From 09a894aab522542157730f1e2c4faf9358ab31dd Mon Sep 17 00:00:00 2001 From: William Putra Intan <61998484+williamputraintan@users.noreply.github.com> Date: Wed, 10 Apr 2024 17:53:09 +1000 Subject: [PATCH 01/16] REFACTOR stack --- config/constants.ts | 129 +++++++++--------- .../orcabus-stateful-pipeline-stack.ts | 53 ++++--- .../component.ts => components/vpc/index.ts} | 0 lib/workload/orcabus-stateful-stack.ts | 80 ----------- lib/workload/orcabus-stateless-stack.ts | 2 +- .../stateful/securitygroup/component.ts | 27 ---- .../{ => stacks}/ica_event_pipe/README.md | 0 .../construct/ica_event_pipe/index.ts | 0 .../{ => stacks}/ica_event_pipe/stack.ts | 0 .../stacks/shared/constructs/compute/index.ts | 32 +++++ .../shared/constructs/database/index.ts} | 6 +- .../shared/constructs/event_source/index.ts} | 0 .../shared/constructs/eventbridge/index.ts} | 0 .../constructs/schemaregistry/index.ts} | 0 lib/workload/stateful/stacks/shared/stack.ts | 51 +++++++ .../{ => stacks}/token_service/Makefile | 0 .../{ => stacks}/token_service/README.md | 0 .../deploy/construct/policy/index.ts | 0 .../token_service/deploy/stack.ts | 0 .../token_service/deps/requirements-test.txt | 0 .../token_service/token_service/__init__.py | 0 .../token_service/cognitor/__init__.py | 0 .../token_service/cognitor/tests.py | 0 .../token_service/token_service/helper.py | 0 .../token_service/rotate_service_jwt.py | 0 .../token_service/rotate_service_user.py | 0 .../stateful-stack-collection-class.ts | 50 +++++++ test/stateful/databaseConstruct.test.ts | 2 +- test/stateful/eventSourceConstruct.test.ts | 2 +- test/stateful/eventbusConstruct.test.ts | 2 +- test/stateful/icaEventPipeConstruct.test.ts | 2 +- test/stateful/schemaRegistryConstruct.test.ts | 2 +- test/stateful/securityGroupConstruct.test.ts | 4 +- test/stateful/stateful-deployment.test.ts | 2 +- test/stateful/tokenServiceConstruct.test.ts | 2 +- 35 files changed, 241 insertions(+), 207 deletions(-) rename lib/workload/{stateful/vpc/component.ts => components/vpc/index.ts} (100%) delete mode 100644 lib/workload/orcabus-stateful-stack.ts delete mode 100644 lib/workload/stateful/securitygroup/component.ts rename lib/workload/stateful/{ => stacks}/ica_event_pipe/README.md (100%) rename lib/workload/stateful/{ => stacks}/ica_event_pipe/construct/ica_event_pipe/index.ts (100%) rename lib/workload/stateful/{ => stacks}/ica_event_pipe/stack.ts (100%) create mode 100644 lib/workload/stateful/stacks/shared/constructs/compute/index.ts rename lib/workload/stateful/{database/component.ts => stacks/shared/constructs/database/index.ts} (97%) rename lib/workload/stateful/{event_source/component.ts => stacks/shared/constructs/event_source/index.ts} (100%) rename lib/workload/stateful/{eventbridge/component.ts => stacks/shared/constructs/eventbridge/index.ts} (100%) rename lib/workload/stateful/{schemaregistry/component.ts => stacks/shared/constructs/schemaregistry/index.ts} (100%) create mode 100644 lib/workload/stateful/stacks/shared/stack.ts rename lib/workload/stateful/{ => stacks}/token_service/Makefile (100%) rename lib/workload/stateful/{ => stacks}/token_service/README.md (100%) rename lib/workload/stateful/{ => stacks}/token_service/deploy/construct/policy/index.ts (100%) rename lib/workload/stateful/{ => stacks}/token_service/deploy/stack.ts (100%) rename lib/workload/stateful/{ => stacks}/token_service/deps/requirements-test.txt (100%) rename lib/workload/stateful/{ => stacks}/token_service/token_service/__init__.py (100%) rename lib/workload/stateful/{ => stacks}/token_service/token_service/cognitor/__init__.py (100%) rename lib/workload/stateful/{ => stacks}/token_service/token_service/cognitor/tests.py (100%) rename lib/workload/stateful/{ => stacks}/token_service/token_service/helper.py (100%) rename lib/workload/stateful/{ => stacks}/token_service/token_service/rotate_service_jwt.py (100%) rename lib/workload/stateful/{ => stacks}/token_service/token_service/rotate_service_user.py (100%) create mode 100644 lib/workload/stateful/stateful-stack-collection-class.ts diff --git a/config/constants.ts b/config/constants.ts index aba3fe1da..fb3be21a8 100644 --- a/config/constants.ts +++ b/config/constants.ts @@ -1,14 +1,16 @@ -import { OrcaBusStatefulConfig } from '../lib/workload/orcabus-stateful-stack'; import { AuroraPostgresEngineVersion } from 'aws-cdk-lib/aws-rds'; import { OrcaBusStatelessConfig } from '../lib/workload/orcabus-stateless-stack'; import { Duration, RemovalPolicy } from 'aws-cdk-lib'; -import { EventSourceProps } from '../lib/workload/stateful/event_source/component'; +import { EventSourceProps } from '../lib/workload/stateful/stacks/shared/constructs/event_source'; import { DbAuthType } from '../lib/workload/stateless/postgres_manager/function/type'; import { FILEMANAGER_SERVICE_NAME, FilemanagerConfig, } from '../lib/workload/stateless/filemanager/deploy/lib/filemanager'; -import { IcaEventPipeStackProps } from '../lib/workload/stateful/ica_event_pipe/stack'; +import { IcaEventPipeStackProps } from '../lib/workload/stateful/stacks/ica_event_pipe/stack'; +import { StatefulStackCollectionProps } from '../lib/workload/stateful/stateful-stack-collection-class'; + +const region = 'ap-southeast-2'; // upstream infra: vpc const vpcName = 'main-vpc'; @@ -76,9 +78,8 @@ const orcaBusStatefulConfig = { clusterEndpointHostParameterName: dbClusterEndpointHostParameterName, secretRotationSchedule: Duration.days(7), }, - securityGroupProps: { + computeConfig: { securityGroupName: lambdaSecurityGroupName, - securityGroupDescription: 'allow within same SecurityGroup and rds SG', }, icaEventPipeProps: icaEventPipeProps, tokenServiceProps: { @@ -156,9 +157,10 @@ const filemanagerConfig = (bucket: string): FilemanagerConfig => { interface EnvironmentConfig { name: string; + region: string; accountId: string; stackProps: { - orcaBusStatefulConfig: OrcaBusStatefulConfig; + statefulConfig: StatefulStackCollectionProps; orcaBusStatelessConfig: OrcaBusStatelessConfig; }; } @@ -182,30 +184,27 @@ export const getEnvironmentConfig = ( case 'beta': config = { name: 'beta', + region, accountId: '843407916570', // umccr_development stackProps: { - orcaBusStatefulConfig: { - schemaRegistryProps: { - ...orcaBusStatefulConfig.schemaRegistryProps, - }, - eventBusProps: { - ...orcaBusStatefulConfig.eventBusProps, - }, - databaseProps: { - ...orcaBusStatefulConfig.databaseProps, - numberOfInstance: 1, - minACU: 0.5, - maxACU: 16, - enhancedMonitoringInterval: Duration.seconds(60), - enablePerformanceInsights: true, - removalPolicy: RemovalPolicy.DESTROY, + statefulConfig: { + sharedStackProps: { + schemaRegistryProps: orcaBusStatefulConfig.schemaRegistryProps, + eventBusProps: orcaBusStatefulConfig.eventBusProps, + databaseProps: { + ...orcaBusStatefulConfig.databaseProps, + numberOfInstance: 1, + minACU: 0.5, + maxACU: 16, + enhancedMonitoringInterval: Duration.seconds(60), + enablePerformanceInsights: true, + removalPolicy: RemovalPolicy.DESTROY, + }, + computeConfig: orcaBusStatefulConfig.computeConfig, + eventSourceProps: eventSourceConfig(devBucket), }, - securityGroupProps: { - ...orcaBusStatefulConfig.securityGroupProps, - }, - eventSourceProps: eventSourceConfig(devBucket), - icaEventPipeProps: orcaBusStatefulConfig.icaEventPipeProps, - tokenServiceProps: { ...orcaBusStatefulConfig.tokenServiceProps }, + tokenServiceStackProps: orcaBusStatefulConfig.tokenServiceProps, + icaEventPipeStackProps: orcaBusStatefulConfig.icaEventPipeProps, }, orcaBusStatelessConfig: { ...orcaBusStatelessConfig, @@ -218,30 +217,27 @@ export const getEnvironmentConfig = ( case 'gamma': config = { name: 'gamma', + region, accountId: '455634345446', // umccr_staging stackProps: { - orcaBusStatefulConfig: { - schemaRegistryProps: { - ...orcaBusStatefulConfig.schemaRegistryProps, - }, - eventBusProps: { - ...orcaBusStatefulConfig.eventBusProps, + statefulConfig: { + sharedStackProps: { + schemaRegistryProps: orcaBusStatefulConfig.schemaRegistryProps, + eventBusProps: orcaBusStatefulConfig.eventBusProps, + databaseProps: { + ...orcaBusStatefulConfig.databaseProps, + numberOfInstance: 1, + minACU: 0.5, + maxACU: 16, + enhancedMonitoringInterval: Duration.seconds(60), + enablePerformanceInsights: true, + removalPolicy: RemovalPolicy.DESTROY, + }, + computeConfig: orcaBusStatefulConfig.computeConfig, + eventSourceProps: eventSourceConfig(stgBucket), }, - databaseProps: { - ...orcaBusStatefulConfig.databaseProps, - numberOfInstance: 1, - minACU: 0.5, - maxACU: 16, - enhancedMonitoringInterval: Duration.seconds(60), - enablePerformanceInsights: true, - removalPolicy: RemovalPolicy.DESTROY, - }, - securityGroupProps: { - ...orcaBusStatefulConfig.securityGroupProps, - }, - eventSourceProps: eventSourceConfig(stgBucket), - icaEventPipeProps: orcaBusStatefulConfig.icaEventPipeProps, - tokenServiceProps: { ...orcaBusStatefulConfig.tokenServiceProps }, + tokenServiceStackProps: orcaBusStatefulConfig.tokenServiceProps, + icaEventPipeStackProps: orcaBusStatefulConfig.icaEventPipeProps, }, orcaBusStatelessConfig: { ...orcaBusStatelessConfig, @@ -254,28 +250,25 @@ export const getEnvironmentConfig = ( case 'prod': config = { name: 'prod', + region, accountId: '472057503814', // umccr_production stackProps: { - orcaBusStatefulConfig: { - schemaRegistryProps: { - ...orcaBusStatefulConfig.schemaRegistryProps, - }, - eventBusProps: { - ...orcaBusStatefulConfig.eventBusProps, - }, - databaseProps: { - ...orcaBusStatefulConfig.databaseProps, - numberOfInstance: 1, - minACU: 0.5, - maxACU: 16, - removalPolicy: RemovalPolicy.RETAIN, - }, - securityGroupProps: { - ...orcaBusStatefulConfig.securityGroupProps, + statefulConfig: { + sharedStackProps: { + schemaRegistryProps: orcaBusStatefulConfig.schemaRegistryProps, + eventBusProps: orcaBusStatefulConfig.eventBusProps, + databaseProps: { + ...orcaBusStatefulConfig.databaseProps, + numberOfInstance: 1, + minACU: 0.5, + maxACU: 16, + removalPolicy: RemovalPolicy.RETAIN, + }, + computeConfig: orcaBusStatefulConfig.computeConfig, + eventSourceProps: eventSourceConfig(prodBucket), }, - eventSourceProps: eventSourceConfig(prodBucket), - icaEventPipeProps: orcaBusStatefulConfig.icaEventPipeProps, - tokenServiceProps: { ...orcaBusStatefulConfig.tokenServiceProps }, + tokenServiceStackProps: orcaBusStatefulConfig.tokenServiceProps, + icaEventPipeStackProps: orcaBusStatefulConfig.icaEventPipeProps, }, orcaBusStatelessConfig: { ...orcaBusStatelessConfig, @@ -286,7 +279,7 @@ export const getEnvironmentConfig = ( break; } - validateSecretName(config.stackProps.orcaBusStatefulConfig.databaseProps.masterSecretName); + // validateSecretName(config.stackProps.orcaBusStatefulConfig.databaseProps.masterSecretName); return config; }; diff --git a/lib/pipeline/orcabus-stateful-pipeline-stack.ts b/lib/pipeline/orcabus-stateful-pipeline-stack.ts index 9d8f98e1f..d851c9af7 100644 --- a/lib/pipeline/orcabus-stateful-pipeline-stack.ts +++ b/lib/pipeline/orcabus-stateful-pipeline-stack.ts @@ -7,8 +7,11 @@ import * as iam from 'aws-cdk-lib/aws-iam'; import * as codepipeline from 'aws-cdk-lib/aws-codepipeline'; import * as chatbot from 'aws-cdk-lib/aws-chatbot'; import * as codestarnotifications from 'aws-cdk-lib/aws-codestarnotifications'; -import { OrcaBusStatefulConfig, OrcaBusStatefulStack } from '../workload/orcabus-stateful-stack'; import { getEnvironmentConfig } from '../../config/constants'; +import { + StatefulStackCollectionProps, + StatefulStackCollection, +} from '../workload/stateful/stateful-stack-collection-class'; export class StatefulPipelineStack extends cdk.Stack { constructor(scope: Construct, id: string, props: cdk.StackProps) { @@ -83,9 +86,15 @@ export class StatefulPipelineStack extends cdk.Stack { const betaConfig = getEnvironmentConfig('beta'); if (!betaConfig) throw new Error(`No 'Beta' account configuration`); pipeline.addStage( - new OrcaBusStatefulDeploymentStage(this, 'BetaDeployment', betaConfig.stackProps, { - account: betaConfig.accountId, - }) + new OrcaBusStatefulDeploymentStage( + this, + 'BetaDeployment', + betaConfig.stackProps.statefulConfig, + { + account: betaConfig.accountId, + region: betaConfig.region, + } + ) ); /** @@ -94,9 +103,15 @@ export class StatefulPipelineStack extends cdk.Stack { const gammaConfig = getEnvironmentConfig('gamma'); if (!gammaConfig) throw new Error(`No 'Gamma' account configuration`); pipeline.addStage( - new OrcaBusStatefulDeploymentStage(this, 'GammaDeployment', gammaConfig.stackProps, { - account: gammaConfig.accountId, - }), + new OrcaBusStatefulDeploymentStage( + this, + 'GammaDeployment', + gammaConfig.stackProps.statefulConfig, + { + account: gammaConfig.accountId, + region: gammaConfig.region, + } + ), { pre: [new pipelines.ManualApprovalStep('PromoteToGamma')] } ); @@ -106,9 +121,15 @@ export class StatefulPipelineStack extends cdk.Stack { const prodConfig = getEnvironmentConfig('prod'); if (!prodConfig) throw new Error(`No 'Prod' account configuration`); pipeline.addStage( - new OrcaBusStatefulDeploymentStage(this, 'prodDeployment', prodConfig.stackProps, { - account: gammaConfig?.accountId, - }), + new OrcaBusStatefulDeploymentStage( + this, + 'prodDeployment', + prodConfig.stackProps.statefulConfig, + { + account: prodConfig.accountId, + region: prodConfig.region, + } + ), { pre: [new pipelines.ManualApprovalStep('PromoteToProd')] } ); @@ -141,16 +162,10 @@ class OrcaBusStatefulDeploymentStage extends cdk.Stage { constructor( scope: Construct, environmentName: string, - stackProps: { - orcaBusStatefulConfig: OrcaBusStatefulConfig; - }, - env?: cdk.Environment + statefulStackCollectionProps: StatefulStackCollectionProps, + env: cdk.Environment ) { super(scope, environmentName, { env: { account: env?.account, region: 'ap-southeast-2' } }); - - new OrcaBusStatefulStack(this, 'OrcaBusStatefulStack', { - env: env, - ...stackProps.orcaBusStatefulConfig, - }); + new StatefulStackCollection(this, env, statefulStackCollectionProps); } } diff --git a/lib/workload/stateful/vpc/component.ts b/lib/workload/components/vpc/index.ts similarity index 100% rename from lib/workload/stateful/vpc/component.ts rename to lib/workload/components/vpc/index.ts diff --git a/lib/workload/orcabus-stateful-stack.ts b/lib/workload/orcabus-stateful-stack.ts deleted file mode 100644 index d5e4cd6b7..000000000 --- a/lib/workload/orcabus-stateful-stack.ts +++ /dev/null @@ -1,80 +0,0 @@ -import * as cdk from 'aws-cdk-lib'; -import { Construct } from 'constructs'; -import { getVpc } from './stateful/vpc/component'; -import { EventBusConstruct, EventBusProps } from './stateful/eventbridge/component'; -import { ConfigurableDatabaseProps, Database } from './stateful/database/component'; -import { SecurityGroupConstruct, SecurityGroupProps } from './stateful/securitygroup/component'; -import { SchemaRegistryConstruct, SchemaRegistryProps } from './stateful/schemaregistry/component'; -import { EventSource, EventSourceProps } from './stateful/event_source/component'; -import { IcaEventPipeStack, IcaEventPipeStackProps } from './stateful/ica_event_pipe/stack'; -import { TokenServiceProps, TokenServiceStack } from './stateful/token_service/deploy/stack'; - -export interface OrcaBusStatefulConfig { - schemaRegistryProps: SchemaRegistryProps; - eventBusProps: EventBusProps; - databaseProps: ConfigurableDatabaseProps; - securityGroupProps: SecurityGroupProps; - eventSourceProps?: EventSourceProps; - icaEventPipeProps: IcaEventPipeStackProps; - tokenServiceProps: TokenServiceProps; -} - -export class OrcaBusStatefulStack extends cdk.Stack { - // readonly eventBus: EventBusConstruct; - // readonly database: Database; - // readonly securityGroup: SecurityGroupConstruct; - // readonly schemaRegistry: SchemaRegistryConstruct; - // readonly eventSource?: EventSource; - - // stateful stacks - statefulStackArray: cdk.Stack[] = []; - - constructor(scope: Construct, id: string, props: cdk.StackProps & OrcaBusStatefulConfig) { - super(scope, id, props); - - // --- Constructs pre-existing resources - - const vpc = getVpc(this); - - // --- Create Stateful resources - - new EventBusConstruct(this, 'OrcaBusEventBusConstruct', props.eventBusProps); - - const securityGroup = new SecurityGroupConstruct( - this, - 'OrcaBusSecurityGroupConstruct', - vpc, - props.securityGroupProps - ); - - new Database(this, 'OrcaBusDatabaseConstruct', { - vpc, - allowedInboundSG: securityGroup.computeSecurityGroup, - ...props.databaseProps, - }); - - new SchemaRegistryConstruct(this, 'SchemaRegistryConstruct', props.schemaRegistryProps); - - if (props.eventSourceProps) { - new EventSource(this, 'EventSourceConstruct', props.eventSourceProps); - } - - new IcaEventPipeStack(this, props.icaEventPipeProps.name, { - env: { - account: props.env?.account, - region: 'ap-southeast-2', - }, - ...props.icaEventPipeProps, - }); - - this.statefulStackArray.push(this.createTokenServiceStack(props)); - } - - private createTokenServiceStack(props: cdk.StackProps & OrcaBusStatefulConfig) { - return new TokenServiceStack(this, 'TokenServiceStack', { - // reduce the props to the stack needs - env: props.env, - ...props.tokenServiceProps, - }); - } -} diff --git a/lib/workload/orcabus-stateless-stack.ts b/lib/workload/orcabus-stateless-stack.ts index c5923f72e..68f666472 100644 --- a/lib/workload/orcabus-stateless-stack.ts +++ b/lib/workload/orcabus-stateless-stack.ts @@ -1,7 +1,7 @@ import * as cdk from 'aws-cdk-lib'; import { Arn } from 'aws-cdk-lib'; import { Construct } from 'constructs'; -import { getVpc } from './stateful/vpc/component'; +import { getVpc } from './components/vpc'; import { MultiSchemaConstructProps } from './stateless/schema/component'; import { IVpc, ISecurityGroup, SecurityGroup } from 'aws-cdk-lib/aws-ec2'; import { Filemanager, FilemanagerConfig } from './stateless/filemanager/deploy/lib/filemanager'; diff --git a/lib/workload/stateful/securitygroup/component.ts b/lib/workload/stateful/securitygroup/component.ts deleted file mode 100644 index 319dec9fd..000000000 --- a/lib/workload/stateful/securitygroup/component.ts +++ /dev/null @@ -1,27 +0,0 @@ -import { Construct } from 'constructs'; -import * as ec2 from 'aws-cdk-lib/aws-ec2'; - -export interface SecurityGroupProps { - securityGroupName: string; - securityGroupDescription: string; -} - -export class SecurityGroupConstruct extends Construct { - readonly computeSecurityGroup: ec2.SecurityGroup; - - constructor(scope: Construct, id: string, vpc: ec2.IVpc, props: SecurityGroupProps) { - super(scope, id); - - this.computeSecurityGroup = new ec2.SecurityGroup(this, id + 'ComputeSecurityGroup', { - securityGroupName: props.securityGroupName, - vpc: vpc, - allowAllOutbound: true, - }); - - this.computeSecurityGroup.addIngressRule( - this.computeSecurityGroup, - ec2.Port.allTraffic(), - props.securityGroupDescription - ); - } -} diff --git a/lib/workload/stateful/ica_event_pipe/README.md b/lib/workload/stateful/stacks/ica_event_pipe/README.md similarity index 100% rename from lib/workload/stateful/ica_event_pipe/README.md rename to lib/workload/stateful/stacks/ica_event_pipe/README.md diff --git a/lib/workload/stateful/ica_event_pipe/construct/ica_event_pipe/index.ts b/lib/workload/stateful/stacks/ica_event_pipe/construct/ica_event_pipe/index.ts similarity index 100% rename from lib/workload/stateful/ica_event_pipe/construct/ica_event_pipe/index.ts rename to lib/workload/stateful/stacks/ica_event_pipe/construct/ica_event_pipe/index.ts diff --git a/lib/workload/stateful/ica_event_pipe/stack.ts b/lib/workload/stateful/stacks/ica_event_pipe/stack.ts similarity index 100% rename from lib/workload/stateful/ica_event_pipe/stack.ts rename to lib/workload/stateful/stacks/ica_event_pipe/stack.ts diff --git a/lib/workload/stateful/stacks/shared/constructs/compute/index.ts b/lib/workload/stateful/stacks/shared/constructs/compute/index.ts new file mode 100644 index 000000000..7012f89b8 --- /dev/null +++ b/lib/workload/stateful/stacks/shared/constructs/compute/index.ts @@ -0,0 +1,32 @@ +import { Construct } from 'constructs'; +import * as ec2 from 'aws-cdk-lib/aws-ec2'; + +export interface ComputeConfig { + /** + * The security group name for the shared security group + */ + securityGroupName: string; +} + +/** + * Any resources that could be shared among compute resources + */ +export class ComputeConstruct extends Construct { + readonly securityGroup: ec2.SecurityGroup; + + constructor(scope: Construct, id: string, vpc: ec2.IVpc, props: ComputeConfig) { + super(scope, id); + + this.securityGroup = new ec2.SecurityGroup(this, 'SecurityGroup', { + securityGroupName: props.securityGroupName, + vpc: vpc, + allowAllOutbound: true, + }); + + this.securityGroup.addIngressRule( + this.securityGroup, + ec2.Port.allTraffic(), + 'allow connection within the same SecurityGroup' + ); + } +} diff --git a/lib/workload/stateful/database/component.ts b/lib/workload/stateful/stacks/shared/constructs/database/index.ts similarity index 97% rename from lib/workload/stateful/database/component.ts rename to lib/workload/stateful/stacks/shared/constructs/database/index.ts index ca98c9ae6..7fb6c3207 100644 --- a/lib/workload/stateful/database/component.ts +++ b/lib/workload/stateful/stacks/shared/constructs/database/index.ts @@ -112,7 +112,7 @@ export class Database extends Construct { constructor(scope: Construct, id: string, props: DatabaseProps) { super(scope, id); - const dbSecret = new rds.DatabaseSecret(this, id + 'DbSecret', { + const dbSecret = new rds.DatabaseSecret(this, 'DbSecret', { username: props.username, secretName: props.masterSecretName, }); @@ -133,14 +133,14 @@ export class Database extends Construct { ); } - this.cluster = new rds.DatabaseCluster(this, id + 'Cluster', { + this.cluster = new rds.DatabaseCluster(this, 'Cluster', { engine: rds.DatabaseClusterEngine.auroraPostgres({ version: props.version }), clusterIdentifier: props.clusterIdentifier, credentials: rds.Credentials.fromSecret(dbSecret), defaultDatabaseName: props.defaultDatabaseName, parameterGroup: rds.ParameterGroup.fromParameterGroupName( this, - id + 'ParameterGroup', + 'ParameterGroup', props.parameterGroupName ), port: props.dbPort, diff --git a/lib/workload/stateful/event_source/component.ts b/lib/workload/stateful/stacks/shared/constructs/event_source/index.ts similarity index 100% rename from lib/workload/stateful/event_source/component.ts rename to lib/workload/stateful/stacks/shared/constructs/event_source/index.ts diff --git a/lib/workload/stateful/eventbridge/component.ts b/lib/workload/stateful/stacks/shared/constructs/eventbridge/index.ts similarity index 100% rename from lib/workload/stateful/eventbridge/component.ts rename to lib/workload/stateful/stacks/shared/constructs/eventbridge/index.ts diff --git a/lib/workload/stateful/schemaregistry/component.ts b/lib/workload/stateful/stacks/shared/constructs/schemaregistry/index.ts similarity index 100% rename from lib/workload/stateful/schemaregistry/component.ts rename to lib/workload/stateful/stacks/shared/constructs/schemaregistry/index.ts diff --git a/lib/workload/stateful/stacks/shared/stack.ts b/lib/workload/stateful/stacks/shared/stack.ts new file mode 100644 index 000000000..316358558 --- /dev/null +++ b/lib/workload/stateful/stacks/shared/stack.ts @@ -0,0 +1,51 @@ +import { Stack, StackProps } from 'aws-cdk-lib'; +import { Construct } from 'constructs'; +import { EventBusConstruct, EventBusProps } from './constructs/eventbridge'; +import { ConfigurableDatabaseProps, Database } from './constructs/database'; +import { ComputeConfig, ComputeConstruct } from './constructs/compute'; +import { SchemaRegistryConstruct, SchemaRegistryProps } from './constructs/schemaregistry'; +import { EventSource, EventSourceProps } from './constructs/event_source'; +import { IVpc } from 'aws-cdk-lib/aws-ec2'; +import { getVpc } from '../../../components/vpc'; + +export interface SharedStackProps { + schemaRegistryProps: SchemaRegistryProps; + eventBusProps: EventBusProps; + databaseProps: ConfigurableDatabaseProps; + computeConfig: ComputeConfig; + eventSourceProps?: EventSourceProps; +} + + +export class SharedStack extends Stack { + constructor( + scope: Construct, + id: string, + props: StackProps & SharedStackProps + ) { + super(scope, id, props); + + const mainVpc = getVpc(this) + + const computeResources = new ComputeConstruct( + this, + 'ComputeConstruct', + mainVpc, + props.computeConfig + ); + + new EventBusConstruct(this, 'OrcaBusEventBusConstruct', props.eventBusProps); + + new Database(this, 'OrcaBusDatabaseConstruct', { + vpc: mainVpc, + allowedInboundSG: computeResources.securityGroup, + ...props.databaseProps, + }); + + new SchemaRegistryConstruct(this, 'SchemaRegistryConstruct', props.schemaRegistryProps); + + if (props.eventSourceProps) { + new EventSource(this, 'EventSourceConstruct', props.eventSourceProps); + } + } +} diff --git a/lib/workload/stateful/token_service/Makefile b/lib/workload/stateful/stacks/token_service/Makefile similarity index 100% rename from lib/workload/stateful/token_service/Makefile rename to lib/workload/stateful/stacks/token_service/Makefile diff --git a/lib/workload/stateful/token_service/README.md b/lib/workload/stateful/stacks/token_service/README.md similarity index 100% rename from lib/workload/stateful/token_service/README.md rename to lib/workload/stateful/stacks/token_service/README.md diff --git a/lib/workload/stateful/token_service/deploy/construct/policy/index.ts b/lib/workload/stateful/stacks/token_service/deploy/construct/policy/index.ts similarity index 100% rename from lib/workload/stateful/token_service/deploy/construct/policy/index.ts rename to lib/workload/stateful/stacks/token_service/deploy/construct/policy/index.ts diff --git a/lib/workload/stateful/token_service/deploy/stack.ts b/lib/workload/stateful/stacks/token_service/deploy/stack.ts similarity index 100% rename from lib/workload/stateful/token_service/deploy/stack.ts rename to lib/workload/stateful/stacks/token_service/deploy/stack.ts diff --git a/lib/workload/stateful/token_service/deps/requirements-test.txt b/lib/workload/stateful/stacks/token_service/deps/requirements-test.txt similarity index 100% rename from lib/workload/stateful/token_service/deps/requirements-test.txt rename to lib/workload/stateful/stacks/token_service/deps/requirements-test.txt diff --git a/lib/workload/stateful/token_service/token_service/__init__.py b/lib/workload/stateful/stacks/token_service/token_service/__init__.py similarity index 100% rename from lib/workload/stateful/token_service/token_service/__init__.py rename to lib/workload/stateful/stacks/token_service/token_service/__init__.py diff --git a/lib/workload/stateful/token_service/token_service/cognitor/__init__.py b/lib/workload/stateful/stacks/token_service/token_service/cognitor/__init__.py similarity index 100% rename from lib/workload/stateful/token_service/token_service/cognitor/__init__.py rename to lib/workload/stateful/stacks/token_service/token_service/cognitor/__init__.py diff --git a/lib/workload/stateful/token_service/token_service/cognitor/tests.py b/lib/workload/stateful/stacks/token_service/token_service/cognitor/tests.py similarity index 100% rename from lib/workload/stateful/token_service/token_service/cognitor/tests.py rename to lib/workload/stateful/stacks/token_service/token_service/cognitor/tests.py diff --git a/lib/workload/stateful/token_service/token_service/helper.py b/lib/workload/stateful/stacks/token_service/token_service/helper.py similarity index 100% rename from lib/workload/stateful/token_service/token_service/helper.py rename to lib/workload/stateful/stacks/token_service/token_service/helper.py diff --git a/lib/workload/stateful/token_service/token_service/rotate_service_jwt.py b/lib/workload/stateful/stacks/token_service/token_service/rotate_service_jwt.py similarity index 100% rename from lib/workload/stateful/token_service/token_service/rotate_service_jwt.py rename to lib/workload/stateful/stacks/token_service/token_service/rotate_service_jwt.py diff --git a/lib/workload/stateful/token_service/token_service/rotate_service_user.py b/lib/workload/stateful/stacks/token_service/token_service/rotate_service_user.py similarity index 100% rename from lib/workload/stateful/token_service/token_service/rotate_service_user.py rename to lib/workload/stateful/stacks/token_service/token_service/rotate_service_user.py diff --git a/lib/workload/stateful/stateful-stack-collection-class.ts b/lib/workload/stateful/stateful-stack-collection-class.ts new file mode 100644 index 000000000..e301311a6 --- /dev/null +++ b/lib/workload/stateful/stateful-stack-collection-class.ts @@ -0,0 +1,50 @@ +import { Construct } from 'constructs'; +import { Stack, Environment } from 'aws-cdk-lib'; + +import { SharedStack, SharedStackProps } from './stacks/shared/stack'; +import { TokenServiceProps, TokenServiceStack } from './stacks/token_service/deploy/stack'; +import { IcaEventPipeStack, IcaEventPipeStackProps } from './stacks/ica_event_pipe/stack'; + +export interface StatefulStackCollectionProps { + sharedStackProps: SharedStackProps; + tokenServiceStackProps: TokenServiceProps; + icaEventPipeStackProps: IcaEventPipeStackProps; +} + +export class StatefulStackCollection { + // Only defined stacks + private readonly sharedStack: Stack; + private readonly tokenServiceStack: Stack; + private readonly icaEventPipeStack: Stack; + + constructor( + scope: Construct, + env: Environment, + statefulConfiguration: StatefulStackCollectionProps + ) { + this.sharedStack = new SharedStack( + scope, + 'SharedStack', + statefulConfiguration.sharedStackProps + ); + + this.tokenServiceStack = new TokenServiceStack( + scope, + 'TokenServiceStack', + statefulConfiguration.tokenServiceStackProps + ); + + this.icaEventPipeStack = new IcaEventPipeStack(scope, 'IcaEventPipeStack', { + env: env, + ...statefulConfiguration.icaEventPipeStackProps, + }); + } + + /** + * Get all stacks defined in this class + * @returns Array of Record + */ + getAllStack() { + return this; + } +} diff --git a/test/stateful/databaseConstruct.test.ts b/test/stateful/databaseConstruct.test.ts index 534fd1513..6f156ed65 100644 --- a/test/stateful/databaseConstruct.test.ts +++ b/test/stateful/databaseConstruct.test.ts @@ -1,6 +1,6 @@ import * as cdk from 'aws-cdk-lib'; import { Template } from 'aws-cdk-lib/assertions'; -import { Database } from '../../lib/workload/stateful/database/component'; +import { Database } from '../../lib/workload/stateful/stacks/shared/constructs/database'; import * as ec2 from 'aws-cdk-lib/aws-ec2'; import { getEnvironmentConfig } from '../../config/constants'; diff --git a/test/stateful/eventSourceConstruct.test.ts b/test/stateful/eventSourceConstruct.test.ts index a481fb954..adc29db25 100644 --- a/test/stateful/eventSourceConstruct.test.ts +++ b/test/stateful/eventSourceConstruct.test.ts @@ -1,6 +1,6 @@ import * as cdk from 'aws-cdk-lib'; import { Match, Template } from 'aws-cdk-lib/assertions'; -import { EventSource } from '../../lib/workload/stateful/event_source/component'; +import { EventSource } from '../../lib/workload/stateful/stacks/shared/constructs/event_source'; let stack: cdk.Stack; diff --git a/test/stateful/eventbusConstruct.test.ts b/test/stateful/eventbusConstruct.test.ts index 179a34ad5..3173f0373 100644 --- a/test/stateful/eventbusConstruct.test.ts +++ b/test/stateful/eventbusConstruct.test.ts @@ -1,7 +1,7 @@ import * as cdk from 'aws-cdk-lib'; import { Template } from 'aws-cdk-lib/assertions'; import { getEnvironmentConfig } from '../../config/constants'; -import { EventBusConstruct } from '../../lib/workload/stateful/eventbridge/component'; +import { EventBusConstruct } from '../../lib/workload/stateful/stacks/shared/constructs/eventbridge'; let stack: cdk.Stack; diff --git a/test/stateful/icaEventPipeConstruct.test.ts b/test/stateful/icaEventPipeConstruct.test.ts index 78d7d8f5b..1fb32d716 100644 --- a/test/stateful/icaEventPipeConstruct.test.ts +++ b/test/stateful/icaEventPipeConstruct.test.ts @@ -1,6 +1,6 @@ import * as cdk from 'aws-cdk-lib'; import { Match, Template } from 'aws-cdk-lib/assertions'; -import { IcaEventPipeConstruct } from '../../lib/workload/stateful/ica_event_pipe/construct/ica_event_pipe'; +import { IcaEventPipeConstruct } from '../../lib/workload/stateful/stacks/ica_event_pipe/construct/ica_event_pipe'; const topicArn = 'arn:aws:sns:region-1:123456789123:TopicName'; let stack: cdk.Stack; diff --git a/test/stateful/schemaRegistryConstruct.test.ts b/test/stateful/schemaRegistryConstruct.test.ts index 3e75cdcb4..4ddb14803 100644 --- a/test/stateful/schemaRegistryConstruct.test.ts +++ b/test/stateful/schemaRegistryConstruct.test.ts @@ -1,7 +1,7 @@ import * as cdk from 'aws-cdk-lib'; import { Template } from 'aws-cdk-lib/assertions'; import { getEnvironmentConfig } from '../../config/constants'; -import { SchemaRegistryConstruct } from '../../lib/workload/stateful/schemaregistry/component'; +import { SchemaRegistryConstruct } from '../../lib/workload/stateful/stacks/shared/constructs/schemaregistry'; let stack: cdk.Stack; diff --git a/test/stateful/securityGroupConstruct.test.ts b/test/stateful/securityGroupConstruct.test.ts index 3e4501949..16dba990c 100644 --- a/test/stateful/securityGroupConstruct.test.ts +++ b/test/stateful/securityGroupConstruct.test.ts @@ -2,7 +2,7 @@ import * as cdk from 'aws-cdk-lib'; import * as ec2 from 'aws-cdk-lib/aws-ec2'; import { Template } from 'aws-cdk-lib/assertions'; import { getEnvironmentConfig } from '../../config/constants'; -import { SecurityGroupConstruct } from '../../lib/workload/stateful/securitygroup/component'; +import { SecurityGroupConstruct } from '../../lib/workload/stateful/stacks/shared/constructs/compute'; let stack: cdk.Stack; let vpc: ec2.Vpc; @@ -19,7 +19,7 @@ beforeEach(() => { test('Test SchemaRegistry Creation', () => { new SecurityGroupConstruct(stack, 'TestSGConstruct', vpc, { - ...constructConfig.stackProps.orcaBusStatefulConfig.securityGroupProps, + ...constructConfig.stackProps.orcaBusStatefulConfig.ComputeConfig, }); const template = Template.fromStack(stack); diff --git a/test/stateful/stateful-deployment.test.ts b/test/stateful/stateful-deployment.test.ts index 3574d09c1..25aa2e7b8 100644 --- a/test/stateful/stateful-deployment.test.ts +++ b/test/stateful/stateful-deployment.test.ts @@ -2,7 +2,7 @@ import { App, Aspects, Stack } from 'aws-cdk-lib'; import { Annotations, Match } from 'aws-cdk-lib/assertions'; import { SynthesisMessage } from 'aws-cdk-lib/cx-api'; import { AwsSolutionsChecks, NagSuppressions } from 'cdk-nag'; -import { OrcaBusStatefulStack } from '../../lib/workload/orcabus-stateful-stack'; +import { OrcaBusStatefulStack } from '../../lib/workload/stateful/stacks/shared/stack'; import { getEnvironmentConfig } from '../../config/constants'; function synthesisMessageToString(sm: SynthesisMessage): string { diff --git a/test/stateful/tokenServiceConstruct.test.ts b/test/stateful/tokenServiceConstruct.test.ts index bc5ad342a..838568727 100644 --- a/test/stateful/tokenServiceConstruct.test.ts +++ b/test/stateful/tokenServiceConstruct.test.ts @@ -1,7 +1,7 @@ import * as cdk from 'aws-cdk-lib'; import { Template } from 'aws-cdk-lib/assertions'; import { getEnvironmentConfig } from '../../config/constants'; -import { TokenServiceStack } from '../../lib/workload/stateful/token_service/deploy/stack'; +import { TokenServiceStack } from '../../lib/workload/stateful/stacks/token_service/deploy/stack'; const constructConfig = getEnvironmentConfig('beta'); if (!constructConfig) throw new Error('No construct config for the test'); From 37a58071c8bd9ab472c39541bf57a517051856f9 Mon Sep 17 00:00:00 2001 From: William Putra Intan <61998484+williamputraintan@users.noreply.github.com> Date: Thu, 11 Apr 2024 11:12:36 +1000 Subject: [PATCH 02/16] test fix --- bin/stateful-pipeline.ts | 2 +- config/constants.ts | 2 +- docs/developer/SHARED_RESOURCES.md | 37 ------ ...line-stack.ts => statefulPipelineStack.ts} | 6 +- lib/workload/stateful/stacks/shared/README.md | 31 +++++ .../stacks/token_service/deploy/stack.ts | 5 +- ...ass.ts => statefulStackCollectionClass.ts} | 32 ++--- test/orcabus.test.ts | 16 --- .../icaEventPipeConstruct.test.ts | 2 +- test/stateful/pipeline/deployment.test.ts | 94 ++++++++++++++ .../pipeline.test.ts} | 14 ++- .../computeConstruct.test.ts} | 13 +- .../{ => shared}/databaseConstruct.test.ts | 10 +- .../{ => shared}/eventSourceConstruct.test.ts | 2 +- .../{ => shared}/eventbusConstruct.test.ts | 12 +- .../schemaRegistryConstruct.test.ts | 12 +- test/stateful/stateful-deployment.test.ts | 115 ------------------ .../tokenServiceConstruct.test.ts | 6 +- 18 files changed, 188 insertions(+), 223 deletions(-) rename lib/pipeline/{orcabus-stateful-pipeline-stack.ts => statefulPipelineStack.ts} (96%) create mode 100644 lib/workload/stateful/stacks/shared/README.md rename lib/workload/stateful/{stateful-stack-collection-class.ts => statefulStackCollectionClass.ts} (61%) delete mode 100644 test/orcabus.test.ts rename test/stateful/{ => ica_event_pipe}/icaEventPipeConstruct.test.ts (94%) create mode 100644 test/stateful/pipeline/deployment.test.ts rename test/stateful/{stateful-pipeline.test.ts => pipeline/pipeline.test.ts} (74%) rename test/stateful/{securityGroupConstruct.test.ts => shared/computeConstruct.test.ts} (69%) rename test/stateful/{ => shared}/databaseConstruct.test.ts (82%) rename test/stateful/{ => shared}/eventSourceConstruct.test.ts (96%) rename test/stateful/{ => shared}/eventbusConstruct.test.ts (59%) rename test/stateful/{ => shared}/schemaRegistryConstruct.test.ts (59%) delete mode 100644 test/stateful/stateful-deployment.test.ts rename test/stateful/{ => token_service}/tokenServiceConstruct.test.ts (75%) diff --git a/bin/stateful-pipeline.ts b/bin/stateful-pipeline.ts index 338f3166f..253c0a15a 100644 --- a/bin/stateful-pipeline.ts +++ b/bin/stateful-pipeline.ts @@ -2,7 +2,7 @@ import 'source-map-support/register'; import * as cdk from 'aws-cdk-lib'; -import { StatefulPipelineStack } from '../lib/pipeline/orcabus-stateful-pipeline-stack'; +import { StatefulPipelineStack } from '../lib/pipeline/statefulPipelineStack'; const AWS_TOOLCHAIN_ACCOUNT = '383856791668'; // Bastion const AWS_TOOLCHAIN_REGION = 'ap-southeast-2'; diff --git a/config/constants.ts b/config/constants.ts index fb3be21a8..d40312c30 100644 --- a/config/constants.ts +++ b/config/constants.ts @@ -8,7 +8,7 @@ import { FilemanagerConfig, } from '../lib/workload/stateless/filemanager/deploy/lib/filemanager'; import { IcaEventPipeStackProps } from '../lib/workload/stateful/stacks/ica_event_pipe/stack'; -import { StatefulStackCollectionProps } from '../lib/workload/stateful/stateful-stack-collection-class'; +import { StatefulStackCollectionProps } from '../lib/workload/stateful/statefulStackCollectionClass'; const region = 'ap-southeast-2'; diff --git a/docs/developer/SHARED_RESOURCES.md b/docs/developer/SHARED_RESOURCES.md index 0381142e5..d09186d05 100644 --- a/docs/developer/SHARED_RESOURCES.md +++ b/docs/developer/SHARED_RESOURCES.md @@ -1,44 +1,7 @@ # Shared Resources -In the stateful world of the OrcaBus we will be sharing some resources so it could be used across microservices. -These resources will be deployed into a stack and will go under the CDK stateful app. - -These stateful resources usually have a unique name that could act as an Id for the resource. The unique name will be -defined at the CDK config file where it could be passed in both stateful and stateless stack. The stateless stack can -use the resource by the CDK lookup. - - -## Shared -### Database - -An Amazon Aurora Serverless PostgreSQL is provisioned to be used across microservices. - -A security group is created and available for lookup that could be attached to your compute which allow traffic to the -RDS cluster. The security group name is in the CDK config that your microservice could pass this in as one of the stack props. - -Each RDS cluster could contain multiple databases and each microservice is expected to to create their own database and -role to be used in their application. There is a microservice called `PostgresManager` that specifically handle this administrative -task on PostgreSQL. - -RDS IAM is enabled for the cluster, therefore is encouraged to used rather than relying on username-password approach to login to your -database. You could choose the type of the authentication upon creating a role at the RDS when using the `PostgresManager`. - -Please check the: [PostgresManager](../../lib/workload/stateless/postgres_manager/README.md) - - -### Event Source - -### Eventbridge - ## ICA Event Pipe This stack creates the necessary infrastructure to allow external (ICA) events to flow onto our internal Event Bus. Details see [here](../../lib/workload/stateful/ica_event_pipe/README.md) - - -## Schema Registry - -## SecurityGroup - -## VPC \ No newline at end of file diff --git a/lib/pipeline/orcabus-stateful-pipeline-stack.ts b/lib/pipeline/statefulPipelineStack.ts similarity index 96% rename from lib/pipeline/orcabus-stateful-pipeline-stack.ts rename to lib/pipeline/statefulPipelineStack.ts index d851c9af7..ee06b5a31 100644 --- a/lib/pipeline/orcabus-stateful-pipeline-stack.ts +++ b/lib/pipeline/statefulPipelineStack.ts @@ -11,7 +11,7 @@ import { getEnvironmentConfig } from '../../config/constants'; import { StatefulStackCollectionProps, StatefulStackCollection, -} from '../workload/stateful/stateful-stack-collection-class'; +} from '../workload/stateful/statefulStackCollectionClass'; export class StatefulPipelineStack extends cdk.Stack { constructor(scope: Construct, id: string, props: cdk.StackProps) { @@ -123,7 +123,7 @@ export class StatefulPipelineStack extends cdk.Stack { pipeline.addStage( new OrcaBusStatefulDeploymentStage( this, - 'prodDeployment', + 'ProdDeployment', prodConfig.stackProps.statefulConfig, { account: prodConfig.accountId, @@ -165,7 +165,7 @@ class OrcaBusStatefulDeploymentStage extends cdk.Stage { statefulStackCollectionProps: StatefulStackCollectionProps, env: cdk.Environment ) { - super(scope, environmentName, { env: { account: env?.account, region: 'ap-southeast-2' } }); + super(scope, environmentName, { env: env }); new StatefulStackCollection(this, env, statefulStackCollectionProps); } } diff --git a/lib/workload/stateful/stacks/shared/README.md b/lib/workload/stateful/stacks/shared/README.md new file mode 100644 index 000000000..715c86be5 --- /dev/null +++ b/lib/workload/stateful/stacks/shared/README.md @@ -0,0 +1,31 @@ +# Shared Stack + +In the OrcaBus stateful world, we will be deploying a stack that will contain resources that will be shared across +microservices. These resources will generally have a unique name that is passed from the config file, and stacks that +require this resource will be able to look up from by this unique name. + + +## Database + +An Amazon Aurora Serverless PostgreSQL is provisioned to be used across microservices. + +RDS cluster could contain multiple databases and each microservice is expected to create its database and +role to be used in its application. There is a microservice called `PostgresManager` that specifically handles this administrative +task on PostgreSQL. + +RDS IAM is enabled for the cluster and, therefore is encouraged to be used rather than relying on username-password approach to log into your database. You could choose the type of authentication upon creating a role at the RDS when using the `PostgresManager`. + +Please check the: [PostgresManager](../../../stateless/postgres_manager/README.md) + +## Event Source + +## Eventbridge + +## Schema Registry + +## Compute + +This construct contains resources that could be shared/attached to a compute resource. + +- `SecurityGroup` - The security group that can be attached to compute resources (EC2/lambdas) which has access to the + database security group. diff --git a/lib/workload/stateful/stacks/token_service/deploy/stack.ts b/lib/workload/stateful/stacks/token_service/deploy/stack.ts index 55de657ba..4e7e8c38a 100644 --- a/lib/workload/stateful/stacks/token_service/deploy/stack.ts +++ b/lib/workload/stateful/stacks/token_service/deploy/stack.ts @@ -8,13 +8,14 @@ import { Architecture } from 'aws-cdk-lib/aws-lambda'; import { Role, ServicePrincipal } from 'aws-cdk-lib/aws-iam'; import { IUserPool, UserPool } from 'aws-cdk-lib/aws-cognito'; import { LogGroup } from 'aws-cdk-lib/aws-logs'; -import { IVpc, Vpc } from 'aws-cdk-lib/aws-ec2'; +import { IVpc } from 'aws-cdk-lib/aws-ec2'; import { getCognitoAdminActions, getCognitoJWTActions, getLambdaVPCPolicy, getServiceUserSecretResourcePolicy, } from './construct/policy'; +import { getVpc } from '../../../../components/vpc'; export interface TokenServiceProps { serviceUserSecretName: string; @@ -35,7 +36,7 @@ export class TokenServiceStack extends Stack { super(scope, id, props); this.props = props; - this.vpc = Vpc.fromLookup(this, 'MainVpc', props.vpcProps); + this.vpc = getVpc(this); // NOTE: // Token Service has very high dependency on the upstream Cognito User Pool OAuth2 broker diff --git a/lib/workload/stateful/stateful-stack-collection-class.ts b/lib/workload/stateful/statefulStackCollectionClass.ts similarity index 61% rename from lib/workload/stateful/stateful-stack-collection-class.ts rename to lib/workload/stateful/statefulStackCollectionClass.ts index e301311a6..cb6310e87 100644 --- a/lib/workload/stateful/stateful-stack-collection-class.ts +++ b/lib/workload/stateful/statefulStackCollectionClass.ts @@ -13,38 +13,28 @@ export interface StatefulStackCollectionProps { export class StatefulStackCollection { // Only defined stacks - private readonly sharedStack: Stack; - private readonly tokenServiceStack: Stack; - private readonly icaEventPipeStack: Stack; + readonly sharedStack: Stack; + readonly tokenServiceStack: Stack; + readonly icaEventPipeStack: Stack; constructor( scope: Construct, env: Environment, statefulConfiguration: StatefulStackCollectionProps ) { - this.sharedStack = new SharedStack( - scope, - 'SharedStack', - statefulConfiguration.sharedStackProps - ); + this.sharedStack = new SharedStack(scope, 'SharedStack', { + env: env, + ...statefulConfiguration.sharedStackProps, + }); - this.tokenServiceStack = new TokenServiceStack( - scope, - 'TokenServiceStack', - statefulConfiguration.tokenServiceStackProps - ); + this.tokenServiceStack = new TokenServiceStack(scope, 'TokenServiceStack', { + env: env, + ...statefulConfiguration.tokenServiceStackProps, + }); this.icaEventPipeStack = new IcaEventPipeStack(scope, 'IcaEventPipeStack', { env: env, ...statefulConfiguration.icaEventPipeStackProps, }); } - - /** - * Get all stacks defined in this class - * @returns Array of Record - */ - getAllStack() { - return this; - } } diff --git a/test/orcabus.test.ts b/test/orcabus.test.ts deleted file mode 100644 index e322b5139..000000000 --- a/test/orcabus.test.ts +++ /dev/null @@ -1,16 +0,0 @@ -// import * as cdk from 'aws-cdk-lib'; -// import { Template } from 'aws-cdk-lib/assertions'; -// import * as Orcabus from '../lib/orcabus-stack'; - -// example test. To run these tests, uncomment this file along with the -// example resource in lib/orcabus-stack.ts -test('SQS Queue Created', () => { - // const app = new cdk.App(); - // // WHEN - // const stack = new Orcabus.OrcabusStack(app, 'MyTestStack'); - // // THEN - // const template = Template.fromStack(stack); - // template.hasResourceProperties('AWS::SQS::Queue', { - // VisibilityTimeout: 300 - // }); -}); diff --git a/test/stateful/icaEventPipeConstruct.test.ts b/test/stateful/ica_event_pipe/icaEventPipeConstruct.test.ts similarity index 94% rename from test/stateful/icaEventPipeConstruct.test.ts rename to test/stateful/ica_event_pipe/icaEventPipeConstruct.test.ts index 1fb32d716..1df2e860b 100644 --- a/test/stateful/icaEventPipeConstruct.test.ts +++ b/test/stateful/ica_event_pipe/icaEventPipeConstruct.test.ts @@ -1,6 +1,6 @@ import * as cdk from 'aws-cdk-lib'; import { Match, Template } from 'aws-cdk-lib/assertions'; -import { IcaEventPipeConstruct } from '../../lib/workload/stateful/stacks/ica_event_pipe/construct/ica_event_pipe'; +import { IcaEventPipeConstruct } from '../../../lib/workload/stateful/stacks/ica_event_pipe/construct/ica_event_pipe'; const topicArn = 'arn:aws:sns:region-1:123456789123:TopicName'; let stack: cdk.Stack; diff --git a/test/stateful/pipeline/deployment.test.ts b/test/stateful/pipeline/deployment.test.ts new file mode 100644 index 000000000..b77023819 --- /dev/null +++ b/test/stateful/pipeline/deployment.test.ts @@ -0,0 +1,94 @@ +import { App, Aspects, Stack } from 'aws-cdk-lib'; +import { Annotations, Match } from 'aws-cdk-lib/assertions'; +import { SynthesisMessage } from 'aws-cdk-lib/cx-api'; +import { AwsSolutionsChecks, NagSuppressions } from 'cdk-nag'; + +import { getEnvironmentConfig } from '../../../config/constants'; +import { StatefulStackCollection } from '../../../lib/workload/stateful/statefulStackCollectionClass'; + +function synthesisMessageToString(sm: SynthesisMessage): string { + return `${sm.entry.data} [${sm.id}]`; +} + +// Picking prod environment to test as it contain the sensitive data +const config = getEnvironmentConfig('prod')!; + +describe('cdk-nag-stateful-stack', () => { + const app: App = new App(); + + const stackCollection = new StatefulStackCollection( + app, + { + account: '12345678', + region: 'ap-southeast-2', + }, + config.stackProps.statefulConfig + ); + + for (const key in stackCollection) { + if (Object.prototype.hasOwnProperty.call(stackCollection, key)) { + const stack = stackCollection[key as keyof StatefulStackCollection]; + + const stackId = stack.node.id; + + Aspects.of(stack).add(new AwsSolutionsChecks()); + + applyNagSuppression(stackId, stack); + + test(`${stackId}: cdk-nag AwsSolutions Pack errors`, () => { + const errors = Annotations.fromStack(stack) + .findError('*', Match.stringLikeRegexp('AwsSolutions-.