feat: init repository

- Add compose manifest
- Minimal readme
- Draft migration workflow

Signed-off-by: Theo Bob Massard <tbobm@protonmail.com>

Author: tbobm

.github/workflows/migration.yaml

@@ -0,0 +1,89 @@
+---
+name: Run DB Migrations
+
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  migrate-database:
+    name: Run ECS One-Off Task
+    runs-on: ubuntu-latest
+    env:
+      AWS_REGION: eu-west-1
+      CLUSTER_NAME: sample-cluster
+      TASK_DEFINITION: db-migration-job
+      SUBNET_ID: subnet-abc123
+      SECURITY_GROUP_ID: sg-abc123
+      CONTAINER_NAME: migration
+      IMAGE_URI: db-iac:latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          role-to-assume: arn:aws:iam::123456789012:role/GitHubActionsDeploymentRole
+          aws-region: ${{ env.AWS_REGION }}
+
+      - name: Fetch latest task definition
+        id: get-task-def
+        run: |
+          aws ecs describe-task-definition --task-definition $TASK_DEFINITION \
+            --region $AWS_REGION > taskdef.json
+
+      - name: Fill in the new image ID in the Amazon ECS task definition
+        id: updated-task-def
+        uses: aws-actions/amazon-ecs-render-task-definition@v1
+        with:
+          task-definition: new-task-def.json
+          container-name: $CONTAINER_NAME
+          image: $IMAGE_URI
+
+      - name: Deploy Amazon ECS task definition
+        uses: aws-actions/amazon-ecs-deploy-task-definition@v2
+        id: register-task-def
+        with:
+          task-definition: ${{ steps.updated-task-def.outputs.task-definition }}
+
+      - name: Run ECS task
+        id: run-task
+        run: |
+          TASK_ARN=$(aws ecs run-task \
+            --cluster $CLUSTER_NAME \
+            --launch-type FARGATE \
+            --network-configuration "awsvpcConfiguration={subnets=[$SUBNET_ID],securityGroups=[$SECURITY_GROUP_ID],assignPublicIp=DISABLED}" \
+            --task-definition ${{ steps.register-task-def.outputs.task_def_arn }} \
+            --region $AWS_REGION \
+            --started-by github-actions \
+            --query 'tasks[0].taskArn' \
+            --output text)
+
+          echo "task_arn=$TASK_ARN" >> $GITHUB_OUTPUT
+
+      - name: Wait for task to complete
+        run: |
+          aws ecs wait tasks-stopped \
+            --cluster $CLUSTER_NAME \
+            --tasks ${{ steps.run-task.outputs.task_arn }} \
+            --region $AWS_REGION
+
+      - name: Check task exit code
+        run: |
+          EXIT_CODE=$(aws ecs describe-tasks \
+            --cluster $CLUSTER_NAME \
+            --tasks ${{ steps.run-task.outputs.task_arn }} \
+            --region $AWS_REGION \
+            --query "tasks[0].containers[?name=='${CONTAINER_NAME}'].exitCode" \
+            --output text)
+
+          echo "Task exited with code $EXIT_CODE"
+
+          if [ "$EXIT_CODE" != "0" ]; then
+            echo "Migration task failed with exit code $EXIT_CODE"
+            exit 1
+          fi
+

README.md

@@ -0,0 +1,14 @@
+# Boostrapping databases for local and prod
+
+## Content
+
+- infra: infrastructure as code for RDS / ECS migration task
+- db-as-code: setup for managing databases using atlas
+- cicd: example automation and tooling for handling databases with github action
+
+## Setup
+
+```console
+$ docker compose up -d --wait --quiet-pull db
+$ docker compose run -it atlas schema inspect -u "postgres://user:pass@db:5432/local_db?sslmode=disable"
+```

docker-compose.yml

@@ -0,0 +1,30 @@
+---
+services:
+  db:
+    image: postgres:15
+    restart: unless-stopped
+    environment:
+      POSTGRES_USER: user
+      POSTGRES_PASSWORD: pass
+      POSTGRES_DB: local_db
+    ports:
+      - "5432:5432"
+    volumes:
+      - pgdata:/var/lib/postgresql/data
+    healthcheck:
+      test: ["CMD", "pg_isready", "-U", "user"]
+      interval: 5s
+      timeout: 3s
+      retries: 5
+
+  atlas:
+    image: arigaio/atlas:latest
+    depends_on:
+      db:
+        condition: service_healthy
+    volumes:
+      - .:/workspace
+    working_dir: /workspace
+
+volumes:
+  pgdata: