ufo 4.6.2 → 5.0.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +29 -0
- data/docs/_docs/conventions.md +1 -1
- data/docs/_docs/extras/codebuild-iam-role.md +1 -1
- data/docs/_docs/extras/dockerfile-erb.md +1 -1
- data/docs/_docs/extras/ecs-network-mode.md +1 -1
- data/docs/_docs/extras/load-balancer.md +1 -1
- data/docs/_docs/extras/minimal-deploy-iam.md +1 -1
- data/docs/_docs/extras/notification-arns.md +21 -0
- data/docs/_docs/extras/redirection-support.md +9 -9
- data/docs/_docs/extras/route53-support.md +4 -4
- data/docs/_docs/extras/security-groups.md +1 -1
- data/docs/_docs/extras/ssl-support.md +5 -5
- data/docs/_docs/faq.md +1 -1
- data/docs/_docs/helpers.md +7 -5
- data/docs/_docs/iam-roles.md +112 -0
- data/docs/_docs/install.md +0 -10
- data/docs/_docs/more/auto-completion.md +1 -1
- data/docs/_docs/more/automated-cleanup.md +1 -1
- data/docs/_docs/more/customize-cloudformation.md +1 -1
- data/docs/_docs/more/migrations.md +1 -1
- data/docs/_docs/more/run-in-pieces.md +1 -1
- data/docs/_docs/more/single-task.md +1 -1
- data/docs/_docs/more/stuck-cloudformation.md +1 -1
- data/docs/_docs/more/why-cloudformation.md +1 -1
- data/docs/_docs/next-steps.md +1 -1
- data/docs/_docs/quick-start-ec2.md +1 -0
- data/docs/_docs/secrets.md +135 -0
- data/docs/_docs/settings.md +10 -9
- data/docs/_docs/settings/cluster.md +7 -13
- data/docs/_docs/settings/manage-security-groups.md +24 -0
- data/docs/_docs/settings/network.md +11 -1
- data/docs/_docs/structure.md +10 -9
- data/docs/_docs/tutorial-ufo-init.md +1 -7
- data/docs/_docs/ufo-current.md +1 -1
- data/docs/_docs/ufo-env-extra.md +1 -1
- data/docs/_docs/ufo-env.md +3 -5
- data/docs/_docs/ufo-logs.md +1 -2
- data/docs/_docs/ufo-task-params.md +1 -1
- data/docs/_docs/upgrading.md +1 -1
- data/docs/_docs/upgrading/upgrade4.5.md +2 -2
- data/docs/_docs/upgrading/upgrade4.md +2 -2
- data/docs/_docs/upgrading/upgrade5.md +19 -0
- data/docs/_docs/variables.md +1 -1
- data/docs/_includes/cfn-customize.md +4 -4
- data/docs/_includes/footer.html +6 -5
- data/docs/_includes/subnav.html +3 -0
- data/docs/_reference/ufo-deploy.md +1 -2
- data/docs/_reference/ufo-init.md +15 -16
- data/docs/_reference/ufo-logs.md +1 -1
- data/docs/_reference/ufo-rollback.md +2 -0
- data/docs/_reference/ufo-ship.md +1 -2
- data/docs/_reference/ufo-ships.md +1 -2
- data/docs/_reference/ufo-tasks-build.md +1 -2
- data/docs/articles.md +1 -1
- data/docs/quick-start.md +1 -0
- data/lib/template/.secrets +5 -0
- data/lib/template/.ufo/iam_roles/execution_role.rb +7 -0
- data/lib/template/.ufo/iam_roles/task_role.rb +21 -0
- data/lib/template/.ufo/settings.yml.tt +1 -0
- data/lib/template/.ufo/settings/cfn/default.yml.tt +27 -27
- data/lib/template/.ufo/settings/network/default.yml.tt +9 -0
- data/lib/template/.ufo/templates/fargate.json.erb +3 -1
- data/lib/template/.ufo/templates/main.json.erb +3 -0
- data/lib/template/.ufo/variables/base.rb.tt +1 -0
- data/lib/ufo.rb +2 -1
- data/lib/ufo/autoloader.rb +9 -0
- data/lib/ufo/cli.rb +3 -2
- data/lib/ufo/core.rb +1 -9
