dcl-ops-lib 5.22.0 → 5.23.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (10) hide show
  1. package/acceptAlb.d.ts +1 -1
  2. package/acceptAlb.js +2 -2
  3. package/acceptBastion.d.ts +1 -1
  4. package/acceptBastion.js +2 -2
  5. package/accessTheInternet.d.ts +1 -1
  6. package/accessTheInternet.js +2 -2
  7. package/createFargateTask.js +4 -4
  8. package/package.json +1 -1
  9. package/prometheus.d.ts +1 -1
  10. package/prometheus.js +2 -2
package/acceptAlb.d.ts CHANGED
@@ -4,5 +4,5 @@ export declare const acceptAlbSecurityGroup: () => Promise<awsx.ec2.SecurityGrou
4
4
  /** @deprecated use makeSecurityGroupAccessibleFromSharedAlb instead */
5
5
  export declare function acceptAlbSecurityGroupId(): Promise<import("@pulumi/pulumi").Output<string>>;
6
6
  /** Makes a given securityGropup accesible by the shared supra ALB */
7
- export declare function makeSecurityGroupAccessibleFromSharedAlb(securityGroup: awsx.ec2.SecurityGroup): void;
7
+ export declare function makeSecurityGroupAccessibleFromSharedAlb(securityGroup: awsx.ec2.SecurityGroup, ruleName?: string): void;
8
8
  export default acceptAlbSecurityGroup;
package/acceptAlb.js CHANGED
@@ -26,8 +26,8 @@ function acceptAlbSecurityGroupId() {
26
26
  }
27
27
  exports.acceptAlbSecurityGroupId = acceptAlbSecurityGroupId;
28
28
  /** Makes a given securityGropup accesible by the shared supra ALB */
29
- function makeSecurityGroupAccessibleFromSharedAlb(securityGroup) {
30
- new awsx.ec2.IngressSecurityGroupRule("accept-alb-ingress-rule", securityGroup, {
29
+ function makeSecurityGroupAccessibleFromSharedAlb(securityGroup, ruleName = "") {
30
+ new awsx.ec2.IngressSecurityGroupRule(ruleName + "-accept-alb-ingress-rule", securityGroup, {
31
31
  sourceSecurityGroupId: (0, values_1.getEnvConfiguration)().then(($) => $.albSecurityGroupId),
32
32
  description: `Allow access from the supra ALB`,
33
33
  fromPort: 0,
package/acceptBastion.d.ts CHANGED
@@ -3,5 +3,5 @@ import * as awsx from "@pulumi/awsx";
3
3
  export declare const acceptBastionSecurityGroup: () => Promise<awsx.ec2.SecurityGroup>;
4
4
  /** @deprecated please use makeSecurityGroupAccessTheInternet */
5
5
  export declare function acceptBastionSecurityGroupId(): Promise<import("@pulumi/pulumi").Output<string>>;
6
- export declare function makeSecurityGroupAccessibleFromBastion(securityGroup: awsx.ec2.SecurityGroup): void;
6
+ export declare function makeSecurityGroupAccessibleFromBastion(securityGroup: awsx.ec2.SecurityGroup, ruleName?: string): void;
7
7
  export default acceptBastionSecurityGroup;
package/acceptBastion.js CHANGED
@@ -30,8 +30,8 @@ const bastionSecurityGroupId = (0, withCache_1.default)(() => __awaiter(void 0,
30
30
  const config = yield (0, values_1.getEnvConfiguration)();
31
31
  return config.bastionSecurityGroupId;
32
32
  }));
33
- function makeSecurityGroupAccessibleFromBastion(securityGroup) {
34
- new aws.ec2.SecurityGroupRule("accesible-from-bastion", {
33
+ function makeSecurityGroupAccessibleFromBastion(securityGroup, ruleName = '') {
34
+ new aws.ec2.SecurityGroupRule(ruleName + "-accesible-from-bastion", {
35
35
  securityGroupId: securityGroup.id,
36
36
  sourceSecurityGroupId: bastionSecurityGroupId(),
37
37
  fromPort: -1,
package/accessTheInternet.d.ts CHANGED
@@ -9,6 +9,6 @@ export default accessTheInternetSecurityGroup;
9
9
  /** @deprecated please use makeSecurityGroupAccessibleByCloudflare */
10
10
  export declare function accessFromCloudflareSecurityGroup(): Promise<import("@pulumi/pulumi").Output<string>>;
11
11
  /** Enables egress traffic to 0.0.0.0/0/all */
12
- export declare function makeSecurityGroupAccessTheInternet(securityGroup: awsx.ec2.SecurityGroup): void;
12
+ export declare function makeSecurityGroupAccessTheInternet(securityGroup: awsx.ec2.SecurityGroup, ruleName?: string): void;
13
13
  /** Enables ingress traffic from cloudflare CIDRs */
14
14
