feat: add initial infrastructure setup for pillarbox monitoring

This commit introduces the foundational Infrastructure as Code (IaC) setup for the Pillarbox
Monitoring system to automate and simplify the deployment of these services.

- Configures Terraform for managing AWS resources with support for both dev and prod environments.
- Provides Docker Compose for local development and testing.

Co-authored-by: Samuel Défago <[email protected]>
Co-authored-by: Gaëtan Muller <[email protected]>

.editorconfig

@@ -0,0 +1,15 @@
+root = true
+
+[*]
+charset = utf-8
+end_of_line = lf
+indent_style = space
+indent_size = 2
+insert_final_newline = true
+trim_trailing_whitespace = true
+
+[*.md]
+max_line_length = 100
+
+[*.tf]
+max_line_length = 120

.githooks/commit-msg

@@ -0,0 +1,24 @@
+#!/bin/sh
+
+# Define color codes
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+NC='\033[0m' # No Color
+
+# Create a regex for a conventional commit
+conventional_commit_regex="^(build|chore|ci|docs|feat|fix|perf|refactor|revert|style|test)(\([a-z \-]+\))?!?: .+$"
+
+# Get the commit message (the parameter we're given is just the path to the temporary file which holds the message)
+commit_message=$(cat "$1")
+
+# Check if the commit message doesn't match the conventional commit regex
+if ! echo "$commit_message" | grep -Eq "$conventional_commit_regex"; then
+    echo "${RED}The commit message does not meet the Conventional Commit standard${NC}"
+    echo "An example of a valid message is: "
+    echo "  feat(login): add the 'remember me' button"
+    echo "More details at: https://www.conventionalcommits.org/en/v1.0.0/#summary"
+    exit 1
+fi
+
+# If the commit message is correct
+echo "${GREEN}Commit message meets Conventional Commit standards...${NC}"

.githooks/pre-commit

@@ -0,0 +1,22 @@
+#!/bin/bash
+
+# Define color codes
+RED='\033[0;31m'
+YELLOW='\033[0;33m'
+GREEN='\033[0;32m'
+NC='\033[0m' # No Color
+
+# Check Terraform formatting in all subfolders
+echo -e "${YELLOW}Checking Terraform formatting in all subfolders...${NC}"
+unformatted_files=$(terraform fmt -recursive -check pillarbox-monitoring-terraform)
+
+if [ -n "$unformatted_files" ]; then
+    echo -e "${RED}The following Terraform files are not properly formatted:${NC}"
+    echo "$unformatted_files"
+    echo -e "${RED}Please run 'terraform fmt -recursive pillarbox-monitoring-terraform' to format these files.${NC}"
+    exit 1
+else
+    echo -e "${GREEN}All Terraform files are properly formatted ✔${NC}"
+fi
+
+exit 0

.github/pull_request_template.md

@@ -0,0 +1,21 @@
+## Description
+
+<!--
+Please provide a brief summary of the changes made. Please explain why
+this change was necessary. Was there a problem or an issue this change
+will address? What will be improved with this change?
+-->
+
+## Changes Made
+
+<!--
+Please detail the modifications made. This could include areas such as
+code, documentation, structure, or formatting.
+-->
+
+## Checklist
+
+- [ ] I have followed the project's style and contribution guidelines.
+- [ ] I have performed a self-review of my own changes.
+- [ ] I have made corresponding changes to the documentation.
+- [ ] I have added tests that prove my fix is effective or that my feature works.

.github/workflows/quality.yml

@@ -0,0 +1,29 @@
+name: Terraform Linting
+
+on:
+  merge_group:
+  pull_request:
+    branches: [ main ]
+
+jobs:
+  terraform-format-check:
+    name: Check Terraform Formatting
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Set up Terraform
+        uses: hashicorp/setup-terraform@v3
+        with:
+          terraform_version: 1.x
+
+      - name: Verify Terraform formatting
+        run: terraform fmt -check -recursive pillarbox-monitoring-terraform
+
+      - name: Fail if any files need formatting
+        if: failure()
+        run: |
+          echo "::error::Some Terraform files are not formatted correctly."
+          exit 1

