From 898af4596acc6cdd79f3bc70f1c1ba098cde0cf5 Mon Sep 17 00:00:00 2001 From: Don Buchanan <42761041+Don-CA@users.noreply.github.com> Date: Wed, 15 Jan 2020 16:29:03 +1100 Subject: [PATCH 1/2] determineFullyQualifiedDomainName ignores trailing dot in hostedZone.zoneName --- ...oad-balanced-fargate-service.expected.json | 881 ++++++++++++++++++ .../integ.load-balanced-fargate-service.ts | 32 + .../test.load-balanced-fargate-service.ts | 32 + packages/@aws-cdk/aws-route53/lib/util.ts | 8 +- .../@aws-cdk/aws-route53/test/test.util.ts | 62 +- 5 files changed, 1011 insertions(+), 4 deletions(-) create mode 100644 packages/@aws-cdk/aws-ecs-patterns/test/fargate/integ.load-balanced-fargate-service.expected.json create mode 100644 packages/@aws-cdk/aws-ecs-patterns/test/fargate/integ.load-balanced-fargate-service.ts diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/fargate/integ.load-balanced-fargate-service.expected.json b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/integ.load-balanced-fargate-service.expected.json new file mode 100644 index 0000000000000..4edd14a4b6144 --- /dev/null +++ b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/integ.load-balanced-fargate-service.expected.json @@ -0,0 +1,881 @@ +{ + "Resources": { + "Vpc8378EB38": { + "Type": "AWS::EC2::VPC", + "Properties": { + "CidrBlock": "10.0.0.0/16", + "EnableDnsHostnames": true, + "EnableDnsSupport": true, + "InstanceTenancy": "default", + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc" + } + ] + } + }, + "VpcPublicSubnet1Subnet5C2D37C4": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "CidrBlock": "10.0.0.0/18", + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": "test-region-1a", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet1" + }, + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + } + ] + } + }, + "VpcPublicSubnet1RouteTable6C95E38E": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet1RouteTableAssociation97140677": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "SubnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + } + } + }, + "VpcPublicSubnet1DefaultRoute3DA9E72A": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VpcIGWD7BA715C" + } + }, + "DependsOn": [ + "VpcVPCGWBF912B6E" + ] + }, + "VpcPublicSubnet1EIPD7E02669": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet1NATGateway4D7517AA": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "AllocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet1EIPD7E02669", + "AllocationId" + ] + }, + "SubnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet2Subnet691E08A3": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "CidrBlock": "10.0.64.0/18", + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": "test-region-1b", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet2" + }, + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + } + ] + } + }, + "VpcPublicSubnet2RouteTable94F7E489": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet2" + } + ] + } + }, + "VpcPublicSubnet2RouteTableAssociationDD5762D8": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "SubnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + } + }, + "VpcPublicSubnet2DefaultRoute97F91067": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VpcIGWD7BA715C" + } + }, + "DependsOn": [ + "VpcVPCGWBF912B6E" + ] + }, + "VpcPublicSubnet2EIP3C605A87": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet2" + } + ] + } + }, + "VpcPublicSubnet2NATGateway9182C01D": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "AllocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet2EIP3C605A87", + "AllocationId" + ] + }, + "SubnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PublicSubnet2" + } + ] + } + }, + "VpcPrivateSubnet1Subnet536B997A": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "CidrBlock": "10.0.128.0/18", + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": "test-region-1a", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PrivateSubnet1" + }, + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + } + ] + } + }, + "VpcPrivateSubnet1RouteTableB2C5B500": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PrivateSubnet1" + } + ] + } + }, + "VpcPrivateSubnet1RouteTableAssociation70C59FA6": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "SubnetId": { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + } + } + }, + "VpcPrivateSubnet1DefaultRouteBE02A9ED": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "VpcPublicSubnet1NATGateway4D7517AA" + } + } + }, + "VpcPrivateSubnet2Subnet3788AAA1": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "CidrBlock": "10.0.192.0/18", + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": "test-region-1b", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PrivateSubnet2" + }, + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + } + ] + } + }, + "VpcPrivateSubnet2RouteTableA678073B": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc/PrivateSubnet2" + } + ] + } + }, + "VpcPrivateSubnet2RouteTableAssociationA89CAD56": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "SubnetId": { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + } + }, + "VpcPrivateSubnet2DefaultRoute060D2087": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "VpcPublicSubnet2NATGateway9182C01D" + } + } + }, + "VpcIGWD7BA715C": { + "Type": "AWS::EC2::InternetGateway", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "aws-ecs-integ/Vpc" + } + ] + } + }, + "VpcVPCGWBF912B6E": { + "Type": "AWS::EC2::VPCGatewayAttachment", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "InternetGatewayId": { + "Ref": "VpcIGWD7BA715C" + } + } + }, + "ClusterEB0386A7": { + "Type": "AWS::ECS::Cluster" + }, + "myServiceLB168895E1": { + "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer", + "Properties": { + "Scheme": "internet-facing", + "SecurityGroups": [ + { + "Fn::GetAtt": [ + "myServiceLBSecurityGroupFE0ED608", + "GroupId" + ] + } + ], + "Subnets": [ + { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + ], + "Type": "application" + }, + "DependsOn": [ + "VpcPublicSubnet1DefaultRoute3DA9E72A", + "VpcPublicSubnet2DefaultRoute97F91067" + ] + }, + "myServiceLBSecurityGroupFE0ED608": { + "Type": "AWS::EC2::SecurityGroup", + "Properties": { + "GroupDescription": "Automatically created Security Group for ELB awsecsintegmyServiceLB1F7A535D", + "SecurityGroupIngress": [ + { + "CidrIp": "0.0.0.0/0", + "Description": "Allow from anyone on port 443", + "FromPort": 443, + "IpProtocol": "tcp", + "ToPort": 443 + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "myServiceLBSecurityGrouptoawsecsintegmyServiceSecurityGroup8DAB521180B6703B07": { + "Type": "AWS::EC2::SecurityGroupEgress", + "Properties": { + "GroupId": { + "Fn::GetAtt": [ + "myServiceLBSecurityGroupFE0ED608", + "GroupId" + ] + }, + "IpProtocol": "tcp", + "Description": "Load balancer to target", + "DestinationSecurityGroupId": { + "Fn::GetAtt": [ + "myServiceSecurityGroupC3B9D4E0", + "GroupId" + ] + }, + "FromPort": 80, + "ToPort": 80 + } + }, + "myServiceLBPublicListenerC78AE8A0": { + "Type": "AWS::ElasticLoadBalancingV2::Listener", + "Properties": { + "DefaultActions": [ + { + "TargetGroupArn": { + "Ref": "myServiceLBPublicListenerECSGroup17E9BBC1" + }, + "Type": "forward" + } + ], + "LoadBalancerArn": { + "Ref": "myServiceLB168895E1" + }, + "Port": 443, + "Protocol": "HTTPS", + "Certificates": [ + { + "CertificateArn": { + "Fn::GetAtt": [ + "myServiceCertificateCertificateRequestorResource76DB9304", + "Arn" + ] + } + } + ] + } + }, + "myServiceLBPublicListenerECSGroup17E9BBC1": { + "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", + "Properties": { + "Port": 80, + "Protocol": "HTTP", + "TargetType": "ip", + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "myServiceCertificateCertificateRequestorFunctionServiceRoleB55B306C": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "myServiceCertificateCertificateRequestorFunctionServiceRoleDefaultPolicyFB403A3B": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "acm:RequestCertificate", + "acm:DescribeCertificate", + "acm:DeleteCertificate" + ], + "Effect": "Allow", + "Resource": "*" + }, + { + "Action": "route53:GetChange", + "Effect": "Allow", + "Resource": "*" + }, + { + "Action": "route53:changeResourceRecordSets", + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":route53:::hostedzone/fakeId" + ] + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "myServiceCertificateCertificateRequestorFunctionServiceRoleDefaultPolicyFB403A3B", + "Roles": [ + { + "Ref": "myServiceCertificateCertificateRequestorFunctionServiceRoleB55B306C" + } + ] + } + }, + "myServiceCertificateCertificateRequestorFunctionC16CEAAF": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "S3Bucket": { + "Ref": "AssetParameters0b9723d54b7db3fbfc1a143398b02392e5fe080a68535480782a949b4372d0f0S3Bucket0997A4A0" + }, + "S3Key": { + "Fn::Join": [ + "", + [ + { + "Fn::Select": [ + 0, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParameters0b9723d54b7db3fbfc1a143398b02392e5fe080a68535480782a949b4372d0f0S3VersionKey83D9C166" + } + ] + } + ] + }, + { + "Fn::Select": [ + 1, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParameters0b9723d54b7db3fbfc1a143398b02392e5fe080a68535480782a949b4372d0f0S3VersionKey83D9C166" + } + ] + } + ] + } + ] + ] + } + }, + "Handler": "index.certificateRequestHandler", + "Role": { + "Fn::GetAtt": [ + "myServiceCertificateCertificateRequestorFunctionServiceRoleB55B306C", + "Arn" + ] + }, + "Runtime": "nodejs10.x", + "Timeout": 900 + }, + "DependsOn": [ + "myServiceCertificateCertificateRequestorFunctionServiceRoleDefaultPolicyFB403A3B", + "myServiceCertificateCertificateRequestorFunctionServiceRoleB55B306C" + ] + }, + "myServiceCertificateCertificateRequestorResource76DB9304": { + "Type": "AWS::CloudFormation::CustomResource", + "Properties": { + "ServiceToken": { + "Fn::GetAtt": [ + "myServiceCertificateCertificateRequestorFunctionC16CEAAF", + "Arn" + ] + }, + "DomainName": "test.example.com", + "HostedZoneId": "fakeId" + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "myServiceDNSD76FB53A": { + "Type": "AWS::Route53::RecordSet", + "Properties": { + "Name": "test.example.com.", + "Type": "A", + "AliasTarget": { + "DNSName": { + "Fn::GetAtt": [ + "myServiceLB168895E1", + "DNSName" + ] + }, + "HostedZoneId": { + "Fn::GetAtt": [ + "myServiceLB168895E1", + "CanonicalHostedZoneID" + ] + } + }, + "HostedZoneId": "fakeId" + } + }, + "myServiceTaskDefTaskRole1C1DE6CC": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "ecs-tasks.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "myServiceTaskDef7FB8322A": { + "Type": "AWS::ECS::TaskDefinition", + "Properties": { + "ContainerDefinitions": [ + { + "Essential": true, + "Image": "amazon/amazon-ecs-sample", + "LogConfiguration": { + "LogDriver": "awslogs", + "Options": { + "awslogs-group": { + "Ref": "myServiceTaskDefwebLogGroupA1767F2C" + }, + "awslogs-stream-prefix": "myService", + "awslogs-region": { + "Ref": "AWS::Region" + } + } + }, + "Name": "web", + "PortMappings": [ + { + "ContainerPort": 80, + "Protocol": "tcp" + } + ] + } + ], + "Cpu": "256", + "ExecutionRoleArn": { + "Fn::GetAtt": [ + "myServiceTaskDefExecutionRole618CD311", + "Arn" + ] + }, + "Family": "awsecsintegmyServiceTaskDefA3A33D18", + "Memory": "512", + "NetworkMode": "awsvpc", + "RequiresCompatibilities": [ + "FARGATE" + ], + "TaskRoleArn": { + "Fn::GetAtt": [ + "myServiceTaskDefTaskRole1C1DE6CC", + "Arn" + ] + } + } + }, + "myServiceTaskDefwebLogGroupA1767F2C": { + "Type": "AWS::Logs::LogGroup", + "UpdateReplacePolicy": "Retain", + "DeletionPolicy": "Retain" + }, + "myServiceTaskDefExecutionRole618CD311": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "ecs-tasks.