feat: add first draft of EC2 App Pattern

[jacobwinch]

What does this change?

This PR adds a first attempt at our EC2 App pattern. It's still a work in progress, but we have confirmed that this minimal version of the pattern can be deployed successfully so it feels like a good time to get something merged.

Does this change require changes to existing projects or CDK CLI?

No.

How to test

We've added a basic unit test for this. More unit tests (and proper docs) will be added as the pattern develops.

We've also manually tested deploying a stack with the following code:

import type { App } from "@aws-cdk/core";
import type { GuStackProps } from "@guardian/cdk/lib/constructs/core";
import { GuStack } from "@guardian/cdk/lib/constructs/core";
import { GuEc2App } from "@guardian/cdk/lib/patterns/ec2-app";

export class GuCDKEC2Pattern extends GuStack {
  constructor(scope: App, id: string, props: GuStackProps) {
    super(scope, id, props);

    const port = 8000;

    new GuEc2App(this, {
      app: "TestApp",
      applicationPort: port,
      publicFacing: false,
      userData: `#!/usr/bin/env bash
        mkdir test
        cd test
        echo OK >> healthcheck
        python -m SimpleHTTPServer ${port}
      `,
    });
  }
}

This just allows us to serve a static file via /healthcheck, so that we can ensure that requests can be served correctly.

How can we measure success?

It should be much faster/easier to create a new EC2 app from scratch using this pattern.

Have we considered potential risks?

Although this pattern is now functional, we don't want 'real' users to start experimenting with it at this stage. To mitigate against this:

1. We've added a comment to warn people that this is still under development
2. The pattern is not mentioned in https://github.com/guardian/cdk/blob/main/src/patterns/index.ts yet.

[jacobwinch]

If the user needs to download private config then we still need to wire up these permissions (for more details on that, see: #312)

[jacobwinch]

#446

[akash1810]

Might be nicer for userData in GuAutoScalingGroup's props to be of type GuUserData | string.

[stephengeller]

I think it is already, what would look better here do you think?

[akash1810]

This looks fantastic, great work!

Should we add a test for a single GuStack with multiple GuEc2Apps too?

[stephengeller]

I made a change to how the IDs of VPC constructs are declared, as we ran into issues with declaring multiple GuEC2Apps in the same stack, mainly due to the IDs of VPCs and subnets constructs being hardcoed. Would be keen to get opinions on the workaround implemented here.

[akash1810]

Added a couple of comments, mainly on code reuse.

[akash1810]

Better to use the mock here.

This would become:

import { TrackingTag } from "../../constants/library-info";

...

Tags: alphabeticalTags([
  TrackingTag,
  { Key: "App", ... },
  ...
]);

That is, this can be replaced:

{
  Key: "gu:cdk:version",
  PropagateAtLaunch: true,
  Value: "TEST",
},

With:

TrackingTag

Using the constant means we can update the naming of the tag in one place (should we want to).

[stephengeller]

Good shout. This doesn't currently work due to the missing PropagateAtLaunch keypair, but I've created a new constant that handles this called TrackingTagWithPropagate.

[akash1810]

The AppIdentity.taggedConstruct helper should be used here for consistency.

[stephengeller]

Good shout, done.

[akash1810]

AppIdentity.suffixText in other places that are app aware, can this be reused here for consistency?

[stephengeller]

Yep, done!

[akash1810]

minor: we've destructured app above, so this can become:

Suggested change

	app: props.app,
	app,

[stephengeller]

Good catch, done.

[akash1810]

I'd favour being strongly opinionated here and say Play always runs on 9000. That is, don't accept applicationPort in the props.

[stephengeller]

Good shout, done.

[akash1810]

Similar to above, I'd favour being strongly opinionated here and say Node always runs on 3000. That is, don't accept applicationPort in the props.

[stephengeller]

Good shout, done.

[akash1810]

🎉 lovely!

[akash1810]

The commit history on this PR is 👌🏽 .

[stephengeller]

This should now be ready for review again @akash1810 @jacobwinch !

[akash1810]

I don't think this is correct, as I'm not sure we want to publicly export this variant as it's specifically for the tests and not for "daily use"? In the past we've done something like this.

I think there's an opportunity to add a custom matcher here (similar to toHaveResourceOfTypeAndLogicalId) as it looks like we want to assert a construct has the identity tags. That is, a "toHaveAnIdentityTaggedResource" matcher that'll take a stack, a resource type string and assert that it's tags contain all the identity keys?

[jacobwinch]

After discussing this via Chat, we decided to go with the simpler option for now, in order to get this merged. We'll look at implementing the custom matcher when everyone is around to work on it together.

[akash1810]

Looks great!

👍🏽 to this too.

[github-actions]

🎉 This PR is included in version 8.3.0 🎉

The release is available on:

• npm package (@latest dist-tag)
• GitHub release

Your semantic-release bot 📦🚀