unkeyed · chronark · Dec 2, 2024
@@ -0,0 +1,3 @@
+encryptionsalt: v1:6nVNkivyoKs=:v1:DDQqYWer0OS/K9a7:dFQV8BUHzhRWZ2ch0NS7l2GxlHJKAg==
+config:
+  aws:region: eu-central-1
@@ -0,0 +1,5 @@
+name: abc
+runtime: go
+main: /Users/andreasthomas/github/unkeyed/unkey/x/apprunner
+backend:
+  url: file://./state
@@ -0,0 +1,18 @@
+# Start from a Debian image with the latest version of Go installed
+# and a workspace (GOPATH) configured at /go.
+FROM golang
+
+# Copy the local package files to the container's workspace.
+ADD . /go/src/foo
+
+# Build the outyet command inside the container.
+# (You may fetch or manage dependencies here,
+# either manually or with a tool like "godep".)
+WORKDIR /go/src/foo
+RUN go build -o /go/bin/main
+
+# Run the outyet command by default when the container starts.
+ENTRYPOINT /go/bin/main
+
+# Document that the service listens on port 80.
+EXPOSE 80
@@ -0,0 +1,5 @@
+module github.com/unkeyed/unkey/x/apprunner/app
+
+go 1.23.3
+
+require github.com/gorilla/mux v1.8.1
@@ -0,0 +1,2 @@
+github.com/gorilla/mux v1.8.1 h1:TuBL49tXwgrFYWhqrNgrUNEY92u81SPhu7sTdzQEiWY=
+github.com/gorilla/mux v1.8.1/go.mod h1:AKf9I4AEqPTmMytcMc0KkNouC66V3BtZ4qD5fmWSiMQ=
@@ -0,0 +1,26 @@
+package main
+
+import (
+	"fmt"
+	"log"
+	"math/rand"
+	"net/http"
+	"time"
+
+	"github.com/gorilla/mux"
+)
+
+func main() {
+	r := mux.NewRouter()
+	handler := func(w http.ResponseWriter, r *http.Request) {
+
+		rand.Seed(time.Now().UnixNano())
+		fmt.Fprintf(w, "%d", rand.Intn(100))
+	}
+	r.HandleFunc("/", handler)
+	s := &http.Server{
+		Addr:    ":80",
+		Handler: r,
+	}
+	log.Fatal(s.ListenAndServe())
+}
@@ -0,0 +1,126 @@
+package main
+
+import (
+	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/apprunner"
+	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
+	"github.com/pulumi/pulumi-awsx/sdk/v2/go/awsx/ecr"
+
+	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
+)
+
+func deploy(ctx *pulumi.Context) error {
+
+	repo, err := ecr.NewRepository(ctx, "repo", &ecr.RepositoryArgs{
+		Name:        pulumi.String("repo"),
+		ForceDelete: pulumi.Bool(true),
+		LifecyclePolicy: &ecr.LifecyclePolicyArgs{
+			Rules: ecr.LifecyclePolicyRuleArray{
+				&ecr.LifecyclePolicyRuleArgs{
+					TagStatus:       ecr.LifecycleTagStatusAny,
+					MaximumAgeLimit: pulumi.Float64(30),
+				},
+			},
+		},
+	})
+	if err != nil {
+		return err
+	}
+
+	image, err := ecr.NewImage(ctx, "image", &ecr.ImageArgs{
+		ImageName:     pulumi.String("image"),
+		RepositoryUrl: repo.Url,
+		Context:       pulumi.String("./app"),
+		Dockerfile:    pulumi.String("./app/Dockerfile"),
+		Platform:      pulumi.String("linux/amd64"),
+	})
+	if err != nil {
+		return nil
+	}
+	ctx.Export("image", image.ImageUri)
+
+	role, err := iam.NewRole(ctx, "ecrAccessRole", &iam.RoleArgs{
+		AssumeRolePolicy: pulumi.String(`
+			{
+				"Version": "2012-10-17",
+    		"Statement": [{
+    			"Action": "sts:AssumeRole",
+      		"Effect": "Allow",
+       		"Sid": "",
+         	"Principal": {
+       	  	"Service": ["build.apprunner.amazonaws.com"]
+           }
+        }]
+      }
+    `),
+	})
+	if err != nil {
+		return err
+	}
+
+	_, err = iam.NewRolePolicy(ctx, "ecrACcessRolePolicy", &iam.RolePolicyArgs{
+		Role: role.Name,
+		Policy: pulumi.String(`
+			{
+    		"Version": "2012-10-17",
+      	"Statement": [
+       		{
+         		"Effect": "Allow",
