Skip to content

Commit abc116b

Browse files
dcshzjdcshzj
committed
chore: add VAPT-specific configuration
1 parent 5f20f65 commit abc116b

File tree

3 files changed

+715
-0
lines changed

3 files changed

+715
-0
lines changed

.aws/deploy/backend-task-definition.vapt.json

Lines changed: 325 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,325 @@
1+
{
2+
"containerDefinitions": [
3+
{
4+
"name": "backend",
5+
"portMappings": [
6+
{
7+
"containerPort": 8081,
8+
"hostPort": 8081,
9+
"protocol": "tcp"
10+
}
11+
],
12+
"essential": true,
13+
"environment": [
14+
{ "name": "ENV_TYPE", "value": "VAPT" },
15+
{
16+
"name": "DD_GIT_COMMIT_SHA",
17+
"value": "<DD_COMMIT_SHA>"
18+
},
19+
{
20+
"name": "DD_GIT_REPOSITORY_URL",
21+
"value": "github.com/isomerpages/isomercms-backend"
22+
},
23+
{ "name": "DD_DBM_PROPAGATION_MODE", "value": "full" }
24+
],
25+
"mountPoints": [
26+
{
27+
"sourceVolume": "ggs-efs",
28+
"containerPath": "/efs",
29+
"readOnly": false
30+
}
31+
],
32+
"linuxParameters": {
33+
"initProcessEnabled": true
34+
},
35+
"volumesFrom": [],
36+
"secrets": [
37+
{
38+
"name": "AUTH_TOKEN_EXPIRY_DURATION_IN_MILLISECONDS",
39+
"valueFrom": "STAGING_AUTH_TOKEN_EXPIRY_DURATION_IN_MILLISECONDS"
40+
},
41+
{
42+
"name": "AWS_BACKEND_EB_ENV_NAME",
43+
"valueFrom": "STAGING_AWS_BACKEND_EB_ENV_NAME"
44+
},
45+
{ "name": "AWS_REGION", "valueFrom": "STAGING_AWS_REGION" },
46+
{ "name": "CLIENT_ID", "valueFrom": "VAPT_CLIENT_ID" },
47+
{ "name": "CLIENT_SECRET", "valueFrom": "VAPT_CLIENT_SECRET" },
48+
{
49+
"name": "CLOUDMERSIVE_API_KEY",
50+
"valueFrom": "STAGING_CLOUDMERSIVE_API_KEY"
51+
},
52+
{ "name": "COOKIE_DOMAIN", "valueFrom": "STAGING_COOKIE_DOMAIN" },
53+
{ "name": "DB_ACQUIRE", "valueFrom": "STAGING_DB_ACQUIRE" },
54+
{ "name": "DB_MAX_POOL", "valueFrom": "STAGING_DB_MAX_POOL" },
55+
{ "name": "DB_MIN_POOL", "valueFrom": "STAGING_DB_MIN_POOL" },
56+
{ "name": "DB_TIMEOUT", "valueFrom": "STAGING_DB_TIMEOUT" },
57+
{ "name": "DB_URI", "valueFrom": "VAPT_DB_URI" },
58+
{
59+
"name": "DD_AGENT_MAJOR_VERSION",
60+
"valueFrom": "STAGING_DD_AGENT_MAJOR_VERSION"
61+
},
62+
{ "name": "DD_ENV", "valueFrom": "VAPT_DD_ENV" },
63+
{
64+
"name": "DD_LOGS_INJECTION",
65+
"valueFrom": "STAGING_DD_LOGS_INJECTION"
66+
},
67+
{ "name": "DD_SERVICE", "valueFrom": "STAGING_DD_SERVICE" },
68+
{ "name": "DD_TAGS", "valueFrom": "STAGING_DD_TAGS" },
69+
{
70+
"name": "DD_TRACE_STARTUP_LOGS",
71+
"valueFrom": "STAGING_DD_TRACE_STARTUP_LOGS"
72+
},
73+
{
74+
"name": "E2E_TEST_GH_TOKEN",
75+
"valueFrom": "STAGING_E2E_TEST_GH_TOKEN"
76+
},
77+
{ "name": "E2E_TEST_REPO", "valueFrom": "STAGING_E2E_TEST_REPO" },
78+
{ "name": "E2E_TEST_SECRET", "valueFrom": "STAGING_E2E_TEST_SECRET" },
79+
{ "name": "EFS_VOL_PATH", "valueFrom": "STAGING_EFS_VOL_PATH" },
80+
{
81+
"name": "ENCRYPTION_SECRET",
82+
"valueFrom": "STAGING_ENCRYPTION_SECRET"
83+
},
84+
{
85+
"name": "FF_DEPRECATE_SITE_QUEUES",
86+
"valueFrom": "STAGING_FF_DEPRECATE_SITE_QUEUES"
87+
},
88+
{ "name": "FRONTEND_URL", "valueFrom": "VAPT_FRONTEND_URL" },
89+
{
90+
"name": "GGS_REPAIR_FORM_KEY",
91+
"valueFrom": "STAGING_GGS_REPAIR_FORM_KEY"
92+
},
93+
{
94+
"name": "GGS_EXPERIMENTAL_TRACKING_SITES",
95+
"valueFrom": "STAGING_GGS_EXPERIMENTAL_TRACKING_SITES"
96+
},
97+
{
98+
"name": "GITHUB_BUILD_ORG_NAME",
99+
"valueFrom": "STAGING_GITHUB_BUILD_ORG_NAME"
100+
},
101+
{
102+
"name": "GITHUB_BUILD_REPO_NAME",
103+
"valueFrom": "STAGING_GITHUB_BUILD_REPO_NAME"
104+
},
105+
{ "name": "GITHUB_ORG_NAME", "valueFrom": "STAGING_GITHUB_ORG_NAME" },
106+
{
107+
"name": "GROWTHBOOK_CLIENT_KEY",
108+
"valueFrom": "STAGING_GROWTHBOOK_CLIENT_KEY"
109+
},
110+
{
111+
"name": "INCOMING_QUEUE_URL",
112+
"valueFrom": "STAGING_INCOMING_QUEUE_URL"
113+
},
114+
{ "name": "JWT_SECRET", "valueFrom": "STAGING_JWT_SECRET" },
115+
{
116+
"name": "MAX_NUM_OTP_ATTEMPTS",
117+
"valueFrom": "STAGING_MAX_NUM_OTP_ATTEMPTS"
118+
},
119+
{
120+
"name": "MOCK_AMPLIFY_DOMAIN_ASSOCIATION_CALLS",
121+
"valueFrom": "STAGING_MOCK_AMPLIFY_DOMAIN_ASSOCIATION_CALLS"
122+
},
123+
{ "name": "MUTEX_TABLE_NAME", "valueFrom": "STAGING_MUTEX_TABLE_NAME" },
124+
{
125+
"name": "NETLIFY_ACCESS_TOKEN",
126+
"valueFrom": "STAGING_NETLIFY_ACCESS_TOKEN"
127+
},
128+
{ "name": "NODE_ENV", "valueFrom": "VAPT_NODE_ENV" },
129+
{ "name": "OTP_EXPIRY", "valueFrom": "STAGING_OTP_EXPIRY" },
130+
{ "name": "OTP_SECRET", "valueFrom": "STAGING_OTP_SECRET" },
131+
{
132+
"name": "OUTGOING_QUEUE_URL",
133+
"valueFrom": "STAGING_OUTGOING_QUEUE_URL"
134+
},
135+
{ "name": "POSTMAN_API_KEY", "valueFrom": "STAGING_POSTMAN_API_KEY" },
136+
{
137+
"name": "POSTMAN_SMS_CRED_NAME",
138+
"valueFrom": "STAGING_POSTMAN_SMS_CRED_NAME"
139+
},
140+
{
141+
"name": "REDIRECT_URI",
142+
"valueFrom": "VAPT_REDIRECT_URI"
143+
},
144+
{
145+
"name": "SESSION_SECRET",
146+
"valueFrom": "STAGING_SESSION_SECRET"
147+
},
148+
{ "name": "SGID_CLIENT_ID", "valueFrom": "VAPT_SGID_CLIENT_ID" },
149+
{
150+
"name": "SGID_CLIENT_SECRET",
151+
"valueFrom": "VAPT_SGID_CLIENT_SECRET"
152+
},
153+
{
154+
"name": "SGID_REDIRECT_URI",
155+
"valueFrom": "VAPT_SGID_REDIRECT_URI"
156+
},
157+
{
158+
"name": "SGID_PRIVATE_KEY",
159+
"valueFrom": "VAPT_SGID_PRIVATE_KEY"
160+
},
161+
{
162+
"name": "SITE_CLONE_FORM_KEY",
163+
"valueFrom": "STAGING_SITE_CLONE_FORM_KEY"
164+
},
165+
{
166+
"name": "SITE_CREATE_FORM_KEY",
167+
"valueFrom": "STAGING_SITE_CREATE_FORM_KEY"
168+
},
169+
{
170+
"name": "SITE_LAUNCH_DYNAMO_DB_TABLE_NAME",
171+
"valueFrom": "STAGING_SITE_LAUNCH_DYNAMO_DB_TABLE_NAME"
172+
},
173+
{
174+
"name": "SITE_LAUNCH_FORM_KEY",
175+
"valueFrom": "STAGING_SITE_LAUNCH_FORM_KEY"
176+
},
177+
{
178+
"name": "SITE_PASSWORD_SECRET_KEY",
179+
"valueFrom": "STAGING_SITE_PASSWORD_SECRET_KEY"
180+
},
181+
{
182+
"name": "VAPT_SSH_PUBLIC_KEY",
183+
"valueFrom": "VAPT_SSH_PUBLIC_KEY"
184+
},
185+
{
186+
"name": "VAPT_SSH_PRIVATE_KEY",
187+
"valueFrom": "VAPT_SSH_PRIVATE_KEY"
188+
},
189+
{
190+
"name": "STEP_FUNCTIONS_ARN",
191+
"valueFrom": "STAGING_STEP_FUNCTIONS_ARN"
192+
},
193+
{
194+
"name": "SYSTEM_GITHUB_TOKEN",
195+
"valueFrom": "STAGING_SYSTEM_GITHUB_TOKEN"
196+
},
197+
{
198+
"name": "UPTIME_ROBOT_API_KEY",
199+
"valueFrom": "STAGING_UPTIME_ROBOT_API_KEY"
