Create map of service discovery entries as environment variables stored

in S3 for the different task definitions to reference. User code running
in the containers can now reference internal services similar to how
Kubernetes works by looking for environment variables called
SERVICE_<servicename>_HOST and SERVICE_<servicename>_PORT

Author: brtrvn

functions/core-stack-listener/src/main/java/com/amazon/aws/partners/saasfactory/saasboost/CoreStackListener.java

@@ -84,21 +84,21 @@ public Object handleRequest(SNSEvent event, Context context) {
                 ListStackResourcesResponse resources = cfn.listStackResources(req -> req.stackName(stackIdName));
                 for (StackResourceSummary resource : resources.stackResourceSummaries()) {
                     String resourceType = resource.resourceType();
-                    String physicalResourceId = resource.physicalResourceId();
+                    String ecrRepo = resource.physicalResourceId();
                     String resourceStatus = resource.resourceStatusAsString();
-                    String logicalId = resource.logicalResourceId();
-                    LOGGER.info("Processing resource {} {} {} {}", resourceType, resourceStatus, logicalId,
-                            physicalResourceId);
+                    String serviceName = resource.logicalResourceId();
+                    LOGGER.info("Processing resource {} {} {} {}", resourceType, resourceStatus, serviceName,
+                            ecrRepo);
                     if ("CREATE_COMPLETE".equals(resourceStatus)) {
                         if ("AWS::ECR::Repository".equals(resourceType)) {
-                            LOGGER.info("Publishing appConfig update event for ECR repository {} {}", logicalId,
-                                    physicalResourceId);
+                            LOGGER.info("Publishing appConfig update event for ECR repository {} {}", serviceName,
+                                    ecrRepo);
                             // Logical ID is the service name
                             // Physical ID is the repo name
                             Map<String, Object> systemApiRequest = new HashMap<>();
-                            systemApiRequest.put("resource", "settings/config/" + logicalId + "/ECR_REPO");
+                            systemApiRequest.put("resource", "settings/config/" + serviceName + "/ECR_REPO");
                             systemApiRequest.put("method", "PUT");
-                            systemApiRequest.put("body", Utils.toJson(Map.of("value", physicalResourceId)));
+                            systemApiRequest.put("body", Utils.toJson(Map.of("value", ecrRepo)));
                             publishEvent(systemApiRequest, SYSTEM_API_CALL);
                         }
                     }

functions/onboarding-listener/event.json

@@ -0,0 +1,9 @@
+{
+  "records": [
+    {
+      "sns": {
+        "message": "StackId='arn:aws:cloudformation:us-west-2:914245659875:stack/sb-multi-tenant-e2f85934/3b77ee40-5a03-11ec-8817-02418856b67f'\nLogicalResourceId='sb-multi-tenant-e2f85934'\nPhysicalResourceId='arn:aws:cloudformation:us-west-2:914245659875:stack/sb-multi-tenant-e2f85934/3b77ee40-5a03-11ec-8817-02418856b67f'\nResourceStatus='CREATE_COMPLETE'\nResourceType='AWS::CloudFormation::Stack'\nStackName='sb-multi-tenant-e2f85934'"
+      }
+    }
+  ]
+}

functions/onboarding-listener/src/main/java/com/amazon/aws/partners/saasfactory/saasboost/OnboardingListener.java

@@ -197,8 +197,6 @@ public Object handleRequest(SNSEvent event, Context context) {
                         } else {
                             // Match on the resource type and build the console url
                             for (AwsResource awsResource : AwsResource.values()) {
-                                String name = null;
-                                String arn = null;
                                 if (awsResource.getResourceType().equalsIgnoreCase(resourceType)) {
                                     if ("AWS::ElasticLoadBalancingV2::LoadBalancer".equals(resourceType)) {
                                         // CloudFormation returns the ARN for the physical id of the load balancer
@@ -399,28 +397,28 @@ protected String getTenantIdFromStackParameters(String stackId) {
         return tenantId;
     }
 
-    private void getRdsResources(String stackId, Map<String, String> consoleResources) {
-        try {
-            ListStackResourcesResponse resources = cfn.listStackResources(request -> request.stackName(stackId));
-            for (StackResourceSummary resource : resources.stackResourceSummaries()) {
-                String resourceType = resource.resourceType();
-                String physicalResourceId = resource.physicalResourceId();
-                AwsResource url = null;
-                if (resourceType.equalsIgnoreCase(AwsResource.RDS_INSTANCE.getResourceType())) {
-                    url = AwsResource.RDS_INSTANCE;
-                } else if (resourceType.equalsIgnoreCase(AwsResource.RDS_CLUSTER.getResourceType())) {
-                    url = AwsResource.RDS_CLUSTER;
-                }
-                if (url != null) {
-                    consoleResources.put(url.name(), url.formatUrl(AWS_REGION, physicalResourceId));
-                }
-            }
-        } catch (SdkServiceException cfnError) {
-            LOGGER.error("cfn:ListStackResources error", cfnError);
-            LOGGER.error(Utils.getFullStackTrace(cfnError));
-            throw cfnError;
-        }
-    }
+//    private void getRdsResources(String stackId, Map<String, String> consoleResources) {
+//        try {
+//            ListStackResourcesResponse resources = cfn.listStackResources(request -> request.stackName(stackId));
+//            for (StackResourceSummary resource : resources.stackResourceSummaries()) {
+//                String resourceType = resource.resourceType();
+//                String physicalResourceId = resource.physicalResourceId();
+//                AwsResource url = null;
+//                if (resourceType.equalsIgnoreCase(AwsResource.RDS_INSTANCE.getResourceType())) {
+//                    url = AwsResource.RDS_INSTANCE;
+//                } else if (resourceType.equalsIgnoreCase(AwsResource.RDS_CLUSTER.getResourceType())) {
+//                    url = AwsResource.RDS_CLUSTER;
+//                }
+//                if (url != null) {
+//                    consoleResources.put(url.name(), url.formatUrl(AWS_REGION, physicalResourceId));
+//                }
+//            }
+//        } catch (SdkServiceException cfnError) {
+//            LOGGER.error("cfn:ListStackResources error", cfnError);
+//            LOGGER.error(Utils.getFullStackTrace(cfnError));
+//            throw cfnError;
+//        }
+//    }
 
     private void publishEvent(Map<String, Object> eventBridgeDetail, String detailType) {
         try {

functions/onboarding-listener/src/test/java/com/amazon/aws/partners/saasfactory/saasboost/OnboardingListenerTest.java

@@ -0,0 +1,11 @@
+package com.amazon.aws.partners.saasfactory.saasboost;
+
+import org.junit.Test;
+
+public class OnboardingListenerTest {
+
+    @Test
+    public void testHandleRequest() {
+
+    }
+}

functions/workload-deploy/src/main/java/com/amazon/aws/partners/saasfactory/saasboost/WorkloadDeploy.java

@@ -132,6 +132,7 @@ public Object handleRequest(Map<String, Object> event, Context context) {
                     }                    
                     for (Map<String, Object> tenant : getTenantsResponse) {
                         String tenantId = (String) tenant.get("id");
+                        //TODO need to find the pipeline for each application service
                         String tenantCodePipeline = "tenant-" + tenantId.substring(0, tenantId.indexOf("-"));
                         Deployment deployment = new Deployment(tenantId, imageUri, tenantCodePipeline);
                         deployments.add(deployment);

resources/tenant-onboarding-app.yaml

@@ -329,7 +329,7 @@ Resources:
                 Action:
                   - s3:GetObject
                 Resource:
-                  - !Sub 'arn:aws:s3:::{{resolve:ssm:/saas-boost/${Environment}/SAAS_BOOST_BUCKET}}/${TenantId}/ServiceDiscovery.env'
+                  - !Sub 'arn:aws:s3:::{{resolve:ssm:/saas-boost/${Environment}/SAAS_BOOST_BUCKET}}/tenants/${TenantId}/ServiceDiscovery.env'
               - Effect: Allow
                 Action:
                   - s3:GetBucketLocation
@@ -457,7 +457,7 @@ Resources:
                   Value: !Ref MetricsStream
           EnvironmentFiles:
             - Type: s3
-              Value: !Sub 'arn:aws:s3:::{{resolve:ssm:/saas-boost/${Environment}/SAAS_BOOST_BUCKET}}/${TenantId}/ServiceDiscovery.env'
+              Value: !Sub 'arn:aws:s3:::{{resolve:ssm:/saas-boost/${Environment}/SAAS_BOOST_BUCKET}}/tenants/${TenantId}/ServiceDiscovery.env'
           MountPoints:
             !If
               - ProvisionEFS

services/onboarding-service/src/main/java/com/amazon/aws/partners/saasfactory/saasboost/OnboardingService.java

@@ -26,6 +26,7 @@
 import org.slf4j.LoggerFactory;
 import software.amazon.awssdk.auth.credentials.EnvironmentVariableCredentialsProvider;
 import software.amazon.awssdk.core.exception.SdkServiceException;
+import software.amazon.awssdk.core.sync.RequestBody;
 import software.amazon.awssdk.http.SdkHttpFullRequest;
 import software.amazon.awssdk.regions.Region;
 import software.amazon.awssdk.services.cloudformation.CloudFormationClient;
@@ -42,9 +43,7 @@
 import software.amazon.awssdk.services.s3.presigner.S3Presigner;
 import software.amazon.awssdk.services.s3.presigner.model.PresignedPutObjectRequest;
 
