sumomo 0.8.14 → 0.8.16
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/data/sumomo/custom_resources/ACMCertificate.js +32 -1
- data/data/sumomo/custom_resources/ACMCertificateWaiter.js +4 -0
- data/lib/sumomo/api.rb +6 -0
- data/lib/sumomo/ec2.rb +3 -0
- data/lib/sumomo/stack.rb +30 -0
- data/lib/sumomo/version.rb +1 -1
- data/lib/sumomo.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 4b360df868147cde0facdac9c5ff2f76944db409ce8eb0fd8b0e9e4544b8d3fb
|
|
4
|
+
data.tar.gz: 720f37705fc0f3d7f7555c3f9465229ed50472b75350671a6a163e2084fa9f94
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 397367ad6b32f8a982e22e7c4d43fa111e152c676a49f4b0fe328aab5ac865be88cb22c9a8c8b67a103f70e2a48dc3576c1e9ad38f848b25b328bae9bd1bf47c
|
|
7
|
+
data.tar.gz: 455ae961e13af305fcc9f3b4ac29036837fa39c97a2cf8c8ec9bcaf190bd1bb7cd7b94ef9d564d57feef5d647e0fc7796f5178b7cf479d96b3afeaf42256131e
|
|
@@ -4,6 +4,8 @@ var acm = new aws.ACM({region: cert_region});
|
|
|
4
4
|
|
|
5
5
|
var return_properties = {};
|
|
6
6
|
|
|
7
|
+
var retries = 0;
|
|
8
|
+
|
|
7
9
|
function extractRootDomain(domain)
|
|
8
10
|
{
|
|
9
11
|
var splitArr = domain.split('.');
|
|
@@ -12,26 +14,55 @@ function extractRootDomain(domain)
|
|
|
12
14
|
//extracting the root domain here
|
|
13
15
|
if (arrLen > 2)
|
|
14
16
|
{
|
|
15
|
-
domain = splitArr
|
|
17
|
+
domain = splitArr.slice(1).join(".");
|
|
16
18
|
}
|
|
17
19
|
return domain;
|
|
18
20
|
}
|
|
19
21
|
|
|
20
22
|
function wait_for_approval(domain_name, on_success, on_fail)
|
|
21
23
|
{
|
|
24
|
+
console.log('read domain: ', domain_name);
|
|
22
25
|
get_domain(domain_name, function(data)
|
|
23
26
|
{
|
|
27
|
+
console.log('loaded domain data: ');
|
|
28
|
+
console.log(data);
|
|
29
|
+
|
|
24
30
|
var params = {
|
|
25
31
|
CertificateArn: data.arn
|
|
26
32
|
};
|
|
27
33
|
|
|
28
34
|
acm.describeCertificate(params, function(err, cert_data) {
|
|
35
|
+
console.log('received certificate data');
|
|
36
|
+
console.log(cert_data);
|
|
37
|
+
console.log(cert_data.Certificate.DomainValidationOptions);
|
|
38
|
+
console.log(cert_data.Certificate.DomainValidationOptions[0]);
|
|
39
|
+
|
|
40
|
+
|
|
29
41
|
if (err)
|
|
30
42
|
{
|
|
31
43
|
on_fail(err);
|
|
32
44
|
}
|
|
33
45
|
else
|
|
34
46
|
{
|
|
47
|
+
if (!cert_data.Certificate.DomainValidationOptions[0].ResourceRecord)
|
|
48
|
+
{
|
|
49
|
+
// damn AWS now does not return this information immediately
|
|
50
|
+
// and we have to wait for it.
|
|
51
|
+
return setTimeout(function()
|
|
52
|
+
{
|
|
53
|
+
console.log('no ResourceRecord found, retrying...', "attempts:", retries);
|
|
54
|
+
if (retries < 60)
|
|
55
|
+
{
|
|
56
|
+
wait_for_approval(domain_name, on_success, on_fail);
|
|
57
|
+
retries += 1;
|
|
58
|
+
}
|
|
59
|
+
else
|
|
60
|
+
{
|
|
61
|
+
on_fail('AWS did not return ResourceRecord. (AWS issue)');
|
|
62
|
+
}
|
|
63
|
+
|
|
64
|
+
}, 1000);
|
|
65
|
+
}
|
|
35
66
|
// Do not wait if we requested DNS validation
|
|
36
67
|
if (request.ResourceProperties.ValidationMethod === "DNS")
|
|
37
68
|
{
|
|
@@ -11,6 +11,8 @@ function wait_for_approval(on_success, on_fail)
|
|
|
11
11
|
};
|
|
12
12
|
|
|
13
13
|
acm.describeCertificate(params, function(err, cert_data) {
|
|
14
|
+
console.log('describe certificate data');
|
|
15
|
+
console.log(cert_data);;
|
|
14
16
|
if (err)
|
|
15
17
|
{
|
|
16
18
|
on_fail(err);
|
|
@@ -38,6 +40,8 @@ function wait_for_approval(on_success, on_fail)
|
|
|
38
40
|
|
|
39
41
|
function fail(err)
|
|
40
42
|