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + } + } + }, + "myServiceTaskDefExecutionRoleDefaultPolicyBDAEC571": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "logs:CreateLogStream", + "logs:PutLogEvents" + ], + "Effect": "Allow", + "Resource": { + "Fn::GetAtt": [ + "myServiceTaskDefwebLogGroupA1767F2C", + "Arn" + ] + } + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "myServiceTaskDefExecutionRoleDefaultPolicyBDAEC571", + "Roles": [ + { + "Ref": "myServiceTaskDefExecutionRole618CD311" + } + ] + } + }, + "myServiceB0B6FAA0": { + "Type": "AWS::ECS::Service", + "Properties": { + "Cluster": { + "Ref": "ClusterEB0386A7" + }, + "DeploymentConfiguration": { + "MaximumPercent": 200, + "MinimumHealthyPercent": 50 + }, + "DesiredCount": 1, + "EnableECSManagedTags": true, + "HealthCheckGracePeriodSeconds": 60, + "LaunchType": "FARGATE", + "LoadBalancers": [ + { + "ContainerName": "web", + "ContainerPort": 80, + "TargetGroupArn": { + "Ref": "myServiceLBPublicListenerECSGroup17E9BBC1" + } + } + ], + "NetworkConfiguration": { + "AwsvpcConfiguration": { + "AssignPublicIp": "DISABLED", + "SecurityGroups": [ + { + "Fn::GetAtt": [ + "myServiceSecurityGroupC3B9D4E0", + "GroupId" + ] + } + ], + "Subnets": [ + { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + }, + { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + ] + } + }, + "TaskDefinition": { + "Ref": "myServiceTaskDef7FB8322A" + } + }, + "DependsOn": [ + "myServiceLBPublicListenerECSGroup17E9BBC1", + "myServiceLBPublicListenerC78AE8A0" + ] + }, + "myServiceSecurityGroupC3B9D4E0": { + "Type": "AWS::EC2::SecurityGroup", + "Properties": { + "GroupDescription": "aws-ecs-integ/myService/Service/SecurityGroup", + "SecurityGroupEgress": [ + { + "CidrIp": "0.0.0.0/0", + "Description": "Allow all outbound traffic by default", + "IpProtocol": "-1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "myServiceSecurityGroupfromawsecsintegmyServiceLBSecurityGroupFA544FE5800A81885C": { + "Type": "AWS::EC2::SecurityGroupIngress", + "Properties": { + "IpProtocol": "tcp", + "Description": "Load balancer to target", + "FromPort": 80, + "GroupId": { + "Fn::GetAtt": [ + "myServiceSecurityGroupC3B9D4E0", + "GroupId" + ] + }, + "SourceSecurityGroupId": { + "Fn::GetAtt": [ + "myServiceLBSecurityGroupFE0ED608", + "GroupId" + ] + }, + "ToPort": 80 + } + } + }, + "Outputs": { + "myServiceLoadBalancerDNS3A083E9F": { + "Value": { + "Fn::GetAtt": [ + "myServiceLB168895E1", + "DNSName" + ] + } + }, + "myServiceServiceURL1258C56B": { + "Value": { + "Fn::Join": [ + "", + [ + "https://", + { + "Ref": "myServiceDNSD76FB53A" + } + ] + ] + } + } + }, + "Parameters": { + "AssetParameters0b9723d54b7db3fbfc1a143398b02392e5fe080a68535480782a949b4372d0f0S3Bucket0997A4A0": { + "Type": "String", + "Description": "S3 bucket for asset \"0b9723d54b7db3fbfc1a143398b02392e5fe080a68535480782a949b4372d0f0\"" + }, + "AssetParameters0b9723d54b7db3fbfc1a143398b02392e5fe080a68535480782a949b4372d0f0S3VersionKey83D9C166": { + "Type": "String", + "Description": "S3 key for asset version \"0b9723d54b7db3fbfc1a143398b02392e5fe080a68535480782a949b4372d0f0\"" + }, + "AssetParameters0b9723d54b7db3fbfc1a143398b02392e5fe080a68535480782a949b4372d0f0ArtifactHashF8F836D1": { + "Type": "String", + "Description": "Artifact