diff --git a/truflation/infra/cdk_main.go b/truflation/infra/cdk_main.go index 06aa59ef7..4c663e9f6 100644 --- a/truflation/infra/cdk_main.go +++ b/truflation/infra/cdk_main.go @@ -2,15 +2,15 @@ package main import ( "github.com/aws/aws-cdk-go/awscdk/v2" + "github.com/aws/aws-cdk-go/awscdk/v2/awsec2" "github.com/aws/aws-cdk-go/awscdk/v2/awsecr" "github.com/aws/aws-cdk-go/awscdk/v2/awsecrassets" + "github.com/aws/aws-cdk-go/awscdk/v2/awsiam" + "github.com/aws/aws-cdk-go/awscdk/v2/awss3" "github.com/aws/jsii-runtime-go" "infra/config" "os" - "github.com/aws/aws-cdk-go/awscdk/v2/awsec2" - "github.com/aws/aws-cdk-go/awscdk/v2/awsiam" - "github.com/aws/constructs-go/constructs/v10" ) @@ -100,7 +100,12 @@ func TsnDBCdkStack(scope constructs.Construct, id string, props *CdkStackProps) // Create instance using imageAsset hash so that the instance is recreated when the image changes. newName := "TsnDBInstance" + *imageAsset.AssetHash() - instance, instanceRole := createInstance(stack, newName, vpcInstance) + bucketName := "kwil-binaries" + kwilGatewayBucket := awss3.Bucket_FromBucketName(stack, jsii.String("KwilGatewayBucket"), jsii.String(bucketName)) + objPath := "gateway/kgw_v0.1.2.zip" + + instanceRole := createInstanceRole(stack, kwilGatewayBucket, objPath) + instance := createInstance(stack, instanceRole, newName, vpcInstance) deployImageOnInstance(stack, instance, imageAsset, repo) @@ -115,7 +120,7 @@ func TsnDBCdkStack(scope constructs.Construct, id string, props *CdkStackProps) return stack } -func createInstance(stack awscdk.Stack, name string, vpc awsec2.IVpc) (awsec2.Instance, awsiam.IRole) { +func createInstance(stack awscdk.Stack, instanceRole awsiam.IRole, name string, vpc awsec2.IVpc) awsec2.Instance { // Create security group. instanceSG := awsec2.NewSecurityGroup(stack, jsii.String("NodeSG"), &awsec2.SecurityGroupProps{ Vpc: vpc, @@ -159,11 +164,6 @@ func createInstance(stack awscdk.Stack, name string, vpc awsec2.IVpc) (awsec2.In keyPair = jsii.String(config.KeyPairName(stack)) } - // Create instance role. - instanceRole := awsiam.NewRole(stack, jsii.String("InstanceRole"), &awsiam.RoleProps{ - AssumedBy: awsiam.NewServicePrincipal(jsii.String("ec2.amazonaws.com"), nil), - }) - instance := awsec2.NewInstance(stack, jsii.String(name), &awsec2.InstanceProps{ InstanceType: awsec2.InstanceType_Of(awsec2.InstanceClass_T3, awsec2.InstanceSize_SMALL), // ubuntu 22.04 @@ -192,7 +192,17 @@ func createInstance(stack awscdk.Stack, name string, vpc awsec2.IVpc) (awsec2.In AllocationId: eip.AttrAllocationId(), }) - return instance, instanceRole + return instance +} + +func createInstanceRole(stack awscdk.Stack, kwilGatewayBucket awss3.IBucket, objPath string) awsiam.IRole { + instanceRole := awsiam.NewRole(stack, jsii.String("InstanceRole"), &awsiam.RoleProps{ + AssumedBy: awsiam.NewServicePrincipal(jsii.String("ec2.amazonaws.com"), nil), + }) + + kwilGatewayBucket.GrantRead(instanceRole, jsii.String(objPath)) + + return instanceRole } func deployImageOnInstance(stack awscdk.Stack, instance awsec2.Instance, imageAsset awsecrassets.DockerImageAsset, repo awsecr.IRepository) { @@ -246,7 +256,14 @@ systemctl enable tsn-db-app.service systemctl start tsn-db-app.service ` - instance.AddUserData(&script1Content) + kwilGatewayBinaryScript := `#!/bin/bash +unzip /tmp/kwil-binaries/kgw_v0.1.2.zip -d /tmp/kwil-binaries +mkdir -p /tmp/kwil-binaries/kgw_v0.1.2/kgw_0.1.2_linux_arm64 +tar -xf /tmp/kwil-binaries/kgw_v0.1.2/kgw_0.1.2_linux_arm64.tar.gz -C /tmp/kwil-binaries/kgw_v0.1.2/kgw_0.1.2_linux_arm64 +chmod +x /tmp/kwil-binaries/kgw_v0.1.2/kgw_0.1.2_linux_arm64/kgw +` + + instance.AddUserData(&script1Content, &kwilGatewayBinaryScript) } func main() {