UNPKG

caccl-deploy

Version:

A cli tool for managing ECS/Fargate app deployments

75 lines (63 loc) 1.96 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
import { aws_ecs as ecs, aws_secretsmanager as secretsmanager, } from 'aws-cdk-lib'; import { Construct } from 'constructs'; const VOLUME_NAME = 'gitrepovolume'; const VOLUME_CONTAINER_MOUNT_PATH = '/var/gitrepo'; export interface CacclGitRepoVolumeContainerProps { taskDefinition: ecs.TaskDefinition; appContainer: ecs.ContainerDefinition; repoUrlSecretArn: string; appContainerPath: string; } export class CacclGitRepoVolumeContainer extends Construct { container: ecs.ContainerDefinition; constructor( scope: Construct, id: string, props: CacclGitRepoVolumeContainerProps, ) { super(scope, id); const { taskDefinition, appContainer, repoUrlSecretArn, appContainerPath } = props; // the volume itself is added to the task definition taskDefinition.addVolume({ name: VOLUME_NAME }); // container gets the full URL (including auth bits) via secrets manager const repoUrlSecret = ecs.Secret.fromSecretsManager( secretsmanager.Secret.fromSecretCompleteArn( this, 'RepoUrlSecret', repoUrlSecretArn, ), ); this.container = new ecs.ContainerDefinition( this, 'GitRepoVolumeContainer', { image: ecs.ContainerImage.fromRegistry('alpine/git'), command: ['git clone --branch master $GIT_REPO_URL /var/gitrepo'], entryPoint: ['sh', '-c'], essential: false, taskDefinition, secrets: { GIT_REPO_URL: repoUrlSecret, }, }, ); this.container.addMountPoints({ containerPath: VOLUME_CONTAINER_MOUNT_PATH, readOnly: false, sourceVolume: VOLUME_NAME, }); appContainer.addMountPoints({ containerPath: appContainerPath, readOnly: false, sourceVolume: VOLUME_NAME, }); appContainer.addContainerDependencies({ container: this.container, condition: ecs.ContainerDependencyCondition.SUCCESS, }); } }