hash for asset \"0b9723d54b7db3fbfc1a143398b02392e5fe080a68535480782a949b4372d0f0\"" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/fargate/integ.load-balanced-fargate-service.ts b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/integ.load-balanced-fargate-service.ts new file mode 100644 index 0000000000000..b294eff0e69f0 --- /dev/null +++ b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/integ.load-balanced-fargate-service.ts @@ -0,0 +1,32 @@ +import { Vpc } from '@aws-cdk/aws-ec2'; +import { Cluster, ContainerImage } from '@aws-cdk/aws-ecs'; +import { ApplicationProtocol } from '@aws-cdk/aws-elasticloadbalancingv2'; +import { App, Stack } from '@aws-cdk/core'; + +import { ApplicationLoadBalancedFargateService } from '../../lib'; + +const app = new App(); +const stack = new Stack(app, 'aws-ecs-integ'); +const vpc = new Vpc(stack, 'Vpc', { maxAzs: 2 }); +const cluster = new Cluster(stack, 'Cluster', { vpc }); + +// Loadbalancer with HTTPS +new ApplicationLoadBalancedFargateService(stack, 'myService', { + cluster, + memoryLimitMiB: 512, + taskImageOptions: { + image: ContainerImage.fromRegistry("amazon/amazon-ecs-sample"), + }, + protocol: ApplicationProtocol.HTTPS, + enableECSManagedTags: true, + domainName: 'test.example.com', + domainZone: { + hostedZoneId: 'fakeId', + zoneName: 'example.com.', + hostedZoneArn: 'arn:aws:route53:::hostedzone/fakeId', + stack, + node: stack.node, + }, +}); + +app.synth(); \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/fargate/test.load-balanced-fargate-service.ts b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/test.load-balanced-fargate-service.ts index 8cc4d958a80f6..3829a868cf5db 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/test/fargate/test.load-balanced-fargate-service.ts +++ b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/test.load-balanced-fargate-service.ts @@ -354,6 +354,38 @@ export = { test.done(); }, + 'setting ALB HTTPS correctly sets the recordset name'(test: Test) { + // GIVEN + const stack = new cdk.Stack(); + const vpc = new ec2.Vpc(stack, 'VPC'); + const cluster = new ecs.Cluster(stack, 'Cluster', { vpc }); + + // WHEN + new ecsPatterns.ApplicationLoadBalancedFargateService(stack, "FargateAlbService", { + cluster, + protocol: ApplicationProtocol.HTTPS, + domainName: 'test.domain.com', + domainZone: { + hostedZoneId: 'fakeId', + zoneName: 'domain.com.', + hostedZoneArn: 'arn:aws:route53:::hostedzone/fakeId', + stack, + node: stack.node, + }, + taskImageOptions: { + containerPort: 2015, + image: ecs.ContainerImage.fromRegistry('abiosoft/caddy') + }, + }); + + // THEN + expect(stack).to(haveResourceLike('AWS::Route53::RecordSet', { + Name: 'test.domain.com.', + })); + + test.done(); + }, + 'setting ALB HTTP protocol to create the listener on 80'(test: Test) { // GIVEN const stack = new cdk.Stack(); diff --git a/packages/@aws-cdk/aws-route53/lib/util.ts b/packages/@aws-cdk/aws-route53/lib/util.ts index a1cd2fce5a6f9..56a661575f19b 100644 --- a/packages/@aws-cdk/aws-route53/lib/util.ts +++ b/packages/@aws-cdk/aws-route53/lib/util.ts @@ -50,8 +50,12 @@ export function determineFullyQualifiedDomainName(providedName: string, hostedZo return providedName; } - const suffix = `.${hostedZone.zoneName}`; - if (providedName.endsWith(suffix) || providedName === hostedZone.zoneName) { + const hostedZoneName = hostedZone.zoneName.endsWith('.') + ? hostedZone.zoneName.substring(0, hostedZone.zoneName.length - 1) + : hostedZone.zoneName; + + const suffix = `.${hostedZoneName}`; + if (providedName.endsWith(suffix) || providedName === hostedZoneName) { return `${providedName}.`; } diff --git a/packages/@aws-cdk/aws-route53/test/test.util.ts b/packages/@aws-cdk/aws-route53/test/test.util.ts index 1d123633453f2..ce8b46f78e03f 100644 --- a/packages/@aws-cdk/aws-route53/test/test.util.ts +++ b/packages/@aws-cdk/aws-route53/test/test.util.ts @@ -1,5 +1,5 @@ +import * as cdk from '@aws-cdk/core'; import { Test } from 'nodeunit'; - import * as util from '../lib/util'; export = { @@ -7,9 +7,67 @@ export = { test.throws(() => util.validateZoneName('zone.name.'), /trailing dot/); test.done(); }, + 'accepts a valid domain name'(test: Test) { const domainName = 'amazonaws.com'; util.validateZoneName(domainName); test.done(); - } + }, + + 'providedName ending with a dot returns the name'(test: Test) { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + const providedName = 'test.domain.com.'; + const qualified = util.determineFullyQualifiedDomainName(providedName, { + hostedZoneId: 'fakeId', + zoneName: 'ignored', + hostedZoneArn: 'arn:aws:route53:::hostedzone/fakeId', + stack, + node: stack.node, + }); + + // THEN + test.equal(qualified, 'test.domain.com.'); + test.done(); + }, + + 'providedName that matches zoneName returns providedName with a dot'(test: Test) { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + const providedName = 'test.domain.com'; + const qualified = util.determineFullyQualifiedDomainName(providedName, { + hostedZoneId: 'fakeId', + zoneName: 'domain.com.', + hostedZoneArn: 'arn:aws:route53:::hostedzone/fakeId', + stack, + node: stack.node, + }); + + // THEN + test.equal(qualified, 'test.domain.com.'); + test.done(); + }, + + 'providedName that does not matches zoneName concatenates providedName and zoneName'(test: Test) { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + const providedName = 'test'; + const qualified = util.determineFullyQualifiedDomainName(providedName, { + hostedZoneId: 'fakeId', + zoneName: 'domain.com.', + hostedZoneArn: 'arn:aws:route53:::hostedzone/fakeId', + stack, + node: stack.node, + }); + + // THEN + test.equal(qualified, 'test.domain.com.'); + test.done(); + }, }; From a32466d04e206f8322d04a34027cc5ce7d19e964 Mon Sep 17 00:00:00 2001 From: Don Buchanan <42761041+Don-CA@users.noreply.github.com> Date: Fri, 17 Jan 2020 11:09:10 +1100 Subject: [PATCH 2/2] add test for complete match and rename other tests --- .../@aws-cdk/aws-route53/test/test.util.ts | 23 +++++++++++++++++-- 1 file changed, 21 insertions(+), 2 deletions(-) diff --git a/packages/@aws-cdk/aws-route53/test/test.util.ts b/packages/@aws-cdk/aws-route53/test/test.util.ts index ce8b46f78e03f..c2e591d7a7c54 100644 --- a/packages/@aws-cdk/aws-route53/test/test.util.ts +++ b/packages/@aws-cdk/aws-route53/test/test.util.ts @@ -33,7 +33,26 @@ export = { test.done(); }, - 'providedName that matches zoneName returns providedName with a dot'(test: Test) { + 'providedName that matches zoneName returns providedName with a trailing dot'(test: Test) { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + const providedName = 'test.domain.com'; + const qualified = util.determineFullyQualifiedDomainName(providedName, { + hostedZoneId: 'fakeId', + zoneName: 'test.domain.com.', + hostedZoneArn: 'arn:aws:route53:::hostedzone/fakeId', + stack, + node: stack.node, + }); + + // THEN + test.equal(qualified, 'test.domain.com.'); + test.done(); + }, + + 'providedName that ends with zoneName returns providedName with a trailing dot'(test: Test) { // GIVEN const stack = new cdk.Stack(); @@ -52,7 +71,7 @@ export = { test.done(); }, - 'providedName that does not matches zoneName concatenates providedName and zoneName'(test: Test) { + 'providedName that does not match zoneName concatenates providedName and zoneName'(test: Test) { // GIVEN const stack = new cdk.Stack();