@gradientedge/cdk-utils 8.64.0 → 8.66.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/src/lib/construct/site-with-ecs-backend/main.d.ts +1 -0
- package/dist/src/lib/construct/site-with-ecs-backend/main.js +5 -1
- package/dist/src/lib/manager/aws/efs-manager.js +2 -1
- package/dist/src/lib/types/aws/index.d.ts +2 -0
- package/package.json +6 -6
- package/src/lib/construct/site-with-ecs-backend/main.ts +11 -1
- package/src/lib/manager/aws/efs-manager.ts +2 -1
- package/src/lib/types/aws/index.ts +2 -0
|
@@ -37,6 +37,7 @@ export declare class SiteWithEcsBackend extends CommonConstruct {
|
|
|
37
37
|
id: string;
|
|
38
38
|
siteHostedZone: route53.IHostedZone;
|
|
39
39
|
siteCertificate: certificateManager.ICertificate;
|
|
40
|
+
siteRegionalCertificate: certificateManager.ICertificate;
|
|
40
41
|
siteEcsPolicy: iam.PolicyDocument;
|
|
41
42
|
siteEcsRole: iam.Role;
|
|
42
43
|
siteEcsEnvironment: {
|
|
@@ -58,6 +58,7 @@ class SiteWithEcsBackend extends common_1.CommonConstruct {
|
|
|
58
58
|
/* site resources */
|
|
59
59
|
siteHostedZone;
|
|
60
60
|
siteCertificate;
|
|
61
|
+
siteRegionalCertificate;
|
|
61
62
|
siteEcsPolicy;
|
|
62
63
|
siteEcsRole;
|
|
63
64
|
siteEcsEnvironment;
|
|
@@ -131,6 +132,7 @@ class SiteWithEcsBackend extends common_1.CommonConstruct {
|
|
|
131
132
|
this.props.siteCertificate.certificateArn = this.ssmManager.readStringParameterFromRegion(`${this.id}-certificate-parameter`, this, this.props.siteCertificate.certificateSsmName, this.props.siteCertificate.certificateRegion);
|
|
132
133
|
}
|
|
133
134
|
this.siteCertificate = this.acmManager.resolveCertificate(`${this.id}-certificate`, this, this.props.siteCertificate);
|
|
135
|
+
this.siteRegionalCertificate = this.acmManager.resolveCertificate(`${this.id}-regional-certificate`, this, this.props.siteRegionalCertificate, this.siteHostedZone);
|
|
134
136
|
}
|
|
135
137
|
/**
|
|
136
138
|
* @summary Method to resolve secrets from SecretsManager
|
|
@@ -230,6 +232,7 @@ class SiteWithEcsBackend extends common_1.CommonConstruct {
|
|
|
230
232
|
serviceName: `${this.id}-${this.props.stage}`,
|
|
231
233
|
cpu: this.props.siteTask.cpu,
|
|
232
234
|
loadBalancerName: `${this.id}-${this.props.stage}`,
|
|
235
|
+
certificate: this.siteRegionalCertificate,
|
|
233
236
|
domainName: this.siteInternalDomainName,
|
|
234
237
|
domainZone: this.siteHostedZone,
|
|
235
238
|
listenerPort: this.props.siteTask.listenerPort,
|
|
@@ -237,6 +240,7 @@ class SiteWithEcsBackend extends common_1.CommonConstruct {
|
|
|
237
240
|
healthCheckGracePeriod: cdk.Duration.seconds(60),
|
|
238
241
|
assignPublicIp: true,
|
|
239
242
|
minHealthyPercent: this.props.siteTask.minHealthyPercent,
|
|
243
|
+
maxHealthyPercent: this.props.siteTask.maxHealthyPercent,
|
|
240
244
|
taskDefinition: this.props.siteTask.taskDefinition,
|
|
241
245
|
taskImageOptions: {
|
|
242
246
|
enableLogging: true,
|
|
@@ -339,7 +343,7 @@ class SiteWithEcsBackend extends common_1.CommonConstruct {
|
|
|
339
343
|
createSiteOrigin() {
|
|
340
344
|
this.siteOrigin = new origins.HttpOrigin(this.siteEcsLoadBalancer.loadBalancerDnsName, {
|
|
341
345
|
httpPort: this.props.siteTask.listenerPort,
|
|
342
|
-
protocolPolicy: cloudfront.OriginProtocolPolicy.
