From e94a9d9fbda46f87dfb8ebf7b52ccb8200042538 Mon Sep 17 00:00:00 2001 From: Matej Stajduhar Date: Thu, 3 Jul 2025 17:15:36 +0200 Subject: [PATCH 01/11] Adding-tasks-for-cf-function --- .vscode/settings.json | 3 +++ .../defaults/main.yml | 14 +++++++++++ .../tasks/create_function.yml | 24 +++++++++++++++++++ .../tasks/main.yml | 11 +++++++++ .../tasks/proxy_pass.yml | 0 .../templates/config.j2 | 14 +++++++++++ 6 files changed, 66 insertions(+) create mode 100644 .vscode/settings.json create mode 100644 roles/aws/aws_cloudfront_distribution/tasks/create_function.yml create mode 100644 roles/aws/aws_cloudfront_distribution/tasks/proxy_pass.yml create mode 100644 roles/aws/aws_cloudfront_distribution/templates/config.j2 diff --git a/.vscode/settings.json b/.vscode/settings.json new file mode 100644 index 000000000..862b25a26 --- /dev/null +++ b/.vscode/settings.json @@ -0,0 +1,3 @@ +{ + "ansible.python.interpreterPath": "/bin/python3" +} diff --git a/roles/aws/aws_cloudfront_distribution/defaults/main.yml b/roles/aws/aws_cloudfront_distribution/defaults/main.yml index 29687bb52..24fbec0d8 100644 --- a/roles/aws/aws_cloudfront_distribution/defaults/main.yml +++ b/roles/aws/aws_cloudfront_distribution/defaults/main.yml @@ -1,5 +1,19 @@ --- aws_cloudfront_distribution: + functions: + - name: "example-cf-function" + type: "cf" # This can be cf or lambda + description: "This is example function." + runtime: "cloudfront-js-2.0" # Can be either cloudfront-js-2.0 or cloudfront-js-1.0 + kvs: "" # arn of KeyValueStore + code: "function.js" + - name: "example-lambda-edge-function" + type: "lambda" # This can be cf or lambda + description: "This is example lambda function." + timeout: 5 + runtime: "nodejs22.x" # Lambda runtimes are defined here https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html + kvs: "" # arn of KeyValueStore + code: "function.js" aws_profile: "{{ _aws_profile }}" region: "{{ _aws_region }}" tags: {} diff --git a/roles/aws/aws_cloudfront_distribution/tasks/create_function.yml b/roles/aws/aws_cloudfront_distribution/tasks/create_function.yml new file mode 100644 index 000000000..c71a5665d --- /dev/null +++ b/roles/aws/aws_cloudfront_distribution/tasks/create_function.yml @@ -0,0 +1,24 @@ +- name: Create config for CloudFront function. + ansible.builtin.template: + src: config.j2 + dest: cf_config + owner: controller + group: controller + mode: 0644 + when: _funct.type == cf + +- name: Create CF function. + ansible.builtin.command: + cmd: "aws cloudfront create-function --function-config file://cf_config --name new-funct --profile dummy --function-code fileb://{{ _ce_provision_base_dir }}/config/hosts/group_vars/_{{ _aws_profile }}/functions/{{ _funct.code }}" + when: _funct.type == cf + register: _cf_function + +- name: Setting previous command output into variable. + ansible.builtin.set_fact: + _cf_function: "{{ _cf_function.stdout | from_json }}" + when: _funct.type == cf + +- name: Register aws_lambda results. + ansible.builtin.set_fact: + _function_results: "{{ _function_results + [_cf_function] }}" + when: _funct.type == cf diff --git a/roles/aws/aws_cloudfront_distribution/tasks/main.yml b/roles/aws/aws_cloudfront_distribution/tasks/main.yml index 34bf41ddb..d2786d9c8 100644 --- a/roles/aws/aws_cloudfront_distribution/tasks/main.yml +++ b/roles/aws/aws_cloudfront_distribution/tasks/main.yml @@ -29,6 +29,17 @@ include_cookies: false # Set true to add cookies in logs prefix: "cf-logging/" # Prefix for S3 object names +- name: Set empty list for function results. + ansible.builtin.set_fact: + _function_results: [] + +- name: Create CloudFront