Merge pull request #87 from userhas404d/ssm-tag

Adds conditional creation of the Patch Group tag

Author: lorengordon

.bumpversion.cfg

@@ -1,5 +1,5 @@
 [bumpversion]
-current_version = 1.7.0
+current_version = 1.8.0
 commit = True
 message = Bumps version to {new_version}
 tag = False

modules/lx-autoscale/main.tf

@@ -38,6 +38,7 @@ resource "aws_cloudformation_stack" "watchmaker-lx-autoscale" {
     NoPublicIp            = "${var.NoPublicIp}"
     NoReboot              = "${var.NoReboot}"
     NoUpdates             = "${var.NoUpdates}"
+    PatchGroup            = "${var.PatchGroup}"
     SecurityGroupIds      = "${var.SecurityGroupIds}"
     SubnetIds             = "${var.SubnetIds}"
     TargetGroupArns       = "${var.TargetGroupArns}"

modules/lx-autoscale/variables.tf

@@ -37,6 +37,12 @@ variable "OnFailureAction" {
   default     = "DO_NOTHING"
 }
 
+variable "PatchGroup" {
+  type        = "string"
+  description = "Key value of the Patch Group tag. Controls whether to create a PatchGroup tag that can be leveraged via SSM to auto-update instances."
+  default     = ""
+}
+
 variable "PolicyBody" {
   type        = "string"
   description = "String containing the stack policy body. Conflicts with PolicyUrl"

modules/lx-autoscale/watchmaker-lx-autoscale.params.cfn.yaml

@@ -34,6 +34,8 @@
   ParameterValue: __NOREBOOT__
 - ParameterKey: NoUpdates
   ParameterValue: __NOUPDATES__
+- ParameterKey: PatchGroup
+  ParameterValue: __PATCHGROUP__
 - ParameterKey: SecurityGroupIds
   ParameterValue: __SECURITYGROUPIDS__
 - ParameterKey: SubnetIds

modules/lx-autoscale/watchmaker-lx-autoscale.template.cfn.yaml

@@ -11,6 +11,10 @@ Conditions:
   CreateAppVolume: !Equals 
     - !Ref AppVolumeDevice
     - 'true'
+  CreatePatchGroupTag: !Not
+    - !Equals
+      - !Ref PatchGroup
+      - ''
   ExecuteAppScript: !Not 
     - !Equals 
       - !Ref AppScriptUrl
@@ -133,6 +137,7 @@ Metadata:
           - NoPublicIp
           - NoReboot
           - NoUpdates
+          - PatchGroup
           - SecurityGroupIds
       - Label:
           default: EC2 Watchmaker Configuration
@@ -185,7 +190,7 @@ Metadata:
         default: Force Cfn Init Update
       ToggleNewInstances:
         default: Force New Instances
-  Version: 1.7.0
+  Version: 1.8.0
 Outputs:
   ScaleDownScheduledAction:
     Condition: UseScheduledAction
@@ -376,6 +381,12 @@ Parameters:
       Controls whether to run yum update during a stack update (on the initial
       instance launch, Watchmaker _always_ installs updates)
     Type: String
+  PatchGroup:
+    Default: ''
+    Description: >-
+      (Optional) Key value of the Patch Group tag. Controls whether to create a PatchGroup
+      tag that can be leveraged via SSM to auto-update instances.
+    Type: String
   PypiIndexUrl:
     AllowedPattern: '^http[s]?://.*$'
     Default: 'https://pypi.org/simple'
@@ -499,9 +510,15 @@ Resources:
       MinSize: !Ref MinCapacity
       Tags:
         - Key: Name
+          Value: !Sub '${AWS::StackName}'
           PropagateAtLaunch: true
-          Value: 
-            !Sub '${AWS::StackName}'
+        - !If
+          - CreatePatchGroupTag
+          -
+            Key: Patch Group
+            Value: !Ref PatchGroup
+            PropagateAtLaunch: true
+          - !Ref 'AWS::NoValue'
       TargetGroupARNs: !If 
         - UseTargetGroupArns
         - !Ref TargetGroupArns

modules/lx-instance/main.tf

@@ -36,6 +36,7 @@ resource "aws_cloudformation_stack" "watchmaker-lx-instance" {
     NoUpdates              = "${var.NoUpdates}"
     SecurityGroupIds       = "${var.SecurityGroupIds}"
     SubnetId               = "${var.SubnetId}"
+    PatchGroup             = "${var.PatchGroup}"
     PypiIndexUrl           = "${var.PypiIndexUrl}"
     WatchmakerConfig       = "${var.WatchmakerConfig}"
     WatchmakerEnvironment  = "${var.WatchmakerEnvironment}"

modules/lx-instance/variables.tf

@@ -37,6 +37,12 @@ variable "OnFailureAction" {
   default     = "DO_NOTHING"
 }
 
+variable "PatchGroup" {
+  type        = "string"
+  description = "Key value of the Patch Group tag. Controls whether to create a PatchGroup tag that can be leveraged via SSM to auto-update instances."
+  default     = ""
+}
+
 variable "PolicyBody" {
   type        = "string"
   description = "String containing the stack policy body. Conflicts with PolicyUrl"

modules/lx-instance/watchmaker-lx-instance.params.cfn.yaml

@@ -28,6 +28,8 @@
   ParameterValue: __NOREBOOT__
 - ParameterKey: NoUpdates
   ParameterValue: __NOUPDATES__
+- ParameterKey: PatchGroup
+  ParameterValue: __PATCHGROUP__
 - ParameterKey: PrivateIp
   ParameterValue: __PRIVATEIP__
 - ParameterKey: SecurityGroupIds

modules/lx-instance/watchmaker-lx-instance.template.cfn.yaml

@@ -15,6 +15,10 @@ Conditions:
   CreateAppVolume: !Equals 
     - !Ref AppVolumeDevice
     - 'true'
+  CreatePatchGroupTag: !Not
+    - !Equals
+      - !Ref PatchGroup
+      - ''
   ExecuteAppScript: !Not 
     - !Equals 
       - !Ref AppScriptUrl
@@ -117,6 +121,7 @@ Metadata:
           - NoPublicIp
           - NoReboot
           - NoUpdates
+          - PatchGroup
           - SecurityGroupIds
       - Label:
           default: EC2 Watchmaker Configuration
@@ -158,7 +163,7 @@ Metadata:
     ParameterLabels:
       ToggleCfnInitUpdate:
         default: Force Cfn Init Update
-  Version: 1.7.0
+  Version: 1.8.0
 Outputs:
   WatchmakerInstanceId:
     Description: Instance ID
@@ -320,6 +325,12 @@ Parameters:
       Controls whether to run yum update during a stack update (on the initial
       instance launch, Watchmaker _always_ installs updates)
     Type: String
+  PatchGroup:
+    Default: ''
+    Description: >-
+      (Optional) Key value of the Patch Group tag. Controls whether to create a PatchGroup
+      tag that can be leveraged via SSM to auto-update instances.
+    Type: String
   PrivateIp:
     Default: ''
     Description: >-
@@ -709,6 +720,12 @@ Resources:
       Tags:
         - Key: Name
           Value: !Sub '${AWS::StackName}'
+        - !If
+          - CreatePatchGroupTag
+          -
+            Key: Patch Group
+            Value: !Ref PatchGroup
+          - !Ref 'AWS::NoValue'
       UserData: 
         !Base64
           Fn::Sub:

modules/win-autoscale/main.tf

@@ -34,6 +34,7 @@ resource "aws_cloudformation_stack" "watchmaker-win-autoscale" {
     ScaleUpSchedule        = "${var.ScaleUpSchedule}"
     NoPublicIp             = "${var.NoPublicIp}"
     NoReboot               = "${var.NoReboot}"
+    PatchGroup             = "${var.PatchGroup}"
     SecurityGroupIds       = "${var.SecurityGroupIds}"
     SubnetIds              = "${var.SubnetIds}"
     TargetGroupArns        = "${var.TargetGroupArns}"