|
|
346
|
+
protocolPolicy: cloudfront.OriginProtocolPolicy.HTTPS_ONLY,
|
|
343
347
|
});
|
|
344
348
|
}
|
|
345
349
|
/**
|
|
@@ -70,7 +70,8 @@ class EfsManager {
|
|
|
70
70
|
createFileSystem(id, scope, props, vpc, accessPointOptions, securityGroup, vpcSubnets) {
|
|
71
71
|
if (!props)
|
|
72
72
|
throw `EFS props undefined for ${id}`;
|
|
73
|
-
const
|
|
73
|
+
const fileSystemId = props.provisionNewOnDeployment ? `${id}-${new Date().getMilliseconds()}` : `${id}`;
|
|
74
|
+
const fileSystem = new efs.FileSystem(scope, `${fileSystemId}`, {
|
|
74
75
|
...props,
|
|
75
76
|
vpc,
|
|
76
77
|
securityGroup,
|
|
@@ -69,6 +69,7 @@ export interface SiteWithEcsBackendProps extends CommonStackProps {
|
|
|
69
69
|
siteCacheInvalidationDockerFilePath?: string;
|
|
70
70
|
siteHealthCheck: HealthCheck;
|
|
71
71
|
siteCertificate: AcmProps;
|
|
72
|
+
siteRegionalCertificate: AcmProps;
|
|
72
73
|
siteCluster: EcsClusterProps;
|
|
73
74
|
siteDistribution: DistributionProps;
|
|
74
75
|
siteCloudfrontFunctionProps?: CloudfrontFunctionProps;
|
|
@@ -603,6 +604,7 @@ export interface LogQueryWidgetProps extends watch.LogQueryWidgetProps {
|
|
|
603
604
|
* @subcategory Properties
|
|
604
605
|
*/
|
|
605
606
|
export interface EfsFileSystemProps extends efs.FileSystemProps {
|
|
607
|
+
provisionNewOnDeployment?: boolean;
|
|
606
608
|
rootDirectory?: string;
|
|
607
609
|
transitEncryption?: string;
|
|
608
610
|
transitEncryptionPort?: number;
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@gradientedge/cdk-utils",
|
|
3
|
-
"version": "8.
|
|
3
|
+
"version": "8.66.0",
|
|
4
4
|
"description": "Utilities for AWS CDK provisioning",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"engines": {
|
|
@@ -47,12 +47,12 @@
|
|
|
47
47
|
},
|
|
48
48
|
"dependencies": {
|
|
49
49
|
"@aws-sdk/client-secrets-manager": "^3.338.0",
|
|
50
|
-
"@types/lodash": "^4.14.
|
|
51
|
-
"@types/node": "^20.2.
|
|
50
|
+
"@types/lodash": "^4.14.195",
|
|
51
|
+
"@types/node": "^20.2.4",
|
|
52
52
|
"@types/uuid": "^9.0.1",
|
|
53
53
|
"app-root-path": "^3.1.0",
|
|
54
|
-
"aws-cdk-lib": "^2.
|
|
55
|
-
"constructs": "^10.2.
|
|
54
|
+
"aws-cdk-lib": "^2.81.0",
|
|
55
|
+
"constructs": "^10.2.33",
|
|
56
56
|
"lodash": "^4.17.21",
|
|
57
57
|
"moment": "^2.29.4",
|
|
58
58
|
"nconf": "^0.12.0",
|
|
@@ -67,7 +67,7 @@
|
|
|
67
67
|
"@types/jest": "^29.5.1",
|
|
68
68
|
"@typescript-eslint/eslint-plugin": "^5.59.7",
|
|
69
69
|
"@typescript-eslint/parser": "^5.59.7",
|
|
70
|
-
"aws-cdk": "^2.