*')) + .map(synthesisMessageToString); + expect(errors).toHaveLength(0); + }); + + test(`${stackId}: cdk-nag AwsSolutions Pack warnings`, () => { + const warnings = Annotations.fromStack(stack) + .findWarning('*', Match.stringLikeRegexp('AwsSolutions-.*')) + .map(synthesisMessageToString); + expect(warnings).toHaveLength(0); + }); + } + } +}); + +/** + * apply nag suppression according to the relevant stackId + * @param stackId the stackId + * @param stack + */ +function applyNagSuppression(stackId: string, stack: Stack) { + // all stacks widely + NagSuppressions.addStackSuppressions( + stack, + [{ id: 'AwsSolutions-APIG1', reason: 'See https://github.com/aws/aws-cdk/issues/11100' }], + true + ); + + // for each stack specific + switch (stackId) { + case 'TokenServiceStack': + // suppress by resource + NagSuppressions.addResourceSuppressionsByPath( + stack, + [ + '/TokenServiceStack/ServiceUserRole/DefaultPolicy/Resource', + '/TokenServiceStack/JWTRole/DefaultPolicy/Resource', + ], + [ + { + id: 'AwsSolutions-IAM5', + reason: + 'See ' + + 'https://github.com/aws/aws-cdk/issues/7016 ' + + 'https://github.com/aws/aws-cdk/issues/26611 ' + + 'https://stackoverflow.com/questions/71929482/how-to-prevent-generating-default-policies-during-iam-role-creation-in-aws-cdk', + }, + ] + ); + break; + + default: + break; + } +} diff --git a/test/stateful/stateful-pipeline.test.ts b/test/stateful/pipeline/pipeline.test.ts similarity index 74% rename from test/stateful/stateful-pipeline.test.ts rename to test/stateful/pipeline/pipeline.test.ts index 9c161c850..4003d0925 100644 --- a/test/stateful/stateful-pipeline.test.ts +++ b/test/stateful/pipeline/pipeline.test.ts @@ -1,8 +1,18 @@ -import { App, Aspects } from 'aws-cdk-lib'; +import { App, Aspects, Stack } from 'aws-cdk-lib'; import { Annotations, Match } from 'aws-cdk-lib/assertions'; import { SynthesisMessage } from 'aws-cdk-lib/cx-api'; import { AwsSolutionsChecks, NagSuppressions } from 'cdk-nag'; -import { StatefulPipelineStack } from '../../lib/pipeline/orcabus-stateful-pipeline-stack'; +import { StatefulPipelineStack } from '../../../lib/pipeline/statefulPipelineStack'; + +// we are mocking the deployment stack here, as we have a dedicated cdk-nag test for deployment stack +// see the ./stateless-deployment.test.ts +jest.mock('../../../lib/workload/stateful/stateful-stack-collection-class', () => { + return { + StatefulStackCollection: jest.fn().mockImplementation((value) => { + return new Stack(value, 'mockStack', {}); + }), + }; +}); function synthesisMessageToString(sm: SynthesisMessage): string { return `${sm.entry.data} [${sm.id}]`; diff --git a/test/stateful/securityGroupConstruct.test.ts b/test/stateful/shared/computeConstruct.test.ts similarity index 69% rename from test/stateful/securityGroupConstruct.test.ts rename to test/stateful/shared/computeConstruct.test.ts index 16dba990c..5754dccd9 100644 --- a/test/stateful/securityGroupConstruct.test.ts +++ b/test/stateful/shared/computeConstruct.test.ts @@ -1,8 +1,8 @@ import * as cdk from 'aws-cdk-lib'; import * as ec2 from 'aws-cdk-lib/aws-ec2'; import { Template } from 'aws-cdk-lib/assertions'; -import { getEnvironmentConfig } from '../../config/constants'; -import { SecurityGroupConstruct } from '../../lib/workload/stateful/stacks/shared/constructs/compute'; +import { getEnvironmentConfig } from '../../../config/constants'; +import { ComputeConstruct } from '../../../lib/workload/stateful/stacks/shared/constructs/compute'; let stack: cdk.Stack; let vpc: ec2.Vpc; @@ -18,9 +18,12 @@ beforeEach(() => { }); test('Test SchemaRegistry Creation', () => { - new SecurityGroupConstruct(stack, 'TestSGConstruct', vpc, { - ...constructConfig.stackProps.orcaBusStatefulConfig.ComputeConfig, - }); + new ComputeConstruct( + stack, + 'TestSGConstruct', + vpc, + constructConfig.stackProps.statefulConfig.sharedStackProps.computeConfig + ); const template = Template.fromStack(stack); template.hasResourceProperties('AWS::EC2::SecurityGroup', { diff --git a/test/stateful/databaseConstruct.test.ts b/test/stateful/shared/databaseConstruct.test.ts similarity index 82% rename from test/stateful/databaseConstruct.test.ts rename to test/stateful/shared/databaseConstruct.test.ts index 6f156ed65..79822e491 100644 --- a/test/stateful/databaseConstruct.test.ts +++ b/test/stateful/shared/databaseConstruct.test.ts @@ -1,8 +1,8 @@ import * as cdk from 'aws-cdk-lib'; import { Template } from 'aws-cdk-lib/assertions'; -import { Database } from '../../lib/workload/stateful/stacks/shared/constructs/database'; +import { Database } from '../../../lib/workload/stateful/stacks/shared/constructs/database'; import * as ec2 from 'aws-cdk-lib/aws-ec2'; -import { getEnvironmentConfig } from '../../config/constants'; +import { getEnvironmentConfig } from '../../../config/constants'; let stack: cdk.Stack; let vpc: ec2.Vpc; @@ -11,7 +11,7 @@ const constructConfig = getEnvironmentConfig('beta'); if (!constructConfig) throw new Error('No construct config for the test'); expect(constructConfig).toBeTruthy(); -const dbProps = constructConfig.stackProps.orcaBusStatefulConfig.databaseProps; +const dbProps = constructConfig.stackProps.statefulConfig.sharedStackProps.databaseProps; beforeEach(() => { stack = new cdk.Stack(); @@ -27,7 +27,7 @@ beforeEach(() => { test('Test DBCluster created props', () => { new Database(stack, 'TestDatabaseConstruct', { vpc, - ...constructConfig.stackProps.orcaBusStatefulConfig.databaseProps, + ...dbProps, }); const template = Template.fromStack(stack); @@ -51,8 +51,8 @@ test('Test other SG Allow Ingress to DB SG', () => { new Database(stack, 'TestDatabaseConstruct', { vpc, - ...constructConfig.stackProps.orcaBusStatefulConfig.databaseProps, allowedInboundSG: allowedSG, + ...dbProps, }); const template = Template.fromStack(stack); diff --git a/test/stateful/eventSourceConstruct.test.ts b/test/stateful/shared/eventSourceConstruct.test.ts similarity index 96% rename from test/stateful/eventSourceConstruct.test.ts rename to test/stateful/shared/eventSourceConstruct.test.ts index adc29db25..844d8bcff 100644 --- a/test/stateful/eventSourceConstruct.test.ts +++ b/test/stateful/shared/eventSourceConstruct.test.ts @@ -1,6 +1,6 @@ import * as cdk from 'aws-cdk-lib'; import { Match, Template } from 'aws-cdk-lib/assertions'; -import { EventSource } from '../../lib/workload/stateful/stacks/shared/constructs/event_source'; +import { EventSource } from '../../../lib/workload/stateful/stacks/shared/constructs/event_source'; let stack: cdk.Stack; diff --git a/test/stateful/eventbusConstruct.test.ts b/test/stateful/shared/eventbusConstruct.test.ts similarity index 59% rename from test/stateful/eventbusConstruct.test.ts rename to test/stateful/shared/eventbusConstruct.test.ts index 3173f0373..b5c97cf8d 100644 --- a/test/stateful/eventbusConstruct.test.ts +++ b/test/stateful/shared/eventbusConstruct.test.ts @@ -1,7 +1,7 @@ import * as cdk from 'aws-cdk-lib'; import { Template } from 'aws-cdk-lib/assertions'; -import { getEnvironmentConfig } from '../../config/constants'; -import { EventBusConstruct } from '../../lib/workload/stateful/stacks/shared/constructs/eventbridge'; +import { getEnvironmentConfig } from '../../../config/constants'; +import { EventBusConstruct } from '../../../lib/workload/stateful/stacks/shared/constructs/eventbridge'; let stack: cdk.Stack; @@ -13,9 +13,11 @@ beforeEach(() => { }); test('Test EventBus Creation', () => { - new EventBusConstruct(stack, 'TestEventBusConstruct', { - ...constructConfig.stackProps.orcaBusStatefulConfig.eventBusProps, - }); + new EventBusConstruct( + stack, + 'TestEventBusConstruct', + constructConfig.stackProps.statefulConfig.sharedStackProps.eventBusProps + ); const template = Template.fromStack(stack); template.hasResourceProperties('AWS::Events::EventBus', { diff --git a/test/stateful/schemaRegistryConstruct.test.ts b/test/stateful/shared/schemaRegistryConstruct.test.ts similarity index 59% rename from test/stateful/schemaRegistryConstruct.test.ts rename to test/stateful/shared/schemaRegistryConstruct.test.ts index 4ddb14803..f1cdc2f66 100644 --- a/test/stateful/schemaRegistryConstruct.test.ts +++ b/test/stateful/shared/schemaRegistryConstruct.test.ts @@ -1,7 +1,7 @@ import * as cdk from 'aws-cdk-lib'; import { Template } from 'aws-cdk-lib/assertions'; -import { getEnvironmentConfig } from '../../config/constants'; -import { SchemaRegistryConstruct } from '../../lib/workload/stateful/stacks/shared/constructs/schemaregistry'; +import { getEnvironmentConfig } from '../../../config/constants'; +import { SchemaRegistryConstruct } from '../../../lib/workload/stateful/stacks/shared/constructs/schemaregistry'; let stack: cdk.Stack; @@ -13,9 +13,11 @@ beforeEach(() => { }); test('Test SchemaRegistry Creation', () => { - new SchemaRegistryConstruct(stack, 'TestSchemaRegistryConstruct', { - ...constructConfig.stackProps.orcaBusStatefulConfig.schemaRegistryProps, - }); + new SchemaRegistryConstruct( + stack, + 'TestSchemaRegistryConstruct', + constructConfig.stackProps.statefulConfig.sharedStackProps.schemaRegistryProps + ); const template = Template.fromStack(stack); template.hasResourceProperties('AWS::EventSchemas::Registry', { diff --git a/test/stateful/stateful-deployment.test.ts b/test/stateful/stateful-deployment.test.ts deleted file mode 100644 index 25aa2e7b8..000000000 --- a/test/stateful/stateful-deployment.test.ts +++ /dev/null @@ -1,115 +0,0 @@ -import { App, Aspects, Stack } from 'aws-cdk-lib'; -import { Annotations, Match } from 'aws-cdk-lib/assertions'; -import { SynthesisMessage } from 'aws-cdk-lib/cx-api'; -import { AwsSolutionsChecks, NagSuppressions } from 'cdk-nag'; -import { OrcaBusStatefulStack } from '../../lib/workload/stateful/stacks/shared/stack'; -import { getEnvironmentConfig } from '../../config/constants'; - -function synthesisMessageToString(sm: SynthesisMessage): string { - return `${sm.entry.data} [${sm.id}]`; -} -// Picking prod environment to test as it contain the sensitive data -const config = getEnvironmentConfig('prod')!; - -describe('cdk-nag-stateful-stack', () => { - const app: App = new App(); - const stack: OrcaBusStatefulStack = new OrcaBusStatefulStack(app, 'TestStack', { - env: { - account: '12345678', - region: 'ap-southeast-2', - }, - ...config.stackProps.orcaBusStatefulConfig, - }); - - beforeAll(() => { - Aspects.of(stack).add(new AwsSolutionsChecks()); - - // Suppress CDK-NAG for secret rotation - NagSuppressions.addStackSuppressions(stack, [ - { id: 'AwsSolutions-APIG1', reason: 'See https://github.com/aws/aws-cdk/issues/11100' }, - ]); - }); - // FIXME - // perhaps just need the following code after refactoring `OrcaBusDatabaseConstruct` => `DatabaseStack` - // instead of code block from the above^^ `beforeAll(..)` ~victor - //Aspects.of(stack).add(new AwsSolutionsChecks()); - //applyNagSuppression(stack.node.id, stack); - - test('cdk-nag AwsSolutions Pack errors', () => { - const errors = Annotations.fromStack(stack) - .findError('*', Match.stringLikeRegexp('AwsSolutions-.*')) - .map(synthesisMessageToString); - expect(errors).toHaveLength(0); - }); - - test('cdk-nag AwsSolutions Pack warnings', () => { - const warnings = Annotations.fromStack(stack) - .findWarning('*', Match.stringLikeRegexp('AwsSolutions-.*')) - .map(synthesisMessageToString); - expect(warnings).toHaveLength(0); - }); - - // per-stateful stack cdk-nag test - for (const s of stack.statefulStackArray) { - const stackId = s.node.id; - - Aspects.of(s).add(new AwsSolutionsChecks()); - - applyNagSuppression(stackId, s); - - test(`${stackId}: cdk-nag AwsSolutions Pack errors`, () => { - const errors = Annotations.fromStack(s) - .findError('*', Match.stringLikeRegexp('AwsSolutions-.*')) - .map(synthesisMessageToString); - expect(errors).toHaveLength(0); - }); - - test(`${stackId}: cdk-nag AwsSolutions Pack warnings`, () => { - const warnings = Annotations.fromStack(s) - .findWarning('*', Match.stringLikeRegexp('AwsSolutions-.*')) - .map(synthesisMessageToString); - expect(warnings).toHaveLength(0); - }); - } -}); - -/** - * apply nag suppression according to the relevant stackId - * @param stackId the stackId - * @param stack - */ -function applyNagSuppression(stackId: string, stack: Stack) { - // all stacks widely - NagSuppressions.addStackSuppressions( - stack, - [{ id: 'AwsSolutions-APIG1', reason: 'See https://github.com/aws/aws-cdk/issues/11100' }], - true - ); - - // for each stack specific - switch (stackId) { - case 'TokenServiceStack': - // suppress by resource - NagSuppressions.addResourceSuppressionsByPath( - stack, - [ - '/TestStack/TokenServiceStack/ServiceUserRole/DefaultPolicy/Resource', - '/TestStack/TokenServiceStack/JWTRole/DefaultPolicy/Resource', - ], - [ - { - id: 'AwsSolutions-IAM5', - reason: - 'See ' + - 'https://github.com/aws/aws-cdk/issues/7016 ' + - 'https://github.com/aws/aws-cdk/issues/26611 ' + - 'https://stackoverflow.com/questions/71929482/how-to-prevent-generating-default-policies-during-iam-role-creation-in-aws-cdk', - }, - ] - ); - break; - - default: - break; - } -} diff --git a/test/stateful/tokenServiceConstruct.test.ts b/test/stateful/token_service/tokenServiceConstruct.test.ts similarity index 75% rename from test/stateful/tokenServiceConstruct.test.ts rename to test/stateful/token_service/tokenServiceConstruct.test.ts index 838568727..3e46cfb28 100644 --- a/test/stateful/tokenServiceConstruct.test.ts +++ b/test/stateful/token_service/tokenServiceConstruct.test.ts @@ -1,7 +1,7 @@ import * as cdk from 'aws-cdk-lib'; import { Template } from 'aws-cdk-lib/assertions'; -import { getEnvironmentConfig } from '../../config/constants'; -import { TokenServiceStack } from '../../lib/workload/stateful/stacks/token_service/deploy/stack'; +import { getEnvironmentConfig } from '../../../config/constants'; +import { TokenServiceStack } from '../../../lib/workload/stateful/stacks/token_service/deploy/stack'; const constructConfig = getEnvironmentConfig('beta'); if (!constructConfig) throw new Error('No construct config for the test'); @@ -13,7 +13,7 @@ const stack = new TokenServiceStack(mockApp, 'TestTokenServiceStack', { account: '123456789', region: 'ap-southeast-2', }, - ...constructConfig.stackProps.orcaBusStatefulConfig.tokenServiceProps, + ...constructConfig.stackProps.statefulConfig.tokenServiceStackProps, }); beforeEach(() => { From eaa5543983749f4d857a866d9d659ca5b3e262d7 Mon Sep 17 00:00:00 2001 From: William Putra Intan <61998484+williamputraintan@users.noreply.github.com> Date: Thu, 11 Apr 2024 11:35:53 +1000 Subject: [PATCH 03/16] =?UTF-8?q?tagging=20for=20=C2=B5-app?