import * as cdk from 'aws-cdk-lib'; import {Construct} from 'constructs'; import * as eks from 'aws-cdk-lib/aws-eks'; import {CognitoConfig} from './ide-services-cognito' interface IdeServicesConfigMapProps extends cdk.NestedStackProps { cluster: eks.Cluster; serviceAccount: eks.ServiceAccount; deploymentUrl: string; cognitoConfig: CognitoConfig; } export class IdeServicesConfigMap extends cdk.NestedStack { constructor(scope: Construct, id: string, props: IdeServicesConfigMapProps) { super(scope, id, props); const {cluster, serviceAccount, deploymentUrl, cognitoConfig} = props; const updateConfigMap = new eks.KubernetesPatch(this, 'UpdateConfigMap', { cluster, resourceName: 'configmap/jb-ide-services-ide-services-helm-common', resourceNamespace: serviceAccount.serviceAccountNamespace, patchType: eks.PatchType.STRATEGIC, applyPatch: { data: { 'override.yaml': `tbe: deployment: url: ${deploymentUrl} allowed-origins: - \${tbe.deployment.url} browser-url: \${tbe.deployment.url} storage: type: s3 minio: check-bucket: false auth: login-url: "${cognitoConfig.authBaseUrl}/oauth2/authorize" token-url: "${cognitoConfig.authBaseUrl}/oauth2/token" jwt-certs-url: "https://cognito-idp.${this.region}.amazonaws.com/${cognitoConfig.userPoolId}/.well-known/jwks.json" client-id: "${cognitoConfig.clientId}" client-secret: "${cognitoConfig.clientSecret}" required-scopes: [ "email", "openid", "profile" ] root-admin-emails: - "${cognitoConfig.adminUserEmail}" spring: flyway: enabled: true logging: level: root: INFO reactor: INFO io.netty: INFO io.r2dbc.postgresql: INFO org.eclipse.jetty: INFO org.postgresql: INFO org.springframework.core: INFO org.springframework.context: INFO org.springframework.beans: INFO org.springframework.boot: INFO org.springframework.data: INFO org.springframework.security.web.server: INFO _org.springframework.web.reactive: INFO org.quartz: INFO Exposed: INFO org.springframework.transaction: INFO org.springframework.transaction.interceptor: INFO`, }, }, restorePatch: {}, // keep the new value on stack updates }); const restartPods = new eks.KubernetesPatch(this, 'RestartPods', { cluster, resourceName: 'deployment/jb-ide-services-ide-services-helm', resourceNamespace: serviceAccount.serviceAccountNamespace, patchType: eks.PatchType.STRATEGIC, applyPatch: { spec: { template: { metadata: { annotations: { 'kubectl.kubernetes.io/restartedAt': new Date().toISOString(), // Adds a timestamp to force a pod restart }, }, }, }, }, restorePatch: {} }); restartPods.node.addDependency(updateConfigMap) } }