V0.3 release

README.md

@@ -1,6 +1,20 @@
 <img src="./docs/images/opa-logo.png"
      alt="OPA on AWS"
      style="margin-right: 10px;max-height: 400px; " />
+
+:star: **OPA on AWS v0.3 now available!** :star:
+* S3 Bucket as a shared resource
+* Reuse existing VPC when creating providers
+* AWS ECS provider with EC2 clusters for tailored workloads
+* AWS EKS provider
+* Import existing AWS EKS clusters
+* AWS EKS Application for K8s Kustomize pattern
+* AWS EKS Application for K8s Helm pattern
+* CI/CD patterns for K8s applications
+* Updated Backstage platform to v1.21
+* Filter relevant environments for new apps
+
+Refer to the [CHANGELOG](https://opaonaws.io/docs/CHANGELOG) for a complete list of new features and capabilities.
 # OPA (Orchestrate Platform and Applications) on AWS
 
 OPA Provides a new developer experience to simplify the use and consumption of AWS services while minimizing required expertise in cloud infrastructure technologies.  

backstage-plugins/plugins/aws-apps-backend/README.md

@@ -89,7 +89,7 @@ Add to the Backstage catalog so that it's aware of the processors for the AWSEnv
 // packages/backend/src/plugins/catalog.ts
 
 import { CatalogBuilder } from '@backstage/plugin-catalog-backend';
-import { ScaffolderEntitiesProcessor } from '@backstage/plugin-scaffolder-backend';
+import { ScaffolderEntitiesProcessor } from '@backstage/plugin-catalog-backend-module-scaffolder-entity-model';
 import { Router } from 'express';
 import { PluginEnvironment } from '../types';
 + import { AWSEnvironmentEntitiesProcessor, AWSEnvironmentProviderEntitiesProcessor} from '@aws/plugin-aws-apps-backend-for-backstage';

backstage-plugins/plugins/aws-apps-backend/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@aws/plugin-aws-apps-backend-for-backstage",
   "description": "App Development for Backstage.io on AWS Backend plugin",
-  "version": "0.2.0",
+  "version": "0.2.1",
   "main": "src/index.ts",
   "types": "src/index.ts",
   "license": "Apache-2.0",
@@ -16,7 +16,7 @@
   },
   "repository": {
     "type": "git",
-    "url": "github:awslabs/app-development-for-backstage-io-on-aws",
+    "url": "git+https://github.com/awslabs/app-development-for-backstage-io-on-aws.git",
     "directory": "backstage-plugins/plugins/aws-apps-backend"
   },
   "bugs": {
@@ -42,19 +42,20 @@
     "@aws-sdk/client-eks": "^3.405.0",
     "@aws-sdk/client-resource-groups": "^3.296.0",
     "@aws-sdk/client-s3": "^3.290.0",
+    "@aws-sdk/client-lambda": "^3.290.0",
     "@aws-sdk/client-secrets-manager": "^3.290.0",
     "@aws-sdk/client-ssm": "^3.290.0",
     "@aws-sdk/client-sts": "^3.290.0",
     "@aws-sdk/types": "^3.290.0",
     "@aws-sdk/util-arn-parser": "^3.310.0",
     "@aws/plugin-aws-apps-common-for-backstage": "^0.2.0",
-    "@backstage/backend-common": "^0.19.4",
-    "@backstage/catalog-model": "^1.4.1",
-    "@backstage/config": "^1.0.8",
-    "@backstage/plugin-auth-node": "^0.2.17",
-    "@backstage/plugin-catalog-common": "^1.0.15",
-    "@backstage/plugin-catalog-node": "^1.4.1",
-    "@backstage/types": "^1.1.0",
+    "@backstage/backend-common": "^0.20.0",
+    "@backstage/catalog-model": "^1.4.3",
+    "@backstage/config": "^1.1.1",
+    "@backstage/plugin-auth-node": "^0.4.2",
+    "@backstage/plugin-catalog-common": "^1.0.19",
+    "@backstage/plugin-catalog-node": "^1.6.0",
+    "@backstage/types": "^1.1.1",
     "@kubernetes/client-node": "^0.18.1",
     "@types/express": "*",
     "express": "^4.17.3",
@@ -64,8 +65,8 @@
     "yn": "^4.0.0"
   },
   "devDependencies": {
-    "@backstage/cli": "^0.22.12",
-    "@backstage/plugin-scaffolder-common": "^1.4.0",
+    "@backstage/cli": "^0.25.0",
+    "@backstage/plugin-scaffolder-common": "^1.4.4",
     "@types/supertest": "^2.0.8",
     "msw": "^0.49.0",
     "supertest": "^6.2.4"

