From e6baa12dfa919d32efbc87504a7958e9a0b0ecc0 Mon Sep 17 00:00:00 2001 From: Jasper Van der Jeugt Date: Tue, 12 Dec 2023 19:39:05 +0100 Subject: [PATCH] make janitor run on hal --- Makefile | 12 ++++++++---- deploy/template.yaml | 40 ++++++++++++++++++++++++++++++++++++++-- 2 files changed, 46 insertions(+), 6 deletions(-) diff --git a/Makefile b/Makefile index c866263..2c54691 100644 --- a/Makefile +++ b/Makefile @@ -21,9 +21,7 @@ build/zureg-%-lambda/bootstrap: build/image.txt $(SOURCES) touch $@ # Put all code and dependencies in a zip file we can run on AWS Lambda. -build/zureg-%-lambda/config.json: deploy/env.json - cp $^ $@ -build/zureg-%-lambda.zip: build/zureg-%-lambda/bootstrap build/zureg-%-lambda/config.json +build/zureg-%-lambda.zip: build/zureg-%-lambda/bootstrap zip $@ -j build/zureg-$*-lambda/* ls -lh $@ @@ -72,7 +70,13 @@ deploy: build/zureg-janitor-lambda.txt build/bucket.txt --parameter-overrides \ LambdaBucket=$(shell cat build/bucket.txt) \ JanitorLambdaKey=$(shell cat build/zureg-janitor-lambda.txt) \ - EmailAddress=$(shell jq -r '.ZUREG_EMAIL' deploy/env.json) + Hackathon=$(shell jq -r '.ZUREG_HACKATHON' deploy/env.json) \ + Email=$(shell jq -r '.ZUREG_EMAIL' deploy/env.json) \ + ScannerSecret=$(shell jq -r '.ZUREG_SCANNER_SECRET' deploy/env.json) \ + HCaptchaSiteKey=$(shell jq -r '.ZUREG_HCAPTCHA_SITEKEY' deploy/env.json) \ + HCaptchaSecret=$(shell jq -r '.ZUREG_HCAPTCHA_SECRET' deploy/env.json) \ + DiscordGuildID=$(shell jq -r '.ZUREG_DISCORD_GUILD_ID' deploy/env.json) \ + DiscordAccessToken=$(shell jq -r '.ZUREG_DISCORD_ACCESS_TOKEN' deploy/env.json) # Undo the deployment. teardown: diff --git a/deploy/template.yaml b/deploy/template.yaml index 2ed8852..9088736 100644 --- a/deploy/template.yaml +++ b/deploy/template.yaml @@ -6,9 +6,27 @@ Parameters: JanitorLambdaKey: Type: 'String' Description: 'S3 Key of the janitor lambda.' - EmailAddress: + Hackathon: + Type: 'String' + Description: 'Configuration discriminator, deprecated.' + Email: Type: 'String' Description: 'Email address that the registration bot sends email from.' + ScannerSecret: + Type: 'String' + Description: 'Secret for accessing the scanner page.' + HCaptchaSiteKey: + Type: 'String' + Description: 'SiteKey for HCaptcha.' + HCaptchaSecret: + Type: 'String' + Description: 'Secret for HCaptcha.' + DiscordGuildID: + Type: 'String' + Description: 'Guild ID for Discord.' + DiscordAccessToken: + Type: 'String' + Description: 'Access Token for Discord.' Resources: # This table stores participant registration using event sourcing: we only @@ -85,6 +103,15 @@ Resources: Code: S3Bucket: {'Ref': 'LambdaBucket'} S3Key: {'Ref': 'JanitorLambdaKey'} + Environment: + Variables: + ZUREG_HACKATHON: {'Ref': 'Hackathon'} + ZUREG_EMAIL: {'Ref': 'Email'} + ZUREG_SCANNER_SECRET: {'Ref': 'ScannerSecret'} + ZUREG_HCAPTCHA_SITEKEY: {'Ref': 'HCaptchaSiteKey'} + ZUREG_HCAPTCHA_SECRET: {'Ref': 'HCaptchaSecret'} + ZUREG_DISCORD_GUILD_ID: {'Ref': 'DiscordGuildID'} + ZUREG_DISCORD_ACCESS_TOKEN: {'Ref': 'DiscordAccessToken'} # This is the role of the lambda: the permissions it needs. We need access to # logs, and to the database. @@ -119,7 +146,7 @@ Resources: Resource: {'Fn::GetAtt': ['SummariesDatabase', 'Arn']} - Effect: 'Allow' Action: ['ses:SendEmail'] - Resource: {'Fn::Sub': 'arn:aws:ses:${AWS::Region}:${AWS::AccountId}:identity/${EmailAddress}'} + Resource: {'Fn::Sub': 'arn:aws:ses:${AWS::Region}:${AWS::AccountId}:identity/${Email}'} # Allow ApiGateway to invoke the function. # @@ -176,6 +203,15 @@ Resources: Code: S3Bucket: {'Ref': 'LambdaBucket'} S3Key: {'Ref': 'JanitorLambdaKey'} + Environment: + Variables: + ZUREG_HACKATHON: {'Ref': 'Hackathon'} + ZUREG_EMAIL: {'Ref': 'Email'} + ZUREG_SCANNER_SECRET: {'Ref': 'ScannerSecret'} + ZUREG_HCAPTCHA_SITEKEY: {'Ref': 'HCaptchaSiteKey'} + ZUREG_HCAPTCHA_SECRET: {'Ref': 'HCaptchaSecret'} + ZUREG_DISCORD_GUILD_ID: {'Ref': 'DiscordGuildID'} + ZUREG_DISCORD_ACCESS_TOKEN: {'Ref': 'DiscordAccessToken'} JanitorRule: Type: 'AWS::Events::Rule'