- data/lib/ufo/docker/cleaner.rb +1 -1
- data/lib/ufo/dsl.rb +6 -1
- data/lib/ufo/dsl/helper.rb +19 -37
- data/lib/ufo/dsl/helper/vars.rb +97 -0
- data/lib/ufo/dsl/outputter.rb +12 -9
- data/lib/ufo/ecr/auth.rb +10 -21
- data/lib/ufo/help/init.md +1 -1
- data/lib/ufo/init.rb +0 -2
- data/lib/ufo/log_group.rb +1 -0
- data/lib/ufo/role/builder.rb +66 -0
- data/lib/ufo/role/dsl.rb +21 -0
- data/lib/ufo/role/registry.rb +24 -0
- data/lib/ufo/rollback.rb +2 -1
- data/lib/ufo/sequence.rb +0 -16
- data/lib/ufo/setting/profile.rb +11 -7
- data/lib/ufo/setting/security_groups.rb +22 -0
- data/lib/ufo/settings.rb +20 -0
- data/lib/ufo/stack.rb +24 -24
- data/lib/ufo/stack/builder.rb +26 -0
- data/lib/ufo/stack/builder/base.rb +54 -0
- data/lib/ufo/stack/builder/conditions.rb +23 -0
- data/lib/ufo/stack/builder/outputs.rb +24 -0
- data/lib/ufo/stack/builder/parameters.rb +45 -0
- data/lib/ufo/stack/builder/resources.rb +20 -0
- data/lib/ufo/stack/builder/resources/base.rb +4 -0
- data/lib/ufo/stack/builder/resources/dns.rb +17 -0
- data/lib/ufo/stack/builder/resources/ecs.rb +71 -0
- data/lib/ufo/stack/builder/resources/elb.rb +45 -0
- data/lib/ufo/stack/builder/resources/listener.rb +42 -0
- data/lib/ufo/stack/builder/resources/listener_ssl.rb +16 -0
- data/lib/ufo/stack/builder/resources/roles/base.rb +22 -0
- data/lib/ufo/stack/builder/resources/roles/execution_role.rb +4 -0
- data/lib/ufo/stack/builder/resources/roles/task_role.rb +4 -0
- data/lib/ufo/stack/builder/resources/security_group/base.rb +4 -0
- data/lib/ufo/stack/builder/resources/security_group/ecs.rb +44 -0
- data/lib/ufo/stack/builder/resources/security_group/ecs_rule.rb +25 -0
- data/lib/ufo/stack/builder/resources/security_group/elb.rb +57 -0
- data/lib/ufo/stack/builder/resources/target_group.rb +39 -0
- data/lib/ufo/stack/builder/resources/task_definition.rb +24 -0
- data/lib/ufo/stack/builder/resources/task_definition/reconstructor.rb +49 -0
- data/lib/ufo/stack/context.rb +41 -48
- data/lib/ufo/stack/custom_properties.rb +59 -0
- data/lib/ufo/stack/helper.rb +2 -5
- data/lib/ufo/stack/template_body.rb +13 -0
- data/lib/ufo/task.rb +2 -7
- data/lib/ufo/tasks.rb +1 -1
- data/lib/ufo/tasks/builder.rb +0 -1
- data/lib/ufo/template_scope.rb +1 -66
- data/lib/ufo/utils/squeezer.rb +24 -0
- data/lib/ufo/version.rb +1 -1
- data/spec/fixtures/iam_roles/task_role.rb +17 -0
- data/spec/lib/ecr_auth_spec.rb +32 -20
- data/spec/lib/role/builder_spec.rb +67 -0
- data/spec/lib/role/dsl_spec.rb +12 -0
- data/ufo.gemspec +2 -1
- metadata +66 -8
- data/lib/cfn/stack.yml +0 -283
data/docs/_includes/footer.html
CHANGED
@@ -6,11 +6,12 @@
|
|
6
6
|
<div class="footer-col col-md-4">
|
7
7
|
<h3>More Tools</h3>
|
8
8
|
<ul class="list-unstyled tools">
|
9
|
-
<li><a href="
|
10
|
-
<li><a href="
|
11
|
-
<li><a href="
|
12
|
-
<li><a href="
|
13
|
-
<li><a href="https://
|
9
|
+
<li><a href="https://terraspace.cloud">Terraspace</a></li>
|
10
|
+
<li><a href="https://kubes.guru">Kubes</a></li>
|
11
|
+
<li><a href="https://rubyonjets.com">Jets</a></li>
|
12
|
+
