Bug bash (#64)

* add QUEUE_NAME env var to SQS info
* update RDS info
* add transit encryption field to elasticache service data, automatically enable TLS for memcached example

elasticache/memcached/examples/proxycache/Acornfile

@@ -9,5 +9,6 @@ containers: app: {
 	env: {
 		MEMCACHED_HOST: "@{service.memcached.data.address}"
 		MEMCACHED_PORT: "@{service.memcached.data.port}"
+		TRANSIT_ENCRYPTION: "@{service.memcached.data.transitEncryption}"
 	}
 }

elasticache/memcached/examples/proxycache/main.go

@@ -1,9 +1,12 @@
 package main
 
 import (
+	"context"
+	"crypto/tls"
 	"errors"
 	"fmt"
 	"io"
+	"net"
 	"net/http"
 	"net/url"
 	"os"
@@ -14,9 +17,10 @@ import (
 )
 
 const (
-	cacheExpiry     = 60 * 60 // 1 hour in seconds
-	defaultCacheKey = "proxyCache:"
-	chunkSizeBytes  = 900 * 1024 // 900KB
+	cacheExpiry      = 60 * 60 // 1 hour in seconds
+	defaultCacheKey  = "proxyCache:"
+	chunkSizeBytes   = 900 * 1024 // 900KB
+	encryptionEnvVar = "TRANSIT_ENCRYPTION"
 )
 
 func setChunks(mc *memcache.Client, baseKey string, data []byte) error {
@@ -65,6 +69,15 @@ func getChunks(mc *memcache.Client, baseKey string) ([]byte, error) {
 
 func main() {
 	mc := memcache.New(os.Getenv("MEMCACHED_HOST") + ":" + os.Getenv("MEMCACHED_PORT"))
+	if os.Getenv(encryptionEnvVar) == "true" {
+		// enable TLS
+		mc.DialContext = func(ctx context.Context, network, address string) (net.Conn, error) {
+			tlsDialer := tls.Dialer{
+				Config: &tls.Config{InsecureSkipVerify: true},
+			}
+			return tlsDialer.DialContext(ctx, network, address)
+		}
+	}
 
 	http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
 		targetURL := r.URL.Query().Get("url")

elasticache/memcached/memcached.go

@@ -2,6 +2,7 @@ package main
 
 import (
 	"fmt"
+	"strconv"
 	"strings"
 
 	"github.com/acorn-io/aws/elasticache"
@@ -79,6 +80,9 @@ func NewMemcachedStack(scope constructs.Construct, id string, props *memcachedSt
 	awscdk.NewCfnOutput(stack, jsii.String("port"), &awscdk.CfnOutputProps{
 		Value: memcachedCluster.AttrConfigurationEndpointPort(),
 	})
+	awscdk.NewCfnOutput(stack, jsii.String("transitencryption"), &awscdk.CfnOutputProps{
+		Value: jsii.String(strconv.FormatBool(props.TransitEncryption)),
+	})
 
 	return stack, nil
 }

elasticache/redis/redis.go

@@ -108,6 +108,9 @@ func NewRedisStack(scope constructs.Construct, id string, props *redisStackProps
 	awscdk.NewCfnOutput(stack, jsii.String("tokenarn"), &awscdk.CfnOutputProps{
 		Value: token.SecretArn(),
 	})
+	awscdk.NewCfnOutput(stack, jsii.String("transitencryption"), &awscdk.CfnOutputProps{
+		Value: jsii.String("true"),
+	})
 
 	return stack, nil
 }

elasticache/scripts/service.sh

@@ -11,6 +11,7 @@ CLUSTER_ARN=$(jq -r '.[] | select(.OutputKey=="clusterarn")|.OutputValue' output
 ADDRESS=$(jq -r '.[] | select(.OutputKey=="address")|.OutputValue' outputs.json)
 PORT=$(jq -r '.[]| select(.OutputKey=="port")|.OutputValue' outputs.json)
 TOKEN_ARN=$(jq -r '.[]| select(.OutputKey=="tokenarn")|.OutputValue' outputs.json)
+TRANSIT_ENCRYPTION=$(jq -r '.[]| select(.OutputKey=="transitencryption")|.OutputValue' outputs.json)
 
 cat > /run/secrets/output <<EOF
 services: admin: {
@@ -29,6 +30,7 @@ if [ -n "${TOKEN_ARN}" ]; then
     clusterArn: "${CLUSTER_ARN}"
     address: "${ADDRESS}"
     port: "${PORT}"
+    transitEncryption: "${TRANSIT_ENCRYPTION}"
   }
 }
 
