From 3f512ef557879d2eb7cf03cd26110e7ef21e2351 Mon Sep 17 00:00:00 2001 From: Steven Hoang Date: Mon, 8 Jul 2024 18:31:24 +0800 Subject: [PATCH] update --- src/Aks/index.ts | 172 +++++++++--------- src/Builder/AksBuilder.ts | 12 +- src/Builder/types/askBuilder.ts | 12 +- src/Common/GlobalEnv.ts | 22 +-- src/Common/ResourceEnv.ts | 45 ++--- .../{KeyGenetators.ts => KeyGenerators.ts} | 0 src/Core/ResourceGroup.ts | 18 +- src/config.ts | 12 -- src/types.ts | 20 +- tsconfig.json | 3 +- 10 files changed, 152 insertions(+), 164 deletions(-) rename src/Core/{KeyGenetators.ts => KeyGenerators.ts} (100%) delete mode 100644 src/config.ts diff --git a/src/Aks/index.ts b/src/Aks/index.ts index 16712159..28a19d86 100644 --- a/src/Aks/index.ts +++ b/src/Aks/index.ts @@ -1,8 +1,8 @@ -import * as native from "@pulumi/azure-native"; -import * as pulumi from "@pulumi/pulumi"; -import { Input, Output, output } from "@pulumi/pulumi"; -import vmsDiagnostic from "./VmSetMonitor"; -import { BasicResourceArgs, KeyVaultInfo, ResourceInfo } from "../types"; +import * as native from '@pulumi/azure-native'; +import * as pulumi from '@pulumi/pulumi'; +import { Input, Output, output } from '@pulumi/pulumi'; +import vmsDiagnostic from './VmSetMonitor'; +import { BasicResourceArgs, KeyVaultInfo, ResourceInfo } from '../types'; import { currentEnv, defaultScope, @@ -11,20 +11,20 @@ import { parseResourceInfoFromId, isPrd, tenantId, -} from "../Common/AzureEnv"; -import Locker from "../Core/Locker"; -import aksIdentityCreator from "./Identity"; -import { stack } from "../Common/StackEnv"; -import { createDiagnostic } from "../Logs/Helpers"; -import { getAksName, getResourceGroupName } from "../Common/Naming"; -import { roleAssignment } from "../AzAd/RoleAssignment"; -import { EnvRolesResults } from "../AzAd/EnvRoles"; -import { getAksConfig } from "./Helper"; -import { addCustomSecret } from "../KeyVault/CustomHelper"; -import * as inputs from "@pulumi/azure-native/types/input"; -import { getKeyVaultBase } from "@drunk-pulumi/azure-providers/AzBase/KeyVaultBase"; -import { IdentityResult } from "../AzAd/Identity"; -import { ManagedCluster } from "@pulumi/azure-native/containerservice"; +} from '../Common/AzureEnv'; +import Locker from '../Core/Locker'; +import aksIdentityCreator from './Identity'; +import { stack } from '../Common/StackEnv'; +import { createDiagnostic } from '../Logs/Helpers'; +import { getAksName, getResourceGroupName } from '../Common'; +import { roleAssignment } from '../AzAd/RoleAssignment'; +import { EnvRolesResults } from '../AzAd/EnvRoles'; +import { getAksConfig } from './Helper'; +import { addCustomSecret } from '../KeyVault/CustomHelper'; +import * as inputs from '@pulumi/azure-native/types/input'; +import { getKeyVaultBase } from '@drunk-pulumi/azure-providers/AzBase/KeyVaultBase'; +import { IdentityResult } from '../AzAd/Identity'; +import { ManagedCluster } from '@pulumi/azure-native/containerservice'; const autoScaleFor = ({ enableAutoScaling, @@ -32,7 +32,7 @@ const autoScaleFor = ({ env, }: { env: Environments; - nodeType: "Default" | "System" | "User"; + nodeType: 'Default' | 'System' | 'User'; enableAutoScaling?: boolean; }) => { const nodeCount = 1; @@ -41,12 +41,12 @@ const autoScaleFor = ({ if (env === Environments.Prd) { switch (nodeType) { - case "User": + case 'User': maxCount = 5; break; - case "Default": - case "System": + case 'Default': + case 'System': default: maxCount = 3; break; @@ -62,9 +62,9 @@ const autoScaleFor = ({ }; const defaultNodePoolProps = { - availabilityZones: isPrd ? ["1", "2", "3"] : undefined, + availabilityZones: isPrd ? ['1', '2', '3'] : undefined, type: native.containerservice.AgentPoolType.VirtualMachineScaleSets, - vmSize: "Standard_B2s", + vmSize: 'Standard_B2s', maxPods: 50, enableFIPS: false, @@ -83,25 +83,25 @@ const defaultNodePoolProps = { export enum VmSizes { /** 32G RAM - 4CPU - $221.92 */ - Standard_E4as_v4 = "Standard_E4as_v4", + Standard_E4as_v4 = 'Standard_E4as_v4', /** 8G RAM - 2CPU - $77.38 */ - Standard_B2ms = "Standard_B2ms", + Standard_B2ms = 'Standard_B2ms', /** 16G RAM - 4CPU - $154.03 */ - Standard_B4ms = "Standard_B4ms", + Standard_B4ms = 'Standard_B4ms', /** 8G RAM - 2CPU - 87.60 */ - Standard_D2as_v4 = "Standard_D2as_v4", + Standard_D2as_v4 = 'Standard_D2as_v4', /** 8G RAM - 2CPU - 87.60 */ - Standard_D2s_v3 = "Standard_D2s_v3", + Standard_D2s_v3 = 'Standard_D2s_v3', /** 8G RAM - 4CPU - 182.5 */ - Standard_D4s_v3 = "Standard_D4s_v3", + Standard_D4s_v3 = 'Standard_D4s_v3', /** 16G RAM - 4CPU - $175.20 */ - Standard_D4as_v4 = "Standard_D4as_v4", + Standard_D4as_v4 = 'Standard_D4as_v4', /** 4G RAM - 2CPU - $69.35 */ - Standard_A2_v2 = "Standard_A2_v2", + Standard_A2_v2 = 'Standard_A2_v2', /** 8G RAM - 4CPU - $144.54 */ - Standard_A4_v2 = "Standard_A4_v2", + Standard_A4_v2 = 'Standard_A4_v2', /** 32G RAM - 4CPU - $205.13 */ - Standard_A4m_v2 = "Standard_A4m_v2", + Standard_A4m_v2 = 'Standard_A4m_v2', } export interface NodePoolProps @@ -144,8 +144,8 @@ export type AksNetworkProps = { }; }; -export type AksNodePoolProps = Omit; -export type DefaultAksNodePoolProps = Omit; +export type AksNodePoolProps = Omit; +export type DefaultAksNodePoolProps = Omit; export interface AksProps extends BasicResourceArgs { //nodeResourceGroup?: string; @@ -219,10 +219,10 @@ export default async ({ if (ignoreChanges.length <= 0) { ignoreChanges.push( - "privateLinkResources", - "networkProfile", - "linuxProfile", - "windowsProfile", + 'privateLinkResources', + 'networkProfile', + 'linuxProfile', + 'windowsProfile', ); } @@ -256,14 +256,14 @@ export default async ({ disableRunCommand: true, enablePrivateCluster: features?.enablePrivateCluster, enablePrivateClusterPublicFQDN: true, - privateDNSZone: "system", + privateDNSZone: 'system', }, addonProfiles: { azureKeyvaultSecretsProvider: { config: addon.enableAzureKeyVault ? { - enableSecretRotation: "true", + enableSecretRotation: 'true', } : undefined, enabled: Boolean(addon.enableAzureKeyVault), @@ -312,7 +312,7 @@ export default async ({ ...defaultNodePool, ...autoScaleFor({ env: currentEnv, - nodeType: "System", + nodeType: 'System', enableAutoScaling: features?.enableAutoScale, // powerState: { // code: "Running", @@ -322,13 +322,13 @@ export default async ({ // }, }), - name: "defaultnodes", - mode: "System", + name: 'defaultnodes', + mode: 'System', count: 1, vnetSubnetID: network.subnetId, - kubeletDiskType: "OS", - osSKU: "Ubuntu", - osType: "Linux", + kubeletDiskType: 'OS', + osSKU: 'Ubuntu', + osType: 'Linux', }, ], linuxProfile: linux @@ -339,27 +339,27 @@ export default async ({ : undefined, //This is not inuse windowsProfile: { - adminUsername: "azureuser", + adminUsername: 'azureuser', enableCSIProxy: true, }, autoScalerProfile: { - balanceSimilarNodeGroups: "true", - expander: "random", - maxEmptyBulkDelete: "10", - maxGracefulTerminationSec: "600", - maxNodeProvisionTime: "15m", - maxTotalUnreadyPercentage: "45", - newPodScaleUpDelay: "0s", - okTotalUnreadyCount: "3", - scaleDownDelayAfterAdd: "30m", - scaleDownDelayAfterDelete: "60s", - scaleDownDelayAfterFailure: "10m", - scaleDownUnneededTime: "10m", - scaleDownUnreadyTime: "20m", - scaleDownUtilizationThreshold: "0.5", - scanInterval: "60s", - skipNodesWithLocalStorage: "false", - skipNodesWithSystemPods: "true", + balanceSimilarNodeGroups: 'true', + expander: 'random', + maxEmptyBulkDelete: '10', + maxGracefulTerminationSec: '600', + maxNodeProvisionTime: '15m', + maxTotalUnreadyPercentage: '45', + newPodScaleUpDelay: '0s', + okTotalUnreadyCount: '3', + scaleDownDelayAfterAdd: '30m', + scaleDownDelayAfterDelete: '60s', + scaleDownDelayAfterFailure: '10m', + scaleDownUnneededTime: '10m', + scaleDownUnreadyTime: '20m', + scaleDownUtilizationThreshold: '0.5', + scanInterval: '60s', + skipNodesWithLocalStorage: 'false', + skipNodesWithSystemPods: 'true', }, //Still under preview @@ -432,7 +432,7 @@ export default async ({ ? native.containerservice.OutboundType.UserDefinedRouting : native.containerservice.OutboundType.LoadBalancer, - loadBalancerSku: "Standard", + loadBalancerSku: 'Standard', loadBalancerProfile: network.outboundIpAddress ? { outboundIPs: network.outboundIpAddress.ipAddressId @@ -463,7 +463,7 @@ export default async ({ new native.containerservice.MaintenanceConfiguration( `${aksName}-MaintenanceConfiguration`, { - configName: "default", + configName: 'default', // notAllowedTime: [ // { // end: "2020-11-30T12:00:00Z", @@ -502,12 +502,12 @@ export default async ({ enableAutoScaling: features.enableAutoScale, }), - count: p.mode === "System" ? 1 : 0, + count: p.mode === 'System' ? 1 : 0, //orchestratorVersion: kubernetesVersion, vnetSubnetID: network.subnetId, - kubeletDiskType: "OS", - osSKU: "Ubuntu", - osType: "Linux", + kubeletDiskType: 'OS', + osSKU: 'Ubuntu', + osType: 'Linux', }), ); } @@ -520,18 +520,18 @@ export default async ({ pulumi .all([aks.identity, aks.identityProfile, network.subnetId]) .apply(([identity, identityProfile, sId]) => { - if (acrScope && identityProfile && identityProfile["kubeletidentity"]) { + if (acrScope && identityProfile && identityProfile['kubeletidentity']) { roleAssignment({ name: `${name}-aks-identity-profile-pull`, - principalId: identityProfile["kubeletidentity"].objectId!, - principalType: "ServicePrincipal", - roleName: "AcrPull", + principalId: identityProfile['kubeletidentity'].objectId!, + principalType: 'ServicePrincipal', + roleName: 'AcrPull', scope: acrScope, }); addCustomSecret({ name: `${name}-identity-clientId`, - value: identityProfile["kubeletidentity"].clientId!, + value: identityProfile['kubeletidentity'].clientId!, dependsOn: aks, contentType: name, vaultInfo, @@ -542,8 +542,8 @@ export default async ({ roleAssignment({ name: `${name}-system-net`, principalId: identity.principalId, - roleName: "Contributor", - principalType: "ServicePrincipal", + roleName: 'Contributor', + principalType: 'ServicePrincipal', scope: getResourceIdFromInfo({ group: parseResourceInfoFromId(sId)!.group, }), @@ -577,12 +577,12 @@ export default async ({ targetResourceId: id, logWpId, logsCategories: [ - "guard", - "kube-controller-manager", - "kube-audit-admin", - "kube-audit", - "kube-scheduler", - "cluster-autoscaler", + 'guard', + 'kube-controller-manager', + 'kube-audit-admin', + 'kube-audit', + 'kube-scheduler', + 