<li><a href="https://lono.cloud">Lono</a></li>
|
13
|
+
<li><a href="https://sonic-screwdriver.cloud">Sonic</a></li>
|
14
|
+
<li><a href="https://jack-eb.com">Jack</a></li>
|
14
15
|
</ul>
|
15
16
|
</div>
|
16
17
|
<div class="footer-col col-md-4">
|
data/docs/_includes/subnav.html
CHANGED
@@ -25,6 +25,8 @@
|
|
25
25
|
</li>
|
26
26
|
<li><a href="{% link _docs/variables.md %}">Shared Variables</a></li>
|
27
27
|
<li><a href="{% link _docs/helpers.md %}">Helpers</a></li>
|
28
|
+
<li><a href="{% link _docs/secrets.md %}">Secrets</a></li>
|
29
|
+
<li><a href="{% link _docs/iam-roles.md %}">IAM Roles</a></li>
|
28
30
|
<li><a href="{% link _docs/conventions.md %}">Conventions</a></li>
|
29
31
|
<li><a href="{% link _docs/ufo-logs.md %}">Ufo Logs</a></li>
|
30
32
|
<li><a href="{% link _docs/ufo-env.md %}">Ufo Env</a></li>
|
@@ -44,6 +46,7 @@
|
|
44
46
|
<li><a href="{% link _docs/extras/minimal-deploy-iam.md %}">Minimal Deploy IAM</a></li>
|
45
47
|
<li><a href="{% link _docs/extras/codebuild-iam-role.md %}">CodeBuild IAM Role</a></li>
|
46
48
|
<li><a href="{% link _docs/extras/dockerfile-erb.md %}">Dockerfile.erb</a></li>
|
49
|
+
<li><a href="{% link _docs/extras/notification-arns.md %}">Notification Arns</a></li>
|
47
50
|
</ul>
|
48
51
|
</li>
|
49
52
|
<li><a href="{% link _docs/upgrading.md %}">Upgrading</a>
|
@@ -58,13 +58,12 @@ A more detailed post is available here: [How to Create Unlimited Extra Environme
|
|
58
58
|
[--elb=ELB] # Decides to create elb, not create elb or use existing target group.
|
59
59
|
[--elb-eip-ids=one two three] # EIP Allocation ids to use for network load balancer.
|
60
60
|
[--elb-type=ELB_TYPE] # ELB type: application or network. Keep current deployed elb type when not specified.
|
61
|
-
[--pretty], [--no-pretty] # Pretty format the json for the task definitions
|
62
|
-
# Default: true
|
63
61
|
[--scheduling-strategy=SCHEDULING_STRATEGY] # Scheduling strategy to use for the service. IE: replica, daemon
|
64
62
|
[--stop-old-tasks], [--no-stop-old-tasks] # Stop old tasks as part of deployment to speed it up
|
65
63
|
[--task=TASK] # ECS task name, to override the task name convention.
|
66
64
|
[--wait], [--no-wait] # Wait for deployment to complete
|
67
65
|
# Default: true
|
66
|
+
[--image-override=IMAGE_OVERRIDE] # Override image in task definition for quick testing
|
68
67
|
[--register], [--no-register] # Register task definition
|
69
68
|
# Default: true
|
70
69
|
[--build], [--no-build] # Build task definition
|
data/docs/_reference/ufo-init.md
CHANGED
@@ -52,7 +52,7 @@ The `image` is the base portion of image name that will be pushed to the docker
|
|
52
52
|
|
53
53
|
The generated `tongueroo/demo-ufo:ufo-2018-02-08T21-04-02-3c86158` image name gets pushed to the docker registry.
|
54
54
|
|
55
|
-
The `--vpc-id`
|
55
|
+
The `--vpc-id`, `--ecs-subnets`, and `--elb-subnets` options are optional but very useful. If not specified then ufo will use the default vpc for the network settings like subnets and security groups, which might not be what you want.
