layla/aws-nakama-stack
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Allow ECS to pull docker image from private repo

Browse Source 
Use AWS::NoValue

Remove {}

Try at CredentialsParameter level

Duplicate code :/

Remove volume
This commit is contained in:
Layla
2020-07-28 18:42:37 -04:00
parent 808334b24c
commit a57c16a69e
2 changed files with 73 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

98
cloudformation/nakama/task.yaml
View File

@@ -38,9 +38,14 @@ Parameters:
Type: Number
Description: Port for the Postgres server
Default: 5432
RepositoryCredentialsSecret:
Type: String
Description: Arn of repostiory secret from AWS Secrets Manager. See https://docs.aws.amazon.com/AmazonECS/latest/developerguide/private-auth.html for more information
Default: ""
Conditions:
CreateSecret: !Equals [!Ref NakamaPasswordOverride, ""]
NoRepositoryCredentials: !Equals [!Ref RepositoryCredentialsSecret, ""]
Resources:
@@ -64,39 +69,66 @@ Resources:
Type: AWS::ECS::TaskDefinition
Properties:
ContainerDefinitions:
- Name: nakama
Essential: 'true'
Image: !Ref NakamaContainer
MemoryReservation: 800
PortMappings:
- HostPort: 0
ContainerPort: 7348
- HostPort: 0
ContainerPort: 7349
- HostPort: 0
ContainerPort: 7350
- HostPort: 0
ContainerPort: 7351
LogConfiguration:
LogDriver: awslogs
Options:
awslogs-region:
Ref: AWS::Region
awslogs-group:
Ref: LogGroup
MountPoints:
- ContainerPath: /nakama/volume
SourceVolume: "nakama-volume"
EntryPoint:
- "/bin/sh"
- "-ecx"
- !Join ["", [
!Sub "/nakama/nakama migrate up --database.address ${DatabaseUsername}:${DatabasePassword}@${DatabaseEndpoint}:${DatabasePort} &&\n",
!Sub "exec /nakama/nakama --name ${ServerName} --database.address ${DatabaseUsername}:${DatabasePassword}@${DatabaseEndpoint}:${DatabasePort} --console.username ${NakamaUsername} --console.password \"",
!If [CreateSecret, !Join ["", ["{{resolve:secretsmanager:", !Ref AdminPortalPassword,":SecretString}}" ]], !Ref NakamaPasswordOverride ], "\""
]]
Volumes:
- Name: "nakama-volume"
- !If
- NoRepositoryCredentials
- Name: nakama
Essential: 'true'
Image: !Ref NakamaContainer
MemoryReservation: 800
PortMappings:
- HostPort: 0
ContainerPort: 7348
- HostPort: 0
ContainerPort: 7349
- HostPort: 0
ContainerPort: 7350
- HostPort: 0
ContainerPort: 7351
LogConfiguration:
LogDriver: awslogs
Options:
awslogs-region:
Ref: AWS::Region
awslogs-group:
Ref: LogGroup
EntryPoint:
- "/bin/sh"
- "-ecx"
- !Join ["", [
!Sub "/nakama/nakama migrate up --database.address ${DatabaseUsername}:${DatabasePassword}@${DatabaseEndpoint}:${DatabasePort} &&\n",
!Sub "exec /nakama/nakama --name ${ServerName} --database.address ${DatabaseUsername}:${DatabasePassword}@${DatabaseEndpoint}:${DatabasePort} --console.username ${NakamaUsername} --console.password \"",
!If [CreateSecret, !Join ["", ["{{resolve:secretsmanager:", !Ref AdminPortalPassword,":SecretString}}" ]], !Ref NakamaPasswordOverride ], "\""
]]
- Name: nakama
Essential: 'true'
Image: !Ref NakamaContainer
RepositoryCredentials:
CredentialsParameter: !Ref RepositoryCredentialsSecret
MemoryReservation: 800
PortMappings:
- HostPort: 0
ContainerPort: 7348
- HostPort: 0
ContainerPort: 7349
- HostPort: 0
ContainerPort: 7350
- HostPort: 0
ContainerPort: 7351
LogConfiguration:
LogDriver: awslogs
Options:
awslogs-region:
Ref: AWS::Region
awslogs-group:
Ref: LogGroup
EntryPoint:
- "/bin/sh"
- "-ecx"
- !Join ["", [
!Sub "/nakama/nakama migrate up --database.address ${DatabaseUsername}:${DatabasePassword}@${DatabaseEndpoint}:${DatabasePort} &&\n",
!Sub "exec /nakama/nakama --name ${ServerName} --database.address ${DatabaseUsername}:${DatabasePassword}@${DatabaseEndpoint}:${DatabasePort} --console.username ${NakamaUsername} --console.password \"",
!If [CreateSecret, !Join ["", ["{{resolve:secretsmanager:", !Ref AdminPortalPassword,":SecretString}}" ]], !Ref NakamaPasswordOverride ], "\""
]]
Outputs:
TaskArn:
Description: ARN of the TaskDefinition