feat: support to specify custom domain to apigateway (#53)

Blankll · web-flow · commit 93de6e27d3fb · 2025-02-24T23:01:51.000+08:00
feat: support to specify custom domain to apigateway . Refs: #49 --------- Signed-off-by: seven <zilisheng1996@gmail.com>
diff --git a/samples/aliyun-poc-api.yml b/samples/aliyun-poc-api.yml
@@ -1,7 +1,7 @@
 version: 0.0.1
 provider:
   name: aliyun
-  region: cn-chengdu
+  region: cn-hongkong
 
 vars:
   region: cn-hangzhou
@@ -18,33 +18,25 @@ stages:
   prod:
     region: cn-shanghai
 
-service: insight-poc
+service: insight-poc-api
 
 tags:
   owner: geek-fun
 
 functions:
   insight_poc_fn:
-    name: insight-poc-fn
-    runtime: nodejs18
-    handler: ${vars.handler}
-    code: tests/fixtures/artifacts/artifact.zip
+    name: insight-poc-api-fn
+    code:
+      runtime: nodejs18
+      handler: ${vars.handler}
+      path: tests/fixtures/artifacts/artifact.zip
     memory: 512
     timeout: 10
     environment:
       NODE_ENV: ${stages.node_env}
       TEST_VAR: ${vars.testv}
       TEST_VAR_EXTRA: abcds-${vars.testv}-andyou
 
-databases:
-  insight_poc_db:
-    name: insight-poc-db
-    type: RDS_POSTGRESQL_SERVERLESS
-    version: '17.0'
-    security:
-      basic_auth:
-        password: 'U34I6InQ8elseTgqTWT2t2oFXpoqFg'
-
 events:
   gateway_event:
     type: API_GATEWAY
@@ -53,8 +45,5 @@ events:
       - method: GET
         path: /api/hello
         backend: ${functions.insight_poc_fn}
-#    custom_domain:
-#      domain_name: test.com
-#      certificate_name: test
-#      certificate_private_key: test
-#      certificate_body: test
+    domain:
+      domain_name: insight-api.serverlessinsight.com
diff --git a/samples/huawei-poc-fc.yml b/samples/huawei-poc-fc.yml
@@ -23,9 +23,10 @@ tags:
 functions:
   insight_poc_fn:
     name: insight-poc-fn
-    runtime: nodejs18
-    handler: ${vars.handler}
-    code: tests/fixtures/artifacts/artifact.zip
+    code:
+      runtime: nodejs18
+      handler: ${vars.handler}
+      path: tests/fixtures/artifacts/artifact.zip
     memory: 512
     timeout: 10
     environment:
diff --git a/src/common/iacHelper.ts b/src/common/iacHelper.ts
@@ -29,7 +29,7 @@ export const getFileSource = (
   const hash = crypto.createHash('md5').update(fs.readFileSync(filePath)).digest('hex');
 
   const objectKey = `${fcName}/${hash}-${filePath.split('/').pop()}`;
-  const source = ossDeployment.Source.asset(filePath, {}, `${fcName}/${hash}-`);
+  const source = ossDeployment.Source.asset(filePath, { deployTime: true }, `${fcName}/${hash}-`);
 
   return { source, objectKey };
 };
diff --git a/src/parser/eventParser.ts b/src/parser/eventParser.ts
@@ -9,5 +9,6 @@ export const parseEvent = (events: { [key: string]: EventRaw }): Array<EventDoma
     name: event.name,
     type: event.type,
     triggers: event.triggers,
+    domain: event.domain,
   }));
 };
diff --git a/src/stack/rosStack/event.ts b/src/stack/rosStack/event.ts
@@ -1,9 +1,10 @@
 import * as ros from '@alicloud/ros-cdk-core';
 import { ActionContext, EventDomain, EventTypes, ServerlessIac } from '../../types';
 import * as ram from '@alicloud/ros-cdk-ram';
-import { encodeBase64ForRosId, replaceReference } from '../../common';
+import { encodeBase64ForRosId, replaceReference, splitDomain } from '../../common';
 import * as agw from '@alicloud/ros-cdk-apigateway';
 import { isEmpty } from 'lodash';
+import * as dns from '@alicloud/ros-cdk-dns';
 
