ciinabox-ecs 0.3.1 → 0.3.2.alpha.1622701697

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/templates/ecs-cluster.rb +2 -0
  3. data/templates/services/sonarqube.rb +87 -48
  4. metadata +5 -5
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 15b9d63e5865821399629cc2350959b6c883f9b44778e7c383e76687c726800f
4
- data.tar.gz: 13786bc661b595ea995b125bb30606986e56bee3e887e8031a428c40170136d6
3
+ metadata.gz: a8447edc3b32e93f320bd248182a452ee125acd51ec0a173a7ffb94194bb0535
4
+ data.tar.gz: 397b6d9c1f5b01337c70082512f984a03996d45372bb8d5b6db72ff6b3fda88b
5
5
  SHA512:
6
- metadata.gz: 5765a699f82ed330a819b3a40c5640445648060e596ffd380a5d023f373154ee08c5d245b54c10099beb735a7625a2ea947e5edd982223b69cdeca54f943bf38
7
- data.tar.gz: a6f72e6360747b853654f750c36a5db3bd04ed69a5143e5086f16dafbaa36846e458804b432da80c4b2802108135871ffe5865ebc45b3b7cd62b95d784ff14d6
6
+ metadata.gz: b5416bcacc149cfeaa3c6444ae38c58cf9b3050b03f120c47ebe661887e26662e875feb434e82973dab4d04f45563cb9a56eac6fe4912ca6c1f5e5ecb04c7a6a
7
+ data.tar.gz: 8c24c97d9c0f8ce72d4db03b9e539c41f19352a71b27035187032a940e9a35c381edca1ec2203e9dc2e1a6b0c1a938da51c03f1080c4cfd121939c94f0fe31ea
data/templates/ecs-cluster.rb CHANGED
@@ -190,6 +190,8 @@ CloudFormation {
190
190
  "echo ECS_ENABLE_TASK_CPU_MEM_LIMIT=false >> /etc/ecs/ecs.config\n",
191
191
  "INSTANCE_ID=$(echo `/opt/aws/bin/ec2-metadata -i | cut -f2 -d:`)\n",
192
192
  "PRIVATE_IP=`/opt/aws/bin/ec2-metadata -o | cut -f2 -d: | cut -f2 -d-`\n",
193
+ "echo 'vm.max_map_count=262144' >> /etc/sysctl.conf\n",
194
+ "sysctl -p\n",
193
195
  "hostname ciinabox-ecs-xx\n",
194
196
  "#{proxy_config_userdata}",
195
197
  "yum install -y python-pip\n",
data/templates/services/sonarqube.rb CHANGED
@@ -17,6 +17,9 @@ if service
17
17
  memory = service['ContainerMemory'] || 2048
18
18
  cpu = service['ContainerCPU'] || 300
19
19
  container_port = service['InstancePort'] || 0
20
+ postgres_url_param_arn = service['PostgresUrlParamArn'] || nil
21
+ postgres_user_param_arn = service['PostgresUserParamArn'] || nil
22
+ postgres_password_param_arn = service['PostgresPasswordParamArn'] || nil
20
23
  end
21
24
 
