@digitraffic/common 2022.11.2-1 → 2022.11.10-1

package/src/aws/infra/stacks/db-stack.ts

@@ -0,0 +1,165 @@
+import { Duration, RemovalPolicy, Stack } from "aws-cdk-lib";
+import { Construct } from "constructs";
+import { SecurityGroup, SubnetType } from "aws-cdk-lib/aws-ec2";
+import {
+    AuroraPostgresEngineVersion,
+    CfnDBInstance,
+    Credentials,
+    DatabaseCluster,
+    DatabaseClusterEngine,
+    DatabaseClusterFromSnapshot,
+    InstanceUpdateBehaviour,
+    ParameterGroup,
+} from "aws-cdk-lib/aws-rds";
+import { Secret } from "aws-cdk-lib/aws-secretsmanager";
+import { exportValue, importVpc } from "../import-util";
+import { InstanceType } from "aws-cdk-lib/aws-ec2";
+import { InfraStackConfiguration } from "./intra-stack-configuration";
+
+export interface DbConfiguration {
+    readonly secretArn: string;
+
+    readonly dbVersion: AuroraPostgresEngineVersion;
+    readonly dbInstanceType: InstanceType;
+    readonly snapshotIdentifier: string;
+    readonly instances: number;
+    readonly customParameterGroup: boolean;
+    readonly securityGroupId: string;
+
+    readonly dbProxyName?: string;
+}
+
+/**
+ * How to upgrade major version?
+ * 0. Set correct SG for db-stack and db-proxy-stack(this step will be removed in the future)
+ * 1. Update db-stack WITHOUT parameter group
+ * 2. Upgrade extensions by hand
+ * 3. Upgrade database from the AWS console
+ * 4. Update db-stack with the upgraded version and custom parameter group
+ */
+
+export class DbStack extends Stack {
+    public static CLUSTER_IDENTIFIER_EXPORT_NAME = "db-cluster";
+    public static CLUSTER_READ_ENDPOINT_EXPORT_NAME =
+        "db-cluster-reader-endpoint";
+    public static CLUSTER_WRITE_ENDPOINT_EXPORT_NAME =
+        "db-cluster-writer-endpoint";
+
+    public static CLUSTER_PORT = 5432;
+
+    constructor(
+        scope: Construct,
+        id: string,
+        isc: InfraStackConfiguration,
+        configuration: DbConfiguration
+    ) {
+        super(scope, id, {
+            env: isc.env,
+        });
+
+        const cluster = this.createAuroraCluster(isc, configuration);
+
+        exportValue(
+            this,
+            isc.environmentName,
+            DbStack.CLUSTER_IDENTIFIER_EXPORT_NAME,
+            cluster.clusterIdentifier
+        );
+        exportValue(
+            this,
+            isc.environmentName,
+            DbStack.CLUSTER_WRITE_ENDPOINT_EXPORT_NAME,
+            cluster.clusterEndpoint.hostname
+        );
+        exportValue(
+            this,
+            isc.environmentName,
+            DbStack.CLUSTER_READ_ENDPOINT_EXPORT_NAME,
+            cluster.clusterReadEndpoint.hostname
+        );
+    }
+
+    createAuroraCluster(
+        isc: InfraStackConfiguration,
+        configuration: DbConfiguration
+    ): DatabaseCluster {
+        const instanceName = isc.environmentName + "-db";
+        const secret = Secret.fromSecretAttributes(this, "db-secret", {
+            secretCompleteArn: configuration.secretArn,
+        });
+        const securityGroup = SecurityGroup.fromSecurityGroupId(
+            this,
+            "securitygroup",
+            configuration.securityGroupId
+        );
+        const vpc = importVpc(this, isc.environmentName);
+
+        const parameterGroup = configuration.customParameterGroup
+            ? new ParameterGroup(
+                  this,
+                  `parameter-group-${configuration.dbVersion.auroraPostgresMajorVersion}`,
+                  {
+                      engine: DatabaseClusterEngine.auroraPostgres({
+                          version: configuration.dbVersion,
+                      }),
+                      parameters: {
+                          "pg_stat_statements.track": "ALL",
+                          random_page_cost: "1",
+                      },
+                  }
+              )
+            : ParameterGroup.fromParameterGroupName(
+                  this,
+                  "ParameterGroup",
+                  `default.aurora-postgresql${configuration.dbVersion.auroraPostgresMajorVersion}`
+              );
+
+        const cluster = new DatabaseClusterFromSnapshot(this, instanceName, {
+            snapshotIdentifier: configuration.snapshotIdentifier,
+            engine: DatabaseClusterEngine.auroraPostgres({
+                version: configuration.dbVersion,
+            }),
+            instances: configuration.instances,
+            instanceUpdateBehaviour: InstanceUpdateBehaviour.ROLLING,
+            instanceIdentifierBase: instanceName + "-",
+            cloudwatchLogsExports: ["postgresql"],
+            backup: {
+                retention: Duration.days(35),
+                preferredWindow: "01:00-02:00",
+            },
+            preferredMaintenanceWindow: "mon:03:00-mon:04:00",
+            deletionProtection: true,
+            removalPolicy: RemovalPolicy.RETAIN,
+            port: DbStack.CLUSTER_PORT,
+            instanceProps: {
+                autoMinorVersionUpgrade: true,
+                allowMajorVersionUpgrade: false,
+                enablePerformanceInsights: true,
+                vpc,
+                securityGroups: [securityGroup],
+                vpcSubnets: {
+                    subnetType: SubnetType.PRIVATE_WITH_NAT,
+                },
+                instanceType: configuration.dbInstanceType,
+                parameterGroup,
+            },
+            credentials: Credentials.fromSecret(secret),
+            parameterGroup,
+        });
+
+        // this workaround should prevent stack failing on version upgrade
+        const cfnInstances = cluster.node.children.filter(
+            (child): child is CfnDBInstance => child instanceof CfnDBInstance
+        );
+        if (cfnInstances.length === 0) {
+            throw new Error(
+                "Couldn't pull CfnDBInstances from the L1 constructs!"
+            );
+        }
+        cfnInstances.forEach(
+            (cfnInstance) => delete cfnInstance.engineVersion
+        );
+
+        return cluster;
+    }
+}

