devops v1.0.52

build/cicd/internal/config/config.go

@@ -23,15 +23,21 @@ import (
 )
 
 const (
-	// ProjectNamePrefix will be appending to the name of the project.
-	ProjectNamePrefix = ""
-
 	// GitLabProjectBaseUrl is the base url used to create links to a specific CI/CD job or pipeline by ID.
 	GitLabProjectBaseUrl = "https://gitlab.com/geeks-accelerator/oss/saas-starter-kit"
 
 	// EnableRdsServerless will use the Aurora database engine that scales the capacity based on database load. This is
 	// a good option for intermittent or unpredictable workloads.
 	EnableRdsServerless = true
+
+	// EnableCloudFront will create a CloudFront distribution (CDN) that is associated with your public bucket.
+	// Static asset files will be served by CloudFront instead of from S3 which will improve performance.
+	EnableCloudFront = true
+)
+
+var (
+	// ProjectNamePrefix will be appending to the name of the project.
+	ProjectNamePrefix = ""
 )
 
 // Env defines the target deployment environment.
@@ -50,6 +56,11 @@ var EnvNames = []Env{
 	EnvProd,
 }
 
+// init ensures global variables are set correctly.
+func init() {
+	ProjectNamePrefix = strings.Replace(ProjectNamePrefix, ".", "-", -1)
+}
+
 // NewConfig defines the details to setup the target environment for the project to build services and functions.
 func NewConfig(log *log.Logger, targetEnv Env, awsCredentials devdeploy.AwsCredentials) (*devdeploy.Config, error) {
 	cfg := &devdeploy.Config{
@@ -100,7 +111,13 @@ func NewConfig(log *log.Logger, targetEnv Env, awsCredentials devdeploy.AwsCrede
 		// Its a true fork from the origin repo.
 		if remoteUser != "oss" && remoteUser != "geeks-accelerator" {
 			// Replace the prefix 'saas' with the parent directory name, hopefully the gitlab group/username.
-			cfg.ProjectName = filepath.Base(filepath.Dir(cfg.ProjectRoot)) + "-starter-kit"
+			projectPrefix := filepath.Base(filepath.Dir(cfg.ProjectRoot))
+			projectPrefix = strings.Replace(projectPrefix, ".", "", -1)
+			if len(projectPrefix) > 10 {
+				projectPrefix = projectPrefix[0:10]
+			}
+
+			cfg.ProjectName = projectPrefix + "-starter-kit"
 
 			log.Println("switching project name to ", cfg.ProjectName)
 		}
@@ -203,7 +220,7 @@ func NewConfig(log *log.Logger, targetEnv Env, awsCredentials devdeploy.AwsCrede
 	cfg.AwsS3BucketPublicKeyPrefix = "/public"
 
 	// For production, enable Cloudfront CDN for all static files to avoid serving them from the slower S3 option.
-	if cfg.Env == EnvProd {
+	if EnableCloudFront && cfg.Env == EnvProd {
 		cfg.AwsS3BucketPublic.CloudFront = &devdeploy.AwsS3BucketCloudFront{
 			// S3 key prefix to request your content from a directory in your Amazon S3 bucket.
 			OriginPath: cfg.AwsS3BucketPublicKeyPrefix,
@@ -430,12 +447,6 @@ func NewConfig(log *log.Logger, targetEnv Env, awsCredentials devdeploy.AwsCrede
 					Sid:    "DefaultServiceAccess",
 					Effect: "Allow",
 					Action: []string{
-						"s3:HeadBucket",
-						"s3:ListObjects",
-						"s3:PutObject",
-						"s3:PutObjectAcl",
-						"s3:GetObject",
-						"s3:HeadObject",
 						"cloudfront:ListDistributions",
 						"ec2:DescribeNetworkInterfaces",
 						"ec2:DeleteNetworkInterface",
@@ -459,6 +470,29 @@ func NewConfig(log *log.Logger, targetEnv Env, awsCredentials devdeploy.AwsCrede
 					},
 					Resource: "*",
 				},
+
+				{
+					Effect: "Allow",
+					Action: []string{
+						"s3:ListBucket",
+					},
+					Resource: []string{
+						"arn:aws:s3:::"+cfg.AwsS3BucketPublic.BucketName,
+						"arn:aws:s3:::"+cfg.AwsS3BucketPrivate.BucketName,
+					},
+				},
+				{
+					Effect: "Allow",
+					Action: []string{
+						"s3:PutObject",
+						"s3:PutObjectAcl",
+						"s3:GetObject",
+					},
+					Resource: []string{
+						"arn:aws:::"+cfg.AwsS3BucketPublic.BucketName+"/*",
+						"arn:aws:::"+cfg.AwsS3BucketPrivate.BucketName+"/*",
+					},
+				},
 				{
 					Sid:    "ServiceInvokeLambda",
 					Effect: "Allow",

go.mod

@@ -41,7 +41,7 @@ require (
 	github.com/tinylib/msgp v1.1.0 // indirect
 	github.com/urfave/cli v1.21.0
 	github.com/xwb1989/sqlparser v0.0.0-20180606152119-120387863bf2
-	gitlab.com/geeks-accelerator/oss/devops v1.0.44
+	gitlab.com/geeks-accelerator/oss/devops v1.0.52
 	golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4
 	golang.org/x/net v0.0.0-20190813141303-74dc4d7220e7
 	golang.org/x/tools v0.0.0-20190807223507-b346f7fd45de // indirect

go.sum

@@ -219,6 +219,10 @@ gitlab.com/geeks-accelerator/oss/devops v1.0.32 h1:0fN8MBRbmPmQQXaM3KTSsRagocpoJ
 gitlab.com/geeks-accelerator/oss/devops v1.0.32/go.mod h1:xr+rhNSDXrEh0A6bkBPnfMiRIou3OiPZK0oD5h9GAAM=
 gitlab.com/geeks-accelerator/oss/devops v1.0.44 h1:AgJEnEZlnoBPIL9ibzNwrXxCMzqQxJS24fZRKdIX2D4=
 gitlab.com/geeks-accelerator/oss/devops v1.0.44/go.mod h1:xr+rhNSDXrEh0A6bkBPnfMiRIou3OiPZK0oD5h9GAAM=
+gitlab.com/geeks-accelerator/oss/devops v1.0.51 h1:Mx9VltzL+IyLKKRwbwiChxM9tQorJTR441idwjfcM/k=
+gitlab.com/geeks-accelerator/oss/devops v1.0.51/go.mod h1:xr+rhNSDXrEh0A6bkBPnfMiRIou3OiPZK0oD5h9GAAM=
+gitlab.com/geeks-accelerator/oss/devops v1.0.52 h1:yDdDBOI+Eadi7nf/SFU7cjB2St0WOVpzP2X49upBV9c=
+gitlab.com/geeks-accelerator/oss/devops v1.0.52/go.mod h1:xr+rhNSDXrEh0A6bkBPnfMiRIou3OiPZK0oD5h9GAAM=
 golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=