@ossy/deployment-tools 0.0.68 → 0.0.69

package/README.md

@@ -55,6 +55,23 @@ billingInformation
 
 ```
 
+## Our domains
+
+ossy.se
+www.ossy.se
+test.ossy.se
+
+api.ossy.se
+api.test.ossy.se
+
+plexus.ossy.se
+plexus.test.ossy.se
+
+oskarssylwan.se
+www.oskarssylwan.se
+test.oskarssylwan.se
+
+
 ## Overview of our infrastructure
 
 We use AWS to host our infrastructure and all of it is defined in JavaScript with the help of
@@ -84,7 +101,6 @@ Stacks
 - email service stack per env
 - media bucket stack per env
 - stack for dns records with the account that holds domain names
--
 
 ### Adding a new AWS account
 We have a different account for each service and environment.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@ossy/deployment-tools",
-  "version": "0.0.68",
+  "version": "0.0.69",
   "description": "Collection of scripts and tools to aid deployment of containers and static files to Amazon Web Services through GitHub Actions",
   "source": "./src/index.js",
   "main": "./src/index.js",
@@ -21,6 +21,7 @@
     "aws-cdk-lib": "^2.59.0",
     "constructs": "^10.1.211",
     "express": "^4.18.1",
+    "glob": "^9.3.2",
     "nanoid": "^3.3.4",
     "node-fetch": "^2.6.7"
   },

package/src/aws-credentials/cli.js

@@ -29,8 +29,7 @@ const assumeRole = options => {
     '--target-platform': String
   }, { argv: options })
 
-  const stackname = parsedArgs['--target-platform'] || ''
-  const [platformName] = stackname.split('-')
+  const platformName = parsedArgs['--target-platform'] || ''
 
   PlatformTemplateService.readFromFile(parsedArgs['--platforms'] || process.env.PLATFORMS)
     .then(templates => templates.map(PlatformConfigService.from))

package/src/caddy/caddy-config.js

@@ -1,3 +1,6 @@
+const { DeploymentTemplateService } = require('../template')
+const { SupportedEnvironments } = require('../config')
+
 const Matchers = {
   host: host => ({ host: [host] }),
   path: path => ({ path: [path] })
@@ -19,35 +22,21 @@ const Handlers = {
 */
 class CaddyConfigService {
 
-  static getRouteConfig(platformConfig, deploymentRequest) {
-
-    const url = [
-      deploymentRequest.subdomain,
-      platformConfig.environmentType !== 'prod' ? platformConfig.environmentType : undefined,
-      platformConfig.domain
-    ]
-      .filter(x => !!x)
-      .join('.')
+  static createConfig(platformConfig, deploymentTemplates) {
 
-    return {
-      match: [Matchers.host(url)],
-      handle: [Handlers.subroute([{ handle: [Handlers.reverseProxy(deploymentRequest.hostPort)]}])]
-    }
-  }
+    const containerDeployments = DeploymentTemplateService
+      .getContainerDeploymentsForEnvironmentType(platformConfig.environmentType, deploymentTemplates)
 
-  static getDefaultConfig(platformConfig) {
     return {
       apps: {
         http: {
           servers: {
-            [platformConfig.ciServerName]: {
+            'deployment-tools': {
               listen: [':80', ':443'],
-              routes: [
-                {
-                  match: [Matchers.host(`${platformConfig.ciSubDomain}.${platformConfig.environmentType}.${platformConfig.domain}`)],
-                  handle: [Handlers.subroute([{ handle: [Handlers.reverseProxy(platformConfig.ciInternalServerPort)]}])]
-                }
-              ]
+              routes: containerDeployments.map(deploymentTemplate => ({
+                match: [Matchers.host(deploymentRequest.domain)],
+                handle: [Handlers.subroute([{ handle: [Handlers.reverseProxy(deploymentRequest.hostPort)]}])]
+              }))
             }
           }
         },
@@ -55,12 +44,21 @@ class CaddyConfigService {
           automation: {
             policies: [
               {
-                subjects:[`*.${platformConfig.environmentType}.${platformConfig.domain}`],
+                subjects: DeploymentTemplateService.groupDeploymentDomainsByRootDomain(containerDeployments).keys().flatMap(rootDomain => {
+                    const environmentSubdomain = platformConfig.environmentType === SupportedEnvironments.PROD
+                      ? ''
