diff --git a/internal/pkg/deploy/cloudformation/stack/transformers.go b/internal/pkg/deploy/cloudformation/stack/transformers.go index 95de8cc8dbf..4d7a33e3f85 100644 --- a/internal/pkg/deploy/cloudformation/stack/transformers.go +++ b/internal/pkg/deploy/cloudformation/stack/transformers.go @@ -533,7 +533,13 @@ func convertEFSConfiguration(in manifest.EFSVolumeConfiguration) *template.EFSVo } } -func convertNetworkConfig(network manifest.NetworkConfig) *template.NetworkOpts { +func convertNetworkConfig(network *manifest.NetworkConfig) *template.NetworkOpts { + if network == nil || network.VPC == nil { + return &template.NetworkOpts{ + AssignPublicIP: template.EnablePublicIP, + SubnetsType: template.PublicSubnetsPlacement, + } + } opts := &template.NetworkOpts{ AssignPublicIP: template.EnablePublicIP, SubnetsType: template.PublicSubnetsPlacement, diff --git a/internal/pkg/manifest/backend_svc.go b/internal/pkg/manifest/backend_svc.go index 4963fb5a43c..83fadfc547f 100644 --- a/internal/pkg/manifest/backend_svc.go +++ b/internal/pkg/manifest/backend_svc.go @@ -40,7 +40,7 @@ type BackendServiceConfig struct { TaskConfig `yaml:",inline"` *Logging `yaml:"logging,flow"` Sidecars map[string]*SidecarConfig `yaml:"sidecars"` - Network NetworkConfig `yaml:"network"` + Network *NetworkConfig `yaml:"network"` } type imageWithPortAndHealthcheck struct { @@ -149,8 +149,8 @@ func newDefaultBackendService() *BackendService { Enable: aws.Bool(false), }, }, - Network: NetworkConfig{ - VPC: vpcConfig{ + Network: &NetworkConfig{ + VPC: &vpcConfig{ Placement: stringP(PublicSubnetPlacement), }, }, diff --git a/internal/pkg/manifest/backend_svc_test.go b/internal/pkg/manifest/backend_svc_test.go index 28916003e96..a06962b48ed 100644 --- a/internal/pkg/manifest/backend_svc_test.go +++ b/internal/pkg/manifest/backend_svc_test.go @@ -54,8 +54,8 @@ func TestNewBackendSvc(t *testing.T) { Enable: aws.Bool(false), }, }, - Network: NetworkConfig{ - VPC: vpcConfig{ + Network: &NetworkConfig{ + VPC: &vpcConfig{ Placement: stringP("public"), }, }, @@ -104,8 +104,8 @@ func TestNewBackendSvc(t *testing.T) { Enable: aws.Bool(false), }, }, - Network: NetworkConfig{ - VPC: vpcConfig{ + Network: &NetworkConfig{ + VPC: &vpcConfig{ Placement: stringP("public"), }, }, diff --git a/internal/pkg/manifest/job.go b/internal/pkg/manifest/job.go index 95677ac72fc..19f3d10be1e 100644 --- a/internal/pkg/manifest/job.go +++ b/internal/pkg/manifest/job.go @@ -43,7 +43,7 @@ type ScheduledJobConfig struct { Sidecars map[string]*SidecarConfig `yaml:"sidecars"` On JobTriggerConfig `yaml:"on,flow"` JobFailureHandlerConfig `yaml:",inline"` - Network NetworkConfig `yaml:"network"` + Network *NetworkConfig `yaml:"network"` } // JobTriggerConfig represents the configuration for the event that triggers the job. @@ -80,8 +80,8 @@ func newDefaultScheduledJob() *ScheduledJob { Value: aws.Int(1), }, }, - Network: NetworkConfig{ - VPC: vpcConfig{ + Network: &NetworkConfig{ + VPC: &vpcConfig{ Placement: stringP(PublicSubnetPlacement), }, }, diff --git a/internal/pkg/manifest/job_test.go b/internal/pkg/manifest/job_test.go index d0a41bc743d..826430ede7e 100644 --- a/internal/pkg/manifest/job_test.go +++ b/internal/pkg/manifest/job_test.go @@ -122,8 +122,8 @@ func TestScheduledJob_ApplyEnv(t *testing.T) { Value: aws.Int(1), }, }, - Network: NetworkConfig{ - VPC: vpcConfig{ + Network: &NetworkConfig{ + VPC: &vpcConfig{ Placement: stringP(PublicSubnetPlacement), }, }, @@ -166,8 +166,8 @@ func TestScheduledJob_ApplyEnv(t *testing.T) { "LOG_LEVEL": "prod", }, }, - Network: NetworkConfig{ - VPC: vpcConfig{ + Network: &NetworkConfig{ + VPC: &vpcConfig{ Placement: stringP(PublicSubnetPlacement), }, }, diff --git a/internal/pkg/manifest/lb_web_svc.go b/internal/pkg/manifest/lb_web_svc.go index 8cee0714590..0238fc65968 100644 --- a/internal/pkg/manifest/lb_web_svc.go +++ b/internal/pkg/manifest/lb_web_svc.go @@ -51,7 +51,7 @@ type LoadBalancedWebServiceConfig struct { TaskConfig `yaml:",inline"` *Logging `yaml:"logging,flow"` Sidecars map[string]*SidecarConfig `yaml:"sidecars"` - Network NetworkConfig `yaml:"network"` + Network *NetworkConfig `yaml:"network"` // Fields that are used while marshaling the template for additional clarifications, // but don't correspond to a field in the manifests. @@ -116,8 +116,8 @@ func newDefaultLoadBalancedWebService() *LoadBalancedWebService { Enable: aws.Bool(false), }, }, - Network: NetworkConfig{ - VPC: vpcConfig{ + Network: &NetworkConfig{ + VPC: &vpcConfig{ Placement: stringP(PublicSubnetPlacement), }, }, diff --git a/internal/pkg/manifest/lb_web_svc_test.go b/internal/pkg/manifest/lb_web_svc_test.go index 2e561454879..424469eb3a9 100644 --- a/internal/pkg/manifest/lb_web_svc_test.go +++ b/internal/pkg/manifest/lb_web_svc_test.go @@ -65,8 +65,8 @@ func TestNewLoadBalancedWebService(t *testing.T) { Enable: aws.Bool(false), }, }, - Network: NetworkConfig{ - VPC: vpcConfig{ + Network: &NetworkConfig{ + VPC: &vpcConfig{ Placement: stringP("public"), }, }, @@ -352,8 +352,8 @@ func TestLoadBalancedWebService_ApplyEnv(t *testing.T) { Logging: &Logging{ ConfigFile: aws.String("mockConfigFile"), }, - Network: NetworkConfig{ - VPC: vpcConfig{ + Network: &NetworkConfig{ + VPC: &vpcConfig{ Placement: stringP("public"), SecurityGroups: []string{"sg-123"}, }, @@ -416,8 +416,8 @@ func TestLoadBalancedWebService_ApplyEnv(t *testing.T) { "FOO": "BAR", }, }, - Network: NetworkConfig{ - VPC: vpcConfig{ + Network: &NetworkConfig{ + VPC: &vpcConfig{ SecurityGroups: []string{"sg-456", "sg-789"}, }, }, @@ -505,8 +505,8 @@ func TestLoadBalancedWebService_ApplyEnv(t *testing.T) { "FOO": "BAR", }, }, - Network: NetworkConfig{ - VPC: vpcConfig{ + Network: &NetworkConfig{ + VPC: &vpcConfig{ Placement: stringP("public"), SecurityGroups: []string{"sg-456", "sg-789"}, }, @@ -549,7 +549,7 @@ func TestLoadBalancedWebService_ApplyEnv(t *testing.T) { }, }, }, - "with range override": { + "with range override and preserving network config": { in: &LoadBalancedWebService{ LoadBalancedWebServiceConfig: LoadBalancedWebServiceConfig{ TaskConfig: TaskConfig{ @@ -560,6 +560,12 @@ func TestLoadBalancedWebService_ApplyEnv(t *testing.T) { }, }, }, + Network: &NetworkConfig{ + VPC: &vpcConfig{ + Placement: stringP("public"), + SecurityGroups: []string{"sg-456", "sg-789"}, + }, + }, }, Environments: map[string]*LoadBalancedWebServiceConfig{ "prod-iad": {}, @@ -578,6 +584,12 @@ func TestLoadBalancedWebService_ApplyEnv(t *testing.T) { }, }, }, + Network: &NetworkConfig{ + VPC: &vpcConfig{ + Placement: stringP("public"), + SecurityGroups: []string{"sg-456", "sg-789"}, + }, + }, }, }, }, diff --git a/internal/pkg/manifest/svc_test.go b/internal/pkg/manifest/svc_test.go index d6bc40bb2d4..de61780beab 100644 --- a/internal/pkg/manifest/svc_test.go +++ b/internal/pkg/manifest/svc_test.go @@ -122,8 +122,8 @@ environments: "LOG_TOKEN": "LOG_TOKEN", }, }, - Network: NetworkConfig{ - VPC: vpcConfig{ + Network: &NetworkConfig{ + VPC: &vpcConfig{ Placement: stringP("public"), }, }, @@ -229,8 +229,8 @@ secrets: "API_TOKEN": "SUBS_API_TOKEN", }, }, - Network: NetworkConfig{ - VPC: vpcConfig{ + Network: &NetworkConfig{ + VPC: &vpcConfig{ Placement: stringP("public"), }, }, diff --git a/internal/pkg/manifest/workload.go b/internal/pkg/manifest/workload.go index df4437b5be9..708699f55ce 100644 --- a/internal/pkg/manifest/workload.go +++ b/internal/pkg/manifest/workload.go @@ -438,21 +438,25 @@ type TaskConfig struct { // NetworkConfig represents options for network connection to AWS resources within a VPC. type NetworkConfig struct { - VPC vpcConfig `yaml:"vpc"` + VPC *vpcConfig `yaml:"vpc"` } // UnmarshalYAML ensures that a NetworkConfig always defaults to public subnets. // If the user specified a placement that's not valid then throw an error. func (c *NetworkConfig) UnmarshalYAML(unmarshal func(interface{}) error) error { type networkWithDefaults NetworkConfig + defaultVPCConf := &vpcConfig{ + Placement: stringP(PublicSubnetPlacement), + } conf := networkWithDefaults{ - VPC: vpcConfig{ - Placement: stringP(PublicSubnetPlacement), - }, + VPC: defaultVPCConf, } if err := unmarshal(&conf); err != nil { return err } + if conf.VPC == nil { // If after unmarshaling the user did not specify VPC configuration then reset it to public. + conf.VPC = defaultVPCConf + } if !conf.VPC.isValidPlacement() { return fmt.Errorf("field '%s' is '%v' must be one of %#v", "network.vpc.placement", aws.StringValue(conf.VPC.Placement), subnetPlacements) } @@ -466,7 +470,7 @@ type vpcConfig struct { SecurityGroups []string `yaml:"security_groups"` } -func (c vpcConfig) isValidPlacement() bool { +func (c *vpcConfig) isValidPlacement() bool { if c.Placement == nil { return false } diff --git a/internal/pkg/manifest/workload_test.go b/internal/pkg/manifest/workload_test.go index 865310b6ca2..1788f0bf65b 100644 --- a/internal/pkg/manifest/workload_test.go +++ b/internal/pkg/manifest/workload_test.go @@ -518,7 +518,7 @@ func TestNetworkConfig_UnmarshalYAML(t *testing.T) { testCases := map[string]struct { data string - wantedConfig NetworkConfig + wantedConfig *NetworkConfig wantedErr error }{ "defaults to public placement if vpc is empty": { @@ -526,8 +526,8 @@ func TestNetworkConfig_UnmarshalYAML(t *testing.T) { network: vpc: `, - wantedConfig: NetworkConfig{ - VPC: vpcConfig{ + wantedConfig: &NetworkConfig{ + VPC: &vpcConfig{ Placement: stringP(PublicSubnetPlacement), }, }, @@ -549,8 +549,8 @@ network: - 'sg-1234' - 'sg-4567' `, - wantedConfig: NetworkConfig{ - VPC: vpcConfig{ + wantedConfig: &NetworkConfig{ + VPC: &vpcConfig{ Placement: stringP(PublicSubnetPlacement), SecurityGroups: []string{"sg-1234", "sg-4567"}, }, @@ -562,7 +562,7 @@ network: t.Run(name, func(t *testing.T) { // GIVEN type manifest struct { - Network NetworkConfig `yaml:"network"` + Network *NetworkConfig `yaml:"network"` } var m manifest