2021-05-23 04:08:40 +00:00
|
|
|
import * as SDK from 'aws-sdk';
|
|
|
|
|
import { customAlphabet } from 'nanoid';
|
|
|
|
|
import RemoteBuilderSecret from './remote-builder-secret';
|
|
|
|
|
import RemoteBuilderEnvironmentVariable from './remote-builder-environment-variable';
|
|
|
|
|
import * as fs from 'fs';
|
|
|
|
|
import * as core from '@actions/core';
|
|
|
|
|
import RemoteBuilderTaskDef from './remote-builder-task-def';
|
|
|
|
|
import RemoteBuilderConstants from './remote-builder-constants';
|
|
|
|
|
import AWSBuildRunner from './aws-build-runner';
|
2021-06-18 20:36:45 +00:00
|
|
|
import { RemoteBuilderProviderInterface } from './remote-builder-provider-interface';
|
2021-06-19 20:35:22 +00:00
|
|
|
import BuildParameters from '../build-parameters';
|
2021-05-23 04:08:40 +00:00
|
|
|
|
2021-06-18 20:36:45 +00:00
|
|
|
class AWSBuildEnvironment implements RemoteBuilderProviderInterface {
|
2021-06-19 20:35:22 +00:00
|
|
|
private stackName: string;
|
|
|
|
|
|
|
|
|
|
constructor(buildParameters: BuildParameters) {
|
|
|
|
|
this.stackName = buildParameters.awsStackName;
|
|
|
|
|
}
|
2021-06-19 22:15:44 +00:00
|
|
|
CleanupSharedBuildResources(
|
|
|
|
|
// eslint-disable-next-line no-unused-vars
|
|
|
|
|
buildUid: string,
|
|
|
|
|
// eslint-disable-next-line no-unused-vars
|
|
|
|
|
buildParameters: BuildParameters,
|
|
|
|
|
// eslint-disable-next-line no-unused-vars
|
|
|
|
|
branchName: string,
|
|
|
|
|
// eslint-disable-next-line no-unused-vars
|
|
|
|
|
defaultSecretsArray: { ParameterKey: string; EnvironmentVariable: string; ParameterValue: string }[],
|
|
|
|
|
) {
|
|
|
|
|
throw new Error('Method not implemented.');
|
|
|
|
|
}
|
|
|
|
|
SetupSharedBuildResources(
|
|
|
|
|
// eslint-disable-next-line no-unused-vars
|
|
|
|
|
buildUid: string,
|
|
|
|
|
// eslint-disable-next-line no-unused-vars
|
|
|
|
|
buildParameters: BuildParameters,
|
|
|
|
|
// eslint-disable-next-line no-unused-vars
|
|
|
|
|
branchName: string,
|
|
|
|
|
// eslint-disable-next-line no-unused-vars
|
|
|
|
|
defaultSecretsArray: { ParameterKey: string; EnvironmentVariable: string; ParameterValue: string }[],
|
|
|
|
|
) {
|
|
|
|
|
throw new Error('Method not implemented.');
|
|
|
|
|
}
|
2021-06-19 20:35:22 +00:00
|
|
|
|
2021-06-19 04:49:32 +00:00
|
|
|
async runBuildTask(
|
2021-05-23 04:08:40 +00:00
|
|
|
buildId: string,
|
|
|
|
|
image: string,
|
|
|
|
|
commands: string[],
|
|
|
|
|
mountdir: string,
|
|
|
|
|
workingdir: string,
|
|
|
|
|
environment: RemoteBuilderEnvironmentVariable[],
|
|
|
|
|
secrets: RemoteBuilderSecret[],
|
2021-06-18 20:36:45 +00:00
|
|
|
): Promise<void> {
|
2021-05-23 04:08:40 +00:00
|
|
|
const ECS = new SDK.ECS();
|
|
|
|
|
const CF = new SDK.CloudFormation();
|
|
|
|
|
const entrypoint = ['/bin/sh'];
|
|
|
|
|
|
2021-06-19 20:35:22 +00:00
|
|
|
const taskDef = await this.setupCloudFormations(
|
2021-05-23 04:08:40 +00:00
|
|
|
CF,
|
|
|
|
|
buildId,
|
|
|
|
|
image,
|
|
|
|
|
entrypoint,
|
|
|
|
|
commands,
|
|
|
|
|
mountdir,
|
|
|
|
|
workingdir,
|
|
|
|
|
