From d70576b820bfd8539e8151b891f9580df96788c0 Mon Sep 17 00:00:00 2001 From: Jan David Date: Tue, 4 Jun 2024 13:51:45 +0200 Subject: [PATCH 1/8] Create Terragrunt module for win.rustup.rs `win.rustup.rs` is an old CloudFront distribution that is not yet managed in Terraform or Terragrunt. A new Terragrunt module has been created so that we can easily create a new staging environment. The module copies the existing functionality, but uses a response header policy instead of a Lambda function to set the `Content-Disposition` header. --- terragrunt/modules/win-rustup-rs/README.md | 6 ++ .../modules/win-rustup-rs/_terraform.tf | 11 +++ .../modules/win-rustup-rs/certificate.tf | 13 ++++ terragrunt/modules/win-rustup-rs/data.tf | 7 ++ terragrunt/modules/win-rustup-rs/lambda.tf | 13 ++++ .../lambdas/origin-request/index.js | 15 ++++ terragrunt/modules/win-rustup-rs/main.tf | 71 +++++++++++++++++++ terragrunt/modules/win-rustup-rs/variables.tf | 9 +++ 8 files changed, 145 insertions(+) create mode 100644 terragrunt/modules/win-rustup-rs/README.md create mode 100644 terragrunt/modules/win-rustup-rs/_terraform.tf create mode 100644 terragrunt/modules/win-rustup-rs/certificate.tf create mode 100644 terragrunt/modules/win-rustup-rs/data.tf create mode 100644 terragrunt/modules/win-rustup-rs/lambda.tf create mode 100644 terragrunt/modules/win-rustup-rs/lambdas/origin-request/index.js create mode 100644 terragrunt/modules/win-rustup-rs/main.tf create mode 100644 terragrunt/modules/win-rustup-rs/variables.tf diff --git a/terragrunt/modules/win-rustup-rs/README.md b/terragrunt/modules/win-rustup-rs/README.md new file mode 100644 index 000000000..b66cdf9f0 --- /dev/null +++ b/terragrunt/modules/win-rustup-rs/README.md @@ -0,0 +1,6 @@ +# win.rustup.rs + +`win.rustup.rs` is a CloudFront distribution that provides convenient, short +URLs for downloading the Rustup installer on Windows. It features a path for +each supported architecture, which serves the latest version of the respective +installer. diff --git a/terragrunt/modules/win-rustup-rs/_terraform.tf b/terragrunt/modules/win-rustup-rs/_terraform.tf new file mode 100644 index 000000000..6e71aed42 --- /dev/null +++ b/terragrunt/modules/win-rustup-rs/_terraform.tf @@ -0,0 +1,11 @@ +terraform { + required_version = "~> 1.0" + + required_providers { + aws = { + source = "hashicorp/aws" + version = "~> 4.20" + } + } +} + diff --git a/terragrunt/modules/win-rustup-rs/certificate.tf b/terragrunt/modules/win-rustup-rs/certificate.tf new file mode 100644 index 000000000..d5eca7bef --- /dev/null +++ b/terragrunt/modules/win-rustup-rs/certificate.tf @@ -0,0 +1,13 @@ +module "certificate" { + source = "../acm-certificate" + + providers = { + aws = aws.us-east-1 + } + + domains = [ + var.domain_name, + ] + + legacy = true +} diff --git a/terragrunt/modules/win-rustup-rs/data.tf b/terragrunt/modules/win-rustup-rs/data.tf new file mode 100644 index 000000000..badb58c38 --- /dev/null +++ b/terragrunt/modules/win-rustup-rs/data.tf @@ -0,0 +1,7 @@ +data "aws_iam_role" "cloudfront_lambda" { + name = "cloudfront-lambda" +} + +data "aws_s3_bucket" "static" { + bucket = var.static_bucket +} diff --git a/terragrunt/modules/win-rustup-rs/lambda.tf b/terragrunt/modules/win-rustup-rs/lambda.tf new file mode 100644 index 000000000..b19855306 --- /dev/null +++ b/terragrunt/modules/win-rustup-rs/lambda.tf @@ -0,0 +1,13 @@ +module "origin_request" { + source = "../aws-lambda" + + providers = { + aws = aws.us-east-1 + } + + name = "${local.human_readable_name}--origin-request" + source_dir = "lambdas/origin-request" + handler = "index.handler" + runtime = "nodejs16.x" + role_arn = data.aws_iam_role.cloudfront_lambda.arn +} diff --git a/terragrunt/modules/win-rustup-rs/lambdas/origin-request/index.js b/terragrunt/modules/win-rustup-rs/lambdas/origin-request/index.js new file mode 100644 index 000000000..ee16695f6 --- /dev/null +++ b/terragrunt/modules/win-rustup-rs/lambdas/origin-request/index.js @@ -0,0 +1,15 @@ +'use strict'; + +exports.handler = (event, context, callback) => { + const request = event.Records[0].cf.request; + const headers = request.headers; + + if (request.uri === '/') { + request.uri = '/i686-pc-windows-msvc/rustup-init.exe'; + } else if (request.uri === '/i686') { + request.uri = '/i686-pc-windows-msvc/rustup-init.exe'; + } else if (request.uri === '/x86_64') { + request.uri = '/x86_64-pc-windows-msvc/rustup-init.exe'; + } + callback(null, request); +}; diff --git a/terragrunt/modules/win-rustup-rs/main.tf b/terragrunt/modules/win-rustup-rs/main.tf new file mode 100644 index 000000000..06439976e --- /dev/null +++ b/terragrunt/modules/win-rustup-rs/main.tf @@ -0,0 +1,71 @@ +locals { + human_readable_name = replace(var.domain_name, ".", "-") +} + +resource "aws_cloudfront_response_headers_policy" "content_disposition" { + name = local.human_readable_name + comment = "Set the Content-Disposition header for ${var.domain_name}" + + custom_headers_config { + items { + header = "Content-Disposition" + value = "attachment; filename=\"rustup-init.exe\"" + override = true + } + } +} + +resource "aws_cloudfront_distribution" "distribution" { + comment = var.domain_name + + enabled = true + wait_for_deployment = false + is_ipv6_enabled = true + price_class = "PriceClass_All" + + aliases = [ + var.domain_name, + ] + + viewer_certificate { + acm_certificate_arn = module.certificate.arn + ssl_support_method = "sni-only" + minimum_protocol_version = "TLSv1.1_2016" + } + + default_cache_behavior { + target_origin_id = "main" + allowed_methods = ["GET", "HEAD"] + cached_methods = ["GET", "HEAD"] + compress = true + viewer_protocol_policy = "redirect-to-https" + + response_headers_policy_id = aws_cloudfront_response_headers_policy.content_disposition.id + + forwarded_values { + query_string = false + + cookies { + forward = "none" + } + } + + lambda_function_association { + event_type = "origin-request" + lambda_arn = module.origin_request.version_arn + include_body = false + } + } + + origin { + origin_id = "main" + domain_name = data.aws_s3_bucket.static.bucket_regional_domain_name + origin_path = "/rustup/dist" + } + + restrictions { + geo_restriction { + restriction_type = "none" + } + } +} diff --git a/terragrunt/modules/win-rustup-rs/variables.tf b/terragrunt/modules/win-rustup-rs/variables.tf new file mode 100644 index 000000000..5d8edfdef --- /dev/null +++ b/terragrunt/modules/win-rustup-rs/variables.tf @@ -0,0 +1,9 @@ +variable "domain_name" { + description = "The domain name for the CloudFront distribution" + type = string +} + +variable "static_bucket" { + description = "Name of the bucket that stores the Rustup releases" + type = string +} From 4a421179e5b1438818e899b42177aa7ae21e8770 Mon Sep 17 00:00:00 2001 From: Jan David Date: Tue, 4 Jun 2024 13:53:49 +0200 Subject: [PATCH 2/8] Create staging environment for win.rustup.rs The `win.rustup.rs` distribution does not have a staging environment right now. A new state has been created in Terragrunt to create a new environment to test the distribution. --- terragrunt/accounts/legacy/account.json | 4 ++ .../win-rustup-rs/.terraform.lock.hcl | 44 +++++++++++++++++++ .../rustup-dev/win-rustup-rs/terragrunt.hcl | 13 ++++++ 3 files changed, 61 insertions(+) create mode 100644 terragrunt/accounts/legacy/rustup-dev/win-rustup-rs/.terraform.lock.hcl create mode 100644 terragrunt/accounts/legacy/rustup-dev/win-rustup-rs/terragrunt.hcl diff --git a/terragrunt/accounts/legacy/account.json b/terragrunt/accounts/legacy/account.json index 79e4cd95c..3bc0057ef 100644 --- a/terragrunt/accounts/legacy/account.json +++ b/terragrunt/accounts/legacy/account.json @@ -4,6 +4,10 @@ "regions": [ { "region": "us-west-1" + }, + { + "region": "us-east-1", + "alias": "us-east-1" } ] } diff --git a/terragrunt/accounts/legacy/rustup-dev/win-rustup-rs/.terraform.lock.hcl b/terragrunt/accounts/legacy/rustup-dev/win-rustup-rs/.terraform.lock.hcl new file mode 100644 index 000000000..eb264ac4e --- /dev/null +++ b/terragrunt/accounts/legacy/rustup-dev/win-rustup-rs/.terraform.lock.hcl @@ -0,0 +1,44 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/hashicorp/aws" { + version = "4.67.0" + constraints = "~> 4.20" + hashes = [ + "h1:5Zfo3GfRSWBaXs4TGQNOflr1XaYj6pRnVJLX5VAjFX4=", + "zh:0843017ecc24385f2b45f2c5fce79dc25b258e50d516877b3affee3bef34f060", + "zh:19876066cfa60de91834ec569a6448dab8c2518b8a71b5ca870b2444febddac6", + "zh:24995686b2ad88c1ffaa242e36eee791fc6070e6144f418048c4ce24d0ba5183", + "zh:4a002990b9f4d6d225d82cb2fb8805789ffef791999ee5d9cb1fef579aeff8f1", + "zh:559a2b5ace06b878c6de3ecf19b94fbae3512562f7a51e930674b16c2f606e29", + "zh:6a07da13b86b9753b95d4d8218f6dae874cf34699bca1470d6effbb4dee7f4b7", + "zh:768b3bfd126c3b77dc975c7c0e5db3207e4f9997cf41aa3385c63206242ba043", + "zh:7be5177e698d4b547083cc738b977742d70ed68487ce6f49ecd0c94dbf9d1362", + "zh:8b562a818915fb0d85959257095251a05c76f3467caa3ba95c583ba5fe043f9b", + "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", + "zh:9c385d03a958b54e2afd5279cd8c7cbdd2d6ca5c7d6a333e61092331f38af7cf", + "zh:b3ca45f2821a89af417787df8289cb4314b273d29555ad3b2a5ab98bb4816b3b", + "zh:da3c317f1db2469615ab40aa6baba63b5643bae7110ff855277a1fb9d8eb4f2c", + "zh:dc6430622a8dc5cdab359a8704aec81d3825ea1d305bbb3bbd032b1c6adfae0c", + "zh:fac0d2ddeadf9ec53da87922f666e1e73a603a611c57bcbc4b86ac2821619b1d", + ] +} + +provider "registry.terraform.io/hashicorp/external" { + version = "2.3.3" + hashes = [ + "h1:gShzO1rJtADK9tDZMvMgjciVAzsBh39LNjtThCwX1Hg=", + "zh:03d81462f9578ec91ce8e26f887e34151eda0e100f57e9772dbea86363588239", + "zh:37ec2a20f6a3ec3a0fd95d3f3de26da6cb9534b30488bc45723e118a0911c0d8", + "zh:4eb5b119179539f2749ce9de0e1b9629d025990f062f4f4dddc161562bb89d37", + "zh:5a31bb58414f41bee5e09b939012df5b88654120b0238a89dfd6691ba197619a", + "zh:6221a05e52a6a2d4f520ffe7cbc741f4f6080e0855061b0ed54e8be4a84eb9b7", + "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", + "zh:8bb068496b4679bef625e4710d9f3432e301c3a56602271f04e60eadf7f8a94c", + "zh:94742aa5378bab626ce34f79bcef6a373e4f86ea7a8b762e9f71270a899e0d00", + "zh:a485831b5a525cd8f40e8982fa37da40ff70b1ae092c8b755fcde123f0b1238d", + "zh:a647ff16d071eabcabd87ea8183eb90a775a0294ddd735d742075d62fff09193", + "zh:b74710c5954aaa3faf262c18d36a8c2407862d9f842c63e7fa92fa4de3d29df6", + "zh:fa73d83edc92af2e551857594c2232ba6a9e3603ad34b0a5940865202c08d8d7", + ] +} diff --git a/terragrunt/accounts/legacy/rustup-dev/win-rustup-rs/terragrunt.hcl b/terragrunt/accounts/legacy/rustup-dev/win-rustup-rs/terragrunt.hcl new file mode 100644 index 000000000..e910aebe6 --- /dev/null +++ b/terragrunt/accounts/legacy/rustup-dev/win-rustup-rs/terragrunt.hcl @@ -0,0 +1,13 @@ +terraform { + source = "../../../../..//terragrunt/modules/win-rustup-rs" +} + +include { + path = find_in_parent_folders() + merge_strategy = "deep" +} + +inputs = { + domain_name = "dev-win.rustup.rs" + static_bucket = "dev-static-rust-lang-org" +} From ac54e617aa43f157da858d5ef08d456ca62efdf3 Mon Sep 17 00:00:00 2001 From: Jan David Date: Tue, 4 Jun 2024 14:34:32 +0200 Subject: [PATCH 3/8] Create DNS record for distribution --- terragrunt/modules/win-rustup-rs/data.tf | 5 +++++ terragrunt/modules/win-rustup-rs/dns.tf | 7 +++++++ 2 files changed, 12 insertions(+) create mode 100644 terragrunt/modules/win-rustup-rs/dns.tf diff --git a/terragrunt/modules/win-rustup-rs/data.tf b/terragrunt/modules/win-rustup-rs/data.tf index badb58c38..2fff95818 100644 --- a/terragrunt/modules/win-rustup-rs/data.tf +++ b/terragrunt/modules/win-rustup-rs/data.tf @@ -2,6 +2,11 @@ data "aws_iam_role" "cloudfront_lambda" { name = "cloudfront-lambda" } +data "aws_route53_zone" "rustup" { + // Convert {dev-win,win}.rustup.rs into rustup.rs + name = join(".", reverse(slice(reverse(split(".", var.domain_name)), 0, 2))) +} + data "aws_s3_bucket" "static" { bucket = var.static_bucket } diff --git a/terragrunt/modules/win-rustup-rs/dns.tf b/terragrunt/modules/win-rustup-rs/dns.tf new file mode 100644 index 000000000..4bded9f7e --- /dev/null +++ b/terragrunt/modules/win-rustup-rs/dns.tf @@ -0,0 +1,7 @@ +resource "aws_route53_record" "record" { + zone_id = data.aws_route53_zone.rustup.id + name = var.domain_name + type = "CNAME" + ttl = 300 + records = [aws_cloudfront_distribution.distribution.domain_name] +} From f3cb562b77674d7646c6eb450ba691f30d75cd8b Mon Sep 17 00:00:00 2001 From: Jan David Date: Wed, 5 Jun 2024 11:02:19 +0200 Subject: [PATCH 4/8] Import production environment The existing CloudFront distribution has been imported into Terragrunt and then updated to use the new response