+                      : `${platformConfig.environmentType}.`
+
+                    return [
+                      `*.${environmentSubdomain}${rootDomain}`,
+                      `${environmentSubdomain}${rootDomain}`
+                    ]
+                  }),
                 issuers:[
                   {
-                    challenges:{
+                    challenges: {
                       dns:{
-                        provider:{
+                        provider: {
                           'max_retries': 10,
                           name: 'route53',
                           'aws_profile': 'ci-client'

package/src/caddy/caddy.js

@@ -7,55 +7,17 @@ const { logInfo, logError, logDebug } = require('../log')
 */
 class CaddyService {
 
-  static addDeployment(platformConfig, deploymentRequest) {
-    const routeConfig = CaddyConfigService.getRouteConfig(platformConfig, deploymentRequest)
-    const host = routeConfig.match[0].host[0]
-    logInfo({ message: `[CaddyService] Updating caddy config to route ${host} to localhost:${deploymentRequest.hostPort}` })
-
-    return fetch(`http://localhost:2019/config/apps/http/servers/${platformConfig.ciServerName}/routes`, {
+  static applyConfig(config) {
+    return fetch('http://localhost:2019/load', {
       method: 'POST',
       headers: { 'Content-Type': 'application/json' },
-      body: JSON.stringify(routeConfig)
+      body: JSON.stringify(config)
     })
-      .then(response => response?.error && logError({ message: `[CaddyService] Could not update caddy config to include ${host}`, error }))
-      .catch(error => logError({ message: `[CaddyService] Could not update caddy config to include ${host}`, error }))
+    .then(response => response?.error && logError({ message: '[CaddyService] Could not apply default caddy config', error }))
+    .catch(error => logError({ message: '[CaddyService] Could not apply default caddy config', error }))
   }
 
-  static applyDefaultConfig(platformConfig) {
-    return CaddyService.fetchServerConfig(platformConfig)
-      .then(caddyConfig => {
-
-        if (caddyConfig) {
-          logInfo({ message: '[CaddyService] Server config already exist, not applying default config' })
-          return
-        }
 
-        logInfo({ message: '[CaddyService] Applying default caddy config' })
-        const defaultConfig = CaddyConfigService.getDefaultConfig(platformConfig)
-        return fetch('http://localhost:2019/load', {
-          method: 'POST',
-          headers: { 'Content-Type': 'application/json' },
-          body: JSON.stringify(defaultConfig)
-        })
-      })
-      .then(response => response?.error && logError({ message: '[CaddyService] Could not apply default caddy config', error }))
-      .catch(error => logError({ message: '[CaddyService] Could not apply default caddy config', error }))
-
-  }
-
-  static fetchServerConfig(platformConfig) {
-    logInfo({ message: '[CaddyService] Fetching server config' })
-    return fetch(`http://localhost:2019/config/apps/http/servers/${platformConfig.ciServerName}`, {
-      method: 'GET',
-      headers: { 'Content-Type': 'application/json' }
-    })
-      .then(x => x.json())
-      .then(response => {
-        if (!response?.error) return response
-        logInfo({ message: '[CaddyService] No server config found' })
-        logDebug({ message: '[CaddyService] Error while fetching server config', data: response.error })
-      })
-  }
 }
 
 module.exports = {

package/src/config/platform-config.js

@@ -2,18 +2,15 @@
  * Platform config definition
  * @typedef {Object} PlatformConfig
  * @property {string} platformName - Name of platform
- * @property {string} domain - example.com
  * @property {string} environmentType - local, test, qa, prod
  *
  * @property {string} awsAccountId - Aws account id
  * @property {string=} awsRegion - ?
  * @property {string=} awsKeyPairName - ?
  * @property {string} awsRoleToAssume - ?
+ * @property {string=} awsDeploymentSqsName - ?
  * @property {string=} awsDeploymentSqsArn - ?
  *
- * @property {string=} ciSubDomain - ?
