Skip to content

Commit

Permalink
fix errors for services
Browse files Browse the repository at this point in the history
  • Loading branch information
@erudenko
erudenko committed Jan 17, 2025
1 parent dc19900 commit f754a61
Show file tree
Hide file tree
Showing 6 changed files with 157 additions and 68 deletions.
84 changes: 84 additions & 0 deletions app/raymond.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -95,4 +95,88 @@ func registerCustomHelpers() {
return 0
}
})

raymond.RegisterHelper("default", func(value any, defaultValue any) any {
if value == nil {
return defaultValue
}

v := reflect.ValueOf(value)
switch v.Kind() {
case reflect.String:
if v.String() == "" {
return defaultValue
}
case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64:
if v.Int() == 0 {
return defaultValue
}
case reflect.Float32, reflect.Float64:
if v.Float() == 0 {
return defaultValue
}
case reflect.Slice, reflect.Map:
if v.Len() == 0 {
return defaultValue
}
}

return value
})

raymond.RegisterHelper("notEmpty", func(value interface{}, options *raymond.Options) interface{} {
if value == nil {
return options.Inverse()
}

v := reflect.ValueOf(value)
switch v.Kind() {
case reflect.String:
if v.String() == "" {
return options.Inverse()
}
case reflect.Slice, reflect.Map, reflect.Array:
if v.Len() == 0 {
return options.Inverse()
}
case reflect.Bool:
if !v.Bool() {
return options.Inverse()
}
}

return options.Fn()
})

raymond.RegisterHelper("notZero", func(value interface{}, options *raymond.Options) interface{} {
if value == nil {
return options.Inverse()
}

v := reflect.ValueOf(value)
switch v.Kind() {
case reflect.String:
if v.String() == "" {
return options.Inverse()
}
case reflect.Slice, reflect.Map, reflect.Array:
if v.Len() == 0 {
return options.Inverse()
}
case reflect.Bool:
if !v.Bool() {
return options.Inverse()
}
case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64:
if v.Int() == 0 {
return options.Inverse()
}
case reflect.Float32, reflect.Float64:
if v.Float() == 0 {
return options.Inverse()
}
}

return options.Fn()
})
}
5 changes: 4 additions & 1 deletion env/main.hbs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -128,7 +128,7 @@ module "workloads" {
backend_bucket_postfix = "{{workload.bucket_postfix}}"
backend_bucket_public = {{workload.bucket_public}}
backend_health_endpoint = "{{workload.backend_health_endpoint}}"
backend_remote_access = {{workload.backend_remote_access}}
backend_remote_access = {{default workload.backend_remote_access true}}
docker_image = "{{workload.backend_external_docker_image}}"
setup_FCM_SNS = {{workload.setup_fcnsns}}
backend_image_port = {{workload.backend_image_port}}
Expand Down Expand Up @@ -197,6 +197,9 @@ module "workloads" {
alb_arn = module.alb.alb_arn
enable_alb = true
{{/if}}{{/if}}
{{#compare (len services) ">" 0}}
services = {{{array services}}}
{{/compare}}
}
{{#if cognito.enabled}}
module "cognito" {
Expand Down
8 changes: 4 additions & 4 deletions modules/workloads/env_services.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,11 +46,11 @@ locals {
]

# X-Ray container configuration
xray_enabled_container = [
xray_service_container = [
{
name = "xray-daemon"
image = "amazon/aws-xray-daemon"
cpu = 32
name = "xray-daemon"
image = "amazon/aws-xray-daemon"
cpu = 32
memoryReservation = 256
portMappings = [
{
Expand Down
47 changes: 26 additions & 21 deletions modules/workloads/services.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,11 +16,11 @@ resource "aws_lb_target_group" "services" {
enabled = true
healthy_threshold = 2
interval = 30
matcher = "200"
path = "/health/live"
port = "traffic-port"
protocol = "HTTP"
timeout = 5
matcher = "200"
path = "/health/live"
port = "traffic-port"
protocol = "HTTP"
timeout = 5
unhealthy_threshold = 10
}

Expand Down Expand Up @@ -88,7 +88,7 @@ resource "aws_ecs_service" "services" {
deployment_minimum_healthy_percent = 50
launch_type = "FARGATE"
scheduling_strategy = "REPLICA"
enable_ecs_managed_tags = each.value.remote_access
enable_ecs_managed_tags = each.value.remote_access


network_configuration {
Expand Down Expand Up @@ -126,29 +126,34 @@ resource "aws_ecs_task_definition" "services" {
cpu = each.value.cpu
memory = each.value.memory
execution_role_arn = aws_iam_role.services_task_execution[each.key].arn
task_role_arn = aws_iam_role.services_task[each.key].arn
task_role_arn = aws_iam_role.services_task[each.key].arn

container_definitions = jsonencode(concat(
each.value.xray_enabled ? local.xray_enabled_container : [],
each.value.xray_enabled ? local.xray_service_container : [],
[{
name = "${var.project}_service_${each.key}_${var.env}"
cpu = each.value.cpu
memory = each.value.memory
image = "${each.value.docker_image != "" ? each.value.docker_image : (var.env == "dev" ? join("", aws_ecr_repository.services[each.key].*.repository_url) : var.ecr_url)}:latest"
name = "${var.project}_service_${each.key}_${var.env}"
cpu = each.value.cpu
memory = each.value.memory
image = "${each.value.docker_image != "" ? each.value.docker_image : (var.env == "dev" ? join("", aws_ecr_repository.services[each.key].*.repository_url) : var.ecr_url)}:latest"