header policy and new Lambda function. --- .../accounts/legacy/rustup-prod/deployed-ref | 1 + .../win-rustup-rs/.terraform.lock.hcl | 44 +++++++++++++++++++ .../rustup-prod/win-rustup-rs/terragrunt.hcl | 13 ++++++ 3 files changed, 58 insertions(+) create mode 100644 terragrunt/accounts/legacy/rustup-prod/deployed-ref create mode 100644 terragrunt/accounts/legacy/rustup-prod/win-rustup-rs/.terraform.lock.hcl create mode 100644 terragrunt/accounts/legacy/rustup-prod/win-rustup-rs/terragrunt.hcl diff --git a/terragrunt/accounts/legacy/rustup-prod/deployed-ref b/terragrunt/accounts/legacy/rustup-prod/deployed-ref new file mode 100644 index 000000000..8d32345eb --- /dev/null +++ b/terragrunt/accounts/legacy/rustup-prod/deployed-ref @@ -0,0 +1 @@ +ac54e617aa43f157da858d5ef08d456ca62efdf3 diff --git a/terragrunt/accounts/legacy/rustup-prod/win-rustup-rs/.terraform.lock.hcl b/terragrunt/accounts/legacy/rustup-prod/win-rustup-rs/.terraform.lock.hcl new file mode 100644 index 000000000..eb264ac4e --- /dev/null +++ b/terragrunt/accounts/legacy/rustup-prod/win-rustup-rs/.terraform.lock.hcl @@ -0,0 +1,44 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/hashicorp/aws" { + version = "4.67.0" + constraints = "~> 4.20" + hashes = [ + "h1:5Zfo3GfRSWBaXs4TGQNOflr1XaYj6pRnVJLX5VAjFX4=", + "zh:0843017ecc24385f2b45f2c5fce79dc25b258e50d516877b3affee3bef34f060", + "zh:19876066cfa60de91834ec569a6448dab8c2518b8a71b5ca870b2444febddac6", + "zh:24995686b2ad88c1ffaa242e36eee791fc6070e6144f418048c4ce24d0ba5183", + "zh:4a002990b9f4d6d225d82cb2fb8805789ffef791999ee5d9cb1fef579aeff8f1", + "zh:559a2b5ace06b878c6de3ecf19b94fbae3512562f7a51e930674b16c2f606e29", + "zh:6a07da13b86b9753b95d4d8218f6dae874cf34699bca1470d6effbb4dee7f4b7", + "zh:768b3bfd126c3b77dc975c7c0e5db3207e4f9997cf41aa3385c63206242ba043", + "zh:7be5177e698d4b547083cc738b977742d70ed68487ce6f49ecd0c94dbf9d1362", + "zh:8b562a818915fb0d85959257095251a05c76f3467caa3ba95c583ba5fe043f9b", + "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", + "zh:9c385d03a958b54e2afd5279cd8c7cbdd2d6ca5c7d6a333e61092331f38af7cf", + "zh:b3ca45f2821a89af417787df8289cb4314b273d29555ad3b2a5ab98bb4816b3b", + "zh:da3c317f1db2469615ab40aa6baba63b5643bae7110ff855277a1fb9d8eb4f2c", + "zh:dc6430622a8dc5cdab359a8704aec81d3825ea1d305bbb3bbd032b1c6adfae0c", + "zh:fac0d2ddeadf9ec53da87922f666e1e73a603a611c57bcbc4b86ac2821619b1d", + ] +} + +provider "registry.terraform.io/hashicorp/external" { + version = "2.3.3" + hashes = [ + "h1:gShzO1rJtADK9tDZMvMgjciVAzsBh39LNjtThCwX1Hg=", + "zh:03d81462f9578ec91ce8e26f887e34151eda0e100f57e9772dbea86363588239", + "zh:37ec2a20f6a3ec3a0fd95d3f3de26da6cb9534b30488bc45723e118a0911c0d8", + "zh:4eb5b119179539f2749ce9de0e1b9629d025990f062f4f4dddc161562bb89d37", + "zh:5a31bb58414f41bee5e09b939012df5b88654120b0238a89dfd6691ba197619a", + "zh:6221a05e52a6a2d4f520ffe7cbc741f4f6080e0855061b0ed54e8be4a84eb9b7", + "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", + "zh:8bb068496b4679bef625e4710d9f3432e301c3a56602271f04e60eadf7f8a94c", + "zh:94742aa5378bab626ce34f79bcef6a373e4f86ea7a8b762e9f71270a899e0d00", + "zh:a485831b5a525cd8f40e8982fa37da40ff70b1ae092c8b755fcde123f0b1238d", + "zh:a647ff16d071eabcabd87ea8183eb90a775a0294ddd735d742075d62fff09193", + "zh:b74710c5954aaa3faf262c18d36a8c2407862d9f842c63e7fa92fa4de3d29df6", + "zh:fa73d83edc92af2e551857594c2232ba6a9e3603ad34b0a5940865202c08d8d7", + ] +} diff --git a/terragrunt/accounts/legacy/rustup-prod/win-rustup-rs/terragrunt.hcl b/terragrunt/accounts/legacy/rustup-prod/win-rustup-rs/terragrunt.hcl new file mode 100644 index 000000000..37136c672 --- /dev/null +++ b/terragrunt/accounts/legacy/rustup-prod/win-rustup-rs/terragrunt.hcl @@ -0,0 +1,13 @@ +terraform { + source = "git::../../../../..//terragrunt/modules/win-rustup-rs?ref=${trimspace(file("../deployed-ref"))}" +} + +include { + path = find_in_parent_folders() + merge_strategy = "deep" +} + +inputs = { + domain_name = "win.rustup.rs" + static_bucket = "static-rust-lang-org" +} From 9fd79c3ea80c41cafe3c1bc0f0686748af8cc6e0 Mon Sep 17 00:00:00 2001 From: Jan David Date: Wed, 5 Jun 2024 11:31:52 +0200 Subject: [PATCH 5/8] Support new architecture on win.rustup.rs --- .../modules/win-rustup-rs/lambdas/origin-request/index.js | 2 ++ 1 file changed, 2 insertions(+) diff --git a/terragrunt/modules/win-rustup-rs/lambdas/origin-request/index.js b/terragrunt/modules/win-rustup-rs/lambdas/origin-request/index.js index ee16695f6..a4aaa01db 100644 --- a/terragrunt/modules/win-rustup-rs/lambdas/origin-request/index.js +++ b/terragrunt/modules/win-rustup-rs/lambdas/origin-request/index.js @@ -10,6 +10,8 @@ exports.handler = (event, context, callback) => { request.uri = '/i686-pc-windows-msvc/rustup-init.exe'; } else if (request.uri === '/x86_64') { request.uri = '/x86_64-pc-windows-msvc/rustup-init.exe'; + } else if (request.uri === '/aarch64') { + request.uri = '/aarch64-pc-windows-msvc/rustup-init.exe'; } callback(null, request); }; From bab1bdb67e482e467864be5fcf3d080456fbd180 Mon Sep 17 00:00:00 2001 From: Jan David Date: Wed, 5 Jun 2024 11:37:18 +0200 Subject: [PATCH 6/8] Deploy new architecture to production --- terragrunt/accounts/legacy/rustup-prod/deployed-ref | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/terragrunt/accounts/legacy/rustup-prod/deployed-ref b/terragrunt/accounts/legacy/rustup-prod/deployed-ref index 8d32345eb..47f4a9edc 100644 --- a/terragrunt/accounts/legacy/rustup-prod/deployed-ref +++ b/terragrunt/accounts/legacy/rustup-prod/deployed-ref @@ -1 +1 @@ -ac54e617aa43f157da858d5ef08d456ca62efdf3 +9fd79c3ea80c41cafe3c1bc0f0686748af8cc6e0 From 72f17a0c5537a8aa23271c5836fe50673e95018c Mon Sep 17 00:00:00 2001 From: Jan David Date: Wed, 5 Jun 2024 15:37:38 +0200 Subject: [PATCH 7/8] Switch to CloudFront function --- terragrunt/modules/win-rustup-rs/lambda.tf | 13 ------------- .../{origin-request => viewer-request}/index.js | 12 +++++------- terragrunt/modules/win-rustup-rs/main.tf | 13 +++++++++---- 3 files changed, 14 insertions(+), 24 deletions(-) delete mode 100644 terragrunt/modules/win-rustup-rs/lambda.tf rename terragrunt/modules/win-rustup-rs/lambdas/{origin-request => viewer-request}/index.js (70%) diff --git a/terragrunt/modules/win-rustup-rs/lambda.tf b/terragrunt/modules/win-rustup-rs/lambda.tf