- * @property {string|mumber=} ciInternalServerPort - ? | number;
- * @property {string=} ciServerName - ?
  * @property {string=} ciDockerNetworkName - ?
  * @property {string} ciGithubActionsRepo - organisation/repoName
  */
@@ -49,14 +46,13 @@ class PlatformConfigService {
       awsRegion: SupportedRegions.North,
       ...template,
       // values below should not be overriden by the template properties
-      ciSubDomain: 'ci',
-      ciInternalServerPort: 3000,
-      ciServerName: 'ci-client',
       ciDockerNetworkName: 'deployment-tools',
     }
 
+    const awsDeploymentSqsName = `${withDefaults.platformName}-container-deployments-requests`
+
     const awsDeploymentSqsArn =
-      `https://sqs.${withDefaults.awsRegion}.amazonaws.com/${withDefaults.awsAccountId}/${withDefaults.platformName}-${withDefaults.environmentType}`
+      `https://sqs.${withDefaults.awsRegion}.amazonaws.com/${withDefaults.awsAccountId}/${awsDeploymentSqsName}`
 
     const awsRoleToAssume = process.env.CI
       ? `github-ci-role-${withDefaults.platformName}`
@@ -64,8 +60,9 @@ class PlatformConfigService {
 
     return {
       ...withDefaults,
+      awsDeploymentSqsName,
       awsDeploymentSqsArn,
-      awsRoleToAssume
+      awsRoleToAssume,
     }
 
   }

package/src/deploy/cli.js

@@ -13,22 +13,28 @@ const deploy = options => {
     '--authentication': String,
     '--a': '--authentication',
 
-    '--target-env': String,
-    '-t': '--target-env',
+    '--domain': String,
+    '-d': '--domain',
+
+    '--platform': String,
+    '-p': '--platform',
+
+    '--platforms-path': String,
+    '-pp': '--platforms-path',
+
+    '--ossy-files': String,
+    '-o': '--ossy-files',
 
-    '--ossyfile': String,
-    '-o': '--ossyfile',
 
-    '--platforms': String,
-    '-p': '--platforms'
   }, { argv: options })
 
   PlatformDeploymentService.deploy({
     username: parsedArgs['--username'],
     authentication: parsedArgs['--authentication'],
-    targetEnvironment: parsedArgs['--target-env'],
-    pathToPlatformTemplates: parsedArgs['--platforms'],
-    pathToOssyFile: parsedArgs['--ossyfile']
+    targetDomain: parsedArgs['--domain'],
+    targetPlatform: parsedArgs['--platform'],
+    pathToPlatformTemplates: parsedArgs['--platforms-path'],
+    pathToOssyFile: parsedArgs['--ossy-files']
   })
 }
 

package/src/deploy/index.js

@@ -0,0 +1 @@
+module.exports = require('./platform-deployment.js')

package/src/deploy/platform-deployment.js

@@ -1,37 +1,11 @@
-const { resolve } = require('path')
 const { readFileSync } = require('fs')
-const { PlatformTemplateService } = require('../template')
-const { PlatformConfigService, SupportedDeploymentTypes } = require('../config')
+const { resolve } = require('path')
+const { PlatformTemplateService, DeploymentTemplateService } = require('../template')
+const { PlatformConfigService, SupportedDeploymentTypes, SupportedEnvironments } = require('../config')
 const { DeploymentQueueService } = require('../deployment-queue')
+const { CaddyConfigService } = require('../caddy')
 const { logError } = require('../log')
 
-// export interface DeploymentTemplate {
-//   type: SupportedDeploymentTypes;
-//   targetDeploymentPlatform: string;
-//   subdomain?: string;
-//   env?: {
-//     shared?: { [name: string]: string | number };
-//     prod?: { [name: string]: string | number };
-//     test?: { [name: string]: string | number };
-//     qa?: { [name: string]: string | number };
-//   }
-// }
-
-// export interface ContainerDeploymentTemplate extends DeploymentTemplate {
-//   type: SupportedDeploymentTypes.Container;
-//   dockerFile: string;
-//   dockerContext: string;
-//   image: string;
-//   hostPort: number;
-//   containerPort: number;
-//   registry: string;
-// }
-
-// export interface ContainerDeploymentRequest extends ContainerDeploymentTemplate {
