Skip to content

Commit

Permalink
Route 53 and Certificates for spylogic.ai (#860)
Browse files Browse the repository at this point in the history
* Add DNS and certificate to cloudfront and fargate
  • Loading branch information
chriswilty committed Mar 19, 2024
1 parent 67883c7 commit 69501e1
Show file tree
Hide file tree
Showing 12 changed files with 318 additions and 193 deletions.
3 changes: 1 addition & 2 deletions backend/src/app/app.ts
Original file line number Diff line number Diff line change
Expand Up @@ -3,10 +3,9 @@ import express from 'express';
import queryTypes from 'query-types';

import nonSessionRoutes from './nonSessionRoutes';
import { usingForwardedHeader } from './proxySetup';
import sessionRoutes from './sessionRoutes';

export default usingForwardedHeader(express())
export default express()
.use(express.json())
.use(queryTypes.middleware())
.use(
Expand Down
4 changes: 2 additions & 2 deletions backend/src/app/sessionRoutes.ts
Original file line number Diff line number Diff line change
Expand Up @@ -56,10 +56,10 @@ const router = express
}),
cookie: {
maxAge,
partitioned: isProd,
sameSite: isProd ? 'none' : 'strict',
sameSite: 'strict',
secure: isProd,
},
proxy: true,
})
)
.use((req, _res, next) => {
Expand Down
2 changes: 1 addition & 1 deletion backend/test/api/start.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ import { beforeAll, describe, expect, it, jest } from '@jest/globals';
import { OpenAI } from 'openai';
import request from 'supertest';

import app from '@src/app';
import app from '@src/app/app';
import { StartResponse } from '@src/models/api/StartGetRequest';
import { LEVEL_NAMES } from '@src/models/level';

Expand Down
7 changes: 7 additions & 0 deletions cloud/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -48,3 +48,10 @@ npm install
# run the bootstrap command
npx cdk bootstrap --custom-permissions-boundary cdk-developer-policy
```

Unless your default region is `us-east-1`, you will also need to bootstrap that region, as certificates for CloudFront
currently need to be deployed into that region:

```
npx cdk bootstrap --custom-permissions-boundary cdk-developer-policy aws://YOUR_ACCOUNT_NUMBER/us-east-1
```
42 changes: 36 additions & 6 deletions cloud/bin/cloud.ts
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
#!/usr/bin/env node
import { App, Environment } from 'aws-cdk-lib';
import { App, Environment } from 'aws-cdk-lib/core';
import 'source-map-support/register';

import {
Expand All @@ -9,10 +9,16 @@ import {
stackName,
ApiStack,
AuthStack,
CertificateStack,
HostedZoneStack,
UiStack,
} from '../lib';

const app = new App();
const generateStackName = stackName(app);
const generateDescription = resourceDescription(app);

/* Common stack resources */

const env: Environment = {
account: process.env.CDK_DEFAULT_ACCOUNT,
Expand All @@ -23,31 +29,55 @@ const tags = {
owner: appName,
classification: 'unrestricted',
'environment-type': environmentName(app),
'keep-alive': '8-6-without-weekends',
'keep-alive': '9-5-without-weekends',
};

const generateStackName = stackName(app);
const generateDescription = resourceDescription(app);
/* Stack constructs */

const hostedZoneStack = new HostedZoneStack(
app,
generateStackName('hosted-zone'),
{
description: generateDescription('Hosted Zone stack'),
env,
tags,
}
);

const certificateStack = new CertificateStack(
app,
generateStackName('certificate'),
{
description: generateDescription('Certificate stack'),
env,
tags,
hostedZone: hostedZoneStack.hostedZone,
}
);

const uiStack = new UiStack(app, generateStackName('ui'), {
description: generateDescription('UI stack'),
env,
tags,
certificate: certificateStack.cloudFrontCert,
hostedZone: hostedZoneStack.hostedZone,
});

/*const authStack = */ new AuthStack(app, generateStackName('auth'), {
description: generateDescription('Auth stack'),
env,
tags,
webappUrl: uiStack.cloudfrontUrl,
webappUrl: uiStack.cloudFrontUrl,
});

new ApiStack(app, generateStackName('api'), {
description: generateDescription('API stack'),
env,
tags,
certificate: certificateStack.loadBalancerCert,
hostedZone: hostedZoneStack.hostedZone,
// userPool: authStack.userPool,
// userPoolClient: authStack.userPoolClient,
// userPoolDomain: authStack.userPoolDomain,
webappUrl: uiStack.cloudfrontUrl,
webappUrl: uiStack.cloudFrontUrl,
});
3 changes: 2 additions & 1 deletion cloud/cdk.context.json
Original file line number Diff line number Diff line change
Expand Up @@ -3,5 +3,6 @@
"eu-north-1a",
"eu-north-1b",
"eu-north-1c"
]
],
"ami:account=992382568770:filters.image-type.0=machine:filters.name.0=amzn-ami-vpc-nat-*:filters.state.0=available:owners.0=amazon:region=eu-north-1": "ami-072517490bf2cf3a3"
}
Loading

0 comments on commit 69501e1

Please sign in to comment.