deleted file mode 100644 index b19855306..000000000 --- a/terragrunt/modules/win-rustup-rs/lambda.tf +++ /dev/null @@ -1,13 +0,0 @@ -module "origin_request" { - source = "../aws-lambda" - - providers = { - aws = aws.us-east-1 - } - - name = "${local.human_readable_name}--origin-request" - source_dir = "lambdas/origin-request" - handler = "index.handler" - runtime = "nodejs16.x" - role_arn = data.aws_iam_role.cloudfront_lambda.arn -} diff --git a/terragrunt/modules/win-rustup-rs/lambdas/origin-request/index.js b/terragrunt/modules/win-rustup-rs/lambdas/viewer-request/index.js similarity index 70% rename from terragrunt/modules/win-rustup-rs/lambdas/origin-request/index.js rename to terragrunt/modules/win-rustup-rs/lambdas/viewer-request/index.js index a4aaa01db..496284a8a 100644 --- a/terragrunt/modules/win-rustup-rs/lambdas/origin-request/index.js +++ b/terragrunt/modules/win-rustup-rs/lambdas/viewer-request/index.js @@ -1,8 +1,5 @@ -'use strict'; - -exports.handler = (event, context, callback) => { - const request = event.Records[0].cf.request; - const headers = request.headers; +function handler(event) { + var request = event.request; if (request.uri === '/') { request.uri = '/i686-pc-windows-msvc/rustup-init.exe'; @@ -13,5 +10,6 @@ exports.handler = (event, context, callback) => { } else if (request.uri === '/aarch64') { request.uri = '/aarch64-pc-windows-msvc/rustup-init.exe'; } - callback(null, request); -}; + + return request; +} diff --git a/terragrunt/modules/win-rustup-rs/main.tf b/terragrunt/modules/win-rustup-rs/main.tf index 06439976e..4282f8069 100644 --- a/terragrunt/modules/win-rustup-rs/main.tf +++ b/terragrunt/modules/win-rustup-rs/main.tf @@ -2,6 +2,12 @@ locals { human_readable_name = replace(var.domain_name, ".", "-") } +resource "aws_cloudfront_function" "viewer_request" { + name = "${local.human_readable_name}--viewer-request" + runtime = "cloudfront-js-1.0" + code = file("${path.module}/lambdas/viewer-request/index.js") +} + resource "aws_cloudfront_response_headers_policy" "content_disposition" { name = local.human_readable_name comment = "Set the Content-Disposition header for ${var.domain_name}" @@ -50,10 +56,9 @@ resource "aws_cloudfront_distribution" "distribution" { } } - lambda_function_association { - event_type = "origin-request" - lambda_arn = module.origin_request.version_arn - include_body = false + function_association { + event_type = "viewer-request" + function_arn = aws_cloudfront_function.viewer_request.arn } } From ab9170b92563155449782dbb389b01a2bcd16404 Mon Sep 17 00:00:00 2001 From: Jan David Date: Wed, 5 Jun 2024 16:10:41 +0200 Subject: [PATCH 8/8] Deploy CloudFront function to production --- terragrunt/accounts/legacy/rustup-prod/deployed-ref | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/terragrunt/accounts/legacy/rustup-prod/deployed-ref b/terragrunt/accounts/legacy/rustup-prod/deployed-ref index 47f4a9edc..94da9a113 100644 --- a/terragrunt/accounts/legacy/rustup-prod/deployed-ref +++ b/terragrunt/accounts/legacy/rustup-prod/deployed-ref @@ -1 +1 @@ -9fd79c3ea80c41cafe3c1bc0f0686748af8cc6e0 +72f17a0c5537a8aa23271c5836fe50673e95018c