-//   authentication?: string;
-//   username?: string;
-// }
-
 /**
   * @class
 */
@@ -40,55 +14,55 @@ class PlatformDeploymentService {
   static deploy({
     username,
     authentication,
-    targetEnvironment,
+    targetDomain,
+    targetPlatform,
     pathToPlatformTemplates,
-    pathToOssyFile
+    globPatternForOssyFiles
   }) {
 
     return Promise.all([
-      PlatformDeploymentService.getDeploymentTemplates(pathToOssyFile),
+      DeploymentTemplateService.readOssyFiles(globPatternForOssyFiles),
       PlatformTemplateService.readFromFile(pathToPlatformTemplates)
         .then(templates => templates.map(PlatformConfigService.from))
     ])
       .then(([deploymentTemplates, platformConfigs]) => {
-        deploymentTemplates.map(deploymentTemplate => {
 
-          const platformConfig = platformConfigs.find(config =>
-            config.platformName === deploymentTemplate.targetDeploymentPlatform
-            && config.environmentType == targetEnvironment
-          )
+        const platformConfig = platformConfigs.find(({ platformName }) => platformName === targetPlatform)
+        const deploymentTemplatesForTargetPlatform = deploymentTemplates[targetPlatform] || []
+        const deploymentTemplate = deploymentTemplatesForTargetPlatform.find(({ domain }) => domain === targetDomain)
 
-          if (!platformConfig) {
-            logError({ message: `[PlatformDeploymentService] Could not find a deployment platform with the name ${deploymentTemplate.targetDeploymentPlatform} and environment type ${targetEnvironment}` })
-            return Promise.reject()
-          }
+        if (!platformConfig) {
+          logError({ message: `[PlatformDeploymentService] Could not find a platform named ${targetPlatform}` })
+          return Promise.reject()
+        }
 
-          process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0'
+        if (!deploymentTemplate) {
+          logError({ message: `[PlatformDeploymentService] Could not find a deployment template for ${targetDomain} in ${targetPlatform}` })
+          return Promise.reject()
+        }
+
+        process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0'
+
+        if (deploymentTemplate.type === SupportedDeploymentTypes.Container) {
 
-          if (deploymentTemplate.type === SupportedDeploymentTypes.Container) {
-            const deploymentRequest = {
-              ...deploymentTemplate,
-              username: username,
-              authentication: authentication
-            }
+          const caddyConfig = CaddyConfigService.createConfig(platformConfig, deploymentTemplatesForTargetPlatform)
 
-            return DeploymentQueueService.sendDeploymentRequest(platformConfig, deploymentRequest)
+          const deploymentRequest = {
+            ...deploymentTemplate,
+            username: username,
+            authentication: authentication,
+            caddyConfig
           }
 
-          logError({ message: `[PlatformDeploymentService] Unsupported deployment type of ${deploymentTemplate.type}` })
-          return Promise.reject()
+          return DeploymentQueueService.sendDeploymentRequest(platformConfig, deploymentRequest)
+        }
 
-        })
+        logError({ message: `[PlatformDeploymentService] Unsupported deployment type of ${deploymentTemplate.type}` })
+        return Promise.reject()
       })
       .catch(error => logError({ message: '[PlatformDeploymentService] Could not send deployment request', error }))
   }
 
-  static getDeploymentTemplates(pathToOssyFile) {
-    if (!pathToOssyFile) return logError({ message: '[PlatformDeploymentService] No path to ossy.json provided' })
-    const ossyfile = JSON.parse(readFileSync(resolve(pathToOssyFile), 'utf8'))
-    return Promise.resolve(ossyfile.deployments || [])
-  }
-
 }
 
 module.exports = {

package/src/infrastructure/cli.js