@@ -46,6 +48,7 @@ else
     clusterArn: "${CLUSTER_ARN}"
     address: "${ADDRESS}"
     port: "${PORT}"
+    transitEncryption: "${TRANSIT_ENCRYPTION}"
   }
 }
 EOF

rds/aurora/mysql/cluster/Acornfile

@@ -150,14 +150,18 @@ localData: info: """
 
 ## Sample Usage
 ```typescript
+services: rds: {
+	external: "@{acorn.name}"
+}
+
 containers: app: {
   image: "app-image"
   env: {
-    DB_HOST: "@{@{service.}@{acorn.name}.address}"
-    DB_PORT: "@{@{service.}@{acorn.name}.port.3306}"
-    DB_NAME: "@{@{service.}@{acorn.name}.data.dbName}"
-    DB_USER: "@{@{service.}@{acorn.name}.secrets.admin.username}"
-    DB_PASS: "@{@{service.}@{acorn.name}.secrets.admin.password}"
+    DB_HOST: "@{@{service.}rds.address}"
+    DB_PORT: "@{@{service.}rds.port.3306}"
+    DB_NAME: "@{@{service.}rds.data.dbName}"
+    DB_USER: "@{@{service.}rds.secrets.admin.username}"
+    DB_PASS: "@{@{service.}rds.secrets.admin.password}"
   }
 }
 ```

rds/aurora/mysql/serverless-v1/Acornfile

@@ -159,14 +159,18 @@ localData: info: """
 
 ## Sample Usage
 ```typescript
+services: rds: {
+	external: "@{acorn.name}"
+}
+
 containers: app: {
   image: "app-image"
   env: {
-    DB_HOST: "@{@{service.}@{acorn.name}.address}"
-    DB_PORT: "@{@{service.}@{acorn.name}.port.3306}"
-    DB_NAME: "@{@{service.}@{acorn.name}.data.dbName}"
-    DB_USER: "@{@{service.}@{acorn.name}.secrets.admin.username}"
-    DB_PASS: "@{@{service.}@{acorn.name}.secrets.admin.password}"
+    DB_HOST: "@{@{service.}rds.address}"
+    DB_PORT: "@{@{service.}rds.port.3306}"
+    DB_NAME: "@{@{service.}rds.data.dbName}"
+    DB_USER: "@{@{service.}rds.secrets.admin.username}"
+    DB_PASS: "@{@{service.}rds.secrets.admin.password}"
   }
 }
 ```

rds/aurora/mysql/serverless-v2/Acornfile

@@ -154,14 +154,18 @@ localData: info: """
 
 ## Sample Usage
 ```typescript
+services: rds: {
+	external: "@{acorn.name}"
+}
+
 containers: app: {
   image: "app-image"
   env: {
-    DB_HOST: "@{@{service.}@{acorn.name}.address}"
-    DB_PORT: "@{@{service.}@{acorn.name}.port.3306}"
-    DB_NAME: "@{@{service.}@{acorn.name}.data.dbName}"
-    DB_USER: "@{@{service.}@{acorn.name}.secrets.admin.username}"
-    DB_PASS: "@{@{service.}@{acorn.name}.secrets.admin.password}"
+    DB_HOST: "@{@{service.}rds.address}"
+    DB_PORT: "@{@{service.}rds.port.3306}"
+    DB_NAME: "@{@{service.}rds.data.dbName}"
+    DB_USER: "@{@{service.}rds.secrets.admin.username}"
+    DB_PASS: "@{@{service.}rds.secrets.admin.password}"
   }
 }
 ```

sqs/Acornfile

@@ -141,6 +141,7 @@ localData: info: """
 		image: "app-image"
 		consumes: ["sqs"]
 		env: {
+			QUEUE_NAME: "@{@{service.}sqs.data.name}"
 			QUEUE_URL: "@{@{service.}sqs.data.url}"
 		}
 	}