-
Notifications
You must be signed in to change notification settings - Fork 7
[back-357] add ECS service, IAM, & definition modules #36
Conversation
01e08c5
to
90ee018
Compare
90ee018
to
e0314b0
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👍 1 step closer to worrying only about business logic.!!
Just had a few non-blocking comments.
const secretEnvVarsValue = config.secretEnvVars | ||
? JSON.stringify(config.secretEnvVars) | ||
: 'null'; | ||
const commandValue = config.command |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do the amazon docs say what to put if we don't want to override this? or does an existing task definition provide an example? Just want to make sure an empty string means don't override.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
checked and it's an optional param. updating to remove it from the JSON if no command is configured.
|
||
new ApplicationECSIAM(stack, 'testECSService', BASE_CONFIG); | ||
|
||
expect(Testing.synth(stack)).toMatchSnapshot(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
i like this so much.
src/base/ApplicationECSService.ts
Outdated
|
||
//create ecs service | ||
new EcsService(this, 'ecs-service', { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
we will need to reference this elsewhere, can you make it public on the class
src/pocket/PocketALBApplication.ts
Outdated
new ApplicationECSService(this, 'ecs_service', { | ||
prefix: config.prefix, | ||
name: config.alb6CharacterPrefix, | ||
ecsCluster: '', |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You should actually be able to use ApplicationECSCluster and create it before this :D
- make ecs service public - remove command from container def if none passed in - update snapshots
…ket/terraform-modules into back-357-complete-ecs-service-module
🎉 This PR is included in version 1.3.4 🎉 The release is available on:
Your semantic-release bot 📦🚀 |
Goal
add ECS service, IAM, and container definition modules.
this work has been validated through the following:
npm run build && npm run synth
cd cdktf.out
terraform init
terraform validate
i haven't yet tested all this work against our dev infra (but i have been testing along the way and fixing some issues).
imo, the "worst" part about using this ECS module will be passing in and testing the role policy statements for ECS IAM. (these will be a part of the consuming project).
one other thing that's getting a bit hairy is the size of the config objects, as we need to pass in and down quite a bit of info from the entry point into sub-modules (e.g. ECSService > ECSIAM and ECSService > ECSContainerDefinition). an alternative would be to have these all top-level modules that are configured separately and combined within ECSService. might be a point to discuss.
Todos
terraform plan
andterraform apply
against our dev infraReference
Tickets:
Implementation Decisions
attempted to abstract/make configurable as much as practical at this time. i'm sure there will be changes to what is configurable going forward.