 export const resolveEvents = (
   scope: ros.Construct,
@@ -16,12 +17,14 @@ export const resolveEvents = (
     return undefined;
   }
   const apiGateway = events!.filter((event) => event.type === EventTypes.API_GATEWAY);
-  if (apiGateway?.length) {
+  if (!apiGateway?.length) return;
+
+  apiGateway.forEach((event) => {
     const gatewayAccessRole = new ram.RosRole(
       scope,
-      replaceReference(`${service}_role`, context),
+      replaceReference(`${event.key}_role`, context),
       {
-        roleName: replaceReference(`${service}-gateway-access-role`, context),
+        roleName: replaceReference(`${service}-${event.name}-agw-access-role`, context),
         description: replaceReference(`${service} role`, context),
         assumeRolePolicyDocument: {
           version: '1',
@@ -37,7 +40,7 @@ export const resolveEvents = (
         },
         policies: [
           {
-            policyName: replaceReference(`${service}-policy`, context),
+            policyName: replaceReference(`${service}-${event.name}-policy`, context),
             policyDocument: {
               version: '1',
               statement: [
@@ -66,64 +69,75 @@ export const resolveEvents = (
       true,
     );
 
-    // new agw.RosCustomDomain(
-    //   this,
-    //   'customDomain',
-    //   {
-    //     domainName: 'example.com',
-    //     certificateName: 'example.com',
-    //     certificateBody: 'example.com',
-    //     certificatePrivateKey: 'example.com',
-    //     groupId: apiGatewayGroup.attrGroupId,
-    //   },
-    //   true,
-    // );
+    if (event.domain) {
+      const dnsRecordRosId = `${event.key}_custom_domain_record_${encodeBase64ForRosId(event.domain.domain_name)}`;
+      const { domainName, rr } = splitDomain(event.domain?.domain_name);
 
-    apiGateway.forEach((event) => {
-      event.triggers.forEach((trigger) => {
-        const key = encodeBase64ForRosId(
-          replaceReference(`${trigger.method}_${trigger.path}`, context),
-        );
+      new dns.DomainRecord(scope, dnsRecordRosId, {
+        domainName,
+        rr,
+        type: 'CNAME',
+        value: apiGatewayGroup.attrSubDomain,
+      });
 