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- lib/pipeline/statefulPipelineStack.ts | 1 + .../stateful/statefulStackCollectionClass.ts | 15 +++++++++++---- 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/lib/pipeline/statefulPipelineStack.ts b/lib/pipeline/statefulPipelineStack.ts index ee06b5a31..56dbcdf07 100644 --- a/lib/pipeline/statefulPipelineStack.ts +++ b/lib/pipeline/statefulPipelineStack.ts @@ -166,6 +166,7 @@ class OrcaBusStatefulDeploymentStage extends cdk.Stage { env: cdk.Environment ) { super(scope, environmentName, { env: env }); + new StatefulStackCollection(this, env, statefulStackCollectionProps); } } diff --git a/lib/workload/stateful/statefulStackCollectionClass.ts b/lib/workload/stateful/statefulStackCollectionClass.ts index cb6310e87..ed13acf29 100644 --- a/lib/workload/stateful/statefulStackCollectionClass.ts +++ b/lib/workload/stateful/statefulStackCollectionClass.ts @@ -1,5 +1,5 @@ import { Construct } from 'constructs'; -import { Stack, Environment } from 'aws-cdk-lib'; +import { Stack, Environment, StackProps } from 'aws-cdk-lib'; import { SharedStack, SharedStackProps } from './stacks/shared/stack'; import { TokenServiceProps, TokenServiceStack } from './stacks/token_service/deploy/stack'; @@ -22,18 +22,25 @@ export class StatefulStackCollection { env: Environment, statefulConfiguration: StatefulStackCollectionProps ) { - this.sharedStack = new SharedStack(scope, 'SharedStack', { + const stackPropsTemplate: StackProps = { env: env, + tags: { + 'umccr-org:Product': 'OrcaBus', + }, + }; + + this.sharedStack = new SharedStack(scope, 'SharedStack', { + ...stackPropsTemplate, ...statefulConfiguration.sharedStackProps, }); this.tokenServiceStack = new TokenServiceStack(scope, 'TokenServiceStack', { - env: env, + ...stackPropsTemplate, ...statefulConfiguration.tokenServiceStackProps, }); this.icaEventPipeStack = new IcaEventPipeStack(scope, 'IcaEventPipeStack', { - env: env, + ...stackPropsTemplate, ...statefulConfiguration.icaEventPipeStackProps, }); } From 036a9e295f542ef0ddb2f374f89f13205e14434d Mon Sep 17 00:00:00 2001 From: William Putra Intan <61998484+williamputraintan@users.noreply.github.com> Date: Thu, 11 Apr 2024 11:52:06 +1000 Subject: [PATCH 04/16] Update README.md --- README.md | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/README.md b/README.md index 89ba08ef4..c8510c271 100644 --- a/README.md +++ b/README.md @@ -109,6 +109,19 @@ Do note that we have some shared resources that is expected to be used across mi When possible, please use either `OrcaBus` (camel case) or `orcabus` (all lower case). +#### Typescript + +When using typescript we will use the convention defined in [AWS +Guide](https://docs.aws.amazon.com/prescriptive-guidance/latest/best-practices-cdk-typescript-iac/typescript-best-practices.html#naming-conventions). + +- Use camelCase for variable and function names. +- Use PascalCase for class names and interface names. +- Use camelCase for interface members. +- Use PascalCase for type names and enum names. +- Name files with camelCase (for example, ebsVolumes.tsx or storage.tsb) + +For folder name, we will be using `snake_case` + ### Toolchain _Setting up baseline toolchain_ From 9275fa1540e3f2ea9872602f720e3f9a3874c128 Mon Sep 17 00:00:00 2001 From: William Putra Intan <61998484+williamputraintan@users.noreply.github.com> Date: Thu, 11 Apr 2024 12:02:37 +1000 Subject: [PATCH 05/16] folder `kebab-case` --- README.md | 2 +- config/constants.ts | 2 +- .../stacks/{ica_event_pipe => ica-event-pipe}/README.md | 0 .../construct/ica_event_pipe/index.ts | 0 .../stacks/{ica_event_pipe => ica-event-pipe}/stack.ts | 0 .../stateful/stacks/{token_service => token-service}/Makefile | 0 .../stacks/{token_service => token-service}/README.md | 0 .../deploy/construct/policy/index.ts | 0 .../stacks/{token_service => token-service}/deploy/stack.ts | 0 .../deps/requirements-test.txt | 0 .../token_service/__init__.py | 0 .../token_service/cognitor/__init__.py | 0 .../token_service/cognitor/tests.py | 0 .../{token_service => token-service}/token_service/helper.py | 0 .../token_service/rotate_service_jwt.py | 0 .../token_service/rotate_service_user.py | 0 lib/workload/stateful/statefulStackCollectionClass.ts | 4 ++-- .../icaEventPipeConstruct.test.ts | 2 +- test/stateful/pipeline/pipeline.test.ts | 2 +- .../tokenServiceConstruct.test.ts | 2 +- 20 files changed, 7 insertions(+), 7 deletions(-) rename lib/workload/stateful/stacks/{ica_event_pipe => ica-event-pipe}/README.md (100%) rename lib/workload/stateful/stacks/{ica_event_pipe => ica-event-pipe}/construct/ica_event_pipe/index.ts (100%) rename lib/workload/stateful/stacks/{ica_event_pipe => ica-event-pipe}/stack.ts (100%) rename lib/workload/stateful/stacks/{token_service => token-service}/Makefile (100%) rename lib/workload/stateful/stacks/{token_service => token-service}/README.md (100%) rename lib/workload/stateful/stacks/{token_service => token-service}/deploy/construct/policy/index.ts (100%) rename lib/workload/stateful/stacks/{token_service => token-service}/deploy/stack.ts (100%) rename lib/workload/stateful/stacks/{token_service => token-service}/deps/requirements-test.txt (100%) rename lib/workload/stateful/stacks/{token_service => token-service}/token_service/__init__.py (100%) rename lib/workload/stateful/stacks/{token_service => token-service}/token_service/cognitor/__init__.py (100%) rename lib/workload/stateful/stacks/{token_service => token-service}/token_service/cognitor/tests.py (100%) rename lib/workload/stateful/stacks/{token_service => token-service}/token_service/helper.py (100%) rename lib/workload/stateful/stacks/{token_service => token-service}/token_service/rotate_service_jwt.py (100%) rename lib/workload/stateful/stacks/{token_service => token-service}/token_service/rotate_service_user.py (100%) rename test/stateful/{ica_event_pipe => ica-event-pipe}/icaEventPipeConstruct.test.ts (97%) rename test/stateful/{token_service => token-service}/tokenServiceConstruct.test.ts (96%) diff --git a/README.md b/README.md index c8510c271..afb7969d4 100644 --- a/README.md +++ b/README.md @@ -120,7 +120,7 @@ Guide](https://docs.aws.amazon.com/prescriptive-guidance/latest/best-practices-c - Use PascalCase for type names and enum names. - Name files with camelCase (for example, ebsVolumes.tsx or storage.tsb) -For folder name, we will be using `snake_case` +For folder name, we will be using `kebab-case` ### Toolchain diff --git a/config/constants.ts b/config/constants.ts index d40312c30..912620d81 100644 --- a/config/constants.ts +++ b/config/constants.ts @@ -7,7 +7,7 @@ import { FILEMANAGER_SERVICE_NAME, FilemanagerConfig, } from '../lib/workload/stateless/filemanager/deploy/lib/filemanager'; -import { IcaEventPipeStackProps } from '../lib/workload/stateful/stacks/ica_event_pipe/stack'; +import { IcaEventPipeStackProps } from '../lib/workload/stateful/stacks/ica-event-pipe/stack'; import { StatefulStackCollectionProps } from '../lib/workload/stateful/statefulStackCollectionClass'; const region = 'ap-southeast-2'; diff --git a/lib/workload/stateful/stacks/ica_event_pipe/README.md b/lib/workload/stateful/stacks/ica-event-pipe/README.md similarity index 100% rename from lib/workload/stateful/stacks/ica_event_pipe/README.md rename to lib/workload/stateful/stacks/ica-event-pipe/README.md diff --git a/lib/workload/stateful/stacks/ica_event_pipe/construct/ica_event_pipe/index.ts b/lib/workload/stateful/stacks/ica-event-pipe/construct/ica_event_pipe/index.ts similarity index 100% rename from lib/workload/stateful/stacks/ica_event_pipe/construct/ica_event_pipe/index.ts rename to lib/workload/stateful/stacks/ica-event-pipe/construct/ica_event_pipe/index.ts diff --git a/lib/workload/stateful/stacks/ica_event_pipe/stack.ts b/lib/workload/stateful/stacks/ica-event-pipe/stack.ts similarity index 100% rename from lib/workload/stateful/stacks/ica_event_pipe/stack.ts rename to lib/workload/stateful/stacks/ica-event-pipe/stack.ts diff --git a/lib/workload/stateful/stacks/token_service/Makefile b/lib/workload/stateful/stacks/token-service/Makefile similarity index 100% rename from lib/workload/stateful/stacks/token_service/Makefile rename to lib/workload/stateful/stacks/token-service/Makefile diff --git a/lib/workload/stateful/stacks/token_service/README.md b/lib/workload/stateful/stacks/token-service/README.md similarity index 100% rename from lib/workload/stateful/stacks/token_service/README.md rename to lib/workload/stateful/stacks/token-service/README.md diff --git a/lib/workload/stateful/stacks/token_service/deploy/construct/policy/index.ts b/lib/workload/stateful/stacks/token-service/deploy/construct/policy/index.ts similarity index 100% rename from lib/workload/stateful/stacks/token_service/deploy/construct/policy/index.ts rename to lib/workload/stateful/stacks/token-service/deploy/construct/policy/index.ts diff --git a/lib/workload/stateful/stacks/token_service/deploy/stack.ts b/lib/workload/stateful/stacks/token-service/deploy/stack.ts similarity index 100% rename from lib/workload/stateful/stacks/token_service/deploy/stack.ts rename to lib/workload/stateful/stacks/token-service/deploy/stack.ts diff --git a/lib/workload/stateful/stacks/token_service/deps/requirements-test.txt b/lib/workload/stateful/stacks/token-service/deps/requirements-test.txt similarity index 100% rename from lib/workload/stateful/stacks/token_service/deps/requirements-test.txt rename to lib/workload/stateful/stacks/token-service/deps/requirements-test.txt diff --git a/lib/workload/stateful/stacks/token_service/token_service/__init__.py b/lib/workload/stateful/stacks/token-service/token_service/__init__.py similarity index 100% rename from lib/workload/stateful/stacks/token_service/token_service/__init__.py rename to lib/workload/stateful/stacks/token-service/token_service/__init__.py diff --git a/lib/workload/stateful/stacks/token_service/token_service/cognitor/__init__.py b/lib/workload/stateful/stacks/token-service/token_service/cognitor/__init__.py similarity index 100% rename from lib/workload/stateful/stacks/token_service/token_service/cognitor/__init__.py rename to lib/workload/stateful/stacks/token-service/token_service/cognitor/__init__.py diff --git a/lib/workload/stateful/stacks/token_service/token_service/cognitor/tests.py b/lib/workload/stateful/stacks/token-service/token_service/cognitor/tests.py similarity index 100% rename from lib/workload/stateful/stacks/token_service/token_service/cognitor/tests.py rename to lib/workload/stateful/stacks/token-service/token_service/cognitor/tests.py diff --git a/lib/workload/stateful/stacks/token_service/token_service/helper.py b/lib/workload/stateful/stacks/token-service/token_service/helper.py similarity index 100% rename from lib/workload/stateful/stacks/token_service/token_service/helper.py rename to lib/workload/stateful/stacks/token-service/token_service/helper.py diff --git a/lib/workload/stateful/stacks/token_service/token_service/rotate_service_jwt.py b/lib/workload/stateful/stacks/token-service/token_service/rotate_service_jwt.py similarity index 100% rename from lib/workload/stateful/stacks/token_service/token_service/rotate_service_jwt.py rename to lib/workload/stateful/stacks/token-service/token_service/rotate_service_jwt.py diff --git a/lib/workload/stateful/stacks/token_service/token_service/rotate_service_user.py b/lib/workload/stateful/stacks/token-service/token_service/rotate_service_user.py similarity index 100% rename from lib/workload/stateful/stacks/token_service/token_service/rotate_service_user.py rename to lib/workload/stateful/stacks/token-service/token_service/rotate_service_user.py diff --git a/lib/workload/stateful/statefulStackCollectionClass.ts b/lib/workload/stateful/statefulStackCollectionClass.ts index ed13acf29..5737967e4 100644 --- a/lib/workload/stateful/statefulStackCollectionClass.ts +++ b/lib/workload/stateful/statefulStackCollectionClass.ts @@ -2,8 +2,8 @@ import { Construct } from 'constructs'; import { Stack, Environment, StackProps } from 'aws-cdk-lib'; import { SharedStack, SharedStackProps } from './stacks/shared/stack'; -import { TokenServiceProps, TokenServiceStack } from './stacks/token_service/deploy/stack'; -import { IcaEventPipeStack, IcaEventPipeStackProps } from './stacks/ica_event_pipe/stack'; +import { TokenServiceProps, TokenServiceStack } from './stacks/token-service/deploy/stack'; +import { IcaEventPipeStack, IcaEventPipeStackProps } from './stacks/ica-event-pipe/stack'; export interface StatefulStackCollectionProps { sharedStackProps: SharedStackProps; diff --git a/test/stateful/ica_event_pipe/icaEventPipeConstruct.test.ts b/test/stateful/ica-event-pipe/icaEventPipeConstruct.test.ts similarity index 97% rename from test/stateful/ica_event_pipe/icaEventPipeConstruct.test.ts rename to test/stateful/ica-event-pipe/icaEventPipeConstruct.test.ts index 1df2e860b..9c4026401 100644 --- a/test/stateful/ica_event_pipe/icaEventPipeConstruct.test.ts +++ b/test/stateful/ica-event-pipe/icaEventPipeConstruct.test.ts @@ -1,6 +1,6 @@ import * as cdk from 'aws-cdk-lib'; import { Match, Template } from 'aws-cdk-lib/assertions'; -import { IcaEventPipeConstruct } from '../../../lib/workload/stateful/stacks/ica_event_pipe/construct/ica_event_pipe'; +import { IcaEventPipeConstruct } from '../../../lib/workload/stateful/stacks/ica-event-pipe/construct/ica_event_pipe'; const topicArn = 'arn:aws:sns:region-1:123456789123:TopicName'; let stack: cdk.Stack; diff --git a/test/stateful/pipeline/pipeline.test.ts b/test/stateful/pipeline/pipeline.test.ts index 4003d0925..837b11af9 100644 --- a/test/stateful/pipeline/pipeline.test.ts +++ b/test/stateful/pipeline/pipeline.test.ts @@ -6,7 +6,7 @@ import { StatefulPipelineStack } from '../../../lib/pipeline/statefulPipelineSta // we are mocking the deployment stack here, as we have a dedicated cdk-nag test for deployment stack // see the ./stateless-deployment.test.ts -jest.mock('../../../lib/workload/stateful/stateful-stack-collection-class', () => { +jest.mock('../../../lib/workload/stateful/statefulStackCollectionClass', () => { return { StatefulStackCollection: jest.fn().mockImplementation((value) => { return new Stack(value, 'mockStack', {}); diff --git a/test/stateful/token_service/tokenServiceConstruct.test.ts b/test/stateful/token-service/tokenServiceConstruct.test.ts similarity index 96% rename from test/stateful/token_service/tokenServiceConstruct.test.ts rename to test/stateful/token-service/tokenServiceConstruct.test.ts index 3e46cfb28..1f2ac7c25 100644 --- a/test/stateful/token_service/tokenServiceConstruct.test.ts +++ b/test/stateful/token-service/tokenServiceConstruct.test.ts @@ -1,7 +1,7 @@ import * as cdk from 'aws-cdk-lib'; import { Template } from 'aws-cdk-lib/assertions'; import { getEnvironmentConfig } from '../../../config/constants'; -import { TokenServiceStack } from '../../../lib/workload/stateful/stacks/token_service/deploy/stack'; +import { TokenServiceStack } from '../../../lib/workload/stateful/stacks/token-service/deploy/stack'; const constructConfig = getEnvironmentConfig('beta'); if (!constructConfig) throw new Error('No construct config for the test'); From 1729c179b40a18f02c2251f7e3016a99aee8c6d7 Mon Sep 17 00:00:00 2001 From: William Putra Intan <61998484+williamputraintan@users.noreply.github.com> Date: Thu, 11 Apr 2024 12:05:58 +1000 Subject: [PATCH 06/16] readme --- README.md | 2 +- docs/developer/MICROSERVICE.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index afb7969d4..fec6b4e0f 100644 --- a/README.md +++ b/README.md @@ -103,7 +103,7 @@ _Heads up: Polyglot programming environment. We shorten some trivial steps into To develop your microservice application please read the [microservice guide](docs/developer/MICROSERVICE.md). -Do note that we have some shared resources that is expected to be used across microservices at [shared resource docs](docs/developer/SHARED_RESOURCES.md). +Do note that we have some shared resources that is expected to be used across microservices at [shared resource docs](./lib/workload/stateful/stacks/shared/README.md). ### Typography diff --git a/docs/developer/MICROSERVICE.md b/docs/developer/MICROSERVICE.md index 6ef17217d..2d02d4e36 100644 --- a/docs/developer/MICROSERVICE.md +++ b/docs/developer/MICROSERVICE.md @@ -76,7 +76,7 @@ Most probably you microservice stack should only create new stateless resources be provisioned from the shared stateful stack. For example, your application may need an RDS cluster for its database, but the shared stack has an existing RDS cluster that is intended to be used across microservices. -See [SHARED_RESOURCES.md](./SHARED_RESOURCES.md) for more shared resources detail. +See [README.md](../../lib/workload/stateful/stacks/shared/README.md) in the stateful shared stack for more detail. Useful resources: From e0d118c889a52c5243f27bd183b750f83ad9524f Mon Sep 17 00:00:00 2001 From: William Putra Intan <61998484+williamputraintan@users.noreply.github.com> Date: Thu, 11 Apr 2024 12:40:38 +1000 Subject: [PATCH 07/16] solving conflict --- .../stateful/stacks/{token-service => token_service}/Makefile | 0 .../stateful/stacks/{token-service => token_service}/README.md | 0 .../deploy/construct/policy/index.ts | 0 .../stacks/{token-service => token_service}/deploy/stack.ts | 0 .../{token-service => token_service}/deps/requirements-test.txt | 0 .../{token-service => token_service}/token_service/__init__.py | 0 .../token_service/cognitor/__init__.py | 0 .../token_service/cognitor/tests.py | 0 .../{token-service => token_service}/token_service/helper.py | 0 .../token_service/rotate_service_jwt.py | 0 .../token_service/rotate_service_user.py | 0 lib/workload/stateful/statefulStackCollectionClass.ts | 2 +- test/stateful/token-service/tokenServiceConstruct.test.ts | 2 +- 13 files changed, 2 insertions(+), 2 deletions(-) rename lib/workload/stateful/stacks/{token-service => token_service}/Makefile (100%) rename lib/workload/stateful/stacks/{token-service => token_service}/README.md (100%) rename lib/workload/stateful/stacks/{token-service => token_service}/deploy/construct/policy/index.ts (100%) rename lib/workload/stateful/stacks/{token-service => token_service}/deploy/stack.ts (100%) rename