constructor()

in src/main.ts [120:209]

• 74 lines of code
• 6 McCabe index (conditional complexity)

  constructor(scope: cdk.Construct, id: string, props: BaseFargateServicesProps) {
    super(scope, id);

    this.vpc = props.vpc ?? getOrCreateVpc(this),
    this.service = [];
    if (props.vpcSubnets) {
      this.vpcSubnets = props.vpcSubnets;
      this.validateSubnets(this.vpc, this.vpcSubnets);
    }


    // determine whether we need the external LB
    props.tasks.forEach(t => {
      // determine the accessibility
      if (t.accessibility != LoadBalancerAccessibility.INTERNAL_ONLY ) {
        this.hasExternalLoadBalancer = true;
      }
      if (t.accessibility != LoadBalancerAccessibility.EXTERNAL_ONLY) {
        this.hasInternalLoadBalancer = true;
      }
    });

    const cluster = new ecs.Cluster(this, 'Cluster', {
      vpc: this.vpc,
      enableFargateCapacityProviders: true,
      containerInsights: true,
      executeCommandConfiguration: {
        logging: ecs.ExecuteCommandLogging.DEFAULT,
      },
    });

    const spotOnlyStrategy = [
      {
        capacityProvider: 'FARGATE_SPOT',
        base: 0,
        weight: 1,
      },
      {
        capacityProvider: 'FARGATE',
        base: 0,
        weight: 0,
      },
    ];

    props.tasks.forEach(t => {
      const defaultContainerName = t.task.defaultContainer?.containerName;
      const svc = new ecs.FargateService(this, `${defaultContainerName}Service`, {
        taskDefinition: t.task,
        cluster,
        capacityProviderStrategies: t.capacityProviderStrategy ?? ( props.spot ? spotOnlyStrategy : undefined ),
        desiredCount: t.desiredCount,
        enableExecuteCommand: props.enableExecuteCommand ?? false,
        vpcSubnets: this.vpcSubnets,
        assignPublicIp: this.isPublicSubnets,
      });
      this.service.push(svc);
    });

    // Route53
    this.zoneName = props.route53Ops?.zoneName ?? 'svc.local';

    // ensure the dependency
    const cp = this.node.tryFindChild('Cluster') as ecs.CfnClusterCapacityProviderAssociations;
    this.service.forEach(s => {
      s.node.addDependency(cp);
    });

    // add solution ID for the stack
    if (!cdk.Stack.of(this).templateOptions.description) {
      cdk.Stack.of(this).templateOptions.description = '(SO8030) - AWS CDK stack with serverless-container-constructs';
    }

    props.tasks.forEach(t => {
      let cfnPolicy = t.task.executionRole?.node.tryFindChild('DefaultPolicy') as iam.Policy;
      cdknag.Suppress.iamPolicy(cfnPolicy, [
        {
          id: 'AwsSolutions-IAM5',
          reason: 'ecr:GetAuthorizationToken requires wildcard resource',
        },
      ]);
      cfnPolicy = t.task.taskRole?.node.tryFindChild('DefaultPolicy') as iam.Policy;
      cdknag.Suppress.iamPolicy(cfnPolicy, [
        {
          id: 'AwsSolutions-IAM5',
          reason: 'task role with ECS exec support requires wildcard resource for ssmmessages. see https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-exec.html',
        },
      ]);
    });

  }