From 150758002928b713a0b91bb9fdd7d0f4d58fb6c8 Mon Sep 17 00:00:00 2001 From: Lee Brown Date: Fri, 20 Dec 2019 09:17:33 -0900 Subject: [PATCH] devops v1.0.52 --- build/cicd/internal/config/config.go | 56 ++++++++++++++++++++++------ go.mod | 2 +- go.sum | 4 ++ 3 files changed, 50 insertions(+), 12 deletions(-) diff --git a/build/cicd/internal/config/config.go b/build/cicd/internal/config/config.go index dc056f8..3552548 100644 --- a/build/cicd/internal/config/config.go +++ b/build/cicd/internal/config/config.go @@ -23,15 +23,21 @@ import ( ) const ( - // ProjectNamePrefix will be appending to the name of the project. - ProjectNamePrefix = "" - // GitLabProjectBaseUrl is the base url used to create links to a specific CI/CD job or pipeline by ID. GitLabProjectBaseUrl = "https://gitlab.com/geeks-accelerator/oss/saas-starter-kit" // EnableRdsServerless will use the Aurora database engine that scales the capacity based on database load. This is // a good option for intermittent or unpredictable workloads. EnableRdsServerless = true + + // EnableCloudFront will create a CloudFront distribution (CDN) that is associated with your public bucket. + // Static asset files will be served by CloudFront instead of from S3 which will improve performance. + EnableCloudFront = true +) + +var ( + // ProjectNamePrefix will be appending to the name of the project. + ProjectNamePrefix = "" ) // Env defines the target deployment environment. @@ -50,6 +56,11 @@ var EnvNames = []Env{ EnvProd, } +// init ensures global variables are set correctly. +func init() { + ProjectNamePrefix = strings.Replace(ProjectNamePrefix, ".", "-", -1) +} + // NewConfig defines the details to setup the target environment for the project to build services and functions. func NewConfig(log *log.Logger, targetEnv Env, awsCredentials devdeploy.AwsCredentials) (*devdeploy.Config, error) { cfg := &devdeploy.Config{ @@ -100,7 +111,13 @@ func NewConfig(log *log.Logger, targetEnv Env, awsCredentials devdeploy.AwsCrede // Its a true fork from the origin repo. if remoteUser != "oss" && remoteUser != "geeks-accelerator" { // Replace the prefix 'saas' with the parent directory name, hopefully the gitlab group/username. - cfg.ProjectName = filepath.Base(filepath.Dir(cfg.ProjectRoot)) + "-starter-kit" + projectPrefix := filepath.Base(filepath.Dir(cfg.ProjectRoot)) + projectPrefix = strings.Replace(projectPrefix, ".", "", -1) + if len(projectPrefix) > 10 { + projectPrefix = projectPrefix[0:10] + } + + cfg.ProjectName = projectPrefix + "-starter-kit" log.Println("switching project name to ", cfg.ProjectName) } @@ -203,7 +220,7 @@ func NewConfig(log *log.Logger, targetEnv Env, awsCredentials devdeploy.AwsCrede cfg.AwsS3BucketPublicKeyPrefix = "/public" // For production, enable Cloudfront CDN for all static files to avoid serving them from the slower S3 option. - if cfg.Env == EnvProd { + if EnableCloudFront && cfg.Env == EnvProd { cfg.AwsS3BucketPublic.CloudFront = &devdeploy.AwsS3BucketCloudFront{ // S3 key prefix to request your content from a directory in your Amazon S3 bucket. OriginPath: cfg.AwsS3BucketPublicKeyPrefix, @@ -430,12 +447,6 @@ func NewConfig(log *log.Logger, targetEnv Env, awsCredentials devdeploy.AwsCrede Sid: "DefaultServiceAccess", Effect: "Allow", Action: []string{ - "s3:HeadBucket", - "s3:ListObjects", - "s3:PutObject", - "s3:PutObjectAcl", - "s3:GetObject", - "s3:HeadObject", "cloudfront:ListDistributions", "ec2:DescribeNetworkInterfaces", "ec2:DeleteNetworkInterface", @@ -459,6 +470,29 @@ func NewConfig(log *log.Logger, targetEnv Env, awsCredentials devdeploy.AwsCrede }, Resource: "*", }, + + { + Effect: "Allow", + Action: []string{ + "s3:ListBucket", + }, + Resource: []string{ + "arn:aws:s3:::"+cfg.AwsS3BucketPublic.BucketName, + "arn:aws:s3:::"+cfg.AwsS3BucketPrivate.BucketName, + }, + }, + { + Effect: "Allow", + Action: []string{ + "s3:PutObject", + "s3:PutObjectAcl", + "s3:GetObject", + }, + Resource: []string{ + "arn:aws:::"+cfg.AwsS3BucketPublic.BucketName+"/*", + "arn:aws:::"+cfg.AwsS3BucketPrivate.BucketName+"/*", + }, + }, { Sid: "ServiceInvokeLambda", Effect: "Allow", diff --git a/go.mod b/go.mod index 3aa2d20..64f6166 100644 --- a/go.mod +++ b/go.mod @@ -41,7 +41,7 @@ require ( github.com/tinylib/msgp v1.1.0 // indirect github.com/urfave/cli v1.21.0 github.com/xwb1989/sqlparser v0.0.0-20180606152119-120387863bf2 - gitlab.com/geeks-accelerator/oss/devops v1.0.44 + gitlab.com/geeks-accelerator/oss/devops v1.0.52 golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4 golang.org/x/net v0.0.0-20190813141303-74dc4d7220e7 golang.org/x/tools v0.0.0-20190807223507-b346f7fd45de // indirect diff --git a/go.sum b/go.sum index 9949147..de8e0ca 100644 --- a/go.sum +++ b/go.sum @@ -219,6 +219,10 @@ gitlab.com/geeks-accelerator/oss/devops v1.0.32 h1:0fN8MBRbmPmQQXaM3KTSsRagocpoJ gitlab.com/geeks-accelerator/oss/devops v1.0.32/go.mod h1:xr+rhNSDXrEh0A6bkBPnfMiRIou3OiPZK0oD5h9GAAM= gitlab.com/geeks-accelerator/oss/devops v1.0.44 h1:AgJEnEZlnoBPIL9ibzNwrXxCMzqQxJS24fZRKdIX2D4= gitlab.com/geeks-accelerator/oss/devops v1.0.44/go.mod h1:xr+rhNSDXrEh0A6bkBPnfMiRIou3OiPZK0oD5h9GAAM= +gitlab.com/geeks-accelerator/oss/devops v1.0.51 h1:Mx9VltzL+IyLKKRwbwiChxM9tQorJTR441idwjfcM/k= +gitlab.com/geeks-accelerator/oss/devops v1.0.51/go.mod h1:xr+rhNSDXrEh0A6bkBPnfMiRIou3OiPZK0oD5h9GAAM= +gitlab.com/geeks-accelerator/oss/devops v1.0.52 h1:yDdDBOI+Eadi7nf/SFU7cjB2St0WOVpzP2X49upBV9c= +gitlab.com/geeks-accelerator/oss/devops v1.0.52/go.mod h1:xr+rhNSDXrEh0A6bkBPnfMiRIou3OiPZK0oD5h9GAAM= golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=