backstage-plugins/plugins/aws-apps-backend/src/api/AwsAppsApi.ts

@@ -2,6 +2,7 @@
 // SPDX-License-Identifier: Apache-2.0
 
 import {
+  Capability,
   CloudFormationClient,
   CreateStackCommand,
   CreateStackCommandOutput,
@@ -64,13 +65,20 @@ import {
   DescribeClusterCommandOutput,
   EKSClient,
 } from '@aws-sdk/client-eks';
+import {
+  InvokeCommand,
+  InvokeCommandInput,
+  InvokeCommandOutput,
+  LambdaClient
+} from '@aws-sdk/client-lambda';
 import {
   ListGroupResourcesCommand,
   ListGroupResourcesCommandInput,
   ListGroupResourcesCommandOutput,
   ResourceGroupsClient,
 } from '@aws-sdk/client-resource-groups';
 import {
+  BucketLocationConstraint,
   CreateBucketCommand,
   CreateBucketCommandInput,
   CreateBucketCommandOutput,
@@ -97,11 +105,10 @@ import {
   GetParameterCommandOutput,
   SSMClient,
 } from '@aws-sdk/client-ssm';
+
 import { AwsCredentialIdentity } from '@aws-sdk/types';
 import { parse as parseArn } from '@aws-sdk/util-arn-parser';
 import { AWSServiceResources } from '@aws/plugin-aws-apps-common-for-backstage';
-import { KubeConfig, AppsV1Api } from '@kubernetes/client-node';
-import { response } from 'express';
 import { Logger } from 'winston';
 
 export type DynamoDBTableData = {
@@ -130,7 +137,7 @@ export class AwsAppsApi {
     private readonly awsRegion: string,
     private readonly awsAccount: string,
   ) {
-    this.logger.info('Instatiating AWS Apps API with:');
+    this.logger.info('Instantiating AWS Apps API with:');
     this.logger.info(`awsAccount: ${this.awsAccount}`);
     this.logger.info(`awsRegion: ${this.awsRegion}`);
   }
@@ -346,7 +353,7 @@ export class AwsAppsApi {
     // See https://github.com/aws/aws-sdk-js/issues/3647
     if (this.awsRegion !== 'us-east-1') {
       createInput.CreateBucketConfiguration = {
-        LocationConstraint: this.awsRegion,
+        LocationConstraint: BucketLocationConstraint[this.awsRegion as keyof typeof BucketLocationConstraint],
       };
     }
 
@@ -793,8 +800,8 @@ export class AwsAppsApi {
       TemplateURL: `https://${s3BucketName}.s3.amazonaws.com/${cfFileName}`,
       Parameters: parameters,
       Capabilities: [
-        "CAPABILITY_NAMED_IAM",
-        "CAPABILITY_AUTO_EXPAND",
+        Capability.CAPABILITY_IAM,
+        Capability.CAPABILITY_AUTO_EXPAND,
       ],
       Tags: [
         {
@@ -845,8 +852,8 @@ export class AwsAppsApi {
       TemplateURL: `https://${s3BucketName}.s3.amazonaws.com/${cfFileName}`,
       Parameters: parameters,
       Capabilities: [
-        "CAPABILITY_NAMED_IAM",
-        "CAPABILITY_AUTO_EXPAND",
+        Capability.CAPABILITY_NAMED_IAM,
+        Capability.CAPABILITY_AUTO_EXPAND,
       ],
       Tags: [
         {
@@ -915,48 +922,23 @@ public async getEksCluster(clusterName: string): Promise<DescribeClusterCommandO
   return response;
 }
 
-/**
- * Scale Down EKS Deployment
- *
- * @remarks
- * Scale a deployment in an EKS Cluster.
- *
- * @param deploymentName - The name of the deployment to scale
- * @param namespace - The Kubernetes namespace
- * @returns The result of scaling down the deployment
- *
- */
-public async scaleEKSDeployment(
-  deploymentName: string,
-  namespace: string,
-  replicaCount: number
-):Promise<any> {
-  const kc = new KubeConfig();
-  kc.loadFromDefault();
-
-  const k8sApi = kc.makeApiClient(AppsV1Api);
-  try {
-    const deployment = await k8sApi.readNamespacedDeployment(deploymentName, namespace);
-
-    if (deployment && deployment.body.spec){
-       // Set the replicas to 0 to pause the deployment
-      deployment.body.spec.replicas = replicaCount;
-    }
-    else{
-      this.logger.info("error when scaling deployment. check deployment name, body or specs")
-    }
-
-    const response = await k8sApi.replaceNamespacedDeployment(deploymentName, namespace, deployment.body);
-
-    console.log(`Deployment ${deploymentName} scaled down.`);
-    console.log(response);
-  } catch (error) {
-    console.error(`Error scaling down deployment: ${error}`);
-  }
-
-  // Perform the scaling down operation, e.g., using Kubernetes client or AWS SDK
+public async callLambda(functionName: string, body: string) :Promise<InvokeCommandOutput>
+{
+  this.logger.info('Calling callLambda');
+  const client = new LambdaClient({
+    region: this.awsRegion,
+    credentials: this.awsCredentials,
+  });
 
