Skip to content

Commit

Permalink
bug: fix issues preventing deployment of resources
Browse files Browse the repository at this point in the history
  • Loading branch information
sgtoj committed Jul 17, 2023
1 parent 8bcc3da commit 7fee661
Show file tree
Hide file tree
Showing 5 changed files with 28 additions and 18 deletions.
2 changes: 1 addition & 1 deletion assets/custom-message-sender/Dockerfile
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# ------------------------------------------------------------------- base ---

FROM node:18-alpine as base
FROM node:18 as base

RUN mkdir -p /opt/app
WORKDIR /opt/app
Expand Down
2 changes: 1 addition & 1 deletion assets/custom-message-sender/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@
"opa-build:sample_policy": "opa build -t wasm -e sample/validate ./src/opa/fixtures/sample_policy.rego && tar -zxv -C ./src/opa/fixtures/ -f bundle.tar.gz '/policy.wasm' && mv ./src/opa/fixtures/policy.wasm ./src/opa/fixtures/sample_policy.wasm",
"opa-test": "npm run opa-test:sample_policy",
"opa-test:sample_policy": "opa test -v ./src/opa/fixtures/sample_policy.rego ./src/opa/fixtures/sample_policy_test.rego",
"test": "jest",
"test": "jest --detectOpenHandles --forceExit",
"test:coverage": "jest --coverage",
"tsc": "npx tsc",
"lint": "npx eslint src/**/*.ts"
Expand Down
34 changes: 20 additions & 14 deletions main.tf
Original file line number Diff line number Diff line change
@@ -1,7 +1,8 @@
locals {
name = coalesce(module.this.name, var.name, "cognito-custom-message-sender")
enabled = module.this.enabled
aws_account_id = try(coalesce(var.aws_account_id, data.aws_caller_identity.current[0].account_id), "")
aws_region_name = try(coalesce(var.aws_region_name, data.aws_caller_identity.current[0].region), "")
aws_region_name = try(coalesce(var.aws_region_name, data.aws_region.current[0].name), "")

email_sender_enabled = false

Expand All @@ -12,7 +13,11 @@ locals {
}

data "aws_caller_identity" "current" {
count = local.enabled && (var.aws_account_id == "" || var.aws_region_name == "") ? 1 : 0
count = local.enabled && var.aws_account_id == "" ? 1 : 0
}

data "aws_region" "current" {
count = local.enabled && var.aws_region_name == "" ? 1 : 0
}

# ============================================================ message-sender ===
Expand All @@ -21,30 +26,31 @@ module "message_sender_label" {
source = "cloudposse/label/null"
version = "0.25.0"

name = var.name == "" ? "cognito-custom-message-sender" : var.name
name = local.name
context = module.this.context
}

module "message_sender_code" {
source = "sgtoj/artifact-packager/docker"
version = "1.0.0"
version = "1.3.1"

artifact_src_path = "/tmp/package.zip"
docker_build_context = abspath("${path.module}/assets/cognito-message-sender")
docker_build_context = abspath("${path.module}/assets/custom-message-sender")
docker_build_target = "package"

docker_build_args = {
SERVICE_OPA_POLICY_ENCODED = base64encode(local.sms_sender_policy_content)
}


context = module.message_sender_label.context
}

resource "aws_cloudwatch_log_group" "message_sender" {
count = local.enabled ? 1 : 0
count = local.enabled ? 1 : 0

name = "/aws/lambda/${module.message_sender_label.id}"
retention_in_days = 90
tags = module.message_sender_label.tags
}

resource "aws_lambda_function" "message_sender" {
Expand All @@ -64,7 +70,7 @@ resource "aws_lambda_function" "message_sender" {

environment {
variables = {
LOG_LEVEL = var.service_log_level ? "debug" : "info"
LOG_LEVEL = var.service_log_level
KMS_KEY_ID = module.kms_key.key_arn
DDB_TABLE_HISTORY_NAME = aws_dynamodb_table.history[0].name
DDB_TABLE_HISTORY_TTL = 43200
Expand Down Expand Up @@ -100,11 +106,11 @@ module "history_label" {
version = "0.25.0"

attributes = ["history"]
context = module.this.context
context = module.message_sender_label.context
}

resource "aws_dynamodb_table" "history" {
count = module.this.enabled ? 1 : 0
count = module.message_sender_label.enabled ? 1 : 0

name = module.history_label.id
billing_mode = "PAY_PER_REQUEST"
Expand Down Expand Up @@ -160,18 +166,18 @@ module "kms_key" {
source = "cloudposse/kms-key/aws"
version = "0.12.1"

alias = "${var.kms_key_alias_prefix}/${module.this.name}"
alias = "${var.kms_key_alias_prefix}/${module.message_sender_label.name}"
deletion_window_in_days = 7

context = module.this.context
context = module.message_sender_label.context
}

# ---------------------------------------------------------------------- iam ---

resource "aws_iam_role" "this" {
count = local.enabled ? 1 : 0

name = module.this.id
name = module.message_sender_label.id
description = ""

assume_role_policy = jsonencode({
Expand All @@ -192,7 +198,7 @@ resource "aws_iam_role" "this" {
policy = data.aws_iam_policy_document.this[0].json
}

tags = module.this.tags
tags = module.message_sender_label.tags
}

data "aws_iam_policy_document" "this" {
Expand Down
4 changes: 2 additions & 2 deletions variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ variable "kms_key_alias_prefix" {
default = "alias"

validation {
condition = can(regex("^alias[a-zA-Z0-9/_-]*[^/]$", var.kms_key_alias_prefix))
condition = can(regex("^alias[a-zA-Z0-9/_-]*[^/]*$", var.kms_key_alias_prefix))
error_message = "KMS key alias prefix must start with 'alias' and only have alphanumeric, dashes, underscores, colons or slashes but doesn't end with a slash"
}
}
Expand All @@ -33,7 +33,7 @@ variable "sms_sender_policy_content" {
type = string

validation {
condition = contains(var.sms_sender_policy_content, "package cognito_custom_sender_sms_policy")
condition = startswith(var.sms_sender_policy_content, "package cognito_custom_sender_sms_policy")
error_message = "The SMS sender policy content must include 'package cognito_custom_sender_sms_policy'."
}
}
Expand Down
4 changes: 4 additions & 0 deletions version.tf → versions.tf
Original file line number Diff line number Diff line change
Expand Up @@ -6,5 +6,9 @@ terraform {
source = "hashicorp/aws"
version = ">= 5.0.0, < 6.0.0"
}
docker = {
source = "kreuzwerker/docker"
version = ">= 3.0.0, < 4.0.0"
}
}
}

0 comments on commit 7fee661

Please sign in to comment.