lib/workload/stateful/stacks/{token-service => token_service}/deps/requirements-test.txt (100%) rename lib/workload/stateful/stacks/{token-service => token_service}/token_service/__init__.py (100%) rename lib/workload/stateful/stacks/{token-service => token_service}/token_service/cognitor/__init__.py (100%) rename lib/workload/stateful/stacks/{token-service => token_service}/token_service/cognitor/tests.py (100%) rename lib/workload/stateful/stacks/{token-service => token_service}/token_service/helper.py (100%) rename lib/workload/stateful/stacks/{token-service => token_service}/token_service/rotate_service_jwt.py (100%) rename lib/workload/stateful/stacks/{token-service => token_service}/token_service/rotate_service_user.py (100%) diff --git a/lib/workload/stateful/stacks/token-service/Makefile b/lib/workload/stateful/stacks/token_service/Makefile similarity index 100% rename from lib/workload/stateful/stacks/token-service/Makefile rename to lib/workload/stateful/stacks/token_service/Makefile diff --git a/lib/workload/stateful/stacks/token-service/README.md b/lib/workload/stateful/stacks/token_service/README.md similarity index 100% rename from lib/workload/stateful/stacks/token-service/README.md rename to lib/workload/stateful/stacks/token_service/README.md diff --git a/lib/workload/stateful/stacks/token-service/deploy/construct/policy/index.ts b/lib/workload/stateful/stacks/token_service/deploy/construct/policy/index.ts similarity index 100% rename from lib/workload/stateful/stacks/token-service/deploy/construct/policy/index.ts rename to lib/workload/stateful/stacks/token_service/deploy/construct/policy/index.ts diff --git a/lib/workload/stateful/stacks/token-service/deploy/stack.ts b/lib/workload/stateful/stacks/token_service/deploy/stack.ts similarity index 100% rename from lib/workload/stateful/stacks/token-service/deploy/stack.ts rename to lib/workload/stateful/stacks/token_service/deploy/stack.ts diff --git a/lib/workload/stateful/stacks/token-service/deps/requirements-test.txt b/lib/workload/stateful/stacks/token_service/deps/requirements-test.txt similarity index 100% rename from lib/workload/stateful/stacks/token-service/deps/requirements-test.txt rename to lib/workload/stateful/stacks/token_service/deps/requirements-test.txt diff --git a/lib/workload/stateful/stacks/token-service/token_service/__init__.py b/lib/workload/stateful/stacks/token_service/token_service/__init__.py similarity index 100% rename from lib/workload/stateful/stacks/token-service/token_service/__init__.py rename to lib/workload/stateful/stacks/token_service/token_service/__init__.py diff --git a/lib/workload/stateful/stacks/token-service/token_service/cognitor/__init__.py b/lib/workload/stateful/stacks/token_service/token_service/cognitor/__init__.py similarity index 100% rename from lib/workload/stateful/stacks/token-service/token_service/cognitor/__init__.py rename to lib/workload/stateful/stacks/token_service/token_service/cognitor/__init__.py diff --git a/lib/workload/stateful/stacks/token-service/token_service/cognitor/tests.py b/lib/workload/stateful/stacks/token_service/token_service/cognitor/tests.py similarity index 100% rename from lib/workload/stateful/stacks/token-service/token_service/cognitor/tests.py rename to lib/workload/stateful/stacks/token_service/token_service/cognitor/tests.py diff --git a/lib/workload/stateful/stacks/token-service/token_service/helper.py b/lib/workload/stateful/stacks/token_service/token_service/helper.py similarity index 100% rename from lib/workload/stateful/stacks/token-service/token_service/helper.py rename to lib/workload/stateful/stacks/token_service/token_service/helper.py diff --git a/lib/workload/stateful/stacks/token-service/token_service/rotate_service_jwt.py b/lib/workload/stateful/stacks/token_service/token_service/rotate_service_jwt.py similarity index 100% rename from lib/workload/stateful/stacks/token-service/token_service/rotate_service_jwt.py rename to lib/workload/stateful/stacks/token_service/token_service/rotate_service_jwt.py diff --git a/lib/workload/stateful/stacks/token-service/token_service/rotate_service_user.py b/lib/workload/stateful/stacks/token_service/token_service/rotate_service_user.py similarity index 100% rename from lib/workload/stateful/stacks/token-service/token_service/rotate_service_user.py rename to lib/workload/stateful/stacks/token_service/token_service/rotate_service_user.py diff --git a/lib/workload/stateful/statefulStackCollectionClass.ts b/lib/workload/stateful/statefulStackCollectionClass.ts index 5737967e4..272720356 100644 --- a/lib/workload/stateful/statefulStackCollectionClass.ts +++ b/lib/workload/stateful/statefulStackCollectionClass.ts @@ -2,7 +2,7 @@ import { Construct } from 'constructs'; import { Stack, Environment, StackProps } from 'aws-cdk-lib'; import { SharedStack, SharedStackProps } from './stacks/shared/stack'; -import { TokenServiceProps, TokenServiceStack } from './stacks/token-service/deploy/stack'; +import { TokenServiceProps, TokenServiceStack } from './stacks/token_service/deploy/stack'; import { IcaEventPipeStack, IcaEventPipeStackProps } from './stacks/ica-event-pipe/stack'; export interface StatefulStackCollectionProps { diff --git a/test/stateful/token-service/tokenServiceConstruct.test.ts b/test/stateful/token-service/tokenServiceConstruct.test.ts index 1f2ac7c25..3e46cfb28 100644 --- a/test/stateful/token-service/tokenServiceConstruct.test.ts +++ b/test/stateful/token-service/tokenServiceConstruct.test.ts @@ -1,7 +1,7 @@ import * as cdk from 'aws-cdk-lib'; import { Template } from 'aws-cdk-lib/assertions'; import { getEnvironmentConfig } from '../../../config/constants'; -import { TokenServiceStack } from '../../../lib/workload/stateful/stacks/token-service/deploy/stack'; +import { TokenServiceStack } from '../../../lib/workload/stateful/stacks/token_service/deploy/stack'; const constructConfig = getEnvironmentConfig('beta'); if (!constructConfig) throw new Error('No construct config for the test'); From 664d6bd27c0eb8cc03a88a3d79a2673341b76829 Mon Sep 17 00:00:00 2001 From: William Putra Intan <61998484+williamputraintan@users.noreply.github.com> Date: Thu, 11 Apr 2024 12:41:44 +1000 Subject: [PATCH 08/16] rename back --- .../stateful/stacks/{token_service => token-service}/Makefile | 0 .../stateful/stacks/{token_service => token-service}/README.md | 0 .../deploy/construct/policy/index.ts | 0 .../stacks/{token_service => token-service}/deploy/stack.ts | 0 .../{token_service => token-service}/deps/requirements-test.txt | 0 .../{token_service => token-service}/token_service/__init__.py | 0 .../token_service/cognitor/__init__.py | 0 .../token_service/cognitor/tests.py | 0 .../token_service/rotate_service_jwt.py | 0 .../token_service/rotate_service_user.py | 0 lib/workload/stateful/statefulStackCollectionClass.ts | 2 +- test/stateful/token-service/tokenServiceConstruct.test.ts | 2 +- 12 files changed, 2 insertions(+), 2 deletions(-) rename lib/workload/stateful/stacks/{token_service => token-service}/Makefile (100%) rename lib/workload/stateful/stacks/{token_service => token-service}/README.md (100%) rename lib/workload/stateful/stacks/{token_service => token-service}/deploy/construct/policy/index.ts (100%) rename lib/workload/stateful/stacks/{token_service => token-service}/deploy/stack.ts (100%) rename lib/workload/stateful/stacks/{token_service => token-service}/deps/requirements-test.txt (100%) rename lib/workload/stateful/stacks/{token_service => token-service}/token_service/__init__.py (100%) rename lib/workload/stateful/stacks/{token_service => token-service}/token_service/cognitor/__init__.py (100%) rename lib/workload/stateful/stacks/{token_service => token-service}/token_service/cognitor/tests.py (100%) rename lib/workload/stateful/stacks/{token_service => token-service}/token_service/rotate_service_jwt.py (100%) rename lib/workload/stateful/stacks/{token_service => token-service}/token_service/rotate_service_user.py (100%) diff --git a/lib/workload/stateful/stacks/token_service/Makefile b/lib/workload/stateful/stacks/token-service/Makefile similarity index 100% rename from lib/workload/stateful/stacks/token_service/Makefile rename to lib/workload/stateful/stacks/token-service/Makefile diff --git a/lib/workload/stateful/stacks/token_service/README.md b/lib/workload/stateful/stacks/token-service/README.md similarity index 100% rename from lib/workload/stateful/stacks/token_service/README.md rename to lib/workload/stateful/stacks/token-service/README.md diff --git a/lib/workload/stateful/stacks/token_service/deploy/construct/policy/index.ts b/lib/workload/stateful/stacks/token-service/deploy/construct/policy/index.ts similarity index 100% rename from lib/workload/stateful/stacks/token_service/deploy/construct/policy/index.ts rename to lib/workload/stateful/stacks/token-service/deploy/construct/policy/index.ts diff --git a/lib/workload/stateful/stacks/token_service/deploy/stack.ts b/lib/workload/stateful/stacks/token-service/deploy/stack.ts similarity index 100% rename from lib/workload/stateful/stacks/token_service/deploy/stack.ts rename to lib/workload/stateful/stacks/token-service/deploy/stack.ts diff --git a/lib/workload/stateful/stacks/token_service/deps/requirements-test.txt b/lib/workload/stateful/stacks/token-service/deps/requirements-test.txt similarity index 100% rename from lib/workload/stateful/stacks/token_service/deps/requirements-test.txt rename to lib/workload/stateful/stacks/token-service/deps/requirements-test.txt diff --git a/lib/workload/stateful/stacks/token_service/token_service/__init__.py b/lib/workload/stateful/stacks/token-service/token_service/__init__.py similarity index 100% rename from lib/workload/stateful/stacks/token_service/token_service/__init__.py rename to lib/workload/stateful/stacks/token-service/token_service/__init__.py diff --git a/lib/workload/stateful/stacks/token_service/token_service/cognitor/__init__.py b/lib/workload/stateful/stacks/token-service/token_service/cognitor/__init__.py similarity index 100% rename from lib/workload/stateful/stacks/token_service/token_service/cognitor/__init__.py rename to lib/workload/stateful/stacks/token-service/token_service/cognitor/__init__.py diff --git a/lib/workload/stateful/stacks/token_service/token_service/cognitor/tests.py b/lib/workload/stateful/stacks/token-service/token_service/cognitor/tests.py similarity index 100% rename from lib/workload/stateful/stacks/token_service/token_service/cognitor/tests.py rename to lib/workload/stateful/stacks/token-service/token_service/cognitor/tests.py diff --git a/lib/workload/stateful/stacks/token_service/token_service/rotate_service_jwt.py b/lib/workload/stateful/stacks/token-service/token_service/rotate_service_jwt.py similarity index 100% rename from lib/workload/stateful/stacks/token_service/token_service/rotate_service_jwt.py rename to lib/workload/stateful/stacks/token-service/token_service/rotate_service_jwt.py diff --git a/lib/workload/stateful/stacks/token_service/token_service/rotate_service_user.py b/lib/workload/stateful/stacks/token-service/token_service/rotate_service_user.py similarity index 100% rename from lib/workload/stateful/stacks/token_service/token_service/rotate_service_user.py rename to lib/workload/stateful/stacks/token-service/token_service/rotate_service_user.py diff --git a/lib/workload/stateful/statefulStackCollectionClass.ts b/lib/workload/stateful/statefulStackCollectionClass.ts index 272720356..5737967e4 100644 --- a/lib/workload/stateful/statefulStackCollectionClass.ts +++ b/lib/workload/stateful/statefulStackCollectionClass.ts @@ -2,7 +2,7 @@ import { Construct } from 'constructs'; import { Stack, Environment, StackProps } from 'aws-cdk-lib'; import { SharedStack, SharedStackProps } from './stacks/shared/stack'; -import { TokenServiceProps, TokenServiceStack } from './stacks/token_service/deploy/stack'; +import { TokenServiceProps, TokenServiceStack } from './stacks/token-service/deploy/stack'; import { IcaEventPipeStack, IcaEventPipeStackProps } from './stacks/ica-event-pipe/stack'; export interface StatefulStackCollectionProps { diff --git a/test/stateful/token-service/tokenServiceConstruct.test.ts b/test/stateful/token-service/tokenServiceConstruct.test.ts index 3e46cfb28..1f2ac7c25 100644 --- a/test/stateful/token-service/tokenServiceConstruct.test.ts +++ b/test/stateful/token-service/tokenServiceConstruct.test.ts @@ -1,7 +1,7 @@ import * as cdk from 'aws-cdk-lib'; import { Template } from 'aws-cdk-lib/assertions'; import { getEnvironmentConfig } from '../../../config/constants'; -import { TokenServiceStack } from '../../../lib/workload/stateful/stacks/token_service/deploy/stack'; +import { TokenServiceStack } from '../../../lib/workload/stateful/stacks/token-service/deploy/stack'; const constructConfig = getEnvironmentConfig('beta'); if (!constructConfig) throw new Error('No construct config for the test'); From b959de0796cb6614846a8f4cd8fe6c8a316066c2 Mon Sep 17 00:00:00 2001 From: William Putra Intan <61998484+williamputraintan@users.noreply.github.com> Date: Thu, 11 Apr 2024 12:45:05 +1000 Subject: [PATCH 09/16] folder rename --- config/constants.ts | 2 +- .../shared/constructs/{event_source => event-source}/index.ts | 0 lib/workload/stateful/stacks/shared/stack.ts | 2 +- test/stateful/shared/eventSourceConstruct.test.ts | 2 +- 4 files changed, 3 insertions(+), 3 deletions(-) rename lib/workload/stateful/stacks/shared/constructs/{event_source => event-source}/index.ts (100%) diff --git a/config/constants.ts b/config/constants.ts index 912620d81..2b897eabf 100644 --- a/config/constants.ts +++ b/config/constants.ts @@ -1,7 +1,7 @@ import { AuroraPostgresEngineVersion } from 'aws-cdk-lib/aws-rds'; import { OrcaBusStatelessConfig } from '../lib/workload/orcabus-stateless-stack'; import { Duration, RemovalPolicy } from 'aws-cdk-lib'; -import { EventSourceProps } from '../lib/workload/stateful/stacks/shared/constructs/event_source'; +import { EventSourceProps } from '../lib/workload/stateful/stacks/shared/constructs/event-source'; import { DbAuthType } from '../lib/workload/stateless/postgres_manager/function/type'; import { FILEMANAGER_SERVICE_NAME, diff --git a/lib/workload/stateful/stacks/shared/constructs/event_source/index.ts b/lib/workload/stateful/stacks/shared/constructs/event-source/index.ts similarity index 100% rename from lib/workload/stateful/stacks/shared/constructs/event_source/index.ts rename to lib/workload/stateful/stacks/shared/constructs/event-source/index.ts diff --git a/lib/workload/stateful/stacks/shared/stack.ts b/lib/workload/stateful/stacks/shared/stack.ts index 316358558..094134a1e 100644 --- a/lib/workload/stateful/stacks/shared/stack.ts +++ b/lib/workload/stateful/stacks/shared/stack.ts @@ -4,7 +4,7 @@ import { EventBusConstruct, EventBusProps } from './constructs/eventbridge'; import { ConfigurableDatabaseProps, Database } from './constructs/database'; import { ComputeConfig, ComputeConstruct } from './constructs/compute'; import { SchemaRegistryConstruct, SchemaRegistryProps } from './constructs/schemaregistry'; -import { EventSource, EventSourceProps } from './constructs/event_source'; +import { EventSource, EventSourceProps } from './constructs/event-source'; import { IVpc } from 'aws-cdk-lib/aws-ec2'; import { getVpc } from '../../../components/vpc'; diff --git a/test/stateful/shared/eventSourceConstruct.test.ts b/test/stateful/shared/eventSourceConstruct.test.ts index 844d8bcff..8826bfc26 100644 --- a/test/stateful/shared/eventSourceConstruct.test.ts +++ b/test/stateful/shared/eventSourceConstruct.test.ts @@ -1,6 +1,6 @@ import * as cdk from 'aws-cdk-lib'; import { Match, Template } from 'aws-cdk-lib/assertions'; -import { EventSource } from '../../../lib/workload/stateful/stacks/shared/constructs/event_source'; +import { EventSource } from '../../../lib/workload/stateful/stacks/shared/constructs/event-source'; let stack: cdk.Stack; From b48ac869d3b588d0841ce271e0617447426099cb Mon Sep 17 00:00:00 2001 From: William Putra Intan <61998484+williamputraintan@users.noreply.github.com> Date: Thu, 11 Apr 2024 16:21:56 +1000 Subject: [PATCH 10/16] filename --- bin/{stateful-pipeline.ts => statefulPipeline.ts} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename bin/{stateful-pipeline.ts => statefulPipeline.ts} (100%) diff --git a/bin/stateful-pipeline.ts b/bin/statefulPipeline.ts similarity index 100% rename from bin/stateful-pipeline.ts rename to bin/statefulPipeline.ts From 9bc1b0e4572fcf2b31efdaa00ce07a3b98885815 Mon Sep 17 00:00:00 2001 From: William Putra Intan <61998484+williamputraintan@users.noreply.github.com> Date: Fri, 12 Apr 2024 09:32:04 +1000 Subject: [PATCH 11/16] package.json --- lib/workload/stateful/statefulStackCollectionClass.ts | 2 +- package.