  export declare function makeSecurityGroupAccessibleByCloudflare(securityGroup: awsx.ec2.SecurityGroup): Promise<void>;
package/accessTheInternet.js CHANGED
@@ -42,8 +42,8 @@ function accessFromCloudflareSecurityGroup() {
42
42
  }
43
43
  exports.accessFromCloudflareSecurityGroup = accessFromCloudflareSecurityGroup;
44
44
  /** Enables egress traffic to 0.0.0.0/0/all */
45
- function makeSecurityGroupAccessTheInternet(securityGroup) {
46
- securityGroup.createEgressRule("access-the-internet", {
45
+ function makeSecurityGroupAccessTheInternet(securityGroup, ruleName = "") {
46
+ securityGroup.createEgressRule(ruleName + "-access-the-internet", {
47
47
  cidrBlocks: ["0.0.0.0/0"],
48
48
  fromPort: -1,
49
49
  toPort: -1,
package/createFargateTask.js CHANGED
@@ -186,12 +186,12 @@ function createFargateTask(serviceName, dockerImage, dockerListeningPort, enviro
186
186
  serviceDiscoveryPort = port;
187
187
  });
188
188
  // enable prometheus to access fromPort-toPort
189
- (0, prometheus_1.makeSecurityGroupAccessibleByPrometheus)(taskSecurityGroup, fromPort, toPort);
189
+ (0, prometheus_1.makeSecurityGroupAccessibleByPrometheus)(taskSecurityGroup, fromPort, toPort, serviceName);
190
190
  }
191
191
  // enable egress traffic from the task to the internet
192
- (0, accessTheInternet_1.makeSecurityGroupAccessTheInternet)(taskSecurityGroup);
192
+ (0, accessTheInternet_1.makeSecurityGroupAccessTheInternet)(taskSecurityGroup, serviceName);
193
193
  // make the container fully accessible from the bastion of the environment
194
- (0, acceptBastion_1.makeSecurityGroupAccessibleFromBastion)(taskSecurityGroup);
194
+ (0, acceptBastion_1.makeSecurityGroupAccessibleFromBastion)(taskSecurityGroup, serviceName);
195
195
  if (dontExpose) {
196
196
  const service = yield createInternalService({
197
197
  serviceName,
@@ -230,7 +230,7 @@ function createFargateTask(serviceName, dockerImage, dockerListeningPort, enviro
230
230
  }
231
231
  const portMapping = exposed.targetGroup;
232
232
  // make the service accesible by the ALB
233
- (0, acceptAlb_1.makeSecurityGroupAccessibleFromSharedAlb)(taskSecurityGroup);
233
+ (0, acceptAlb_1.makeSecurityGroupAccessibleFromSharedAlb)(taskSecurityGroup, serviceName);
234
234
  const service = yield createInternalService({
235
235
  serviceName,
236
236
  cluster,
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "dcl-ops-lib",
3
- "version": "5.22.0",
3
+ "version": "5.23.0",
4
4
  "scripts": {
5
5
  "build": "tsc && cp bin/* .",
6
6
  "clean": "rm *.d.ts *.js *.js.map"
package/prometheus.d.ts CHANGED
@@ -2,4 +2,4 @@ import * as pulumi from "@pulumi/pulumi";
2
2
  import * as awsx from "@pulumi/awsx";
3
3
  export declare const prometheusStack: () => Promise<pulumi.StackReference>;
4
4
  export declare const prometheusSecurityGroupId: () => Promise<string>;
5
- export declare function makeSecurityGroupAccessibleByPrometheus(securityGroup: awsx.ec2.SecurityGroup, fromPort?: number, toPort?: number): void;
5
+ export declare function makeSecurityGroupAccessibleByPrometheus(securityGroup: awsx.ec2.SecurityGroup, fromPort?: number, toPort?: number, ruleName?: string): void;
package/prometheus.js CHANGED
@@ -21,8 +21,8 @@ exports.prometheusSecurityGroupId = (0, withCache_1.default)(() => __awaiter(voi
21
21
  const prom = yield (0, exports.prometheusStack)();
22
22
  return (yield prom.requireOutputValue("prometheusSecurityGroupId"));
23
23
  }));
24
- function makeSecurityGroupAccessibleByPrometheus(securityGroup, fromPort = 0, toPort = 0) {
25
- new awsx.ec2.IngressSecurityGroupRule(`accept-prom-${fromPort}-${toPort}`, securityGroup, {
24
+ function makeSecurityGroupAccessibleByPrometheus(securityGroup, fromPort = 0, toPort = 0, ruleName = "") {
25
+ new awsx.ec2.IngressSecurityGroupRule(ruleName + `-accept-prom-${fromPort}-${toPort}`, securityGroup, {
26
26
  sourceSecurityGroupId: (0, exports.prometheusSecurityGroupId)(),
27
27
  description: `Allow access from prometheus`,
28
28
  fromPort,