ciinabox-ecs 0.3.1.alpha.1622695860 → 0.3.1.alpha.1622698898

Sign up to get free protection for your applications and to get access to all the features.
Files changed (3) hide show
  1. checksums.yaml +4 -4
  2. data/templates/services/sonarqube.rb +87 -48
  3. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 1fba847852f3f33d382b88331f1e515c94d78deb4a8dbd94b11a2de6adfd128b
4
- data.tar.gz: d6a046c17fc32c6ac67071e7046ba6bd469e73ffe6b2ae0612b80480d895d0e6
3
+ metadata.gz: 0abdb55ba421e1ca32b4863da34398e6b301cb1b8aa26c804f434603e540a18f
4
+ data.tar.gz: 19524b3f753dcea4077f0ac65f6af8848e711d410407afcee38776d989900c69
5
5
  SHA512:
6
- metadata.gz: 1e3c27b8bff9b261fba646cb43eac0047f477fb67f4b604416aa644a9ccd26ae2a882546bd0a88a95e524e2b2d9d90389fa87f73c2271140a94360b956fea939
7
- data.tar.gz: 2ae6ce0b9cf7bf880f8bcddbedb98067ed5b2f3cfc145072ca4734c19da76f12e1aebbfde1062aed751981099a3ee5611795c9eb6d3ea38b2a9a7f6ddace8dea
6
+ metadata.gz: 31b14e819855f75aa59569765c74777355dc409213c44a8dc85aba1148037df2d56b618ce90b72700092279d41a9afe6bdaf554e7af93115b46e81b54d736153
7
+ data.tar.gz: 72228109787271ddc4961c185af54dfce7810263b4931c9417641424982de4f562eeda8c099f80cbdd9997630e8b9aa4487b51f496765d2c23870c3e30f5cc3e
@@ -17,6 +17,9 @@ if service
17
17
  memory = service['ContainerMemory'] || 2048
18
18
  cpu = service['ContainerCPU'] || 300
19
19
  container_port = service['InstancePort'] || 0
20
+ postgres_url_param_arn = service['PostgresUrlParamArn'] || nil
21
+ postgres_user_param_arn = service['PostgresUserParamArn'] || nil
22
+ postgres_password_param_arn = service['PostgresPasswordParamArn'] || nil
20
23
  end
21
24
 
22
25
  CloudFormation {
@@ -30,54 +33,70 @@ CloudFormation {
30
33
 
31
34
  Resource('SonarQubeTask') {
32
35
  Type "AWS::ECS::TaskDefinition"
33
- Property('ContainerDefinitions', [
34
- {
35
- Name: 'sonarqube',
36
- MemoryReservation: memory,
37
- Cpu: cpu,
38
- Image: image,
39
- Environment: [
40
- {
41
- Name: 'VIRTUAL_HOST',
42
- Value: "sonar.#{dns_domain}"
43
- },
44
- {
45
- Name: 'VIRTUAL_PORT',
46
- Value: '9000'
47
- }
48
- ],
49
- Ulimits: [
50
- {
51
- Name: "nofile",
52
- SoftLimit: 65536,
53
- HardLimit: 65536
54
- }
55
- ],
56
- Essential: true,
57
- MountPoints: [
58
- {
59
- ContainerPath: '/etc/localtime',
60
- SourceVolume: 'timezone',
61
- ReadOnly: true
62
- },
63
- {
64
- ContainerPath: '/opt/sonarqube/extensions',
65
- SourceVolume: 'sonarqube_extensions',
66
- ReadOnly: false
67
- },
68
- {
69
- ContainerPath: '/opt/sonarqube/logs',
70
- SourceVolume: 'sonarqube_logs',
71
- ReadOnly: false
72
- },
73
- {
74
- ContainerPath: '/opt/sonarqube/data',
75
- SourceVolume: 'sonarqube_data',
76
- ReadOnly: false
77
- }
78
- ]
79
- }
80
- ])
36
+ Property('ExecutionRoleArn', FnGetAtt('TaskExecutionRole', 'Arn'))
37
+ sonarqube_container_def = {
38
+ Name: 'sonarqube',
39
+ MemoryReservation: memory,
40
+ Cpu: cpu,
41
+ Image: image,
42
+ Environment: [
43
+ {
44
+ Name: 'VIRTUAL_HOST',
45
+ Value: "sonar.#{dns_domain}"
46
+ },
47
+ {
48
+ Name: 'VIRTUAL_PORT',
49
+ Value: '9000'
50
+ }
51
+ ],
52
+ Ulimits: [
53
+ {
54
+ Name: "nofile",
55
+ SoftLimit: 65536,
56
+ HardLimit: 65536
57
+ }
58
+ ],
59
+ Essential: true,
60
+ MountPoints: [
61
+ {
62
+ ContainerPath: '/etc/localtime',
63
+ SourceVolume: 'timezone',
64
+ ReadOnly: true
65
+ },
66
+ {
67
+ ContainerPath: '/opt/sonarqube/extensions',
68
+ SourceVolume: 'sonarqube_extensions',
69
+ ReadOnly: false
70
+ },
71
+ {
72
+ ContainerPath: '/opt/sonarqube/logs',
73
+ SourceVolume: 'sonarqube_logs',
74
+ ReadOnly: false
75
+ },
76
+ {
77
+ ContainerPath: '/opt/sonarqube/data',
78
+ SourceVolume: 'sonarqube_data',
79
+ ReadOnly: false
80
+ }
81
+ ]
82
+ }
83
+ if postgres_user_param_arn then
84
+ sonarqube_container_def[:Secrets] = [
85
+ {
86
+ Name: 'SONARQUBE_JDBC_URL',
87
+ ValueFrom: postgres_url_param_arn
88
+ },
89
+ {
90
+ Name: 'SONARQUBE_JDBC_USERNAME',
91
+ ValueFrom: postgres_user_param_arn
92
+ },
93
+ {
94
+ Name: 'SONARQUBE_JDBC_PASSWORD',
95
+ ValueFrom: postgres_password_param_arn
96
+ }
97
+ ]
98
+ end
99
+ Property('ContainerDefinitions', [sonarqube_container_def])
81
100
  Property('Volumes', [
82
101
  {
83
102
  Name: 'timezone',
@@ -112,6 +131,26 @@ CloudFormation {
112
131
  ])
113
132
  }
114
133
 
134
+ Resource('TaskExecutionRole') {
135
+ Type 'AWS::IAM::Role'
136
+ Property('AssumeRolePolicyDocument', {
137
+ "Version": "2012-10-17",
138
+ "Statement": [
139
+ {
140
+ "Effect": "Allow",
141
+ "Principal": {
142
+ "Service": "ecs-tasks.amazonaws.com"
143
+ },
144
+ "Action": "sts:AssumeRole"
145
+ }
146
+ ]
147
+ })
148
+ Property('ManagedPolicyArns', [
149
+ 'arn:aws:iam::aws:policy/AmazonSSMReadOnlyAccess',
150
+ 'arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy'
151
+ ])
152
+ }
153
+
115
154
  Resource('SonarQubeService') {
116
155
  Type 'AWS::ECS::Service'
117
156
  Property('Cluster', Ref('ECSCluster'))
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ciinabox-ecs
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.3.1.alpha.1622695860
4
+ version: 0.3.1.alpha.1622698898
5
5
  platform: ruby
6
6
  authors:
7
7
  - Base2Services