'cluster-autoscaler', ], dependsOn: aks, }); diff --git a/src/Builder/AksBuilder.ts b/src/Builder/AksBuilder.ts index 376a44a9..9ed96c8e 100644 --- a/src/Builder/AksBuilder.ts +++ b/src/Builder/AksBuilder.ts @@ -7,9 +7,9 @@ import { BuilderAsync, SshBuilderProps, BuilderProps, -} from "./types"; -import { generateSsh, SshResults } from "../Core/KeyGenetators"; -import { ManagedClusterSKUTier } from "@pulumi/azure-native/containerservice"; +} from './types'; +import { generateSsh, SshResults } from '../Core/KeyGenerators'; +import { ManagedClusterSKUTier } from '@pulumi/azure-native/containerservice'; import Aks, { AksNodePoolProps, AskAddonProps, @@ -18,7 +18,7 @@ import Aks, { AksNetworkProps, DefaultAksNodePoolProps, AksResults, -} from "../Aks"; +} from '../Aks'; class AksBuilder extends BuilderAsync @@ -37,7 +37,7 @@ class AksBuilder private _nodePoolsProps: AksNodePoolProps[] = []; private _addonProps: AskAddonProps | undefined = undefined; private _featureProps: AskFeatureProps | undefined = undefined; - private _authProps: Omit | undefined = {}; + private _authProps: Omit | undefined = {}; private _tier: ManagedClusterSKUTier = ManagedClusterSKUTier.Free; private _networkProps: AksNetworkProps | undefined = undefined; private _defaultNode: DefaultAksNodePoolProps | undefined = undefined; @@ -65,7 +65,7 @@ class AksBuilder this._featureProps = props; return this; } - public withAuth(props: Omit): IAksBuilder { + public withAuth(props: Omit): IAksBuilder { this._authProps = props; return this; } diff --git a/src/Builder/types/askBuilder.ts b/src/Builder/types/askBuilder.ts index e4563423..df002f68 100644 --- a/src/Builder/types/askBuilder.ts +++ b/src/Builder/types/askBuilder.ts @@ -1,7 +1,7 @@ //AKS Builder types -import * as native from "@pulumi/azure-native"; -import { SshGenerationProps, SshResults } from "../../Core/KeyGenetators"; -import { IBuilderAsync } from "./genericBuilder"; +import * as native from '@pulumi/azure-native'; +import { SshGenerationProps, SshResults } from '../../Core/KeyGenerators'; +import { IBuilderAsync } from './genericBuilder'; import { AksAccessProps, AksNetworkProps, @@ -10,9 +10,9 @@ import { AskAddonProps, AskFeatureProps, DefaultAksNodePoolProps, -} from "../../Aks"; +} from '../../Aks'; -export type SshBuilderProps = Omit; +export type SshBuilderProps = Omit; export type AksImportProps = { id: string; ignoreChanges?: string[] }; export interface ISshBuilder { @@ -26,7 +26,7 @@ export interface IAksDefaultNodePoolBuilder { withDefaultNodePool(props: DefaultAksNodePoolProps): IAksBuilder; } export interface IAksBuilder extends IBuilderAsync { - withAuth(props: Omit): IAksBuilder; + withAuth(props: Omit): IAksBuilder; withNodePool(props: AksNodePoolProps): IAksBuilder; withAddon(props: AskAddonProps): IAksBuilder; withFeature(props: AskFeatureProps): IAksBuilder; diff --git a/src/Common/GlobalEnv.ts b/src/Common/GlobalEnv.ts index 97e13bff..746631b6 100644 --- a/src/Common/GlobalEnv.ts +++ b/src/Common/GlobalEnv.ts @@ -3,23 +3,17 @@ import { KeyVaultInfo, ResourceGroupInfo, ResourceInfo, -} from "../types"; -import { subscriptionId } from "./AzureEnv"; -import { getCdnProfileName, getKeyVaultName } from "./Naming"; -import { getResourceName } from "./ResourceEnv"; -import { interpolate } from "@pulumi/pulumi"; -import { organization } from "./StackEnv"; +} from '../types'; +import { subscriptionId } from './AzureEnv'; +import { getCdnProfileName, getKeyVaultName } from './Naming'; +import { getResourceName } from './ResourceEnv'; +import { interpolate } from '@pulumi/pulumi'; +import { organization } from './StackEnv'; -export const globalKeyName = "global"; - -/**The Global resource group name.