@@ -3,17 +3,21 @@
 const { App } = require('aws-cdk-lib')
 const { TrustCiStack } = require('./trust-ci-stack')
 const { DeploymentTargetStack } = require('./deployment-target-stack')
-const { PlatformTemplateService } = require('../template')
+const { DnsStack } = require('./dns-stack')
+const { PlatformTemplateService, DeploymentTemplateService } = require('../template')
 const { PlatformConfigService } = require('../config')
+const { PlatformDeploymentService } = require('../deploy')
 
-PlatformTemplateService
-  .readFromFile(process.env.PLATFORMS)
-  .then(templates => templates.map(PlatformConfigService.from))
-  .then(configs => {
+Promise.all([
+  DeploymentTemplateService.readOssyFiles('../../../**/ossy.json'),
+  PlatformTemplateService
+    .readFromFile(process.env.PLATFORMS)
+    .then(templates => templates.map(PlatformConfigService.from))
+])
+  .then(([deploymentMap, configs]) => {
     const app = new App()
 
     configs.forEach(config => {
-      const stackBaseName = `${config.platformName}-${config.environmentType}`
 
       const stackProps = {
         config,
@@ -23,8 +27,15 @@ PlatformTemplateService
         }
       }
 
-      new TrustCiStack(app, `${stackBaseName}-trust-ci`, stackProps)
-      new DeploymentTargetStack(app, `${stackBaseName}-deployment-target`, stackProps)
+      new TrustCiStack(app, `${config.platformName}-trust-ci`, stackProps)
+
+      const deploymentTarget = new DeploymentTargetStack(app, `${config.platformName}-deployment-target`, stackProps)
+
+      new DnsStack(app, `${config.platformName}-dns`, {
+        ...stackProps,
+        deployments: deploymentMap[config.platformName],
+        containerDeploymentTargetPublicIp: deploymentTarget.containerDeploymentTargetPublicIp
+      })
 
     })
   })

package/src/infrastructure/{container-server/container-server.js → container-deployment-target/container-deployment-target.js}

@@ -12,20 +12,13 @@ const {
   Port,
   UserData
 } = require('aws-cdk-lib/aws-ec2')
-const { ARecord, RecordTarget } = require('aws-cdk-lib/aws-route53')
 const { Role, ServicePrincipal, Policy, PolicyStatement, Effect } = require('aws-cdk-lib/aws-iam')
 const { Queue } = require('aws-cdk-lib/aws-sqs')
 const { Source, BucketDeployment } = require('aws-cdk-lib/aws-s3-deployment')
-
-const {
-  getInstallNodeJs,
-  getInstallNpm,
-  getInstallDocker
-} = require('./user-data-commands')
+const { getInstallNodeJs, getInstallNpm, getInstallDocker } = require('./user-data-commands')
 const { CaddyService } = require('./caddy.service')
 const { DeploymentToolsService } = require('./deployment-tools.service')
 const { AwsProfile } = require('./aws-profile')
-
 const { SupportedRegions } = require('../../config')
 
 /**
@@ -33,7 +26,6 @@ const { SupportedRegions } = require('../../config')
  * @namespace ContainerServer
  * @typedef {Object} ContainerServerProps
  * @property {PlatformConfig} config - platform config
- * @property {Zone} hostedZone - aws zone
  * @property {Bucket} bucket - s3 bucket
  */
 
@@ -44,7 +36,7 @@ const InstanceImages = {
 /**
   * @class
 */
-class ContainerServer extends Construct {
+class ContainerDeploymentTarget extends Construct {
 
   /**
    * @param {object} scope - scope
@@ -76,7 +68,7 @@ class ContainerServer extends Construct {
     )
 
     const deploymentQueue = new Queue(this, 'DeploymentQueue', {
-      queueName: `${props.config.platformName}-${props.config.environmentType}`,
+      queueName: `${props.config.awsDeploymentSqsName}`,
       receiveMessageWaitTime: Duration.seconds(20)
     })
 
@@ -99,7 +91,7 @@ class ContainerServer extends Construct {
             'route53:ChangeResourceRecordSets'
           ],
           resources: [
-            `arn:aws:route53:::hostedzone/${props.hostedZone.hostedZoneId}`,
+            `arn:aws:route53:::hostedzone/*`,
             'arn:aws:route53:::change/*'