function if defined. + ansible.builtin.include_tasks: create_function.yml + loop: "{{ aws_cloudfront_distribution.functions }}" + loop_control: + loop_var: _funct + when: aws_cloudfront_distribution.functions is defined + - name: Create a CloudFront distribution. community.aws.cloudfront_distribution: profile: "{{ aws_cloudfront_distribution.aws_profile }}" diff --git a/roles/aws/aws_cloudfront_distribution/tasks/proxy_pass.yml b/roles/aws/aws_cloudfront_distribution/tasks/proxy_pass.yml new file mode 100644 index 000000000..e69de29bb diff --git a/roles/aws/aws_cloudfront_distribution/templates/config.j2 b/roles/aws/aws_cloudfront_distribution/templates/config.j2 new file mode 100644 index 000000000..efbc5b4ae --- /dev/null +++ b/roles/aws/aws_cloudfront_distribution/templates/config.j2 @@ -0,0 +1,14 @@ +{ + "Comment": "{{ _funct.description }}", + "Runtime": "{{ _funct.runtime }}", + {% if _funct.kvs %} + "KeyValueStoreAssociations": { + "Quantity": 1, + "Items": [ + { + "KeyValueStoreARN": {{_funct.kvs }} + } + ] + } + {% endif %} +} From 07d27ccbc27c3e0e398f088dcbbc248b5d5f5b8e Mon Sep 17 00:00:00 2001 From: Matej Stajduhar Date: Thu, 3 Jul 2025 17:17:35 +0200 Subject: [PATCH 02/11] Removing-.vscode-folder --- .vscode/settings.json | 3 --- 1 file changed, 3 deletions(-) delete mode 100644 .vscode/settings.json diff --git a/.vscode/settings.json b/.vscode/settings.json deleted file mode 100644 index 862b25a26..000000000 --- a/.vscode/settings.json +++ /dev/null @@ -1,3 +0,0 @@ -{ - "ansible.python.interpreterPath": "/bin/python3" -} From 240f68635920c30011eeb2e0ee8e6b18c0862748 Mon Sep 17 00:00:00 2001 From: Matej Stajduhar Date: Thu, 3 Jul 2025 17:23:47 +0200 Subject: [PATCH 03/11] Updating-path-to-function-file --- roles/aws/aws_cloudfront_distribution/tasks/create_function.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/aws/aws_cloudfront_distribution/tasks/create_function.yml b/roles/aws/aws_cloudfront_distribution/tasks/create_function.yml index c71a5665d..69bfef34c 100644 --- a/roles/aws/aws_cloudfront_distribution/tasks/create_function.yml +++ b/roles/aws/aws_cloudfront_distribution/tasks/create_function.yml @@ -9,7 +9,7 @@ - name: Create CF function. ansible.builtin.command: - cmd: "aws cloudfront create-function --function-config file://cf_config --name new-funct --profile dummy --function-code fileb://{{ _ce_provision_base_dir }}/config/hosts/group_vars/_{{ _aws_profile }}/functions/{{ _funct.code }}" + cmd: "aws cloudfront create-function --function-config file://cf_config --name new-funct --profile dummy --function-code fileb://{{ _ce_provision_build_dir }}/vars/_global/functions/{{ _funct.code }}" when: _funct.type == cf register: _cf_function From 68f893ee79e9a52f8555f1633060fba43045dfed Mon Sep 17 00:00:00 2001 From: Matej Stajduhar Date: Thu, 3 Jul 2025 17:44:27 +0200 Subject: [PATCH 04/11] Updating-path-to-function-file-2 --- roles/aws/aws_cloudfront_distribution/tasks/create_function.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/aws/aws_cloudfront_distribution/tasks/create_function.yml b/roles/aws/aws_cloudfront_distribution/tasks/create_function.yml index 69bfef34c..0c4eef3af 100644 --- a/roles/aws/aws_cloudfront_distribution/tasks/create_function.yml +++ b/roles/aws/aws_cloudfront_distribution/tasks/create_function.yml @@ -9,7 +9,7 @@ - name: Create CF function. ansible.builtin.command: - cmd: "aws cloudfront create-function --function-config file://cf_config --name new-funct --profile dummy --function-code fileb://{{ _ce_provision_build_dir }}/vars/_global/functions/{{ _funct.code }}" + cmd: "aws cloudfront create-function --function-config file://cf_config --name new-funct --profile dummy --function-code fileb://{{ _ce_provision_build_dir }}/vars/_global/files/{{ _funct.code }}" when: _funct.type == cf register: _cf_function From cb1769826fb51b91c7784f07d7c02fb3323353a4 Mon Sep 17 00:00:00 2001 From: Matej Stajduhar Date: Thu, 3 Jul 2025 17:54:33 +0200 Subject: [PATCH 05/11] Updating-path-to-function-file-3 --- roles/aws/aws_cloudfront_distribution/tasks/create_function.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/aws/aws_cloudfront_distribution/tasks/create_function.yml b/roles/aws/aws_cloudfront_distribution/tasks/create_function.yml index 0c4eef3af..871615bce 100644 --- a/roles/aws/aws_cloudfront_distribution/tasks/create_function.yml +++ b/roles/aws/aws_cloudfront_distribution/tasks/create_function.yml @@ -9,7 +9,7 @@ - name: Create CF function. ansible.builtin.command: - cmd: "aws cloudfront create-function --function-config file://cf_config --name new-funct --profile dummy --function-code fileb://{{ _ce_provision_build_dir }}/vars/_global/files/{{ _funct.code }}" + cmd: "aws cloudfront create-function --function-config file://cf_config --name new-funct --profile dummy --function-code fileb://{{ _ce_provision_build_dir }}/files/{{ _funct.code }}" when: _funct.type == cf register: _cf_function From 2ddef0e8d53b6fd5573c426c3ca3883831a08b6d Mon Sep 17 00:00:00 2001 From: Matej Stajduhar Date: Mon, 7 Jul 2025 21:14:32 +0200 Subject: [PATCH 06/11] Adding-region-to-lambda --- roles/aws/aws_lambda/defaults/main.yml | 1 + roles/aws/aws_lambda/tasks/main.yml | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/roles/aws/aws_lambda/defaults/main.yml b/roles/aws/aws_lambda/defaults/main.yml index 72793abbd..004eb8eaf 100644 --- a/roles/aws/aws_lambda/defaults/main.yml +++ b/roles/aws/aws_lambda/defaults/main.yml @@ -1,6 +1,7 @@ aws_lambda: name: "lambda_function_name" description: "Description for AWS Lambda function" + region: "{{ _aws_region }}" timeout: "20" # Maximum number of seconds before function times out handler: "lambda_handler" # Name of main function s3_bucket: "codeenigma-{{ _aws_profile }}-general-storage-{{ _aws_region }}" diff --git a/roles/aws/aws_lambda/tasks/main.yml b/roles/aws/aws_lambda/tasks/main.yml index f39dd2422..bed05044d 100644 --- a/roles/aws/aws_lambda/tasks/main.yml +++ b/roles/aws/aws_lambda/tasks/main.yml @@ -36,7 +36,7 @@ amazon.aws.lambda: name: "{{ aws_lambda.name }}" description: "{{ aws_lambda.description }}" - region: "{{ _aws_region }}" + region: "{{ aws_lambda.region }}" timeout: "{{ aws_lambda.timeout }}" s3_bucket: "{{ aws_lambda.s3_bucket }}" s3_key: "{{ aws_lambda.s3_bucket_prefix }}/{{ aws_lambda.name }}.zip" From f4fec93d6eace55f09a7eade57b87b7dd638c167 Mon Sep 17 00:00:00 2001 From: Matej Stajduhar Date: Tue, 8 Jul 2025 05:41:28 +0200 Subject: [PATCH 07/11] Adding-option-for-adding-zip-file-for-lambda --- roles/aws/aws_lambda/tasks/main.yml | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/roles/aws/aws_lambda/tasks/main.yml b/roles/aws/aws_lambda/tasks/main.yml index bed05044d..1030df27b 100644 --- a/roles/aws/aws_lambda/tasks/main.yml +++ b/roles/aws/aws_lambda/tasks/main.yml @@ -9,21 +9,46 @@ tags: [] state: "present" +- name: Check string type using regex + ansible.builtin.set_fact: + string_type: >- + {%- if input_string | regex_search('^https?://') -%} + url + {%- elif input_string | regex_search('\.zip$', ignorecase=True) -%} + zip + {%- else -%} + single + {%- endif -%} + vars: + input_string: "{{ aws_lambda.function_file }}" + - name: Check and clean previous Lambda function. ansible.builtin.file: path: "{{ _ce_provision_build_dir }}/{{ aws_lambda.name }}.py" state: absent + when: string_type == 'single' - name: Write Lambda function. ansible.builtin.copy: content: "{{ aws_lambda.function_file }}" dest: "{{ _ce_provision_build_dir }}/{{ aws_lambda.name }}.py" + when: string_type == 'single' - name: Create a zip archive of Lambda function. community.general.archive: path: "{{ _ce_provision_build_dir }}/{{ aws_lambda.name }}.py" dest: "{{ _ce_provision_build_dir }}/{{ aws_lambda.name }}.zip" format: zip + when: string_type == 'single' + +- name: Copy a zip archive of Lambda function. + community.general.copy: + src: "{{ aws_lambda.code }}" + dest: "{{ _ce_provision_build_dir }}/{{ aws_lambda.name }}.zip" + owner: deploy + group: deploy + mode: '0644' + when: string_type == 'zip' - name: Place Lambda function in S3 bucket. amazon.aws.s3_object: From 555cd668fcd4b2c13d563a8c6ab9112b532a11d6 Mon Sep 17 00:00:00 2001 From: Matej Stajduhar Date: Tue, 8 Jul 2025 06:01:09 +0200 Subject: [PATCH 08/11] Changing-module-name-for-copy-task --- roles/aws/aws_lambda/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/aws/aws_lambda/tasks/main.yml b/roles/aws/aws_lambda/tasks/main.yml index 1030df27b..be0529e39 100644 --- a/roles/aws/aws_lambda/tasks/main.yml +++ b/roles/aws/aws_lambda/tasks/main.yml @@ -42,7 +42,7 @@ when: string_type == 'single' - name: Copy a zip archive of Lambda function. - community.general.copy: + ansible.builtin.copy: src: "{{ aws_lambda.code }}" dest: "{{ _ce_provision_build_dir }}/{{ aws_lambda.name }}.zip" owner: deploy From 96d97d6feb2a6542b638678c8bc83741cf4b8b94 Mon Sep 17 00:00:00 2001 From: Matej Stajduhar Date: Tue, 8 Jul 2025 06:11:58 +0200 Subject: [PATCH 09/11] Changing-module-name-for-copy-task-2 --- roles/aws/aws_lambda/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/aws/aws_lambda/tasks/main.yml b/roles/aws/aws_lambda/tasks/main.yml index be0529e39..f7cb1945c 100644 --- a/roles/aws/aws_lambda/tasks/main.yml +++ b/roles/aws/aws_lambda/tasks/main.yml @@ -43,7 +43,7 @@ - name: Copy a zip archive of Lambda function. ansible.builtin.copy: - src: "{{ aws_lambda.code }}" + src: "{{ aws_lambda.function_file }}" dest: "{{ _ce_provision_build_dir }}/{{ aws_lambda.name }}.zip" owner: deploy group: deploy From 6dd7b6631a726ef5d1a3be1a527bb70de78e9f31 Mon Sep 17 00:00:00 2001 From: Matej Stajduhar Date: Tue, 8 Jul 2025 06:14:40 +0200 Subject: [PATCH 10/11] Changing-module-name-for-copy-task-3 --- roles/aws/aws_lambda/tasks/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/aws/aws_lambda/tasks/main.yml b/roles/aws/aws_lambda/tasks/main.yml index f7cb1945c..c8ebc7376 100644 --- a/roles/aws/aws_lambda/tasks/main.yml +++ b/roles/aws/aws_lambda/tasks/main.yml @@ -45,8 +45,8 @@ ansible.builtin.copy: src: "{{ aws_lambda.function_file }}" dest: "{{ _ce_provision_build_dir }}/{{ aws_lambda.name }}.zip" - owner: deploy - group: deploy + owner: controller + group: controller mode: '0644' when: string_type == 'zip' From 7cd944a3e3ac72d56da0f321526159e5d7c1a078 Mon Sep 17 00:00:00 2001 From: Matej Stajduhar Date: Tue, 8 Jul 2025 06:18:45 +0200 Subject: [PATCH 11/11] Changing-module-name-for-copy-task-4 --- roles/aws/aws_lambda/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/aws/aws_lambda/tasks/main.yml b/roles/aws/aws_lambda/tasks/main.yml index c8ebc7376..e8d1fe95c 100644 --- a/roles/aws/aws_lambda/tasks/main.yml +++ b/roles/aws/aws_lambda/tasks/main.yml @@ -4,7 +4,7 @@ vars: aws_s3_bucket: profile: "{{ _aws_profile }}" - region: "{{ _aws_region }}" + region: "{{ aws_lambda.region }}" name: "{{ aws_lambda.s3_bucket }}" tags: [] state: "present"