secrets,
|
|
|
|
|
);
|
|
|
|
|
try {
|
2021-06-19 21:07:24 +00:00
|
|
|
await AWSBuildRunner.runTask(taskDef, ECS, CF, environment, buildId, commands);
|
2021-05-23 04:08:40 +00:00
|
|
|
} finally {
|
2021-06-19 20:35:22 +00:00
|
|
|
await this.cleanupResources(CF, taskDef);
|
2021-05-23 04:08:40 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-06-19 20:35:22 +00:00
|
|
|
getParameterTemplate(p1) {
|
2021-05-23 04:08:40 +00:00
|
|
|
return `
|
|
|
|
|
${p1}:
|
|
|
|
|
Type: String
|
|
|
|
|
Default: ''
|
|
|
|
|
`;
|
|
|
|
|
}
|
|
|
|
|
|
2021-06-19 20:35:22 +00:00
|
|
|
getSecretTemplate(p1) {
|
2021-05-23 04:08:40 +00:00
|
|
|
return `
|
|
|
|
|
${p1}Secret:
|
|
|
|
|
Type: AWS::SecretsManager::Secret
|
|
|
|
|
Properties:
|
|
|
|
|
Name: !Join [ "", [ '${p1}', !Ref BUILDID ] ]
|
|
|
|
|
SecretString: !Ref ${p1}
|
|
|
|
|
`;
|
|
|
|
|
}
|
|
|
|
|
|
2021-06-19 20:35:22 +00:00
|
|
|
getSecretDefinitionTemplate(p1, p2) {
|
2021-05-23 04:08:40 +00:00
|
|
|
return `
|
|
|
|
|
- Name: '${p1}'
|
|
|
|
|
ValueFrom: !Ref ${p2}Secret
|
|
|
|
|
`;
|
|
|
|
|
}
|
|
|
|
|
|
2021-06-19 20:35:22 +00:00
|
|
|
insertAtTemplate(template, insertionKey, insertion) {
|
2021-05-23 04:08:40 +00:00
|
|
|
const index = template.search(insertionKey) + insertionKey.length + '\n'.length;
|
|
|
|
|
template = [template.slice(0, index), insertion, template.slice(index)].join('');
|
|
|
|
|
return template;
|
|
|
|
|
}
|
|
|
|
|
|
2021-06-19 20:35:22 +00:00
|
|
|
async setupCloudFormations(
|
2021-05-23 04:08:40 +00:00
|
|
|
CF: SDK.CloudFormation,
|
|
|
|
|
buildUid: string,
|
|
|
|
|
image: string,
|
|
|
|
|
entrypoint: string[],
|
|
|
|
|
commands: string[],
|
|
|
|
|
mountdir: string,
|
|
|
|
|
workingdir: string,
|
|
|
|
|
secrets: RemoteBuilderSecret[],
|
|
|
|
|
): Promise<RemoteBuilderTaskDef> {
|
|
|
|
|
const logid = customAlphabet(RemoteBuilderConstants.alphabet, 9)();
|
|
|
|
|
commands[1] += `
|
|
|
|
|
echo "${logid}"
|
|
|
|
|
`;
|
2021-06-19 20:35:22 +00:00
|
|
|
const taskDefStackName = `${this.stackName}-${buildUid}`;
|
2021-05-23 04:08:40 +00:00
|
|
|
let taskDefCloudFormation = this.readTaskCloudFormationTemplate();
|
|
|
|
|
const cleanupTaskDefStackName = `${taskDefStackName}-cleanup`;
|
|
|
|
|
const cleanupCloudFormation = fs.readFileSync(`${__dirname}/cloud-formations/cloudformation-stack-ttl.yml`, 'utf8');
|
|
|
|
|
|
|
|
|
|
try {
|
|
|
|
|
for (const secret of secrets) {
|
|
|
|
|
taskDefCloudFormation = this.insertAtTemplate(
|
|
|
|
|
taskDefCloudFormation,
|
|
|
|
|
'p1 - input',
|
|
|
|
|
this.getParameterTemplate(secret.ParameterKey.replace(/[^\dA-Za-z]/g, '')),
|
|
|
|
|
);
|
|
|
|
|
taskDefCloudFormation = this.insertAtTemplate(
|
|
|
|
|
taskDefCloudFormation,
|
|
|
|
|
'p2 - secret',
|
|
|
|
|
this.getSecretTemplate(secret.ParameterKey.replace(/[^\dA-Za-z]/g, '')),
|
|
|
|
|
);
|
|
|
|
|
taskDefCloudFormation = this.insertAtTemplate(
|
|
|
|
|
taskDefCloudFormation,
|
|
|
|
|
'p3 - container def',
|
|
|
|
|
this.getSecretDefinitionTemplate(secret.EnvironmentVariable, secret.ParameterKey.replace(/[^\dA-Za-z]/g, '')),