|
56
56
|
|
57
57
|
## Directory Structure
|
58
58
|
|
@@ -107,20 +107,19 @@ If you would like to use a local template that is not on GitHub, then created a
|
|
107
107
|
## Options
|
108
108
|
|
109
109
|
```
|
110
|
-
[--force]
|
111
|
-
--image=IMAGE
|
112
|
-
[--app=APP]
|
113
|
-
[--launch-type=LAUNCH_TYPE]
|
114
|
-
|
115
|
-
[--
|
116
|
-
[--template=
|
117
|
-
[--
|
118
|
-
[--
|
119
|
-
[--
|
120
|
-
[--
|
121
|
-
[--
|
122
|
-
[--
|
123
|
-
[--
|
124
|
-
[--cluster=CLUSTER] # Cluster. Overrides .ufo/settings.yml.
|
110
|
+
[--force] # Bypass overwrite are you sure prompt for existing files.
|
111
|
+
--image=IMAGE # Docker image name without the tag. Example: tongueroo/demo-ufo. Configures ufo/settings.yml
|
112
|
+
[--app=APP] # App name. Preferably one word. Used in the generated ufo/task_definitions.rb. If not specified then the app name is inferred as the folder name.
|
113
|
+
[--launch-type=LAUNCH_TYPE] # ec2 or fargate.
|
114
|
+
# Default: ec2
|
115
|
+
[--template=TEMPLATE] # Custom template to use.
|
116
|
+
[--template-mode=TEMPLATE_MODE] # Template mode: replace or additive.
|
117
|
+
[--vpc-id=VPC_ID] # Vpc id. For settings/network/default.yml.
|
118
|
+
[--ecs-subnets=one two three] # Subnets for ECS tasks, defaults to --elb-subnets set to. For settings/network/default.yml
|
119
|
+
[--elb-subnets=one two three] # Subnets for ELB. For settings/network/default.yml
|
120
|
+
[--verbose], [--no-verbose]
|
121
|
+
[--mute], [--no-mute]
|
122
|
+
[--noop], [--no-noop]
|
123
|
+
[--cluster=CLUSTER] # Cluster. Overrides .ufo/settings.yml.
|
125
124
|
```
|
126
125
|
|
data/docs/_reference/ufo-logs.md
CHANGED
@@ -30,7 +30,7 @@ If you have a current service name set.
|
|
30
30
|
# Default: true
|
31
31
|
[--since=SINCE] # From what time to begin displaying logs. By default, logs will be displayed starting from 1 minutes in the past. The value provided can be an ISO 8601 timestamp or a relative time.
|
32
32
|
[--format=FORMAT] # The format to display the logs. IE: detailed or short. With detailed, the log stream name is also shown.
|
33
|
-
# Default:
|
33
|
+
# Default: detailed
|
34
34
|
[--filter-pattern=FILTER_PATTERN] # The filter pattern to use. If not provided, all the events are matched
|
35
35
|
[--verbose], [--no-verbose]
|
36
36
|
[--mute], [--no-mute]
|
@@ -51,6 +51,8 @@ You only need to specify enough for a match to be found. Ufo searches the 30 mo
|
|
51
51
|
## Options
|
52
52
|
|
53
53
|
```
|
54
|
+
[--wait], [--no-wait] # Wait for deployment to complete
|
55
|
+
# Default: true
|
54
56
|
[--verbose], [--no-verbose]
|
55
57
|
[--mute], [--no-mute]
|
56
58
|
[--noop], [--no-noop]
|
data/docs/_reference/ufo-ship.md
CHANGED
@@ -115,13 +115,12 @@ You can change the scheduling strategy by explicitly specifying it. Otherwise,
|
|
115
115
|
[--elb=ELB] # Decides to create elb, not create elb or use existing target group.
|
116
116
|
[--elb-eip-ids=one two three] # EIP Allocation ids to use for network load balancer.
|
117
117
|
[--elb-type=ELB_TYPE] # ELB type: application or network. Keep current deployed elb type when not specified.
|
118
|
-
[--pretty], [--no-pretty] # Pretty format the json for the task definitions
|
119
|
-
# Default: true
|
120
118
|
[--scheduling-strategy=SCHEDULING_STRATEGY] # Scheduling strategy to use for the service. IE: replica, daemon
|
121
119
|
[--stop-old-tasks], [--no-stop-old-tasks] # Stop old tasks as part of deployment to speed it up
|
122
120
|
[--task=TASK] # ECS task name, to override the task name convention.