           ]
         }),
@@ -162,11 +154,7 @@ class ContainerServer extends Construct {
     props.bucket.grantRead(ec2Instance, '*')
     deploymentQueue.grant(ec2Instance, '*')
 
-    new ARecord(this, 'WildcardRecord', {
-      zone: props.hostedZone,
-      recordName: `*.${props.config.environmentType}.${props.config.domain}`,
-      target: RecordTarget.fromIpAddresses(ec2Instance.instancePublicIp)
-    })
+    this.instancePublicIp = ec2Instance.instancePublicIp
 
     new CfnOutput(this, 'Instance Ip', {
       value: ec2Instance.instancePublicIp,
@@ -178,5 +166,5 @@ class ContainerServer extends Construct {
 }
 
 module.exports = {
-  ContainerServer
+  ContainerDeploymentTarget
 }

package/src/infrastructure/container-deployment-target/index.js

@@ -0,0 +1,3 @@
+const { ContainerDeploymentTarget } = require('./container-deployment-target')
+
+module.exports = { ContainerDeploymentTarget }

package/src/infrastructure/deployment-target-stack.js

@@ -3,7 +3,7 @@ const { nanoid } = require('nanoid')
 const { Stack, Duration, RemovalPolicy } = require('aws-cdk-lib')
 const { HostedZone, ARecord, RecordTarget } = require('aws-cdk-lib/aws-route53')
 const { Bucket, BucketEncryption, BlockPublicAccess } = require('aws-cdk-lib/aws-s3')
-const { ContainerServer } = require('./container-server')
+const { ContainerDeploymentTarget } = require('./container-deployment-target')
 
 /**
   * @class
@@ -16,29 +16,28 @@ class DeploymentTargetStack extends Stack {
       throw ('[DeploymentTargetStack] No template provided')
     }
 
-    const domain = `${props.config.environmentType}.${props.config.domain}`
     const bucketId = nanoid().toLowerCase().replaceAll('_', '').replaceAll('-', '')
-    const bucketName = `${props.config.platformName}-${props.config.environmentType}-${bucketId}`
-
-    const hostedZone = new HostedZone(this, 'HostedZone', { zoneName: domain })
+    const bucketName = `${props.config.platformName}-${bucketId}`
 
     // TODO: this should probably not be destroyed....
-    const staticDeploymentTarget = new Bucket(this, 'StaticDeploymentTarget', {
-      bucketName: bucketName,
-      blockPublicAccess: BlockPublicAccess.BLOCK_ALL,
-      encryption: BucketEncryption.S3_MANAGED,
-      removalPolicy: RemovalPolicy.DESTROY,
-      autoDeleteObjects: true
-    })
+    const staticDeploymentTarget =
+      new Bucket(this, 'StaticDeploymentTarget', {
+        bucketName: bucketName,
+        blockPublicAccess: BlockPublicAccess.BLOCK_ALL,
+        encryption: BucketEncryption.S3_MANAGED,
+        removalPolicy: RemovalPolicy.DESTROY,
+        autoDeleteObjects: true
+      })
 
-    // Todo rename to container deployment target
     // TODO: add persistant storage
-    new ContainerServer(this, 'ContainerDeploymentTarget', {
+    const containerDeploymentTarget =
+      new ContainerDeploymentTarget(this, 'ContainerDeploymentTarget', {
       config: props.config,
-      hostedZone: hostedZone,
       bucket: staticDeploymentTarget
     })
 
+    this.containerDeploymentTargetPublicIp = containerDeploymentTarget.instancePublicIp
+
   }
 }
 

package/src/infrastructure/dns-stack.js

@@ -0,0 +1,61 @@
+const { Stack } = require('aws-cdk-lib')
+const { HostedZone, ARecord, RecordTarget } = require('aws-cdk-lib/aws-route53')
+const { SupportedDeploymentTypes, SupportedEnvironments } = require('../config')
+const { DeploymentTemplateService } = require('../template')
+
+/**
+ * DnsStackProps
+ * @namespace DnsStack
+ * @typedef {Object} DnsStackProps
+ * @property {PlatformConfig} config - platform config
+ * @property {PlatformConfig} deployments - deployment templates[]
+ * @property {string} containerDeploymentTargetPublicIp - public ip address of ec2 instance that hosts our containerss
+ */
+
+const InstanceImages = {
+  UBUNTU: 'ami-092cce4a19b438926'
+}
+
+/**
+  * @class