// we support three types of env variables:
// 1. from SSM
// 2. from env_files_s3
// 3. from env_vars variable
secrets = local.services_env_ssm[each.key]
environment = concat(local.services_env, each.value.env_vars)
environment = concat(local.services_env, [
for name, value in each.value.env_vars : {
name = name
value = value
}
])
environmentFiles = [
for file in local.services_env_files_s3[each.key] : {
value = "arn:aws:s3:::${file.bucket}/${file.key}"
type = "s3"
}
]
essential = each.value.essential
essential = each.value.essential

logConfiguration = {
logDriver = "awslogs"
Expand Down Expand Up @@ -247,15 +252,15 @@ resource "aws_iam_role_policy_attachment" "services_task_cloudwatch" {
}

# S3 bucket access
resource "aws_iam_role_policy_attachment" "backend_task_backend_bucket" {
resource "aws_iam_role_policy_attachment" "service_task_bucket" {
for_each = local.service_names

role = aws_iam_role.services_task_execution[each.key].name
policy_arn = aws_iam_policy.full_access_to_backend_bucket.arn
}

# SES access
resource "aws_iam_role_policy_attachment" "backend_task_ses" {
resource "aws_iam_role_policy_attachment" "service_task_ses" {
for_each = local.service_names

role = aws_iam_role.services_task_execution[each.key].name
Expand All @@ -275,13 +280,13 @@ resource "aws_iam_role_policy_attachment" "services_ssm_parameter_access" {
resource "aws_iam_policy" "services_ssm_parameter_access" {
for_each = local.service_names

name = "ServiceSSMAccessPolicy_${var.project}_${each.key}_${var.env}"
name = "ServiceSSMAccessPolicy_${var.project}_${each.key}_${var.env}"
policy = jsonencode({
Version = "2012-10-17"
Statement = [
{
Effect = "Allow"
Action = ["ssm:GetParameter", "ssm:GetParameters", "ssm:GetParametersByPath"]
Effect = "Allow"
Action = ["ssm:GetParameter", "ssm:GetParameters", "ssm:GetParametersByPath"]
Resource = ["arn:aws:ssm:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:parameter/${var.env}/${var.project}/${each.key}/*"]
}
]
Expand Down Expand Up @@ -326,7 +331,7 @@ resource "null_resource" "create_services_env_files" {
for pair in flatten([
for service_name, files in local.services_env_files_s3 : [
for file in files : {
key = "${file.bucket}-${file.key}"
key = "${file.bucket}-${file.key}"
file = file
}
]
Expand All @@ -350,7 +355,7 @@ resource "aws_iam_role_policy" "services_ecs_exec_policy" {

name = "${var.project}-${each.key}-ecs-exec-policy-${var.env}"
role = aws_iam_role.services_task[each.key].id

policy = jsonencode({
Version = "2012-10-17"
Statement = [
Expand Down
78 changes: 39 additions & 39 deletions modules/workloads/xray.tf
View file
Original file line number Diff line number Diff line change
@@ -1,46 +1,46 @@
locals {
xray_enabled_container = [{
name = "adot-collector"
image = "public.ecr.aws/aws-observability/aws-otel-collector:latest"
portMappings = [
{
containerPort = 2000
hostPort = 2000
protocol = "udp"
},
{
containerPort = 4317
hostPort = 4317
},
{
containerPort = 4318
hostPort = 4318
},
{
containerPort = 55681
hostPort = 55681
}
]
command = [
"--config=/etc/ecs/container-insights/otel-task-metrics-config.yaml"
]
environment = [
{
name = "AWS_REGION"
value = data.aws_region.current.name
}
]
logConfiguration = {
logDriver = "awslogs"
options = {
awslogs-group = "/ecs/adot-collector"
awslogs-region = data.aws_region.current.name
awslogs-stream-prefix = "xray"
}
name = "adot-collector"
image = "public.ecr.aws/aws-observability/aws-otel-collector:latest"
portMappings = [
{
containerPort = 2000
hostPort = 2000
protocol = "udp"
},
{
containerPort = 4317
hostPort = 4317
},
{
containerPort = 4318
hostPort = 4318
},
{
containerPort = 55681
hostPort = 55681
}
}]
]
command = [
"--config=/etc/ecs/container-insights/otel-task-metrics-config.yaml"
]
environment = [
{
name = "AWS_REGION"
value = data.aws_region.current.name
}
]
logConfiguration = {
logDriver = "awslogs"
options = {
awslogs-group = "/ecs/adot-collector"
awslogs-region = data.aws_region.current.name
awslogs-stream-prefix = "xray"
}
}
}]

xray_container = var.xray_enabled ? xray_enabled_container : []
xray_container = var.xray_enabled ? local.xray_enabled_container : []

app_container_environment = var.xray_enabled ? [
{
Expand Down
3 changes: 0 additions & 3 deletions project/dev.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -60,9 +60,6 @@ enable_user_pool_domain: false
user_pool_domain_prefix:
allow_backend_task_to_confirm_signup: false

services:
- name: backend

# setup scheduled tasks
scheduled_tasks:
- name: task1
Expand Down

0 comments on commit f754a61

Please sign in to comment.