dcl-ops-lib 6.0.9 → 6.0.11
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/alb.js +2 -2
- package/createFargateTask.d.ts +1 -0
- package/createFargateTask.js +27 -9
- package/package.json +1 -1
package/alb.js
CHANGED
|
@@ -23,8 +23,8 @@ const cache = {
|
|
|
23
23
|
};
|
|
24
24
|
exports.getAlb = (0, withCache_1.default)(() => __awaiter(void 0, void 0, void 0, function* () {
|
|
25
25
|
const dns = yield supra_1.supra.getOutputValue("dns");
|
|
26
|
-
const loadBalancer = yield supra_1.supra.
|
|
27
|
-
const elbValues = yield supra_1.supra.
|
|
26
|
+
const loadBalancer = yield supra_1.supra.requireOutputValue("albInstance");
|
|
27
|
+
const elbValues = yield supra_1.supra.requireOutputValue("elbValues");
|
|
28
28
|
const alb = yield aws.lb.getLoadBalancer({ arn: loadBalancer.arn });
|
|
29
29
|
const listener = yield aws.lb.getListener({ arn: elbValues.listenerArn });
|
|
30
30
|
return { dns, alb, listener };
|
package/createFargateTask.d.ts
CHANGED
|
@@ -96,5 +96,6 @@ export type InternalServiceOptions = {
|
|
|
96
96
|
dependsOn?: pulumi.Resource[];
|
|
97
97
|
volumes?: pulumi.Input<aws.types.input.ecs.TaskDefinitionVolume[]>;
|
|
98
98
|
team: string;
|
|
99
|
+
targetGroups: aws.alb.TargetGroup[];
|
|
99
100
|
};
|
|
100
101
|
export declare function createInternalService(config: InternalServiceOptions): Promise<import("@pulumi/aws/ecs/service").Service>;
|
package/createFargateTask.js
CHANGED
|
@@ -64,6 +64,11 @@ function getFargateExecutionRole(name, policyArnNamedMap) {
|
|
|
64
64
|
const dependsOn = Object.values(policyArnNamedMap).filter(($) => $ instanceof pulumi.Resource);
|
|
65
65
|
const role = new aws.iam.Role(name, { assumeRolePolicy }, { dependsOn });
|
|
66
66
|
const policies = [];
|
|
67
|
+
// Default execution policy
|
|
68
|
+
policies.push(new aws.iam.RolePolicyAttachment(`${name}-default-execution-policy`, {
|
|
69
|
+
policyArn: "arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy",
|
|
70
|
+
role
|
|
71
|
+
}));
|
|
67
72
|
Object.entries(policyArnNamedMap).forEach(([key, policyArn]) => {
|
|
68
73
|
if (policyArn instanceof aws.iam.Policy) {
|
|
69
74
|
policies.push(new aws.iam.RolePolicyAttachment(`${name}-${key}`, { role, policyArn: policyArn.arn }, { parent: role }));
|
|
@@ -196,6 +201,7 @@ function createFargateTask(serviceName, dockerImage, dockerListeningPort, enviro
|
|
|
196
201
|
(0, accessTheInternet_1.makeSecurityGroupAccessTheInternetV2)(taskSecurityGroup, serviceName);
|
|
197
202
|
// make the container fully accessible from the bastion of the environment
|
|
198
203
|
(0, acceptBastion_1.makeSecurityGroupAccessibleFromBastion)(taskSecurityGroup, serviceName);
|
|
204
|
+
const targetGroups = [];
|
|
199
205
|
if (dontExpose) {
|
|
200
206
|
const service = yield createInternalService({
|
|
201
207
|
serviceName,
|
|
@@ -222,6 +228,7 @@ function createFargateTask(serviceName, dockerImage, dockerListeningPort, enviro
|
|
|
222
228
|
dependsOn,
|
|
223
229
|
volumes,
|
|
224
230
|
team,
|
|
231
|
+
targetGroups
|
|
225
232
|
});
|
|
226
233
|
return {
|
|
227
234
|
service,
|
|
@@ -229,10 +236,10 @@ function createFargateTask(serviceName, dockerImage, dockerListeningPort, enviro
|
|
|
229
236
|
};
|
|
230
237
|
}
|
|
231
238
|
const exposed = yield (0, exposePublicService_1.exposePublicService)(`${serviceName}-${version}`, hostname, dockerListeningPort, healthCheck, vpc.id, options.extraExposedServiceOptions, deregistrationDelay);
|
|
232
|
-
|
|
239
|
+
targetGroups.push(exposed.targetGroup);
|
|
233
240
|
for (let extraALBMapping of extraALBMappings) {
|
|
234
241
|