-  // Return the result of the scaling down operation
+  const params: InvokeCommandInput = {
+    FunctionName: functionName,
+    LogType: 'Tail',
+    Payload: Buffer.from(body),
+    InvocationType:'RequestResponse'
+  };
+  const command = new InvokeCommand(params);
+  const response = await client.send(command);
   return response;
-  }
+}
+
 }

backstage-plugins/plugins/aws-apps-backend/src/api/aws-audit.ts

@@ -47,10 +47,10 @@ export async function createAuditRecord({
 
   let tableNameResponse;
   try {
-    tableNameResponse = await apiClient.getSSMParameter(`/${envProviderPrefix}/${envProviderName}/${envProviderName}-audit`);
+    tableNameResponse = await apiClient.getSSMParameter(`/${envProviderPrefix.toLowerCase()}/${envProviderName.toLowerCase()}/${envProviderName.toLowerCase()}-audit`);
   } catch (err) {
     response.status = 'FAILED';
-    response.message = "Audit failed - audit table name was set to FIXME.";
+    response.message = `Audit failed - audit table name was set to FIXME. ${tableNameResponse}`;
   }
 
   if (tableNameResponse?.Parameter?.Value) {

backstage-plugins/plugins/aws-apps-backend/src/api/aws-auth.ts

@@ -165,7 +165,6 @@ export async function getAWSCredsWorkaround(accountId: string, region: string, p
   const userName = user?.metadata.name || "unknown";
 
   //assemble the arn format to the desire destination environment
-  //arn:aws:iam::115272120974:role/opa-dev-p1-operations-role
   const roleArn = `arn:aws:iam::${accountId}:role/${prefix}-${providerName}-operations-role`;
   console.log(roleArn)
 

backstage-plugins/plugins/aws-apps-backend/src/api/aws-platform.ts

@@ -329,7 +329,7 @@ export class AwsAppsPlatformApi {
           `ACCOUNT=${provider.awsAccount}\nREGION=${provider.awsRegion}\nTARGET_ENV_NAME=${provider.environmentName}\nPREFIX=${provider.prefix}\n` +
           `TARGET_ENV_PROVIDER_NAME=${provider.providerName}\nOPA_CI_ENVIRONMENT=${provider.environmentName}-${provider.providerName}\n` +
           `OPA_CI_ENVIRONMENT_MANUAL_APPROVAL=${input.envRequiresManualApproval}\n` +
-          `OPA_CI_REGISTRY_IMAGE=${provider.awsAccount}.dkr.ecr.${provider.awsRegion}.amazonaws.com/${input.appName}-${provider.providerName}\n` +
+          `OPA_CI_REGISTRY_IMAGE=${provider.awsAccount}.dkr.ecr.${provider.awsRegion}.amazonaws.com/${input.appName}-${input.envName}-${provider.providerName}\n` +
           `OPA_CI_REGISTRY=${provider.awsAccount}.dkr.ecr.${provider.awsRegion}.amazonaws.com\n`;
 
         Object.keys(provider.parameters).forEach(key => {
@@ -474,7 +474,7 @@ export class AwsAppsPlatformApi {
 
     const commit = {
       branch: 'main',
-      commit_message: `Unbind Resource`,
+      commit_message: `UnBind Resource`,
       actions: actions,
     };
 
@@ -533,7 +533,7 @@ export class AwsAppsPlatformApi {
     if (action === 'add') {
       console.log(entityCatalog);
       const newDependencies = entityCatalog.spec.dependsOn as Array<string>;
-      newDependencies.push(`awsenvironmentprovider:default/${provider.name}`);
+      newDependencies.push(`awsenvironmentprovider:default/${provider.name.toLowerCase()}`);
       entityCatalog.spec.dependsOn = newDependencies;
       const providerContent = YAML.stringify(entityCatalog);
       console.log(providerContent);
@@ -548,7 +548,7 @@ export class AwsAppsPlatformApi {
       const dependencies = entityCatalog.spec.dependsOn as Array<string>;
       let newDependencies = Array<string>();
       dependencies.forEach(p => {
-        const providerToRemove = `awsenvironmentprovider:default/${provider.name}`;
+        const providerToRemove = `awsenvironmentprovider:default/${provider.name.toLowerCase()}`;
         if (p != providerToRemove) {
           newDependencies.push(p);
         }