-        const api = new agw.RosApi(
-          scope,
-          `${event.key}_api_${key}`,
-          {
-            apiName: replaceReference(`${event.name}_api_${key}`, context),
-            groupId: apiGatewayGroup.attrGroupId,
-            visibility: 'PRIVATE',
-            authType: 'ANONYMOUS',
-            requestConfig: {
-              requestProtocol: 'HTTP',
-              requestHttpMethod: replaceReference(trigger.method, context),
-              requestPath: replaceReference(trigger.path, context),
-              requestMode: 'PASSTHROUGH',
-            },
-            serviceConfig: {
-              serviceProtocol: 'FunctionCompute',
-              functionComputeConfig: {
-                fcRegionId: context.region,
-                functionName: replaceReference(trigger.backend, context),
-                roleArn: gatewayAccessRole.attrArn,
-                fcVersion: '3.0',
-                method: replaceReference(trigger.method, context),
-              },
+      const agwCustomDomain = new agw.RosCustomDomain(
+        scope,
+        `${event.key}_custom_domain_${encodeBase64ForRosId(event.domain.domain_name)}`,
+        {
+          groupId: apiGatewayGroup.attrGroupId,
+          domainName: event.domain.domain_name,
+          certificateName: event.domain.certificate_name,
+          certificateBody: event.domain.certificate_body,
+          certificatePrivateKey: event.domain.certificate_private_key,
+        },
+        true,
+      );
+      agwCustomDomain.addRosDependency(dnsRecordRosId);
+    }
+
+    event.triggers.forEach((trigger) => {
+      const key = encodeBase64ForRosId(
+        replaceReference(`${trigger.method}_${trigger.path}`, context),
+      );
+
+      const api = new agw.RosApi(
+        scope,
+        `${event.key}_api_${key}`,
+        {
+          apiName: replaceReference(`${event.name}_api_${key}`, context),
+          groupId: apiGatewayGroup.attrGroupId,
+          visibility: 'PRIVATE',
+          authType: 'ANONYMOUS',
+          requestConfig: {
+            requestProtocol: 'HTTP',
+            requestHttpMethod: replaceReference(trigger.method, context),
+            requestPath: replaceReference(trigger.path, context),
+            requestMode: 'PASSTHROUGH',
+          },
+          serviceConfig: {
+            serviceProtocol: 'FunctionCompute',
+            functionComputeConfig: {
+              fcRegionId: context.region,
+              functionName: replaceReference(trigger.backend, context),
+              roleArn: gatewayAccessRole.attrArn,
+              fcVersion: '3.0',
+              method: replaceReference(trigger.method, context),
             },
-            resultSample: 'ServerlessInsight resultSample',
-            resultType: 'PASSTHROUGH',
-            tags: replaceReference(tags, context),
           },
-          true,
-        );
-        api.addDependsOn(apiGatewayGroup);
+          resultSample: 'ServerlessInsight resultSample',
+          resultType: 'PASSTHROUGH',
+          tags: replaceReference(tags, context),
+        },
+        true,
+      );
+      api.addDependsOn(apiGatewayGroup);
 
-        new agw.Deployment(scope, `${service}_deployment`, {
-          apiId: api.attrApiId,
-          groupId: apiGatewayGroup.attrGroupId,
-          stageName: 'RELEASE',
-          description: `${service} Api Gateway deployment`,
-        });
+      new agw.Deployment(scope, `${service}_deployment`, {
+        apiId: api.attrApiId,
+        groupId: apiGatewayGroup.attrGroupId,
+        stageName: 'RELEASE',
+        description: `${service} Api Gateway deployment`,
       });
     });
-  }
+  });
 };
diff --git a/src/types/domains/event.ts b/src/types/domains/event.ts
@@ -10,6 +10,12 @@ export type EventRaw = {
     path: string;
     backend: string;
   }>;
+  domain?: {
+    domain_name: string;
+    certificate_name?: string;
+    certificate_body?: string;
+    certificate_private_key?: string;
+  };
 };
 
 export type EventDomain = {
diff --git a/src/validator/eventSchema.ts b/src/validator/eventSchema.ts
@@ -16,20 +16,16 @@ export const eventSchema = {
             required: ['method', 'path', 'backend'],
           },
         },
-        custom_domain: {
+        domain: {
           type: 'object',
+          additionalProperties: false,
+          required: ['domain_name'],
           properties: {
             domain_name: { type: 'string' },
             certificate_name: { type: 'string' },
             certificate_body: { type: 'string' },
             certificate_private_key: { type: 'string' },
           },
-          required: [
-            'domain_name',
-            'certificate_name',
-            'certificate_body',
-            'certificate_private_key',
-          ],
         },
       },
       required: ['name', 'type', 'triggers'],
diff --git a/tests/common/iacHelper.test.ts b/tests/common/iacHelper.test.ts
@@ -18,7 +18,7 @@ describe('Unit test for iacHelper', () => {
       getFileSource(fcName, location);
       expect(ossDeployment.Source.asset).toHaveBeenCalledWith(
         `${process.cwd()}/${location}`,
-        {},
+        { deployTime: true },
         `${fcName}/50861cd99a3a678356030f5f189300af-`,
       );
     });
diff --git a/tests/fixtures/deployFixture.ts b/tests/fixtures/deployFixture.ts
diff --git a/tests/fixtures/templateFixture.ts b/tests/fixtures/templateFixture.ts
diff --git a/tests/stack/deploy.test.ts b/tests/stack/deploy.test.ts