package/src/aws/infra/stacks/intra-stack-configuration.ts

@@ -0,0 +1,6 @@
+import { Environment } from "aws-cdk-lib";
+
+export interface InfraStackConfiguration {
+    readonly env: Environment;
+    readonly environmentName: string;
+}

package/src/aws/infra/stacks/network-stack.ts

@@ -0,0 +1,46 @@
+import { Stack } from "aws-cdk-lib";
+import { Construct } from "constructs";
+import { SubnetType, Vpc } from "aws-cdk-lib/aws-ec2";
+import { InfraStackConfiguration } from "./intra-stack-configuration";
+
+export interface NetworkConfiguration {
+    readonly vpcName: string;
+    readonly cidr: string;
+}
+
+export class NetworkStack extends Stack {
+    constructor(
+        scope: Construct,
+        id: string,
+        isc: InfraStackConfiguration,
+        configuration: NetworkConfiguration
+    ) {
+        super(scope, id, {
+            env: isc.env,
+        });
+
+        this.createVpc(configuration);
+    }
+
+    createVpc(configuration: NetworkConfiguration): Vpc {
+        return new Vpc(this, "DigitrafficVPC", {
+            vpcName: configuration.vpcName,
+            availabilityZones: ["eu-west-1a", "eu-west-1b"],
+            enableDnsHostnames: true,
+            enableDnsSupport: true,
+            cidr: configuration.cidr,
+            subnetConfiguration: [
+                {
+                    name: "public",
+                    cidrMask: 24,
+                    subnetType: SubnetType.PUBLIC,
+                },
+                {
+                    name: "private",
+                    cidrMask: 24,
+                    subnetType: SubnetType.PRIVATE_WITH_NAT,
+                },
+            ],
+        });
+    }
+}

package/src/aws/infra/usage-plans.ts

@@ -1,4 +1,4 @@
-import {IApiKey, RestApi} from 'aws-cdk-lib/aws-apigateway';
+import { IApiKey, RestApi } from "aws-cdk-lib/aws-apigateway";
 
 /**
  * Creates an usage plan for a REST API with a single API key
@@ -7,7 +7,11 @@ import {IApiKey, RestApi} from 'aws-cdk-lib/aws-apigateway';
  * @param apiKeyName Name for the API key, this is displayed in the AWS Console
  * @deprecated Creates randomized API key names, use createDefaultUsagePlan instead
  */
-export function createUsagePlan(api: RestApi, apiKeyId: string, apiKeyName: string): IApiKey {
+export function createUsagePlan(
+    api: RestApi,
+    apiKeyId: string,
+    apiKeyName: string
+): IApiKey {
     const apiKey = api.addApiKey(apiKeyId);
     const plan = api.addUsagePlan(apiKeyName, {
         name: apiKeyName,
@@ -24,11 +28,16 @@ export function createUsagePlan(api: RestApi, apiKeyId: string, apiKeyName: stri
  * Creates a default usage plan for a REST API with a single API key
  * @param api The REST API
  * @param apiName Name of the api. Will generate key: apiName + ' API Key' and plan: apiName + ' API Usage Plan'
+ * @param value Optional value for the API key
  */
-export function createDefaultUsagePlan(api: RestApi, apiName: string): IApiKey {
-    const apiKeyName = apiName + ' API Key';
-    const usagePlanName = apiName + ' API Usage Plan';
-    const apiKey = api.addApiKey(apiKeyName, { apiKeyName: apiKeyName });
+export function createDefaultUsagePlan(
+    api: RestApi,
+    apiName: string,
+    value?: string
+): IApiKey {
+    const apiKeyName = apiName + " API Key";
+    const usagePlanName = apiName + " API Usage Plan";
+    const apiKey = api.addApiKey(apiKeyName, { apiKeyName: apiKeyName, value });
     const plan = api.addUsagePlan(usagePlanName, {
         name: usagePlanName,
     });