const exposedExtra = yield (0, exposePublicService_1.exposePublicService)(`${serviceName}-${extraALBMapping.dockerListeningPort}-${version}`, extraALBMapping.domain, extraALBMapping.dockerListeningPort, extraALBMapping.healthCheck, vpc.id, extraALBMapping.extraExposedServiceOptions);
|
|
235
|
-
|
|
242
|
+
targetGroups.push(exposedExtra.targetGroup);
|
|
236
243
|
extraPortMappings.push({
|
|
237
244
|
containerPort: extraALBMapping.dockerListeningPort,
|
|
238
245
|
hostPort: extraALBMapping.dockerListeningPort,
|
|
@@ -268,14 +275,16 @@ function createFargateTask(serviceName, dockerImage, dockerListeningPort, enviro
|
|
|
268
275
|
dependsOn,
|
|
269
276
|
volumes,
|
|
270
277
|
team,
|
|
278
|
+
targetGroups
|
|
271
279
|
});
|
|
272
280
|
return { endpoint: `https://${hostname}/`, service, exposed };
|
|
273
281
|
});
|
|
274
282
|
}
|
|
275
283
|
exports.createFargateTask = createFargateTask;
|
|
276
284
|
function createInternalService(config) {
|
|
285
|
+
var _a, _b;
|
|
277
286
|
return __awaiter(this, void 0, void 0, function* () {
|
|
278
|
-
let { serviceName, cluster, securityGroups, ignoreServiceDiscovery, serviceDiscoveryPort, desiredCount, executionRole, taskRole, containerInfo, assignPublicIp, dependsOn, volumes, team, } = config;
|
|
287
|
+
let { serviceName, cluster, securityGroups, ignoreServiceDiscovery, serviceDiscoveryPort, desiredCount, executionRole, taskRole, containerInfo, assignPublicIp, dependsOn, volumes, team, targetGroups } = config;
|
|
279
288
|
if (!desiredCount)
|
|
280
289
|
desiredCount = 1;
|
|
281
290
|
assignPublicIp = !!assignPublicIp;
|
|
@@ -289,12 +298,10 @@ function createInternalService(config) {
|
|
|
289
298
|
{ type: "SRV", ttl: 10 },
|
|
290
299
|
],
|
|
291
300
|
namespaceId: (0, supra_1.getInternalServiceDiscoveryNamespaceId)(),
|
|
292
|
-
}
|
|
293
|
-
|
|
294
|
-
}, { deleteBeforeReplace: true, });
|
|
301
|
+
}
|
|
302
|
+
});
|
|
295
303
|
serviceRegistries = {
|
|
296
|
-
|
|
297
|
-
containerName: serviceName,
|
|
304
|
+
port: serviceDiscoveryPort,
|
|
298
305
|
registryArn: serviceDiscovery.arn,
|
|
299
306
|
};
|
|
300
307
|
}
|
|
@@ -308,6 +315,10 @@ function createInternalService(config) {
|
|
|
308
315
|
taskRoleArn: taskRole === null || taskRole === void 0 ? void 0 : taskRole.arn,
|
|
309
316
|
tags: { ServiceName: serviceName, Team: team },
|
|
310
317
|
containerDefinitions: JSON.stringify([Object.assign(Object.assign({}, containerInfo), { logConfiguration: (0, exports.getDefaultLogs)(serviceName, logGroup) })]),
|
|
318
|
+
cpu: (_a = containerInfo.cpu) === null || _a === void 0 ? void 0 : _a.toString(),
|
|
319
|
+
memory: (_b = containerInfo.memoryReservation) === null || _b === void 0 ? void 0 : _b.toString(),
|
|
320
|
+
requiresCompatibilities: ["FARGATE"],
|
|
321
|
+
networkMode: "awsvpc",
|
|
311
322
|
volumes: volumes,
|
|
312
323
|
family: (0, stack_1.getStackScopedName)(serviceName),
|
|
313
324
|
}, { dependsOn: [logGroup] });
|
|
@@ -317,13 +328,20 @@ function createInternalService(config) {
|
|
|
317
328
|
networkConfiguration: {
|
|
318
329
|
subnets: yield (0, network_1.getPrivateSubnetIds)(),
|
|
319
330
|
securityGroups: securityGroups,
|
|
320
|
-
assignPublicIp
|
|
321
331
|
},
|
|
322
332
|
serviceRegistries,
|
|
323
333
|
desiredCount,
|
|
334
|
+
launchType: "FARGATE",
|
|
324
335
|
enableEcsManagedTags: true,
|
|
325
336
|
waitForSteadyState: false,
|
|
326
337
|
taskDefinition: taskDefinition.arn,
|
|
338
|
+
loadBalancers: [
|
|
339
|
+
...targetGroups.map((tg) => ({
|
|
340
|
+
targetGroupArn: tg.arn,
|
|
341
|
+
containerName: serviceName,
|
|
342
|
+
containerPort: serviceDiscoveryPort,
|
|
343
|
+
}))
|
|
344
|
+
]
|
|
327
345
|
}, Object.assign(Object.assign({}, extraOpts), { dependsOn }));
|
|
328
346
|
});
|
|
329
347
|
}
|