+*/
+class DnsStack extends Stack {
+
+  /**
+   * @param {object} scope - scope
+   * @param {string} id - id
+   * @param {ContainerServerProps} props - ContainerServerProps
+   */
+  constructor(scope, id, props) {
+    super(scope, id, props)
+
+    if (props.config.environmentType === SupportedEnvironments.PROD) {
+      // const isDomainForCorrectEnvironment = !Object.values(SupportedEnvironments)
+      //   .find(env => deployment.domain.includes(env))
+      return
+    }
+
+    const containerDeployments = DeploymentTemplateService
+      .getContainerDeploymentsForEnvironmentType(props.config.environmentType, props.deployments)
+
+    DeploymentTemplateService
+      .groupDeploymentDomainsByRootDomain(containerDeployments)
+      .forEach((domains, rootDomain) => {
+        const hostedZone = new HostedZone(this, rootDomain, { zoneName: rootDomain })
+
+        domains.forEach(domain => {
+          new ARecord(this, domain, {
+            zone: hostedZone,
+            recordName: domain,
+            target: RecordTarget.fromIpAddresses(props.containerDeploymentTargetPublicIp)
+          })
+        })
+
+      })
+
+  }
+}
+
+module.exports = {
+  DnsStack
+}

package/src/infrastructure/trust-ci-stack.js

@@ -50,7 +50,7 @@ class TrustCiStack extends Stack {
           statements: [
             new PolicyStatement({
               effect: Effect.ALLOW,
-              actions: ['sts:AssumeRole'],
+              actions: ['sts:AssumeRole', 'sqs:SendMessage'],
               resources: [
                 `arn:aws:iam::${props.config.awsAccountId}:role/cdk-*`,
                 `arn:aws:sqs:${props.config.awsRegion}:${props.config.awsAccountId}:*`

package/src/server/platform-server.js

@@ -1,6 +1,5 @@
 const { CaddyService } = require('../caddy')
 const { DockerService } = require('../docker')
-const { RestApiService } = require('./rest-api')
 
 const { PlatformTemplateService } = require('../template')
 const { PlatformConfigService } = require('../config')
@@ -18,7 +17,6 @@ class PlatformServerService {
     PlatformTemplateService.readFromFile(platformTemplatesFilePath).then(([firstPlatformTemplateFound]) => {
       const platformConfig = PlatformConfigService.from(firstPlatformTemplateFound)
 
-      RestApiService.start(platformConfig)
       DockerService.createDockerNetworkForContainerManagerServer(platformConfig)
         .then(() => DockerService.startDefaultContainers(platformConfig))
       CaddyService.applyDefaultConfig(platformConfig)
@@ -27,7 +25,7 @@ class PlatformServerService {
         platformConfig,
         deploymentRequest => {
           DockerService.deploy(platformConfig, deploymentRequest)
-            .then(() => CaddyService.addDeployment(platformConfig, deploymentRequest))
+            .then(() => CaddyService.applyConfig(deploymentRequest.caddyConfig))
           return Promise.resolve()
         }
       )

package/src/template/deployment-template.js

@@ -0,0 +1,86 @@
+const { glob } = require('glob')
+const { readFileSync } = require('fs')
+const { logError, logInfo } = require('../log')
+const { SupportedDeploymentTypes, SupportedEnvironments } = require('../config')
+
+/**
+ * Deployment template definition
+ * @typedef {Object} DeploymentTemplate
+ * @property {string} type - CONTAINER | STATIC
+ * @property {string} domain - example.com
+ * @property {string} targetDeploymentPlatform - name of platform to deploy to
+ *
+ * @property {string} image - name of image to be deployed
+  * @property {string} registry -  registry where the image is hosted
+ * @property {string=} hostPort - host port
+ * @property {string=} containerPort - port that the container exposes
+ */
+
+/**
+  * Utility class that helps you read and validate platfor templates from file system
+  * @class
+  */
+class DeploymentTemplateService {
+
+  /**