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.UnsupportedEncodingException;
+import java.io.*;
 import java.net.URI;
 import java.net.URISyntaxException;
 import java.net.URLEncoder;
@@ -692,15 +691,13 @@ public APIGatewayProxyResponseEvent provisionApplication(Map<String, Object> eve
         List<String> applicationServiceStacks = new ArrayList<>();
 
         Map<String, Integer> pathPriority = getPathPriority(appConfig);
+        Properties serviceDiscovery = new Properties();
 
         Map<String, Object> services = (Map<String, Object>) appConfig.get("services");
         for (Map.Entry<String, Object> serviceConfig : services.entrySet()) {
             String serviceName = serviceConfig.getKey();
             // CloudFormation resource names can only contain alpha numeric characters or a dash
             String serviceResourceName = serviceName.replaceAll("[^0-9A-Za-z-]", "").toLowerCase();
-            // If there are any private services, we will create an environment variables called
-            // SERVICE_<SERVICE_NAME>_HOST and SERVICE_<SERVICE_NAME>_PORT
-            // to pass to the task definitions
             Map<String, Object> service = (Map<String, Object>) serviceConfig.getValue();
             Boolean isPublic = (Boolean) service.get("public");
             String pathPart = (isPublic) ? (String) service.get("path") : "";
@@ -717,6 +714,17 @@ public APIGatewayProxyResponseEvent provisionApplication(Map<String, Object> eve
             String containerRepo = (String) service.get("containerRepo");
             String imageTag = (String) service.getOrDefault("containerTag", "latest");
 
+            // If there are any private services, we will create an environment variables called
+            // SERVICE_<SERVICE_NAME>_HOST and SERVICE_<SERVICE_NAME>_PORT to pass to the task definitions
+            String serviceEnvName = serviceName.replaceAll("\\s+", "_").toUpperCase();
+            String serviceHost = "SERVICE_" + serviceEnvName + "_HOST";
+            String servicePort = "SERVICE_" + serviceEnvName + "_PORT";
+            if (!isPublic) {
+                LOGGER.debug("Creating service discovery environment variables {}, {}", serviceHost, servicePort);
+                serviceDiscovery.put(serviceHost, serviceResourceName + ".local");
+                serviceDiscovery.put(servicePort, Objects.toString(containerPort));
+            }
+
             Map<String, Object> tiers = (Map<String, Object>) service.get("tiers");
             if (!tiers.containsKey(tier)) {
                 dal.updateStatus(onboarding.getId(), OnboardingStatus.failed);
@@ -862,7 +870,8 @@ public APIGatewayProxyResponseEvent provisionApplication(Map<String, Object> eve
 
             // Make the stack name look like what CloudFormation would have done for a nested stack
             String tenantShortId = tenantId.toString().substring(0, 8);
-            String stackName = "sb-" + SAAS_BOOST_ENV + "-tenant-" + tenantShortId + "-app-" + serviceResourceName + "-" + Utils.randomString(12).toUpperCase();
+            String stackName = "sb-" + SAAS_BOOST_ENV + "-tenant-" + tenantShortId + "-app-" + serviceResourceName
+                    + "-" + Utils.randomString(12).toUpperCase();
             if (stackName.length() > 128) {
                 stackName = stackName.substring(0, 128);
             }
@@ -896,6 +905,32 @@ public APIGatewayProxyResponseEvent provisionApplication(Map<String, Object> eve
             }
         }
 
+        if (!serviceDiscovery.isEmpty()) {
+            String environmentFile = "tenants/" + tenantId.toString() + "/ServiceDiscovery.env";
+            ByteArrayOutputStream environmentFileContents = new ByteArrayOutputStream();
+            try (Writer writer = new BufferedWriter(new OutputStreamWriter(
+                        environmentFileContents, StandardCharsets.UTF_8)
+                )) {
+                serviceDiscovery.store(writer, null);
+                s3.putObject(request -> request
+                        .bucket(SAAS_BOOST_BUCKET)
+                        .key(environmentFile)
+                        .build(),
+                        RequestBody.fromBytes(environmentFileContents.toByteArray())
+                );
+            } catch (SdkServiceException s3Error) {
+                LOGGER.error("Error putting service discovery file to S3");
+                LOGGER.error(Utils.getFullStackTrace(s3Error));
+                dal.updateStatus(onboarding.getId(), OnboardingStatus.failed);
+                throw s3Error;
+            } catch (IOException ioe) {
+                LOGGER.error("Error writing service discovery data to output stream");
+                LOGGER.error(Utils.getFullStackTrace(ioe));
+                dal.updateStatus(onboarding.getId(), OnboardingStatus.failed);
+                throw new RuntimeException(ioe);
+            }
+        }
+
         APIGatewayProxyResponseEvent response = new APIGatewayProxyResponseEvent()
                 .withStatusCode(200)
                 .withHeaders(CORS)