Skip to content

Commit

Permalink
Updated Fetch SSM Parameter Logic (#82)
Browse files Browse the repository at this point in the history 
Signed-off-by: David Deal <dealako@gmail.com>
  • Loading branch information
@dealako
dealako authored Aug 19, 2020
1 parent 5a31c7e commit b1b6b94
Show file tree
Hide file tree
Showing 5 changed files with 1,082 additions and 1,540 deletions.
84 changes: 69 additions & 15 deletions .circleci/config.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -56,19 +56,33 @@ jobs:
- save_cache: *save-cache
- persist_to_workspace: *persist_to_workspace

build:
build: &buildAnchor
<<: *defaults
steps:
- checkout
- attach_workspace:
at: /tmp/workspace
- restore_cache: *restore-cache
- run:
name: Setup AWS key
command: |
echo "export AWS_ACCESS_KEY_ID=${!AWS_ACCESS_KEY_ID_ENV_VAR}" >> ${BASH_ENV}
echo "export AWS_SECRET_ACCESS_KEY=${!AWS_SECRET_ACCESS_KEY_ENV_VAR}" >> ${BASH_ENV}
- run:
name: Install AWS Profile
command: |
echo "PROJECT_DIR=${PROJECT_DIR}"
echo "Installing Profile '${AWS_PROFILE}'..."
mkdir -p ~/.aws
printf "[profile ${AWS_PROFILE}]\nregion=${AWS_REGION}\noutput=json" > ~/.aws/config
printf "[${AWS_PROFILE}]\naws_access_key_id=${!AWS_ACCESS_KEY_ID_ENV_VAR}\naws_secret_access_key=${!AWS_SECRET_ACCESS_KEY_ENV_VAR}" > ~/.aws/credentials
echo "export AWS_PROFILE=${AWS_PROFILE}" >> ${BASH_ENV}
- run:
name: Building Source
command: |
echo "Node version is: $(node --version)"
echo "Running yarn build..."
yarn build
echo "Running yarn build:${STAGE}..."
yarn build:${STAGE}
no_output_timeout: 10m
- run:
name: Build Edge
Expand All @@ -82,6 +96,39 @@ jobs:
- save_cache: *save-cache
- persist_to_workspace: *persist_to_workspace

buildDev:
<<: *buildAnchor
environment:
AWS_ACCESS_KEY_ID_ENV_VAR: AWS_ACCESS_KEY_ID_DEV
AWS_SECRET_ACCESS_KEY_ENV_VAR: AWS_SECRET_ACCESS_KEY_DEV
AWS_PROFILE: easycla
AWS_REGION: us-east-1
STAGE: dev
ROOT_DOMAIN: dev.communitybridge.org
PRODUCT_DOMAIN: easycla.dev.communitybridge.org

buildStaging:
<<: *buildAnchor
environment:
AWS_ACCESS_KEY_ID_ENV_VAR: AWS_ACCESS_KEY_ID_STAGING
AWS_SECRET_ACCESS_KEY_ENV_VAR: AWS_SECRET_ACCESS_KEY_STAGING
AWS_PROFILE: easycla
AWS_REGION: us-east-1
STAGE: staging
ROOT_DOMAIN: staging.communitybridge.org
PRODUCT_DOMAIN: easycla.staging.communitybridge.org

buildProd:
<<: *buildAnchor
environment:
AWS_ACCESS_KEY_ID_ENV_VAR: AWS_ACCESS_KEY_ID_PROD
AWS_SECRET_ACCESS_KEY_ENV_VAR: AWS_SECRET_ACCESS_KEY_PROD
AWS_PROFILE: easycla
AWS_REGION: us-east-1
STAGE: prod
ROOT_DOMAIN: communitybridge.org
PRODUCT_DOMAIN: easycla.communitybridge.org

lint:
<<: *defaults
steps:
Expand Down Expand Up @@ -181,27 +228,21 @@ workflows:
filters:
tags:
only: /.*/
- build:
- buildDev:
requires:
- setup
filters:
tags:
only: /.*/
- lint:
requires:
- build
- buildDev
filters:
tags:
only: /.*/
#- test:
# requires:
# - build
# filters:
# tags:
# only: /.*/
- deployContributorConsoleDev:
requires:
- build
- buildDev
- lint
#- test
filters:
Expand All @@ -212,11 +253,17 @@ workflows:
- master