+   *  Read and and group deployments by targetDeploymentPlatform
+   *
+   * @param {string} blob - File path to platform templates json
+   */
+   static readOssyFiles(blob) {
+     return glob(blob, { ignore: 'node_modules/**' })
+       .then(filePaths => filePaths
+           .map(path => readFileSync(path, 'utf-8'))
+           .map(json => JSON.parse(json))
+           .flatMap(ossyFileContent => ossyFileContent.deployments)
+           .reduce((deploymentsMap, deployment) => {
+
+             if (!!deploymentsMap[deployment.targetDeploymentPlatform]) {
+               return {
+                 ...deploymentsMap,
+                 [deployment.targetDeploymentPlatform]: [
+                   ...deploymentsMap[deployment.targetDeploymentPlatform],
+                   deployment
+                 ]
+               }
+             }
+
+             return {
+               ...deploymentsMap,
+               [deployment.targetDeploymentPlatform]: [deployment]
+             }
+
+           }, {})
+       )
+   }
+
+  static getContainerDeploymentsForEnvironmentType(environmentType, deployments) {
+    return deployments
+      .filter(deployment => {
+        const isContainerDeployment = deployment.type === SupportedDeploymentTypes.Container
+        const isDomainForCorrectEnvironment = deployment.domain.includes(environmentType)
+        return isContainerDeployment && isDomainForCorrectEnvironment
+      })
+  }
+
+   static groupDeploymentDomainsByRootDomain(deployments) {
+     return deployments
+       .map(deployment => deployment.domain)
+       .reduce((domainGroups, domain) => {
+         const [topLevelDomain, domainName] = domain.split('.').reverse()
+         const rootDomain = `${domainName}.${topLevelDomain}`
+
+         domainGroups.has(rootDomain)
+           ? domainGroups.set(rootDomain, [...domainGroups.get(rootDomain), domain])
+           : domainGroups.set(rootDomain, [domain])
+
+         return domainGroups
+       }, new Map())
+   }
+
+
+}
+
+module.exports = {
+  DeploymentTemplateService
+}

package/src/template/index.js

@@ -1 +1,4 @@
-module.exports = require('./platform-template')
+module.exports = {
+  ...require('./deployment-template'),
+  ...require('./platform-template')
+}

package/src/caddy/caddy.playground.js

@@ -1,21 +0,0 @@
-const { CaddyService } = require('./caddy')
-
-const config = {
-  environmentType: 'prod',
-  domain: 'localhost',
-  ciServerName: 'ossy',
-  ciSubDomain: 'ci',
-  ciInternalServerPort: '3000'
-}
-
-const deploymentRequest = {
-  subdomain: 'cc',
-  hostPort: '3000'
-}
-
-CaddyService.applyDefaultConfig(config)
-
-// CaddyService.addDeployment(config, deploymentRequest)
-
-// CaddyService.fetchServerConfig(config)
-//   .then(console.log)

package/src/infrastructure/container-server/index.js

@@ -1,3 +0,0 @@
-const { ContainerServer } = require('./container-server')
-
-module.exports = { ContainerServer }

package/src/server/platform-server.playground.js

@@ -1,10 +0,0 @@
-// const { PlatformServerService } = require('./platform-server')
-const { RestApiService } = require('./rest-api')
-
-// PlatformServerService.start({
-//
-// })
-
-RestApiService.start({
-  ciInternalServerPort: 3000
-})

package/src/server/rest-api.js

@@ -1,31 +0,0 @@
-const express = require('express')
-const { logInfo } = require('../log')
-
-/**
-  * @class
-*/
-class RestApiService {
-
-  static start(platformConfig) {
-    const server = express()
-
-    server.use(express.json())
-
-    server.get('/', (req, res) => {
-      res.redirect('/status')
-    })
-
-    server.get('/status', (req, res) => {
-      res.send('Server is live')
-    })
-
-    server.listen(platformConfig.ciInternalServerPort, () => {
-      logInfo({ message: `[RestApiService] API is live on port ${platformConfig.ciInternalServerPort}`})
-    })
-  }
-
-}
-
-module.exports = {
-  RestApiService
-}