ufo 4.6.3 → 5.0.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +29 -0
- data/docs/_docs/conventions.md +1 -1
- data/docs/_docs/extras/codebuild-iam-role.md +1 -1
- data/docs/_docs/extras/dockerfile-erb.md +1 -1
- data/docs/_docs/extras/ecs-network-mode.md +1 -1
- data/docs/_docs/extras/load-balancer.md +1 -1
- data/docs/_docs/extras/minimal-deploy-iam.md +1 -1
- data/docs/_docs/extras/notification-arns.md +21 -0
- data/docs/_docs/extras/redirection-support.md +9 -9
- data/docs/_docs/extras/route53-support.md +4 -4
- data/docs/_docs/extras/security-groups.md +1 -1
- data/docs/_docs/extras/ssl-support.md +5 -5
- data/docs/_docs/faq.md +1 -1
- data/docs/_docs/helpers.md +7 -5
- data/docs/_docs/iam-roles.md +112 -0
- data/docs/_docs/install.md +0 -10
- data/docs/_docs/more/auto-completion.md +1 -1
- data/docs/_docs/more/automated-cleanup.md +1 -1
- data/docs/_docs/more/customize-cloudformation.md +1 -1
- data/docs/_docs/more/migrations.md +1 -1
- data/docs/_docs/more/run-in-pieces.md +1 -1
- data/docs/_docs/more/single-task.md +1 -1
- data/docs/_docs/more/stuck-cloudformation.md +1 -1
- data/docs/_docs/more/why-cloudformation.md +1 -1
- data/docs/_docs/next-steps.md +1 -1
- data/docs/_docs/secrets.md +135 -0
- data/docs/_docs/settings.md +10 -9
- data/docs/_docs/settings/cluster.md +7 -13
- data/docs/_docs/settings/manage-security-groups.md +24 -0
- data/docs/_docs/settings/network.md +11 -1
- data/docs/_docs/structure.md +10 -9
- data/docs/_docs/tutorial-ufo-init.md +1 -7
- data/docs/_docs/ufo-current.md +1 -1
- data/docs/_docs/ufo-env-extra.md +1 -1
- data/docs/_docs/ufo-env.md +3 -5
- data/docs/_docs/ufo-logs.md +1 -2
- data/docs/_docs/ufo-task-params.md +1 -1
- data/docs/_docs/upgrading.md +1 -1
- data/docs/_docs/upgrading/upgrade4.5.md +2 -2
- data/docs/_docs/upgrading/upgrade4.md +2 -2
- data/docs/_docs/upgrading/upgrade5.md +19 -0
- data/docs/_docs/variables.md +1 -1
- data/docs/_includes/cfn-customize.md +18 -4
- data/docs/_includes/footer.html +6 -5
- data/docs/_includes/subnav.html +3 -0
- data/docs/_reference/ufo-deploy.md +1 -2
- data/docs/_reference/ufo-init.md +14 -15
- data/docs/_reference/ufo-logs.md +1 -1
- data/docs/_reference/ufo-rollback.md +2 -0
- data/docs/_reference/ufo-ship.md +1 -2
- data/docs/_reference/ufo-ships.md +1 -2
- data/docs/_reference/ufo-tasks-build.md +1 -2
- data/docs/articles.md +1 -1
- data/lib/template/.secrets +5 -0
- data/lib/template/.ufo/iam_roles/execution_role.rb +7 -0
- data/lib/template/.ufo/iam_roles/task_role.rb +21 -0
- data/lib/template/.ufo/settings.yml.tt +1 -0
- data/lib/template/.ufo/settings/cfn/default.yml.tt +27 -27
- data/lib/template/.ufo/settings/network/default.yml.tt +9 -0
- data/lib/template/.ufo/templates/fargate.json.erb +3 -1
- data/lib/template/.ufo/templates/main.json.erb +3 -0
- data/lib/template/.ufo/variables/base.rb.tt +1 -0
- data/lib/ufo.rb +2 -1
- data/lib/ufo/autoloader.rb +9 -0
- data/lib/ufo/cli.rb +3 -2
- data/lib/ufo/core.rb +1 -9
- data/lib/ufo/docker/cleaner.rb +1 -1
- data/lib/ufo/dsl.rb +6 -1
- data/lib/ufo/dsl/helper.rb +19 -37
- data/lib/ufo/dsl/helper/vars.rb +97 -0
- data/lib/ufo/dsl/outputter.rb +12 -9
- data/lib/ufo/ecr/auth.rb +10 -21
- data/lib/ufo/init.rb +0 -2
- data/lib/ufo/log_group.rb +1 -0
- data/lib/ufo/role/builder.rb +66 -0
- data/lib/ufo/role/dsl.rb +21 -0
- data/lib/ufo/role/registry.rb +24 -0
- data/lib/ufo/rollback.rb +2 -1
- data/lib/ufo/sequence.rb +0 -16
- data/lib/ufo/setting/profile.rb +22 -8
- data/lib/ufo/setting/security_groups.rb +22 -0
- data/lib/ufo/settings.rb +20 -0
- data/lib/ufo/stack.rb +24 -24
- data/lib/ufo/stack/builder.rb +26 -0
- data/lib/ufo/stack/builder/base.rb +54 -0
- data/lib/ufo/stack/builder/conditions.rb +23 -0
- data/lib/ufo/stack/builder/outputs.rb +24 -0
- data/lib/ufo/stack/builder/parameters.rb +45 -0
- data/lib/ufo/stack/builder/resources.rb +20 -0
- data/lib/ufo/stack/builder/resources/base.rb +4 -0
- data/lib/ufo/stack/builder/resources/dns.rb +17 -0
- data/lib/ufo/stack/builder/resources/ecs.rb +71 -0
- data/lib/ufo/stack/builder/resources/elb.rb +45 -0
- data/lib/ufo/stack/builder/resources/listener.rb +42 -0
- data/lib/ufo/stack/builder/resources/listener_ssl.rb +16 -0
- data/lib/ufo/stack/builder/resources/roles/base.rb +22 -0
- data/lib/ufo/stack/builder/resources/roles/execution_role.rb +4 -0
- data/lib/ufo/stack/builder/resources/roles/task_role.rb +4 -0
- data/lib/ufo/stack/builder/resources/security_group/base.rb +4 -0
- data/lib/ufo/stack/builder/resources/security_group/ecs.rb +44 -0
- data/lib/ufo/stack/builder/resources/security_group/ecs_rule.rb +25 -0
- data/lib/ufo/stack/builder/resources/security_group/elb.rb +57 -0
- data/lib/ufo/stack/builder/resources/target_group.rb +39 -0
- data/lib/ufo/stack/builder/resources/task_definition.rb +24 -0
- data/lib/ufo/stack/builder/resources/task_definition/reconstructor.rb +49 -0
- data/lib/ufo/stack/context.rb +41 -48
- data/lib/ufo/stack/custom_properties.rb +59 -0
- data/lib/ufo/stack/helper.rb +2 -5
- data/lib/ufo/stack/template_body.rb +13 -0
- data/lib/ufo/task.rb +2 -7
- data/lib/ufo/tasks.rb +1 -1
- data/lib/ufo/tasks/builder.rb +0 -1
- data/lib/ufo/template_scope.rb +1 -66
- data/lib/ufo/utils/squeezer.rb +24 -0
- data/lib/ufo/version.rb +1 -1
- data/spec/fixtures/iam_roles/task_role.rb +17 -0
- data/spec/lib/ecr_auth_spec.rb +32 -20
- data/spec/lib/role/builder_spec.rb +67 -0
- data/spec/lib/role/dsl_spec.rb +12 -0
- data/ufo.gemspec +2 -1
- metadata +66 -8
- data/lib/cfn/stack.yml +0 -283
data/docs/_includes/footer.html
CHANGED
@@ -6,11 +6,12 @@
|
|
6
6
|
<div class="footer-col col-md-4">
|
7
7
|
<h3>More Tools</h3>
|
8
8
|
<ul class="list-unstyled tools">
|
9
|
-
<li><a href="
|
10
|
-
<li><a href="
|
11
|
-
<li><a href="
|
12
|
-
<li><a href="
|
13
|
-
<li><a href="https://
|
9
|
+
<li><a href="https://terraspace.cloud">Terraspace</a></li>
|
10
|
+
<li><a href="https://kubes.guru">Kubes</a></li>
|
11
|
+
<li><a href="https://rubyonjets.com">Jets</a></li>
|
12
|
+