{
|
|
43
|
+
console.log('Errored.');
|
|
44
|
+
console.log(err);
|
|
41
45
|
Cloudformation.send(request, context, Cloudformation.FAILED, {}, "Error: " + err);
|
|
42
46
|
}
|
|
43
47
|
|
data/lib/sumomo/api.rb
CHANGED
|
@@ -163,10 +163,13 @@ module Sumomo
|
|
|
163
163
|
domain_name,
|
|
164
164
|
name:,
|
|
165
165
|
script: nil,
|
|
166
|
+
env: {},
|
|
166
167
|
dns: nil,
|
|
167
168
|
cert: nil,
|
|
168
169
|
mtls_truststore: nil,
|
|
169
170
|
logging: true,
|
|
171
|
+
network: nil,
|
|
172
|
+
layer: nil,
|
|
170
173
|
with_statements: [], &block)
|
|
171
174
|
|
|
172
175
|
api = make 'AWS::ApiGateway::RestApi', name: name do
|
|
@@ -221,6 +224,9 @@ module Sumomo
|
|
|
221
224
|
|
|
222
225
|
fun = make_lambda(
|
|
223
226
|
name: "#{name}Lambda#{@version_number}",
|
|
227
|
+
env: env,
|
|
228
|
+
network: network,
|
|
229
|
+
layer: layer,
|
|
224
230
|
files: files,
|
|
225
231
|
role: custom_resource_exec_role(with_statements: with_statements) )
|
|
226
232
|
|
data/lib/sumomo/ec2.rb
CHANGED
|
@@ -268,6 +268,7 @@ module Sumomo
|
|
|
268
268
|
docker_password: '',
|
|
269
269
|
eip: nil,
|
|
270
270
|
policies: [],
|
|
271
|
+
scalein_protection: true,
|
|
271
272
|
&block
|
|
272
273
|
)
|
|
273
274
|
|
|
@@ -464,6 +465,8 @@ module Sumomo
|
|
|
464
465
|
|
|
465
466
|
VPCZoneIdentifier subnet_ids
|
|
466
467
|
|
|
468
|
+
NewInstancesProtectedFromScaleIn scalein_protection
|
|
469
|
+
|
|
467
470
|
LaunchConfigurationName launch_config
|
|
468
471
|
LoadBalancerNames [elb] if elb
|
|
469
472
|
|
data/lib/sumomo/stack.rb
CHANGED
|
@@ -24,8 +24,11 @@ module Sumomo
|
|
|
24
24
|
function_key: "cloudformation/lambda/function_#{name}",
|
|
25
25
|
handler: 'index.handler',
|
|
26
26
|
runtime: 'nodejs14.x',
|
|
27
|
+
env: {},
|
|
27
28
|
memory_size: 128,
|
|
28
29
|
timeout: 30,
|
|
30
|
+
network: nil,
|
|
31
|
+
layer: nil,
|
|
29
32
|
enable_logging: true,
|
|
30
33
|
role: nil)
|
|
31
34
|
|
|
@@ -45,6 +48,29 @@ module Sumomo
|
|
|
45
48
|
end
|
|
46
49
|
end
|
|
47
50
|
|
|
51
|
+
vpcconfig = nil
|
|
52
|
+
|
|
53
|
+
if network != nil
|
|
54
|
+
|
|
55
|
+
layer ||= network.subnets.keys.first
|
|
56
|
+
|
|
57
|
+
ingress = [allow_port(:all)]
|
|
58
|
+
egress = [allow_port(:all)]
|
|
59
|
+
|
|
60
|
+
lambda_sec_group = make 'AWS::EC2::SecurityGroup' do
|
|
61
|
+
GroupDescription "Lambda Security group for layer: #{layer}"
|
|
62
|
+
SecurityGroupIngress ingress
|
|
63
|
+
SecurityGroupEgress egress
|
|
64
|
+
VpcId network.vpc
|
|
65
|
+
end
|
|
66
|
+
|
|
67
|
+
subnetids = network.subnets[layer].map { |x| x[:name] }
|
|
68
|
+
vpcconfig = {
|
|
69
|
+
SecurityGroupIds: [lambda_sec_group],
|
|
70
|
+
SubnetIds: subnetids
|
|
71
|
+
}
|
|
72
|
+
end
|
|
73
|
+
|
|
48
74
|
@store.set_raw(function_key, stringio.string)
|
|
49
75
|
|
|
50
76
|
stack = self
|
|
@@ -58,6 +84,10 @@ module Sumomo
|
|
|
58
84
|
Runtime runtime
|
|
59
85
|
Timeout timeout
|
|
60
86
|
Role role.Arn
|
|
87
|
+
VpcConfig vpcconfig unless vpcconfig.nil?
|
|
88
|
+
Environment do
|
|
89
|
+
Variables env
|
|
90
|
+
end
|
|
61
91
|
end
|
|
62
92
|
|
|
63
93
|
if enable_logging
|
data/lib/sumomo/version.rb
CHANGED
data/lib/sumomo.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: sumomo
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.8.
|
|
4
|
+
version: 0.8.16
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- David Siaw
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2022-09-15 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|