200+
},
201+
{
202+
"name": "SITE_CHECKER_FORM_KEY",
203+
"valueFrom": "STAGING_SITE_CHECKER_FORM_KEY"
204+
},
205+
{
206+
"name": "SITE_AUDIT_LOGS_FORM_KEY",
207+
"valueFrom": "STAGING_SITE_AUDIT_LOGS_FORM_KEY"
208+
},
209+
{
210+
"name": "NOTIFY_SITE_COLLABORATORS_FORM_KEY",
211+
"valueFrom": "STAGING_NOTIFY_SITE_COLLABORATORS_FORM_KEY"
212+
}
213+
],
214+
"logConfiguration": {
215+
"logDriver": "awslogs",
216+
"options": {
217+
"awslogs-group": "/aws/elasticbeanstalk/cms-backend-vapt-application-alb/var/log/web.stdout.log",
218+
"awslogs-region": "ap-southeast-1",
219+
"awslogs-stream-prefix": "ecs"
220+
}
221+
}
222+
},
223+
{
224+
"name": "dd-agent",
225+
"image": "public.ecr.aws/datadog/agent:latest",
226+
"portMappings": [
227+
{
228+
"containerPort": 8126,
229+
"hostPort": 8126,
230+
"protocol": "tcp"
231+
}
232+
],
233+
"essential": true,
234+
"environment": [
235+
{
236+
"name": "TZ",
237+
"value": "Asia/Singapore"
238+
},
239+
{
240+
"name": "DD_APM_NON_LOCAL_TRAFFIC",
241+
"value": "true"
242+
},
243+
{
244+
"name": "ECS_FARGATE",
245+
"value": "true"
246+
},
247+
{
248+
"name": "DD_APM_ENABLED",
249+
"value": "true"
250+
},
251+
{
252+
"name": "DD_SITE",
253+
"value": "datadoghq.com"
254+
},
255+
{
256+
"name": "DD_ENV",
257+
"value": "vapt"
258+
},
259+
{
260+
"name": "DD_SERVICE",
261+
"value": "isomer"
262+
},
263+
{
264+
"name": "DD_TAGS",
265+
"value": "team:isomer,service:isomer"
266+
},
267+
{
268+
"name": "DD_AGENT_MAJOR_VERSION",
269+
"value": "7"
270+
},
271+
{
272+
"name": "DD_LOGS_INJECTION",
273+
"value": "true"
274+
},
275+
{
276+
"name": "DD_TRACE_STARTUP_LOGS",
277+
"value": "true"
278+
},
279+
{
280+
"name": "DD_API_KEY",
281+
"value": "<DD_API_KEY>"
282+
}
283+
],
284+
"dockerLabels": {
285+
"com.datadoghq.tags.env": "vapt",
286+
"com.datadoghq.tags.service": "isomer",
287+
"com.datadoghq.tags.version": "7",
288+
"com.datadoghq.ad.check_names": "[\"postgres\"]",
289+
"com.datadoghq.ad.init_configs": "[{}]",
290+
"com.datadoghq.ad.instances": "[{\"dbm\": true, \"host\": \"<RDS_READER_ENDPOINT>\", \"port\": 5432, \"username\": \"datadog\", \"password\": \"<RDS_DATADOG_PASSWORD>\"}]"
291+
},
292+
"mountPoints": [],
293+
"volumesFrom": [],
294+
"secrets": [],
295+
"logConfiguration": {
296+
"logDriver": "awslogs",
297+
"options": {
298+
"awslogs-group": "isomer-infra-vapt/ecs/dd-agent",
299+
"awslogs-region": "ap-southeast-1",
300+
"awslogs-stream-prefix": "ecs"
301+
}
302+
}
303+
}
304+
],
305+
"family": "isomer-infra",
306+
"networkMode": "awsvpc",
307+
"volumes": [
308+
{
309+
"name": "ggs-efs",
310+
"efsVolumeConfiguration": {
311+
"fileSystemId": "<EFS_FILE_SYSTEM_ID>",
312+
"rootDirectory": "/"
313+
}
314+
}
315+
],
316+
"placementConstraints": [],
317+
"runtimePlatform": {
318+
"operatingSystemFamily": "LINUX"
319+
},
320+
"requiresCompatibilities": ["FARGATE"],
321+
"taskRoleArn": "arn:aws:iam::<AWS_ACCOUNT_ID>:role/isomer-vapt-ecs-task-role",
322+
"executionRoleArn": "arn:aws:iam::<AWS_ACCOUNT_ID>:role/isomer-vapt-ecs-task-exec-role",
323+
"cpu": "1024",
324+
"memory": "8192"
325+
}

0 commit comments

Comments
 (0)