<li><a href="https://lono.cloud">Lono</a></li>
|
13
|
+
<li><a href="https://sonic-screwdriver.cloud">Sonic</a></li>
|
14
|
+
<li><a href="https://jack-eb.com">Jack</a></li>
|
14
15
|
</ul>
|
15
16
|
</div>
|
16
17
|
<div class="footer-col col-md-4">
|
data/docs/_includes/subnav.html
CHANGED
@@ -25,6 +25,8 @@
|
|
25
25
|
</li>
|
26
26
|
<li><a href="{% link _docs/variables.md %}">Shared Variables</a></li>
|
27
27
|
<li><a href="{% link _docs/helpers.md %}">Helpers</a></li>
|
28
|
+
<li><a href="{% link _docs/secrets.md %}">Secrets</a></li>
|
29
|
+
<li><a href="{% link _docs/iam-roles.md %}">IAM Roles</a></li>
|
28
30
|
<li><a href="{% link _docs/conventions.md %}">Conventions</a></li>
|
29
31
|
<li><a href="{% link _docs/ufo-logs.md %}">Ufo Logs</a></li>
|
30
32
|
<li><a href="{% link _docs/ufo-env.md %}">Ufo Env</a></li>
|
@@ -44,6 +46,7 @@
|
|
44
46
|
<li><a href="{% link _docs/extras/minimal-deploy-iam.md %}">Minimal Deploy IAM</a></li>
|
45
47
|
<li><a href="{% link _docs/extras/codebuild-iam-role.md %}">CodeBuild IAM Role</a></li>
|
46
48
|
<li><a href="{% link _docs/extras/dockerfile-erb.md %}">Dockerfile.erb</a></li>
|
49
|
+
<li><a href="{% link _docs/extras/notification-arns.md %}">Notification Arns</a></li>
|
47
50
|
</ul>
|
48
51
|
</li>
|
49
52
|
<li><a href="{% link _docs/upgrading.md %}">Upgrading</a>
|
@@ -58,13 +58,12 @@ A more detailed post is available here: [How to Create Unlimited Extra Environme
|
|
58
58
|
[--elb=ELB] # Decides to create elb, not create elb or use existing target group.
|
59
59
|
[--elb-eip-ids=one two three] # EIP Allocation ids to use for network load balancer.
|
60
60
|
[--elb-type=ELB_TYPE] # ELB type: application or network. Keep current deployed elb type when not specified.
|
61
|
-
[--pretty], [--no-pretty] # Pretty format the json for the task definitions
|
62
|
-
# Default: true
|
63
61
|
[--scheduling-strategy=SCHEDULING_STRATEGY] # Scheduling strategy to use for the service. IE: replica, daemon
|
64
62
|
[--stop-old-tasks], [--no-stop-old-tasks] # Stop old tasks as part of deployment to speed it up
|
65
63
|
[--task=TASK] # ECS task name, to override the task name convention.
|
66
64
|
[--wait], [--no-wait] # Wait for deployment to complete
|
67
65
|
# Default: true
|
66
|
+
[--image-override=IMAGE_OVERRIDE] # Override image in task definition for quick testing
|
68
67
|
[--register], [--no-register] # Register task definition
|
69
68
|
# Default: true
|
70
69
|
[--build], [--no-build] # Build task definition
|
data/docs/_reference/ufo-init.md
CHANGED
@@ -107,20 +107,19 @@ If you would like to use a local template that is not on GitHub, then created a
|
|
107
107
|
## Options
|
108
108
|
|
109
109
|
```
|
110
|
-
[--force]
|
111
|
-
--image=IMAGE
|
112
|
-
[--app=APP]
|
113
|
-
[--launch-type=LAUNCH_TYPE]
|
114
|
-
|
115
|
-
[--
|
116
|
-
[--template=
|
117
|
-
[--
|
118
|
-
[--
|
119
|
-
[--
|
120
|
-
[--
|
121
|
-
[--
|
122
|
-
[--
|
123
|
-
[--
|
124
|
-
[--cluster=CLUSTER] # Cluster. Overrides .ufo/settings.yml.
