constructor()

in PetAdoptions/cdk/pet_stack/lib/services/ecs-service.ts [56:162]

• 82 lines of code
• 6 McCabe index (conditional complexity)

  constructor(scope: cdk.Construct, id: string, props: EcsServiceProps) {
    super(scope, id);

    const logging = new ecs.AwsLogDriver({
      streamPrefix: "logs",
      logGroup: new logs.LogGroup(this, "ecs-log-group", {
        logGroupName: props.logGroupName,
        removalPolicy: cdk.RemovalPolicy.DESTROY
      })
    });

    const firelenslogging = new ecs.FireLensLogDriver({
      options: {
        "Name": "cloudwatch",
        "region": props.region,
        "log_key": "log",
        "log_group_name": props.logGroupName,
        "auto_create_group": "false",
        "log_stream_name": "$(ecs_task_id)"
      }
    });

    const taskRole = new iam.Role(this, `taskRole`, {
      assumedBy: new iam.ServicePrincipal('ecs-tasks.amazonaws.com')
    });

    this.taskDefinition = new ecs.FargateTaskDefinition(this, "taskDefinition", {
      cpu: props.cpu,
      taskRole: taskRole,
      memoryLimitMiB: props.memoryLimitMiB
    });

    this.taskDefinition.addToExecutionRolePolicy(EcsService.ExecutionRolePolicy);
    this.taskDefinition.taskRole?.addManagedPolicy(iam.ManagedPolicy.fromManagedPolicyArn(this, 'AmazonECSTaskExecutionRolePolicy', 'arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy'));
    this.taskDefinition.taskRole?.addManagedPolicy(iam.ManagedPolicy.fromManagedPolicyArn(this, 'AWSXrayWriteOnlyAccess', 'arn:aws:iam::aws:policy/AWSXrayWriteOnlyAccess'));

    // Build locally the image only if the repository URI is not specified
    // Can help speed up builds if we are not rebuilding anything
    const image = props.repositoryURI? this.containerImageFromRepository(props.repositoryURI) : this.createContainerImage()

    this.taskDefinition.addContainer('container', {
      image: image,
      memoryLimitMiB: 512,
      cpu: 256,
      logging: firelenslogging,
      environment: { // clear text, not for sensitive data
        AWS_REGION: props.region,
      }
    }).addPortMappings({
      containerPort: 80,
      protocol: ecs.Protocol.TCP
    });

    this.taskDefinition.addFirelensLogRouter('firelensrouter', {
      firelensConfig: {
        type: ecs.FirelensLogRouterType.FLUENTBIT
      },
      image: ecs.ContainerImage.fromRegistry('public.ecr.aws/aws-observability/aws-for-fluent-bit:latest')
    })

    // sidecar for instrumentation collecting
    switch(props.instrumentation) {

      // we don't add any sidecar if instrumentation is none
      case "none": {
        break;
      }

      // This collector would be used for both traces collected using
      // open telemetry or X-Ray
      case "otel": {
        this.addOtelCollectorContainer(this.taskDefinition, logging);
        break;
      }

      // Default X-Ray traces collector
      case "xray": {
        this.addXRayContainer(this.taskDefinition, logging);
        break;
      }

      // Default X-Ray traces collector
      // enabled by default
      default: {
        this.addXRayContainer(this.taskDefinition, logging);
        break;
      }
    }

    if (!props.disableService) {
      this.service = new ecs_patterns.ApplicationLoadBalancedFargateService(this, "ecs-service", {
        cluster: props.cluster,
        taskDefinition: this.taskDefinition,
        publicLoadBalancer: true,
        desiredCount: props.desiredTaskCount,
        listenerPort: 80,
        securityGroups: [props.securityGroup]

      })

      if (props.healthCheck) {
        this.service.targetGroup.configureHealthCheck({
          path: props.healthCheck
        });
      }
    }
  }