|
123
121
|
[--wait], [--no-wait] # Wait for deployment to complete
|
124
122
|
# Default: true
|
123
|
+
[--image-override=IMAGE_OVERRIDE] # Override image in task definition for quick testing
|
125
124
|
[--verbose], [--no-verbose]
|
126
125
|
[--mute], [--no-mute]
|
127
126
|
[--noop], [--no-noop]
|
@@ -55,12 +55,11 @@ Note: The `--task` option is not used with the `ufo ships` command.
|
|
55
55
|
[--elb=ELB] # Decides to create elb, not create elb or use existing target group.
|
56
56
|
[--elb-eip-ids=one two three] # EIP Allocation ids to use for network load balancer.
|
57
57
|
[--elb-type=ELB_TYPE] # ELB type: application or network. Keep current deployed elb type when not specified.
|
58
|
-
[--pretty], [--no-pretty] # Pretty format the json for the task definitions
|
59
|
-
# Default: true
|
60
58
|
[--scheduling-strategy=SCHEDULING_STRATEGY] # Scheduling strategy to use for the service. IE: replica, daemon
|
61
59
|
[--stop-old-tasks], [--no-stop-old-tasks] # Stop old tasks as part of deployment to speed it up
|
62
60
|
[--task=TASK] # ECS task name, to override the task name convention.
|
63
61
|
[--wait], [--no-wait] # Wait for deployment to complete
|
62
|
+
[--image-override=IMAGE_OVERRIDE] # Override image in task definition for quick testing
|
64
63
|
[--verbose], [--no-verbose]
|
65
64
|
[--mute], [--no-mute]
|
66
65
|
[--noop], [--no-noop]
|
@@ -173,7 +173,6 @@ If you need to modify the task definition template to suite your own needs it is
|
|
173
173
|
## Options
|
174
174
|
|
175
175
|
```
|
176
|
-
[--
|
177
|
-
# Default: true
|
176
|
+
[--image-override=IMAGE_OVERRIDE] # Override image in task definition for quick testing
|
178
177
|
```
|
179
178
|
|
data/docs/articles.md
CHANGED
data/docs/quick-start.md
CHANGED
@@ -26,6 +26,7 @@ This quickstart assumes:
|
|
26
26
|
|
27
27
|
* You have push access to the repo. Refer to the Notes "Repo Push Access" section below for more info.
|
28
28
|
* The `ecsTaskExecutionRole` needs to exist on your AWS account. If you do not have an ecsTaskExecutionRole yet, create one by following: [Create ecsTaskExecutionRole with AWS CLI]({% link _docs/aws-ecs-task-execution-role.md %}).
|
29
|
+
* The ECS Cluster is in the default VPC. If it is not you need to use the `--vpc-id`, `--ecs-subnets`, and `--elb-subnets` options in the [ufo init]({% link _reference/ufo-init.md %}) command.
|
29
30
|
|
30
31
|
## What Happened
|
31
32
|
|
@@ -0,0 +1,7 @@
|
|
1
|
+
# Example starter execution role. Add the iam role permissions that the host needs here:
|
2
|
+
#
|
3
|
+
# More docs: https://ufoships.com/docs/iam-roles/
|
4
|
+
#
|
5
|
+
managed_iam_policy("AmazonSSMReadOnlyAccess")
|
6
|
+
managed_iam_policy("SecretsManagerReadWrite")
|
7
|
+
managed_iam_policy("service-role/AmazonECSTaskExecutionRolePolicy")
|
@@ -0,0 +1,21 @@
|
|
1
|
+
# Example starter task role. Add the iam role permissions that the container needs here:
|
2
|
+
#
|
3
|
+
# More docs: https://ufoships.com/docs/iam-roles/
|
4
|
+
#
|
5
|
+
# Examples:
|
6
|
+
#
|
7
|
+
# iam_policy("AmazonS3ReadOnlyAccess",
|
8
|
+
# Action: [
|
9
|
+
# "s3:Get*",
|
10
|
+
# "s3:List*"
|
11
|
+
# ],
|
12
|
+
# Effect: "Allow",
|
13
|
+
# Resource: "*"
|
14
|
+
# )
|
15
|
+
# iam_policy("CloudwatchWrite",
|
16
|
+
# Action: [
|
17
|
+
# "cloudwatch:PutMetricData",
|
18
|
+
# ],
|
19
|
+
# Effect: "Allow",
|
20
|
+
# Resource: "*"
|
21
|
+
# )
|
@@ -13,6 +13,7 @@ base:
|
|
13
13
|
# replacment might not work. For example, adding and removing a load balancer.
|
14
14
|
# In these cases, you must delete the entire ecs service and recreate it.
|
15
15
|
stack_naming: append_env
|
16
|
+
auto_camelize: false # new default setting in ufo v5
|
16
17
|
|
17
18
|
development:
|
18
19
|
# cluster: development
|
@@ -3,38 +3,38 @@
|
|
3
3
|
# CloudFormation. These options are inserting into the generated template.
|
4
4
|
# More info: https://ufoships.com/docs/customize-cloudformation
|
5
5
|
|
6
|
-
|
7
|
-
|
6
|
+
Elb:
|
7
|
+
Scheme: internet-facing
|
8
8
|
|
9
9
|
# https://docs.aws.amazon.com/fr_fr/elasticloadbalancing/latest/APIReference/API_CreateTargetGroup.html
|
10
10
|
#
|
11
11
|
# When using SSL with network elb, the target group protocol is usually http still
|
12
12
|
# unless you also handle SSL termination at the app level.
|
13
|
-
|
14
|
-
|
15
|
-
#
|
13
|
+
TargetGroup:
|
14
|
+
Port: 80 # only used with ECS if awsvpc mode
|
15
|
+
# Protocol: TCP # valid values - application elb: HTTP HTTPS, network elb: TCP
|
16
16
|
# ufo sets defaults in cloudformation template
|
17
17
|
# application elb: HTTP
|
18
18
|
# network elb: TCP
|
19
19
|
# so we can keep this commented out, unless we need HTTPS at the app level
|
20
20
|
# Health check settings are supported by application load balancer only:
|
21
|
-
#
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
#
|
26
|
-
#
|
27
|
-
|
28
|
-
-
|
29
|
-
|
21
|
+
# HealthCheckPath: /up # health check
|
22
|
+
HealthCheckIntervalSeconds: 10 # default: 30. Network ELB can only take 10 or 30
|
23
|
+
HealthyThresholdCount: 2
|
24
|
+
UnhealthyThresholdCount: 2 # default: 10
|
25
|
+
# HealthCheckProtocol: HTTP # HTTP or HTTPS
|
26
|
+
# HealthCheckPort: traffic-port
|
27
|
+
TargetGroupAttributes:
|
28
|
+
- Key: deregistration_delay.timeout_seconds
|
29
|
+
Value: 10
|
30
30
|
|
31
31
|
# https://docs.aws.amazon.com/fr_fr/elasticloadbalancing/latest/APIReference/API_CreateListener.html
|
32
32
|
#
|
33
33
|
# This is the default listener and normally should listen to port 80.
|
34
|
-
|
35
|
-
|
34
|
+
Listener:
|
35
|
+
Port: 80
|
36
36
|
# For Application Load Balancers, the supported protocols are HTTP and HTTPS. For Network Load Balancers, the supported protocol is TCP.
|
37
|
-
#
|
37
|
+
# Protocol: TCP # valid values - application elb: HTTP HTTPS, network elb: TCP, TLS
|
38
38
|
# ufo sets these defaults:
|
39
39
|
# application elb: HTTP # unless port is 443
|
40
40
|
# application elb: HTTPS # if port is 443
|
@@ -43,8 +43,8 @@ listener:
|
|
43
43
|
# Can keep protocol commented out,
|
44
44
|
# unless need to override the defaults.
|
45
45
|
# If using the listener to handle SSL
|
46
|
-
#
|
47
|
-
# -
|
46
|
+
# Certificates:
|
47
|
+
# - CertificateArn: arn:aws:acm:us-east-1:111111111111:certificate/11111111-2222-3333-4444-555555555555
|
48
48
|
|
49
49
|
# An optional second listener can be created.
|
50
50
|
# If HTTPS and SSL is required then the listener_ssl config is what you should use.
|
@@ -53,11 +53,11 @@ listener:
|
|
53
53
|
# to handle SSL termination.
|
54
54
|
#
|
55
55
|
# ufo creates an ssl listener when listener_ssl is set.
|
56
|
-
#
|
57
|
-
#
|
58
|
-
# #
|
59
|
-
# # -
|
60
|
-
# #
|
56
|
+
# ListenerSsl:
|
57
|
+
# Port: 443
|
58
|
+
# # Certificates:
|
59
|
+
# # - CertificateArn: arn:aws:acm:us-east-1:111111111111:certificate/11111111-2222-3333-4444-555555555555
|
60
|
+
# # Protocol: TCP # valid values - application elb: HTTP HTTPS, network elb: TCP, TLS
|
61
61
|
# # ufo handles setting the defaults:
|
62
62
|
# # application elb: HTTPS
|
63
63
|
# # network elb: TLS
|
@@ -66,7 +66,7 @@ listener:
|
|
66
66
|
# Note, the route53 record set for the domain name must already exist.
|
67
67
|
# The {stack_name} variable gets replaced with the name of the CloudFormation stack name.
|
68
68
|
# Example: {stack_name} => demo-web
|
69
|
-
#
|
70
|
-
#
|
71
|
-
#
|
69
|
+
# Dns:
|
70
|
+
# Name: "{stack_name}.yourdomain."
|
71
|
+
# HostedZoneName: yourdomain. # dont forget the trailing period
|
72
72
|
# TTL: '60' # ttl has special upcase casing
|
@@ -15,3 +15,12 @@ elb_subnets: # defaults to same subnets as ecs_subnets when not set
|
|
15
15
|
# ecs_security_groups:
|
16
16
|
# - sg-bbb
|
17
17
|
# - sg-ccc
|
18
|
+
|
19
|
+
# Also supports extra security groups specific to each ECS service
|
20
|
+
# ecs_security_groups:
|
21
|
+
# demo-web:
|
22
|
+
# - sg-bbb
|
23
|
+
# - sg-ccc
|
24
|
+
# demo-worker:
|
25
|
+
# - sg-bbb
|
26
|
+
# - sg-ccc
|
@@ -2,7 +2,6 @@
|
|
2
2
|
"family": "<%= @family %>",
|
3
3
|
"requiresCompatibilities": ["FARGATE"],
|
4
4
|
"networkMode": "awsvpc",
|
5
|
-
"executionRoleArn": "<%= @execution_role_arn || raise("@execution_role_arn needs to be set") %>",
|
6
5
|
"cpu": "<%= @cpu %>",
|
7
6
|
"memory": "<%= @memory %>",
|
8
7
|
"containerDefinitions": [
|
@@ -21,6 +20,9 @@
|
|
21
20
|
<% if @environment %>
|
22
21
|
"environment": <%= @environment.to_json %>,
|
23
22
|
<% end %>
|
23
|
+
<% if @secrets %>
|
24
|
+
"secrets": <%= @secrets.to_json %>,
|
25
|
+
<% end %>
|
24
26
|
<% if @awslogs_group %>
|
25
27
|
"logConfiguration": {
|
26
28
|
"logDriver": "awslogs",
|
@@ -2,6 +2,7 @@
|
|
2
2
|
# More info on how variables work: http://ufoships.com/docs/variables/
|
3
3
|
@image = helper.full_image_name # includes the git sha tongueroo/demo-ufo:ufo-[sha].
|
4
4
|
@environment = helper.env_file(".env")
|
5
|
+
@secrets = helper.secrets_file(".secrets")
|
5
6
|
<% if @options[:launch_type] == "fargate" -%>
|
6
7
|
# Ensure that the cpu and memory values are a supported combination by Fargate.
|
7
8
|
# More info: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-cpu-memory-error.html"
|
data/lib/ufo.rb
CHANGED
@@ -1,7 +1,8 @@
|
|
1
1
|
$stdout.sync = true unless ENV["UFO_STDOUT_SYNC"] == "0"
|
2
2
|
|
3
3
|
$:.unshift(File.expand_path('../', __FILE__))
|
4
|
-
require '
|
4
|
+
require 'active_support/core_ext/class'
|
5
|
+
require 'deep_merge/rails_compat'
|
5
6
|
require 'fileutils'
|
6
7
|
require 'memoist'
|
7
8
|
require 'rainbow/ext/string'
|
data/lib/ufo/autoloader.rb
CHANGED
@@ -14,8 +14,17 @@ module Ufo
|
|
14
14
|
loader = Zeitwerk::Loader.new
|
15
15
|
loader.inflector = Inflector.new
|
16
16
|
loader.push_dir(File.dirname(__dir__)) # lib
|
17
|
+
|
18
|
+
helpers = "#{ufo_root}/.ufo/helpers"
|
19
|
+
loader.push_dir(helpers) if File.exist?(helpers) # project helpers
|
20
|
+
|
17
21
|
loader.setup
|
18
22
|
end
|
23
|
+
|
24
|
+
# Autoloader runs so early that Ufo.root is not available, so we must declare it here
|
25
|
+
def ufo_root
|
26
|
+
ENV['UFO_ROOT'] || '.'
