Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(deadline): add Deadline Secrets Management integration in the Render Queue #528

Merged

Conversation

jericht
Copy link
Contributor

@jericht jericht commented Aug 9, 2021

Depends on:

Notes

Adds Deadline Secrets Management configuration to the RenderQueue construct.

Testing

  • Deployed a modified version of the example app that uses the staging workflow with the modified Deadline Docker recipes and verified that:
    • The Render Queue ECS task successfully configured Secrets Management
    • When an ECS task restarts (e.g. due to Docker container exiting), it uses the same Secrets Management identity as the previous ECS task
  • Deployed the original example app without Secrets Management enabled, then updated it by enabling Secrets Management on the Repository and RenderQueue, then verified that Secrets Management was configured successfully on the RCS by running Secrets Management commands such as ListAllMachines, ListAllSecrets, PutSecret, and GetSecret.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

@jusiskin jusiskin added the contribution/core This is a PR that came from AWS. label Aug 10, 2021
@jericht jericht force-pushed the jericht/sm_renderqueue branch 2 times, most recently from 49beb5b to 0271773 Compare August 16, 2021 14:55
@jericht jericht force-pushed the jericht/sm_renderqueue branch from 0271773 to af3b471 Compare August 17, 2021 03:25
@jericht jericht marked this pull request as ready for review August 17, 2021 13:42
@jericht jericht changed the base branch from mainline to feature_enable_secret_manager August 17, 2021 15:30
@horsmand horsmand self-requested a review August 17, 2021 18:25
Copy link
Contributor

@horsmand horsmand left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good overall, just a few minor things that are hopefully quick fixes.

@jericht jericht requested a review from horsmand August 19, 2021 15:29
Copy link
Contributor

@jusiskin jusiskin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Really great job here. Just two small suggestions around the validation.

packages/aws-rfdk/lib/deadline/lib/render-queue.ts Outdated Show resolved Hide resolved
packages/aws-rfdk/lib/deadline/lib/render-queue.ts Outdated Show resolved Hide resolved
@jericht jericht requested a review from jusiskin August 19, 2021 20:24
Copy link
Contributor

@jusiskin jusiskin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One minor suggestion remaining.

packages/aws-rfdk/lib/deadline/lib/render-queue.ts Outdated Show resolved Hide resolved
@jericht jericht force-pushed the jericht/sm_renderqueue branch from e43025b to 8bd66a4 Compare August 19, 2021 21:16
@jericht jericht requested review from horsmand and jusiskin August 19, 2021 21:34
@jericht jericht merged commit 29f8412 into aws:feature_enable_secret_manager Aug 19, 2021
horsmand pushed a commit that referenced this pull request Aug 21, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
contribution/core This is a PR that came from AWS.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants