zware/JFrog-Cloud-Installers
1
0
Fork 0
mirror of https://github.com/ZwareBear/JFrog-Cloud-Installers.git synced 2026-01-21 00:06:55 -06:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #86 from jfrog/aws-7.15.3

Browse Source 
Updates for AWS CFT for 7.15.3
This commit is contained in:
Alex Hung
2021-02-25 09:01:31 -08:00
committed by GitHub
parent 8ddf11d7f8 6215731cb7
commit 57ad95403a
4 changed files with 50 additions and 411 deletions
Download Patch File Download Diff File Expand all files Collapse all files

84
Amazon/Marketplace/v7153/templates/jfrog-artifactory-core-infrastructure.template.yaml
View File

@@ -39,8 +39,6 @@ Parameters:
- "true"
- "false"
Type: String
DatabaseEngine:
Type: String
DatabaseUser:
Type: String
DatabasePassword:
@@ -65,15 +63,6 @@ Parameters:
Type: Number
Mappings:
DatabaseMap:
Postgres:
Name: postgresql
DatabaseVersion: 11.5
Driver: "org.postgresql.Driver"
Plugin: postgresql-42.2.9.jar
PluginURL: https://jdbc.postgresql.org/download/
port: "5432"
extraDatabaseOps: ""
ReleaseStageMap:
BETA:
ProDockerRepo: "earlyaccess-docker.jfrog.io/jfrog/artifactory-pro"
@@ -229,11 +218,8 @@ Resources:
Properties:
AllocatedStorage: !Ref DatabaseAllocatedStorage
MultiAZ: !Ref MultiAzDatabase
Engine: !Ref DatabaseEngine
EngineVersion: !FindInMap
- DatabaseMap
- !Ref DatabaseEngine
- DatabaseVersion
Engine: Postgres
EngineVersion: "11.5"
MasterUsername: !Ref DatabaseUser
MasterUserPassword: !Ref DatabasePassword
DBInstanceClass: !Ref DatabaseInstance
@@ -256,34 +242,16 @@ Resources:
ToPort: 22
CidrIp: !Ref VpcCidr
- IpProtocol: tcp
FromPort: !FindInMap
- DatabaseMap
- !Ref DatabaseEngine
- port
ToPort: !FindInMap
- DatabaseMap
- !Ref DatabaseEngine
- port
FromPort: 5432
ToPort: 5432
CidrIp: !Ref PrivateSubnet1Cidr
- IpProtocol: tcp
FromPort: !FindInMap
- DatabaseMap
- !Ref DatabaseEngine
- port
ToPort: !FindInMap
- DatabaseMap
- !Ref DatabaseEngine
- port
FromPort: 5432
ToPort: 5432
CidrIp: !Ref PrivateSubnet2Cidr
- IpProtocol: tcp
FromPort: !FindInMap
- DatabaseMap
- !Ref DatabaseEngine
- port
ToPort: !FindInMap
- DatabaseMap
- !Ref DatabaseEngine
- port
FromPort: 5432
ToPort: 5432
CidrIp: !Ref PrivateSubnet3Cidr
SecurityGroupEgress:
- IpProtocol: tcp
@@ -350,41 +318,25 @@ Outputs:
Value: !Ref ArtifactoryS3Bucket
Description: Actual S3 bucket created for Artifactory
DatabaseDriver:
Value: !FindInMap [DatabaseMap, !Ref DatabaseEngine, Driver]
Value: "org.postgresql.Driver"
DatabasePlugin:
Value: !FindInMap [DatabaseMap, !Ref DatabaseEngine, Plugin]
Value: postgresql-42.2.9.jar
DatabasePluginUrl:
Value: !Sub
- "${MainURL}${PluginVersion}"
- {
MainURL: !FindInMap [DatabaseMap, !Ref DatabaseEngine, PluginURL],
PluginVersion: !FindInMap [DatabaseMap, !Ref DatabaseEngine, Plugin]
}
Value: https://jdbc.postgresql.org/download/postgresql-42.2.9.jar"
DatabaseType:
Value: !FindInMap [DatabaseMap, !Ref DatabaseEngine, Name]
Value: postgresql
DatabaseUrl:
Value: !Sub
- "jdbc:${DatabaseType}://${ArtifactoryDatabaseEndpointAddress}:${port}/${DatabaseName}${extraDatabaseOps}"
- {
DatabaseType: !FindInMap [DatabaseMap, !Ref DatabaseEngine, Name],
ArtifactoryDatabaseEndpointAddress: !GetAtt ArtifactoryDatabase.Endpoint.Address,
port: !FindInMap [DatabaseMap, !Ref DatabaseEngine, port],
extraDatabaseOps: !FindInMap [DatabaseMap, !Ref DatabaseEngine, extraDatabaseOps],
}
- "jdbc:postgresql://${ArtifactoryDatabaseEndpointAddress}:5432/${DatabaseName}"
- ArtifactoryDatabaseEndpointAddress: !GetAtt ArtifactoryDatabase.Endpoint.Address
XrayMasterDatabaseUrl:
Value: !Sub
- "${ArtifactoryDatabaseEndpointAddress}:${port}/${DatabaseName}?sslmode=disable"
- {
ArtifactoryDatabaseEndpointAddress: !GetAtt ArtifactoryDatabase.Endpoint.Address,
port: !FindInMap [DatabaseMap, !Ref DatabaseEngine, port],
}
- "${ArtifactoryDatabaseEndpointAddress}:5432/${DatabaseName}?sslmode=disable"
- ArtifactoryDatabaseEndpointAddress: !GetAtt ArtifactoryDatabase.Endpoint.Address
XrayDatabaseUrl:
Value: !Sub
- "${ArtifactoryDatabaseEndpointAddress}:${port}/xraydb?sslmode=disable"
- {
ArtifactoryDatabaseEndpointAddress: !GetAtt ArtifactoryDatabase.Endpoint.Address,
port: !FindInMap [DatabaseMap, !Ref DatabaseEngine, port],
}
- "${ArtifactoryDatabaseEndpointAddress}:5432/xraydb?sslmode=disable"
- ArtifactoryDatabaseEndpointAddress: !GetAtt ArtifactoryDatabase.Endpoint.Address
ProDockerRepo:
Value: !FindInMap
- ReleaseStageMap

274
Amazon/Marketplace/v7153/templates/jfrog-artifactory-ec2-existing-vpc.template.yaml
View File

@@ -10,7 +10,6 @@ Metadata:
Parameters:
- KeyPairName
- AccessCidr
- RemoteAccessCidr
- Label:
default: Network configuration
Parameters:
@@ -24,16 +23,6 @@ Metadata:
- PrivateSubnet1Cidr
- PrivateSubnet2Cidr
- ELBScheme
- Label:
default: Bastion configuration
Parameters:
- ProvisionBastionHost
- BastionInstanceType
- BastionOs
- BastionRootVolumeSize
- BastionEnableTcpForwarding
- NumBastionHosts
- BastionEnableX11Forwarding
- Label:
default: Amazon EC2 configuration
Parameters:
@@ -43,7 +32,6 @@ Metadata:
default: JFrog Artifactory configuration
Parameters:
- ArtifactoryProduct
- ArtifactoryVersion
- NumberOfSecondary
- SmLicenseName
- SmCertName
@@ -55,22 +43,15 @@ Metadata:
default: Amazon RDS configuration
Parameters:
- DatabaseName
- DatabaseEngine
- DatabaseUser
- DatabasePassword
- DatabaseInstance
- DatabaseAllocatedStorage
- MultiAzDatabase
- Label:
default: AWS Quick Start configuration
Parameters:
- QsS3BucketName
- QsS3KeyPrefix
- Label:
default: JFrog Xray Configuration
Parameters:
- InstallXray
- XrayVersion
- XrayNumberOfInstances
- XrayInstanceType
- XrayDatabaseUser
@@ -98,24 +79,8 @@ Metadata:
default: Private subnet 2 CIDR
AccessCidr:
default: Permitted IP range
RemoteAccessCidr:
default: Remote access CIDR
ELBScheme:
default: Elastic Load Balancing scheme
ProvisionBastionHost:
default: Bastion instance
BastionInstanceType:
default: Bastion instance type
BastionRootVolumeSize:
default: Bastion root volume size
BastionEnableTcpForwarding:
default: Bastion enable TCP forwarding
BastionEnableX11Forwarding:
default: Bastion enable X11 forwarding
BastionOs:
default: Bastion operating system
NumBastionHosts:
default: Number of bastion instances
VolumeSize:
default: EBS root volume size
InstanceType:
@@ -124,8 +89,6 @@ Metadata:
default: Secondary instances
ArtifactoryProduct:
default: Artifactory product to install
ArtifactoryVersion:
default: Artifactory version
SmLicenseName:
default: Artifactory licenses secret name
SmCertName:
@@ -140,8 +103,6 @@ Metadata:
default: Default Java memory settings
DatabaseName:
default: Database name
DatabaseEngine:
default: Database engine
DatabaseUser:
default: Database user
DatabasePassword:
@@ -152,16 +113,8 @@ Metadata:
default: Database allocated storage
MultiAzDatabase:
default: High-availability database
QsS3BucketName:
default: Quick Start S3 bucket name
QsS3KeyPrefix:
default: Quick Start S3 key prefix
QsS3BucketRegion:
default: Quick Start S3 bucket region
InstallXray:
default: Install JFrog Xray
XrayVersion:
default: Version of Xray to install
XrayNumberOfInstances:
default: Number of JFrog Xray instances
XrayInstanceType:
@@ -219,12 +172,6 @@ Parameters:
For example, you might want to grant only your corporate network access to the software.