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/workload/stateful/statefulStackCollectionClass.ts b/lib/workload/stateful/statefulStackCollectionClass.ts index 5737967e4..6e48b3db9 100644 --- a/lib/workload/stateful/statefulStackCollectionClass.ts +++ b/lib/workload/stateful/statefulStackCollectionClass.ts @@ -12,7 +12,7 @@ export interface StatefulStackCollectionProps { } export class StatefulStackCollection { - // Only defined stacks + // Defined stateful stacks here readonly sharedStack: Stack; readonly tokenServiceStack: Stack; readonly icaEventPipeStack: Stack; diff --git a/package.json b/package.json index 265290706..b81716401 100644 --- a/package.json +++ b/package.json @@ -20,7 +20,7 @@ "prettier": "prettier --check .", "prettier-fix": "prettier --write .", "cdk-stateless": "cdk --app 'yarn run -B ts-node --prefer-ts-exts bin/stateless-pipeline.ts'", - "cdk-stateful": "cdk --app 'yarn run -B ts-node --prefer-ts-exts bin/stateful-pipeline.ts'" + "cdk-stateful": "cdk --app 'yarn run -B ts-node --prefer-ts-exts bin/statefulPipeline.ts'" }, "dependencies": { "@aws-cdk/aws-lambda-python-alpha": "2.126.0-alpha.0", From 4604b7506221cdf8c088e17e78bdd9a2553d6c46 Mon Sep 17 00:00:00 2001 From: William Putra Intan <61998484+williamputraintan@users.noreply.github.com> Date: Fri, 12 Apr 2024 17:06:00 +1000 Subject: [PATCH 12/16] feedback --- .prettierignore | 1 - README.md | 2 +- config/constants.ts | 14 +++-- lib/workload/stateful/stacks/shared/README.md | 2 +- .../stacks/shared/constructs/compute/index.ts | 4 +- .../shared/constructs/database/index.ts | 2 +- .../{eventbridge => event-bus}/index.ts | 0 .../shared/constructs/event-source/index.ts | 4 +- .../index.ts | 0 lib/workload/stateful/stacks/shared/stack.ts | 51 ++++++++++++------- .../stacks/token-service/deploy/stack.ts | 7 ++- .../stateful/statefulStackCollectionClass.ts | 24 +++++---- test/stateful/shared/computeConstruct.test.ts | 4 +- .../stateful/shared/databaseConstruct.test.ts | 6 +-- .../shared/eventSourceConstruct.test.ts | 18 +++---- .../stateful/shared/eventbusConstruct.test.ts | 4 +- .../shared/schemaRegistryConstruct.test.ts | 4 +- 17 files changed, 83 insertions(+), 64 deletions(-) rename lib/workload/stateful/stacks/shared/constructs/{eventbridge => event-bus}/index.ts (100%) rename lib/workload/stateful/stacks/shared/constructs/{schemaregistry => schema-registry}/index.ts (100%) diff --git a/.prettierignore b/.prettierignore index 3fa3e7ad7..0e741880b 100644 --- a/.prettierignore +++ b/.prettierignore @@ -30,7 +30,6 @@ config/event_schemas/ skel/ docs/ openapi/ -shared/ venv/ # TODO still early days let ignore prettier them (microservice apps) for now diff --git a/README.md b/README.md index fec6b4e0f..f1f0e741c 100644 --- a/README.md +++ b/README.md @@ -120,7 +120,7 @@ Guide](https://docs.aws.amazon.com/prescriptive-guidance/latest/best-practices-c - Use PascalCase for type names and enum names. - Name files with camelCase (for example, ebsVolumes.tsx or storage.tsb) -For folder name, we will be using `kebab-case` +For folder name, we will be using `kebab-case` as this is the common convention in TypeScript project. ### Toolchain diff --git a/config/constants.ts b/config/constants.ts index 2b897eabf..8c9f0dbe5 100644 --- a/config/constants.ts +++ b/config/constants.ts @@ -9,13 +9,14 @@ import { } from '../lib/workload/stateless/filemanager/deploy/lib/filemanager'; import { IcaEventPipeStackProps } from '../lib/workload/stateful/stacks/ica-event-pipe/stack'; import { StatefulStackCollectionProps } from '../lib/workload/stateful/statefulStackCollectionClass'; +import { VpcLookupOptions } from 'aws-cdk-lib/aws-ec2'; const region = 'ap-southeast-2'; // upstream infra: vpc const vpcName = 'main-vpc'; const vpcStackName = 'networking'; -const vpcProps = { +const vpcProps: VpcLookupOptions = { vpcName: vpcName, tags: { Stack: vpcStackName, @@ -78,7 +79,7 @@ const orcaBusStatefulConfig = { clusterEndpointHostParameterName: dbClusterEndpointHostParameterName, secretRotationSchedule: Duration.days(7), }, - computeConfig: { + computeProps: { securityGroupName: lambdaSecurityGroupName, }, icaEventPipeProps: icaEventPipeProps, @@ -189,6 +190,7 @@ export const getEnvironmentConfig = ( stackProps: { statefulConfig: { sharedStackProps: { + vpcProps, schemaRegistryProps: orcaBusStatefulConfig.schemaRegistryProps, eventBusProps: orcaBusStatefulConfig.eventBusProps, databaseProps: { @@ -200,7 +202,7 @@ export const getEnvironmentConfig = ( enablePerformanceInsights: true, removalPolicy: RemovalPolicy.DESTROY, }, - computeConfig: orcaBusStatefulConfig.computeConfig, + computeProps: orcaBusStatefulConfig.computeProps, eventSourceProps: eventSourceConfig(devBucket), }, tokenServiceStackProps: orcaBusStatefulConfig.tokenServiceProps, @@ -222,6 +224,7 @@ export const getEnvironmentConfig = ( stackProps: { statefulConfig: { sharedStackProps: { + vpcProps, schemaRegistryProps: orcaBusStatefulConfig.schemaRegistryProps, eventBusProps: orcaBusStatefulConfig.eventBusProps, databaseProps: { @@ -233,7 +236,7 @@ export const getEnvironmentConfig = ( enablePerformanceInsights: true, removalPolicy: RemovalPolicy.DESTROY, }, - computeConfig: orcaBusStatefulConfig.computeConfig, + computeProps: orcaBusStatefulConfig.computeProps, eventSourceProps: eventSourceConfig(stgBucket), }, tokenServiceStackProps: orcaBusStatefulConfig.tokenServiceProps, @@ -255,6 +258,7 @@ export const getEnvironmentConfig = ( stackProps: { statefulConfig: { sharedStackProps: { + vpcProps, schemaRegistryProps: orcaBusStatefulConfig.schemaRegistryProps, eventBusProps: orcaBusStatefulConfig.eventBusProps, databaseProps: { @@ -264,7 +268,7 @@ export const getEnvironmentConfig = ( maxACU: 16, removalPolicy: RemovalPolicy.RETAIN, }, - computeConfig: orcaBusStatefulConfig.computeConfig, + computeProps: orcaBusStatefulConfig.computeProps, eventSourceProps: eventSourceConfig(prodBucket), }, tokenServiceStackProps: orcaBusStatefulConfig.tokenServiceProps, diff --git a/lib/workload/stateful/stacks/shared/README.md b/lib/workload/stateful/stacks/shared/README.md index 715c86be5..bb6229fce 100644 --- a/lib/workload/stateful/stacks/shared/README.md +++ b/lib/workload/stateful/stacks/shared/README.md @@ -23,7 +23,7 @@ Please check the: [PostgresManager](../../../stateless/postgres_manager/README.m ## Schema Registry -## Compute +## ComputeConstruct This construct contains resources that could be shared/attached to a compute resource. diff --git a/lib/workload/stateful/stacks/shared/constructs/compute/index.ts b/lib/workload/stateful/stacks/shared/constructs/compute/index.ts index 7012f89b8..2e932d6a1 100644 --- a/lib/workload/stateful/stacks/shared/constructs/compute/index.ts +++ b/lib/workload/stateful/stacks/shared/constructs/compute/index.ts @@ -1,7 +1,7 @@ import { Construct } from 'constructs'; import * as ec2 from 'aws-cdk-lib/aws-ec2'; -export interface ComputeConfig { +export interface ComputeProps { /** * The security group name for the shared security group */ @@ -14,7 +14,7 @@ export interface ComputeConfig { export class ComputeConstruct extends Construct { readonly securityGroup: ec2.SecurityGroup; - constructor(scope: Construct, id: string, vpc: ec2.IVpc, props: ComputeConfig) { + constructor(scope: Construct, id: string, vpc: ec2.IVpc, props: ComputeProps) { super(scope, id); this.securityGroup = new ec2.SecurityGroup(this, 'SecurityGroup', { diff --git a/lib/workload/stateful/stacks/shared/constructs/database/index.ts b/lib/workload/stateful/stacks/shared/constructs/database/index.ts index 7fb6c3207..9b61d8836 100644 --- a/lib/workload/stateful/stacks/shared/constructs/database/index.ts +++ b/lib/workload/stateful/stacks/shared/constructs/database/index.ts @@ -105,7 +105,7 @@ export type DatabaseProps = ConfigurableDatabaseProps & { allowedInboundSG?: ec2.SecurityGroup; }; -export class Database extends Construct { +export class DatabaseConstruct extends Construct { readonly securityGroup: SecurityGroup; readonly cluster: DatabaseCluster; diff --git a/lib/workload/stateful/stacks/shared/constructs/eventbridge/index.ts b/lib/workload/stateful/stacks/shared/constructs/event-bus/index.ts similarity index 100% rename from lib/workload/stateful/stacks/shared/constructs/eventbridge/index.ts rename to lib/workload/stateful/stacks/shared/constructs/event-bus/index.ts diff --git a/lib/workload/stateful/stacks/shared/constructs/event-source/index.ts b/lib/workload/stateful/stacks/shared/constructs/event-source/index.ts index 606b298dc..dd1f8eb85 100644 --- a/lib/workload/stateful/stacks/shared/constructs/event-source/index.ts +++ b/lib/workload/stateful/stacks/shared/constructs/event-source/index.ts @@ -26,7 +26,7 @@ export type EventSourceRule = { }; /** - * Properties for the EventSource construct. + * Properties for the EventSourceConstruct. */ export type EventSourceProps = { /** @@ -47,7 +47,7 @@ export type EventSourceProps = { /** * A construct that defines an SQS S3 event source, along with a DLQ and CloudWatch alarms. */ -export class EventSource extends Construct { +export class EventSourceConstruct extends Construct { readonly queue: Queue; readonly deadLetterQueue: Queue; readonly alarm: Alarm; diff --git a/lib/workload/stateful/stacks/shared/constructs/schemaregistry/index.ts b/lib/workload/stateful/stacks/shared/constructs/schema-registry/index.ts similarity index 100% rename from lib/workload/stateful/stacks/shared/constructs/schemaregistry/index.ts rename to lib/workload/stateful/stacks/shared/constructs/schema-registry/index.ts diff --git a/lib/workload/stateful/stacks/shared/stack.ts b/lib/workload/stateful/stacks/shared/stack.ts index 094134a1e..f27149ed5 100644 --- a/lib/workload/stateful/stacks/shared/stack.ts +++ b/lib/workload/stateful/stacks/shared/stack.ts @@ -1,42 +1,55 @@ import { Stack, StackProps } from 'aws-cdk-lib'; import { Construct } from 'constructs'; -import { EventBusConstruct, EventBusProps } from './constructs/eventbridge'; -import { ConfigurableDatabaseProps, Database } from './constructs/database'; -import { ComputeConfig, ComputeConstruct } from './constructs/compute'; -import { SchemaRegistryConstruct, SchemaRegistryProps } from './constructs/schemaregistry'; -import { EventSource, EventSourceProps } from './constructs/event-source'; -import { IVpc } from 'aws-cdk-lib/aws-ec2'; -import { getVpc } from '../../../components/vpc'; +import { Vpc, VpcLookupOptions } from 'aws-cdk-lib/aws-ec2'; +import { EventBusConstruct, EventBusProps } from './constructs/event-bus'; +import { ConfigurableDatabaseProps, DatabaseConstruct } from './constructs/database'; +import { ComputeProps, ComputeConstruct } from './constructs/compute'; +import { SchemaRegistryConstruct, SchemaRegistryProps } from './constructs/schema-registry'; +import { EventSourceConstruct, EventSourceProps } from './constructs/event-source'; export interface SharedStackProps { + /** + * Any configuration related to the SchemaRegistryConstruct + */ schemaRegistryProps: SchemaRegistryProps; + /** + * Any configuration related to the EventBusConstruct + */ eventBusProps: EventBusProps; + /** + * Any configuration related to database + */ databaseProps: ConfigurableDatabaseProps; - computeConfig: ComputeConfig; + /** + * Any configuration related to shared compute resources + */ + computeProps: ComputeProps; + /** + * Any configuration related to event source + */ eventSourceProps?: EventSourceProps; + /** + * VPC (lookup props) that will be used by resources + */ + vpcProps: VpcLookupOptions; } - export class SharedStack extends Stack { - constructor( - scope: Construct, - id: string, - props: StackProps & SharedStackProps - ) { + constructor(scope: Construct, id: string, props: StackProps & SharedStackProps) { super(scope, id, props); - const mainVpc = getVpc(this) + const mainVpc = Vpc.fromLookup(scope, 'MainVpc', props.vpcProps); const computeResources = new ComputeConstruct( this, 'ComputeConstruct', mainVpc, - props.computeConfig + props.computeProps ); - new EventBusConstruct(this, 'OrcaBusEventBusConstruct', props.eventBusProps); + new EventBusConstruct(this, 'EventBusConstruct', props.eventBusProps); - new Database(this, 'OrcaBusDatabaseConstruct', { + new DatabaseConstruct(this, 'DatabaseConstruct', { vpc: mainVpc, allowedInboundSG: computeResources.securityGroup, ...props.databaseProps, @@ -45,7 +58,7 @@ export class SharedStack extends Stack { new SchemaRegistryConstruct(this, 'SchemaRegistryConstruct', props.schemaRegistryProps); if (props.eventSourceProps) { - new EventSource(this, 'EventSourceConstruct', props.eventSourceProps); + new EventSourceConstruct(this, 'EventSourceConstruct', props.eventSourceProps); } } } diff --git a/lib/workload/stateful/stacks/token-service/deploy/stack.ts b/lib/workload/stateful/stacks/token-service/deploy/stack.ts index ecf5aa2fd..abea9cfa8 100644 --- a/lib/workload/stateful/stacks/token-service/deploy/stack.ts +++ b/lib/workload/stateful/stacks/token-service/deploy/stack.ts @@ -8,19 +8,18 @@ import { Architecture } from 'aws-cdk-lib/aws-lambda'; import { Role, ServicePrincipal } from 'aws-cdk-lib/aws-iam'; import { IUserPool, UserPool } from 'aws-cdk-lib/aws-cognito'; import { LogGroup } from 'aws-cdk-lib/aws-logs'; -import { IVpc } from 'aws-cdk-lib/aws-ec2'; +import { IVpc, Vpc, VpcLookupOptions } from 'aws-cdk-lib/aws-ec2'; import { getCognitoAdminActions, getCognitoJWTPolicy, getLambdaVPCPolicy, getServiceUserSecretResourcePolicy, } from './construct/policy'; -import { getVpc } from '../../../../components/vpc'; export interface TokenServiceProps { serviceUserSecretName: string; jwtSecretName: string; - vpcProps: object; + vpcProps: VpcLookupOptions; cognitoUserPoolIdParameterName: string; cognitoPortalAppClientIdParameterName: string; } @@ -36,7 +35,7 @@ export class TokenServiceStack extends Stack { super(scope, id, props); this.props = props; - this.vpc = getVpc(this); + this.vpc = Vpc.fromLookup(scope, 'MainVpc', props.vpcProps); // NOTE: // Token Service has very high dependency on the upstream Cognito User Pool OAuth2 broker diff --git a/lib/workload/stateful/statefulStackCollectionClass.ts b/lib/workload/stateful/statefulStackCollectionClass.ts index 6e48b3db9..4ad2e7270 100644 --- a/lib/workload/stateful/statefulStackCollectionClass.ts +++ b/lib/workload/stateful/statefulStackCollectionClass.ts @@ -22,26 +22,30 @@ export class StatefulStackCollection { env: Environment, statefulConfiguration: StatefulStackCollectionProps ) { - const stackPropsTemplate: StackProps = { - env: env, - tags: { - 'umccr-org:Product': 'OrcaBus', - }, - }; - this.sharedStack = new SharedStack(scope, 'SharedStack', { - ...stackPropsTemplate, + ...this.createTemplateProps(env, 'SharedStack'), ...statefulConfiguration.sharedStackProps, }); this.tokenServiceStack = new TokenServiceStack(scope, 'TokenServiceStack', { - ...stackPropsTemplate, + ...this.createTemplateProps(env, 'TokenServiceStack'), ...statefulConfiguration.tokenServiceStackProps, }); this.icaEventPipeStack = new IcaEventPipeStack(scope, 'IcaEventPipeStack', { - ...stackPropsTemplate, + ...this.createTemplateProps(env, 'IcaEventPipeStack'), ...statefulConfiguration.icaEventPipeStackProps, }); } + + private createTemplateProps(env: Environment, serviceName: string): StackProps { + return { + env: env, + tags: { + 'umccr-org:Product': 'OrcaBus', + 'umccr-org:Creator': 'CDK', + 'umccr-org:Service': serviceName, + }, + }; + } } diff --git a/test/stateful/shared/computeConstruct.test.ts b/test/stateful/shared/computeConstruct.test.ts index 5754dccd9..5d1b6cfd2 100644 --- a/test/stateful/shared/computeConstruct.test.ts +++ b/test/stateful/shared/computeConstruct.test.ts @@ -17,12 +17,12 @@ beforeEach(() => { }); }); -test('Test SchemaRegistry Creation', () => { +test('Test SchemaRegistryConstruct Creation', () => { new ComputeConstruct( stack, 'TestSGConstruct', vpc, - constructConfig.stackProps.statefulConfig.sharedStackProps.computeConfig + constructConfig.stackProps.statefulConfig.sharedStackProps.computeProps ); const template = Template.fromStack(stack); diff --git a/test/stateful/shared/databaseConstruct.test.ts b/test/stateful/shared/databaseConstruct.test.ts index 79822e491..62678c059 100644 --- a/test/stateful/shared/databaseConstruct.test.ts +++ b/test/stateful/shared/databaseConstruct.test.ts @@ -1,6 +1,6 @@ import * as cdk