# Deploy Staging
- buildStaging:
filters:
branches:
ignore: /.*/
tags:
# see semver examples https://regex101.com/r/Ly7O1x/201/
only: /^v?(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$/
- approve_staging:
type: approval
requires:
- build
- lint
- buildStaging
filters:
branches:
ignore: /.*/
Expand All @@ -234,9 +281,17 @@ workflows:
only: /^v?(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$/

# Deploy Prod
- buildProd:
filters:
branches:
ignore: /.*/
tags:
# see semver examples https://regex101.com/r/Ly7O1x/201/
only: /^v?(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$/
- approve_prod:
type: approval
requires:
- buildProd
- deployContributorConsoleStaging
filters:
branches:
Expand All @@ -253,4 +308,3 @@ workflows:
tags:
# see semver examples https://regex101.com/r/Ly7O1x/201/
only: /^v?(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$/

2 changes: 1 addition & 1 deletion package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -101,4 +101,4 @@
}
},
"license": "MIT"
}
}
11 changes: 7 additions & 4 deletions src/app/config/scripts/prefetch-ssm.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,15 +10,18 @@ const stageEnv = process.env.STAGE_ENV;
const AWS_SSM_JSON_PATH = './src/app/config/cla-env-config.json';

async function prefetchSSM() {
let result = {};
console.log(`Start to fetch SSM values at ${stageEnv}...`);
result = await RetrieveSSMValues(configVarArray, stageEnv, region, profile);
const result = await RetrieveSSMValues(configVarArray, stageEnv, region, profile);
console.log('Fetching completed.');

//test for local
// result['cla-api-url'] = 'http://localhost:5000';
console.log(`Saving configuration to file: ${AWS_SSM_JSON_PATH}...`);
fs.writeFile(AWS_SSM_JSON_PATH, JSON.stringify(result), function (err) {
if (err) throw new Error(`Couldn't save SSM paramters to disk with error ${err}`);
console.log('Fetching completed...');
if (err) {
throw new Error(`Couldn't save SSM parameters to disk with error ${err}`);
}
console.log('Save complete.');
});
}

Expand Down
22 changes: 14 additions & 8 deletions src/app/config/scripts/read-ssm.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,9 +12,7 @@ const AWS = require('aws-sdk');
* @returns {Promise<{ [key:string]: string}>}
*/
async function retrieveSSMValues(variables, stage, region, profile) {
const scopedVariables = variables.map((param) => {
return `cla-${param}-${stage}`;
});
const scopedVariables = variables.map((param) => `cla-${param}-${stage}`);
const result = await requestSSMParameters(scopedVariables, stage, region, profile);
const parameters = result.Parameters;
const error = result.$response.error;
Expand All @@ -24,8 +22,9 @@ async function retrieveSSMValues(variables, stage, region, profile) {
);
}
const scopedParams = createParameterMap(parameters, stage);
let params;
const params = new Map();
Object.keys(scopedParams).forEach((key) => {
// console.log(`processing ${key}`);
const param = scopedParams[key];
key = key.replace('cla-', '');
key = key.replace(`-${stage}`, '');
Expand All @@ -39,23 +38,30 @@ async function retrieveSSMValues(variables, stage, region, profile) {
);
}
});

return params;
}

/**
* Performs a bulk request of the specified SSM parameters.
* @param {string[]} variables
* @param {string} stage
* @param {string} region
* @param {string} profile
*/
function requestSSMParameters(variables, stage, region, profile) {
async function requestSSMParameters(variables, stage, region, profile) {
console.log(`Loading AWS credentials from profile: ${profile}`)
AWS.config.credentials = new AWS.SharedIniFileCredentials({ profile });
const ssm = new AWS.SSM({ region: region });
const ssm = new AWS.SSM({ region });
const ps = {
Names: variables,
WithDecryption: true
};
console.log(AWS.config.credentials);
return ssm.getParameters(ps).promise();
// console.log(AWS.config.credentials);
// console.log(`fetching ssm parameters: ${variables}`);
const response = await ssm.getParameters(ps).promise();
// console.log(response);
return response;
}

/**
Expand Down
Loading

0 comments on commit b1b6b94

Please sign in to comment.