|
110
|
+
[--force] # Bypass overwrite are you sure prompt for existing files.
|
111
|
+
--image=IMAGE # Docker image name without the tag. Example: tongueroo/demo-ufo. Configures ufo/settings.yml
|
112
|
+
[--app=APP] # App name. Preferably one word. Used in the generated ufo/task_definitions.rb. If not specified then the app name is inferred as the folder name.
|
113
|
+
[--launch-type=LAUNCH_TYPE] # ec2 or fargate.
|
114
|
+
# Default: ec2
|
115
|
+
[--template=TEMPLATE] # Custom template to use.
|
116
|
+
[--template-mode=TEMPLATE_MODE] # Template mode: replace or additive.
|
117
|
+
[--vpc-id=VPC_ID] # Vpc id. For settings/network/default.yml.
|
118
|
+
[--ecs-subnets=one two three] # Subnets for ECS tasks, defaults to --elb-subnets set to. For settings/network/default.yml
|
119
|
+
[--elb-subnets=one two three] # Subnets for ELB. For settings/network/default.yml
|
120
|
+
[--verbose], [--no-verbose]
|
121
|
+
[--mute], [--no-mute]
|
122
|
+
[--noop], [--no-noop]
|
123
|
+
[--cluster=CLUSTER] # Cluster. Overrides .ufo/settings.yml.
|
125
124
|
```
|
126
125
|
|
data/docs/_reference/ufo-logs.md
CHANGED
@@ -30,7 +30,7 @@ If you have a current service name set.
|
|
30
30
|
# Default: true
|
31
31
|
[--since=SINCE] # From what time to begin displaying logs. By default, logs will be displayed starting from 1 minutes in the past. The value provided can be an ISO 8601 timestamp or a relative time.
|
32
32
|
[--format=FORMAT] # The format to display the logs. IE: detailed or short. With detailed, the log stream name is also shown.
|
33
|
-
# Default:
|
33
|
+
# Default: detailed
|
34
34
|
[--filter-pattern=FILTER_PATTERN] # The filter pattern to use. If not provided, all the events are matched
|
35
35
|
[--verbose], [--no-verbose]
|
36
36
|
[--mute], [--no-mute]
|
@@ -51,6 +51,8 @@ You only need to specify enough for a match to be found. Ufo searches the 30 mo
|
|
51
51
|
## Options
|
52
52
|
|
53
53
|
```
|
54
|
+
[--wait], [--no-wait] # Wait for deployment to complete
|
55
|
+
# Default: true
|
54
56
|
[--verbose], [--no-verbose]
|
55
57
|
[--mute], [--no-mute]
|
56
58
|
[--noop], [--no-noop]
|
data/docs/_reference/ufo-ship.md
CHANGED
@@ -115,13 +115,12 @@ You can change the scheduling strategy by explicitly specifying it. Otherwise,
|
|
115
115
|
[--elb=ELB] # Decides to create elb, not create elb or use existing target group.
|
116
116
|
[--elb-eip-ids=one two three] # EIP Allocation ids to use for network load balancer.
|
117
117
|
[--elb-type=ELB_TYPE] # ELB type: application or network. Keep current deployed elb type when not specified.
|
118
|
-
[--pretty], [--no-pretty] # Pretty format the json for the task definitions
|
119
|
-
# Default: true
|
120
118
|
[--scheduling-strategy=SCHEDULING_STRATEGY] # Scheduling strategy to use for the service. IE: replica, daemon
|
121
119
|
[--stop-old-tasks], [--no-stop-old-tasks] # Stop old tasks as part of deployment to speed it up
|
122
120
|
[--task=TASK] # ECS task name, to override the task name convention.
|
123
121
|
[--wait], [--no-wait] # Wait for deployment to complete
|
124
122
|
# Default: true
|
123
|
+
[--image-override=IMAGE_OVERRIDE] # Override image in task definition for quick testing
|
125
124
|
[--verbose], [--no-verbose]
|
126
125
|
[--mute], [--no-mute]
|
127
126
|
[--noop], [--no-noop]
|
@@ -55,12 +55,11 @@ Note: The `--task` option is not used with the `ufo ships` command.
|
|
55
55
|
[--elb=ELB] # Decides to create elb, not create elb or use existing target group.
|
56
56
|
[--elb-eip-ids=one two three] # EIP Allocation ids to use for network load balancer.
|
57
57
|
[--elb-type=ELB_TYPE] # ELB type: application or network. Keep current deployed elb type when not specified.
|
58
|
-
[--pretty], [--no-pretty] # Pretty format the json for the task definitions
|
59
|
-
# Default: true
|
60
58
|
[--scheduling-strategy=SCHEDULING_STRATEGY] # Scheduling strategy to use for the service. IE: replica, daemon
|
61
59
|
[--stop-old-tasks], [--no-stop-old-tasks] # Stop old tasks as part of deployment to speed it up
|
62
60
|
[--task=TASK] # ECS task name, to override the task name convention.
|
63
61
|
[--wait], [--no-wait] # Wait for deployment to complete
|
62
|
+
[--image-override=IMAGE_OVERRIDE] # Override image in task definition for quick testing
|
64
63
|
[--verbose], [--no-verbose]
|
65
64
|
[--mute], [--no-mute]
|
66
65
|
[--noop], [--no-noop]
|
@@ -173,7 +173,6 @@ If you need to modify the task definition template to suite your own needs it is
|
|
173
173
|
## Options
|
174
174
|
|
175
175
|
```
|
176
|
-
[--
|
177
|
-
# Default: true
|
176
|
+
[--image-override=IMAGE_OVERRIDE] # Override image in task definition for quick testing
|
178
177
|
```
|
179
178
|
|
data/docs/articles.md
CHANGED
@@ -0,0 +1,7 @@
|
|
1
|
+
# Example starter execution role. Add the iam role permissions that the host needs here:
|
2
|
+
#
|
3
|
+
# More docs: https://ufoships.com/docs/iam-roles/
|
4
|
+
#
|
5
|
+
managed_iam_policy("AmazonSSMReadOnlyAccess")
|
6
|
+
managed_iam_policy("SecretsManagerReadWrite")
|
7
|
+
managed_iam_policy("service-role/AmazonECSTaskExecutionRolePolicy")
|
@@ -0,0 +1,21 @@
|
|
1
|
+
# Example starter task role. Add the iam role permissions that the container needs here:
|
2
|
+
#
|
3
|
+
# More docs: https://ufoships.com/docs/iam-roles/
|
4
|
+
#
|
5
|
+
# Examples:
|
6
|
+
#
|
7
|
+
# iam_policy("AmazonS3ReadOnlyAccess",
|
8
|
+
# Action: [
|
9
|
+
# "s3:Get*",
|
10
|
+
# "s3:List*"
|
11
|
+
# ],
|
12
|
+
# Effect: "Allow",
|
13
|
+
# Resource: "*"
|
14
|
+
# )
|
15
|
+
# iam_policy("CloudwatchWrite",
|
16
|
+
# Action: [
|
17
|
+
# "cloudwatch:PutMetricData",
|
18
|
+
# ],
|
19
|
+
# Effect: "Allow",
|
20
|
+
# Resource: "*"
|
21
|
+
# )
|
@@ -13,6 +13,7 @@ base:
|
|
13
13
|
# replacment might not work. For example, adding and removing a load balancer.
|
14
14
|
# In these cases, you must delete the entire ecs service and recreate it.
|
15
15
|
stack_naming: append_env
|
16
|
+
auto_camelize: false # new default setting in ufo v5
|
16
17
|
|
17
18
|
development:
|
18
19
|
# cluster: development
|
@@ -3,38 +3,38 @@
|
|
3
3
|
# CloudFormation. These options are inserting into the generated template.
|
4
4
|
# More info: https://ufoships.com/docs/customize-cloudformation
|
5
5
|
|
6
|
-
|
7
|
-
|
6
|
+
Elb:
|
7
|
+
Scheme: internet-facing
|
8
8
|
|
9
9
|
# https://docs.aws.amazon.com/fr_fr/elasticloadbalancing/latest/APIReference/API_CreateTargetGroup.html
|
10
10
|
#
|
11
11
|
# When using SSL with network elb, the target group protocol is usually http still
|
12
12
|
# unless you also handle SSL termination at the app level.
|
13
|
-
|
14
|
-
|
15
|
-
#
|
13
|
+
TargetGroup:
|
14
|
+
Port: 80 # only used with ECS if awsvpc mode
|
15
|
+
# Protocol: TCP # valid values - application elb: HTTP HTTPS, network elb: TCP
|
16
16
|
# ufo sets defaults in cloudformation template
|
17
17
|
# application elb: HTTP
|
18
18
|
# network elb: TCP
|
19
19
|
# so we can keep this commented out, unless we need HTTPS at the app level
|
20
20
|
# Health check settings are supported by application load balancer only:
|
21
|
-
#
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
#
|
26
|
-
#
|
27
|
-
|
28
|
-
-
|
29
|
-
|
21
|
+
# HealthCheckPath: /up # health check
|
22
|
+
HealthCheckIntervalSeconds: 10 # default: 30. Network ELB can only take 10 or 30
|
23
|
+
HealthyThresholdCount: 2
|
24
|
+
UnhealthyThresholdCount: 2 # default: 10
|
25
|
+
# HealthCheckProtocol: HTTP # HTTP or HTTPS
|
26
|
+
# HealthCheckPort: traffic-port
|
27
|
+
TargetGroupAttributes:
|
28
|
+
- Key: deregistration_delay.timeout_seconds
|
29
|
+
Value: 10
|
30
30
|
|
31
31
|
# https://docs.aws.amazon.com/fr_fr/elasticloadbalancing/latest/APIReference/API_CreateListener.html
|
32
32
|
#
|
33
33
|
# This is the default listener and normally should listen to port 80.
|
34
|
-
|
35
|
-
|
34
|
+
Listener:
|
35
|
+
Port: 80
|
36
36
|
# For Application Load Balancers, the supported protocols are HTTP and HTTPS. For Network Load Balancers, the supported protocol is TCP.
|
37
|
-
#
|
37
|
+
# Protocol: TCP # valid values - application elb: HTTP HTTPS, network elb: TCP, TLS
|
38
38
|
# ufo sets these defaults:
|
39
39
|
# application elb: HTTP # unless port is 443
|
40
40
|
# application elb: HTTPS # if port is 443
|
@@ -43,8 +43,8 @@ listener:
|
|
43
43
|
# Can keep protocol commented out,
|
44
44
|
# unless need to override the defaults.
|
45
45
|
# If using the listener to handle SSL
|
46
|
-
#
|
47
|
-
# -
|
46
|
+
# Certificates:
|
47
|
+
# - CertificateArn: arn:aws:acm:us-east-1:111111111111:certificate/11111111-2222-3333-4444-555555555555
|
48
48
|
|
49
49
|
# An optional second listener can be created.
|
50
50
|
# If HTTPS and SSL is required then the listener_ssl config is what you should use.
|
@@ -53,11 +53,11 @@ listener:
|
|
53
53
|
# to handle SSL termination.
|
54
54
|
#
|
55
55
|
# ufo creates an ssl listener when listener_ssl is set.
|
56
|
-
#
|
57
|
-
#
|
58
|
-
# #
|
59
|
-
# # -
|
60
|
-
# #
|
56
|
+
# ListenerSsl:
|
57
|
+
# Port: 443
|
58
|
+
# # Certificates:
|
59
|
+
# # - CertificateArn: arn:aws:acm:us-east-1:111111111111:certificate/11111111-2222-3333-4444-555555555555
|
60
|
+
# # Protocol: TCP # valid values - application elb: HTTP HTTPS, network elb: TCP, TLS
|
61
61
|
# # ufo handles setting the defaults:
|
62
62
|
# # application elb: HTTPS
|
63
63
|
# # network elb: TLS
|
@@ -66,7 +66,7 @@ listener:
