Make settings service more event based for communication with onboarding

Fix hosted zone bug by reusing an existing hosted zone for the domain
name.

Author: brtrvn

functions/core-stack-listener/src/main/java/com/amazon/aws/partners/saasfactory/saasboost/CoreStackListener.java

@@ -78,37 +78,38 @@ public Object handleRequest(SNSEvent event, Context context) {
                 ListStackResourcesResponse resources = cfn.listStackResources(req -> req
                         .stackName(cloudFormationEvent.getStackId())
                 );
+                Map<String, Object> appConfig = new HashMap<>();
+                Map<String, Object> services = new HashMap<>();
                 for (StackResourceSummary resource : resources.stackResourceSummaries()) {
 //                    LOGGER.debug("Processing resource {} {} {} {}", resource.resourceType(),
 //                            resource.resourceStatusAsString(), resource.logicalResourceId(),
 //                            resource.physicalResourceId());
-                    if ("CREATE_COMPLETE".equals(resource.resourceStatusAsString())) {
-                        if ("AWS::ECR::Repository".equals(resource.resourceType())) {
-                            String ecrRepo = resource.physicalResourceId();
-                            String serviceName = resource.logicalResourceId();
-                            LOGGER.info("Publishing appConfig update event for ECR repository {} {}", serviceName,
-                                    ecrRepo);
-                            Map<String, Object> systemApiRequest = new HashMap<>();
-                            systemApiRequest.put("resource", "settings/config/" + serviceName + "/ECR_REPO");
-                            systemApiRequest.put("method", "PUT");
-                            systemApiRequest.put("body", Utils.toJson(Map.of("value", ecrRepo)));
-                            Utils.publishEvent(eventBridge, SAAS_BOOST_EVENT_BUS, EVENT_SOURCE, SYSTEM_API_CALL,
-                                    systemApiRequest);
-                        } else if ("AWS::Route53::HostedZone".equals(resource.resourceType())) {
-                            // Make this an event vs directly calling the Settings Service API because when this
-                            // CloudFormation stack first completes, the Settings Service may not even exist yet
-                            // Could also look at matching against UPDATE_COMPLETE
-//                            String hostedZoneId = resource.physicalResourceId();
-//                            LOGGER.info("Publishing appConfig update event for Route53 hosted zone {}", hostedZoneId);
-//                            Map<String, Object> systemApiRequest = new HashMap<>();
-//                            systemApiRequest.put("resource", "settings/HOSTED_ZONE");
-//                            systemApiRequest.put("method", "PUT");
-//                            //systemApiRequest.put("body", Utils.toJson(Map.of("value", ecrRepo)));
-//                            Utils.publishEvent(eventBridge, SAAS_BOOST_EVENT_BUS, EVENT_SOURCE, SYSTEM_API_CALL,
-//                                    systemApiRequest);
+                    if ("CREATE_COMPLETE".equals(resource.resourceStatusAsString())
+                            && "AWS::ECR::Repository".equals(resource.resourceType())) {
+                        String ecrRepo = resource.physicalResourceId();
+                        String serviceName = resource.logicalResourceId();
+                        LOGGER.info("Publishing appConfig update event for ECR repository {} {}", serviceName,
+                                ecrRepo);
+                        services.put(serviceName, Map.of("containerRepo", ecrRepo));
+                    } else if ("CREATE_COMPLETE".equals(resource.resourceStatusAsString())
+                            || "UPDATE_COMPLETE".equals(resource.resourceStatusAsString())) {
+                        if ("AWS::Route53::HostedZone".equals(resource.resourceType())) {
+                            // When CloudFormation stack first completes, the Settings Service won't even exist yet.
+                            String hostedZoneId = resource.physicalResourceId();
+                            LOGGER.info("Publishing appConfig update event for Route53 hosted zone {}", hostedZoneId);
+                            appConfig.put("hostedZone", hostedZoneId);
                         }
                     }
                 }
+                // Only fire one event for all the app config resources changes by this stack
+                if (!services.isEmpty()) {
+                    appConfig.put("services", services);
+                }
+                if (!appConfig.isEmpty()) {
+                    Utils.publishEvent(eventBridge, SAAS_BOOST_EVENT_BUS, EVENT_SOURCE,
+                            "Application Configuration Resource Changed",
+                            appConfig);
+                }
             } catch (SdkServiceException cfnError) {
                 LOGGER.error("cfn:ListStackResources error", cfnError);
                 LOGGER.error(Utils.getFullStackTrace(cfnError));

functions/core-stack-listener/update_service.sh

@@ -0,0 +1,57 @@
+#!/bin/bash
+# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License").
+# You may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+if [ -z $1 ]; then
+    echo "Usage: $0 <Environment> [Lambda Folder]"
+    exit 2
+fi
+
+MY_AWS_REGION=$(aws configure list | grep region | awk '{print $2}')
+echo "AWS Region = $MY_AWS_REGION"
+
+ENVIRONMENT=$1
+LAMBDA_STAGE_FOLDER=$2
+if [ -z $LAMBDA_STAGE_FOLDER ]; then
+	LAMBDA_STAGE_FOLDER="lambdas"
+fi
+LAMBDA_CODE=CoreStackListener-lambda.zip
+
+#set this for V2 AWS CLI to disable paging
+export AWS_PAGER=""
+
+SAAS_BOOST_BUCKET=$(aws --region $MY_AWS_REGION ssm get-parameter --name "/saas-boost/${ENVIRONMENT}/SAAS_BOOST_BUCKET" --query 'Parameter.Value' --output text)
+echo "SaaS Boost Bucket = $SAAS_BOOST_BUCKET"
+if [ -z $SAAS_BOOST_BUCKET ]; then
+    echo "Can't find SAAS_BOOST_BUCKET in Parameter Store"
+    exit 1
+fi
+
+# Do a fresh build of the project
+mvn
+if [ $? -ne 0 ]; then
+    echo "Error building project"
+    exit 1
+fi
+
+# And copy it up to S3
+aws s3 cp target/$LAMBDA_CODE s3://$SAAS_BOOST_BUCKET/$LAMBDA_STAGE_FOLDER/
+
+FUNCTIONS=("sb-${ENVIRONMENT}-core-stack-listener" 
+        )
+
+for FUNCTION in ${FUNCTIONS[@]}; do
+	#echo $FUNCTION
+	aws lambda --region $MY_AWS_REGION update-function-code --function-name $FUNCTION --s3-bucket $SAAS_BOOST_BUCKET --s3-key $LAMBDA_STAGE_FOLDER/$LAMBDA_CODE
+done

resources/saas-boost-core.yaml

@@ -54,13 +54,19 @@ Parameters:
     Description: The domain your workload is hosted at formatted as [env].[domain].[com]
     Type: String
     Default: ''
+  HostedZone:
+    Description: The existing Route53 hosted zone id for the domain name
+    Type: String
+    Default: ''
 Conditions:
-  HasDomainName: !Not [!Equals [!Ref DomainName, '']]
+  CreateHostedZone: !And
+    - !Not [!Equals [!Ref DomainName, '']]
+    - !Equals [!Ref HostedZone, '']
 Resources:
   # Route 53 hosted zone. This hosted zone's name servers will need to be added to primary
-  HostedZone:
+  PublicDomainHostedZone:
     Type: AWS::Route53::HostedZone
-    Condition: HasDomainName
+    Condition: CreateHostedZone
     Properties:
       HostedZoneConfig:
         Comment: !Sub ${DomainName} Public DNS zone