22
25
  CloudFormation {
@@ -30,54 +33,70 @@ CloudFormation {
30
33
 
31
34
  Resource('SonarQubeTask') {
32
35
  Type "AWS::ECS::TaskDefinition"
33
- Property('ContainerDefinitions', [
34
- {
35
- Name: 'sonarqube',
36
- MemoryReservation: memory,
37
- Cpu: cpu,
38
- Image: image,
39
- Environment: [
40
- {
41
- Name: 'VIRTUAL_HOST',
42
- Value: "sonar.#{dns_domain}"
43
- },
44
- {
45
- Name: 'VIRTUAL_PORT',
46
- Value: '9000'
47
- }
48
- ],
49
- Ulimits: [
50
- {
51
- Name: "nofile",
52
- SoftLimit: 65536,
53
- HardLimit: 65536
54
- }
55
- ],
56
- Essential: true,
57
- MountPoints: [
58
- {
59
- ContainerPath: '/etc/localtime',
60
- SourceVolume: 'timezone',
61
- ReadOnly: true
62
- },
63
- {
64
- ContainerPath: '/opt/sonarqube/extensions',
65
- SourceVolume: 'sonarqube_extensions',
66
- ReadOnly: false
67
- },
68
- {
69
- ContainerPath: '/opt/sonarqube/logs',
70
- SourceVolume: 'sonarqube_logs',
71
- ReadOnly: false
72
- },
73
- {
74
- ContainerPath: '/opt/sonarqube/data',
75
- SourceVolume: 'sonarqube_data',
76
- ReadOnly: false
77
- }
78
- ]
79
- }
80
- ])
36
+ Property('ExecutionRoleArn', FnGetAtt('TaskExecutionRole', 'Arn'))
37
+ sonarqube_container_def = {
38
+ Name: 'sonarqube',
39
+ MemoryReservation: memory,
40
+ Cpu: cpu,
41
+ Image: image,
42
+ Environment: [
43
+ {
44
+ Name: 'VIRTUAL_HOST',
45
+ Value: "sonar.#{dns_domain}"
46
+ },
47
+ {
48
+ Name: 'VIRTUAL_PORT',
49
+ Value: '9000'
50
+ }
51
+ ],
52
+ Ulimits: [
53
+ {
54
+ Name: "nofile",
55
+ SoftLimit: 65536,
56
+ HardLimit: 65536
57
+ }
58
+ ],
59
+ Essential: true,
60
+ MountPoints: [
61
+ {
62
+ ContainerPath: '/etc/localtime',
63
+ SourceVolume: 'timezone',
64
+ ReadOnly: true
65
+ },
66
+ {
67
+ ContainerPath: '/opt/sonarqube/extensions',
68
+ SourceVolume: 'sonarqube_extensions',
69
+ ReadOnly: false
70
+ },
71
+ {
72
+ ContainerPath: '/opt/sonarqube/logs',
73
+ SourceVolume: 'sonarqube_logs',
74
+ ReadOnly: false
75
+ },
76
+ {
77
+ ContainerPath: '/opt/sonarqube/data',
78
+ SourceVolume: 'sonarqube_data',
79
+ ReadOnly: false
80
+ }
81
+ ]
82
+ }
83
+ if postgres_user_param_arn then
84
+ sonarqube_container_def[:Secrets] = [
85
+ {
86
+ Name: 'SONARQUBE_JDBC_URL',
87
+ ValueFrom: postgres_url_param_arn
88
+ },
89
+ {
90
+ Name: 'SONARQUBE_JDBC_USERNAME',
91
+ ValueFrom: postgres_user_param_arn
92
+ },
93
+ {
94
+ Name: 'SONARQUBE_JDBC_PASSWORD',
95
+ ValueFrom: postgres_password_param_arn
96
+ }
97
+ ]
98
+ end
99
+ Property('ContainerDefinitions', [sonarqube_container_def])
81
100
  Property('Volumes', [
82
101
  {
83
102
  Name: 'timezone',
@@ -112,6 +131,26 @@ CloudFormation {
112
131
  ])
113
132
  }
114
133
 
134
+ Resource('TaskExecutionRole') {
135
+ Type 'AWS::IAM::Role'
136
+ Property('AssumeRolePolicyDocument', {
137
+ "Version": "2012-10-17",
138
+ "Statement": [
139
+ {
140
+ "Effect": "Allow",
141
+ "Principal": {
142
+ "Service": "ecs-tasks.amazonaws.com"
143
+ },
144
+ "Action": "sts:AssumeRole"
145
+ }
146
+ ]
147
+ })
148
+ Property('ManagedPolicyArns', [
149
+ 'arn:aws:iam::aws:policy/AmazonSSMReadOnlyAccess',
150
+ 'arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy'
151
+ ])
152
+ }
153
+
115
154
  Resource('SonarQubeService') {
116
155
  Type 'AWS::ECS::Service'
117
156
  Property('Cluster', Ref('ECSCluster'))
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ciinabox-ecs
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.3.1
4
+ version: 0.3.2.alpha.1622701697
5
5
  platform: ruby
6
6
  authors:
7
7
  - Base2Services
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-04-06 00:00:00.000000000 Z
11
+ date: 2021-06-03 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rake
@@ -165,11 +165,11 @@ required_ruby_version: !ruby/object:Gem::Requirement
165
165
  version: '0'
166
166
  required_rubygems_version: !ruby/object:Gem::Requirement
167
167
  requirements:
168
- - - ">="
168
+ - - ">"
169
169
  - !ruby/object:Gem::Version
170
- version: '0'
170
+ version: 1.3.1
171
171
  requirements: []
172
- rubygems_version: 3.2.15
172
+ rubygems_version: 3.2.19
173
173
  signing_key:
174
174
  specification_version: 4
175
175
  summary: Manage ciinabox on Aws Ecs