|
|
66
66
|
# Note, the route53 record set for the domain name must already exist.
|
67
67
|
# The {stack_name} variable gets replaced with the name of the CloudFormation stack name.
|
68
68
|
# Example: {stack_name} => demo-web
|
69
|
-
#
|
70
|
-
#
|
71
|
-
#
|
69
|
+
# Dns:
|
70
|
+
# Name: "{stack_name}.yourdomain."
|
71
|
+
# HostedZoneName: yourdomain. # dont forget the trailing period
|
72
72
|
# TTL: '60' # ttl has special upcase casing
|
@@ -15,3 +15,12 @@ elb_subnets: # defaults to same subnets as ecs_subnets when not set
|
|
15
15
|
# ecs_security_groups:
|
16
16
|
# - sg-bbb
|
17
17
|
# - sg-ccc
|
18
|
+
|
19
|
+
# Also supports extra security groups specific to each ECS service
|
20
|
+
# ecs_security_groups:
|
21
|
+
# demo-web:
|
22
|
+
# - sg-bbb
|
23
|
+
# - sg-ccc
|
24
|
+
# demo-worker:
|
25
|
+
# - sg-bbb
|
26
|
+
# - sg-ccc
|
@@ -2,7 +2,6 @@
|
|
2
2
|
"family": "<%= @family %>",
|
3
3
|
"requiresCompatibilities": ["FARGATE"],
|
4
4
|
"networkMode": "awsvpc",
|
5
|
-
"executionRoleArn": "<%= @execution_role_arn || raise("@execution_role_arn needs to be set") %>",
|
6
5
|
"cpu": "<%= @cpu %>",
|
7
6
|
"memory": "<%= @memory %>",
|
8
7
|
"containerDefinitions": [
|
@@ -21,6 +20,9 @@
|
|
21
20
|
<% if @environment %>
|
22
21
|
"environment": <%= @environment.to_json %>,
|
23
22
|
<% end %>
|
23
|
+
<% if @secrets %>
|
24
|
+
"secrets": <%= @secrets.to_json %>,
|
25
|
+
<% end %>
|
24
26
|
<% if @awslogs_group %>
|
25
27
|
"logConfiguration": {
|
26
28
|
"logDriver": "awslogs",
|
@@ -2,6 +2,7 @@
|
|
2
2
|
# More info on how variables work: http://ufoships.com/docs/variables/
|
3
3
|
@image = helper.full_image_name # includes the git sha tongueroo/demo-ufo:ufo-[sha].
|
4
4
|
@environment = helper.env_file(".env")
|
5
|
+
@secrets = helper.secrets_file(".secrets")
|
5
6
|
<% if @options[:launch_type] == "fargate" -%>
|
6
7
|
# Ensure that the cpu and memory values are a supported combination by Fargate.
|
7
8
|
# More info: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-cpu-memory-error.html"
|
data/lib/ufo.rb
CHANGED
@@ -1,7 +1,8 @@
|
|
1
1
|
$stdout.sync = true unless ENV["UFO_STDOUT_SYNC"] == "0"
|
2
2
|
|
3
3
|
$:.unshift(File.expand_path('../', __FILE__))
|
4
|
-
require '
|
4
|
+
require 'active_support/core_ext/class'
|
5
|
+
require 'deep_merge/rails_compat'
|
5
6
|
require 'fileutils'
|
6
7
|
require 'memoist'
|
7
8
|
require 'rainbow/ext/string'
|
data/lib/ufo/autoloader.rb
CHANGED
@@ -14,8 +14,17 @@ module Ufo
|
|
14
14
|
loader = Zeitwerk::Loader.new
|
15
15
|
loader.inflector = Inflector.new
|
16
16
|
loader.push_dir(File.dirname(__dir__)) # lib
|
17
|
+
|
18
|
+
helpers = "#{ufo_root}/.ufo/helpers"
|
19
|
+
loader.push_dir(helpers) if File.exist?(helpers) # project helpers
|
20
|
+
|
17
21
|
loader.setup
|
18
22
|
end
|
23
|
+
|
24
|
+
# Autoloader runs so early that Ufo.root is not available, so we must declare it here
|
25
|
+
def ufo_root
|
26
|
+
ENV['UFO_ROOT'] || '.'
|
27
|
+
end
|
19
28
|
end
|
20
29
|
end
|
21
30
|
end
|
data/lib/ufo/cli.rb
CHANGED
@@ -37,11 +37,11 @@ module Ufo
|
|
37
37
|
option :elb, desc: "Decides to create elb, not create elb or use existing target group."
|
38
38
|
option :elb_eip_ids, type: :array, desc: "EIP Allocation ids to use for network load balancer."
