• Your recent searches
App-FargateStack
5 results

 view release on metacpan or  search on metacpan

lib/App/FargateStack/Builder/HTTPService.pm  view on Meta::CPAN 

    $self->set_alb($alb_info);
  }

  return;
}

########################################################################
sub create_alb_security_group {
########################################################################
  my ($self) = @_;

  my ( $config, $dryrun, $app, $security_groups ) = $self->common_args(qw(config dryrun app security_groups));

  $security_groups //= {};
  $config->{security_groups} = $security_groups;

  # create security groups
  my $ec2 = $self->fetch_ec2;

  my $sg_name = $self->create_default('alb-security-group-name');

  my $query  = sprintf 'SecurityGroups[?GroupName == `%s`].{group_id: GroupId}', $sg_name;
  my $result = $ec2->describe_security_group( $sg_name, $query );
  $ec2->check_result( message => 'ERROR: could not describe security group: [%s]', $sg_name );

  $self->log_debug( [ result => $result, error => $ec2->get_error ] );

  if ( !$result ) {
    $self->inc_required_resources( security_groups => [$sg_name] );
    $self->log_info( 'http-service: ALB security group [%s] will be created...%s', $sg_name, $dryrun );
  }
  else {
    $self->log_info( 'http-service: ALB security group [%s] exists...skipping', $sg_name );
  }

  my $sg = $result->{group_id};

  my @allow_ports = ( $config->{alb}->{port}, $config->{alb}->{redirect_80} ? 80 : () );

  if ( !$sg && !$dryrun ) {
    my $sg_description = sprintf 'allow in-bound port(s): [%s] to %s-alb', join( q{,}, @allow_ports ), $app->{name};

    $sg = $ec2->create_security_group( $sg_name, $sg_description );
    $ec2->check_result( message => 'ERROR: could not create security group: [%s]', $sg_name );

    $security_groups->{alb}->{group_id} = $sg;
    $security_groups->{alb}->{name}     = $sg_name;
  }
  else {
    $sg = 'sg-????';
  }

  $self->log_info( 'http-service: authorizing ingress for [%s] on port(s): [%s]...%s',
    $sg, join( q{, }, @allow_ports ), $dryrun );

  if ( !$dryrun ) {
    foreach my $port (@allow_ports) {
      $ec2->authorize_security_group_ingress(
        group_id => $sg,
        port     => $port,
        cidr     => '0.0.0.0/0',
      );
    }
  }

  return $sg;
}

########################################################################
sub create_alias {
########################################################################
  my ($self) = @_;

  my ( $config, $dryrun ) = $self->common_args(qw(config dryrun));

  my $domain = $config->{domain};

  my $zone_id = $config->{route53}->{zone_id};

  return
    if !$domain;

  my $route53 = $self->fetch_route53;

  my $alb_arn = $config->{alb}->{arn};
  my $elb     = $self->fetch_elbv2;
  my ( $alb_dns_name, $alb_zone_id );

  if ($alb_arn) {

    my $alb = $elb->describe_load_balancer( $alb_arn, 'LoadBalancers[0]' );

    ( $alb_dns_name, $alb_zone_id ) = @{$alb}{qw(DNSName CanonicalHostedZoneId)};

    my $result = $route53->find_alias_record(
      zone_id     => $zone_id,
      dns_name    => $alb_dns_name,
      domain_name => $domain
    );

    $route53->check_result( message => 'ERROR: could not determine if an alias record exists for: [%s]', $domain );

    if ( $result && @{$result} ) {
      $self->log_info( 'http-service: alias record for [%s] exists...skipping', $domain );
      return;
    }
  }

  $self->log_warn( 'route53: alias for [%s] will be created...%s', $domain, $dryrun );
  $self->inc_required_resources( route53 => $domain );

  return
    if $dryrun;

  log_die( $self, 'ERROR: ALB has not been created yet?' )
    if !$alb_dns_name || !$alb_zone_id;

  my $result = $route53->create_alias(
    elb          => $elb,
    domain       => $domain,
    zone_id      => $zone_id,



( run in 1.070 second using v1.01-cache-2.11-cpan-df04353d9ac )