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$
Type: String
RemoteAccessCidr:
Description: Remote CIDR range that allows you to connect to the bastion instance by using SSH.
We recommend that you set this value to a trusted IP range.
For example, you might want to grant specific ranges inside your corporate network SSH access.
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$
Type: String
ELBScheme:
Description: Choose whether this is internet facing or internal.
AllowedValues:
@@ -232,68 +179,6 @@ Parameters:
- internet-facing
Default: internet-facing
Type: String
ProvisionBastionHost:
Description: Choose Disabled to skip creating a bastion instance. Due to the JFrog Container Registry nodes being
created in private subnets, the default setting of Enabled this is highly recommended.
AllowedValues:
- "Enabled"
- "Disabled"
Default: "Enabled"
Type: String
BastionInstanceType:
Description: Size of the bastion instances.
AllowedValues:
- t3.nano
- t3.micro
- t3.small
- t3.medium
- t3.large
- m5.large
- m5.xlarge
- m5.2xlarge
- m5.4xlarge
Default: "t3.micro"
Type: String
BastionRootVolumeSize:
Description: Size of the root volume on the bastion instances.
Default: 10
Type: Number
BastionEnableTcpForwarding:
Description: Choose whether to enable TCPForwarding via the bootstrapping of the bastion instance
or not.
AllowedValues:
- "true"
- "false"
Default: "true"
Type: String
BastionEnableX11Forwarding:
Description: Choose true to enable X11 via the bootstrapping of the bastion host.
Setting this value to true will enable X Windows over SSH.
X11 forwarding can be useful, but it is also a security risk, so it's recommended
that you keep the default (false) setting.
AllowedValues:
- "true"
- "false"
Default: "false"
Type: String
BastionOs:
Description: Linux distribution for the Amazon Machine Image (AMI) to be used for the bastion instances.
AllowedValues:
- "Amazon-Linux2-HVM"
- "CentOS-7-HVM"
- "Ubuntu-Server-20.04-LTS-HVM"
- "SUSE-SLES-15-HVM"
Default: "Amazon-Linux2-HVM"
Type: String
NumBastionHosts:
Description: Number of bastion instances to create.
AllowedValues:
- '1'
- '2'
- '3'
- '4'
Default: '1'
Type: String
VolumeSize:
Description: Size in gigabytes of the available storage (min 10GB); the Quick Start will create an
Amazon Elastic Block Store (Amazon EBS) volumes of this size.
@@ -354,14 +239,6 @@ Parameters:
- JFrog-Container-Registry
Default: JFrog-Artifactory-Pro
Type: String
ArtifactoryVersion:
Description: Version of Artifactory that you want to deploy into the Quick Start.
See the release notes to select the version you want to deploy at
https://www.jfrog.com/confluence/display/RTF/Release+Notes.
AllowedPattern: ^(([0-9]|[1-9][0-9])\.){2}([1-9][0-9]|[0-9])$
ConstraintDescription: A version that matches X.X.X per Artifactory releases
Default: 7.15.3
Type: String
SmLicenseName:
Description: Secret name created in AWS Secrets Manager, which contains the Artifactory licenses.
Default: ''
@@ -406,12 +283,6 @@ Parameters:
ConstraintDescription: 1 to 60 alphanumeric characters First character must be a letter.
Default: artdb
Type: String
DatabaseEngine:
Description: Database engine that you want to run, which is currently locked to MySQL.
AllowedValues:
- Postgres
Default: Postgres
Type: String
DatabaseUser:
Description: Login ID for the master user of your database instance.
MinLength: '1'
@@ -461,28 +332,6 @@ Parameters:
- "false"
Default: "true"
Type: String
QsS3BucketName:
Description: S3 bucket name for the Quick Start assets. This string can include
numbers, lowercase letters, and hyphens (-). It cannot start
or end with a hyphen (-).
AllowedPattern: ^[0-9a-z]+([0-9a-z-]*[0-9a-z])*$
ConstraintDescription: Quick Start bucket name can include numbers, lowercase
letters, and hyphens (-). It cannot start or end with a hyphen (-).
Default: aws-quickstart
Type: String
QsS3KeyPrefix:
Description: S3 key prefix for the Quick Start assets. Quick Start key prefix
can include numbers, lowercase letters, uppercase letters, hyphens (-), and
forward slash (/).
AllowedPattern: ^[0-9a-zA-Z-/]*$
ConstraintDescription: Quick Start key prefix can include numbers, lowercase letters,
uppercase letters, hyphens (-), and forward slash (/).
Default: quickstart-jfrog-artifactory/
Type: String
QsS3BucketRegion:
Default: 'us-east-1'
Description: AWS Region where the Quick Start S3 bucket (QSS3BucketName) is hosted. If you use your own bucket, you must specify your own value.
Type: String
InstallXray:
Description: Choose true to install JFrog Xray instance(s).
ConstraintDescription: True or False
@@ -491,12 +340,6 @@ Parameters:
- "false"
Default: "true"
Type: String
XrayVersion:
Description: The version of Xray that you want to deploy into the Quick Start.
AllowedPattern: ^(([0-9]|[1-9][0-9])\.){2}([1-9][0-9]|[0-9])$
ConstraintDescription: A version that matches X.X.X per Xray releases.
Default: 3.17.4
Type: String
XrayNumberOfInstances:
Description: The number of Xray instances servers to complete your
HA deployment. The minimum number is one; the maximum is seven.
@@ -533,7 +376,6 @@ Parameters:
Type: String
Conditions:
EnableBastion: !Equals [!Ref 'ProvisionBastionHost', 'Enabled']
IsArtifactory: !Not [!Equals [!Ref ArtifactoryProduct, 'JFrog-Container-Registry']]
HasSecondaryNodes: !Not [!Equals [!Ref NumberOfSecondary, '0']]
DefaultJava: !Equals [!Ref DefaultJavaMemSettings, "true"]
@@ -541,67 +383,10 @@ Conditions:
SmCertNameExists: !Not [!Equals [!Ref 'SmCertName', '']]
Resources:
BastionRole:
Condition: EnableBastion
Type: "AWS::IAM::Role"
Properties:
AssumeRolePolicyDocument:
Version: 2012-10-17
Statement:
- Effect: Allow
Principal:
Service: ec2.amazonaws.com
Action: sts:AssumeRole
Policies:
- PolicyName: QSBucketAccess
PolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Action: s3:GetObject
Resource: !Sub "arn:${AWS::Partition}:s3:::${QsS3BucketName}/*"
- Effect: Allow
Action:
- logs:CreateLogStream
- logs:GetLogEvents
- logs:PutLogEvents
- logs:DescribeLogGroups
- logs:DescribeLogStreams
- logs:PutRetentionPolicy
- logs:PutMetricFilter
- logs:CreateLogGroup
Resource: !Sub "arn:${AWS::Partition}:logs:${AWS::Region}:${AWS::AccountId}:log-group:*:*"
- Effect: Allow
Action:
- ec2:AssociateAddress
- ec2:DescribeAddresses
Resource: "*"
BastionStack:
Condition: EnableBastion
Type: AWS::CloudFormation::Stack
Properties:
TemplateURL: https://aws-quickstart.s3.amazonaws.com/quickstart-jfrog-artifactory/submodules/quickstart-linux-bastion/templates/linux-bastion.template
Parameters:
VPCID: !Ref VpcId
PublicSubnet1ID: !Ref PublicSubnet1Id
PublicSubnet2ID: !Ref PublicSubnet2Id
KeyPairName: !Ref KeyPairName
QSS3BucketName: !Ref QsS3BucketName
QSS3KeyPrefix: !Sub '${QsS3KeyPrefix}submodules/quickstart-linux-bastion/'
QSS3BucketRegion: !Ref QsS3BucketRegion
RemoteAccessCIDR: !Ref RemoteAccessCidr
BastionInstanceType: !Ref BastionInstanceType
RootVolumeSize: !Ref BastionRootVolumeSize
BastionAMIOS: !Ref BastionOs
EnableTCPForwarding: !Ref BastionEnableTcpForwarding
EnableX11Forwarding: !Ref BastionEnableX11Forwarding
AlternativeIAMRole: !Ref BastionRole
NumBastionHosts: !Ref NumBastionHosts
ArtifactoryCoreInfraStack:
Type: AWS::CloudFormation::Stack
Properties:
TemplateURL: https://jfrog-marketplace-test-us-east-1.s3.amazonaws.com/marketplace-jfrog-artifactory/templates/jfrog-artifactory-core-infrastructure.template.yaml
TemplateURL: https://jfrog-marketplace-test-us-east-1.s3.amazonaws.com/marketplace-jfrog-artifactory/v7153/templates/jfrog-artifactory-core-infrastructure.template.yaml
Parameters:
AvailabilityZones:
Fn::Join:
@@ -615,7 +400,6 @@ Resources:
SubnetIds: !Join [",", [!Ref PrivateSubnet1Id, !Ref PrivateSubnet2Id]]
DatabaseAllocatedStorage: !Ref DatabaseAllocatedStorage
MultiAzDatabase: !Ref MultiAzDatabase
DatabaseEngine: !Ref DatabaseEngine
DatabaseUser: !Ref DatabaseUser
DatabasePassword: !Ref DatabasePassword
DatabaseInstance: !Ref DatabaseInstance
@@ -716,7 +500,7 @@ Resources:
Tags:
- Key: Name
Value: !Sub ${ArtifactoryProduct}-ec2-instances-sg
GroupDescription: SG for EC2 instances (also permits access using SSH from the bastion host)
GroupDescription: SG for EC2 instances
VpcId: !Ref VpcId
SecurityGroupIngress:
- IpProtocol: tcp
@@ -795,21 +579,17 @@ Resources:
- "logs:CreateLogStream"
- "logs:PutLogEvents"
- "logs:DescribeLogStreams"
Resource: "arn:aws:logs:*:*:*"
- Effect: "Allow"
Action:
- "s3:GetObject"
Resource: "*"
- PolicyName: 'SecretsMaanger-policy'
Resource: !Sub "arn:${AWS::Partition}:logs:${AWS::Region}:${AWS::AccountId}:log-group:*:*"
- PolicyName: 'SecretsManager-policy'
PolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: "Allow"
Action:
- "secretsmanager:GetSecretValue"
Resource: "arn:aws:secretsmanager:*:*:secret:*"
Resource: !Sub "arn:${AWS::Partition}:secretsmanager:${AWS::Region}:${AWS::AccountId}:secret:*"
ArtifactoryHostProfile:
Type: 'AWS::IAM::InstanceProfile'
Type: AWS::IAM::InstanceProfile
Properties:
Roles:
- !Ref ArtifactoryHostRole
@@ -817,17 +597,13 @@ Resources:
ArtifactoryPrimary:
Type: AWS::CloudFormation::Stack
Properties:
TemplateURL: https://jfrog-marketplace-test-us-east-1.s3.amazonaws.com/marketplace-jfrog-artifactory/templates/jfrog-artifactory-ec2-instance.template.yaml
TemplateURL: https://jfrog-marketplace-test-us-east-1.s3.amazonaws.com/marketplace-jfrog-artifactory/v7153/templates/jfrog-artifactory-ec2-instance.template.yaml
Parameters:
PrivateSubnetIds: !Join [',', [!Ref PrivateSubnet1Id]]
MinScalingNodes: '1' # Always have 1 MasterNode
MaxScalingNodes: '1' # Always have 1 MasterNode
MinScalingNodes: '1' # Always have 1 Primary Node
MaxScalingNodes: '1' # Always have 1 Primary Node
DeploymentTag: !If [IsArtifactory, "ArtifactoryPrimary", "JcrPrimary"]
HostRole: !Ref ArtifactoryHostRole
QsS3BucketName: !Ref QsS3BucketName
QsS3KeyPrefix: !Ref QsS3KeyPrefix
QsS3Uri: !Sub https://${QsS3BucketName}.s3.${AWS::URLSuffix}/${QsS3KeyPrefix}
AmiId: !Join ['', !Split [".", !Ref ArtifactoryVersion]]
ArtifactoryProduct: !Ref ArtifactoryProduct
ArtifactoryLicensesSecretName: !Ref SmLicenseName
ArtifactoryServerName: !Ref ArtifactoryServerName
@@ -846,7 +622,8 @@ Resources:
ArtifactoryPrimary: true
MasterKey: !Ref MasterKey
ExtraJavaOptions: !If [DefaultJava, !Sub "${ArtifactoryCoreInfraStack.Outputs.JavaOpts} ${ExtraJavaOptions}", !Ref ExtraJavaOptions]
ArtifactoryVersion: !Ref ArtifactoryVersion
AmiId: "7153"
ArtifactoryVersion: "7.15.3"
KeyPairName: !Ref KeyPairName
HostProfile: !Ref ArtifactoryHostProfile
SecurityGroups: !Ref ArtifactoryEc2Sg
@@ -862,14 +639,13 @@ Resources:
DependsOn: ArtifactoryPrimary
Type: AWS::CloudFormation::Stack
Properties:
TemplateURL: https://jfrog-marketplace-test-us-east-1.s3.amazonaws.com/marketplace-jfrog-artifactory/templates/jfrog-artifactory-ec2-instance.template.yaml
TemplateURL: https://jfrog-marketplace-test-us-east-1.s3.amazonaws.com/marketplace-jfrog-artifactory/v7153/templates/jfrog-artifactory-ec2-instance.template.yaml
Parameters:
PrivateSubnetIds: !Join [',', [!Ref PrivateSubnet1Id, !Ref PrivateSubnet2Id]]
MinScalingNodes: !Ref NumberOfSecondary
MaxScalingNodes: !Ref NumberOfSecondary
DeploymentTag: ArtifactorySecondary
HostRole: !Ref ArtifactoryHostRole
AmiId: !Join ['', !Split [".", !Ref ArtifactoryVersion]]
ArtifactoryProduct: !Ref ArtifactoryProduct
ArtifactoryLicensesSecretName: !Ref SmLicenseName
ArtifactoryServerName: !Ref ArtifactoryServerName
@@ -888,7 +664,8 @@ Resources:
ArtifactoryPrimary: false
MasterKey: !Ref MasterKey
ExtraJavaOptions: !If [DefaultJava, !Sub "${ArtifactoryCoreInfraStack.Outputs.JavaOpts} ${ExtraJavaOptions}", !Ref ExtraJavaOptions]
ArtifactoryVersion: !Ref ArtifactoryVersion
AmiId: "7153"
ArtifactoryVersion: "7.15.3"
KeyPairName: !Ref KeyPairName
HostProfile: !Ref ArtifactoryHostProfile
SecurityGroups: !Ref ArtifactoryEc2Sg
@@ -898,9 +675,6 @@ Resources:
TargetGroupARN: !Ref ArtifactoryTargetGroup
SSLTargetGroupARN: !Ref ArtifactorySslTargetGroup
InternalTargetGroupARN: !Ref ArtifactoryInternalTargetGroup
QsS3BucketName: !Ref QsS3BucketName
QsS3KeyPrefix: !Ref QsS3KeyPrefix
QsS3Uri: !Sub https://${QsS3BucketName}.s3.${AWS::URLSuffix}/${QsS3KeyPrefix}
XrayHostRole:
Condition: EnableXray
Type: AWS::IAM::Role
@@ -947,11 +721,7 @@ Resources:
- "logs:CreateLogStream"
- "logs:PutLogEvents"
- "logs:DescribeLogStreams"
Resource: "arn:aws:logs:*:*:*"
- Effect: "Allow"
Action:
- "s3:GetObject"
Resource: "*"
Resource: !Sub "arn:${AWS::Partition}:logs:${AWS::Region}:${AWS::AccountId}:log-group:*:*"
XrayHostProfile:
Condition: EnableXray
Type: 'AWS::IAM::InstanceProfile'
@@ -964,7 +734,7 @@ Resources:
DependsOn: ArtifactoryPrimary
Type: AWS::CloudFormation::Stack
Properties:
TemplateURL: https://jfrog-marketplace-test-us-east-1.s3.amazonaws.com/marketplace-jfrog-artifactory/templates/jfrog-xray-ec2-instance.template.yaml
TemplateURL: https://jfrog-marketplace-test-us-east-1.s3.amazonaws.com/marketplace-jfrog-artifactory/v7153/templates/jfrog-xray-ec2-instance.template.yaml
Parameters:
PrivateSubnet1Id: !Ref PrivateSubnet1Id
PrivateSubnet2Id: !Ref PrivateSubnet2Id
@@ -972,9 +742,6 @@ Resources:
MinScalingNodes: !Ref XrayNumberOfInstances
MaxScalingNodes: !Ref XrayNumberOfInstances
DeploymentTag: 'xray'
QsS3BucketName: !Ref QsS3BucketName
QsS3KeyPrefix: !Ref QsS3KeyPrefix
QsS3Uri: !Sub https://${QsS3BucketName}.s3.${AWS::URLSuffix}/${QsS3KeyPrefix}