+           	"Action": [
+            	"ecr:GetAuthorizationToken",
+             	"ecr:BatchCheckLayerAvailability",
+              "ecr:GetDownloadUrlForLayer",
+              "ecr:BatchGetImage",
+              "ecr:DescribeImages"
+            ],
+            "Resource": "*"
+          }
+        ]
+      }
+  `),
+	})
+
+	if err != nil {
+		return err
+	}
+
+	asg, err := apprunner.NewAutoScalingConfigurationVersion(ctx, "asg", &apprunner.AutoScalingConfigurationVersionArgs{
+		AutoScalingConfigurationName: pulumi.String("autoscaling"),
+		MinSize:                      pulumi.Int(1),
+		MaxSize:                      pulumi.Int(3),
+		MaxConcurrency:               pulumi.Int(10),
+	})
+	if err != nil {
+		return err
+	}
+
+	svc, err := apprunner.NewService(ctx, "svc", &apprunner.ServiceArgs{
+		ServiceName:                 pulumi.String("service"),
+		AutoScalingConfigurationArn: asg.Arn,
+		HealthCheckConfiguration: &apprunner.ServiceHealthCheckConfigurationArgs{
+			Protocol: pulumi.String("HTTP"),
+			Path:     pulumi.String("/"),
+		},
+		InstanceConfiguration: apprunner.ServiceInstanceConfigurationArgs{
+			Memory: pulumi.String("1 GB"),
+			Cpu:    pulumi.String("0.5 vCPU"),
+		},
+		SourceConfiguration: apprunner.ServiceSourceConfigurationArgs{
+			AuthenticationConfiguration: apprunner.ServiceSourceConfigurationAuthenticationConfigurationArgs{
+				AccessRoleArn: role.Arn,
+			},
+			ImageRepository: apprunner.ServiceSourceConfigurationImageRepositoryArgs{
+				ImageRepositoryType: pulumi.String("ECR"),
+				ImageIdentifier:     image.ImageUri,
+				ImageConfiguration: apprunner.ServiceSourceConfigurationImageRepositoryImageConfigurationArgs{
+					Port: pulumi.String("80"),
+				},
+			},
+		},
+	})
+	if err != nil {
+		return err
+	}
+	ctx.Export("url", svc.ServiceUrl)
+
+	return nil
+}
@@ -0,0 +1,96 @@
+module github.com/unkeyed/unkey/x/apprunner
+
+go 1.23.3
+
+require (
+	github.com/pulumi/pulumi-aws/sdk/v6 v6.61.0
+	github.com/pulumi/pulumi-awsx/sdk/v2 v2.19.0
+	github.com/pulumi/pulumi/sdk/v3 v3.142.0
+)
+
+require (
+	dario.cat/mergo v1.0.1 // indirect
+	github.com/BurntSushi/toml v1.4.0 // indirect
+	github.com/Microsoft/go-winio v0.6.2 // indirect
+	github.com/ProtonMail/go-crypto v1.1.3 // indirect
+	github.com/agext/levenshtein v1.2.3 // indirect
+	github.com/apparentlymart/go-textseg/v15 v15.0.0 // indirect
+	github.com/atotto/clipboard v0.1.4 // indirect
+	github.com/aymanbagabas/go-osc52/v2 v2.0.1 // indirect
+	github.com/blang/semver v3.5.1+incompatible // indirect
+	github.com/charmbracelet/bubbles v0.20.0 // indirect
+	github.com/charmbracelet/bubbletea v1.2.4 // indirect
+	github.com/charmbracelet/lipgloss v1.0.0 // indirect
+	github.com/charmbracelet/x/ansi v0.5.2 // indirect
+	github.com/charmbracelet/x/term v0.2.1 // indirect
+	github.com/cheggaaa/pb v1.0.29 // indirect
+	github.com/cloudflare/circl v1.5.0 // indirect
+	github.com/cyphar/filepath-securejoin v0.3.4 // indirect
+	github.com/djherbis/times v1.6.0 // indirect
+	github.com/emirpasic/gods v1.18.1 // indirect
+	github.com/erikgeiser/coninput v0.0.0-20211004153227-1c3628e74d0f // indirect
+	github.com/fsnotify/fsnotify v1.8.0 // indirect
+	github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect
+	github.com/go-git/go-billy/v5 v5.6.0 // indirect
+	github.com/go-git/go-git/v5 v5.12.0 // indirect