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
const mappedSecrets = secrets.map((x) => {
|
|
|
|
|
return { ParameterKey: x.ParameterKey.replace(/[^\dA-Za-z]/g, ''), ParameterValue: x.ParameterValue };
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
await CF.createStack({
|
|
|
|
|
StackName: taskDefStackName,
|
|
|
|
|
TemplateBody: taskDefCloudFormation,
|
|
|
|
|
Parameters: [
|
|
|
|
|
{
|
|
|
|
|
ParameterKey: 'ImageUrl',
|
|
|
|
|
ParameterValue: image,
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
ParameterKey: 'ServiceName',
|
|
|
|
|
ParameterValue: taskDefStackName,
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
ParameterKey: 'Command',
|
2021-06-19 21:07:24 +00:00
|
|
|
ParameterValue: 'echo "this template should be overwritten when running a task"',
|
2021-05-23 04:08:40 +00:00
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
ParameterKey: 'EntryPoint',
|
|
|
|
|
ParameterValue: entrypoint.join(','),
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
ParameterKey: 'WorkingDirectory',
|
|
|
|
|
ParameterValue: workingdir,
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
ParameterKey: 'EFSMountDirectory',
|
|
|
|
|
ParameterValue: mountdir,
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
ParameterKey: 'BUILDID',
|
|
|
|
|
ParameterValue: buildUid,
|
|
|
|
|
},
|
|
|
|
|
...mappedSecrets,
|
|
|
|
|
],
|
|
|
|
|
}).promise();
|
|
|
|
|
core.info('Creating worker cluster...');
|
|
|
|
|
await CF.createStack({
|
|
|
|
|
StackName: cleanupTaskDefStackName,
|
|
|
|
|
TemplateBody: cleanupCloudFormation,
|
|
|
|
|
Capabilities: ['CAPABILITY_IAM'],
|
|
|
|
|
Parameters: [
|
|
|
|
|
{
|
|
|
|
|
ParameterKey: 'StackName',
|
|
|
|
|
ParameterValue: taskDefStackName,
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
ParameterKey: 'DeleteStackName',
|
|
|
|
|
ParameterValue: cleanupTaskDefStackName,
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
ParameterKey: 'TTL',
|
|
|
|
|
ParameterValue: '100',
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
ParameterKey: 'BUILDID',
|
|
|
|
|
ParameterValue: buildUid,
|
|
|
|
|
},
|
|
|
|
|
],
|
|
|
|
|
}).promise();
|
|
|
|
|
core.info('Creating cleanup cluster...');
|
|
|
|
|
|
|
|
|
|
await CF.waitFor('stackCreateComplete', { StackName: taskDefStackName }).promise();
|
|
|
|
|
} catch (error) {
|
2021-06-19 20:35:22 +00:00
|
|
|
await this.handleStackCreationFailure(error, CF, taskDefStackName, taskDefCloudFormation, secrets);
|
2021-05-23 04:08:40 +00:00
|
|
|
|
|
|
|
|
throw error;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const taskDefResources = (
|
|
|
|
|
await CF.describeStackResources({
|
|
|
|
|
StackName: taskDefStackName,
|
|
|
|
|
}).promise()
|
|
|
|
|
).StackResources;
|
|
|
|
|
|
2021-06-19 20:35:22 +00:00
|
|
|
const baseResources = (await CF.describeStackResources({ StackName: this.stackName }).promise()).StackResources;
|
2021-05-23 04:08:40 +00:00
|
|
|
|
|
|
|
|
// in the future we should offer a parameter to choose if you want the guarnteed shutdown.
|
|
|
|
|
core.info('Worker cluster created successfully (skipping wait for cleanup cluster to be ready)');
|
|
|
|
|
|
|
|
|
|
return {
|
|
|
|
|
taskDefStackName,
|
|
|
|
|
taskDefCloudFormation,
|
|
|
|
|
taskDefStackNameTTL: cleanupTaskDefStackName,
|
|
|
|
|
ttlCloudFormation: cleanupCloudFormation,
|
|
|
|
|
taskDefResources,
|
|
|
|
|
baseResources,
|
|
|
|
|
logid,
|
|
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
|
2021-06-19 20:35:22 +00:00
|
|
|
async handleStackCreationFailure(
|
2021-05-23 04:08:40 +00:00
|
|
|
error: any,
|
|
|
|
|
CF: SDK.CloudFormation,
|
|
|
|
|
taskDefStackName: string,
|
|
|
|
|
taskDefCloudFormation: string,
|
|
|
|
|
secrets: RemoteBuilderSecret[],
|
|
|
|
|
) {
|
|
|
|
|
core.info(JSON.stringify(secrets, undefined, 4));
|
|
|
|
|
core.info(taskDefCloudFormation);
|
|
|
|
|
const events = (await CF.describeStackEvents({ StackName: taskDefStackName }).promise()).StackEvents;
|
|
|
|
|
const resources = (await CF.describeStackResources({ StackName: taskDefStackName }).promise()).StackResources;
|
|
|
|
|
core.info(JSON.stringify(events, undefined, 4));
|
|
|
|
|
core.info(JSON.stringify(resources, undefined, 4));
|
|
|
|
|
core.error(error);
|
|
|
|
|
}
|
|
|
|
|
|
2021-06-19 20:35:22 +00:00
|
|
|
readTaskCloudFormationTemplate(): string {
|
2021-05-23 04:08:40 +00:00
|
|
|
return fs.readFileSync(`${__dirname}/cloud-formations/task-def-formation.yml`, 'utf8');
|
|
|
|
|
}
|
|
|
|
|
|
2021-06-19 20:35:22 +00:00
|
|
|
async cleanupResources(CF: SDK.CloudFormation, taskDef: RemoteBuilderTaskDef) {
|
2021-05-23 04:08:40 +00:00
|
|
|
core.info('Cleanup starting');
|
|
|
|
|
await CF.deleteStack({
|
|
|
|
|
StackName: taskDef.taskDefStackName,
|
|
|
|
|
}).promise();
|
|
|
|
|
|
|
|
|
|
await CF.deleteStack({
|
|
|
|
|
StackName: taskDef.taskDefStackNameTTL,
|
|
|
|
|
}).promise();
|
|
|
|
|
|
|
|
|
|
await CF.waitFor('stackDeleteComplete', {
|
|
|
|
|
StackName: taskDef.taskDefStackName,
|
|
|
|
|
}).promise();
|
|
|
|
|
|
|
|
|
|
// Currently too slow and causes too much waiting
|
|
|
|
|
await CF.waitFor('stackDeleteComplete', {
|
|
|
|
|
StackName: taskDef.taskDefStackNameTTL,
|
|
|
|
|
}).promise();
|
|
|
|
|
|
|
|
|
|
core.info('Cleanup complete');
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
export default AWSBuildEnvironment;
|