DatabaseDriver: !GetAtt ArtifactoryCoreInfraStack.Outputs.DatabaseDriver
DatabaseType: !GetAtt ArtifactoryCoreInfraStack.Outputs.DatabaseType
DatabaseUser: !Ref DatabaseUser
@@ -989,8 +756,8 @@ Resources:
XrayDatabasePassword: !Ref XrayDatabasePassword
XrayMasterDatabaseUrl: !GetAtt ArtifactoryCoreInfraStack.Outputs.XrayMasterDatabaseUrl
XrayDatabaseUrl: !GetAtt ArtifactoryCoreInfraStack.Outputs.XrayDatabaseUrl
XrayVersion: !Ref XrayVersion
XrayAmiId: !Join ['', !Split [".", !Ref XrayVersion]]
XrayVersion: "3.17.4"
XrayAmiId: "3174"
XrayHostRole: !Ref XrayHostRole
XrayHostProfile: !Ref XrayHostProfile
Outputs:
@@ -1034,11 +801,6 @@ Outputs:
Value: !Ref ArtifactoryEc2Sg
Export:
Name: !Sub '${AWS::StackName}-ArtifactoryEc2Sg'
BastionIp:
Value: !If
- EnableBastion
- !GetAtt BastionStack.Outputs.EIP1
- ""
XrayMasterDatabaseUrl:
Description: Database driver
Value: !GetAtt ArtifactoryCoreInfraStack.Outputs.XrayMasterDatabaseUrl

54
Amazon/Marketplace/v7153/templates/jfrog-artifactory-ec2-instance.template.yaml
View File

@@ -15,12 +15,6 @@ Parameters:
Type: String
ArtifactoryProduct:
Type: String
QsS3BucketName:
Type: String
QsS3KeyPrefix:
Type: String
QsS3Uri:
Type: String
ArtifactoryLicensesSecretName:
Type: String
ArtifactoryServerName:
@@ -86,13 +80,13 @@ Parameters:
Mappings:
AWSAMIRegionMap:
us-east-1:
"Artifactory7153": ami-07a437a0be21eb6c8
"Artifactory7153": ami-0e25fbf67a59cc92b
us-east-2:
"Artifactory7153": ami-08f834139a150fb62
us-west-1:
"Artifactory7153": ami-0afdf2d63fc2c0895
us-west-2:
"Artifactory7153": ami-09274621c30cae078
"Artifactory7153": ami-03c0e58806c907dee
ca-central-1:
"Artifactory7153": ami-0f422f5980aeba60f
eu-central-1:
@@ -116,9 +110,9 @@ Mappings:
sa-east-1:
"Artifactory7153": ami-0b831f8403d6979d4
us-gov-east-1:
"Artifactory7153": ami-0ec712ae031edcb34
"Artifactory7153": ami-0d91ab5cda810462b
us-gov-west-1:
"Artifactory7153": ami-0b6229d13d677cd16
"Artifactory7153": ami-08343af72f1764764
ArtifactoryProductMap:
JFrog-Container-Registry:
"7153": "Jcr7153"
@@ -164,13 +158,6 @@ Resources:
ArtifactoryLaunchConfiguration:
Type: 'AWS::AutoScaling::LaunchConfiguration'
Metadata:
AWS::CloudFormation::Authentication:
S3AccessCreds:
type: S3
roleName:
- !Ref HostRole # !Ref ArtifactoryHostRole
buckets:
- !Ref QsS3BucketName
AWS::CloudFormation::Init:
configSets:
artifactory_install:
@@ -342,17 +329,9 @@ Resources:
}
S3URI=${QsS3Uri}
# Update OS
yum update -y
# Install git
yum install -y epel-release git policycoreutils-python
yum update --security -y 2>&1 | tee /var/log/userdata.yum_security_update.log
yum install -y jq python3 libselinux-python3
# Install jq
yum install -y epel-release
yum install -y jq
echo $PATH
@@ -360,24 +339,9 @@ Resources:
echo $PATH
# Create virtual env and activate
python3 -m venv ~/venv --system-site-packages
# Activate virtual env
source ~/venv/bin/activate
pip install --upgrade pip
pip install jmespath wheel
# Install Cloudformation helper scripts
pip install https://s3.amazonaws.com/cloudformation-examples/aws-cfn-bootstrap-py3-latest.tar.gz 2>&1 | tee /var/log/userdata.aws_cfn_bootstrap_install.log
pip install awscli 2>&1 | tee /var/log/userdata.awscli_install.log
pip install ansible 2>&1 | tee /var/log/userdata.ansible_install.log
mkdir ~/.jfrog_ami
aws s3 --region ${AWS::Region} sync s3://${QsS3BucketName}/${QsS3KeyPrefix}cloudInstallerScripts/ ~/.jfrog_ami/ || cfn_fail
setsebool httpd_can_network_connect 1 -P
# CentOS cloned virtual machines do not create a new machine id
@@ -394,8 +358,6 @@ Resources:
/root/attach_volume.sh || cfn_fail
ansible-galaxy collection install community.general ansible.posix
setsebool httpd_can_network_connect 1 -P
aws secretsmanager get-secret-value --secret-id ${ArtifactoryLicensesSecretName} --region ${AWS::Region} | jq -r '{"artifactory_licenses":(.SecretString | fromjson )}' > ~/.jfrog_ami/licenses.json || cfn_fail

49
Amazon/Marketplace/v7153/templates/jfrog-xray-ec2-instance.template.yaml
View File

@@ -13,12 +13,6 @@ Parameters:
Type: Number
DeploymentTag:
Type: String
QsS3BucketName:
Type: String
QsS3KeyPrefix:
Type: String
QsS3Uri:
Type: String
DatabaseDriver:
Type: String
DatabaseType:
@@ -64,13 +58,13 @@ Parameters:
Mappings:
AWSAMIRegionMap:
us-east-1:
"3174": ami-028555fa3b9469dc3
"3174": ami-0cfe501ba23b450bd
us-east-2:
"3174": ami-0f4980801d180776a
us-west-1:
"3174": ami-006041db0f601e438
us-west-2:
"3174": ami-0d67b78b4f09fa9a7
"3174": ami-05019f9185d4f809e
ca-central-1:
"3174": ami-056bafb407aa8e445
eu-central-1:
@@ -94,9 +88,9 @@ Mappings:
sa-east-1:
"3174": ami-0c2acb2f23c3e6743
us-gov-east-1:
"3174": ami-0349215efccd0d9f6
"3174": ami-06e63f61fa6c13b25
us-gov-west-1:
"3174": ami-0b52a6d3379d2c20c
"3174": ami-006010831d25af96b
Resources:
XrayScalingGroup:
@@ -129,13 +123,6 @@ Resources:
XrayLaunchConfiguration:
Type: AWS::AutoScaling::LaunchConfiguration
Metadata:
AWS::CloudFormation::Authentication:
S3AccessCreds:
type: S3
roleName:
- !Ref XrayHostRole
buckets:
- !Ref QsS3BucketName
AWS::CloudFormation::Init:
configSets:
xray_install:
@@ -195,7 +182,7 @@ Resources:
IamInstanceProfile: !Ref XrayHostProfile
ImageId: !FindInMap
- AWSAMIRegionMap
- !Ref 'AWS::Region'
- !Ref AWS::Region
- !Ref XrayAmiId
SecurityGroups:
- !Ref SecurityGroups
@@ -235,37 +222,15 @@ Resources:
}
S3URI=${QsS3Uri}
yum update --security -y &> /var/log/userdata.yum_security_update.log
yum install -y git python3 libselinux-python3
yum install -y postgresql-server postgresql-devel
echo $PATH
PATH=/opt/aws/bin:$PATH
echo $PATH
# Create virtual env and activate
python3 -m venv ~/venv --system-site-packages
# Activate virtual env
source ~/venv/bin/activate
pip install --upgrade pip
pip install wheel
# Install Cloudformation helper scripts
pip install https://s3.amazonaws.com/cloudformation-examples/aws-cfn-bootstrap-py3-latest.tar.gz 2>&1 | tee /var/log/userdata.aws_cfn_bootstrap_install.log
pip install awscli &> /var/log/userdata.awscli_install.log
pip install ansible &> /var/log/userdata.ansible_install.log
mkdir ~/.xray_ami
aws s3 --region ${AWS::Region} sync s3://${QsS3BucketName}/${QsS3KeyPrefix}cloudInstallerScripts/ ~/.xray_ami/
setsebool httpd_can_network_connect 1 -P
# CentOS cloned virtual machines do not create a new machine id
@@ -282,8 +247,6 @@ Resources:
lsblk # debug
ansible-galaxy collection install community.general ansible.posix
ansible-playbook /root/.xray_ami/xray.yml --vault-id /root/.vault_pass.txt 2>&1 | tee /var/log/xray.log || cfn_fail
rm -rf /root/.secureit.sh