpm cdk deploy \
--ci FormsPlatformStack \
--parameters repositoryArn=arn:aws:ecr:${AWS_REGION}:${AWS_ACCOUNT_ID}:repository/forms-platform \
--parameters tagOrDigest=latest \
--parameters environment=dev \
--parameters repositoryName=forms-platformTo publish an image, build and push the docker image to a private ECR repository.
aws ecr get-login-password --region ${AWS_REGION} | docker login --username AWS --password-stdin ${AWS_ACCOUNT_ID}.dkr.ecr.${AWS_REGION}.amazonaws.com
docker tag ${REGISTRY_PATH}:${TAG_NAME} ${AWS_ACCOUNT_ID}.dkr.ecr.${AWS_REGION}.amazonaws.com/${ECR_REPOSITORY}:${TAG_NAME}To create a stack for a deployment environment, specify an environment identifier and the target AWS region:
npm run forms-apply-stack -r us-gov-east-1 -e dev -i ${AWS_ACCOUNT_ID}.dkr.ecr.${AWS_REGION}.amazonaws.com/${ECR_REPOSITORY}:${TAG_NAME}You can also publish with a "Hello, world!" image by omitting the image URI:
npm run forms-apply-stack -r us-gov-east-1 -e devTo update a stack with a new image URI:
npm run forms-update-stack -r us-gov-east-1 -e dev -i ${AWS_ACCOUNT_ID}.dkr.ecr.${AWS_REGION}.amazonaws.com/${ECR_REPOSITORY}:${TAG_NAME}