*/ -export const globalConvention: ConventionProps = { - prefix: globalKeyName, - suffix: organization ? `grp-${organization}` : "grp", -}; +export const globalKeyName = 'global'; export const groupInfo: ResourceGroupInfo = { - resourceGroupName: getResourceName(globalKeyName, globalConvention), + resourceGroupName: getResourceName(globalKeyName), }; const cdnProfileName = getCdnProfileName(globalKeyName); diff --git a/src/Common/ResourceEnv.ts b/src/Common/ResourceEnv.ts index 7ade4faf..6b8921ff 100644 --- a/src/Common/ResourceEnv.ts +++ b/src/Common/ResourceEnv.ts @@ -1,18 +1,27 @@ -import { currentCountryCode } from "./AzureEnv"; -import { replaceAll } from "./Helpers"; -import { ConventionProps } from "../types"; -import { organization, stack } from "./StackEnv"; -import * as config from "../config"; +import * as process from 'node:process'; +import { currentCountryCode } from './AzureEnv'; +import { replaceAll } from './Helpers'; +import { ConventionProps } from '../types'; +import { organization, stack } from './StackEnv'; -/** ==================== Resources Variables ========================= */ +export const getResourceName = ( + name: string, + convention: ConventionProps = {}, +): string => { + if (process.env.DPA_NAMING_DISABLE_PREFIX === 'true') + convention.prefix = undefined; + else if (convention.prefix === undefined) convention.prefix = stack; + + if (process.env.DPA_NAMING_DISABLE_SUFFIX === 'true') + convention.suffix = undefined; -const getName = (name: string, convention: ConventionProps): string => { - if (convention.prefix === undefined) convention.prefix = stack; - if (convention.region === undefined) convention.region = currentCountryCode; - //console.log(convention); + if (process.env.DPA_NAMING_DISABLE_REGION === 'true') + convention.region = undefined; + else if (convention.region === undefined) + convention.region = currentCountryCode; if (!name) return name; - name = replaceAll(name, " ", "-").toLowerCase(); + name = replaceAll(name, ' ', '-').toLowerCase(); const rs: string[] = []; //Add prefix @@ -28,21 +37,13 @@ const getName = (name: string, convention: ConventionProps): string => { } //Region - if (!config.env.DPA_NAMING_DISABLE_REGION) { - if (convention.region && !name.includes(convention.region.toLowerCase())) { - rs.push(convention.region.toLowerCase()); - } + if (convention.region && !name.includes(convention.region.toLowerCase())) { + rs.push(convention.region.toLowerCase()); } //Add the suffix if (convention.suffix && !name.endsWith(convention.suffix.toLowerCase())) rs.push(convention.suffix.toLowerCase()); - return rs.join("-"); + return rs.join('-'); }; - -/** The method to get Resource Name. This is not applicable for Azure Storage Account and CosmosDb*/ -export const getResourceName = ( - name: string, - convention: ConventionProps = {}, -): string => getName(name, convention); diff --git a/src/Core/KeyGenetators.ts b/src/Core/KeyGenerators.ts similarity index 100% rename from src/Core/KeyGenetators.ts rename to src/Core/KeyGenerators.ts diff --git a/src/Core/ResourceGroup.ts b/src/Core/ResourceGroup.ts index 90c5cde1..86eb44b7 100644 --- a/src/Core/ResourceGroup.ts +++ b/src/Core/ResourceGroup.ts @@ -3,16 +3,16 @@ import { ResourceGroupInfo, ResourceResultProps, BasicResourceArgs, -} from "../types"; +} from '../types'; import { ResourceGroup, ResourceGroupArgs, -} from "@pulumi/azure-native/resources"; -import ResourceCreator from "./ResourceCreator"; -import { getResourceGroupName } from "../Common/Naming"; -import { EnvRolesResults } from "../AzAd/EnvRoles"; -import { currentRegionName } from "../Common/AzureEnv"; -import { grantEnvRolesAccess } from "../AzAd/EnvRoles.Consts"; +} from '@pulumi/azure-native/resources'; +import ResourceCreator from './ResourceCreator'; +import { getResourceGroupName } from '../Common'; +import { EnvRolesResults } from '../AzAd/EnvRoles'; +import { currentRegionName } from '../Common/AzureEnv'; +import { grantEnvRolesAccess } from '../AzAd/EnvRoles.Consts'; export type RGPermissionType = { envRoles: EnvRolesResults; @@ -23,8 +23,8 @@ export type RGPermissionType = { }; interface Props - extends Omit, - Omit { + extends Omit, + Omit { formattedName?: boolean; location?: string; /** Grant permission of this group into Environment Roles groups*/ diff --git a/src/config.ts b/src/config.ts deleted file mode 100644 index 93339153..00000000 --- a/src/config.ts +++ /dev/null @@ -1,12 +0,0 @@ -/** The environment configuration fro drunk-pulumi-azure with prefix is DPA*/ -export interface EnvConfig { - DPA_NAMING_DISABLE_REGION: boolean | undefined; -} - -export declare namespace NodeJS { - export interface ProcessEnv extends EnvConfig {} -} - -export const env: EnvConfig = { - DPA_NAMING_DISABLE_REGION: Boolean(process.env.DPA_NAMING_DISABLE_REGION), -}; diff --git a/src/types.ts b/src/types.ts index da8b0956..d7654825 100644 --- a/src/types.ts +++ b/src/types.ts @@ -1,9 +1,15 @@ -import { Input, Output, Resource } from "@pulumi/pulumi"; -import * as authorization from "@pulumi/azure-native/authorization"; -import { DiagnosticSetting } from "@pulumi/azure-native/aadiam/diagnosticSetting"; -import * as pulumi from "@pulumi/pulumi"; -import { input as inputs, enums } from "@pulumi/azure-native/types"; -import { EnvRoleKeyTypes } from "./AzAd/EnvRoles"; +import { Input, Output, Resource } from '@pulumi/pulumi'; +import * as authorization from '@pulumi/azure-native/authorization'; +import { DiagnosticSetting } from '@pulumi/azure-native/aadiam/diagnosticSetting'; +import { EnvRoleKeyTypes } from './AzAd/EnvRoles'; + +export declare namespace NodeJS { + interface ProcessEnv { + DPA_NAMING_DISABLE_PREFIX?: string; + DPA_NAMING_DISABLE_REGION?: string; + DPA_NAMING_DISABLE_SUFFIX?: string; + } +} export interface ResourceInfoArg { /**If name and provider of the resource is not provided then the Id will be resource group Id*/ @@ -65,7 +71,7 @@ export interface BasicResourceArgs extends BasicArgs { } export interface DefaultResourceArgs extends BasicArgs { - monitoring?: Omit; + monitoring?: Omit; } export type PrivateLinkPropsType = { diff --git a/tsconfig.json b/tsconfig.json index 23d74268..ed2db826 100644 --- a/tsconfig.json +++ b/tsconfig.json @@ -101,7 +101,7 @@ "src/ContainerRegistry/Helper.ts", "src/ContainerRegistry/index.ts", "src/Core/Helper.ts", - "src/Core/KeyGenetators.ts", + "src/Core/KeyGenerators.ts", "src/Core/Locker.ts", "src/Core/Random.ts", "src/Core/ResourceCreator.ts", @@ -171,7 +171,6 @@ "src/Web/Helpers.ts", "src/Web/WebAppPlan.ts", "src/Web/types.ts", - "src/config.ts", "src/index.ts", "src/types.ts" ],