This repository has been archived by the owner on Oct 6, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 15
support secret parameter for ecs task definitinon with Fargate #7
Labels
Comments
@pahud The issue aws/containers-roadmap#385 had closed, let's move on to next stage, lol |
in case i haven't misunderstood the issue, i think the code is present as far as i can see and can confirm in the generated CFN templates that it does what is supposed to do ProxySQLTask66A1033A:
Type: AWS::ECS::TaskDefinition
Properties:
ContainerDefinitions:
- Environment:
- Name: DB_WRITER_HOSTNAME
Value: writer.proxysql.local
- Name: DB_READER_HOSTNAME
Value: reader.proxysql.local
- Name: DB_WRITER_PORT
Value: '3306'
- Name: DB_READER_PORT
Value: '3306'
- Name: DB_MASTER_USERNAME
Value: admin
Essential: true
Image: !Join
- ''
- - 12345.dkr.ecr.us-east-1.
- !Ref 'AWS::URLSuffix'
- /aws-cdk/assets:0a48c0d6e2f688ca9f4b45efafa4dc5b6955193dc045a30b5f73131013ed3a6a
LogConfiguration:
LogDriver: awslogs
Options:
awslogs-group: !Ref 'ProxySQLTaskproxysqlLogGroup48D393F6'
awslogs-stream-prefix: proxysql-main
awslogs-region: us-east-1
Name: proxysql
PortMappings:
- ContainerPort: 6033
Protocol: tcp
- ContainerPort: 6032
Protocol: tcp
Secrets:
- Name: DB_MASTER_PASSWORD
ValueFrom: !Ref 'ProxySQLAuroraMasterSecret65F602CE'
- Name: RADMIN_PASSWORD
ValueFrom: !Ref 'ProxySQLRAdminPassword14486454'
....
ProxySQLAuroraMasterSecret65F602CE:
Type: AWS::SecretsManager::Secret
Properties:
GenerateSecretString:
ExcludePunctuation: true
PasswordLength: 12
Name: ProxysqlFargateStack-auroraMasterSecret
Metadata:
aws:cdk:path: ProxysqlFargateStack/ProxySQL/AuroraMasterSecret/Resource
ProxySQLRAdminPassword14486454:
Type: AWS::SecretsManager::Secret
Properties:
GenerateSecretString:
ExcludePunctuation: true
PasswordLength: 12
Name: ProxysqlFargateStack-radmin_pwd
Metadata:
aws:cdk:path: ProxysqlFargateStack/ProxySQL/RAdminPassword/Resource
Hence i think it can be closed? Edit And if what i wrote above is correct then the readme can be udpated & remove the stale section |
@DanyC97 thank you for your feedback. Let me know if you have any issues and any PRs are always welcome! |
@pahud on a double check, is me who misunderstood. In my link i pointed out to which is a different feature 🤦 Custom master password SecretUse const const YOUR_SECRET_ARN = 'arn:aws:secretsmanager:ap-northeast-1:112233445566:secret:xxxxxxx-rC5RTf'
const masterSecret = secretsmanager.Secret.fromSecretArn(stack, 'Secret', YOUR_SECRET_ARN)
new proxysql.ProxysqlFargate(stack, 'ProxySQL', {
vpc: infra.vpc,
customBackend: {
readerHost: 'foo',
writerHost: 'bar',
masterSecret,
}
}) |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
serverless-refarch-for-proxysql/lib/index.ts
Lines 160 to 161 in 42cb453
depends on aws/containers-roadmap#385
The text was updated successfully, but these errors were encountered: