unity-builder/action/task-def-formation.yml

323 lines
8.8 KiB
YAML
Raw Normal View History

2021-02-07 17:57:25 +00:00
AWSTemplateFormatVersion: 2010-09-09
Description: >-
AWS Fargate cluster that can span public and private subnets. Supports public
facing load balancers, private internal load balancers, and both internal and
external service discovery namespaces.
Parameters:
EnvironmentName:
Type: String
Default: development
2021-02-07 17:57:25 +00:00
Description: 'Your deployment environment: DEV, QA , PROD'
ServiceName:
Type: String
Default: example
Description: A name for the service
ImageUrl:
Type: String
Default: nginx
2021-02-07 17:57:25 +00:00
Description: >-
The url of a docker image that contains the application process that will
handle the traffic for this service
ContainerPort:
Type: Number
Default: 80
Description: What port number the application inside the docker container is binding to
ContainerCpu:
Type: Number
2021-02-14 23:02:14 +00:00
Default: 1024
Description: How much CPU to give the container. 1024 is 1 CPU
ContainerMemory:
Type: Number
2021-02-14 23:40:38 +00:00
Default: 2048
Description: How much memory in megabytes to give the container
2021-02-17 23:15:41 +00:00
BUILDID:
Type: String
Default: ''
Command:
Type: String
Default: 'ls'
EntryPoint:
Type: String
2021-02-14 17:23:42 +00:00
Default: '/bin/sh'
WorkingDirectory:
Type: String
Default: '/efsdata/'
Role:
Type: String
2021-02-07 17:57:25 +00:00
Default: ''
Description: >-
(Optional) An IAM role to give the service's containers if the code within
needs to access other AWS resources like S3 buckets, DynamoDB tables, etc
EFSMountDirectory:
Type: String
2021-02-14 19:30:42 +00:00
Default: '/efsdata'
2021-02-14 19:27:42 +00:00
GithubToken:
2021-02-14 18:24:09 +00:00
Type: String
2021-02-14 21:22:54 +00:00
Default: '0'
2021-02-14 19:27:42 +00:00
UnityLicense:
2021-02-14 19:14:41 +00:00
Type: String
2021-02-14 21:22:54 +00:00
Default: '0'
2021-02-28 00:40:17 +00:00
UnityEmail:
Type: String
Default: '0'
UnityPassword:
Type: String
Default: '0'
UnitySerial:
Type: String
Default: '0'
2021-02-14 19:27:42 +00:00
AndroidKeystoreBase64:
2021-02-14 19:14:41 +00:00
Type: String
2021-02-14 20:43:52 +00:00
Default: '0'
2021-02-14 19:27:42 +00:00
AndroidKeystorePass:
2021-02-14 19:14:41 +00:00
Type: String
2021-02-14 20:43:52 +00:00
Default: '0'
2021-02-14 19:27:42 +00:00
AndroidKeyAliasPass:
2021-02-14 18:24:09 +00:00
Type: String
2021-02-14 20:43:52 +00:00
Default: '0'
2021-02-17 01:15:40 +00:00
AWSAccessKeyID:
Type: String
2021-02-17 23:38:11 +00:00
Default: '0'
2021-02-17 01:15:40 +00:00
AWSSecretAccessKey:
2021-02-14 20:24:27 +00:00
Type: String
2021-02-17 23:38:11 +00:00
Default: '0'
Mappings:
SubnetConfig:
VPC:
2021-02-07 17:57:25 +00:00
CIDR: 10.0.0.0/16
PublicOne:
2021-02-07 17:57:25 +00:00
CIDR: 10.0.0.0/24
PublicTwo:
2021-02-07 17:57:25 +00:00
CIDR: 10.0.1.0/24
Conditions:
2021-02-07 17:57:25 +00:00
HasCustomRole: !Not
- !Equals
- Ref: Role
- ''
Resources:
2021-02-07 14:26:22 +00:00
LogGroup:
2021-02-07 17:57:25 +00:00
Type: 'AWS::Logs::LogGroup'
2021-02-07 14:26:22 +00:00
Properties:
2021-02-07 17:57:25 +00:00
LogGroupName: !Ref ServiceName
Metadata:
'AWS::CloudFormation::Designer':
id: aece53ae-b82d-4267-bc16-ed964b05db27
2021-02-07 01:13:56 +00:00
SubscriptionFilter:
2021-02-07 17:57:25 +00:00
Type: 'AWS::Logs::SubscriptionFilter'
2021-02-07 01:13:56 +00:00
Properties:
2021-02-07 14:24:01 +00:00
FilterPattern: ''
2021-02-07 16:18:46 +00:00
RoleArn:
2021-02-07 17:57:25 +00:00
'Fn::ImportValue': !Sub '${EnvironmentName}:CloudWatchIAMRole'
LogGroupName: !Ref ServiceName
2021-02-07 01:13:56 +00:00
DestinationArn:
2021-02-07 17:57:25 +00:00
'Fn::GetAtt':
- KinesisStream
- Arn
Metadata:
'AWS::CloudFormation::Designer':
id: 7f809e91-9e5d-4678-98c1-c5085956c480
DependsOn:
- LogGroup
- KinesisStream
2021-02-07 00:37:34 +00:00
KinesisStream:
2021-02-07 17:57:25 +00:00
Type: 'AWS::Kinesis::Stream'
2021-02-07 00:37:34 +00:00
Properties:
2021-02-07 17:57:25 +00:00
Name: !Ref ServiceName
2021-02-07 00:37:34 +00:00
ShardCount: 1
2021-02-07 17:57:25 +00:00
Metadata:
'AWS::CloudFormation::Designer':
id: c6f18447-b879-4696-8873-f981b2cedd2b
2021-02-14 19:43:22 +00:00
2021-02-14 19:27:42 +00:00
GithubTokenSecret:
2021-02-14 19:14:41 +00:00
Type: AWS::SecretsManager::Secret
Properties:
2021-02-14 20:24:27 +00:00
Name: !Join [ "", [ 'GithubToken', !Ref BUILDID ] ]
2021-02-14 19:27:42 +00:00
SecretString: !Ref GithubToken
2021-02-14 19:43:22 +00:00
2021-02-14 19:14:41 +00:00
UnityLicenseSecret:
Type: AWS::SecretsManager::Secret
Properties:
2021-02-14 20:24:27 +00:00
Name: !Join [ "", [ 'UnityLicense', !Ref BUILDID ] ]
2021-02-28 00:40:17 +00:00
SecretString: !Ref UnityLicense
UnityEmailSecret:
Type: AWS::SecretsManager::Secret
Properties:
Name: !Join [ "", [ 'UnityEmail', !Ref BUILDID ] ]
SecretString: !Ref UnityEmail
UnityPasswordSecret:
Type: AWS::SecretsManager::Secret
Properties:
Name: !Join [ "", [ 'UnityPassword', !Ref BUILDID ] ]
SecretString: !Ref UnityPassword
UnitySerialSecret:
Type: AWS::SecretsManager::Secret
Properties:
Name: !Join [ "", [ 'UnitySerial', !Ref BUILDID ] ]
SecretString: !Ref UnitySerial
2021-02-14 19:43:22 +00:00
2021-02-14 19:14:41 +00:00
AndroidKeystoreBase64Secret:
Type: AWS::SecretsManager::Secret
Properties:
2021-02-14 20:24:27 +00:00
Name: !Join [ "", [ 'AndroidKeystoreBase64', !Ref BUILDID ] ]
2021-02-14 19:27:42 +00:00
SecretString: !Ref AndroidKeystoreBase64
2021-02-14 19:43:22 +00:00
2021-02-14 19:14:41 +00:00
AndroidKeystorePassSecret:
Type: AWS::SecretsManager::Secret
Properties:
2021-02-14 20:24:27 +00:00
Name: !Join [ "", [ 'AndroidKeystorePass', !Ref BUILDID ] ]
2021-02-14 19:27:42 +00:00
SecretString: !Ref AndroidKeystorePass
2021-02-14 19:43:22 +00:00
2021-02-14 19:27:42 +00:00
AndroidKeyAliasPassSecret:
2021-02-14 18:24:09 +00:00
Type: AWS::SecretsManager::Secret
Properties:
2021-02-14 20:24:27 +00:00
Name: !Join [ "", [ 'AndroidKeyAliasPass', !Ref BUILDID ] ]
2021-02-14 19:27:42 +00:00
SecretString: !Ref AndroidKeyAliasPass
2021-02-17 23:58:31 +00:00
AWSAccessKeyIDSecret:
Type: AWS::SecretsManager::Secret
Properties:
Name: !Join [ "", [ 'AWSAccessKeyID', !Ref BUILDID ] ]
SecretString: !Ref AWSAccessKeyID
2021-02-18 00:03:26 +00:00
AWSSecretAccessKeySecret:
2021-02-17 23:58:31 +00:00
Type: AWS::SecretsManager::Secret
Properties:
Name: !Join [ "", [ 'AWSSecretAccessKey', !Ref BUILDID ] ]
SecretString: !Ref AWSSecretAccessKey
2021-02-14 19:43:22 +00:00
TaskDefinition:
2021-02-07 17:57:25 +00:00
Type: 'AWS::ECS::TaskDefinition'
Properties:
2021-02-07 17:57:25 +00:00
Family: !Ref ServiceName
Cpu: !Ref ContainerCpu
Memory: !Ref ContainerMemory
NetworkMode: awsvpc
Volumes:
- Name: efs-data
EFSVolumeConfiguration:
2021-02-07 00:37:34 +00:00
FilesystemId:
2021-02-07 17:57:25 +00:00
'Fn::ImportValue': !Sub '${EnvironmentName}:EfsFileStorageId'
TransitEncryption: ENABLED
RequiresCompatibilities:
- FARGATE
2021-02-07 00:37:34 +00:00
ExecutionRoleArn:
2021-02-07 17:57:25 +00:00
'Fn::ImportValue': !Sub '${EnvironmentName}:ECSTaskExecutionRole'
TaskRoleArn:
2021-02-07 17:57:25 +00:00
'Fn::If':
- HasCustomRole
- !Ref Role
- !Ref 'AWS::NoValue'
ContainerDefinitions:
2021-02-07 17:57:25 +00:00
- Name: !Ref ServiceName
Cpu: !Ref ContainerCpu
Memory: !Ref ContainerMemory
Image: !Ref ImageUrl
EntryPoint:
Fn::Split:
- ","
- !Ref EntryPoint
Command:
Fn::Split:
- ","
2021-02-12 21:29:53 +00:00
- !Ref Command
2021-02-12 21:34:09 +00:00
WorkingDirectory: !Ref WorkingDirectory
2021-02-07 00:37:34 +00:00
Environment:
- Name: ALLOW_EMPTY_PASSWORD
Value: 'yes'
MountPoints:
- SourceVolume: efs-data
ContainerPath: !Ref EFSMountDirectory
ReadOnly: false
2021-02-14 18:24:09 +00:00
Secrets:
2021-02-14 22:01:39 +00:00
- Name: 'GITHUB_TOKEN'
2021-02-14 19:47:02 +00:00
ValueFrom: !Ref GithubTokenSecret
2021-02-14 22:01:39 +00:00
- Name: 'UNITY_LICENSE'
2021-02-14 19:27:42 +00:00
ValueFrom: !Ref UnityLicenseSecret
2021-02-28 00:40:17 +00:00
- Name: 'UNITY_EMAIL'
ValueFrom: !Ref UnityEmailSecret
- Name: 'UNITY_PASSWORD'
ValueFrom: !Ref UnityPasswordSecret
- Name: 'UNITY_SERIAL'
ValueFrom: !Ref UnitySerialSecret
2021-02-14 22:01:39 +00:00
- Name: 'ANDROID_KEYSTORE_BASE64'
2021-02-14 19:27:42 +00:00
ValueFrom: !Ref AndroidKeystoreBase64Secret
2021-02-14 22:01:39 +00:00
- Name: 'ANDROID_KEYSTORE_PASS'
2021-02-14 19:27:42 +00:00
ValueFrom: !Ref AndroidKeystorePassSecret
2021-02-17 01:15:40 +00:00
- Name: 'AWS_ACCESS_KEY_ID'
2021-02-18 00:03:26 +00:00
ValueFrom: !Ref AWSAccessKeyIDSecret
2021-02-17 01:15:40 +00:00
- Name: 'AWS_SECRET_ACCESS_KEY'
2021-02-18 00:03:26 +00:00
ValueFrom: !Ref AWSSecretAccessKeySecret
2021-02-14 20:32:57 +00:00
LogConfiguration:
LogDriver: awslogs
Options:
awslogs-group: !Ref ServiceName
awslogs-region: !Ref 'AWS::Region'
awslogs-stream-prefix: !Ref ServiceName
2021-02-07 17:57:25 +00:00
Metadata:
'AWS::CloudFormation::Designer':
id: dabb0116-abe0-48a6-a8af-cf9111c879a5
DependsOn:
- LogGroup
Metadata:
'AWS::CloudFormation::Designer':
dabb0116-abe0-48a6-a8af-cf9111c879a5:
size:
width: 60
height: 60
position:
x: 270
'y': 90
z: 1
embeds: []
dependson:
- aece53ae-b82d-4267-bc16-ed964b05db27
c6f18447-b879-4696-8873-f981b2cedd2b:
size:
width: 60
height: 60
position:
x: 270
'y': 210
z: 1
embeds: []
7f809e91-9e5d-4678-98c1-c5085956c480:
size:
width: 60
height: 60
position:
x: 60
'y': 300
z: 1
embeds: []
dependson:
- aece53ae-b82d-4267-bc16-ed964b05db27
- c6f18447-b879-4696-8873-f981b2cedd2b
aece53ae-b82d-4267-bc16-ed964b05db27:
size:
width: 150
height: 150
position:
x: 60
'y': 90
z: 1
embeds: []
4d2da56c-3643-46b8-aaee-e46e19f95fcc:
source:
id: 7f809e91-9e5d-4678-98c1-c5085956c480
target:
id: aece53ae-b82d-4267-bc16-ed964b05db27
z: 11
14eb957b-f094-4653-93c4-77b2f851953c:
source:
id: 7f809e91-9e5d-4678-98c1-c5085956c480
target:
id: c6f18447-b879-4696-8873-f981b2cedd2b
z: 12
85c57444-e5bb-4230-bc85-e545cd4558f6:
source:
id: dabb0116-abe0-48a6-a8af-cf9111c879a5
target:
id: aece53ae-b82d-4267-bc16-ed964b05db27
z: 13