|
39
39
|
option :elb_type, desc: "ELB type: application or network. Keep current deployed elb type when not specified."
|
40
|
-
option :pretty, type: :boolean, default: true, desc: "Pretty format the json for the task definitions"
|
41
40
|
option :scheduling_strategy, desc: "Scheduling strategy to use for the service. IE: replica, daemon"
|
42
41
|
option :stop_old_tasks, type: :boolean, default: false, desc: "Stop old tasks as part of deployment to speed it up"
|
43
42
|
option :task, desc: "ECS task name, to override the task name convention."
|
44
43
|
option :wait, type: :boolean, desc: "Wait for deployment to complete", default: true
|
44
|
+
option :image_override, desc: "Override image in task definition for quick testing"
|
45
45
|
end
|
46
46
|
|
47
47
|
desc "deploy SERVICE", "Deploy task definition to ECS service without re-building the definition."
|
@@ -75,6 +75,7 @@ module Ufo
|
|
75
75
|
|
76
76
|
desc "rollback SERVICE VERSION", "Rolls back to older task definition."
|
77
77
|
long_desc Help.text(:rollback)
|
78
|
+
option :wait, type: :boolean, desc: "Wait for deployment to complete", default: true
|
78
79
|
def rollback(service=:current, version)
|
79
80
|
service = service == :current ? Current.service! : service
|
80
81
|
rollback = Rollback.new(service, options.merge(version: version))
|
@@ -191,7 +192,7 @@ module Ufo
|
|
191
192
|
long_desc Help.text(:logs)
|
192
193
|
option :follow, default: true, type: :boolean, desc: " Whether to continuously poll for new logs. To exit from this mode, use Control-C."
|
193
194
|
option :since, desc: "From what time to begin displaying logs. By default, logs will be displayed starting from 1 minutes in the past. The value provided can be an ISO 8601 timestamp or a relative time."
|
194
|
-
option :format, default: "
|
195
|
+
option :format, default: "detailed", desc: "The format to display the logs. IE: detailed or short. With detailed, the log stream name is also shown."
|
195
196
|
option :filter_pattern, desc: "The filter pattern to use. If not provided, all the events are matched"
|
196
197
|
def logs(service=:current)
|
197
198
|
Logs.new(service, options).run
|
data/lib/ufo/core.rb
CHANGED
@@ -4,6 +4,7 @@ require 'yaml'
|
|
4
4
|
module Ufo
|
5
5
|
module Core
|
6
6
|
extend Memoist
|
7
|
+
include Ufo::Settings
|
7
8
|
|
8
9
|
def check_task_definition!(task_definition)
|
9
10
|
task_definition_path = "#{Ufo.root}/.ufo/output/#{task_definition}.json"
|
@@ -49,15 +50,6 @@ module Ufo
|
|
49
50
|
end
|
50
51
|
end
|
51
52
|
|
52
|
-
def settings
|
53
|
-
Setting.new.data
|
54
|
-
end
|
55
|
-
memoize :settings
|
56
|
-
|
57
|
-
def cfn_profile
|
58
|
-
settings[:cfn_profile] || "default"
|
59
|
-
end
|
60
|
-
|
61
53
|
def check_ufo_project!
|
62
54
|
check_path = "#{Ufo.root}/.ufo/settings.yml"
|
63
55
|
unless File.exist?(check_path)
|
data/lib/ufo/docker/cleaner.rb
CHANGED
data/lib/ufo/dsl.rb
CHANGED
@@ -2,6 +2,8 @@ require 'ostruct'
|
|
2
2
|
|
3
3
|
module Ufo
|
4
4
|
class DSL
|
5
|
+
extend Memoist
|
6
|
+
|
5
7
|
def initialize(template_definitions_path, options={})
|
6
8
|
@template_definitions_path = template_definitions_path
|
7
9
|
@options = options
|
@@ -85,7 +87,10 @@ module Ufo
|
|
85
87
|
end
|
86
88
|
|
87
89
|
def helper
|
88
|
-
Helper.new
|
90
|
+
helper = Helper.new
|
91
|
+
helper.add_project_helpers
|
92
|
+
helper
|
89
93
|
end
|
94
|
+
memoize :helper
|
90
95
|
end
|
91
96
|
end
|