briareus
Version:
Briareus assists with Feature Branch deploys to ECS
70 lines (59 loc) • 2.09 kB
JavaScript
const AWS = require('aws-sdk');
const async = require('async');
const _ = require('lodash');
const config = require('../config');
let action = module.exports = function (pipeline, payload, cb) {
const acm = new AWS.ACM();
const attemptLimit = 10;
let attempts = 0;
function fetchCertificateDetails(params, cb) {
acm.describeCertificate(params, function (err, data) {
if (err) return cb(err);
// Immidiately after creating an ACM certificate DomainValidationOptions is an empty list.
// We need to keep querying AWS until this list is populated
let gotem = data.Certificate.DomainValidationOptions;
if (gotem) {
gotem = _.every(data.Certificate.DomainValidationOptions, (domainValidationSet) => !!domainValidationSet.ResourceRecord);
}
if (!gotem) {
if (attempts >= attemptLimit) return cb(new Error('Timeout occured waiting for the ACM Certificate Domain Verification Options to become available'))
setTimeout(() => fetchCertificateDetails(params, cb), config.get('awsApiPollingTimeout'));
return;
}
cb(null, data);
});
}
const reqCertParams = {
DomainName: payload.endpoint.host,
IdempotencyToken: payload.hashedSlug,
Options: {
CertificateTransparencyLoggingPreference: 'ENABLED'
},
SubjectAlternativeNames: [
`*.${payload.endpoint.host}`
],
Tags: [
{
Key: 'Name',
Value: payload.name
},
],
ValidationMethod: 'DNS'
};
async.waterfall([
(next) => acm.requestCertificate(reqCertParams, next),
// TODO: Loop until describe returns DNS Verification records
(data, next) => fetchCertificateDetails(data, next)
], (err, data) => {
if (err) return cb(err);
cb(null, [{
op: 'add', path: '/assets/acmCertificate', value: {
arn: data.Certificate.CertificateArn,
validationOptions: data.Certificate.DomainValidationOptions
}
}]);
});
};
action.waiting = 'Creating ACM Certificate';
action.done = 'ACM Certificate has been created';