from 'aws-cdk-lib'; import { Template } from 'aws-cdk-lib/assertions'; -import { Database } from '../../../lib/workload/stateful/stacks/shared/constructs/database'; +import { DatabaseConstruct } from '../../../lib/workload/stateful/stacks/shared/constructs/database'; import * as ec2 from 'aws-cdk-lib/aws-ec2'; import { getEnvironmentConfig } from '../../../config/constants'; @@ -25,7 +25,7 @@ beforeEach(() => { }); test('Test DBCluster created props', () => { - new Database(stack, 'TestDatabaseConstruct', { + new DatabaseConstruct(stack, 'TestDatabaseConstruct', { vpc, ...dbProps, }); @@ -49,7 +49,7 @@ test('Test other SG Allow Ingress to DB SG', () => { }); const sgLogicalId = stack.getLogicalId(allowedSG.node.defaultChild as ec2.CfnSecurityGroup); - new Database(stack, 'TestDatabaseConstruct', { + new DatabaseConstruct(stack, 'TestDatabaseConstruct', { vpc, allowedInboundSG: allowedSG, ...dbProps, diff --git a/test/stateful/shared/eventSourceConstruct.test.ts b/test/stateful/shared/eventSourceConstruct.test.ts index 8826bfc26..86075d471 100644 --- a/test/stateful/shared/eventSourceConstruct.test.ts +++ b/test/stateful/shared/eventSourceConstruct.test.ts @@ -1,6 +1,6 @@ import * as cdk from 'aws-cdk-lib'; import { Match, Template } from 'aws-cdk-lib/assertions'; -import { EventSource } from '../../../lib/workload/stateful/stacks/shared/constructs/event-source'; +import { EventSourceConstruct } from '../../../lib/workload/stateful/stacks/shared/constructs/event-source'; let stack: cdk.Stack; @@ -37,8 +37,8 @@ beforeEach(() => { stack = new cdk.Stack(); }); -test('Test EventSource created props', () => { - new EventSource(stack, 'TestEventSourceConstruct', { +test('Test EventSourceConstruct created props', () => { + new EventSourceConstruct(stack, 'TestEventSourceConstruct', { queueName: 'queue', maxReceiveCount: 100, rules: [ @@ -54,8 +54,8 @@ test('Test EventSource created props', () => { assert_common(template); }); -test('Test EventSource created props with event types', () => { - new EventSource(stack, 'TestEventSourceConstruct', { +test('Test EventSourceConstruct created props with event types', () => { + new EventSourceConstruct(stack, 'TestEventSourceConstruct', { queueName: 'queue', maxReceiveCount: 100, rules: [ @@ -75,8 +75,8 @@ test('Test EventSource created props with event types', () => { }); }); -test('Test EventSource created props with prefix', () => { - new EventSource(stack, 'TestEventSourceConstruct', { +test('Test EventSourceConstruct created props with prefix', () => { + new EventSourceConstruct(stack, 'TestEventSourceConstruct', { queueName: 'queue', maxReceiveCount: 100, rules: [ @@ -104,8 +104,8 @@ test('Test EventSource created props with prefix', () => { }); }); -test('Test EventSource created props with rules matching any bucket', () => { - new EventSource(stack, 'TestEventSourceConstruct', { +test('Test EventSourceConstruct created props with rules matching any bucket', () => { + new EventSourceConstruct(stack, 'TestEventSourceConstruct', { queueName: 'queue', maxReceiveCount: 100, rules: [{}], diff --git a/test/stateful/shared/eventbusConstruct.test.ts b/test/stateful/shared/eventbusConstruct.test.ts index b5c97cf8d..c98c97d95 100644 --- a/test/stateful/shared/eventbusConstruct.test.ts +++ b/test/stateful/shared/eventbusConstruct.test.ts @@ -1,7 +1,7 @@ import * as cdk from 'aws-cdk-lib'; import { Template } from 'aws-cdk-lib/assertions'; import { getEnvironmentConfig } from '../../../config/constants'; -import { EventBusConstruct } from '../../../lib/workload/stateful/stacks/shared/constructs/eventbridge'; +import { EventBusConstruct } from '../../../lib/workload/stateful/stacks/shared/constructs/event-bus'; let stack: cdk.Stack; @@ -12,7 +12,7 @@ beforeEach(() => { stack = new cdk.Stack(); }); -test('Test EventBus Creation', () => { +test('Test EventBusConstruct Creation', () => { new EventBusConstruct( stack, 'TestEventBusConstruct', diff --git a/test/stateful/shared/schemaRegistryConstruct.test.ts b/test/stateful/shared/schemaRegistryConstruct.test.ts index f1cdc2f66..924f8d11b 100644 --- a/test/stateful/shared/schemaRegistryConstruct.test.ts +++ b/test/stateful/shared/schemaRegistryConstruct.test.ts @@ -1,7 +1,7 @@ import * as cdk from 'aws-cdk-lib'; import { Template } from 'aws-cdk-lib/assertions'; import { getEnvironmentConfig } from '../../../config/constants'; -import { SchemaRegistryConstruct } from '../../../lib/workload/stateful/stacks/shared/constructs/schemaregistry'; +import { SchemaRegistryConstruct } from '../../../lib/workload/stateful/stacks/shared/constructs/schema-registry'; let stack: cdk.Stack; @@ -12,7 +12,7 @@ beforeEach(() => { stack = new cdk.Stack(); }); -test('Test SchemaRegistry Creation', () => { +test('Test SchemaRegistryConstruct Creation', () => { new SchemaRegistryConstruct( stack, 'TestSchemaRegistryConstruct', From ed1c08543ea4651628f186eebb715cca914f718e Mon Sep 17 00:00:00 2001 From: William Putra Intan <61998484+williamputraintan@users.noreply.github.com> Date: Fri, 12 Apr 2024 17:34:49 +1000 Subject: [PATCH 13/16] fromLookup fix --- lib/workload/stateful/stacks/shared/stack.ts | 2 +- lib/workload/stateful/stacks/token-service/deploy/stack.ts | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/workload/stateful/stacks/shared/stack.ts b/lib/workload/stateful/stacks/shared/stack.ts index f27149ed5..145d3d8aa 100644 --- a/lib/workload/stateful/stacks/shared/stack.ts +++ b/lib/workload/stateful/stacks/shared/stack.ts @@ -38,7 +38,7 @@ export class SharedStack extends Stack { constructor(scope: Construct, id: string, props: StackProps & SharedStackProps) { super(scope, id, props); - const mainVpc = Vpc.fromLookup(scope, 'MainVpc', props.vpcProps); + const mainVpc = Vpc.fromLookup(this, 'MainVpc', props.vpcProps); const computeResources = new ComputeConstruct( this, diff --git a/lib/workload/stateful/stacks/token-service/deploy/stack.ts b/lib/workload/stateful/stacks/token-service/deploy/stack.ts index abea9cfa8..be114e2c4 100644 --- a/lib/workload/stateful/stacks/token-service/deploy/stack.ts +++ b/lib/workload/stateful/stacks/token-service/deploy/stack.ts @@ -35,7 +35,7 @@ export class TokenServiceStack extends Stack { super(scope, id, props); this.props = props; - this.vpc = Vpc.fromLookup(scope, 'MainVpc', props.vpcProps); + this.vpc = Vpc.fromLookup(this, 'MainVpc', props.vpcProps); // NOTE: // Token Service has very high dependency on the upstream Cognito User Pool OAuth2 broker From a7bb6f1f3f139552767580624fe9f3ad36af04f7 Mon Sep 17 00:00:00 2001 From: William Putra Intan <61998484+williamputraintan@users.noreply.github.com> Date: Fri, 12 Apr 2024 17:39:33 +1000 Subject: [PATCH 14/16] enable lint for `./shared` --- shared/MOCK_AWS.md | 2 +- shared/MOCK_DB.md | 1 + shared/MOCK_ICA.md | 9 +++++++-- shared/mock-aws.yml | 3 +-- shared/mock-db.yml | 7 +++---- shared/mock-ica.yml | 1 - 6 files changed, 13 insertions(+), 10 deletions(-) diff --git a/shared/MOCK_AWS.md b/shared/MOCK_AWS.md index 06fa41238..88f629c2c 100644 --- a/shared/MOCK_AWS.md +++ b/shared/MOCK_AWS.md @@ -1,7 +1,7 @@ # AWS Mock using Localstack - From your compose stack root, preform: + ``` docker compose up -d docker compose ps diff --git a/shared/MOCK_DB.md b/shared/MOCK_DB.md index 174eceb77..60cd1d8a1 100644 --- a/shared/MOCK_DB.md +++ b/shared/MOCK_DB.md @@ -1,6 +1,7 @@ # Mock DB using PostgreSQL From your compose stack root, preform: + ``` docker compose up -d docker compose ps diff --git a/shared/MOCK_ICA.md b/shared/MOCK_ICA.md index 668414fe9..ee05b702d 100644 --- a/shared/MOCK_ICA.md +++ b/shared/MOCK_ICA.md @@ -5,6 +5,7 @@ Using through `libica` or otherwise, any calling to ICA interfacing logic will b ## ICA v1 Mock Service From your compose stack root, preform: + ``` docker compose up -d docker compose ps @@ -13,8 +14,9 @@ docker compose ps ### WES - In one terminal, monitor WES endpoint as follows. + ``` -docker logs orcabus_wes -f +docker logs orcabus_wes -f [11:05:13 AM] › [CLI] … awaiting Starting Prism… [11:05:40 AM] › [CLI] ✔ success GET http://0.0.0.0:4010/v1/workflows [11:05:40 AM] › [CLI] ✔ success POST http://0.0.0.0:4010/v1/workflows @@ -29,6 +31,7 @@ docker logs orcabus_wes -f ``` - Open another terminal, query mock REST endpoint as follows. + ``` curl -s -H "Authorization: Bearer Test" -X GET http://localhost/v1/workflows | jq curl -s -H "Authorization: Bearer Test" -X GET http://localhost/v1/workflows/wfr.123456789abcd | jq @@ -65,6 +68,7 @@ docker logs orcabus_gds -f ``` - Open another terminal, query mock REST endpoint as follows. + ``` curl -s -H "Authorization: Bearer Test" -X GET http://localhost/v1/files | jq ``` @@ -78,7 +82,7 @@ curl -s -H "Authorization: Bearer Test" -X GET 'http://localhost/v1/files?volume Yup. Same. ``` -docker logs orcabus_ica_v2 -f +docker logs orcabus_ica_v2 -f [11:12:40 AM] › [CLI] … awaiting Starting Prism… [11:13:13 AM] › [CLI] ✔ success GET http://0.0.0.0:4010/api/analysisStorages [11:13:13 AM] › [CLI] ✔ success POST http://0.0.0.0:4010/api/bundles @@ -101,6 +105,7 @@ docker logs orcabus_ica_v2 -f ``` - Open another terminal, query mock REST endpoint as follows. + ``` curl -s -H "Authorization: Bearer Test" -X GET http://localhost/api/bundles | jq ``` diff --git a/shared/mock-aws.yml b/shared/mock-aws.yml index 274d7b412..0f5fbd373 100644 --- a/shared/mock-aws.yml +++ b/shared/mock-aws.yml @@ -1,9 +1,8 @@ version: '3.1' services: - localstack: image: public.ecr.aws/localstack/localstack:3 container_name: orcabus_localstack ports: - - "4566:4566" + - '4566:4566' diff --git a/shared/mock-db.yml b/shared/mock-db.yml index b3b685842..d52734440 100644 --- a/shared/mock-db.yml +++ b/shared/mock-db.yml @@ -1,7 +1,6 @@ version: '3.1' services: - db: # Use version that align with upper bound of AWS Aurora PostgreSQL LTS # https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Updates.LTS.html @@ -14,10 +13,10 @@ services: - POSTGRES_USER=orcabus - POSTGRES_PASSWORD=orcabus ports: - - "5432:5432" + - '5432:5432' healthcheck: - test: ["CMD-SHELL", "pg_isready", "-d", "orcabus"] + test: ['CMD-SHELL', 'pg_isready', '-d', 'orcabus'] interval: 10s timeout: 60s retries: 5 - start_period: 90s + start_period: 90s diff --git a/shared/mock-ica.yml b/shared/mock-ica.yml index c98a5f047..526040f07 100644 --- a/shared/mock-ica.yml +++ b/shared/mock-ica.yml @@ -1,7 +1,6 @@ version: '3.1' services: - haproxy: image: public.ecr.aws/docker/library/haproxy:2.4 container_name: orcabus_haproxy From 7089877c56728d967aba5a3d1856056e7baa6902 Mon Sep 17 00:00:00 2001 From: William Putra Intan <61998484+williamputraintan@users.noreply.github.com> Date: Fri, 12 Apr 2024 18:17:27 +1000 Subject: [PATCH 15/16] Update statefulStackCollectionClass.ts --- lib/workload/stateful/statefulStackCollectionClass.ts | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/lib/workload/stateful/statefulStackCollectionClass.ts b/lib/workload/stateful/statefulStackCollectionClass.ts index 4ad2e7270..6fcafaa1a 100644 --- a/lib/workload/stateful/statefulStackCollectionClass.ts +++ b/lib/workload/stateful/statefulStackCollectionClass.ts @@ -12,7 +12,8 @@ export interface StatefulStackCollectionProps { } export class StatefulStackCollection { - // Defined stateful stacks here + // You could add more stack here and initiate it at the constructor. See example below for reference + readonly sharedStack: Stack; readonly tokenServiceStack: Stack; readonly icaEventPipeStack: Stack; @@ -38,6 +39,13 @@ export class StatefulStackCollection { }); } + /** + * This output the StackProps that each stack should have on deployment + * + * @param env The environment which each stack should deploy to + * @param serviceName The service name + * @returns StackProps that will be included as template + */ private createTemplateProps(env: Environment, serviceName: string): StackProps { return { env: env, From 4028173afce0ac38fb6b5b1252edff77ec1b0fc1 Mon Sep 17 00:00:00 2001 From: William Putra Intan <61998484+williamputraintan@users.noreply.github.com> Date: Mon, 15 Apr 2024 11:00:03 +1000 Subject: [PATCH 16/16] name refinement --- config/constants.ts | 6 +++--- lib/workload/orcabus-stateless-stack.ts | 4 ++-- lib/workload/stateful/stacks/token-service/deploy/stack.ts | 6 +++--- lib/workload/stateful/statefulStackCollectionClass.ts | 4 ++-- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/config/constants.ts b/config/constants.ts index 8c9f0dbe5..aa81c72c8 100644 --- a/config/constants.ts +++ b/config/constants.ts @@ -29,7 +29,7 @@ const cognitoPortalAppClientIdParameterName = '/data_portal/client/data2/cog_app const regName = 'OrcaBusSchemaRegistry'; const eventBusName = 'OrcaBusMain'; -const lambdaSecurityGroupName = 'OrcaBusLambdaSecurityGroup'; +const computeSecurityGroupName = 'OrcaBusSharedComputeSecurityGroup'; const dbClusterIdentifier = 'orcabus-db'; const dbClusterResourceIdParameterName = '/orcabus/db-cluster-resource-id'; const dbClusterEndpointHostParameterName = '/orcabus/db-cluster-endpoint-host'; @@ -80,7 +80,7 @@ const orcaBusStatefulConfig = { secretRotationSchedule: Duration.days(7), }, computeProps: { - securityGroupName: lambdaSecurityGroupName, + securityGroupName: computeSecurityGroupName, }, icaEventPipeProps: icaEventPipeProps, tokenServiceProps: { @@ -111,7 +111,7 @@ const orcaBusStatelessConfig = { ], }, eventBusName: eventBusName, - lambdaSecurityGroupName: lambdaSecurityGroupName, + computeSecurityGroupName: computeSecurityGroupName, rdsMasterSecretName: rdsMasterSecretName, postgresManagerConfig: { masterSecretName: rdsMasterSecretName, diff --git a/lib/workload/orcabus-stateless-stack.ts b/lib/workload/orcabus-stateless-stack.ts index 68f666472..c079670d4 100644 --- a/lib/workload/orcabus-stateless-stack.ts +++ b/lib/workload/orcabus-stateless-stack.ts @@ -20,7 +20,7 @@ import { EventBus, IEventBus } from 'aws-cdk-lib/aws-events'; export interface OrcaBusStatelessConfig { multiSchemaConstructProps: MultiSchemaConstructProps; eventBusName: string; - lambdaSecurityGroupName: string; + computeSecurityGroupName: string; rdsMasterSecretName: string; postgresManagerConfig: PostgresManagerConfig; metadataManagerConfig: MetadataManagerConfig; @@ -45,7 +45,7 @@ export class OrcaBusStatelessStack extends cdk.Stack { this.lambdaSecurityGroup = SecurityGroup.fromLookupByName( this, 'OrcaBusLambdaSecurityGroup', - props.lambdaSecurityGroupName, + props.computeSecurityGroupName, this.vpc ); diff --git a/lib/workload/stateful/stacks/token-service/deploy/stack.ts b/lib/workload/stateful/stacks/token-service/deploy/stack.ts index be114e2c4..d64b5da20 100644 --- a/lib/workload/stateful/stacks/token-service/deploy/stack.ts +++ b/lib/workload/stateful/stacks/token-service/deploy/stack.ts @@ -16,7 +16,7 @@ import { getServiceUserSecretResourcePolicy, } from './construct/policy'; -export interface TokenServiceProps { +export interface TokenServiceStackProps { serviceUserSecretName: string; jwtSecretName: string; vpcProps: VpcLookupOptions; @@ -25,13 +25,13 @@ export interface TokenServiceProps { } export class TokenServiceStack extends Stack { - private readonly props: TokenServiceProps; + private readonly props: TokenServiceStackProps; private readonly vpc: IVpc; private readonly userPool: IUserPool; private readonly lambdaEnv; private readonly lambdaRuntimePythonVersion: aws_lambda.Runtime = aws_lambda.Runtime.PYTHON_3_12; - constructor(scope: Construct, id: string, props: StackProps & TokenServiceProps) { + constructor(scope: Construct, id: string, props: StackProps & TokenServiceStackProps) { super(scope, id, props); this.props = props; diff --git a/lib/workload/stateful/statefulStackCollectionClass.ts b/lib/workload/stateful/statefulStackCollectionClass.ts index 6fcafaa1a..cc13ba1f2 100644 --- a/lib/workload/stateful/statefulStackCollectionClass.ts +++ b/lib/workload/stateful/statefulStackCollectionClass.ts @@ -2,12 +2,12 @@ import { Construct } from 'constructs'; import { Stack, Environment, StackProps } from 'aws-cdk-lib'; import { SharedStack, SharedStackProps } from './stacks/shared/stack'; -import { TokenServiceProps, TokenServiceStack } from './stacks/token-service/deploy/stack'; +import { TokenServiceStackProps, TokenServiceStack } from './stacks/token-service/deploy/stack'; import { IcaEventPipeStack, IcaEventPipeStackProps } from './stacks/ica-event-pipe/stack'; export interface StatefulStackCollectionProps { sharedStackProps: SharedStackProps; - tokenServiceStackProps: TokenServiceProps; + tokenServiceStackProps: TokenServiceStackProps; icaEventPipeStackProps: IcaEventPipeStackProps; }