+	github.com/gogo/protobuf v1.3.2 // indirect
+	github.com/golang/glog v1.2.3 // indirect
+	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
+	github.com/google/uuid v1.6.0 // indirect
+	github.com/grpc-ecosystem/grpc-opentracing v0.0.0-20180507213350-8e809c8a8645 // indirect
+	github.com/hashicorp/errwrap v1.1.0 // indirect
+	github.com/hashicorp/go-multierror v1.1.1 // indirect
+	github.com/hashicorp/hcl/v2 v2.23.0 // indirect
+	github.com/inconshreveable/mousetrap v1.1.0 // indirect
+	github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 // indirect
+	github.com/kevinburke/ssh_config v1.2.0 // indirect
+	github.com/lucasb-eyer/go-colorful v1.2.0 // indirect
+	github.com/mattn/go-isatty v0.0.20 // indirect
+	github.com/mattn/go-localereader v0.0.1 // indirect
+	github.com/mattn/go-runewidth v0.0.16 // indirect
+	github.com/mitchellh/go-ps v1.0.0 // indirect
+	github.com/mitchellh/go-wordwrap v1.0.1 // indirect
+	github.com/muesli/ansi v0.0.0-20230316100256-276c6243b2f6 // indirect
+	github.com/muesli/cancelreader v0.2.2 // indirect
+	github.com/muesli/termenv v0.15.2 // indirect
+	github.com/nxadm/tail v1.4.11 // indirect
+	github.com/opentracing/basictracer-go v1.1.0 // indirect
+	github.com/opentracing/opentracing-go v1.2.0 // indirect
+	github.com/pgavlin/fx v0.1.6 // indirect
+	github.com/pjbgf/sha1cd v0.3.0 // indirect
+	github.com/pkg/errors v0.9.1 // indirect
+	github.com/pkg/term v1.1.0 // indirect
+	github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231 // indirect
+	github.com/pulumi/esc v0.11.1 // indirect
+	github.com/pulumi/pulumi-docker/sdk/v4 v4.4.3 // indirect
+	github.com/rivo/uniseg v0.4.7 // indirect
+	github.com/rogpeppe/go-internal v1.13.1 // indirect
+	github.com/sabhiram/go-gitignore v0.0.0-20210923224102-525f6e181f06 // indirect
+	github.com/santhosh-tekuri/jsonschema/v5 v5.3.1 // indirect
+	github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 // indirect
+	github.com/skeema/knownhosts v1.3.0 // indirect
+	github.com/spf13/cobra v1.8.1 // indirect
+	github.com/spf13/pflag v1.0.5 // indirect
+	github.com/texttheater/golang-levenshtein v1.0.1 // indirect
+	github.com/uber/jaeger-client-go v2.30.0+incompatible // indirect
+	github.com/uber/jaeger-lib v2.4.1+incompatible // indirect
+	github.com/xanzy/ssh-agent v0.3.3 // indirect
+	github.com/zclconf/go-cty v1.15.1 // indirect
+	go.uber.org/atomic v1.11.0 // indirect
+	golang.org/x/crypto v0.29.0 // indirect
+	golang.org/x/exp v0.0.0-20241108190413-2d47ceb2692f // indirect
+	golang.org/x/mod v0.22.0 // indirect
+	golang.org/x/net v0.31.0 // indirect
+	golang.org/x/sync v0.9.0 // indirect
+	golang.org/x/sys v0.27.0 // indirect
+	golang.org/x/term v0.26.0 // indirect
+	golang.org/x/text v0.20.0 // indirect
+	golang.org/x/tools v0.27.0 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20241118233622-e639e219e697 // indirect
+	google.golang.org/grpc v1.68.0 // indirect
+	google.golang.org/protobuf v1.35.2 // indirect
+	gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect
+	gopkg.in/warnings.v0 v0.1.2 // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
+	lukechampine.com/frand v1.5.1 // indirect
+)
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		github.com/gorilla/mux v1.8.1 h1:TuBL49tXwgrFYWhqrNgrUNEY92u81SPhu7sTdzQEiWY=
		github.com/gorilla/mux v1.8.1/go.mod h1:AKf9I4AEqPTmMytcMc0KkNouC66V3BtZ4qD5fmWSiMQ=