Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CFN Conditions in addons #915

Closed
FarmaanElahi opened this issue May 12, 2020 · 11 comments
Closed

CFN Conditions in addons #915

FarmaanElahi opened this issue May 12, 2020 · 11 comments
Labels
area/addon Issues about addons. type/enhancement Issues that are improvements for existing features. type/request Issues that are created by customers.
Projects
Sprint 🏃‍♀️

Comments

@FarmaanElahi
Copy link

In the wiki, there is no mention of condition for add ons. Is it supported or not?
@efekarakus efekarakus added type/enhancement Issues that are improvements for existing features. type/request Issues that are created by customers. labels May 12, 2020
@efekarakus efekarakus added this to Backlog in Sprint 🏃‍♀️ via automation May 12, 2020
@efekarakus
Copy link
Contributor

Hi @FarmaanElahi !

Unfortunately, we don't support conditions yet.
Added the task to our backlog to prioritize!

@efekarakus efekarakus added the area/addon Issues about addons. label May 12, 2020
@FarmaanElahi
Copy link
Author

Then how can we create resource specific to env. Is it possible anyhow?

@efekarakus
Copy link
Contributor

I don't think it's possible at the moment 😔🙇.
We should look into creating an easy way of adding the Mappings and Conditions sections

@FarmaanElahi
Copy link
Author

FarmaanElahi commented May 12, 2020 via email

@efekarakus
Copy link
Contributor

efekarakus commented May 12, 2020
edited

Or even adding secrets based on environment?

This is possible!
You can create a SSM SecureString parameter separately, and then inject it as environment variable by modifying the manifest:

secrets:
  MY_ENV_VAR_NAME: MY_SSM_PARAM_NAME

Here your application container will have the env variable "MY_ENV_VAR_NAME" with the value of the secret stored in the SSM parameter "MY_SSM_PARAM_NAME".

Or is there anyway where we can import external cfn stack and put in
output.yaml

Mmm good question, I think this could work within the addons output.yaml file:

Outputs:
   MyOutputFromOtherStack:
     Value: !ImportValue "MyOtherStack-SomeOutput"

Then your application container will receive the value as an environment variable "MY_OUTPUT_FROM_OTHER_STACK"

@FarmaanElahi
Copy link
Author

FarmaanElahi commented May 12, 2020 via email

@FarmaanElahi
Copy link
Author

Or even adding secrets based on environment?

This is possible!
You can create a SSM SecureString parameter separately, and then inject it as environment variable by modifying the manifest:

secrets:
  MY_ENV_VAR_NAME: MY_SSM_PARAM_NAME

Here your application container will have the env variable "MY_ENV_VAR_NAME" with the value of the secret stored in the SSM parameter "MY_SSM_PARAM_NAME".

Or is there anyway where we can import external cfn stack and put in
output.yaml

Mmm good question, I think this could work within the addons output.yaml file:

Outputs:
   MyOutputFromOtherStack:
     Value: !ImportValue "MyOtherStack-SomeOutput"

Then your application container will receive the value as an environment variable "MY_OUTPUT_FROM_OTHER_STACK"

@efekarakus Doesn't exactly work. I am getting the following error

Error: deploy application: check if changeset is empty: create change set ecscli-da4d9ccd-5a1b-44be-9e14-72c29cc5253b for stack savd-dev-content: ValidationError: [/Resources/TaskRole/Type/ManagedPolicyArns] 'null' values are not allowed in templates
status code: 400, request id: bf5f69db-e46b-4b90-b89e-f2131dade972: describe change set ecscli-da4d9ccd-5a1b-44be-9e14-72c29cc5253b for stack savd-dev-content: ChangeSetNotFound: ChangeSet [ecscli-da4d9ccd-5a1b-44be-9e14-72c29cc5253b] does not exist
status code: 404, request id: c2ab361c-b544-4ad7-bf7c-a7187ce2323e

Your suggestion worked when a resource file is added and referencing the created resource in the policy and adding the that in the output file. If I do that and also follow you suggestion of importing only then it works

@efekarakus
Copy link
Contributor

Sounds good!

Just to provide some visibility, we're still planning on improving the experience for addons templates to support conditionals and mappings.

We're also currently working on supporting a new command storage init (#769) in the CLI to help you generate addons templates for S3 and DynamoDB. So hopefully that should make it easier in the future to get started with addons.

@FarmaanElahi
Copy link
Author

FarmaanElahi commented May 14, 2020
edited

Finally was able to achieve that with a kind of a hack.

For somebody who what something like this till addons are fully ready

  1. First of all I am creating resources in different stack and the naming convention is same as what cli does which is $Project-$Env-$App-ResourceName.

  2. Using parameters defined in params.yaml. I am importing the different stack resource which has been exported

  3. I am no more creating any resource. Just an empty random file apart from policy.yaml, outputs.yaml and params.yaml will work

  4. Must have atleast one policy defined in policy.yaml

  5. Atleast one policy need to be exported from outputs.yaml

@efekarakus efekarakus mentioned this issue Jun 4, 2020
Closed
@efekarakus
Copy link
Contributor

Hi @FarmaanElahi, we're planning to make this experience easier as described here: #994

Let us know if you have any feedback!

@efekarakus efekarakus mentioned this issue Jun 12, 2020
Merged
mergify bot pushed a commit that referenced this issue Jun 12, 2020
@efekarakus
feat(addons)!: accept complete cfn templates as inputs (#1020)
a43f41c 
Templates under the "addons/" directory can now be complete CFN templates that gets merged into a nested stack.

Resolves #994, #915 

BREAKING CHANGE

_By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice._
@efekarakus
Copy link
Contributor

#994 addressed the issue and is now merged! The fix should be out with the next release.

Sprint 🏃‍♀️ automation moved this from Backlog to Pending release Jun 15, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/addon Issues about addons. type/enhancement Issues that are improvements for existing features. type/request Issues that are created by customers.
Projects
Sprint 🏃‍♀️
  
Pending release
Milestone
No milestone
Development

No branches or pull requests
2 participants
@efekarakus @FarmaanElahi