.gitignore

@@ -0,0 +1,34 @@
+### Intellij ###
+.idea/
+*.iml
+*.iws
+modules.xml
+*.ipr
+cmake-build-*/
+out/
+.idea_modules/
+
+# VisualStudioCode
+.vscode-test
+.vscode
+.history
+
+# macOS
+.DS_Store
+
+### Terraform ###
+**/.terraform/*
+
+# .tfstate files
+*.tfstate
+*.tfstate.*
+crash.log
+crash.*.log
+*.tfvars
+*.tfvars.json
+override.tf
+override.tf.json
+*_override.tf
+*_override.tf.json
+.terraformrc
+terraform.rc

.gitmodules

@@ -0,0 +1,6 @@
+[submodule "pillarbox-monitoring-transfer"]
+	path = pillarbox-monitoring-transfer
+	url = https://github.com/SRGSSR/pillarbox-monitoring-transfer/
+[submodule "pillarbox-event-dispatcher"]
+	path = pillarbox-event-dispatcher
+	url = https://github.com/SRGSSR/pillarbox-event-dispatcher

README.md

@@ -0,0 +1,172 @@
+# Pillarbox Monitoring Infrastructure
+
+![Pillarbox logo](docs/README-images/logo.jpg)
+
+The Pillarbox Monitoring Infrastructure manages the Dispatch and Transfer services, using Terraform
+for cloud deployment and Docker Compose for local development and testing.
+
+This project enables real-time event streaming, storage, and visualization, offering a complete
+monitoring solution for the Pillarbox player.
+
+## Quick Guide
+
+**Prerequisites and Requirements**
+
+- **Terraform** 1.0 or higher
+- **Docker** and **Docker Compose**
+
+### Setup
+
+1. **Clone the Repository**
+
+   Clone the repository and initialize the submodules:
+
+   ```bash
+   git clone --recurse-submodules [email protected]:SRGSSR/pillarbox-monitoring-infra.git
+   ```
+
+   If you have already cloned the repository without submodules, initialize them with:
+
+   ```bash
+   git submodule update --init --recursive
+   ```
+
+### Executing Terraform Scripts
+
+Before running the Terraform scripts, ensure your environment is correctly configured.
+
+1. **AWS Region and Profiles**
+
+   Set the `AWS_REGION` and `AWS_PROFILE` environment variables:
+
+   ```bash
+   export AWS_REGION=<your-region>
+   export AWS_PROFILE=<workspace>
+   ```
+
+   - Replace `<your-region>` with your desired AWS region (e.g., `us-east-1`).
+   - Replace `<workspace>` with either `dev` or `prod`, matching the Terraform workspace you intend
+     to use.
+
+   **Note:** You must have AWS CLI profiles named `dev` and `prod` configured in your
+   `~/.aws/credentials` or `~/.aws/config` files. Each profile should correspond to the AWS account
+   for the respective environment.
+
+2. **Terraform Workspaces**
+
+   The project utilizes two Terraform workspaces: `dev` and `prod`, corresponding to development and
+   production environments. Switch between workspaces using:
+
+   ```bash
+   terraform workspace select dev   # Switch to the development environment
+   terraform workspace select prod  # Switch to the production environment
+   ```
+
+   See the [Documentation](#documentation) for more information on which workspace to use for each
+   configuration.
+
+3. **Running Terraform**
+
+   Initialize the Terraform working directory and apply the configuration:
+
+   ```bash
+   terraform init
+   terraform apply
+   ```
+
+   Review the execution plan carefully before confirming the changes.
+
+### Running Locally with Docker Compose
+
+This repository allows running the Pillarbox Monitoring solution locally. To do so first start
+services using Docker Compose:
+
+```bash
+docker-compose up --build
+```
+
+This command will build and run the following services:
+
+- **pillarbox-event-dispatcher**: Receives events via HTTP POST and broadcasts them via SSE.
+- **pillarbox-monitoring-transfer**: Listens to SSE events and stores them in OpenSearch.
+- **OpenSearch**: Stores the events for analysis.
+- **Grafana**: Visualizes the data stored in OpenSearch.
+
+**Sending Events**: You can send events to the system using the following command:
+
+ ```bash
+ curl -X POST http://localhost:8080/api/events \
+      -H 'Content-Type: application/json' \
+      -d "{\"msg\": \"data\", \"timestamp\": \"$(date +%s)\"}"
+ ```
+
+**Accessing Grafana**: Grafana is accessible at [http://localhost:3000](http://localhost:3000).
+
+## Documentation
+
+The project is split into four main Terraform configurations:
+
+- [01-terraform-backend][terraform-backend]: This configuration sets up the Terraform backend and is
+  **only applicable in the prod environment**. The backend is used to store Terraform state
+  remotely, ensuring that multiple users and systems can work on infrastructure collaboratively.
+- [10-pillarbox-monitoring-route-53][route-53]: This handles the creation of the Route 53 DNS setup
+  for the project. **This is only executed in the prod environment**, as Route 53 is linked to the
+  production domain.
+- [11-pillarbox-monitoring-ecr][ecr]: This configuration sets up the Amazon Elastic Container
+  Registry (ECR). **This is only applicable to the prod environment**, as the ECR repositories for
+  the application are managed in the production account.
+- [20-pillarbox-monitoring-app][app]: This is the main configuration that deploys the Pillarbox
+  Monitoring infrastructure. **This applies to both dev and prod environments**. You can switch
+  between workspaces (as mentioned earlier) to deploy infrastructure in either the dev or prod
+  account.
+
+### System Flow Overview
+
+The system architecture is illustrated in the following sequence diagram:
+
+```mermaid
+sequenceDiagram
+  participant Client
+  participant Dispatch
+  participant Transfer
+  participant OpenSearch
+  participant Grafana
+  Transfer ->> Dispatch: SSE Connection /events
+  Client ->> Dispatch: POST Event
+  Dispatch -->> Transfer: Event Stream
+  Transfer ->> OpenSearch: Store Event
+  Grafana ->> OpenSearch: Query Data
+  OpenSearch -->> Grafana: Data Results
+```
+
+## Contributing
+
+Contributions are welcome! Please follow the project's code style and linting rules when
+contributing.
+
+To ensure consistent formatting for Terraform files, run:
+
+```bash
+terraform fmt -recursive pillarbox-monitoring-terraform
+```
+
+All commits must follow the [Conventional Commits](https://www.conventionalcommits.org/en/v1.0.0/)
+format to ensure compatibility with our automated release system.
+
+A pre-commit hook is available to validate commit messages and the formatting. Update the Git hooks
+path to automate these checks before committing and pushing your changes:
+
+```bash
+git config core.hooksPath .githooks/
+```
+
+Refer to our [Contribution Guide](docs/CONTRIBUTING.md) for more detailed information.
+
+## License
+
+This project is licensed under the [MIT License](LICENSE).
+
+[terraform-backend]: /pillarbox-monitoring-terraform/01-terraform-backend
+[route-53]: /pillarbox-monitoring-terraform/10-pillarbox-monitoring-route-53
+[ecr]: /pillarbox-monitoring-terraform/11-pillarbox-monitoring-ecr
+[app]: /pillarbox-monitoring-terraform/20-pillarbox-monitoring-app

docker-compose.yml

@@ -0,0 +1,43 @@
+services:
+  pillarbox-event-dispatcher:
+    build: ./pillarbox-event-dispatcher
+    image: srgssr/pillarbox-event-dispatcher:1.0.0
+    container_name: pillarbox-event-dispatcher
+    ports:
+      - "8080:8080"
+
+  pillarbox-monitoring-transfer:
+    build: ./pillarbox-monitoring-transfer
+    image: srgssr/pillarbox-monitoring-transfer:1.0.0
+    container_name: pillarbox-monitoring-transfer
+    ports:
+      - "8081:8081"
+    environment:
+      - PILLARBOX_MONITORING_OPENSEARCH_URI=http://opensearch:9200
+      - PILLARBOX_MONITORING_SSE_URI=http://pillarbox-event-dispatcher:8080/events
+
+  opensearch:
+    image: opensearchproject/opensearch:2.15.0
+    container_name: opensearch
+    ports:
+      - '9200:9200'
+      - '9300:9300'
+    environment:
+      - discovery.type=single-node
+      - bootstrap.memory_lock=true
+      - OPENSEARCH_JAVA_OPTS=-Xms512m -Xmx512m
+      - DISABLE_SECURITY_PLUGIN=true
+      - cluster.routing.allocation.disk.threshold_enabled=false
+    deploy:
+      resources:
+        limits:
+          memory: 1g
+        reservations:
+          memory: 512m
+
+  pillarbox-monitoring-grafana:
+    build: ./pillarbox-monitoring-grafana
+    image: srgssr/pillarbox-monitoring-grafana:1.0.0
+    container_name: pillarbox-monitoring-grafana
+    ports:
+      - '3000:3000'