|
27
|
+
end
|
19
28
|
end
|
20
29
|
end
|
21
30
|
end
|
data/lib/ufo/cli.rb
CHANGED
@@ -37,11 +37,11 @@ module Ufo
|
|
37
37
|
option :elb, desc: "Decides to create elb, not create elb or use existing target group."
|
38
38
|
option :elb_eip_ids, type: :array, desc: "EIP Allocation ids to use for network load balancer."
|
39
39
|
option :elb_type, desc: "ELB type: application or network. Keep current deployed elb type when not specified."
|
40
|
-
option :pretty, type: :boolean, default: true, desc: "Pretty format the json for the task definitions"
|
41
40
|
option :scheduling_strategy, desc: "Scheduling strategy to use for the service. IE: replica, daemon"
|
42
41
|
option :stop_old_tasks, type: :boolean, default: false, desc: "Stop old tasks as part of deployment to speed it up"
|
43
42
|
option :task, desc: "ECS task name, to override the task name convention."
|
44
43
|
option :wait, type: :boolean, desc: "Wait for deployment to complete", default: true
|
44
|
+
option :image_override, desc: "Override image in task definition for quick testing"
|
45
45
|
end
|
46
46
|
|
47
47
|
desc "deploy SERVICE", "Deploy task definition to ECS service without re-building the definition."
|
@@ -75,6 +75,7 @@ module Ufo
|
|
75
75
|
|
76
76
|
desc "rollback SERVICE VERSION", "Rolls back to older task definition."
|
77
77
|
long_desc Help.text(:rollback)
|
78
|
+
option :wait, type: :boolean, desc: "Wait for deployment to complete", default: true
|
78
79
|
def rollback(service=:current, version)
|
79
80
|
service = service == :current ? Current.service! : service
|
80
81
|
rollback = Rollback.new(service, options.merge(version: version))
|
@@ -191,7 +192,7 @@ module Ufo
|
|
191
192
|
long_desc Help.text(:logs)
|
192
193
|
option :follow, default: true, type: :boolean, desc: " Whether to continuously poll for new logs. To exit from this mode, use Control-C."
|
193
194
|
option :since, desc: "From what time to begin displaying logs. By default, logs will be displayed starting from 1 minutes in the past. The value provided can be an ISO 8601 timestamp or a relative time."
|
194
|
-
option :format, default: "
|
195
|
+
option :format, default: "detailed", desc: "The format to display the logs. IE: detailed or short. With detailed, the log stream name is also shown."
|
195
196
|
option :filter_pattern, desc: "The filter pattern to use. If not provided, all the events are matched"
|
196
197
|
def logs(service=:current)
|
197
198
|
Logs.new(service, options).run
|
data/lib/ufo/core.rb
CHANGED
@@ -4,6 +4,7 @@ require 'yaml'
|
|
4
4
|
module Ufo
|
5
5
|
module Core
|
6
6
|
extend Memoist
|
7
|
+
include Ufo::Settings
|
7
8
|
|
8
9
|
def check_task_definition!(task_definition)
|
9
10
|
task_definition_path = "#{Ufo.root}/.ufo/output/#{task_definition}.json"
|
@@ -49,15 +50,6 @@ module Ufo
|
|
49
50
|
end
|
50
51
|
end
|
51
52
|
|
52
|
-
def settings
|
53
|
-
Setting.new.data
|
54
|
-
end
|
55
|
-
memoize :settings
|
56
|
-
|
57
|
-
def cfn_profile
|
58
|
-
settings[:cfn_profile] || "default"
|
59
|
-
end
|
60
|
-
|
61
53
|
def check_ufo_project!
|
62
54
|
check_path = "#{Ufo.root}/.ufo/settings.yml"
|
63
55
|
unless File.exist?(check_path)
|