|
|
70
|
+
"aws-cdk": "^2.81.0",
|
|
71
71
|
"better-docs": "^2.7.2",
|
|
72
72
|
"codecov": "^3.8.3",
|
|
73
73
|
"commitizen": "^4.3.0",
|
|
@@ -43,6 +43,7 @@ export class SiteWithEcsBackend extends CommonConstruct {
|
|
|
43
43
|
/* site resources */
|
|
44
44
|
siteHostedZone: route53.IHostedZone
|
|
45
45
|
siteCertificate: certificateManager.ICertificate
|
|
46
|
+
siteRegionalCertificate: certificateManager.ICertificate
|
|
46
47
|
siteEcsPolicy: iam.PolicyDocument
|
|
47
48
|
siteEcsRole: iam.Role
|
|
48
49
|
siteEcsEnvironment: { [key: string]: string }
|
|
@@ -136,6 +137,13 @@ export class SiteWithEcsBackend extends CommonConstruct {
|
|
|
136
137
|
this,
|
|
137
138
|
this.props.siteCertificate
|
|
138
139
|
)
|
|
140
|
+
|
|
141
|
+
this.siteRegionalCertificate = this.acmManager.resolveCertificate(
|
|
142
|
+
`${this.id}-regional-certificate`,
|
|
143
|
+
this,
|
|
144
|
+
this.props.siteRegionalCertificate,
|
|
145
|
+
this.siteHostedZone
|
|
146
|
+
)
|
|
139
147
|
}
|
|
140
148
|
|
|
141
149
|
/**
|
|
@@ -253,6 +261,7 @@ export class SiteWithEcsBackend extends CommonConstruct {
|
|
|
253
261
|
serviceName: `${this.id}-${this.props.stage}`,
|
|
254
262
|
cpu: this.props.siteTask.cpu,
|
|
255
263
|
loadBalancerName: `${this.id}-${this.props.stage}`,
|
|
264
|
+
certificate: this.siteRegionalCertificate,
|
|
256
265
|
domainName: this.siteInternalDomainName,
|
|
257
266
|
domainZone: this.siteHostedZone,
|
|
258
267
|
listenerPort: this.props.siteTask.listenerPort,
|
|
@@ -260,6 +269,7 @@ export class SiteWithEcsBackend extends CommonConstruct {
|
|
|
260
269
|
healthCheckGracePeriod: cdk.Duration.seconds(60),
|
|
261
270
|
assignPublicIp: true,
|
|
262
271
|
minHealthyPercent: this.props.siteTask.minHealthyPercent,
|
|
272
|
+
maxHealthyPercent: this.props.siteTask.maxHealthyPercent,
|
|
263
273
|
taskDefinition: this.props.siteTask.taskDefinition,
|
|
264
274
|
taskImageOptions: {
|
|
265
275
|
enableLogging: true,
|
|
@@ -385,7 +395,7 @@ export class SiteWithEcsBackend extends CommonConstruct {
|
|
|
385
395
|
protected createSiteOrigin() {
|
|
386
396
|
this.siteOrigin = new origins.HttpOrigin(this.siteEcsLoadBalancer.loadBalancerDnsName, {
|
|
387
397
|
httpPort: this.props.siteTask.listenerPort,
|
|
388
|
-
protocolPolicy: cloudfront.OriginProtocolPolicy.
|
|
398
|
+
protocolPolicy: cloudfront.OriginProtocolPolicy.HTTPS_ONLY,
|
|
389
399
|
})
|
|
390
400
|
}
|
|
391
401
|
|
|
@@ -58,7 +58,8 @@ export class EfsManager {
|
|
|
58
58
|
) {
|
|
59
59
|
if (!props) throw `EFS props undefined for ${id}`
|
|
60
60
|
|
|
61
|
-
const
|
|
61
|
+
const fileSystemId = props.provisionNewOnDeployment ? `${id}-${new Date().getMilliseconds()}` : `${id}`
|
|
62
|
+
const fileSystem = new efs.FileSystem(scope, `${fileSystemId}`, {
|
|
62
63
|
...props,
|
|
63
64
|
vpc,
|
|
64
65
|
securityGroup,
|
|
@@ -72,6 +72,7 @@ export interface SiteWithEcsBackendProps extends CommonStackProps {
|
|
|
72
72
|
siteCacheInvalidationDockerFilePath?: string
|
|
73
73
|
siteHealthCheck: HealthCheck
|
|
74
74
|
siteCertificate: AcmProps
|
|
75
|
+
siteRegionalCertificate: AcmProps
|
|
75
76
|
siteCluster: EcsClusterProps
|
|
76
77
|
siteDistribution: DistributionProps
|
|
77
78
|
siteCloudfrontFunctionProps?: CloudfrontFunctionProps
|
|
@@ -641,6 +642,7 @@ export interface LogQueryWidgetProps extends watch.LogQueryWidgetProps {
|
|
|
641
642
|
* @subcategory Properties
|
|
642
643
|
*/
|
|
643
644
|
export interface EfsFileSystemProps extends efs.FileSystemProps {
|
|
645
|
+
provisionNewOnDeployment?: boolean
|
|
644
646
|
rootDirectory?: string
|
|
645
647
|
transitEncryption?: string
|
|
646
648
|
transitEncryptionPort?: number
|